Friday, February 27, 2015

SCCM 2012 - User collection based on OU membership

Inside System Center Configuration Manager:



Create a new User collection



Give it a descriptive name, set your limiting collection as the broadest one you have.



After clicking Next, add a Query rule,



Resource class: User Resource.  Click on edit query statement, then Show query language and paste in the following:

select SMS_R_USER.ResourceID,SMS_R_USER.ResourceType,SMS_R_USER.Name,SMS_R_USER.UniqueUserName,SMS_R_USER.WindowsNTDomain from SMS_R_User where SMS_R_User.UserOUName = "<YOUR DOMAIN>/<YOUR OU>"

Be sure to edit your own domain and OU structure.. i.e.

domain/people/employees/engineering
domain/people/employees/hr

etc,etc

Monday, February 23, 2015

Looking towards the future...

So my birthday was back on the 15th.. I'm 38 now.  Feeling like life is quickly slipping away (Yes I realize I'm not THAT old) I need to spend more time working toward my goal of homesteading life.

I want to live out in the sticks, I want a small farm with pigs, cows and the like.  First stop though is which state to aim for.  After living in Michigan for 4 years now I can say that I don't want to stay here.  I realize the past few winters have been rougher than average.. but down here in the LP it's way too flat for our tastes.  The UP was an initial thought but with so many parts averaging over 100 inches of snow per year that's just.. wow.. a lot of snow.

Plus it's so cloudy during the winter that I don't think a green house would fair well. It's the environment primarily.

So my sights are set on either Montana or Idaho.  Most of Idaho is considered a 'high desert', low rainfall in most areas so growing crops would be a little more difficult without free flowing water nearby.
Montana I think is going to be the best place.  Rugged, beautiful, nice climate year round and land is still fairly cheap  Land where you'd want to live, is not cheap. Land within 30 minutes of a decent town/city is not cheap.  Of course the job market is rather bland which means I'd have to get creative to keep some income flowing.
Which brings up the second goal in terms of difficulty.. revenue.

I'm still thinking on that.

Removing Public Folders using ADSIEDIT for Exchange 2010

Since our migration to Office365, I now have zero active mailboxes on my on-premise servers.  So now it's time to re-purpose them.  Starting with the one in my local site, I need to use a few of those drives so here I got uninstalling Exchange 2010.

Long story short, I ran into an issue where I could not remove teh PF's (I have two PF db's)

All forms of removing the public folder databases left me with mysterious replica's that I could not see via get-publicfolderstatistics, nor using the Public Folder Management Console.

So I headed off to ADSIEDIT and deleted the two entries in there.  Re-ran the uninstall and it's completing as I type this.

Source: http://blog.dargel.at/2012/01/19/remove-public-folder-using-adsiedit/


Exchange 2010
Open ADSI-Edit and got to configuration
Navigate to this path:
CN=Configuration,DC=DOMAIN,DC=LOCAL
CN=Services
CN=Microsoft Exchange
CN=EXCHANGE_ORG
CN=Administrative Groups
CN=Exchange Administrative Group (FYDIBOHF23SPDLT)
CN=Databases
CN=PUBLIC_FOLDER_DATABASE

Thursday, February 12, 2015

Restoring data to mailbox, Exchange 2010 SP3

Ok so in our migration from on premise to Office365, we had sent out a note to all the users about cleaning up their Deleted Items folders.  Explaining how the migration process will remove all items older than 30 days.

So yeah.. I've got a user who somehow thought that if he created subfolders inside the Deleted Items that the emails would be safe.  Because he used the Deleted Items for things he wasn't entirely sure he wanted to delete.  I know, I know.. makes no damn sense to me either.

So that's exactly what he did.. he created /Deleted Items/deleted 2013, 2014 and 2015.

Ok so it's my job to try to recover those.  First things first I restored the database via Symantec Backup Exec, then followed the steps here: http://msexchangeguru.com/2010/05/23/exchange2010-recovery-database/ then I had tried both New-MailboxRestoreRequest and Restore-Mailbox.

The latter gave me fits.. it would not recognize the source mailbox name of "Waters, Cliff".  I tried all different variations and could not get it to work.

The New-MailboxRestoreRequest however proved working except finding syntax info was semi-hard.
So in the end my syntax was:

new-mailboxrestorerequest -sourcedatabase recovery -sourcerestoremailbox 'Waters, Cliff' -targetmailbox cwaters1 -allowlegacymismatch -includefolders "#deleteditems#/deleted 2013"


While logged in as the new temp user 'cwaters1' in OWA i could see those three subfolders populating with deleted emails.

Yay.

Latest IE 11 updates break Cisco AnyConnect

Today we ran into an issue where Windows updates: KB3023607 and Cumulative KB3021952 (sinc eit contains 3023607)  both when installed break the AnyConnect client.

"Failed to initialize connection subsystem"

That's what the AnyConnect client spits up.  The only remedy we had was to roll back those updates and block them from our WSUS servers.


UPDATE: I've discovered that if this is happening on a Windows 8-8.1 machine if you set Compatibility Mode to Windows 8 mode then the client will begin working correctly if that update installed.

Friday, February 6, 2015

Unable to release quarantine msg in Office365

So we recently were forced to migrate off on-premise Exchange 2010 servers to Office365, I won't even go into how much I fought against this.

Anyway today I hit yet another problem, and something that Google had no results on either.  After checking my Quarantine messages:

https://admin.protection.outlook.com/quarantine

I found a message that I wanted to both release and mark as not junk.  So I did what you are supposed to do.. I highlighted the message line and clicked the little envelope icon


And instead of being greeted with a message stating it was successful I got this:


All the Google results references Powershell but with a different variable name like Identity.  Unable to find a cause and being a little bored I tried teh pencil icon, which opened a popup like

Weird thing is, choosing to release and report as false positive from here worked.  It's not an actual resolution IMO as much as a work around.  But maybe this tid bit will help out others.