Script: Putting a Dell AppAssure Core server into “maintenance mode”

August 28, 2014 Leave a comment

A new script is available in my gists that is basically a direct copy of a KB from Dell/Quest that will put a Dell AppAssure core server into “maintenance mode” so that you can safely restart the server without causing corruption of the MongoDB aka Repository. There is also a script to remove a core from “maintenance mode.”

Auto-mapping in Exchange not working for some users? Map all the users’ DNs in the msExchDelegateListLink attribute

August 22, 2014 Leave a comment

Auto-mapping is a feature where an Exchange mailbox that a user has full access permission, will automatically be mapped in any Outlook Profile(s) that they log on to. I ran into it as I was researching why a security group who is granted Full Access permissions wasn’t having it’s members inherited for Full Access.

Auto-mapping worked fine for my user, but didn’t work for several users who had either their mailbox added to the shared mailbox before the 2010 migration [that the company did before my user was created].

So, I set out to find how to actually configure auto-mapping and came across a TechNet article on how to disable it per-user, which lead me to the AD/LDAP object attribute that contains the list of users who should have a given mailbox auto-mapped.

That attribute is msExchDelegateListLink, and it is available on the AD object to be mapped. Access it whatever method you chose, but I used adsiedit.msc. The values should be the distinguished name of the mailbox/user object for the users who will receive the auto-mapping of the object.

Note that when you move the AD object (so that the distinguished name is no longer the same), the msExchDelegateListLink attribute should be updated.

If you remove the DN from the msExchDelegateListLink attribute, it will un-auto-map the mailbox (by this time, you probably just want to remove Full Access permissions, which will remove the DN from the msExchDelegateListLink attribute anyway).

I can’t hear you…

$listofusers = 'user1','user2'
foreach ($user in $listofusers) { $(get-aduser $user).distinguishedname }

Working on editing the AD object attribute to avoid adsiedit.msc.

Querying for and uninstalling evil KBs with Powershell Remoting

August 18, 2014 1 comment

You haven’t enabled Powershell Remoting yet? C’mon! Check out this blog post and this verbose guide (Secrets of Powershell Remoting).

Disregarding security flaw edge cases, Powershell Remoting defaults follow good security practices, such as Kerberos cert based authentication (much like accessing an admin share), and fully encrypted TCP pipe.

This past week, two KBs made news for cause BSODs. Although none of our systems (workstations or servers) had BSODs caused, we still wanted to get a grasp on where the KBs were installed.

Powershell Remoting made this very simple. (old version)

In this case, the block starting with `get-wmiobject` queries computer objects (by OU) to check if the two given KBs are installed. A report is output to my desktop.

The block starting with `Invoke-Command` runs `wusa.exe` synchronously, and returns once the given KB is uninstalled. It will create a restore point. Before I did this, I took a look at WSUS to verify that the patch was pulled (and it was).

Note that if you use WSUS, you can find the update, and go to it’s Approval option and select Approve for Removal.

i have some IRCcloud invites

August 8, 2014 Leave a comment

I have some IRCcloud invites.

You know the deal. Respond and input your Email address in the Comment form (nothing fancy please), and I’ll get back to the first people that post [note that I can see the order even if you can't see the comment below].

Tags: , ,

I have some Demonoid invites

July 26, 2014 2 comments

I have some Demonoid invites.

You know the deal. Respond and input your Email address in the Comment form (nothing fancy please), and I’ll get back to the first people that post [note that I can see the order even if you can't see the comment below].

I went Blackberry and I can’t go back

July 25, 2014 Leave a comment

Three weeks ago my HTC One started rebooting repeatedly. I did what any self-respecting systems engineer would do, booted into TWRP recovery and performed a system wipe. This succeeded, but the rebooting continued. Odd, so I flashed stock recovery and performed a system wipe again. Same symptom.

I already had conditional forwarding (calls are forwarded on the condition of “no answer” or “busy”, *28 on Sprint) configured to forward to Google Voice, which served as my voicemail (set “do not disturb” on Google Voice); so I just added my work cell phone to ring when a Google voice call is received, and shut off “do not disturb.” Essentially, I had calls from my Sprint phone forwarded to my work cell phone without issue; granted no SMS/MMS forwarding, but so be it.

At Sprint’s advice, I called HTC for warranty replacement and, while visions of defense contractor surveillance engineers and package interception dancing in my head, I sent my phone off to HTC; and so began my journey to accidentally switching to Blackberry OS10 on the Z30, and now I can’t go back.
Read more…

Smelling the need for a Windows Event log monitor

July 9, 2014 Leave a comment

Google has not steered me wrong.

Thanks guy who wrote that.


Get every new post delivered to your Inbox.

Join 32 other followers

%d bloggers like this: