How To Logoff Remote Session after a set time Using Group Policy

This is a known issue for a lot of IT department where multiple administrators logging to servers remotely and forget to log off.

Remote desktop also known as Terminal services can be controlled from Group Policy.

This KB will show you how to control session on a server using Group Policy.

To set automatic logoff of remote sessions on a server we need to edit the following entries on Group Policy:
 If in a domain or in a local server create or modify the following:

Go to -> Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Sessions folder,

the following settings can be modified for your need:
 
Set time limit for disconnected sessions
Set time limit for active sessions
Set time limit for idle sessions
Terminate session when time limits are reached

Can’t connect to MySQL server on ‘server’ (10061) Error

After installing MySql server on a Linux machine (Debian 5) I got this error message when trying to connect to the Mysql server using Mysql administrator.

When trying to fix the problem and searching the Internet I found out that the problem is easy then what it looked.

By default Mysql server only allows the local host to access the Mysql server.

To fix the problem all we need to edit the mysql config file and add the mysql external ip address to accept connection from (not the localhost)
We add another bind-address entry to the config file.

Follow the steps below to fix the problem:

vi /etc/mysql/my.cnf   – edit the my.cnf file
bind-address            =192.168.100.22         — this is the Mysql server ip address.

Save the file and restart the mysql service:
/etc/init.d/mysql restart.

How To Enable Root Account Ubuntu Server

By default Ubuntu server root account is disable, if we want to execute a command that needs administrative permission we need to use the sudo command.

This is a good security practice however this might not work for you.

In order to enable the root account and not use the sudo command all we need to do is enable the root account by setting a password.
This is what we need to do,  In the command line type:

sudo passwd root

After typing the command you will have to set the password.

In case you would like to disable the account again you will have to issue the following command:

sudo passwd -l root

Linux Server Monitoring Commands – P1

This is the first part of linux server \ network monitoting commands:

The following commands can be used as a morning checks commands.

Top – show all process

Free –show free memory
iostat — I\O monitoring
ps -ef – check running proccess
ps – check proccess 
route -n  – Show the kernel routing table

netstat – displays network connections,

route – display network routes

df – show HDD free space status

Outlook 2007 Certificate Error after installing SSL certificate

After installing a new SSL certificate and replacing the built in Exchange server 2007 certificate in order to enable and use RPC over http users are getting the following error:

“Name on the Security Certificate is Invalid or Does Not Match the Name on the Certificate”

outlook2007

 

This issue happens because internal clients  \ outlook users must be able  to resolve  the name on the certificate which is different from the external name.

To fix the issue we have two options:

1. buy a SAN certificate which has two names (internal and external)

2. Fix the issue by creating a new DNS zone, run a few commands from the exchange shell which point outlook users to the new zone.

I used option number two which took me 10 minutes to do.

Option 2

1.

First you create a new DNS zone in your DNS server using the address configured in your commercial certificate which is: mail.domainname.com , there for the new zone will be domanname.com

 2.

Create a Host (A) type record to point to your mail server´s IP , mail.yourdomain.com  (192.168.100.10).

 

3.

Log in to the Exchange server and run the 4 commands form the Exchange Shell (change the domain mame)

Set-ClientAccessServer -Identity CAS_Server_Name -AutodiscoverServiceInternalUri https://mail.domain.com/autodiscover/autodiscover.xml

Set-WebServicesVirtualDirectory -Identity “CAS_Server_Name\EWS (Default Web Site)” -InternalUrl https://mail.domain.com/ews/exchange.asmx

Set-OABVirtualDirectory -Identity “CAS_Server_name\oab (Default Web Site)” -InternalUrl https://mail.domain.com/oab

Set-UMVirtualDirectory -Identity “CAS_Server_Name\unifiedmessaging (Default Web Site)” -InternalUrl https://mail.domain.com/unifiedmessaging/service.asmx

 

After you type the commands, flush the dns on the client pc and test.

 

 

How to Edit Cisco Access-List

This KB will show you how to edit Cisco Access lists, Since IOS 12.2 we no longer need to use notepad to edit access list.

This KB is only valid to Cisco IOS 12.2 or higher.

Cisco has a new command that make editing and deleting easy, The new command is ip access-list.
Solution: Edit ACL.

Step 1:

Type the show ip-access-list to see all ACL
EXAMPLE

RTR#sh ip access-lists
Standard IP access list 23
10 permit 192.168.1.2
30 permit 10.50.0.0, wildcard bits 0.0.7.255

Step 2:

Edit ACL command

RTR(config)#ip access-list standard 23
RTR(config-std-nacl)#no 10
RTR(config-std-nacl)#deny 30

How To Disable \ Enable Journaling Agent In Exchange 2007

How To Disable \ Enable Journaling Agent In Exchange 2007.

In order to to disable \ enable journaling agent in Exchange 2007 we need to use the Exchange shell.

Step 1: Check if the agent is enable or disable.

Open Exchange shell
Type ->    Get-TransportAgent  to check if the egent is enable or diable.

1

Step 2: Disable agent

In the Exchange shell type disable-transportagent and when asked for a value type journaling agent.

2

Step 3: disabled on the mailbox database.

We also need to make sure that journaling is disabled on the mailbox database by:

Right click the mailbox database on the Exchange server you want to disable journaling, and click Properties and make sure Journal Recipient is Unchecked.

3