All posts by Allan

Samba Client for Windows – smbclient.exe – v3.6.25

So in reference to getting Pydio working on a Windows Server 2012 R2 machine with IIS 8.5 I found that I wanted a workspace in Pydio to access a existing share on a 2012 R2 file server. I have a lot of files I don’t want duplicated on both servers. Now there are many workspace drivers available but since Pydio was designed originally for a *nix system the main way to access a Windows server is through Samba. Windows Server supports SMB, server message blocks, for file sharing among other things. Now on a *nix system you can just install Samba and then Pydio can use the Samba client to remotely access the Windows server. Problem is I want to use Samba on a Windows server to access another Windows server. So I started a hunt to find a ported version of the Samba client and it resulted in two pages out of the millions out there: https://smithii.com/samba which had ported all of Samba v3.0.23 over and https://www.leepa.io/lpackham/smbclient/ which had ported just the v3.0.7 client. So I started testing these clients and long story short they have issues with Windows servers. Mainly you can get directory listings using them and even pull files but you cannot create files nor push files to the Windows file server. After some research its due to changes, mainly security related, in the Windows servers SMB implementation….changes that were fixed in newer versions of Samba (https://www.samba.org/).

So I determined that the only possible way to get my Pydio install to access my existing Windows file server was to either use the FTP over SSH plugin and enable this on my file server, which I didn’t want to do, or figure out a way to compile the Samba client using the latest source. After lots of trail and error I was able to partially compile Samba 3.6.25 using Cygwin (https://www.cygwin.com/) but where it failed was after it had built the smbclient.exe that I needed. I took the client and copied it to the server and tried running it from a command prompt and it complained about needing some Cygwin DLL files which was expected. I copied over the DLL files it needed to the server and was able to connect to the file server. I then updated Pydio to use my newly compiled smbclient.exe and Pydio now works as expected allowing e to share out a existing share from another server. The best part is since user credentials are passed through the existing NTFS permissions still apply on top of Pydios own permission checks.

Not sure if anyone in the world will ever need it but just in case here it is: smbclient.zip. Keep in mind you will need to install Cygwin on the same machine and at the very least copy the DLL files it needs out of C:\cygwin\bin to the directory with the client.

Hosting Your Own Cloud With Pydio

Last year I was looking for a cloud hosting solution and I decided on Pydio and even wrote up a install guide (http://allandynes.com/2015/08/was-searching-for-a-cloud-provider/). Some time has gone by and I’ve updated those instructions for the latest version of Pydio (6.4.1 currently) and also to be a purely 64-bit install (PHP 7 x64, MySql 5.7 x64, etc). The overall effect on a Server 2012 / IIS 8.5 install is quicker performance and less issues with large data syncs. I’ve also updated it to include information on SMB shares so you can access your existing Windows based file server from your cloud server so you are not duplicating files. Here is the new install guide:

Installing-Pydio-on-Windows-Server-2012-R2-Pure-64-bit-With-Samba

Windows 7 Printer and Spooler Issues 0x00005c3

During my many years troubleshooting computers nothing seems to be as frustrating as printing issues. Granted it has gotten much better but that just means when you do have a issue it’s going to be that much harder to fix. Today I had such a issue. I upgraded the drivers for some network printers ahead of a printer change-out, updating some Lexmark, Konica, and HP Universal print drivers to their respective latest versions. Windows 7 usually is good about grabbing the updated drivers form the server and rarely will anyone see any issues. Well during my testing I had installed and uninstalled the Konica universal drivers multiple times and apparently something got corrupt. When trying to install the new printer I got a error saying Cannot connect to Printer along with a 0x000005b3 code. I did a bunch of research and couldn’t find anything that helped. Some posts said delete your temp files, some said look for *.tmp files within the Windows System32 directory and delete those. Others said try running a Microsoft Fit It for the print spooler (50984 for easy fix and 50979 for full fix resetting everything and deleting all your printers). None of these worked.

Then a post said to check your Windows\INF folder and the setupapi.app.log file for clues. I renamed the file then tried installing the printer again and it created a new log file just with info from the failure. It referenced a bunch of missing files from the Windows\System32\DriverStore\FileRepository directory on the computer. So I though well I can just delete those files and it should download fresh. Unfortunately I couldn’t delete the directory. So now I did a search on how to delete files from the DriverCache and found this article: https://technet.microsoft.com/en-us/library/cc730875.aspx?f=255&MSPPError=-2147217396

Long story short the utility pnputil.exe is used from a administrator command prompt to list all the driver packages cached/installed on your machine. pnputil.exe -e lists all the OEM?? numbers and gives a description of what they are. I ran it and looked through the list and found three different Konica drivers listed. I then ran pnputil.exe -d Oem??.inf for each of the three and it deleted the drivers. I checked the FileRepository directly and the directory in question was gone.

I then tried re-adding the network printer and it worked, connected and downloaded the drivers off the server without issue, and has been working since. So if you are getting the 0x00005c3 error try deleting all printers using the same driver then using the pnputil to delete out an drivers cached and then reinstall. Might save you from re-imaging or reinstalling your OS which many people ended up doing when they couldn’t figure it out.

VB.Net Drag and Drop from Outlook

One thing I have been working on for years now is a database program that among other things has a part that lets you attach files into it. The drag and drop functionality was easy for regular files on the hard drive but a feature request came in to drag and drop files from a outlook attachment. Luckily someone had already figured this out in C# which I converted into VB here: http://www.codeproject.com/Articles/7140/Drag-and-Drop-Attached-File-From-Outlook-and-ab. This was all fine and dandy until I got a request last week to attach the actual email itself, not a attachment. After more searching I found someone that did this using the Outlook interop libraries here: http://www.emoreau.com/Entries/Articles/2008/05/Dropping-a-Outlook-message-on-your-application.aspx. So after a little more playing I updated my drag and drop code to decipher between a normal file, a Outlook attachment, or a Outlook email and act accordingly.

Couple notes: DisplayMessageBox is a custom message box used by my program (replace with MsgBox if needed) and AddTempFileToArray does exactly that, adds any temp files I create or use to a array which I then delete when my program closes (don’t want a bunch of temp files created and left), and SaveButton is enabled only during a edit operation.

In my control where I will accept the drop:

Private Sub MyControlToAcceptTheDrop_DragEnter(ByVal sender As Object, ByVal e As System.Windows.Forms.DragEventArgs) Handles MyControlToAcceptTheDrop.DragEnter
' Make sure that the format is a file drop.
If (e.Data.GetDataPresent(DataFormats.FileDrop)) And (SaveButton.Visible = True) Then
e.Effect = DragDropEffects.Copy
ElseIf (e.Data.GetDataPresent("FileGroupDescriptor")) And (SaveButton.Visible = True) Then
e.Effect = DragDropEffects.Copy
Else
' Do not allow drop.
e.Effect = DragDropEffects.None
End If
End Sub

And my code to handle the drop:

'''

''' Handle File Drops
'''

''' DragEventArgs ''' Path to the actual file or temp file
''' Returns the full path to the file being dropped or to a temp file that contains the file in memory (for use with Outlook or other program drag drops)
Friend Function HandleFileDrops(ByVal e As System.Windows.Forms.DragEventArgs) As String
Try
If e.Data.GetDataPresent(DataFormats.FileDrop) Then
' We have a file so lets pass it to the calling form
Dim Filename As String() = CType(e.Data.GetData(DataFormats.FileDrop), String())
HandleFileDrops = Filename(0)
ElseIf e.Data.GetDataPresent("FileGroupDescriptor") Then
' We have a embedded file. First lets try to get the file name out of memory
Dim theStream As Stream = CType(e.Data.GetData("FileGroupDescriptor"), Stream)
Dim fileGroupDescriptor(512) As Byte
theStream.Read(fileGroupDescriptor, 0, 512)
Dim fileName As System.Text.StringBuilder = New System.Text.StringBuilder("")
Dim i As Integer = 76
While Not (fileGroupDescriptor(i) = 0)
fileName.Append(Convert.ToChar(fileGroupDescriptor(i)))
System.Math.Min(System.Threading.Interlocked.Increment(i), i - 1)
End While
theStream.Close()
' We should have the file name or if its a email the subject line. Create our temp file based on the temp path and this info
Dim myTempFile As String = Path.GetTempPath & fileName.ToString
' Look to see if this is a email message. If so save that temporarily and get the temp file.
If InStr(myTempFile, ".msg") > 0 Then
Dim objOL As New Microsoft.Office.Interop.Outlook.Application
Dim objMI As Microsoft.Office.Interop.Outlook.MailItem
If objOL.ActiveExplorer.Selection.Count > 1 Then
DisplayMessageBox("You can only drag and drop one item at a time into this screen. The first item you selected will be used.", "One Item At A Time", , FormStartPosition.CenterParent)
End If
For Each objMI In objOL.ActiveExplorer.Selection()
objMI.SaveAs(myTempFile)
Exit For
Next
objOL = Nothing
objMI = Nothing
Else
' If its a attachment we need to pull the file itself out of memory
Dim ms As MemoryStream = CType(e.Data.GetData("FileContents", True), MemoryStream)
Dim FileBytes(CInt(ms.Length)) As Byte
' read the raw data into our variable
ms.Position = 0
ms.Read(FileBytes, 0, CInt(ms.Length))
ms.Close()
' save the raw data into our temp file
Dim fs As FileStream = New FileStream(myTempFile, FileMode.OpenOrCreate, FileAccess.Write)
fs.Write(FileBytes, 0, FileBytes.Length)
fs.Close()
End If
' Make sure we have a actual file and also if we do make sure we erase it when done
If File.Exists(myTempFile) Then
' Assign the file name to the add dialog
HandleFileDrops = myTempFile
Call AddTempFileToArray(myTempFile)
Else
HandleFileDrops = String.Empty
End If
Else
Throw New System.Exception("An exception has occurred.")
End If
Catch ex As Exception
DisplayMessageBox("Could not copy file from memory. Please save the file to your hard drive first and then retry your drag and drop.", "Drag and Drop Failed")
HandleFileDrops = String.Empty
End Try

End Function

As you might be able to guess I only look at the first email message if multiple are selected and let the user know that also. I’m sure there is a way to loop through multiple files, Outlook attachments, or Outlook emails but I don’t need that functionality so I didn’t code it (but I did warn in case it happens).

Exchange Console Commands

I have been managing a Exchange server since Exchange 2003. Current on 2010 and planning on upgrading to 2013 in the next month or so. Over the years I’ve been collecting snippets of useful commands which have served me well so here is my go to list. In almost all examples anything being exported/imported is using a directory called c:\ExFiles and in my examples the server is EXServer. Replace (alias) in all examples with the actual mailbox alias:

Export out Mailboxes as PST

Export list of all mailboxes by alias
Get-Mailbox| Select Alias | Export-CSV C:\ExFiles\Alias.csv

Export mailboxes based on a csv list:
foreach ($i in (Import-Csv C:\ExFiles\Alias.csv)) { New-MailboxExportRequest -Mailbox $i.Alias -FilePath "\\EXServer\c$\ExFiles\$($i.Alias).pst" }

Export individual mailboxes:
New-MailboxExportRequest -Mailbox (alias) -FilePath "\\EXServer\c$\ExFiles\(alias).pst"

Export out only Calendar items from a mailbox then import them into another mailbox

Export calendar items from a mailbox:
New-MailboxExportRequest -Mailbox (alias) -FilePath \\EXServer\c$\ExFiles\TempPSTFile.pst -IncludeFolders "#Calendar#"

Import calendar items to a mailbox:
New-MailboxImportRequest -Mailbox (alias) -FilePath \\EXServer\c$\ExFiles\TempPSTFile.pst -IncludeFolders "#Calendar#"

Check Import/Export commands and clear then

Check import status:
Get-MailboxImportRequest

Check export status:
Get-MailboxExportRequest

Clear completed import requests:
Get-MailboxImportRequest -Status Completed | Remove-MailboxImportRequest

Clear completed export requests:
Get-MailboxExportRequest -Status Completed | Remove-MailboxExportRequest

Retention Policy Commands

Get all user mailboxes without a retention policy
Get-Mailbox -ResultSize unlimited -RecipientTypeDetails "UserMailbox" | Where-Object {$_.RetentionPolicy -eq $null}

Assign the default retention policy to all mailboxes without one
Get-Mailbox -ResultSize unlimited -RecipientTypeDetails "UserMailbox" | Where-Object {$_.RetentionPolicy -eq $null} | Set-Mailbox -RetentionPolicy "Default Archive and Retention Policy"

User Permissions

Export out a list of users who have access to other mailboxes other then their own
Get-Mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} | Select Identity,User,@{Name='Access Rights';Expression={[string]::join(', ', $_.AccessRights)}} | Export-Csv -NoTypeInformation c:\ExFiles\mailboxpermissions.csv

Remove a users permission from all mailboxes
Get-Mailbox | Remove-MailboxPermission -User (UserID) -AccessRights FullAccess -InheritanceType All

Remove a users permission to a single mailbox
Remove-MailboxPermission -Identity (alias) -User (UserID) -AccessRights ReadPermissions -InheritanceType All

Mailbox and Database Information

Get the overall status of each database:
Get-MailboxDatabase -Status | ft name,databasesize,availablenewmailboxspace -auto

Export out the size of each mailbox in a database:
Get-MailboxStatistics -Database "Mailbox Database 1" | Select DisplayName, ItemCount, TotalItemSize | Sort-Object TotalItemSize -Descending | Export-CSV C:\ExFiles\MBSizes1.csv

Get size of a single mailbox
Get-MailboxStatistics -identity alias | Select DisplayName, ItemCount, TotalItemSize

Deleting Items

Delete all disabled mailboxes:
Get-MailboxStatistics -Database "Mailbox Database 1" | where {$_.DisconnectReason -eq "Disabled"} | foreach {Remove-StoreMailbox -Database $_.database -Identity $_.mailboxguid -MailboxState Disabled}

Delete a individual disabled mailbox:
Remove-StoreMailbox -Database "Mailbox Database 1" -Identity (alias) -MailboxState SoftDeleted

Delete recoverable deleted items based on a alias list
foreach ($i in (Import-Csv C:\ExFiles\alias.csv)) { Search-Mailbox -Identity $i.alias -SearchDumpsterOnly -DeleteContent }

Delete all recoverable deleted items
Search-Mailbox –identity (alias) –SearchDumpsterOnly –DeleteContent

Hopefully these help someone out as much as they have me.

Generation 2 HyperV Hosts and ISO Files

A problem I have run into recently with installing Server 2012 R2 as a virtual machine on Server 2012 R2 HyperV server was I could not get the iso file to boot. Well, at least that is what I though the problem was. The virtual DVD drive with the Server 2012 iso was at the top of the boot order but it seemed to keep skipping it. After searching, and not particularly well because I barely understood what I was searching for, I found a TechNet blog that was describing my problem here: http://blogs.technet.com/b/jhoward/archive/2013/11/11/hyper-v-generation-2-virtual-machines-part-9.aspx. Long story short the gen 2 hosts are popping up the “Press any key to boot off of CD/DVD” message but not waiting for someone to press a key. Therefor it skips the CD/DVD and goes to other options, namely a blank hard drive then usually a network card. So it turns out there is a solution to this, changing the boot files to no longer prompt for a key press but to start your setup automatically.

To do this you need to get the Windows Automated Install Kit (AIK). Download that here: http://www.microsoft.com/en-us/download/details.aspx?id=39982 and of the many options you only really need to install the Deployment Tools and the Windows Preinstallation Environment (Windows PE) parts. Once these are installed here is how to modify your Server 2012 ISO.

  • Unzip the contents of your Server 2012 or 2012 R2 ISO to a directory such as c:\Win2012
  • Navigate to C:\Win2012\efi\microsoft\boot
  • Rename cdboot.efi to cdboot_prompt.efi then rename cdboot_noprompt.efi to cdboot.efi
  • Rename efisys.bin to efisys_prompt.bin then rename efisys_noprompt.bin to efisys.bin
  • Open up the “Deployment and Imaging Tools Environment” as a administrator (under Start -> Windows Kits -> Windows ADK)
  • Type the following command to create a new iso file called Win2012-NoPrompt.iso in the root of your C drive that will no longer prompt for a key: oscdimg -bC:\Win2012R2\boot\etfsboot.com -m -o -u2 -lServer2012R2 -udfver102 -bootdata:2#p0,e,b"C:\Win2012R2\boot\etfsboot.com"#pEF,e,b"C:\Win2012R2\efi\microsoft\boot\efisys.bin" C:\Win2012R2 c:\Win2012R2-NoPrompt.iso
  • Exit the command prompt

You can also use the Windows AIK to preload updates into your image or drivers but that’s a topic for another post.

Kixtarter – KiXtart Script Editor

KiXtart is a free-format scripting language written by Ruud van Velsen of Microsoft Netherlands.  Many companies have used KiXtart as there login script processor although as time goes by people are switching to purely GPO’s or VB script.  I personally still use it for my login scripts, it’s easy to understand and simply to deply.  Just copy a exe to each machine through GPO and edit your users profiles to run the exe and script at login.  In fact I was using it so much that wrote a KiXtart script editor with color highlighting of the keywords, a insert menu with all the commands, and some wizards for commonly used things.

The last update brought the software to v4.12 and will most likely be the last version released.  Download it here:

Kixtarter v4.12 – KiXtart Script Editor Installer

EDIT: I’m still using this program so I made some optimizations to it and brought it up to targeting the .Net Framework 4.7 as the old one was still running on 3.5.  This is now considered v4.13 and is the newest version:

Kixtarter v4.13 – KiXtart Script Editor Installer

Adding a SSL Certificate to a Vykon AX Web Supervisor

https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcQziKwbi7GguEuqEdyf-zXwY7wcYsKgKJZhO6SxUhQGsfAxK8RR_Q

A couple years ago I helps setup a SSL certificate for a AX Supervisor, a product that is used as a web interface front end to a automation product called a JACE, usually.  The software was installed on a Microsoft Server 2008 R2 system and was serving up the information through a B2B VPN and the other company, even though the traffic was “internal”, requested a SSL.  No biggie I thought, I’ve installed SSLs many times.  So I installed the certificate on the server but the AX software didn’t see it.  I went into the software’s platform and into the Certificate Management section to import a certificate.  It only accepted pem files so I converted my Windows certificate over but it didn’t like that either.  So I started reading the only guide I could find on the subject titled “NiagaraAX SSL Connectivity Guide”.  Ironically it has page after page of how a SSL works and how to generate a self signed certificate then export it out and import it onto all of the computers accessing the system but nothing on importing a existing certificate as a pem file.  Long story short the way a AX Supervisor wants the pem is to have it include the key, the certificate, the intermediate certificate, and the root certificate in that order all in one file.  So for the 9 people in the universe that will actually need to do this sometime in their life and can’t figure it out here is what I had to do.

First I downloaded the Windows 32 bit binaries of OpenSSL ( from https://slproweb.com/products/Win32OpenSSL.html ) and installed them.  I copied my pfx file that I exported out of my server (with key/password) and put it in the same directory as openssl.exe (the bin folder usually).  I opened up a command prompt, navigated to the bin directory, and ran the first command to get my private key:

openssl pkcs12 -in CertExport.pfx -nocerts -nodes -out key.pem

Then another command to export out my certificate:

openssl pkcs12 -in CertExport.pfx -nokeys -out cert.pem

I now needed my intermediate and root certificates which since I was using GoDaddy were downloadable from their site ( https://certs.godaddy.com/repository ).  I imagine its the same for any other certificate authority.  I created a new text file and first took the contents of the key.pem file (minus the headers keeping the begin and end tags) then followed it with the contents of my cert.pem file (again no headers) then, and this is important, followed those with the intermediate then the root.  I saved this as MYFullCert.pem and that imported right in without a issue. I was then able to use that for both the Platform SSL certificate and for the Stations WebService certificate.  Rebooted the server and everything looked good.

Note: This applies to a AX 3.7. I have found the certificate will not import into 3.8 using the same instructions. What does work however is importing it into 3.7 then exporting it out. The exported file appears to have a extra line added which does work on 3.8.

Was searching for a cloud provider

http://lh3.googleusercontent.com/-y4kLjv8XjBc/VTUMaVBMi8I/AAAAAAAAAcY/ai5irULWftQ/No%252520Cloud_thumb%25255B1%25255D.jpg?imgmax=800

So something I was recently tasked with was finding a “could” service for our technicians to easily share files with each other. We also have multiple people using things like DropBox, Google Drive, Microsoft’s OneDrive, etc with our companies data and no way to really secure it which is a problem. So I started looking into business version of these services and what I found was they were ridiculously expensive.

And that’s kinda where it stopped.  It just didn’t make sense for a company that already has it’s own server infrastructure. To that end I decided to do it in house and started researching alternatives of which I found two main ones, ownCloud and Pydio.  I did some beta tests with both and in the end found that Pydios overall interface was the winner: Fast, “pretty”, and pretty intuitive. The problem was getting it to run on Server 2012 R2 / IIS 8.5 was not easy and none of the guides online had everything needed to get it to function. So long story short after a couple days of playing I wrote my own which is now posted on the Pydio website:

https://pyd.io/example-installing-pydio-on-windows-server-2012-r2-iis-8-5/

Hopefully if someone else is looking for a DIY cloud storage system it will help them out.

Update: I have been asked by multiple people to upload my web.config files for the root and public directories as the copy and paste from the tutorial aren’t working real good. Here they are: WebConfigRoot WebConfigPublic

Also the guide as a PDF: Installing Pydio on Windows Server 2012 R2