Vendors

Find / Display UID or GID in Linux

Goal / Scope Provide examples of effective ways to determine and display the UID and / or GID of an account. Methodology / Process Steps The id command is used to display a user UID / GID in Linux and / or Unix.  To obtain the UID of an account, the -u switch is used as shown in ... Continue Reading

Troubleshooting WSUS Connection Issues

Problem The configuration has been completed for client computers to connect to a WSUS server, but are not reporting in after a period of days.  Computers may show up in the WSUS console, but will not be reporting in or will not have reported in for several days Background / Cause Some client computers have been affected by ... Continue Reading

Networking 101

Purpose Proper flow of network traffic and solid network connectivity is critical to any network.  Past experiences have shown while it is acceptable to leave the advanced configurations to the network team, a basic understanding and the ability to configure the basics is important for anyone at just about any level.  The ability to troubleshoot issues ... Continue Reading

Update GPO Templates

Goal / Scope How to install additional GPO templates into an Active Directory environment.  This is limited to environments running Server 2008 or later Background Additional templates for managing devices and endpoints are often very useful.  The method for importing GPO templates into Group Policy for use has changed from previous versions of Windows server and Active Directory.  ... Continue Reading

Setup SNMP on VMware ESXi Hosts

Goal / Scope Enable the ability to monitor and report on ESXi servers using SNMP Background By default the SNMP functionality is disabled in ESXi servers.  Also, simply attempting to start the service via the GUI interface fails with an error.  A little tweaking is required to get the SNMP service up and running on an ESXi host. Methodology ... Continue Reading

Multiple Password Policies in an Active Directory Environment

Goal / Scope This information will identify the proper process for implementing fine-grain password polices, or implementing several different password policies in a single Active Directory domain.  By default, only a single password policy can only be set per domain.  Beginning in Windows 2008 Active Directory domains, the ability to set several password policies was enabled. ... Continue Reading

Delay Tasks Using Group Policy

Goal / Scope Create a Group Policy Object or modify an existing Group Policy Object to run a scheduled task once a user has logged on to the system. Background This will only be affective using Window Vista or later Operating Systems. Methodology / Process Steps Edit the Group Policy Object to be used for pushing the new task.  Expand ... Continue Reading

Fields in Word Are / Are Not Being Highlighted

Goal / Scope The option to allow the field formatting in Microsoft Word can be difficult to locate.  This process will allow the “shading” of a field to be set, or allow the behavior of the shading of a field to be changed. Background Fields are a great way of making a repeatable form in Word.  It allows ... Continue Reading

Setup Best Case for End-Users

Goal / Scope Setup BestCase software for end-users Background The Best Case Shortcut needs to be copied from the Best Case network location to the desktop to allow easy access to the software When opening Best Case, if the permissions on a couple of files is not set correctly, Best Case will fail to open with the following error: [insert ... Continue Reading

Office 365 System Requirements

For the best experience using Office 365, Microsoft recommends that the latest browsers are always used, Office clients, and apps. Microsoft also recommend that you install software updates when they become available. Office 365 is designed to work with the following software: The current or immediately previous version of Internet Explorer or Firefox, or the latest version ... Continue Reading

Exchange 2010 and Single Name Certificates

Goal / Scope The purpose of this article is to provide a method for leveraging a single name certificate with Exchange 2010 without getting errors and warnings and potentially having some services fail altogether.  Please NOTE:  It is Microsoft recommended best practice to use a SAN (Subject Alternative Name) certificate with Exchange.  However, if for some ... Continue Reading

How To Use MobileIron Assemble

Goal / Scope This is a quick reference guide intended to provide the basics for using the add-on utility for MobileIron call Assemble. Background MobileIron has been a leader in MDM (mobile device management) and has built the MobileIron suite of products from the ground up to make a stable, secure, and functional platform capable of managing many ... Continue Reading

Retire MobileIron Managed Devices when Active Directory Accounts are Disabled

Problem When a user account is disabled in Active Directory, the corresponding device(s) should also be retired.  Currently, there is no method that allows this from the MobileIron platform directly.  This can be accomplished using MobileIron Assemble. Background Management of an organization’s resources should be as easy as possible to avoid confusion, overlooking a step, or simply for ... Continue Reading

Create a specific size file for testing

Goal / Scope The goal of this document is to provide a method for quickly creating a file with a specific size. Background There are times when a file of a specific size may be required to test functionality of a specific solution.  An example of this would be testing file attachment size limitations when sending email.  Many ... Continue Reading

Active Directory Health Check Discovery Steps

Goal / Scope Active Directory or directory services is the backbone of a good network.  It allows for configuration of devices and role management of users as well as a good central location for network information.  Maintaining a high level of health for Active Directory is very valuable. Currently, there are many resources available online, but ... Continue Reading

Exchange Health Check Steps

Goal / Scope Messaging has become one of the most critical and important services for most if not all organizations.  Maintaining a level of health on these valuable resources has then also become important.  Currently, there are many resources available online, but few seem to organize the information and look holistically at the Exchange environment.  This ... Continue Reading

Active Directory Group Policy Preferences

Goal Microsoft released a great new set of tools for Active Directory with the release of Windows Server 2008 called Group Policy Preferences.  Group Policy Preferences was introduced in the 2008 release of Microsoft Windows Server.  It was the opinion of most members of the systems administration community that we should have seen these incorporated into ... Continue Reading

MobileIron Wireless Configuration for Certificate Authentication Troubleshooting Topics

Problem Setting up certificate based authentication can be extremely difficult and frustrating.  It is great when it works, but getting to that point can be a slow and painful process if inexperienced with implementation and general knowledge of certificates.  This document is meant to serve as a guide for troubleshooting the “simple” things that seem to ... Continue Reading

Send messages through Office 365 using devices which don’t support TLS

Goal / Scope When moving to cloud services, challenges will always be present.  Office 365 is no exception.  Aside from potential compatability issues (see this link for more details), other issues like sending email messages from a printer / scanner device can also be problematic if the printer / scanner doesn’t support TLS for example.  The ... Continue Reading

How To Install And Configure SMTP Virtual Servers In IIS 6.0

Problem In order to send email from an ASP.NET Web application, you must have the Simple Mail Transfer Protocol (SMTP) service of Internet Information Services (IIS) installed and configured on your server. The IIS SMTP service is a simple component for forwarding email messages to an SMTP server for delivery. Background / Cause This was defined as an ... Continue Reading

Clean Up Active Directory Domain Controller Manually (when dcpromo fails or isn’t an option)

Problem There are times a domain controller cannot be removed per Microsoft recommended best practices using dcpromo.  When this occurs the following guide has been the definitive method to properly and cleanly remove a domain controller from active directory. Background / Cause There are a number of reasons that a domain controller needs to be manually removed from ... Continue Reading

Monitoring an Exchange 2010 Index Crawl

Problem If an Exchange 2010 DataBase search index needs to be rebuild, the index state for the DataBase changes to “crawling”. Unfortunately it doesn’t give any indication if it’s actually doing anything.  Considering it is possible to get the status stuck as “crawling”, the database cannot be activated in a DAG while crawling, and rebuilding an ... Continue Reading

MobileIron Quarantine Fails for iOS devices

Problem When a device managed falls out of compliance, the compliance action setup to quarantine the device fails to remove the profiles correctly, but leaves all the profiles in place.  This can be a significant problem with the security of the corporate data and / or access to corporate resources. Background Discovered on several installation of MobileIron and seemed ... Continue Reading

MapQuest Maps Not Showing in MobileIron Locate Feature

Problem When attempting to locate a device using the MobileIron locate feature, the pop-up window appears, but nothing happens past that point and the browser needs to be refreshed in order to “reset” the web page to continue navigating the MobileIron console. Background This issue doesn’t present itself with an error message, and the browser looks like it ... Continue Reading

WSUS Server Cleanup Wizard Hangs on “Deleting unused updates…”

Background WSUS is a great product for the price.  It is certainly not something that should be used for large scale enterprise organizations, but it could be used in that manner if options were limited. Strenghs: The price can’t be beat Performs very well with Microsoft updates WAN bandwidth usage can be reduced by creating a local store of required ... Continue Reading

Could not allocate requested partitions

If you are attempting to install MobileIron appliance and the installation fails with the following error: “Could not allocate requested partitions:” The problem is more than likely the use of Paravirtualized controllers.  In the settings for the Virtual Machine, the SCSI controller will be set to use paravirtualiztion not one of the standard parallel or SAS controllers.  ... Continue Reading

Troubleshooting and Testing MobileIron

Here is a list of problems and the solutions I have experienced while working with MobileIron. Question / Problem: Can a Sentry be added to multiple VSPs? Answer / Solution: Under no circumstances should a Sentry be added to multiple VSPs.  This will cause all types of problems including but not limited to; failure to retire devices, failure to ... Continue Reading

Run PowerShell script as a scheduled task

 Goal The goal of this article is to provide clear, concise method for running PowerShell scripts using Windows task scheduler.  Running a PowerShell script using the task scheduler may not be as straight forward as one might expect.  In fact, it is quite different from running standard shell scripts.  This article should provide the generic syntax ... Continue Reading

Windows 8 Shortcuts and General Use Tips

Purpose I have been using Windows 8 for some time now trying to get familiar with the new interface.  So far, it has been “rocky” at best.  For Windows 8 it is a love / hate relationship with me.  There are things that I really like about it, but things that can be incredibly frustrating also.  ... Continue Reading

MobileIron SCEP Configuration Settings Defined

Option Description Name Enter text that identifies this group of SCEP settings Description Enter additional text that clarifies the purpose of this group of SCEP settings Enable Proxy Select Enable Proxy. The following proxy options are available: Cache locally generated keys—leaves the certificate in the VSP certificate store for reuse. User Certificate—User-based certificates are used for all devices. If you select this option, revoking the ... Continue Reading

MobileIron Exchange Profile Setting Explained

Setting Description Name Enter the text that will be displayed for the Exchange Account on the devices Description Enter additional text that clarifies the purpose of this group of Exchange settings Server Address The address of the Sentry in most cases Use SSL Select this to use secure encrypted connections Domain The domain configured for the Exchange server ActiveSync User Name The default of $USERID$ is pre-populated in ... Continue Reading

Authentication Using Kerberos Constrained Delegation

I would like to start off by saying that a large part of this documentation was obtained from MobileIron documentation that can be obtained from the MobileIron support site.  I am simply adding to to it and updating things that I found to be more difficult. About Kerberos Constrained Delegation and MobileIron Starting at VSP version 4.5.3 ... Continue Reading

Install Citrix Receiver on 64bit Ubuntu

Prepare yourself for this, it will more than likely be time consuming and frustrating…. even with these instructions.  This process and apparently Citrix software is not for the beginner and it is seriously disappointing that Citrix brags about cross platform compatibility, but to them that apparently means Windows and iPad. First, I can’t guarantee this will ... Continue Reading

An online merchant to avoid

I had a “lessons learned” moment recently. I ordered 2 items from an online store Herman Street. At a quick glance, it is a pretty normal / standard online store. They had the best pricing for the items that I was in need of, so I placed the order. Everything seemed to be going well. ... Continue Reading

Activating Windows via KMS

Purpose: This document should be used as a reference when activating a Windows product using a KMS server.  This document provides step by step instructions on activating a Windows product using a KMS server. For reference and KMS product keys to be used in KMS product activation, please visit the following site for more information: http://technet.microsoft.com/en-us/library/jj612867.aspx Process: In order to ... Continue Reading

Group Policy Filtering using WMI

Purpose The purpose of WMI filtering is to allow more control over the Active Directory objects that Group Policy is applied.  WMI filtering can be very powerful when used correctly, and can prevent the complex tree of Organization Units created to try and separate the Active Directory objects correctly.  Microsoft recommended best practice is to leverage ... Continue Reading

Internet Explorer and the latest wave update of Office 365

Office 365 and Internet Explorer 8 compatibility I have run into some issues with the latest upgrade wave of Office 365 and my clients using I.E. 8.  They are experiencing slow response times, lag, freezing, etc.  I opened a Microsoft support case and when I was finally able to get support, they offered the following: Internet Explorer ... Continue Reading

Exchange Transaction Logs Fill Up Disk Completely.

Summary I have encountered this several times now.  I don’t know if the disks are being incorrectly sized or if something else is happening that is causing this, but the Exchange transaction logs are not being removed and they continue to fill up the disk until it is completely full, and then it causes mail to ... Continue Reading

Group Policy: Windows Firewall setting to allow WMI (Windows Management Instrumentation)

Using Group Policy to enable WMI remote requests through the Windows Firewall It is always a good idea to enable the Windows firewall under the domain profile. Enabling the firewall can prevent needed functionality as well.  For example, in some scenarios it may be required to be able to interact with client workstations or servers via ... Continue Reading

Configuration of IP Address / Domain Based Rules in Microsoft IIS

I put this process together for securing ActiveSync traffic to IIS when using a MobileIron Sentry.  When managing mobile devices it is important not to leave “back doors” in your configuration.  If ActiveSync traffic is allowed from anywhere, an end-user could easily configure the connection directly to the Exchange CAS on the mobile device bypassing ... Continue Reading

Set New Password From OWA Logon

Mobility has really caught on recently and everybody wants in.  This can be using that new smart phone to check your email to working from home.  This is great technology it has unchained us from “the office”, but it can have it’s frustrations as well.  For example, how do end-users that don’t frequently make it ... Continue Reading

MobileIron User Registration Best Practices

User Registration Best Practices MobileIron offers several methods for user registration that Mobile IT teams can choose from when planning their deployments. This document outlines the methods most commonly used by MobileIron customers deploying to more than 100 users or devices. We start with the best practice recommendation, in-app registration, and describe other common approaches and ... Continue Reading

Sending Bulk Messages via MobileIron VSP

Goal / Scope The MobileIron GUI interface currently doesn’t have any way to selectively send messages to a group of managed devices.  For example, in an environment where there are IOS, Android, Blackberry, and Windows 8 devices, the goal would be to send a message to all the IOS devices. Background I was asked if it was possible ... Continue Reading

WARNING: Database is mandatory on UserMailbox.

I was presented with a troubleshooting issue today that involved PowerShell and Exchange.  The user wanted to get statistics for the mailboxes in the Exchange environment.  The problem actually ended up being 2 different changes. First, the PowerShell command had some invalid syntax in it.  Below is the full command. Get-Mailbox | Get-MailboxStatistics -Server | where {$_.ObjectClass –eq ... Continue Reading

Change your Mac Hostname via Terminal

Here’s how to change a Mac hostname with the command line and make it permanent: scutil --set HostName Simply replace with whatever you want the hostname of your Mac to be changed to. An example would be let’s say I want to change my Mac laptop’s hostname to MacBookPro, I will use this command: scutil ... Continue Reading

Group Policy Preferences not mapping network drives in Windows 8

One of the first problems I noticed with Windows 8 is my drive mappings were missing.  I joined a freshly installed Windows 8 workstation to the domain, and with that membership the workstation should be provided some drive mappings based on who I am when I log on to the computer.  I am using Group ... Continue Reading

My first impressions with Windows 8

So I have had the pleasure of working with Windows 8 for a while now, and I have to say my response to it is very similar to Ubuntu releasing the Unity desktop…. YUCK!  It is clumsy to navigate if you don’t have a touch screen, and I will not change my mind on this ... Continue Reading

Stupid Mobile Account “feature” for Mac

While I have to admit that I do have a soft side for Mac, sometimes I fail to see the “thought outside of the box”.  The Mobile Account feature for Macs associated with a directory is one of those times.  It is disappointing at best, and even Apple states it doesn’t provide that much functionality. ... Continue Reading

Citrix Receiver, PnaAuthDialog_popup window solution

The Citrix receiver has always been a tremendous thorn in my side to install on Linux, and adding that I have been using 64 bit lately, this is only amplified.  The latest issue came with the receiver actually starting, but along with it a blank window entitled “PnaAuthDialog_popup” is displayed.  It is displayed over the ... Continue Reading

WSUS failing to connect new clients

If the statement is true that you learn from your mistakes and failures, then I am getting really smart today! I have successfully started using templates in VMware for a short while now.  I thought I was getting pretty good at it since I was standing machines up very quickly and with little effort. Today, however, I ... Continue Reading

VMware vSphere fails to connect to it’s hosts

I had a long afternoon today.  I spent a good part of it troubleshooting my vCenter installation and why the hosts were connecting for about 30 seconds and then showing a disconnected / failed state.  I am hoping with this quick little note, I can save many others from the torture that I endured today. Here ... Continue Reading

Just a great reason Linux is no more “difficult” than Windows

I guess I would have to start by saying my cousin, who we will give a nickname to protect the identity of the innocent, “Buzz” has asked me several times to assist her with issues she has had with her computer. For example, most of the time the computer gets used, viruses infect, I come ... Continue Reading