I have to say that this year (and it is just the end of May) and already we have had two major security blows in open-sourced software.
First the Heartbleed bug and recently the end of Truecrypt support which is also surprising. Continue reading OpenSource security
When it comes to security Linux again proves to be much better than proprietary alternatives especially in the time when trust to TrueCrypt has been compromised after recent development suspension.
First of all to work with TrueCrypt volumes you can use
zulucrypt as frontend GUI for tc-play and cyptsetup
Alternatively you can move to LUKS encrypted drives that perform better than eCryptfs.
FreeOTFE frontend is available for Windows systems so we can make use of that software on proprietary platform.
However I think TC is fine for now and even if the development has been suspended community is still able to publish information about any new bugs found only then there is a tangible reason to abandon TC.
PS1=’\[\033[1;36m\][\A]\[\033[0;31m\]\u\[\033[0;32m\]@\[\033[1;34m\]\h\[\033[0m\]:\w \[\033[0;31m\]# \[\033[m\]’
for a regular user:
PS1=’\[\033[1;36m\][\A]\[\033[m\]\u@\[\033[1;34m\]\h\[\033[0m\]:\w \[\033[m\] $ ‘
Don’t ask about the details just use it.
More info here.
Outlook stores it’s default font settings in the registry.
Check out HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Common\MailSettings in the registry.
*These instructions are for Outlook 2007, but should be (basically) the same:
Go into Outlook (ensure regedit is closed), Tools -> Options->Mail Format -> Stationary and Fonts. Setup the fonts the way you want them.
Open regedit, go to the key above, which should now be updated with the font information you set, and Export it. Continue reading Outlook font settings
I was going to edit the settings for WSUS, but once I opened up the GPO editor the results were showing the desired settings, but when I go to Edit them there was no such options.
You will also see this:
Policy definitions (ADMX files) retrieved from the central store.
In this case you have to open desired GPO for editing and in the GPO go to Computer Configuration -> Policies and click on Administrative Templates -> Add/Remove Templates… then click Add and browse to C:\Windows\sysvol\ (here you have to check all of the folders for Adm subfolder) Adm subfolder should contain some templates. The one responsible for WSUS is wuau.
Add this one and now you should see additional template and setting in the editor.
This is also very useful article about central stores.
Here you can download templates for Windows Server 2008.
And this is how to disable WSUS on the domain so client computers will update directly without communication with a broken WSUS server.
You need to change the following group policy “Update Services Common Settings” – Computer Configuration – Administrative Templates – Windows Components – Windows Updates – Specify intranet Microsoft update service location set it to disabled.
yum install nfs-utils nfs-utils-lib
systemctl enable nfs-server.service
systemctl restart nfs.service
systemctl status nfs-server.service
iptables -L -n
iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 2049 -j ACCEPT
iptables-save > backup.dump
iptables-restore < backup.dump
yum install nfs-utils nfs-utils-lib
mount -t nfs 192.168.0.10:/home/homebkp /mnt/server
You definitely want to try these:
– Registration Security Questions
– Checkbox Validation
– Register Time
This little guide is also helpful.
Because ITIL clearly says that employees are not just employees, but they are also service providers and customers in the same time.
To be only a service providers for external customers or clients is half of the story.
In our case we have to take care of the external ones, but internally it is still messy and people less care about each other. Basically there is no ITIL. Continue reading Why ITIL in the company?
rpm -qa | grep Virt
rpm -e VirtualBox-4.2
rpm -i VirtualBox-4.3
The most humane guide on the Internet is HERE.
Recommended to extensively use https://testconnectivity.microsoft.com/ during the process.
If you ping the localhost (e.g. server.domain.local) and you get IPv6 replies that means you should disable it on the network adapter. Some Exchange updates fix weird problems, but sometimes I don’t have time to wait 3 days for Windows to finally become up to date.
Outlook is not connecting and you are under fire.
Moreover add proper entry in the hosts file in C:\Windows\System32\drivers\etc
Someone has messed up the DNS entries. It has to be:
mail.domain.com A 220.127.116.11
autodiscover CNAME mail.domain.com
remote CNAME mail.domain.com
but not CNAME records pointing to the IP address directly.
the rpc_s_server_unavailable error (0x6ba) was thrown by the rpc runtime process.
Most likely what I have mentioned in my previous post some services are not running or started up in the wrong order.
You want to delay some of them or wait for fixes or just manually start or restart these services Microsoft Exchange RPC Client Access and Microsoft Exchange System Attendant.
However I would suggest restarting
To demote SBS2003 you first need to uninstall Exchange 2003.
Here you can find CDs for SBS2003 and CD2 where Exchange install files are located.
It is not easy.
you cannot remove a server that is a target bridgehead
Follow this guide and delete the connector on the old server.
Anyway most likely the uninstall will fail and you will be forced to do this manually which is quite laborious.
Follow THIS or THIS.
THIS as well
Get-ExchangeServer | Format-List on the target server.
So much effort just for a small business?!
If you decide to use Microsoft software in the future please abandon this idea.
after the migration this is what has happened to me.
This article should resolve the problem.
You deploy the newest version of their SBS server version (2011) which is already 3 years old then you have to download about 1.5GB of updates and restart the server 15 times to make it the most up to date.
In the meantime you have to update Exchange 2010 from the default version to the latest SP3 which is another 800MB of software to put in, 1h of time and another couple of restarts to settle things down.
How ridiculous and backward it is?
Normally the engineers don’t care too much about the updates and you can see many fresh deployments where the server is still asking for a lot of updates, but most importantly the Exchange is still on SP1 which is unsecure? This upgrade has to be done manually everytime.
The way the software is distributed has drastically improved in the recent years with the advent of Windows 7 and at least we get regular updates once a month, but the rest is shite.
They have noticed that their business cannot stand the competition and that is why same as other proprietary software vendors they encourage or even force their clients to switch to their cloud alternatives which is the same shite, but at least at their end.
By the way I was wrong about 1.5GB of updates. I have just refreshed Windows Updates and it shows another 93 – ~500MB of updates.
After the migration Outlook won’t connect to that bloody thing. OWA is fine and you can send and receive emails.
It looks like one of the services is affected and first reboot does not help. You have to do it twice and then it works?!
is rubbish. This stupid website does not allow to edit existing card details and I have to email some code to my email that never arrives.
It is not and moreover BitLocker uses TPM.
Read more about TPM HERE
TPM likely is one of more important NSA tentacles.
to another server
robocopy "C:\SmarterMail\Domains" "\\SmarterMail_New\SmarterMail\Domains" /MIR /ZB /R:1 /W:3
F5 – Array configuration
F9 – BIOS setup
F10 – Intelligent Provisioning
Yes don’t bother with Windows SBS 2011 for Proliant servers as it still fails to detect a network adapter.
Use Intelligent Provisioning instead and choose Manual installation. It will preload the drivers in the memory (it creates some small drive partition) and when you leave Windows SBS 2011 DVD in the drive it will work this time and detect the answer file.
After the system has been installed. You can run HPSUB.bat from SPP DVD in hp\swpackages to installed all the missing drivers. Make sure you run the BAT file as domain administrator (it won’t work on different user).
At the end if you still see “No items” in the HP Management Homepage please install WBEM providers manually. Download from here.
To backup system state on Windows Server 2003 use:
You can setup a backup job from CMD
ntbackup backup systemstate /J "Backup Job 1" /F "f:\sysstate-backup.bkf"
To backup system state on Windows Server 2008 use:
c:\Windows\System32\wbadmin.exe start systemstatebackup -backuptarget:f:
Yes, just rename her surname and create new alias to reflect her new surname.
Do not change the username though as this will break her user profiles and it will require you to fiddle with it.
This applies to Windows 7 as well as to Windows Server 2008, SBS 2011 or 2012.
Don’t bother using WUDT.
First format the drive with NTFS using Gparted.
Copy all the files manually from the iso to that drive.
Run on the target drive to install Windows mbr
ms-sys -7 /dev/sdX
Then mark that partition as bootable with
Only HP knows how to use their website where many already indexed webpages are broken.
Trying to find the firmware and driver updates for Gen8 server for last the 30 minutes with no avail.
Now search has found HP ProLiant ML350 G4p?!
Unfortunately I have a date and I cannot login to Yahoo to check the rendezvous point.
You have to install Windows Server 2003 Support Tools
then run the command by browsing to C:\Program Files\Support Tools
Interesting article HERE
To make proper ISO please use ImgBurn which is free and you won’t end up being asked to buy a full version.
To format the USB stick properly please follow the below instructions:
Start command prompt as Administrator and type
type select disk and number of your USB disk ( like select disk 1 )
create partition primary
select partition 1
format quick fs=fat32
exit to exit the diskpart utility
exit to close command prompt
But it still does not work for me. I think I spent enough time on this and will try to complete this task from my Linux instead.