Micro$oft, what the.... ???

Got these a lot on my server for the last 4 days:

The IP 157.56.162.105 has just been banned by Fail2Ban after
6 attempts against ssh.

Here are more information about 157.56.162.105:

Lines containing IP:157.56.162.105 in /var/log/auth.log

Aug 11 20:40:08 x sshd[60929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.56.162.105  user=root
Aug 11 20:40:10 x sshd[60929]: Failed password for root from 157.56.162.105 port 62640 ssh2
Aug 11 20:40:10 x sshd[60929]: Received disconnect from 157.56.162.105: 11: Bye Bye [preauth]
Aug 11 20:40:18 x sshd[60931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.56.162.105  user=root
Aug 11 20:40:20 x sshd[60931]: Failed password for root from 157.56.162.105 port 1112 ssh2
Aug 11 20:40:20 x sshd[60931]: Connection closed by 157.56.162.105 [preauth]
Aug 11 20:50:17 x sshd[60935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.56.162.105  user=root
Aug 11 20:50:18 x sshd[60935]: Failed password for root from 157.56.162.105 port 1064 ssh2
Aug 11 20:50:19 x sshd[60935]: Received disconnect from 157.56.162.105: 11: Bye Bye [preauth]
Aug 11 20:50:21 x sshd[60937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.56.162.105  user=root
Aug 11 20:50:23 x sshd[60937]: Failed password for root from 157.56.162.105 port 62560 ssh2
Aug 11 20:50:23 x sshd[60937]: Received disconnect from 157.56.162.105: 11: Bye Bye [preauth]
Aug 11 20:50:29 x sshd[60939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.56.162.105  user=root
Aug 11 20:50:31 x sshd[60939]: Failed password for root from 157.56.162.105 port 1184 ssh2
Aug 11 20:50:31 x sshd[60939]: Received disconnect from 157.56.162.105: 11: Bye Bye [preauth]
Aug 11 21:00:34 x sshd[60943]: Connection closed by 157.56.162.105 [preauth]

and guess who owns the 157.56.162.105?

Securing SSH Server with fail2ban and Email Notification

I use fail2ban to secure my SSH server, using the following guide

https://help.ubuntu.com/community/Fail2ban

this helps me to ban the IP address and notify me by email of the failed attempt
and I use the following script to notify me by email of the successful login

edit or create /etc/sshd/sshrc

DATE=`date "+%d.%m.%Y--%Hh%Mm"`
IP=`echo $SSH_CONNECTION | awk '{print $1}'`
REVERSE=`dig -x $IP +short`

echo "Subject: SSH Login Successfully" > /tmp/mail.content
echo "$DATE, user $USER just logged in from $IP ($REVERSE)" >> /tmp/mail.content 

sendmail -f "MyBox <fromemail@domain.tld>" -t "Lau, Laurence <me@domain.tld>" -s smtprelay.domain.tld < /tmp/mail.content &

MCSA 2012

Yay! just passed Microsoft Exam 70-417 and officially MCSA 2012

SMTP TLS Authentication Testing

To test the SMTP connection, sometimes we are using telnet to port 25 and run some SMTP commands to diagnose the problems. What if you want to test the SMTP authentication using telnet? What if the SMTP server only authenticates on TLS only?

To test whether your SMTP support authentication, try the following

telnet your-smtp-server.domain.tld 25

Connected to your-smtp-server.domain.tld.
Escape character is '^]'.
220 your-smtp-server.domain.tld ESMTP

EHLO localhost
250-your-smtp-server.domain.tld
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

As you can see, the responds from the SMTP server after your issued EHLO localhost command, is that it does not support Authentication, however it supports TLS (250-STARTTLS)

So now we can try to communicate using TLS, with the following

openssl s_client -starttls smtp -crlf -connect your-smtp-server.domain.tld:25

CONNECTED(00000003)

depth=0 C = AU, ST = NSW, L = Sydney, O = Laurence Corp, OU = IT, CN = your-smtp-server.domain.tld

verify error:num=18:self signed certificate

verify return:1

depth=0 C = AU, ST = NSW, L = Sydney, O = Laurence Corp, OU = IT, CN = your-smtp-server.domain.tld

verify return:1

---

Certificate chain

 0 s:/C=AU/ST=NSW/L=Sydney/O=Laurence Corp/OU=IT/CN=your-smtp-server.domain.tld

   i:/C=AU/ST=NSW/L=Sydney/O=Laurence Corp/OU=IT/CN=your-smtp-server.domain.tld

---

Server certificate

-----BEGIN CERTIFICATE-----

MIIC8jCCAlugAwIBAgIJAMCZFNimordBMA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD

VQQGEwJBVTEMMAoGA1UECAwDTlNXMQ8wDQYDVQQHDAZTeWRuZXkxJzAlBgNVBAoM

HkludmVzdGEgUHJvcGVydGllcyBQdHkgTGltaXRlZDELMAkGA1UECwwCSVQxLTAr

BgNVBAMMJG1haWwuYnVpbGRpbmdzZXJ2aWNlcy5pbnZlc3RhLmNvbS5hdTAeFw0x

MzA2MDUwMDQ5MzFaFw0yMzA2MDMwMDQ5MzFaMIGRMQswCQYDVQQGEwJBVTEMMAoG

A1UECAwDTlNXMQ8wDQYDVQQHDAZTeWRuZXkxJzAlBgNVBAoMHkludmVzdGEgUHJv

cGVydGllcyBQdHkgTGltaXRlZDELMAkGA1UECwwCSVQxLTArBgNVBAMMJG1haWwu

YnVpbGRpbmdzZXJ2aWNlcy5pbnZlc3RhLmNvbS5hdTCBnzANBgkqhkiG9w0BAQEF

AAOBjQAwgYkCgYEA3Vys9Nf1CpuBMzPWCIwldQkHY0EdMTAqh8sKhx/xhjOhRxwB

xKsZFrZ1guWBxqt5/JMt40BL80dpS6lLRZrz83TnFUm9FNZwjhD3mD1axqj2o4Nv

NFZ5I3Z3fP2hIj0y+urKVj81th/GMHrUBEBSqHUTGVEuRsCkJFuJIxYwTYMCAwEA

AaNQME4wHQYDVR0OBBYEFPvDIre1ur+c+i1H5EymKQrOU3vhMB8GA1UdIwQYMBaA

FPvDIre1ur+c+i1H5EymKQrOU3vhMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF

BQADgYEAEgHjkzqZaZfWxALWTR/KEQsrE3NonN8cDefTtdaPPOaKXYPU/pKvogj2

TwouZpOQ7qaSrvgAMPLSYmMLuVVGzBccygN1f3xAXiTtOzaerLSJeelpYW2I5uRD

OJInTiHuzs/nnQa+3pT0IGS48fJJhn6xEBLsHrVzYl4Ud3iEsgo=

-----END CERTIFICATE-----

subject=/C=AU/ST=NSW/L=Sydney/O=Laurence Corp/OU=IT/CN=your-smtp-server.domain.tld

issuer=/C=AU/ST=NSW/L=Sydney/O=Laurence Corp/OU=IT/CN=your-smtp-server.domain.tld

---

No client certificate CA names sent

---

SSL handshake has read 1564 bytes and written 411 bytes

---

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA

Server public key is 1024 bit

Secure Renegotiation IS supported

Compression: zlib compression

Expansion: zlib compression

SSL-Session:

    Protocol  : TLSv1.1

    Cipher    : ECDHE-RSA-AES256-SHA

    Session-ID: 163CF3718E7E3DAD34259654B2510CEFD6CDBFEE0D067FAF6D816C6145D45301

    Session-ID-ctx:

    Master-Key: FEEAB321DE6A876EB0954FB3372A540CC09D3E8F14D4EBBEB8448FE7D6CDADD3DAB9201B7450FDCAA7F2448BC0949AF7

    Key-Arg   : None

    PSK identity: None

    PSK identity hint: None

    SRP username: None

    TLS session ticket lifetime hint: 3600 (seconds)

    TLS session ticket:

    0000 - 8f 85 00 21 ba e2 05 db-9d c2 1c 04 86 29 e2 68   ...!.........).h

    0010 - 1f 62 6a fa b8 d4 9f a6-a9 0b 1a 56 20 60 80 a2   .bj........V `..

    0020 - d0 67 1a 16 87 d0 a7 00-95 57 ff b1 14 1a fc f1   .g.......W......

    0030 - 3c 1e 4f 5e 9d 5a f7 d8-20 02 33 9a cf df 38 85   <.O^.Z.. .3...8.

    0040 - e6 bd fb 84 26 b7 90 6c-04 a3 aa 2e 61 f5 66 8d   ....&..l....a.f.

    0050 - d2 75 6e b3 04 f8 58 6c-e9 60 66 65 4d 25 63 a4   .un...Xl.`feM%c.

    0060 - 4f 11 cb 7e 67 49 77 cf-36 23 cc 9d 57 70 8d d4   O..~gIw.6#..Wp..

    0070 - 1e 34 3e 15 c0 ba 22 48-b1 d3 47 0e ca 16 08 79   .4>..."H..G....y

    0080 - e4 fc a6 7f 2f 8b 73 94-0d e9 dd e3 1c 82 a2 a9   ..../.s.........

    0090 - f7 00 94 ad 14 5d f7 c2-2b 3e d1 f7 4d 9c 9b 1c   .....]..+>..M...

    00a0 - 33 2b 54 8b dd 6e 96 70-83 77 47 c9 26 8c c0 df   3+T..n.p.wG.&...

    Compression: 1 (zlib compression)

    Start Time: 1370408569

    Timeout   : 300 (sec)

    Verify return code: 18 (self signed certificate)

---

250 DSN

EHLO localhost

250-your-smtp-server.domain.tld

250-PIPELINING

250-SIZE 10240000

250-VRFY

250-ETRN

250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5

250-AUTH=PLAIN LOGIN CRAM-MD5 DIGEST-MD5

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

As you can see now after we are connected using TLS, and issue EHLO localhost command, the 250-AUTH command is supported and it also supports PLAIN

To test the authentication, you need to generate encode base 64 value, using PERL. To do that, for example if you have a username: myname and password: mypass, you would run the following command in the format of: perl -MMIME::Base64 -e 'print encode_base64("username\0username\0password")'

perl -MMIME::Base64 -e 'print encode_base64("myname\0myname\0mypass")'

bXluYW1lAG15bmFtZQBteXBhc3M=

You then have the encode base 64 value of bXluYW1lAG15bmFtZQBteXBhc3M=

You can then issue the AUTH PLAIN command

AUTH PLAIN bXluYW1lAG15bmFtZQBteXBhc3M=

235 2.7.0 Authentication successful

As you can see we are authenticated, you can then do the usual stuff with SMTP

FreePBX Voicemail Drops Call With Error: lack of rtp activity in 31 seconds

I have got FreePBX setup @home and for some reasons my voicemail is not working properly. It basically drops the connection after 30 seconds while the person on the phone is waiting on Music on Hold.

It turns out the FreePBX detects there was no audio/RTP activity within 30 seconds (configurable) and drops the connection.

To change this: on your FreePBX, navigate to: Settings > Asterisk SIP Settings > Media and RTP Settings
Change the rtptimeout from 30 to 300, change rtpkeepalive from 0 to 30

Blackberry Device Service 10 SSL Certificate

After you install your brand new Blackberry 10 server (Blackberry Device Service 10), you might want to replace the default self-signed SSL certificate. I do, because I think this what caused my Blackberry Management Studio not talking properly with the BAS 10, e.g. I have got bad_certificate error on the log file.

So, in summary you need to do the followings:

• Backup BAS keystore
• Delete the default alias from keystore
• Generate a new key in keystore
• Generate CSR
• Submit CSR to your CA
• Import CA(s)
• Import public key for your SSL certificate

Now, I am using Microsoft CA to generate the SSL certificate and my BAS 10 is running on Windows 2008 R2 (x64). All the commands below is using keytool.exe which is located in your JAVA JRE\bin folder.

You need either reset your web keystore password or get the current password from BES10 console- Servers and components - Blackberry Solution Topology - Blackberry Domain - Component View - Blackberry Administration Service. Under Security settings, there is a Default password to encrypt the web.keystore file

Backup BAS keystore

Just take a copy of the following file:

C:\Program Files (x86)\Research In Motion\BlackBerry Device Service\bas\bin\web.keystore

Delete the default alias from keystore

This will delete the key pair with an alias of httpssl - which is being used by BAS 10

keytool -delete -alias httpssl -keystore "C:\Program Files (x86)\Research In Motion\BlackBerry Device Service\bas\bin\web.keystore"

This will ask for the keystore password - enter it

Generate aa New Key in Keystore

Replace the -dname with your own value. CN is the FQDN of the SSL to be used

keytool -genkey -alias httpssl -keystore "C:\Program Files (x86)\Research In Motion\BlackBerry Device Service\bas\bin\web.keystore" -dname "CN=bes.domain.local, OU=IT, O=Laurence Blog, L=Sydney, ST=NSW, C=AU" -keyalg RSA -keysize 2048

Generate CSR

This generates a certreq.csr file which will be used for the next step

keytool -certreq -alias httpssl -keystore "C:\Program Files (x86)\Research In Motion\BlackBerry Device Service\bas\bin\web.keystore" -file "C:\Temp\certreq.csr" -keyalg RSA -keysize 2048

Submit CSR to your CA

Navigate to your CA using IE browser: https://caserver.domain.local/certsrv

Navigate to Request a certificate

Navigate to Submit a certificate request by using a base-64-encoded CMC or ...

Paste the content of the CSR file to the Saved Request field

Use the default: Web Server template

Submit

Download the certificate

Download all the Root and issuing/intermediate CA as well

Import CA(s)

Import all the CA you have (e.g. root/issuing/intermediate). Make sure you are using a unique alias name for each CA

keytool -import -alias rootca -keystore "C:\Program Files (x86)\Research In Motion\BlackBerry Device Service\bas\bin\web.keystore" -file "C:\Temp\rootca.cer"

keytool -import -alias intermediateca -keystore "C:\Program Files (x86)\Research In Motion\BlackBerry Device Service\bas\bin\web.keystore" -file "C:\Temp\issuingca.cer"

Import Public Key for SSL Certificate

This imports the certificate from your CA to the keystore

keytool -import -alias httpssl -keystore "C:\Program Files (x86)\Research In Motion\BlackBerry Device Service\bas\bin\web.keystore" -file "C:\Temp\public.cer"

Restart the Blackberry Administration Service - Native Code Container

You can also do the same thing for the Blackberry Management Studio (*Fusion) using the same steps above

. 

The keystore location is:

C:\Program Files (x86)\Research In Motion\BlackBerry Management Studio\BlackBerryMobileFusion.keystore

The keypair name is: fusionssl

Active Directory Domain Controller GPO Reset

I have these 2x Windows 2012 Domain Controllers that inherited policies from the old GPO which were created since Windows 2003 days. I did not realize there were problems until some of the features that I want to use started acting badly (e.g. access denied, etc).

Obviously the DCs have been joined to the domain and be put in the "Domain Controllers" OU by default after they were dcpromo-ed, which then got the old GPO applied to them.

So to clean them up all the registries, file systems security configuration that have been applied to DC, I need to reset the default domain policy and the default domain controllers policy. Before I do that, I back them up first, just in case.

To clean up the GPO run the following command:

C:\> DCGPOFIX

Then I need to clean up the actual settings that have been applied to my DCs by running the following command on each DC:

C:\> secedit /configure /cfg C:\windows\inf\defltdc.inf /db defltdc.sdb /overwrite

Reboot the DC

Citrix StoreFront Authentication Check URL

Use the following URL to check the Authentication Method being used by a user:

https://storefront.domain.tld/Citrix/Authentication/Integrated/test.aspx

FreePBX SIP Debugging

To debug FreePBX SIP, just get into the asterisk context by typing:

> asterisk -vvvvvr

localhost*CLI> sip show peers

it shows all your peers, then:

localhost*CLI> sip set debug peer (peer_name)

To stop debug, type:

localhost*CLI> sip set debug off

Manage Workgroup Servers with SCOM 2012

This is a very high level steps how to have your workgroup servers to be managed by SCOM 2012.
I have this task to have my Exchange Edge Transport server sitting on DMZ to be managed by SCOM

For them to be able to communicate and authenticate each other, they must be using a certificate.
I have my internal CA (lucky me)

1. Make sure your Workgroup server trusts your CA.
You can browse to your https://internal-ca.domain.com/certsrv URL and download the CA certificate and import this to the Workgroup server's Trusted Root CA (Computer store)

2. Make sure you have a certificate template that has Server and Client Authentication purposes 
If you don't have one, duplicate one from the "Computer" template with Windows 2003 version. Make sure "allow export private key" is selected and "subject name" is supplied in the request.

3. Request a certificate from your Workgroup server to your internal CA 
Use the template you created on step 2

4. Move certificate from user store to computer store 
After request the certificate, it will automatically install the certificate on the user store. You need to export this (along with the private key) and import it back to the computer store

5. Install SCOM 2012 Agent 
Insert SCOM installation ISO/DVD and install SCOM Agent. Make sure you are using FQDN for the SCOM server during the installation wizard

6. Firewall port need to be allowed on TCP 5723 inbound and outbound 
SCOM Agent is using TCP 5723 port number to communicate with SCOM Server, open this on your firewall inbound and outbound

7. Import the certificate to SCOM Agent
On the installation ISO/DVD, navigate to SupportTools\AMD64 and run MOMCertImport.exe. It then asks you to select which certificate to use. Select the one that you created on step 3

8. Restart the System Center Management service

9. Request a certificate from your SCOM Management Server
Do exactly the same thing like step 3-4, but now do this from the SCOM Management Server

10. Import the certificate to SCOM Management Server
Do exactly the same thing like step 7-8, but now do this from the SCOM Management Server

11. Wait
Your agent should come out on the Pending Management section of your SCOM Administration console

VBScript Open Internet Explorer with No Address Bar

Sometime you need to open IE with no address bar, like when you publish IE through Citrix XenApp: Below VBScript is the way to go:

Dim objIENoToolbars
Set objIENoToolbars = WScript.CreateObject ("InternetExplorer.Application")
ObjIENoToolbars.Toolbar = false
objIENoToolbars.Navigate "http://mywebsite.domain.com/"
objIENoToolbars.Visible = true 

Just got finish my 642-874 Exam - officially CCDP

CCDP Wohoooo!!

Exchange 2010 SP2 RU 4v2 Bug - Mailbox Move

After applying the SP2 RU 4v2 to my Exchange 2010 environment, apparently there is a bug when a mailbox is moved between two different databases within the same server. According to Microsoft forum this bug was introduced by SP2 RU3. Anyone who is still running on SP2 RU2 is not affected.

When you move the mailbox, it will have the Move Request Status: Completed with warning
You also will get the following comment:

Warning: Failed to clean up the source mailbox after the move.
Error details: MapiExceptionUnexpectedMailboxState: Unable to delete mailbox. (hr=0x80004005, ec=2634)

In the log of the move request, you will see the error:

Failed to clean up the source mailbox 'Primary (9105c233-5387-47bc-99ea-2c0255cf63ad)' after the move. Attempt 1/6.
Error details: MapiExceptionUnexpectedMailboxState MapiExceptionUnexpectedMailboxState: Unable to delete mailbox. (hr=0x80004005, ec=2634) at Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, SafeExInterfaceHandle iUnknown, Exception innerException)
   at Microsoft.Mapi.ExRpcAdmin.DeletePrivateMailbox(Guid guidMdb, Guid guidMailbox, Int32 flags)
   at Microsoft.Exchange.MailboxReplicationService.LocalMailbox.DeleteMailboxInternal(Int32 flags)
   at Microsoft.Exchange.MailboxReplicationService.MailboxWrapper.<>c__DisplayClass2a.<Microsoft.Exchange.MailboxReplicationService.IMailbox.DeleteMailbox>b__29()
   at Microsoft.Exchange.MailboxReplicationService.ExecutionContext.Execute(GenericCallDelegate operation)
   at Microsoft.Exchange.MailboxReplicationService.MailboxWrapper.Microsoft.Exchange.MailboxReplicationService.IMailbox.DeleteMailbox(Int32 flags)
   at Microsoft.Exchange.MailboxReplicationService.MoveBaseJob.<>c__DisplayClass6d.<PostMoveCleanupSourceMailbox>b__6b()
   at Microsoft.Exchange.MailboxReplicationService.CommonUtils.CatchKnownExceptions(GenericCallDelegate del, FailureDelegate failureDelegate)

...
...

Post-move cleanup failed. The operation will try again in 30 seconds (5/6).
Failed to clean up the source mailbox 'Primary (9105c233-5387-47bc-99ea-2c0255cf63ad)' after the move. Attempt 6/6.
Error details: MapiExceptionUnexpectedMailboxState MapiExceptionUnexpectedMailboxState: Unable to delete mailbox. (hr=0x80004005, ec=2634)
   at Microsoft.Mapi.MapiExceptionHelper.ThrowIfError(String message, Int32 hresult, SafeExInterfaceHandle iUnknown, Exception innerException)
   at Microsoft.Mapi.ExRpcAdmin.DeletePrivateMailbox(Guid guidMdb, Guid guidMailbox, Int32 flags)
   at Microsoft.Exchange.MailboxReplicationService.LocalMailbox.DeleteMailboxInternal(Int32 flags)
   at Microsoft.Exchange.MailboxReplicationService.MailboxWrapper.<>c__DisplayClass2a.<Microsoft.Exchange.MailboxReplicationService.IMailbox.DeleteMailbox>b__29()
   at Microsoft.Exchange.MailboxReplicationService.ExecutionContext.Execute(GenericCallDelegate operation)
   at Microsoft.Exchange.MailboxReplicationService.MailboxWrapper.Microsoft.Exchange.MailboxReplicationService.IMailbox.DeleteMailbox(Int32 flags)
   at Microsoft.Exchange.MailboxReplicationService.MoveBaseJob.<>c__DisplayClass6d.<PostMoveCleanupSourceMailbox>b__6b()
   at Microsoft.Exchange.MailboxReplicationService.CommonUtils.CatchKnownExceptions(GenericCallDelegate del, FailureDelegate failureDelegate)
 
Request is complete.

The implication of this bug:

• There will be delay of 30 seconds x 6 tries = 3 minutes for each mailbox being moved
• During the last 3 minutes of the mailbox move, the Outlook client is being disconnected
• Mailbox in the source database is not deleted, it is mark as soft deleted mailbox

 To view the Soft Deleted mailboxes:

Get-MailboxDatabase | Get-MailboxStatistics | where {$_.DisconnectReason -ne $null} | ft  displayname,database,disconnectreason -auto

To delete the Soft Deleted mailboxes:

Remove-StoreMailbox -database "Old database" -Identity "Smith, John" -MailboxState SoftDeleted

So far there is no report from my users who have got their mailboxes moved

DNS IP to localhost

While I am doing this coding of DNS server and using my development machine to debug the program, I need to somehow configure my Windows 7 client's DNS setting to point to itself as the DNS server (e.g. 127.0.0.1).

Surprisingly, Windows 7 rejects the setting when you put 127.0.0.1 as the DNS IP address of your network connection.

Found the following Powershell to change it easily

$wmi = Get-WmiObject win32_networkadapterconfiguration -filter "ipenabled = 'true'"
$wmi.SetDNSServerSearchOrder("127.0.0.1")

SSRS SQL 2008 R2 Export Reports

I need to migrate reports from the old SSRS to the new one. To do this, I need to export all the reports as an RDL file and upload them all to the new SSRS server

Found this article by geektrainer.com how to create a VB script .rss file to exports all SQL Server Report file as an .rdl file.

Here is the code:

'must use -v rootPath="C:\Reports"
Sub Main()    
    Dim items As CatalogItem() = rs.ListChildren("/", true)

    For Each item As CatalogItem in items
        If item.Type = ItemTypeEnum.Folder Then
            CreateDirectory(item.Path)
        Else If item.Type = ItemTypeEnum.Report Then
            SaveReport(item.Path)
        End If
    Next
End Sub

Sub CreateDirectory(path As String)
    path = GetLocalPath(path)
    System.IO.Directory.CreateDirectory(path)
End Sub

Sub SaveReport(reportName As String)
    Dim reportDefinition As Byte()
    Dim document As New System.Xml.XmlDocument()
    
    reportDefinition = rs.GetReportDefinition(reportName)
    
    Dim stream As New MemoryStream(reportDefinition)
    document.Load(stream)
    document.Save(GetLocalPath(reportName) + ".rdl")
End Sub

Function GetLocalPath(rsPath As String) As String
    Return rootPath + rsPath.Replace("/", "\")
End Function

Save the code below as export.rss file, create a folder where the reports will be stored (e.g. C:\Reports) then run the RS.EXE command against your report server web service URL

rs.exe -i export.rss -s http://reportserver.domain.local/ReportServer -v rootPath="C:\Reports"

This will create all the reports in the .rdl format in the folder specified above

Windows Vault - SharePoint 2010

I have seen a problem where a user always prompts for a username and password when they are trying to open a SharePoint 2010 site. The credential dialog box has got the username field as READ ONLY.

The reason for the prompt is that the username for unknown reason is wrong and cannot be changed!

If you check the security event log, you will see Event ID 4648

To fix this problem you need to check the Windows Credential Manager, start it from the CMD

control /name Microsoft.CredentialManager

and remove the wrongly assigned credential to the site

Cisco ASA on GNS3

I was planning to design our existing ASA firewalls that are currently running independently to be active/active firewall running on multiple contexts.

I need a test lab for this. I use GNS3 for this.

I also need the ASA image and kernel files to be loaded in GNS3. Those files can be found from here
Once you got those files, you need to configure Qemu with the following options:

Qemu Options: -vnc none -vga none -m 1024 -icount auto -hdachs 980,16,32

Kernel cmd line: -append ide_generic.probe_mask=0x01 ide_core.chs=0.0:980,16,32 auto nousb console=ttyS0,9600 bigphysarea=65536

Also make sure you select the correct Initrd and Kernel files you downloaded earlier




You can now be able to start any ASA instance you have and when you do that, load the following keys:

activation-key 0x4a3ec071 0x0d86fbf6 0x7cb1bc48 0x8b48b8b0 0xf317c0b5
activation-key 0xb23bcf4a 0x1c713b4f 0x7d53bcbc 0xc4f8d09c 0x0e24c6b6




Cisco 4500 Series Switch Software Upgrade

Just got a pair of Cisco 4500 series switches with dual sup 7E. Needed to be upgraded to the latest IOS version.

Here are the steps to upgrade it:

• Copy the .bin file from the TFTP server to both Sups (Active and Standby)

          copy source_device:source_filename bootflash:target_filename

          copy source_device:source_filename slavebootflash:target_filename

• Change the boot system command

no boot system flash bootflash:c6msfc2-jsv-mz.121-8a.E5
wr mem


boot system flash bootflash:c6msfc2-jsv-mz.121-8a.E6
wr mem


• Change the config register

config-register 0x2102
wr mem


• Reload the Standby Sup

          redundancy reload peer

• Failover the Sup

          redundancy force-switchover

App-V SQL Move Error 0000C800

Recently I just moved App-V SQL Database from one to the other. I use the following procedures:

http://technet.microsoft.com/en-us/library/gg252515.aspx

However, when trying to open the management console, I got the error code: 0000C800
One of the troubleshooting I have done was changing the UDL file and test connection was working, however the error persists.

It ended up I have to do the followings:

• Open the SftMgmt.udl file from the Notepad
• Copy the content of the file
• Rename the SftMgmt.udl file to SftMgmt.udl.old
• Create a new file using Notepad
• Paste the connection string to the newly created file and modify the connection string to use the new SQL name
• Save as the file to SftMgmt.udl
• DO NOT open this newly created file. Try to open the management console again, if that works, job is done!

SharePoint 2010 Version Number

Here is one handy command to get your SharePoint 2010 version number:

(get-spfarm).buildversion