Sonicwall OID’s

For internal purposes I had to monitor some snmp facts of a sonicwall.

Here’s the OID list

Sonicwall CPU usage as percent
.1.3.6.1.4.1.8741.1.3.1.3.0
 
Sonicwall Memory usage as percent
.1.3.6.1.4.1.8741.1.3.1.4.0
 
Sonicwall Maximum Connections
.1.3.6.1.4.1.8741.1.3.1.1.0

Sonicwall Current Connections
.1.3.6.1.4.1.8741.1.3.1.2.0
 
Sonicwall Firmware version: 
.1.3.6.1.4.1.8741.2.1.1.3.0

Sonicwall Serial:
.1.3.6.1.4.1.8741.2.1.1.2.0

Sonicwall ROM:
.1.3.6.1.4.1.8741.2.1.1.4.0

Sonicwall System Description:
.1.3.6.1.2.1.1.1.0

Luck may vary (there are many different type of (Dell) Sonicwall appliances)

Hope this helps you.

Posted in OID, snmp | Comments Off on Sonicwall OID’s

Get all different types of mailboxes in Exchange 2010 and 2016

I had to get the amount of the different types of mailboxes that are available in Exchange.
Exchange 2010 and 2016 in this case.

As I had to execute this as a script I ran into the problem that you have a ‘bare’ powershell and thus first need to connect to Exchange.

For Exchange 2010, note the name of the snapin.

Exchange 2010 – Get Number of all Mailboxes (including +1 for a system mailbox)

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
(get-mailbox -resultsize unlimited).count

Exchange 2010 – Get Number of Equipment Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
Get-mailbox -recipienttypedetails EquipmentMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

Exchange 2010 – Get Number of Room Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
Get-mailbox -recipienttypedetails RoomMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

Exchange 2010 – Get Number of Shared Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
Get-mailbox -recipienttypedetails SharedMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

Exchange 2010 – Get Number of User Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010
Get-mailbox -recipienttypedetails UserMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

 

For Exchange 2016, note the name of the snapin. The actual powershell commands to receive the info are the same as with Exchange 2010.

Exchange 2010 – Get Number of all Mailboxes (including +1 for a system mailbox)

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Snapin
(get-mailbox -resultsize unlimited).count

Exchange 2010 – Get Number of Equipment Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Snapin
Get-mailbox -recipienttypedetails EquipmentMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

Exchange 2010 – Get Number of Room Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Snapin
Get-mailbox -recipienttypedetails RoomMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

Exchange 2010 – Get Number of Shared Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Snapin
Get-mailbox -recipienttypedetails SharedMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

Exchange 2010 – Get Number of User Mailboxes

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Snapin
Get-mailbox -recipienttypedetails UserMailbox -resultsize unlimited | Measure-Object | Select-Object -expand Count

Hope this helps you!
Cheers!

Posted in Exchange 2010, Exchange 2016, powershell | Comments Off on Get all different types of mailboxes in Exchange 2010 and 2016

Get a list of all computers in Active Directory with date lastlogon and OS

I needed to list all computers in use at customers, with os, and for the less diligently maintained AD’s also if they were still in use. You can obtain this by reading the value of lastlogondate of a machine account.

Get-ADcomputer -Filter * -Properties * | Sort LastLogonDate | FT Name, LastLogonDate, OperatingSystem
Posted in Active Directory, powershell | Comments Off on Get a list of all computers in Active Directory with date lastlogon and OS

Active Directory Powershell get [the count of] all enabled users in a certain OU [but not in sub OU’s]

For our internal use, I devised a powershell command that lists all enabled users in a certain OU, but filtering out those in sub OU’s.

Unfortunately this is not a dynamic process, since it is based on the current implementation of OU’s, meaning the humans laid their hands on it. So depending on your setup you may need to exclude some sub OU’s that you don’t want to count.

First I want to list all users, then only in a certain OU to find that I want only enabled users, oh and leave out those in sub-OU’s. Oh and only the count please. Okay.

e.g:

(Get-ADUser -LDAPFilter "(&(sAMAccountName=*)(!userAccountControl:1.2.840.113556.1.4.803:=2))" -SearchBase 'OU=Users,OU=Customer,DC=WindowsDomain,DC=DomainExtension' | Where-Object { $_.DistinguishedName -notmatch 'Service Accounts|OtherAccounts'}).Count

(I think .Count doesn’t count to 1 (coz then it’s not an array), be aware of that)

Hope this helps you.
Cheers!

 

Posted in Active Directory, powershell | Comments Off on Active Directory Powershell get [the count of] all enabled users in a certain OU [but not in sub OU’s]

Exchange 2016 and SMTP speed

In order to have Exchange SMTP speed up a little you can change some default values.

Some of those values can be found here
https://technet.microsoft.com/en-us/library/bb232205(v=exchg.160).aspx

So if you want to change some of those value, to accept more mail at the same time, and deliver faster (if your machine can handle it, because you believe it is sooooo fast) you could do:

( Warning: you deviate from Microsoft Standards here, plus
Warning: this way you set it for ALL Transport services )

Get-TransportService | Set-TransportService -MaxOutboundConnections 40

Get-TransportService | Set-TransportService -MaxConcurrentMailboxSubmissions 40

Get-TransportService | Set-TransportService -MaxConcurrentMailboxDeliveries 40

I find MaxOutboundConnections and MaxConnectionRatePerMinute to be fairly OK default settings for a small corporation, but you can go faster!

If you want to change those too, do, e.g. twice as much:

Get-TransportService | Set-TransportService -MaxOutboundConnections 2000

Get-TransportService | Set-TransportService -MaxConnectionRatePerMinute 2400

And there’s tarpitting ofcourse, that adds an extra delay. (mind you, tarpitting has its reasons)

If you want to lookup the current values on your server, do

Get-ReceiveConnector | Select Name, Tarpitinterval

If you want to turn that off do:

Get-ReceiveConnector | Set-ReceiveConnector -TarpitInterval 0

Be sure to restart the transport service.

Always do a get command, just in case you have not noticed its values.

Of course you can do calculations on how much bandwidth your server has, can handle, and can spew out, and how many IOPS are needed for average mail transactions to your Exchange database, etc, but this post is not about that. I usually list how to do stuff. Not how to do stuff proper 🙂 Also, never say, tinkerist.com has it so it must be true. I don’t have the time discussing if something is true. What I hope that is that most of the time it works.

Hope this helps you!

P.S. For Exchange 2010 you can do things like the following, but look them up first, so that you know what you did, before you screwed up your exchange machine.

Get-ReceiveConnector | Set-ReceiveConnector -MessageRateLimit 4000
Get-ReceiveConnector | Set-ReceiveConnector -MessageRateSource None
Get-ReceiveConnector | Set-ReceiveConnector -MaxInboundConnectionPercentagePerSource 30
Posted in Exchange 2016, smtp | Comments Off on Exchange 2016 and SMTP speed

Block active ssh login attempts from unknown IP’s on linux using hosts.deny

Some hosts on the net are severely compromised or shown to be controlled by malicious  users.

imho: Never allow a root login using ssh to any machine you are setting up. Yes ~they~ are always probing. It is a storm.

The following mechanism will have the hosts that try to login as various users and various password combinations to get a time-out on your machine using hosts.deny. You should use it to throw arsholes off balance, using up their automated scanners/probes precious time.

First you need to know what hosts are attempting to use your secure shell service.
You can show that as an authoritative user, such as root, on your device by running the command:

lastb -F -i

This shows you a list of tries, with no dns lookups, just IP’s.

As such, the following command sorts the list, and creates unique entries on IP and places them in a file (~/catlastlog)

lastb -F -i| awk '{ print $3 }' |sort |uniq > ~/catlastlog

Next, the following command formats it to be used in hosts.deny.

sed -i -e 's/^/ALL:/' ~/catlastlog

Hosts.deny is the file in /etc that tells your machine to deny something from the connecting host, in essence, you can have your machine drop any connection to that host immediately.

The last two commands fill your /etc/hosts.deny file so you are one step closer to being safe from hosts that attempt to use your precious secure shell service (or any service that you publish and want to keep safe).

echo "# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system." > /etc/hosts.deny
cat ~/catlastlog >> /etc/hosts.deny

The first command creates a new and clear hosts.deny file.
The second command fills it with the recent hosts that failed login attempts.

The effect is immediate. New connections are dropped instantly.
Be sure not to lock yourself out [remotely], as this mechanism locks out any failed attempts directly, if you did, you can always edit the hosts.deny file from your console.

I now usually do this manually once in a while, as the compromised hosts vary from day to day. This is a crude form of protection, but I can imagine you could run this as a cron job if you are really fed up with wasted connections on your external interface. If you do, make sure all filenames are named with full path names [such as /secure/directory/catlastlog].

In fact, I encourage any admin to block internet crap. One day you’ll regret you didn’t.
That, and, it’s best to deny evil malicious pests everything [period], even milliseconds of probing time.

Can’t be zealous enough about it.

Hopes this helps you!
Cheers!

 

Posted in block, command line, hosts.deny, linux, ssh | Comments Off on Block active ssh login attempts from unknown IP’s on linux using hosts.deny

Shutting down windows domain clients remotely

I was not in the office, but I did have to shut down all domain computers after a move to have them install windows updates over the long new-year weekend.

So I ended up with a script I picked up on the web, and adjusted it to my needs.

The computers in the network were all named dt[number] (dt for desktop).
When looking at the Active Directory and in the DHCP server I found the desktop number range was from 41 to 99 in my case, so I just made sure a remote shutdown command (run as domain admin) was executed with the correct computer name. I saved this as a .bat file and ran it.

@echo off 
set /a x=41
:while 
if %x% lss 100 (
  echo shutting down dt0%x%
  shutdown /m \\dt0%x% /s /t 30 
  set /a x+=1
  goto :while 
)

Hope this helps you!
Have a great new year,
Cheers!

Posted in shutdown, Windows | Comments Off on Shutting down windows domain clients remotely

Exchange 2016, receive connector, enable relaying, powershell

In order to have a certain receive connector to be able to relay (other than local delivery: actually route the mail to the outside) perform the following powershell command:

Set-ReceiveConnector "SERVER\Receive Connector" -PermissionGroups AnonymousUsers

Above command enables “Anyonymous user” delivery.

Get-ReceiveConnector "SERVER\Receive Connector" | Add-ADPermission -User 'NT AUTHORITY\Anonymous Logon' -ExtendedRights MS-Exch-SMTP-Accept-Any-Recipient

Above command enables this receive connector to be able to relay to the next configured step in your Exchange server (probably out).

Hope this helps you!

Posted in Connector, E-mail, Exchange 2016 | Comments Off on Exchange 2016, receive connector, enable relaying, powershell

Checking HP disk status on VMware, command line

Today, I had to check the disk status of an HP array on VMware

Using VMware 6, installed with HP iso, meaning it has HP drivers and tools already installed on VMware, I found it is rather easy to use the cli command.
So I enabled SSH (Host / Configuration / Security Profile / Services / Properties / SSH / Options / Start / Ok) and logged on into VMware with an ssh client (e.g. putty).

A quick search revealed the info about the hp cli (hpssacli):

HP Smart Array CLI commands on ESXi

https://www.inetmail.ca/Wiki/index.php/HP_Smart_Array_CLI_commands_on_ESXi

I wound up with the disk status with:

/opt/hp/hpssacli/bin/hpssacli ctrl slot=0 pd all show status

Then turned off SSH on the host again.  (Host / Configuration / Security Profile / Services / Properties / SSH / Options / Stop/ Ok)

Thanks Mike and Kalle!

Hope this helps you!

Posted in command line, ESXi, hp | Comments Off on Checking HP disk status on VMware, command line

Powershell, get full names of a group of users in AD and export to text file.

Just a quick blurb that I encountered this morning.
In powershell, to get a list of the full names of users and export them to a text file:

Get-ADGroupMember -identity GROUP -Recursive | Get-ADUser -Property DisplayName | Select Name > c:\temp\fullnamesofgroup.txt

The point is that Get-ADGroupmember doesn’t “have” the properties of the object you are looking at. You have to look into the user object with Get-ADUser to get the specific property of the user object.
So, with the above command, you send all the user objects in the group with Get-ADGroupMember to Get-ADUser, and then pipe the values of the property “Name” to a text file on disk.

(The command is shorter than the text to explain it 🙂 )

Hope this helps you. Have fun!

Posted in Active Directory, powershell | Comments Off on Powershell, get full names of a group of users in AD and export to text file.