04. November 2015 · Comments Off on Check Whether the Exchange Server is an Open SMTP Relay using a Telnet Test · Categories: Microsoft · Tags: , ,

Check Whether the Exchange Server is an Open SMTP Relay using a Telnet Test

A Telnet test involves establishing a Telnet session from a computer that is not located on the local network to the external (public) IP address of the Exchange server. You need to carry out the test from a machine at home, or from another office. Doing the test from a machine on your own network will produce useless results.

  1. Start a command prompt.
    Either click start, run and type CMD
    or Choose Command Prompt from Start, Programs, Accessories, Command Prompt
  2. Type “telnet” (minus quotes) and press enter.
  3. At the Telnet prompt, type

    set localecho

    (minus quotes) and press enter. This lets you see what is going on.

  4. Still in the telnet prompt, enter the following command and then press enter

    open external-ip 25

    where external-ip is your external IP address eg:

    open 111.222.333.444 25

  5. You should get a response back similar to the following:

    220 mail.server.domain Microsoft ESMTP MAIL Service, Version: 6.0.2790.0 Ready at

  6. Type the following command in to the telnet windows:

    ehlo testdomain.com

    and press enter (note “testdomain.com” can be anything that isn’t a domain that the Exchange server is responsible for.

  7. After pressing OK you should get a response back

    250 OK

  8. Type the following command in to the telnet window:

    mail from:address@testdomain.com

    and press enter (again where address@testdomain is an email address that is not on the Exchange server. Note the lack of space between from and the first part of the address).

  9. After pressing OK you should get a response back:

    250 2.1.0 address@testdomain.com….Sender OK

  10. Type the following command in to the telnet window:

    rcpt to:address@anotherdomain.com

    and then press enter (where address@anotherdomain.com is not either an address you use internally or the address you entered earlier as the from. Once again note the lack of space between to and the first part of the e-mail address).

  11. After pressing enter you will get one of two responses.
    If you get

    550 5.7.1 Unable to relay for address@anotherdomain.com

    then you are relay secure.
    However if you get

    250 2.1.5 address@anotherdomain.com

    Then you are an open relay.

09. February 2015 · Comments Off on Windows Update locked due to group policy · Categories: Microsoft, Windows · Tags: , , , ,

winupdate_admincontrolled

 

Open gpedit.msc and browse to the location /Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication Settings and double click “turn off access to all windows update features” and set it to disabled.
Open regedit and back up the key

Remove reg key from regedit
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate
and delete WindowsUpdate as it may contain your administrator settings for windows update which  includes a WSUS server address, this entry prevents your windows update from contacting windows update directly.

 

Windows Server Time Sync Configuration

The following steps can be used to configure DCs the default Windows time service hierarchy in an AD forest.  The procedure will also remove any errors in the Event Viewer, if any existed.

Do not use if you are using a third party stratum service and refer to the vendor’s documentation for further instructions

Check and Document the Current Time Configuration on the PDC Emulator
More »

04. November 2014 · Comments Off on Win 2012 R2 WDS Fix – 0XC000000F – required file is missing or contains errors (winload.exe) · Categories: Microsoft, Windows · Tags: , , ,

Windows 2012 R2 currently halts with an error (0XC000000F)  when the Windows Deployment Server attempts to Capture an Image.  Run the below commands to mount the capture wim file and then unmount.  This work around will allow WDS to run and capture the image
More »

02. November 2014 · Comments Off on How to setup BGInfo to run as a batch file · Categories: Microsoft, Windows · Tags: , ,

Download BGInfo from HERE

Extract and Open bginfo.  On the Right side of the configuration window, you can edit the content to customize the fields to appear on your system wallpaper.  Once edited, click file -> Save as -> Type the name as .bgi and select location C:\BGInfo folder  BGInfo folder should
More »

02. November 2014 · Comments Off on Automatic login for Windows Server 2012 R2 · Categories: Microsoft, Windows

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“AutoAdminLogon”=dword:00000001
“DefaultUserName”=”Administrator”
“DefaultPassword”=”ThePassword”

No longer need to login every time I boot up my test server

03. May 2014 · Comments Off on No remote Desktop Licence Server availible on RD Session Host server 2012 · Categories: Microsoft · Tags: , , , , , , ,

A fully functional and activated 2012 Remote Desktop Session Host server displayed the following message:

error no licence

This was a simple setup on one server with the: connection broker, Session Host and Licensing server with 2012 CAL’s installed.

More »

17. April 2014 · Comments Off on OpenSSL Heartbeat (Heartbleed) Vulnerability (CVE-2014-0160) and its High-Level Mechanics · Categories: Cisco, Linux, Microsoft, Office365, VMWARE, Windows · Tags: , , , , , , ,

Cisco Devices are not effected as they are running OpenSSL version 0.9.8 on the newest 9.01 IOS Software. Most Cisco Firewalls have Older IOS versions and therefore have older versions of OpenSSL.

The heartbleed bug was introduced in OpenSSL 1.0.1 and is present in
• 1.0.1
• 1.0.1a
• 1.0.1b
• 1.0.1c
• 1.0.1d
• 1.0.1e
• 1.0.1f
The bug is not present in 1.0.1g, nor is it present in the 1.0.0 branch nor the 0.9.8 branch of OpenSSL.

26. February 2014 · Comments Off on Browser Not Supported, IE10, IE11 – Remote Desktop Services 2008 R2 · Categories: Microsoft · Tags: , , , , ,

Microsoft Remote Desktop Services / RDS website Errors from a Windows 8 machine or a pc with Internet Explorer 10 or 11. You get the below Error

65436543653624231213

Browser Not Supported - This Web browser is not supported by RD Web Access. RD Web Access requires Internet Explorer 6.0 or later. You can download the latest version of Internet Explorer from the Windows Update Web site

This is caused by Microsoft not releasing an update to 2008 to allow it to be accessed in the later browsers. In order to get it to work we can implement a workaround that forces machines with newer browsers to access the site as IE9 compatability view.
More »

31. December 2013 · Comments Off on Exchange 2007 SP3 – New-ReceiveConnector fails · Categories: Microsoft · Tags: , , , , , , ,

When creating a new Receive Connector on Exchange Server 2007 SP3 (Update Rollup 2) the creation failed with a non-retriabele error and a “the requested attribute does not exist” error:

Error:
Active Directory operation failed on GL-SRV.test.local. This error is not retriable. Additional information: The parameter is incorrect.
Active directory response: 00000057: LdapErr: DSID-0C090C26, comment: Error in attribute conversion operation, data 0, v1772

The requested attribute does not exist.

Exchange Management Shell command attempted:
new-ReceiveConnector -Name ‘mail.gltest.com’ -Usage ‘Internet’ -Bindings ‘0.0.0.0:25’ -Fqdn ‘mail.gltest.com’ -Server ‘GL-SRV’

Elapsed Time: 00:00:00

According to this article on the Microsoft Exchange Team site more people are facing this issue (scroll through the comments). It looks like something specific to UR1 and UR2 for Exchange Server 2007 SP3:http://blogs.technet.com/b/exchange/archive/2010/09/09/3410985.aspx

Microsoft is aware of this issue and it is currently being investigated. It looks like the schema upgrade during SP3 is not performed properly sometimes, resulting in an incorrect schema for Service Pack 3. Unfortunately the setup application of SP3 continues, resulting in these kind of errors.

You can solve it by running the Exchange 2007 SP3 schema upgrade again:

Setup.com /PrepareSchema

After this creation of a new Receive Connector is successful.