Authorpertorben

Easily boot into safe mode or last known good state etc.

In Windows Server 2012 shutdown.exe has a new switch, -o,  which controls the behaviour of the next boot. “shutdown -o -r -t 0” is now a very easy way to get into the boot menu for safe mode, last known good, etc.

Removing mail stuck in retry queue in Exchange

CAWeb Enrollment error 403.14

The Certification Authority Web Enrollment is the webpage where you can logon to request certificated or download crls from your CA. One of my challenges today was that a newly installed issuing CA was unable to configure the Web enrollment webpage correctly. No matter what I did I always got the “403.14 – Forbidden” error.

After quite a bit of troubleshooting, including removing and re-adding roles using both Server Manager and powershell and reboots between the steps I was no closer to a solution. One of my Google-searches lead me to http://www.experts-exchange.com/Software/Server_Software/Active_Directory/Q_26623918.html where he suggests to check that default.asp is located in the path C:\Windows\System32\CertSrv\en-US.

I had the file and everything there was correct, but that lead the to check the path of the website itself. For some reason IIS kept linking the /certsrv site to C:\Windows\System32\CertSrv which is the parent folder, so as soon as I changed the path from C:\Windows\System32\CertSrv to C:\Windows\System32\CertSrv\en-US in IIS everything was ok.

cawebenroll

Preparing for Windows 9 with dualboot

Here’s a link to my blogpost which helps you prepare for testing Windows 9 when it is announced in 2 weeks time.

via Preparing for Windows 9 with dualboot.

Java security settings

Java 7u51 has been a headache so far with security settings, especially on a terminalserver. I needed to adjust the security setting for Java for all users on the terminalserver and add a website (example.com) to the exception site list in Java.

The solution was to create 3 text files and place them all in the folder C:\Windows\Sun\Java\Deployment

filename: Deployment.config

deployment.system.config=C:\WINDOWS\Sun\Java\Deployment\deployment.properties
deployment.system.config.mandatory=true

filename: deployment.properties

deployment.security.level=MEDIUM
deployment.security.level.locked=
deployment.user.security.exception.sites=C\:\\WINDOWS\\Sun\\Java\\Deployment\\exception.sites

filename: exception.sites

https://www.example.com

After these 3 textfiles are created, the new java settings till take effect at next logon, and you can verify it by looking at the security tab in java control panel.

Display disabled and inactive users and computers

Copy group membership in AD

To copy member from one group to another you can (of cource) use Powershell. This copies the members of Group1 into members of Group2.

Get-ADGroupMember -Identity “Group1” | ForEach-Object {Add-ADGroupMember -Identity “Group2” -Members $_.SamAccountName}

List installed certificates with Powershell

To list the installed certiifcates in the local computer store I use the following one-liner:

dir Cert:\LocalMachine\My | fl thumbprint, SerialNumber, Subject, NotBefore, NotAfter, Issuer

You can replace “LocalMachine” with “CurrentUser” to list certificates in the current user store.

How to easily boot into safe mode

In Windows Server 2012 the shutdown.exe command has a new switch, -o, which lets you control the behaviour of the next reboot. You can use this to boot straight into the boot menu and then select safe mode, last known good etc

© 2019 IdefixWiki

Theme by Anders NorénUp ↑