Tools of the trade, AKA tools I couldn’t do without: Greenshot

Posted on 19 August, 2011 by Daniel

One of the very first tools that I install on a rebuilt/new PC is Greenshot. From their website (emphasis mine):

Greenshot is a light-weight screenshot software tool for Windows with the following key features:

  • Create complete or partial screenshots quickly.
  • Easily annotate, highlight or obfuscate parts of the screenshot.
  • Send the screenshot to a file, the clipboard, a printer or as e-mail attachment.

I find it really handy for taking screenshots, annotating them, and then pasting them into an email. Mine’s configured to automatically save the capture to a folder, as well as open it in the image editor. I can then make changes and re-save over the top of the already-captured image.
image

A handy keyboard shortcut in the image editor is CTRL+SHIFT+C. This copies the modified screenshot with annotations, obfuscations, etc to the clipboard.

Where: http://getgreenshot.org/
License: GPL
Blog: http://getgreenshot.org/blog/
Twitter: http://twitter.com/#!/greenshot_tool

Posted in Tools of the trade | Leave a comment

Propagate mailbox folder permissions

Posted on 19 August, 2011 by Daniel

I recently had the requirement where somebody required another person to access a specific folder in their mailbox. We didn’t want to grant full mailbox access. This normally isn’t a problem as we’d just set the permissions on the individual folders in Outlook, but the user in question had an extensive folder structure set up.

I found several tools that were capable of doing this, but I wasn’t going to pay USD$500+ for a tool I was going to use once. In addition to that, some tools didn’t work against Exchange 2010. That equates to a pretty bad investment for our company as we’re currently migrating from Exchange 2003 to Exchange 2010.

I also toyed with the following ideas:

  1. Doing it in Powershell: I’m no Powershell guru, so it would take some time – plus I’d need to move the user’s mailbox to Exchange 2010 before I could use Powershell
  2. Using EWS and write a desktop app in C# (Interesting, but too time consuming)

The Microsoft Exchange Server Public Folder DAV-based Administration Tool (PFDAVAdmin) can be used to do exactly this (and a myriad of other things). Note that the tool has also been renamed and updated to work with Exchange 2010 (including EX2010 SP1).

I’ll be working with the legacy WebDAV version in this example, as the mailbox in question still resides on the Exchange 2003 server.

Andrew Shugg raised a good point in the comments section:

Worth noting that the “classic” PFDAVadmin requires .NET Framework 1.1, and if you try to install that on a modern server system (e.g. Windows Server 2008, Windows SBS 2008) you’ll get warnings about it breaking things in IIS.

If possible, install PFDAVadmin and the .NET Framework 1.1 on a desktop system or non-critical server.

  1. Downloadand extract PFDAVAdmin
  2. Run the tool, PFDAVAdmin.exe
  3. Go to File, Connect, specify the connection details, and connect
    xufv0rrs.yqm
  4. Drill down to the mailbox in question, and then to Top of Information Store
  5. Locate the starting-level folder that you’re going to assign permissions to. Ensure that the permissions are correct at that level (right-click, Folder Permissions)
  6. Right-click on that same folder again, and select Propagate ACEs
  7. Select the ACEs (Access Control Entries) that you wish to propagate
    sfvwrggf.yez
  8. Leave the other settings on their defaults, so we’re Adding/Replacing the specific ACE on subfolders
  9. The tool will then run through all of the folders. In my case, this user had hundreds of folders that needed to be modified:
    p03qomj2.gv4

The same process can be used to remove the permissions later on.

Quite handy.

Posted in Exchange Server, SysAdmin | Tagged | 3 Comments

Determine which DFS target a client is connected to

Posted on 17 August, 2011 by Daniel

If you want to figure out which servers your DFS client is connected to, just run the following command from the command prompt:

dfsutil /pktinfo

To quote the inbuilt usage information:

Dfsutil /PktInfo is a special problem diagnosis command that should only be executed on the client.

The PKT Cache keeps information about referrals for previously accessed DFS paths. It also notes DFS targets that are active for each of those paths. By observing the contents of this cache, an expert user may deduct the servers serving DFS paths that are accessed.

Here’s a snippet of the output when run from my PC at work. We have a common DFS share that’s replicated Australia-wide:

Entry: \company\commondataShortEntry: \company\commondata
Expires in 143 seconds
UseCount: 2 Type:0x81 ( REFERRAL_SVC DFS )  
0:[\sydney01\CommonData] AccessStatus: 0 ( ACTIVE TARGETSET )  
1:[\sydney02\CommonData]  
2:[\perth01\CommonData] ( TARGETSET )  
3:[\brisbane01\CommonData]  
4:[\melbourne01\CommonData]  
5:[\adelaide01\CommonData]
Posted in SysAdmin, Windows | Leave a comment

Gotcha: HP Teaming and Hyper-V

Posted on 11 August, 2011 by Daniel

A point to be aware of when setting up a new Hyper-V host on a HP server that’s going to have the Network Configuration Utility (NCU) installed; You must install the Hyper-V role before installing the NCU.

This is as per HP’s recommendation here:
Using HP ProLiant Network Teaming Software with Microsoft® Windows® Server 2008 Hyper-V or with Microsoft® Windows® Server 2008 R2 Hyper-V

The reason for this, according to HP:

If you install the teaming software before installing HyperV, the network adapters may stop passing traffic.

If you’ve already installed both, but in the wrong order, you’ll need to uninstall both the Hyper-V role as well as the NCU.

To uninstall the NCU (I always forget how to do this, and have to look it up), do the following:

  1. Start, Run, ncpa.cpl
  2. Go into the properties of one of the NICs
    2011-08-11 16-28-55_mRemoteNG - FH mRemote Connection List.xml
  3. Select “HP Network Configuration Utility”, and click Uninstall
    2011-08-11 16-29-54_mRemoteNG - FH mRemote Connection List.xml
Posted in SysAdmin, Virtualisation | Tagged , | Leave a comment

Delete emails from Journal mailbox before they’re journaled

Posted on 11 August, 2011 by Daniel

Setting up a new journal mailbox that has Enterprise Vault Journal Archiving turned on, and I don’t want emails from our monitoring system to go into the journal archive.

When I tried logging onto the ECP as that user I’d get the OWA language and time zone prompt screen, and then an error “Bad Request”, so I couldn’t create a rule via the GUI.

This is what I ended up doing:

New-InboxRule -Name "Delete Monitoring Messages"
 -Mailbox domain\journalaccount
 -from monitoring@domain.local -DeleteMessage $true

(wrapped for legibility)

The only problem now is that the messages go to the Deleted Items folder in that mailbox, but the mailbox management process will take care of that.

The rules take effect before Enterprise Vault picks up the email, so this works well. Not sure about any performance impact this may have, but I’m only running it in a small environment.

To view the inbox rules that are configured for the mailbox, do the following:

Get-InboxRule -Mailbox domain\journalaccount

Or in detail:

Get-InboxRule -Mailbox domain\journalaccount | Format-List
Posted in Exchange Server, SysAdmin | Tagged , | Leave a comment