make it a variable with $Results = Get-EventLog System | Where-Object {$_.entrytype -like "*rror"} | Where-Object {$_.Message -like "*failed*"}| Select-Object message

Related posts:

1. Powershell: A simple RSS Reader
2. Nice powershell snippets to do diffrent stuff

How does SSL VPNs help?

* A NAT device doesn’t need to support PPTP in order for it to work.
* Specific ports aren’t required to be open on the firewall (think hotels and other countries).
* Connectivity can be made through web proxy servers.
* The small footprint VPN client is easily accessible.

Clients supported: Vista SP1+, Windows 7, Windows Server 2008

What are the high level steps involved to setting up Windows Server 2008 SSL VPN connections (SSTP)?

* Obtain a certificate to be used for your connections (just as if you are installing an SSL certificate for your website)
* Install IIS on the VPN server
* Request a certificate for the VPN server using the IIS Certificate Request Wizard
* Install the SSL certificate
* Install the RRAS server role on the VPN server
* Enable the RRAS Server and configure it to be a VPN server
* Configure the User Account to allow dial-up connections
* Update DNS (ie. vpn.company.com)
* Configure the Client to use SSTP and Connect to the VPN Server using SSTP

How-To configure Windows 2008 for SSTP VPN

1.  Install IIS on VPN server with all security settings marked for installation
2.  Create a Certificate Request in IIS console
a.  Make sure common name is actual Internet Hostname clients will connect to (e.g. vpn.company.com)
3.  Cut and Paste the certificate request into your SSL provider’s website
4.  Install any Intermediary certificates and your SSL certificate per your SSL provider’s instructions (DO NOT bind the certificate to a website in IIS)
5.  Install Routing and Remote Access
6.  Load the Routing and Remote Access MMC and run the wizard to enable it (Select Custom -> VPN if you are using only 1 NIC)
8.  Enable Dial-In access for the remote user’s AD account
9.  Enabled SSL connection (port 443) from the outside
10. Update DNS for the domain with the common name of the certificate
11. Test the SSL VPN connection by choosing SSTP in the vpn network connection properties

If the connection doesn’t work, make sure the proper certificate is bound following:

1.  Make sure the right certificate hash is bound (netsh http show  ssl)
a. If necessary, delete and readd the correct certificate binding…
1. Remove binding from IPv4 (netsh http delete ssl 0.0.0.0:443)
2. Remove binding from IPv6 (netsh http delete ssl [::]:443)
3. Delete registry entry for the hash (reg delete hklm\system\currentcontrolset\services\sstpsvc\parameters /v sha256certificatehash /f)
4. Add binding from IPv4 (netsh http add sslcert ipport=0.0.0.0:443 certhash=<replace with your cert hash> appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY)
5. Add binding from IPv6 (netsh http add sslcert ipport=[::]:443 certhash=<replace with your cert hash> appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY)

Related posts:

1. winrm and winrs a management tool for windows 2008
2. Securing RDP connections with Certificates
3. Windows Server 2008 Official Direct Download Links

Go to C:\Users\jakob\AppData\Roaming\Microsoft\Templates where jakob is the name of your account.

Edit the Normal.dotm with word.

In here you will see the following screen:

Set spacing before and after to 0 pt. (or single spacing) And add dont add space between paragraphs of the same style.

Save the file as a doc1.dotm

Rename the old Normal.dotm to Normal.dotm.old

Rename doc1.dotm to Normal.dotm

Youre done!

Related posts:

1. Microsoft Office 2007 SP1 Installation & Slipstream Guide

Install it and add it to your Path variable.

make image from vsphere.

ovftool.exe -tt=OVF vi://user:password@vm01.hviidnet.com/MachineName c:\TemplateName.ovf
ovftool.exe -tt=OVA vi://user:password@vm01.hviidnet.com/MachineName c:\TemplateName.ova

Provision image:

ovftool.exe -nw="Network label ID" --diskMode=thin --name="New Virtual Machine Name" --powerOn --datastore="datastore1" c:\TemplateName.ovf vi://user:password@vm01.hviidnet.com

And you're done.

You can also script this if need be.

Documentation can be found here.

Related posts:

1. Autologin for Vista(and others) with a password protected account

Using the petool, run:

*
Storage Driver: petool.exe -i coldclone.iso -d "C:\Location_of_SCSI\DRIVER\"
*
NIC Driver: petool.exe -i coldclone.iso -n "C:\Location_of_NIC\DRIVER\"

Note: The last folder in the path cannot be more than 8 characters, and is only capital letters or numbers.

Consult with your hardware vendor for assistance in locating the correct driver to slipstream.

Related posts:

1. How to manually install VMware Converter
2. Compare vmware versions
3. VMWARE on ubuntu 6.06 LTS Network subnet

swapon -s

Checks what paths are currently accepted for swap

No related posts.

get this: http://www.sysresccd.org/

1. Boot you system with a CDROM/USB using any of the rescue linux or knoppix etc. I used sysresccd.
2. After boot up

umount /dev/sda3 (just in case if it is mounted)

3. do a file system check
Code:

fsck -n /dev/sda3

Output shuld be

/dev/sda3: clean, >

4.Removed the journal from /dev/sda3, this will make it an ext2 partition

tune2fs -O ^has_journal /dev/sda3

5. run

e2fsck -f /dev/sda3

6. resize the partition (with resize2fs without options takes your max size of the disk)

resize2fs /dev/sda3

7. Next run

fsck -n /dev/sda3

8. Create journal on /dev/sda3, this will turn sda3 to ext3 partition again
Code:

tune2fs -j /dev/sda3

9. Reboot the system using your original OS

Related posts:

1. Ubuntu 8.04 network after vmware ESX 3i clone
2. Converting vmware server images to esx 3i server images

PFX : PFX defines a file format commonly used to store private with accompanying public key certificates, protected with a password-based symmetric key (standard-PKCS12).
PEM : Openssl usages PEM (Privacy Enhanced Mail Certificate) to store the private key.

Use the following commands to extract the private key, and certificate.

If you want to extract private key from a pfx file and write it to PEM file

openssl.exe pkcs12 -in publicAndprivate.pfx -nocerts -out privateKey.pem

If you want to extract the certificate file (the signed public key) from the pfx file

openssl.exe pkcs12 -in publicAndprivate.pfx -clcerts -nokeys -out publicCert.pem

To remove the password from the private key file.

openssl.exe rsa -in privateKey.pem -out private.pem

This is required as, at the time of exporting privateKey, you have added a password to the private key to secure it. If you left the password with it, it will keep asking the password as any application tries to access it.

Related posts:

1. SSL Certificate CSR Generation Instructions Apache + Mod_SSL + OpenSSL

1. Prepare your NAS. Make sure it is fully functioning. This mini-guide assumes you already have one that is functioning well, and you know how to manage it.
2. It would be preferable to assign your NAS a Static IP address. Check your router and NAS documentation for guidelines on how to do this.
3. In OS X, open up Terminal and enter the following command to enable Time Machine to work with your NAS: defaults write com.apple.systempreferences TMShowUnsupportedNetworkVolumes 1
4. Log out of OS X and Log in again. You do not need to reboot your machine.
5. Time Machine saves backups in a very specific format, and we will use a sparsebundle to get this done. The sparsebundle name consists of your Computername_MACaddress.sparsebundle.
6. Find the MAC address of the machine’s internal Ethernet port with ifconfig en0 | grep ether | sed s/://g | sed s/ether// in Terminal. This will return one line of output, which is the MAC address for the Ethernet port, which will be a string of 14 hexadecimal characters (letters and numbers, for example, 001ec4b8f9b3). 

Even if the network backups will be done using a different port (e.g. AirPort: usually en1), the system will use the MAC address of en0 as part of the system identifier.
7. Make a new “sparsebundle” on a local disk (NOT the Time Machine disk!). This sparsebundle is a virtual filesystem image which we’ll copy to the NAS, and Time Machine will then access it remotely (that way Time Machine’s not limited by the filesystem features of whatever NAS it’s using: all the funky stuff happens within the sparsebundle). By default sparsebundles can keep growing until they fill up the NAS, but in this scenario we keep other things on the NAS as well as backups, and we’re going to limit the sparsebundle size to 70 GB.Enter the following command in Terminal:
   sudo hdiutil create -size 70g -type SPARSEBUNDLE -nospotlight -volname "Backup of My Mac" -fs "Case-sensitive Journaled HFS+" -verbose ./Computername_MACaddress. This will create a 70GB sparse-bundle as a case-sensitive, journaled HFS+ without spotlight indexing. Substitute variables in red for values you need. Computername_MACaddress may be in the form of “DansComputer_001ec4b8f9b3
   
8. Log into your NAS and create a user Account (Eg, “TimeMachine”). You may want to assign disk space quotas for this user if you need to.
9. On your NAS, create a shared folder (Eg, “TimeMachine”). Add the user account you created in step 8 above, and grant that user Read+Write privileges.
10. In Finder, select Go>Connect to Server. For the server address, type smb://TimeMachine@ip-address-of-nas/TimeMachine. Click Connect and when prompted, enter the password and save in your keychain.
11. Now copy your locally created sparsebundle into the TimeMachine share. If you did not change the folder when you entered command prompt, you may find this sparsebundle in your Home folder (/Users/yourusername).
12. On your NAS, check to see that the file is copied under the correct user account.
13. Open up Time Machine, select your “TimeMachine”-folder as the desired destination, and the backup will start.
14. Tip: For the first backup it is recommended to connect via LAN, as you will be able to get a throughput of 10-30MB/sec.
15. If your NAS allows for it, you may now hide your TimeMachine folder so they do not show up over the network share list.

Hope this helps.

Related posts:

1. Converting vmware server images to esx 3i server images
2. winrm and winrs a management tool for windows 2008

Install and open wireshark (google wireshark) and set it to filter to only pop3 with this:  "tcp.port == 110"

try to login to the pop3 server with telnet like this:

telnet exchangeserver.com 110

user userwithproblem@exchangeserver.com

pass testpassword

list

retr 1

see if you dont get signoff  message in wireshark you might have this problem. Its detailed in KB816896

Make this reg file:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\POP3Svc\Parameters]
"CheckPop3Tail"=dword:00000001

(REMEMBER a return in the end or regedit wont eat the file is its supposed to)

Install the regfile, and restart the pop3 service.

Try and get your mail again.

Hope this helps someone out there

Related posts:

1. How to manually install VMware Converter
2. How to enable missing SIP function in Windows Messenger

apt-get install proftpd openssl

You will be asked a question:

Run proftpd: <-- standalone

Creating The SSL Certificate For TLS

In order to use TLS, we must create an SSL certificate. I create it in /etc/proftpd/ssl, therefore I create that directory first:

mkdir /etc/proftpd/ssl

Afterwards, we can generate the SSL certificate as follows:

openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem

Country Name (2 letter code) [AU]: <-- Enter your Country Name (e.g., "DE").
State or Province Name (full name) [Some-State]: <-- Enter your State or Province Name.
Locality Name (eg, city) []: <-- Enter your City.
Organization Name (eg, company) [Internet Widgits Pty Ltd]: <-- Enter your Organization Name (e.g., the name of your company).
Organizational Unit Name (eg, section) []: <-- Enter your Organizational Unit Name (e.g. "IT Department").
Common Name (eg, YOUR name) []: <-- Enter the Fully Qualified Domain Name of the system (e.g. "server1.example.com").
Email Address []: <-- Enter your Email Address.
4 Enabling TLS In ProFTPd

In order to enable TLS in ProFTPd, open /etc/proftpd/proftpd.conf...

vi /etc/proftpd/proftpd.conf

... and uncomment the Include /etc/proftpd/tls.conf line:

[...]
#

# This is used for FTPS connections
#
Include /etc/proftpd/tls.conf
[...]

Then open /etc/proftpd/tls.conf and make it look as follows:

<IfModule mod_tls.c>
TLSEngine                  on
TLSLog                     /var/log/proftpd/tls.log
TLSProtocol                SSLv23
TLSOptions                 NoCertRequest
TLSRSACertificateFile      /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile   /etc/proftpd/ssl/proftpd.key.pem
TLSVerifyClient            off
TLSRequired                on
</IfModule>

If you use TLSRequired on, then only TLS connections are allowed (this locks out any users with old FTP clients that don't have TLS support); by commenting out that line or using TLSRequired off both TLS and non-TLS connections are allowed, depending on what the FTP client supports.

Restart ProFTPd afterwards:

/etc/init.d/proftpd restart

That's it. You can now try to connect using your FTP client; however, you should configure your FTP client to use TLS (this is a must if you use TLSRequired on) - see the next chapter how to do this with FileZilla.

If you're having problems with TLS, you can take a look at the TLS log file /var/log/proftpd/tls.log.

Related posts:

1. SSL Certificate CSR Generation Instructions Apache + Mod_SSL + OpenSSL
2. SSL Vpn With 2008 Server
3. Installing self signed Certificates on nokia s60 phones

First, go get growl for windows here

Then install it and add your iPhone in "Network". For now set notification priority to all.

Go get Growlnotify and drop the contents in your windows folder.

Now go to your windows 2008 server event collector and add a task to run at a specific event. add something like this line:

c:\windows\growlnotify.cmd /t:"{Topic}" "{Message to send}"

c:\windows\growlnotify /a:{NameOfApp} /r:{NotificationType} /n:{NotificationType} /t:{Topic} "{Message}"

NOTE: The "" is changed by wordpress for some reason. Write them again manually or you will get a "bad arguments" error

The notification type is important as you can specify in growl if a specific notification type is EXTRA important and schould be send to your iphone or just another growl notification server.

And well... PANG you get push notifications on your iPhone (as long as you remember to install prowl first - You get that from the app store! )

No related posts.

winrm enumerate winrm/config/listener

If you get no response them WinRM is not running. To configure WinRM to start automatically and allow for remote access, use the winrm quickconfig command like this:

C:\Users\Administrator> winrm quickconfig
WinRM is not set up to allow remote access to this machine for management.
The following changes must be made:
Create a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.
Make these changes [y/n]? y
WinRM has been updated for remote management.
Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this machine.
C:\Users\Administrator>

Once I configured the quickconfig, I reran the enumeration command with these results:

C:\Users\Administrator> winrm e winrm/config/listener
Listener
Address = *
Transport = HTTP
Port = 80
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 10.253.15.98, 127.0.0.1, ::1, fe80::5efe:10.253.15.98%11, fe80::9583:2148:e1ef:6444%10
C:\Users\Administrator

From this, I know that WinRMis enabled.

Similar in operation to the former Sysinternals tool PSExec, WinRS leverages Windows Remote Management to let you launch processes on remote machines. Where it differs from PSExec is in its ability to easily pass through firewalls in the same way as WinRM. For example, if you want to discover IP information about a remote machine, you can remotely launch ipconfig with the -all switch on that machine using this syntax:

winrs -r:{Remote Host} ipconfig -all

Another handy use of WinRS can be when installing software on remote systems. If you want to quietly install an application using an MSI file onto a remote machine, use the following syntax. This syntax assumes the MSI file has already been deposited into the C:\ folder.

winrs -r:{Remote Host} msiexec.exe /i c:\install.msi /quiet

I have used this for other things as creating a centralised backup with windows backup (Windows 2008 only) and then ship the completion logs directly to the same server. Simply make a batch file containing all our severs like this:

winrs -r:{Remote Host} wbadmin start backup -backupTarget:\\{Remote Host}\backup\weeknumber -include:C: -allCritical -vssFull -quiet

hope you enjoy. Please leve a comment if you liked thic article

Related posts:

1. Shutdown / iisreset or regedit from commandline on remote host
2. Windows Server 2008 Official Direct Download Links
3. Exclude VMware Virtual Adapters from Network Awareness

C:\Windows\Microsoft.NET\Framework\v2.0.50727>caspol -m -ag 1. -url "file://\\1
0.0.0.2\Share\*" FullTrust

Note this has to be done on each server!

To read more about this command look here

for more info about setup of the shared configuration take a look here

Related posts:

1. Microsoft Office 2007 SP1 Installation & Slipstream Guide
2. Rebuilding the WMI Repository

ngrep -q 'HTTP Error 503' port 80

this command gets all trafic on eth0 and on port 80 that includes the line "HTTP Error 503"

tcpdump -i eth0

gets tcp traffic on eth0

ulimit -n 300000

Sets the max numbers of open files

ab -n 100000 -c 500  http://blog.hviidnet.com/

Benchmarks blog.hviidnet.com with 500 concurent connections 100000 times.. (needs to have apache installed)

No related posts.

findstr "abc|def" test.txt

when test.txt has only abc in it.

According to the online tutorial such as http://www.regular-expressions.info/reference.html, abc|efg should match abc. Why?

The reason is pretty simple, findstr does not support the full range of the regular expression. It does not support ?, {n}.

Some basic things works:

findstr "abc.*" test.txt

findstr "[0-9a-f].*" test.txt

Related posts:

1. Regex Basics
2. Powershell: Create a function
3. Finding a string in alot of files from windows commandline

taskkill /IM notepad.exe

Or when you know the process ID, eg 784:

taskkill /PID 784

For more usage variants, type taskkill /?

NB: some of this information about what processes are running can be obtained by the tasklist command.

Related posts:

1. List all processes with the Windows Command Line
2. Finding a string in alot of files from windows commandline
3. winrm and winrs a management tool for windows 2008

c:\>tasklist

Image Name                     PID Session Name        Session#    Mem Usage
========================= ======== ================ =========== ============
System Idle Process              0 Services                   0         24 K
System                           4 Services                   0     21.160 K
smss.exe                       456 Services                   0        996 K
csrss.exe                      584 Services                   0      8.276 K
wininit.exe                    624 Services                   0      5.112 K
csrss.exe                      644 Console                    1     15.304 K
winlogon.exe                   684 Console                    1      7.308 K
services.exe                   720 Services                   0      9.672 K
lsass.exe                      736 Services                   0      2.300 K
lsm.exe                        744 Services                   0      5.804 K
svchost.exe                    900 Services                   0      8.700 K
svchost.exe                    964 Services                   0     10.920 K
svchost.exe                   1000 Services                   0     48.996 K
svchost.exe                    360 Services                   0     18.344 K
svchost.exe                    464 Services                   0    177.740 K

Related posts:

1. To kill a process from windows commandline

Say we have alot of log files that notepad++ and others cant open because they are too big. Lets find what we need from commandline then.

findstr /s /c:"string-im-looking-for" *

Here we use /s to search in subdirectories, and the ending is * wich stands for wich files to search ( *.txt and so on)

The output will look something like this:

test.txt:Where-is-the-string-im-looking-for?

And just pipe that into a textfile and you have what you need. Example follows.

findstr /s /c:"string-im-looking-for" * > c:\results.txt

Have fun finding strings that you need

Related posts:

1. How to use findstr with regular expression
2. How to Search Wiki or Google from Search Box in Windows Vista/7
3. Add search on your site, in Internet Explorer search bar

ALL credit for this article goes to: petri.co.il so if you have any questions go ask them there and be sure to thank them there and not in this thread They deserve it!

When Microsoft Windows 2000 was released many years ago, administrators were blessed with new functionality called Terminal Services which easily allowed remote administration of a server. The functionality or the concept was actually not new. Administrators of Windows operating systems as well as other platforms are plenty familiar with the concept of remote administration. For Windows and some many other platforms, remote administration was accomplished through the use of 3rd party tools which meant the purchase of an extra remote administration tool license for every server that is deployed. While the licensing costs generally weren’t terrible, especially for what is gained in return (ease of remote administration, working from home in your pajamas while smoking a cigar like I’m doing now), the costs could add up quickly for infrastructures with large numbers of servers to remotely administrate. What was new, however, was that Windows 2000 introduced a remote administration tool that was built into the OS with no bolt-on licensing costs needed. The tool was called Terminal Services and other than a few minor quirks that it had such as software installation problems in Terminal Services, drive letters not dynamically added/removed without a logoff/logon, not a true console0, etc., it was a God send and still is to this day.

The release of Windows XP brought us an overhauled remote administration tool. The Terminal Services client was still a viable tool but the version in Windows XP called Remote Desktop Connection was, well, cooler. In typical Microsoft fashion, the new tool brought with it some added functionality to make administrator’s lives even easier.

Fast forward to the year 2006. A new version of the Remote Desktop Connection (5.2) had been released for download from Microsoft which added the ability for more secure communications. Then finally Windows Server 2003 Service Pack 1 was released which delivered a slightly updated version of the tool (5.2.3790.1830) which allows the initiating client to require secure communication with a remote server which is what I wanted to write about a little today. Today we live in a world where security is held in much higher regard. Sure it was talked about in the 1990s and for those who are old school certification nuts, you probably even got a few exam questions on security way back when, but today with the events of 9/11, terrorists, internet availability and anonymity, wireless networks, and computer hacking, maintaining a secure network has really come to the forefront as a hot topic. This writing will showcase a method to securing communications between a server and a client using the Remote Desktop Connection and the Remote Desktop Protocol (RDP).

In the example that follows, we will have a Windows client named client.contoso.com and a server named server.contoso.com which is running Windows Server 2003 SP1. Neither machine is a member of a domain; both are running as members of a workgroup. Our example will make use of digitally signed certificates using with server.contoso.com being a stand alone root CA. In a practical environment, not every server that you RDP to needs to be running a CA, in fact, most servers won’t be running a CA, but since we only have two machines in our example, I chose the server to run the CA services. In your environment, you may already have a stand-alone or enterprise CA. Either can be used to issue certificates to the machines in which you wish to establish a secure RDP session with. It is assumed that by this point, you already have a CA in place in your infrastructure or you are making use of an external CA. You also have configured the server to receive remote desktop connections. In our example, we have obtained a certificate and installed it already on server.contoso.com.

First we configure the server. Under Administrative Tools, open Terminal Services Configuration. Double click RDP-TCP to configure the properties of Terminal Services using the RDP protocol. Under the general tab to the right of the word certificate, click Edit. Choose the installed certificate that you wish to associate with the Terminal Services connection over RDP:

Back under the general tab, you will now be able to choose SSL for the security layer. This is what ultimately requires the use of certificates for the RDP communication on the server side. Take a quick look at the encryption level setting. Choices are client compatible, high, or FIPS. Client compatible means enforce the highest level of encryption that the connecting client supports. High means enforce the highest level of encryption that the server supports. FIPS means enforce FIPS encryption on both the server and the client. FIPS is government approved level of encryption.

Now let’s move over to the client. The first thing we need to is ensure that the client trusts the CA chain that the server’s certificate was issued from. If this has not been done already, I will quickly walk you through the steps involved with a stand-alone CA. On the client, open a web browser and go to http://servername/certsrv/. Click Download a CA certificate, certificate chain, or CRL:

Choose Install this CA certificate chain:

Choose Yes:

Choose Yes:

At this point you can close the web browser on the client machine:

Ensure that on the client, Remote Desktop Connection version 5.2.3790.1830 is installed (read Download RDP 5.2). If it is not installed, you can install it from a server running Windows Server 2003 SP1. The source files are located on the server in c:'windows'system32'clients'tsclient'.

Open the Remote Desktop Connection client. Click on the Options button so that you can view all configurable options. Click on the Security tab. Choose Require Authentication in the pull down box.

Click on the General tab. Enter the FQDN name of the server you will be connecting to. It is important here to enter the FQDN name:

You will receive the following warning. Click the button labeled View Certificate:

Click Install Certificate:

Click Next:

Click Next:

Click Finish:

Click Yes:

Click OK:

Click OK and you the Remote Desktop Connection will close:

Now that the certificate is installed on the client, we may connect. Remember to use the FQDN here because that is what is contained in the server’s certificate:

We have now established a secure encrypted Remote Desktop Connection from the client to the server:

Clicking on the small padlock at the top of the screen ensures are secure connection by displaying the certificate that is in use:

Related posts:

1. SSL Vpn With 2008 Server
2. Installing self signed Certificates on nokia s60 phones
3. How do I save my Outlook Password?