27 October 2014

My Ketarin software repository XML file

Ketarin is a software repository tool that keeps your install sources up to date.
Not like SUMO that checks for installed software and updates for those installations.
This is for your re-installations or USB drive that you carry with you that holds all the latest
versions of your favorite tools.


From the website:

Ketarin is a small application which automatically updates setup packages. As opposed to other tools, Ketarin is not meant to keep your system up-to-date, but rather to maintain a compilation of all important setup packages which can then be burned to disc or put on a USB stick.

Basically, it monitors the content of web pages for changes and downloads files to a specified location. There is a tutorial explaining it all. Currently, you can either rely on a service based on FileHippo, or you can define your own rules, even using regular expressions (for advanced users). A similar application, for monitoring web pages, is Webmon and has sometimes served as guide.

Currently i use it for all the apps i like and need, and find it annoying to manually update everything 
once every month or so. Just run Ketarin and update all your software installer files in one go.

This is a small piece of whats in my personal list for now. (i will be updating it regularly)

Download the XML from here.

Exchange 2013 Password Reset Tool

Just like in Exchange 2010 there is a password reset tool, but it's not enabled by default.
See my previous post here.

In Exchange 2013 the same options is present by the change of a registry.

From Petri.com comes the following excellent post:

The configuration to allow users to change their expired passwords involves:
  • Setting the appropriate registry key on your Exchange 2013 CAS Servers
  • Configuring settings within IIS on your Exchange 2013 CAS Servers
  • Configuring correct password policy on AD domain level
The following example moves through these three steps in more detail. Imagine a default non-admin mailbox user whose password setting has been configured to “Change password at next logon”. This is the default setting for newly-created users in most organizations. The setting is also valid when a user’s password has expired.

1. Set appropriate registry key on the Exchange 2013 CAS Servers

This registry key is not terribly different from Exchange 2010.
1)     Open your Registry Editor (regedit.exe)
2)     Browse to the following key:
HKey_Local_MachineSystemCurrentControlSetServicesMS Exchange OWA
3)     There should be a REG_DWORD Value String of “ChangeExpiredPasswordEnabled”, and that key has a value of “1”. You can change this key manually. If the key should be active but has a value of zero (0), make sure you set it to “1”.

2. Configure settings in IIS on your Exchange 2013 CAS Servers

1)     On your Exchange 2013 CAS Server(s), open the IIS Admin Console.
2)     Browse to Server / Sites / Default Web Site / OWA.
3)     Select “HTTP Redirect” and open its properties.

4)     Make sure the HTTP redirect checkbox is not checked.

5)     Browse to Server / Sites / Default Web Site / OWA.
6)     Select “Authentication” and then select Basic Authentication.

7)     Right-click Edit.
8)     In the Default Domain field text field, enter a backslash – ““.

9)     Save your settings and close the IIS Admin Console.
10)  From a command prompt with Admin rights, run “IISReset /noforce” to reset the IIS services. In some scenarios the IISReset will fail, in which case you can try to manually restart the “Worldwide Web Publishing Service”. If you can’t manually restart, execute a reboot of the server as last resort.

3. Configure correct password policy settings at Active Directory domain level

Please note: The following settings are valid in a lab environment and updated to demonstrate the specific scenario where we want OWA to prompt a user to reset his or her password upon logon. In the lab environment this was accomplished by setting “change password at next logon.” In your environment it could be based on password expiration policy. In the lab we set it to a “zero day policy” that forces users to reset their password immediately.
1)     From a Domain Controller in your domain (or from an admin workstation with the RSAT tools installed), open the Group Policy Management Editor.

2)     Browse to Default domain policy. Right-click and select Edit. (Note: depending on your environment, it could be a best practice to create a specific GPO for the password policy settings)

3)     Next, browse to Computer Configuration / Policies / Windows Settings / Security Settings / Account Policies / Password Policy.
4)     Change the Minimum Password Age to “0”. This setting refers to the number of days a user must have used his password before it can be reset. In the lab environment we set this to zero to make it effective immediately. In your environment this policy setting could be different.

5)     Lastly, we will force our demo mailbox user to have his or her password changed. This is done via the  Active Directory Users & Computers / user account / properties / User must change password at next logon path.
Please note: Make sure that both the “user cannot change password” and “Password never expires” settings are disabled. Otherwise the change password feature in OWA won’t work.

Final Step: Test the change password feature from within the OWA logon page

1)     Open up our OWA logon page by going to https//<servername>/OWA
2)     Enter your AD mailbox user credentials.
3)     You will receive a notification that your password has expired and will be prompted to enter your old/new password.

4)     After successfully entering your new credentials, you will be informed you have to re-authenticate using the new credentials. After that, your mailbox user should have logged on to his or her OWA environment successfully.


15 October 2014

Search-Mailbox delete all messages "From" and with subject "something" sent on specific date or a combination of the three

In addition to my previous post, here's how to search for a mail message from a particular sender and with a specific subject.
Get-Mailbox -ResultSize unlimited | Search-Mailbox -SearchQuery subject:
"Help-desk","Sent:28/01/2015", from:'someone@domain.com' 
-TargetMailbox administrator -LogOnly -TargetFolder CustomSearch 
This will generate a lot of output, and searching through all those lines in the Powershell console can be a pain. So i make things easy for myself and send it to myself.
$Output = Get-Mailbox -ResultSize unlimited | Search-Mailbox  
-SearchQuery subject:"Help-desk",from:'someone@domain.com'  
-TargetMailbox administrator -LogOnly -TargetFolder CustomSearch
And then;
Send-MailMessage -SmtpServer smtp.domain.com -To 
 edwin@domain.com -subject "List" -From edwin@domain.com 
 -Body ($output | out-string)
The email is much easier to search trhough.

When you checked that the search went according to plan, you can finally delete all the emails you searched for by adding: -DeleteContent and removing -LogOnly
Get-Mailbox -ResultSize unlimited | Search-Mailbox 
 -SearchQuery subject:"Help-desk",from:'someone@domain.com'  
-TargetMailbox administrator -TargetFolder CustomSearch -DeleteContent

You can also search for an entire domain by specifying: from:'@domain.com'.
Note that there is no * (wildcard) in front of the @ sign.

If you want to delete a message with the subject: Re:Help-desk you should use single quote's " ' " (marked in red). Using single quotes wille delete any subject that contains Help-desk, so Re:Help-desk would be deleted as well.

Example: 'Re:Help-desk'

If you want to delete only the subject: Help-desk you should use the double quote's " " "

Example: "Re:Help-desk"

Full description of the Search-Mailbox command let can be found here

Tony Redmond just posted a more in depth view on this subject, go check it out here.

14 October 2014

Add Search-Mailbox Role permissions

To use the Search-Mailbox command let you have to assign permissions to your account first.
In Exchange 2010 none of the preloaded role groups have the Mailbox Import Export role, The person performing the import or export must have the appropriate permissions within Exchange. The easiest way to grant this permission is by adding  Mailbox Import Export role to a role group.

Exchange Server 2010 comes with Roll-based Administration; you will need to run the following commands first though:

To create the role group we need to run the following:

New-RoleGroup "Mailbox Import-Export Management" -Roles "Mailbox Import Export"

This will create a group called “"Mailbox Import-Export Management"”, every user added to this group will have the right to run the import/export cmdlets, adding a user can be done by running the following:

Add-RoleGroupMember "Mailbox Import-Export Management" -Member <user account>


New-ManagementRoleAssignment –Role “Mailbox Import Export” –User “<username>”

This command gives the user permission to import and export mailboxes. Another way of doing this is creating an Active Directory group and adding permissions to this group using the following command:

New-ManagementRoleAssignment –Role “Mailbox Import Export” –Group “<usergroup>”

06 October 2014

Windows 8 and the missing Wifi profile manager

Never missed it until i needed it just now.
In Windows 7 there's a wifi profile manager.

Here you can edit your wifi connections, even those your currently not connected to.

In windows 8 its gone....

Now you must use Netsh from the windows 8(.1) CLI (cmd).
Open a run box window (or press win+R) then type cmd to open Windows 8 CLI.
To see stored wireless profiles, type:
   netsh wlan show profiles
This will show a list of saved profiles of your connected WLAN devices. Then you'll need to write/save/memorize the profile name that you want to change.
To see the stored key (WPA/WEP/etc) of a specific profile:
   netsh wlan show profiles name=[profile name] key=clear
You'll find the key content under security settings.
To delete a stored profile:
   netsh wlan delete profile name=[profile name]
This will delete the stored profile of every WLAN interface. If you want to delete the profile of a specific WLAN interface, you need to use the following:
   netsh wlan delete profile name=[profile name] interface=[interface name]
Or you can use an open source tool called: WiFi Profile Manager 8.
This tool lets you view all connections ever made in an easy to use GUI.
Go to the website for more info.

Export Lync 2010 Archived Conversation Logs

Find your database instance name:


Gives back:

server or clustername\DBInstanceName

Export all logs from a specified date for a specified user to a speciefied path:

Export-CsArchivingData -DBInstance "clustername\DBInstanceName" -StartDate 1/1/2014 -OutputFolder c:\temp\export -UserUri "sip:username@domain.com"

Export all logs from a specified date for everyone:

Export-CsArchivingData -DBInstance "clustername\DBInstanceName" -StartDate 1/1/2014 -OutputFolder c:\temp\export

There seems to be an issue with the -UserUri command, if you enter the full sipname then the command fails, so be sure to enter the username or alias.