Move or rename but not delete

Unfortunately MOVE is not a permission in itself.
A move operation on an NTFS object involves creating a link in the target directory location and then deleting the link from the source directory location – the DELETE permission is therefore an inherent part of moving an object.
This is also the case for RENAME operation.

Bluetooth: Error in firmware loading

Bluetooth: Error in firmware loading err = -110

So this is my story. My new laptop comes with Atheros AR9565.
This one has integrated wifi and bluetooth which causes problems.
My BT mouse was working fine, but suddenly disconnected to never come back even after multiple reboots.
Thanks to Fahad the solution was to create a file e.g. bluetooth-coe-fix.conf in /etc/modprobe.d with this single line:
options ath9k btcoex_enable=1
Reboot and voila!
Related bug report.

Do not use

For .net domain renewal they charge about £16 a year where the competition charges 50% less on average.
But the most ridiculous thing is that if you want to transfer your domain elsewhere they invoice you for about £20 to get AuthInfo (competition do not charge at all or charge 70% less). Very poor practices that apparently make them rich. This supposed to be tailor for poor polish market.

I got it now!

Now I have finally understood Microsoft’s and Symantec’s underlying strategy to stimulate and boost their market.
After many years of very reliable Windows XP they have released Windows Vista and after short time people were fed up and could not wait a new release.
Then Microsoft came with Windows 7 that has eased their pains. After that they have released Windows 8 without a start button, so people hate it and again cannot wait for a next release.
Some rumours say that Windows 10 is coming, but even numbers mean problems!?
This is the vicious cycle of proprietary software.
Another good example is Symantec Backup Exec.
Backup Exec 2010 proved to be very reliable, clear to understand and troubleshoot. There was no real incentive to change it apart from some small updates and fixes. But Symantec released Backup Exec 2012 to stir its community quite a bit, so they could not wait for Backup Exec 2014. By the way the release from 2012 was actually lacking some features present in 2010!
Most of the people do not bother with waiting and downgrade their software to Windows 7 or Backup Exec 2010 till date.

Exchange 2007: exporting mailboxes to PST

Beforehand you need to download and install Microsoft Exchange Management Tools on your Windows 7 machine with Outlook 2007 onward or install it on your terminal server if you have one.

We have to give full access rights for the administrator to a mailbox we want to archive:
Add-MailboxPermission -Identity user@domain.local -User domain\Administrator -AccessRights FullAccess

Exporting to the server restricted share:
Export-Mailbox –Identity user@domain.local –PSTFolderPath \\server\PST

Deleting all messages in the designated mailbox:
export-mailbox -id user@domain.local -deletecontent -confirm:$false

Then you can Remove that mailbox from Exchange console (actually flagging for deletion) which will also remove that user name from the system

RDS: Where is it?

If you want to install RDS licenses and have an Open License you need to log in to the licensing portal
Licenses -> Relationship Summary and under the right account you will see something like that:
Open License Details : xxxx7461 <- this is the license number Parent Program : OPEN xxxxxx23ZZS1701 <- this is the authorization number (copy and paste without the OPEN) I have done this some time ago and had to ask my senior colleague to refresh me on this.

Strengthening SSH

Ideally you should allow access to you router from outside only to trusted IPs and/or using key-based authentication where the key is also password protected.
However if you don’t want to do this you should definitely add these 3 things to your configuration. At least it will reduce the number of password brute forcing attempts on the default SSH password.

services {
ssh {
root-login deny;
protocol-version v2;
rate-limit 3;

Such a shame, but I haven’t found any instructions how to effectively shift SSH away from the default port 22. As far as I know it is not possible and the only way is to “If you want to block connections to port 22, we can use firewall filter or if you want to use some other ports to do SSH, we can use destination NAT rule to redirect requests coming to any other ports to port 22.”

Continue reading Strengthening SSH

Raspbmc Kodi and CEC remote control problems

Consumer Electronics Control (CEC) is an HDMI feature designed to allow the user to command and control up-to 15 CEC-enabled devices, that are connected through HDMI

If you experience problem with your Raspbmc not detected by a TV set and in result your multimedia setup is quite crippled – you cannot control your Pi using the remote control, but you are forced to use e.g. Yatse on your mobile.
These things you have to check:
1. Does your TV support HDMI-CEC?
2. Does your HDMI cable supports CES? Yes of course it supports it since version 1.0, but who knows some cheap crap does not have it? Of course as of today you want the latest HDMI v1.4b
3. Is HDMI-CEC is enable on your TV set?

From Raspbmc point of view it should work without any additional configuration needed.
In my case everything was ticked but for some reason still TV does not detect the Pi device. Of course I do have the display, but no remote control capabilities.
In my case it is Samsung.
From what I have discovered you have to do a proper power cycle of the this TV set to detect CEC capable device – Raspbmc.
You have to completely disconnect it from power for a decent 20 seconds. Pi can stay on and connected via HDMI to the TV.
Once you turn it back on it should detect it. If not please try couple more times or consider other options.
I think from what I see on the Internet it is quite common issue with Samsung and probably you have to repeat this action periodically.

Google reveals Windows 8 vulnerability

Microsoft has not patched it yet even knowing it from September 2014.
Original thread HERE.
Microsoft’s response was:

We are working to release a security update to address an Elevation of Privilege issue. It is important to note that for a would-be attacker to potentially exploit a system, they would first need to have valid logon credentials and be able to log on locally to a targeted machine. We encourage customers to keep their anti-virus software up to date, install all available Security Updates and enable the firewall on their computer.

Juniper: Securing root access

Setup one additional user with superuser rights and also one operator, so you can use the operator more often than the superuser.
Make sure that the accounts name is meaningless and it is not your forename or surname for instance.
edit system login

set user walker class superuser
set user walker authentication plain-text-password

It would be even better to use SSH key based login for the superuser.

set user walker class operator
set user walker authentication plain-text-password

Login Classes

run show system users
set system services ssh root-login deny

SanDisk Cruzer

Don’t buy SanDisk crap!
I bought 4 of these 3 months ago and I do have serious problem with transfer speed on NTFS file system.
I haven’t tried on any other file system, but my old Kingston DataTraveller of the same 8GB size is still 10x faster than this piece of junk.
Any copy operation goes from 1 min to 18 minutes rendering this device completely unusable! Ridiculous