Missing Computer Browser service?

May 24, 2018 by

There are various ways that this service can be uninstalled or removed but a quick a simple way to get it back is as follows;

Open Control Panel  >  Add/Remove Programs

Go to Windows features.

Scroll down the list to see if SMB 1.0/CIFS File Sharing Support is installed.  If not, check the box and install it.

That should fix the issue.

Advertisements

New server and already failing Services?!?

April 27, 2018 by

So if you’re anything like me, you’ll see these two after you have built the server (which is rather disappointing because it’s a shiny new server!);

  • Downloaded Map Manager
  • Google Update Service

Now I know you shouldn’t install Chrome but it’s one of those things that makes life a little easier so sue me.

Anyway its normal to get these alerts cos they start and stop quickly but Windows thinks that means they failed.

Normally we don’t care too much about monitoring these services so just remove them from the manager;

  • Go to Server Manager
  • Find Local Server / All Servers
  • Click Services
  • Top left click Services where it probably has “All”
  • Uncheck the offending Service you don’t want to monitor anymore.
  • Hey Presto… you will now never know if it’s failing 🙂

 

Want to find your OEM Product ID for Windows but there’s no sticker?

April 26, 2018 by

Frustrating as it might be, having the Product ID stored in the motherboard and not on a perishable sticker I think is actually (maybe) a good idea.

Open a command prompt as administrator.

Type in the following;

  • wmic path softwarelicensingservice get oa3xoriginalproductkey

Hit enter and you’re presented with your ID that you can use to register your Windows.

Good old fashioned Email migration

April 24, 2018 by

Hard as it might be to imagine, some people still use POP/IMAP for email.

I’m going to use 365 as an example of destination.

Here’s what I do if it’s a small office without too much complexity;

  • The first rule of migration is backup the data (PST).
  • The second rule of migration is backup the data (yes I did just do that).
  • So first, create the accounts on 365.
    • You might need to create a TXT record to verify with 365 that you own the domain.
    • Create the accounts with the same email address and passwords (assuming they are OK passwords).
  • Take a copy of the old PST files.
  • Choose a date that you’ll copy emails to i.e. copy all emails older than June this year.
    • Upload those emails to 365.
  • Schedule a day to cut over MX records.
  • On that day (I’d recommend Saturday evening) when you point MX to 365 rather than the old email server, make sure you copy the old MX address just in case.
    • Once moved, check DNS records from people Google or GoDaddy so yo can verify the propagation of the MX change throughout the internet.
    • Once you have verification that it’s moved, then send test emails. Confirm they are flowing to the right place.
  • Now that email is flowing to 365 we want to finish up the last email moves.
    • Login to each machine, make sure you fully update the emails from the old server.
    • Create a new profile to the new server.
    • Copy the old PST file.
    • load in that copied PST to the new profile and then take all the emails that are June and newer and copy them to the new server.
    • Don’t forget Sent Items, Calendar and Contacts.
  • Now for some “magic” – Create a new email, add ALL the contacts to the new email, tab through to the body of the email and CLOSE the email. DO NOT SEND IT.
    • What this does is add all those addresses to the autocomplete list.
  • Set the new profile as default and you’re done.

 

Meraki blocking File and Print on LAN

April 16, 2018 by

Trying to restrict a PC using group policy within Meraki.

I add the MAC addresses of wifi and Ethernet NIC’s and then proceed to restrict as much as I can through the reduced license that Meraki sell (not the bells and whistles version) and so I add everything I can think of that I would like to restrict…

Screen Shot 2018-04-16 at 4.45.18 PM

Which is all good… except when I try to get to the local file server.

Long story short, the “File Sharing” rule will kill any UNC or print connection!

Take out that rule and you’re good to get to the local shares and print to the local printer. The thing that got me was that I could ping the servers and printers – even setting up the printer too!

Anyway, in this case, delete rule #11 and you’re golden.

Encore E5Client.config

April 16, 2018 by

So we had a client that uses Encore which is a CRM made by a company called Cluen.

Anyway sometimes when you install this as a user and that user doesn’t have admin permissions the config file becomes read only to you.

The way around this is to add the details for the server and database name and then open and save the config file as a different name. i.e. E5Client.config.new

Open a command prompt as an admin (run as) and then go to the location of the E5 file. This is normally in C:\ProgramData\Cluen\

Rename the old file and rename the new file. Simple as that 🙂

Sharing email folders in 365

March 23, 2018 by

I’ve had a few issues with this over the years but here’s a few tips to help troubleshoot if you get problems sharing out email folders to other people in the organization.

  • “Permissions can’t be saved for folder X”
    • A quick solution to this is to head over to Outlook! Yes, apparently Outlook is better equipped to add or change permissions than the web portal on Microsoft’s servers.
    • This solution worked for me and weirdly having to use Outlook as my main conduit for permissions changes might seem a little odd but Microsoft are still working on the web portal interface and all the junk that goes along with that.
    • It works the same way, i.e. right click on the folder you want to share and choose Folder Permissions.
  • After adding permissions you still get denied access.
    • After adding users to the folder we want to share, they still aren’t allowed to view it! The problem lays in the root folder (the users name in the folder structure)
    • Right click on the users name > Folder Properties > Add > search for the user you want to give permission > OK. 
    • Change permission level to Reviewer (at a minimum) > OK.
    • ~
    • Now go to the other mailbox and add that shared folder in.
  • To add the shared folder on the end user do one of these options;
    • File > Open & Export > Other User’s Folder > type in the users name or click name and search for them > OK (you have to use the Inbox folder type)
    • The alternative way to add is below;
    • File > Account Settings > Account Settings > Double click on the email account > More Settings > Advanced > Add (from “Open these additional mailboxes”) > Type in the users email address > OK > OK > Next > Finish.

 

Let me know if the above is confusing and I’ll try to write a better guide.

Delete dead DC from domain

March 1, 2018 by

OK so this post is going to be unusual for me cos I’m just going to post some links for now cos lots of other people have created nice guides.  It’s just a matter of trying to find them!

First one for us lazy folks… the GUI option;

Second is more traditional NTDSUTIL;

Third, everyone else;

More as I find them… I might even make a guide myself but right now I don’t have the time.

Windows Server 2016 Security Tab on OU’s

February 28, 2018 by

Why oh why Microsoft? By default, they decided to HIDE the security tab on Organizational Units. Sigh.

So in order to unhide (even though you’re a domain admin) you need to do the following;

  • Open Active Directory Users and Computers
  • Click View > Advanced Features.
  • Now, you will see the security tab when you get properties on an OU.

I really don’t know why this “feature” was added but there you have it.

Meraki VPN using AD

February 27, 2018 by

Key points;

  • Using Meraki VPN and want to use Active Directory.
  • Verified that it works with Meraki authentication.
  • Doesn’t work with Active Directory.

We had this issue with a client that had used an Windows Server 2003 AD server. Worked fine but I forgot how I had set it up and when we got them moved over to a shiny new 2016 server it broke the VPN and sharing.

Here’s the fix on the AD Server;

  • On new server create a self signed certificate.
    • If you don’t know how to do that follows these instructions;
    • Install IIS via Server Manager.
    • Once installed Click on Server Certificates under your IIS Server.
    • Click on Create Self-Signed Certificate.
    • Give it a name (can be anything) and choose Personal.
  • Now that you have a cert you can move to the next step which is Firewall.
  • Create a Firewall rule to open port 3268. This is the Meraki means of communication.

Now on the Meraki;

  • Go to Security Appliance > Client VPN
  • Under Authentication choose Active Directory.
  • Under Short domain, Server IP, “Domain Admin” and Password, fill those in with the relevant info. The Domain admin is the authentication user you’ll need to create to allow the Meraki to verify that the user is allowed.
  • At this point you will want to put the “Domain Admin” (not an actual domain admin! but the VPN authentication user) into a separate OU to wall off these VPN users. Instructions on how to do this will have to wait… I will update.

Should work now 🙂