Exchange Server 2003 fun

Well with my new job in NY being very Microsoft centric I have run into the normal bevy of MS related issues. Namely random crashes, corruption and crap, I like to call it C3. The latest has been a blast to deal with.

How to add yourself as an Exchange Full Administrator without using ESM Delegation in my case this was because I couldn't use the ESM Delegation Wizard

Original issue: An Exchange mailbox had been corrupted and I needed to restore it from a backup. So I thought this should be easy(wrong).

Actions: I setup a Recovery Group just like I was supposed to and mounted the store recovered the mailbox etc.

Problem created: When trying to add a new user the new user's mailbox is created in the recovery group. This has to be one of the dumbest designs ever but, fine I will just delete the recovery group that I created and then recreate the user. Halt! Microsoft decided that is not a good idea and even though I created the RG I can't delete it, mind you I am logged in as a Local/Domain/Enterprise Admin so I should have super powers right? Nope.

Microsoft restricted that aspect to only Exchange Full Administrators(EFA). Fine, I looked around and figured out how to add an account as an EFA, this should be easy right? Wrong.
You cannot add an account to be a EFA unless you have an account and login credentials for an EFA. Now what? Off to Google I go.

A solution finally!
1. Log into the Exchange server with local/domain/ad admin rights
2. Run regedit and navigate to HKEY_CURRENT_USER\Software\Microsoft\Exchange\ExAdmin
3. Create a new dword called ShowSecurityPage
4. Set the value from 0 to 1
5. Close the ESM if open
6. (re)Open the ESM
7. Right click on your Exchange Organization, select properties, Add the desired account with FULL access.
8. Go to your recovery group and delete the database then the recovery group itself

Now you are able to add your desired users and they will be added to the correct database

What a mess...


Run updates from crontab

Simple safe-upgrade script to be run from root's crontab -

Reasoning - I was tired of the way the updater was in Ubuntu recently, that whole pop-under thing is annoying and counter productive. So I wrote a script that safe-update's the system and doesn't need a sudo user to install the updates.

Now, I would not advise using this on a server or mission critical desktop. Who knows what could happen even with only safe-update called...

Setup is near the bottom, read this first.

What update.sh does:

$now is the current date in unix time
$check_date is the current date minus one week
(actually 6 days 23 hours 59 minutes and 45 seconds)

Fist step is:
It checks to see if this script has been run before via a if file exists in bash

if yes then:
It checks to see if current date minus one week is greater than or equal to the last update. So if this was last run over a week ago it will start.
If not it was last updated withing a week it will exit. This _should_ not happen, but is a built in 'failsafe'.

If the file does not exist:
It creates the .update_log and goes on its merry way updating.

What is doens't do:
This script does NOT reboot the machine when done, this was done on purpose for the user(s). This way when they are done for the day they and shutdown the computer will be up to date the next time it is turned on.

Firefox will act crazy if not restarted after updating! This may be covered in the next revision.

1. Copy between the CUTs to /root/update.sh via vim/vi/nano/gedit etc. (Yes you need to be root)
2. chmod +x /root/update.sh
3. su root (if you sudo'd in)
4. #crontab -e
5. Setup the crontab the way you like it
5a. Here's mine 30 16 * * 2 /root/update.sh
6. :wq <-- to save the crontab

You may also want crontab to shutdown or reboot the machine after, but that is up to you.

# update.sh - DTM
# Get root's paths (as root 'grep bin /root/*')
# this will give the correct shell also

# Check last update time
# Check if file exists get information on last modify time or just create one

# Define vars using Unix time - makes it easier
now=`date +%s`

# See if file exists
if [ -f /root/.update_log ];
last_update=`cat /root/.update_log`
if [ $check_date -ge $last_update ];
echo $now > /root/.update_log && aptitude update && aptitude -y safe-upgrade
echo $now > /root/.update_log && aptitude update && aptitude -y safe-upgrade
fi # //END MAIN IF


Another run-in with Windows Vista

Where to begin? Well, I am moving back to New York after nine years of living no closer then 9.5 hours by car. With this move comes the oh so fun job hunting. As many of you know, unless you live under a rock, the job market flat out stinks at this point in time. I have applied for 27 jobs and have heard back from one! Anyhow, this whole resume thing and it having to be in the lovely proprietary Microsoft Word format 97% of the time, has gotten a little unruly in OpenOffice. Don't get me wrong OpenOffice is great, when it is not deleting embedded tables in doc files as it is in 3.1, I use it every day for normal document, PDF, spreadsheet application. But, the table dropping was killing me, so I said screw it and installed my copy of Windows Vista Business x32 that came with my Thinkpad.

First off the install was quick, on the 20GB partition I allowed it, but the updates took over 2 hours to download and install! Mind you I do have a 6MB pipe and they were downloaded in less than 10 minutes. Installing should not have taken over an hour and a half on a dual core T7100 1.8Ghz intel with 4GB of ram. After my wait was over sometime around midnight I installed the much needed Antivirus and went to bed, finally.

This morning I installed my Copy of Office 2007, applied service pack one and was on my way to my normal tasks. Checking email, looking at job boards, etc. I soon realized my four legged friend needed to take a little trip outside. So, I closed the lid on my Thinkpad, like I did last night, and took him for a walk. Needless to say I was distracted for a good 3 hours, I happened to be walking into the kitchen when I noticed my amber battery light was on and the little green moon was not! I panicked a little because I have my good battery(7 cell) in and not the little 4 cell that came with it, these are not cheap and I try not to run them below 25% unless it is an absolute necessity.

So now that you are up to date on the on the happenings, I suppose I can show you the picture of what the desktop looked like when I opened the lid.

Lovely heh? Less than 14 hours installed and I get my first BSOD. Someone again tell me why I don't use Microsoft products? As of right now I am only at 31% of my battery, thank you Windows Vista Experience you have made my day and busy weekend for that matter, even better.

I am off to install Ubuntu Linux on the other 60GBs of my hard drive, guess I should have just dealt with VirtualBox OSE's lack of USB support in the free version, thanks a lot Sun! I blame you too.

And by the way I did click the "Find a Solution" button, you know what I got? Nothing....

Thanks again....


Centos - Mounting NTFS drives

I was brushing up on my CentOS 5.3 skills and needed access to an older NTFS formatted usb drive. I forgot that CentOS doesn't include NTFS-3g support natively, doh!
So here are the few simple commands needed to get it installed:
1. Open a terminal window
2. Su - (or Sudo -s)
3. yum install fuse fuse-ntfs-3g dkms dkms-fuse
4. mkdir /media/win
5. /sbin/fdisk -l <-- to find your drive
6. mount -t ntfs-3g /dev/sdb1 /media/win

Bam you are done!


Oh no windows Viruses on my Linux box!!

This was supremely entertaining.

My Linux box was infected with Windows viruses oh no! As you can see I downloaded the install.exe to help me keep my system clean!. ;)

The not so funny part is that the that the detection @ VirusTotal was 11/40 or 27.5% <--- yuck!


Best quote of the week

"The one ray of hope is that maybe, just maybe, the thousands of Windows worms will go to war with each other and kill every Windows machine on earth. Though that would be a short-lived cure, because even after a Windows holocaust the first thing the survivors are going to do is get up, dust themselves off, and see if rebooting will bring their systems back up." -- Carla Schroder


Twitter Address

With having to block Facebook at work due to overzealous users, I have now setup a twitter account. I know, I know who hasn't but anyway here is the address:



Newegg Eggsaver shipping - redux

Anyone who has ordered from Newegg.com knows that they sometimes offer free shipping with certain items. I suggest that, unless you have no urgent need for the item, you use UPS or FedEx to ship. The reason is that the Eggsaver shipping is provided by DHL and then handed off to the USPS for final delivery. This is common for small items such as Memory and processors. One major issue I had with this shipping method was that once it was handed off to the USPS DHL stopped reporting its progress, and it seemed that the Newegg shipping tracker didn't track it either. But, if you take your dhl tracking number and navigate your browser to http://webtrack.dhlglobalmail.com plug it in you will see the same information from Newegg but also a link to the USPS tracking number on the bottom right. Now at least you can tell when it arrives in your town.