954NETWORK BLOG!

From time to time it is necessary to apply an email address policy using a non-standard name for the user (e.g. instead of the users alias JOHN@DOMAIN.COM you need JSMITH@DOMAIN.COM). This can be accomplished across the entire organization by editing the Recipient Policies/email Address policies and using the following variables before (to the left of…) the @ symbol in the domain. Here are the variables and some examples:

%g = givenName (First Name)

%s = sn (surName or Last Name)

%d = Display Name

%m Exchange Alias (Usually default for email addresses).

Here are some examples of how to combine and use these variables to customize your Recipient Policy/Email Addresses.

%1g.%s@DOMAIN.COM — This will give you j.smith@DOMAIN.COM

%g%s@DOMAIN.COM — This will give you johnsmith@DOMAIN.COM

%g@DOMAIN.COM — This will give you john@DOMAIN.COM

I am sure there are more that I can think of but you get the idea.

There are a lot of useful things that can be accomplished using Custom Attributes in Exchange 2007. This Doc applies to Recipient Policies (email Address Policies) and applying email addresses to users based on their custom attributes. This is useful when you have multiple domain names that you need to receive mail for as well as multiple users that need to have their primary email address in a domain that is different from the default domain.

First, create an Accepted Domain by navigating to Organization Configuration > Hub Transport. Click “New Accepted Domain” in the Action Pane. Fill in all of the domain information as needed and continue below.

1. Create your Email address Policy: Open Exchange Management Console and navigate to Organization Configuration > Hub Transport and click the “Email Address Policies” Tab. In the Action Pane, click “New Email Address Policy”

2. When the new email address policy wizard starts, Give your Policy a name (Does not have to be the domain name but it is a good idea to use the domain name for ease of future understanding). Click Next.

3. On this page, choose the condition “Custom Attribute 1 Equals Value”. Below that (Step 2) click “Specified” and enter a value for the custom attribute (Once again, I use the domain name) click Add then OK. Click Next.

4. Add the email address. Click Add and choose the format you would like to use (Pretty self explanatory when looking at it). Also, select the accepted domain for email address that you created earlier for this domain. Click Next twice and you are done.

5. Now, to apply this policy based on custom attribute, choose the users that this policy will apply to and change their Custom Attribute value to match the one you created in step 3 above. Navigate to Organization Configuration > Recipient Configuration and edit each user to apply this policy to (On the general tab, choose custom attribute and enter your value).

That is it. All users with the specific Custom Attribute will have the email address that corresponds to that attribute in the Email Address Policy that you created. You can do this for as many domains as there are Custom Attribute Fields.

I have had many requests over the past year from users that want to send as a distribution group as opposed to their primary account. This is useful when a user wants to send out something like an invoice from an email address such as accounting@domain.com. Fortunately, there is a way to easily grant a user or users permissions to send-as a distribution group using the Exchange Management Shell – Here is how:

1. Open the Exchange Management Shell as an Administrator.

2. Type in the following command, replacing GROUPNAME and USERNAME with the name of the distribution group that you want to grant the user(s) access to send as and the username(s) of the users that will be able to send-as this distribution group.

Add-ADPermission GROUPNAME -ExtendedRights Send-As -user USERNAME

Once you have entered that command for all of the users that will be sending as the distribution group, the user can now select the group in the FROM field of their Outlook client and send the message as that distribution group.

DigitalKid (jason)
www.954network.com

As many of you may already know, Apple has released an update to the iPhone software – Version 3.0. While this update is supposed to bring a lot of new features, you will not receive the same improvements as you would by purchasing the new iPhone 3G S (Which will be available tomorrow – Friday June 19th). I downloaded the new update yesterday and have had a few hours to play with it on my iPhone and explore some of the new features, so here is my take on the long awaited update.

Copy and Paste – Since the introduction of the iPhone by Apple, many users felt that the lack of a Copy/Paste feature was a huge inconvenience (Including Myself). No More! The new 3.0 Update has added Copy and Paste features you have all been waiting for. To use these features, you have to double-tap on a word and you are presented with a Copy/Cut Dialog that allows you to expand your selection and choose to copy. Then when you need to paste, you double-tap an area that you want to paste the text and choose paste. This is a great feature for those of us that do a lot of mobile emailing and texting.

Horizontally Oriented Keyboard – While this may not seem like a big deal, having the ability to type easier with both thumbs makes writing emails and text messages (and basically anything) much easier. To use this, when composing an email/text, turn the iPhone on it’s side – Viola!

Voice Memos – While there are a lot of free apps in the App Store to accomplish recordings, Apple has decided to build this feature in to the standard set of Apps on the iPhone. This is useful for those of us that are forgetful in our old age or who would like to record meeting notes (Or Blackmail someone Ha HA). I find this particularly useful when driving and trying to write down information.

Spotlight Search – One of the features that has been added that I find most useful is the new Spotlight Search. This makes it easy to find any type of information on your iPhone from one handy location. Simply start typing your query and the results will be displayed on the screen. This is great as I store a TON of information on my phone and have over 500 contacts. To use this, when at the home screen, slide to the left and you will see a search bar, you can also hit your home button when on your home screen to take you there.

Tethering – This is a cool feature that allows you to tether your iPhone to your laptop and use it as a 3G modem when on the road. From past experience, if you wanted to accomplish Internet Sharing using your iPhone and a laptop, your iPhone had to be jailbroken and you had to install a Proxy and set up an AdHoc (Peer-to-Peer) wireless network, setting your browsers proxy settings to the IP address of the iPhone. What a Pain!. As with the MMS feature (Mentioned below) AT&T will not support this feature at launch of the new 3.0 Software (and probably never will so that they can sell more of their Air Cards).

MMS – Ahh, the long awaited (and apparently we must wait longer) MMS messaging support. One of the biggest drawbacks that I found when I first purchased my iPhone was the inability to send/receive(easily) MMS messages. Apparently this new feature will be built into the new update but it is not yet supported by AT&T until late this summer (so I have heard). I cannot wait!

Improved Calendar – I am not sure how this will apply to users that do not have their iPhone connected to a Microsoft Exchange environment but mine is so – This feature Rocks. You now have the ability to use Free/Busy as well as send invitations to colleagues from the calendar app. This is a great improvement for those of us with Exchange and Busy corporate schedules.

Recent Calls – The recent calls list now includes a bit more information such as if the caller/called number was mobile, home or work as well as if it was outbound or inbound. This is pretty useful.

Camera Preview – The camera now has a small “blank spot” where the camera roll button used to be in the lower left of the screen. This is now a preview of the last photo taken. Check it out, take a picture and it appears in the blank spot.

Mail Folders to Push – Once again, another improvement for those using Exchange. You can now select what mail folders (Folders other than Inbox) to push to the phone automatically. This is a great feature, better than having to look in each folder individually to see if messages have arrived.

Improved iTunes – With the new update, you now have a more robust iTunes application in which you can redeem Promotional Codes as well as purchase music (and other media) directly from the iPhone with no need to use iTunes. This is handy when you are at a party and want to purchase an Album or download a Movie or other media.

All in all, the new update has a lot of great new features. I am a bit disappointed that the MMS and Tethering do not work but I hope to see MMS available by the end of the summer (Tethering may never happen with AT&T). I am also surprised that Apple is not including the Voice Dial Features and Video Camera to users updating to 3.0 (as opposed to purchasing the 3G s). I guess there will still be a need to Jailbreak your device if you had your heart set on these features and do not have the scratch to buy the new model.

As usual with the iPhone, it is (and always has been) a great phone – It is just a bit better now.

Hello again,

Recently I had a need to schedule a monthly defrag on all of the client machines in one of the networks that I manage. As usual, finding an efficient way of centrally deploying such a task is much easier than going to each machine and manually creating the task. I accomplished this by editing the SBS_LOGIN_SCRIPT.bat that is present on all SBS 2003 servers by default. Of course, if you are not in an SBS environment, you can apply this to any other login scripts that you may already have or create a new one and deploy it through Group Policy.

For my purposes, I needed a defrag to run automatically monthly on all machines so I used an app called schtasks.exe that is already installed on all 2000/XP machines. You can read the syntax by typing “schtasks /?” at the command prompt. Below is the line I added to my login script.

schtasks.exe /create /SC MONTHLY /D 20 /TN DefragMonthly /TR “C:\Windows\System32\defrag.exe\”C: -f” /ST 00:45:00 /SD 06/01/2009 /RU SYSTEM

Now, let me explain that as it may look cryptic..

/create – Indicates you are creating a scheduled task.
/SC – Specifies the Schedule Frequency (MONTHLY in this case).
/D – The Day of the month is should run (the 20th of each month in this case).
/TN – The Task Name (MonthlyDefrag in this case).
/TR – Task Run specifies the task to be ran or the application to be executed (”C:\Windows\System32\defrag.exe\”C: -f” in this case ((defrag.exe /? for more info on this))).
/ST – Start Time is the Hour at which the task should start in 24 hour format.
/SD – The Start Date, pretty self explanatory.
/RU – The user to run the task as (SYSTEM in this case – Must be SYSTEM or and Administrator).

After adding the above line to the Login Script, a new scheduled task will be added to the machines that run the login script. You can then wait until after the schedule was set to be run and check if it ran.

That is it for now..

DigitalKid (Jason)
www.954network.com

For years, there has been an ongoing debate with regards to the best Linux Distribution available. I thought that I would chime in on this and give my personal opinion on my top 5 favorite distros and how they got that way

1. Ubuntu– Ubuntu is my number one pick amongst Linux Distributions. Based on Debian, it is easy to use, even for beginners and easy to install for those that have never installed Linux before. It has great support for most hardware and comes in many variations, including a Server Edition. As well as being a great distro, the community behind it is as impressive. The Ubuntu Forums as well as the many other communities on the Internet can help you solve even the most difficult problems. Another great feature of Ubuntu is its package manager. Ubuntu uses Synaptic to install software and has an “Add-Remove” style application that makes it easy to search for, and install applications and manage package sources without (unless you want to add customs sources) editing any config files. Ubuntu is also very powerful, allowing the user to accomplish any task that can be accomplished with Windows and then some. The default Desktop Environment is Gnome but it can also be configured to use KDE (and if you are the adventurous type, you could install any Environment that you prefer – My second pick is Debian (No surprise since my first pick in based on this). Debian, Like Ubuntu is an easy to use and configure Package Based distribution. The installation is not as pretty as with Ubuntu but should be easy enough to follow for most first time Linux Users. Debian is also not as User Friendly as Ubuntu and requires a bit more Linux knowledge to take full advantage of its power but none the less, it is a great OS/Distro and relatively easy to use once you get your feet wet. Debian also does not include the same level of Support that Ubuntu does with respect to Automatic Updates that, with Ubuntu are supported for 18 Months on each new release.
2. Debian- My second pick is Debian (No surprise since my first choice is based on this). Debian, like Ubuntu is an easy to use and configure, package based distribution. The installation is not as pretty as with Ubuntu but should be easy enough to follow for most first time Linux users. Debian is also not as user friendly as Ubuntu and requires a bit more Linux knowledge to leverage its full potential but none the less, it is a great OS/Distribution and relatively easy to use once you get your feet wet. Debian also does not include the same level of support that Ubuntu provides with respect to automatic updates that, with Ubuntu are supported for 18 months on each release.
3. BackTrack 3- I am not sure that this Distro is appropriate for this particular post but I am choosing it as my Number 3. BackTrack is a Live Distribution (Although it can be installed directly to a hard drive) that is primarily used for Security and Auditing purposes. Unlike the two distros mentioned above, this is intended for those with a bit more knowledge of Linux (as well as Networking and Security amongst other things). The reasons that I like this Distro so much are many. For one thing, it makes auditing security and penetration testing very easy as it is built with all of the tools one would expect for tackling such tasks. Secondly, it can easily be installed on a USB Key or CDRW and booted quickly – giving you time to “Get in and Get Out!” Thirdly, this distribution provides a great platform for those interested in learning more about the internal workings of applications, protocols, services, wireless and in general a computers operation as they relate to exploitation and development/testing.
4. CentOS- Based on RedHat, CentOS (Community ENTerprise Operating System) is another great distribution. Like RedHat, it is package based Distro and uses RPM Packages for installation. It also has a server edition and a large community of Developers and Contributors for support. I like CentOS because it brings me back to my early days with Linux since Red Hat was the first Distribution I had ever used. CentOS like most other Distros is fully open source and free to the public for download. While I like CentOS, I am not a fan of the Desktop Edition and primarily use Cent as a means of testing software in a server environment.
5. SuSe - So here we are; my least favorite flavor of Linux. I will probably catch some flak for this one but here goes. I Hate SuSe! although there are many things to Like about it including its ease of Installation and use and pretty graphics. The trouble arises when you try to compile something from source – What! No Compiler? That’s right, as of the last time I installed this hideous chameleon on any of my hardware, there was no compiler installed by default. Once a compiler is installed, get ready to drive down the dependency superhighway for a week to get anything useful installed. I also do not like the fact that it likes KDE and looks too much like Windows. I suppose for someone new to Linux, this is an ideal candidate for a first distribution but anyone that uses Linux for anything other than a Windows Replacement probably feels the same. The reason it is on my top 5 favorites is because it was easy enough for my Wife to use for an entire year not having any knowledge of Linux.

Well, those are my 5 cents. If you have a favorite Linux Distribution that you would like to add to the list – Feel free.

As Microsoft Goes, competing in the Browser Industry has been a battle. After all of the exploits and holes that have been discovered and exploited over the years, many users have switched to alternative browsers such as FireFox. To combat this trend, MS released IE (Internet Explorer) 7 – Which enhanced security and added many features that Microsoft’s browsers had lacked in comparison with others such as tabbed browsing. Now they have improved upon IE 7 and released IE 8. I recently installed the new browser and took a short tour of the new features, below are my thoughts.

Accelerators: These allow you to complete tasks (Such as Spell Checks, Mapping, Translations etc). There are endless numbers of accelerators that you can add to IE 8 – Social Networking, Search, Translations, Maps and On and On. You can find the gallery of Accelerators here: http://ieaddons.com/en/. Some seem very useful, others not so much - Most of which are entertaining and will contribute to your Internet time wasting by adding direct interaction with sites like Face Book and others.

Enhanced Navigation Features: IE 8 has added a few new features to navigation. One that I find to be pretty cool as a techie is the Compatibility View feature. Since IE8 is a new release, some sites may not display properly within the browser. That is where Compatibility View comes in. You can find this feature next to the “refresh” button on the address bar. This is similar to the “User Agent String Utility” accept now these features are built right into the browser – No need to install a second application.

Speaking of the Address bar, there are a few enhancements here as well. For example, if you cannot remember a site that you visited a few days/weeks/months (depending on your history settings and browsing habits) IE 8 Will search across all aspects of your history and suggest sites. This is especially useful when doing research online.

Tab Grouping is also a helpful feature. When you click a link that opens another tab, the 2 related tabs (having the link in common) are color coded to each other. They are also opened next to each other as opposed to at the end of the tabs as with IE 7.

Increased Performance: Now IE starts quicker and loads pages faster. I am somewhat skeptical of this as I think it also depends on how many add-ons and plug-ins and other features that you have installed/enabled. I guess results will vary from user to user. I can say that it definitely loads faster for me but I have very few add-ins enabled and virtually no plug-ins installed.

InPrivate Browsing: Browse the web without saving history Cookies etc. This is useful when using a public computer or a friends PC. No form or password data (or any other data) is maintained on the computer after it is entered into the sites that you visit. This is also useful for the paranoid and those trying to “Cover their Tracks”.

Web Slices: Keep track of changes to your favorite sites. This is basically like a favorites system. For example, if you wanted to keep track of what is going on on MSNBC, you would see a green “Web Slice” icon in the upper right corner of the browser. By clicking the Web Slice icon, you add this site to the web slice favorites bar so that you can keep up with that “Slice” of the web.

Smart Screen Filter: Websites that have been deemed unsafe can be screened using this feature. You can also submit a site to the list of questionable sites. This does not seem very useful to me personally but may be useful for parents etc. You can enable this feature by clicking on the “Safety” drop down on the Right side of the browser window and choosing “InPrivate Filtering”.

All in All, my experience with Internet Explorer 8 so far Has been a good one. I will have to use it for a few more days before I am sure that I like it though and I will definitely have to thoroughly test it before deploying it to any of my clients. As with any new browser, it will take some time to learn all of the new features and test as many sites as possible for compatibility and functionality. I will also be testing the Web Slice features as I have always HATED the favorites system.

Jason (Digitalkid)
www.954network.com

As a Systems Administrator, procedures that take longer than they should is an extreme annoyance. That being said, I am sure that some of you out there are wondering the same thing that I was when dealing with Dell Servers and Terminal Services. How do you remove that annoying splashscreen/Wallpaper when logging into a Dell Server? Well my friends, it turns out that it is a simple registry hack – Below:

Navigate to HKEY_USERS\.DEFAULT\Control Panel\Desktop

You will see a number of values on the right, find the one labeled “Wallpaper”, Edit it and clear the contents of the value. Once complete, Log off and back on and see if the Wallpaper comes up again.

Jason (Digitalkid)
www.954network.com

Firstly, I would like to say hello again. I have not posted in quite a while as I have been preoccupied with the holidays and the end of the tax year and beginning of the new year.

Now that we have that out of the way, I have seen a lot of people wondering how to configure email alerts from Symantec BackupExec. Most are having issues receiving the alerts once they have configured the server settings. The application seems to not want to send email through a local Exchange Server (Relay). I have had this issue in the past myself and have a few ways to get around this that I thought I would share with you - so lets get started.

First off, when configuring the Alert Settings, in older versions of BackupExec (9.X, 10.X, 11.X), you will notice that there are no options for SMTP authentication, which means you need a relay. One way around this is if your ISP allows you to relay through their servers when behind an IP assigned by them. If this applies to you, you can ask them what their outbound SMTP server address is and use that as a relay. This typically works with BellSouth and FDN in my experience. Ask your ISP or just test this configuration and see if it works with your Internet Provider.

The second method is relatively easy and only requires that you use localhost as your SMTP server. You can do this in a few situations. The first is if you have BackupExec installed on your Exchange server or SBS Server locally. Simply open Exchange System Manager, Expand Administrative Groups > First Administrative Group > Servers > [You Server Name] > Protocols > SMTP. Right Click the Default SMTP Virtual Server and choose properties. Go to the Access tab and click the Relay button. You should see that your local subnet as well as the local host are allowed to relay. If you do not see this, add these items to the allow relay list and configure BackupExec to use Localhost (127.0.0.1) as the mail server. Test these settings under the recipients configuration. This should also work for remote machines, just add the IP address of the remote machine that you want to allow to relay.

The third method uses the MAPI configuration. To do this, you will need to create a contact in Active Directory Users and Computers that has the email address that you would like to receive alerts to assigned to it. I am not going to go into how to create a contact in this post. After creating the contact, open BackupExec, go to Email and Pager notifications. Choose the MAPI Configuration tab and specify your Exchange Server under MAPI mail server. For mailbox name, Specify the contact that you created earlier. When messages are sent to this contact, they should go to the email address that is associated with the contact. I am not sure if this works on servers that are remote to the Exchange server though so you will have to experiment if your BackupExec installation is not on the same machine that Exchange lives on.

If all of the above do not work for you, I suggest upgrading to the latest version of BackupExec (version 12.X as of this post) which allows SMTP authentication to be configured for outbound email. Alternatively, you could install SMTP on a remote server (whether it runs BackupExec or not) and allow relay only from the servers that you want alerts sent from. This can be done under Add/Remove Programs > Add/Remove Windows Components: Under – Application Server > Internet Information Services > SMTP Service. I will not go into the details of this configuration but it is fairly easy to set up and as always, google.com can assist.

Jason (Digitalkid)
www.954network.com

Recently, a new vulnerability has been discovered in Internet Explorer 7, affecting Windows XP, Server 2003/2008 and Windows Vista. Known as the “Internet Explorer XML Zero-Day”, it has already been seen in the wild in China. The vulnerability allows a remote attacker to take control of a users PC after successful exploitation. The exploit occurs when a user visits a web site that has been poisoned by the exploit code. The user then inadvertently is infected with a Trojan, allowing remote code execution and full control of the infected computer.

Microsoft has not yet released a patch but is aware of the vulnerability and has released an advisory HERE as well as a work around that can be performed by Administrators HERE. This vulnerability is considered Critical. Users should remain vigilant when surfing the Internet and check often for future updates to patch the flaw if the work around is not performed.

UPDATE: Microsoft has released a patch for this flaw through Windows Update. You can find more information about the patch HERE.

Jason (Digitalkid)
www.954network.com