Archive

Author Archive

Quickie: Ceskoslovensko hlada AD superstar

October 23rd, 2012 No comments

Pred casom som nasiel super prednasku o AD, ktoru prezentoval sam Ondrej Sevecek.

Odporucam si ju pozriet, je to velmi zaujimave a velmi dobre prednesene. Bodaj by sme mali takych ludi viacej.

Internet Explorer Proxy Settings via GPO not working

October 22nd, 2012 2 comments

One of our customer just released the beauty and power of GPO. They started to use it more and more. Couple days ago they set brand new GPO with following settings:

  • Proxy IP was set with port 3128 for all protocols
  • Exceptions for couple websites and local addresses

 

IE Proxy GPO

Read more…

Quickie: Batch file didn’t wait for ping command

October 11th, 2012 No comments

Today I was needed to make batch script to ping some IP addresses for problem described in this article. My first script was as following:

@Echo Off

:Loop1

ping 1.1.1.1 -n 1 -w 30000 >NUL

ping 8.8.8.8 -n 1 | find /i “bytes=” || goto FailedPing

goto Loop1

:FailedPing

echo FAILED PRIMARY NET TO VIA 10.0.0.1 %time% >>ping_test.log

route delete 0.0.0.0 mask 0.0.0.0 10.0.0.1

route add 0.0.0.0 mask 0.0.0.0 10.0.0.2

goto Loop1

When I ran this script in cmd.exe or I scheduled it, it ate one CPU core. I didn’t know why it’s happening, because when I ran this commands in cmd.exe separatelly it workied fine. After couple minutes of debugging I found out that script is not waiting for “ping” commands to finish. It was weird. My colleague told me to use “sleep.exe” to make it wait for a little bit. But that was not a solution. I wanted to force it to wait for ping commands. I tried weird thing. Instead of “ping” I used whole path for ping.exe “%SystemRoot%\\System32\\ping.exe” and for command “route” I used “%SystemRoot%\\System32\\route.exe”. Now everything looks and works perfect.

I have no idea why this is happening, but it works and I need to remember it 🙂

Internal Exchange via two Internet connections

October 11th, 2012 No comments

At one of my customer I had following request. They have Exchange server inside their network. They have two Internet connections. All mail communication goes via primary Internet connection. Second Internet connection is used for Internet browsing.

Internal IP network is 10.0.0.0/24. First Internet connection is called primary and there is default gateway at 10.0.0.1/24. Second Internet connection is called backup Internet connection and it’s default dateway is 10.0.0.2/24. Exchange server has IP address 10.0.0.21/24 and it had default gateway 10.0.0.1/24. MX records are registered to public IP address of primary Internet connection. Problem is when primary line goes down. E-mail communication stops completely – e-mails don’t come and don’t leave company.

To solve this problem we need to make two changes:

  • Change MX records for Internet domain
  • Change routing for internal Exchange server

Read more…

Categories: Exchange, Microsoft, Windows Tags: ,

APP-V exclusion in registries

October 8th, 2012 No comments

Last week I was playing with application virtualization. I do have experiences with VMWare Thinapp applications. I already did couple of those virtualized applications. When I was forced to use App-V to create virtualized application I needed to make one application and I needed make this application to write registries into real registries and not to virtual ones. I thought it would be same as in VMWare Thinapp. That means I would expect to set some “isolation” mode on registry branch.

Problem is that you can define only two modes in App-V for registries:

  • Merge with Local Key – This will merge real registries with virtual ones. Change will be written into virtual registries.
  • Override Local Key – This will show only virtual registries to application and changes will be written into virtual registries.

In VMWare Thinapp there are isolation modes (for file system structures and also for registries) defined as following:

  • Full – Real are not shown. Any modification goes into virtual. New elements go into virtual.
  • Merged – Real are shown. Modification of virtual goes to virtual. Modification of real goes to real. New elements go to real.
  • WriteCopy – Real are shown. Modification of virtual goes to virtual. Modification of real goes to virtual. New elements go to virtual.

Read more…

TMG 2010: Site to site clients cannot access TMG server

October 8th, 2012 No comments

When I upgraded from ISA 2006 to TMG 2010 I found some special problem. There was HQ with TMG 2010 and one branch with ASA 5505. Between those two location there was Site to Site VPN tunnel created. Everything worked fine, beside one problem. Users in branch couldn’t access anything on TMG server. They couldn’t ping it or do anything with it. They couldn’t browse Internet, because TMG was also web proxy server for them.

Read more…

Very bad Microsoft KB

October 5th, 2012 No comments

I wanted to solve one issue. This issue is described in article http://support.microsoft.com/kb/2722729. But there are two problems:

  • There is no English version of KB
  • Hotfix cannot be downloaded

I found that I’m not the only one with a same problem and here a question on Microsoft forum. Now we can wait for Microsoft engineers.

 

Categories: Microsoft Tags: , , , , ,

Upgrade from ISA 2006 to TMG2010

September 25th, 2012 No comments

Customer wanted to upgrade his ISA 2006 server to “new” TMG 2010. I thought it would be nice and easy process. It could be if there were no problems which I didn’t expect to be a problem in “new” software. Old server was still functional and I wanted to prepare new server and migrate all settings and certificates.

Requirements

To install all requirements you can install required packages by yourself or you can use Run Preparation Tool from installation screen of TMG. Why didn’t they include it into installation package it self?

Messed up console

When I was done with installation I ran TMG console and I received following error:

An error has occured in the script on this page.

Read more…

Quickie: MaxTokenSize increased significaly in Windows Server 2010 and Windows 8

September 12th, 2012 No comments

Regarding to official blog article from Directory Service Team MaxTokenSize for Access Token tickets, which is four times more than before.

 

 

Quickie: Restart-Computer

September 11th, 2012 No comments

What a cool command in PowerShell 🙂 It doesn’t even ask if you are sure 😀 Boooooooooom….server rebooted.