Archive

Archive for the ‘Uncategorized’ Category

Preventing Stationary/Theme Changes via GPO in Outlook 2016

January 30th, 2024 No comments

This is only covered partially in other places. To prevent changing themes/stationary and also reverting existing themes/stationary push all four of the below keys via GPO.

Create REG_SZ values

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\MailSettings
“NewStationery”=””
“NewTheme”=””

HKEY_CURRENT_USER\Software\Policies\Microsoft\office\16.0\common\mailsettings
“NewStationery”=””
“NewTheme”=””

Categories: Uncategorized Tags:

Settings page visibility missing in GPO in Server 2016

January 2nd, 2019 No comments

You should be seeing the settings page at “Computer Configuration –> Administrative Templates –> Control Panel” with the name “Settings Page Visibility” within Server 2016, but you don’t. :sadpanda:

To resolve:

– Apply all cumulative updates, this first appeared in the September 2018 update

– Copy ControlPanel.adml from C:\Windows\PolicyDefinitions\en-US\ and ControlPanel.admx from C:\Windows\PolicyDefinitions to the same folders in your central repository (if you are using one) at \localhost\sysvol\<domain name>\Policies\PolicyDefinitions\ and \en-US.

– Close, reopen GPO mgmt console


Thanks to
https://www.carlstalhood.com/group-policy-objects-vda-user-settings/#settingspag
for helping me find the answer.


Categories: Uncategorized Tags:

McAfee ePO – Missing dependencies – commonui-core-common:1.3.0 commonui-core-rest:1.3.0

December 31st, 2018 No comments

When checking in extension ‘Data Loss Prevention 11.0 Patch 6 ePO extension’ I receive the error:

Command Failed: Missing dependencies are required by extension UDLPSRVR2013: commonui-core-common:1.3.0 commonui-core-rest:1.3.0. Ensure these extensions and minimum versions are installed..

Failed to check in extension ‘Data Loss Prevention 11.0 Patch 6 ePO extension’.

I was unable to find these commonui-core extensions under the mcafee download site, nor in my software manager.

To resolve, within the McAfee download site at https://www.mcafee.com/content/enterprise/en-us/downloads/my-products/downloads.html, download one of the extensions named “McAfee Data Loss Prevention ePO extension Version 11.x” (should work for 11.0 and 11.1 at least). Within this package you will find mfs-commonui-core-common-1.3.0.258.zip and mfs-commonui-core-rest-1.3.0.258.zip.

After installing these two extensions, you will now be able to install the DLP extension for 11.x.

Categories: Uncategorized Tags:

SRM v6.5 – There are not enough licenses installed to perform the operation.

December 11th, 2018 No comments

To resolve

  • upgrade license in vmware license portal to version 6
  • within vcenter > home > administration > license > add the license
  • Click on the assets tab > solutions button >  right click on SRM solution > assign license

The step about assigning the license in the assets tab is wrong on all VMware documentation I have read, which led me to having to call support to resolve.

Categories: Uncategorized Tags:

Veeam repository recommendation

August 11th, 2017 No comments

Updated this post from 2015 for 2017 prices and other updates.

I repost this so much on reddit I decided to just create an entry here to reference:

This is what I recommend if you want cheap, without support, but with decent reliability/redundancy and excellent performance. Use RAID 6 for capacity, RAID 10 for highest reliability and performance. Deduplication will increase your available space by 25-35% or more depending on what you are storing. Increase number of disks and JBODs for more storage.

This method requires a dedicated server to provide NFS, however I think iSCSI is built into 2012r2 and 2016 now. It has the advantage of being able to house Veeam also, though you should use at least one VM as a proxy for a hot add disk performance boost.  Note SuperMicro also offers storage enclosures with a server motherboard, etc, but they don’t have the high disk bay count that this enclosure does.

JBOD enclosure with space for 45 SAS drives. Use any server you have laying around that supports PCIx2 and install Server 2012r2/2016 with deduplication enabled.  This approach is also favorable with Linux variants like FreeNAS, but verify compatibility with the RAID controller before proceeding.

JBOD chassis (1x) – $2499 SuperMicro CSE-847E26-RJBOD1 http://www.newegg.com/Product/Product.aspx?Item=N82E16811152143
(At the time of this post CDW had more favorable prices on this enclosure than NewEgg or Amazon.)

SAS RAID controller (1x) – $310 Avago/LSI 9280-8e http://www.newegg.com/Product/Product.aspx?Item=N82E16816118109

RAID controller backup battery (1x) – $165 MegaRAID LSIiBBU08 http://www.newegg.com/Product/Product.aspx?Item=N82E16816118163&Tpk=N82E16816118163

SAS cables (2x) – $58ea=$116 SFF-8088(M) to SFF-8088(M) https://www.newegg.com/Product/Product.aspx?Item=9SIA1K02CM9365

Disks (??x) – $191ea=? Seagate ST4000NM0023 4tb Enterprise Capacity 128mb 7200rpm http://www.newegg.com/Product/Product.aspx?Item=9SIA5EM1PU0823&cm_re=ST4000NM0023-_-22-178-306-_-Product
(This was my spec when I purchased in 2015, obviously higher capacity versions exist.  Make sure to purchase SAS drives, higher the warranty term and RPM the better)

Internal mini SAS cables (2x) = $68 http://www.cdw.com/shop/products/Tripp-Lite-3ft-Internal-SAS-Cable-mini-SAS-SFF-8087-to-mini-SAS-SFF8087-1M/1464242.aspx

 

Setting up the JBOD enclosure cabling can be a little difficult, this review from Amazon was very helpful for me:

on February 23, 2014

I just completed a ZFS on Linux deployment and am very impressed with the results. There is no better deal than a setup like this: very inexpensive with excellent performance. The components were a Supermicro 847 45 drive 4U chasis, an LSI 9200-8e external SAS card, 2 Monoprice 2M SFF-8088 cables, 10 Hitachi Ultrastar 4TB 7K4000 SAS enterprise drives, and a SanDisk Extreme II 480GB SSD (as high speed L2ARC cache and ZIL). Despite running raidz2 in an 8 drive (+2 hot spares) configuration, I have read speeds of 760 MB/s and write speeds of 330 MB/s (on a Dell PowerEdge R610). I have complete confidence that this performance will scale up to saturate the SAS link with read/write speeds of 1 GB/s as I add in more drives, matching performance of my other (much more expensive, commercially sourced) disk arrays. The content on these disk arrays is being served over NFS via Intel 10 Gigabit Ethernet cards with read speeds to RAM on the clients that are in the 500 MB/s range. The entire setup cost less than 6k for 40TB raw capacity; it’s beautiful. Total hardware setup time was about 4 hours one afternoon with two people.

This JBOD array is very nice. It has 24 disks in the front and 21 in the rear each with their own redundant dual-SAS expander backplane. It has tons of fans in the center of the box, each easily detachable if any should fail. There are four SFF-8088 connectors in the rear and, aside from redundant 1400W power, that is the only connectivity this JBOD has. The unit ships without any of those SAS connectors wired up, so you have to open the box and route things as desired. Particularly since this is a dual-SAS expander backplane on both backplanes (for redundant data paths) and also has auxiliary input connections for nearly-double SAS bandwidth, there are quite a few choices on how to set things up. Further, if so desired, you could even wire up each of the backplanes independently and have two entirely separate disk arrays (one in the front and one in the rear) all in one unit. It’s just a matter of how you choose to wire up the backplanes. Check appendix C/D of the manual for diagrams and more information. The tech support at Supermicro are also very helpful and knowledgeable, but I had a bit of a hold time (10-15 minutes).

Since the SAS routing is the most complicated thing to understand with this unit, let me go into more detail. Each bank of disks (24 front/21 back) has its own redundant dual-SAS backplane. There is another slightly cheaper model that doesn’t have the redundant backplane chip/SAS connectors wired in, but the price difference isn’t all that significant. In the front, each redundant SAS port expander has three connections: primary, auxiliary, and pass-through. Since this is a redundant SAS backplane, there are a total of six SAS connections on the backplane, so be careful, it can be easy to get confused. Primary and auxiliary are used for connecting to the front bank, and pass-through is used for chaining out to the rear backplane. If you use both primary and auxiliary connections, you can get nearly double the SAS bandwidth out of your front array since they are dedicated routes. The rear backplane has a similar set of connections, but lacks an auxiliary port, and has only primary and pass-through. With redundancy, this is a total of four SAS connectors. All this connectivity is amazing, but you only get to route four SAS connectors to the outside of your unit unless you want to leave the lid open or drill out into the side (which is quite doable), so you have to choose a configuration. You sadly can’t expose all ten SAS connectors, although that would have been truly awesome.

A couple things to note are that the redundant dual-SAS backplane functionality only works with SAS drives, so don’t populate this with SATA drives if that’s what you want (this is just a fact of the protocols, nothing specific to this unit). This concept also holds if you are daisy-chaining the rear backplane to the front backplane. You’ll also want to populate with SAS drives in that case too because SATA doesn’t do well with daisy-chained SAS expansion sets. I wasn’t planning on either of those configurations though and went with SATA drives because they’re a bit faster than their SAS equivalents. I’ve only populated less than one half of the front backplane so far and already am very impressed.

Installation was pretty simple once you decipher how the included rails are supposed to be setup. Everything snapped into place with super smooth sliding rails. It is a pretty heavy beast though, you will want a dolly to roll it into the server room with and a friend/colleague to help you with sliding it in. At around 70-80 pounds, it’s too much for one person to carry, but it was no problem for two people to install. It’s somewhat amazing to get this high a drive density in a 4U package, but Supermicro pulled it off very well. I now have years of expandability for my array at a fraction of the cost of commercially-prepared systems. If you have any hesitations about this system, I’d cast them aside. I’ve had two of these monsters deployed for three years already without a single hiccup. This third one was the first disk array I purchased piece-by-piece myself. Definitely the right move.

Categories: Uncategorized Tags:

VMWare SRM – When trying to protect a VM – There are not enough licenses installed to perform the operation

April 6th, 2016 No comments

So there were plenty of licenses, what else can be wrong?

 

Within the log files @ C:\ProgramData\VMware\VMware vCenter Site Recovery Manager\Logs I saw the following:

2016-04-06T15:38:31.479-05:00 [09472 warning ‘Licensing’] Unable to decode license ”: INVALID_SERIAL
2016-04-06T15:38:31.480-05:00 [07916 info ‘Licensing’] Initializing with license key:
2016-04-06T15:38:31.480-05:00 [07916 verbose ‘PropertyProvider’] RecordOp ASSIGN: asset, DrLicenseManager
2016-04-06T15:38:31.480-05:00 [07916 warning ‘Licensing’] The license key ” expired on 1970-01-01T00:00:00Z
2016-04-06T15:38:31.481-05:00 [09240 warning ‘Licensing’] This SRM instance is no longer in compliance. 41 4(s) are not licensed for protection.

In the web client under home > licensing > solutions I found something that didn’t exactly refer to SRM but I assigned the SRM key to it anyways.  After assigning this key the problem was resolved.

Categories: Uncategorized Tags:

Return the X-Frame-Options HTTP header in IIS 7 for Exchange OWA

December 18th, 2015 No comments

To prevent click-jacking, add the HTTP response header “X-Frame-Options” into IIS for websites and or Exchange OWA:

– Open IIS Manager and click on the server name in the left column.  Drill down if you only want to apply to one website.
– In Features View, double-click HTTP Response Headers.
– On the HTTP Response Headers page, in the Actions pane, click Add.
– In the Add Custom HTTP Response Header dialog box, add a header called “X-FRAME-OPTIONS”, and assign it’s value to “SAMEORIGIN”.
– Click OK

 

You can validate correct function by visiting one of these websites:

https://securityheaders.io
http://web-sniffer.net/

Categories: Uncategorized Tags:

Server Connection: Not Connected to SRM server

December 17th, 2015 6 comments

I was unable to find this problem documented anywhere, though there was a reference to it on another blog here:   http://www.virtualmachinery.co.uk/2015/03/upgrading-site-recovery-manager-55-to.html

 

The problem presents itself this way, looking at SRM in the web client in version 5.5 of VMWare, 5.8.1 of SRM:

Capture

As you can see, client connection shows as connected, however server connection shows as “Not Connected to SRM server”.  It wasn’t obvious to me, but what this means is the sites are not connecting to each other, even though they are paired and everything else looks green.

Additionally you will notice that the option to replicate changes to the secondary site before failover will be grayed out.

I spent several days troubleshooting this before I found an indicator in the logs that pointed to certificate errors.  I believe that if I was able to un-pair and then re-pair the sites, this would have been resolved.  However in order to un pair sites, you must first delete the recovery plans and protection groups.  When attempting to delete, the status would say deleting and never complete.

Ultimately to resolve I uninstalled SRM at both sites, deleting all data from database.  I then reinstalled and reconfigured SRM, protection groups, and recovery plans.

Edit: According to Jim in the comments, there is a better way – confirmed by multiple people.

Categories: Uncategorized Tags:

Recommended extensions to block @ spam filter

December 10th, 2015 No comments

*.ade
*.adp
*.arj
*.asx
*.bas
*.bat
*.cab
*.chm
*.cmd
*.com
*.cpl
*.crt
*.exe
*.hlp
*.hta
*.inf
*.ins
*.jar
*.js
*.jse
*.jsp
*.lib
*.lnk
*.mdb
*.mde
*.msi
*.msp
*.nsc
*.pcd
*.pif
*.pptm
*.ps1
*.reg
*.rwa
*.scr
*.sct
*.shs
*.vb
*.vbe
*.vbs
*.wmd
*.wsc
*.wsf
*.wsh

Additionally you may consider scanning these closer, quarantining, or blocking:
*.rar (block any that are encrypted/can not be scanned)
*.zip (block any that are encrypted/can not be scanned)
*.pdf (block any that are encrypted/can not be scanned)
*.xlsm (macro enabled xls)
*.docm (macro enabled docs)
*.doc (block any that are macro enabled if possible)

Categories: Uncategorized Tags:

Phishing test providers I recommend

August 6th, 2015 No comments
  • phishingbox
  • threatsim
  • wombat security
  • knowbe4

If training isn’t important to you, go with phishingbox. They are the cheapest.

If training is important to you, go with ThreatSim or Wombat Security.

I find knowbe4’s training materials to be meh, but that may just be me.

My personal recommendation is ThreatSim. Their training is lagging behind, but their support is beyond excellent. I suspect they will become a major player in a year from now.

Edit: ThreatSim has been acquired by Wombat Security – this will likely increase the cost of ThreatSim in 2016

Categories: Uncategorized Tags: