grub rescue> set prefix=(hd0,1)/boot/grub2 grub rescue> set root=(hd0,1) grub rescue> insmod normal grub rescue> normal grub rescue> insmod linux grub rescue> linux /boot/vmlinuz root=/dev/sda1 grub rescue> initrd /boot/initrd.img grub rescue> boot
Image
Tuesday, August 01, 2017
Boot from grub2 rescue prompt
Monday, July 03, 2017
Friday, June 02, 2017
Phone extension that rings multiple external numbers (CCME Asterisk)
In this example we want to ring all the external numbers of a few people only by dialing extension 3331.
1: Connect to CCME and create a new dial-peer:
dial-peer voice 3331 voip description External Emergency Responders destination-pattern 3331$ session protocol sipv2 session target ipv4:192.168.0.XXX #(the Asterisk box) dtmf-relay rtp-nte cisco-rtp codec g711ulaw no vad
2: Connect to the asterisk server and add the extension in the default [incoming_context] in /etc/asterisk/extensions.conf: (192.168.0.YYY is the outgoing trunk)
exten => 3331,1,Dial(SIP/5145555555@192.168.0.YYY&SIP/51455555519@192.168.0.YYY&SIP/5145555552@192.168.0.YYY&SIP/5145555553@192.168.0.YYY&SIP/5145555554@192.168.0.YYY&SIP/5145555555@192.168.0.YYY) exten => 3331,n,Hangup
3: Reload asterisk config and test the extension 
Monday, May 01, 2017
Limit number of unix logins
cat .profile
#!/bin/sh limit=3 session=`ps -ef | grep '\-sh' | grep $USER | grep -v grep`
number=`echo $session | wc -l` if [ $number -ge $limit ]; then echo "No more logins / Il n'y a plus de login. You are already logged as: $session " sleep 5 exit 0 fi
# to timeout after 15min of inactivity and forbid users to change the tmout: echo "TMOUT=900 readonly TMOUT export TMOUT" > /etc/profile.d/tmout.sh && chmox +x /etc/profile.d/tmout.sh
Monday, April 03, 2017
Forward all emails from one sendmail to another
- in sendmail.cf change Djdomain.tld to something like Dj_subdomain.domain.tld Do the same thing for DMdomain.tld
- in the same sendmail.cf look for Fw or Fw-o and check the file it refers to (usually /usr/lib/mail/local-host-names); in that file remove the line stating "domain.tld" (in fact, remove everything, leave just _subdomain.domain.tld there), that way sendmail will know that it is not the default destination for the @domain.tld
- if necessary, create /home/$username/.forward (chmod 600, chown $username:$group) and put the right info in it
- in the same sendmail.cf look for Fw or Fw-o and check the file it refers to (usually /usr/lib/mail/local-host-names); in that file remove the line stating "domain.tld" (in fact, remove everything, leave just _subdomain.domain.tld there), that way sendmail will know that it is not the default destination for the @domain.tld
- if necessary, create /home/$username/.forward (chmod 600, chown $username:$group) and put the right info in it
Wednesday, March 01, 2017
Install mc on sco sysV unix
curl http://www.aljex.com/bkw/sco/mc.tar.bz2 |bzcat |tar xvf -
(there is a copy of that archive in my /update directory)
in .profile add PATH=$PATH:/usr/local/bin:/usr/local/sbin
(there is a copy of that archive in my /update directory)
in .profile add PATH=$PATH:/usr/local/bin:/usr/local/sbin
Wednesday, February 01, 2017
Dell Latitude Keyboard light
The backlit keys interface seems to be broken, so you need to mask the controlling service: systemctl mask systemd-backlight@leds\:dell\:\:kbd_backlight.service
then go to BIOS and and change the keyboard led timeout from 10s to 5s for AC Power and Battery mode - "For some reason if the kbd_backlight service is not masked, it somehow forces the bios led timeout back to 10s, and then the keyboard led always remains lit."
then go to BIOS and and change the keyboard led timeout from 10s to 5s for AC Power and Battery mode - "For some reason if the kbd_backlight service is not masked, it somehow forces the bios led timeout back to 10s, and then the keyboard led always remains lit."
Tuesday, January 03, 2017
TS - FR keyboard by default
Keyboard
|
|
Data collected on:
4/21/2015 1:44:16 PM
|
|
General
Details
Domain
|
domain.local
|
Owner
|
DOMAIN\Admins du domaine
|
Created
|
4/21/2015 1:32:00 PM
|
Modified
|
4/21/2015 1:42:44 PM
|
User Revisions
|
18 (AD), 18 (sysvol)
|
Computer Revisions
|
1 (AD), 1 (sysvol)
|
Unique ID
|
{0E240A4C-8A26-4761-8907-DB164F024AFC}
|
GPO Status
|
Enabled
|
Links
Location
|
Enforced
|
Link Status
|
Path
|
TS
|
No
|
Enabled
|
domain.local/Member Servers/TS
|
This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups,
users, and computers:
Name
|
NT AUTHORITY\Authenticated Users
|
Delegation
These groups and users have the specified permission for this GPO
Name
|
Allowed
Permissions
|
Inherited
|
NT AUTHORITY\Authenticated Users
|
Read (from Security Filtering)
|
No
|
NT AUTHORITY\ENTERPRISE DOMAIN
CONTROLLERS
|
Read
|
No
|
NT AUTHORITY\SYSTEM
|
Edit settings, delete, modify
security
|
No
|
No
|
Computer Configuration
(Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the local machine.
System/Group Policy
Policy
|
Setting
|
Comment
|
||
User Group Policy loopback
processing mode
|
Enabled
|
|||
|
||||
User Configuration (Enabled)
Preferences
Windows Settings
Registry
2 (Order: 1)
General
Action
|
Update
|
Properties
Hive
|
HKEY_CURRENT_USER
|
Key path
|
Keyboard
Layout\Preload
|
Value name
|
2
|
Value type
|
REG_SZ
|
Value data
|
00000409
|
Common
Options
Stop
processing items on this extension if an error occurs on this item
|
No
|
Run in
logged-on user's security context (user policy option)
|
No
|
Remove this
item when it is no longer applied
|
No
|
Apply once
and do not reapply
|
No
|
1 (Order: 2)
General
Action
|
Update
|
Properties
Hive
|
HKEY_CURRENT_USER
|
Key path
|
Keyboard
Layout\Preload
|
Value name
|
1
|
Value type
|
REG_SZ
|
Value data
|
00000c0c
|
Common
Options
Stop
processing items on this extension if an error occurs on this item
|
No
|
Run in
logged-on user's security context (user policy option)
|
No
|
Remove this
item when it is no longer applied
|
No
|
Apply once
and do not reapply
|
No
|
ShowStatus (Order: 3)
General
Action
|
Update
|
Properties
Hive
|
HKEY_CURRENT_USER
|
Key path
|
Software\Microsoft\CTF\LangBar
|
Value name
|
ShowStatus
|
Value type
|
REG_DWORD
|
Value data
|
0x4 (4)
|
Common
Options
Stop
processing items on this extension if an error occurs on this item
|
No
|
Run in
logged-on user's security context (user policy option)
|
No
|
Remove this
item when it is no longer applied
|
No
|
Apply once
and do not reapply
|
No
|
Label (Order: 4)
General
Action
|
Update
|
Properties
Hive
|
HKEY_CURRENT_USER
|
Key path
|
Software\Microsoft\CTF\LangBar
|
Value name
|
Label
|
Value type
|
REG_DWORD
|
Value data
|
0x0 (0)
|
Common
Options
Stop
processing items on this extension if an error occurs on this item
|
No
|
Run in
logged-on user's security context (user policy option)
|
No
|
Remove this
item when it is no longer applied
|
No
|
Apply once
and do not reapply
|
No
|
AutoAdjustDeskBand (Order: 5)
General
Action
|
Update
|
Properties
Hive
|
HKEY_CURRENT_USER
|
Key path
|
Software\Microsoft\CTF\MSUTB
|
Value name
|
AutoAdjustDeskBand
|
Value type
|
REG_DWORD
|
Value data
|
0x0 (0)
|
Common
Options
Stop
processing items on this extension if an error occurs on this item
|
No
|
Run in
logged-on user's security context (user policy option)
|
No
|
Remove this
item when it is no longer applied
|
No
|
Apply once
and do not reapply
|
No
|
Thursday, December 01, 2016
SCO SysV Cannot enable remote printing (mkdev rlp) after the installation of an Update Pack 2/3 or a Maintenance Pack
"Unable to get complete data for 'Printer Manager on ...
Failed to retrieve list of remote printers.
The TCP/IP rlp remote printing package is not installed...."
According to the documentation of Update Pack x and Maintenance
Pack x, "mkdev rlp" MUST be run before applying Update Pack x or
when including CUPS as part of the installation of the Maintenance
Pack as detailed in:
CUPS and Remote Printing (LPD)
Although CUPS supports LPD as both a server and a client, the CUPS
LPD server implementation does not support access control (based on
the settings in the /etc/hosts.equiv and /etc/hosts.lpd files).
If your setup requires the use of the standard LPD, or you wish to
use access control, do not install CUPS.
WARNING If you have never run mkdev rlp and you wish to do
so, the CUPS package must be removed before running mkdev rlp
and then reinstalled after remote printing is configured.
on a system-wide basis in /etc/default/lpd. The default entry is
for the SYSV print system:
PRINT_SYSTEM=SYSV
NOTE:
If you already had run "mkdev rlp" and have added the Maintenance
Pack and are now unable to run "scoadmin printer" -> Printer ->
Add Remote (ie. (UNIX) ) is not able to be highlighted to add new
Remote Printers then the cause is /usr/lib/mkdev/rlp is missing.
The file 'rlp' is kept in /usr/lib/lp/sysv/save and can be copied
back to /usr/lib/mkdev/rlp
This issue has been reported to SCO Engineering.
NOTE:
If you need CUPS to be removed in order for you to use LPD as
detailed above in the Maintenance Pack installation notes BUT also
require SAMBA to be used then please note that the removal of CUPS
will also remove a number of libraries vital to Samba from /usr/lib:
libcups.a@
libcups.so@
libcups.so.2@
libcupsimage.a@
libcupsimage.so@
libcupsimage.so.2@
Which should be copied and placed back into /usr/lib after CUPS has
been removed in order for SAMBA 3.0.20A to function otherwise you
may see:
# /etc/init.d/smb start
dynamic linker : /usr/sbin/smbd : could not open libcups.so.2
Failed to retrieve list of remote printers.
The TCP/IP rlp remote printing package is not installed...."
According to the documentation of Update Pack x and Maintenance
Pack x, "mkdev rlp" MUST be run before applying Update Pack x or
when including CUPS as part of the installation of the Maintenance
Pack as detailed in:
CUPS and Remote Printing (LPD)
Although CUPS supports LPD as both a server and a client, the CUPS
LPD server implementation does not support access control (based on
the settings in the /etc/hosts.equiv and /etc/hosts.lpd files).
If your setup requires the use of the standard LPD, or you wish to
use access control, do not install CUPS.
WARNING If you have never run mkdev rlp and you wish to do
so, the CUPS package must be removed before running mkdev rlp
and then reinstalled after remote printing is configured.
on a system-wide basis in /etc/default/lpd. The default entry is
for the SYSV print system:
PRINT_SYSTEM=SYSV
NOTE:
If you already had run "mkdev rlp" and have added the Maintenance
Pack and are now unable to run "scoadmin printer" -> Printer ->
Add Remote (ie. (UNIX) ) is not able to be highlighted to add new
Remote Printers then the cause is /usr/lib/mkdev/rlp is missing.
The file 'rlp' is kept in /usr/lib/lp/sysv/save and can be copied
back to /usr/lib/mkdev/rlp
This issue has been reported to SCO Engineering.
NOTE:
If you need CUPS to be removed in order for you to use LPD as
detailed above in the Maintenance Pack installation notes BUT also
require SAMBA to be used then please note that the removal of CUPS
will also remove a number of libraries vital to Samba from /usr/lib:
libcups.a@
libcups.so@
libcups.so.2@
libcupsimage.a@
libcupsimage.so@
libcupsimage.so.2@
Which should be copied and placed back into /usr/lib after CUPS has
been removed in order for SAMBA 3.0.20A to function otherwise you
may see:
# /etc/init.d/smb start
dynamic linker : /usr/sbin/smbd : could not open libcups.so.2
Tuesday, November 01, 2016
DR/Migrate Sco SysV
2)
Copy /etc/conf to a backup directory (ie:
copy –ormv /etc/conf /usr/rcvr/conf)
3)
Remove all contents of /etc/conf (cd /etc/conf && rm –r /etc/conf/*)
4)
Change file creation mask on root filesystem (cd / && umask 0)
5)
Restore tape excluding /dev &
/stand (cpio –icvdmufB< /dev/rStp0 “dev/*” “stand/*” )
6)
Copy ttytype & inittab to backup
directory (ex: cp /etc/inittab /usr/rcvr/ )
7)
Use SCOadmin to relink the kernel
8) If asked to rebuild environment answer (y)YES
9) Put back inittab & ttytype form the
backup (ex:
10) Reboot & have a Beer
Thursday, October 20, 2016
Monday, October 03, 2016
Put the backup on a remote tape via ssh
#backup
tar --verbose --exclude=/proc --exclude=/sys --exclude=/tmp --exclude=/mnt --totals -b2048 -jcpvf $SRC | ssh root@192.168.1.201 $(mt -f /dev/st0 rewind; cat > /dev/st0)
#restore
ssh root@192.168.1.201 "cat /dev/st0" | tar --exclude=/proc--exclude=/sys --exclude=/tmp --exclude=/mnt --totals -b2048 -jxpvf $DES
tar --verbose --exclude=/proc --exclude=/sys --exclude=/tmp --exclude=/mnt --totals -b2048 -jcpvf $SRC | ssh root@192.168.1.201 $(mt -f /dev/st0 rewind; cat > /dev/st0)
#restore
ssh root@192.168.1.201 "cat /dev/st0" | tar --exclude=/proc--exclude=/sys --exclude=/tmp --exclude=/mnt --totals -b2048 -jxpvf $DES
Thursday, September 01, 2016
CMD tmpwatch / logwatch
@echo off
:: (c)2015 s@toXX.guru
set watchdir="C:\Program Files\Research In Motion\BlackBerry Enterprise Server\logs"
:: remove older files
forfiles /p %watchdir% /s /m *.* /c "cmd /c Del @path" /d -30
:: remove empty folders !!! cd on a different drive first, if that's the case !!!
:: D:\
cd %watchdir%
for /f "tokens=*" %d in ('dir /ad/b/s ^| sort /R') do rd "%d"
Shorter version:
forfiles /p [PATH] /s /m [FILE-PATTERN] /D -[MM/DD/yyyy] /c "cmd /c del @path"
for /f "delims=" %%d in ('dir [PATH] /s /b /ad ^| sort /r') do rd "%%d"
Monday, August 01, 2016
Capture sVideo and audio with the USB Easycap 2.0
https://github.com/stevelacy/EasyCap - make... make install
./somagic-extract-firmware SmiUsbGrabber3C.sys
(the .sys file can be obtained either from the win32 install kit or https://github.com/stevelacy/EasyCap/blob/master/somagic-easycap-tools_1.1/SmiUsbGrabber3C.sys)
cp somagic_firmware.bin /usr/lib/firmware/
somagic-init -f /usr/lib/firmware/somagic_firmware.bin && somagic-capture -n -s --sync=1 --iso-transfers 80 | ffmpeg -f rawvideo -pix_fmt uyvy422 -s 720x480 -y -an -r ntsc -i - -f pulse -i default -aspect 4:3 -qmin 1 -qmax 10 output.avi
./somagic-extract-firmware SmiUsbGrabber3C.sys
(the .sys file can be obtained either from the win32 install kit or https://github.com/stevelacy/EasyCap/blob/master/somagic-easycap-tools_1.1/SmiUsbGrabber3C.sys)
cp somagic_firmware.bin /usr/lib/firmware/
somagic-init -f /usr/lib/firmware/somagic_firmware.bin && somagic-capture -n -s --sync=1 --iso-transfers 80 | ffmpeg -f rawvideo -pix_fmt uyvy422 -s 720x480 -y -an -r ntsc -i - -f pulse -i default -aspect 4:3 -qmin 1 -qmax 10 output.avi
Monday, July 04, 2016
Your system administrator does not allow the use of saved credentials to log on to the remote computer RDP terminal server because its identity is not fully verified.
In order to use saved RDP or Terminal Server credentials you need to do the following:
1. On the local machine, Open Group Policy Editor via Run -> gpedit.msc
2. Navigate to Local Computer Policy>Computer Configuration>Administrative Templates>System>Credentials Delegation
3.Open Setting Allow Delegating Saved Credentials with NTLM-only
Server Authentication, set it to Enabled click on button Show... and in
Show Contents window add Value TERMSRV/*. Close the windows by pressing
OK.
*Repeat step 3 on the following settings:
Allow Delegating Default Credentials
Allow Delegating Saved Credentials
Allow Delegating Default Credentials with NTLM-only Server Authentication
4. Open comman prompt and enter gpupdate /force command to update your policy.
Wednesday, June 01, 2016
kill dial-up if a program runs for more than 15 min or it doesn`t run at all
@echo off
:: (c)2015 sorin@toXX.guru
setlocal
:: echo Checking if EDI (Gedi_dsk.exe) runs for more than 15 min and disconect if true
for /F "tokens=1" %%t in ('tasklist /FO TABLE /FI "CPUTIME gt 00:15:00" /FI "IMAGENAME eq Gedi_dsk.exe"') do (
if "%%t" == "Gedi_dsk.exe" (rasdial /disconnect >NUL )
)
::the same result can be obtained using pslist:
::for /F "tokens=11 delims=: " %%f in ('"pslist Gedi_dsk 2>NUL"') do (
::if %%f geq 15 ( rasdial /disconnect >NUL )
::)
:: echo if EDI is not started wait a few seconds try again, then disconnect if it is still not there
for /F "tokens=1" %%t in ('tasklist /FI "IMAGENAME eq Gedi_dsk.exe" 2>NUL') do (
if NOT "%%t" == "Gedi_dsk.exe" (
:: echo program not running wait a few seconds and check again
ping -n 5 -w 1000 1.1.1.1 >NUL
for /F "tokens=1" %%t in ('tasklist /FI "IMAGENAME eq Gedi_dsk.exe" 2>NUL do (
if NOT "%%t" == "Gedi_dsk.exe" ( rasdial /disconnect >NUL )
)
)
)
endlocal
:: (c)2015 sorin@toXX.guru
setlocal
:: echo Checking if EDI (Gedi_dsk.exe) runs for more than 15 min and disconect if true
for /F "tokens=1" %%t in ('tasklist /FO TABLE /FI "CPUTIME gt 00:15:00" /FI "IMAGENAME eq Gedi_dsk.exe"') do (
if "%%t" == "Gedi_dsk.exe" (rasdial /disconnect >NUL )
)
::the same result can be obtained using pslist:
::for /F "tokens=11 delims=: " %%f in ('"pslist Gedi_dsk 2>NUL"') do (
::if %%f geq 15 ( rasdial /disconnect >NUL )
::)
:: echo if EDI is not started wait a few seconds try again, then disconnect if it is still not there
for /F "tokens=1" %%t in ('tasklist /FI "IMAGENAME eq Gedi_dsk.exe" 2>NUL') do (
if NOT "%%t" == "Gedi_dsk.exe" (
:: echo program not running wait a few seconds and check again
ping -n 5 -w 1000 1.1.1.1 >NUL
for /F "tokens=1" %%t in ('tasklist /FI "IMAGENAME eq Gedi_dsk.exe" 2>NUL do (
if NOT "%%t" == "Gedi_dsk.exe" ( rasdial /disconnect >NUL )
)
)
)
endlocal
Monday, May 02, 2016
Autodiscover and/or EWS unavailable on Exchange 2007/2010
Symptom: Outlook crashes or you cannot access OutOfOffice
settings after you install a package that contains the .NET Framework
3.5 with SP1 and the .NET Framework 2.0 with SP2 on an Exchange 2007 or
on an Exchange 2010 server (CAS role)
Problem described in:
kb958934
kb952883
kb976814
My solution:
Turn of any mmc, powershel console, emc etc.
Uninstall .net 3.5 sp1
Uninstall .net 3.0 sp2
Uninstall .net 2.0 sp2
In this order, without restarting!
if it complains that "you can't uninstall, some other package depends on it", do this:
net stop MSExchangeTransportLogSearch /yes
net stop MSExchangeTransport /yes
net stop MSExchangeServiceHost /yes
net stop MSExchangeSearch /yes
net stop MSExchangeRepl /yes
net stop MSExchangePop3 /yes
net stop MSExchangeMailSubmission /yes
net stop MSExchangeMailboxAssistants /yes
net stop MSExchangeIMAP4 /yes
net stop MSExchangeFDS /yes
net stop MSExchangeSA /yes
net stop MSExchangeEdgeSync /yes
net stop MSExchangeAntispamUpdate /yes
net stop MSExchangeADTopology /yes
net stop MSExchangeIS /yes
ping -n 5 -w 1000 1.0.0.0 >nul
net stop w3svc /yes
If you still can't uninstall, use procexp's "find" feature and close any .NET handle still open.
At the end there should be no reference to .NET in the installed programs.
DO NOT RESTART!
Install .net 3.0 (I used version 3.0.4506.30 downloaded in 2008 an forgotten on server...)
DO NOT RESTART!
[PS] Remove-AutodiscoverVirtualDirectory -Identity "EXCHANGE2007\Autodiscover (Default Web Site)"
[PS] New-AutodiscoverVirtualDirectory
[PS] Set-ClientAccessServer -Identity "EXCHANGE2007" -AutoDiscoverServiceInternalUri https://exchange2007.domain.tld/autodiscover/autodiscover.xml
[PS] Test-OutlookWebServices | fl
If you receive Error 401 when attempting to run Test-OutlookWebServices | FL, disable the loopback check in HKLM\SYSTEM\CurrentControlSet\Control\Lsa "DisableLoopbackCheck" DWORD, 1
- In IIS Manager make sure ASP.NET 2.0.50727 is ENABLED
- In IIS Manager make sure Autodiscovery and EWS uses only "Integrated windows authentication" and that the security cert is "require ssl", "128 bit" and "ignore client certificates"
- Verify that the folder %ExchangeInstallaDir%\ClientAccess\Autodiscover is readable by "authenticated users"
- perform iisreset /noforce
[PS] Test-OutlookWebServices | FL should give you a good answer now, if not, make sure the autodiscover DNS entry exists:
- in DNS Manager rightclick the local forward lookup zone, "Other new records", "SRV", service "_autodiscover", pri "10", weight "5", port "443", host "autodiscover.domain.tld"
- in DNS Manager, new A-Record "autodiscover.domain.tld"
[PS] Test-OutlookWebServices | FL should give you a good answer now, if not, get the backup tape, it's that time...
Problem described in:
kb958934
kb952883
kb976814
My solution:
Turn of any mmc, powershel console, emc etc.
Uninstall .net 3.5 sp1
Uninstall .net 3.0 sp2
Uninstall .net 2.0 sp2
In this order, without restarting!
if it complains that "you can't uninstall, some other package depends on it", do this:
net stop MSExchangeTransportLogSearch /yes
net stop MSExchangeTransport /yes
net stop MSExchangeServiceHost /yes
net stop MSExchangeSearch /yes
net stop MSExchangeRepl /yes
net stop MSExchangePop3 /yes
net stop MSExchangeMailSubmission /yes
net stop MSExchangeMailboxAssistants /yes
net stop MSExchangeIMAP4 /yes
net stop MSExchangeFDS /yes
net stop MSExchangeSA /yes
net stop MSExchangeEdgeSync /yes
net stop MSExchangeAntispamUpdate /yes
net stop MSExchangeADTopology /yes
net stop MSExchangeIS /yes
ping -n 5 -w 1000 1.0.0.0 >nul
net stop w3svc /yes
If you still can't uninstall, use procexp's "find" feature and close any .NET handle still open.
At the end there should be no reference to .NET in the installed programs.
DO NOT RESTART!
Install .net 3.0 (I used version 3.0.4506.30 downloaded in 2008 an forgotten on server...)
DO NOT RESTART!
[PS] Remove-AutodiscoverVirtualDirectory -Identity "EXCHANGE2007\Autodiscover (Default Web Site)"
[PS] New-AutodiscoverVirtualDirectory
[PS] Set-ClientAccessServer -Identity "EXCHANGE2007" -AutoDiscoverServiceInternalUri https://exchange2007.domain.tld/autodiscover/autodiscover.xml
[PS] Test-OutlookWebServices | fl
If you receive Error 401 when attempting to run Test-OutlookWebServices | FL, disable the loopback check in HKLM\SYSTEM\CurrentControlSet\Control\Lsa "DisableLoopbackCheck" DWORD, 1
- In IIS Manager make sure ASP.NET 2.0.50727 is ENABLED
- In IIS Manager make sure Autodiscovery and EWS uses only "Integrated windows authentication" and that the security cert is "require ssl", "128 bit" and "ignore client certificates"
- Verify that the folder %ExchangeInstallaDir%\ClientAccess\Autodiscover is readable by "authenticated users"
- perform iisreset /noforce
[PS] Test-OutlookWebServices | FL should give you a good answer now, if not, make sure the autodiscover DNS entry exists:
- in DNS Manager rightclick the local forward lookup zone, "Other new records", "SRV", service "_autodiscover", pri "10", weight "5", port "443", host "autodiscover.domain.tld"
- in DNS Manager, new A-Record "autodiscover.domain.tld"
[PS] Test-OutlookWebServices | FL should give you a good answer now, if not, get the backup tape, it's that time...
Subscribe to:
Posts (Atom)