Posts

Showing posts from August, 2012

Aug 30, Update Your Java NOW!

Java has a severe security flaw in it that is publicly known and exploited by a number or virus toolkits. Oracle has finally realeased and update that fixes this flaw. This flaw is severe enough and well known enough that it is being released outside of the standard update cycle. By default Java does not check for daily updates, it might be up to a month before your system automatically detects that there is a new update. If you have not already been prompted to update Java, you should do it manually. In Control Panel, open Java. (you can also type Java from the search box in Start menu to find it) On the Update tab, click Update Now. Follow the onscreen instructions. Reference: https://blogs.oracle.com/security/entry/security_alert_for_cve_20121

Monitor and Start Critical Services with PowerShell

We have multiple virtual machines running on a single Hyper-V host. Due to resource contention during startup, sometimes not all services start properly on one VM. To resolve this I created small PowerShell script that checks the status of some specific critical services and if they are stopped, starts them. I've scheduled the script to run hourly. $services="MSExchangeADTopology","MSExchangeAntispamUpdate","MSExchangeEdgeSync","MSExchangeFDS","MSExchangeIS","MSExchangeMailboxAssistants","MSExchangeMailSubmission","MSExchangeSA","MSExchangeSearch","MSExchangeServiceHost","MSExchangeTransport","MSExchangeTransportLogSearch" Foreach ($s in $services) {     If ($s.status -ne "Running") {         Start-Service $s         }     } The $services variable contains the list of all the services names that are monitored. The script uses a foreach loop to examine th...

MED-V (Not for Windows 8)

MED-V is a virtualization technology that was enabled by Virtual PC on Windows 7. It had the advantage of presenting applications installed in a Windows XP virtual machine directly in Windows 7. Nice, but not widely used. In Windows 8, Virtual PC has been replaced in Windows 8 by Client Hyper-V. As a consequence MED-V is not supported on Windows 8. The Windows XP Mode included as part of Windows 7 is also unsupported due to the loss of Virtual PC. An announcement is here: http://windowsteamblog.com/windows/b/business/archive/2012/06/12/mdop-news-at-teched-north-america-2012.aspx

PowerShell Cmdlets for Networking

Windows Server 2012 and Windows 8 include PowerShell 3 with some new cmdlets for networking. For me this means the end of netsh for network configuration. It’s not that I ever used netsh much but it was occasionally useful for scripting. The following is a list of what I think will be some useful cmdlets. Get-NetIPInterface: Queries and displays a list of interfaces on the computer. The list includes the IP addresses associated with an interface. Each interface has an index number that you can use to identify the interface with other cmdlets. So, this is similar to IPConfig /all. Get-NetIPInterface | Format-List Set-NetIPInterface: Modifies the configuration of an interface on the computer. You can use this to enable DHCP on an interface. Set-NetIPInterface –InterfaceIndex 12 –DHCP Enabled New-NetIPAddress: Adds an IP address to an interface. It is not possible to change an existing IP address, you must remove and create a new IP address. This cmdlet allows you to set the default gatew...

Prevent Autodiscovery from Using a Pre-production CAS

When you install a Client Access server (CAS) into an existing Exchange environment, an SCP object is created in Active Directory for autodiscover. That object is immediately available in Active Directory and can be located by Outlook clients. If the CAS is not ready, and you've not configured certificates on the CAS yet, then users may start getting the errors about untrusted certificates. To prevent clients from using the new CAS before it is configured (effectively disabling autodiscover), you can modify the SCP object by using the following cmdlet: Set-ClientAccessServer ServerName -AutoDiscoverServiceInternalUri $NULL Later, when the CAS is ready for production, you need to put the correct URI back into the object with the following cmdlet: Set-ClientAccessServer ServerName -AutoDiscoverServiceInternalUri https:// ServerFQDN /Autodiscover/Autodiscover.xml Update May 2018 For the last while, I've been hearing about issues when setting the autodiscover URL to $null. It see...