Task Scheduler - Runs manually but not on schedule.

Recently I was working on the automation scripts with the help of task scheduler. I created a task which runs a batch file on a time interval of 5 min. It was windows server 2016 environment. At initial it was all working fine. The batch script was working and running through scheduled task. To make some modification I disabled task scheduler and enabled it back when all my changes are set up. Since then it stopped working. I tried almost everything but could not find the reason why it has stopped running suddenly.Also there were no events, no errors, the status of last run showed time details is the reason the issue can not be traced easily.

After my few findings I figured it out that there is something to do with time. So here is the solution based on my findings and experiments. Every time you modify or disable/enable task scheduler you will have to set the time in future. E.g. you have scheduled the date in 'Start' such as 8/10/2017 with time 09:00 am.  as below..

and you will be setting it to run every 5 min in a day. You will see it is working all fine. However the next time you make the changes in Task Scheduler you will have to set the future date and time. Suppose you made the changes at 08/10/2017 09:10 am, you will require to change the time details to 08/10/2017 09:05 am considering the 5 min interval.
Hope it saves a day!

What is 'WannaCry' ransomware

By now you must have heard of 'WannaCry' ransomware. The impact is massive where it attacked on 150 countries and around 200,000 users worldwide. I felt it necessary to provide the information and how to prevent such attacks in future.

Ransomware is the word that indicates to ransom. In a nut shell the intention is to make the user pay to get back the files. WannaCray can come into your system through email attachments and Microsoft SMB feature that is used for file sharing. It encrypts the file located on your desktop and all the drives. So file will have unknown icon with strange extension. After it locks files successful, leaves a message that to make the payment to get back their files.

If you have backup of  all files formatting the system is good option. But users who are not very much used to computers tend to fell for it. I would want to make the awareness among them to follow precautions to protect their system from such incidents in future.

1. Update Windows OS with Microsoft Security Bulletin MS17-010 from here.
2. Update Anti Virus.
3. Uninstall SMBv1 if not require.
4. Never Open unknown email attachment and mark such emails as junk or fishing.
5. Never click on unknown link, it may have executable which will run in the background.

Other preventive measures
1. Download software from vendor's website. For ex. if you want to download a Microsoft software it is recommended to get it from Microsoft sites.
2. Scan the system whenever any suspicious act observed.
3. Scan the USB drives before accessing them.
4. Prefer firewall enabled router and do not turn off windows firewall.

The incidents specifically happened with those OS which are no more supported by Microsoft like XP, Vista.

Stuck on Running State - TaskScheduler to run Powershell Script

Powershell can be used to automate tasks. Where you run three-four powershell files one after one and need to run the first script through task scheduler. Task goes into running state and not coming back to ready state. When you see the error it says one of its intsance is already running.

I came to this situation when  I was trying to run a sequence of multiple ps1 files one after one. I had created a batch file to run first script. It will check certain program status, if its not running it just restart the ps1 script sequence from beginning. In batch file I had only mention the single ps1 script file path and other scripts are triggered after every script. The task scheduler was stuck to Running state where it was not able to exit the batch file window. Thus it would not proceed the next script. Then I started searching on how to get rid of running state after it runs the batch file.

I do not know how you understand my scenario. But the question is How to exit the 'Running' state after running the batch file. You will not believe, you just need to type Start before Powershell script command inside batch file. It all worked well after changing the command. Task scheduler never went to Running after this change. The Batchfile commands were looking like below in the end.

@echo off
setlocal EnableExtensions DisableDelayedExpansion
CD "C:\Program Files\ProgramFolder"
TASKLIST | FINDSTR ProgramName > NUL 2> NUL
IF %ERRORLEVEL%==1 (

taskkill /F /IM Powershell.exe

Start PowerShell.exe -NoExit -file "c:\XXX.ps1"

)

endlocal
Exit

You may find this helpful with your complex scripting.

Multi-Tenancy in Microsoft Exchange Server 2013 - 2016

Hi folks after a long time just thought to tell you how to set up the multi-domains in a single Exchange Server 2013,  2016. After googling few days I got a solution. But Why does it require? Suppose you have deployed exchange server with the domain abc.com, your boss may ask you to create a new domain xyz.com because he wants some emails such as admin@xyz.com, support@xyz.com, info@xyz.com etc. to be configured newly. It will also help if your client have requirement of their own domain email id specifically when you are into development. Adding domain suffix or accepted domain is not the solution you want as it does not provide scalability. Multi-Tenancy is what will help sort this out. Remember in Standard edition you can configure and mount up to 5 databases. However, you can use an existing database. I have following preinstalled softwares and prerequisite which I suppose you should consider.

Public DNS Access
Windows Server 2012 R2
Single Active Directory Domain Server
Microsoft Exchange Server 2016 Standard Edition
Exchange Management Shell
Notepad++ ( optional )

To create New Organization Unit
New-ADOrganizationalUnit -Name Hosting

add xyz00001 OU inside Hosting
New-ADOrganizationalUnit -Name xyz00001 -Path "OU=Hosting,DC=abc,DC=com"

To create UPN Suffix
Set-ADForest -Identity abc.com -UPNSuffixes @{add="xyz.com"}

Create accepted domain
New-AcceptedDomain -Name "xyz00001" -DomainName xyz.com -DomainType:Authoritative

Create the Global Address List (GAL) for xyz.com
New-GlobalAddressList -Name "xyz00001 – GAL" -ConditionalCustomAttribute1 "xyz00001" -IncludedRecipients MailboxUsers -RecipientContainer "abc.com/Hosting/xyz00001"

If needed then create All Rooms Address List
New-AddressList -Name "xyz00001 – All Rooms" -RecipientFilter "(CustomAttribute1 -eq 'xyz00001') -and (RecipientDisplayType -eq 'ConferenceRoomMailbox')" -RecipientContainer "abc.com/Hosting/xyz00001"

And time to create All Users Address List
New-AddressList -Name "xyz00001 – All Users" -RecipientFilter "(CustomAttribute1 -eq 'xyz00001') -and (ObjectClass -eq 'User')" -RecipientContainer "abc.com/Hosting/xyz00001"

The All Contacts Address List
New-AddressList -Name "xyz00001 – All Contacts" -RecipientFilter "(CustomAttribute1 -eq 'xyz00001') -and (ObjectClass -eq 'Contact')" -RecipientContainer "abc.com/Hosting/xyz00001"

The All Groups Address List
New-AddressList -Name "xyz00001 – All Groups" -RecipientFilter "(CustomAttribute1 -eq 'xyz00001') -and (ObjectClass -eq 'Group')" -RecipientContainer "abc.com/Hosting/xyz00001"

Now for something quite useful: Offline Address Book
New-OfflineAddressBook -Name "xyz00001" -AddressLists "xyz00001 – GAL"

New Email Address Policy.
New-EmailAddressPolicy -Name "xyz00001 – EAP" -RecipientContainer "abc.com/Hosting/xyz00001" -IncludedRecipients "AllRecipients" -ConditionalCustomAttribute1 "xyz00001" -EnabledEmailAddressTemplates "SMTP:%g.%s@xyz.com","smtp:%m@xyz.com"

Address Book Policy
New-AddressBookPolicy -Name "xyz00001" -AddressLists "xyz00001 – All Users", "xyz00001 – All Contacts", "xyz00001 – All Groups" -GlobalAddressList "xyz00001 – GAL" -OfflineAddressBook "xyz00001" -RoomList "xyz00001 – All Rooms"

This is Optional: create a resource for rooms by creating a Room Mailbox. It is vital that we also set a Custom Attribute for the tenant
New-Mailbox -Name 'xyz00001 Conference Room 1' -Alias 'xyz00001_conf1' -OrganizationalUnit 'abc.com/Hosting/xyz00001' -UserPrincipalName 'confroom1@xyz.com' -SamAccountName 'xyz00001_conf1' -FirstName 'Conference' -LastName 'Room 1' -AddressBookPolicy 'xyz00001' -Room

Set-Mailbox xyz00001_conf1 -CustomAttribute1 'xyz00001'

Set-CalendarProcessing -Identity xyz00001_conf1 -AutomateProcessing AutoAccept -DeleteComments $true -AddOrganizerToSubject $true -AllowConflicts $false

New-Mailbox -Name 'xyz Support' -Alias 'xyz00001_Support' -OrganizationalUnit 'abc.com/Hosting/xyz00001' -UserPrincipalName 'support@xyz.com' -SamAccountName 'xyz00001_Supp' -FirstName 'Support' -ResetPasswordOnNextLogon $false -AddressBookPolicy 'xyz00001' -Database "LOCOCHECKDB01"

Set-Mailbox support@xyz.com -CustomAttribute1 "xyz00001"

Add/update the quota on a mailbox.
Set-Mailbox -Identity "mike@xyz.com" -IssueWarningQuota 4.5gb -ProhibitSendQuota 4.9gb -ProhibitSendReceiveQuota 5gb -UseDatabaseQuotaDefaults $false

After configuring all commands successfully, we will have to create SRV record in Public DNS for domain that is xyz.com here. I have done it as below.

Hope this will help!

Router On a Stick - Inter-Vlan Routing

Router On a Stick is the method of inter-Vlan routing through external router. Router's subinterfaces for each Vlan are created in order to form the routing. The ip of this interfaces are assigned to host as default gateway. The link between router and Switch is configured as Trunk link.

Switch>en
Switch#conf
Configuring from terminal, memory, or network [terminal]? t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#int fa0/1
Switch(config-if)#sw mo acc
Switch(config-if)#sw acc vlan 10
Switch(config-if)#exit
Switch(config)#int fa0/2
Switch(config-if)#sw mo acc
Switch(config-if)#sw acc vlan 20
Switch(config-if)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console

Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#int fa0/3
Switch(config-if)#sw mo trunk

All the host interfaces are set to access mode and configured trunk link on the interface connected to Router

Router>en
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa0/0
Router(config-if)#no shut
Router(config)#int fa0/0.10
Router(config-subif)#enc do 10
Router(config-subif)#ip add 192.168.1.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#int fa0/0.20
Router(config-subif)#enc do 20
Router(config-subif)#ip add 192.168.2.254 255.255.255.0
Router(config-subif)#no shut
Router(config-subif)#end
Router#
%SYS-5-CONFIG_I: Configured from console by console

Ip address is given to router interface. to assign the ip addresses we first need to issue 'encapsulation dot1q 10' where 10 is the vlan number. These Ips are configured as default gateway on PC1 and PC2.

All set to check the connectivity ? Lets try to ping PC2 from PC1


PC>ping 192.168.2.1

Pinging 192.168.2.1 with 32 bytes of data:

Reply from 192.168.2.1: bytes=32 time=9ms TTL=127
Reply from 192.168.2.1: bytes=32 time=0ms TTL=127
Reply from 192.168.2.1: bytes=32 time=0ms TTL=127
Reply from 192.168.2.1: bytes=32 time=0ms TTL=127

Ping statistics for 192.168.2.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 9ms, Average = 2ms

this account or directory type already exists and cannot be specific twice - Outlook 2007

I am using Exchange 2007 and Microsoft Outlook 2007.

I have already configured a email account. Now I want add another email account to my Outlook, to receive and send emails from that account.

When I go to tools/account settings, email, new, and I write the name, address of the new account, I receive the following message:

"Yo cannot add another account when Outlook is running. You must to do it in control panel/mail".

Once there, email accounts/email/new, and I receive the following message: "This account or directory type already exists and cannot be specified twice".

Inter Vlan Routing - Switch Virtual Interface (SVI) in Packet Tracer

This lab is performed in Packet Tracer Version 6.2.0.0052



We basically know that to perform routing between Vlans we would require routing device such as external router. It is known as Router On a Stick in CCNA Syllabus. We could also use Multi-Layer Switch (Layer 3 Switch)and it would do routing. Switch Virtual Interface is the key to do it.

Switch>en
Switch#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Switch(config)#Vlan 10
Switch(config-vlan)#name PC1
Switch(config-vlan)#vlan 20
Switch(config-vlan)#name PC0
Switch(config-vlan)#exit
Switch(config)#vlan 30
Switch(config-vlan)#name SERVER
Switch(config-vlan)#exit

First Create 3 Different Vlans

Switch(config)#int fa0/1
Switch(config-if)#sw mo acc
Switch(config-if)#sw acc vlan 10
Switch(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up

Switch(config-if)#
Switch(config-if)#int fa0/2
Switch(config-if)#sw mo acc
Switch(config-if)#sw acc vlan 20
Switch(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up

Switch(config-if)#
Switch(config-if)#int fa0/3
Switch(config-if)#sw mo acc
Switch(config-if)#sw acc vlan 30
Switch(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to up

Assign interfaces to the relative Vlans

Switch(config-if)#
Switch(config-if)#exit
Switch(config)#ip routing

The Important command which will perform routing. Run show ip route command to check if it has learnt any route so far.

Switch(config)#do show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

As you see, there is no route in the routing table. This is because we have not given ip address to any interface. Create Switch Virtual Interface and assign them Ip addresses as below

Switch(config)#int vlan 10
Switch(config-if)#ip add 192.168.10.254 255.255.255.0
Switch(config-if)#no shut
Switch(config-if)#int vlan 20
Switch(config-if)#ip add 192.168.20.254 255.255.255.0
Switch(config-if)#no shut
Switch(config-if)#int vlan 30
Switch(config-if)#ip add 192.168.30.254 255.255.255.0
Switch(config-if)#end
Switch#
%SYS-5-CONFIG_I: Configured from console by console

show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.10.0/24 is directly connected, Vlan10
C    192.168.20.0/24 is directly connected, Vlan20
C    192.168.30.0/24 is directly connected, Vlan30

Here they are up in routing table, which mean the routing is done. Lets ping from PC1 to PC2 and SERVER.

PC>ping 192.168.20.1

Pinging 192.168.20.1 with 32 bytes of data:

Reply from 192.168.20.1: bytes=32 time=0ms TTL=127
Reply from 192.168.20.1: bytes=32 time=11ms TTL=127
Reply from 192.168.20.1: bytes=32 time=0ms TTL=127

Ping statistics for 192.168.20.1:
Packets: Sent = 3, Received = 3, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 11ms, Average = 3ms

Control-C
^C

PC>ping 192.168.30.1

Pinging 192.168.30.1 with 32 bytes of data:

Reply from 192.168.30.1: bytes=32 time=0ms TTL=127
Reply from 192.168.30.1: bytes=32 time=1ms TTL=127

Reply from 192.168.30.1: bytes=32 time=0ms TTL=127
Reply from 192.168.30.1: bytes=32 time=0ms TTL=127

Ping statistics for 192.168.30.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

Try to ping from PC2 to Server and PC1 and it will give the reply. Congrats! We have established routing between different Vlans.

Error 1068: the dependency service or group failed to start

In the event Windows Server fail to start the any services automatically, we basically get the event and subsequently check the status of that service. When we try to start that particular service we often encounter the error "Windows could not start ABC System Service service on Local Computer, Error 1068: the dependency service or group failed to start" Check the pop up below.

Solution is very simple as we first need to check the services on which this service is dependent. Right click on the service click on dependencies tab. Once we know the list of services that are responsible for running our service. We individually need to start those services one by one.
For example.. DFS namespace service is stopped working. right click the service and look at dependencies.

Emulator Error - 'Object reference not set to an instance of an object'

Developing mobile app in Visual Studio requires Hyper-V to be installed on a Windows Machine.
Hyper-V creates virtual network interface in the Network Adapter setting. Generally it is named as "vEthernet (Windows Phone Emulator Internal Switch)" and created by Virtual Machine in the Hyper-V manager.

Error "The emulator is unable to connect to the device operating system: Object reference no set to an instance of an object. Some functionality might be disabled" usually a result of such Network adapter deletion or disconnection. So if you are not able to see it in the Network adapter setting. Follow the steps and see the snap taken below to recreate one.

• Stop the emulator and delete existing Hyper-V virtual machine related to emulator.
• Rerun the Emulator, it creates new virtual machine in the Hyper-V
• Select the new machine, click on Virtual Switch Manager Option on the right side
• Go to Windows phone Emulator and check for Internal Network. Click Ok.
• Rerun the emulator and you will find the new Virtual Network Adapter. Also the error will not occur again.

DHCP Snooping

DHCP snooping prevents man-in-the middle attack on our network. Attacker pretends to be the DHCP Server and responds to the DHCPDISCOVER packets before the real server has time to respond. DHCP snooping enables trust on the port that DHCP server connected to and helps to keep away the Attacker. DHCP snooping trust created on the port and and this is the only port that is allowed to send DHCP server responses such as DHCPOFFER.Following are the commands to enable it

Switch(config)#ip dhcp snooping

Switch(config)#int fa0/1

Switch(config-if)#ip dhcp snooping trust

Link aggregation - PAgP & LACP

Etherchannel is comprised of multiple physical links that are bundled in logical links. It helps to increase the bandwidth of LAN ports to be compatible with high-speed WAN port. Physical links must share the similar characteristics in order to aggregate such as duplex mode, Same Vlan, similar speed, Native and allowed Vlan, STP Setting, Trunking Encapsulations (ISL or 802.1Q) etc. The number of links supported per bundle is bound by the platform. There are two protocols Port Aggregation Protocol (PAgP - Cisco Proprietary) and Link Aggregation Control Protocol (LACP - IEEE 802.3ad) PAgP enables automatic Etherchannel Creation and by default, PAgP packets are sent between Ether channel-Capable ports. Ling aggregation include Ethernet Channel, Gig Channel, or 10 Gig Channel.

Configuration is very simple as we have to only assign the interface range to a channel-group with Single line command. The group no is locally significant and can be different on both sides. The various mode available in the highlighted commands shown in the Packet Tracer Snap.

Switch(config)#int range fa0/1 - 3
Switch(config-if-range)#channel-group 1 ?
mode Etherchannel Mode of the interface 
Switch(config-if-range)#channel-group 1 mode ? 
active Enable LACP unconditionally 
auto Enable PAgP only if a PAgP device is detected 
desirable Enable PAgP unconditionally 
on Enable Etherchannel only 
passive Enable LACP only if a LACP device is detected

Run channel-group command on both i.e. here Sw2 & Sw3. The picture above depicts all the ports in a green signal which means one single Etherchannel is running. If you hit show spanning-tree, Po1 in root forwarding can be seen.

Auto, Desirable are PAgP mode and Active, Passive are LACP enabled mode. Both modes of each Protocol have the same meaning as Auto/Passive enabled with PAgP/LACP forms an Etherchannel only if same protocol is detected. i.e. PAgP Auto/LACP Passive mode only negotiates if it receives PAgP/LACP packets and will be in listening state. Port with PAgP Desirable/LACP Active mode initiates the negotiation with other switch running PAgP/LACP port.

The 'On' mode is about forming the channel link without protocol. So if you put 'On' mode both sides of the Channel Etherchannel is created.This mode sometimes incorrectly referenced to PAgP mode. It doesn't necessarily need a protocol to form a channel. So if ever you asked the question which protocol is active in the 'On' mode of Etherchannel the answer is none.

When it comes to remember the negotiation table, i have a good idea. Follow some basic.
 
ON+ON = ON

Auto+Auto=Down
Passive+Passive=Down
As you know both Auto & Passive has same meaning.

Desirable+Desirable=ON
Active+Active=ON

And if any combination comprised one of the above, it will be 'ON' Such As
Desirable+Auto=ON
Active+Passive=ON

All the rest combination will result in DOWN state.

Some show commands
show etherchannel summary
Show etherchannel protocol
show etherchannel detail
Show spanning tree active

I Hope I made this clear enough.




Please comment for Suggestions, Questions.

3 Best Free LAN chat applications

The internal staff communication for small size business is normally done through the telephone line extensions. Many options are available like Skype for Business, OpenFire Server, CD messenger etc. But you are unwilling to invest in such software and have limited requirements. Check any of these three LAN chat applications.

LAN Messengers

http://lanmsngr.sourceforge.net/screenshots.php

Instant Messaging
Message History
AES encryption with RSA as the key exchange mechanism.
Server-less architecture
File Transfer

IP messenger

https://ipmsg.org/index.html.en

The oldest and exist since 1996.
Message encryption(RSA2048bit + AES256bit) and sign/verify (PKCS#1-v1_5)
High speed incremental full text search
can even set status
Server-less message communication
Fast file/folder transfer
Note* This app was used in my very first KPO organization in 2005. 

 

Squiggle

http://squiggle.codeplex.com/

Server-less peer to peer LAN chat
Bridge for connecting two LANs across subnets or WAN
Chat history, Status history
No info about Security.
Codeplex is a trusted and widely used for development.

 

These are the most important features I have listed, you can check their websites to check additional features.