Usually I tend to create DHCP server on Windows Server. However, sometimes there is no server on site. Only what I have are network devices, workstations and voip phones. In those cases I used to create DHCP server on switches. As environment I operate in contains mainly Cisco devices, each location has at least one or more Cisco Catalyst switches (2960 or 3560) it is possible to provide DHCP service using IOS features. Example contains DHCP configuration for network with different VLANs for data, voice and printers.

Below is short description and set of commands demonstrating how to setup:

• DHCP scopes
• Exclusions
• Define DHCP helper on the interface
• Check status of DHCP assignments

(more…)

By default password policy from Active Directory domain will impact ADLDS and users created in ADLDS instance. To prevent domain policies from enforcing password restrictions and rules on ADLDS users one simple setting has to be adjusted:

• ADAMDisablePasswordPolicies

Here is how it looks on computer which has ADLDS instance installed on port 50389:

(more…)

Once you install Ubuntu 18.04 some packages might not be found by default in repositories (example: php7.2-fpm).

If you want to have more packages available just add repository with more packages available 🙂

sudo add-apt-repository universe

Now you can enjoy more standard packages available.

	Windows Server 2012		Windows Server 2012 R2
Feature	Removed	Deprecated	Removed	Deprecated
AD FS v1 Web Agent			x
AD FS in-place upgrade from AD FS 1.0 or “out of box” AD FS 2.0	x
AD FS support for “Resource Group”	x
AD FS support for NT Token mode	x
AD FS support for using AD LDS as an authentication store	x
AD RMS license revocation				x
AD RMS SDK				x
Application Server role				x
Built-in drivers for tape drives				x
Cluster Automation Server COM API	x (made optional)		x (optional)
Cluster.exe command-line interface	x (made optional)		x (optional)
CertObj COM and InetInfo interfaces of the Web Server role				x
Dcpromo.exe		x
Dfscmd.exe				x
Drivers for Jet Red RDBMS and ODBC		x		x
File Replication Service				x
GAA_FLAG_INCLUDE_TUNNEL_BINDINGORDER flat in GetAdaptersAddresses				x
Internet Information Service (IIS) 6.0 Manager				x
Layered Service Providers		x		x
IscsiVirtualDiskSnapshot and associated WMI methods				x
LPR/LPD protocol		x		x
Namespace for version 1.0 of WMI; WMIC (in WMI)		x	x
NDIS version 5.0, 5.1, and 5.2 APIs		x	x
Net DMA	x
Network Access Protection (NAP)				x
Network Information Service (NIS) and Tools (in RSAT)				x
Nfsshare.exe				x
NFSv2 support				x
Oclist.exe	x
ODBC support for 16- and 32-bit applications and drivers		x		x
ODBC/OLEDB support for Microsoft Oracle		x
ODBC/OLEDB support for SQL beyond SQL Server 7 and SQL 2000		x		x
Providers for SNMP, Win32_ServerFeature API, Active Directory, MSClus WMI1.0 (in WMI)		x		x
Recovery disk creation			x
Remote Data Service		x
Role Collector (Ceiprole.exe) and associated API	x
SCSIport host-bus adapter	x
Servermanagercmd.exe		x	x
SIS Limited API				x
Slmgr.vbs options			x
SMB 1.0				x
SMB.sys	x
SMTP and associated management tools		x		x
SQLXMLX		x		x
Storage Explorer snap-in for MMC	x
Storage Manager for SANs snap-in for MMC	x
Subsystem for UNIX-based Applications		x	x
Support for 32-bit cluster resource DLLs	x
Support for hardware drivers for XDDM	x
Support for Microsoft SQL Server prior to 7.0	x
Support for native VGA via the PC/AT BIOS or UEFI CSM	x
Support for Static VMQ	x
Support for Token Rings	x
Support for Visual Studio Analyzer 2003 over ODBC, OLEDB, and ADO	x
System Image Backup (“Windows 7 File Recovery”)			x
Telnet server				x
VM Chimney (also called TCP Offload) (in Hyper-V)	x
Windows Server 2003 domain and functional levels of Active Directory				x
Windows Authorization Manager (AzMan)		x		x
Windows Help executable (WinHlp32.exe)	x
Windows Identity Foundation 3.5				x
Windows Server Resource Manager		x	x
Winsock Direct		x	x
WMI root\virtualization namespace v1 (in Hyper-V)		x	x
XDR schema elements, XSl pattern feature of MSXML3 (in XML)		x		x

Some time ago I had to transfer SQL Server databases from remote retail locations to central system. At that time whol einfrastructure was operating on Microsoft SQL server 2000 and link in remote locations was 128kb/s ISDN. At that time I thought that the best idea will be backup database to local hard disk on SQL server, RAR it and FTP compressed backup of SQL database to headquater. It did work quite well. So, below is a script I scheduled to be run as part of scheduled job defined on SQL Server Agent.

Before script will be used few things have to be customized:

• location for database backups – @archive_path – default: F:\Backup
• location of WinRAR application – @archive_cmd – default: C:\Program Files\WinRAR
• IP address of FTP server – default: 192.168.10.120
• Username and password for FTP user – default: dbupload/password
• Folder on FTP server for backup upload – default: Site_Backup

As there might ba many remote sites uploading backups, each site can have different folder for data transfer.

Here is script to backup SQL Server database and trasfer backup to FTP server:

(more…)

Some handy keyboard shortcuts you can use in Windows 8.1

WINKEY - Toggles between Desktop and Start Menu

Esc  Key - If you have the Desktop running it will exit to desktop whenever in Start Menu

WINKEY + ,  Provides Peak of Desktop if open

WINKEY + B Switch to the Windows Desktop and select the tray notification area.

WINKEY + C  Display Charms and notification

WINKEY + D Switch to the Windows desktop and toggle Show Desktop.

WINKEY + E Switch to the Windows desktop and launch Windows Explorer with Computer view displayed.

WINKEY + F - Search Files using the new Windows Search pane.

WINKEY + I - Display Settings pane for the Start screen.

WINKEY + L - Lock PC and return to Lock screen.

WINKEY + M - Minimize the selected Explorer window.

WINKEY + O - Toggle orientation switching on slate and tablet PCs.

WINKEY + P - Display the new options for items like projectors.

WINKEY + Q - Search within Apps using the new Windows Search pane.

WINKEY + R - Switch to the Windows desktop and display the Run box.

WINKEY + U - Switch to the Windows desktop and launch the Ease of Access Center.

WINKEY + X - Switch to the Windows desktop and Administrative tools.

WINKEY + Z - Display the App Bar in a Metro-style app.

WINKEY + 1, WINKEY + 2,  WINKEY + 3 ,,,,  Launches each of the classic desktop Task Bar apps from Left to right.

These are Windows Classic Desktop Keys

WINKEY + .  List all Running Apps

WINKEY + 1, WINKEY + 2,  WINKEY + 3 ,,,,  Launches each of the classic desktop Task Bar apps from Left to right.

WINKEY + B - Select the tray notification area.

WINKEY + C - Display Charms and notification

WINKEY + D - Toggle Show Desktop. Very cool feature to help find other apps / shortcuts on desktop

WINKEY + E. Launch Windows Explorer with Computer view displayed.

WINKEY + F - Search Files using the new Windows Search pane.

WINKEY + I - Display Settings pane for Windows Desktop

WINKEY + L - Lock PC and return to Lock screen.

WINKEY + M - Minimize the selected Explorer window.

WINKEY + O - Toggle orientation switching on slate and tablet PCs.

WINKEY + P - Display the new options for items like projectors.

WINKEY + Q - Search (within) Apps using the new Windows Search pane.

WINKEY + R - Display Run box.

WINKEY + U - Launch Ease of Access Center.

WINKEY + W - Search Settings using the new Windows Search pane. Defaults to Settings first

WINKEY + X - Switch to the Windows desktop and Administrative tools.

WINKEY + Left or Right Arrow - Aero Snap Moves position of selected app.

WINKEY + Up Arrow - Will Maximize Selected App

WINKEY + Down Arrow - Will Change app from Maximize to Normal then to Task Bar of Selected App

Another small app written in Adobe Flex. This time to decrypt passwords stored in Cisco VPN PCF file. Just simply copy enc_GroupPwd or enc_UserPassword to decryptor and click Decrypt button 🙂

Using this small app you can decode:

• enc_GroupPwd – VPN group password from PCF file
• enc_UserPassword – VPN user password from PCF file

For that small webapp to work Adobe Flash Player is required.

(more…)

Once you install CentOS 7, by default firewalld will block almost all network traffic.

In order to open ports for certain services you can easily reconfigure firewall using firewall-cmd command.

[root@localhost firewalld]# firewall-cmd --get-active-zones
public
  interfaces: eno16777728
[root@localhost firewalld]# firewall-cmd --zone=public --add-port=80/tcp --permanent
success
[root@localhost firewalld]# firewall-cmd --reload
success

Example contains port 80, however you can open any port using same method.
It is worth to check zones configured on your machine and make sure you open port in proper zone where service should be enabled.

Little issue with OpenSSL for Windows came out recently when I tried to create certificate request. Just after installation when tried to generate cert request got error message:

WARNING: can't open config file: /usr/local/ssl/openssl.cnf
Unable to load config info from /usr/local/ssl/openssl.cnf

Reason was that by default OpenSSL couldn’t find configuration file (even if it was located in same folder as excutable file).

So, to fix it just set environmental variable with information where openssl.cfg file is located:

set OPENSSL_CONF=c:\OpenSSL-Win32\bin\openssl.cfg

You can consider adding this to system environmental variables.

Sometimes when ShoreTel ShoreGear switches connected to infrastructure might have old version of the firmware. In theory ShoreTel HQ Director should upgrade firmware on devices to bring it to current version across the infrastructure. However sometimes that fails and there is a need to enforce apropriate firmware on device.

In order to enforce firmware on ShoreTel switch best is to logon to ShoreTel HQ Director server and issue burnflash command as shown below:

C:\Program Files\Shoreline Communications\ShoreWare Server>burnflash -switch 192.168.20.31
Shoreline Communications BurnFlash Utility (Version 14.21.4905.0)
  Burning flash for switch "192.168.20.31" (192.168.20.31).
  Current switch info:
      Internet Address: 192.168.20.31
      Ethernet Address: 00-10-49-00-00-00
Product Code: IPBX-SG4_T1
Firmware Version: 12.5.8107.0
           Patch Level: 0
       BootRom Version: 1.1.3.17
               Up Time: 0 days 00:28:21 (booted from Flash)
          POST Version: 3
TMS 5460: NccBurnFlash(...,0,192.168.20.31): Start
TMS 5460:                       : FileA Type=2,Unit=0,Language=
TMS 5460:                       : FileB Type=2,Unit=2,Language=en-US
TMS 5460: NccBurnFlashWorker2[192.168.20.31]: WSASocket() --> 1616 (Error: 0)
   12.50 MBytes (100%) transferred to flash unit 0.
TMS 5460: NccBurnFlashWorker2[192.168.20.31]: WSASocket() --> 1616 (Error: 0)
    1.13 MBytes (100%) transferred to flash unit 2.
  Rebooting switch.
TMS 5460: NccBurnFlash[192.168.20.31]: End. hr = 0x0
  Waiting up to 180 seconds for switch to start.
  Waited 103.4 seconds ... connected.
  Current switch info:
      Internet Address: 192.168.20.31
      Ethernet Address: 00-10-49-00-00-00
          Product Code: IPBX-SG4_T1
      Firmware Version: 14.21.4905.0
           Patch Level: 0
       BootRom Version: 1.1.3.17
               Up Time: 0 days 00:00:00 (booted from Flash)
          POST Version: 3

Sometimes burnflash process has to be repeated twice to upgrade firmware correctly.
After burnflash power off device for 20 seconds and power back on.