Big thanks go out to the fellows at the PodNutz Podcast for the recommendation of Fab’s AutoBackup Pro as this has been one of the best investments I have made in automating my business in recent years. I was hesistant at its expansive claims to basically grab everything from every profile on an old computer or even removed hard drive and automatically put it into the associated new profiles on a target computer. The claims are all true and really have to be experienced to be believed, so don’t do this kind of thing manually anymore as Fab’s will take care of all the heavy lifting. It will move the following:
Fab moves Personal folders:
Windows desktop’s content
Windows desktop’s wallpaper
Quick Launch toolbar’s shortcuts (for Windows XP and Vista : this tool bar has been removed from Windows since Windows 7)
Windows Start screen/menu Modern UI layout (only shortcuts, not applications)
Downloads folder (Windows Vista/7/8/8.1/10)
Fab moves Web browsers:
Windows Internet Explorer favorites
Windows Internet Explorer main start page
Windows Internet Explorer settings (proxy, security zones…)
Microsoft Edge favorites
Google Chrome profile
Chromium browser profile
Apple Safari profile
Firefox settings : bookmarks, extensions…
Fab moves Mail:
Outlook Express messages and settings (mail accounts, rules…)
Microsoft Office Outlook PST/OST files and email accounts (messages, address book and calendar are stored in)
Outlook signatures files
Microsoft Office Outlook typed email addresses history
Windows Mail messages and settings
Windows Live Mail messages and settings
Windows Address book, used by outlook Express or Windows Mail
Mozilla Thunderbird messages and settings
PostBox messages and settings
IncrediMail messages and settings
Fab moves Misc :
Windows Vista’s calendar
Screen saver settings (enabled or not, password protected or not, delay before activation)
Skype data and settings
Trillian data ad settings
ICQ data and settings
Windows Gadgets (installed by user)
Network drives connections
Picasa (albums and database)
BlackBerry Desktop settings
BlackBerry devices backups
Logitech SetPoint settings
Microsoft IntelliType Pro settings
Microsoft IntelliPoint settings
Apple IOS devices iTunes backups (iPhone, iPod, iPad)
Fab moves Common items:
Public Downloads folder (Windows Vista/7/8/8.1/10)
Fonts (useful if you have installed some by yourself or bundled with software)
Microsoft Office XP, 2003, 2007 and 2010 activation files (Microsoft Office 2013 is not handled)
Modem settings file (fichier rasphone.pbk), except credentials
Intuit QuickBooks data (experimental)
NCH ExpressInvoice data
Installed printers list
Fab moves User defined:
Additional files (manual selection or using wildcards search on selected operating system partition)
I cannot say enough good things about this software. Buy it and tell everyone you know about it too.
Ran into this issue a couple times now while migrating Small Business Server (SBS) clients from on-premis Exchange to Office365. After setting up the DirSync tool on the server, to add an email alias to a user’s Office 365 account it needs to be setup in the Active Directory Attribute Editor tab under the proxyAddresses attribute. The easiest way to do this is add a record as follows:
Add the Active Directory Attribute Editor Tab in Small Business Server
into the proxyAddresses section of the Attributes tab:
This is normally easy to do and then run a manual DirSync to add the alias to the user’s Office 365 account, but what if the Attributes tab is missing? It is time to break out the ADSIedit tool again to make the needed changes to the way these pages are displayed. Here are the steps to get it done:
Right click on ADSIedit and choose “connect to”
Under connection point select “select a well known Naming context” and in that window choose “Configuration”
Under computer leave as “Default (Domain or server that you logged into)” then click OK
In the right hand window locate CN=User-Display right click and choose properties
Locate AdminPropertyPages, highlight it and click “edit” and add the line
In the right hand window locate CN=Computer-Display right click and choose properties
ocate AdminPropertyPages, highlight it and click “edit” and add the line
In the right hand window locate CN= Default-Display right click and choose properties
Locate AdminPropertyPages, highlight it and click “edit” and add the line
Make sure to click on the View menu in Active Directory Users and Computers to choose the Advanced Features option if not already selected to see these newly added Active Director Attribute Editor Tab in the display.
If an Office 365 Distribution Group is being synced from on-premise Active Directory environment then you cannot receive emails to that group from an external source by default. If you try to change the setting in Office 365 the following error appears:
The action ‘Set-DistributionGroup’, ‘RequireSenderAuthenticationEnabled’, can’t be performed on the object ‘[Your Distribution Group]’ because the object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization.
This can be changed using the ADSIEdit tool. Navigate through the Active Directory hierarchy and find the Distribution Group then right click and choose Properties. Scroll down to “msExchRequireAuthToSendTo” and change the setting to FALSE. Run a manual DirSync to effect the changes in Office 365.
A Sender Policy Framework (SPF) record indicates mail servers that are authorized to send mail for a domain. Email recipient servers perform a check with DNS to see if the mail came from an authorized server. If not, then the email is most likely SPAM. SPF DNS records lets the recipient server perform this verification.
A DomainKeys Identified Mail (DKIM) record adds a digital signature to emails your organization sends. Email recipient servers perform a check with DNS for the to see if the DomainKey matches the sender. If so, then the email is considered unmodified and from a legitimate sender. DKIM DNS record lets the recipient server perform this verification.
Configure Google Apps SPF
If you use Google Apps for email, you’ll need access to your DNS provider to add an SPF record. In most cases, you simply login and create a new TXT record with the value of:
Send an email from your Gmail account to check–firstname.lastname@example.org after you’ve completed the Google Apps SPF and DKIM setup. You’ll receive an email response in a few minutes. If everything is properly configured, you’ll receive a “PASS” for both the Google Apps SPF and DKIM settings. This means your email is now securely being delivered and can be verified as such.
Recently had to deploy Office 365 Desktop Apps on a terminal server which did not work with the standard download from the web portal due to licensing issues. Only customers with Office 365 E3 licenses or greater are able to use the deployable version of the Office 365 Desktop Apps in a terminal server environment. Here are the steps needed to deploy the apps:
Deploy Office 365 Desktop Apps on Terminal Server
Download the Office Deployment Tool for Click-to-Run here.
Run and extract the tool to a folder on your Terminal Server.
Edit and configure the configuration XML file as follows including the \\[SERVER]\[SHARE]\ path:
Please visit this TechNet article for more details on the configuration file settings, like excluding apps from deployment.
From an elevated Command Prompt, navigate to the folder extracted files are located in, and run the following to download the installation files:
Setup.exe /download configuration.xml
The Office365 ProPlus installation files will be downloaded to the specified share with the following structure.
From an elevated Command Prompt, run following to install Office Click-to-Run:
Setup.exe /configure configuration.xml
When the installation is complete, the Office 2016 suite will be available for use.
On starting the application, you will be prompted to Activate Office. Click Next and Sign in.
Once signed in, you are ready to go. Office will automatically activate and configure the applications. This is supposed to work similarly with deployment via Group Policy. If your company is using a terminal server for your remote access and need help to deploy Office 365 Desktop Apps, then contact us for assistance.
Kept getting calls from clients about their network drives “disappearing” or disconnecting throughout the day at “random” intervals, so after much troubleshooting found these steps to take on the workstations and file server to help alleviate the issue:
Network Drive Red Xs On the Workstation:
1. Click on Start button then choose Control Panel
2. In Control Panel open the Device Manager
3. Expand the Network Adapters and open each one used on that workstation
4. Look in the Power Management tab and Advanced tabs to look for any power settings that would disable the device then uncheck them. Click OK button and close all other windows.
5. Open the Registry Editor.
6. Expand the tree to the following key:
Here are the basics to configure Server 2012 VPN connections to the local network. This is preferred by Farmhouse Networking over a third party vendor software or router based solution because of its native functionality and integration with domain credentials – think Single Sign On (SSO) or one password to access it all.
Install the Routing & Remote Access Service (RRAS) Role
1. Start the Server Manager
2. Click Add Roles and Features from the Manage Menu
3. On Add Roles and Features wizard begins and click Next
4. Select the Role-based or feature-based installation option and click Next
5. If you have more than one server managed via the server manager console, then select the desired server you’d like to install Routing and Remote Access on
6. From the Roles lists select Remote Access, click Add Features on the popup window
7. Click Next
8. Click Next as no additional features are needed
9. Select DirectAccess and VPN (RAS), click Next
10. Click Next
11. Accept default selections and click Next
12. Click Install
13. When installation is completed, click Close
Initial Server 2012 VPN Configuration
1. From the Server Manager screen, click on the warning sign and click ‘Open the Getting Started Wizard’
2. On Configure Remote Access, click Deploy VPN Only.
3. From the Routing and Remote Access MMC, right-click on the server and click ‘Configure and Enable Routing and Remote Access’
4. Click Next on the wizard
5. Select Custom Configuration
6. Select VPN access
7. On completion, click Finish
8. Click Start service to start the RRAS, then wait for the service to startup.
Add IPv4 IP Address Range
1. From the Routing and Remote Access MMC, right-click on the server and click ‘Properties’
2. Under properties screen click IPv4 tab, select Static address pool, click Add and enter the desired IP address range on the windows popup
3. Click OK to close
Open Ports on Network Firewall
For compatibility, here are the ports to open for both Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) on the network firewall:
500, 1701, 1723 & 4500
Need to open IP Protocol 47 also on the router to allow PPTP Passthrough.
(Note: On SonicWall routers, you will need to create address objects for internal / external IP addresses, service group containing all the above ports, NAT rule for PPTP traffic and firewall rule allowing the service group from the external to the internal IP address.)
Enable Remote Access for users
Open the properties of a domain user account via Active Directory Users and Computer MMC. Click on Dail-in, under Network Access Permission click Allow access
If your company is in need of a robust and simple to use Windows Server 2012 VPN connection to your LAN resources, then contact us for assistance.
Recently had an issue where a client needed to have their IP address statically assigned and the thought came to mind that my Remote Monitoring software was able to give me command line access, so I thought I would try configuring TCP/IP addressing via the command line interface and not have to interrupt the end users work. Here is how to get it done:
netsh interface ip set address name="Local Area Connection" static [static IP] [subnet mask] [default gateway] 1
That gets the IP address, subnet mask and default gateway – so what about static DNS? Here is the next step:
netsh interface ip add dns name="Local Area Connection" addr=[DNS address #1]
netsh interface ip add dns name="Local Area Connection" addr=[DNS address #2] index=2
If your company need remote assistance or help planning / maintaining / configuring TCP/IP addressing in your network infrastructure, then contact us for assistance.
The old way to accomplish Exchange calendar sharing between users was to either connect to each individual users workstation to right click and share the calendar to users in the Global Access List (GAL) or to install their profile on your system and do the same. There have been some wonderful advances since the advent of Powershell that allow Office 365 calendar sharing permissions to be set remotely as follows:
Once this command has been executed for each individual recipient that will access the sharing users calendar, then you can have them right click to add the shared calendar in their Outlook. For a list of possible Access Rights see this great page by the University of Wisconsin. If your company is using Office 365 Calendar and needs help sharing them, then contact us for assistance.
There have been innumerable times that I have had to schedule a Windows Server restart for after hours so that I don’t have to log back in after hours to do this manually. So here is a quick command to schedule a reboot at 11:59 PM (copy & paste for greater degree of simplicity):
schtasks /CREATE /SC once /TN “Windows Server Restart” /TR “shutdown /r /t 0 /f” /ST 23:59 /RL highest
This should be done within an administrative command prompt. Leave the server logged in for it to complete successfully (this is highly recommended not to do) or change the one setting in the Task Scheduler to run the Windows Server Restart task as a particular user.