Glo Networks Technical Blog (Glo Blog)

For those of us Exchange admins who aren’t fully up to date with Exchange 2010 service packs (for whatever reason – don’t berate us) and have slowly been getting annoyed with an ever increasing amount of mailboxes that get automapped in Outlook 2007 and 2010 can rejoice. One of our staff spent 10 minutes reearching, understanding and writing a bit of Powershell to resolve the issue en-bulk.

Just run the following under a Powershell instance with the Exchange modules loaded (i.e. the Exchange Management Shell).

foreach ($u in $(Get-User)) { Write-Host "Clearing the msExchDelegateListLink for $($u.distinguishedname)"; $ad = [adsi]"LDAP://$($u.originatingserver)/$($u.distinguishedname)"; $ad.msExchDelegateListLink.Clear(); $ad.SetInfo(); }

Be aware that if you do this, all auto mappings for all users will get removed. This may not have the desired behaviour as some users may be relying on an automapped account. It should be feasible to alter this as required, as it’s pretty damn simple!

As with all things, do this at your own risk, we accept no liability, yadda yadda yadda.

If you’re curious (and lets face it, if you’re modifying the Active Directory en bulk, you should be!), basically what this does is loop over all users, and clear all values against their Active Directory account msExchDelegateListLink attribute. This attribute is where the automapping gets written to.

As an example imagine 2 users, Bob and Alice. Bob is an Exchange admin and at some point was granted full access (with permission, naturally) to diagnose a problem with Alice’s mailbox without having to disturb her too much directly. Bob will now be added to Alice’s msExchDelegateListLink attribute. It’s this entry that needs to be removed.

Apparently in SP2 there is the facility to disable automapping, at the time of adding the relevant permission; the shiny new “-AutoMapping” argument to Add-MailboxPermission. As with many things Exchange 2007 and newer, it’s just a facility available at the Powershell console, for now. And you know what? We’re ok with that.

Posted by Karl in Applications, Cool Stuff, Scripting, Servers | No Comments »

Recent research by hardware manufacturer Intel (and supported by the Confederation of British Industry) has highlighted the lack of investment and expertise in IT in small businesses in the UK. Their study of 3000 IT decision makers for businesses of 250 users or less shows:

• the majority still use fax machines more than smart phones
• a large percentage expose themselves to security risks by using personal laptops and mobile devices for work and are unaware of the data protection rules they’re potentially breaking by doing so
• most did not know what ‘the cloud’ is, even those that were using it already (e.g via Gmail)

There were several other worrying facts relating to investment in IT equipment (a third do not intend to buy new laptops or tablets for at least a year) and security (two thirds spend under 10% of their IT budget on protecting against attacks).

It’s disappointing that in this digital age many small businesses still do not appreciate the efficiency improvements that can be attained by updating IT infrastructure or the importance of maintaining IT security. At Glo Networks we are proud that none of our customers fall into this group (and those that may have previously have had our help to make the required improvements). Don’t let your business your business be one of those stuck in the IT ‘dark age’!

Posted by James in Desktop Hardware, Desktops and Laptops, General, Hardware, Laptop Hardware, Mobile, Servers, Small Business Software | No Comments »

In our experience changing between anti-virus software can be more hassle than it first seems. Even if the new antivirus vendor will claim to remove the previous software sometimes it just can’t, and often if a small part of the former remains the new software will not install correctly.

To this end some anti-virus providers offer their own tools for removing, but recently we found we were having difficulties in removing a deployment of E-Trust anti-virus from our customers machines, the customer was locked out of the admin consoles, and we couldn’t see any suitable tools. So rather than walk up to each machine and manually remove, we did what us IT geeks love best and created a script to fit our needs:

@echo off
REM Stopping Services
net stop "eTrust Antivirus Realtime Service"
net stop "eTrust ITM Job Service"
net stop "eTrust ITM RPC Service"
net stop "iTechnology iGateway 4.2"
REM ITM Server
msiexec.exe /qn /X{4A2635AD-91E0-4758-BD1E-CA57C9294F1F}
REM ITM Agent
msiexec.exe /qn /X{85F88F9C-6EB2-426B-88AB-28DA4A3526B9}
REM iTechnology iGateway
msiexec.exe /qn /X{847501DF-07C0-4691-B04A-893929F108AE}

Bear in mind that this works for our customers specific version of E-Trust, and for different versions the Product Codes (those bits in parenthesis after “msiexec /qn /X”) may differ.

We ran this on all computers in the Active Directory using PSExec, DSQuery.

cmd.exe /v:on /c "for /F "delims=, tokens=1" %i in ('dsquery computer -limit 0') do set name=%i & set name=!name:~4! & psexec -u Administrator -p AdministratorPassword \\!name! \\server\share\path\to\script.bat"

Be aware that the result set for DSQuery is by default limited to 1000 rows. In the example above we’ve explicitly set it to 0, which is unlimited, and generally speaking a bad idea. We’ve included the limit argument just incase you try and use this verbatim and get confused.

This won’t be executed in parallel, so the more machines you have the longer it will take.

DSQuery is part of the RSAT (Remote Server Administration Tools), installed by default on Domain Controllers, and optionally on other machines. PSExec is available from Sysinternals.

We would recommend creating a one time special administrator account, or you could pass in the administrator password via an environment variable, or read in from a file. Not providing the account may result in funny results depending on the target.

We also found one at least one or two machines there was a problem with UAC, however there did not seem to be a pattern, and we didn’t take the time to investigate the cause.

Oh, and just one more thing. Alternatively you could assign the removal script as a start up script.

Posted by James in Cool Stuff, Desktops and Laptops, General, Scripting, Servers | No Comments »

In a previous post we talked about the difference in disk read/write speed when enabling and disabling FileVault on a MacBook Pro fitted with an SSD. The software used to test was ‘Blackmagic Disk Speed Test’ which is available straight off the Mac App store.

Since that post there’s been an update for the software, and this update has brought something a bit fishy to our attention.

First let’s discuss what this update has changed. Directly from the product page on the App Store:

What’s New in Version 2.1

Some SSD’s use hidden compression when writing data to make their benchmarked speeds appear faster. Disk Speed Test will now measure the true speed of these SSD’s so you know if they are suitable for high quality uncompressed video capture.

The people that produce the software say the new update takes account for the ‘hidden compression’ used by SSD manufacturers, and measures the  ‘true speed’. So what difference does it actually make?  Here are some results we came up with:

Before Update	After Update

As you can see there’s a HUGE drop in the speeds the software reports! The SSD in question, a Corsair Force 3 240Gb SSD, is sold with the following specs listed:

Read Performance (max)             550 MB/s

Write Performance (max)            520 MB/s

The two logical conclusions that can come from this are:

SSD Manufacturers are artificially inflating the Read/Write speeds in order to put better looking specs on their SSDs

OR

The software, post update, is reporting things wrong or in an unorthodox manner.

There’s a few bells ringing here, this reminds us of the old hard drive capacity description discrepancy argument that went on for some time or possibly of the IPS broadband ‘up to’ speed claims issue.  Could we be seeing a similar overstatement from SSD manufacturers regards typical speeds?

Posted by James in Desktops and Laptops, General, Hardware, Software | No Comments »

In the virtualisation game VMWare are big competitors.  They’ve been selling virtual machine software since 1999 and their products are the ‘go to’ virtualisation tools for many businesses (not us at Glo). But since announcing their most recent price structure changes VMWare have experienced a huge amount of criticism from their customer base.

And we can understand why. The basic gist of the change is a cap on the RAM you can apply to your virtual machines per license. Formally licenses were required on a per processor basis alone, now, if you reach the virtual RAM cap for the number of processor’s you have licensed, you will require extra licenses to cover any additional RAM. This increase caused the change to be dubbed the ‘Memory vTax’.

When VMWare first announced this pricing change the memory allowance per license were rather low, meaning (obviously depending on the configuration of the virtual machines) some VMWare customers were looking at their licensing costs being several times what the old pricing structure would have cost. Reacting to the complaints of their customers VMWare have now raised the cap, which should keep the license costs to a more reasonable level for most customers.

Here at GloNetworks we’ve always tended towards the Microsoft Virtualization software ‘Hyper-V’ over the VMWare options, and right now we’re more confident than ever in our choice. It could be argued that WMWares virtualisation software is more ‘feature-full’ however we feel that Hyper-V’s pricing has always been more appropriate for us and our customers’ requirements. And since Microsoft have appeared to confirm they have no plans to use a similar ‘Memory Tax’ in its next Hyper-V product (Windows Server ‘8’ Hyper-V) we’re sure this will continue to be the case.

Posted by James in Applications, General, Operating Systems, Servers | 1 Comment »