Set NIC to full DHCP via netsh
article #1057, updated 30 days ago

To set a Windows NIC to full DHCP via netsh, do this, replacing “Local Area Connection” to the name of the NIC if it’s not the same:

netsh interface ip set address "Local Area Connection" dhcp
netsh interface ip set dns "Local Area Connection" dhcp
netsh interface ip set wins "Local Area Connection" dhcp

Sometimes, if WINS is set static, you have to do this before WINS can be set DHCP:

netsh interface ip set wins "Local Area Connection" static none

Categories:   Networking Ports & Protocols   Windows OS-Level Issues

==============

Tuning Windows File Servers
article #1056, updated 31 days ago

Some great new guidance:

https://msdn.microsoft.com/en-us/library/windows/hardware/dn567661(v=vs.85).aspx

Categories:   Servers   

==============

End-of-life of common Microsoft products
article #1055, updated 37 days ago

Recently a Microsoft page on the subject went missing, and the replacement doesn’t seem to work in any browser. Here’s a regularly updated one from ZDNet with just Windows and Office:

http://www.zdnet.com/article/when-will-microsoft-pull-the-plug-on-your-version-of-windows-or-office/

Categories:   Applications   

==============

Set all users' AD login script by PowerShell
article #1054, updated 38 days ago

This works well:

import-module activedirectory
get-aduser -filter * | set-aduser -scriptpath filename_in_netlogon.vbs

Categories:   Active Directory   

==============

Change Outlook/Exchange Folder Data Type and Much More
article #1053, updated 38 days ago

Sometimes an import to Outlook gets in all of the data, but the data type of the folder is wrong, so Outlook tries to show (e.g.) a Contacts folder as a list of emails. This was easy to fix in olde versions of Outlook, one just pulled up the properties of the folder and changed the type. The Microsoft lords have decided not to give us this easy way anymore, but one of their many major engineers gave us something which will do this among many other things:

https://github.com/stephenegriffin/mfcmapi

This is a very interesting GUI tool which will connect to a recent working Outlook profile, and permit you to do lots of deep things. It’s interesting to google MFCMAPI to see a few of them. You do need the 32-bit version of MFCMAPI if you have 32-bit Outlook, and 64-bit for 64-bit.

In this case, let’s say we have the situation in which we have imported a Contacts folder, but Outlook is showing it as a list of badly formed email forms. To fix it:

  1. Open the profile in MFCMAPI. (We do not have to close Outlook while this is happening, but we do need to restart it to see results.)
  2. Double-click on the Display Name of the account you wish to open. There may be just one, or more.
  3. A window comes up. Open its tree in the left pane using the little arrow to the left of the name near the upper left corner.
  4. Scroll down and open “Top of Information Store” in the left pane.
  5. Left-click once on the default Contacts folder for the profile, the one that is working well.
  6. Scroll in the right pane, down to PR_CONTAINER_CLASS. Doubleclick on it. Under “Ansi” it should say “IPF.Contact”, this verifies you are in the right place. Click Cancel.
  7. Right-click on PR_CONTAINER_CLASS and choose “Copy property”.
  8. Open and/or scroll in the left pane to the contacts folder which is not working properly.
  9. Right-click anywhere in the right pane, the properties list, and choose “Paste property…”. Complete the little wizard.
  10. The change will be visible immediately in Outlook if it’s open.
  11. However, at least in the case just seen, the change was not synched to EOL. I had to open the original export PST and recopy, after deleting the file in OWA. One thing not tried yet was to do the above with cached-exchange turned off; in theory this might sync directly through Outlook to EOL. Also, MFCMAPI includes folder copy capability, which may make it an entirely different import method, if it works!

MFCMAPI does lots and lots of things, but not everything extremely well :-) For instance, it may throw errors when deleting a folder stored on EOL; if so, use OWA for this, OWA seems to be much more quickly authoritative.

Categories:   Outlook & Exchange   Exchange and Exchange Online

==============

Export Office 365 Mailboxes to PST using eDiscovery
article #1052, updated 41 days ago

Steps:

  1. There will be a ClickOnce application involved for the potentially huge download. If you use Firefox as I do, you’ll want the new Firefox plugin which makes ClickOnce work much better.
  2. Within the O365 tenant’s Exchange admin area, open Permissions, open Discovery Management, and make sure all of Legal Hold, Mailbox Import Export, and Mailbox Search are present. If any of these three are absent, add them. Then scroll down to the bottom, and add your admin login as a Member.
  3. Within the O365 tenant’s Security & Compliance admin area, open Permissions, open eDiscovery Manager. Scroll down to the bottom, and add your admin login as an eDiscovery Administrator.
  4. Log entirely off of the O365 console, to activate the above permissions. Occasionally activation may require 30 minutes or more, but often it is immediate after logoff/logon.
  5. Go back to Security & Compliance, open Search & investigation. Click on eDiscovery.
  6. Create a new case. Name it something like “Export mailbox Grom”, if it’s just one user by the name of Grom that you are exporting.
  7. Open the case. Click on the Search tab. Click the Plus. Name it “mailbox Grom” or something else appropriate. Add the user to search for. Search all sites. Search public folders if you want. Click next. Don’t enter any search delimiters here unless you want a limited result. Click Search. The search is created and begun automatically. It will show you how big the result is. This is the size of the download you will be doing. The download is done by the ClickOnce application, not the browser, but if it’s huge it’s still huge.
  8. Once the search is done, you’ll need to find a little icon in the row of icons just above the list of searches. It’s fourth from the right at this writing, it looks like an arrow pointing down to a dash. Click on that, it will give you the option to “Export the Results”, which you should do as well. This starts the export wizard.
  9. Best to export all items, excluding ones that have unrecognized format, are encrypted, or weren’t indexed for other reasons, unless you have definite reason and knowledge to do otherwise.
  10. One PST file for each mailbox.
  11. No de-duplication, just in case.
  12. Versions for SharePoint documents if you want. In certain circumstances this could get huge.
  13. Start export. Here, unfortunately, is where you learn whether or not the Permissions settings are fully active yet. If they are, it will work; if not, it will tell you that you don’t have permissions sufficient, and you will have to wait.
  14. Once it’s done, click on the Export tab, and then the Refresh double arrow circle. You should see a downloadable export file. Make sure it’s highlighted, and click “Download exported results”, the blue text on the right side towards the bottom.
  15. Click “Copy to clipboard” under the export key. You’ll need this as authentication for the ClickOnce application.
  16. Click “Download results”.
  17. I’m in Firefox, so I click on the button “ClickOnce Install”.
  18. The eDiscovery Export Tool runs. I paste in the export key, and browse to a good path for the download. Then I click Start. And it begins the download! Obviously it may take a very long time for multiple gigs to download, and it even may take the cloud server a few minutes to prepare the download before it starts. But once it starts it is able to use a very large amount of Internet bandwidth if you have it. On a large pipe I watched it run at a consistent 10,000+ KB/second — ten megabytes per second, or 80 megabits per second, or 36 gigabytes per hour; so very large exports are feasible.

Categories:   Exchange and Exchange Online   

==============

Windows Diagnostic Telemetry eating up CPU or hard drive bandwidth
article #1051, updated 43 days ago

Another from the excellent Mike Hunsinger. Windows Diagnostic Telemetry can max out certain resources. It is not necessary. To disable it, run PowerShell as administrator and then:

stop-service diagtrack
set-service diagtrack -startuptype disabled

This service appears to be hidden in Windows 10. It is visible in 8.1 and 7 as “Diagnostic Tracking Service”. More info is here:

http://windowsitpro.com/windows-10/how-turn-telemetry-windows-7-8-and-windows-10

There are three more visible in 10, “Diagnostic Policy Service”, “Diagnostic Service Host”, and “Diagnostic System Host”. The specific roles of all four of these services are not yet clear.

Categories:   Windows OS-Level Issues   

==============

Firewall configuration for Autodesk Services
article #1050, updated 43 days ago

Here:

https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/AutoCAD-requests-to-Autodesk-servers-blocked-by-proxy-servers.html

and here:

https://knowledge.autodesk.com/search-result/caas/sfdcarticles/sfdcarticles/Collaboration-for-Revit-Proxy-Server-and-domain-exceptions-for-Autodesk-A360-services.html

and here:

https://knowledge.autodesk.com/support/fusion-360/troubleshooting/caas/sfdcarticles/sfdcarticles/Fusion-360-cannot-access-the-services-through-proxy.html

are found some very interesting items which may be helpful when configuring either firewalls or proxy servers to work with AutoDesk products. We need to except the following FQDN’s from all proxy intervention on ports 80 and 443:

*.autodesk.com
*.google-analytics.com
*.cloudfront.net
*.virtualearth.net
*.autocadws.com
*.newrelic.com
*.akamaiedge.net
*.amazonaws.com
*.s3.amazon.com
*.edgekey.net
*.getsatisfaction.com
*.autodesk360.com 
*.skyscraper.autodesk.com
*.ssl.google-analytics.com
*.js-agent.newrelic.com
*.hotjar.com
*.optimizely.com
cdn.jsdelivr.net
www.googletagmanager.com
cdn.web-platform.io
*.notifications.api.autodesk.com
*.pubsub.pubnub.com
cdn.jsdelivr.net
akamai.com
*.akamai.com
akamaitechnologies.com
*.akamaitechnologies.com
*.protolabs.com
tracepartsonline.net
*.tracepartsonline.net
mcmaster.com
*.mcmaster.com

Categories:   Application Issues   Firewalls

==============

Use Android Smartphone as High Quality Webcam
article #1049, updated 45 days ago

It’s called DroidCam, and it really works, Windows and Linux.

Under Linux you’ll need kernel module compilation capability, headers only for source. If you use the Adobe Flash Player for camera, or any other V4L version 1 application, you’ll want to start it like the below for the Pale Moon web browser:

LD_PRELOAD=/usr/lib/libv4l/v4l1compat.so palemoon

Categories:   Audio-Video   Linux Desktop Specific

==============

Mount NFS Shares in Linux
article #1045, updated 52 days ago

So you have an NFS server share known to be working, and you want to mount its share(s) on your Linux client machine. Here’s a summary. All commands are in “sudo -s” or root login.

  1. Let’s postulate that the server share is visible on server 10.11.11.10, and its name is “/srv/nfs”.
  2. We need a place to mount the share on this machine. So:
    mkdir /nfs
  3. Next we try it manually:
    mount -t nfs 10.11.11.10:/srv/nfs /nfs
  1. We now make sure that permissions allow users of the mounting machine read/write access to the share. By far the simplest way this author has found to do this, is to have the shared folder and all contents chmoded g+rwXs, chgrped to a sharing-designated group, on the server side. On the client side what’s to do, is to make sure that sharing-designated group exists with the same GID. So let’s say the group we’re designating for sharing setup is called “sharegroup”. Before we set this up, a ls -l from root on the client machine may look something like this:
drwxrwsr-x 11 1000 1001 4096 May 14 04:06 folder1
drwsrwsr-x 25 1000 1001 4096 Apr 19 07:49 folder2
drwsrwsr-x 21 1000 1001 4096 Apr 18 23:53 folder3

If you compare with ls -l of a local folder, you’ll see that the third and fourth fields from the left should be owning username, and owning groupname. The groupname as viewed from the server will be “sharegroup” if things are set according to this method. You will need to add a group on the client side, with the same name and GID, i.e., if ‘1001’ were really the GID as above:

groupadd -g 1001 sharegroup

And then add yourself to ‘sharegroup’ on the local machine:

usermod -a -G sharegroup username

A logoff and logon is then best, to make sure all of the security settings are activated.

  1. Then we set up automount at boot. We do this by adding the following line to the end of /etc/fstab:
10.11.11.10:/srv/nfs   /nfs   nfs   rsize=8192,wsize=8192,timeo=14,_netdev,intr	0 0

The final option “intr” is instead of “hard” or “soft”. It makes NFS transactions explicitly interruptible, which helps prevent corruption if the server goes down.

Categories:   LAN Networking   Linux OS-level Issues