IT.TheLibrarie.Com Ramblings Of An IT Person

December 4, 2018

RDS Default Printers

Filed under: Microsoft — bsdman @ 9:04 am

We had an aging RDS 2012R2 farm that was in need of some upgrades; Installed RDS2016 and hoped it would fix a few issues. Overall it’s pretty good, but we made the mistake of not realizing the 2012 licenses were NOT under SA, so we had to reorder license CALs.

One of the major issues was when a user logged in and attempted to print, they would need to re-add their printer and set the defaults every time they logged in. A workaround would be to assign specific users to specific printers using GPO, but that gets a bit messy when we have users migrating between sites, locations, etc.

Open Regedit
Add the following REG_DWORD Value to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\Client Side Rendering Print Provider
RemovePrintersAtLogoff VALUE: 0

I rebooted afterwards and then verified it is working.

October 16, 2018

Show Sender’s Domain In Outlook View

Filed under: Microsoft — bsdman @ 10:23 am

While DKIM and SPF records have curbed some of the phishing attempts that “come from” my domain, there are still many times that users are confused as to why the CEO is emailing them wanting to change bank information or to buy hundreds of dollars of iTunes gift cards. I’m usually met with a “just block it” mentality. My best example is to say “Hello, my name is Bob Dole, pleasure to meet you”. They know I’m not actually Bob Dole, but that doesn’t prevent me from saying I’m Bob Dole. Then I show them my ID and tell them that’s similar to looking at the technical mail headers to figure out who sent this message (more importantly where it came from). And yes, before anyone asks, my ID is different from “Bob Dole”.

That being said, we created a rule for certain executives to prevent someone from doing something stupid (generally with money involved). All of our Executives, HR, and the Payroll team have a rule setup that when a sender shares the same name as one of those team members, AND is an external sender, I pre-append the message “*** THIS MESSAGE MAY BE PHISHING AS IT ORIGINATES FROM OUTSIDE THIS ORGANIZATION***”. I thought that would be enough, but we are still getting tickets asking if those messages are legit.

So now onto the actual meat of the post – to show the sender’s domain name in our standard outlook view. I wish it were as simple as choosing this in the field chooser, but alas…

*Note* this is on a per-folder view – not mailbox specific – and does not affect mobile or OWA access views. This also assumes you’re on Office2010 or later (I’m on 2016 FYI).

Open the mail folder you want to view sender domains (in my case it’s the Inbox).

Click on View, then on the Add Columns button

Now click on the New Column… button

Name: Sender Domain
Type: Formula
Click on the Edit button
Enter this text: right([SearchFromEmail],len([SearchFromEmail])-InStr(1,[SearchFromEmail],”@”))
Click OK

Now we should be back in the Show Columns/Field dialog where you can select your newly created column and move it “up” to where you want it to show. I end up showing it between Attachment and From fields.

March 5, 2018

Click to Run Office, Install Visio

Filed under: Microsoft — bsdman @ 4:20 pm

I needed to install Visio on my laptop. Laptop, running Win10 Pro 1709, already had Office 365’s office version installed.
Visio was part of our VLSC/Business Center downloads. I noticed I had MAK keys and C2R-P MAK keys for the ODT.
I tried to just install from the downloaded ISO but it said something about 32/64bit product conflicts. I fixed that (https://answers.microsoft.com/en-us/msoffice/forum/msoffice_install-mso_win10/office-16-click-to-run-extensibility-component-64/e79ee5bd-f119-4808-9bb2-289dd815b76a) but then had it error out with something like “this product doesn’t work well with the click to run installed programs”.

Download the Visio ISO (or replace visio with another product)
Download the Office Deployment Tool. “Install” this by double clicking (it just extracts to a you-get-to-choose working folder).
Comes with 2 files; setup.exe and configuration.xml

Edit the xml file
<Configuration> <Add OfficeClientEdition=”64″ > <Product ID=”VisioProXVolume” PIDKEY=”69WXN-MBYV6-22PQG-3WGHK-RM6XC”> <Language ID=”en-us” /> </Product> </Add> </Configuration>
Save

Open a command prompt (or shift + right-click open powershell in this window) and navigate to wher your xml and exe files are.

Download the required setup files
setup.exe /download configuration.xml

Install the setup files
setup.exe /configure configuration.xml

Visio is now installed!

https://docs.microsoft.com/en-us/deployoffice/use-the-office-deployment-tool-to-install-volume-licensed-editions-of-visio-2016
https://docs.microsoft.com/en-us/deployoffice/overview-of-the-office-2016-deployment-tool

October 20, 2017

Create a Shared Mailbox MS Exchange 2010

Filed under: Microsoft — bsdman @ 3:06 pm

On prem shared mailbox. May be one of my last posts about exchange being not in O365-land.

Open the Exchange Management Shell EMS

Create the mailbox
New-Mailbox -Name MAILBOXNAME -Alias ALIASNAME -OrganizationalUnit "OU path" -Database "DATABASE" -UserPrincipalName EMAILADDRESS -Shared

Give permissions to the mailbox
Add-MailboxPermission MAILBOXNAME -User "DOMAIN\USERNAME" -AccessRights FullAccess
Or
Add-ADPermission MAILBOXNAME -User "DOMAIN\USERNAME" -ExtendedRights Send-As

Convert a User mailbox to a shared mailbox
Set-Mailbox "" -Type shared
Add-MailboxPermission MAILBOXNAME -User "DOMAIN\USERNAME" -AccessRights FullAccess
Add-ADPermission MAILBOXNAME -User "DOMAIN\USERNAME" -ExtendedRights Send-As

Login Windows Automatically

Filed under: Microsoft — bsdman @ 2:56 pm

I recently acquired some Intel Computesticks (m3 1.6ghz, 4GB, 64gb storage, abgn) and was going to use them as digital signage systems – total side note but they work remarkably well for digital signage, especially with Xibo).

I needed them to automatically log into windows with no user interactions when rebooting.

Run Netplwiz
Windows + R
Netplwiz

Uncheck the Users must enter a user name and password to use this computer
Enter the password for an automatic user login. I used a local account.

You can also use the registry to do it:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
DefaultUserName enter a value of domain\youraccount, or MicrosoftAccount\yourMSemail@domain.tld, or username
New String Value for DefaultPassword (if it doesn’t exist)
Enter your password (yes, clear text)
Change the value for AutoAdminLogon to 1

**EDIT**
apparently there’s an Autologon by sysinternals too. For win10.

Solarwinds Syslog Database Cleanup

Filed under: Microsoft,Miscellaneous — bsdman @ 2:36 pm

So my last senior systems administrator decided to install solarwinds on a virtual machine as a standalone package (solarwinds, licensing, sql express). He came to me a day or two later saying that he needed to migrate the database from SQL express to our production SQL server as the instance was at the maximum allowed by SQL Express. He said it was eating up almost 20GB of space – which means he filled up the first database and created a secondary and then filled that one up too (SQL Express has a 10GB per database limit).

After being unable to migrate the database from Express to Standard for 2 days, he just starts it over on the production SQL instance. Long story short we were chewing through about 18GB of database disk space every day. The admin had, for some reason, enabled syslog with Debugging on all network equipment. Damn.

So I needed to delete about 180GB worth of syslogs and, knowing my previous experiences between delete and truncate, decided to just drop the entire table:

Truncate all syslog:
Open SQL Studio Manager
Run a new query
Truncate Table Syslog

Delete Old Syslogs:
Open SQL Studio Manager
Delete from Syslog Where datetime <= '4/24/2016'

September 21, 2017

Send on behalf of Distribution Group

Filed under: Microsoft — bsdman @ 11:59 am

I have an Exchange 2010 server on prem – needed to grant send on behalf to a user for a distribution list. In this case the distribution list is called “Events”. However, every time I would change the permissions I noticed that the previous entries were removed.

List Group Current Permissions
Get-DistributionGroup "Events" | fl name,grant*

Replace Granted Users List
Set-DistributionGroup "Events" -GrantSendOnBehalfTo "Some User", "Another User", "Third User"

Add Additional Users
Set-DistributionGroup "Events" -GrantSendOnBehalfTo @{add="New Hire", "Manager Name"}

Remote Users
Set-DistributionGroup "Events" -GrantSendOnBehalfTo @{remove="Recently Fired", "Another User"}

« Newer PostsOlder Posts »

Powered by WordPress