Create an Email Account Lock Out Notification on Windows Server

If your organization has configured an account lockout policy, the following Powershell script and scheduled task will send an email notification to an administrator(s) when an account becomes locked out. This is useful for both proactive notification when a user locks their account as well as for security notification purposes.


System Requirements: Windows Server 2012 and Powershell 2.0

1.Copy below script and paste to a notepad.
2.and Modify the Account Lock Out Email Script.  modify the "From", "To", and "SmtpServer" values.

----------------------------------------------------
$AccountLockOutEvent = Get-EventLog -LogName "Security" -InstanceID 4740 -Newest 1
$LockedAccount = $($AccountLockOutEvent.ReplacementStrings[0])
$AccountLockOutEventTime = $AccountLockOutEvent.TimeGenerated
$AccountLockOutEventMessage = $AccountLockOutEvent.Message
$messageParameters = @{ 
Subject = "Account Locked Out: $LockedAccount" 
Body = "Account $LockedAccount was locked out on $AccountLockOutEventTime.`n`nEvent Details:`n`n$AccountLockOutEventMessage"
From = "lockout@domain.com" 
To = "notification@domain.com" 
SmtpServer = "mail.domain.com" 
} 
Send-MailMessage @messageParameters 
----------------------------------------------------------


3.Save the script to a location accessible from the server.

(Make sure Powershell's execution policy allows the running of scripts, by default it does not, you have to allow it via "Set-ExecutionPolicy RemoteSigned")


4. Create a scheduled task with trigger "When specific event is logged"
In Windows Server 2012 Windows key, Administrative Tools, Task Scheduler, create a New Basic Task. For the trigger, select "When a specific event is logged". Use the following settings: 
Log: Security 
Source: Microsoft Windows security auditing. 
Event ID: 4740


Set the action to run powershell.exe with the script.
Set the Action to start the program powershell.exe with the additional arguments: 
-nologo -File "C:\ScriptPath\EmailAccountLockout.ps1"


5. Test
Test your account lock out notification scheduled task, preferably with a test account.

Conclusion
After this is setup, you will receive an email whenever an account gets locked out. Keeping you more informed and secure.

Errors while updating and upgrading ubuntu server

I was getting whole bunch of errors while trying to update and upgrade Ubuntu server. 

apt-get install update

apt-get install upgrade

Result was whole bunch of erros.

But running the following command solved my issue.

echo "nameserver 8.8.8.8" | sudo tee /etc/resolv.conf > /dev/null

It is likely that this issue is either:


temporary due to your Internet Service Provider not correctly forwarding internet naming (DNS) to either its or external DNS servers, or
due to a change in your network has similarly blocked this naming - for example, new router/modem, reconfiguring a switch with a new configuration.

Lets look at the possible DNS resolving issues.

First, temporarily add a known DNS server to your system.

Recover Deleted Items for all folders with Microsoft Outlook 2010

Open the link below for instruction.

http://blogs.appriver.com/Blog/bid/91039/Recover-Deleted-Items-for-all-folders-with-Microsoft-Outlook-2010

HOW TO MANAGE YOUR DATA ON APPLE IPHONE WHEN TRAVELLING ABROAD

This instruction is for ios7 of Apple iphone:

The best thing to do is to turn the Cellular data OFF when you are not using internet and turn the Celular dat ON only when you need to use internet.However you will be able to use phone and sms when cellular data is turned off.

1.Turn Data Roaming to OFF

Go to Settings - Cellular

Turn Data Roaming to OFF

When you switch you phone ON overseas, you will be prompted to switch Data Roaming ON. Please do not turn it ON leave it OFF.

If you choose to turn on data roaming, your phone will continue to check for emails and receive software updates and automatic notifications - all of which will incur a data charge.

2. Turn Location Services OFF

Go to Settings - Privacy - Location Services - Swipe to Turn OFF

 

3. Turning your email notification OFF while overseas

Go to Settings - Mail, Contacts, Calendars.

Scroll down and tap on 'Fetch New Data'. Swipe to turn push Off.

 

4. Turning OFF notifications from other apps (eg. facebook)

Turning off notifications from each app is recomended as it will continue to receive software updates and automatic notifications. The setting for each app is different. Here we are taking an example of facebook app.

Tap on facebook app - Tap on More - Tap on Account Settings - Tap on Notifications - Turn notifications OFF 

Repeat this on each app.

Fat32Formatter. This is cool!

Fat32Formatter version 1.1

If you are getting runtime error, try debug version

download debug version

For details and source: http://tokiwa.qee.jp/EN/Fat32Formatter/index.html

Note: I am only sharing it.

Create a Bootable External HDD to Install Windows 8

Step I: Format The USB Drive
Insert the flash drive into a free USB port on the computer. Open the command prompt by running the command cmd. To do this, press <WINKEY> + <R>, then type cmd in the Run dialogue box that opens and press <ENTER>. In the console window that appears, type the following commands in this exact order:

diskpart
list disk
select disk x (here "x" is the number corresponding to the USB disk, which you need to replace with what is shown in your system)clean
create partition primary
active
format fs=fat32 quick
assign
exit

Be very careful when using the "select" command — you don't want to end up formatting your hard disk instead!

This is what the screen should look like if all goes well.

Step II: Mount The Windows 8 ISO Image Into A Virtual Drive
Burning the ISO image onto a blank DVD is not an option if you don't have an optical drive. You can instead mount the file as a virtual drive. Windows 8 comes with an inbuilt utility; all you need to do is to double-click on the image file and it will get mounted as a virtual drive. However, if you have an older version of Windows, you can use a freeware virtual drive application such as MagicDisc to mount the image.


Step III: Make The USB Drive Bootable
Assuming that F: is your virtual drive letter where the Windows 8 ISO image is inserted and G: is the location of your USB drive, open the command prompt as mentioned earlier and type the following commands:

F:
cd boot
bootsect.exe /nt60 g:

Again, double-check the target location for the boot record to ensure you don't accidentally overwrite your HDD's bootsector.

Step IV: Copy The Installer Files
Don't close the command prompt yet. The USB drive has now been made bootable, but there's one more command you need to execute in order to transfer the Windows 8 installation from the virtual drive to the USB stick. In the same command prompt window, type the following command:

xcopy f:\*.* g: /e /f /h

You can alternatively copy all the files in the virtual drive to the USB drive by using Windows Explorer, but using XCOPY ensures that system and hidden files are also copied.


Step V: Boot Off The USB Drive
To install Windows 8 on your netbook or computer, you must set it to boot through the USB flash drive. To achieve this, shut down your computer, then go into the BIOS (CMOS setup) by pressing <DEL> or <F2> as soon as you power it on, without unplugging the USB stick. Set the USB drive as the primary boot device, save the settings, and restart. Alternatively, since most modern computers (ie, post 2005) allow you to select the boot device via a hotkey after it is powered on (either through <ESC>, <F9>, or <F11>), you can choose to boot through the USB flash drive this way.
 

Install Windows as usual. If you've changed the boot sequence through the BIOS, remember to reset it to the internal hard drive when the system restarts after copying the installer files. Let us know in the comments section if you face any issues.

Source: techtree.com

What' s new in Exchange Server 2013?

Intro:

- Exchange Server 2013 is the eightth major release of the product.

- It is about 70% to 80% the same as exchange server 2007 and 2010; however the remaining is drastically different and requires some relearning of the changes.

What is same between Exchange Server 2003/2007 and 2013?
- The core infrastructure of 2013 is same as 2007 and 2010.

- Microsoft continues to use Jet EDB database as the main database store.

- Exchange server 2013 still has the concept of a Mailbox server where EDBs are stored and user mailbox data resides.

- Exchange server can have multiple Exchange databases running on the same system and multiple Exchange servers can reside in an Environment for both scalability as well as redundancy.

- Users can use the Microsoft Outlook client and can access Exchange using OWA.

- Still user VSS backup application programming interface (API)

- Nothing new or different from end user point

- does not require upgrade to outlook 2013 client

What is missing in Exchange Server 2013 that was in previous versions?

- EMC is totally GONE.

- No more GUI based administration

- Instead Exchange Control Panel (ECP) from Exchange server 2010 has been expanded into new Exchange Administration Center (EAC).

- The EAC allows the administrator a web-based access to everything the administrator used EMC before.

- Concept of Storage group has been removed

- The concept of administrative groups and routing groups has been completely removed. The administration is now completely consolidated into an enterprise view of users and mailboxes.

- Routing group has been removed. It now uses sites from AD Sites an Services to determine organizational sites and the routing message communicates to those.

- When installing Exchange Server 2013, public folders are not created at all. You need to manually add public folders to a Mailbox server and extend public folder from server system.

Version compatibility:
Exchange server 2013 only works with Windows Server 2008 R2 and Windows server 2012.

How to Disable Display Last User Name who Logged In On Windows Logon Screen

Windows Vista, Windows 7 and Windows Server, is designed in a way that the last user who logged into the system is remembered, and is displayed automatically on next log in, so that user has to just enter the password to log on.

Windows provides a registry or group policy trick that instruct Windows not to remember and display the last user name who logged in. Follow the steps below to tweak the registry setting or group policy:

1. Run Registry Editor (RegEdit).
2. Navigate to the following registry key:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
3. In the right pane, double click on DontDisplayLastName registry key value, and set its value data to1.

Alternatively, the registry key above can be changed and modified via Local Security Policy Editor, as shown in guide below.

1. Click on Start button, and type secpol.msc into Start Search box, and hit Enter to open the Local Security Policy Editor.
2. Navigate to Security Settings -> Local Policies -> Security Options.
3. In the right pane, double click on Interactive Logon: Do not display last user name.
4. Select and set the radio button of Enabled.

IE10 does not show history

Fix Internet Explorer History blank Issue

Internet Explorer 10 

---

After Upgrading to IE 10 I found that my history and feed tabs does not show anything. I dont know whether it is a bug or an issue on upgrade. However it can be fixed with following. If you are using a roaming profile, then 

Open 'Comand Prompt'

Go to the location where your history folder is or you can find it going to 

Internet Options - General - Settings - Temporary Internet Files

You will see in Current Location: c:\Users\xxxxxxx\AppData\Local\Microsoft\Windows\Temporary Internet Files\

Type the following in command prompt

C:\Users\xxxxxxxx(your user name)\AppData\Local\Microsoft\Windows>attrib +S history

Close all the IE browser and re-open. Check now.

This will fix the issue.

How to get a free dynamic dns account

A guide to free static IP.

http://www.youtube.com/watch?v=nqIdNEYIn7w

Secure printing: Print only when you are before the printer. Stop mad dashing to the printer room

     Usually people do print something private at work which they would not like to be seen by others. To avoid this people do mad dash to the printer room. Also I have a case when I took away my documents from a printer; I got someone else’s pay slip.

To avoid such incidents and mad dash, there is a function call secure print.

Secure printing: Print only when you are before the printer.No more mad dashes to the copy room

Xerox printer

1.      On the File menu, click Print.

2.      Click Properties, and then click Advanced.

3.      Under Job type, select Secure Print.

4.      It will ask you to type in a four digit code twice.

5.      After you go to the printer, you select the job and then type in the same four digit code.

HP printer

1.      On the File menu, click Print.

2.      Click Properties, and then click the Destination tab.

3.      Under Destination features, select Job Retention and then click Options.

4.      In the next dialog box, under Job Retention Mode, select Private Job.

5.      Enter your name, assign a name to the job you're about to print, and then type a four digit code.

Once you go to the printer, you select the job and then type in the same four digit code.

How to Setup a Dedicated Web Server for Free

Excellent article about creating a dedicated web server for free.

http://net.tutsplus.com/tutorials/php/how-to-setup-a-dedicated-web-server-for-free/

Good article about virtualization: 7 virtualization models

http://www.networkworld.com/slideshows/2007/082007-7schematics-slides.html#slide1

Sony Vaio S Series stop responding after logon and start typing

Sony Vaio S Series stop responding after logon and start typing

I was having this issue for long time. Everytime I logon to my machine with my domain ID and start typing something on outlook, chrome or IE, it stops responding and I had to wait for around 5 to 10 mins since my computer starts working normally.

Finally I found a solution for this error. I installed all these drivers below and the issue was resolved. 

I am not inserting the link to the drivers because it might be different depending upon the model.

Audio Driver-Realtek-REDAUD-00265997-0042

Bluetooth Driver- Intel-INDBLT-00282896-0042

Chipset Driver-Intel-INDCHI-00265280-0042

Ethernet Driver -Realtek-REDETH-00266641-0042

FingerPrint Utilty - AUAOTH-00266717-0042

Graphics Driver (NVIDIA)-)NVDVID-00282360-0042

IFAOTH-00264024-0042

ME Driver- Intel-INDMEI-00281816-0042

Memory Card Reader Driver- Realtek-REDMCC-00282541-0042

Pointing Drivers - Synaptics-SPDTPD-00285157-0042

Sata Driver - Intel-INDOTH-00282096-0042

Computers not doing network boot

I bought a new laptop for my office use. It is Sony vaio and comes with default Windows 8  pro. I try to run corporate image on it but did not run. After a bit of investigation I found the following:

1. shutdown the computer

2. Press 'ASSIST' button on your top of keyboard

3. press 'F2'

4. Go to Bios and change the Boot Mode setting from UEFI to Legacy BIOS

5. Enable Network boot

6. Save with F10

7. Restart the machine and Press 'F12'

Here it goes...

If you like to know about license key:

Windows 8 pro to Windows 7 pro does not need a new lilcense key. But you will have to call microsoft to obtain a single use activation code after Windows 7 is installed.

For details: 

http://www.crn.com/slide-shows/applications-os/240155734/how-to-downgrade-from-windows-8-to-windows-7.htm

Shadow protect "verify failed on critical file: D_VOL-b001-ixxx-cd-cw.spi" RESOLVED

Shadow protect "verify failed on critical file: D_VOL-b001-ixxx-cd-cw.spi"

If you are getting this error on Shadow Protect, the resolution is very simple and it worked for me.
After spending most of the day trying to troubleshoot this issue, I finally "fixed it". I just deleted the file D_VOL-b001.spf.bad.log (in my backup directory). And re-run the backup job and it worked.

Linux Scripting: Lesson 1

Writing your first Shell script:

To successfully write a shell script, we have to do three things:

1. Write a script

2. Give permission to the shell to execute it

3. Put it somewhere the shell can find it

Writing a script

A shell script is a file that contains ASCII text. To create a shell script, you use a text editor. There are many text editors available for Linux system. Some of the popular ones are vi, vim, emacs, nano, gedit, kmacs

I am going to use VIM to write my first script. Now lets start it.

NOTE: write the commands only between the <>which  i will mention below

1. Login to your linux machine and type <vim>

Now you are into a text editor.

2. Press <i> to start typing in the text editor.

3. Type following 

< #!/bin/bash

   # My first script

       echo "Hello my name is Billy Jean!">

4. Type <:w billyjean> (This will save your script as billyjean)

5. Type <:wq!>  (This will let you exit from the text editor)

6. Type <chmod 777 billyjean> (This will give full permission to run the script)

7. Type <./billyjean> (This should display what you have written in between "" after echo)

How to disable IE10 automatic update via group policy

1.	Download Microsofts toolkit Download the tool kit from http://www.microsoft.com/en-us/download/details.aspx?id=36512
2.	Open and store files Open the exe and chose a location to save the files
3.	Add to group policy Now go to group policy management and create a new policy and edit it or edit an existing policy. Go to Computer configuration>polices, right click on "Administrative Templates" and click add/remove templates click "Add..." and go to the folder you put the files and choose the "IE10_Blocker.adm"
4.	block or unblock now simply expand administrative templates>Classic administrative templates> windows components>windows update>automatic updates blocker v3 in there will be an option called "Do not allow delivery of internet explorer 10 through automatic updates" edit the policy settings to either enable (to block) or disable (to allow).
5.	gpupdate now just force a group policy update out to you client machines as you see fit and IE10 will not install through automatic updates.

Conclusion

This does not prevent uses downloading and installing IE10 in other ways.

If you want to run this just on one machine you can run "Command Prompt” as Administrator.
Type “CD” followed by the path to where you have extracted the files to
and type "ie10_blocker.cmd /B"

Source: http://community.spiceworks.com/how_to/show/29986-how-to-disable-ie10-automatic-update-via-group-policy

Ubuntu: Media change: please insert the disc labelled

 Media change: please insert the disc labelled
 'Ubuntu-Server 12.04.2 LTS _Precise Pangolin_ - Release amd64 (20130214)'
in the drive '/media/cdrom/' and press enter

sometimes when you try to run “apt-get install” on Ubuntu, you may get the following message:

1.  
2. Media change: please insert the disc labeled
3.  'Ubuntu-Server 7.10 _Gutsy Gibbon_ – Release i386 (20071016)'
4. in the drive '/cdrom/' and press enter

Of course this isn’t a real big problem when you are sitting right next to the computer. However, if it happens to you when your server is located in a data center 10 miles away, you probably don’t want to drive down there to insert a CD rom and head right back home.

Luckily the solution is very easy. You just need to edit your /etc/apt/sources.list configuration file and comment out the line that starts with “deb cdrom”. This prevents it from first trying to find the sources on your cd rom. 

Create symbols with Keyboard

Service Now Demo

Service now is and ITSM tool. It is cool and I recommend it for every kind of business to manage IT which has more than 100 users. 
Click on the link below. Login with one of the username and password shown after you open the browser. It is modern and advance in comparison to the Remedy system I was using in my previous companies.

https://demochannel.service-now.com/navpage.do

Too many passwords? Manage your passwords

Top 3 recommended password manager applications:

LastpassThis web-based password manager and form filler stores your encrypted data online. It is a great option for those who bounce between multiple computers and devices. It offers safe web browsing, one click logins and can auto generate secure passwords. Lastpass is free to use on all computers though you’ll have to pay if you want to sync with mobile devices. Free and paid options.    RoboformRoboForm is a popular password manager for PC users. This application is now available for Mac and mobile platforms and provides quick, smooth access to your web accounts with an automated login function. It also offers one click form filling and stores large collection of data,  from addresses and credit card numbers to contact details from your address book. Paid.            Keepass This open source, free password keeper offers high security and very fast installation for most operating systems (for Windows users, no installation is needed). You can access your database via a USB key or directly from your desktop and the password generator allows you to create new, random passwords as you add accounts according to properties you define. Free.