Categories
CLI Command Line FTP Linux Windows Windows 2003

Configuring FTP in Isolation Mode in IIS 6

IIS FTP isolation mode enables you to have a separate directory per FTP user. For example if you had a dozen different users that all need access to your FTP server but you did not want them to see any directories but their own you could setup Isolation Mode. Isolation Mode supports users either on the local computer, or if you are a member of a domain it supports domain users.

We will begin by assuming you have FTP (and IIS) installed. Launch IIS Manager (IIS Manager 6.0 in Windows 2008). NOTE: in Windows 2008 make sure you install the IIS Management Console role so you can manage your FTP sites.

  • Delete or disable the default ftp site
  • Create a new FTP site with desired values – at the FTP User Isolation screen select Isolate Users or Isolate Users using Active Directory (which ever works better for your situation)
  • Specify path for your new FTP site
  • Set FTP Site Access Permissions to both Read and Write
Within the root FTP directory you must create either a directory named localuser or <your_domain_name>, depending on which isolation mode you are using.  In my case I am NOT using Active Directory so I created the directory localuser.
Within the localuser or <your_domain_name> directory create the desired user directories and assign each user sufficient permissions to their respective directory.

Example – creating directories:

md ftproot
md ftprootlocaluser
md ftprootlocaluserlocaluser1
md ftprootlocaluserlocaluser2
md ftprootlocaluserlocaluser3

Example – setting Create NTFS permissions on each respective directory:

cacls ftprootlocaluserlocaluser1 /E /G localuser1:C
cacls ftprootlocaluserlocaluser2 /E /G localuser2:C
cacls ftprootlocaluserlocaluser3 /E /G localuser3:C

Categories
IIS 6 IIS 7 Windows 2003 Windows 2008 Windows 7 Windows Vista

Restarting IIS using the command-line

You can restart IIS and disable Reliable Restart using the command prompt and Iisreset.exe. See the following command-line usage and parameters.

iisreset [computername]
 
/RESTART Stop and then restart all Internet services.
/START  Start all Internet services.
/STOP Stop all Internet services.
/REBOOT  Reboot the computer.
/REBOOTONERROR   Reboot the computer if an error occurs when starting, stopping, or restarting Internet services.
/NOFORCE Do not forcefully terminate Internet services if attempting to stop them gracefully fails.
/TIMEOUT:val Specify the timeout value (in seconds) to wait for a successful stop of Internet services. On expiration of this timeout the computer can be rebooted if the /REBOOTONERROR parameter is specified. The default value is 20s for restart, 60s for stop, and 0s for reboot.
/STATUS Display the status of all Internet services.
/ENABLE  Enable restarting of Internet Services on the local system.
/DISABLE Disable restarting of Internet Services on the local system.

Example (restart IIS on local computer):

iisreset /restart

Categories
IIS 6 Linux SSL Windows 2003 Windows XP

Setup self-signed certificate on IIS 6


Create a self-signed SSL certificate with SelfSSL from the IIS 6.0 Resource Kit.

The IIS 6.0 Resource Kit contains a utility called SelfSSL.exe for quickly and easily creating and installing a self-signed certificate into IIS 6 for Windows 2003 or XP.

  • Download IIS 6.0 Resource Kit Tools
  • Install the resource kit
  • Go to Programs IIS Resources SelfSSL and select “SelfSSL”
  • Execute the following (modify for your environment):
    selfssl.exe /N:CN=www.powercram.com /K:1024 /V:180 /S:56792119 /P:443 /T

  • Go to https://localhost to test.

Explanation of selfssl.exe switches (used in command above):

  • /N:CN=www.powercram.com – common name of the certificate.
  • /K:1024 – key length.
  • /V:180 – number of days certificate is valid.
  • /S:56792119 – IIS site ID.  Default is 1 for “default site.”
  • /P:443 – SSL port.
  • /T – Adds the self-signed certificate to “Trusted Certificates” list.
Categories
Administration CLI Command Line Exchange Server 2007 Exchange Shell Linux Windows Windows 2000 Windows 2003

Exchange 2007 HOW TO: Add Email Addresses To Public Folders

How do we add email addresses to Public Folders?

It should be pretty simple – If Get-Mailbox shows the emailaddresses property for a mailbox, and Set-Mailbox allows you to use the -EmailAddresses switch to add email addresses, one can’t be blamed for believing it’ll work the same way for Public Folders.

Objects other than Public Folders need to be mailbox or mail-enabled to be Exchange recipients, Public Folders do not (Yes, they are mail-enabled by default). To modify mail-related attributes of Public Folders, you use the Set-MailPublicFolder command.

To add additional email address to a (mail-enabled) Public Folder:

$PF = Get-MailPublicFolder “Sales”

$PF.EmailAddresses += “Sales-EMEA@domain.com”

$PF | Set-MailPublicFolder

The first line gets mail-related properties of Public Folder “Sales” in a variable called $PF. Next, we add the additional email address, without wiping out the existing ones. Finally, we commit the change using Set-MailPublicFolder.

If you simply use Set-MailPublicFolder “Sales” -EmailAddresses “Sales-EMEA@domain.com”, it will replace the existing values in the EmailAddresses property.

Another difference to note between how the Set-PublicFolder and Get-PublicFolder commands work, compared to Set-MailPublicFolder and Get-MailPublicFolder – the former takes a relative path of a Public Folder. For instance, to get the Sales PF if it’s in the root of the Public Folder tree, we would need to add a before the name:

Get-PublicFolder Sales

However, the Get/Set-MailPublicFolder commands work using the alias/display name of the PF. Why the difference? One way to look at it – when using Get/Set-PublicFolder, you’re working with the actual Public Folder. When using Get/Set-MailPublicFolder, you’re working with the Active Directory object created for that Public Folder (which holds mail-related attributes, making it possible for a Public Folder to be mail-enabled).

To change the primary email address of the Public Folder “Sales” from “Sales@domain.com” to the new address we just entered – “Sales-EMEA@domain.com”:

Set-MailPublicFolder “Sales” -EmailAddressPolicyEnabled $false -PrimarySmtpAddress “Sales-EMEA@domain.com”

As you may have already figured out, we exempted the Public Folder from getting EmailAddressPolicies applied. In Exchange Server 2003/2000, you could change the default email address of a recipient, without unchecking the checkbox. Result: A few minutes after you completed the change, Recipient Policies would apply and change the primary email address back.

Exchange Server 2007 doesn’t let you change the default email address without exempting the recipient from email address policies.

Categories
FREE Freeware ISO Linux Utility Windows Windows 2003 Windows Vista

Mount an ISO image in Windows 7 or Vista (also works on 2003 and 2008)

The freeware utility from Microsoft to mount ISO Images in XP and 2003 doesn’t work in Windows 7 or Vista. Thankfully there’s another FREE utility that does, Virtual Clone Drive. With it you can mount .ISO, .CCD, .DVD, .IMG, .UDF and .BIN files.

FYI as of the latest version, it should work on Windows 7 or Vista 64 bit edition.

Categories
CLI Command Line Control Panel Linux SERVER Time TIME ZONE Timezone Windows Windows 2000 Windows 2003

Set Time Zone From Command Line in Windows 2003, XP and 2000

Quick and easy way to set timezone from command line in Windows 2003, XP and 2000.

CONTROL.EXE TIMEDATE.CPL,,/Z Eastern Standard Time
CONTROL.EXE TIMEDATE.CPL,,/Z Central Standard Time
CONTROL.EXE TIMEDATE.CPL,,/Z Mountain Standard Time
CONTROL.EXE TIMEDATE.CPL,,/Z Pacific Standard Time

These are a little longer but they do the same thing.

RunDLL32.exe shell32.dll,Control_RunDLL timedate.cpl,,/Z Eastern Standard Time
RunDLL32.exe shell32.dll,Control_RunDLL timedate.cpl,,/Z Central Standard Time
RunDLL32.exe shell32.dll,Control_RunDLL timedate.cpl,,/Z Mountain Standard Time
RunDLL32.exe shell32.dll,Control_RunDLL timedate.cpl,,/Z Pacific Standard Time

See also Set Time Zone From Command Line in Windows 7 and Windows 2008

Keywords:
change time zone from command line windows xp
windows 2003 change timezone
command to get time zone in win xp

Categories
BartPE FREE Freeware Linux Live CD Passwords Preinstalled Environment USB Utility Windows Windows 2003

BartPE (Bart’s Preinstalled Environment)

BartPE (Bart’s Preinstalled Environment) is a lightweight variant of Microsoft Windows XP or Windows Server 2003 32bit operating systems, similar to a Windows Preinstallation Environment, which can be run from a Live CD or Live USB drive.

A BartPE system image is created using PE Builder, a freeware program created by Bart Lagerweij. It requires a legal copy of Windows XP or Windows Server 2003. Additional applications can be included in the image using plugins.

As a Live CD or USB, BartPE allows a user to boot Windows, even if a hardware or software fault has disabled the installed operating systems on the internal hard drive — for instance, to recover files. It can also be used to scan for and remove rootkits, viruses and spyware (that have infected boot files), or to reset a lost administrator password.

Description
As with Windows Preinstallation Environment, BartPE operates by loading system registry files into RAM, and not writing any registry changes back to boot media. Thus, both operating systems require no hard drive or network access. This also allows them to be run from non-writable media such as a CD-ROM.

Since each instance of BartPE is a new installation, the BartPE “boot” disk needs original Windows setup files in order to operate. The Bart PE Builder application interprets and condenses files from a Windows setup CD to create the BartPE installation. It can build from a Windows XP Pro or Home Edition CD, or from a preinstalled Windows XP version (without a CD).[1]

Additional applications can be included in the BartPE setup through the use of “plugins”. A plugin contains setup information for a specific application, so that it can be included on the media and installed along with Windows at each BartPE boot. Currently there are a few hundred plugins available in addition to the dozen-odd that are included by default with BartPE. Since BartPE represents a totally independent operating environment, the most obvious application examples involve backup, restoration, diagnosis and error-correction of systems with malfunctioning primary storage drives. Plugin programs can nominally be added to the capacity of the BartPE media.

BartPE is known to have certain incompatibilities with the Windows XP CDs shipped with most Dell PCs. The Dell versions include changes to the Windows setup files that can cause the BartPE build process to fail. Two patches are currently available to correct the known problems.

BartPE cannot create Vista Live DVDs.

Download BartPE

Categories
CLI Command Line Grep Linux Win 7 Win7 Windows Windows 2000 Windows 2003 Windows 7 Windows Vista Windows7

Windows (XP, Vista, Windows 7, 2003, 2008) Commands

Here is a great list Windows XP/2000 commands that will make any Linux user feel at home at the command prompt. A lot of these commands are intended for administrating a network, but they are great for savvy home users as well.

  • at – Windows Scheduling utility
  • bootcfg – This utility allows you to set up your boot options, such as your default OS and other loading options
  • cacls – Changes the ACLs (security Settings) of files and folders. Very similar to chmod in Linux.
  • comp – This utility is very similar to diff in Linux. Use the /? switch to get examples of command usage.
  • defrag – Yes, XP comes with a command line disk defrag utility. Here’s an example of how to create a scheduled task to defrag every day:

    schtasks /create /tn “Defrag C” /tr “defrag c: /f” /sc daily /st 04:30:00 /ru “System”

  • diskpart – Use this command to manage your disk partitions. This is the text version for the GUI Disk Manager.
  • driverquery – Produces a list of drivers, their properties, and their versions. Great for computer documentation.
  • eudcedit (unpublished) – Private Character editor. Yes with this program built into Windows XP you can create your own font!
  • findstr – Find String – similar to Linux’s Grep.
  • fsutil (unpublished) – This is a utility with a lot of capability. Come back soon for great examples.
  • getmac – This command gets the Media Access Control (MAC) address of your network cards.
  • gpresult – This generates a summary of the user settings and computer group policy settings.
  • gpupdate – Use this utility to manually apply computer and user policy from your windows 2000 (or newer) Active Directory domain.
  • ipconfig – This handy tool displays IP settings of the current computer and much more.
  • MMC – Microsoft Management Console. This is the master tool for Windows, it is the main interface in which all other tools use starting primarily in Windows 2000 and newer systems.
  • more- Utility used to display text output one screen at a time. Example:

    more c:windowswin.ini

  • msconfig – The ultimate tool to change the services and utilities that start when your Windows machine boots up. You can also copy the executable from XP and use it in Win2k.
  • msinfo32 – An awesome diagnostic tool. With it you can get a list of running processes, including the residing path of the executable (great for manually removing malware) and get detailed information about hardware and system diagnostics.
  • narrator – Turns on the system narrator (can also be found in accessibility options in control panel). Will will allow your computer to dictate text to you.
  • netsh – A network configuration tool console. At the ‘netsh>’ prompt, use the ‘?’ to list the available commands and type “exit” to get back to a command prompt.
  • netstat – A local network port tool – try netstat -ano.
  • nslookup – A DNS name resolution tool.
  • openfiles – Allows an administrator to display or disconnect open files in XP professional. Type “openfiles /?” for a list of possible parameters.
  • Pathping – A cross between the ping and traceroute utilities. Who needs Neotrace when you can use this? Type “pathping ” and watch it go.
  • recover – This command can recover readable information from a damaged disk and is very easy to use.
  • reg – A console registry tool, great for scripting Registry edits.
  • sc – A command line utility called the Service Controller. A power tool to make service changes via a logon/logoff or startup/shutdown script.
  • schtasks – A newer version of the AT command. This allows an administrator to schedule and manage scheduled tasks on a local and remote machines.
  • secedit – Use this utility to manually apply computer and user policy from your windows 2000 (or newer) domain. Example to update the machine policy: secedit /refreshpolicy machine_policy /enforce
    To view help on this, just type secedit.
    NOTE: In Windows XP SP1 and news, this command is superceded by: gpupdate /force
  • sfc – The system file checker scans important system files and replaces the ones you (or your applications) hacked beyond repair with the real, official Microsoft versions.
  • shutdown – With this tool, You can shut down or restart your own computer, or an administrator can shut down or restart a remote computer.
  • sigverif – With the sigverif tool you can have all driver files analyzed to verify that they are digitally signed. Just type ‘sigverif’ at the command prompt.
  • systeminfo – Basic system configuration information, such as the system type, the processor type, time zone, virtual memory settings, system uptime, and much more. This program is great for creating an inventory of computers on your network.
  • sysedit – System Configuration File Editor. An old tool that was very handy for the Windows 9X days. msconfig is what you want to use now.
  • tasklist – Tasklist is the command console equivalent to the task manager in windows. It is a must have when fighting malware and viruses. Try the command:

    tasklist /svc to view the memory resources your services take up.

  • taskkill – Taskkill contains the rest of the task manager functionality. It allows you to kill those unneeded or locked up applications.
  • tree – This command will provide a ‘family tree’ style display of the drive/folder you specify.
  • WMIC – Windows Management Instrumentation Command tool. This allows you to pull an amazing amount of low-level system information from a command line scripting interface.

Of course this list in note exhaustive, I just wanted to focus on tools that are particularly helpful that everyone might use. For the official list, please visit Microsoft Windows XP Pro Command Reference.

Categories
Apple Linux Passwords Windows Windows 2000 Windows 2003

How to recover missing, lost, or deleted files from Windows XP, Vista, Server 2003 and 2008 and Windows 7 as well as Apple Macs

Before reviewing the below recommendations and suggestions, verify that the files have actually been deleted; in some cases the files may have simply been moved. You can search the hard disk drive for the files you believe to be missing by running find or search on the computer.

Recover file from backup
If the file has been backed up to floppy disk or other medium it is recommended that the file be restored from that backup if the file cannot be found.

Restore from Recycling Bin or Trash
If you are running Apple MacOS, Microsoft Windows 95, NT, 98, 2000, ME, XP, Vista, or later operating system and the file has been recently deleted it is possible that the file may still be in the Trash or Recycle Bin. If present within this area it can be recovered.

Download freeware program and/or purchase a program
Below is a list of freeware file recovery programs that can be used freely to recover lost data.
PC Inspector File Recover
Restoration
Recuva
Undelete Plus
FreeUndelete
Photorec

In addition to the above freeware programs there are also several companies who have created programs designed to recover your lost data. For example, PowerQuest makes the utility Drive Image that in some cases can be used to recover data from a hard drive.

Utilize a service from a company that specializes in recovering lost data
Utilize the service of a local data recovery company or an out of state data recovery company. One word of caution is that these services can sometimes be very expensive. It is only recommended they be used if the data is extremely important. Below is a listing of a few major data recovery companies.
Action Front Data Recovery
CBL Data Recovery Technologies Inc.
Doctor Byte
DriveSavers Data Recovery
Lazarus Data Recovery
Ontrack
Virtual Data Recovery
Stellar Data Recovery
DataCent Professional Data Recovery

There are also several companies that specialize in the service of recovering files or documents that are password protected. Below is a listing of some of the companies that provide this service.

Passwordcrackers
Passwordservices.com
Password Recovery software

Categories
Linux Mac Networking Windows Windows 2003

Mac connect to Windows File Share

By default, Windows 2003 Server domain controllers have “Microsoft network server: Digitally sign communications (always)” set to “Enabled” by default. This is likely causing the Macs to fail to authenticate with the “error = -5000” when trying to connect via CIFS or SMB (samba)

To change this on a given domain controller, go to “Start” ->”Administrative Tools” -> “Domain Controller Security Policy” (not Domain Policy) and look for “Security Settings” -> “Local Policies” -> “Security Options” -> “Microsoft network server: Digitally sign communications (always)”. It should show “Enabled” by default. Double-click on it and set to “Disabled”.

Then close the app and click on start | Run – enter the command ‘gpudate’ to refresh group policy and hit enter.

You should now be able to use the “Go” > “Connect to Server” command in Finder to map to a share as shown below:

cifs://SERVER/SHARE