tag:blogger.com,1999:blog-67058276361557620442024-03-14T03:51:32.403+02:00IT ownsEveryday IT experience, experience IT everyday. At work and at home.Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.comBlogger96125tag:blogger.com,1999:blog-6705827636155762044.post-27038070759780207662019-02-09T12:28:00.002+02:002019-02-09T15:56:54.009+02:00Running phpBB3 forum on freenas jail (FreeBSD)<b>I. Create jail</b><br />
<br />
<br />
1) creating jail with name "phpbb3"
<br />
<pre class="brush: powershell"> iocage create -n phpbb3 -r 11.2-RELEASE </pre>
<br />
2) (optional) enable dhcp<br />
iocage set vnet=on bpf=yes dhcp=on phpbb3
<br />
<br />
3) start jail<br />
iocage start phpbb3<br />
<br />
<b>II. Install apache</b><br />
<br />
<br />
1) login into jail<br />
iocage console phpbb3<br />
<br />
2) install apache<br />
pkg install apache24
confirm prompts with y<br />
<br />
3) configure apache service<br />
sysrc apache24_enable=yes<br />
<br />
4) start apache<br />
service apache24 start<br />
<br />
5) verify it works, browse to http://your_jail_ip
you should see message "<b>It works!</b>"<br />
<br />
<b>III. Install php components</b><br />
<br />
<br />
1) install php components<br />
pkg install mod_php72 php72-mysqli php72-dom php72-iconv<br />
<br />
2) copy sample php config file<br />
cp /usr/local/etc/php.ini-production /usr/local/etc/php.ini<br />
<br />
<b>IV. Configure apache to use php</b><br />
<br />
<br />
1) add apache configuration file for php<br />
nano /usr/local/etc/apache24/Includes/php.conf<br />
enter the following contents:<br />
<br />
<ifmodule dir_module="">DirectoryIndex index.php index.html
<filesmatch php="">
SetHandler application/x-httpd-php
</filesmatch>
<filesmatch phps="">
SetHandler application/x-httpd-php-source</filesmatch></ifmodule><br />
<br />
<ifmodule dir_module=""><filesmatch phps=""></filesmatch></ifmodule>2) restart apache service
service apache24 restart<br />
<br />
3) create file for php test in default document root<br />
nano /usr/local/www/apache24/data/info.php
enter contents:
save and exit<br />
<br />
4) browse to http://your_jail_ip/info.php
you should see a page with various php details.<br />
<br />
5) delete the test file<br />
rm /usr/local/www/apache24/data/info.php<br />
<br />
<b>V. Install Mysql</b><br />
<b><br /></b>
1) install mysql server package<br />
<div>
pkg install mysql80-server</div>
<div>
2) enable mysql service </div>
<div>
sysrc mysql_enable=yes</div>
<div>
3) start mysql service</div>
<div>
service mysql-server start</div>
<div>
4) run script to secure mysql installation</div>
<div>
mysql_secure_installation<br />
<ul>
<li>choose Y for VALIDATE PASSWORD COMPONENT, in this example we choose level 1 MEDIUM for validation policy</li>
<li>enter new password for root and re-enter it</li>
<li>choose y to remove anonymous users</li>
<li>choose y to allow only local login for root</li>
<li>choose y to remove default database and access to it</li>
<li>choose y to reload privileges</li>
</ul>
5) create new database for phpbb3<br />
a) login to mysql<br />
myslq -u root -p<br />
enter your password when prompted<br />
b) enter command for db creation and hit enter:<br />
CREATE DATABASE phpbb3;<br />
<br />
6) create mysql user<br />
CREATE USER 'phpbb3user'@'localhost' IDENTIFIED BY '<i>password123</i>'<br />
<br />
7) assign permissions for new users to phpbb3 database<br />
GRANT ALL PRIVILEGES ON phpbb3.* TO 'phpbb3user'@'localhost';<br />
<br />
tbc...<br />
<br />
8) legacy authentication stuff<br />
<br />
9) reload privileges<br />
FLUSH PRIVILEGES;<br />
<br />
10) exit mysql<br />
exit<br />
<b><br /></b>
<b><br /></b>
<b>VI. Install phpbb3</b><br />
<br />
1) install package<br />
pkg install phpbb3<br />
<br />
<br />
tbc<br />
<br />
<br />
Links used:
https://www.digitalocean.com/community/tutorials/how-to-install-an-apache-mysql-and-php-famp-stack-on-freebsd-10-1
https://forums.freebsd.org/threads/installing-www-phpbb3.68616/
https://forums.freenas.org/index.php?threads/iocage-helper-thread.59988/
<br />
https://www.digitalocean.com/community/tutorials/how-to-create-a-new-user-and-grant-permissions-in-mysql</div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com1tag:blogger.com,1999:blog-6705827636155762044.post-23245388902282993992018-10-11T10:37:00.003+03:002018-10-18T08:50:00.088+03:00Change SCCM Offline Servicing location (with powershell)<br />
There is plenty google results for how to change SCCM Offline Servicing location, but most of those that I've checked involve using wbemtest.exe, I wanted a way to do that with powershell, so here it is:<br />
<br />
<pre class='brush: powershell'>
#your SCCM Site Name
$SiteName = "ITO"
#the drive where you want offlince servicing to happen
$TargetDrive = "D:"
$CimInstance = Get-CimInstance -Namespace root/SMS/site_$SiteName -ClassName SMS_SCI_Component -Filter "SiteCode='$SiteName' and ItemName like 'SMS_OFFLINE_SERVICING_MANAGER%'"
($CimInstance.Props | Where-Object {$_.PropertyName -eq "StagingDrive"}).Value1 = $TargetDrive
Set-CimInstance -CimInstance $CimInstance -PassThru
</pre>
<br />
Links:<br />
<a href="https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Customizing-Offline-Servicing-of-Operating-System-Images/ba-p/247778">https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/Customizing-Offline-Servicing-of-Operating-System-Images/ba-p/247778</a><br />
<a href="https://docs.microsoft.com/en-us/powershell/module/cimcmdlets/get-ciminstance?view=powershell-6">https://docs.microsoft.com/en-us/powershell/module/cimcmdlets/get-ciminstance?view=powershell-6</a><br />
<a href="https://docs.microsoft.com/en-us/powershell/module/cimcmdlets/set-ciminstance?view=powershell-6">https://docs.microsoft.com/en-us/powershell/module/cimcmdlets/set-ciminstance?view=powershell-6</a><br />
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-3557202974584798432017-06-08T08:28:00.001+03:002017-06-08T08:28:28.836+03:00The target principal name is incorrect. Cannot generate SSPI context.You might encounter this error when trying to connect remotely to MS SQL via management studio. Basically it means that Kerberos is not working, you can verify this by running this query while connected to MS SQL locally:<br />
<br />
<pre class=""><b><i><code>select auth_scheme from sys.dm_exec_connections where session_id=@@spid</code></i></b></pre>
<br />
You should see NTLM in the result if Kerberos is not working.<br />
<br />
The error says that SPN is incorrect, however you verify that SPN is actually ok:<br />
<strong>SETSPN -L <sql account="" instance="" server="" service=""></sql></strong><br />
<br />
Additionally on domain controller you might see similar event logged:<br />
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:0cm;
margin-right:0cm;
margin-bottom:8.0pt;
margin-left:0cm;
line-height:107%;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
.MsoChpDefault
{font-family:"Calibri",sans-serif;}
.MsoPapDefault
{margin-bottom:8.0pt;
line-height:107%;}
/* Page Definitions */
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
-->
</style>
<br />
<div class="WordSection1">
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; text-autospace: none;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; text-autospace: none;">
<i><span style="color: black; font-family: "Segoe UI",sans-serif; font-size: 10.0pt;">While processing an AS request for target service krbtgt, the
account <svc_account> did not have a suitable key for generating a Kerberos ticket
(the missing key has an ID of 1). The requested etypes : 18 17 3. The accounts
available etypes : 23 -133 -128. Changing or resetting the password of </svc_account></span></i><i><span style="color: black; font-family: "Segoe UI",sans-serif; font-size: 10.0pt;"><i><span style="color: black; font-family: "Segoe UI",sans-serif; font-size: 10.0pt;"><svc_account></svc_account></span></i>
will generate a proper key.</span></i></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; text-autospace: none;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; text-autospace: none;">
<span style="color: black; font-family: "Segoe UI",sans-serif; font-size: 10.0pt;">In my case I solved this by changing the SQLServer service account to a newly created one, since I was not able to reset the password for it, due to the fact it might have been used elsewhere. Generally resetting password for that account as suggested in the event log should fix this also. </span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; text-autospace: none;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; text-autospace: none;">
<span style="color: black; font-family: "Segoe UI",sans-serif; font-size: 10.0pt;">Links:</span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0cm; text-autospace: none;">
<span style="color: black; font-family: "Segoe UI",sans-serif; font-size: 10.0pt;">https://blogs.msdn.microsoft.com/meer_alam/2015/05/10/the-target-principal-name-is-incorrect-cannot-generate-sspi-context/ </span><i><span style="color: black; font-family: "Segoe UI",sans-serif; font-size: 10.0pt;"> </span></i></div>
</div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-46889092198284821812017-03-29T11:33:00.002+03:002017-03-29T11:36:48.449+03:00Enabling AntiSpam agents on Exchange 2016 Mailbox server, including Connection Filtering Agent<span style="font-size: large;">If you have no Edge server and want to use Exchange anti spam features, you probably already know how to install antispam agents on mailbox server:</span><br />
<i><b></b><br /></i>
<i>& $env:ExchangeInstallPath\Scripts\Install-AntiSpamAgents.ps1</i><br />
<div>
<b><i><br /></i></b></div>
<div>
<span style="font-size: large;">However this does not enable connection filtering agent, which is by far the most useful of all the agents since it allows to use online blacklists. To enable this service in exchange shell run (one line):</span></div>
<div>
<div>
<br /></div>
<div>
<i>Install-TransportAgent -Name "Connection Filtering Agent" -TransportService FrontEnd -TransportAgentFactory "Microsoft.Exchange.Transport.Agent.ConnectionFiltering.ConnectionFilteringAgentFactory" -AssemblyPath "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\agents\Hygiene\Microsoft.Exchange.Transport.Agent.Hygiene.dll"</i></div>
</div>
<div>
<span style="font-size: large;"></span><br /></div>
<div>
<span style="font-size: large;">You will also need to configure it with your favorite RBLs, for example:</span><br />
<br /></div>
<div>
<div>
<i>Add-IPBlockListProvider -Name zen.spamhaus.org -LookupDomain zen.spamhaus.org -AnyMatch $true -Enabled $true</i></div>
<div>
<i>Add-IPBlockListProvider -name bl.spamcop.net -LookupDomain bl.spamcop.net -AnyMatch $true -Enabled $true</i></div>
<div>
<i>Add-IPBlockListProvider -name b.barracudacentral.org -LookupDomain b.barracudacentral.com -AnyMatch $true -Enabled $true</i></div>
<div>
<i>Enable-TransportAgent -TransportService FrontEnd -Identity "Connection Filtering Agent"</i></div>
<div>
<i>Restart-Service MSExchangeTransport</i></div>
<div>
<b><i><br /></i></b></div>
<div>
Links:</div>
<div>
<a href="https://technet.microsoft.com/en-us/library/bb201691(v=exchg.160).aspx">https://technet.microsoft.com/en-us/library/bb201691(v=exchg.160).aspx</a></div>
</div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com5tag:blogger.com,1999:blog-6705827636155762044.post-32161343130756474992015-01-27T13:59:00.001+02:002015-01-27T14:56:27.718+02:00Publishing FTPS on TMG 2010.<div abp="504" class="separator" style="clear: both; text-align: left;">
For instructions on creating FTP site on IIS read this post - <a abp="127" href="http://itowns.blogspot.com/2015/01/creating-ftp-or-ftps-on-iis-85-with.html">Creating FTP or FTPS on IIS 8.5 (with Active Directory User isolation).</a> </div>
<div abp="504" class="separator" style="clear: both; text-align: left;">
<span abp="555" style="font-size: x-large;"></span> </div>
<div abp="504" class="separator" style="clear: both; text-align: left;">
<span style="font-size: x-large;"><strong>I. Configure FTP for Firewall Support (IIS 8.5)</strong></span></div>
<div abp="504" class="separator" style="clear: both; text-align: left;">
1. Open IIS Manager, in connections pane select your FTPS server and in Features View double click <strong>FTP Firewall Support</strong></div>
<div abp="504" class="separator" style="clear: both; text-align: center;">
<a abp="505" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSJbElWbKm4n0i0rc5DLqOAQ5gPtDOHDKXfGYKSTP-oNUPs-7mR9pizeucyf-HZUe8kupy2OK43hULQYxSpY5VUIwcaUY_chyb6ZyEkrdBDjlJ9yEG7CablsVV8QbHVW8nCCGTTP-6Rp0/s1600/iisfw01.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="506" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSJbElWbKm4n0i0rc5DLqOAQ5gPtDOHDKXfGYKSTP-oNUPs-7mR9pizeucyf-HZUe8kupy2OK43hULQYxSpY5VUIwcaUY_chyb6ZyEkrdBDjlJ9yEG7CablsVV8QbHVW8nCCGTTP-6Rp0/s1600/iisfw01.png" height="329" width="640" /></a></div>
<div abp="507" style="text-align: left;">
</div>
<div abp="507" style="text-align: left;">
2. Enter <strong abp="556">port range for Data Channel</strong> for example we will be using 50100-50200. Also enter external IP of your firewall in this example yyy.yyy.yyy.yyy and in <strong abp="557">Actions </strong>pane click <strong abp="558">Apply</strong>. </div>
<div abp="507" style="text-align: left;">
<strong abp="559">Note:</strong> do not forget to allow this port range on your FTPS servers windows firewall, if it is not added automatically.</div>
<div abp="508" class="separator" style="clear: both; text-align: center;">
<a abp="509" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyYNON43Yr3loJMzqUmjg-Q8xqf8pkz83mK_ycAIM_6K0PaitFOm-C0yf_gGm_J88ObHR64wbSd83zukmCCheseVVEFjv8Svj2sdXxdrHA090pC-z88aNZwTJqzqge3KRR24N-VjLDDOo/s1600/iisfw04.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="510" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgyYNON43Yr3loJMzqUmjg-Q8xqf8pkz83mK_ycAIM_6K0PaitFOm-C0yf_gGm_J88ObHR64wbSd83zukmCCheseVVEFjv8Svj2sdXxdrHA090pC-z88aNZwTJqzqge3KRR24N-VjLDDOo/s1600/iisfw04.png" height="326" width="640" /></a></div>
<div abp="508" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="508" class="separator" style="clear: both; text-align: left;">
3. Repeat same step on FTP site level. Select your FTP site and in Feature View double click FTP Firewall Support.</div>
<div abp="560" class="separator" style="clear: both; text-align: center;">
<a abp="561" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9riSmOblTVw2M3FRlJ64oYBj5MCvKCTbAeXf8S_UYc6TE-29s_iDmrGqG8X5IfOZ6ZTkvszvqspnGMIVLjq4dGhOmy8BgvwTeN4bBNXb2u4JAcF6P7kPE7Xdntca58WFrpfhhip5tFDA/s1600/iisfw03.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="562" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9riSmOblTVw2M3FRlJ64oYBj5MCvKCTbAeXf8S_UYc6TE-29s_iDmrGqG8X5IfOZ6ZTkvszvqspnGMIVLjq4dGhOmy8BgvwTeN4bBNXb2u4JAcF6P7kPE7Xdntca58WFrpfhhip5tFDA/s1600/iisfw03.png" height="324" width="640" /></a></div>
<div abp="511" style="text-align: left;">
</div>
<div abp="511" style="text-align: left;">
4. <strong abp="563">Data Channel Port Range</strong> should be greyed out with the value you specified earlier. For <strong abp="564">External IP Address of Firewall</strong> enter your firewalls external IP: yyy.yyy.yyy.yyy and in <strong abp="565">Actions</strong> pane click <strong abp="566">Apply</strong>.</div>
<div abp="512" class="separator" style="clear: both; text-align: center;">
<a abp="513" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1o8ebBtdBxiZUVyZCz5ru39sntIBtKze-mrKT7v5jzt7ylifCF1QELRX2xBlXm_LFyUoUwtL5xkzkjJc3Jlr7E23G7kg7WJBX5yzNwecjXtSFqhSFltoCXuTHPiYWSPgriODVv9Hqsu8/s1600/iisfw02.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="514" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1o8ebBtdBxiZUVyZCz5ru39sntIBtKze-mrKT7v5jzt7ylifCF1QELRX2xBlXm_LFyUoUwtL5xkzkjJc3Jlr7E23G7kg7WJBX5yzNwecjXtSFqhSFltoCXuTHPiYWSPgriODVv9Hqsu8/s1600/iisfw02.png" height="324" width="640" /></a></div>
<div abp="515" style="text-align: left;">
</div>
<div abp="350" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="350" class="separator" style="clear: both; text-align: left;">
<span abp="567" style="font-size: x-large;"><strong>II. Create Publishing rule on TMG</strong></span></div>
<div abp="350" class="separator" style="clear: both; text-align: left;">
1. Open Forefront TMG console, right click <strong abp="568">Firewall Policy</strong> and choose <strong abp="569">New</strong>-><strong abp="570">Create new Non-Web Server Protocol Publishing Rule...</strong></div>
<div abp="350" class="separator" style="clear: both; text-align: center;">
<a abp="351" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwZ8xoThOeHV8fqZ04j9IWu83WGHjjdArKjKKIahwMgd3aa56aQHRr7uhd-8Cj2JYP8TEkzgil2QLzCvwE6O5f58XbJW9IV65Bqyz7AOjDvzXszCi8gRhqdTbx3gQZ4mMsTBv8nTLZmpo/s1600/fp1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="352" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwZ8xoThOeHV8fqZ04j9IWu83WGHjjdArKjKKIahwMgd3aa56aQHRr7uhd-8Cj2JYP8TEkzgil2QLzCvwE6O5f58XbJW9IV65Bqyz7AOjDvzXszCi8gRhqdTbx3gQZ4mMsTBv8nTLZmpo/s1600/fp1.png" /></a> </div>
<div abp="350" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="350" class="separator" style="clear: both; text-align: left;">
2. Enter the name of your FTPS rule for example "FTPS" and click <strong abp="619">Next</strong></div>
<div abp="620" class="separator" style="clear: both; text-align: center;">
<a abp="621" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKwfVa5lb8bTwJf7H1E4brhd5CaWYJA41651EP2iiUePIfqaLUusDQ9lDjM5StmKhMHr01I4vDjA85EwU7gwLS_TVly8-dJBhJ85Q-j2Hg8r3svg9TmGWAFh1JjCxvoCRWk5DKZv81y8Q/s1600/FTPS+rule+name.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="622" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKwfVa5lb8bTwJf7H1E4brhd5CaWYJA41651EP2iiUePIfqaLUusDQ9lDjM5StmKhMHr01I4vDjA85EwU7gwLS_TVly8-dJBhJ85Q-j2Hg8r3svg9TmGWAFh1JjCxvoCRWk5DKZv81y8Q/s1600/FTPS+rule+name.png" /></a></div>
<div abp="350" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="350" class="separator" style="clear: both; text-align: left;">
3. Enter IP address of your FTPS server</div>
<div abp="354" class="separator" style="clear: both; text-align: center;">
<a abp="355" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDkg4k-rGjodHEDFFFDq0fciB_hAGjRUJyNYXbDjC2UJ_8IpVUQyIjTcITCP3DadpWysplnmTHI-2kwTRqJONxO4mBMIb9JbBGRhMquvSLp4IUv-sSl7rP0DsoSho-g_5A96xzv4bjN4Q/s1600/fp2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="356" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDkg4k-rGjodHEDFFFDq0fciB_hAGjRUJyNYXbDjC2UJ_8IpVUQyIjTcITCP3DadpWysplnmTHI-2kwTRqJONxO4mBMIb9JbBGRhMquvSLp4IUv-sSl7rP0DsoSho-g_5A96xzv4bjN4Q/s1600/fp2.png" /></a></div>
<div abp="354" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="354" class="separator" style="clear: both; text-align: left;">
3. Click <strong abp="638">New...</strong> to create new protocol definition</div>
<div abp="639" class="separator" style="clear: both; text-align: center;">
<a abp="640" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5oRfkurfxAu0uH3P610jWOyHCNBzI3Y7OzfZmIkTlrzTnvDX7MWpmavpiTHmrkXPnO8C7yRSxSEl4SbWmr5YmY6vDbkBERvX1M6BlvEKww7qbGC9NQnSWnr0_HpErIUYEdbcqU0u_Ktg/s1600/FTPS+new+protocol.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="641" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg5oRfkurfxAu0uH3P610jWOyHCNBzI3Y7OzfZmIkTlrzTnvDX7MWpmavpiTHmrkXPnO8C7yRSxSEl4SbWmr5YmY6vDbkBERvX1M6BlvEKww7qbGC9NQnSWnr0_HpErIUYEdbcqU0u_Ktg/s1600/FTPS+new+protocol.png" /></a></div>
<div abp="354" style="clear: both; text-align: left;">
</div>
<div abp="354" style="clear: both; text-align: left;">
4. Specify name for you protocol definition for example "FTPS Custom" and click <strong>Next</strong></div>
<div class="separator" style="clear: both; text-align: center;">
<a abp="573" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY6PUS51udL4gpaUt-2FPqQDk4gfuNtBrea7vV7DDmpxX4Vo1LQQp6w7evvNaaWZkPcB7T2y17AosO32tGa61TUB9O3M_7QuLJmx9lRVCv1gLsvPlpJKg9L0sY-hGwxiVzxoqP9OIgG9Q/s1600/FTPS+custom.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="574" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY6PUS51udL4gpaUt-2FPqQDk4gfuNtBrea7vV7DDmpxX4Vo1LQQp6w7evvNaaWZkPcB7T2y17AosO32tGa61TUB9O3M_7QuLJmx9lRVCv1gLsvPlpJKg9L0sY-hGwxiVzxoqP9OIgG9Q/s1600/FTPS+custom.png" style="cursor: move;" unselectable="on" /></a></div>
<div abp="354" style="clear: both; text-align: left;">
</div>
<div abp="354" style="clear: both; text-align: left;">
4. Click <strong abp="571">New</strong> to add port range for your protocol definition</div>
<div abp="354" style="clear: both; text-align: center;">
<a abp="359" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaGDl3zEfiB43y83gWuMZkVt2KaxcNVRtMDK-x_pXh7eibx0BabDzRwcyBfP4fELaOZjBHTlyKJqHv7Ja-tUToqsyp5XjfIdP1lWD0TP83Mr_AsOBL-NporpIolnczBU2s11Y66RbwgGY/s1600/fp3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="360" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaGDl3zEfiB43y83gWuMZkVt2KaxcNVRtMDK-x_pXh7eibx0BabDzRwcyBfP4fELaOZjBHTlyKJqHv7Ja-tUToqsyp5XjfIdP1lWD0TP83Mr_AsOBL-NporpIolnczBU2s11Y66RbwgGY/s1600/fp3.png" /></a></div>
<div abp="358" style="clear: both; text-align: left;">
</div>
<div abp="358" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="361" style="text-align: left;">
</div>
<div abp="361" style="text-align: left;">
5. Specify the following</div>
<div abp="361" style="text-align: left;">
<strong abp="575">Protocol type</strong>: TCP</div>
<div abp="361" style="text-align: left;">
<strong>Direction</strong>: Inbound</div>
<div abp="361" style="text-align: left;">
<strong abp="576">Port Range</strong>: <strong abp="577">From</strong>: 21 <strong abp="578">To</strong>: 21</div>
<div abp="361" style="text-align: left;">
and click <strong abp="579">OK</strong></div>
<div abp="362" class="separator" style="clear: both; text-align: center;">
<a abp="363" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoqBIvvM6FKh4bhm5mWyypywnWBOf5zRjUxqr7No9tB7gfNV4vurzSu02YMNCw-opjg2kISNcjF8C8kQxzi7afQti73MBMFM_C0cJ_NFLdCWmnCW3IvtOl5THtBOafFN6nBjwwj2GmQH4/s1600/fp4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="364" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoqBIvvM6FKh4bhm5mWyypywnWBOf5zRjUxqr7No9tB7gfNV4vurzSu02YMNCw-opjg2kISNcjF8C8kQxzi7afQti73MBMFM_C0cJ_NFLdCWmnCW3IvtOl5THtBOafFN6nBjwwj2GmQH4/s1600/fp4.png" /></a></div>
<div abp="365" style="text-align: left;">
</div>
<div abp="365" style="text-align: left;">
6. In <strong abp="580">New Protocol Definition Wizard</strong> click <strong abp="581">New </strong>one more time to add port range for data channel we specified in step I.2.</div>
<div abp="365" style="text-align: left;">
Specify the following</div>
<div abp="365" style="text-align: left;">
<strong abp="582">Protocol type</strong>: TCP</div>
<div abp="365" style="text-align: left;">
<strong>Direction</strong>: Inbound</div>
<div abp="365" style="text-align: left;">
<strong abp="583">Port Range</strong>: <strong abp="584">From</strong>: 50100 <strong abp="585">To</strong>: 50200</div>
<div abp="365" style="text-align: left;">
and click <strong abp="586">OK</strong></div>
<div abp="366" class="separator" style="clear: both; text-align: center;">
<a abp="367" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSPzaBbHo7fJZKaYSXe68oCXmOpn7s2-rQ8D6Ce0INTb4_XpsT7XijGZsDcHpVbn8MzMaHg_LOgFfwcJqYQXrcjMIbzg_lCLncteL1I_4CoWKhx2SIL_ElAAoqRGvGHbTd67ISVOGSHKk/s1600/fp5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="368" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSPzaBbHo7fJZKaYSXe68oCXmOpn7s2-rQ8D6Ce0INTb4_XpsT7XijGZsDcHpVbn8MzMaHg_LOgFfwcJqYQXrcjMIbzg_lCLncteL1I_4CoWKhx2SIL_ElAAoqRGvGHbTd67ISVOGSHKk/s1600/fp5.png" /></a></div>
<div abp="369" style="text-align: left;">
</div>
<div abp="369" style="text-align: left;">
7. Check if protocol configuration is fine and click <strong abp="587">Next</strong></div>
<div abp="370" class="separator" style="clear: both; text-align: center;">
<a abp="371" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikkOv6TwUeUbW4DiiViesxNALnepgYnGefhB5k_5GOFP3Jyr2vkrW31tM1Td1edm3pLnS99VqWJD8gJAMO4v60xd1gOOKbLHhZcWZQrrb0NsOxaQlxeFa4Krp9DNIG152DStpm6q1tRmo/s1600/fp6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="372" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikkOv6TwUeUbW4DiiViesxNALnepgYnGefhB5k_5GOFP3Jyr2vkrW31tM1Td1edm3pLnS99VqWJD8gJAMO4v60xd1gOOKbLHhZcWZQrrb0NsOxaQlxeFa4Krp9DNIG152DStpm6q1tRmo/s1600/fp6.png" /></a></div>
<div abp="373" style="text-align: left;">
</div>
<div abp="373" style="text-align: left;">
8. On following step leave the default <strong abp="588">No</strong> selected and click <strong abp="589">Next</strong></div>
<div abp="374" class="separator" style="clear: both; text-align: center;">
<a abp="375" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgua7AzZqGILqLDjA5pqN8AvXIBrEp77iJe-xOZ6d6tldVMJk16GJH6wLjkT_l4tqI06VBgnsyHIQRyYL0dx1xHLXn7LHzZovPoEy1GyZLIYh0mMpEGCgfo4sbmivlElLTELWAO0QYcNfM/s1600/fp7.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="376" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgua7AzZqGILqLDjA5pqN8AvXIBrEp77iJe-xOZ6d6tldVMJk16GJH6wLjkT_l4tqI06VBgnsyHIQRyYL0dx1xHLXn7LHzZovPoEy1GyZLIYh0mMpEGCgfo4sbmivlElLTELWAO0QYcNfM/s1600/fp7.png" /></a></div>
<div abp="377" style="text-align: left;">
</div>
<div abp="377" style="text-align: left;">
9. Double check the settings and click <strong abp="590">Finish</strong></div>
<div abp="378" class="separator" style="clear: both; text-align: center;">
<a abp="379" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8_B6KIXKe9TuyGNY1zSbQU-wdYL8FS4SgiTOLN16NwAy5hKOOF47bgnaK6VgldFQ1RSI3kE5b2wzb-xs1tmyZZhcqPNFf49w8b7O0CcStho5y0OXohyphenhyphen5_HkyIOCbm4PomNKMucSzEpCE/s1600/fp8.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="380" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8_B6KIXKe9TuyGNY1zSbQU-wdYL8FS4SgiTOLN16NwAy5hKOOF47bgnaK6VgldFQ1RSI3kE5b2wzb-xs1tmyZZhcqPNFf49w8b7O0CcStho5y0OXohyphenhyphen5_HkyIOCbm4PomNKMucSzEpCE/s1600/fp8.png" /></a></div>
<div abp="381" style="text-align: left;">
</div>
<div abp="381" style="text-align: left;">
10. After protocol definition has been created we can proceed with the rule. Click <strong abp="591">Next</strong></div>
<div abp="382" class="separator" style="clear: both; text-align: center;">
<a abp="383" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZfzOCtiftbBrf2Ns7PDoG3Dp3kAUoTC-_1q9V82W4JVR4bCrR3RVY7bYGzHdSaHXPlCi_wmKNSCmm3SN8BhWaVjzQFHtN-n2HoozPVpCPWGQ1IGPd8OhvvyOq4THNwTThud9Qnur20J0/s1600/fp9.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="384" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZfzOCtiftbBrf2Ns7PDoG3Dp3kAUoTC-_1q9V82W4JVR4bCrR3RVY7bYGzHdSaHXPlCi_wmKNSCmm3SN8BhWaVjzQFHtN-n2HoozPVpCPWGQ1IGPd8OhvvyOq4THNwTThud9Qnur20J0/s1600/fp9.png" /></a></div>
<div abp="385" style="text-align: left;">
</div>
<div abp="385" style="text-align: left;">
11. Select checkbox next to <strong abp="592">External</strong> network and click <strong abp="593">Address...</strong> to specify external IP on which the FTPS service rule will be listening</div>
<div abp="386" class="separator" style="clear: both; text-align: center;">
<a abp="387" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb0v892YQnBHi1CV2ZmeSLAUdpcOfRTNN-25WBZXaUScn6_D30bi6cgoEc3n8WHKe7cL4qRMbZzADiZ6p8lbVk8mo5xKzPcWftfITWC8crlRk5GArQQ5SDnbpJ_rzvk3teuvEUH4gOVzA/s1600/fp10.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="388" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb0v892YQnBHi1CV2ZmeSLAUdpcOfRTNN-25WBZXaUScn6_D30bi6cgoEc3n8WHKe7cL4qRMbZzADiZ6p8lbVk8mo5xKzPcWftfITWC8crlRk5GArQQ5SDnbpJ_rzvk3teuvEUH4gOVzA/s1600/fp10.png" /></a></div>
<div abp="389" style="text-align: left;">
</div>
<div abp="389" style="text-align: left;">
12. Select <strong abp="594">Specified IP addressess on the Forefront TMG computer in the selected network </strong>and add the IP you specified in step I.2 (in this example yyy.yyy.yyy.yyy). After that click <strong abp="595">OK</strong></div>
<div abp="390" class="separator" style="clear: both; text-align: center;">
<a abp="391" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGW50OFyvaiSI_jBndqv2ln0iP8hTESgvl8nJF94XkKuzzl2T96xpUl5sjCxZEWC6pb1JwulMaoXWpEHajn0QcPJx02DSZX8erdldj0nWqnZU53TLuvCmx3m2KlqVDlusQJM8SM5EyE_w/s1600/fp11.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="392" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgGW50OFyvaiSI_jBndqv2ln0iP8hTESgvl8nJF94XkKuzzl2T96xpUl5sjCxZEWC6pb1JwulMaoXWpEHajn0QcPJx02DSZX8erdldj0nWqnZU53TLuvCmx3m2KlqVDlusQJM8SM5EyE_w/s1600/fp11.png" /></a></div>
<div abp="390" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="390" class="separator" style="clear: both; text-align: left;">
13. Click <strong abp="596">Next</strong> to proceed</div>
<div abp="394" class="separator" style="clear: both; text-align: center;">
<a abp="395" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPwMzJMlFAc9pqnp9Fy_OzAaSJPDGj7NdcDtuNhJ0YCRGcKrgAQLEPpY6VJ1g-eaznl4DT08d78boH1FGiCsxOOVd85Q_uiI6go992h0rVM7TjqbJAr1a-VLepMYuPdrbO2w_2TLYBSRM/s1600/fp12.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="396" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhPwMzJMlFAc9pqnp9Fy_OzAaSJPDGj7NdcDtuNhJ0YCRGcKrgAQLEPpY6VJ1g-eaznl4DT08d78boH1FGiCsxOOVd85Q_uiI6go992h0rVM7TjqbJAr1a-VLepMYuPdrbO2w_2TLYBSRM/s1600/fp12.png" /></a></div>
<div abp="397" style="text-align: left;">
</div>
<div abp="397" style="text-align: left;">
14. Click <strong>Finish</strong> to end the Publishing Rule Wizard</div>
<div abp="398" class="separator" style="clear: both; text-align: center;">
<a abp="399" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh34zgeEWndkieIzSVJJljmoj1UJB50LZV8vXMCzNb8iz1Vl9GdF7SsZK0PQ6Bew8KF_XMaKB-ChydfsmJ-jtSRZExZdARBL1ZmMg_zjMskejjrTyl3sjVhQqfZWa_424zNyExX-Nq1ou4/s1600/fp13.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="400" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh34zgeEWndkieIzSVJJljmoj1UJB50LZV8vXMCzNb8iz1Vl9GdF7SsZK0PQ6Bew8KF_XMaKB-ChydfsmJ-jtSRZExZdARBL1ZmMg_zjMskejjrTyl3sjVhQqfZWa_424zNyExX-Nq1ou4/s1600/fp13.png" /></a></div>
<div abp="401" style="text-align: left;">
15. Click <strong>Apply</strong> in TMG console and then click<strong> OK</strong>. Wait a few minutes and you are ready to test your FTPS server from external client.</div>
<div abp="402" class="separator" style="clear: both; text-align: center;">
<a abp="403" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjauiK5EIYra1215EAYE4D2bU9Toe45wPzJvFo4Fqt62us_uTX1Jlkb9LfA67uIS7Bnb02oXpJNAjWVfb-4f-haU4-5DY9qvmsIs-gEIxNwAguHOXhDMlG2NM2WvqUfQ7LfaeIpbM2IF-w/s1600/fp14.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="404" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjauiK5EIYra1215EAYE4D2bU9Toe45wPzJvFo4Fqt62us_uTX1Jlkb9LfA67uIS7Bnb02oXpJNAjWVfb-4f-haU4-5DY9qvmsIs-gEIxNwAguHOXhDMlG2NM2WvqUfQ7LfaeIpbM2IF-w/s1600/fp14.png" height="140" width="640" /></a></div>
<div abp="405" style="text-align: left;">
</div>
<div abp="406" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="409" style="text-align: left;">
</div>
<div abp="410" class="separator" style="clear: both; text-align: left;">
Links:</div>
<div abp="410" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="413" style="text-align: left;">
<a href="http://www.isaserver.org/articles-tutorials/configuration-security/secure-file-transfer-microsoft-ftp-over-ssl-and-forefront-threat-management-gateway-tmg-2010.html">http://www.isaserver.org/articles-tutorials/configuration-security/secure-file-transfer-microsoft-ftp-over-ssl-and-forefront-threat-management-gateway-tmg-2010.html</a></div>
<div abp="414" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="417" style="text-align: left;">
</div>
<div abp="418" class="separator" style="clear: both; text-align: left;">
</div>
<div abp="16" style="text-align: left;">
</div>
<img height="73" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY6PUS51udL4gpaUt-2FPqQDk4gfuNtBrea7vV7DDmpxX4Vo1LQQp6w7evvNaaWZkPcB7T2y17AosO32tGa61TUB9O3M_7QuLJmx9lRVCv1gLsvPlpJKg9L0sY-hGwxiVzxoqP9OIgG9Q/s1600/FTPS+custom.png" style="left: 398px; opacity: 0.3; position: absolute; top: 3460px;" width="96" />
<!-- Blogger automated replacement: "https://images-blogger-opensocial.googleusercontent.com/gadgets/proxy?url=http%3A%2F%2F2.bp.blogspot.com%2F-zOAGFiUnD10%2FVMd560I-LFI%2FAAAAAAAAA1M%2Fb1VZurb0LN0%2Fs1600%2FFTPS%252Bcustom.png&container=blogger&gadget=a&rewriteMime=image%2F*" with "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY6PUS51udL4gpaUt-2FPqQDk4gfuNtBrea7vV7DDmpxX4Vo1LQQp6w7evvNaaWZkPcB7T2y17AosO32tGa61TUB9O3M_7QuLJmx9lRVCv1gLsvPlpJKg9L0sY-hGwxiVzxoqP9OIgG9Q/s1600/FTPS+custom.png" --><!-- Blogger automated replacement: "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY6PUS51udL4gpaUt-2FPqQDk4gfuNtBrea7vV7DDmpxX4Vo1LQQp6w7evvNaaWZkPcB7T2y17AosO32tGa61TUB9O3M_7QuLJmx9lRVCv1gLsvPlpJKg9L0sY-hGwxiVzxoqP9OIgG9Q/s1600/FTPS+custom.png" with "https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhY6PUS51udL4gpaUt-2FPqQDk4gfuNtBrea7vV7DDmpxX4Vo1LQQp6w7evvNaaWZkPcB7T2y17AosO32tGa61TUB9O3M_7QuLJmx9lRVCv1gLsvPlpJKg9L0sY-hGwxiVzxoqP9OIgG9Q/s1600/FTPS+custom.png" -->Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-65659964271127802512015-01-26T12:15:00.001+02:002015-01-27T14:54:29.097+02:00Creating FTP or FTPS on IIS 8.5 (with Active Directory User isolation).<div abp="339">
<div abp="1288">
The goal of this article is to describe how to create FTP(S) on IIS so we can use Active Directory accounts to authenticate to FTP. And configure AD user isolation, so the users have individual home folders.</div>
</div>
<div abp="340">
<div abp="1290">
</div>
</div>
<div abp="341">
<div abp="1292">
<span abp="342" style="font-size: large;">1. Install IIS Role and required features</span></div>
</div>
<div abp="343">
<div abp="1295">
<span abp="344" style="font-size: large;"></span> </div>
</div>
<div abp="345">
<div abp="1298">
In <strong abp="346">Server Manager </strong>click on Add roles and features</div>
</div>
<div abp="347">
<div abp="1301">
Click <strong abp="348">Next</strong></div>
</div>
<div abp="349">
<div abp="1304">
Installation Type - choose <strong abp="350">Role-based or feature-based installation</strong> and click <strong abp="351">Next</strong></div>
</div>
<div abp="352">
<div abp="1308">
Server Selection - choose your server and click <strong abp="353">Next</strong></div>
</div>
<div abp="354">
<div abp="1311">
Server Roles - select <strong abp="355">Web Server (IIS) </strong>and confirm required features by clicking <strong abp="356">Add Features </strong>in the popup window, click <strong abp="357">Next</strong></div>
</div>
<div abp="358">
<div abp="1316">
In the Features and Web Server Role (IIS) sections click <strong abp="359">Next</strong></div>
</div>
<div abp="360">
<div abp="1319">
Role Services - deselect the roles you don't need, if it's going to be dedicated FTP server then leave only <strong abp="361">FTP Server/FTP Service</strong> and <strong abp="362">Management Tools/IIS management Console</strong> selected and click <strong abp="363">Next</strong></div>
</div>
<div abp="364" class="separator" style="clear: both; text-align: center;">
<a abp="365" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIbqipo9pDAUWrAl070IBKAuR7eO3zIabD-yWVwIpCEIUG8B4mX0HDXBWUMwRyaFjvu3mg8PFlWyITSMHo3dafVjrEtfS-cJY63qKYb5x6kvAZzNWDm0SMJVo_OWxNir0GV4F3uHSJNyM/s1600/ftp1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="366" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIbqipo9pDAUWrAl070IBKAuR7eO3zIabD-yWVwIpCEIUG8B4mX0HDXBWUMwRyaFjvu3mg8PFlWyITSMHo3dafVjrEtfS-cJY63qKYb5x6kvAZzNWDm0SMJVo_OWxNir0GV4F3uHSJNyM/s1600/ftp1.png" height="452" width="640" /></a></div>
<div abp="367">
<div abp="1327">
Confirmation - click <strong abp="368">Install</strong></div>
</div>
<div abp="369">
<div abp="1330">
<strong abp="370"></strong> </div>
</div>
<div abp="371">
<div abp="1333">
<span abp="372" style="font-size: large;"><strong abp="1335">2. Create FTP users and Groups</strong></span></div>
</div>
<div abp="373">
<div abp="1337">
In active directory create your FTP users for example:</div>
</div>
<div abp="374">
<div abp="1339">
<strong abp="1340">FTPuser1</strong></div>
</div>
<div abp="375">
<div abp="1342">
<strong abp="1343">FTPuser2</strong></div>
</div>
<div abp="376">
<div abp="1345">
<strong abp="1346">FTPuser3</strong></div>
</div>
<div abp="377">
<div abp="1348">
</div>
</div>
<div abp="378">
<div abp="1350">
And create FTP users security group:</div>
</div>
<div abp="379">
<div abp="1352">
<strong abp="1353">FTP Users</strong></div>
</div>
<div abp="380">
<div abp="1355">
</div>
</div>
<div abp="381">
<div abp="1357">
Add all ftp users to the membership of "<strong abp="1358">FTP Users</strong>" group.</div>
</div>
<div abp="382">
<div abp="1360">
</div>
</div>
<div abp="383">
<div abp="1362">
<span abp="384" style="font-size: large;"><strong abp="1364">3. Create folders and assign permissions</strong></span></div>
</div>
<div abp="385">
<div abp="1366">
Prepare folder structure on your preferred location. In this example we will be using Fileserver as FTP root so users can access ftp folders directly via file share while they are connected to company network.</div>
</div>
<div abp="388">
<div abp="1368">
</div>
</div>
<div abp="389">
<div abp="1370">
Share a folder on Fileserver</div>
</div>
<div abp="390">
<div abp="1372">
<a abp="391" href="file://fileserver/FTProot/">\\Fileserver\FTProot\</a></div>
</div>
<div abp="392">
<div abp="1375">
Set sharing permissions for group "<strong abp="393">FTP Users</strong>" to <strong abp="394">Full Control.</strong></div>
</div>
<div abp="395">
<div abp="1379">
Set NTFS permissions (security tab) for "<strong abp="396">FTP Users</strong>" group to <strong abp="397">List folder contents.</strong></div>
</div>
<div abp="398">
<div abp="1383">
</div>
</div>
<div abp="399">
<div abp="1385">
Next we will create home folder for every user group that needs to be isolated.</div>
</div>
<div abp="400">
<div abp="1387">
For example users FTPuser1 and FTPuser2 will share same home folder, because they are colleagues and are working with the same data and FTPuser3 is from another department, so he will have separate home folder.</div>
</div>
<div abp="401">
<div abp="1389">
</div>
</div>
<div abp="402">
<div abp="1391">
<a abp="403" href="file://fileserver/FTProot/Home1">\\Fileserver\FTProot\Home1</a></div>
</div>
<div abp="404">
<div abp="1394">
Add security permissions for users FTPuser1 and FTPuser2 and set them to <strong abp="405">Modify</strong></div>
</div>
<div abp="406">
<div abp="1397">
</div>
</div>
<div abp="407">
<div abp="1399">
<a abp="408" href="file://fileserver/FTProot/Home2">\\Fileserver\FTProot\Home2</a></div>
</div>
<div abp="409">
<div abp="1402">
Add security permissions for user FTPuser3 and set them to <strong abp="410">Modify</strong></div>
</div>
<div abp="411">
<div abp="1405">
</div>
</div>
<div abp="412">
<div abp="1407">
<span abp="413" style="font-size: large;">4. Configure IIS</span></div>
</div>
<div abp="414">
<div abp="1410">
Open IIS Manager in Control Panel->Administrative Tools->Internet Information Services (IIS) Manager</div>
</div>
<div abp="416">
<div abp="1412">
</div>
</div>
<div abp="417">
<div abp="1414">
In IIS Manager expand your server, right click <strong abp="418">Sites</strong> and choose <strong abp="419">Add FTP Site...</strong></div>
</div>
<div abp="420">
<div abp="1418">
Enter <strong abp="421">site name</strong>: myFTP</div>
</div>
<div abp="422">
<div abp="1421">
<strong abp="423">Physical path</strong>: <a abp="424" href="file://fileserver/FTProot">\</a><u abp="425"><a abp="426" href="file://fileserver/FTProot"><a abp="427" href="file://fileserver/FTProot"><a abp="428" href="https://www.blogger.com/null"></a><span abp="429" style="color: #0066cc;"><a abp="430" href="file://fileserver/FTProot"><a abp="431" href="file://fileserver/FTProot"></a><a abp="432" href="https://www.blogger.com/null"><a abp="433" href="file://fileserver/FTProot"></a><a abp="434" href="file://fileserver/FTProot"><a abp="435" href="file://fileserver/FTProot">\Fileserver\FTProot</a></a></a></a></span></a></a></u></div>
</div>
<div abp="436">
<div abp="1436">
</div>
</div>
<div abp="437">
<div abp="1438">
If you want to run FTPS select <strong abp="438">Require SSL</strong> and select your SSL Certificate, otherwise select <strong abp="439">No SSL</strong>.</div>
</div>
<div abp="440">
<div abp="1442">
</div>
</div>
<div abp="516" class="separator" style="clear: both; text-align: center;">
<a abp="517" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhORdnfVPEUxzYbGVVniBY6siPaNmaOSZDkObRMbqdTuaHcnt3tnjRi_41LAnnGQqdKqpQIviiqd2EeLlm08e2tFRJUKZ75EZGi-A-qeiSC0E1em4aQY1cmj12o9nCIBfnA7bQk5FCelcw/s1600/ftp2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="518" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhORdnfVPEUxzYbGVVniBY6siPaNmaOSZDkObRMbqdTuaHcnt3tnjRi_41LAnnGQqdKqpQIviiqd2EeLlm08e2tFRJUKZ75EZGi-A-qeiSC0E1em4aQY1cmj12o9nCIBfnA7bQk5FCelcw/s1600/ftp2.png" height="483" width="640" /></a></div>
<div abp="441">
<div abp="1447">
</div>
</div>
<div abp="441">
<div abp="1449">
Authentication:</div>
</div>
<div abp="442">
<div abp="1451">
<strong abp="502">Basic</strong></div>
</div>
<div abp="442">
<div abp="1454">
Auhorization:</div>
</div>
<div abp="444">
<div abp="1456">
Select <strong abp="445">Specified roles or user groups </strong>from drop-down menu.</div>
</div>
<div abp="446">
<div abp="1459">
Type <strong abp="447">FTP Users.</strong></div>
</div>
<div abp="448">
<div abp="1462">
Select <strong abp="449">Read</strong> and <strong abp="450">Write </strong>checkboxes.</div>
</div>
<div abp="451" class="separator" style="clear: both; text-align: center;">
<a abp="452" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3T8wzsBiXFJu2cEGOdawFD20V2ig2jxUQk6sz8rTdDV2txZS_aCmsxvthqtU-qcQuQWU2mZKRQEnyU74B-c4kSkbe6epl_Xxb8aBWkGjTzEiMy8ZfGDFcJBrzb1Z3YgIUEkP1pzi3hyphenhyphenw/s1600/ftp3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="453" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi3T8wzsBiXFJu2cEGOdawFD20V2ig2jxUQk6sz8rTdDV2txZS_aCmsxvthqtU-qcQuQWU2mZKRQEnyU74B-c4kSkbe6epl_Xxb8aBWkGjTzEiMy8ZfGDFcJBrzb1Z3YgIUEkP1pzi3hyphenhyphenw/s1600/ftp3.png" height="484" width="640" /></a></div>
<div abp="454">
<div abp="1469">
Click <strong abp="456">Finish</strong>.</div>
</div>
<div abp="457">
<div abp="1472">
</div>
</div>
<div abp="458">
<div abp="1474">
Next configure <strong abp="519">FTP User Isolation.</strong></div>
</div>
<div abp="458">
<div abp="1477">
Under <strong abp="520">myFTP </strong>site open <strong abp="521">FTP User Isolation.</strong></div>
</div>
<div abp="458">
<div abp="1481">
Select <strong abp="522">Isolate users. Restrict users to the following directory:</strong></div>
</div>
<div abp="458">
<div abp="1484">
<strong abp="1485">FTP home directory configured in Active Directory</strong></div>
</div>
<div abp="458">
<div abp="1487">
and enter credentials of user that has access to read AD properties.</div>
</div>
<div abp="523" class="separator" style="clear: both; text-align: center;">
<a abp="524" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxRGQ341vi7Zei4YqC2FFNERip4scEHy6hGrxHoAMEqpBCYkByCQbhol4F5j2qcG7p68UytmmpJO2K4elDnqWceTLUgI_1w1lbqQBs5i6s4gXWdgdNq-aWUUGzgirGDNP76lmnUzi0P5w/s1600/ftp4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="525" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxRGQ341vi7Zei4YqC2FFNERip4scEHy6hGrxHoAMEqpBCYkByCQbhol4F5j2qcG7p68UytmmpJO2K4elDnqWceTLUgI_1w1lbqQBs5i6s4gXWdgdNq-aWUUGzgirGDNP76lmnUzi0P5w/s1600/ftp4.png" height="362" width="640" /></a></div>
<div abp="458">
<div abp="1492">
</div>
</div>
<div abp="460">
<div abp="1494">
<span abp="461" style="font-size: large;">5. Configure user AD properties</span></div>
</div>
<div abp="462">
<div abp="1497">
<span abp="463" style="font-size: large;"></span>Open <strong abp="550">Active Directory Users and Computers</strong> (ADUC) and modify properties for your FTPusers.</div>
</div>
<div abp="462">
<div abp="1501">
To be able to modify attributes, first in <strong abp="551">ADUC</strong> select <strong abp="552">View</strong> and turn on <strong abp="553">Advanced Features</strong>.</div>
</div>
<div abp="462">
<div abp="1506">
Now you should see <strong abp="554">Attribute Editor</strong> tab in user properties.</div>
</div>
<div abp="462">
<div abp="1509">
Configure AD properties as follows:</div>
</div>
<div abp="462">
<div abp="1511">
</div>
</div>
<div abp="462">
<div abp="1513">
<strong abp="555">FTPuser1</strong></div>
</div>
<div abp="462">
<div abp="1516">
msIIS-FTPDir: \Home1</div>
</div>
<div abp="462">
<div abp="1518">
msIIS-FTPRoot: <a abp="556" href="file://fileserver/FTProot/">\\Fileserver\FTProot\</a></div>
</div>
<div abp="462">
<div abp="1521">
</div>
</div>
<div abp="462">
<div abp="1523">
<strong abp="557">FTPuser2</strong></div>
</div>
<div abp="558">
<div abp="1526">
msIIS-FTPDir: \Home1</div>
</div>
<div abp="559">
<div abp="1528">
msIIS-FTPRoot: <a abp="560" href="file://fileserver/FTProot/">\\Fileserver\FTProot\</a></div>
</div>
<div abp="462">
<div abp="1531">
</div>
</div>
<div abp="462">
<div abp="1533">
<strong abp="561">FTPuser3</strong></div>
</div>
<div abp="562">
<div abp="1536">
msIIS-FTPDir: \Home2</div>
</div>
<div abp="563">
<div abp="1538">
msIIS-FTPRoot: <a abp="564" href="file://fileserver/FTProot/">\\Fileserver\FTProot\</a></div>
</div>
<div abp="565" class="separator" style="clear: both; text-align: center;">
<a abp="566" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFu8QMmURL1KfN__IEk-MOksFgb3vuWnW5kcEUpb7d7YFpos3IzowU-6T9ndEhMhn7fD0SGQIY7A39XuctuiQx2MJO0JjFnNM8mMdNfmzHzTWBjIwwSLjSNWz-BYxeZXNNzyV81ppNDKw/s1600/ftp5.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="567" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFu8QMmURL1KfN__IEk-MOksFgb3vuWnW5kcEUpb7d7YFpos3IzowU-6T9ndEhMhn7fD0SGQIY7A39XuctuiQx2MJO0JjFnNM8mMdNfmzHzTWBjIwwSLjSNWz-BYxeZXNNzyV81ppNDKw/s1600/ftp5.png" /></a></div>
<div abp="462">
<div abp="1544">
</div>
</div>
<div abp="464">
<div abp="1546">
<span abp="465" style="font-size: large;">6. Login</span></div>
</div>
<div abp="464">
<div abp="1549">
For testing login we will use FileZilla FTP client.</div>
</div>
<div abp="464">
<div abp="1551">
Configure connection as follows.</div>
</div>
<div abp="464">
<div abp="1553">
<strong abp="591">Host</strong>: address of your FTP server</div>
</div>
<div abp="464">
<div abp="1556">
<strong abp="1557">Protocol</strong>: FTP File Transfer Protocol</div>
</div>
<div abp="464">
<div abp="1559">
<strong abp="1560">Port</strong>: 21</div>
</div>
<div abp="464">
<div abp="1562">
<strong abp="592">Encryption</strong>: if your FTP requires SSL select <strong abp="593">Require explicit FTP over TLS</strong>, otherwise select <strong abp="594">Only use plain FTP (insecure)</strong></div>
</div>
<div abp="464">
<div abp="1567">
<strong abp="595">Logon type</strong>: Ask for password</div>
</div>
<div abp="464">
<div abp="1570">
<strong abp="1571">User</strong>: FTPuser1</div>
</div>
<div abp="464">
<div abp="1573">
</div>
</div>
<div abp="464">
<div abp="1575">
Click <strong abp="596">Connect</strong>, enter your password and click <strong abp="597">OK</strong>.</div>
</div>
<div abp="464">
<div abp="1579">
</div>
</div>
<div abp="598" class="separator" style="clear: both; text-align: center;">
<a abp="599" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9OBCFna8D0Q5paAXHXv9cIm0ypkyEGfE8-RtxFy6O4EKubXUOte8NYoew6B4IAzh9B7jefBuAe9K6xEHelCaYrfUv_8r13FWUY-II9Y8V3JtQT9GhqBqNxqz-Y1qZa9ShkthvVs1V8F0/s1600/ftp6.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="600" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg9OBCFna8D0Q5paAXHXv9cIm0ypkyEGfE8-RtxFy6O4EKubXUOte8NYoew6B4IAzh9B7jefBuAe9K6xEHelCaYrfUv_8r13FWUY-II9Y8V3JtQT9GhqBqNxqz-Y1qZa9ShkthvVs1V8F0/s1600/ftp6.png" /></a></div>
<div abp="464">
<div abp="1584">
</div>
</div>
<div abp="464">
<div abp="1586">
<span abp="1587" style="font-size: large;">7. Conclusion</span></div>
</div>
<div abp="464">
<div abp="1589">
<span abp="1590" style="font-size: small;">If everything went to plan users FTPuser1 and FTPuser2 should login to <a abp="403" href="file://fileserver/FTProot/Home1">\\Fileserver\FTProot\Home1</a> folder and user FTPuser3 should login to <a abp="1592" href="file://fileserver/FTProot/Home2">\\Fileserver\FTProot\Home2</a>.</span></div>
</div>
<div abp="464">
<div abp="1594">
</div>
<div abp="1594">
Next - <a abp="1675" href="http://itowns.blogspot.com/2015/01/publishing-ftps-on-tmg-2010.html">Publishing FTPS on TMG 2010</a>. </div>
</div>
<div abp="464">
<div abp="1596">
</div>
</div>
<div abp="464">
<div abp="1598">
Links:</div>
</div>
<div abp="464">
<div abp="1600">
<a abp="1601" href="https://social.technet.microsoft.com/Forums/windowsserver/en-US/0f499dee-19ca-495b-92ab-295caaf26d6d/help-needed-about-ftp-home-directory-configured-in-active-directory-?forum=winserverNIS">https://social.technet.microsoft.com/Forums/windowsserver/en-US/0f499dee-19ca-495b-92ab-295caaf26d6d/help-needed-about-ftp-home-directory-configured-in-active-directory-?forum=winserverNIS</a></div>
</div>
<div abp="464">
<div abp="1603">
<a abp="1604" href="https://technet.microsoft.com/en-us/library/hh831655.aspx">https://technet.microsoft.com/en-us/library/hh831655.aspx</a></div>
</div>
<div abp="464">
<div abp="1606">
<a abp="1607" href="http://winscp.net/eng/docs/guide_windows_ftps_server">http://winscp.net/eng/docs/guide_windows_ftps_server</a></div>
</div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com3tag:blogger.com,1999:blog-6705827636155762044.post-77491583194931855492014-12-30T10:44:00.003+02:002014-12-30T10:55:38.487+02:00Check Microsoft Office 2010/2013 activation type and status. Change from MAK to KMS (or from KMS to MAK). Troubleshoot KMS activation.<div abp="16">
<div abp="794">
<div abp="794">
<div abp="1317">
<strong abp="795"><span abp="796" style="font-size: large;">To check if your office is activated with MAK or KMS key:</span></strong></div>
</div>
</div>
</div>
<div abp="17">
<div abp="798">
<div abp="799">
<div abp="1323">
</div>
</div>
</div>
</div>
<div abp="18">
<div abp="800">
<div abp="802">
<div abp="1327">
1. Launch CMD as administrator</div>
</div>
</div>
</div>
<div abp="19">
<div abp="802">
<div abp="805">
<div abp="1331">
</div>
</div>
</div>
</div>
<div abp="19">
<div abp="804">
<div abp="808">
<div abp="1335">
2. In command prompt navigate to Office installation folder: </div>
</div>
</div>
</div>
<div abp="19">
<div abp="806">
<div abp="811">
<div abp="1339">
Office 2010: C:\Program Files (x86)\Microsoft Office\Office14</div>
</div>
</div>
</div>
<div abp="21">
<div abp="808">
<div abp="814">
<div abp="1343">
Office 2013: C:\Program Files (x86)\Microsoft Office\Office15</div>
</div>
</div>
</div>
<div abp="22">
<div abp="810">
<div abp="817">
<div abp="1347">
Office 2010 x32: C:\Program Files\Microsoft Office\Office14</div>
</div>
</div>
</div>
<div abp="23">
<div abp="812">
<div abp="820">
<div abp="1351">
Office 2013 x64: C:\Program Files\Microsoft Office\Office15</div>
</div>
</div>
</div>
<div abp="24">
<div abp="814">
<div abp="823">
<div abp="1355">
</div>
</div>
</div>
</div>
<div abp="24">
<div abp="816">
<div abp="826">
<div abp="1359">
3. In the command prompt type "<strong abp="817">cscript ospp.vbs /dstatus</strong>" (without quotes) and press enter</div>
</div>
</div>
</div>
<div abp="26">
<div abp="819">
<div abp="830">
<div abp="1364">
</div>
</div>
</div>
</div>
<div abp="26">
<div abp="821">
<div abp="833">
<div abp="1368">
4. You can identify license type from "LICENSE NAME" and activation status from "LICENSE STATUS"</div>
</div>
</div>
</div>
<div abp="27">
<div abp="823">
<div abp="836">
<div abp="1372">
example of MAK activated Office 2013:</div>
</div>
</div>
</div>
<div abp="129" class="separator" style="clear: both; text-align: center;">
<a abp="130" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG8UYalX1oVQNvJ6v8PXMU-PuFvnxGTAYmadrxEexWVtKWckdMNDquYWEzlXmxeEkVaYFqNmU1TlyHzHyCD93ENxGHHUKT-7raI86pQs1s58Qptl1Jtx8RDs2O3o6dDzM_16476sOIg0/s1600/office+2013+mak+activation.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="131" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjG8UYalX1oVQNvJ6v8PXMU-PuFvnxGTAYmadrxEexWVtKWckdMNDquYWEzlXmxeEkVaYFqNmU1TlyHzHyCD93ENxGHHUKT-7raI86pQs1s58Qptl1Jtx8RDs2O3o6dDzM_16476sOIg0/s1600/office+2013+mak+activation.png" height="162" width="320" /></a></div>
<div abp="827">
<div abp="841">
<div abp="1378">
example of KMS activated Office 2010:</div>
</div>
</div>
<div abp="190" class="separator" style="clear: both; text-align: center;">
<a abp="191" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTzQefulGT3M7lr_bdvD3Hm25H3HrJ2xEBGW7ixZvfL_by0va2tR-1TMuEYd70CM3NwpSQPdkYFCFte02BuxS0MDHYMiv5kKGrPpM9O_JjOXBtZuZuEX8telHiP9FkZNyqsBgtX70VZyA/s1600/office+2010+KMS+activation.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img abp="192" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTzQefulGT3M7lr_bdvD3Hm25H3HrJ2xEBGW7ixZvfL_by0va2tR-1TMuEYd70CM3NwpSQPdkYFCFte02BuxS0MDHYMiv5kKGrPpM9O_JjOXBtZuZuEX8telHiP9FkZNyqsBgtX70VZyA/s1600/office+2010+KMS+activation.png" height="131" width="320" /></a></div>
<div abp="28">
<div abp="832">
<div abp="847">
<div abp="1385">
</div>
</div>
</div>
</div>
<div abp="28">
<div abp="834">
<div abp="850">
<div abp="1389">
<strong abp="835"><span abp="836" style="font-size: large;">To change from MAK activation to KMS (or vice versa) - change to appropriate key:</span></strong></div>
</div>
</div>
</div>
<div abp="28">
<div abp="838">
<div abp="855">
<div abp="1395">
</div>
</div>
</div>
</div>
<div abp="28">
<div abp="840">
<div abp="858">
<div abp="1399">
1. Launch CMD as administrator</div>
</div>
</div>
</div>
<div abp="19">
<div abp="842">
<div abp="861">
<div abp="1403">
</div>
</div>
</div>
</div>
<div abp="19">
<div abp="844">
<div abp="864">
<div abp="1407">
2. In command prompt navigate to Office installation folder: </div>
</div>
</div>
</div>
<div abp="19">
<div abp="846">
<div abp="867">
<div abp="1411">
Office 2010: C:\Program Files (x86)\Microsoft Office\Office14</div>
</div>
</div>
</div>
<div abp="21">
<div abp="848">
<div abp="870">
<div abp="1415">
Office 2013: C:\Program Files (x86)\Microsoft Office\Office15</div>
</div>
</div>
</div>
<div abp="22">
<div abp="850">
<div abp="873">
<div abp="1419">
Office 2010 x32: C:\Program Files\Microsoft Office\Office14</div>
</div>
</div>
</div>
<div abp="23">
<div abp="852">
<div abp="876">
<div abp="1423">
Office 2013 x64: C:\Program Files\Microsoft Office\Office15</div>
</div>
</div>
</div>
<div abp="24">
<div abp="854">
<div abp="879">
<div abp="1427">
</div>
</div>
</div>
</div>
<div abp="24">
<div abp="856">
<div abp="882">
<div abp="1431">
3. Change to KMS key by entering the following command with corresponding KMS keys:</div>
</div>
</div>
</div>
<div abp="24">
<div abp="858">
<div abp="885">
<div abp="1435">
Office 2010 ProPlus: <span abp="514" class="typeditem"><strong abp="860">cscript ospp.vbs /inpkey:VYBBJ-TRJPB-QFQRF-QFT4D-H3GVB</strong></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="862">
<div abp="890">
<div abp="1441">
<span abp="514" class="typeditem">Office 2013 ProPlus: <strong abp="864"><span abp="522" class="typeditem">cscript ospp.vbs /inpkey:</span><span abp="523" align="start" class="typeditem">YC7DK-G2NP3-2QQC3-J6H88-GVGXT</span></strong></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="868">
<div abp="897">
<div abp="1449">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"></span></span> </div>
</div>
</div>
</div>
<div abp="24">
<div abp="872">
<div abp="902">
<div abp="1455">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><strong abp="875">note:</strong> those are KMS keys available <a abp="1145" href="http://technet.microsoft.com/en-us/library/ee624355(office.14).aspx#section2_3">publicly</a>, if you need to change from KMS to MAK, enter your MAK keys instead</span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="877">
<div abp="908">
<div abp="1463">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"></span></span> </div>
</div>
</div>
</div>
<div abp="24">
<div abp="881">
<div abp="913">
<div abp="1469">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem">4. After changing the key you can go ahead and activate office to KMS host by entering command in the cmd: "<span abp="555" class="typeditem"><strong abp="885">cscript ospp.vbs /act</strong>" (without quotes).</span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="887">
<div abp="920">
<div abp="1477">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"></span></span></span> </div>
</div>
</div>
</div>
<div abp="24">
<div abp="892">
<div abp="926">
<div abp="1484">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><strong abp="896"><span abp="897" style="font-size: large;">If KMS activation fails you can check the following:</span></strong></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="899">
<div abp="934">
<div abp="1493">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"></span></span></span> </div>
</div>
</div>
</div>
<div abp="24">
<div abp="904">
<div abp="940">
<div abp="1500">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem">1. See if the right KMS host resolves from DNS:</span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="909">
<div abp="946">
<div abp="1507">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem">In the command prompt run "<strong abp="913">nslookup -type=srv _vlmcs._tcp</strong>" (without quotes),</span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="915">
<div abp="953">
<div abp="1515">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem">you should see something like this:</span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="920">
<div abp="959">
<div abp="1522">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><strong abp="924">_vlmcs._tcp.pzu.lt SRV service location:<br abp="925" /> priority = 0<br abp="926" /> weight = 0<br abp="927" /> port = 1688<br abp="928" /> svr hostname = </strong><strong abp="929">kms-host.company.com</strong><strong abp="930"></strong><br abp="931" /><strong abp="932">kms-host.company.com internet address = 192.168.1.17</strong></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="934">
<div abp="974">
<div abp="1538">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"></span></span></span> </div>
</div>
</div>
</div>
<div abp="24">
<div abp="939">
<div abp="980">
<div abp="1545">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem">2. If you see correct host, check if you can access it on port 1688:</span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="944">
<div abp="986">
<div abp="1552">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem">in the command prompt type "<strong abp="948">telnet kms-host.company.com 1688</strong>"</span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="950">
<div abp="993">
<div abp="1560">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem">If connection is successful you will see black window, if it's not successful you will receive message:</span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="955">
<div abp="999">
<div abp="1567">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><em abp="959">Connecting To kms-host.company.com...Could not open connection to the host, on port 1688:<br abp="960" />Connect failed</em></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="962">
<div abp="1007">
<div abp="1576">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="966" style="font-size: large;"></span></span></span></span> </div>
</div>
</div>
</div>
<div abp="24">
<div abp="968">
<div abp="1014">
<div abp="1584">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem">3. If you see incorrect host, you should resolve problems in your infrastructure (deactivate wrong KMS hosts and delete entries from your DNS server). Meanwhile you can specify KMS host to activate to manually by running the following command "</span></span></span><span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><strong abp="976">cscript ospp.vbs /sethst:</strong><strong abp="977">kms-host.company.com</strong><strong abp="978"></strong>" (without quotes)</span></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="980">
<div abp="1027">
<div abp="1598">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem">and activate afterwards with the command "<span abp="555" class="typeditem"><strong abp="986">cscript ospp.vbs /act</strong>" (without quotes).</span></span></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="988">
<div abp="1036">
<div abp="1608">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><span abp="555" class="typeditem"></span></span></span></span></span> </div>
</div>
</div>
</div>
<div abp="24">
<div abp="995">
<div abp="1044">
<div abp="1617">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><span abp="555" class="typeditem"><strong abp="1001">Links:</strong></span></span></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="1003">
<div abp="1053">
<div abp="1627">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><span abp="555" class="typeditem">MAK to KMS - <a abp="1009" href="http://www.it.cornell.edu/services/software_licensing/howto/kms-from-mak.cfm">http://www.it.cornell.edu/services/software_licensing/howto/kms-from-mak.cfm</a></span></span></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="1011">
<div abp="1062">
<div abp="1637">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><span abp="555" class="typeditem">Discovering and fixing unauthorized KMS hosts - <a abp="1017" href="http://blogs.technet.com/b/odsupport/archive/2011/11/14/how-to-discover-kms-hosts-via-a-dns-query-and-remove-them-if-need-be.aspx">http://blogs.technet.com/b/odsupport/archive/2011/11/14/how-to-discover-kms-hosts-via-a-dns-query-and-remove-them-if-need-be.aspx</a></span></span></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="1019">
<div abp="1071">
<div abp="1647">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><span abp="555" class="typeditem"></span></span></span></span></span>Check activation type and status of office 2010 - <span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><span abp="555" class="typeditem"><a abp="1030" href="http://blogs.technet.com/b/odsupport/archive/2010/08/11/how-to-check-the-activation-type-and-status-of-office-2010-installations.aspx">http://blogs.technet.com/b/odsupport/archive/2010/08/11/how-to-check-the-activation-type-and-status-of-office-2010-installations.aspx</a></span></span></span></span></span></div>
</div>
</div>
</div>
<div abp="24">
<div abp="1032">
<div abp="1085">
<div abp="1662">
<span abp="514" class="typeditem"><span abp="523" align="start" class="typeditem"><span abp="555" class="typeditem"><span abp="538" class="typeditem"><span abp="555" class="typeditem">KMS to MAK in office GUI - <a abp="1038" href="https://kb.wisc.edu/page.php?id=13970">https://kb.wisc.edu/page.php?id=13970</a></span></span></span></span></span></div>
</div>
<div abp="1085">
<div abp="1670">
KMS client keys Office 2010 - <a abp="1671" href="http://technet.microsoft.com/en-us/library/ee624355(office.14).aspx#section2_3">http://technet.microsoft.com/en-us/library/ee624355(office.14).aspx#section2_3</a></div>
</div>
<div abp="1085">
<div abp="1673">
KMS client keys Office 2013 - <a abp="1674" href="http://technet.microsoft.com/en-us/library/dn385360(v=office.15).aspx">http://technet.microsoft.com/en-us/library/dn385360(v=office.15).aspx</a></div>
</div>
</div>
</div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com4tag:blogger.com,1999:blog-6705827636155762044.post-44552722876462094952014-12-16T10:30:00.000+02:002014-12-16T10:30:04.174+02:00Website publishing on TMG 2010. HTTP to HTTPS and domain.com to www.domain.com redirect with response code 301 (for search engine optimization and pageRank).Consider the following scenario:<br />
You need to publish a new secure website and to avoid situations where users can't access your site because they do not know the difference between http vs. https nor <a href="http://www.company.com/">www.company.com</a> vs. company.com <br />
<br />
For this we will need to setup some redirection rules.<br />
<br />
There are few ways you can do that via TMG, but it will result in 302 redirects which you want to avoid and instead use 301 response code for redirection (so I've been told by SEO guys).<br />
<br />
So our goal is to configure IIS/TMG to redirect the following addresses with response code 301:<br />
<a href="http://company.com/">http://company.com</a><br />
<a href="https://company.com/">https://company.com</a><br />
<a href="http://www.company.com/">http://www.company.com</a><br />
<br />
to <a href="https://www.company.com/">https://www.company.com</a><br />
<br />
<strong>First step - configuring IIS applications.</strong><br />
<br />
For this to work we will need two IIS applications. One for redirects and another one - the actual application.<br />
For your <em>actual</em> application in IIS assign binding address: <a href="https://www.company.com/">https://www.company.com</a><br />
For redirection application assign bindings for addresses: <a href="http://company.com/">http://company.com</a>, <a href="https://company.com/">https://company.com</a> and <a href="http://www.company.com/">http://www.company.com</a><br />
And enable HTTP redirect to <a href="https://www.company.com/">https://www.company.com</a> with status code: Permanent (301).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFE0QFjGKkmwUOU32XymLsf3AwdYualVIRZ_pYCwU_92CPy3y127ZnnhrAJDS-MBXz46imH4AY_Wpdbi6xVHWEETYmEYRBb7L74gaDrKxc8KNJIbZkOtZQipqG6Yl6DDqHMChHXbbYaVs/s1600/iis301.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFE0QFjGKkmwUOU32XymLsf3AwdYualVIRZ_pYCwU_92CPy3y127ZnnhrAJDS-MBXz46imH4AY_Wpdbi6xVHWEETYmEYRBb7L74gaDrKxc8KNJIbZkOtZQipqG6Yl6DDqHMChHXbbYaVs/s1600/iis301.png" height="170" width="320" /></a></div>
<div align="left" class="separator" style="clear: both; text-align: center;">
</div>
<strong>Second step - TMG rules.</strong><br />
We will need two TMG rules with common weblistener.<br />
<br />
Connections tab:<br />
Enable HTTP connections<br />
Enable SSL (HTTPS) connections<br />
Do not redirect traffic from HTTP to HTTPS<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGMJlkr5t_QhqlutvXjZ0QYsQ1e8N-BPSN3Wsl2bSSQuHyXQYTdfqWf5S8kP-3D82arKzMIwp7DzdZooNmp24uQWdf_ZMPbiaXyKFJzs77I2w9veX9hE2KKaeGjM1B6OXWged8eOivjhM/s1600/tmg+web+listener.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGMJlkr5t_QhqlutvXjZ0QYsQ1e8N-BPSN3Wsl2bSSQuHyXQYTdfqWf5S8kP-3D82arKzMIwp7DzdZooNmp24uQWdf_ZMPbiaXyKFJzs77I2w9veX9hE2KKaeGjM1B6OXWged8eOivjhM/s1600/tmg+web+listener.png" height="320" width="279" /></a></div>
First publishing rule for <a href="http://www.company.com/">www.company.com</a> (make sure it is above second rule)Bridging tab:<br />
Redirect requests to HTTP<br />
Redirect requests to SSL<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg1gLTVqICptbks3Jb4sbS4OGOzGfEWDqDB0Flfmer0Xw0f3WO7lltIhbsboQ3MbhuuxJCgRLEkX6h4g5WnsRHw0c4NVHZAg4LvBVN_DzlJDgCPIwa_8AWjlJXzdDEl7LcPTkTnCbia3k/s1600/tmg+bridging2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgg1gLTVqICptbks3Jb4sbS4OGOzGfEWDqDB0Flfmer0Xw0f3WO7lltIhbsboQ3MbhuuxJCgRLEkX6h4g5WnsRHw0c4NVHZAg4LvBVN_DzlJDgCPIwa_8AWjlJXzdDEl7LcPTkTnCbia3k/s1600/tmg+bridging2.png" height="320" width="267" /></a></div>
<br />
Public name: <a href="http://www.company.com/">www.company.com</a><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQzoVbhs30Wzckdchxhufw1JDglBU0bGeEkmquSqFlsVvkpTPcIxcd0YihIYi0kxEFGlmvr5eDswvaXpdzSx9GauiPzWJlGmiiUd6rKmTauA6HidyJR0tccxI_6xC5Wjag_J3Bovx5th8/s1600/tmg+publicname.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQzoVbhs30Wzckdchxhufw1JDglBU0bGeEkmquSqFlsVvkpTPcIxcd0YihIYi0kxEFGlmvr5eDswvaXpdzSx9GauiPzWJlGmiiUd6rKmTauA6HidyJR0tccxI_6xC5Wjag_J3Bovx5th8/s1600/tmg+publicname.png" height="320" width="269" /></a></div>
<br />
Second rule for company.com (make sure it is below first rule).<br />
Settings are identical to first rule, except for public name you specify domain company.com<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAoK42eUk0xPU0yYWIarOL_skcXlN6W2CLdPXCyThrLTvSO_iffIjCs18oV2VVKKpenPWnsngpL6F-pl2XJUlHUxGTJU9fzXJV1KvmoxROCxGbcxEtf2kHAzLw3KdnqkaqrUD5Zxijlgo/s1600/tmg+publicname2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAoK42eUk0xPU0yYWIarOL_skcXlN6W2CLdPXCyThrLTvSO_iffIjCs18oV2VVKKpenPWnsngpL6F-pl2XJUlHUxGTJU9fzXJV1KvmoxROCxGbcxEtf2kHAzLw3KdnqkaqrUD5Zxijlgo/s1600/tmg+publicname2.png" height="320" width="268" /></a></div>
After that any of the four addresses <br />
<a href="http://company.com/">http://company.com</a><br />
<a href="https://company.com/">https://company.com</a><br />
<a href="http://www.company.com/">http://www.company.com</a><br />
<a href="https://www.company.com/">https://www.company.com</a><br />
should result in <a href="https://www.company.com/">https://www.company.com</a> <br />
<br />
Links:<br />
How to Allow HTTP 301 through ISA Server 2006 - <a href="http://blogs.technet.com/b/isablog/archive/2009/03/05/how-to-allow-http-301-through-isa-server-2006.aspx">http://blogs.technet.com/b/isablog/archive/2009/03/05/how-to-allow-http-301-through-isa-server-2006.aspx</a><br />
Test your redirect method - <a href="http://www.redirect-checker.org/">http://www.redirect-checker.org/</a>Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com1tag:blogger.com,1999:blog-6705827636155762044.post-79605999894249010512013-05-23T22:15:00.000+03:002013-05-23T22:15:59.862+03:00Server 2012 RDS. How to create .rdp shortcut for RemoteApp.It seems that RDS in server 2012 won't let you create .rdp shortcuts for remote applications. <br />
<br />
The easiest workaround I found so far is to login to your RD Web Access via Firefox and click on RemoteApp, firefox then asks if you want to open the file or save it.<br />
Of course we want to save it :) so do just that.<br />
Here you go an .rdp shortcut for your RemoteApp.Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com8tag:blogger.com,1999:blog-6705827636155762044.post-40999726708066817152013-03-18T11:26:00.003+02:002013-03-18T12:19:18.966+02:00Exchange 2010 - This attachment was removed.Hello,<br />
recently I've encountered a problem where .pdf attachments were being stripped for particular sender emails.<br />
<br />
I had had no .pdf file name, file extension or MIME type listed in my <b>Attachment Filtering Agent</b> so it was a mystery.<br />
You can check the config with command on the edge server:<br />
<br />
<ul class="message">
<li class="message " id="b6566209-23e7-4772-856b-864c588164df"><div class="container">
<div class="body">
<b><i>Get-AttachmentFilterEntry |fl</i></b></div>
</div>
</li>
</ul>
You can also disable <b>Attachment Filtering Agent</b> for testing purposes using following command:<br />
<b><i>Disable-TransportAgent -Identity "Attachment Filtering agent"</i></b><br />
<b><i><br /></i></b>
After you confirmed that the problem is due to this agent you can re-enable it:<br />
<b><i>Enable-TransportAgent -Identity "Attachment Filtering agent"</i></b><br />
<br />
At this point it was clear that <b>Attachment Filtering Agent</b> was stripping those particular .pdf files created by that specific sender and letting all other .pdf attachments through.<br />
<br />
After posting my problem on technet forums it appears that for some reason <b>Attachment Filtering Agent</b> was recognizing those .pdf files as "invalid attachment".<br />
<br />
To workaround this you have to do the following:<br />
<br />
<b>1</b>.Stop the Microsoft Exchange Transport service.<br />
<b>2</b>.Locate the EdgeTransport.exe.config file. This file is located in the following path: drive:\Program Files\Microsoft\Exchange Server\Bin\<br />
<b>3</b>.Add the following entry between the <appsettings> element and the </appsettings> element of the EdgeTransport.exe.config file <b><i><add key="AllowInvalidAttachment" value="true"></add></i></b><br />
<b>4</b>.Restart the Microsoft Exchange Transport service<br />
<br />
Links:<br />
<a href="http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/8c35b394-915a-475f-af88-de0a465fb5c8">http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/8c35b394-915a-475f-af88-de0a465fb5c8</a>Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com4tag:blogger.com,1999:blog-6705827636155762044.post-82211475766667088272012-12-06T21:36:00.004+02:002012-12-06T21:36:48.574+02:00Install 7-Zip with all file extension associationsCreate a bat file and use it for installs, code:<br />
<br />
<br />
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
<div style="border: none; font-family: inherit; font-style: inherit; list-style-type: none; margin-bottom: 5px; outline: 0px; padding: 0px;">
msiexec /i 7z920-x64.msi /q</div>
</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
@Echo off</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
Set "cmpn=7z#0 arj#4 bz2#2 bzip2#2 cab#7 cpio#12 deb#11 dmg#17 fat#21 gz#14 gzip#14 hfs#18 iso#8 lha#6 lzh#6 lzma#16 ntfs#22 rar#3 rpm#10 split#9 swm#15 tar#13 taz#5 tbz#2 tbz2#2 tgz#14 tpz#14 vhd#20 wim#15 xar#19 xz#23 z#5 zip#1"</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
For %%I In (%cmpn%) Do For /F "tokens=1* Delims=#" %%a In ("%%I") Do Call :ass_set %%a %%b</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
Exit</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
:ass_set</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
reg add "HKCR\.%1" /ve /t REG_SZ /d "7-Zip.%1" /f>Nul</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
reg add "HKCR\7-Zip.%1" /ve /t REG_SZ /d "%1 Archive" /f>Nul</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
reg add "HKCR\7-Zip.%1\DefaultIcon" /ve /t REG_SZ /d "%PROGRAMFILES%\7-Zip\7z.dll,%2" /f>Nul</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
reg add "HKCR\7-Zip.%1\shell" /ve /t REG_SZ /d "" /f>Nul</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
reg add "HKCR\7-Zip.%1\shell\open" /ve /t REG_SZ /d "" /f>Nul</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
reg add "HKCR\7-Zip.%1\shell\open\command" /ve /t REG_SZ /d "\"%PROGRAMFILES%\7-Zip\7zFM.exe\" \"%%1\"" /f>Nul</div>
<div style="background-color: white; border: 0px; color: #333333; font-family: 'Segoe UI', 'Lucida Grande', Verdana, Arial, Helvetica, sans-serif; font-size: 13px; line-height: 16px; margin: 0px; outline: 0px; padding: 0px;">
GoTo :EOF</div>
<br />
<br />
<br />Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-41534483237096158932012-12-03T19:42:00.000+02:002012-12-03T19:44:22.415+02:00MSCCM 2012 exchange connector error 8801If you see this error in your <b>MSCCM 2012</b> <b>Monitoring</b> workspace, under <b>System Status</b> -> <b>Component Status</b><br />
<br />
<br />
<div style="text-align: center;">
<b>Connection to Exchange server <i>http://exchangeCAS.domain.com/</i>powershell failed. </b></div>
<div style="text-align: center;">
<b>Possible cause: incorrect server address or server address not reachable.</b></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: left;">
And/or receive this alert:</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: center;">
<b>Operation: Mobile device management</b></div>
<div style="text-align: center;">
<b>Type: Exchange Server connector connection failure</b></div>
<div style="text-align: center;">
<b>Description: Generate an alert if the Exchange Server connector on the <i>YourSite</i> site failed to connect to the configured Exchange Server.</b></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: left;">
Try opening URL <i>http://exchangeCAS.domain.com/</i>powershell with the same user you configured for Exchange Connector in MSCCM 2012. If you get:</div>
<div style="text-align: center;">
<b>401 - Unauthorized: Access is denied due to invalid credentials</b></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Open IIS7 manager on your exchange CAS server, expand to site element <b>PowerShell, </b>select it and open <b>Authentication. </b>Enable <b>Windows Authentication </b>and check that it has <b>NTLM</b> in <b>Providers</b> list.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Links:</div>
<div style="text-align: left;">
<a href="http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/c9239a89-fbee-4adc-b72f-7a6a9648331f/">http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/c9239a89-fbee-4adc-b72f-7a6a9648331f/</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com1tag:blogger.com,1999:blog-6705827636155762044.post-5696433833642811202012-11-18T13:23:00.000+02:002016-03-04T11:16:04.087+02:00Configuring auto reply for Public Folder and preventing Mail Loops<b><span style="font-size: large;">System:</span></b><br />
Exchange 2010 SP2<br />
<br />
<b><span style="font-size: large;">Goal:</span></b><br />
Have a public folder which lets your clients know that their message is received and does not reply to NDR or other kinds of automatically generated messages, such as auto replies etc. to prevent mail loops.<br />
Users will send mail to <b>queries@domain.com</b><br />
<br />
<b><span style="font-size: large;">Steps:</span></b><br />
1. Create <b><i>auto-reply</i></b> public folder.<br />
2. Mail enable it.<br />
3. Create Mailbox user which will be responsible for configuring auto-reply on this public folder, you can also assign existing one. I will use a mailbox <b><i>noreply@domain.com</i></b>.<br />
4. Grant your mailbox user "<b>Send-as</b>" permissions on <b><i>auto-reply</i></b> public folder.<br />
5. Make <b><i>noreply@domain.com</i></b> mailbox user <b>Owner</b> of the public folder <b><i>auto-reply</i></b>.<br />
<br />
6. Create public folder which will receive user mail - <b><i>queries</i></b>.<br />
7. On public folder <b><i>queries</i></b> properties enable forwarding of mail copies to <b><i>auto-reply</i></b> public folder.<br />
8. Using <b>Folder Assistant </b>create auto reply rule for <i style="font-weight: bold;">auto-reply </i>public folder which will auto reply to mails sent to <i style="font-weight: bold;">queries@domain.com </i>and then delete the messages.<br />
9. While you're at it also add a rule to delete messages sent to <i style="font-weight: bold;">auto-reply </i>(this prevents the piling of useless messages sent automatically to your a<b><i>uto-reply</i></b> public-folder in cases of NDR's or automatic replies from users).<br />
10. To enable automatic replies for users outside your organization you will need to check the <b>"Allow Automatic Replies"</b> on <b>Remote Domains</b> <b>"Message Format"</b> tab for the <b>Hub Transport</b> role under <b>Organization Configuration</b> in <b>Exchange Management Console.</b><br />
<br />
Links:<br />
<a href="http://www.straightupsearch.com/social-media/technology/oneupweb-how-to-configure-auto-reply-from-a-mail-enabled-public-folder-using-exchange-2010-sp1/comment-page-1/#comment-205863">http://www.straightupsearch.com/social-media/technology/oneupweb-how-to-configure-auto-reply-from-a-mail-enabled-public-folder-using-exchange-2010-sp1/comment-page-1/#comment-205863</a><br />
<a href="http://social.technet.microsoft.com/Forums/en-US/exchangesvrgenerallegacy/thread/48e6ddde-731b-4119-b3ee-412f5f101279">http://social.technet.microsoft.com/Forums/en-US/exchangesvrgenerallegacy/thread/48e6ddde-731b-4119-b3ee-412f5f101279</a>Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com5tag:blogger.com,1999:blog-6705827636155762044.post-81076702798635168972012-10-01T10:46:00.000+03:002012-10-01T10:46:27.255+03:00Auto Reply when email sent to a Distribution Group (Exchange 2010)If you need to auto reply to all messages sent to an <b>Exchange 2010 Distribution Group</b>, you will be disappointed as there is no straightforward way to do that. <div>
<div>
<div>
<br /></div>
<div>
First thing that came to mind was <b>Transport Rules</b>, but there is no "reply" option.</div>
<div>
<br /></div>
<div>
Therefore I had to create an mailbox account, make it a member of <b>Distribution Group</b> and configure reply rule on that mailbox. </div>
<div>
Also for this to work you have to enable "<b>Send out-of-office message to originator</b>" on the <b>Distribution Group</b> properties.</div>
<div>
<br /></div>
<div>
So here is a step by step:</div>
<div>
<br /></div>
<div>
<b>1.</b> Create new mailbox like <i>noreply@domain.com</i></div>
<div>
<b>2.</b> Make it a member of desired <b>Distribution Group</b></div>
<div>
<b>3.</b> In<b> Exchange Management Console</b> open <b>properties</b> of desired <b>Distribution Group</b> and choose <b>Advanced</b> tab. Turn on "<b>Send out-of-office message to originator</b>".</div>
<div>
<b>4.</b> Configure <i>noreply@domain.com</i> exchange account on outlook (because owa won't let you create auto reply rules).</div>
<div>
<b>5.</b> In outlook create a rule:</div>
<div>
<br /></div>
<div>
Apply this rule after the message arrives</div>
<div>
from <span style="color: blue;">people or distribution list</span> (select your distribution group)</div>
<div>
have server reply using <span style="color: blue;">a specific message </span>(create your message "Save & Close" it)</div>
<div>
<b><br /></b></div>
<div>
<b>6. </b>(optional) Create another rule to delete messages delivered to your <i>noreply</i> mailbox, make sure "delete rule" is below "reply rule" or messages will get deleted before reply rule is applied.</div>
<div>
<br /></div>
<div>
You could also <b>Set Automatic Replies</b> in owa for <i>noreply@domain.com</i> mailbox, if you only need auto replies for one <b>Distribution Group. </b>However with the suggested solution above, you can use this mailbox for as many <b>Distribution Groups</b> as you want by creating additional rules specifying different "from <span style="color: blue;">people or distribution list"</span> for each <b>Distribution Group </b>and specifying different message to reply with.</div>
<div>
<br /></div>
<div>
Also have in mind that deleted messages will be moved to "<b>Deleted Items</b>" in <i>noreply@domain.com </i>mailbox, so you will have to do some maintenance or setup a <b>Retention Policy</b>.</div>
</div>
</div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com2tag:blogger.com,1999:blog-6705827636155762044.post-20641329840780323492012-09-24T12:35:00.003+03:002012-09-24T12:35:41.623+03:00Shared folders on windows 7 can't be accessed from windows XP machines<br />
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
I had a problem accessing file shares from windows XP machines, it worked at first, but after some time the following error started to occur:</div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">\\server\folder is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.</em></div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">Not enough server storage is available to process this command.</em></div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Examining Windows 7 computer event logs, I found following error in system logs:</div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;">source: srv</em></div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;">Event ID: 2017</em></div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.</em></div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
This led me to the solution:</div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Open regedit and change the following registry keys:</div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<strong style="line-height: 16pt;">HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\LargeSystemCache </strong></div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Value = <strong style="line-height: 16pt;">1</strong></div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<strong style="line-height: 16pt;">HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\Size</strong></div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Value = <strong style="line-height: 16pt;">3</strong></div>
<div data-mce-style="text-align: left;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Links: <a data-mce-href="http://www.storagecraft.com/support/kb/article/131" href="http://www.storagecraft.com/support/kb/article/131" style="color: #124d87; line-height: 16pt;">http://www.storagecraft.com/support/kb/article/131</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com3tag:blogger.com,1999:blog-6705827636155762044.post-10327246750203320082012-09-24T12:35:00.001+03:002012-09-24T12:35:16.252+03:00Task 'me@emaildomain.com Sending' reported error (0x800CCC78) : 'Unable to send the message. Please verify the e-mail address in your account properties. The server responded: 530 5.7.1 Client was not authenticated'<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
IMAP and POP3 users with outlook 2003 were getting this error when trying to send mail:</div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">Task 'me@emaildomain.com Sending' reported error (0x800CCC78) : 'Unable to send the message. Please verify the e-mail address in your account properties. The server responded: 530 5.7.1 Client was not authenticated'</em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Since they were connecting to exchange 2010 Hub Transport server as their SMTP server, I had to adjust <strong style="line-height: 16pt;">"Authentication"</strong> tab of default receive connector for <strong style="line-height: 16pt;">Client Email</strong>.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
What fixed the problem - unticking <strong style="line-height: 16pt;">"Offer Basic authentication only after starting TLS".</strong></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Other possible causes:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
In outlook account properties <strong style="line-height: 16pt;">Advanced</strong> tab untick <strong style="line-height: 16pt;">"This server requires an encrypted connection (SSL)"</strong></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-61279994639281394662012-09-24T12:34:00.003+03:002012-09-24T12:34:56.849+03:00Configuring Exchange 2010 Autodiscover for internal clients<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Problem - internal exchange clients depending on you environment receive one of the following certificate errors/warnings:</div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate.</em></div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">The security certificate was issued by a company you have not chosen to trust. View the certificate to determine whether you want to trust the certifying authority.</em></div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">The security certificate has expired or is not yet valid.</em></div>
<div data-mce-style="text-align: center;" style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px; text-align: center;">
<em style="border: none; line-height: 16pt;">The name on the security certificate is invalid or does not match the name of the site.</em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
most probably you will be seeing the last error unless you have some self signed certificate in place, this happens because internal exchange server FQDN differs from external FQDN with the latter defined in the trusted certificate you bought.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<strong style="line-height: 16pt;">Solution</strong>:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Change Autodiscover Service Internal Uri to the external FQDN (make sure it resolves to your exchange CAS server or CAS array)</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">Set-ClientAccessServer -Identity </strong><strong style="line-height: 16pt;">CASServer -AutoDiscoverServiceInternalUri</strong><strong style="line-height: 16pt;"> https://email.domain.com/Autodiscover/Autodiscover.xml</strong></em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Now <strong style="line-height: 16pt;">Autodiscover</strong> service for internal clients will work without certificate errors as long as you have valid certificate for your <strong style="line-height: 16pt;">OWA </strong>FQDN.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<strong style="line-height: 16pt;">Links:</strong></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<a data-mce-href="http://www.shudnow.net/2008/11/18/autodiscover-dns-certificates-and-what-you-need-to-know/" href="http://www.shudnow.net/2008/11/18/autodiscover-dns-certificates-and-what-you-need-to-know/" style="color: #124d87; line-height: 16pt;">http://www.shudnow.net/2008/11/18/autodiscover-dns-certificates-and-what-you-need-to-know/</a></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-71028605355372468962012-09-24T12:34:00.001+03:002012-09-24T12:34:37.600+03:00New-EdgeSubscription: You can't use the FileName parameter when running this command.<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
After installing Exchange 2010 Edge role I have tried to create Edge Subscription file and got the following error:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;">[PS] C:\Users\Administrator\Desktop>New-EdgeSubscription -FileName "c:\edgesusbscription.xml"</em><br style="line-height: 16pt;" /><em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">New-EdgeSubscription : You can't use the FileName parameter when running this command inside your Exchange organization</strong></em><br style="line-height: 16pt;" /><em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">.</strong></em><br style="line-height: 16pt;" /><em style="border: none; line-height: 16pt;">At line:1 char:21</em><br style="line-height: 16pt;" /><em style="border: none; line-height: 16pt;">+ New-EdgeSubscription <<<< -FileName "c:\edgesusbscription.xml"</em><br style="line-height: 16pt;" /><em style="border: none; line-height: 16pt;">+ CategoryInfo : InvalidOperation: (:) [New-EdgeSubscription], InvalidOperationException</em><br style="line-height: 16pt;" /><em style="border: none; line-height: 16pt;">+ FullyQualifiedErrorId : 780CD20B,Microsoft.Exchange.Management.SystemConfigurationTasks.NewEdgeSubscription</em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
At first the cause was a mystery to me, but after searching the web I found some clues, reading some posts someone mentioned that they experienced same thing when server was renamed after Edge role installation.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
This gave me an idea what could be a problem in my case. After I installed the server I automatically joined it to the domain and installed Edge, then I came to my senses that it's no good idea to make Edge server part of a domain :) So I removed the server from the domain.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
And that what caused my problems.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
To fix this I had to rejoin the domain and only then I could uninstall Edge role (errors prevented uninstalling it while the environment was different from one I installed on).</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Then I could leave the domain, install Edge role and successfully create Edge Subscription file using <em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">New-EdgeSubscription</strong> cmdlet.</em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Links: <a data-mce-href="http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/d93c06b3-fffb-474c-b352-cdf359b67506/" href="http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/d93c06b3-fffb-474c-b352-cdf359b67506/" style="color: #124d87; line-height: 16pt;">http://social.technet.microsoft.com/Forums/en-US/exchange2010/thread/d93c06b3-fffb-474c-b352-cdf359b67506/</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com3tag:blogger.com,1999:blog-6705827636155762044.post-18443986021974029762012-09-24T12:33:00.005+03:002012-09-24T12:33:46.795+03:00MSCCM 2012 - Fail to create SQL Server Certificate, ConfigMGR installation cannot be completed.<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
If you encounter this error <em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">"Fail to create SQL Server Certificate, ConfigMGR installation cannot be completed."</strong></em> while installing <strong style="line-height: 16pt;">Microsoft System Center Configuration Manager 2012</strong>, and see something similar to this in your installation log:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Failed to get SID for User 'NT SERVICE\</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Try changing the user of <strong style="line-height: 16pt;">SQL SERVER (MSQLSERVER)</strong> service to <strong style="line-height: 16pt;">Local System </strong>for installation purposes.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Links: <a data-mce-href="http://itbl0b.blogspot.com/2011/11/strange-error-while-installing.html" href="http://itbl0b.blogspot.com/2011/11/strange-error-while-installing.html" style="color: #124d87; line-height: 16pt;">http://itbl0b.blogspot.com/2011/11/strange-error-while-installing.html</a></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com1tag:blogger.com,1999:blog-6705827636155762044.post-50364589661382815812012-09-24T12:33:00.003+03:002012-09-24T12:33:23.022+03:00OraClient only administrator can connect to database.<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
I had this situation in RDSH environment.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Application would not connect to oracle database unless the user launching application had administrator rights, or administrator in another session had the application open at the time of regular users were trying to connect.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Solution to this is to grant the regular users "Create Global Objects" right via GPO or Local Security Policy.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
To do this in GPO navigate to:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
Computer Configuration</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
Policies</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
Windows</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
Security Settings</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
Local Policies->User Rights Assignment</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
<br style="line-height: 16pt;" /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
Add the groups of users who need to use the application.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
<br style="line-height: 16pt;" /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
Links:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px;">
<a data-mce-href="http://forums.citrix.com/thread.jspa?threadID=68113" href="http://forums.citrix.com/thread.jspa?threadID=68113" style="color: #124d87; line-height: 16pt;">http://forums.citrix.com/thread.jspa?threadID=68113</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-17595520090444215542012-09-24T12:33:00.001+03:002012-09-24T12:33:00.257+03:00Wordpress Warning: is_dir() [function.is-dir]: open_basedir restriction in effect. File is not within the allowed path(s)<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
wordpress Warning: is_dir() [function.is-dir]: open_basedir restriction in effect. File<em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">(\path\upload\)</strong></em> is not within the allowed path(s)</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
To fix this error in wordpress try change upload folder to default:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Login to wordpress administration</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<strong style="line-height: 16pt;">Settings</strong> -> <strong style="line-height: 16pt;">Miscellaneous</strong> -> <strong style="line-height: 16pt;">Store uploads in this folder:</strong> <strong style="line-height: 16pt;">wp-content/uploads</strong></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Links:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<a data-mce-href="http://wordpress.org/support/topic/open_basedir-restriction-in-effect-1" href="http://wordpress.org/support/topic/open_basedir-restriction-in-effect-1" style="color: #124d87; line-height: 16pt;">http://wordpress.org/support/topic/open_basedir-restriction-in-effect-1</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-717474743856861812012-09-24T12:32:00.003+03:002012-09-24T12:32:37.595+03:00Exchange 2010 change default OU for Mail Contacts.<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
I was not able to find a way to change default OU for <strong style="line-height: 16pt;">Mail Contacts</strong> so I've changed default OU for user objects in AD.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
This is not elegant solution, but in my case it's ok, because all other users are created directly in OU where he belongs and we have no Users Objects created in default users OU in our environment.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
To change default user OU for Active Directory I used this command on domain controller (in cmd):</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<strong style="line-height: 16pt;">ReDirUsr "<em style="border: none; line-height: 16pt;">OU=External Contacts,OU=mycompany,DC=domain,DC=com</em>"</strong></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Your Domain Controller must be at least in 2003 functional level.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Links:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<a data-mce-href="http://www.expta.com/2009/03/changing-default-users-and-computers.html" href="http://www.expta.com/2009/03/changing-default-users-and-computers.html" style="color: #124d87; line-height: 16pt;">http://www.expta.com/2009/03/changing-default-users-and-computers.html</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-51381237096763596502012-09-24T12:32:00.001+03:002012-09-24T12:32:16.083+03:00Exchange 2010 change default OU for Distribution Groups.<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
To change default Organization Unit for newly created Distribution Groups run this cmdlet in Exchange Management Shell:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<strong style="line-height: 16pt;">Set-OrganizationConfig –DistributionGroupDefaultOU "<em style="border: none; line-height: 16pt;">OU=distribution groups, DC=domain,DC=local</em>"</strong></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Links:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<a data-mce-href="http://www.howexchangeworks.com/2011/05/setting-default-ou-for-distribution.html" href="http://www.howexchangeworks.com/2011/05/setting-default-ou-for-distribution.html" style="color: #124d87; line-height: 16pt;">http://www.howexchangeworks.com/2011/05/setting-default-ou-for-distribution.html</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-88091642622180456592012-09-24T12:31:00.003+03:002012-09-24T12:31:54.913+03:00Exchange 2010 OWA: An unexpected error occurred and your request couldn’t be handled<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
If you receive this error after installing Exchange 2010 service pack you might want to delete any custom bindings on your <em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">Default Web Site</strong></em> in IIS.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
To do this open <strong style="line-height: 16pt;">IIS Manager</strong>, expand your s<em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">erver</strong></em>-><em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">sites</strong></em> and select <strong style="line-height: 16pt;">Default Web Site</strong>, right click it and choose <strong style="line-height: 16pt;">Edit Bindings...</strong> Remove any custom headers you added and it should work right away.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<br /></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Links:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<a data-mce-href="http://jaxelos.wordpress.com/2011/12/01/owa-2010-an-unexpected-error-occurred-and-your-request-couldnt-be-handled/" href="http://jaxelos.wordpress.com/2011/12/01/owa-2010-an-unexpected-error-occurred-and-your-request-couldnt-be-handled/" style="color: #124d87; line-height: 16pt;">http://jaxelos.wordpress.com/2011/12/01/owa-2010-an-unexpected-error-occurred-and-your-request-couldnt-be-handled/</a></div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0tag:blogger.com,1999:blog-6705827636155762044.post-33696601533756345662012-09-24T12:31:00.001+03:002012-09-24T12:31:25.070+03:00Exchange 2010 OWA errors after SP2.<br />
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
After installing Exchange 2010 SP2 I started to receive errors in OWA:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">Your request couldn't be completed.</strong></em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;"><strong style="line-height: 16pt;">This may have occurred for security reasons or because your session timed out.</strong></em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
This error does not happen if you open OWA via HTTPS.</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
To be able to use OWA via HTTP without this error you need to edit web.config file located in:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;">C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\Owa\web.config</em></div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
find line:</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;"><httpcookies 16pt="16pt" httponlycookies="false" line-height:="line-height:" requiressl="<strong style=">true</httpcookies></em></div>
" domain="" /><div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
and change requireSSL to false</div>
<div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
<em style="border: none; line-height: 16pt;"><httpcookies 16pt="16pt" httponlycookies="false" line-height:="line-height:" requiressl="<strong style=">false</httpcookies></em></div>
" domain="" /><div style="color: #444444; font-family: Georgia, serif; font-size: 17px; line-height: 21.33333396911621px; margin-bottom: 10px;">
Save the file and OWA should work fine.</div>
Aurimas N.http://www.blogger.com/profile/10601992610090368350noreply@blogger.com0