tag:blogger.com,1999:blog-495755634173042182024-03-13T18:56:53.825+02:00Tahvok's blogTahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.comBlogger14125tag:blogger.com,1999:blog-49575563417304218.post-34336404900034496192018-12-10T17:09:00.001+02:002018-12-10T17:09:22.980+02:00Ansible and Jinja2: Check if variable is defined and it's True<div dir="ltr" style="text-align: left;" trbidi="on">Jinja2 provides you with a built in test:<br />
<br />
http://jinja.pocoo.org/docs/2.10/templates/#defined<br />
So you can simply use:<br />
<script src="https://gist.github.com/Tahvok/7b18c21102bae4e15dace307a3a29993.js"></script><br />
However, if you're using Ansible variables, even thought you might have defined some of them as <i>False</i> they might still be treated as True as Jinja2 may simply see them as string variables.<br />
So you should, and even encouraged to use the built-in <i>bool</i> filter. So the final and the safest answer is this:<br />
<script src="https://gist.github.com/Tahvok/1f33f06a8ae7952eb4c6743fe9d54992.js"></script><br />
</div>Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com1tag:blogger.com,1999:blog-49575563417304218.post-4281417819518645262016-02-29T13:14:00.000+02:002016-02-29T13:14:02.352+02:00How to copy files/directories from list preserving directory<div dir="ltr" style="text-align: left;" trbidi="on">
<h3 style="text-align: left;">
Tl;dr:</h3>
Create a directory 'newdir',<br />
And run the following supplying the filelist file:<br />
<script src="https://gist.github.com/Tahvok/027519fc3828f9538b71.js"></script><br />
<br />
<h3 style="text-align: left;">
Explanation:</h3>
You have the following tree as in example:<br />
<br />
<script src="https://gist.github.com/Tahvok/ad45bb6135fa7387971c.js"></script><br />
<br />
<br />
Now, you have the following list of files inside `filelist.txt`:<br />
<br />
<script src="https://gist.github.com/Tahvok/cab4aa237ab4af5c4785.js"></script><br />
<br />
You want to copy somewhere else only this files.<br />
The script should run inside the `dir0` directory. <br />
The above script will run on each row inside filelist.txt and copy them to `newdir`. `newdir` should be created <b>before</b> running the script.<br />
<br />
<b>* It does not matter if the end path is a file or directory</b></div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-63508222211210242192014-12-17T19:02:00.002+02:002014-12-17T19:39:52.987+02:00The certificate retrieved from the master does not match the agent's private key.<div dir="ltr" style="text-align: left;" trbidi="on">
While implementing puppet in our environment, I got into this issue with newly created machine. Running 'puppet agent -t' for the first time:<br />
<script src="https://gist.github.com/Tahvok/c3cf55e7bec3d205167a.js"></script><br />
First you must make sure the certname in puppet.conf matches the hostname of the machine, but the commands mentioned above may still not work and result in the same error.<br />
<br />
After a little digging on the puppet <b>master</b> machine, I found the following domain.com.pem file in the following path:<br />
<blockquote class="tr_bq">
/var/lib/puppet/ssl/ca/signed</blockquote>
Just remove this <b>agent's</b> pem file, and redo the commands again. Fixed the issue for me.<br />
<br />
Edit: Also ensure you are working under root in puppet master :P</div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com1tag:blogger.com,1999:blog-49575563417304218.post-21219630306897878812014-02-18T17:23:00.000+02:002014-02-19T12:35:05.157+02:00LibreOffice 4 not opening files from smb<div dir="ltr" style="text-align: left;" trbidi="on">
Just a note to myself,<br />
<br />
It's a temporary fix, or as many call it, a workaround. <br />
<br />
<a href="https://bugs.freedesktop.org/show_bug.cgi?id=67527">There is a bug in LO that you're not able to open files on smb share.</a> The LO just start (may show a splash screen), and closes with no error.<br />
<br />
The workaround is simple, as provided by Maxim Monastirsky (<a href="https://bugs.freedesktop.org/show_bug.cgi?id=67527#c15">comment #15</a>):<br />
<br />
Open the .desktop file (such as /usr/share/applications/libreoffice4.1-writer.desktop for LO Writer) and comment the following line:<br />
For Nautilus users:<br />
X-GIO-NoFuse=true<br />
<br />
For Dolphin users:<br />
Open the same file, and comment the following line:<br />
X-KDE-Protocols=file,http,smb,ftp,webdav<br />
<br />
It's working now like a charm.</div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-78568547789184340452014-02-05T17:11:00.000+02:002014-02-05T17:11:54.285+02:00Can't send mail from kontact using davmail<div dir="ltr" style="text-align: left;" trbidi="on">
I moved to Arch Linux recently with KDE, and tried setting my organization email account on Kontact using davmail.<br />
It's not my first time, and I just used this steps as usual: <br />
<a href="http://osdir.com/ml/kde-pim/2011-07/msg00146.html">http://osdir.com/ml/kde-pim/2011-07/msg00146.html</a><br />
<br />
Everything was setup except I couldn't send email and received the following error:<br />
<blockquote class="tr_bq">
Error : davmail.exchange.ews.EWSException: ErrorSendAsDenied The user
account which was used to submit this request does not have the right to
send mail on behalf of the specified sending account</blockquote>
After lot of investigation, I found out that somehow "davmail is not sending the right "From" address in new versions".<br />
That's Ok, except I have an old davmail server, that wasn't updated for some months, and it worked before I moved to Arch.<br />
<br />
So I tried to check the Kmail side, and after a lot of time, came up with this note in <a href="http://docs.kde.org/stable/en/kdepim/kmail/manual-configuration-quickstart.html#sending-mail">the documentation</a>:<br />
<blockquote class="tr_bq">
<br />
The way of sending messages configured here will be used for your default identity and for all other identities that do not have their own way of sending messages. You can use different ways of sending messages for different identities by selecting the Outgoing Account check box in the Advanced tab of the Identities page.</blockquote>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="http://2.bp.blogspot.com/-jhUiK3quVsE/UvJS-kNMtqI/AAAAAAAAFAs/DoFuf4Kyt5w/s1600/Kmailidentity.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img alt="Kmail Identity Edit" border="0" src="http://2.bp.blogspot.com/-jhUiK3quVsE/UvJS-kNMtqI/AAAAAAAAFAs/DoFuf4Kyt5w/s1600/Kmailidentity.png" height="320" title="" width="316" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Kmail Identity settings</td></tr>
</tbody></table>
Let's check my identity then! And I've found the culprit.<br />
Go to Configure Kmail -> Identities -> Choose your Identity -> Modify.<br />
I had no email address set in my Identity, right after setting it up, the emails sent successfully!<br />
<br />
Not sure why it happened, maybe some change in the newer version of Kmail. But that fixed it for me, and hope does the same for you!</div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-61193755051493775252013-10-05T14:34:00.000+03:002013-10-05T14:34:00.965+03:00Deinterlacing and converting MTS video files<div dir="ltr" style="text-align: left;" trbidi="on">
For my trip abroad I had a Sony video camera I borrowed from my friend. The camera was filming in AVCHD format, in 1080i format, an interlaced video.<br />
After coming home, I was searching for the best way, to preserve quality, to deinterlace the video files and keep them that way. I have tried several ways, also tried converting with VLC only to find out that <a href="https://trac.videolan.org/vlc/ticket/5560">there is a bug</a>. So I came up with the following article:<br />
<a href="http://cweiske.de/tagebuch/deinterlacing-1080i.htm">http://cweiske.de/tagebuch/deinterlacing-1080i.htm</a><br />
<br />
The way is to just use the command line, with the ffmpeg convert option. However, it came up to me, that <a href="https://trac.ffmpeg.org/wiki/Option%20%27-sameq%27%20does%20NOT%20mean%20%27same%20quality%27">the <i>sameq</i> option is no longer available</a> which is used by the publisher. So I decided to publish this post, with the fix to the command. You just need to replace the <i>sameq </i>option with <i>qscale 0</i>:<br />
<blockquote class="tr_bq">
ffmpeg -i in.MTS -vf yadif=1 -acodec ac3 -ab 192k -vcodec mpeg4 -f mp4 -y -qscale 0 out.mp4</blockquote>
Replace <i>in.MTS</i> with the source file and<i> out.mp4</i> with the output file name.<br />
<br />
This far it resulted in the best deinterlaced video quality I could find. <br />
You can download ffmpeg here:<br />
http://www.ffmpeg.org/download.html</div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com3tag:blogger.com,1999:blog-49575563417304218.post-88888589771546064702013-08-26T18:38:00.000+03:002013-08-26T18:38:38.276+03:00Key Update Tool throws an error<div dir="ltr" style="text-align: left;" trbidi="on">
Note to self:<br />
If <a href="http://windows.microsoft.com/en-US/windows/help/genuine/product-key#T1=tab03">Key Update Tool</a> (A tool to update Win XP Serial Key) is giving you this error:<br />
<blockquote class="tr_bq">
The product key could not be updated on your computer. This may be due
to technical difficulties or network connectivity issues. Please
contact Microsoft Support for additional assistance.</blockquote>
Make sure you have turned off Trend Micro antivirus.*<br />
<br />
<i>*May apply to other antivirus software as well.</i></div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-84481959781054937122013-08-13T13:07:00.000+03:002013-08-16T16:21:00.806+03:00Outlook on Exchange using wrong certificate<div dir="ltr" style="text-align: left;" trbidi="on">
Many of us encountered this error:<br />
<blockquote class="tr_bq">
The name on the security certificate is invalid or does not match the name of the site.</blockquote>
But this time, it was something different.<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="http://3.bp.blogspot.com/-y62mK0INCjw/UeZji4hdRtI/AAAAAAAADKI/4xOR0CN1zIA/s1600/CertificateError.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img alt="" border="0" height="230" src="http://3.bp.blogspot.com/-y62mK0INCjw/UeZji4hdRtI/AAAAAAAADKI/4xOR0CN1zIA/s320/CertificateError.png" title="Certificate error" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Not my image, but the exact error. (Source not found)</td><td class="tr-caption" style="text-align: center;"></td></tr>
</tbody></table>
99% that it's <u>not</u> the solution you are looking for. But I will still fill the gap for the 1% that may encounter it.<br />
<br />
I will explain every step I did until I found the problem. There are some solutions that I've tried that didn't work for me, but might for you, so you may try them.<br />
<u>*If you don't want to read it all, just jump directly to my solution down below.</u><br />
<br />
<b><u>The System:</u></b><br />
SBS 2008 (server 2008 + exchange 2007)<br />
*The solution may also apply for greater versions of exchange.<br />
<br />
<b><u>The problem: </u></b><br />
As we began upgrading people to outlook 2010 there were errors popping about the certificate.<br />
So the first thing I did was issuing a certificate from GoDaddy and installing it using the SBS console.<br />
It didn't fix the problem. <br />
The server is pretty old, and it wasn't me who installed it in the first place and it wasn't me who maintained it for several years, so I decided to go the manual way.<br />
<br />
<a name='more'></a><br /><br />
<b><u>The steps before I found the cause:</u></b> <br />
So I went into <a href="http://technet.microsoft.com/en-us/library/aa997231%28v=exchg.150%29.aspx" target="_blank">installing the certificate using exchange shell</a>:<br />
First run:<br />
<blockquote class="tr_bq">
Get-ExchangeCertificate</blockquote>
You will get a list of the certificates that <i>may</i> be used by exchange. Locate the right certificate's <i>Thumbprint</i> first. If you're having trouble locating it, then try going to "Administrative Tools" -> "Certificate Authority" -> "Issued Certificate", open each certificate until you find the one you have issued, then go to "Details" and locate the <i>Thumbprint</i> from there.<br />
After that, run the command below, to install the certificate for all services:<br />
<blockquote class="tr_bq">
Enable-ExchangeCertificate -Thumbprint <thumbprint> <thumbprint> <thumbprint> <thumbprint> -Services POP,IMAP,SMTP,IIS</thumbprint></thumbprint></thumbprint></thumbprint></blockquote>
Unfortunately, it still didn't fix the problem.<br />
<br />
Let's check whether the certificate is used in IIS:<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="http://2.bp.blogspot.com/--1nz_M5Z2do/UeZ29woWCkI/AAAAAAAADKo/oEY_GfR07ys/s1600/step2-site-bindings.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="216" src="http://2.bp.blogspot.com/--1nz_M5Z2do/UeZ29woWCkI/AAAAAAAADKo/oEY_GfR07ys/s320/step2-site-bindings.png" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Image source: <a href="http://www.sslshopper.com/article-ssl-host-headers-in-iis-7.html">http://www.sslshopper.com/article...</a></td></tr>
</tbody></table>
The fastest way is to go to the web and see what certificate is being used <i>inside</i> your network for http over ssl site. e.g. https://yourdomain.local.<br />
In case you see that a wrong certificate is being used, you can go to IIS Manager, choose your "Web Site" (Usually "SBS Web Applications" for SBS 2008 or "Default Web Site" for SBS 2011), then on the right choose "bindings", select "https" and then "edit" and there choose the right "SSL certificate".<br />
<br />
In my case, IIS was using the right certificate.<br />
So what's the matter with it?<br />
<br />
<b><u>The mistake:</u></b><br />
Pretty funny of me, but we all make mistakes, and forget to look at things we should've looked in the first place. In my case, it was the certificate error itself.<br />
As you see, the first raw, in the error, represents the address outlook is trying to connect through. In my case the address was fine, so I clicked on "View Certificate...".<br />
And here I found the cause to the problem, the certificate was wrong. But not just wrong, I haven't seen such certificate on the server, and it was issued to some strange address: "my.firewall".<br />
Wait, what?<br />
Like I wrote above, I made sure exchange is the right certificate. So it's sending me some wrong certificate instead. You know what? Let's resolve the IP address, using the address outlook is connecting through:<br />
<blockquote class="tr_bq">
<b>ping</b> <i>address</i><br />
<i>my outside ip</i></blockquote>
What? But I'm connected locally. I should receive the local server's IP!<br />
Ok, let's try nslookup:<br />
<blockquote class="tr_bq">
<b>nslookup</b> <br />
<i>address</i><br />
<i>my local ip</i></blockquote>
<br />
Ok, now I get it. For some reason the client has fallen back to use the secondary DNS, which is configured to Google Public DNS.<br />
<br />
<b><u>Problem found:</u></b><br />
What is going on, step by step:<br />
<ol>
<li>Clients fall back, for some reason, to the secondary DNS IP.</li>
<li>The secondary DNS in our network is Google Public DNS, as a fall back in case the server goes down. </li>
<li>Client's machine first resolve the IP of the exchange using the given exchange domain address.</li>
<li>Google's DNS returns our <b>outside</b> IP.</li>
<li>Outlook is trying to connect to the given IP using HTTPS.</li>
<li>The router loopbacks to himself, because he received his own outside address</li>
<li>Router sees that the requesting address (the client's address) is <b>inside</b> the LAN, therefore treats it as such. And connects the client to himself.</li>
<li>The router return's <b>his</b> certificate, because he's configured for remote management <b>inside</b> the network on the 443 (HTTPS) port.</li>
<li>Client's outlook sees that the certificate is wrong, therefore the client receives the certificate error, before it actually tries to connect. </li>
</ol>
<b><u>The solution:</u></b><br />
<br />
<ol style="text-align: left;">
<li>The simplest way, is to disable the secondary DNS, and leave it with just the SBS IP, then it will always try to find the ip from the SBS. It solved my problem. You can either edit the DHCP server setting, so clients will get only the SBS IP as a DNS server, or just edit manually on the client's machine the network adapter properties.</li>
<li>You can go further and investigate the cause of the client's fall back to the secondary DNS. There can be many reasons for the cause of it. You should look into logs, such as "System" logs and "DNS Server" logs on both, client and server. I did find a problem on the server side, and currently investigating it. As soon as I'll find a solution I'll post another article with the solution.</li>
</ol>
Also, stay tuned to my second post with a very similar problem (will put a link here). </div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com10tag:blogger.com,1999:blog-49575563417304218.post-910582688843078162013-04-18T11:07:00.005+03:002013-04-18T11:09:42.696+03:00Outlook 2003 hangs when replying / forwarding certain emails<div dir="ltr" style="text-align: left;" trbidi="on">
I haven't posted here in a while.<br />
Anyway, I had a user with a problem, when replying or forwarding certain messages outlook would just hang, and you would find a process "WINWORD.EXE" with 50% cpu in task manager.<br />
So after some digging in google, I decided to read further some posts (instead of just looking at best answers) and I found this post:<br />
<a href="http://www.office-outlook.com/outlook-forum/index.php/m/282024/">http://www.office-outlook.com/outlook-forum/index.php/m/282024/</a><br />
<br />
Thanks John Blessing or jb[3], whoever you are. Thought no one answered you, your solution actually worked.<br />
<br />
I quote what you need to do:<br />
<blockquote class="tr_bq">
<span class="MsgBodyText">Sounds to me like a problem with Word Automation.<br />
<br />
This is a stab in the dark:<br />
<br />
Start menu -> run<br />
Type:<br />
regsvr32 ole32.dll<br />
[enter]<br />
<br />
John Blessing<br />
</span></blockquote>
Thank you again! <br />
</div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-33555430817516173862013-02-04T14:42:00.003+02:002013-02-04T14:44:40.472+02:00Push emails (ActiveSync) suddenly not working on server 2003<div dir="ltr" style="text-align: left;" trbidi="on">
Today a small business server 2003 was shut down unexpectedly (Simple electricity issue). After the server came up, the ActiveSync was no longer working. What I mean is that people who had their phones configured no longer received emails automatically by push. However the emails did sync, after going to the email app, and refreshing them.<br />
So what's going on? Actually it's pretty simple for people that know where to look, unfortunately I forgot about the order of the things to check, and it took me a bit longer.<br />
If you go to the Application log in Event Viewer, you will see the following error:<br />
<blockquote class="tr_bq">
IP-based AUTD failed to initialize because the processing of notifications could not be setup. Error code [0x80004005]. Verify that no other applications are currently bound to UDP port [2883], or try specifying a different port number.</blockquote>
Or this:<br />
<blockquote class="tr_bq">
IP-based AUTD failed to initialize. Error code: [0x80004005].</blockquote>
<br />
So what's the solution?<br />
Just restart the DNS Service. Everything was ok after that.<br />
<br />
<b>But</b>, the problem may come back again. So here's the permanent solution, after reading more about that on <a href="http://blogs.technet.com/b/sbs/archive/2008/07/17/some-services-may-fail-to-start-or-may-not-work-properly-after-installing-ms08-037-951746-and-951748.aspx" target="_blank">this page</a>, you may need to add the following ports as reserved in the registry:<br />
<ul>
<li><span style="font-size: small;"><span style="font-family: inherit;">1645-1646 - Used by IAS </span></span></li>
<li><span style="font-size: small;"><span style="font-family: inherit;">1701-1701 - Used by L2TP </span></span></li>
<li><span style="font-size: small;"><span style="font-family: inherit;">1812-1813 - Used by IAS </span></span></li>
<li><span style="font-size: small;"><span style="font-family: inherit;">2883-2883 - Used by AUTD </span></span></li>
<li><span style="font-size: small;"><span style="font-family: inherit;">4500-4500 - Used by IPSEC</span></span></li>
</ul>
<span style="font-size: small;"><b>Add </b>this to the following registry:</span><br />
<blockquote class="tr_bq">
<span style="font-size: small;">HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts</span></blockquote>
Now restart the server to make sure everything is fine.<br />
<br />
Hope it helped somebody.</div>
Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com1tag:blogger.com,1999:blog-49575563417304218.post-14804652052828115222012-09-04T17:13:00.000+03:002012-09-04T17:26:04.095+03:00Office 365, PowerShell and passwordsSince, as I know, most of us are familiar with Office 365, and maybe even using it. But most of us never do things than what the <a href="http://login.microsoftonline.com/" target="_blank">Office 365 Management</a> site gives us. But then comes this day when you are assigned to do the things we can't do with the management service, like it happened to me.<br />
Today I was asked to set the user passwords to some of our customers to never expire. Quite simple task in Active Directory if you ask me, but that's not the case in Office 365. You have to do this in PowerShell.<br />
So I'll brick this post in two: The first part will show you how to connect to Exchange online in Office 365 using PowerShell, and the second will show you how to set the passwords to never expire.<br />
I also encourage any system administrators to get more familiar with PowerShell and at least get the basic idea behind it. It will greatly assist you in understanding the principles of today ways of administration.<br />
<br />
Instead of letting you dig trough this page at microsoft (<a href="http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh534387.aspx" target="_blank">link</a>), I'll tell you what you need.<br />
First, install Microsoft Online Services Sign-in Assistant:<br />
<a href="http://go.microsoft.com/fwlink/p/?linkid=236299" target="_blank">32-bit</a><br />
<a href="http://go.microsoft.com/fwlink/p/?linkid=236300" target="_blank">64-bit</a><br />
<br />
Second, Install the Microsoft Online Services Module for Windows PowerShell:<br />
<a href="http://go.microsoft.com/fwlink/p/?linkid=236298" target="_blank">32-bit</a><br />
<a href="http://go.microsoft.com/fwlink/p/?linkid=236297" target="_blank"><span id="goog_1014197411">64-bit</span></a><br />
<br />
<span id="goog_1014197411">Now, find and open Microsoft Online Services Module for Windows PowerShell from the start menu.</span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-rDMntGBgHRA/UEX03MukMyI/AAAAAAAABqY/QuyPfXWnX9I/s1600/onlineservices.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="323" src="http://4.bp.blogspot.com/-rDMntGBgHRA/UEX03MukMyI/AAAAAAAABqY/QuyPfXWnX9I/s640/onlineservices.png" width="640" /></a></div>
<br />
<span id="goog_1014197411">Enter this command after:</span><br />
<blockquote class="tr_bq">
<span id="goog_1014197411"></span><span id="goog_1014197411"></span>$LiveCred = Get-Credential</blockquote>
<div class="separator" style="clear: both; text-align: center;">
</div>
Enter your Office 365 <u>Admin</u> credentials (full email address and password).<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-UlSfsIpmCA0/UEX1uko5jLI/AAAAAAAABqw/z5gha7aN5jE/s1600/credentials.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="254" src="http://3.bp.blogspot.com/-UlSfsIpmCA0/UEX1uko5jLI/AAAAAAAABqw/z5gha7aN5jE/s320/credentials.png" width="320" /></a></div>
<br />
This command will create a new PowerShell parameter <i>$LiveCred</i> with the credentials you are going to connect with. After that enter this command:<br />
<blockquote>
<span style="font-family: inherit;"><span style="font-size: small;">$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection</span></span><span style="font-family: inherit;"><span style="font-size: small;">
</span></span></blockquote>
<span style="font-family: inherit;"><span style="font-size: small;">This will create a new parameter <i>$Session</i> with the connection parameters. </span></span>
><span style="font-family: inherit;"><span style="font-size: small;"> </span></span>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://4.bp.blogspot.com/-UKZQZBhbjD8/UEX5n6H87EI/AAAAAAAABrA/Fzd1j7hLli8/s1600/session.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="http://4.bp.blogspot.com/-UKZQZBhbjD8/UEX5n6H87EI/AAAAAAAABrA/Fzd1j7hLli8/s640/session.png" width="640" /></a></div>
<span style="font-family: inherit;"><span style="font-size: small;"> </span></span>
<span style="font-family: inherit;"><span style="font-size: small;">Now let's open a new session:</span></span>
<blockquote class="tr_bq">
<span style="font-family: inherit;"><span style="font-size: small;">Import-PSSession $Session</span></span>
</blockquote>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://2.bp.blogspot.com/-8oXBaMatoF4/UEYA7OH2ATI/AAAAAAAABrQ/KCQDA-AA_-I/s1600/importsession.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="http://2.bp.blogspot.com/-8oXBaMatoF4/UEYA7OH2ATI/AAAAAAAABrQ/KCQDA-AA_-I/s640/importsession.png" width="640" /></a></div>
<br />
And connect to Office 365:<br />
<blockquote class="tr_bq">
Connect-MsolService -Credential $LiveCred</blockquote>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://3.bp.blogspot.com/-9pLXUNEUBis/UEYBH6kRJsI/AAAAAAAABrY/sTVKRDvk6Sw/s1600/msolservice.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="http://3.bp.blogspot.com/-9pLXUNEUBis/UEYBH6kRJsI/AAAAAAAABrY/sTVKRDvk6Sw/s640/msolservice.png" width="640" /></a></div>
<br />
Finally we're ready to execute the commands to Office 365.<br />
<br />
<u><b>Warning!</b> Be careful with what you type, the below cmdlet's can cause you a lot of trouble! </u><br />
<br />
Let's see our issue with passwords:<br />
<blockquote class="tr_bq">
Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires</blockquote>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-7BgU_N_lLsQ/UEYElnkb60I/AAAAAAAABro/9o5p9zN0HC4/s1600/userpsinfo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="322" src="http://1.bp.blogspot.com/-7BgU_N_lLsQ/UEYElnkb60I/AAAAAAAABro/9o5p9zN0HC4/s640/userpsinfo.png" width="640" /></a></div>
<br />
You can see a table with the username and a <i>PasswordNeverExpires</i> state (I have blanked the usernames). Some of them are blank, and some of them are set to false. Both of them means that the password is set to expire. So let's change it to <b>never expire</b>.<br />
<br />
You can either make it per user:<br />
<blockquote class="tr_bq">
Set-MsolUser -UserPrincipalName <user id="id"> -PasswordNeverExpires $true</user></blockquote>
Change <i><user id="id"> </user></i>to the user name (usually email address). <br />
or all users:<br />
<blockquote class="tr_bq">
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true</blockquote>
<br />
change <i>$true</i> to <i>$false </i>if you want to set it to <b>expire</b> again:<br />
One user -<br />
<blockquote class="tr_bq">
Set-MsolUser -UserPrincipalName <user id="id"> -PasswordNeverExpires $false</user></blockquote>
All users - <br />
<blockquote class="tr_bq">
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $false</blockquote>
<br />
<u>But we're not done yet!</u><br />
Yes, we've made our changes, but we must not forget to close the session. As said on <a href="http://www.localwisdom.com/blog/2011/09/connect-windows-powershell-to-office-365/" target="_blank">this page</a>:<br />
<blockquote class="tr_bq">
If you close the Windows PowerShell window without disconnecting from
the server-side session, your connection will remain open for
15 minutes. Your account can only have three connections to the
server-side session at one time. </blockquote>
Here's how we close our session:<br />
<blockquote class="tr_bq">
Remove-PSSession $Session</blockquote>
<i>$session</i> is the parameter name we set when created the session.<br />
<br />
Now we're done.<br />
Hope it helped you guys!Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-78367137158157610602012-09-03T16:25:00.001+03:002012-09-03T16:29:00.994+03:00Aboundex botIt's my first post with some story that may help you. So enjoy!<br />
In the last month or so, I have encountered a lot of bots (around a thousand) scraping a forum I'm admin in. After some digging, I've seen that the most of the bots come from 173.192.x.x segment.<br />
I went to a "whois" site which suggested that the segment is part of <a href="http://www.softlayer.com/" target="_blank">softlayer</a> data centers:<br />
<blockquote class="tr_bq">
<pre width="85%">NetRange: 173.192.0.0 - 173.193.255.255
CIDR: 173.192.0.0/15
OriginAS: AS36351
NetName: SOFTLAYER-4-8
NetHandle: NET-173-192-0-0-1
Parent: NET-173-0-0-0-0
NetType: Direct Allocation
Comment: SoftLayer provides on-demand IT infrastructure, dedicated servers and cloud resources.
RegDate: 2009-07-21
Updated: 2012-03-09
Ref: http://whois.arin.net/rest/net/NET-173-192-0-0-1</pre>
</blockquote>
What the? My site is located in Israel, and it's in Hebrew, so there's no reason for them to scan my site.<br />
But, after googling around I've <a href="http://blocklistpro.com/bots-ip-database/173.192.34.95-aboundex-crawler.html" target="_blank">found this</a>:<br />
<blockquote class="tr_bq">
The <b>Aboundex Crawler</b> is a bot from Aboundex Search, currently operating out of the Softlayer network with the IP Address <a href="http://blocklistpro.com/bots-ip-database/173.192.34.95-aboundex-crawler.html" title="173.192.34.95"><b>173.192.34.95</b></a>.<br />
Reports about the Aboundex crawler claim it ignores rules in
robots.txt, and is a fast page scraper which may switch IP's when
blocked from spidering pages.</blockquote>
According to this, the Aboundex Crawler bot ignores the <i>robots.txt</i> file. So why just not ban them?<br />
Well, I think if some new search engine or whatever want to make a good reputation, then it must follow some simple rules, and of course one of them is the <i>robots.txt</i>. So maybe something is wrong with my site? Let's check out what the <a href="http://www.aboundex.com/" target="_blank">Aboundex</a> site suggest.<br />
The site doesn't seem to be working, as it says "under construction" when you try to search something, but there is an <a href="http://www.aboundex.com/crawler/" target="_blank">about page</a> with this info (the only link on the site):<br />
<blockquote class="tr_bq">
How do i stop Aboundexbot from indexing my website?
If you have a concern about Aboundexbot, we hope
you give us a chance to address it via the email below but if you need
to block Aboundexbot, the robots.txt file will allow you to accomplish
that goal.<br />
<br />
To block Aboundexbot from your entire web site you add this to your robots.txt file:<br />
<br />
User-agent: Aboundexbot<br />
Disallow: / </blockquote>
I guess it's a good thing to try it. What you think? I'll update later as I'll add it to the forums.<br />
<br />
Hope you enjoyed :)Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-68484728573544606462011-12-14T22:52:00.000+02:002011-12-14T22:52:04.235+02:00less than a week to go!!I just remembered that I have a blog XD<br />
BTW, it's now available by this link: <a href="http://blog.tahvok.org">blog.tahvok.org</a>.<br />
<br />
You know what people say about the army, that it's all bad, that you will gain nothing of it and that it's much better being a civilian... Well I can't say all that about myself, at the beginning I was like that, but now when it all ends, I just understand how much things I understood in life, because of the army, and how much I gained from it, that who knows how much time it would to gain as a civillian, I've met many people, and many of them will still be my friends after the army, and i've got so much privilege to do things, and none would dare to let me do as a civillian man.<br />
But still, everything has an end. I just hope I'll do better as a civillian :)Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0tag:blogger.com,1999:blog-49575563417304218.post-59316589844594582802010-06-17T22:07:00.000+03:002011-12-13T21:49:32.743+02:00The beginningHi there,<div><br /></div><div>Well, after seeing what is going on in this world I decided to open a little blog. Which by the way may discuss anything from political, to environment and even technology. And I also hope it may improve my English a little. So here is a little info about me (I will also update it in my profile soon):</div><div>I live in Israel, currently at IDF, working really hard (or at least as much as I can) to help my family out of the money problems.</div><div>Also I am an activist at GreenPeace, I haven't done anything physically yet (although I hope to some day) but I have been following them since age 16, and supporting them as much as I can.</div><div>Actually Green Peace isn't the only organization I'm following. There is also TckTckTck, WWF, 350,org and some more which I can't remember.</div><div>So that was my first post,</div><div>I just hope you enjoyed it,</div><div><br /></div><div>Thanks for reading,</div><div>Albert</div>Tahvokhttp://www.blogger.com/profile/12581365899789399374noreply@blogger.com0