filer0*> options time
timed.enable on (same value in local+partner recommended)
timed.log on (same value in local+partner recommended)
timed.max_skew 5m (same value in local+partner recommended)
timed.min_skew 0 (same value in local+partner recommended)
timed.proto rtc (same value in local+partner recommended)
timed.sched 1h (same value in local+partner recommended)
timed.servers 10.1.100.11 (same value in local+partner recommended)
timed.window 0s (same value in local+partner recommended)
Read more...
Thursday, October 8, 2015
Thursday, June 18, 2015
Prevent Exchange Server 2010 Direct File Server Access
By Default Exchange Server 2010 allows internal hyperlinks access by using Android smart phones.
Users can access hyperlinks that indicates internal file server in your organization by clicking hyperlinks in emails.
In order to prevent this type of access follow the steps below;
Open Exchange Management Console -> drill down to server configuration -> Client Access -> Exchange ActiveSync (middle tab) -> right click on the name (default website in my case) properties -> Remote file servers tab. From here, you can allow or deny access.
Read more...
Users can access hyperlinks that indicates internal file server in your organization by clicking hyperlinks in emails.
In order to prevent this type of access follow the steps below;
Open Exchange Management Console -> drill down to server configuration -> Client Access -> Exchange ActiveSync (middle tab) -> right click on the name (default website in my case) properties -> Remote file servers tab. From here, you can allow or deny access.
Read more...
Monday, May 4, 2015
Allowing server machine to use filesharing with itself via the DNS Alias (BackConnectionHostNames) (Windows Server 2008 & 2012)
This change is necessary for a DNS alias to work with filesharing from a machine to find itself. This creates the Local Security Authority host names that can be referenced in an NTLM authentication request.
To do this, follow these steps for all the nodes on the client computer:
- To the registry subkey
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0, add new Multi-String ValueBackConnectionHostNames - In the Value data box, type the CNAME or the DNS alias, that is used for the local shares on the computer, and then click OK.
- Note: Type each host name on a separate line.
Read more...
Sunday, March 8, 2015
FortiOS v5.x Alert email settings for email servers in different subnet
If your fortinet device and email server are in different subnet, FortiOS v5.x will not be able to send alert emails to email server by setting only email server address from Gui.
You should also perform some configuration from CLI.
Connect to device by SSH.
FG100D # config system email-server
FG100D (email-server) #
set Modify value.
unset Set to default value.
get Get dynamic and system information.
show Show configuration.
abort End and discard last config.
end End and save last config.
//execute show command to view your current settings.
FG100D (email-server) # show
config system email-server
set reply-to "fw@fxxxx.com"
set server "10.1.10.11"
set port 587
end
//execute get command to view your current settings.
FG100D (email-server) # get
type : custom
reply-to : fw@fxxx.com
server : 10.1.10.11
port : 587
source-ip : 0.0.0.0 //define source-ip in order to FG to access email server in different subnet
source-ip6 : ::
authenticate : disable
security : none
FG100D (email-server) # set source-ip 10.5.x.x (FW interface IP address that can reach messaging server)
Now, FG will be able send alert emails to messaging server in different subnet
Be sure you already configured relay on your messaging server.
Read more...
You should also perform some configuration from CLI.
Connect to device by SSH.
FG100D # config system email-server
FG100D (email-server) #
set Modify value.
unset Set to default value.
get Get dynamic and system information.
show Show configuration.
abort End and discard last config.
end End and save last config.
//execute show command to view your current settings.
FG100D (email-server) # show
config system email-server
set reply-to "fw@fxxxx.com"
set server "10.1.10.11"
set port 587
end
//execute get command to view your current settings.
FG100D (email-server) # get
type : custom
reply-to : fw@fxxx.com
server : 10.1.10.11
port : 587
source-ip : 0.0.0.0 //define source-ip in order to FG to access email server in different subnet
source-ip6 : ::
authenticate : disable
security : none
FG100D (email-server) # set source-ip 10.5.x.x (FW interface IP address that can reach messaging server)
Now, FG will be able send alert emails to messaging server in different subnet
Be sure you already configured relay on your messaging server.
Read more...
Tuesday, February 24, 2015
Enable two factor Email authentication FortiOS v5
To enable email two-factor authentication - CLI
Read more...
config user local
edit username
set email-to useremailaddress
set two-factor email
end
Read more...
Sunday, February 15, 2015
RPC Error while trying to connect NetApp Filer through MMC or while trying to edit Local Users and Groups on MMC
Add name and IP address of your filers to your host file.
Read more...
Read more...
Operating System Error 1808 & Operating System Error 5 Access Denied
If you are getting these errors while trying to backup to network share on MS SQL Server;
Change SQL Server and SQL Agent service Log on accounts to user that have access right on network share.
Read more...
Change SQL Server and SQL Agent service Log on accounts to user that have access right on network share.
Read more...
Sunday, January 25, 2015
Change moderated mailbox approval period
Exchange Management Shell
set-retentionpolicytag ModeratedRecipients -AgeLimitForRetention 15 --> (day)
Read more...
set-retentionpolicytag ModeratedRecipients -AgeLimitForRetention 15 --> (day)
Read more...
Tuesday, January 13, 2015
Extend / Resize Snapmirror Volume
FAS20xx in source , to a FAS20xx in Destination
1) Break the mirror on FAS20xx in destination
2) Resize the volume of FAS20xx in source
3) Resize the FAS20xx in destination backup Volume with same size of volume FAS20xx in source primary volume
(You can keep the destination much higher in space.)
5) Initialize the snapmirror on FAS20xx in destination
If you get Volume has a fixed filesystem size (fs_size_fixed) error while you are trying to resize volume. You should turn fixed file system option off.
1)Execute df -h on console to see all volumes.
2) vol options volume fs_size_fixed off
Read more...
1) Break the mirror on FAS20xx in destination
2) Resize the volume of FAS20xx in source
3) Resize the FAS20xx in destination backup Volume with same size of volume FAS20xx in source primary volume
(You can keep the destination much higher in space.)
5) Initialize the snapmirror on FAS20xx in destination
If you get Volume has a fixed filesystem size (fs_size_fixed) error while you are trying to resize volume. You should turn fixed file system option off.
1)Execute df -h on console to see all volumes.
2) vol options volume fs_size_fixed off
Read more...
Tuesday, January 6, 2015
Exchange Server moderation not working
Messages in arbitration mailbox will not expire if the arbitration mailbox does not have a retention policy assigned
Run following command to check if arbitration mailbox have retention policy.
Get-Mailbox -Arbitration | fl displayname,retentionpolicy
------------------
DisplayName : Microsoft Exchange Approval Assistant
RetentionPolicy : ArbitrationMailbox
------------------
If “Microsoft Exchange Approval Assistant” mailbox doesn’t have any retention policy assigned, you should assign ArbitrationMailbox policy to it.
In order to manually start retention policy
Start-ManagedFolderAssistant "Microsoft Exchange Approval Assistant"
In order to Check statistics for "Microsoft Exchange Approval Assistant" mailbox use the command below;
Get-Mailbox -arbitration | Get-MailboxStatistics
Read more...
Run following command to check if arbitration mailbox have retention policy.
Get-Mailbox -Arbitration | fl displayname,retentionpolicy
------------------
DisplayName : Microsoft Exchange Approval Assistant
RetentionPolicy : ArbitrationMailbox
------------------
If “Microsoft Exchange Approval Assistant” mailbox doesn’t have any retention policy assigned, you should assign ArbitrationMailbox policy to it.
In order to manually start retention policy
Start-ManagedFolderAssistant "Microsoft Exchange Approval Assistant"
In order to Check statistics for "Microsoft Exchange Approval Assistant" mailbox use the command below;
Get-Mailbox -arbitration | Get-MailboxStatistics
Read more...
Exchange Server ActiveSync User List Powershell
[PS] C:\Windows\system32>Get-ActiveSyncDevice | Get-ActiveSyncDeviceStatistics | select-object DeviceID,Identity,LastSuccessSync |export-csv c:\temp\report.csv
or
Get-CASMailbox -ResultSize Unlimited | where { $_.ActiveSyncEnabled -eq 'True'} | ft name, activesyncenabled –autosize > c:\ActiveSyncEnabled.txt
Read more...
or
Get-CASMailbox -ResultSize Unlimited | where { $_.ActiveSyncEnabled -eq 'True'} | ft name, activesyncenabled –autosize > c:\ActiveSyncEnabled.txt
Read more...
Exchange server view mailbox and archive mailbox size
(Get-Mailbox) | Select-Object name,@{n="Primary Size(MB)";e={(Get-MailboxStatistics $_).totalItemsize.value.toMB()}},@{n="Archive Size(MB)";e={(Get-MailboxStatistics -archive $_).totalItemsize.value.toMB()}} | Export-csv c:\report.csv
Read more...
Read more...
Subscribe to:
Posts (Atom)
Subscribe To This Web Site
Posts
All Comments
