Thursday, October 18, 2012

Delete client from WSUS by accident

If you accidentally delete client from WSUS, you can bring it back by using wuauclt. From client computer you can force registration on WSUS using:
wuauclt /resetauthorization /detectnow

After running this command accidentally deleted client from WSUS, will register again on WSUS and can be located in unassigned computers.

Monday, October 15, 2012

How to search Exchange Admin Log in Exchange 2010?

In my case there was a situation when one of the exchange admins has created a mailbox for a user. Team group leader wanted to know who was responsible for a user's mailbox creation.
Microsoft Exchange 2010 has enabled administrator audit logging entries for each cmdlet that is run in EMC or Exchange Management Shell. Searching the the log is easy using Search-AdminAuditLog cmdlet. In my case, I was searching for user mailbox creation and the syntax for it is:

Search-AdminAuditLog -StartDate 09/01/2012 -EndDate 09/09/2012 -ObjectID domain.name/Users/user.name
 
You can dump all log entries using Search-AdminAuditLog > c:\temp\adminlog.txt .

More on Adminsitrator Audit Logging on http://technet.microsoft.com/en-us/library/dd335144.aspx

Friday, October 12, 2012

Microsoft Vizija 10


 
 
Vizija 10 http://msvizija.net is one of the biggest IT events in Macedona organized by Microsoft. This year it will be held in Alexandar Palace Hotel on 24-25 October 2012.
Meet me there, I have two slots : Ask the experts boot and presentation of Windows server 2012: Direct Access & IPv6 on 25th October 2012.
 
 

 

Wednesday, October 3, 2012

Generate random alphabetic password with powershell

Following script will generate 15 alphabetic character random string using powershell :

$r = New-Object System.Random
1..15 | % { $pass += [char]$r.next(97,122) }
$pass

 

Tuesday, October 2, 2012

Windows Server 2012 Direct Access - Teredo missing

Requirement for installing Teredo is two consecutive static public IPv4 on Internet facing interface. But, even though you add two consecutive ipv4 static addresses on your Internet facing interface, if you configure Direct Access using "Getting Started Wizard", Teredo server will not be configured. You can enable it using elevated PowerShell prompt and execute Set-DAServer -Teredo Enabled, or clear (remove) the configuration created with "Getting Started Wizard" and run the "Setup Wizard".

When creating the configuration using "Setup Wizard", it will detect the two consecutive static IPv4 on Internet facing interface and automatically configure the Teredo server. "Setup Wizard" will also configure the Direct Access Client Settings GPO with installed Teredo server on your Direct Access Server.

 

Virus Buster engine for Forefront Protection retired

Microsoft has announced that is retiring one of the engines that are used in Forefront Protection. 30 of September 2012 is the last date for receiving updates for this malware engine. Forefront Security for Exchange 2010 is generating event log with event id 2109 from source GetEngineFiles:The
VBuster scan engine is no longer supported. Updates are no longer available for this engine, and therefore the update check for this engine has been disabled. Please review the scan engines chosen for your scan jobs and make another selection to ensure up-to-date protection.


It is recommended to disable this engine for updating and scanning, more on how this can be achieved on http://support.microsoft.com/kb/2758276 .