IPSOFACTO IT Services Library
Find answers in our online Knowledge Base-
How Join an Active ...
OS X Lion has slightly different procedures for joining an active ...OS X Lion has slightly different procedures for joining an active directory domain. 1. Go to System Preferences > Users & Groups 2. Click on "Login Options" 3. Click on "Join..." button next to "Network Account Server" 4. Enter the domain server name.
5. Click OK to confirm. -
HP Laserjet and windows ...
Issue : Windows 7 see this printer as a unspecified ...Issue : Windows 7 see this printer as a unspecified device Solution : You can resolve this driver issue by having the printer attached to the USB Port, then manually pressing ADD PRINTER, choose DOT4 for the port. For the driver, choose the built in Windows 7 HP Laserjet 3055 PCL5 driver and it will work. You can also share the printer on a network and it will work with other Windows 7 computers not directly attached automatically. The Printers section in the control panel eventually got rid of the Unspecified Device as it now see's it as a 3055 printer. Date of last update: 12/01/2011 Author: Yassine Bennis
-
How to remove a rogue ...
Issue: Remove Win 7 Antispyware 2012 and Vista Antivirus 2012 name ...
Issue: Remove Win 7 Antispyware 2012 and Vista Antivirus 2012 name changing
Affects: Windows 7/ XP / vistaWithout a doubt, this rogue is designed to scam you out of your money by hijacking your computer and trying to trick you into thinking you are infected. Therefore, please do not purchase this program , and if you have, please contact your credit card company and dispute the charges stating that the program is a computer infection. Finally, to remove Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 please use the guide below, which only contains programs that are free to use.
1 : It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.2 : This infection changes settings on your computer so that when you launch an executable, a file ending with .exe, it will instead launch the infection rather than the desired program. To fix this we must first download a Registry file that will fix these changes. From a clean computer, please download the following file and save it to a removable media such as a CD/DVD, external Drive, or USB flash drive.
FixNCR.reg (http://download.bleepingcomputer.com/reg/FixNCR.reg)
Once that file is downloaded and saved on a removable devices, insert the removable device into the infected computer and open the folder the drive letter associated with it. You should now see the FixNCR.reg file that you had downloaded onto it. Double-click on the FixNCR.reg file to fix the Registry on your infected computer. You should now be able to run your normal executable programs and can proceed to the next step.
If you do not have any removable media or another clean computer that you can download the FixNCR.reg file onto, you can try and download it to your infected computer using another method. On the infected computer, right click on the Internet Explorer's icon, or any other browser's icon, and select Run As or Run as Administrator. If you are using Windows XP, you will be prompted to select a user and enter its password. It is suggested that you attempt to login as the Administrator user. For Windows 7 or Windows Vista, you will be prompted to enter your Administrator account password.
Once you enter the password, your browser will start and you can download the above FixNCR.reg file. When saving it, make sure you save it to a folder that can be accessed by your normal account. Remember, that you will be launching the browser as another user, so if you save it to a My Documents folder, it will not be your normal My Documents folder that it is downloaded into. Instead it will be the My Documents folder that belongs to the user you ran the browser as. Once the download has finished, close your browser and find the FixNCR.reg file that you downloaded. Now double-click on it and allow the data to be merged. You should now be able to run your normal executable programs and can proceed to the next step.
3 : Now we must first end the processes that belong to Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 and clean up some Registry settings so they do not interfere with the cleaning procedure. To do this, please download RKill to your desktop from the following link.
RKill Download Link - (Download page will open in a new tab or browser window.)
When at the download page, click on the Download Now button labeled iExplore.exe download link . When you are prompted where to save it, please save it on your desktop.
4 : Once it is downloaded, double-click on the iExplore.exe icon in order to automatically attempt to stop any processes associated with Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that RKill is an infection, do not be concerned. This message is just a fake warning given by Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 when it terminates programs that may potentially remove it. If you run into these infections warnings that close RKill, a trick is to leave the warning on the screen and then run RKill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 . So, please try running RKill until the malware is no longer running. You will then be able to proceed with the rest of the guide. If you continue having problems running RKill, you can download the other renamed versions of RKill from the rkill download page. All of the files are renamed copies of RKill, which you can try instead. Please note that the download page will open in a new browser window or tab.
Do not reboot your computer after running RKill as the malware programs will start again.
5 : Download Malwarebytes' Anti-Malware, or MBAM, from the following location and save it to your desktop:
Malwarebytes' Anti-Malware Download Link (Download page will open in a new window)
6 : Once downloaded, close all programs and Windows on your computer, including this one.
7 : Double-click on the icon on your desktop named mbam-setup.exe. This will start the installation of MBAM onto your computer.
8 : When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing, make sure you leave both the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware checked. Then click on the Finish button.
9 : MBAM will now automatically start and you will see a message stating that you should update the program before performing a scan. As MBAM will automatically update itself after the install, you can press the OK button to close that box and you will now be at the main program as shown below.
10 : On the Scanner tab, make sure the the Perform full scan option is selected and then click on the Scan button to start scanning your computer for Win 7 Antispyware 2012, Vista Antivirus 2012, and XP Security 2012 related files.11 : MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan. When MBAM is scanning it will look like the image below.
12 : When the scan is finished a message box will appear as shown in the image below.
13 : You should click on the OK button to close the message box and continue with the Vista AntiSpyware 2012, Win 7 Home Security, and XP Antivirus 2012 removal process.You will now be back at the main Scanner screen. At this point you should click on the Show Results button.
14 : A screen displaying all the malware that the program found will be shown as seen in the image below. Please note that the infections found may be different than what is shown in the image.
You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.
15 : When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.
16 : You can now exit the MBAM program.
Date of last update: 11/28/2011
Author: Yassine Bennis
-
Windows server 2008 vs ...
Thousands of changes have been made in Windows Server 2008 compared ...
Thousands of changes have been made in Windows Server 2008 compared to Windows Server 2003. Some are very small, but some are quite significant.Here is a list of what makes Windows Server 2008 great and a worthwhile upgrade from Windows Server 2003:
· Server Manager and the Advanced Event Viewer
Windows Server 2008 includes an entirely new management interface known as the Server Manager. The Server Manager is a one stop shop for configuring, managing, and monitoring the server. This is not like the Server Manager’s you might have used in the past; this one actually works and its one that you will use everyday when managing your Windows Server 2008 machines.
· Server Core
Windows Server 2008 can be installed in one of two ways: full installation or server core. The Server Core installation installs a subset of binaries that are required to get the core operating system running. No optional services are installed or enabled. There is no user interface other than the command line. There is no Windows Explorer shell, and all configuration must be done locally at the command line, or remotely using the MMC console or the new Windows Remote Shell (WinRS) remote management application (similar to SSH).
· Terminal Services Gateway
One of the impediments to fully deploying Terminal Services for remote access users was the fact that a great many administrators did not trust the authentication sequence and the level of encryption of the RDP tunnels. Another problem encountered was the fact that many firewalls at remote locations did not allow outbound TCP 3389. Microsoft has solved these problems by introducing Terminal Services Gateway in Windows Server 2008.
· Terminal Services RemoteApps
The goal of every security admin is to reach least privilege for every user. That is especially true for remote access connections. Security admins lose sleep at night thinking about providing full remote desktop connections to non-administrative users. All it takes is the compromise of one user’s credentials by a dedicated hacker and that hacker has a full desktop environment under his control to compromise your network. That is a scary thought.
· Native IPv6 support
Windows Server 2008 is the first version of Windows Server that has native IPv6 support as part of a single IP stack. In previous versions of Windows before Vista, IPv6 support was done in parallel with IPv4, and there was no integrated support for IPv6 included in network infrastructure services such as DNS and DHCP. That is no longer the case and now IPv6 is tightly woven into the Windows Server 2008 networking stack and infrastructure services.
· Read Only Domain Controllers
With the proliferation of branch offices in many organizations, many recognized the problem regarding authentication. Branch offices are often provisioned with a domain controller that users can authenticate to a local DC rather than having to go over a slow, or even downed, WAN link, which could cause authentication failures and inability to access even local resources.
· Hyper-V
Hyper-V is the Windows Server 2008 hypervisor that allows you to run virtual machines on Windows Server 2008 computers. Hyper-V replaces Virtual Server 2005 and is an integrated part of the operating system, which comes to you at no additional cost. The final bits for Hyper-V are not yet available, so I am going to reserve judgment on Hyper-V at this time. But, from what I have seen so far, I am very impressed with what they have done with Windows Server Virtualization. If you are looking for a no cost virtualization solution, then an upgrade to Windows Server 2008 is a good choice for you.
· Network Access Protection (NAP)
Network Access Protection allows you to control access from all computers who connect to your network. According to Microsoft, Network Access Protection (NAP) is not so much a security methodology as it is a client health mechanism. NAP allows you to create policies that set a minimum state of client health before that computer is allowed to connect to other computers on the network.
· Secure Sockets Tunneling Protocol (SSTP)
The Secure Socket Tunneling Protocol (SSTP) is a true SSL VPN. What I mean by “true” SSL VPN is that SSTP provides full network level VPN access to the corporate network in the same way that the PPTP and L2TP/IPSec protocols provide. However, the advantage with SSTP is that unlike PPTP and L2TP/IPSec, you do not have to worry about firewalls blocking outbound access to your SSTP connections.
· The Windows Advanced Firewall and Policy-based QoS
Windows Vista users will recognize the Windows Advanced Firewall. Now you get the same benefits Vista users have with Windows Server 2008. What is even better is that you can use Group Policy in Windows Server 2008 comprehensive centralized management of the Windows Advanced Firewall. If you have not used the Vista firewall yet, you are in for a treat. The Windows Advanced Firewall included with Vista and Windows Server 2008 allows you fine tuned inbound and outbound access control. The outbound access control was the missing piece with the Windows XP firewall. Now you have control on outbound connections so that if you detected on your firewalls that hosts are infected with a worm aimed at a certain port or collection of ports, you can block those ports on each host centrally through group policy.
Date of last update:11/23/2011
Author: Yassine Bennis
Please try to fill the blank as best as you can.
To add a category, simply write in the article [ [Category: Name_of_the_category] ]
Please indicate if there is private data in the article by adding a 'Private' category. -
Exchange 2008 vs 2003 ...
Exchange Server 2003 and Exchange Server 2007 are different in many ...
Exchange Server 2003 and Exchange Server 2007 are different in many ways. Exchange Server 2003 runs on 32-bit hardware and only requires a small amount of ram. Exchange Server 2007 only runs on 64-bit hardware and requires a large amount of memory to perform correctly. Exchange Server 2007 has some very important features that Exchange Server 2003 is missing
Exchange Server 2007 Database Portability
This feature enables an organization with multiple 2007 Exchange Servers to simply backup the Exchange Server database on one server and then mount it on another server within the organization using the database portability feature. For example, if you have an Exchange Server 2007 in Tampa and another Exchange Server 2007 in Atlanta, you can move the Exchange Server database from the Tampa server to Atlanta server and vice versa. This feature is critical when planning a disaster recovery plan. If a Hurricane is coming to Tampa you simply bring up the Exchange 2007 Server and mount the database and your instantly up and running again. You can use Windows NT Native backup to backup the database from one server to another. There is no way to replicate databases, you must backup the database and then you can mount multiple databases on one Exchange 2007 Server with the database portability function.
Exchange Server 2007 Integrated Spam Filtering
Exchange Server 2007 comes with state of the art integrated spam filtering technology. It is also now part of the mail flow process which is the part of Exchange that processes email. This was a problem with Exchange 2000 and Exchange 2003. Users would have issues with their bad mail folder getting filled up quickly with spam and bouncing back valid email. But now Exchange 2007 has the capability to detect and stop the server from being spammed and can sense if there is an inbound attack on the inbound mail flow of messages going in the mail queue. With Exchange 2007 all of the folders are automatically managed and monitored via the mail flow monitoring system which is built in to Exchange 2007.
Exchange Server 2007 Unified Message
Exchange 2007 offers a Unified Message feature that is more enhanced than the standard messaging system included with Exchange 2003. You are now able to use a VOIP phone system or a PBX and include the functions in your Outlook 2007. For example; let’s say you were leaving the office for the day at 2:00PM and you changed your calendar to out of office at 2:00PM. Well with Exchange 2007 you can have a different greeting play on your phone or email responder by simply changing the schedule on your calendar. This will also allow you to setup voice access from any standard phone and can be integrated with any pbx and setup for Microsoft Exchange 2007 Server.
Exchange Server 2007 Outlook Anywhere
A very new and popular feature with Exchange Server 2007 is Outlook Anywhere. This is setup similar to the previous HTTPS over RPC. This allows users to use Outlook 2007 to connect from around the world and allows Outlook to function like the user was on the network. Setting up this type of functionality was difficult to configure in the past, but is much more robust and easier to configure using the Outlook client. It’s best to configure Outlook Anywhere with a secure certificate from VeriSign. If you don’t purchase a certificate you can create one but you will need to install it on each Windows XP client computer that you plan on using Outlook Anywhere.
If you need assistance setting up Outlook Anywhere please give us a call 888-333-9340
Exchange Server 2007 Outlook Web Access
Exchange 2007 has made a lot of improvements to the Outlook Web Access feature. Several steps have been taken by the Microsoft developers to shorten the amount of bandwidth that Outlook Web Access uses. Also many new features have been added to the Outlook Web Access Windows operating system.
Exchange Server 2007 ActiveSync
One of the key features of Exchange 2007 is the ability to use ActiveSync over the air. That’s right, you are able to ActiveSync all your items in Outlook on your User Mailbox while on the road. You are able to sync an Inbox with Microsoft Exchange 2003, but now with Microsoft Exchange 2007 you are able to sync contacts, tasks and calendars on the road. Exchange ActiveSync technology is also very secure and uses data encryption to ensure that your information isn't’t exposed over the Internet. ActiveSync can also be used with BlackBerry phones, making it a must have feature for companies using BlackBerry technology.
Date of last update:11/23/2011
Author: Yassine Bennis -
ATT00001.htm attachment ...
Issue: Every time I send email with an attachment, a strange file ...
Issue: Every time I send email with an attachment, a strange file with the name like "ATT00001.htm" shows up along EACH attachment at the recipient's end.
This is very annoying and confusing to the recipient.
Affects: MAC mail
SOlution to the issue :
1. Install Mail Attachments Iconizer. Set Let Me Decide and tick all check boxes, put 128k in each of the entry boxes.
2. In Mail, go to Edit, Attachments, set Windows Friendly Attachments and Insert Attachments At End of Message.
Date of last update:11/23/2011
Author: Yassine Bennis -
Windows Cannot Load the ...
Issue: Windows Cannot Load the Locally Stored ProfileAffects: ...
Issue: Windows Cannot Load the Locally Stored Profile
Affects: WindowsWhen you log on to Windows XP, it may take longer than you expect. When you use CTRL-ALT-DELETE to log out, you may receive the following error message:
Windows cannot load the locally stored profile: Insufficient security rights or a corrupted local file. Windows has logged you in with a temporary profile any setting you make will not be saved.
If a user gets this message, try logging in with an administrator account and then logging off / logging in as the user.
Date of last update: 11/23/2011
Author: Yassine Bennis
-
How to Add 32-bit Print ...
Issue: f you try to connect to a printer that is shared on an SBS ...
Issue: f you try to connect to a printer that is shared on an SBS 2008 server from a client computer running a 32 bit version of Windows, you may see an error message :
This error will appear if the server doesn’t have a 32 bit print driver installed. To eliminate the warning message we need to install the 32 bit print driver on the server.
Affects: SBS 2008From a Windows XP client:
1 : Logon to a 32 bit XP client with an account that has Administrator rights on the server.
2 : Browse to the server and double click on the Printers and Faxes share.
3 : Click File and then Server Properties.4 : Go to the Drivers tab.
5 : Click Add.6 : The Add Printer Driver wizard should appear. Click Next on the welcome screen.
7 : If the client already has a driver for the printer you can select the driver from the list otherwise you would Click Have Disk and browse to the directory containing the print drivers from the printer manufacturer.8 : Once you select the printer you will be prompted to select the print environment. Check the box for Intel Windows 2000 or XP.
9 : Click to Finish to complete the process and close the wizard.
The add printer driver wizard will now copy the necessary files to the server to support 32 bit clients. Once this process is complete you should be able to install the printer on all the 32 bit clients and the client machine will pull the necessary driver from the server.From a Vista client:
1 : Logon to a 32 bit Vista client with an account that has Administrator rights on the server.
2 : Browse to the server and double click on the Printers share.
3 : Right click on a blank spot on the printers and choose Server Properties.4 : Go to the Drivers Tab and click Add.
5 : The Add Printer Driver Wizard will launch. Click Next on the welcome screen.
6 : Check x86 Type 3 – User Mode and click Next.7 : If the client already has a driver for the printer you can select the driver from the list otherwise you would Click Have Disk and browse to the directory containing the print drivers from the printer manufacturer.
8 : Click to Finish to complete the process and close the wizard.
The add printer driver wizard will now copy the necessary files to the server to support 32 bit clients. Once this process is complete you should be able to install the printer on all the 32 bit clients and the client machine will pull the necessary driver from the server.Date of last update:11/21/2011
Author: Yassine Bennis -
MAC OS X Lion encrypted ...
Issue: On lion if your hard drive is encrypted and you use the ...
Issue: On lion if your hard drive is encrypted and you use the migration assistant to migrate an old laptop to it then if you restart the laptop you will not see your username.
Note that if you sign in as administrator then you can switch to your account without issues.
Affects: MAC OS X LionTo resolve the issue, go to filevault and click on enable other user then check your name.
Date of last update: 11/17/2011
Author: Yassine Bennis -
Research the TFTP server ...
Issue: Turn on the TFTP server Affects: MAC OS X Lion Here are ...
Issue: Turn on the TFTP server
Affects: MAC OS X LionHere are instructions on how to turn it on:
Open Terminal and type the following commands to turn on the TFTP server.
sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist
sudo launchctl start com.apple.tftpdThe default tftp file path is /private/tftpboot but you can change that by editing /System/Library/LaunchDaemons/tftp.plist and re-starting with launchctl...
sudo launchctl restart com.apple.tftpd
Date of last update:11/14/2011
Author: Yassine Bennis -
Send PDF by email from ...
Issue: when a PDF is open, we want to send it by clicking the mail ...
Issue: when a PDF is open, we want to send it by clicking the mail button saying "click to attach this PDF file to a new email message". We do this, a new email opens up from Outlook (without signature), the PDF is attached and after it is sent, it is actually not sent. Meaning it is not received.
You can fix this by setting up a default outlook profile, it was set as "always prompt" and Acrobat was sending through the wrong profile.
Date of last update: 11/11/2011
Author: Yassine Bennis
Please try to fill the blank as best as you can.
To add a category, simply write in the article [ [Category: Name_of_the_category] ]
Please indicate if there is private data in the article by adding a 'Private' category. -
Extend partition on ...
Issue: partition is full on windows server This one is taking ...
Issue: partition is full on windows server
This one is taking advantage of the storage provisionning feature of Windows server
- In vSphere, edit settings of the VM, select the hard disk and increase capacity to maximum.
- On Windows Server, go to Computer Management, and Disk Management
- Convert the partition to dynamic if it is not already
- Extend the volume to the new unallocated space
- Check new volume sizeDate of last update: 11/10/2011
Author: Yassine Bennis -
SFTP Access To Amazon ...
Issue: SFTP Access To Amazon EC2 Using FileZilla As soon as you've ...
Issue: SFTP Access To Amazon EC2 Using FileZilla
As soon as you've setup a Linux instance on Amazon EC2 you're likely next step is to get FTP access so you can move files about.
First of all make sure port 22 is open in your instance's Security Group in Amazon's AWS site. You can test this from a Terminal using the following command:
ssh Address-Of-EC2-InstanceIf that times out then most likely port 22 isn't open. Otherwise you're ok. SFTP uses the same port so we can carry on and set it up.
The error is "No supported authentication methods available". To get round it you need to tell FileZilla about the .PEM file that was created when you built the Amazon instance. Assuming you already downloaded it to you PC, open FileZilla and select the Edit->Settings menu.
Click the "Add key file..." button and locate your PEM file. At this point FileZilla will ask if you want to convert it to a format it can use. Say yes and tell it where to put the new .PPK file. Once this is done press ok and try to connect again. You should have more luck!
Date of last update:11/10/2011
Author: Yassine Bennis -
How to rebuild an index ...
Issue: searches are not returning relevant ...
Issue: searches are not returning relevant information
Solution :
First set a sudo password if you don’t have one:
-open terminal and type “sudo passwd root” then enter admin password and a new password for rootAnd rebuild the index :
-"sudo mdutil –E"
Date of last update: 11/09/2011
Author: Yassine Bennis -
Can’t access ...
Issue: One of our clients could not access adobe.com in order to ...
Issue: One of our clients could not access adobe.com in order to purchase some software and update her applications
someone had installed a pirated version of photoshop on her machine which blocked access to adobe.com using the /etc/hosts (in order to get around the software phoning home with it's serial number)
Date of last update: 11/08/2011
Author: Yassine Bennis -
Outlook 2010 and Lenovo ...
Issue: "Looking for credential tiles" This message pops up on Lenovo ...
Issue: "Looking for credential tiles"
This message pops up on Lenovo laptops when Outlook is opening because of a conflict with the Veriface application.
Process:
Start
All programes
Lenovo
Right click Veriface
Open file location
Then scroll to the bottom and there should be uninstall Variface.
Uninstall Variface and everything will be ok.
Date of last update: 11/07/2011
Author: Yassine Bennis
Please try to fill the blank as best as you can.
To add a category, simply write in the article [ [Category: Name_of_the_category] ]
Please indicate if there is private data in the article by adding a 'Private' category. -
Downloading gmail ...
Issue: If one needs to audit their google apps domain there is only ...
Issue: If one needs to audit their google apps domain there is only one way to get a snap shot of a users email mailbox.
Administrators can download mailbox accounts within their domain for audit purposes. To prepare a mailbox for export, the Email Audit service creates an encrypted copy of a user's mailbox. When the export preparation is completed, the system returns the URLs to the encrypted mailbox files which, when downloaded and decrypted, are available in mbox format. The downloading steps are:
1 : Upload a public key — The administrator provides a public encryption key for downloading mailboxes. The creation of this public key is only done once. If you have already created a public key for accessing account information, you do not need to complete this step. This public encryption key is in Pretty Good Privacy (PGP) format using the ASCII-encoded RSA key encryption. One way this key can be generated is to use GNU Privacy Guard (GPG) fromwww.gnupg.org. If using GPG, specify the --expert flag in order to generate an RSA encryption key. Export the public part of the GPG key using gpg --armor --export. This key is used to encrypt the mailbox export files available through HTTP URLs.
2 : Create an export version of a user's mailbox — The mailbox export process starts when an administrator requests the creation of a copy of a user's mailbox. The Email Audit API's operation authenticates and authorizes the administrator's credentials and returns a unique request id. The mailbox creation process can be time consuming and may take several days depending upon the mailbox size.
3 : Retrieve the mailbox download status or retrieve all mailbox status using a date — Use the mailbox export request ID to get the status of the pending request. Once the mailbox is copied and prepared for export, the response returns a status of "COMPLETED" along with the list of encrypted mailbox files as HTTP URLs. Use this set of URLs to download the mailbox files.
4 : Obtain the downloaded mailbox files — After downloading the encrypted files, the administrator decrypts the mailbox files using the domain's private key. Once decrypted, the files are viewed in mbox format.Detailed Instructions:
Before doing anything with the google apps Audit API one must autheticate to the the service
1.Turn on the Provisioning API in the Google apps admin panel.
It is under Domain Settings -> User Settings2.From the command line use this script to generate an auth token:
curl https://www.google.com/accounts/ClientLogin \
--data-urlencode Email=<domain admin account> --data-urlencode Passwd=<domain admin password> \
-d accountType=GOOGLE \
-d source=Audit_Request \
-d service=appsThe server will respond with something that looks like this only uglier:
SID=DQAAAOQAAACM317shtJ7I0-Ak_M10kQaZNs6g66GbiKvr7MShntuW1i1qGhdLQIbwtqplbaB_3pIlzY8CIq1TQKnUZ3sYqnKrpm-1wVoN22cgfmyhGSnhFyPP4506QkKQuortDv3bYIDt6klp0XGVAeVlCYNAqVetGpqL_DakbRKRam3yFXaIhHhK998Pr7fQO2cg2jacbNUtGRk-1ezUJco8KrX5hpFusBokMbDKdeM81pLtLWEz2zcd0zoegQqIJ-NT0AV8vViC5xcZPXyL1nvI_LQarAK9WPUOEcy_eDepWSijcRoFvXft7xgyEVfzJdpX75rdGY
LSID=DQAAAOUAAAD_GGb7uP2cSYJewekD5vwVX6jQU2FhbMC0ljMCyDYn15P8KAklahPj_K7oVLNMWZ0U1n2gAnk_4DAMz--Xd2nxZqH9izqdwjAFykI7vuGB_YZcnaIBVmbz9-xBTaNzYrBVxZaURr-2YwB2NWcMyPiqgNC6ZM_cGGreqZQ1IkKlEjXLiLxEMA_4igIjGSQxVzfUO-H9HmOwVo8_dp4TV4a-ZA80Z-mGGwLv9qLa58d44lDqs_8jsUIa6kxKrm39nVMOXN8e1d_hiNKN9bAUAfjFDA4W7RtlkwkA_VoX39YCN9DZvGwqsVQbGBLeAOSmga4
Auth=DQAAAOQAAAD_GGb7uP2cSYJewekD5vwVPIZ7fsH6x1mHhaW5J4EEdetYMFE2qWfDPh927HwAVRABb7ATZGwqPoEwqu6vMTHC7r1jPgdwAzHvIfCLzIauF6p27wB3cR4pnsEF-D8gNUEke9fTJXwIFaZG2_q30RfsAQD_dIprBlSmRFn-bdC1I8aqBNtKspLgcK_JjFhiYDIEL5385DbixUDwW6vmrQ45mpq3liXZhYNKXpYMLphlivXNn4Mr45cTuDD3TScBLei-EQ7FYoPzVgM6ZhZgPm3cNKnwmN5e-NDG-N9cOAkND-QftdvslsU15o0S6txk3Lc.
Take the Auth Value that it returns and use it in all the following cURL commands
3.If you have not already generate a GPG key to encrypt the mailboxes.
(you can use Linux, Windows or Mac to do this)a. Export the Public Key to a Text File
b. encode the Public Key into Base64 using this website: http://www.motobit.com/util/base64-decoder-encoder.asp
c. Create a file called publicKey.xml that contains the following:
<atom:entry xmlns:atom='http://www.w3.org/2005/Atom' xmlns:apps='http://schemas.google.com/apps/2006'>
<apps:property name="publicKey" value="LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tDQpWZXJzaW9uOiBHbnVQRy9NYWNH
UEcyIHYyLjAuMTcgKERhcndpbikNCkNvbW1lbnQ6IEdQR1Rvb2xzIC0gaHR0cDovL2dwZ3Rvb2xz
---Bunches of Different Text that you copied and pasted from the website above-----
NkFVdjRnaWdRDQpxVDdXZTRkYys5YXlsVXRxUm13QUlDWVJJK1RnODA4TkhTSGhTeXZTZnhzZ2RE
RXIxcDdnDQo9bWRmeA0KLS0tLS1FTkQgUEdQIFBVQkxJQyBLRVkgQkxPQ0stLS0tLQ=="/>
</atom:entry>
d. In the terminal, navigate to the directory that holds the publicKey.xml file and run this command:curl --silent --request POST --data-binary "@publicKey.xml" --header "Content-Type: application/atom+xml" --header "Authorization: GoogleLogin auth=<the auth token from above>" "https://apps-apis.google.com/a/feeds/compliance/audit/publickey/ipsofactoinfo.com" | tidy -xml -indent -quiet
e. You should recieve something that looks like this:
<?xml version='1.0' encoding='utf-8'?>
<entry xmlns='http://www.w3.org/2005/Atom'
xmlns:apps='http://schemas.google.com/apps/2006'>
<id>
https://apps-apis.google.com/a/feeds/compliance/audit/publickey/<domain name>/0</id>
<updated>2011-11-08T00:38:19.008Z</updated>
<link rel='self' type='application/atom+xml'
href='https://apps-apis.google.com/a/feeds/compliance/audit/publickey/<domain name>/0' />
<link rel='edit' type='application/atom+xml'
href='https://apps-apis.google.com/a/feeds/compliance/audit/publickey/<domain name>/0' />
<apps:property name='publicKey'
value='LS0tLS1CRUdJTiBQR1AgUFVCTElDIEtFWSBCTE9DSy0tLS0tDQpWZXJzaW9uOiBHbnVQRy9NYWNH UEcyIHYyLjAuMTcgKERhcndpbikNCkNvbW1lbnQ6IEdQR1Rvb2xzIC0gaHR0cDovL2dwZ3Rvb2xz---Bunches of Different Text ---
RXIxcDdnDQo9bWRmeA0KLS0tLS1FTkQgUEdQIFBVQkxJQyBLRVkgQkxPQ0stLS0tLQ==' />
</entry>4. create a mailbox request:
a. Create the file googleappscreatereq.xml (or something that scans better) that contains the following:
<atom:entry xmlns:atom='http://www.w3.org/2005/Atom' xmlns:apps='http://schemas.google.com/apps/2006'>
<apps:property name='includeDeleted' value='true'/>
<apps:property name='packageContent' value='FULL_MESSAGE'/>
</atom:entry>
b.again from the same directory as googleappscreatereq.xml run:curl --silent --request POST --data-binary "@googleappscreatereq.xml" --header "Content-Type: application/atom+xml" --header "Authorization: GoogleLogin auth=<your auth code>" "https://apps-apis.google.com/a/feeds/compliance/audit/mail/export/<domain name>/<mailbox name>" | tidy -xml -indent -quiet
c. You should recieve something that looks like this:
<?xml version='1.0' encoding='utf-8'?>
<entry xmlns='http://www.w3.org/2005/Atom'
xmlns:apps='http://schemas.google.com/apps/2006'>
<id>
https://apps-apis.google.com/a/feeds/compliance/audit/mail/export/<domain name>/<mailbox name>/37496561</id>
<updated>2011-11-08T00:54:14.912Z</updated>
<link rel='self' type='application/atom+xml'
href='https://apps-apis.google.com/a/feeds/compliance/audit/mail/export/<domain name>/<mailbox name>/37496561' />
<link rel='edit' type='application/atom+xml'
href='https://apps-apis.google.com/a/feeds/compliance/audit/mail/export/<domain name>/<mailbox name>/37496561' />
<apps:property name='packageContent' value='FULL_MESSAGE' />
<apps:property name='includeDeleted' value='true' />
<apps:property name='status' value='PENDING' />
<apps:property name='requestId' value='37496561' />
<apps:property name='userEmailAddress'
value='<email>' />
<apps:property name='adminEmailAddress'
value='<admin email>' />
<apps:property name='requestDate' value='2011-11-08 00:54' />
</entry>
5. Check all requests in the past three weeks using this command (you can narrow the search as well):curl --silent --request GET --header "Authorization: GoogleLogin auth=D<your auth code>" "https://apps-apis.google.com/a/feeds/compliance/audit/mail/export/<domain name>" | tidy -xml -indent -quiet
Date of last update: 11/07/2011
Author: Yassine Bennis and Andrew Hunzeker -
Resolve DNS issue by ...
Issue: Having issues with your emails, some emails get bounced with ...
Issue: Having issues with your emails, some emails get bounced with the message: <DNS server returns answer with no data>
What you have to do :
1 : Go to dnsstuff.com and test the domain.
2 : You will probably see that the server cannot accept email to postmaster@domain.comYou will have to add the address postmaster@domain.com as an alias to spamadmin@domain.com in Mxlogic.
- Check the credentials.
- Go to alias and add the address.Then you will have to add postmaster@domain.com as an alias to administrator@domain.com in the clients server.
- Check the credentials to connect within Remote Desktop Control.
- Connect to client’s server.
- Add the address as an alias.Date of last update: 11/04/2011
Author: Yassine Bennis -
Permission with mac ...
Issue: every time a user was moving a file in his homefolder on his ...
Issue: every time a user was moving a file in his home
folder on his mac he was asked for his password. The items were unlocked
and he had full permissions.
Affects: MACFixing the permissions via the disk utility didn't fix the issue
Downloading mac pilot then go to tools tab and run wipe the acl settings.
Select the home folder and click continue.
Once done, she was able to access all the files againNote that this is certainly caused by transferring files from her old
computer to new oneDate of last update: 11/04/2011
Author: Yassine Bennis -
Configure outlook using ...
Issue: Configure outlook using touchdown app When you open the app ...
Issue: Configure outlook using touchdown app
When you open the app for the first time click on configure your accont.
Follow this steps :
- Enter your User ID. Note that you should check with your administrator about what to use here. Sometimes your alias (e.g: jsmith) might be enough. And sometimes it may be your email address, depending on the server configuration.
- If you are required to enter a Domain name to gain access to your account, please enter that in the next box. Note that this is not always the same as your company’s web site domain.
- Enter your email address if it is different from your user ID.
- Enter your password, taking care not to mistype (a large number of errors
in configuration result from mistyping the password)
- Enter the address of the ExchangeTM server. Please make sure you enter just the server name, as in mail.mycompany.com. You should also take care to enter the server name as you access it from outside your company network, from the internet. Typically these names end in .com, .net. .info etc. You may also enter an IP address here if that is accessible from the internet. You may suffix the server name with a port number as in mail.mycompany.com:8082Click next and click next again.
In the next screen you can choose what protocols the program should check for. If you are unsure of what is available, it is advised to leave the defaults as they are.
Click Next.Click Next on the next screen if you are sure that you wish to perform the process. Note that starting this process will delete and re-sync all existing data from TouchDown.
Once completed, you can click the Close button, which will take you to the main screen. Here, you may have to wait for a while until touchdown automatically updates the data to the phone.
Date of last update: 11/02/2011
Author: Yassine Bennis
Please try to fill the blank as best as you can.
To add a category, simply write in the article [ [Category: Name_of_the_category] ]
Please indicate if there is private data in the article by adding a 'Private' category.
Our Knowledge Base is a repository of information technology updates, industry white papers, computer support news, and late-breaking articles from the staff of IPSOFACTO IT services.
Read points of view on industry concerns, like VoIP, Virtualization, SANs, Communication Platforms, Gadgets, Business Continuity, and more. Query our DB first. If you don't find it, then query our engineers!
