Outlook on Exchange using wrong certificate

 Many of us encountered this error:

The name on the security certificate is invalid or does not match the name of the site.

But this time, it was something different.

Not my image, but the exact error. (Source not found)

99% that it's not the solution you are looking for. But I will still fill the gap for the 1% that may encounter it.

I will explain every step I did until I found the problem. There are some solutions that I've tried that didn't work for me, but might for you, so you may try them.
*If you don't want to read it all, just jump directly to my solution down below.

The System:
SBS 2008 (server 2008 + exchange 2007)
*The solution may also apply for greater versions of exchange.

The problem:
As we began upgrading people to outlook 2010 there were errors popping about the certificate.
So the first thing I did was issuing a certificate from GoDaddy and installing it using the SBS console.
It didn't fix the problem.
The server is pretty old, and it wasn't me who installed it in the first place and it wasn't me who maintained it for several years, so I decided to go the manual way.

Outlook 2003 hangs when replying / forwarding certain emails

I haven't posted here in a while.
Anyway, I had a user with a problem, when replying or forwarding certain messages outlook would just hang, and you would find a process "WINWORD.EXE" with 50% cpu in task manager.
So after some digging in google, I decided to read further some posts (instead of just looking at best answers) and I found this post:
http://www.office-outlook.com/outlook-forum/index.php/m/282024/

Thanks John Blessing or jb[3], whoever you are. Thought no one answered you, your solution actually worked.

I quote what you need to do:

Sounds to me like a problem with Word Automation.

This is a stab in the dark:

Start menu -> run
Type:
regsvr32 ole32.dll
[enter]

John Blessing
 

Thank you again!

Push emails (ActiveSync) suddenly not working on server 2003

Today a small business server 2003 was shut down unexpectedly (Simple electricity issue). After the server came up, the ActiveSync was no longer working. What I mean is that people who had their phones configured no longer received emails automatically by push. However the emails did sync, after going to the email app, and refreshing them.
So what's going on? Actually it's pretty simple for people that know where to look, unfortunately I forgot about the order of the things to check, and it took me a bit longer.
If you go to the Application log in Event Viewer, you will see the following error:

IP-based AUTD failed to initialize because the processing of notifications could not be setup.  Error code [0x80004005].  Verify that no other applications are currently bound to UDP port [2883], or try specifying a different port number.

Or this:

 IP-based AUTD failed to initialize.  Error code: [0x80004005].

So what's the solution?
Just restart the DNS Service. Everything was ok after that.

But, the problem may come back again. So here's the permanent solution, after reading more about that on this page, you may need to add the following ports as reserved in the registry:

• 1645-1646 - Used by IAS
• 1701-1701 - Used by L2TP
• 1812-1813 - Used by IAS
• 2883-2883 - Used by AUTD
• 4500-4500 - Used by IPSEC

Add this to the following registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ReservedPorts

Now restart the server to make sure everything is fine.

Hope it helped somebody.

Office 365, PowerShell and passwords

Since, as I know, most of us are familiar with Office 365, and maybe even using it. But most of us never do things than what the Office 365 Management site gives us. But then comes this day when you are assigned to do the things we can't do with the management service, like it happened to me.
Today I was asked to set the user passwords to some of our customers to never expire. Quite simple task in Active Directory if you ask me, but that's not the case in Office 365. You have to do this in PowerShell.
So I'll brick this post in two: The first part will show you how to connect to Exchange online in Office 365 using PowerShell, and the second will show you how to set the passwords to never expire.
I also encourage any system administrators to get more familiar with PowerShell and at least get the basic idea behind it. It will greatly assist you in understanding the principles of today ways of administration.

Instead of letting you dig trough this page at microsoft (link), I'll tell you what you need.
First, install Microsoft Online Services Sign-in Assistant:
32-bit
64-bit

Second, Install the Microsoft Online Services Module for Windows PowerShell:
32-bit
64-bit

Now, find and open Microsoft Online Services Module for Windows PowerShell from the start menu.

Enter this command after:

$LiveCred = Get-Credential

Enter your Office 365 Admin credentials (full email address and password).

This command will create a new PowerShell parameter $LiveCred with the credentials you are going to connect with. After that enter this command:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection

This will create a new parameter $Session with the connection parameters.  > 

  Now let's open a new session:

Import-PSSession $Session

And connect to Office 365:

Connect-MsolService -Credential $LiveCred

Finally we're ready to execute the commands to Office 365.

Warning! Be careful with what you type, the below cmdlet's can cause you a lot of trouble!

Let's see our issue with passwords:

Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires

 
You can see a table with the username and a PasswordNeverExpires state (I have blanked the usernames). Some of them are blank, and some of them are set to false. Both of them means that the password is set to expire. So let's change it to never expire.

You can either make it per user:

Set-MsolUser -UserPrincipalName -PasswordNeverExpires $true

Change to the user name (usually email address).
or all users:

Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true

change $true to $false if you want to set it to expire again:
One user -

Set-MsolUser -UserPrincipalName -PasswordNeverExpires $false

All users -

Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $false

But we're not done yet!
Yes, we've made our changes, but we must not forget to close the session. As said on this page:

If you close the Windows PowerShell window without disconnecting from the server-side session, your connection will remain open for 15 minutes. Your account can only have three connections to the server-side session at one time.

Here's how we close our session:

Remove-PSSession $Session

$session is the parameter name we set when created the session.

Now we're done.
Hope it helped you guys!

Aboundex bot

It's my first post with some story that may help you. So enjoy!
In the last month or so, I have encountered a lot of bots (around a thousand) scraping a forum I'm admin in. After some digging, I've seen that the most of the bots come from 173.192.x.x segment.
I went to a "whois" site which suggested that the segment is part of softlayer data centers:

NetRange:       173.192.0.0 - 173.193.255.255
CIDR:           173.192.0.0/15
OriginAS:       AS36351
NetName:        SOFTLAYER-4-8
NetHandle:      NET-173-192-0-0-1
Parent:         NET-173-0-0-0-0
NetType:        Direct Allocation
Comment:        SoftLayer provides on-demand IT infrastructure, dedicated servers and cloud resources.
RegDate:        2009-07-21
Updated:        2012-03-09
Ref:            http://whois.arin.net/rest/net/NET-173-192-0-0-1

What the? My site is located in Israel, and it's in Hebrew, so there's no reason for them to scan my site.
But, after googling around I've found this:

The Aboundex Crawler is a bot from Aboundex Search, currently operating out of the Softlayer network with the IP Address 173.192.34.95.
Reports about the Aboundex crawler claim it ignores rules in robots.txt, and is a fast page scraper which may switch IP's when blocked from spidering pages.

According to this, the Aboundex Crawler bot ignores the robots.txt file. So why just not ban them?
Well, I think if some new search engine or whatever want to make a good reputation, then it must follow some simple rules, and of course one of them is the robots.txt. So maybe something is wrong with my site? Let's check out what the Aboundex site suggest.
The site doesn't seem to be working, as it says "under construction" when you try to search something, but there is an about page with this info (the only link on the site):

How do i stop Aboundexbot from indexing my website? If you have a concern about Aboundexbot, we hope you give us a chance to address it via the email below but if you need to block Aboundexbot, the robots.txt file will allow you to accomplish that goal.

To block Aboundexbot from your entire web site you add this to your robots.txt file:

User-agent: Aboundexbot
Disallow: /  

I guess it's a good thing to try it. What you think? I'll update later as I'll add it to the forums.

Hope you enjoyed :)

less than a week to go!!

I just remembered that I have a blog XD
BTW, it's now available by this link: blog.tahvok.org.

You know what people say about the army, that it's all bad, that you will gain nothing of it and that it's much better being a civilian... Well I can't say all that about myself, at the beginning I was like that, but now when it all ends, I just understand how much things I understood in life, because of the army, and how much I gained from it, that who knows how much time it would to gain as a civillian, I've met many people, and many of them will still be my friends after the army, and i've got so much privilege to do things, and none would dare to let me do as a civillian man.
But still, everything has an end. I just hope I'll do better as a civillian :)

The beginning

Hi there,

Well, after seeing what is going on in this world I decided to open a little blog. Which by the way may discuss anything from political, to environment and even technology. And I also hope it may improve my English a little. So here is a little info about me (I will also update it in my profile soon):

I live in Israel, currently at IDF, working really hard (or at least as much as I can) to help my family out of the money problems.

Also I am an activist at GreenPeace, I haven't done anything physically yet (although I hope to some day) but I have been following them since age 16, and supporting them as much as I can.

Actually Green Peace isn't the only organization I'm following. There is also TckTckTck, WWF, 350,org and some more which I can't remember.

So that was my first post,

I just hope you enjoyed it,

Thanks for reading,

Albert