Thursday, October 8, 2015

NetApp NTP Server Configuration

filer0*> options time
timed.enable                 on         (same value in local+partner recommended)
timed.log                    on         (same value in local+partner recommended)
timed.max_skew               5m         (same value in local+partner recommended)
timed.min_skew               0          (same value in local+partner recommended)
timed.proto                  rtc        (same value in local+partner recommended)
timed.sched                  1h         (same value in local+partner recommended)
timed.servers       (same value in local+partner recommended)
timed.window                 0s         (same value in local+partner recommended)

Thursday, June 18, 2015

Prevent Exchange Server 2010 Direct File Server Access

By Default Exchange Server 2010 allows internal hyperlinks access by using Android smart phones.
Users can access hyperlinks that indicates internal file server in your organization by clicking hyperlinks in emails.

In order to prevent this type of access follow the steps below;

Open Exchange Management Console -> drill down to server configuration -> Client Access -> Exchange ActiveSync (middle tab) -> right click on the name (default website in my case) properties -> Remote file servers tab. From here, you can allow or deny access.

Monday, May 4, 2015

Allowing server machine to use filesharing with itself via the DNS Alias (BackConnectionHostNames) (Windows Server 2008 & 2012)

This change is necessary for a DNS alias to work with filesharing from a machine to find itself. This creates the Local Security Authority host names that can be referenced in an NTLM authentication request.
To do this, follow these steps for all the nodes on the client computer:
  1. To the registry subkey HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0, add new Multi-String Value BackConnectionHostNames
  2. In the Value data box, type the CNAME or the DNS alias, that is used for the local shares on the computer, and then click OK.
    • Note: Type each host name on a separate line.


Sunday, March 8, 2015

FortiOS v5.x Alert email settings for email servers in different subnet

If your fortinet device and email server are in different subnet, FortiOS v5.x will not be able to send alert emails to email server by setting only email server address from Gui.

You should also perform some configuration from CLI.

Connect to device by SSH.

FG100D # config system email-server

FG100D (email-server) #
set      Modify value.
unset    Set to default value.
get      Get dynamic and system information.
show     Show configuration.
abort    End and discard last config.
end      End and save last config.

//execute show command to view your current settings.

FG100D (email-server) # show
config system email-server
    set reply-to ""
    set server ""
    set port 587

 //execute get command to view your current settings.

FG100D (email-server) # get
type                : custom
reply-to            :
server              :
port                : 587
source-ip           :      //define source-ip in order to FG to access email server in different subnet
source-ip6          : ::
authenticate        : disable
security            : none

FG100D (email-server) # set source-ip 10.5.x.x (FW interface IP address that can reach messaging server)

Now, FG will be able send alert emails to messaging server in different subnet

Be sure you already configured relay on your messaging server.

Tuesday, February 24, 2015

Enable Host Check (AV- FW) FortiOS v5

config vpn ssl web portal
edit full-access
set host-check av-fw


Enable two factor Email authentication FortiOS v5

To enable email two-factor authentication - CLI
config user local
edit  username
set email-to  useremailaddress
set two-factor email


Sunday, February 15, 2015

RPC Error while trying to connect NetApp Filer through MMC or while trying to edit Local Users and Groups on MMC

Add name and IP address of your filers to your host file.

Operating System Error 1808 & Operating System Error 5 Access Denied

If you are getting these errors while trying to backup to network share on MS SQL Server;

Change SQL Server and SQL Agent service Log on accounts to user that have access right on network share.

Sunday, January 25, 2015

Change moderated mailbox approval period

Exchange Management Shell

set-retentionpolicytag ModeratedRecipients -AgeLimitForRetention 15 --> (day)

Tuesday, January 13, 2015

Extend / Resize Snapmirror Volume

FAS20xx in source , to a FAS20xx in Destination

1) Break the mirror on FAS20xx in destination
2) Resize the volume of FAS20xx in source
3) Resize the FAS20xx in destination backup Volume with same size of volume FAS20xx in source primary volume
    (You can keep the destination much higher in space.)

5) Initialize the snapmirror on FAS20xx in destination

 If you get  Volume has a fixed filesystem size (fs_size_fixed) error while you are trying to resize volume. You should turn fixed file system option off.

1)Execute df -h on console to see all volumes.

2) vol options volume fs_size_fixed off


Tuesday, January 6, 2015

Exchange Server moderation not working

Messages in arbitration mailbox will not expire if the arbitration mailbox does not have a retention policy assigned

Run following command to check if arbitration mailbox have retention policy.

Get-Mailbox -Arbitration | fl displayname,retentionpolicy

DisplayName     : Microsoft Exchange Approval Assistant
RetentionPolicy : ArbitrationMailbox
If “Microsoft Exchange Approval Assistant” mailbox doesn’t have any retention policy assigned, you should assign ArbitrationMailbox policy to it.

In order to manually start retention policy

Start-ManagedFolderAssistant "Microsoft Exchange Approval Assistant"

In order to Check statistics for "Microsoft Exchange Approval Assistant" mailbox use the command below;

Get-Mailbox -arbitration | Get-MailboxStatistics

Exchange Server ActiveSync User List Powershell

[PS] C:\Windows\system32>Get-ActiveSyncDevice | Get-ActiveSyncDeviceStatistics | select-object DeviceID,Identity,LastSuccessSync |export-csv c:\temp\report.csv


Get-CASMailbox -ResultSize Unlimited | where { $_.ActiveSyncEnabled -eq 'True'} | ft name, activesyncenabled –autosize > c:\ActiveSyncEnabled.txt


Exchange server view mailbox and archive mailbox size

(Get-Mailbox) | Select-Object name,@{n="Primary Size(MB)";e={(Get-MailboxStatistics $_).totalItemsize.value.toMB()}},@{n="Archive Size(MB)";e={(Get-MailboxStatistics -archive $_).totalItemsize.value.toMB()}} | Export-csv c:\report.csv
span.fullpost {display:none;}