Technology

WinMTR

A nice handy MTR tool for windows has recently been released.

MTR probes routers on the route path by limiting the number of hops individual packets may traverse, and listening to responses of their expiry. It will regularly repeat this process, usually once per second, and keep track of the response times of the hops along the path. Good for trying to figure out network issues along a route.

winmtr.net

Encryption

I've been playing around with encryption techniques recently.
I like this site which makes it easy to share and verify encryption keys

It's basically cloud key database, which also offers a secure messaging and collaboration service.

Here's my profile which verifies several services I use as being in my control. As well as sharing my public pgp key which can be used to send me encrypted messages/ verify my identity.

keybase.io/iworm

They also seem to host a cloud file storage with 10Gb in the free tier, which uses your keys to encrypt files at the client side. So this means that the files are always fully encrypted and even if their servers or connections are compromised then your files will be protected.

PowerShell Exchange commands message limits

Sometimes you'll want to alter the message count limits for sending and receiving in Exchange. Here's the commands you will need:

For organization

Set-TransportConfig -MaxRecipientEnvelopeLimit 1000

Get-transportconfig |fl name,MaxRecipientEnvelopeLimit (=250)

-----

For transport server

Set-TransportServer -Identity "Server01" -PickupDirectoryMaxRecipientsPerMessage 200

Get-TransportServer |FL PickupDirectoryMaxRecipientsPerMessage,name (=100)

----

For recieveconnector

Set-ReceiveConnector -Identity "Contoso Receive Connector" -MaxRecipientsPerMessage 300

Get-receiveconnector |fl name,MaxRecipientsPerMessage

----
For mailbox:

Get-mailbox |fl name, RecipientLimits

(All seem to unlimited)

PowerShell Exchange message tracking commands

Note for office365: If you are tracking messages older that 7 days, then you'll have to use the GUI and wait as the job takes a while to access the log archives. (4 days it took to return the results when I last used it!! Useless!)

Here's the command for Office 365:
Get-MessageTrace -SenderAddress john@contoso.com -StartDate 06/13/2015 -EndDate 06/15/2015

Here's the powershell commands you'll need for doing some message tracking in Exchange.

-Get message tracking logs:

get-messagetrackinglog -Sender "" -Start "4/28/2015" -End "4/30/2015" | Select-Object Timestamp,ServerHostname,ClientHostname,Source,EventId,Recipients | Sort-Object -Property Timestamp

-Get failed emails:

Robocopy

Robocopy can be used to move files from one place to another in a network while doing checks on any failed files, retrying, and most importantly keeping the security descriptors associated with each file folder.

Here's the command I generally use:
robocopy :\ \\\ /mir /R:3 /SEC /W:3 /LOG:robocopy.log

I've just put it here so I don't have to look it up each time.

Start DropBox as a shared service on a server (or client PC used by multiple users)

Sometimes, you'll want to run DropBox as a service rather than as a foreground app. If you want to sync a server share , or if you want the same account to available to multiple users on the same machine, without creating a seperate synced folder copy for each user that logs on. Here's how to set it up:

If you have installed Dropbox onto the computer you will be configuring it for, uninstall it for each user that has it installed!

Step 1. Create an a new Service Account in Windows

Open Control Panel.
Open Add or Remove User Accounts.
Add a new Administrator account called ServiceAccount.
Give the account a password and keep track of it . This is critical. Don’t skip this step.
Log in as the ServiceAccount.
Step 2. Download, Install and Configure Dropbox

Install Java msi through group policy

Get msi by running install exe but stop before clicking 'install'
Go to %appdata%/localow/oracle/ grab .msi file

Cancel the Java setup.
Open the MSI with ORCA or an MSI Editing tool and create a MST File and change the following settings:
Open the table “CustomAction” and select the row “installexe”. Change the value in the field “Type” to 3074 (or Hex 0x0C02). This will set the NoImpersonate bit.

My additional PROPERTIES in the MST file are the following:

AUTO_UPDATE=0
AUTOUPDATECHECK=0
JU=0
JAVAUPDATE=0
EULA=0
SPONSORS=0
WEB_JAVA_SECURITY_LEVEL=H
WEB_ANALYTICS=0

SAVE the MST File

Unfortunately this is not enough. Now you’ll have another error: “Unable to install Java. Unable to open file C:\ProgramData\Oracle\Java\java.settings.cfg”

How to reset/hack Mac password.

For certain versions the easiest way is to use the Installer CD method.

However, if you don't have an installer CD you can do some command-line tricks instead.
Boot up the computer, holding Command+S as you hear the startup chime.
The Mac will boot into single user mode, giving you a command prompt after loading everything up.

If the Mac is running Snow Leopard or below, type the following commands, hitting Enter after each one and waiting for the prompt to come up again before running the next one:

/sbin/fsck -fy
/sbin/mount -uw /
launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
dscl . -passwd /Users/

Renew a self-signed certificate in Exchange

If a certificate has exired (shows exipred in the event logs) then you need the thumbprint. Can find this on the outlook web access->rightclick->properties->certificates->thumbprint.

Open exchange cli:

get-exchangecertificate
-lets you see a list of all the current certificates and their thumbprints.

If the certificate isn't expired, try this:

get-exchangecertificate -thumbprint
XXXXXxxxxxxxxxxxxxxXXXXX | enable-exchangecertificate
-services "IIS,SMTP"

If the certificate HAS expired (as it says it has in the event
description: "The existing certificate for that FQDN has expired"),
and the certificate is "self signed" then you should be able to renew
the cert like this:

Stuck RDC session on remote server, or log off remote RDC user session.

Here's how to easily fix an issue where either a remote RDC session is stuck, preventing you from logging onto a server, or you want to log a remote user off of a remote server session for any reason:

First, check the session number with qwinsta:

QWINSTA /server:YOURREMOTECOMPUTERNAMEHERE
Write down the session ID.

Then use the logoff command:
LOGOFF YOURSESSIONIDHERE /server:YOURREMOTECOMPUTERNAMEHERE

Disk Cleanup WinSxS folder in Windows Server 2012 (R2) using DISM

Here is how to clean up the WinSxs folder on Windows Server 2012 R2, to reclaim disk space.
This will delete superseded updates and unused system files to free up extra disk space.
It uses dism.exe‘s disk cleanup options.

Often the Windows component store folder(C:\Windows\WinSxS) will take up a lot of space on your servers. This folder contains all the files that are required for a Windows installation as well as any updates to those files are also held within the component store as the updates are installed

Here's how to use the DISM tool to safely free up space:

The basic command we use it: Dism.exe /online /Cleanup-Image. This has the following extra options:

/AnalyzeComponentStore
/StartComponentCleanup
/ResetBase with /StartComponentCleanup
/SPSuperseded

Open a PowerShell as Administrator, then:

Office 365 2016 Word, excel lagging, slow typing.

There seems to be an issue with version 1706 (build 8229.2086) which causes lagging/slow typing on certain types of documents with images/templates.

As a temporary workaround, roll back to an earlier version of O365 office:

Disable office updates:
In word->File->Account
Check your version of Word
Switch off automatic updates.

To roll back to an earlier version:

Open an elevated command prompt and run the following commands:

cd %programfiles%\Common Files\Microsoft Shared\ClickToRun
officec2rclient.exe /update user updatetoversion=16.0.xxxx.yyyy

Where xxxx.yyyy is soemthing like 8201.2075 (seem to fix the issue)

Remember to tuen updates back on at a future point and restore Office to the latest version once the issue has been resolved.