Thursday, 25 April 2019

Enable Automatic Replies for another user

Setting up Out-of-Office on behalf of another user




Via Exchange PowerShell

If you are an Exchange administrator, then using the Set-MailboxAutoReplyConfiguration Exchange PowerShell command is the supported and native way to go to enable Automatic Replies without logging on to the mailbox itself.



Syntax:
Set-MailboxAutoReplyConfiguration -Identity <username> -AutoReplyState Enabled -InternalMessage "Internal auto-reply message." -ExternalMessage "External auto-reply message."

tested in windows 10 client w office 2016, Exchange 2013 running on windows server 2012 R2 environment

Sysprep before converting it to Template

How to prepare a VM with Sysprep before converting it to Template
During VM deployment I saw it many times where people don’t run VM customization wizard during deployment and later faces duplicate SID issues, hence we need to prepare a VM with Sysprep.
To ensure not to face duplicate SID issue, its better to prepare the OS using Sysprep before converting the VM to Template.
Prior to converting a VM to Template, just remember to use Sysprep as follows,
Run Sysprep, c:\Windows\System32\Sysprep\sysprep.exe
Ensure ‘System Out-of-Box Experience (OOBE)’ is selected and Tick the ‘Generalize’ option and Select ‘Shutdown’ from the Shutdown Options.

(You can do the same in one go using this command “C:\Windows\System32\sysprep\sysprep /oobe /generalize /shutdown”)
Once the machine has shutdown, convert it to Template/Image or Clone and you are good to go!
This will trigger sysprep process inside newly deployed VM after its first Power On.
Note: Yes during VM deployment, Sysprep will come to the picture right at the VM deployment phase where you have 3 options:
1. Do not customize
2. Customize using the Customization Wizard
3. Customize using an existing customization specification
If you had already prepared the template VM with Sysprep the you can choose Do not customize here.


Monday, 19 November 2018

Moving SQL Server tempdb Files to a Different Location in SQL 2016

SQL Server performance improves if data, logs, tempDB data and temDB logs resides in separate drives. If data and logs are in same drive, after a certain period size of database TempDB grows and logical drive C may be short of space. In this example, default location is as shown in snapshot.

How to identify current location?
stmt:
select name, physical_name as currentlocation from sys.master_files where database_id = DB_ID(N'tempdb');

Results:
tempdev       S:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\DATA\tempdb.mdf
templog         L:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data\templog.ldf
temp2 S:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\DATA\tempdb_mssql_2.ndf
temp3 S:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\DATA\tempdb_mssql_3.ndf
temp4 S:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\DATA\tempdb_mssql_4.ndf

..as seen using SQL (console) management studio

So, based on best practice let us move the tempdb data and logs from S drive and L drive to T and M drive respectively.
(please note that drive letters can vary, here in my environment I have used these letter for mapping drives)

As we have seen existing Path of tempdb data is at S:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\DATA  and existing Path of tempdb log is at L:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data

Let us move tempdb data to T:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data  and tempdb log to M:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data

Statement:

Use master;
Alter database tempdb modify file (name = tempdev, filename = 'T:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data\tempdb.mdf');
Alter database tempdb modify file (name = templog, filename = 'M:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data\templog.ldf');
Alter database tempdb modify file (name = temp2, filename = 'T:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data\tempdb_mssql_2.ndf');
Alter database tempdb modify file (name = temp3, filename = 'T:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data\tempdb_mssql_3.ndf');
Alter database tempdb modify file (name = temp4, filename = 'T:\Program Files\Microsoft SQL Server\MSSQL13.PINTRAAPPS\MSSQL\Data\tempdb_mssql_4.ndf');

Results:
The file "templog" has been modified in the system catalog. The new path will be used the next time the database is started.
The file "temp2" has been modified in the system catalog. The new path will be used the next time the database is started.
The file "temp3" has been modified in the system catalog. The new path will be used the next time the database is started.
The file "temp4" has been modified in the system catalog. The new path will be used the next time the database is started.

Now Restart SQL server services for PINTRAAPPS instance

It is always good to delete orphaned data, so Delete Tempdb.mdf and Templog.ldf files  from old location (S & L drive).

I hope the above makes sense.

Monday, 15 October 2018

Remotely lock a computer and restrict them from logging back in

For investigative purpose, sometimes you have to freeze a terminal by throwing someone off a terminal, but at the same time preserve the evidence on the terminal. Let’s assume that if someone is using a terminal to send frustrating messages to their colleagues or having obscene chats or even an anonymous trying to hack, and you need to secure the running terminals to capture the commands that has been run.
Following process demonstrates that it is quite simple to accomplish such simple investigative task, provided you have admin privilege over the network:
  1. It is mandatory to change the target account’s AD password. This ensures the culprit is deprived from logging back in
  2. If you don’t have psexec, download the PSTools and extract the content and then target the terminal with psexec and use rundll32 to execute user32.dll with the LockWorkStation function. This will trigger the account lock. The following command can be tweaked for your purposes: H:\PSTools>PsExec.exe \\192.168.100.10 -d -u ventej\Administrator -i cmd /c "rundll32 user32.dll, LockWorkStation"
  3. Now it’s time to seize the terminal. Make sure you are standing by ready for this, as the victim could be distressed and shut down his workstation, essentially removing evidence.
Good Luck!

Wednesday, 3 October 2018

Exchange 2013 Maintenance: Logs

Take a full backup. Once you take full backup all your logs will vanish. Else what?
 
Circular logging should not be enabled in a production environment. Circular logging are manually enabled only if you have noticed that the Exchange logs are enormously growing due to the following: either the nodes are unhealthy or there wasn't any successful exchange full backup.
 
To clear unwanted or orphaned logs, apart from enabling circular logging, it is also safe to dismount the Exchange DBs and mount back again. However, before doing it make sure to have a successful Exchange backup.
 
Exchange 2013:
 
Step1: ECP>>Servers>>Databases>>select required DB>>Check Active and Passive server's DB health. should be healthy. Double Click DB>>Maintenance>>Enable/Disable Circular logging. (Should not be enabled unless and otherwise required)
 
Step2: ECP>>Servers>>Databases>>select required DB>>Check Active and Passive server's DB health. should be healthy>>click more (3 dots...)>>Dismount. make sure the process completes successfully>> Mount the DB back again. And make sure the DB status shows mounted and healthy.
 
What if the log drive is full and exchange is down?
 
It is not a good idea to enable circular logging on a mailbox sever. As you may be aware that log drive should not be on a system drive, recommended to have a dedicated drive. Capacity planning is required for at least a period of 2-3 years both for SBM and large enterprise level org.
 
Consider moving the log files from the log drive to a temporary storage until the backup issue gets resolved. Once you have enough space, enable circular logging. Uncheck this feature after making sure there is enough log drive space.
 
In a nutshell circular logging recycles the logs.  Exchange relies on transaction or write-ahead logs to store events before they are committed to the database.  When the defined logs have been filled up, circular logging assumes that the first log must have been committed and recycles the logs to save disk space.