sshlz: 2011

Mittwoch, 26. Oktober 2011

Lotus Notes Signaturen mit Domino Administrator 7

Eine lokale Signatur wird am Ende einer jeden Mail angehangen und besteht meist aus einer Grußform, dem Namen der Telefonnummer und der Abteilung.

Die Signatur welche vom Server angehangen wird kann nur von einem Administrator verändert werden. Diese Signatur enhält den Namen der Firma, die Geschäftsführer und weitere Gesetzmäßigkeiten, welche angehängt werden müssen.

== Lokale Signatur ändern ==
'''Im Lotus Notes Client:'''

1. Neue E-Mail verfassen (Neues Memo).
2. Offnen Sie Werkzeuge -> Vorgaben -> Mail -> Signatur.
3. Signatur bearbeiten. Mit OK bestätigen

== Server Signatur anhängen ==
'''Im Lotus Domino Administrator:'''

Domino Administrator öffnen.(Muss als Notes Admin ausgeführt werden)

Den Reiter Personen und Gruppen auswählen.
''Wenn noch keine Richtlinie für Benutzer besteht muss eine Neue Richtlinie erstellt werden.''
Einstellungen öffnen und Richtlinie für Mail Settings auswählen und bearbeiten.
Im Reiter Message Disclaimers kann nun die Signatur bearbeitet werden.

== Server Signatur ändern ==

Der Server lässt zwei verschiedene Arten von Signaturen zu. Das ist zum einen die Signatur in Plain Text(ohne Formatierung) und in HTML (mit Formatierung).

Bei der Erstellung einer Signatur in HTML kann es schonmal zu Problemen kommen, da der Server den HTML-Code nicht immer richtig darstellt.
Nachfolgend werden ein paar Tipps gegeben die das Formatieren der Signatur für die Zukunft erleichtern sollen.

Problem 1:

'''Es entstehen ungewollte Leerzeilen.'''
Dies passiert wenn eine HTML-Datei in einem externen Editor angefertig wird (mit einrücken der einzelnen Tags)und in einem Stück in das
Textfeld vom Domino Administrator kopiert werden.
Der Server dichtet sich somit Leerzeilen hinzu die es garnicht gibt.
Um dies zu vermeiden muss der HTML-Code im externen Editor so abgeändert werden, dass keine optischen Zeilenbruche mehr vorhanden sind und der
Code quasi durchgehend ist. Zeilenumbrüche werden somit auch nurnoch an den Stellen gemacht wo dies klar durch den HTML-Tag BR gekennzeichnet ist.

== Server Signatur übernehmen ==

Jedem Benutzer dem die Server Signatur angeangen werden soll muss diese Richtlinie zugeteilt werden.

Im Domino Administrator muss nach der Bearbeitung alles gespeichert werden.
Um die Richtlinie direkt zu übernhemen kann in der Live-Konsole der Befehl 'tell adminp process mailpolicy' eingegeben werden. Nach erfolgreicher übernahme und neustart des Clients ist die Signatur bzw. Richtlinie übernommen.

ePolicy Orchestrator 4.6.1 Upgrade

"This is the ePolicy Orchestrator 4.6.1 install. This release can be used for a first-time installation or for an upgrade from McAfee ePolicy Orchestrator 4.0 Patch 7, or McAfee ePolicy Orchestrator 4.5 Patch 3 (or later), or McAfee ePolicy Orchestrator 4.6.
...
Release Notes:
...

In this release, support has been added for the following:

· Firefox 4.x and 5.x browsers

· Internet Explorer 9.0 browser*

* Full compatibility with the Internet Explorer 9.0 browser is defined as running in Internet Explorer 9 (Browser Mode) and Internet Explorer 9 standards (Document Mode). In ePolicy Orchestrator 4.6.1, some web pages must be run in the Internet Explorer 9 Compatibility View (Browser Mode) and Internet Explorer 7 standards (Document Mode). For more information, see the Microsoft documentation on the Internet Explorer 9 standard."

...aha

OK, let's have a try.

First I will backup the system and then upgrade. Then I let myself surprised again.

Mittwoch, 31. August 2011

ePO 4.6.0. Hardware sizing and bandwidth usage

McAfee published an new Docu for "ePO 4.6" a few days ago called "epo_460_Hardware_Sizing_and_Bandwidth_Usage_Guide_en-us.pdf". I'm curious about it.

I tell you about later.

Feedback
OK, it's an Interesting Docu with a few examples, but I think it's too large scaled as it is shown there. Maybe not for such gigantic Networks but for smaller with under 1000 Clients.

Donnerstag, 21. Juli 2011

Firefox 5 final release und ePO 4.6 Konsole

Da der ePolicy Orchestrator 4.6 im Firefox 5 noch nicht laufen will hoffe ich, dass sich das heute oder in kurzer Zeit ändern wird. Ich habe gelesen, dass die ePO-Konsole nur in Releaseversionen funktioniert. Im Wiki von Mozilla habe ich gelesen, dass heute das final Release erscheint.
Wir werden sehen =)

Edit:
Na klasse! Was ist eigentlich mit Firefox los? Kaum ist Version 5 draußen kommt schon Version 6 als Release heraus. Wollen die jetzt mit der Version des Internet Explorers aufschließen? Hat das irgendwelche Marktvorteile? Am ePO Support hat sich nach wie vor nichts geändert. Schuld hierfür ist warscheinlich ein Teil des PageLoad-Skriptes:

   "    function validateBrowser()
        {
            var message = checkBrowserFeatures();

            if (message != "")
            {
                // if the browser check fails, don't

                   let them log in..
                $("userLoginUI").style.display = "none";
                $("login.button").style.display = "none";

                // BZ 526984: If the browser is unsupported, hide

                   the messages.
                if($('loginMessages')) {
                   $j('#loginMessages').hide();
                }

                $("errorMessageContent").innerHTML = message;
                $("errorMessageContent").style.display = "";

                return false;
            }                                                     "

Hat Jemand eine Idee dies zu umgehen? Ich möchte gerne wieder alle

WebApps in ein einem Browser öffnen können.

Edit:

OK, my first Workaround:

Change on your own risk /Änderung auf eigene Gefahr!

Found it at http://support.mozilla.com/de/questions/750405

Firefox

About:Config  -> New -> String

general.useragent.override

Value:

Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8

Edit:

OK, there's an other Workaround Add-On at

https://addons.mozilla.org/en-US/firefox/addon/user-agent-switcher/

this works for me. Just insert the parameters for the useragent version.

Greetings / Gruß Sascha

Freitag, 15. Juli 2011

WSUS again! Update Service won't get started. Damn!

Again, WSUS is in Version: 3.2.7600.226 on a Windows Server 2003 mashine.
The problem was that the UpdateService didn't start. Very important for me was to not reinstall WSUS, ISS or some frameworks.
In Eventlog I got the Error Message:

Faulting application wsusservice.exe, version 3.1.7600.226, stamp 4a7b8655, faulting module unknown, version 0.0.0.0, stamp 00000000, debug? 0, fault address 0x1449603e.
Weitere Informationen über die Hilfe- und Supportdienste erhalten Sie unter http://go.microsoft.com/fwlink/events.asp.

I tried a lot but my solution was to registrate all WSUS important DLLs new.
I copied the following in a .bat file and executed it.

regsvr32 c:\windows\system32\vbscript.dll /s
regsvr32 c:\windows\system32\mshtml.dll /s
regsvr32 c:\windows\system32\msjava.dll /s
regsvr32 c:\windows\system32\jscript.dll /s
regsvr32 c:\windows\system32\msxml.dll /s
regsvr32 c:\windows\system32\actxprxy.dll /s
regsvr32 c:\windows\system32\shdocvw.dll /s
regsvr32 wuapi.dll /s
regsvr32 wuaueng1.dll /s
regsvr32 wuaueng.dll /s
regsvr32 wucltui.dll /s
regsvr32 wups2.dll /s
regsvr32 wups.dll /s
regsvr32 wuweb.dll /s
regsvr32 Softpub.dll /s
regsvr32 Mssip32.dll /s
regsvr32 Initpki.dll /s
regsvr32 softpub.dll /s
regsvr32 wintrust.dll /s
regsvr32 initpki.dll /s
regsvr32 dssenh.dll /s
regsvr32 rsaenh.dll /s
regsvr32 gpkcsp.dll /s
regsvr32 sccbase.dll /s
regsvr32 slbcsp.dll /s
regsvr32 cryptdlg.dll /s
regsvr32 Urlmon.dll /s
regsvr32 Shdocvw.dll /s
regsvr32 Msjava.dll /s
regsvr32 Actxprxy.dll /s
regsvr32 Oleaut32.dll /s
regsvr32 Mshtml.dll /s
regsvr32 msxml.dll /s
regsvr32 msxml2.dll /s
regsvr32 msxml3.dll /s
regsvr32 Browseui.dll /s
regsvr32 shell32.dll /s
regsvr32 wuapi.dll /s
regsvr32 wuaueng.dll /s
regsvr32 wuaueng1.dll /s
regsvr32 wucltui.dll /s
regsvr32 wups.dll /s
regsvr32 wuweb.dll /s
regsvr32 jscript.dll /s
regsvr32 atl.dll /s
regsvr32 Mssip32.dll /s

Mittwoch, 6. Juli 2011

Can I help? You Need My Help! You wont pay? Then I will kill you!

What I mean are Drive-by-Downloads. It's not nice to be attacked in this way. First you will be shocked by an unknown anti-virus programm. The reports are piling up. Mostly they can not even be close or hide. System programs are blocked or hidden.

What's going on here?
Why did my own antivirus program not warn me?
* Plop * "You have a virus"
lol "OK"
click "Delete"
After a reboot, the problem occurs again.
"Damn it" xD

Ok, long story short traded.
So, I first took the Process Explorer from Microsofts Sysinternal tools. With its help, and the detector window I could finish the entire process structure.

After that I could work a bit better then before.

The next Step was to make a Windows Systemrecovery from the day before.

After finishing the Maleware was fortunately removed. But it left some brandings. Some hidden directorys. But the work could go on.

Dienstag, 21. Juni 2011

Wrong proxy settings cause WSUS Issues

In recent days I have had a serious problem with my WSUS server. A few of my clients are submitted no more status report to the server. I could not remember to made changes to the server or the group policy. In all the forums and WSUS web pages I read "Use the WSUS server and client diagnostic programs". I've made. Everything perfect.
After the tip once again to look into the event log and another few minutes searching, I came across the log files generated by the client in C: \ Windows named "WindowsUpdate.log". Who would have thought.
Okay let's see.

Here is a small excerpt from the interesting part, where it can be assumed the error.

2011-06-15 07:35:09:180 1056 a7c Agent ** START ** Agent: Finding updates [CallerId = AutomaticUpdates]

2011-06-15 07:35:09:180 1056 a7c Agent *********

2011-06-15 07:35:09:180 1056 a7c Agent * Online = Yes; Ignore download priority = No

2011-06-15 07:35:09:180 1056 a7c Agent * Criteria = "IsHidden=0 and IsInstalled=0 and DeploymentAction='Installation' and IsAssigned=1 or IsHidden=0 and IsPresent=1 and DeploymentAction='Uninstallation' and IsAssigned=1 or IsHidden=0 and IsInstalled=1 and DeploymentAction='Installation' and IsAssigned=1 and RebootRequired=1 or IsHidden=0 and IsInstalled=0 and DeploymentAction='Uninstallation' and IsAssigned=1 and RebootRequired=1"

2011-06-15 07:35:09:180 1056 a7c Agent * ServiceID = {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7} Managed

2011-06-15 07:35:09:180 1056 a7c Agent * Search Scope = {Machine}

2011-06-15 07:35:09:223 1056 a7c Misc Validating signature for C:\WINDOWS\SoftwareDistribution\SelfUpdate\Default\wuident.cab:

2011-06-15 07:35:09:325 1056 a7c Misc Microsoft signed: Yes

2011-06-15 07:35:09:339 1056 a7c Misc WARNING: WinHttp: SendRequestToServerForFileInformation failed with 0x801901f6

2011-06-15 07:35:09:339 1056 a7c Misc WARNING: WinHttp: ShouldFileBeDownloaded failed with 0x801901f6

2011-06-15 07:35:09:339 1056 a7c Misc WARNING: DownloadFileInternal failed for http://WsusServer/selfupdate/wuident.cab: error 0x801901f6

2011-06-15 07:35:09:339 1056 a7c Setup FATAL: IsUpdateRequired failed with error 0x80244021

2011-06-15 07:35:09:339 1056 a7c Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed: 0x80244021

2011-06-15 07:35:09:339 1056 a7c Setup WARNING: SelfUpdate: Default Service: IsUpdateRequired failed, error = 0x80244021

2011-06-15 07:35:09:339 1056 a7c Agent * WARNING: Skipping scan, self-update check returned 0x80244021

2011-06-15 07:35:09:513 1056 a7c Agent * WARNING: Exit code = 0x80244021

2011-06-15 07:35:09:513 1056 a7c Agent *********

2011-06-15 07:35:09:513 1056 a7c Agent ** END ** Agent: Finding updates [CallerId = AutomaticUpdates]

2011-06-15 07:35:09:513 1056 a7c Agent *************

2011-06-15 07:35:09:513 1056 a7c Agent WARNING: WU client failed Searching for update with error 0x80244021

2011-06-15 07:35:09:528 1056 aa0 AU >>## RESUMED ## AU: Search for updates [CallId = {158642B7-F0E4-4156-BA96-C96488FA0A2E}]

2011-06-15 07:35:09:528 1056 aa0 AU # WARNING: Search callback failed, result = 0x80244021

2011-06-15 07:35:09:542 1056 aa0 AU # WARNING: Failed to find updates with error code 80244021

2011-06-15 07:35:09:542 1056 aa0 AU #########

2011-06-15 07:35:09:542 1056 aa0 AU ## END ## AU: Search for updates [CallId = {158642B7-F0E4-4156-BA96-C96488FA0A2E}]

2011-06-15 07:35:09:542 1056 aa0 AU #############

2011-06-15 07:35:09:542 1056 aa0 AU AU setting next detection timeout to 2011-06-15 10:35:09

2011-06-15 07:35:12:341 1056 a7c Report REPORT EVENT: {7F2FBAC8-EBF6-4682-A973-ACB4EC583C80} 2011-06-15 07:35:09:339+0200 1 148 101 {D67661EB-2423-451D-BF5D-13199E37DF28} 0 80244021 SelfUpdate Failure Software Synchronization Windows Update Client failed to detect with error 0x80244021.

2011-06-15 07:39:28:782 1056 30c AU Forced install timer expired for scheduled install

2011-06-15 07:39:28:797 1056 30c AU UpdateDownloadProperties: 0 download(s) are still in progress.

2011-06-15 07:39:28:797 1056 30c AU Setting AU scheduled install time to 2011-06-16 01:00:00

2011-06-15 07:54:23:148 1056 98 PT WARNING: Cached cookie has expired or new PID is available

2011-06-15 07:54:23:148 1056 98 PT Initializing simple targeting cookie, clientId = d0e66c72-dba6-41ed-b7f5-fbf5b854606b, target group = , DNS name = PC.Domäne

2011-06-15 07:54:23:148 1056 98 PT Server URL = http://WsusServer/SimpleAuthWebService/SimpleAuth.asmx

2011-06-15 07:54:23:163 1056 98 PT WARNING: GetAuthorizationCookie failure, error = 0x80244021, soap client error = 10, soap error code = 0, HTTP status code = 502

2011-06-15 07:54:23:163 1056 98 PT WARNING: Failed to initialize Simple Targeting Cookie: 0x80244021

2011-06-15 07:54:23:163 1056 98 PT WARNING: PopulateAuthCookies failed: 0x80244021

2011-06-15 07:54:23:163 1056 98 PT WARNING: RefreshCookie failed: 0x80244021

2011-06-15 07:54:23:163 1056 98 PT WARNING: RefreshPTState failed: 0x80244021

2011-06-15 07:54:23:163 1056 98 PT WARNING: PTError: 0x80244021

2011-06-15 07:54:23:163 1056 98 Report WARNING: Reporter failed to upload events with hr = 80244021.

2011-06-15 08:17:34:180 1056 940 PT WARNING: Cached cookie has expired or new PID is available

2011-06-15 08:17:34:180 1056 940 PT Initializing simple targeting cookie, clientId = d0e66c72-dba6-41ed-b7f5-fbf5b854606b

So I got the idea for the error code "0x80244021" to search.
Here are the results.
http://support.microsoft.com/kb/896226/de
The first surprise was big, because WSUS is at the same network as the clients. Then I remembered a setting that I had recently changed.
It is called Proxy Auto Configuration. I activated it and gave the information to further the goal of wpad.dat files via DHCP to the computer. After disabling the feature and then "wuauclt / detectnow" could be seen the next day that the clients could pull back your diligent updates.

Now I'll probably employ me again with the script to the WPAD file.
I hope I could help you with your troubleshooting a bit.

Greetings Sascha

Labels