Quick script to backup Fortinet hardware on Windows.

bkup.bat

echo execute backup config ftp /fortiwifi-1 ftp.example.com  user pass >bkup.tmp

u:\putty 10.111.1.1 -l admin -pw admin-pass -m bkup.tmp

Repeat for next unit...

You need Putty and an ftp server. Now I type "bkup" and six devices are backed up in 30 seconds. I will make this a scheduled task later.

Explorer crashes with BEX64 when I create a shortcut in Citrix.

I need to create a shortcut to the local client C drive while inside Citrix. Every attempt results in this message.

This may be a bug in Citrix but here is my workaround.

J:\>echo explorer \\client\c$\Downloads > downloads.bat

Now I just double click on downloads.bat and it opens the client folder like a shortcut.

I tracked down a stolen laptop with LogMeIn Hamachi.

We install Hamachi and VNC on all of our laptops for remote support. A fairly new laptop was recently stolen. I started watching Hamachi and the laptop was online the next day. I don't know of a way to get the real IP address from Hamachi so I used VNC to watch the screen. The user just happened to be filling out a job application online so I saw the name, address, phone number... We passed the info along to the local PD, the laptop was returned and there was an arrest. Hamachi and VNC are great tools for business.

Note for next time:

I will use a screen recording app to make a video of the remote screen.

Adobe installers fail with a download timeout at 64%.

This has been an issue for a while. Windows XP, 7, and Windows server all fail to update. I did a some packet sniffing with no luck.

There is an option in my firewall to exempt a URL from monitoring. I have never had to do this but a couple of times in the past but it worked.

adobe.com - exempt

Now my firewalls no longer scan Adobe traffic for viruses and such but we can update Acrobat and Flash.

Moving virtual disks outside of vmware. The confusing flat files and descriptor files.

When using vSphere Datastore Browser, you will a see a large file like server1.vmdk. The file will be close to the size of the virtual machine. If you download the machine and move it to another vmware host, it will not work! There is a descriptor file that is hidden from the Datastore Browser.

This is my solution:

Enable SSH on the vmware host.

Use putty to connect to the host.

Find the location of the virtual machine.

cd /vmfs/volumes/my_datastore/server1

ls -l

Now I see two vmdk files.

server1.vmdk        (Small descriptor file. But this is the name of the large file earlier?)

server1-flat.vmdk  (Large flat file.)

mv server1.vmdk server1.temp

I renamed the descriptor file and now it is viewable in the Datastore Browser. Now I can download or backup my virtual machine. If you want to move to another host, rename the small file to the original name.

Note: There are other files you need to backup but they should work fine in the GUI.

How to add a second IP to a Linux based Wyse client.

I frequently have a remote office that has to change IP addresses. Later on I usually find out that a printer or other network device was not changed to the new IP subnet. Luckily we have some Linux based thin clients from Wyse.

I look at my DHCP server to find the IP of a thin client.

telnet 10.13.5.1
W182 login: root

The default setup has no root password. Great security.

ifconfig eth0:1 10.15.5.1 netmask 255.255.0.0

Now the thin client is my gateway to the old subnet. I can telnet from the Wyse to printers and other devices. I have used this to rescue many HP printers from old IP addresses.

I have also used a Windows PC as a gateway but that was more time consuming for me.

One domain, port 80 on one server, port 443 on a second server.

First of all, this will be a temporary setup. I need http on server1 and https on server2. The AnaolgX PortMapper did the trick. I installed it on server1 and mapped 443 to server2. The new server is a Citrix gateway and the other solutions I tried resulted in SSL errors. The proxy works so far with no issues.

http://server1 -> old server
https://server1 -> new server

Server1 will be the proxy so it should have plenty of resources to handle the load.

Your browser is too old to view our site. User agent problem?

Lately I have noticed more web sites that will block you if your browser is too old. Why not just give a warning and recommend a new browser. I had one PC with this problem and Internet Explorer 8. So I went to a few test pages like whatismybrowser.com and they show I am using IE6 compatibility mode. Compatibility mode is NOT on. If you have this problem, go to the registry and delete Pre and Post tokens. All the blocked sites work now.

HKEY_LOCAL_MACHINE (or HKEY_CURRENT_USER)
   SOFTWARE
      Microsoft
         Windows
            CurrentVersion
               Internet Settings
                  User Agent
                     Pre Platform
                        Token = Value
                     Post Platform
                        Token = Value

Stuck screensaver on OSX.

I lock the screen and step away. When I return the screensaver will not stop. This has happened a couple of times on the Mac Mini running Lion. Sometimes it is just slow to respond but this time I waited about ten minutes.

I did an SSH from another computer and killed the screensaver process. This worked but is very annoying. You must have the SSH enabled ahead of time.

ps ax | grep -i screensaver 

83230   ??  U      3:09.28 /System/Library/Frameworks/ScreenSaver.framework/Versions/A/Resources/ScreenSaverEngine.app/Contents/MacOS/ScreenSaverEngine 

sudo kill  83230

How to erase the config on a Foundry EdgeIron switch.

I searched for the a quick way to default the configuration on an old Foundry switch. Password recovery is not the issue since I have the password. This is the only fix I could find.

copy file startup-config

filename: Factory_Default_Config.cfg

reload 

Let me know if you have a better way to do this.

Cisco PRI connecting to NEC PBX.

This is want I need to setup.

Telco provider < Sip trunk > Cisco 5350 < PRI > Nec phone switch.

Here is my config for the PRI link. "protocol-emulate-network" is required when there is no service provider clocking the PRI.

controller T1 1/0
 framing esf
 linecode b8zs
 pri-group timeslots 1-24

!
interface Serial1/0:23
 no ip address
 encapsulation hdlc
 isdn switch-type primary-ni
 isdn protocol-emulate network
 isdn incoming-voice modem
 no cdp enable

These commands were also helpful.

show controller T1 ( Look for the T1 to be up with no errors.)
show isdn status ( Look for the lines below, especially MULTIPLE_FRAME_ESTABLISHED.)
debug isdn q921

#sh isdn status
ISDN Serial1/0:23 interface
******* Network side configuration ******* 
dsl 0, interface ISDN Switchtype = primary-ni
    Layer 1 Status:
ACTIVE
    Layer 2 Status:
TEI = 0, Ces = 1, SAPI = 0, State = MULTIPLE_FRAME_ESTABLISHED
    Layer 3 Status:
0 Active Layer 3 Call(s)

Mitel command line trunk busy-out.

I have a Mitel with two PRI circuits. The 2nd PRI is bouncing every few minutes. Almost every time you get on the phone, the call is dropped. I wanted to busy-out or disable the 2nd trunk group to force all the phone calls to the good PRI. I could not find a way in the GUI so back to the command line.

busy trunk group 2 ( The status of the lines will change to man-busy.)
rts trunk group 2     ( Return to Service.)

The first time I tried this, the status of the lines changed to "not seizable." The command below fixed that.

dtstat clear 3 1 3 1   ( This command restored the lines to Idle. You will need to find cabinet, shelf, slot, and circuit to use dtstat.)

Now I wish the telco provider would get the PRI fixed!

Mitel 3300 command line intro.

You may have used the "Maintenance Commands" tool form the Mitel web interface. You can also telnet to the system and use some of the same commands. This is good for me because it works on a Mac which I use most of the time. I have always been irritated that the GUI requires IE.

telnet 10.1.2.3
system / xxxxxx  (Hint: This is not the same system password as the GUI)

There is a numbered menu bar at the bottom of the screen. To use these functions, type Esc and the number.

Here are my favorite commands.

stat trunk group 1 (This shows how many lines are busy)
cong (Traffic congestion report)
traffic status (I have not figured out how to use this feature yet but I want it)
loc num xxx (Identify extension number)
loc feat ext xxx (Shows if an extension is forwarded or if message light is on)

I will explore this CLI more later on.

Active Directory failed logon auditing II

You should automate evencombmt because it takes so long to run.

I created a scheduled task to run ev.bat every morning.

ev.bat contents:
eventcombmt /dc /evt:"529 644 675 676 681 4740 4771" /et:safa /log:sec /start

This will find failed logon attempts on all the domain controllers and dump them into text files under C:\temp. When someone asks why they keep getting locked out, I quickly go to \\myserver\c$\temp and browse the log files. Search for the username and there will be many entries in the log with an IP address. The IP address will be a PC or email server with the failed logon attempts.

How to setup Outlook 2010 over HTTP

How to setup Outllok 2010 over the Internet with Exchange and no VPN.

     
More Setting / Connection tab

Check Name

Access to this web server is disabled by default because it is controlled by basic authentication...

Microsoft has a "Fix it" file that did not work for me because it requires admin access. But I found this one registry value did the trick.


office-fix.reg

The contents of office-fix.reg.

[HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Common\Internet]
"BasicAuthLevel"=dword:00000002

This post has been getting a lot of hits. Let me know if the fix worked for you.

Copy files form VMware datastore with PowerCLI.

$input1 = read-host "enter"
Copy-DatastoreItem "vmstore:\\datacenter1\datastore1\*$input1*" c:\vmware\bkups -Recurse

I copy files from a datastore to my local PC on a regular basis. Of course you need to install PowerCLI on the local PC.