Tuesday, October 31, 2017

Ruckus daemon.err wsgclient errors every 5 seconds in the logs (firmware 104.0.0.0.1347)

I'm running a Ruckus R600, and I was getting errors every 5 seconds in the logs that looked like this:

---
Oct  4 13:37:15 RuckusAP daemon.err wsgclient[528]: communicatorInit:364 Init connection failed, ret:124, connectRetry:86990

Oct  4 13:37:15 RuckusAP daemon.err wsgclient[528]: registration:594 Failed to init socket! ret:124 url:https://RuckusController/wsg/ap

Oct  4 13:37:20 RuckusAP daemon.err wsgclient[528]: crResloveAddrInfo:152 getaddrinfo failed, ret:-2/Name or service not known

Oct  4 13:37:20 RuckusAP daemon.err wsgclient[528]: cmrInit:138 Call 'crDefSocketInit()' failed, ip: port:443, ret:124/CR initial socket failed


---

I worked with Ruckus support and found that the Ruckus was reaching out to a cloud server that it was not registered with and receiving these errors.  Ruckus said that these errors were normal and not a problem.  They walked me through the fix.  You fix it by SSLing to the Ruckus (I use Putty for this) and then log in and run these commands (the commands I'm typing are in bold):

Please login: super
password :
Copyright(C) 2016 Ruckus Wireless, Inc. All Rights Reserved.

** Ruckus R600 Multimedia Hotzone Wireless AP: 971603500291

rkscli: set scg disable
OK
rkscli: set discovery-agent
Commands starting with 'set discovery-agent' :
set discovery-agent : set controller discovery agent {options}
                 -> disable/enable
                 -- Configure Controller Discovery Agent Info

rkscli: set discovery-agent disable
OK

Wednesday, October 25, 2017

Submitting phishing and spam emails to Office365 for analysis

I found this link for how you can forward emails that are spam or phishing that are not caught by the Office365 junk filter for further analysis:

https://technet.microsoft.com/en-us/library/jj200769%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396

Friday, October 20, 2017

Remove HP Client Security for Windows 7 to Windows 10 upgradres

I was doing a Windows 7 to Windows 10 upgrade the other day on an HP EliteBook 840 and after a series of failures (error code 0xc1900208 - the eventual solution was to remove HP Client Security.  It's an incompatible app.

Tuesday, October 3, 2017

Visual Basic script to delete calendar appointments with a specific subject

I had a user on Outlook for Mac 2016 who had thousands of duplicate appointments (created by an Outlook bug).  Here was my fix . . .

I set up the user's account in my Outlook.

I pressed alt-F11 and expanded Project1 and then expanded Microsoft Outlook object and then expanded this Outlook session.  I double clicked on this Outlook session and put in this text in the right hand pane where DESIRED SUBJECT is the subject of the messages you want to remove.

When done, I clicked on the play button in the toolbar (green triangle) to run the script.


Option Explicit

Sub deleteOutlookAppt()
Dim olApp As Object 'Outlook.Application
Dim olNS As Object 'Outlook.Namespace
Dim olAptItemFolder As Object 'Outlook.Folder
Dim olAptItem As Object 'Outlook.AppointmentItem
Dim i As Long

    Set olApp = CreateObject("Outlook.Application")
    Set olNS = olApp.Session
    Set olAptItemFolder = olNS.GetDefaultFolder(9) '9=olFolderCalendar constant
   
    For i = olAptItemFolder.Items.Count To 1 Step -1
        Set olAptItem = olAptItemFolder.Items(i)
        If olAptItem.Subject Like "DESIRED SUBJECT" Then
            olAptItem.Delete
        End If
    Next i
   
    Set olAptItem = Nothing
    Set olAptItemFolder = Nothing
    Set olApp = Nothing
   
End Sub


Sunday, September 17, 2017

default password for NEC SV8100 and SV9100 DT700 and DT800 phones

On IP phones for the NEC SV8100 and NEC SV9100 phone systems (these are DT700 and DT800 phones), the default login for the phones is:

ADMIN (I've read this is case sensitive)
66333222 

Friday, August 11, 2017

Slow computer troubleshooting

Here's the list of things I do when troubleshooting a slow computer:

1) Run a malwarebytes scan and remove anything found
2) Install all applicable driver updates
3) Run "sfc /scannow" from an elevated command prompt
4) Install all applicable Windows updates
5) Install all applicable Office updates, if installed separately (true for some versions of Office 2016)
6) Check amount of free disk space (ideally at least 20 GB free)
7) Check for adware/crapware that is installed.  Remove by normal add/remove programs
8) Check CPU usage and disk usage for conditions above 99%

Friday, July 7, 2017

Storing Mac data storage folders (desktop, documents, etc) in a cloud syncing folder (Dropbox, Google Drive, etc)

This page talks about methods for moving data storage locations to cloud syncing folders which allows for real time backup of those data storage locations.  I use this process often for smaller clients who need/want backup on the cheap.  This is particularly easy if they're already using Dropbox or Google Drive or have an Office365 account with OneDrive storage.

https://www.howtogeek.com/204595/how-to-move-special-folders-on-os-x-to-cloud-storage/


Friday, June 23, 2017

Backup and Restore Sticky Notes in Windows 10

Here's the process that I found for moving Sticky Notes from a Windows 7 machine to a Windows 10 machines that has the anniversary update.  It's a specific process, and here it is (link):

http://www.winhelponline.com/blog/recover-backup-sticky-notes-data-file-windows-10/


Tuesday, May 30, 2017

Replicating Windows 10 Start Menu layout

I found this great post on how to replicate the Windows 10 Start Menu to other profiles on the same computer.

In brief, run this command from powershell to export the start menu as you've configured it:
Export-Startlayout -path C:\Windows\Temp\SMenu.xml

Then run this command from powershell to apply that layout to all other profiles:
Import-StartLayout -LayoutPath C:\Windows\Temp\SMenu.xml -MountPath $env:SystemDrive\

Wednesday, May 24, 2017

Creating a new Windows profile on Windows 10 (or Windows 8, Windows 7, or Vista)

This is what I consider best practice for creating a new Windows profile on Windows 10.  Typically, I do this if I think the Windows profile is corrupt in some way and I think a new profile will solve the problem.  All of this assumes that you have the user's log in password.

Step 1: Note the default printer and default browser for the existing profile (or any other things that may be unique to the profile, but those are the two big ones).  You might note which programs have been logged in with credentials you don't have as well - Dropbox, Google Drive, Skype, etc

Step 2: Log in with an account that has local administrator privileges.

Step 3: Edit the registry and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Look at the various keys in there and find the one with the value that you want to delete.  For example, in the screen shot below, the value c:\users\dave is in the key that begins with S-1-15-21.  You delete the entire entry that begins with S-1-15-21.
















Step 4: Rename the profile that is going to be deleted.  In this example, I'd rename c:\users\dave to c:\users\dave-old

Step 5: Reboot and then log in as the user.  You'll find a brand new profile is created and you can access all the old data in the renamed profile from step 4.

Step 6: Set up the profile as needed including, but not limited to:
1) set up Outlook
2) move back data from old profile to new profile:
 a) desktop
 b) documents
 c) all the other stuff that is in c:\users\%username%
3) set up backup
4) set up VPN
5) add back signature using old sent items
6) add printers (if necessary) and set correct default printer
7) restore browser settings
8) Remind the user that he/she will need to log in to services you don't have the password to (Dropbox, Skype, Google Drive, etc)

Thursday, March 23, 2017

How to remove entries from a Fortigate IPS block list

If you find that you've got an IP address on the block list that is incorrect, you can remove the entry via CLI.  From the CLI, you can run this command to get the list of blocked IP addresses:

diagnose firewall ip_host list

If the IP address 123.123.123.123 was on the block list, here's how you'd remove it:

diagnose firewall ip_host delete src4 123.123.123.123


Wednesday, March 22, 2017

Set up IPS on Fortigte firewall to block brute force RDP attacks

Like most people, my terminal servers are constantly being probed via brute force attacks trying to find a weak spot.  The better answer is to put the terminal server behind a VPN.  Short of that, I like setting up Duo Security for two factor authentication.  Another alternative (and perhaps in addition to Duo) is to detect and protect against brute force attacks on your firewall.

Here's how I configure that on my Fortigate firewall.

First, enable the Intrusion Prevention module (if not already done) in Config -> Features




First, I enable the IPS rule for RDP brite force attacks. I set a threshold of 15 over 900 seconds (15 minutes) with a block duration of 259200 seconds (3 days).




















Then you go to your RDP policy and set the default policy for your RDP policy.




















That's all you need to do.  If you want to see what IP addresses have been blocked, go to Log & Report -> Security Log -> Intrusion Protection





















Monday, March 20, 2017

Enabling two factor authentication in Outlook 2013 with Office365

This post will go over what you need to do to enable two factor authentication in Office 2013 with a backend Office365 mail server (so you don't need to use app passwords).  This process sets up the 'modern authentication' login window for Office 2013 programs.

Step one - from a Powershell command prompt run this command (info from here):
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

Step two - Add group policy to push modern authentication registry entries to Office 2013 computers

After step two is complete, I'd recommend waiting a couple days for all the users to get these settings added to their registry via group policy..  


Step three - enable 2FA from the Office Portal:

















Thursday, March 9, 2017

Windows 7 not installing updates

As of March 2017, I rarely ever touch a Windows 7 machine anymore, but I did today, and the machine was checking for updates over and over again.  I googled and found a solution in my case (below).  The machine I was working on had installed updates in October 2016.  In general, I'd say my process for updating Windows 7 machines is this:

Install the convenience update if the most recent updates were older than April 2016

If the convenience update is installed, then I'd recommend these commands from an elevated command prompt:

net stop wuauserv
net stop cryptSvc
net stop bits
net stop msiserver
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
ren C:\Windows\System32\catroot2 catroot2.old
net start wuauserv
net start cryptSvc
net start bits
net start msiserver

Sunday, March 5, 2017

Start menu organization in Windows 10

I used to leave the Windows 10 menu alone with all the default bloatware garbage on it, but I've started arranging the menu and putting the critical programs, weather, and news (changed from small to large window size) on the start menu,  I prefer a nicely organizard tile section in my start menu, so why not make it that way for the users?  This is what my typical start menu looks like:


Friday, February 24, 2017

Computer swap process - revised 2-24-17

This post will go over all the items we look at when putting in a new computer for an existing user (for example - an employee is getting a new laptop and needs his/her data transferred).  This process doesn't cover installation of programs (assumes this has already been done), but it will ask you to check on important installations.


  1. Change the name of the computer as required (putting initials for the user in the computer name)
  2. Install all applicable updates (for Windows and Office)
  3. Copy data from old computer to new computer using robocopy script
  4. Move data to appropriate locations (desktop data to desktop, music to music folder, etc)
  5. Ensure all applicable programs are installed/configured including (but not limited to):
    a. AP StyleGuard
    b. Adobe Acrobat Standard/Reader
    c. NitroPDF
    d. MS Project
    e. MS Visio
    f. TightVNC
    g. Skype
    h. Google Talk
    i. QuickBooks
    j. Malwarebytes
    k. Java
    l. FileMaker
    m. Backblaze (or other backup program)
    n. Great Plains and/or Management Reporter
  6. Make sure Outlook is configured as appropriate
  7. Confirm antivirus is installed and up to date
  8. Confirm shared calendars are in place
  9. Confirm printers are installed with appropriate printer set as default
  10. Confirm VPN is in place with saved credentials
  11. Confirm new user has appropriate permissions on computer (local admin or standard user)
  12. Put appropriate icons for frequently accessed programs on desktop (Computer, Word, Excel, Outlook, terminal server icon, VPN icon, accounting software if applicable)
  13. Confirm backup is working properly for the new user.
  14. Add drivers for mobile broadband card if needed
  15. Encrypt the laptop using bitlocker if required on that network
  16. Arrange the start menu per best practices (link to visual of best practices)
  17. Track computer's serial number in inventory spreadsheet and make sure user's name is noted as current user for computer