Archive for the ‘Windows’ Category

How to backup Outlook Mailbox / Export Exchange Mail backup to .pst

Tuesday, November 17th, 2020

In the corporate world most of us are forced to use as a desktop environment some kind of Windows version 7 / 8 / 10 version with Outlook configured to use Microsoft Exchange MailServer mailbox set to use POP3 or IMAP account.
Sometimes for new employees for Knowledge transfer purposes having a backup copy of some employee who was laid off or as most of the times has left the company for a better position or simply due to boredom.

Even just for backup purposes in case if by mistake you have deleted some mails out of your mailbox it is useful thing to create a Mailbox backup of whole mail address data especially as with time the amount of Emails grows to many, many thousand of emails year by year and under some circumstances where you have a Mailbox data Limit to up to lets say 4 Gigabytes per mailbox it is useful to periodically clean up old mails, but for the historical reference to create a backup of old email.

Even at some times it is useful to create a whole backup of mailbox every year and then delete the content of Mail data for this year from Outlook.

Export of mail data in Outlook configured email is exported to .PST file format – [ MS-PST ]: Outlook Personal Folders.

Each Personal Folders File (.PST) represents a Message store that contains an arbitrary hierarchy of Folder objects, which contains Message objects, which can contain Attachment objects. Information about Folder objects, Message objects, and Attachment objects are stored in properties, which collectively contain all of the information about the particular item.

If you want to back up the message folders locally to work PC (in addition to keeping them on the Exchange server), you can automatically move or delete older items with AutoArchive (feature of Outlook) or export the items to .pst file that you can restore later as needed and use by importing.

So how to backup / export your Email correspondence to .PTS?

1. Select File -> Open & Export -> Import/Export

2. Select Export to a file, and then select Next.

outlook-backup-emails-to-pst-file-howto-2

3. Select Outlook Data File (.pst), and select Next.

outlook-backup-emails-to-pst-file-howto-3

4. Select the mail folder you want to back up and select Next.

outlook-backup-emails-to-pst-file-howto-4

5. Choose a location and name for your backup file, and then select Finish.

To ensure no one has access to your .pst files, after finish you'll be prompted to enter and confirm a password (or if you don't want pass leave pass field as empty), and then select OK.

The produced .pst file will be stored by default under C:\Users\Username\Documents\Outlook Files.

The messages that you keep in a .pst file are no different from other standard messages in outlook. You can forward, reply, or search through the stored messages as you do with other messages.

Tags: backup copy, create, Emails, How to, mailbox, Outlook Personal Folders, PST, Select Export, times, year

Tags: backup copy, create, Emails, How to, mailbox, Outlook Personal Folders, PST, Select Export, times, year
Posted in Outlook, System Administration, Various, Windows | No Comments »

Set Domain multiple alias (Aliases) in IIS on Windows server howto

Saturday, October 24th, 2020

On Linux as mentioned in my previous article it is pretty easy to use the VirtualHost Apache directive etc. to create ServerName and ServerAlias but on IIS Domain multiple alias add too me a while to google.

<VirtualHost *>
ServerName whatevever-server-host.com
ServerAlias www.whatever-server-host.com whatever-server-host.com
</VirtualHost>

In click and pray environments as Winblows, sometimes something rather easy to be done can be really annoying if you are not sure what to do and where to click and you have not passed some of the many cryptic microsoft offered ceritification programs offer for professional sysadmins, I'll name a few of them as to introduce UNIX guys like me to what you might ask a M$ admin during an interview if you want to check his 31337 Windows Sk!lls 🙂

Microsoft Certified Professional (MCP)
Microsoft Technology Associate (MTA) –
Microsoft Certified Solutions Expert (MCSE)-
Microsoft Specialist (MS) etc. –

A full list of Microsoft Certifed Professsional program here.

Ok enough of balling.

Here is how to create a domain alias in IIS on Windows server.

Login to your server and click on the START button then ‘Run’¦’, and then type ‘inetmgr.exe’.

Certainly you can go and click trough the Administrative tools section to start ISS manager, but for me this is fastest and easiest way.

create-domain-alias-on-windows-server-1a

Now expand the (local computer), then ‘Web Sites’ and locate the site for which you want to add alias (here it is called additional web site identification).

Right click on the domain and choose ‘Properties’ option at the bottom.

This will open the properties window where you have to choose ‘Web Site’ and then to locate ‘Website identification‘ section. Click on the ‘Advanced’¦’ button which stands next to the IP of the domain.

create-domain-alias-on-windows-server-2a
Advanced Web site identification window (Microsoft likes to see the word ‘Advanced’ in all of the management menus) will be opened, where we are going to add a new domain alias.

Click on the ‘Add’¦’ button and ‘Add/Edit website (alias)identification’ window will appear.

Make sure that you will choose the same IP address from the dropdown menu, then set the port number on which your web server is running (the default is 80), write the domain you want, and click ‘OK’ to create the new domain alias.

Actually click ‘OK’ until you have ‘Advanced Web site identification’ and the domain properties windows closed.

Right click on the domain again and ‘Stop’ and ‘Start’ the service.
This will be enough the IIS domain alias to start working.

create-domain-alias-on-windows-server-5a

Another useful thing for novice IIS admins that come from UNIX is a domain1 to domain2 redirect, this is done with writting an IIS rule which is an interesting but long topic for a limited post as like this, but just for the reference of fun to let you know this exist.

Domain 1 to Domain 2 Redirect
This rule comes handy when you change the name of your site or may be when you need to catch and alias and direct it to your main site. If the new and the old URLs share some elements, then you could just use this rule to have the matching pattern together with the redirect target being

domain1-to-domain2-redirect-iis

That's all folks, if you enjoyed the clicking laziness you're ready to retrain yourself to become a successful lazy Windows admin who calls Microsoft Support everyday as many of the errors and problems Windows sysadmins experience as I heard from a friend can only be managed by M$ Support (if they can be managed at all).

Yes that's it the great and wonderful life of the avarage sysadmin. Long live computing … it's great! Everyday something broken needs to get fixed everyday something to rethink / relearn / reupdate and restructure or migrate a never ending story of weirdness.

A remark to make, the idea for this post is originated based on a task I had to do long time ago on IIS, the images and the description behind them are taking from a post originally written on Domain Aliasing in IIS originally written by Anthony Gee unfortunately his blog is not available anymore so credits goes to him.

Tags: alias, create, exe, howto, IIS, Long, Set Domain, something, unix, Windows Sk

Tags: alias, create, exe, howto, IIS, Long, Set Domain, something, unix, Windows Sk
Posted in IIS, System Administration, Various, Windows | No Comments »

Use multiple certificates using one IP address (same IP address) on IIS Windows web server

Saturday, October 24th, 2020

If you had to administer some Windows webservers based on IIS and you're coming from the Linux realm, it would be really confusing on how you can use a single IP address to have binded multiple domain certificates.

For those who have done it on linux, they know Apache and other webservers in recent versions support the configuration Directive of a Wildcard instead of IP through the SNI extension capble to capture in the header of the incoming SSL connection the exact domain and match it correctly against the domain with the respective certificate. Below is what I mean, lets say you have a website called yourdomain.com and you want this domain to be pointing to another location for example to yourdomain1.com

For example in Apache Webserver this is easily done by defining 2 separate virtualhost configuration files similar to below:

/etc/apache2/sites-available/yourdomain.com

<Virtualhost *>
…
Servername yourdomain.com
ServerAlias www.yourdomain.com
….

SSLCertificateFile /etc/letsencrypt/live/yourdomain1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain1.com/privkey.pem
</VirtualHost>

/etc/apache2/sites-available/yourdomain1.com

<Virtualhost *>
…
Servername yourdomain1.com
ServerAlias yourdomain1.com
…

SSLCertificateFile /etc/letsencrypt/live/yourdomain1.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain1.com/privkey.pem
</VirtualHost>

Unfortunately for those who still run legacy Windows servers with IIS version 7 / 7.5 your only option is to use separate IP addresses (or ports, but not really acceptable for public facing sites) and to bind each site with it's SSL certificate to that IP address.

IIS ver. 8+ supports the Server Name Indication extension of TLS which will allow you to bind multiple SSL sites to the same IP address/port based on the host name. It will be transparent and the binding will work the same as with non-HTTPS sites.

In Microsoft IIS Webserver to configure, it is not possible to simply edit some configurations but you have to do it the clicking way as usually happen in Windows. thus you will need to have generated the Domain Certificate requests and so on and then you can simply do as pointed in below screenshots.

howto-install-iis-8-webserver-ssl-sni-certificate-windows-screenshot

iis-config-domain-alias-windows-server-iis-8-webserver

iis-config-domain-alias-windows-server-iis-8-webserver-1

iis-config-domain-alias-windows-server-iis-8-webserver-2

iis-config-domain-alias-windows-server-iis-8-webserver-3

iis-config-domain-alias-windows-server-iis-8-webserver-4

Tags: address, coming, domain certificate, IIS, pem, SSL, using, webservers, website, Windows

Tags: address, coming, domain certificate, IIS, pem, SSL, using, webservers, website, Windows
Posted in IIS, System Administration, Web and CMS, Windows | No Comments »

Fix Blocked Unresponsive keyboard keys on Windows 7 / 10

Tuesday, February 25th, 2020

The Problem

If you're still using Windows 7 Operating system in your company due to some weird security concern policies and your company gets custom end user updates from Microsoft due to a special EULA agreement and you are new to using Windows E.g. have for many users used for your daily work Linux and Mac OS you might hit a strange issue wtih many of the keyboard keys strangely being locked with some of the keys such as Num Lock, Escape tab working where the Alphabet keys then don't panic. This is not a Windows bug its a feature (as usual) 🙂

Reason behind Blocked Unresponsive Keyboard

First logical thought I had is maybe my Logitech K120 Membrane 17 EURO cheap keyboard externally attached keyboard broke up thus I've tried to connect another LOGIC keyboard I had at hand just to assure myself the problem with partial keys on kbd reacting was present with the other Working keyboard as well.
This was an indicator that either the custom installed Windows by the company Helpdesk Office with the preassumed common additional features for corporations such as Keyloggers on this Laptop has messed up somohow the Windows service that is managing the keyboard or some kind of mechanical error or electronic circuit on the laptop embedded keyboard has occured or the KBD DLL Loaded driver damaged …
I have to say here a colleague of mine was having a weird keyboard problems back in the day when I was still working in Project Services as a Web and Middleware in Hewlett Packard, where misteriously a character was added to his typed content just like a key on his keyboard has stuck and he experienced this issue for quite some time, he opened the keyboard to physically check whether all is okay and even checked the keyboard electricity whether levels on each of the keys and he couldn't find anything, and after running Malware Bytes anti-malware and a couple of other anti-malware programs which found his computer was infected with Malware and issue resolved.

Hard Fix – Reboot ..

As as a solution most times so far I've restarted the Windows which was reloading the Windows kernel / DLL libraries etc.

However just hit to this Windows accessibility feature once again today and since this is not the first time I end up with unworking keyboard (perhaps due to my often) furious fast typing – where I press sometimes multiple keys in parallel as a typing error then you trigger the Windows Disabled accessibiltiy Windows Feature, which as I thought makes the PC only usable for Mouse but unusuable for providing any meaningful keyboard input.

This problem I've faced already multiple times and usually the work around was the good known Windows User recipee phrase "Restart and It will get fixed", this time I was pissed off and didn't wanted to loose another 5 minutes in Restarting Reconnecting to the Company's Cisco Secure VPN reopening all my used files Notepad++ / Outlook / Browsers etc plus I was already part of online Lync (Skype) Meeting in which Colleague was Sharing his remote Desktop checking some important stuff about Zabbix Monitored AIX machine, hence didn't wanted to restart but still wanted to use my computer and type some stuff to send Email and do a simple googling.

Temporary work around to complete work with Virtual Keyboard

Hence as a temporary work around, I've used the Windows Virtual Keyboard, I've mentioned it in the earlier blog post – How to run Virtual Keyboard in Windows XP / Vista article.
To do so I'verun by typing osk command in cmd.exe command Prompt:

Either Search for osk.exe from Start menu

or run via command line via

Windows Button (on the Keyboard) + R and run

cmd.exe -> osk

windows-7-osk-virtual-keyboard-screenshot2

Solution Without PC Restart

After a bit of thought and Googling I've found the fix here

From the Start -> Control Panel from here I had to go to Accessibility Options.
Select Ease of Access Center.

Keyboard_Locked-Windows_7_Accessibility_Options-HP-Customer-Support

Select the keyboard settings and
Ensure the following options are unchecked: Turn on Sticky Keys, Turn on Toggle Keys and Turn on Filter Keys.

Keyboard-Locked_Find-Out-How-to-Unlock-make-keyboard-easier-to-use

I've found in the Turn on Toggle Keys tick present (e.g. service was enabled) – hence after unticking it and

Press Apply and OK, keyboard restored its usual functions.
Now all left was to Enjoy as your keyboard was back usable and I could conitnue my Citrix sessions and SSH console Superputty terminals and complete my started to write E-mail
without loosing time meanlessly for reboot.

N.B. !!!! A VERY IMPORTANT NOTE TO MAKE IS IF NOTHING ELSE HELPS PLEASE TRY TO RUN OSK ViRTUAL KEYBOARD
UNDER SOME OCCASIONS THE VIRTUAL KEYBOARD FORCES THE WINDOWS KEYBOARD DRIVER TO RELOAD AND THAT WILL FIX THE KEYBOARD !!!

Windows 10 Disable the Filter Keys option

This feature makes your keyboard ignore brief or repeated keystrokes, which might have led to your WinKey issue in Windows 10. To disable filter keys, use the instructions below:

1. Right-click on your Start menu icon.
2. Select Settings from the menu.
3. Navigate to Ease of Access and click on it.
4. Go to the left pane and click Keyboard.
5. Locate the Filter Keys feature.
6. Toggle it off.
7. Check if this manoeuvre has resolved your issue.

Closing Notes

Of course this might be not always the fix, as sometimes it could be that the Winblows just blows your keyboard buffer due to some buggy application or a bug, but in most of the times that should solve it 🙂
If it didn't go through and debug all the other possible reasons, check whether you have a faulty keyboard cable (if you're still on a non-bluetooth Wired Keyboard), unplug and plug the keyboard again,
scan the computer for spyware and malware, rethink what really happened or what have you done until the problem occured and whether blocked keyboard is triggered by your user action or was triggered
by some third party software anti-virus stuff that did it as an attempt to prevent keylog sniffer / Virus or other weird stuff.

Tags: fix blocked keyboard, osk, plug, unblock keyboard keys, ungplug, USB, virtual keyboard, windows 10, windows 7

Tags: fix blocked keyboard, osk, plug, unblock keyboard keys, ungplug, USB, virtual keyboard, windows 10, windows 7
Posted in Windows | No Comments »

Check when Windows Active Directory user expires and set user password expire to Never

Thursday, January 9th, 2020

If you're working for a company that is following high security / PCI Security Standards and you're using m$ Windows OS that belongs to the domain it is useful to know when your user is set to expiry
to know how many days are left until you'll be forced to change your Windows AD password.
In this short article I'll explain how to check Windows AD last password set date / date expiry date and how you can list expiry dates for other users, finally will explain how to set your expiry date to Never
to get rid of annoying change password every 90 days.

1. Query domain Username for Password set / Password Expires set dates

To know this info you need to know the Password expiration date for Active Directory user account, to know it just open Command Line Prompt cmd.exe

And run command:

NET USER Your-User-Name /domain

net-user-domain-command-check-AD-user-expiry

Note that, many companies does only connect you to AD for security reason only on a VPN connect with something like Cisco AnyConnect Secure Mobility Client whatever VPN connect tool is used to encrypt the traffic between you and the corporate DMZ-ed network

Below is basic NET USER command usage args:

Net User Command Options

Item Explanation

net user   Execute the net user command alone to show a very simple list of every user account, active or not, on the computer you're currently using.

username   This is the name of the user account, up to 20 characters long, that you want to make changes to, add, or remove. Using username with no other option will show detailed information about the user in the Command Prompt window.

password   Use the password option to modify an existing password or assign one when creating a new username. The minimum characters required can be viewed using the net accounts command. A maximum of 127 characters is allowed1.
*   You also have the option of using * in place of a password to force the entering of a password in the Command Prompt window after executing the net user command.

/add   Use the /add option to add a new username on the system.
options   See Additional Net User Command Options below for a complete list of available options to be used at this point when executing net user.

/domain   This switch forces net user to execute on the current domain controller instead of the local computer.

/delete   The /delete switch removes the specified username from the system.

/help   Use this switch to display detailed information about the net user command. Using this option is the same as using the net help command with net user: net help user.
/?   The standard help command switch also works with the net user command but only displays the basic command syntax. Executing net user without options is equal to using the /? switch.

2. Listing all Active Directory users last set date / never expires and expiration dates

If you have the respective Active Directory rights and you have the Remote Server Administration Tools for Windows (RSAT Tools), you are able to do also other interesting stuff,

such as

– using PowerShell to list all user last set dates, to do so use Open Power Shell and issue:

get-aduser -filter * -properties passwordlastset, passwordneverexpires |ft Name, passwordlastset, Passwordneverexpires

get-aduser-properties-passwordlastset-passwordneverexpires1

This should show you info as password last set date and whether password expiration is set for account.

– Using PS to get only the password expirations for all AD existing users is with:

Get-ADUser -filter {Enabled -eq $True -and PasswordNeverExpires -eq $False} –Properties "DisplayName", "msDS-UserPasswordExpiryTimeComputed" |
Select-Object -Property "Displayname",@{Name="ExpiryDate";Expression={[datetime]::FromFileTime($_."msDS-UserPasswordExpiryTimeComputed")}}

If you need the output data to get stored in CSV file delimitered format you can add to above PS commands

| export-csv YOUR-OUTPUT-FILE.CSV

3. Setting a user password to never Expiry

If the user was created with NET USER command by default it will have been created to have a password expiration.
However if you need to create new users for yourself (assuming you have the rights), with passwords that never expire on lets say Windows Server 2016 – (if you don't care about security so much), use:

NET USER "Username" /Add /Active:Yes

WMIC USERACCOUNT WHERE "Name='Username' SET PasswordExpires=False

NET-USER-ADD_Active-yes-Microsoft-Windows-screenshot

NET-USER-set-password-policy-to-Never-expiry-MS-Windows

To view the general password policies, type following:

NET ACCOUNTS

Tags: active, check, directory, User, when, Windows

Tags: active, check, directory, User, when, Windows
Posted in Curious Facts, Everyday Life, Various, Windows | No Comments »

How to clear ARP cache on Linux / Windows for a single IP address / Flush All IPs ARP cache

Wednesday, December 11th, 2019

linux-how-to-delete-modify-arp-cache-entries-after-IP-is-migrated-from-one-server-or-VPN-host-to-another-resized

On times of Public Internet IP migration or Local IPs between Linux servers or especially in clustered Linux Application Services running on environments like Pacemaker / Corosync / Heartbeat with services such as Haproxy.
Once an IP gets migrated due to complex network and firewall settings often the Migrated IP from Linux Server 1 (A) to Linux Server 2 (B) keeps time until a request to reload the Internet server IP ARP cache with to point to the new IP location, causing a disruption of accessibility to the Newly configured IP address on the new locations. I will not get much into details here what are the ARP (Address Resolution protocol) and Network ARP records on a Network attached Computer and how they correspond uniquely to each IP address assigned on Ethernet or Aliased network Interfaces (eth0 eth0:1 eth0:2) . But in this article, I'll briefly explain once IP Version 4 address is migrated from one server Data Center location to another DC, how the unique corresponding ARP record kept in OS system memory should be flushed in the ARP corresponding Operating System so called ARP table (of which you should think as a logical block in memory keeping a Map of where IP addresses are located physically on a Network recognized by the corresponding Unique MAC Address.

1. List the current ARP cache entries do

Arp is part of net-tools on Debian GNU / Linux and is also available and installed by default on virtually any Linux distribution Fedora / CentOS / RHEL / Ubuntu / Arch Linux and even m$ Windows NT / XP / 2000 / 10 / whatever, the only difference is Linux tool has a bit of more functionality and has a bit more complex use.
Easiest use of arp on GNU / Linux OS-es is.

# arp -an

sample-IP-address-list-with-the-assigned-ARP-cache-mac-addresses
The -a lists all records and -n flag is here to omit IP resolving as some IPs are really slow to resolve and output of command could get lagged.

2. Delete one IP entry from the cache

Assuming only one IP address was migrated, if you want to delete the IP entry from local ARP table on any interface:

# arp -d 192.168.0.8

It is useful to delete an ARP cached entry for IP address only on a certain interface, to do so:

# /usr/sbin/arp -i eth1 -d 10.0.0.1

3. Create ARP entry MAC address with a static one for tightened security

A useful Hack is to (assign) / bind specific Static MAC addresses to be static in the ARP cache, this is very useful to improve security and fight an ARP poisoning attacks.
Doing so is pretty easy, to do so:

Above will staticly make IP 192.168.0.8 to always appear in the ARP cache table to the MAC 00:50:ba:85:85:ca. So even if we have another system with the same MAC
trying to spoof our location and thus break our real record location for the Hostname in the network holding in reality the MAC 00:50:ba:85:85:ca, poisoning us
trying to make our host to recognize 192.168.0.8 to a different address this will not happen as the static ARP will be kept unchanged in ARP caching table.

# arp -s 192.168.0.8 00:50:ba:85:85:ca

4. Flush all ARP records only for specific Ethernet Interface

After the IP on interface was migrated run:

# ip link set arp off dev eth0 ; ip link set arp on dev eth0

5. Remove a set of few IPs only migrated ARP cache entries

# for i in 192.168.0.1 10.0.0.1 172.168.0.3; do sudo arp -d $i; done

Once old ARP entries are removed the arp command would return as:

linux:~$ arp
? (192.168.0.8) at <incomplete> on eth1
? (172.168.0.3) at <incomplete> on eth2

The 192.168.0.8 / 172.168.0.3 entry now shows as incomplete, which means the ARP entry will be refreshed when it is needed again, this would also depend
on the used network switches / firewalls in the network settings so often could take up to 1 minute or so..

6. Flush all ARP table records on Linux

flush-all-arp-cache-addresses-on-linux-howto-with-ip-command

# ip -s -s neigh flush all

7. Delete ARP Cache on FreeBSD and other BSDs

# arp -d -a

8. Flush arp cache on Windows

Run command prompt as Administrator -> (cmd.exe) and do:

C:\> ipconfig /all
netsh interface ip delete arpcache

9. Monitoring the arp table

On servers with multiple IP addresses, where you expect a number of IP addresses migrated to change it is useful to use watch + arp like so:

# watch -n 0.1 'arp -an'
…

The -n 0.1 will make the arp -an be rerun every 10 miliseconds and by the way is a useful trick to monitor stuff returned by commands that needs a higher refresh frequency.

Conclusion

In short in this article, was explained how to list your arp cache table.The arp command is also available both on Linux and Windows) and as integral part of OS networking it is useful to check thoroghfully to its man page (man arp).
Explained was how to create Static ARP table records to prevent ARP poisoning attacks on a server.
I went through how to delete only a single ARP records (in case if) only certain IPs on a host are changed and an ARP cache entry reload is needed, as well as how to flush the complete set of ARP records need to get refreshed, sometimes useful on networks with Buggy Network Switches or when completely changing the set of IP-addresses assigned on a server host.

Tags: address, Cache, clear, linux?, Single, Windows

Tags: address, Cache, clear, linux?, Single, Windows
Posted in Everyday Life, Linux, Networking, Windows | No Comments »

Windows 7 how to configure Separator delimiter Divider between Pinned and Running Opened programs on Taskbar Classic theme pane

Saturday, October 12th, 2019

I've started to work as a External Consultant for Equens Worldline, who lately merged with Atos – a French multinational information technology.

As the company is mostly into the financial business and as any company that is involved with OLTP Online transaction processing , an information systems that typically facilitate and manage transaction-oriented applications, e.g. in a mortal language takes care for a numerous companies Credit / Debit card online payments.

Of course the technologies used both on a Server / Data Center level and for Employee personal used are a bit old fashioned. In that relation, most of the computers, I've seen used by Worldline – Atos including my work PC notebook is still running a custom version of Windows 7.

Once I had the Computer ready with the OS from the HelpDesk colleague, then it was ready to install, unfortunately, I didn't have administrator account on the Lenovo L serie laptop so I couldn't install applications. To get around this I've used PortableApps – the world's most popular portable software solution allowing you to take your favorite software with you with no need for any Installation and on Win OS computers, where you have limited access.
PortableApps is fully open source and free platform, it works from any synced cloud folder (DropBox, Google Drive, Box, etc), from your local PC on an internal or external drive, or on any portable storage device (USB flash drive, memory card, portable hard drive, etc). Because the applicatons are installed without being really binded to the Win OS, once the PortableApps ported Application is installed it can be easily moved by simply copying between PCs.

portableapps_windows_list-of-installable-programs-screenshot
PortableApps.com is currently used by millions of users all over the world and is the Largest Portable full collection of open source and freeware software, compatible commercial software, and partners in hardware industry for Microsoft Windows.

As I do often with the Windows fresh installed Windows machines I have to work on, install the great set of tools prior described in must have software on any fresh installed Windows OS as this is essential if you're a sysadmin or Advanced user for the daily work with the WinBlows

OS Graphical Interface simplicity is a crucial thing to me, cause if I have to work with Windows and spendan 8 hours each day 5 days a week in front of the Computer Display with this Complex unnecessery coloring (that Windows 7 / Windows 10 default Theme introduced), together with the visual aids on the Window Minimize and Maximize, puts a useless additional eye strain and besides that "fries" the brain (as the brain has to process all this mambo-jambo "virtual" reality graphics turning all down and up and mixing up the gamma of unreal colors for nothing …

So far so good I've set the needed software from above list and continued further to Change my Windows start menu to look like Windows 2000. Start menu and Theme To be the Classic Theme.

After setting up the Windows Classic Theme (which by the way is unfortunately, no longer available in Windows 10), I love to set my Windows Background picture to be a Sold Black Color, I do this as Black color is the less exhausting for the eyes – as one views the desktop picture thousand times and this is extra unnecessery work for the brain.

However next, unpleasant thing faced is even though now my Windows Start and Windows borders looked old-fashioned in the Windows 2000 Server, "wooden" style, the order of my (Open) Running applicaitons on the start menu bar were not isolated but were mixing, with the rest of my Pinned Program Starter icons

! Notice the Windows Media player icon being in the middle between the Lync, Firefox, Chrome and Internet Explorer line … !

I spend some time to rewind some memories on how I did make the pinned program to distinguish itself (separate) from the rest of the Opened Runnign Windows, and had in mind that I used some kind of separator added custom Toolbar, but the bad thing was I couldn't remember exactly how so I spend some good amount of time to Google around.

And found few articles on the topic proposing to add a new Custom empty launcher program of cmd.exe and change the icon of the empty launcher to a | graphical string
I've tried a lot of this approach but it didn't work and after some experimentations, finally I figured it out. The way to do it is to add a New Toolbar that is Pointing to a Directory with a list of Programs whose icons you want to have listed with icon launchers next to Start menu.

Here is step by step what I've done to achieve configuration of Hard Separator Delimiter between my Program Launchers and Running Applications.

1. Create a New Folder somewhere under your User Home directory, lets say:
C:\Users\Username\TaskbarPrograms

2. Add a shortcut or copy the programs starters (icons) to the TaskBar Programs

3. Unlock the Windows 7 Taskbar
E.g. Click over on any of the empty space on the taskbar after Windows Start menu button and untick Lock the Taskbar

4. Remove any Pinned programs (you have placed there earlier)

windows-7-unpin-program-from-taskbar

5. Again On an empty place on the Taskbar press the last button Mouse (Rightest button) to open Taskbar properties menu and
Go to ToolBars menu and Choose (New Toolbar)

new-toolbar-screenshot-windows-os-7

6. As a location for the new toolbar place C:\Users\Username\TaskbarPrograms

add-custom-Quick-Launch-Toolbar-Images-screenshot

The result should be that all the programs in the selected folder will appear in the Windows pane

8. Now go over the empty space of the Windows start menu bar
and untick Show Text / Show Title

9. Hold over the Taskbar Programs holder and drag and drop it constantly holding the left mouse button
and place it over the default separator Holder (for clarity marked in below screenshot as Marked over here).

10. Move the default separator that will appear on the left close to the list of shown applications
(shown in screenshot)

11. Open any of the applications (e.g. Firefox, Chrome, MobaXterm, Opera, RDP, VLC) the result should be a fine ordered icons. Hooray !!!

12. To make more space for the Opened Active (Running) Windows, a good hint is to stretch the start menu pane field – this is done by holding a right mouse button on the edge of the gray line, like shown in below screenshot.

Note that, you will need to remove any icons that are left over binded to the default separator (holder).

13. Finally on the Taskbar (empty space) menu with the Mouse, click again right mouse button and tick on the Lock the Taskbar

That's it now your Windows 7 start menu bar will look pretty much like Linux's GNOME 2.x and GNOME Mate, and if you're a a long years Linux Desktop user you will feel at home even on Windows 7.

To further tweak the Taskbar a very useful Program is Windows 7+ Taskbar Tweaker

"7+ Taskbar Tweaker allows you configure various aspects of the Windows taskbar which can't be tweaked via registry or taskbar properties. The tweaker is designed for Windows 7, Windows 8, Windows 8.1, and Windows 10.

windows-7-taskbart-tweaker-combine-grouped-buttons

I install it mostly because one single feature Combined Grouped Buttons which makes similar Windows to group together. Just having a number of Windows of the same type floating around the Taskbar is really irritating and becomes really confusing once multiple windows.

For example if you have opened 10 Windows of Explorer they will be group under the same window title pointer.

To make the Windows even more bizarre and feel more like a Linux powered Box go on and install MobaXterm as a substitute for Linux's gnome-terminal as well as the rest of things such as CygWin / GNUWin32 / GVim etc.

Also some good start up list of software I do install on new Windows Desktop PCs is described in my previous article Some standard software programs to install on Windows to make your Windows feel more like a Linux / Unix Desktop host

This time I did not needed that but on other locations another Windows useful hint I use every now and then is to set some custom programs (Lets say a PortableApps program) to Automatically run – described earlier in my earlier article how to add startup Windows 7 / 8 program run on startup.

P.S. I've tried to setup the same Classic Theme and Start menu button with the same order on Windows 10 OS, but even though a similar interface could be achieved, I've had problems with setting up the proper Running application Ordering, due to a different behavior of the Delimiter / Separators in Windows 10.

For me this Custom Windows interface and Window ordering works pretty well it saves me a lot of the eye strain and brain overcalculation for nothing.

After all, Lets not forget that God is in the Simplicity ! 🙂

Tags: access, Account, administrator, administrator account, after, again, aids, ALL, amount, and, another, ANY, application, applications, are, around, article, available, background, being

Tags: access, Account, administrator, administrator account, after, again, aids, ALL, amount, and, another, ANY, application, applications, are, around, article, available, background, being
Posted in Everyday Life, Various, Windows | 1 Comment »

A Concise and Complete Strategy to Earn Microsoft MCSE: Core Infrastructure Certification

Wednesday, August 21st, 2019

microsoft-certification-mcse-infrastructure-azure-mcse-boot-camp-499x330

This article is going to be a bit astray from Linux but as recently, there are so many jobs offered for Windows administrators, I believe it will be useful for sysadmins, who are more interested in Windows sysadmin job, so lets get through some of the essential Microsoft certificates to give you idea what kind of certificate you might want to enter the world of Windows.

In recent months, Microsoft is by-and-by altering its certification program. But, how does this affect the certification track as a whole? This creates a new breed of Microsoft credentials that are specifically aligned to certain job roles like administrator, solution architect, developer, and functional consultant.

Further, the incorporation of role-based certifications means the phasing out of old certifications tracks like MCSA: Cloud Platform, MCSA: Linux on Azure, MCSE: Mobility and the list continues. All the retired certifications and certification exams are pensioned off to reflect the newest technologies and advancements, which are highly needed by different IT job roles.

But even with the changes, Microsoft hasn’t totally ditched some of their previous certification tracks―simply because these are still significant up to the present time. And one of the limited expert-level Microsoft validations that deserve a mention is, without a doubt, MCSE: Core Infrastructure.

https://www.examsnap.com/microsoft-certification-training.html

microsoft-certified-solutions-master-main-qimg-82c85948f30e27f6eb3f8d5c4eda9915

The Past and the Present Days of MCSE: Core Infrastructure

MCSE: Core Infrastructure is certainly the best way to certify your expertise in managing more complex and modern IT technologies, including data center, system and identity management, storage, virtualization, and networking.

To get you ready, see the functional preparation guide that shows three main steps to earn this MCSE endorsement.

Acquire your MCSA certification

The very first step is to arm yourself with an entry-level credential that declares your foundational understanding of specific IT technologies. This means that you can’t just jump directly to the expert-tier without gaining valuable groundwork, which for this case, is either the MCSA Windows Server 2012 or MCSA Windows Server 2012. Both these certifications are aimed to give you a significant footing in specific Microsoft infrastructure in an enterprise setting, to further improve the business worth and abate unnecessary expenses.

Choose your preferred MCSE certification exam

Next step is to pick from given five MCSE certifications exams: 70-744, 70-745, 70-413, 70-414, and 70-537. Though there are five listed options, only four are available since exam 70-537 hasn’t been released up to now.

Exam 70-744

Dubbed as the exam for Securing Windows Server 2016, 70-744 tests how well you utilize various technologies and methodologies relating to server hardening environments and virtual and network machines infrastructure.

https://www.microsoft.com/en-us/learning/certification-overview.aspx

Featuring topics such as Active Directory, Enhanced Security Administrative Environment, Local Administrator Password Solution, Threat Detection Solutions, Privileged Access Workstations, and such, the exam serves a remarkable way to fully take a grasp of the security needed in Windows Server 2016.

Exam 70-745

If securing Windows Server 2016 does not entice you, there’s another option―exam 70-745, which is implementing a Software-Defined Datacenter. This test is suitable for both analysts and data scientists who’ve got a thing for complex processes and data sets as well as virtual machine manager.

Software-defined networking, software-defined data center, and software-defined storage are three main subjects expounded in this exam. You will learn how to implement, manage, secure, and maintain these various solutions. Accordingly, it’s recommended to have background skills in data structures, programming concepts, R functions, and statistical methods for you to easily take up and pass this exam.

Exam 70-413

Next on the list is the test that corroborates your capability in designing and implementing a 2012 Windows Server 2012 infrastructure. Exam 70-413 is part one of a two-series test that revolves around key functions of a server environment.

If you pass this exam, this means that you are fully-furnished with abilities in core topics related to Windows Server 2012, including network access services, server virtualization, deployment, and infrastructure. This is because your skills in creating and implementing both logical and physical active directory infrastructures will be put into test.

Exam 70-414

70-414 is the second test of the two-part series exam about Windows Server 2012. This means that you have to complete and pass both exams 70-413 and 70-414 to earn your MCSE.

In comparison to the first exam, this refers to a more complicated server infrastructure in a highly virtualized setting. The exam sets the seal in your command in managing and maintaining advanced server infrastructure. Furthermore, you get to mug up your skills in planning and implementing highly available enterprise and server virtualization infrastructures along with designing and executing identity and access solutions.

3. Start practicing the exam

Once you’ve decided what exam/s you’ll take, you need to start gathering essential exam materials. Start with books and Microsoft exam guides so that you’ll acquire a deeper understanding of each topic. Training courses are other imperative resources you shouldn’t miss. These are relevant in mounting your knowledge―in a more stimulating and less stressful manner. Either in an instructor-led or self-paced format, these training courses are carved to give you a more advanced yet highly engaging type of learning. And luckily, there’s no need for you to look further because Microsoft provides candidates with official and vital training courses for every exam.

And to accompany your exam preparation, get assistance from Examsnap’s series of practice tests. Featuring the most updated test questions with answers, the practice tests offered by Examsnap are not just limited to one but a lot of files per exam. They have all the MCSE required and current exams, which are 70-744, 70-745, 70-413, and 70-414. With the various files on offer, these give you several options to expand your knowledge bank before the exam day. Since the tests are offered in .ete format, you can train them with the help of the ETE Simulator. This will give you the insight of what is waiting for you at the exam. Moreover, you can practice the file unlimited times, track your results, improve them, thus you’ll be confident in your skills and knowledge and escape nervousness.

Conclusion

And when you pass the required exam/s, you’ll be rewarded with the ever-famous MCSE: Core Infrastructure to your profile. More than that highly-distinguished international credential, you are now qualified for various job roles like information security specialist, computer support analyst, IT administrator, architect, and such. So, keep the ball rolling and tighten your preparation stage for you to earn this amazing Microsoft validation.

Tags: Certification, earn microsoft cert, MCSE

Tags: Certification, earn microsoft cert, MCSE
Posted in Various, Windows | 1 Comment »

Check the count and monitor of established / time_wait TCP, UDP connections on Linux and Windows with netstat command

Wednesday, February 6th, 2019

netstat-windows-linux-commands-to-better-understand-your-server-type-of-networrk-tcp-udp-connections

For me as a GNU / Linux sysadmin it is intuitive to check on a server the number of established connections / connections in time_wait state and so on .

I will not explain why this is necessery as every system administrator out there who had a performance or network issues due to server / applications connection overload or have been a target of Denial of Service (DoS)
or Distributed Denial of Service attacks (DDoS) is well aware that a number of connections in different states such as SYN_ACK / TIME_WAIT or ESTABLISHED state could be very nasty thing and could cause a productive application or Infrastructure service to be downed for some time causing from thousands of Euros to even millions to some bussinesses as well as some amount of data loss …

To prevent this therefore sysadmins should always take a look periodically on the Connection states on the adminned server (and in this number I say not only sys admins but DevOps guys who are deploying micro-services for a customer in the Cloud – yes I believe Richard Stallman is right here they're clouding your minds :).

Even though cloud services could provide a very high amount of Hardware (CPU / Memory / Storage) resources, often for custom applications migrating the application in the Cloud does not solve it's design faults or even problems on a purely classical system administration level.

1. Get a statistic for FIN_WAIT1, FOREIGN, SYNC_RECV, LAST_ACK, TIME_WAIT, LISTEN and ESTABLISHED Connections on GNU / Linux

On GNU / Linux and other Linux like UNIXes the way to do it is to grep out the TCP / UDP connection type you need via netstat a very useful cmd in that case is:

root@pcfreak:~# netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n
1 established)
1 FIN_WAIT1
1 Foreign
1 SYN_RECV
3 LAST_ACK
4 FIN_WAIT2
8 TIME_WAIT
45 LISTEN
147 ESTABLISHED

2. Netstat 1 liner to Get only established and time_wait connections state

Other ways to check only TCP ESTABLISHED connections on Linux I use frequently are:

root@pcfreak:~# netstat -etna|grep -i establi|wc -l
145

netstat-connection-types-statistics-linux-established-time-wait-check-count

Or to get whole list of connections including the ones who are about to be esatablished in FIN_WAIT2, TIME_WAIT, SYN_RECV state:

root@pcfreak:~# netstat -tupen |wc -l
164

3. Other Linux useful one liner commands to track your connection types

netstat -n -p | grep SYN_REC | sort -u

List out the all IP addresses involved instead of just count.

netstat -n -p | grep SYN_REC | awk '{print $5}' | awk -F: '{print $1}'

List all the unique IP addresses of the node that are sending SYN_REC connection status.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

Use netstat command to calculate and count the number of connections each IP address makes to the server.

netstat -anp |grep 'tcp\|udp' | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

List count of number of connections the IPs are connected to the server using TCP or UDP protocol.

netstat -ntu | grep ESTAB | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr

Check on ESTABLISHED connections instead of all connections, and displays the connections count for each IP.

netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -nk 1

Show and list IP address and its connection count that connect to port 80 on the server. Port 80 is used mainly by HTTP web page request.

Examples are taken from this nice blog post

4. Check the count of esatblished connections on M$ Windows

As I'm forced to optimize a couple of Microsoft Windows DNS servers which are really slow to resolve the
The logical question for me was how the Established and TIME_WAIT state connections then could be checked on Windows OS, after a quick investigation online I've come up with this:

C:\Users\admin> netstat -nao | find /i "estab" /c
78

C:\Users\admin> netsatt -nao | find /i "time_wait" /c
333

If you're used to Linux watch command, then to do same on Windows OS (e.g. check the output of netstat) command every second
and print output use:

netstat –an 1 | find “3334”

Below commands will show stats for services listening on TCP port 3334

To find out which process on system sends packets to remote destination:

netstat –ano 1 | find “Dest_IP_Addr”

The -o parameter outputs the process ID (PID) responsible for the connection.
then if you need further you can find the respective process name with tasklist< cmd.
Another handy Windows netstat option is -b which will show EXE file running as long as
the related used DLL Libraries which use TCP / UDP .

Other useful netsatat Win example is to grep for a port and show all established connections for it with:

netstat –an 1 | find “8080” | find “ESTABLISHED”

5. Closure

Hopefully this article will give you some idea on what is eating your bandwidth connections or overloading your GNU / Linux – Windows systems. And will point you to the next in line logical thing to do optimization / tuning
settings to be made on your system for example if Linux with sysctl – see my previous relater article here

I'll be intested to hear from sysadm colleagoes for other useful ways to track connections perhaps with something like ss tool (a utility to investigate sockets).
Also any optimization hints that would cause servers less downtime and improve network / performance thouroughput is mostly welcome.

Tags: check, connections, count, ESTABLISHED, monitor, time_wait

Tags: check, connections, count, ESTABLISHED, monitor, time_wait
Posted in Linux, System Administration, Windows | No Comments »

Export / Import PuTTY Tunnels SSH Sessions from one to another Windows machine howto

Thursday, January 31st, 2019

As I've started on job position – Linux Architect in last November 2018 in Itelligence AG as a contractor (External Service) – a great German company who hires the best IT specialists out there and offers a flexible time schedules for emploees doing various very cool IT advanced operations and Strategic advancement of SAP's Cloud used Technology and Services improvements for SAP SE – SAP S4HANA and HEC (HANA Enterprise Cloud) and been given for work hardware a shiny Lenovo Thinkpad 500 Laptop with Windows 10 OS (SAP pre-installed), I needed to make some SSH Tunnels to machines to (Hop Station / Jump hosts) for that purpose, after some experimenting with MobaXterm Free (Personal Edition 11.0) and the presumable limitations of tunnels of the free client as well as my laziness to add the multiple ssh tunnels to different ssh / rdp / vnc etc. servers, finally I decided to just copy all the tunnels from a colleague who runs Putty and again use the good old Putty – old school Winblows SSH Terminal Client but just for creating the SSH tunnels and for rest use MobaXterm, just like in old times while still employe in Hewlett Packard. For that reason to copy the Tunnels from my dear German Colleague Henry Beck (A good herated collegue who works in field of Storage dealing with NetApps / filer Clusters QNap etc.).

Till that moment I had no idea how copying a saved SSH Tunnels definition is possible, I did a quick research just to find out this is done not with Putty Interface itself but, insetead through dumping Windows Putty Stored Registry records into a File, then transfer to the PC where Tunnels needs to be imported and then again (either double click the registry file) to load it, into registry or use Windows registry editor command line interface reg, here is how:

1. Export

Run cmd.exe (note below command)

requires elevated Run as Administrator prompt:

Only sessions:

regedit /e "%USERPROFILE%\Desktop\putty-sessions.reg" HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\Sessions

All settings:

regedit /e "%USERPROFILE%\Desktop\putty.reg" HKEY_CURRENT_USER\Software\SimonTatham

Powershell:

If you have powershell installed on machine, to dump

Only sessions:

reg export HKCU\Software\SimonTatham\PuTTY\Sessions ([Environment]::GetFolderPath("Desktop") + "\putty-sessions.reg")

All settings:

reg export HKCU\Software\SimonTatham ([Environment]::GetFolderPath("Desktop") + "\putty.reg")

2. Import

Double-click on the

*.reg

file and accept the import.

Alternative ways:

cmd.exe

, require elevated command prompt:

regedit /i putty-sessions.reg regedit /i putty.reg

PowerShell:

reg import putty-sessions.reg reg import putty.reg

Below are some things to consider:

Note !: do not replace

SimonTatham

with your username.

Note !: It will create a

reg

file on the Desktop of the current user (for a different location modify path)

Note !: It will not export your related (old system stored) SSH keys.

What to expect next?

The result is in Putty you will have the Tunnel sessions loadable when you launch (Portable or installed) Putty version.
Press Load button over the required saved Tunnels list and there you go under

Connection SSH -> Tunnels

you will see all the copied tunnels.

Enjoy!

Tags: administrator, after, again, ALL, alternative, and, another, are, Below, Button, Click, client, Cloud, clusters, cmd, colleague, collegue, command, command line interface, command prompt

Tags: administrator, after, again, ALL, alternative, and, another, are, Below, Button, Click, client, Cloud, clusters, cmd, colleague, collegue, command, command line interface, command prompt
Posted in System Administration, Windows | No Comments »

☩ Walking in Light with Christ – Faith, Computing, Diary

Archive for the ‘Windows’ Category

How to backup Outlook Mailbox / Export Exchange Mail backup to .pst

Set Domain multiple alias (Aliases) in IIS on Windows server howto

Use multiple certificates using one IP address (same IP address) on IIS Windows web server

Fix Blocked Unresponsive keyboard keys on Windows 7 / 10

The Problem

Reason behind Blocked Unresponsive Keyboard

Hard Fix – Reboot ..

Solution Without PC Restart

Windows 10 Disable the Filter Keys option

Closing Notes

Check when Windows Active Directory user expires and set user password expire to Never

1. Query domain Username for Password set / Password Expires set dates

2. Listing all Active Directory users last set date / never expires and expiration dates

3. Setting a user password to never Expiry

Windows 7 how to configure Separator delimiter Divider between Pinned and Running Opened programs on Taskbar Classic theme pane

A Concise and Complete Strategy to Earn Microsoft MCSE: Core Infrastructure Certification

Acquire your MCSA certification

Choose your preferred MCSE certification exam

3. Start practicing the exam

Daily Bible quote

GET ARTICLE UPDATES

Useful blog? Help it:

Links to Other Places

Recent Posts

Ads

Categories

About Myself

Top Post Views

blogtopsites