Category Archives: Guide

Guide to…. quick info that you could use for emailing to people!

WinRM for Event Forwarding

Windows Remote Management (WinRM) required by Windows Remote Shell command-line tool, Winrs, event forwarding, and Windows PowerShell 2.0.

WinRM service starts automatically on Windows Server 2008, but must be started manually on Windows Vista.

  • Show WinRM Status: “winrm get winrm/config”
  • Show WinRM Help: “winrm help config”
  • Setup WinRM: “winrm qc” (Quick Config)

Performs the following operations:

  • Starts the WinRM service, and sets the service startup type to auto-start.
  • Configures a listener for the ports that send and receive WS-Management protocol messages using either HTTP or HTTPS on any IP address.
  • Defines ICF exceptions for the WinRM service, and opens the ports for HTTP and HTTPS. (Only for the current user profile)

Reference: http://msdn.microsoft.com/en-us/library/aa384372(v=vs.85).aspx

 

Removing “Help Protect and Improve Microsoft Office” prompt from RDS/TS

  1. Users without administration access are unable to select the desired options on the “Help Protect and Improve Microsoft Office” prompt which is display when first loading Microsoft Office 2010 as they required elevated permissions.

This issue can be resolved via a GPO. Unfortunately Office 2010 GPOs are not integrated into the standard GPOs within Windows Server so require an additional download.

Continue reading

NK2 Files & Import

NK2 File locations in Windows XP / Windows 7

  • Windows XP: Start -> Run -> “%userprofile%\Application Data\Microsoft\Outlook”
  • Windows 7: Start -> Run -> “%appdata%\Microsoft\Outlook”

Import Outlook nicknames from .NK2 file to Outlook 2010 Profile

  1. Copy *.NK2 to %appdata%\Microsoft\Outlook
  2. Change name of .NK2 file to match the Outlook profile name (This can be checked using “Mail” in control panel)
  3. Start -> Run -> “outlook.exe /importnk2” (This imports the NK2 file into the profile)
  4. Once imported the .nk2 file should get renamed automatically with . file extension
  5. Import of Contacts will merge with current cache (not overwrite)

Automatic tool to do this: http://support.microsoft.com/kb/980542

Camera, Shutter, Aperture & DOF

SHUTTER

The Cameras shutter controls the length of time the sensor is exposed to light.

Shutter speeds normally operate somewhere between 30 seconds and 1/100 of a second.

Fast shutter speeds (over 1/250 sec) freeze action.

Slow shutter speeds (1 sec – 30 secs) make photography possible in very low light.

For hand held photography a minimum shutter speed of about 1/30 sec is required, below this some means of steadying the camera is required.

APERTURE

The lens aperture controls the quantity of light reaching the cameras sensor.

In dim or gloomy conditions the sensor needs a bigger aperture to let in more light.

In bright conditions a smaller aperture is required.

Aperture is measured in f-stop numbers.

The normal range of apertures is from f/2.8 – f/22

F/2.8 is a BIG aperture letting in more light (in =
gloomy conditions)

F/22 is a SMALL aperture letting in less light (in bright conditions)

DEPTH OF FIELD

Changing the aperture will also control the depth of field.

A big aperture (f/2.8 – f/5.6) will give a small depth of field. This effect will be increased by using a zoom lens, the longer the zoom the shorter the depth of field.

A small aperture (f/16 – f/22) will give a large depth of field. This effect will be increased by using a wide angle lens.

Use big apertures (f/2.8 – f/5.5) for portraits and still life where you want to blur the background.

Use small apertures (f/16 – f/22) for landscapes ar any photo where you want foreground, mid & background sharp.

SCENE MODES

Your cameras scene modes will select shutter and aperture for you depending on the scene mode selected.

If you select ‘portrait’ or ‘macro’ (close-up), the camera will assume a short depth of field is best and choose a big aperture.

If you select ‘sport’ the camera will choose a fast shutter speed to freeze the action.

Selecting ‘landscape’ mode will give a setting with a larger depth of field.

Groups in AD | Domain Local, Global, Universal

Domain Local: groups can contain users, global groups and universal groups from anywhere in the AD forest, but can only be used to secure resources within the same domain.

Global: groups can contain only users and groups from within the same domain, but can be used to secure resources anywhere in the forest.

Universal: groups can contain objects from anywhere in the forest, and can be used to secure resources anywhere in the forest.


Group Scope Can Contain Usage
Domain Local
  • User account from any domain in the forest
  • Global or universal from any domain in the forest
  • User accounts, global or universal groups from a trusted forest domain
  • Other domain local groups from the same domain
  • Resources in local domain
Global
  • User accounts in the same domain
  • Other global groups from the same domain
  • Any domain in the forest or trusted forests
Universal
  • Users. Global groups or universal groups from any domain in the forest
  • Any domain in the forest or trusted forests

You can only convert from the following and this will only take place if the correct “member of” groups are related:

  • Domain Local to Universal
  • Global to Universal
  • Universal to Domain Local & Global

BACKUP!

DO A STANDALONE BACKUP NOW!

This is something we all overlook and it makes life so much easier if you have a copy just dumped to a network share!

GPO Backup:

GPO Restore:

DHCP Backup:

 

Subnet Mask Reference Sheet

Subnet Mask Reference Sheet

  Subnet Mask Hosts
/30 255.255.255.252 4
/29 255.255.255.248 8
/28 255.255.255.240 16
/27 255.255.255.252 32
/26 255.255.255.248 64
/25 255.255.255.128 128
/24 255.255.255.0 256
/23 255.255.254.0 512
/22 255.255.252.0 1024
/21 255.255.248.0 2048
/20 255.255.240.0 4096
/19 255.255.224.0 8192
/18 255.255.192.0 16384
/17 255.255.128.0 32768
/16 255.255.0.0 65536

Site Search (Google)

Woo i’m posting more that I did! Thought i’d give the Google search builder a go.

Loading

Querying FSMO roles & ADPREP


Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

Warning: WP_Syntax::substituteToken(): Argument #1 ($match) must be passed by reference, value given in /homepages/40/d806441738/htdocs/clickandbuilds/edwardsd/work/wp-content/plugins/wp-syntax/wp-syntax.php on line 383

To find out what domain controller roles are within the organisation:

List all DCs in forest with DN and RDN:

DsQuery Server -o rdn -Forest
DsQuery Server -Forest

List all the DCs in domain:

DsQuery Server -domain domain_name.com

List all the DCs in domain (that are Global Catalog Servers):

DsQuery Server -domain domain_name.com -isgc

List all DCs in forest (that hold FSMO):

DsQuery Server -Forest -hasfsmo schema

Use the “>” to store the output to a text file. The below command will store all the domain controller names in AllDCs.txt.

DsQuery Server -Forest > AllDCs.txt

List FSMO roles using NETDOM

netdom query fsmo

Adding a new Domain Controller to the Domain.

ADPREP commands to upgrade Domain Controllers (In this order)

ADPREP /forestprep
ADPREP /domainprep
ADPREP /domainprep /gpprep
ADPREP /rodcprep
Guide to Windows Server 2008 ADPREP: 
Problems with ADPREP and SYSVOL migration process:

How to view and transfer FSMO roles in Windows Server 2003
http://support.microsoft.com/kb/324801

How do I install Active Directory on my Windows Server 2003 server?
http://www.petri.co.il/how_to_install_active_directory_on_windows_2003.htm

Exchange 2007 | Sendas email account using alternate domain

I’ve was asked to set up an additional domain name under Exchange 2007. The only issue is that Exchange doesn’t quite handle multiple domain names very well, yes you can add aliases and easily create them within the exchange console, however the problem comes to “sending as” a different domain on the client machine (outlook) I managed to get this method working, although it may not be the best method, I’m couldn’t find any other solutions.

Method 1:

  • Create a new user and mailbox.
  • Set the default email address as email@domain.co.uk
  • Add full send as permissions to the mailbox.
  • Setup redirect so all email to email@domain.co.uk is forwarded to email@domain2.com

This is good, but is messy as multiple user accounts are required…

Method 2 (Preferred Method):

  • Setup a new distribution list email@domain.co.uk (remove the alias from users current profile to do this)
  • Add User as the manager of this list and the only member
  • Set the permissions for full send as via the powershell…

You can change mailbox permissions using two methods but only the powershell method seems to work properly (so probably best to stick to this)

  • 1) Via Powershell: Add-AdPermission “DL” -user “name.surname” -AccessRights extendedright -ExtendedRights “send as”
  • 2) From the “users and computers” selected the distribution group changed to “Advanced” settings and edited the security on the DL to add “user” to Full access”

Host vs Lmhost

Hosts File
The host file is located in the %SystemRoot%\System32\Drivers\Etc directory as Hosts with no file extension on both Windows NT and Windows 2000 machines. The Hosts file is primarily used to resolve host names (Computer
Names) to an IP address.

LmHosts File
The LmHosts file is located in the %SystemRoot%\System32\Drivers\Etc directory as LmHost.Sam on both Windows NT and Windows 2000 machines as well. The LmHosts files are primarily used to resolve NetBios names to IP
addresses.

Windows | % System path variables %

%AppData%

Contains the full path to the Application Data folder of the logged-in user. Does not work on Windows NT 4.0 SP6 UK.

%ComSpec%

This variable contains the full path to the command processor; on Windows NT based operating systems this is cmd.exe, while on Windows 9x and ME it is the DOS command processor, COMMAND.COM.

%Localappdata%

This variable is the temporary files of Applications. Its uses include storing of Desktop Themes, Windows Error Reporting, Caching and profiles of web browsers.

%Path%

This variable contains a semicolon-delimited (do not put spaces in between) list of directories in which the command interpreter will search for an executable file that matches the given command. Equivalent to the Unix $PATH variable.

%ProgramFiles%

This variable points to Program Files directory, which stores all the installed program of Windows and others. The default on English-language systems is C:\Program Files. In 64-bit editions of Windows (XP, 2003, Vista), there are also %ProgramFiles(x86)% which defaults to C:\Program Files (x86) and %ProgramW6432% which defaults to C:\Program Files.

The %ProgramFiles% itself depends on whether the process requesting the environment variable is itself 32-bit or 64-bit (this is caused by Windows-on-Windows 64-bitredirection).

%CommonProgramFiles%

This variable points to Common Files directory. The default is C:\Program Files\Common Files.

%SystemDrive%

The %SystemDrive% variable is a special system-wide environment variable found on Microsoft Windows NT and its derivatives. Its value is the drive upon which the system folder was placed. Also see next item.

The value of %SystemDrive% is in most cases C:.

%SystemRoot%

The %SystemRoot% variable is a special system-wide environment variable found on Microsoft Windows NT and its derivatives. Its value is the location of the system folder, including the drive and path.

The drive is the same as %SystemDrive% and the default path on a clean installation depends upon the version of the operating system. By default, on a clean installation:

Windows NT 5.1 (Windows XP) and newer versions use \WINDOWS

Windows NT 5.0 (Windows 2000), Windows NT 4.0 and Windows NT 3.1 use \WINNT

Windows NT 3.5x uses \WINNT35

%WinDir%

This variable points to the Windows directory (on Windows NT-based operating systems it is identical to the %SystemRoot% variable, above). If the System is on drive C: then the default values are:

C:\WINDOWS on Windows 95, Windows 98, Windows Me, Windows XP, Windows Server 2003, Windows Vista,Windows Server 2008 and Windows 7

C:\WINNT for Windows NT 4, and Windows 2000

Note that Windows NT 4 Terminal Server Edition by default installs to C:\WTSRV.

%Logonserver%

Awesome little short-cut. Allows us to get to the DC which was used for login. Very handy if trying to change passwords are you can update the DC so there is no waiting for replications.

Arcserve Copy Job

Ensure the following settings are used, this will make sure that the folders being copied are added into the directory selected.

  • \\ServerName\C$\Department-Folder\
  • \\NewServerName\C$\New-Department-Folder\

Ensure the following setting is ticked:

  • Create the entire path from the Root.

Add RDP/TS users for remote Access Local Security Permissions (Non Domain Controller)

Make sure that the Remote Desktop Users group has sufficient permissions to log on through Terminal Services.

  1. Click Start, click Run, type secpol.msc, and then click OK.
  2. Expand Local Policies, and then click User Rights Assignment.
  3. In the right pane, double-click Allow logon through Terminal Services. Make sure that the Remote Desktop Users group is listed.
  4. Click OK.
  5. In the right pane, double-click Deny logon through Terminal Services. Make sure that the Remote Desktop Users group is not listed, and then click OK.
  6. Close the Local Security Settings snap-in.

Make sure the user is added to the Remote Desktop Users group:

  1. Open Computer Management.
  2. In the console tree, click the Local Users and Groups node.
  3. In the details pane, double-click the Groups folder.
  4. Double-click Remote Desktop Users, and then click Add….
  5. On the Select Users dialog box, click Locations… to specify the search location.
  6. Click Object Types… to specify the types of objects you want to search for.
  7. Type the name you want to add in the Enter the object names to select (examples): box.
  8. Click Check Names.
  9. When the name is located, click OK.

Check the users or groups to Terminal Services RDP permissions:

  1. Open Terminal Services Configuration.
  2. In the Connections folder, right-click RDP-TCP.
  3. Click Properties.
  4. On the Permissions tab, click Add, and then add the desired users and =
    groups.