13 dic 2017

RITORNA IL SID ROADSHOW: L'EVENTO A CASA TUA!


Sarò presente a Mestre e parleremo di migrazione di Exchange Server verso Exchange Online.



RITORNA IL SID ROADSHOW: L'EVENTO A CASA TUA!
Anche nel 2018 ci sarà il SID Roadshow, l'evento itinerante, in tre tappe, che porta a casa tua l'esperienza della conferenza IT Pro for Business più importante d'Italia.
GDPR, security, virtualizzazione, cloud, storage, management, container e molto altro. Ecco alcuni degli argomenti che tratteremo durante le varie tappe, che per la prima volta non avranno la stessa agenda. I temi proposti verteranno sulle ultime tecnologie, come Windows Server v1709, Windows 10, Microsoft Azure, Microsoft Office365, Microsoft Intune e molto altro ancora. Non mancheranno le sessioni dei nostri sponsor, e partner, che vi proporanno le loro soluzioni per migliorare il vostro reparto IT, ottimizzare i costi e migliorare la produttività.
SAVE THE DATE!
Ti aspettiamo il 25 gennaio a Reggio Emilia (in collaborazione con Progel), il 30 gennaio a Torino (in collaborazione con ACME Consulting) ed il 1 febbraio a Mestre (in collaborazione con Walk2Talk).
I posti sono limitati, quindi non perdere tempo ad iscriverti! Ma ricordati di farlo solo se sei realmente certo di poter essere dei nostri.
STAY TUNED!
Seguici tramite i nostri canali social per rimanere sempre aggiornato sulle ultime novità della conferenza ed usa l'hashtag #sidrs18 per vivere assieme noi l'attesa del SID Roadshow 2018.
Se pensi che questa occasione sia importante anche per qualcuno che conosci, sentiti libero di invitarlo ad iscriversi subito alla conferenza. Ricorda che i posti sono limitati.
     

7 dic 2017

Windows DC: ERROR 0XC00002E2 in the virtualized environment

#Note
If you are using windows server as a virtualized domain controller and you can see this error:  0XC00002E2 during the boot phase and after a restore.

#Product Affected
Windows 2012 DC and probably also other versions

#Solution
- Restart the instance and press F8 until the boot menu appear
- Boot into Directory Services Repair Mode (DSRM)
- Login with a local administrator account, since AD service will not be running so the domain user will not be available.
- Backup everything in C:\Windows\NTDS
- Open a Command Prompt (Win-R, CMD, Enter)
- Type NTDSUTIL and press Enter.
- Type "activate instance ntds" and press Enter. Type “Files” and press Enter.
- Type “Info” and press Enter (this will shows you the logs location in case if you have more than one partition).
- Navigate to logs Location and delete (or rename) the *.log.
- Reboot
- Boot into Directory Services Repair Mode for second time
** Now have to defrag the database, while in DSRM;
- Open a Command Prompt (Win-R, CMD, Enter). Type NTDSUTIL and press Enter.
- Type “activate instance ntds” and press Enter.
- Type “Files” and press Enter.
- Type “Info” and press Enter. Verify the folder is actually C:\Windows\NTDS.-
- Type “Compact to ” and press Enter. I created C:\Windows\NTDS\Temp and used that.
- Copy the new file Ntds.dit in the temp folder over the old one in NTDS, and delete all the *.log files.
- Reboot normally.

26 nov 2017

MBR2GPT: ValidateLayout: Too many MBR partitions found, no room to create EFI system partition.

#Note
When you try to convert Windows 10 to UEFI, so partition from MBR to GPT, MBR2GTP fail.
The command return this error:

Info           ESP partition size will be 104857600
Info           MBR2GPT: Validating layout, disk sector size is: 512 bytes
Error         Validate Layout: Too many MBR partitions found, no room to create EFI system partition.
Error         Disk layout validation failed for disk 0
Info           MBR2GPT: Partition information at error point

#Product affected 
Windows 10 1703 and above

 #Solution 
The mbr2gpt disk conversion tool need three conditions for the validation of disk layout:
- Admin rights
- One of physical disk with boot partition MSR and OS partition
- The validation allows normally one of additional partitions, often it's recovery partition
If you have more than three partition validate will fail.

Check this with Get-Partition cmdlet










In this case we have too partition, so we have to find the Windows Recovery Environment (Windows RE)  partition with the command ReAgentc /info


Now we have to remove the "exceed" partition (partition 4)



And finally we can convert BIOS to UEFI with:

mbr2gpt /convert /disk:0 /allowfullos

















21 nov 2017

Poweroff Linux based NAS (Synology, ecc) remotely from Windows by command line

#Note
I had to turn off the NAS automatically after a Veeam backup copy process, but... it's not as simple as I thought.
The problem is that Linux SSH security permit executing of the "power off" command only as root and then root can not login to SSH

how do to do?

#Product affected / related 
NAS Linux based, Linux and Windows Server and Clients

#Solution 
1. Login to your NAS as admin user by SSH (PuTTY)
To enable ssh on Synology:
Control Panel > Terminal & SNMP > Terminal allows your Synology NAS to support Telnet and SSH command-line interface services. You can also change the security level of the SSH encryption algorithm.
To enable Telnet/SSH service:
Check the box next to the SSH protocol
Click Apply

2. Take permission as root
sudo su - or sudo -i

3.  Edit /etc/group
vi /etc/group

add a line for group shutdown and add your user name to it

poweroff:x:510:yourUserName

4. Change permissions to allow the shutdown group read and execute permission.
chmod 750 /sbin/poweroff

5. Power off can only be run by root so you need to have group "poweroff" execute the program as if you were root.
chmod u+s /sbin/poweroff

Now we have the "permission" to power off the system as admin 

6. Download plink
On Windows, you have to download plink from PuTTY download page and save it in a folder.
This is the command that resolve the problem:

plink.exe -ssh -t -pw “yourpassword” admin@xxx.xxx.xxx.xxx "poweroff"










20 nov 2017

Epson LQ can't print on Windows 7 /10 after recent patch


#Note
Epson LQ printers are not able to print after the installation of recent patch KB2952664 and KB4048957 on Windows 7 and KB4048955 (Windows10 Version 1709), KB4048954 (Windows 10 Version 1703), KB4048953 (Windows 10 Version 1607), KB4048952 (Windows 10 Version 1511), KB4048956 (Windows 10 Version 1507)

#Product affected / Related
Windows 7 32 and 64 bit, Windows 10

#Solution 
Remove the KB2952664 and KB4048957 on Windows 7 or the KB4048955 (Windows10 Version 1709), KB4048954 (Windows 10 Version 1703), KB4048953 (Windows 10 Version 1607), KB4048952 (Windows 10 Version 1511), KB4048956 (Windows 10 Version 1507)

Use PowerShell Cmdlet Get-Hotfix to verify the presence of the patches

To unistall KB:
wusa /uninstall /Kb:XXXXX

Pay Attention:
Patches are reinstalled if they do not hide from Windows Update


1 ott 2017

Hyper-V 2012 R2 - 2016: Automatic Virtual Machine Activation

#Note
Automatic Virtual Machine Activation ( AVMA ) is a feature that was introduced in Windows Server 2012 R2. AVMA simply binds the VM activation to the licensed virtualization server and activates the VM when it starts up. This way it is eliminates the need to enter licensing information and activate each VM individually.

AVMA requires that the host is running Windows Server 2012 R2 Datacenter or later and that the guest virtual machine OS is Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, or a later version.

#Product affected / related
Windows Server 2012 R2 and later with Hyper-V role

#Solution
Once the Hyper-V host is activated and the guest VMs are running (without activation of course), the only  step required is to install the AVMA client key on the guest VMs (Data Center or Standard). To manually install the key using the command line, please use the following syntax from an elevated Command Prompt inside the guest OS:

C:\>slmgr.vbs /ipk <AVMA Key>

The following AVMA are public keys that can be used for Windows Server 2012 R2:

Edition                                 AVMA key 
Datacenter                         Y4TGP-NPTV9-HTC2H-7MGQ3-DV4TW
Standard                             DBGBW-NPF86-BJVTX-K3WKJ-MTB6
Essential                              K2XGM-NMBT3-2R6Q8-WF2FK-P36R2

The following AVMA are keys that can be used for Windows Server 2016:

Datacenter                         TMJ3Y-NTRTM-FJYXT-T22BY-CWG3J
Standard                             C3RCX-M6NRP-6CXC9-TW2F2-4RHYD
Essential                             B4YNW-62DX9-W8V6M-82649-MHBKQ

30 ago 2017

Windows Server Evaluation: Convert and activate to fully licensed editions

#Note
Windows Server Evaluation: Convert and activate to fully licensed editions

#Product affected / related
Windows Server 2012 or higher

#Issue 
End user not able to use corporate or OEM serial numbers on Eval. Edition

#Solution
1. You need to establish your exact currently installed version. From a elevated command prompt, run the following command:

DISM /online /Get-CurrentEdition


2. Running the following command with your license key. Delete "Eval"from edition.

DISM /online /Set-Edition:ServerStandard /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX /AcceptEula

24 ago 2017

Test EOP anti-spam with GTUBE ("Generic Test for Unsolicited Bulk Email")

#Note 
Test EOP anti-spam

#Product affected / related
Exchange Online Protection, Antispam filter in general

#What's GTUBE
The GTUBE ("Generic Test for Unsolicited Bulk Email") is a 68-byte test string used to test anti-spam systems, in particular those based on SpamAssassin. In SpamAssassin, it carries an antispam score of 1000 by default, which would be sufficient to trigger any installation.

The contents of the string are as follows:


 XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X  

and should be placed in the message body of an RFC 5322 compliant email message, without any linebreaks or whitespaces.


There exist some varieties, notably the NAItube (which will carry a variable weight) and the GTphish (which will trigger specifically as a phishing mail), which are used in the McAfee implementation of SpamAssassin.


#Solution
To test Exchange Online Protection to detects spam messages, you can send a so-called GTUBE message to one of your recipients. The GTUBE message works in similar way that the  EICAR antivirus test file does. However, instead of adding a malicious attachment, the message body contains a specific string "XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.3 4X" which should always trigger the anti-spam engine to mark the message as spam. To test the anti-spam engine, send a message to a recipient in your domain and include the string below in the body of the message. Note that there should not be anything else in the body and that the string must be on a single line, without any spaces, or other.   You don't need to create a rule to catch this message. Exchange Online Protection will automatically detect it as spam

5 ago 2017

Storing messages sent by delegates [Send On Behalf, Send As]

By default, Exchange Online keeps a copy of all messages sent by delegates from a shared mailbox in the Sent Items folder of the user who sends the message. This is insane because it is usually more efficient to have the messages stored in the shared mailbox.

This Cmdlet manage the right properties

 Set-Mailbox –Identity 'sharedmbx' –MessageCopyForSendAsEnabled $True –MessageCopyForSendOnBehalfEnabled $True  

The MessageCopyForSendAsEnabled property is False by default. If set to True , Exchange Online keeps messages sent by delegates as the shared mailbox in the delegate's mailbox and also creates a copy in the shared mailbox. The same about MessageCopyForSendOnBehalfEnabled property.



31 lug 2017

MAPI over HTTP will be the sole connection protocol used by Exchange Online after October 31, 2017

#note

MAPI over HTTP will be the sole connection protocol used by Exchange Online after October 31, 2017. All Outlook clients have to be updated to a version that supports MAPI over HTTP by that date.

21 lug 2017

Office build numbers

Office build numbers

Office 2016

Build Number (MSO)KBDescription
16.0.4229.1024Office 2016 RTM
16.0.4266.1003Office 2016 RTM (Volume license)

Office 2013

Build Number (MSO)KBDescription
15.0.4420.1017Office 2013 RTM
15.0.4569.1506KB2850036Office 2013 SP1 32-bit 64-bit

Office 2010

Build Number (MSO)KBDescription
14.0.4760.1000Office 2010 RTM
14.0.6023.1000KB2510690Office 2010 SP1 32-bit 64-bit
14.0.7015.1000KB2687521Office 2010 SP2 32-bit 64-bit

Office 2007

Build Number (MSO)KBDescription
12.0.4518.1014Office 2007 RTM
12.0.6213.1000KB936982Office 2007 SP1
12.0.6425.1000KB953195Office 2007 SP2
12.0.6607.1000KB2526086Office 2007 SP3

Office 2003

Build Number (MSO)KBDescription
11.0.5614.0Office 2003 RTM
11.0.6361.0KB842532Office 2003 SP1
11.0.7969.0KB887616Office 2003 SP2
11.0.8173.0KB923618Office 2003 SP3

19 lug 2017

Windows Server 2008 R2: Verify WinRM 3.0 service is installed, running, and required firewall ports are open

#Note
 Verify WinRM 3.0 service is installed, running, and required firewall ports are open

#Product affected
Windows Server 2008 R2

#Issue
Management from 2012 Server Manager return the error:
Windows Server 2008 R2: Verify WinRM 3.0 service is installed, running, and required firewall ports are open

#Resolution 
To narrow down this issue, would you check if have you installed both Windows Management Framework 3.x and .NET Framework 4.x in Windows Server 2008 R2 SP1? If not, get the appropriate .msu from the following link and install them on Windows Server 2008 R2 SP1:

Windows Management Framework 3.0
http://www.microsoft.com/en-us/download/details.aspx?id=34595

Microsoft .NET Framework 4.5.1 (Offline Installer) for Windows Vista SP2, Windows 7 SP1, Windows 8, Windows Server 2008 SP2 Windows Server 2008 R2 SP1 and Windows Server 2012
http://www.microsoft.com/en-us/download/details.aspx?id=40779

After that,  run winrm qc from PowerShell or cmd prompt and check is it persists.

If the issue persists

Running winrm id to see if WinRM was all installed correctly on each server.
Use netsh advfirewall firewall show rule name="Windows Remote Management (HTTP-In)" to verify that the firewall rules had port 5985 open on our current NLA profile.
Use netstat -a -b to confirm that if there is any local process that was actually bound to port 5985.
Finally, please run winrm enumerate winrm/config/listener to confirm that if WinRM is actually listening on the port.

17 lug 2017

RDS 2012 R2 error: “Licensing mode for the Remote Desktop Session Host is not configured.

#Note
RDS 2012 R2 Error: “Licensing mode for the Remote Desktop Session Host is not configured.

#Product aftected
Windows Server 2012 - Windows Server 2012 R2

#Issue
The error description reads (on RD Licensing Diagnoser): “Licensing mode for the Remote Desktop Session Host is not configured.”

#Solution
To fix the problem, run the following commands in powershell to set the licensing server properly on the rd session host using the WMI CIM provider:

$obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
$obj. SetSpecifiedLicenseServerList("licenseserver.domain.local")

and then, go into the registry and set the licensing mode:

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\Licensing Core\LicensingMode

You need to change the DWORD to 2 for Per Device or 4 for Per User

Reboot

29 giu 2017

Office 365: Import Mail da PST (Network Upload)


Se avete la necessità di importare massivamente file PST esistono 2 strade. La prima è quella di inviare i dati al Datacenter mentre la seconda, che tratteremo, è quella di caricare i file PST tramite internet al fine di renderli disponibili per l’importazione in un’area di memorizzazione temporanea nel cloud Microsoft.





Continua a leggere su Azure Community!

28 giu 2017

Unbind the services from network adapter

#notes

Common services are:
  • LanmanServer—File and Printer Sharing for Microsoft Networks
  • LanmanWorkstation—Client for Microsoft Networks
  • lltdio—Link-Layer Discovery Mapper I/O Driver
  • rspndr—Link-Layer Topology Discovery Responder
For example, to unbind File and Printer Sharing, go to

HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage

double-click Bind value, and delete the lines that have the GUID of the NIC.

If you need to locate the NIC GUID:

wmic nicconfig get description,settingid  

Or simply download and use Hyper-V Network VSP Bind (nvspbind)

Usage: nvspbind option NIC protocol

 Options:
 /n display NIC information only
 /u unbind switch protocol from specified nic(s)
 /b bind switch protocol to specified nic(s)
 /d disable binding of specified protocol from specified nic(s)
 /e enable binding of specified protocol to specified nic(s)
 /r repair bindings on specified nic(s)
 /o show NIC order for specified protocol
 /+ move specified NIC up in binding order for specified protocol
 /- move specified NIC down in binding order for specified protocol
 /++ move specified NIC up to top of binding order for specified protocol
 /-- move specified NIC down to bottom of binding order for specified protocol

16 giu 2017

SID 2017: Grazie di cuore

Il SID 2017 si è appena concluso, nonostante i mille problemi ce l'abbiamo fatta anche se non è stato facile. Siamo tutti stanchi morti, le cose da fare dietro le quinte sono moltissime e si lavora anche fino a notte fonda affinché sia tutto perfetto per i nostri ospiti.

Appena sono arrivati i feedback ho cominciato a scorrere la lista dal basso verso l'alto e a metà ho pensato "non c'è la mia sessione, sarà un errore" poi salgo con lo sguardo piano piano e mi ritrovo tra le prime righe. Incredulo seguo la riga con il dito mirando bene per un paio di volte.
Sono proprio lì tra le prime righe e non riesco a crederci. E' già un onore essere in quella lista di stimatissimi professionisti, figuriamoci tra le prime righe.

Grazie di cuore a tutti! Un abbraccio.


2 mag 2017

Coversione dei file ESD in WIM tramite DISM


Come avrete notato le nuove build di Windows non contengono più il file install.wim nella cartella sources ma un file denominato install.esd.

Windows Deployment Services non accetta il formato esd che dovrà essere convertito in formato wim attraverso il tool DISM

Prima di tutto copiare il file esd in una cartella temporanea C:\ESD


NB: Il file deve essere convertito dallo stesso OS

In una nuova finestra di PowerShell come Amministratore eseguire il comando:

dism /Get-WimInfo /WimFile:install.esd

Il numero dell'indice indentifica la versione da estrarre


Poi eseguire il comando seguente per estrarre Windows 10 Pro (index 1)

dism /export-image /SourceImageFile:install.esd /SourceIndex:1 /DestinationImageFile:install.wim /Compress:max /CheckIntegrity




Una volta terminato il processo è possibile aggiungere l'immagine al server WDS 


12 apr 2017

Linux Box: Una Soluzione Anti-Ransomware

Uno dei problemi di sicurezza informatica più diffusi, pericolosi ed efficaci sono indubbiamente i ransomware. Un ransomware è un tipo di malware che limita l’accesso del dispositivo che infetta, richiedendo un riscatto (ransom appunto) da pagare per rimuovere la limitazione. Ad esempio alcune forme di ransomware cifrano i file dell’utente chiedendo di pagare una determinata cifra in genere in Bitcoin per riportare i file cifrati in chiaro.
I ransomware tipicamente si diffondono come i trojan, dei malware worm, penetrando nel sistema attraverso, ad esempio, un file scaricato o una vulnerabilità nei servizi. Il software malevolo eseguirà poi un payload, che cripterà i file personali sull’hard disk locale nonché su tutte le share di rete. I ransomware più sofisticati utilizzano sistemi ibridi di criptazione (che non necessitano di condivisione di chiavi fra i due utenti) sui documenti della vittima, adottando una chiave privata casuale e una chiave pubblica fissa in l’autore del malware è l’unico a conoscere la chiave di decriptazione privata.
Naturalmente come altre forme di malware, i software per la sicurezza potrebbero non rilevare un payload di ransomware, in particolare nel caso di payload che producono la criptazione di dati.

Come Difendersi?


Leggi l'articolo completo in esclusiva sulla nostra community WindowServer.it

25 mar 2017

Office 365: Introduzione a Microsoft Flow

Microsoft Flow è un servizio basato sul cloud che consente agli utenti di Office 365 e di Outlook.com di creare in modo semplice e pratico workflow (flussi di lavoro) in grado di automatizzare processi e attività aziendali, dispendiosi in termini di tempo, all’interno di applicazioni e servizi.

Microsoft Flow consente di creare flussi di lavoro automatizzati tra i propri servizi e applicazioni preferiti per sincronizzare i file, ottenere le notificheraccogliere dati e altro ancora. Ad esempio, è possibile registrare i tweet preferiti di un utente in un file di Excel o ricevere una notifica e-mail ogni volta che viene pubblicato un nuovo elemento in un elenco di Sharepoint ecc.

Microsoft Flow non si limita alle applicazioni in Internet. Nei flussi è possibile includere anche dati locali, ad esempio da SharePoint SQL Server.

L’elenco di applicazioni e servizi utilizzabili con Microsoft Flow è in costante espansione. Con Microsoft Flow, è possibile automatizzare attività come:


  • Rispondere istantaneamente a notifiche o messaggi e-mail di importanza critica.
  • Informare il team ogni volta che viene aggiornato un elemento di lavoro.
  • Acquisire, monitorare e seguire i nuovi clienti potenziali.


Leggi l'articolo completo in esclusiva sulla nostra community Azure Community

19 mar 2017

Windows Server: Restore Domain Controller 0xc00002e2


Di recente c'è stata la necessità di ripristinare un Domain Controller Windows Server 2012 R2, in esecuzione in una virtual machine Hyper-V, da un backup effettuato con Veeam Backup & Replication 9.5. Fin qui nulla di strano dato che il software di backup dovrebbe essere "Application Aware".

Error: 0xc00002e2. E' proprio vero che a lavorare nell'IT non ci si annoia mai!

Leggi l'articolo completo in esclusiva sulla nostra community Veeam User Group Italy

13 feb 2017

Office 365: Configurazione e gestione tramite la nuova interfaccia di amministrazione (Video)


Con questi video sulla nuova interfaccia di amministrazione scoprirete come configurare Office 365. Imparerete come aggiungere un nome di dominio, aggiungere utenti, gestire i documenti, il download del software e molto altro in una serie di brevi video.


Office 365 admin videos


24 gen 2017

Backup dei product key in Windows 10, Windows 8.1, Windows 8

Questo script in PowerShell ci permette di eseguire il backup delle Product Key di Windows una volta attivato.

SupportaWindows 10, Windows 8.1 e Windows 8.

Il product key verrà scritto in un file txt,  sul desktop di Windows e denominato "WindowsKeyInfo"