Tuesday, November 4, 2014
Sudden mysterious spam increase with Exchange Online Protection
We've been using Exchange Online Protection and it's predecessor Forefront Online Protection for Exchange for about 5 years now. Somehow, suddenly, in the last couple of months we got a drastic increase in the amount of spam being delivered to users' mailboxes. I found, read, and even commented in this thread where other users were seemingly encountering the same issue.
Eventually I, with no support from MS, found the source of my issue though I'm not exactly sure how it came about.
We had always had our default content filter set to move spam and high confidence spam directly to the online quarantine. At some point this changed to what is now (and maybe always was) the default behavior of delivering the spam to the users' junk mail folder as described in this technet article. We did not have the necessary transport rules in place to actually cause the mail to go to junk email so it was just being delivered to the inbox.
I'm not clear if the default behavior changed, or if our rule had been modified and then subsequently reverted to default.
I can say that we signed up to demo Exchange Online so it's possible that reverted during the setup of our temporary "hybrid" demo situation. The timing seems about right but I can't say for certain this is the root cause of the issue.
Eventually I, with no support from MS, found the source of my issue though I'm not exactly sure how it came about.
We had always had our default content filter set to move spam and high confidence spam directly to the online quarantine. At some point this changed to what is now (and maybe always was) the default behavior of delivering the spam to the users' junk mail folder as described in this technet article. We did not have the necessary transport rules in place to actually cause the mail to go to junk email so it was just being delivered to the inbox.
I'm not clear if the default behavior changed, or if our rule had been modified and then subsequently reverted to default.
I can say that we signed up to demo Exchange Online so it's possible that reverted during the setup of our temporary "hybrid" demo situation. The timing seems about right but I can't say for certain this is the root cause of the issue.
Friday, August 29, 2014
High latency (ping) on every other packet
This morning I was troubleshooting some issues with out Aruba IAP105 access points (Dell branded). When attempting to ping either internal or external IPs I saw very strange behavior. Internally the first packet would have a latency of 1 or 2ms, the next over 900ms. This was perfectly regular and predictable, and external pings showed similar symptoms. Searching and searching and searching eventually yielded this link. Why yes, I was in fact running Metageek's inSSIDer tool in my troubleshooting attempts. Closing inSSIDer immediately fixed the high latency issue. I'm glad it only took me an hour of frantic searching to come up with this solution!
Tuesday, June 10, 2014
Install Filemaker Pro 7 on Windows 7
Filemaker Pro 7 came out in 2005, but one program in my agency was still using it for a particular database application. Upgrading would be expensive since all clients would need to be upgraded simultaneously as well as possible modifications needed on the database. Since we already own the software I went ahead and installed on a new client yesterday.
The first error is described in this forum post. After the installation was almost complete an error would pop up that openssl.exe had failed to run. Using the solution provided in this article seemed to work. I set the date back to 6/9/07 and didn't receive that particular error.
Frustratingly, though, the application would then fail to run with an error that read "This application has been installed incorrectly or modified by another program. Please run the installer to get a fresh copy of the application after determining the cause." None of the solutions provided by diligent googling seemed to apply (or work - I tried).
What did work was to start the installer in XP compatility mode. Instructions are shown here for using Windows XP compatibility mode. I didn't need to make any specific settings changes after install, and the OpenSSL error noted previously doesn't seem to have any actual affect on this process.
The first error is described in this forum post. After the installation was almost complete an error would pop up that openssl.exe had failed to run. Using the solution provided in this article seemed to work. I set the date back to 6/9/07 and didn't receive that particular error.
Frustratingly, though, the application would then fail to run with an error that read "This application has been installed incorrectly or modified by another program. Please run the installer to get a fresh copy of the application after determining the cause." None of the solutions provided by diligent googling seemed to apply (or work - I tried).
What did work was to start the installer in XP compatility mode. Instructions are shown here for using Windows XP compatibility mode. I didn't need to make any specific settings changes after install, and the OpenSSL error noted previously doesn't seem to have any actual affect on this process.
Thursday, May 15, 2014
"The operation failed. Cannot directly book a resource for this meeting." Outlook 2007, Exchange 2007
We recently started having some frustrating issues with resource mailboxes on our Exchange server. The issue didn't seem to affect every user, and the exact error message depended on a number of different factors. The most common is the one listed in the title: "The operation failed. Cannot directly book a resource for this meeting.", but we also saw:
'You marked " resource name " as a resource. You cannot schedule a meeting with " resource name " because you do not have the appropriate permissions for that account. Either enter the name as a required or optional attendee or talk to your administrator about giving you permission to schedule " resource name " . '
We tried SO MANY suggestions on this issue before hitting on the magic method in this thread The following steps cleared up this error for all users in all configurations:
It seems paradoxical that un-checking these options would work. Stranger still is that the calendars continue to automatically process requests, etc. after un-checking these options. Oh well, another mystery solved!
'You marked " resource name " as a resource. You cannot schedule a meeting with " resource name " because you do not have the appropriate permissions for that account. Either enter the name as a required or optional attendee or talk to your administrator about giving you permission to schedule " resource name " . '
We tried SO MANY suggestions on this issue before hitting on the magic method in this thread The following steps cleared up this error for all users in all configurations:
- Make sure you have full access permissions on the calendar (done in EMC)
- Create an Outlook profile from the Mail control panel for the resource account
- Open Outlook with the resource profile
- Go to Tools > Options > Calendar Options > Resource Scheduling
- Uncheck all options!
It seems paradoxical that un-checking these options would work. Stranger still is that the calendars continue to automatically process requests, etc. after un-checking these options. Oh well, another mystery solved!
Wednesday, May 14, 2014
Install Dell Wireless 1506 without Unified Wireless Application
I just got a batch of Dell Latitude E7440's on my desk and found, much to my surprise and annoyance, that they came bundled with a wifi management application called Unified Wireless Application. Uninstalling this useless drek also unhelpfully uninstalled the driver for the wifi card! The situation is described in more detail here.
I was able to get the drivers from this package and get them installed by doing the following:
This seems like the kind of hack that shouldn't be necessary on a brand new system, but there you have it - wifi without the annoyance.
I was able to get the drivers from this package and get them installed by doing the following:
- Download file Network_Driver_8G8D5_WN_10.0.0.286_A02.exe from Dell
- Run this executable and choose Extract to dump contents to C:\temp\
- After uninstalling the Useless Wireless Application I opened the Device Manager and found the device in question
- Choose to Update Driver, then point the device manager at C:\temp\
This seems like the kind of hack that shouldn't be necessary on a brand new system, but there you have it - wifi without the annoyance.
Tuesday, May 6, 2014
Website Project - www.shitredditbuys.com
I'd like to take a moment to introduce my new web project: Shit Reddit Buys. This is the first iteration in a project I'm part of to automatically generate content for a website. You can also see a live feed on Reddit itself: /r/ShitRedditBuys. We're currently in the process of expanding our algorithms to focus specifically on music and books and will launch those in the near future. If you've ever wondered what users on Reddit are buying - wonder no more!
Tuesday, April 29, 2014
Reboot Cisco ASA 5505 from ASDM
For some reason I've searched for this multiple times and always end up with little in the way of results. As a way of reminding myself and hopefully helping the next poor soul searching for this here it is:
Tools menu -> System Reload...
Choose to schedule the reload for "Now" and click Schedule.
Tools menu -> System Reload...
Choose to schedule the reload for "Now" and click Schedule.
Tuesday, April 22, 2014
net send in Windows 7
Need to send a message to a computer on your network? In the days of XP and earlier you could use "net send" to pop up a message, but those days are gone. Luckily I've discovered a simple command to recreate the same effect in Windows 7 (and probably later versions as well). First, if you don't have PsTools installed you're going to want to. Specifically we're going to use PsExec, but having the whole suite is worth doing. After you download and extract it somewhere (why not c:\bin\ ?) you'll need to either open a command prompt in that directory, or add that directory to your path environment variable. Then it's as simple as:
Easy as pi! PsExec can also be used to do lots of other interesting things like remotely enable RDP. Take a look at the options for PsExec, as well as msg to get an idea about more possibilities. You'll likely find other useful PsTools too, now that you know about them.
Disclaimer:
Please use your new found power responsibly. I do not officially condone ANY April Fool's pranks or any other nonsense of the sort.
psexec \\computer-name msg * /server:localhost "Your computer will self destruct in 30 seconds!"
Easy as pi! PsExec can also be used to do lots of other interesting things like remotely enable RDP. Take a look at the options for PsExec, as well as msg to get an idea about more possibilities. You'll likely find other useful PsTools too, now that you know about them.
Disclaimer:
Please use your new found power responsibly. I do not officially condone ANY April Fool's pranks or any other nonsense of the sort.
Friday, April 4, 2014
Get the attention of a remote user
I regularly use LogMeIn Rescue to provide remote support for users. Sometimes they stop paying attention while I'm working and when that happens I'll inevitably end up needing to get them to enter a password or otherwise interact with the computer. One nifty trick I use is to repeatedly set their volume using the Windows 7 volume control in the taskbar. The computer will beep each time you click a volume level as a test sound and a few times in a row will typically get someone's attention pretty quickly!
And if that doesn't work, there's always BreadFish
And if that doesn't work, there's always BreadFish
Friday, February 21, 2014
IE9 fails to install with error 3715
Having a bit of an unexplained error on a client using IE9 (don't ask) prompted me to attempt uninstalling and reinstalling it after all other attempts to diagnose the issue failed. Uninstall worked fine, but upon running the downloaded manual installer I was met with a generic error. I looked at the Microsoft troubleshooting advice which yielded no results, however on attempting to install from Windows Update I at least got an error code: 3715. A few searches yielded Technet articles like this one that mostly linked back to the same troubleshooting info.
On one of such articles I saw some advice related to clearing temporary files which didn't work but led me to start thinking about what else could be on the computer that could prevent the install. When I started IE8 for the first time after uninstalling 9 I got two popups regarding browser toolbars: Bing Bar, and Google Toolbar for Internet Explorer. I decided to try uninstalling these, and sure enough after doing so the manual installer for IE9 worked flawlessly.
I'm not sure if my original problem is solved yet, but hopefully this post can help anyone else searching on this particular error, or other errors related to installing IE9.
On one of such articles I saw some advice related to clearing temporary files which didn't work but led me to start thinking about what else could be on the computer that could prevent the install. When I started IE8 for the first time after uninstalling 9 I got two popups regarding browser toolbars: Bing Bar, and Google Toolbar for Internet Explorer. I decided to try uninstalling these, and sure enough after doing so the manual installer for IE9 worked flawlessly.
I'm not sure if my original problem is solved yet, but hopefully this post can help anyone else searching on this particular error, or other errors related to installing IE9.
Friday, February 14, 2014
High latency for hyper-v 2012 r2 VMs
I had just finished setting up a 5 NIC team to provide 5gbps to my shiny new Windows Server 2012 R2 Core with Hyper-V host when I discovered that the VMs had very high, and unpredictable latency. Not cool! I read a number of blog posts regarding settings of the physical NIC that could be to blame. The most common theme, as explained in this article is a feature called VM Queueing. It seems to be most common Broadcom NICs but also affects Intel. Looks easy enough to change... except in core. Luckily there are a few handy powershell cmdlets to handle this issue in Core. Confused by the exact syntax for Disable-NetAdapterVMQ, I searched google for this cmdlet and found this great blog post on the exact issue. At first I tried just disabling the VMQ on my NIC team multiplex adapter, but still had the issue. Eventually I ended up running ' Disable-NetAdapterVMQ “*” ' to disable the feature on all adapters. My VMs dropped 4 packets, but then came back up with <1ms ping. I gotta tell ya, I <3 <1ms :)
Tuesday, February 11, 2014
Windows Server 2012 slide login
Sick of that annoying touch-drag motion that makes sense on tablets, but not so much with a mouse that you are forced to perform before logging in to Windows Server 2012 and Windows 8? It turns out the spacebar will skip this screen.
There's probably a way to disable the swipe to login on these newer versions of the operating system, but this work around seems efficient enough that I didn't bother looking for it.
Subscribe to:
Posts (Atom)