Posts tagged How To

How to remove My Bluetooth Places shortcut from your Desktop

0
2 years ago
in

If you have ever installed a Bluetooth drivers on Windows XP you may have been annoyed by the shortcut that seems impossible to delete off of your Desktop. You can actually get rid of this icon without even editing the registry. Simply follow these steps:

  • Right-click on the Desktop and choose Properties
  • Choose the Desktop tab, then click Customize Desktop…
  • Click Clean Desktop Now and run the wizard
  • After the wizard finishes the shortcut and it will be placed in a Desktop folder named Unused Desktop Shortcuts which can be deleted.

XenServer as an NTP server for your network

2
2 years ago
in

If you have a small network and you are using Citrix XenServer, then you might want to use it as your time server. It’s important that your XenServer has proper time for your VMs, so why not go one step further. You can have it as the main source of time, even for your primary domain controller. I would even set up an alias on your DNS server named: time

To set up XenServer for serving time, there are only a couple things you need. First I recommend reading over Citrix’s documentation real quick to get a high level view of things: CTX116307

Edit your /etc/ntp.conf and set it up for the time servers you want to sync with.

Here is a sample output of: nano /etc/ntp.conf

server 0.pool.ntp.org
server 1.pool.ntp.org
server 2.pool.ntp.org
server 3.pool.ntp.org

restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap

Restart the time service:
service ntp restart

Make sure the service starts up when the server reboots:
chkconfig ntpd on

Check that your server is synchronizing time, this may take a few minutes (look for the * on the left of the hostname):
ntpq -p
The last part of this process involves opening up UDP port 123 on XenServer’s firewall, iptables, so that hosts can grab the time from our server.

nano /etc/sysconfig/iptables

Add the following line before the REJECT rule (usually the last line): -A RH-Firewall-1-INPUT -p udp –dport 123 -j ACCEPT

Finally you can restart the iptables service and begin testing from another host on your network using: ntpdate -b time.yournetwork.com.

service iptables restart

Please feel free to comment and leave suggestions if you have an issue.

Slipstream or Integrate Windows XP SP3 using ImgBurn

1
2 years ago
in

How to create a bootable Windows XP Service Pack 3 CD .iso (integrated / slipstream)

Things you will need to complete the project:

ImgBurn 2.5.0.0 (right-click, copy link, and paste in a new tab)
Windows Service Pack 3
Windows XP w/SP2 CD
ImgBurn Saved Project File (right-click and Save Link As…)

1. Create three directories:

C:\XPSP
C:\XPCD
C:\XPBOOT

2. Move WindowsXP-KB936929-SP3-x86-ENU.exe to C:\XPSP

3. Copy all the files from your current Windows XP SP2 cd to C:\XPCD

4. Integrate (Slipstream) Windows Service Pack 3

Start> Run> cmd> WindowsXP-KB936929-SP3-x86-ENU.exe /integrate:E:\XPCD

5. Use ImgBurn to extract boot image from an existing Windows XP cd

Mode> Build> Advanced tab> Bootable Disc tab> Extract Boot Image> CdRom> Save Icon.. save to C:\XPBOOT directory> Choose Yes (Would you like to use the boot image file in your current project?)

6. You have two methods of creating your Windows XP SP3 CD .iso using ImgBurn

Method 1: the easy way:

File> Build (or click the folder to disc image icon)
File> Load Project…> choose VRMHOEM_EN.IBB (that you downloaded in the beginning)

Method 2: the manual way:

File> Build (or click the folder to disc image icon)
Add your source directory: C:\XPCD
Add your destination: Save the file as VRMHOEM_EN in C:\
Options> File System: ISO9660
Options> Check the following:
Recurse Subdirectories
Include Hidden Files
Include System Files
Labels> VRMHOEM_EN
Advanced> Restrictions> ISO9660> Check the following:
Folder/File Name Length: Level X -219 Characters
Character Set: DOS
Allow More Than 8 Directory Levels
Allow More Than 255 Characters In Path
Allow Files Without Extensions
Don’t Add ‘;1′ Version Number To Files
File> Build (or click the folder to disc image icon)

7. Burn your newly created CD image C:\VRMHOEM_EN.ISO

FINAL NOTES

I used the disc label that my existing CD was named, just use the one your disc has. This method works for not having to input your product key during the install.

If you would like a copy of these directions as a PDF click: HERE

Bulk extract Office 2007 updates to maintain your initial installation files

0
2 years ago
in

Save the below as officeextractupdates.bat  in the same directory as your updates files, and run it as an Administrator:

@echo off

del %temp%\oupdates.txt /q

for /f “delims=-; tokens=1,2,3,4,5″ %%i in (‘dir /b *kb*.exe’) do echo %%j-%%i-%%k-%%l-%%m >> %temp%\oupdates.txt
for /f “delims=-; tokens=1,2,3,4,5″ %%i in (‘type %temp%\oupdates.txt’) do %%j-%%i-%%k-%%l-%%m /log:%temp%\officeupdates.log /quiet /extract:”C:\Office\Updates

del %temp%\oupdates.txt /q

for /f “delims=-; tokens=1,2,3,4,5,6″ %%i in (‘dir /b *kb*.exe’) do echo %%j-%%i-%%k-%%l-%%m-%%n >> %temp%\oupdates.txt
for /f “delims=-; tokens=1,2,3,4,5,6″ %%i in (‘type %temp%\oupdates.txt’) do %%j-%%i-%%k-%%l-%%m-%%n  /log:%temp%\officeupdates.log /quiet /extract:”C:\Office\Updates”

This is a handy time saver when Microsoft releases a bunch of updates for Office 2007 however the batch does not like to run on Windows 7.

Exchange Server 2007 ActiveSync for the Palm Pre

0
2 years ago
in ,

So you just got the new Palm Pre and you are wanting to get it syncing with your Exchange 2007 server; that’s easy! The only port you need open for ActiveSync direct push is: TCP 443 https. By default ActiveSync is enabled for all users’ mailboxes but it can’t hurt to double check. More often than not you are probably using OWA and therefore your firewall ACL should already be allowing the capability for your Palm Pre to sync.

When testing your Palm Pre to see if it is receiving emails, take into account your Outlook rules. If you have a rule that handles emails from certain addresses to be moved to a folder other than your Inbox, then on your Palm Pre you will have to first click the folder to see the email. This is just my first go at this but it seems like only the Inbox folder updates automatically. If I find out how to make messages in other folders appear automatically I will update this post.

MORE INFO: http://technet.microsoft.com/en-us/library/aa998010.aspx

Adobe Acrobat Reader on Remote Desktop Services or Citrix XenApp

1
3 years ago
in

When it comes to installing applications on a terminal server, newly called Remote Desktop Services, you should try to install only the features your users will need. The smaller the applications’ footprint the better. In this post I will try to cover some simple changes to help you install a more user friendly installation.

Adobe freely provides a tool that allows admins to install their products easily and efficiently. This product is known as the Adobe Customization Wizard. To get started download the Acrobat Reader .msi file by filling out the form via the Adobe Reader Distribution License Agreement page. This is so that you can legally distribute the software to your corporation’s servers.

While waiting a few days to receive the okay from Adobe, go ahead and download the Customization Wizard.
Adobe: Adobe Customization Wizard 9

The program is very intuitive, you should consider the following changes for RDS/XenApp installs:

  • Make Reader the default viewer
  • Supress the EULA
  • Disable all updates
  • Disable help
  • Disable Product Improvement Program
  • Disable viewing of PDF with Ads for Adobe PDF
  • Display PDF in browser: Disable and Lock (Enable this if certain Print functions don’t seem to work..requires and uninstall/reinstall)
  • Disable all Acrobat.com access

After making all your changes click Transform in the menu and select Generate Transform…

Finally to install using your custom transform use the following syntax: msiexec /i acroread.msi TRANSFORMS=rds.mst (note: you do not need to put the server into install mode since you are using msiexec)

UPDATE: To see a much better representation on how to do all this I suggest heading over to DABCC

Securing SSH

0
3 years ago
in

Securing your OpenSSH server should be one of the first steps you take after installing your Linux/BSD/Solaris operating system. This is an important part of hardening your server and can be accomplished via a quick edit of one configuration file: /etc/ssh/sshd_config (most common path)

Depending on just how secure you want to make it I tend to break it down into two levels, secure and very secure. Feel free to open your favorite editor and as root or sudo, make the following suggested changes to your /etc/ssh/sshd_config file:

Secure – Five Simple Steps

  1. Don’t allow root user logins:  PermitRootLogin no
  2. Only allow specific users to connect: AllowUsers peter stewie meg
  3. Disable protocol 1 as it is insecure: Protocol 2
  4. Limit the amount of unauthenticated connections: MaxStartups 3:50:10
  5. Reduce the amount of grace time to login: LoginGraceTime 30

Very  Secure – Paranoid

  1. Change the port that you connect to: Port 2468
  2. Install denyhosts:
    • sudo apt-get install denyhosts (Ubuntu / Debian)
    • cd /usr/ports/security/denyhosts && sudo make install distclean (FreeBSD)
    • sudo yum install denyhosts (RHEL / Fedora)
  3. Instead of password based logins, use key based logins.
  4. Make a few more changes to /etc/ssh/sshd_config:
    • ServerKeyBits 2048
    • X11Forwarding no
    • Ciphers aes256-cbc,aes256-ctr,arcfour256

So that you can use the changes you have just made issue the following command: sudo /etc/init.d/ssh restart (Debian)

Update Office 2007 Initial Installation Files

0
3 years ago
in ,

When it comes to deploying Office 2007, regardless of the size of deployment, you should deploy it using the latest updates and security fixes. In the old days this used to be called slipstreaming your installation. Microsoft has deprecated this method, so going forward you have to use this new way to keep Office 2007 current. Yes you could use WSUS or Microsoft Update, but you might as well save yourself a little time and effort when initially deploying Office 2007 to your clients.

You may have noticed that the directory structure of the Office 2007 installation includes a directory named: Updates

That directory is exactly the place to take advantage of providing the updates for an initial installation. Now it is not as simple as downloading the fullfile administrative updates and dropping the .exe into the Updates directoty, but it is close to being that simple.

To find the updates your Office 2007 might need, goto a machine that has a fresh install and run Microsoft Update. Print off a list of the KB numbers and use your favorite search engine to find the download links to the administrative update files. Eample: office2007sp2-kb953195-fullfile-en-us.exe is the SP2 fullfile download easily found searching for KB953195.

Assuming that you now have all the update files let’s begin patching our Office 2007 installation.

  1. First create a folder: C:\updates (this is just for simplicity for the upcoming steps).
  2. Move all your update files that you downloaded into the C:\updates directory.
  3. Open a command prompt by right clicking and running as Administrator and change to directory C:\updates
  4. For each update file use the following syntax: office2007sp2-kb953195-fullfile-en-us.exe /quiet /extract:”C:\extracted”
  5. After repeating Step 4 for each update file, move all of the .msp files and copy them to the Updates directory in your Office 2007 installation.

That’s pretty much it. If you see a warning about a file already existing that’s fine, just overwrite the old files with the new ones. Depending on the size of your company, you can maintain your Office 2007 deployments using wide variety of update methods such as SMS or WSUS.

For more information read the following TechNet documentation: Distributing Product Updates

Free instant messaging server – Openfire 3.6.3

0
3 years ago
in ,

Looking for a free open source solution to deploy IM for your business?  Look no further. The folks over at Ignite Realtime have a great product that is painless to implement.

Pick your flavor of host. It will run on a myriad of operating systems: FreeBSD, Linux, and Windows to name a few.

If you prefer FreeBSD, openfire is in ports. I highly recommend that you install it that way, as it will create a startup script that can be very handy. Being that I very rarely have to reboot any of my *nix servers, I often forget that there were services that I have to manually start.  The only real heads up I will mention is that FreeBSD will have you manually dump a Sun java update into /usr/ports/distfiles.  The FreeBSD port installation will provide the link to get it- this is because of licensing reasons.  Note: you won’t be able to use wget, so just save yourself the hassle and fetch it on a Windows machine and (s)ftp the file over.

Is Linux your cup of tea? Try the .rpm as it includes the JRE to run the server.  However compiling openfire via ant is just as easy.

Administering the openfire service is simple as pie.  No apache or IIS to configure..it deploys it’s own webserver via java.

When it comes to the MySQL database setup I will say the documentation is a little lacking for novices. Here is a little help (assuming you have mysql already installed and configured)

mysql -u root -p
CREATE DATABASE openfire;
GRANT ALL PRIVILEGES ON openfire.* TO "openfireuser"@"localhost" IDENTIFIED BY "mysecretpassword";
FLUSH PRIVILEGES;
EXIT

In the above statement keep the quotes where you see them. Cut and Paste is your friend. Just change, as necessary, the pieces that are in italics.

Their provided documentation and community should be able to guide you through the rest of the install. When I get a chance I will post a document of all my steps.

DOWNLOAD HOWTO PDF

Go to Top