Sole's Blog

Archive for the ‘Tips & Tricks’ Category

Getting SSL root certificates into mobile phones, has always and still is a hastle. My personal advice to people trying to use a server certificate on mobile phones, for example for e-mail, is very simple. But before I go more into that.. The reason I came on to this subject, was because a friend asked me if I knew of an easy way to put your own root certificates into mobile phones. I didnt when he asked, but I just found a nice guide explaining how to, for Windows Mobile phones – yes each type needs it’s own way of installing – sigh.

The guide can be found on two Swedish IT consultants Blog (Yes I am swedish – No it’s not me), I find it worrying how many posts include stuff I work with as well, including some info about my beloved WRT54GL that I am pondering swapping with something faster soon. The blog post about how to install Root SSL certificates on Windows Mobiles, with a CAB setup file, and a simple XML format can be found here: http://poweradmin.se/blog/2009/11/15/smooth-root-certificate-deployment-for-mobile-devices/

Back to my personal advice on how to get root certificates on mobile phones. Read the rest of this entry »

Adding to my remote Novell migration and removal toolkit, is here below a VBScript that can be used during a migration or as a login script to automatically remove the Novell client from a computer. Of course I dont know if this will work with all versions, but for me this worked to remove Novell in all the editions I encounted, without any tears or use of my feet. The downside of not having to uninstall the Novell client manually from all 2.500 computers, in this migration project is that I seem to be gaining in weight!

It goes without saying, the user used for running the script must have administrative rights, the computer definately wants to be rebooted when done, also I recommend removing any novell printers, shares, iPrint, ZenWorks, etc. before removing the actual Novell Client. And You most definately use this script at your own risk!

Read the rest of this entry »

VBScript to automatically remove ZenWorks regardless of version, with no user prompting or hard manual labor

Adding to my collection of VBScript tools for migrating from Novell to Microsoft, here is a little gem to removing ZenWorks, by reading the uninstall information on the computer, we find any version of ZenWorks and the command to uninstall it quietly and without any user prompts.

In a few situations the computer will fail to uninstall ZenWorks, the primary reason for me has been on a computer that is awaiting a reboot from a previous install or uninstall procedure. Simply rebooting the machine and running the script again seems to fix this problem. I have made a script to do that as well, Read the rest of this entry »

For the last couple of months, and some months ahead, I am working primarely on migration projects, currently I have just finished developing a lot of scripts to automatically migrate from Novell & ZenWorks to a purely Microsoft environment. So I might share some tips and tricks from my experiences.

Trying to uninstall Novell printers automatically with VBScripting in a login script gave me a headache, for some reason the good old function WshNetwork.RemovePrinterConnection would fail every time trying to uninstall a Novell printer. After some searching and testing I found that by executing a command to RUNDLL32 PRINTUI.DLL,PrintUIEntry, I could successfully uninstall the printers. My personal experience shows no warnings or errors to the user, as long as the computer can still access Novell, however I did have some warning messages appear when the computer could not connect, but the printer was still deleted, and the user could not abort it, so in my book thats a success!

Also i found some examples removing the printers with /dn instead of the /dl that I am using Read the rest of this entry »

Most experienced consultants use Google daily to find descriptions of problems and solutions, knowing your way around Google and making a good search, can mean the difference between identifying and solving a problem within minutes or hours.

Many times a customer have asked me how to solve a problem, that I didnt know the answer to on the top of my head, after all there is a lot of issues and only so much memory and experience. Not once have I recieved any negative responses from saying “let me do a little research and i will come right back to you”, on the contrary the customer is happy and relieved that I will help them. Dont drop the ball and say “no sorry cant help you”, must customers dont have the time or experience to search for an answer them self, why else would they be asking. Read the rest of this entry »

The easiest way (I love easy!) to order and install an SSL certificate on Exchange 2007, is to order a SAN (Subject Alternative Name) certificate with AutoCSR meaning you dont have to create a CSR but instead get a certificate backup file. You also save time with the SAN because you only use one certificate for all services and can move services from one domain to another in the certificate with no problems.

Make sure you get a SAN certificate including the full domain name(s) you use to access Outlook Web Access, Outlook Anywhere, Autodiscover and any internal servernames using the certificate (usually free).

The Certificate you order should contain something like this:

• mail.sole.dk and/or owa.sole.dk – for Outlook Web Access
• autodiscover.sole.dk and any other e-mail domain you use with Autodiscover/OA.
• MYSERVER01 – and any other server that will be using the certificate

Personally I setup servers to respond only to OWA on the mail./owa. domain, and use all other services like Outlook Anywhere, ActiveSync, etc. on the autodiscover. address, this way I can use Forms Based Authentication with my OWA website, and NTLM with my other services. Some people argue for and against having internal server names in the certificate, but I figure if they are free anyways, and might help why not add them – and if security is so much an issue that internal server names must not be revealed, you have other much bigger problems anyway.

Now some simple commands to manipulate Exchange 2007 SSL certificates. (Stolen from the danish Exchange 2007 guide on FairSSL a danish SSL certificate reseller – thanks!) Read the rest of this entry »