Author Archives: admin

Expired SCVMM certificate

The BITS client job failed to succeed for \srv-scvmm\c$\asd\SW_asdC_STD_MLF_X22-74300.ISO when attempting Start-BitsTransfer resource with following error: The date in the certificate is invalid or has expired

Restart BITS service and try the operation again. Also make sure that the client has permissions on the source and the destination.

ID: 24366

Possible resolution:

Restart BITS (Background Intelligent Transfer Service)

Delete the expired certificate from the VMM server’s Personal Store and create a new one:

[PowerShell]:

$credential = get-credential

Get-VMMManagedComputer -ComputerName “VMM-Server.domain.com” | Register-SCVMMManagedComputer -Credential $credential

You will now get a new certificate which is valid for 5 years.

try
Get-SCVMMServer if command not recognized.

Configure Wildcard SSL Certificate for POP/IMAP on Exchange 2010 (PowerShell)

It is assumed you have your SSL wildcard certificate already installed on an Exchange 2010 server.

We use Windows Server 2008 R2 Datacenter x64 in this example.

Open Exchange Management Shell as Administrator and get a list of SSL certificates that are available:

[PS]> Get-ExchangeCertificate

Thumbprint                    Services  Subject
----------                              --------  -------
1F70359DC0BE9CAD58F965A3C110  ...WS.    CN=*.example.com, OU=IT Dep, O=Example Comp...
0F7FF199B11E662621D80700D04F  ....S.    CN=ExampleDC

When you enable the wildcard *.example.com certificate for POP service, you normally get the following error:

PS]> Enable-ExchangeCertificate -Thumbprint 1F70359DC0BE9CAD58F965A3C110 -Services POP
WARNING: This certificate with thumbprint 1F70359DC0BE9CAD58F965A3C110 and subject '*.example.com' cannot used for POP SSL/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command Set-POPSettings to set X509CertificateName to the FQDN of the service.

The same applies to IMAP:

[PS]> Enable-ExchangeCertificate -Thumbprint 1F70359DC0BE9CAD58F965A3C110 -Services IMAP
WARNING: This certificate with thumbprint 1F70359DC0BE9CAD58F965A3C110 and subject '*.example.com' cannot used for IMAP SSL/TLS connections because the subject is not a Fully Qualified Domain Name (FQDN). Use command Set-IMAPSettings to set X509CertificateName to the FQDN of the service.

Set FQDN for POP service to fix the error:

[PS]> Set-POPSettings -X509CertificateName exchange2010.example.com

Do the same for IMAP service:

[PS]> Set-IMAPSettings -X509CertificateName exchange2010.example.com

Verify POP settings:

[PS]> Get-POPSettings

UnencryptedOrTLSBindings  SSLBindings            LoginType    X509CertificateName
------------------------  -----------            ---------    -------------------
{:::110, 0.0.0.0:110}     {:::995, 0.0.0.0:995}  SecureLogin  exchange2010.example...

Verify IMAP settings:

[PS]> Get-IMAPSettings

UnencryptedOrTLSBindings  SSLBindings            LoginType    X509CertificateName
------------------------  -----------            ---------    -------------------
{:::143, 0.0.0.0:143}     {:::993, 0.0.0.0:993}  SecureLogin  exchange2010.example...

Restart POP and IMAP services:

[PS]> Restart-service MSExchangePOP3
[PS]> Restart-service MSExchangeIMAP4

Source link:

https://www.lisenet.com/2014/configure-wildcard-ssl-certificate-for-pop-imap-on-exchange-2010-server/

Problem with Session in iFrame after windows update

Microsoft ASP.NET will now emit a SameSite cookie header when HttpCookie.SameSite value is “None” to accommodate upcoming changes to SameSite cookie handling in Chrome. As part of this change, FormsAuth and SessionState cookies will also be issued with SameSite = ‘Lax’ instead of the previous default of ‘None’, though these values can be overridden in web.config.

You have to set the cookieSameSite= “None” in the session state tag to avoid this issue. I have tried this and working well.

<system.web>
<sessionState cookieSameSite="None"  cookieless="false" timeout="360">
</sessionState> 
</system.web>

https://social.msdn.microsoft.com/Forums/en-US/1b99630c-299c-446e-bf4b-d7d4d74bf9ef/problem-with-session-in-iframe-after-recent-windows-update?forum=aspstatemanagement

Using Ntdsutil Tool to Manage Active Directory

The NTDSutil.exe utility is one of the key tools to manage Active Directory and its database (ntds.dit file).

The NTDSutil utility can be used by AD administrators in various scenarios. Most often the utility is used to:

  • Transfer (seizing) FSMO roles in the AD domain between domain controllers;
  • Authoritative restoring of deleted objects in Active Directory;
  • Remove faulty (missing) AD domain controllers;
  • Performing AD database maintenance: checking integrity, compressing, moving the ntds.dit file or AD log files to another drive on a domain controller in order to increase performance;
  • Active Directory snapshot management;
  • Change the administrator password for the DSRM (Directory Services Restore Mode) recovery mode.

To display the basic syntax of the NTDSutil utility, open an elevated command prompt on the domain controller and run:

Ntdsutil.exe /?

As you can see, the Ntdsutil utility has a few subcommands available. Let’s try to learn them in more detail with examples.

Let me remind you that in the AD there are five FSMO (Flexible Single Master Operation) roles:

  1. Schema master;
  2. Domain naming master;
  3. RID master;
  4. PDC emulator master;
  5. Infrastructure master.

These roles can be assigned to different domain controllers in the AD forest and/or domain. The current owners of FSMO roles can be obtained using the command:

netdom query fsmo

source link: https://theitbros.com/ntdsutil/

QR Code Wifi

Wifi:

WIFI:T:WPA;S:ssid;P:password;;

Parameter Example Description
TWPA Authentication type; can be WEP or WPA, or leave empty for no password.
S MyNetworkName Network SSID. Required.
P ThisIsMyPassword Password, ignored if T is left blank.
H true Optional. True if the network SSID is hidden.

diagnose RDP with commandline

netstat /p tcp /a | findstr 3389

HTTP SMS

Using the old HTTP SMS developed by Cardboardfish, enterprise acquired by MBLox and then by Sinch.com.

The issue: was using the httpsms.dll developed by Cardboardfish, in a .net platform running .net fx 4.5.

on 10 june 2021, the Atlas HTTP SMS Migration completed and the New FQDNs changed to new ones with http (443).

Impact MT/MO/DLR: API calls to the legacy Mblox Atlas HTTP SMS API URLs will be responded with HTTP status 302.

Client Action Required: Client applications to switchover their API calls to the new Atlas HTTP SMS API URLs below.

Please find the old and New URLs as below:

RegionOld FQDNs ImpactedOld PortsNew FQDNsNew Ports
EUsms1.mblox.com9444 (HTTPS)/9001 (HTTP)eu1.httpgw.api.sinch.com443 (HTTPS) only
EUsms1.cardboardfish.com9444 (HTTPS)/9001 (HTTP)eu1.httpgw.api.sinch.com443 (HTTPS) only
EUsms5.mblox.com9444 (HTTPS)/9001 (HTTP)eu2.httpgw.api.sinch.com443 (HTTPS) only
USsms2.mblox.coml9444 (HTTPS)/9001 (HTTPus1.httpgw.api.sinch.com443 (HTTPS) only
USsms2.cardboardfish.com9444 (HTTPS)/9001 (HTTP)us1.httpgw.api.sinch.com443 (HTTPS) only
USsms3.mblox.com9444 (HTTPS)/9001 (HTTP)us2.httpgw.api.sinch.com443 (HTTPS) only
USsms3.cardboardfish.com9444 (HTTPS)/9001 (HTTP)us2.httpgw.api.sinch.com443 (HTTPS) only

The solution is to migrate to REST API, or upgrade the dll to new FQDN.

To upgrade is needed the source files and have recompiled it.

The REST API and HTTP SMS in .net 4.5 the Webrequest must deal with https:

worked using:

vb.net 
ServicePointManager.SecurityProtocol = CType(3072, SecurityProtocolType)
c#
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;

Documentation:

https://status.sinch.com/incidents/kx1r0h62w9yf

https://social.msdn.microsoft.com/Forums/vstudio/en-US/646d3252-3a97-46b2-81f5-1038b8cb03a8/webclient-and-https?forum=netfxbcl

https://stackoverflow.com/questions/20064505/requesting-html-over-https-with-c-sharp-webclient

https://developers.sinch.com/docs/sms/getting-started/node/nodesend/

https://developers.sinch.com/docs/sms/other/sms-other-http-basic/#outbound-sms-http

PowerShell One-Liner: Get a Count of Exchange Server Mailboxes Per Database

 
 
[PS] C:\Get-Mailbox | Group-Object -Property:Database | Select-Object Name,Count | Sort-Object Name | Format-Table -Auto

Find Exchange version with PowerShell

Let’s find out the Exchange version with PowerShell. We are going to use the Get-ExchangeServer cmdlet. Run Exchange Management Shell as administrator.

  C:\>Get-ExchangeServer | Format-List Name, Edition, AdminDisplayVersion
   C:\>Get-ExchangeServer | Format-Table Name, Edition, AdminDisplayVersion

In the next step, we will find the Exchange Product name.

Now that we know the Exchange version build number, we can find the product name. Go to the Microsoft Docs page

A new image format for the Web

webp_logo

WebP is a modern image format that provides superior lossless and lossy compression for images on the web. Using WebP, webmasters and web developers can create smaller, richer images that make the web faster.

WebP lossless images are 26% smaller in size compared to PNGs. WebP lossy images are 25-34% smaller than comparable JPEG images at equivalent SSIM quality index.

Lossless WebP supports transparency (also known as alpha channel) at a cost of just 22% additional bytes. For cases when lossy RGB compression is acceptable, lossy WebP also supports transparency, typically providing 3× smaller file sizes compared to PNG.

How WebP Works

Lossy WebP compression uses predictive coding to encode an image, the same method used by the VP8 video codec to compress keyframes in videos. Predictive coding uses the values in neighboring blocks of pixels to predict the values in a block, and then encodes only the difference.

Lossless WebP compression uses already seen image fragments in order to exactly reconstruct new pixels. It can also use a local palette if no interesting match is found.

A WebP file consists of VP8 or VP8L image data, and a container based on RIFF. The standalone libwebp library serves as a reference implementation for the WebP specification, and is available from our git repository or as a tarball.

WebP Support

WebP is natively supported in Google Chrome, Firefox, Edge, the Opera browser, and by many other tools and software libraries. Developers have also added support to a variety of image editing tools.

WebP includes the lightweight encoding and decoding library libwebp and the command line tools cwebp and dwebp for converting images to and from the WebP format, as well as tools for viewing, muxing and animating WebP images. The full source code is available on the download page.

WebP Converter Download

Convert your favorite collection from PNG and JPEG to WebP by downloading the precompiled cwebp conversion tool for Linux, Windows or Mac OS X.