Automatic Restart for Windows XP

August 23, 2010 Leave a comment

C:\WINDOWS\System32\shutdown.exe /r /d P:1:1

Advertisements
Categories: DIY

Vmware: “SIOCSIFADDR: No such device eth0″ after cloning

June 20, 2010 Leave a comment

from: http://muffinresearch.co.uk/archives/2008/07/13/vmware-siocsifaddr-no-such-device-eth0-after-cloning/

This is specifically for ubuntu.

sudo mv /etc/udev/rules.d/70-persistent-net.rules /etc/udev/rules.d/70-persistent-net.rules.old
sudo reboot

May need to edit /etc/network/interfaces eth0 or eth1 to match detected adapter, restart the network, and it should be back to normal.

Categories: linux, ubuntu, VMWare

Adding a New Mailnode in Scalix

March 9, 2010 Leave a comment

This needs to be done after adding a mailnode to enable outlook connector and webmail. This was sent to me by Scalix support.

Add the mailnode first within sac.

The rest is done from a terminal.

To get a list of your mailnodes:

omshowmn -m all

The name displayed against two asterisks ** is name of primary mailnode
Replace mailnode with new mailnode name, and primarynode with your primary mailnode name.

omaddbb -s "mailnode"
omdelacln -t b -l ":mailnode" -g admin
omdelacln -t b -l ":mailnode" -g local
omdelacln -t b -l ":mailnode" -g default
omaddacln -t b -l ":mailnode" -g admin -c visible
omaddacln -t b -l ":mailnode" -n "*/mailnode,*,*,*" -c create read subfolder editown deleteall contact visible
omaddacln -t b -l ":mailnode" -n "Proxy-Folder Admin /primarynode/CN=Proxy-Folder Admin" -c create read subfolder editown deleteall contact visible

I did find/replace with a text editor and drag-n-drop into a terminal window. It took longer to type this up!

Categories: linux, scalix, Software

Locking down terminal services

January 31, 2010 Leave a comment

This is the list of Group Policy and registry changes I like to make for terminal services environment:

GROUP POLICY CHANGES – to force, run GPUPDATE from command line, then log out and back in to test.
Computer Configuration
Administrative Templates
Windows Components
Terminal Services
Remove Windows Security Item from Start Menu – enabled
Remove Disconnect option from Shut Down dialog – enabled
Windows Update
Configure automatic updates – disabled
Windows Messenger
Do not start windows messenger initially – enabled
User Configuration
Administrative Templates
Start Menu and Taskbar
Add Logoff to the Start Menu – enabled
Remove and prevent access to the Shut Down command – enabled
Turn off personalized menus – enabled
Turn off notification area clenup – enabled
Do not display any custom toolbars in the taskbae – enabled
Remove Set Program Access and Defaults from Start Menu – enabled
Desktop
Active Desktop
Enabled Active Desktop – enabled
Prohibit Changes – enabled
Active Desktop Wallpaper – path to wallpaper file, and style (e.g. C:\DELL\wallpaper.jpg, wallpaper style: stretch)
Remove Desktop Cleanup Wizard – enabled

REGISTRY CHANGES
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
Add following Value: NoDisconnect (REG_DWORD) 0x1 = Hide Disconnect menu item

Value: NoDisconnect (REG_DWORD) 0x1 = Hide Disconnect menu item
Categories: Windows Server

SSH tunneling with firefox

January 22, 2010 Leave a comment

from a terminal window:

ssh user@<<ssh server>>.com -D 9000

in firefox:

go to preferences:advanced:network:Connection Settings

This will pipe all web traffic through a secure ssh tunnel, and allow access to local web resources from firefox.

Of course you want to disable that firefox setting if you’re not connected to the tunnel.

There is a firefox addon called Quickproxy that allows you to activate/deactivate the proxy settings with a button push:

https://addons.mozilla.org/en-US/firefox/addon/1557/

And sshmenu has a great interface for quickly connecting to remote sites.

http://sshmenu.sourceforge.net/

SSHMenu Screenshot

sudo apt-get install sshmenu sshmenu-gnome

Categories: linux, networking

Allow ICMP traffic through pfsense firewall

January 20, 2010 1 comment

By default you cannot ping a pfsense firewall. You need to add a rule to allow it:
Action: Pass
Interface: WAN
Protocol: ICMP
ICMP type: Echo
Source type: Any
Destination: WAN Address

Categories: pfsense

Using pfsense with remote sip phones

January 20, 2010 3 comments

pfsense by default only allows one sip registration to be active at a time on a protected LAN. The siproxd extension allows multiple phones to coexist happily, but it is a little confusing to set up. Here is what works the best from my testing:
Firewall: Rules: WAN = none for SIP or RTP

Firewall: NAT: Port Forward = none

Firewall: NAT: Outbound = Manual Outbound NAT, using default rule with NO Static Port mapping

Reboot the pfsense machine

UPDATE: siproxd is not necessary for multiple sip reigsrations to work! The above should be adequate.

Install the siproxd package from the System:Package Manager page on the pfsense admin page.

Services: siproxd: Settings = Inbound to LAN, Outbound to WAN, Port to 5060. Expedited Forwarding on.

Reboot the pfsense machine

I am including some screenshots to help.

Click on the “e” to edit the rule.

siproxd settings:

Categories: Asterisk, networking, pfsense