0

The description for Event ID 1000 from source VMware VirtualCenter Server cannot

Posted by paris on Apr 28, 2016 in Random

Recently after rebooting a VMWare server , the VCenter Server service would not start  

The description for Event ID 1000 from source VMware VirtualCenter Server cannot 

C:\ProgramData\VMware\VMware Virtual Center\Logs. Look at the vpxd.log

<YYYY-MM-DD>T<TIME> 02128 error ‘App’] [VpxdReverseProxy] Failed to create http proxy: An attempt was made to access a socket in a way forbidden by its access permissions.

Checked NetStat and something was running on port 80. Looks like IIS had been installed with default settings which puts default site on port 80. Changed this to another port , reboot IIS and this fixed the issue

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , ,

 
0

Windows 10 crashes explorer opening images

Posted by paris on Apr 26, 2016 in Fixes

blue-wallpaper_windows_10_hd_2880x1800[1]Had a user that could not open .jpg’s , and when she did it would crash explorer.exe. Trying to change the default programs did not work , and the open with right click in explorer would not display.

Checking Event viewer I had the below

svchost (2148) TILEREPOSITORYS-1-5-21-2633014675-3390063305-1885502253-1001: An attempt to move the file “C:\Users\%username%\AppData\Local\TileDataLayer\Database\EDB.log” to “C:\Users\%username%\AppData\Local\TileDataLayer\Database\EDB0000A.log” failed with system error 183 (0x000000b7): “Cannot create a file when that file already exists. “. The move file operation will fail with error -1022 (0xfffffc02).

I just renamed \AppData\Local\TileDataLayer\Database Folder to \AppData\Local\TileDataLayer\Database.old in Windows and restarted explorer.exe which created a new one straight away , and fixed the issue

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , ,

 
0

Inbound and Outbound 365 SMTP Filtering Mailguard

Posted by paris on Apr 20, 2016 in Research

What you need to do to enable Mailguard Filtering and Officemailguard 365

Login to 365 Portal 

Inbound Filter by IP

This forces all internal mail to only be accepted by 365 from Mailguard IP’s. Spammers start caching DNS records so even though you changed MX records they use old ones!

  • Exchange Administration 
  • Mailflow
  • Connectors

From Partner Organization
To Office 365
How do you want to identify the partner organization? Domain
Specify one or more sender domains: *
Reject email messages if they aren’t sent from within this IP address range ( IP Range from Mailguard )

203.21.125.32/32
69.16.202.203/32
174.36.235.195/32
69.16.202.216/32
50.23.246.238/32
50.23.252.166/32
108.168.255.216/32
108.168.255.217/32
203.21.125.33/32

Outbound Filter forcing SMTP relay

Make sure all Office 365 IP’s http://pastebin.com/6UZZcWPQ are in trusted networks

  • Exchange Administration 
  • Mailflow
  • Connectors

Only when I have a transport rule set up that redirects messages to this connector – Tick
Route email through these smart hosts : filter.riskca-1.mailguard.com.au
Always use Transport Layer Security (TLS) to secure the connection (recommended)

  • Exchange Administration 
  • Mailflow
  • Rules

Name : Relay Outbound through MailGuard
*Apply this rule if… – The Sender is Located … Inside the organization
*Do the following… : Use the following connector Name of Connector Above

SMTP SPF

Add this include to the TXT record for the outgoing domains

include:customer.mailguard.com

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , ,

 
0

How to Cancel a TPG $350 Cancellation Fee

Posted by paris on Apr 19, 2016 in Random

1280px-TPG_Telecom_logo.svg[1]Trying to move the TPG ADSL 2+ Service to a new property, however when they couldn’t provide service at the new address , I was told there would be a $350 Cancellation Fee for a service they couldn’t continue. Legally in my head this didn’t sound right , and luckily there are consumer protection bodies in Australia for ISP’s. A simple email below to adsl_cancel@tpg.com.au was acknowledged with a reductions to $60

Hello TPG,

Per my phonecall earlier to your cancellation line which wanted this in written form, my ADSL Details are below, I am relocating to <Address of new premise> where I have been told by TPG that I will need to bear new monthly and installation charges for a Telstra telephone line and be presented with a limited service of speed and bandwidth if I am to move my ADSL 2+ Unlimited Service with you.

I use my service purely for TV Netflix as you would see from the logs, so the service you have suggested above is now useless to me now.

I have been told the terms and conditions here: https://www.tpg.com.au/products_services/homephone_additionalprices

However reading through these, I argue it’s ambiguous and the above is admissible to me paying for the $60 cancellation fee for Special Case 2 not Special Case 1 ( $350 )

An active phone line will not be installed at the premise for various reasons in and out of my control so the below applies.

Moving Home Special Case 2:

If you are applying to relocate your ADSL2+ with TPG Home Phone service during the Minimum Contract Term and TPG determines that neither ADSL nor ADSL2+ with TPG Home Phone/ADSL2+ is able to be provisioned at the new address/telephone number, your service will be cancelled and remaining portion of the Minimum Contract Term will be charged up to a maximum of $60.

What is your account number

Customer ID: <account number>

I understand you need this in writing and I need to be given a Complaint Number and Cancellation request before I take this to the Telephone Industry Ombudsman’s. Please could I have the following so I can progress this.

Please respond via email as soon as possible.  

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , ,

 
0

Crypto Email Template

Posted by paris on Apr 7, 2016 in Random

Useful email to send out to users to stop them click on Crypto Links

 

Hello,

There is a virus doing the rounds called CryptoLocker currently . More can be found – https://en.wikipedia.org/wiki/CryptoLocker

Putting it briefly, this virus is downloaded onto a computer usually by a fake email attachment or through a website popup. Once downloaded and run by accident , it starts encrypting all the company data on shared drives automatically and once completed will Ransom the data with an undisclosed amount to be paid anonymously. The only way to restore from this will be a restore from the backups the night before.

Please be vigilant with any emails you open from third parties you are not expecting and more importantly Message Attachments opened, below are some example of Email Message Spoofs’

 

—–Original Message—–
From: John Doe [mailto:John@mydomain.com]
Sent: Tuesday, October 15, 2013 10:34 AM
To: Jane Doe
Subject: Annual Form – Authorization to Use Privately Owned Vehicle on State Business

All employees need to have on file this form STD 261 (attached). The original is retained by supervisor and copy goes to Accounting. Accounting need this form to approve mileage reimbursement.

The form can be used for multiple years, however it needs to re-signed annually by employee and supervisor.

Please confirm all employees that may travel using their private car on state business (including training) has a current STD 261 on file. Not having a current copy of this form on file in Accounting may delay a travel reimbursement claim.

 

Auspost

Each computer became infected after opening an EMAIL from AUSTRALIA POST (or AUSPOST), with a subject line such as:

Subject: An agent was unable to redeem the parcel to your place for the reason: receiver was absent

There have been many different subject lines but they commonly want you to click on an attachment or a link such as “Down Load Shipping Label”

More info here: http://auspost.com.au/about-us/scam-email-warning.html

TNT Courier

tnt

 

 

 

 

 

 

 

 

Australian Federal Police

Sample email:

fed

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags:

 
0

Import PST to 365 – Completed With Errors View details

Posted by paris on Apr 7, 2016 in Random

IOffice-365-New[1] used the AZCopy to copy some PSTS up to the Azure blob to copy them to 365 

All users apart from one imported OK

One user came back with “Completed With Errors  View details”

 
Status Failed – Import in progress
 
After checking with 365 , this was due to the user having a soft deleted mailbox
 
Login to MSOLINE via powershell and run
 
Remove-MsolUser –UserPrincipalName <account id> -RemoveFromRecycleBin
 
 
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , ,

 
0

The specified module ‘MSOnline’ was not loaded because no valid module file was found in any module

Posted by paris on Apr 7, 2016 in Random

After installing the Microsoft Online Services Sign-In Assistant for IT Professionals RTW from the Microsoft Download Center. Then install the Azure Active Directory Module for Windows PowerShell (64-bit version),

Then running : Windows Azure Active Directory Module for Windows PowerShell

I was greated with the following Error

Import-Module : The specified module ‘MSOnline’ was not loaded because no valid module file was found in any module
directory.
At line:1 char:1
+ Import-Module MSOnline
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ResourceUnavailable: (MSOnline:String) [Import-Module], FileNotFoundException
+ FullyQualifiedErrorId : Modules_ModuleNotFound,Microsoft.PowerShell.Commands.ImportModuleCommand

Copy the folders called MSOnline and MSOnline Extended from the source

C:\Windows\System32\WindowsPowerShell\v1.0\Modules\

to the folder

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\

If this still doesn’t work use

Import-Module C:\Windows\System32\WindowsPowerShell\v1.0\Modules\MSOnline\MSOnline.psd1

In a powershell Window, this will enable you to get Connect-MsolService

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , ,

 
0

Fortigate ssl-vpn users need to route to different subnet via tunnel interface IPSEC VPN

Posted by paris on Apr 7, 2016 in Random

Users who SSL-VPN into the office need to route to a different subnet which is connected via an IPSEC VPN

You should already have Address Setup for your SSL VPN Users and Address for Remote Site

Add the below polices

Policy :

Incoming Interface <VPN interface to Remote Site>
Source Address VPN all
Outgoing Interface ssl.root
Destination Address SSLVPN_TUNNEL_ADDR1
Schedule Always
Service all
Action Accept

Policy :

Incoming Interface ssl.root
Source Address VPN SSLVPN_TUNNEL_ADDR1
Outgoing Interface <VPN interface to Remote Site>
Destination Address all
Schedule Always
Service all
Action Accept
Enable NAT
Use Dynamic IP Pool and Create a pool (<IP of Fortigate>-<IP of Fortigate>).

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , , , , , , ,

 
0

DNS Not working – SBS 2001 / 2008 R2 Server

Posted by paris on Apr 6, 2016 in Random

Recently had a colleague call me , after a mainboard switch over , the DNS server was not working

  1. Could ping the server from Remote Device
  2. Nslookup from the device would come back with (Request Timed Out)
  3. I could NSLOOKUP local host on the SBS Server
  • Restarted the DNS Server Service , enabled Logging could see Items 
  • DNS Server was listening on correct IP interfaces 

 

Found out during the main board swap out , the Subnet Mask of 255.255.255.255 had been set instead 255.255.255.0

What does this do? It sets a Single Device on the Subnet , which means it can’t route to the Default Gateway

If you did want to do this , it should be set to 255.255.255.252 ( two items on the Subnet ) for 192.168.0.1 and .2

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: ,

 
0

Failed to start monitoring changes to “because access is denied”

Posted by paris on Apr 5, 2016 in Random

When trying to open a Virtual Directory in IIS we are greeted with the following Errors :  

 

Server Error in ‘/’ Application.
——————————————————————————–

Configuration Error
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: An error occurred loading a configuration file: Failed to start monitoring changes to ‘\\’ because access is denied.

Source Error:


[No relevant source lines]

Source File: \web.config Line: 0


——————————————————————————–
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.18446

 

This is the way the Website is running an Application Pool , you can change the virtual directories to Applications which should fix this , if not try another application pool it runs on 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Tags: , , ,

Copyright © 2016 Welcome to Pariswells.com All rights reserved. Theme by Laptop Geek. Privacy Policy