DPI Settings on RDP Sessions

Do you have a computer with High-DPI screen? A very high resolution display? And is everything too small to see within your Remote Desktop Connection, try this solution…

This issue is caused by lack of not being DPI scaling aware of the Remote Desktop Client. If you open a Remote Desktop connection to a server or other computer the native resolution of the computer is used instead of the scaling to 1920×1080, so you’ll get very small icons etc.

1.

First tell Windows to look for a manifest file for an application by default. This can be done by setting a registry entry.

Open regedit and navigate to the registry key:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide
Right-click, select NEW -> DWORD (32 bit) Value
Type PreferExternalManifest and then press ENTER.
Right-click PreferExternalManifest, and then click Modify.
Enter Value Data 1 and select Decimal.
Click OK. Exit Registry Editor.

2.

Next step is to make a manifest file, , you can download it here.  Important is that you save the file in the same directory as the Remote Desktop Client executable (mstsc.exe).
%SystemRoot%\System32\”

3.

Now try and connect with Remote Desktop again.

 

VBS Scripts – Drives,Printers & Fonts

Drives.vbs

'Remove Drives

ON ERROR RESUME NEXT

DIM objNetwork,colDrives,i

SET objNetwork = CREATEOBJECT("Wscript.Network")

SET colDrives = objNetwork.EnumNetworkDrives

FOR i = 0 to colDrives.Count-1 Step 2
 ' Force Removal of network drive and remove from user profile 
 ' objNetwork.RemoveNetworkDrive strName, [bForce], [bUpdateProfile]
 objNetwork.RemoveNetworkDrive colDrives.Item(i),TRUE,TRUE
NEXT

'Connect Drives

On Error Resume Next

Set objNetwork = CreateObject("WScript.Network")
Set objShell = CreateObject("Shell.Application")
brugernavn = objNetwork.UserName

' Attach Share
objNetwork.MapNetworkDrive "H:", "\\Server\Share", TRUE
objShell.NameSpace("H:").Self.Name = "Share"

' Attach User Share
objNetwork.MapNetworkDrive "U:", "\\Server\UserShare\" & brugernavn, TRUE
objShell.NameSpace("U:").Self.Name = brugernavn & "´s dokumenter"

Printers.vbs

Set objNetwork = CreateObject("WScript.Network")

on error resume next

objNetwork.AddWindowsPrinterConnection "\\Server\Printer1"
objNetwork.AddWindowsPrinterConnection "\\Server\Printer2"

objNetwork.RemovePrinterConnection "\\Server\Printer3"


objNetwork.SetDefaultPrinter "\\Server\Printer1"

FontInstall.vbs

Const FONTS = &H14&

Set objShell = CreateObject("Shell.Application")
Set objFolder = objShell.Namespace(FONTS)
objFolder.CopyHere "\\Server\Share\Fonts\HelveticaNeueLTStd-Cn.otf"

 

Robocopy Scripts – Sync network shares

Robocopy Script 

@ECHO OFF
SETLOCAL

SET _source=\\Server1\Share1
SET _dest=D:\Shares\Share2

SET _what=/ZB /E
:: /COPYALL :: COPY ALL file info
:: /ZB :: Use restartable mode; if access denied use Backup mode
:: /SEC :: copy files with SECurity
:: /E :: Copy Subfolders, including Empty Subfolders.
:: /PURGE :: Delete dest files/folders that no longer exist in source.
:: /MIR :: MIRror a directory tree - equivalent to /PURGE plus all subfolders (/E)

SET _options=/R:5 /W:5 /XO /TEE /ETA /NDL /NP 
/LOG:RoboCopyLog.txt
:: /R:n :: number of Retries
:: /W:n :: Wait time between retries
:: /LOG :: Output log file
:: /TEE :: Output to console window, as well as the log file
:: /NFL :: No file logging - don’t log file names
:: /NDL :: No dir logging - don’t log directory names

ROBOCOPY %_source% %_dest% %_what% %_options%

blat.exe -f Administrator@email.dk -to me@email.dk -server smtpserver.dk -subject "RoboCopy Sync" -body "Robocopy script has completed" -attach RoboCopyLog.txt

:: Remember to copy blat.exe to "%SystemDrive%\Windows\System32\"

:: You can also download RoboMirror

Outlook – Error “The name of the security certificate is invalid or does not match the name of the site.”

Problem
Seen in Outlook when connecting to a mailbox on an Exchange Server, its caused by using a self signed certificate OR a purchased certificate, where the internal and external names are different.

 

Solution
1. On the Exchange Server > Start > All Programs > Microsoft Exchange Server {version} > Exchange Management Console.
Exchange 2016
Set-ClientAccessService -Identity <server> -AutoDiscoverServiceInternalUri https://mail.mydomain.com/autodiscover/autodiscover.xml

Set-OwaVirtualDirectory -Identity "<server>\OWA (Default Web Site)" -ExternalUrl https://mail.mydomain.com/owa -InternalUrl https://mail.mydomain.com/owa

Set-EcpVirtualDirectory -Identity "<server>\ECP (Default Web Site)" -ExternalUrl https://mail.mydomain.com/ecp -InternalUrl https://mail.mydomain.com/ecp

Set-WebServicesVirtualDirectory -Identity "<server>\EWS (Default Web Site)" -ExternalUrl https://mail.mydomain.com/EWS/Exchange.asmx -InternalUrl https://mail.mydomain.com/EWS/Exchange.asmx

Set-ActiveSyncVirtualDirectory -Identity "<server>\Microsoft-Server-ActiveSync (Default Web Site)" -ExternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync -InternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync

Set-OabVirtualDirectory -Identity "<server>\OAB (Default Web Site)" -ExternalUrl https://mail.mydomain.com/OAB -InternalUrl https://mail.mydomain.com/OAB

Set-MapiVirtualDirectory -Identity "<server>\mapi (Default Web Site)" -ExternalUrl https://mail.mydomain.com/mapi -InternalUrl https://mail.mydomain.com/mapi

Set-ClientAccessServer -Identity <server> AutoDiscoverServiceInternalUri https://mail.mydomain.com/Autodiscover/Autodiscover.xml

Set-OutlookAnywhere -Identity "<server>\RPC (Default Web Site)" -ExternalHostname mail.mydomain.com -InternalHostname mail.mydomain.com -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM
Exchange 2010 and SBS 2011 (change the values in red)

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” –InternalUrl https://mail.publicdomain.co.uk/EWS/Exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\OAB (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/OAB

Set-ActiveSyncVirtualDirectory -Identity “EXCHANGE-MAIL\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://mail.publicdomain.co.uk/Microsoft-Server-Activesync

Outlook Anywhere Note

If you intend to use Outlook Anywhere, you may also want to execute the following command. Particularly if you use SBS, which has a habit of setting remote.publicdomain.com as the default outside name.

Set-WebServicesVirtualDirectory –Identity ‘EXCHANGE-MAIL\EWS (Default Web Site)’ –ExternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Exchange 2007 (change the values in red)

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\oab (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/oab

Set-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (Default Web Site)” -InternalUrl https://mail.publicdomain.co.uk/unifiedmessaging/service.asmx
For Small Business Server 2008
For SBS 2008 the commands are Different! (the following commands are for Exchange 2007 on SBS 2008 ONLY;

Set-ClientAccessServer -Identity EXCHANGE-MAIL -AutodiscoverServiceInternalUri https://mail.publicdomain.co.uk/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “EXCHANGE-MAIL\EWS (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “EXCHANGE-MAIL\oab (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/oab

et-UMVirtualDirectory -Identity “EXCHANGE-MAIL\unifiedmessaging (SBS Web Applications)” -InternalUrl https://mail.publicdomain.co.uk/unifiedmessaging/service.asmx
Note: where EXCHANGE-MAIL is internal and mail.publicdomain.co.uk is external name

2. Then open the IIS Manager Expand Application Pools > MSExchangeAutodiscoverAppPool > Right Click > Recycle.
Note: You may have to enter the FQDN of the server rather than its Netbios name!!

Linux – Expand a Hard Disk with Ubuntu LVM

After you make the additional space available in VMWare/Xen/Hyper-V, first reboot your Ubuntu server so it can see the new free space (commenter Michal, below, points out that you can avoid this restart by asking the kernel to rescan the disk with ‘echo 1 > /sys/class/block/sda/device/rescan’). Then we’ll run the GNU partition editor to examine our disk:

root@myserver:/# parted
GNU Parted 2.2
Using /dev/sda
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) print free
Model: VMware Virtual disk (scsi)
Disk /dev/sda: 42.5GB
Sector size (logical/physical): 512B/512B
Partition Table: msdos 
Number  Start   End     Size    Type      File system  Flags
        32.3kB  32.8kB  512B              Free Space
 1      32.8kB  255MB   255MB   primary   ext2         boot
        255MB   255MB   8192B             Free Space
 2      255MB   16.1GB  15.8GB  extended
 5      255MB   16.1GB  15.8GB  logical                lvm
 3      16.1GB  21.5GB  5365MB  primary
        21.5GB  21.5GB  6856kB            Free Space 
        21.5GB  42.5GB  21.0GB            Free Space <------
You can see your free space, so let’s partition it:
cfdisk

Pick your free space, select New, then choose a Primary or Logical partition. For a small server, it probably doesn’t matter too much, but remember in x86 Linux that you can have a maximum of 4 primary + extended partitions per disk. Beyond that, you’ll need to begin adding logical partitions in your extended partitions.

Select the Write command to create the partition, then (if necessary) reboot your system.

When your system comes back up, check on your new partition:

fdisk-l /dev/sda
Disk /dev/sda: 42.5 GB, 21474836480 bytes
255 heads, 63 sectors/track, 2610 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/Osize (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000d90ee
   Device Boot      Start         End      Blocks   Id  System
/dev/sda1*           1          31      248832   83  Linux
Partition 1 does not end on cylinder boundary.
/dev/sda231        1958    15476768    5  Extended
/dev/sda31958        2610     5239185   83  Linux
/dev/sda42610        3608    16815191   83  Linux <-----
/dev/sda531        1958    15476736   8e  Linux LVM 
So now let’s pull it into our LVM configuration. First we’ll create the physical volume:
$ pvcreate /dev/sda4
  Physical volume "/dev/sda4"successfully created
Let’s take a look at our physical volumes:
$ pvdisplay
  --- Physical volume ---
  PV Name               /dev/sda5
  VG Name               ubuntu-1004
  PV Size               14.76 GiB / not usable 2.00 MiB
  Allocatable           yes(but full)
  PE Size               4.00 MiB
  Total PE              3778
  Free PE               0
  Allocated PE          3778
  PV UUID               f3tYaB-YCoK-ZeRq-LfDX-spqd-ggeV-gdsemo
  --- Physical volume ---
  PV Name               /dev/sda3
  VG Name               ubuntu-1004
  PV Size               5.00 GiB / not usable 401.00 KiB
  Allocatable           yes
  PE Size               4.00 MiB
  Total PE              1279
  Free PE               11
  Allocated PE          1268
  PV UUID               rL0QG1-OmuS-d4qL-d9u3-K7Hk-4a1l-NP3DtQ
  "/dev/sda4"is a new physical volume of "20.00 GiB"
  --- NEW Physical volume ---
  PV Name               /dev/sda4
  VG Name
  PV Size               20.00 GiB
  Allocatable           NO
  PE Size               0
  Total PE              0
  Free PE               0
  Allocated PE          0
  PV UUID               uaJn0v-HbRz-YKv4-Ez83-jVUo-dfyH-Ky2oHV 
Now, extend our physical volume group (ubuntu-1004) into our new physical volume (/dev/sda4):
$ vgextend ubuntu-1004 /dev/sda4
  Volume group "ubuntu-1004"successfully extended
The whole purpose of this exercise is to expand the root filesystem, so let’s find our main logical volume:
$ lvdisplay
  --- Logical volume ---
  LV Name                /dev/ubuntu-1004/root
  VG Name                ubuntu-1004
  LV UUID                UJQUwV-f3rI-Tsd3-dQYO-exIk-LSpq-2qls13
  LV Write Access        read/write
  LV Status              available
  # open                 1
  LV Size                19.39 GiB
  Current LE             1892
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently setto     256
  Block device           254:0
Now, let’s extend the logical volume to all free space available:
$ lvextend -l+100%FREE /dev/ubuntu-1004/root
Next, extend the filesystem:
$ resize2fs /dev/mapper/ubuntu--1004-root
Finally, let’s check our free space:
df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/ubuntu--1004-root
                       39G   14G   24G  37% /   <---- 
none                  495M  176K  495M   1% /dev
none                  500M     0  500M   0% /dev/shm
none                  500M   36K  500M   1% /var/run
none                  500M     0  500M   0% /var/lock
none                  500M     0  500M   0% /lib/init/rw
/dev/sda1             228M  144M   72M  67% /boot

Outlook – Manually Set up Office 365

Outlook 2013 (PC) Manually Set up for Office 365

Follow these instructions to do so:

1. Go to Control Panel, and click Mail.
2. Click Show Profiles and then click Add.
3. Type in a friendly name for the profile, and click OK.
4. Click to select the Manual setup, and click Next.
5. Click Microsoft Exchange, and then click Next.
6. In the Server box, enter outlook.office365.com.
7. Make sure that the Use Cached Exchange Mode option is selected.
8. In the User Name box, type your name (Eg; ‘John Smith’) and then click More Settings.
9. Click the Security tab, make sure ‘Encryption’ box is unticked and choose Anonymous Authentication.
10. Click the Connection tab.
11. Make sure that the Connect to Microsoft Exchange using HTTP check box is selected, and then click Exchange Proxy Settings.
12. In the ‘Use this URL to connect to my proxy server for Exchange’ box, enter:outlook.office365.com
13. Make sure that the ‘Only connect to proxy servers that have this principal name in their certificate’ check box is selected, and enter: msstd:outlook.com
14. Click both ‘On fast networks, connect using HTTP first, then connect using TCP/IP check box, and ‘On slow networks, connect using HTTP first, then connect using TCP/IP’ check boxes.
15. Under Proxy authentication settings, click Basic Authentication.
16. Click OK twice.
17. Click Check Name. You will be prompted to login. Enter your VUW login ID followed by @staff.vuw.ac.nz (Eg; smithjo@staff.vuw.ac.nz). Tick the box for ‘Remember my credentials’ .
18. When the server name and the user name are displayed with an underline, click Next.
18. Click Finish.

Complete Force Removal of a Domain Controller from Active Directory Guide

Know Your FSMO Locations

Make sure that the DC you are removing is not holding any of the FSMO Roles

i) On any health domain controller, click Start, click Run, type “Ntdsutil” in the Open box, and then click OK
ii) Type “roles”, and then press ENTER
iii) Type “connections”, and then press ENTER
iv) Type “connect to server <servername>”, where <servername> is the name of the server you want to use, and then press ENTER
v) Type “quit”, and then press ENTER
vi) Type “select operation target”, and then press ENTER
vii) Type “list roles for connected server”, and then press ENTER
viii) Review the listed roles and their host, if the DC that wish to remove is not listed proceed to step 4

Seizing FSMO Roles (The Last Resort)

If for what ever reason you can not do a clean transfer you will need to seize it

i) On any health domain controller, click Start, click Run, type “Ntdsutil” in the Open box, and then click OK
ii) Type “roles”, and then press ENTER
iii) Type “connections”, and then press ENTER
iv) Type “connect to server <servername>”, where <servername> is the name of the server you want to use, and then press ENTER
v) Type “quit”, and then press ENTER
vii) Type seize <role>, where <role> is the role you want to seize
viii) You will receive a warning window asking if you want to perform the seize. Click on Yes

***Note***
Do not put the Infrastructure Master (IM) role on the same domain controller as the Global Catalog server. If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. This is because a GC server holds a partial replica of every object in the forest.

Transferring the any hosted FSMO Roles

i) For the RID, PDC, and Infrastructure Master
1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
2. Right-click the icon next to Active Directory Users and Computers, and then click Connect to Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
3. Click the domain controller which will be the new role holder, and then click OK.
4. Right-click Active Directory Users and Computers icon, and then click Operation Masters.
5. In the Change Operations Master dialog box, click the appropriate tab (RID, PDC, or Infrastructure) for the role you want to transfer.
6. Click Change in the Change Operations Master dialog box.
7. Click OK to confirm that you want to transfer the role.
8. Click OK.
9. Click Cancel to close the dialog box.

ii) For the Domain Naming Master role
1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Domains and Trusts.
2. Right-click the Active Directory Domains and Trusts icon, and then click Connect to Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
3. click the domain controller that will be the new role holder, and then click OK.
4. Right-click Active Directory Domains and Trusts, and then click Operation Masters.
5. In the Change Operations Master dialog box, click Change.
6. Click OK to confirm that you want to transfer the role.
7. Click OK.
8. Click Cancel to close the dialog box.

iii) For the Schema Master Role
1. Click Start, click run, type mmc, and then click OK.
2. On the Console, menu click Add/Remove Snap-in.
3. Click Add.
4. Click Active Directory Schema.
5. Click Add.
6. Click Close to close the Add Standalone Snap-in dialog box.
7. Click OK to add the snap-in to the console.
8. Right-click the Active Directory Schema icon, and then click Change Domain Controller.NOTE: If you are not on the domain controller where you want to transfer the role ,you need to take this step. It is not necessary if you are connected to the domain controller whose role you want to transfer.
9. Click Specify Domain Controller, type the name of the domain controller that will be the new role holder, and then click OK.
10. Right-click Active Directory Schema, and then click Operation Masters.
11. In the Change Schema Master dialog box, click Change.
12. Click OK.
13. Click OK .
14. Click Cancel to close the dialog box.

Attempt a Force Removal

i) As a Domain Admin and in a command prompt type dcpromo /forceremoval
ii) If the force removal did not work pull the plug ( or shut down properly) and never every turn it back on while connected to the network

Clear the Metadata from AD

i) On any health domain controller, click Start, click Run, type “Ntdsutil” in the Open box, and then click OK
ii) Type “metadata cleanup”, and then press ENTER
iii) Type “connections”, and then press ENTER
iv) Type “connect to server <servername>”, where <servername> is the name of the server you want to use, and then press ENTER
v) Type “quit”, and then press ENTER
vi) Type “select operation target”, and then press ENTER
vii) Type “list domains”, and then press ENTER
viii) Type “select domain [n]”, [n] representing the domain, and then press ENTER
ix) Type “list sites”, and then press ENTER
x) Type “select site [n]”, [n] representing the site, and then press ENTERR
xi) Type “list servers in site”, and then press ENTER
xii) Type “select server [n]”, [n] representing the DC to be removed, and then press ENTERR
xiii) Type “quit”, and then press ENTER
xiv) Type “remove selected server”, and then press ENTER

Cleanup DNS by Removing all References to the Removed server

i) In the DNS snap-in, right click domain.whatever and Properties
1. Click on Nameservers tab: remove server
ii) Repeat the above instructions for Reverse lookup and all zones
iii) Open up _msdcs and check all folders within for server name or ip reference
iv) Repeat the above step for _sites, and all others
v) Repeat the above steps for the Reverse Lookup Zones

In Active Directory Sites and Services – delete server

Configure Domain Controller to synchronize time with external NTP server

Introduction

Configure Domain Controller to synchronize time with external NTP server (dk.pool.ntp.org)
UDP port 123 must be open on firewall to allow NTP traffic in and out from this DC.
From DC command prompt type “telnet portquiz.net 123” to test if the port 123 traffic can go out.

Logon to Domain Controller (with PDC role) with Administrator account and open elevated command prompt.

If you have multiple domain controller and don’t know which DC holds PDC role then use following command:

netdom /query fsmo

Configure external time sources

w32tm /config /reliable:yes /syncfromflags:manual /manualpeerlist:dk.pool.ntp.org

restart w32 time server, now DC should synchronize time with the ntp time servers.

net stop w32time && net start w32time
  • Check the Event Log on the server

w32tm sync commands:

Force synchronizing the time asap

w32tm /resync /nowait
 Check NTP configuration
w32tm /query /configuration

Display time source

w32tm /query /peers

Display time between Domain Controllers

w32tm /monitor

Force domain computers to synchronize the time with the DC; use elevated command prompt

w32tm /config /syncfromflags:domhier /update
net stop w32time && net start w32time

Following commands will reset the time service to default.

net stop w32time
w32tm /unregister
w32tm /register
net start w32time

eLEET ?

Leet (or “1337“), also known as eleet or leetspeak, is an alternative alphabet for the English language that is used primarily on the Internet. It uses various combinations of ASCII characters to replace Latinate letters. For example, leet spellings of the word leet include 1337 and l33t; eleet may be spelled 31337 or 3l33t.

The term leet is derived from the word elite. The leet alphabet is a specialized form of symbolic writing. Leet may also be considered a substitution cipher, although many dialects or linguistic varieties exist in different online communities. The term leet is also used as an adjective to describe formidable prowess or accomplishment, especially in the fields of online gaming and in its original usage – computer hacking.