Office365: List Your Business Can’t Live Without

When you have a lot of conference rooms, equipment or special rooms mailboxes it is hard to list or find available free rooms during a particular time slot. Luckily, Office365 and Outlook 2013/2016 have a special feature called ‘Room Lists’, which enable you to find and schedule  a room quickly based on availability and offer suggestions during room reservation.

In simple terms Room List work  as distribution groups for conference or other types of rooms.

Use PowerShell to login to Office365:

Create a room list:

Add rooms to a list:

Check what Room Lists you have:

Check what conference rooms are part of a particular room list:

How To Get Rid Of Dell KACE Agent?

What is Dell KACE Agent?

Unifies and automates non-computer and computer asset management processes from deployment to retirement, to facilitate such tasks as software and regulatory compliance.
Uninstalling KACE can be a pain. Luckily there is a way thanks to wmic.

This works for 32 & 64 bit machines

From Command Prompt/ Powershell in Admin Mode:

Tech-notes:

Details:

URL: www.dell.com
Help link: www.kace.com
Installation folder: C:\Program Files\dell\kace
Uninstaller: MsiExec.exe /I{55914E97-339E-4CB6-AACC-DE52DE9689D3}
(The Windows Installer is used for the installation, maintenance, and removal.)
Estimated size: 11.87 MB
Language: English (United States)

Behaviors:

2 Services

  • ampagent.exe runs as a service named ‘Dell KACE Agent’ (AMPAgent) “Manages connections between agent and server.”.
  • kswmetersvc.exe runs as a service named ‘Dell KACE Software Meter’ (Dell KACE Software Meter) “Manages the Dell KACE Software Meter application”.

2 Windows Firewall Allowed Programs

  • kinventory.exe is added as a firewall exception for ‘%ProgramFiles(x86)%\Dell\KACE\KInventory.exC:192.168.10.49:enableC:KACE Inventory’.
  • ampagent.exe is added as a firewall exception for ‘%ProgramFiles(x86)%\Dell\KACE\AMPAgent.exC:192.168.10.49:enableC:KACE Agent’.

Files installed by KACE Agent:

  • mobileappinfo.dll – eSMART Agent (MobileAppInfo DLL (Captures/Returns Mobile Apps))
  • ampagent.exe – KACE Agent (AMP Service)
  • ampkickstart.exe – AMPKickstart
  • amptools.exe – AMPTools
  • kacecredentialprovider64.dll – KACE Credential Provider
  • kcopy.exe – KCopy
  • kdeploy.exe – KDeploy
  • kinventory.exe – KInventory
  • klaunch.exe – KLaunch
  • klaunchsvc.exe – KLaunchSvc
  • kswmetersvc.exe – KSWMeterSvc
  • kuseralert.exe – KUserAlert
  • kuseralertlang_de-de.dll
  • kuseralertlang_es-es.dll
  • kuseralertlang_es-la.dll
  • kuseralertlang_fr-fr.dll
  • kuseralertlang_it-it.dll
  • kuseralertlang_ja-jp.dll
  • kuseralertlang_pt-br.dll
  • kuseralertlang_zh-cn.dll
  • kuseralertlang_zh-tw.dll
  • kusrinit64.exe – KUsrInit Application
  • kwinimpl64.dll – KWinImpl Dynamic Link Library
  • plugindesktopalerts.dll – Desktop Alerts
  • pluginrunprocess.dll – Run Process
  • pluginweb.dll – Web
  • runkbot.exe – runkbot
  • inventory.exe (by Dell Inc) – Inventory (Inventory Application for x64 Platform)

Hack: Microsoft Outlook AutoComplete

Outlook maintains the AutoComplete list. The list is used by both the automatic name-checking feature and the automatic completion feature. The AutoComplete list, also known as the nickname cache, is generated automatically when you send email messages from Outlook. The list contains SMTP addresses, LegacyExchangeDN entries, and display names for people to whom you have sent mail previously.

Note The AutoComplete list for Outlook is specific to Outlook and is not shared by Outlook Web App (OWA). OWA maintains its own AutoComplete list.

The following sections provide information about the AutoComplete feature.

Limit to the number of entries

Outlook limits the number of entries that you can save in the AutoComplete list. After you reach this limit, Outlook uses an internal algorithm to determine the best names to remove from the list. It does this based on a usage weighting. Therefore, you may find some names unexpectedly removed from your nickname cache. There are two general approaches that you can use to avoid this situation:

  1. You can proactively remove AutoComplete list entries that you no longer need. This is the preferred approach. For more information about how to do this, see the section titled “How to remove AutoComplete list entries one at a time.”
  2. You can increase the limit for the nickname cache. If you have a larger nickname cache, you could also lose a larger number of cached entries if your nickname cache becomes unusable because of corruption.

The limits are as follows:

  • Outlook 2016: 1,000 entries
  • Outlook 2013: 1,000 entries
  • Outlook 2010: 1,000 entries
  • Outlook 2007: 2,000 entries
  • Outlook 2003: 1,000 entries

How to enable the AutoComplete feature

Outlook 2010, Outlook 2013, and Outlook 2016

To access the AutoComplete setting, follow these steps:

  • On the File menu, click Options.
  • Select the Mail tab.
  • Scroll approximately halfway down until you see Send messages. Make sure that the Use Auto-Complete List to suggest names when typing in the To, Cc, and Bcc lines box is checked. If you need to disable Auto-Complete uncheck the box.

How to import .nk2 files into Outlook 2010, Outlook 2013, and Outlook 2016

Microsoft Office Outlook 2007 and earlier versions store the AutoComplete list in an nickname (.nk2) file on the disk. Outlook 2010, Outlook 2013, and Outlook 2016 store the AutoComplete list as a hidden message in your primary message store. Outlook 2010, Outlook 2013, and Outlook 2016 let you import the older .nk2 files.

For more information about how to import .nk2 files in Outlook 2010, go to the following Microsoft website:

 

How to import .nk2 files into Outlook 2013 or Outlook 2016

When you start Microsoft Outlook 2013 or Outlook 2016 for the first time, your nickname cache (stored in the  profilename.nk2 file) is imported into a hidden message in your default message store.

Note profilename is the name of your Outlook profile.

For example, if you are using a Microsoft Exchange account, the nickname cache is imported into a hidden message in the Exchange mailbox.

Note Outlook 2007 and earlier versions store the nickname cache .nk2 file in the following folder.

  • Windows XP
    Drive:\Documents and Settings\Username\Application Data\Microsoft\Outlook
  • Windows Vista and later versions
    Drive:\Users\Username\AppData\Roaming\Microsoft\Outlook

After the nickname cache is imported, the
profilename.nk2 file is renamed to
profilename.nk2.old. On the next start of Outlook, your nickname cache is not imported. Outlook 2013 and Outlook 2016 do not use the .nk2 file for maintaining your nickname cache. All updates to your nickname cache in Outlook 2013 and Outlook 2016 are made to the hidden message in your default message store.

Note If you have multiple Outlook profiles, the nickname cache from each profile is merged into your new Outlook 2013 or Outlook 2016 nickname cache on the first start of Outlook by using that profile. Therefore, you may find more than one .nk2 file renamed to .nk2.old.

However, there may be situations where you have to import a nickname cache file after this first-run nickname cache import process has finished. For example, a colleague wants to share their nickname cache with you and you want to update your existing nickname cache with your colleague’s data.

To import .nk2 files into Outlook 2013 or Outlook 2016, follow these steps:

  • Make sure that the .nk2 file is in the following folder:
    %appdata%\Microsoft\Outlook

    Note The .nk2 file must have the same name as your current Outlook 2013 or Outlook 2016 profile. By default, the profile name is “Outlook.” To check the profile name, follow these steps:

    1. Click Start, and then click
      Control Panel.
    2. Double-click Mail.
    3. In the Mail Setup dialog box, click
      Show Profiles.
  • Click Start, and then click
    Run.
  • In the Open box, type
    outlook.exe /importnk2 , and then click
    OK. This should import the .nk2 file into the Outlook profile.
Note After you import the .nk2 file, the contents of the file are merged into the existing nickname cache that is currently stored in your mailbox.
Note The .nk2 file is renamed with a .old file name extension on the first start of Outlook 2013 or Outlook 2016. Therefore, if you try to re-import the .nk2 file, remove the .old file name extension.

How to copy the AutoComplete list

The steps to export and import the AutoComplete list are different, depending on the version of Outlook that you are using.

Outlook 2010, Outlook 2013, and Outlook 2016

To copy the AutoComplete list in Outlook 2010, Outlook 2013, and Outlook 2016, follow these steps:

Note: Please make sure the you are using the appropriate MFCMAPI for x86 or x64.

Step 1

To export the AutoComplete mailbox message, follow these steps:

  1. Exit Outlook, and then close Outlook Web Access or Outlook Web App (OWA) on all workstations that are connected to your mailbox.
  2. Download and install MFCMAPI from http://mfcmapi.codeplex.com.
  3. Run mfcmapi.exe.
  4. On the Session menu, click Logon.

  5. If you are prompted for a profile, select the desired profile name, and then click OK.

  6. In the top pane, locate the line that corresponds to your mailbox, and then double-click it.
  7. In the left-side navigation pane, expand Root Container, and then expand Top of Information Store or IPM_SUBTREE.
  8. Right-click the Inbox folder, and then click Open Associated Content Table. This action opens a new MFCMAPI window that contains various properties.

  9. Under the Subject column, right-click the item that has the subject IPM.Configuration.Autocomplete,


    and then click Export Message. This action opens the Save Message To File window.

  10. In the drop-down list, select MSG file (UNICODE), and then click OK.
  11. Select a folder location to which you want to save the message, and then click Save. Note this location.

Step 2

To import the AutoComplete mailbox message, follow these steps.

  1. Exit Outlook, and then close Outlook Web Access or Outlook Web App (OWA) on all workstations that are connected to your mailbox.
  2. Download and install MFCMAPI from http://mfcmapi.codeplex.com
  3. Run mfcmapi.exe.
  4. On the Session menu, click Logon.
  5. If you are prompted for a profile, select the desired profile name, and then click OK.
  6. In the top pane, locate the line that corresponds to your mailbox, and then double-click it.
  7. In the left-side navigation pane, expand Root – Mailbox, and then expand Top of Information Store or IPM_SUBTREE.
  8. Right-click the Inbox folder, and then click Open Associated Content Table. This action opens a new MFCMAPI window that contains various properties.
  9. To avoid duplicate entries, you must delete the existing AutoComplete message.
    Note: Before you delete the IPM.Configuration.Autocomplete message, you must export the message.

    To delete the existing AutoComplete message, follow these steps:

    1. In the Subject column, locate the item that has the subject IPM.Configuration.Autocomplete.
    2. Right-click the item, and then click Delete message. This opens the Delete Item window.
    3. In the drop-down list, select Permanent deletion (deletes to deleted item retention if supported), and then click OK.
    4. On the Folder menu, click Import, and then click From MSG.

    5. Locate the .msg file that you created in step 11 of the “How to Export the Auto-Complete List” section, and then click OK.
    6. In the Load MSG window that appears, select Load message into current folder in the Load style list, and then click OK.

The AutoComplete information is imported from the IPM.Configuration.Autocomplete_<hexadecimal code>.msg , where the placeholder <hexadecimal code>  represents a long string of numbers and letters.

How to remove AutoComplete list entries one at a time

To remove entries from the AutoComplete cache one entry at a time, follow these steps:

  1. Open a new email message.
  2. Type the first few characters of the AutoComplete entry that you want to remove.
  3. When the entry appears in the list of suggested names, move your mouse pointer over the name until it becomes highlighted, but do not click the name.
  4. When the “X” icon appears next to the highlighted name, click X to remove the name from the list, or press the Delete key on the keyboard.

How to clear the whole AutoComplete list

This section explains how to delete the AutoComplete list.

Outlook 2010, Outlook 2013, and Outlook 2016

Use one of the following two methods to delete the AutoComplete list in Outlook 2010, Outlook 2013, and Outlook 2016.

Method 1

  1. Open Outlook.
  2. On the File tab, click Options.
  3. Click the Mail tab.
  4. Under Send Messages, click Empty Auto-Complete List.

  5. Click Yes.

Method 2

Start Outlook by using the /CleanAutoCompleteCache switch. To do this, follow these steps:

  1. Click Start, and then click Run.
  2. Type Outlook.exe /CleanAutoCompleteCache .

    Note If Outlook is not installed in the default location, you must point to the path of Outlook.exe.

Filling the Auto-Complete list with Contact addresses

You can directly fill the list again by creating a new message addressed to all your contacts at once.

  1. Place Outlook in ‘Work Offline’ mode (see instructions below)
  2. Create a new message.
  3. Press the To… button.
  4. Select the contact list in the right top corner from which you would like to add the contacts from.
    Examples; Contacts folder, Global Address List (GAL) or a contacts folder in a Public folder.
  5. Select the first contact.
  6. Scroll all the way down to your last contact.
  7. Hold the SHIFT button on your keyboard while clicking on the last contact to select them all.
  8. Press the To –> button to add them all to the To… field.
  9. Repeat step 3 to 7 if you have contacts in additional lists that you would like to add.
  10. Press OK to close the dialog and to return to the newly created message.
  11. Now when you address a new message the AutoSuggest/Auto-Complete feature will pop-up again.

For Outlook 2010, Outlook 2013 and Outlook 2016, you must send the message to actually store these addresses in the AutoSuggest cache. However, by placing Outlook in Offline Mode first via the Send/Receive tab, you can easily prevent it from actually being sent by removing it from the Outbox and then place Outlook back online mode.

Working in Offline Mode

This is fairly simple for folks that dont know.

The main confusion is about Work Offline icon which is being displayed on the Send/Receive tab in the Ribbon in Outlook 2010 and Outlook 2013; you’ll find a globe with a red cross in front of it. This doesn’t mean you are in Offline Mode as the icon is always like this. The icon doesn’t change to for instance a globe without a red cross when you are Online

When you actually are in Offline Mode, the icon will show highlighted (as see below, when using a black color theme for Office 2016)  and your Status Bar will also show “Working Offline”. Clicking on the icon then will bring you back to Online Mode.

Status Bar:

POP3 Accounts:

When you are using a POP3 account, you can reuse your original pst-file on another computer or when reconfiguring the account without losing your AutoComplete cache. However, it is important that you do this in the correct way or the list will still be lost.

Cleaning up Office365 Groups Mess

Office 365 Groups are a shared workspace for email, conversations, files, and events where group members can collectively get stuff done. It compliments the introduction of Microsoft Teams. The main thing to keep in mind is that this feature is still evolving.

Why is it important to control Office 365 Group creation?

This feature is enabled by default. So its better to put restrictions in place or later clean up sites, groups, permissions set by organization users.

Which Group?

SharePoint frequently reuses terms, which often makes conversations and forum posts a lot of fun. There’s at least three “Groups” in Office 365:

  • Active Directory Groups: Groups at the AD level. Outside of SharePoint. Useable across all site collections, and other applications. A “Sales Managers” AD group can be created once, updated in one place and used across all site collections in the tenant.
  • SharePoint Groups: Collections of users (people) and AD groups. Scoped to a single site collection. A “Sales Managers” SharePoint group would need to be created in each of the site collections and all updates repeated across all of the site collections.
  • Office 365 Groups: A new collaboration option! A combination of a mailbox and a site collection. Not a group useable for managing access to SharePoint sites.

Office 365 Groups

Office 365 Groups are a combination of an Exchange email account with the group’s name that is used to store conversations, and a “OneDrive – like” site collection to store files.

A collection of Office 365 Groups facts:

  • Internally, to distinguish traditional groups from the new Office 365 Groups, Groups are called “Unified Groups”. Externally they should be called “Office 365 Groups”, not “SharePoint Groups”.
  • Creating a Group creates an AD Distribution group, an email address and a “hidden” SharePoint Site Collection. The site collection is not visible in the tenant admin pages. The AD group is not manageable from Azure AD, only from the tenant admin Groups pages. (You can see members in Azure AD, but cannot edit them.)
  • Groups can be created from:
    • Outlook (OWA).
    • A user’s OneDrive.
    • The “GROUPS” page in the tenant Admin site. Here you can create both “Office 365 Groups” and “security groups”.
  • Conversations are stored in Exchange inboxes and files are stored in SharePoint Site Collections.
  • Groups are defined and managed in Azure AD. (Which explains why the PowerShell cmdlets for Groups are not in the SharePoint Online cmdlet library.)
  • Each user may create up to 250 Groups and can be a member of up to 1,024 Groups. There’s no limit for number of Groups per tenant.
  • Emails can be sent in the name of the group by members. (Requires a PowerShell based change.)
  • Groups will not be deleted if the Group’s owner is deleted.
  • Groups use a OneDrive for Business site under the covers. (Template: GROUP#0)
  • URL for the files site collection looks like a normal team site instead of a OneDrive site:  https://yourdomain/sites/groupsitename
  • If there is a URL conflict, a number is appended to the name: https://yourdomain/sites/groupsitename51
  • URL for the mailbox is “guessable”: https://outlook.office365.com/owa/#path=/group/yourGroupName@yourDomain.onmicrosoft.com/people
  • Groups site collections are not (currently) displayed in the admin Site Collections page. You may discover their existence when you create a new site collection that has the same name as a group site. “The site collection already exists. Please enter a different address.
  • PowerShell:
    • Get-SPOSite does not return Groups site collections, but you can access a Groups site by URL.
    • Get-SPOUser does not return users for Groups sites.
  • Groups file storage is counted against the tenant quota. It’s not considered to be a personal OneDrive. There is no “user” for the Group OneDrive. The mailbox can store up to 50GB of messages, posts and calendar entries. The SharePoint Site Collection has a max of 1TB.
  • Search: There is a search box, but it opens the Search Center in a new window/tab and searches all of SharePoint, not just the Groups file site.
  • The document library in the Group site is very much like a OneDrive for Business library. No ribbon, no custom columns, no metadata and no Content Types. The Groups library is very limited:
    • Only one library, and it’s not customizable.
    • Can’t check out/in. (I saw this listed as a feature, but it’s not in my tenants.)
    • Versioning is enabled (Major only)
    • Cannot add/delete columns (i.e. use any custom metadata that might be useful to search or eDiscovery.)
    • Cannot use workflows.
    • Cannot audit security from the browser.
    • No branding. Cannot be opened by SharePoint Designer.
  • The Site Collection is VERY limited.
    • Almost all of the links for site or list maintenance are redirected to the home page.
    • There is no Settings page.
    • There is no Site Permissions page, so there’s no Site Permissions page or 2nd tier recycle bin.
    • You cannot create new lists or libraries.
  • Library Sync: The Sync button works with the new OneDrive for Business sync client. So, keep in mind that group members of easily offline all of the content.
  • Recycle Bin:
    • There is a recycle bin, but you can only access the user level.
    • If you share a file with a non-member with “Edit”, they can delete the file, but get “Sorry, you don’t have access to this page” when they click the Recycle Bin link.
    • There is no Site Collection recycle bin page available. The Groups “owner” can’t recover files deleted by members.
  • Can be administered and reported on from PowerShell as part of the Exchange Online cmdlets.
    https://technet.microsoft.com/en-us/library/jj200780(v=exchg.160).aspx
    cmdlets: Get/Set/New/Remove-UnifedGroup and Get/Add/Remove-UnifiedGroupLinks
    https://support.office.com/en-us/article/Use-PowerShell-to-manage-Office-365-Groups-aeb669aa-1770-4537-9de2-a82ac11b0540
  • Groups can be disabled for all users. (PowerShell)
  • Groups can be disabled for a subset of users. (Requires PowerShell.)
  • Security:
    • New groups default to “Public”. Everyone has access. You must remember to choose Private when you create the group.
    • I can’t find a place to change Public/Private status after the group has been created.
    • The names of groups are not private. They will be seen in “Send to”, “Share” and other places where user names can be seen. All groups, public and private, are listed in the “Browse Groups” screens. (Train your users not to use group names that reveal confidential data. You know, names like “IT Layoff Planning Group”. 🙂 )
    • Files can be shared with the “group”. They will be listed in the “Shared with us” tab.
    • Files that are shared with the “group” will be visible to all users even for Private groups! (I think this is a bug!) (The user must know the URL to the Files site.)
    • Files can be “reshared”. Sam has a site named “My Private Group”, which is Private, He shares a file with Robert (with Edit or View). Robert can only see that one file in the group site. Robert shares with Susan. Susan can then share with………
    • Users who guess the URL to the file site can see the site, but no files, or only files shared with them. They can see the list of “members” and who the owner is.

Groups vs. Team Sites

Groups Team Sites
Can add lists/libraries No Yes
Can add pages No Yes
Can add columns/metadata No Yes
Can use Content Types No Yes
Can hide membership No Yes
Can brand No Yes
Can be fully managed with PowerShell No Yes

Cleaning up the mess

So since this feature is enabled by default. Users in your organization may have already started creating groups and hidden SharePoint site.

So first we need to disable this option right away.

Prerequisites:

Check your Company-level configuration settings

Now need to check your company-wide configuration settings through the Get-MsolCompanyInfo Windows PowerShell cmdlet. This cmdlet will display your current company-wide configuration settings that affect all users. You specifically need to verify that the UserPermissionToCreateGroupsEnabled parameter is set to False.

To check your Company-level configuration settings

You will first need to connect to your Office 365 service. In the Windows Azure Active Directory Module for Windows PowerShell, type and enter the following:

In the Sign in to your Account screen, enter your credentials to connect you to your service, and click Sign in.

You will be returned to a prompt in the Windows Azure Active Directory Module.

You will need to display your company-wide configuration settings. To do this, type and enter:

This will display a listing of the current configuration settings that apply to all users in your company.

As you can see the value for the UsersPermissiontoCreateGroupsEnabled setting is True. We need to change this to False.

To change the UsersPermissionToCreateGroupsEnabled setting value

You will first need to use the Set-MsolCompanySettings cmdlet to change the UsersPermissionToCreateGroupsEnabled parameter to False. In the Windows Azure Active Directory Module for Windows PowerShell, type and enter the following:

You will be returned to a prompt in the Windows Azure Active Directory Module.

After changing the setting, you then need to run the Get-MsolCompanyInfo cmdlet to verify that the value has changed to True.

After running the cmdlet, check the displayed information to verify that the UsersPermissionToCreateGroupsEnabled setting value has changed to False.

Identifying the site collections in PowerShell

Connect to SharePoint

Get a list of Site Collections
More than likely the Group SharePoint Site is restricted to the user that may have created it. You may get this error when trying to remove it:

To remove it you need to take ownership as the CollectionOwner

Now if you want to do this for all the site collections:

Once this is applied the admin will be able to remove the hidden Sharepoint collection. Remove the site collections that are no longer needed.

Deleting the Groups

Now to delete the groups that the users created. Head over to the Office365 Admin Portal.

Click the “Office 365 group” from the selection to show all groups (These should be all cloud based)

Once the groups are displayed remove them as necessary.

Groups are no longer in your environment.

Planning for the future: Migration of Distribution Groups to Groups

If you are in Hybrid mode you cannot user Groups in a clean fashion. It will get messy. Sooner or later you will need to plan for migration of your distribution groups to Groups. Know your current limitations and hold.

Migrate distribution lists to Office 365 Groups – Admin help

Distribution list eligibility for migration

The following table lists which distribution lists are eligible or not eligible for migration

Property Eligibility
On-premise managed distribution list. Not eligible
Nested distribution lists. Distribution list either has child groups or is a member of another group. Not eligible
Moderated distribution list Not eligible
Distribution lists with send on behalf settings Not eligible
Distribution lists hidden from address lists Not eligible
Distribution lists with member RecipientTypeDetails other than UserMailbox, SharedMailbox, TeamMailbox, MailUser Not eligible
Distribution lists with member join or depart restriction as Closed Eligible. Converted to a private Office 365 Group.
Distribution lists with custom delivery status notifications. ReportToManager = true, ReportToOriginator = false ReportToManager = false, ReportToOriginator = false Eligible. Office 365 groups don’t understand these properties, and delivery status notifications are always sent to the person that sent the email.

How to Configure Time Server (NTP Server) on Centos 7?

Prerequisites:

VM/ Physical – It is recommended to have the time server as a physical server, but VMs should be okay depending on your setup and requirement. My virtual lab environment is VMware based so here’s the guide for a VM. Once the CentOS Minimal is installed on the VM make sure to install open-vm-tools.

If you are not conformable with Vi Editor please use install nano for editing.

Installing the time server:

  1. First we need to install NTPd . to do this open command line :

  2. Then open NTP main configuration file for editing:
    If you are planning on hosting your time servers externally like time01.yourdomain.com, time02.yourdomain.com with ports 123 open on the firewall. Each of the time server will be talking to 0.us.pool.ntp.org, 0.us.pool.ntp.org, 0.us.pool.ntp.org, 0.us.pool.ntp.org. Later on you can probably add your time servers to the NTP.org by joining the pool. For my example, I am not using the centos default pool, but i am using the U.S. zone. For internal servers/workstations you can point it to the local ip/dns name for the local time servers.

  3. Then start and enable ntp server:

  4. You need to allow ntp service on firewall(NTP service uses UDP port 123). So run next command:

  5. Verify you ntp service with next command:

Your output should be similar to:

How to restart management agents on ESX or ESXi host

If you are not unable to connect ESXi server to vCenter, or when you cannot connect to ESXi server from VI client it may be necessary to restart the management agents on ESX or ESXi host.

To restart the management agents on ESXi 6.x

This applies to ESX4/5.x/6.x

For the restart of the management agents (mgmt-vmware and vmware-vpxa) do the following:

Log in to SSH or Local console as root.
Run these commands:

Or also (alternative way)
To reset the management network on a specific VMkernel interface, by default vmk0, run the command:

Note: Using a semicolon (;) between the two commands ensures the VMkernel interface is disabled and then re-enabled in succession. If the management interface is not running on vmk0, change the above command according to the VMkernel interface used.

to restart all management agents on the host, run the command:

To restart the Management agents on ESXi Server – via the console:

1.) Connect to the console of your ESX Server and press F2
2.) Login as root and when using the Up/Down arrows navigate to Restart Management Agents.
3.) Press Enter and press F11 to restart the services.
4.) When the service has been restarted, press Enter. Then you can press Esc to logout of the system.

Screen should be similar to:

To restart the management agents on ESXi 4.x and 5.x:

From Local Console or SSH:
  1. Log in to SSH or Local console as root.
  2. Run this command:
You can also check:  Service mgmt-vmware restart may not restart hostd (1005566).

To restart the management agents on ESX Server 3.x, ESX 4.x:

  1. Login to your ESX Server as root from SSH session or directly from the console.
  2. Type service mgmt-vmware restart and press Enter
    Make sure that automatic Startup/Shutdown of virtual machines is disabled before running this command otherwise you might reboot the virtual machines. See more at 103312
  3. Type service vmware-vpxa restart and press Enter.
  4. Type logout and press Enter to disconnect from the ESX Server.

Successful output :

This may also server as a solution for the error “Unable to access file since it is locked. An error occurred while consolidating disks: One or more disks are busy.”

Creating Security Groups for File Shares in Bulk using PowerShell

Security Groups are great for managing large groups for permissions.  A client requested that they needed to have Read-Only, Read-Write, and Ready-Modify (allow for deleting) for all their file shares for better management.

Getting the Share Names

In order for me to create the groups I needed the share names. PowerShell to the rescue!

Type the following on the File Server/ Cluster to list all the shares and capture the output in a text file:

On your file-server you may have a lot of share but for example purposes I am showing just one.

Output should be similar to:

Cleaning up the Share Names

Now that we have the Share names we need to do a bit of cleanup to avoid having duplicates.

  • We need to remove all entries for hidden shares “$”
  • We need to remove duplicates
  • We need to change the case of the share names to lower case. ( I prefer lowercase but you can decide to do what best fits your needs)

Follow my guide to removing duplicates in a text file using NotePad++

Once the sharenames are clean save it to a text file.

Client Requirement for the Security Groups:

For each file share there are three security groups needed:

  • <Sharename>_RO : Read-Only
  • <Sharename>_RW : Read & Write
  • <Sharename>_RM : Read & Modify

For PowerShell to do this I needed to create a .CSV file with all the security group entries.  Now, there are many ways this can be done. I will share what I have been doing.

Open up Microsoft Excel and copy the share on a column to the right (lets say K2)

Now on Cell A2 your value should be =CONCATENATE(K2,"_RW") and drag it down.

It should look something like this:

Do the same for RO & RM. Now you have all the security groups names you need to create.

Create a file called  FileShares_Groups.csv  using the following format.

Create the file Create Security Groups for File Shares.ps1

Copy the two files: FileShares_Groups.csv & Create Security Groups for File Shares.ps1  into a folder called C:\scripts  on the Domain Controller.

Run the PowerShell script and see the security groups get created.

 

 

Remove duplicates, blank lines, spaces, to get unique values and sort data in one operation

From time to time I come across this need; where I need to scrub a file where there are duplicates, there are blank lines, the sort order is all wack, and it just needs to be formatted to where it can be more readable and/or usable.

This method just doesn’t apply to text, but also applies to numbers.

Software Prerequisites:

  • NotePad++
  • TextFX Characters Plug-in for NotePad++

Enabling TextFX Characters Plug-in

Install NotePad++ with all defaults

Goto Plugins > Plugin Manager > Show Plugin Manager

Install TextFX Characters Plugin

Once successfully downloaded it will prompt for a restart.

After a successful restart of the application you should now see the TextFX entry in the toolbar.

Removing duplicates, blank lines, and sorting data

  • Paste the text into Notepad++ (CTRL+V). As you can see, there were lines and half of them were blank.

  • Mark all the text (CTRL+A). Click TextFX → Click TextFX Tools → Check +Sort outputs only UNIQUE (at column) lines (if not already checked).

  • Click TextFX → Click TextFX Tools → Click Sort lines case insensitive (at column)

  • Duplicates and blank lines have been removed and the data has been sorted alphabetically. (The first line that may appear empty contains a space, which is regarded as a character and is included in the list of unique data.)

Changing to lowercase

To change the text to lowercase Goto: TextFX > TextFX Characters > lower case

This has saved me a lot of time when working with IP addresses or cleaning up text.

 

A chart describing CIDR subnets

Admins need to understand some basic networking concepts like CIDR. These are needed when working with AntiSpam & Archiving providers. Here is a simple chart describing the CIDR subnets.

In networks larger than a /31, one address is used for the network number, another for the broadcast address, and generally another as the default gateway for routing to other networks. A /29 may cover a range of 8 addresses, but only 5 of them can be used as host endpoints. A /30 has only 1 usable address.