I needed to do this today because I had setup a pair of servers and it turns out they needed to be Datacenter edition instead of Standard edition. What used to mean you would need to rebuild, is really now just another command to run.
dism /online /Set-Edition:ServerDatacenter /ProductKey:CB7KF-BWN84-R7R2Y-793K2-8XDDG /AcceptEula
It took about 20 minutes or so but Before you tell me I posted my keys … sorry but it’s the KMS client key from Microsoft.
I found this command from ITechLounge.
Longest title in history?
A while back we were doing some troubleshooting and we added an administrator’s account to have read permissions on all of our mailboxes. Mailboxes permissions came up as a topic yesterday in a conversation I was having and I remembered I had meant to clean this up. I could have gone about this a bunch of different ways, but ultimately I wanted to create a script in case I ever needed it again. Continue reading “Remove a single user’s permissions from all mailboxes in Office 365”
From the land of things that were harder than they needed to be. Seems like you need a deep dive in everything to be able to do anything sometimes.
So, on this domain I wanted to use a single host to handle a few subdomains. One for my blog (which you’re on now), and maybe a couple of others for web classes or anything else I may want to mess around with.
Easy enough to do with subdomains and different document root folders on a standard server. And the hosting service does provide different document root folders. I ended up with different FTP root folders for each subdomain which is not what I was looking for. I wanted to use one FTP account and then just upload to the location I wanted for the subdomain I was updating. Continue reading “Using mod_rewrite rules for subdomains to subfolders”
As an admin occasionally you’ll give yourself permissions to a mailbox. And then you’ll remember Outlook conveniently auto-maps that mailbox for you. Easy fix.
Close Outlook. Open Powershell.
Add-MailboxPermission -Identity targetuser@foo -User youradmin@foo -AccessRights FullAccess -AutoMapping:$false
Open Outlook. Enjoy the emptiness of the side bar.
You can/should also (once the mailbox disappears from Outlook) remove the permissions completely.
Remove-MailboxPermission -Identity targetuser@foo -User youradmin@foo -AccessRights FullAccess -InheritanceType All
Shamelessly borrowed from:
# Get login credentials
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -AllowClobber -DisableNameChecking $Host.UI.RawUI.WindowTitle = $UserCredential.UserName + " (Office 365 Security & Compliance Center):"
# search for the email in all mailboxes
New-ComplianceSearch -Name "Easy-To-Identify-Name" -ExchangeLocation all -ContentMatchQuery 'sent>=12/01/2017 AND sent<=12/30/2017 AND subject:"announcement" AND from:"firstname.lastname@example.org"'
Start-ComplianceSearch -Identity "Easy-To-Identify-Name"
# wait a minute and view the results
Get-ComplianceSearch -Identity "Easy-To-Identify-Name"
Get-ComplianceSearch -Identity "Easy-To-Identify-Name" | Format-List
# delete the messages if the results look right
New-ComplianceSearchAction -SearchName "Easy-To-Identify-Name" -Purge -PurgeType SoftDelete
# check when it is completed
Get-ComplianceSearchAction -Identity "Easy-To-Identify-Name_Purge"
Install OpenSSL from here:
Copy the PFX file to the directory you want the .pem files in. Open a command prompt as admin, change to the directory and run these commands:
To export the private key without a passphrase or password.
C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -nocerts -nodes -out serverkey.pem
To export the Certificate
C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -clcerts -nokeys -out servercert.pem
Restart whatever service (in this case it was Tenable Nessus).
I forget this every time I reset my password…
(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Scripts\365SecureString.txt"
$pass = cat "C:\Scripts\365securestring.txt" | convertto-securestring
$mycred_online = new-object -typename System.Management.Automation.PSCredential -argumentlist "UserAccount@contoso.com",$pass
$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist "UserAccount",$pass
Storing this one for later…
$cred = Get-Credential
Enter-PSSession -Credential $cred -Computername <hostname>
Get-DNSClientServerAddress –interfaceIndex XX (Just making sure this is the interface I want to change).
Set-DNSClientServerAddress –interfaceIndex XX –ServerAddresses (“x.x.x.x”,”x.x.x.x”)
Ugh. Ok, so something I came across today that I figured might help someone else out in the future. I’m setting up a new CentOS 7 box and while I was doing that I kept having intermittent network connectivity issues. For some reason I decided NetworkManager needed to get out of my way… so I went about the process of disabling all that nonsense and went back to doing network config the way I know how. I set a reservation in DHCP (temporary), and set ifcfg-eth0 as a static IP along with all the other relevant pieces to get the interface manually configured.
Problem was I couldn’t get the network to come up. Here was my first issue:
Naturally I follow directions and ran “systemctl status network.service -l” and was greeted with:
Relevant bits highlighted. Now I’m pretty sure nothing is using that address since I got it from DHCP … so a bit of Googling led me to this link. The explanation here is that when ifup-eth runs it does an arping to determine if anything is using that address, and if anything replies then it exists the script. The offending section is this: Continue reading “CentOS – Job for network.service failed”
On your DHCP Server
You need this VB Script in the scripts directory of NSClient++ on the DHCP Server:
Change the .doc extension to .vbs or hit the link to Nagios exchange below for the original file.
Now in nsc.ini — Enable NRPEListener.dll and CheckExternalScripts.dll
Also in nsc.ini add the following in the External Scripts Section:
check_dhcp_scope=cscript.exe //T:30 //NoLogo scripts\check_dhcp_scope.vbs
Restart the NSClient++ on the DHCP server.
Continue reading “Monitoring Windows DHCP Scopes with Nagios”