Categories
blog

Unable to delete driver, print spooler windows vista & 7

According to this article (http://www.mysysadmintips.com/clients/170-cant-remove-printer-drivers-in-windows-7-the-specified-printer-driver-is-currently-in-use) pressing delete driver a second after the print spooler has started is the way to delete the driver. Strange but true, it worked for me! Probably because the driver is loaded a couple seconds after the print spooler has started.

Categories
blog howto network

VPN tunnel between Netscreen and Cisco

Recently I had some troubles setting up a VPN between a Netscreen and a Cisco device from the remote party.

We had agreed upon a Preshared Key and 3DES/SHA1 encryption/hash algorithms using main mode and DH group 2. The Cisco side had added group 2 to their isamkp setting but they could not add the same group command to the transform command so my Phase2 had NOPFS set while my Phase1 was DH group 2.

The tunnel still did not come up, debugging was not useful as it was the Netscreen that initiated the tunnel every time and the log just showed an answer from the Cisco with “no proposal chosen”. After looking into their config and a hint on the internet, I configured the proxyID on the tunnel with local address = my WAN IP and remote address = their WAN IP. And that did the trick, tunnel was up.

Categories
blog howto windows

Enable Remote Desktop Remotely with PSEXEC

Download PSTOOLS from microsoft. Unzip to an easy to access location.
Open a CMD command prompt, navigate to the PSTOOLS location.
Execute:

psexec \\machinename reg add "hklm\system\currentcontrolset\control\terminal server" /f /v fDenyTSConnections /t REG_DWORD /d 0

Machinename should be replaced with the computername, ideally you already have admin rights to this PC, for example you run this as the domain administrator. Otherwise the have to supply credentials using -u and -p options.
If you still can’t connect this is most likely the windows firewall.
Execute:
psexec \\machinename netsh firewall set service remotedesktop enable
psexec \\machinename netsh firewall set service remoteadmin enable

Categories
blog howto windows

Uninstall Trend Micro Officescan without password

Uninstall Trendmicro officescan without knowing the password

Open Ofcscan.ini inside C:\Program Files\Trend Micro\OfficeScan Client
Change the value of the Uninstall_Pwd to !CRYPT!5237C1A1888FAFC830342D0AB1AD8410C995F3E7C1FBB9FE857C7B1FEBE9F84A93A1B9CEF52810DBA9649332838
Change the value of the Unload_Pwd to !CRYPT!5237C1A1888FAFC830342D0AB1AD8410C995F3E7C1FBB9FE857C7B1FEBE9F84A93A1B9CEF52810DBA9649332838
To Unload or uninstall the OfficeScan use novrius as the password.

thanks to: bpursley

Categories
blog howto server windows

EXCHANGE 2010: SAN Certifcate with mutiple DNS names (private windows CA)


New-ExchangeCertificate -FriendlyName "Exchange 2010 multiple DNS" -IncludeServerFQDN -DomainName mail.*****.***,autodiscover.******.***,computername.*****.local,computername -GenerateRequest -PrivateKeyExportable $true

Copy the full code you receive including the —BEGIN… and —END… lines.
Open the sertificate services web interface.
http://serverdc/certsrv
-Request a certificate -> Advanced certificate request -> Submit a Certificate request by using …
Paste the code you received in the textbox, on the template dropdown select Web Server.
Click Submit.
On the next page click on Download Certificate.
Save the file on disk somewhere.
Go to Exchange console (GUI) – server Configuration – Hub transport – Exchange certificates.
Right click on the pending request and choose “Complete pending request”.
Select the file you saved to disk and finish the wizard.
When finished right click on the now completed certificate and choose “Assign services”.
Assign all services (except Unified messaing), choose YES to All for overwrite.
Delete all other certificates no longer needed.

Test your OWA and see what certificate is now being used.

Reference: http://exchangeserverpro.com/how-to-issue-a-san-certificate-to-exchange-server-2010-from-a-private-certificate-authority

Categories
blog howto

Call of Duty Modern Warfare 3 port forwarding (NAT type Open)

If UPNP or DMZ is not an option for you (or you want more security), you can manually forward some ports to get NAT Type OPEN for Call of Duty Modern Warfare 3.
28960 is the port that COD has always used, but you need some steam ports too. The screenshot below might have some ports that are only needed for outgoing connections but documentation is really hard to find about these ports. It works for me with these ports.
COD MW3 port forwarding
To sum up the ports: 28960 (TCP+UDP), 1500 (TCP), 3005 (UDP), 3101 (UDP), 2700-2704 (UDP), 2715-2717 (UDP), 3074 (UDP). You have to forward these ports in your router/modem to your PC. I suggest you read documentation or search the Internet on how to forward ports for your router/model type.

Remember that if you have Windows firewall of another software firewall on your PC enabled you need to add an exception for all these ports in the firewall.

Categories
blog network

FORTIGATE : Static routes must have lower distance then default GW

Had this problem on a Fortigate 60B & 60C. Static routes did not work as expected.
The static route did not work until the distance was set to 1 which is lower than the 0.0.0.0 default route who has distance 10. Maybe this is not a bug, but intended behaviour. On Netscreen the 0.0.0.0 default route is always the last to be applied and all other static routes go first.

Categories
blog

VMWARE DR backup destination not mounted on reboot

Concerns VDR 1.2
Solution:
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1029746

To resolve this issue:
Open an SSH session to the VDR appliance.
Open the /etc/fstab file using a text editor.
Add this line at the end of the file:

/dev/sdX# /SCSI-0:1 ext3 defaults 0 0

where
/dev/sdX# is the device name and partition number i.e /dev/sda1
/SCSI-0:1 is the mount point
ext3 is the file system type
defaults is the mount option
0 is the dump option
0 is the file system check option

Run these commands to unmount and remount the volume:

umount /SCSI-0:1
mount /SCSI-0:1

The operating system in the VDR appliance should now be able to read the fstab file and remount the volume.

A little help, mount the disk using the GUI then issue command “mount” on SSH with root. This will tell you /dev/sdX# and the /SCSI-#:#

Categories
blog howto server windows

EXCHANGE 2007: Certifcate with mutiple DNS names

http://www.exchangeinbox.com/article.aspx?i=127

New-ExchangeCertificate -GenerateRequest -Path c:\install\mail_cert_request.csr -SubjectName "c=BE, o=******, ou=IT, cn=mail.*****.com" -DomainName: mail.******.com, autodiscover.*****.com, MAILSRV2, MAILSRV.*****.**, mail.****.**-KeySize 1024 -PrivateKeyExportable: $true
certreq.exe -submit -attrib "CertificateTemplate:WebServer" c:\install\MAIL_cert_request.csr

Choose the right CA, choose output folder. Open inside Issued certificates in Cert. MMC. Go to details. Click Copy to -> Complete chain, save as p7b file.

Import-ExchangeCertificate -Path C:\install\mail2.*****.com.p7b
Enable-ExchangeCertificate -Thumbprint 5B485A86***********60A04 -services IIS, POP, IMAP, SMTP
Remove-ExchangeCertificate -Thumbprint oldcertificatesthumbprint

Categories
blog howto linux server

DUF alias for sorted du -h

Show disk usage (human readable) for each folder/file sorted by size!

alias duf='du -sk * | sort -n | perl -ne '\''($s,$f)=split(m{\t});for (qw(K M G)) {if($s<1024) {printf("%.1f",$s);print "$_\t$f"; last};$s=$s/1024}'\'
Usage: duf

Alternative without perl:
du -sk * | sort -n | while read size fname; do for unit in k M G T P E Z Y; do if [ $size -lt 1024 ]; then echo -e "${size}${unit}\t${fname}"; break; fi; size=$((size/1024)); done; done


Tested on: Linux (Redhat, Centos, Debian), Unix (Solaris, SunOS)
Author: http://www.earthinfo.org/linux-disk-usage-sorted-by-size-and-human-readable/