Windows: How to elevate the Command Prompt to System Rights

Have you ever tried to configure something on a windows system as Administrator and still got a permission denied?

While the Administrator is powerful, he still can’t do everything. There is an account that is even more powerful, it is called SYSTEM. So how could you run something as SYSTEM? Here is how:

  • Start a command prompt as Administrator
  • From Sysinternals, download psexec.exe and put it on the C: drive
  • In the command prompt, navigate to the directory with psexec.exe
  • Run “psexec.exe -i -s cmd.exe” (without the quotes)
  • Now a second command prompt opens with SYSTEM privileges
  • Type “whoami” to confirm that you are SYSTEM

Be careful as with these rights, you can easily destroy a system.

HP ILO: Configure it via ESX

When you can’t access HP ILO via Web Console anymore (e.g. because you have configured the IP address wrongly or enabled DHCP by accident), there is a possibility to configure the ILO IP settings via ESX.

Login to the ESX vSphere Client

Make sure that SSH is running on ESX (ESX host > Configuration > Security Profile > Services > Properties, Start SSH if it is not started)

Download Putty on the Windows machine where the vSphere Client runs. Start Putty.exe and use the IP address of the ESX host to login.

After you have entered the user name (root), it takes a while for the password prompt to be shown. Wait and then enter the password.

cd /opt/hp/tools

Export the current config: ./hponcfg -w /tmp/ilo_config.txt

Now, copy this file to the Windows machine (for example with WinSCP).

Open it with WordPad and change the following lines:

<IP_ADDRESS VALUE = “10.10.10.20″/>
<SUBNET_MASK VALUE = “255.255.255.0″/>
<GATEWAY_IP_ADDRESS VALUE = “10.10.10.1″/>
<DHCP_ENABLE VALUE = “N”/>

Copy it back to the ESX host (overwrite existing file)

./hponcfg -f /tmp/ilo_config.txt

Let the ILO restart.

You should now be able to login to ILO via the Web Console.

 

BES 5.0.4: How to add an administrative user

On BES 5.0.4, it is a bit tricky to add an administrative user. Normal Blackberry users are added under User > Create user, but admin users have to be added from a different menu.

First, login with BESAdmin. Then, you have to go to

Administrator user > Create an administrator user

BES Admin User 1

Then, fill in the fields, which are not self-explanatory:

BES Admin User 2

Display name: Use the display name from Active Directory
User name: Use the AD login name
Domain: Use the AD domain name
Administrator password: Use the password from BESAdmin, not from the user you are creating

Windows Server 2003: How to restart the Terminal Services service

How do you restart the terminal services service? In MMC (services.msc), it is greyed out. It would be handy to be able to do it if you don’t want to restart the whole server.

The official word from Microsoft is: “The Terminal Services service is an integrated part of the core OS in Windows, that’s why it can’t be stopped or restarted as most other services (it is grayed out).”

The following procedure does the trick:

  1. Open a command prompt
  2. Type in: tasklist /svc /fi “imagename eq svchost.exe”
  3. This will list the different instances of svchost.exe and the associated service and PID
  4. Locate TermService and note the PID for it
  5. Open Task Manager and go to the Processes tab. Then click View > Select Columns and check PID, then click OK
  6. Locate the svchost.exe process with the PID noted in step 4, right click it, select End Process
  7. Open services.msc
  8. Start the Terminal Services service

 

Windows: Run commands to start Control Panel items

Sometimes it is faster to access Control Panel items via command line that clicking and searching in the UI. To use a command, just press <Windows-Key>-R, which will open the Run window. Then just type the command and press <Enter>.

Control Panel Applet Command OS
Accessibility Options control access.cpl XP
Action Center control /name Microsoft.ActionCenter 8, 7
control wscui.cpl 8, 7
Add Features to Windows 8 control /name Microsoft.WindowsAnytimeUpgrade 8
Add Hardware control /name Microsoft.AddHardware Vista
control hdwwiz.cpl XP
Add or Remove Programs control appwiz.cpl XP
Administrative Tools control /name Microsoft.AdministrativeTools 8, 7, Vista
control admintools 8, 7, Vista, XP
Automatic Updates control wuaucpl.cpl XP
AutoPlay control /name Microsoft.AutoPlay 8, 7, Vista
Backup and Restore Center control /name Microsoft.BackupAndRestoreCenter Vista
Backup and Restore control /name Microsoft.BackupAndRestore 7
Biometric Devices control /name Microsoft.BiometricDevices 8, 7
BitLocker Drive Encryption control /name Microsoft.BitLockerDriveEncryption 8, 7, Vista
Bluetooth Devices control bthprops.cpl13 8, 7, Vista
control /name Microsoft.BluetoothDevices Vista
Color Management control /name Microsoft.ColorManagement 8, 7, Vista
Color1 WinColor.exe2 XP
Credential Manager control /name Microsoft.CredentialManager 8, 7
Client Service for NetWare control nwc.cpl XP
Date and Time control /name Microsoft.DateAndTime 8, 7, Vista
control timedate.cpl 8, 7, Vista
control date/time 8, 7, Vista, XP
Default Location control /name Microsoft.DefaultLocation 7
Default Programs control /name Microsoft.DefaultPrograms 8, 7, Vista
Desktop Gadgets control /name Microsoft.DesktopGadgets 7
Device Manager control /name Microsoft.DeviceManager 8, 7, Vista
control hdwwiz.cpl 8, 7, Vista
devmgmt.msc 8, 7, Vista, XP3
Devices and Printers control /name Microsoft.DevicesAndPrinters 8, 7
control printers 8, 7
Display control /name Microsoft.Display 8, 7
control desk.cpl XP
control desktop XP
Ease of Access Center control /name Microsoft.EaseOfAccessCenter 8, 7, Vista
control access.cpl 8, 7, Vista
Family Safety control /name Microsoft.ParentalControls 8
File History control /name Microsoft.FileHistory 8
Flash Player Settings Manager control flashplayercplapp.cpl 8
Folder Options control /name Microsoft.FolderOptions 8, 7, Vista
control folders 8, 7, Vista, XP
Fonts control /name Microsoft.Fonts 8, 7, Vista
control fonts 8, 7, Vista, XP
Game Controllers control /name Microsoft.GameControllers 8, 7, Vista
control joy.cpl 8, 7, Vista, XP
Get Programs control /name Microsoft.GetPrograms 8, 7, Vista
Getting Started control /name Microsoft.GettingStarted 7
Home Group control /name Microsoft.HomeGroup 8, 7
Indexing Options control /name Microsoft.IndexingOptions 8, 7, Vista
rundll32.exe shell32.dll,Control_RunDLL srchadmin.dll 8, 7, Vista, XP
Infrared control /name Microsoft.Infrared 8, 7
control irprops.cpl 8, 7, Vista
control /name Microsoft.InfraredOptions Vista
Internet Options control /name Microsoft.InternetOptions 8, 7, Vista
control inetcpl.cpl 8, 7, Vista, XP
iSCSI Initiator control /name Microsoft.iSCSIInitiator 8, 7, Vista
Keyboard control /name Microsoft.Keyboard 8, 7, Vista
control keyboard 8, 7, Vista, XP
Language control /name Microsoft.Language 8
Location and Other Sensors control /name Microsoft.LocationAndOtherSensors 7
Location Settings control /name Microsoft.LocationSettings 8
Mail4 control mlcfg32.cpl5 8, 7, Vista, XP
Mouse control /name Microsoft.Mouse 8, 7, Vista
control main.cpl 8, 7, Vista
control mouse 8, 7, Vista, XP
Network and Sharing Center control /name Microsoft.NetworkAndSharingCenter 8, 7, Vista
Network Connections control ncpa.cpl 8, 7, Vista
control netconnections 8, 7, Vista, XP
Network Setup Wizard control netsetup.cpl 8, 7, Vista, XP
Notification Area Icons control /name Microsoft.NotificationAreaIcons 8, 7
ODBC Data Source Administrator control odbccp32.cpl XP6
Offline Files control /name Microsoft.OfflineFiles 8, 7, Vista
Parental Controls control /name Microsoft.ParentalControls 7, Vista
Pen and Input Devices control /name Microsoft.PenAndInputDevices Vista
control tabletpc.cpl Vista
Pen and Touch control /name Microsoft.PenAndTouch 8, 7
control tabletpc.cpl 8, 7
People Near Me control /name Microsoft.PeopleNearMe 7, Vista
control collab.cpl 7, Vista
Performance Information and Tools control /name Microsoft.PerformanceInformationAndTools 8, 7, Vista
Personalization control /name Microsoft.Personalization 8, 7, Vista
control desktop 8, 7, Vista
Phone and Modem Options control /name Microsoft.PhoneAndModemOptions Vista
control telephon.cpl Vista, XP
Phone and Modem control /name Microsoft.PhoneAndModem 8, 7
control telephon.cpl 8, 7
Power Options control /name Microsoft.PowerOptions 8, 7, Vista
control powercfg.cpl 8, 7, Vista, XP
Printers and Faxes control printers XP
Printers control /name Microsoft.Printers Vista
control printers Vista
Problem Reports and Solutions control /name Microsoft.ProblemReportsAndSolutions Vista
Programs and Features control /name Microsoft.ProgramsAndFeatures 8, 7, Vista
control appwiz.cpl 8, 7, Vista
Recovery control /name Microsoft.Recovery 8, 7
Region control /name Microsoft.RegionAndLanguage 8
control intl.cpl 8
control international 8
Region and Language control /name Microsoft.RegionAndLanguage 7
control intl.cpl 7
control international 7
Regional and Language Options control /name Microsoft.RegionalAndLanguageOptions Vista
control intl.cpl Vista
control international Vista, XP
RemoteApp and Desktop Connections control /name Microsoft.RemoteAppAndDesktopConnections 8, 7
Scanners and Cameras control /name Microsoft.ScannersAndCameras 8, 7, Vista
control sticpl.cpl XP
Scheduled Tasks control schedtasks XP7
Screen Resolution control desk.cpl 8, 7
Security Center control /name Microsoft.SecurityCenter Vista
control wscui.cpl XP
Software Explorers8 msascui.exe9 XP
Sound control /name Microsoft.Sound 8, 7
control /name Microsoft.AudioDevicesAndSoundThemes Vista
control mmsys.cpl 8, 7, Vista
Sounds and Audio Devices control mmsys.cpl XP
Speech Recognition Options control /name Microsoft.SpeechRecognitionOptions Vista
Speech Recognition control /name Microsoft.SpeechRecognition 8, 7
Speech control sapi.cpl10 XP
Storage Spaces control /name Microsoft.StorageSpaces 8
Sync Center control /name Microsoft.SyncCenter 8, 7, Vista
System control /name Microsoft.System 8, 7, Vista
control sysdm.cpl XP
System Properties control sysdm.cpl 8, 7, Vista
Tablet PC Settings control /name Microsoft.TabletPCSettings 8, 7, Vista
Task Scheduler7 control schedtasks 8, 7, Vista
Taskbar control /name Microsoft.Taskbar 8
rundll32.exe shell32.dll,Options_RunDLL 1 8
Taskbar and Start Menu control /name Microsoft.TaskbarAndStartMenu 7, Vista
rundll32.exe shell32.dll,Options_RunDLL 1 7, Vista, XP
Text to Speech control /name Microsoft.TextToSpeech 8, 7, Vista
Troubleshooting control /name Microsoft.Troubleshooting 8, 7
User Accounts control /name Microsoft.UserAccounts 8, 7, Vista
control userpasswords
control userpasswords2
8, 7, Vista, XP
Welcome Center control /name Microsoft.WelcomeCenter Vista
Windows 7 File Recovery control /name Microsoft.BackupAndRestore 8
Windows Anytime Upgrade control /name Microsoft.WindowsAnytimeUpgrade 7, Vista
Windows CardSpace control /name Microsoft.CardSpace 7, Vista
control infocardcpl.cpl 7, Vista
Windows Defender control /name Microsoft.WindowsDefender 8, 7, Vista11
Windows Firewall control /name Microsoft.WindowsFirewall 8, 7, Vista
control firewall.cpl 8, 7, Vista, XP
Windows Marketplace control /name Microsoft.GetProgramsOnline Vista
Windows Mobility Center control /name Microsoft.MobilityCenter 8, 7, Vista
Windows Sidebar Properties control /name Microsoft.WindowsSidebarProperties Vista
Windows SideShow control /name Microsoft.WindowsSideShow 8,7, Vista
Windows Update control /name Microsoft.WindowsUpdate 8, 7, Vista12
Wireless Link control irprops.cpl XP

Blackberry Q10/Z10: OS and Software Versions

When it comes to Blackberry device software (= OS = Operating System) there is some confusion regarding versions. There are 2 version numbers:

  1. Software Release Version (= Bundle Version)
  2. OS Version

The Software Release Version is the one displayed when you are notified that new device software is available.

Find below a table of the Q10/Z10 device software versions I could find:

Software Release OS Version
10.0.10.85 10.0.10.672
10.0.10.90 10.0.10.690
 .
10.1.0.238 10.1.0.1483
10.1.0.273 10.1.0.1720
10.1.0.2309 10.1.0.2342
10.1.0.2312 10.1.0.2354
10.1.0.4181 10.1.0.4633
10.1.0.4200 10.1.0.4780
.
10.2.0.415 10.2.0.1767
10.2.0.424 10.2.0.1791
10.2.1.537 10.2.1.1925
10.2.1.2102 10.2.1.2141
10.2.1.2941 10.2.1.3175
10.2.1.2977 10.2.1.3247

BES 10.1: Order to start services

If you need to start the services on BES 10.1 manually, do it in the order below:

  1. BES10 – Scheduler
  2. BES10 – BlackBerry Controller
  3. BES10 – BlackBerry MDS Connection Service
  4. BES10 – BlackBerry Dispatcher
  5. BES10 – BlackBerry Secure Connect Service
  6. BES10 – Administration Console
  7. BES10 – BlackBerry Administration Service – Native Code Container
  8. BES10 – BlackBerry Administration Service – Application Server
  9. BES10 – BlackBerry Management Studio
  10. BES10 – BlackBerry Licensing Service

 

Kerio Connect 8.0: Messages in the Security Log and what they mean

Find below a list of messages that can appear in the security log of Kerio Connect 8.0 and what they mean:

SMTP Spam attack detected from 85.51.174.157, client closed connection before SMTP greeting

This message only appears if Spam Repellent is switched on. It means that the client (sending mail server) hasn’t waited the 25 seconds (or whatever is configured in Spam Repellent) for the SMTP greeting. It closed the connection too early. This is indicative of bot net Spam as normal mail servers would not do that.

SMTP Spam attack detected from 69.94.153.232, client sent data before SMTP greeting

This message only appears if Spam Repellent is switched on. It means that the client (sending mail server) hasn’t waited the 25 seconds (or whatever is configured in Spam Repellent) until the SMTP greeting appears. It has started to send commands (such as HELO) and data too early. This is indicative of bot net Spam as normal mail servers would not do that.

IP address 93.85.133.206 found in DNS blacklist SPAMHAUS ZEN, mail from <sendername@senderdomain.com> to <myname@mydomain.org> rejected

The IP address of the client (sending mail server) is in the indicated black list and is blocked immediately. It will not be allowed to transmit the mail.

IP address 72.9.146.151 found in DNS blacklist UCEPROTECT L1, mail from <sendername@senderdomain.com> to <myname@mydomain.org>

The IP address of the client (sending mail server) is in the indicated black list, but it is allowed to be delivered. Some Spam score will be added to the message.

Relay attempt from IP address 72.9.146.151, mail from <sendername@senderdomain.com> to <recipient@notmydomain.net> rejected

As the recipient domain is not a domain that the mail server is responsible for it will discard the message. If the client had authenticated, the message would have been allowed. This is to prevent relaying of Spam.

Message from IP address 195.245.231.144, sender <sendername@mydomain.org> rejected: sender domain requires authentication

As the sender domain is hosted on the mail server, the client must authenticate to send the message. This is to prevent sender address spoofing. Without authentication, the message is blocked.

Message from IP address 186.28.185.93, sender <sendername@senderdomain.com> rejected: sender domain does not exist

The message is blocked because the sender domain does not exist.

Message from IP address 72.38.232.36, sender <sendername@senderdomain.com> temporarily rejected: sender domain does not resolve

The message is temporarily blocked because the sender domain does not resolve. This means that the domain exists, but the authoritative DNS servers are not responding.

Attempt to deliver to unknown recipient <unknown@mydomain.org>, from <sendername@senderdomain.com>, IP address 217.200.184.87

The message is blocked as there is no recipient with that name on  the recipient domain.

Client with IP address 202.85.222.166 has no reverse DNS entry, connection rejected before SMTP greeting

The IP address of the client (sending mail server) has no reverse DNS entry (PTR record), the message is blocked. A valid mail server must have a reverse DNS entry.

SPF check failed: The IP address ’210.68.71.113′ is not in permitted set for sender ‘sendername@senderdomain.com’ (FAIL)

The sender domain has an SPF (Sender Policy Framework) record setup in its DNS and it indicates that the client IP address is not a valid sender for that domain. The message is accepted but a Spam score is added to it.