Windows DHCP not Updating DNS

Our 2012R2 DC’s do DHCP and DNS for our environment, but I found that our client’s DNS addresses were frequently incorrect, even though DHCP is supposed to update DNS with the correct entry.  Found this blog post that solved our problems:

http://blogs.msmvps.com/acefekay/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group/

Note:  If you are unsure about running the dnscmd shown in the blog post, I found the commands to verify the setting before you change it, and how to revert:

Show current state:

dnscmd /info /OpenACLOnProxyUpdates

Desired state:

dnscmd /config /OpenAclOnProxyUpdates 0

Revert to default:

dnscmd /config /OpenAclOnProxyUpdates 1

vCenter No Longer Reachable

After a power outage, we powered on our VMware infrastructure, and as we went through the process, we quickly realized that vCenter was not coming back online.  vCenter was not reachable via icmp or http/https.  Logging into the ESXi console showed the VCSA booting very slowly, but eventually it booted up.  Still no network connectivity.  After enabling bash and doing an “ifconfig”, I noticed the eth0 interface was missing.  The “ip link show” confirmed that the VM did not recognize any eth0 devices, but it did pick up an eth1 device.  For some reason, the vnic mac address had changed, and vCenter added the nic as a new device.  To resolve this:

  1. Edit this file on the VCSA: /etc/udev/rules.d/70-persistent-net.rules
  2. Delete (or comment out to test) all lines
  3. Reboot the VCSA

This process will clear the static mac association with the previous eth0 nic, and will allow VCSA to boot up with the new nic/mac address as eth0.

Reference: http://www.vmwarebits.com/content/how-fix-vcenter-appliance-no-networking-problem

WebEx and ADFS SSO

Implemented WebEx with ADFS SSO (Windows 2012R2) successfully, and found these articles helpful:

Initial Setup:

https://cisco-support.webex.com/guest/articles/en_US/Usability_FAQs/WBX63102/myr=false

https://digitalglue.wordpress.com/2014/02/11/configuring-cisco-webex-meeting-server-to-work-with-adfs-2-0/

Those guides do not go over configuring sign-out.  This can be accomplished with the WSFederation sign-out URL documented here:

http://social.technet.microsoft.com/wiki/contents/articles/1439.ad-fs-how-to-invoke-a-ws-federation-sign-out.aspx

And configuring your ADFS server with:

1.  Go to AD FS Manager – Trust Relationships – Relying Party Trusts – <your party trust> properties
2.  Under the Endpoints tab, click Add SAML…
3.  Endpoint Type = SAML Logout, Binding = POST, Trusted URL = https://myadfsserver.domainname.com/adfs/ls/?wa=wsignout1.0

Office 365 – Quick Optimizations

I’ll be adding to this as I continue to work with O365, but for now I have two things I usually do for every tenant:

First, connect to O365 via Powershell.  If you don’t know how, please see my recent blog post

Disable “Clutter” feature for all mailboxes:

Get-Mailbox -Filter * -ResultSize Unlimited | Set-Clutter -Enable $false

Raise email message size limits for all mailboxes (and mailbox plans):

Get-Mailbox -Resultsize Unlimited | Set-Mailbox -MaxReceiveSize 75MB -MaxSendSize 75MB

Get-MailboxPlan | fl name,maxsendsize,maxreceivesize,isdefault

Set-MailboxPlan ExchangeOnlineEnterprise-XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX -MaxSendSize 75MB -MaxReceiveSize 75MB (use mailbox plan name from previous command)

Disable password expiration:

Log into O365 web admin portal (https://portal.office365.com)

Go to “Service Settings” –> “Passwords” and select “Passwords never expire”

 

Office 365 – Powershell

Connecting to Office 365 via Powershell for the first time? Here are the steps to get started:

  1. Install the Microsoft Online Services Sign-In Assistant for IT Professionals RTW
  2. Install the Azure Active Directory Module for Windows Powershell (64-bit version)
  3. Open Powershell and run this command the first time you connect on your computer:
    1. Set-ExecutionPolicy RemoteSigned
  4. Next, run these three commands (you’ll do this everytime you want to connect):
    1. $UserCredential = Get-Credential
    2. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
    3. Import-PSSession $Session
  5. You should now be connected.  When finished, run:
    1. Remove-PSSession $Session

UPDATE: Here is an awesome project on github that is a Office 365 Powershell GUI: https://github.com/bwya77/O365-Administration-Center

Microsoft References:

https://technet.microsoft.com/en-ca/library/jj151815.aspx#bkmk_installmodule
https://technet.microsoft.com/en-us/library/jj984289(v=exchg.160).aspx

Identifying “onmicrosoft” Email Users

If you use Office 365 and DirSync, a user’s primary email address can end up being username@domain.onmicrosoft.com if not setup correctly.  To identify all users setup this way, connect to Office 365 powershell and run this command:

Get-mailbox -ResultSize unlimited | Select-Object primarysmtpaddress | ? {$_ -clike “*onmicrosoft*”}

 

CUCM IM change postgres external database

If you need to change the postgres external database for CUCM, there a few steps to follow:

  1. Change database server name
    1. External server setup -> External databases
  2. Unassign servers and disable persistent chat
    1. Messaging -> Group Chat and Persistent Chat
    2. Change “Persistant Chat Database Assigntment” to unsassigned
    3. Uncheck “Enable Persistant Chat” and Save
  3. Assign servers and enable persistent chat
    1. Messaging -> Group Chat and Persistent Chat
    2. Change “Persistant Chat Database Assigntment” to sassigned
    3. Check “Enable Persistant Chat” and Save
  4. Restart Cisco XCP Router
  5. Start XCP Text Conference Manager

 

 

This blog post helped figure out the process: http://collabtechnotes.blogspot.com/2015/07/postgre-sql-cisco-xcp-message-archiver.html