==================================================================================== @echo off Echo Save the batch file "AU_Clean_SID.cmd". This batch file will do the following: Echo 1. Stop the wuauserv service Echo 2. Delete the AccountDomainSid registry key (if it exists) Echo 3. Delete the PingID registry key (if it exists) Echo 4. Delete the SusClientId registry key (if it exists) Echo 5. Restart the wuauserv service Echo 6. Resets the Authorization Cookie Pause @echo on net stop wuauserv REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f net start wuauserv wuauclt /resetauthorization /detectnow Pause ====================================================================================
Using a TFTP Server to Return to a Previous Release
Note This section does not apply to Cisco C3201WMIC and Cisco C3201LAP.
Follow these steps to revert from LWAPP mode to autonomous mode by loading a Cisco IOS release using a TFTP server:
Step 1 The static IP address of the PC on which your TFTP server software runs should be between 10.0.0.2 and 10.0.0.30.
Step 2 Make sure that the PC contains the access point image file (such as c1200-k9w7-tar.122-15.JA.tar for a 1200 series access point) in the TFTP server folder and that the TFTP server is activated.
Step 3 Set the timeout value on the TFTP server to 30 seconds.
Step 4 On the PC where the TFTP server is located, perform these steps:
a. Disable any software firewall products, such as Windows firewall, ZoneAlarm firewall, McAffee firewall, or others.
b. Ensure all Windows files are visible. From Windows Explorer, click Tools > Folder Options > View; then uncheck the Hide extensions for known file types check box.
Step 5 Rename the access point image file in the TFTP server folder to c1200-k9w7-tar.defaultfor a 1200 series access point, c1130-k9w7-tar.default for an 1130 series access point, c1240-k9w7-tar.default for a 1240 series access point, andc1250-k9w7-tar.default for a 1250 series access point.
Step 6 Connect the PC to the access point using a Category 5 (CAT5) Ethernet cable.
Step 7 Disconnect power from the access point.
Step 8 Press and hold MODE while you reconnect power to the access point.
Step 9 Hold the MODE button until the status LED turns red (approximately 20 to 30 seconds) and then release.
Step 10 Wait until the access point reboots, as indicated by all LEDs turning green followed by the Status LED blinking green.
Step 11 After the access point reboots, reconfigure it using the GUI or the CLI.
· Cisco AP (1200 Serials and 1300 Serials) only can carry one IOS.
· “boot system flash:/xxx.bin" does not work for AP. Command line take the statement, but "sh run" does not show it. "sh boot" will reflect the IOS which is specified.
· Never use "copy tftp flash:" in Cisco AP. It does not work.
Cisco 1310G IOS Upgrade Procedure:
Following is the proper command that you should use for a regular IOS upgrade with a .tar file on these Aironet devices:
ap#archive download-sw /overwrite /force-reload tftp://IP Address of the PC/the name of the IOS image you downloaded, even with the .tar extension
Note: The IOS image name of the .tar file is case sensitive, and it should be complete
Recovery Steps:
Using the CLI
Follow the steps below to reload the wireless device image using the CLI. When the wireless device begins to boot, you interrupt the boot process and use boot loader commands to load an image from a TFTP server to replace the image in the wireless device.
Note Your wireless device configuration is not changed when using the CLI to reload the image file.
Step 1 Open the CLI using a Telnet session or a connection to the wireless device console port.
Step 2 Reboot the wireless device by removing power and reapplying power.
Step 3 Let the wireless device boot until it begins to inflate the image. When you see these lines on the CLI, press Esc:
Note Keep pressing spacebar to complete decompress the file. If you do not press the spacebar to continue, the process eventually times out and the wireless device stops inflating the image.
Step 8 Enter the set BOOT command to designate the new image as the image that the wireless device uses when it reboots. The wireless device creates a directory for the image that has the same name as the image, and you must include the directory in the command. Your entry might look like this example:
ap: set BOOT flash:/c350-k9w7-mx.122-13.JA1/c350-k9w7-mx.122-13.JA1
Step 9 Enter the set command to check your bootloader entries.
Configuring Exchange Server 2007 Web Services URLs
Author: Anderson Patricio
Exchange Server 2007 has a new feature called AutoDiscover which provides Outlook 2007 with configuration information. This is sent as an XML file and contains all the information needed to create the profile automatically as the URLs used by Outlook 2007. The following services can be set up through the AutoDiscover service:
Offline Address Book (OAB)
Unified Messaging
Out of Office (OOF)
Availability Services
Internally the Exchange Server 2007 works out of the box, just using the self-signed certificate that comes in the Exchange Server 2007 installation process. The built-in certificate contains two names: the NetBIOS name of the Exchange Server box like srv-cashub1 and a second one using the FQDN (Full Qualified Domain Name) like srv-cashub1.apatricio.local. The built-in certificate can be viewed using the local machine Certificate snap-in, as shown in Figure 01, or using the Get-ExchangeCertificate cmdlet.
Figure 1: The built-in certificate created by the Exchange Server 2007 installation process
In this scenario we will allow the internal joined workstations to be configured by the AutoDiscover service. The internal clients will receive a Certificate error pop-up when they access the OWA address, as shown in Figure 02.
Figure 2: The certificate does not have a trusted Certification Authority on the client because it was self-signed
Okay, we can avoid this kind of issue by using a certificate by a Certification Authority that is trusted by all clients. This certificate might be issued by an internal or external Certification Authority. Let’s create a request using the Internal CA and using the certificate name mail.apatricio.local and we are going to create a DNS entry for mail using the CAS IP address as well.
Now, we can use https://mail.apatricio.local in any workstation and we should not get any certificate error.
Configuring the Outlook URLs
Now, after installing our certificate all Outlook 2007 clients will receive the following error message the next time that they open Outlook, as shown in Figure 03.
Figure 3: Security Alert error when we change the certificate on the Client Access Server
What’s happening? Exchange Server 2007 works out of the box with the self-signed certificate, when we change the AutoDiscover certificate we start getting this error.
Outlook 2007 has a built-in tool that allows us to validate the current URLs we are using. This tool is called Test E-mail Autoconfiguration. We can access it by opening the Outlook 2007 client, holding the Ctrl key and right-clicking on the Outlook icon located on the systray.
In the tool we can uncheck Use Guessmart and Secure Guessmart Authentication and click on Test. Then, we will receive all the current URLs set up for Outlook 2007 clients. As you can see in Figure 04, our clients have been receiving the initial configuration that points them to the FQDN name of CAS Server using HTTPS. But we have just deployed the certificate using the name mail.apatricio.local.
Figure 4: The default configuration of the Web Services URLs on Outlook 2007
Okay then, let’s change our URLs to the correct address.
AutoDiscover
The internal clients that belong to the domain will use the SCP (Service Connection Point) object to retrieve the Web Services URL information. We can manage the Autodiscover URL through a couple of cmdlets. To set this, use the following procedures (the entire process is shown in Figure 05):
Check the current configuration. Get-ClientAccessServer | Select Name, *Internal* | fl
Define the new URL. Set-ClientAccessServer –Identity -AutoDiscoverServiceInternalUri:
Execute step 1 again to validate the changes.
Figure 5: Setting up the AutoDiscover URL to use the correct address
OAB
The OAB URLs can be set up by either the Exchange Management Console or the Exchange Management Shell. To configure using the Exchange Management Console, the following steps are required:
Open the Exchange Management Console.
Expand Server Configuration.
Click Client Access.
Select the Client Access Server.
Click the Offline Address Book Distribution tab, and click Virtual Directory below.
In the Actions Toolbox, click Properties, and then click on the URLs tab (as shown in Figure 06).
Figure 6: Changing the URL value for the OAB virtual directory
This setting is per server; if you have more than one CAS server you have to configure the other servers as well.
We can also use Get-OABVirtualDirectory and Set-OABVirtualDirectory to list and set up the OAB URLs, as shown in Figure 07.
Figure 7: The OAB Virtual Directory
Web services
The Web Services are responsible for the Availability Service and OOF URL items in the Outlook 2007 configuration. We can set them up through the Web Services Virtual Directory; the following procedure can be used to accomplish this task (the entire process is shown in Figure 08):
List the current values for Internal and External URLs. Get-WebServicesVirtualDirectory | Select name, *url* | fl
Configure the Internal URL to use the new address. Set-WebServicesVirtualDirectory –Identity “” –InternalUrl: https://url.domain.local/EWS/Exchange.asmx
List the configuration of the Web Services Virtual Directory and check the new values.
Figure 8: Setting up the Internal URL attribute in the Web Services Virtual Directory
Unified Messaging
Now it’s time to set up the Unified Messaging Service URL, we can do that using the following procedure (the entire process is shown in Figure 09):
List the current values of the UM Virtual Directory. Get-UMVirutalDirectory | Select Name, *url* | fl
Configure the Internal URL attribute of the UM Virtual Directory (per server). Set-UMVirtualDirectory –Identity: “” –InternalURL:
Figure 9: Setting up the UM Virtual Directory Internal URL
Validating the changes
Okay, we have worked on the URLs for Outlook 2007, we can now check the results through the Test E-mail AutoConfiguration feature, as shown in Figure 11.
Figure 10: The new Web Services URLs
Just to make sure that our clients are using Web Services, go to an Outlook 2007 client, click Tools / Send/Receive / Download Address Book, and click OK in the new window. Now check the IIS log files, and you should see the connection made by Outlook 2007 to retrieve the OAB through web services, as shown in Figure 11.
Figure 11: The OAB download process by an Outlook 2007 client
Configuring the URLs’ Outlook Anywhere clients
Until this point we have just set up the Internal URLs for Outlook 2007 clients; now we are going to configure Outlook 2007 URLs for Outlook Anywhere clients.
When you enable the Outlook Anywhere feature on the CAS Server (Figure 12), you can define the External host name and the authentication method; both these parameters are available through AutoDiscover services.
Figure 12: Enabling OutlookAnywhere on a CAS Server
Now, we can check the tool again in the Outlook 2007 client and we will see a new configuration set called Exchange HTTP which is designated for the Outlook Anywhere clients. By default the values are the same as the Exchange RPC section, as shown in Figure 13.
Figure 13: New set of configuration to be used by the Outlook anywhere clients
Now our task is to change those values to be accessible for the Outlook anywhere clients (usually external clients). How can I change those values? It’s easy! We use the same cmdlets used for the Exchange RPC Section but instead of the -InternalURL parameter we will change to -ExternalURL.
Summary of cmdlets used to configure Outlook 2007 Web Services
Okay, we have just seen how to configure the Exchange Server 2007 Virtual Directories using Internal and External URLs. We would have to go through this process when we have a CAS NLB (Network Load Balancing), or define a new URL to use either internally or externally.
The following table summarizes the cmdlets that are used to define the Web Services URLs, permission required, and the internal/external parameters.
Item
Cmdlet
Internal Parameter
External Parameter
Permission Required
OAB
Set-OabVirtualDirectory
InternalURL
ExternalURL
Exchange Server Administrator role and local Administrators group for the target server
Web Services / OOF
Set-WebServicesVirtualDirectory -
Unified Messaging
Set-UMVirtualDirectory
Table 1
Conclusion
In this article we saw how to configure the Web Services URL to be used by Outlook 2007. This is important during the Exchange Server deployment process because it is used by all clients running Outlook 2007.
DIM Commando, Counter, Domain DIM Folder, iReturn, objFSO DIM objShell, objSysInfo, rootFolder DIM strFolder, strUser, SubFolders
' INSTANTIATING AN OBJECT PART1 SET objSysInfo = CreateObject("ADSystemInfo") SET objFSO = CreateObject("Scripting.FileSystemObject") SET objShell = wscript.createObject("wscript.shell")
' ASSIGNING VALUES TO VARIABLES strFolder = Lcase(Inputbox(Ucase("Enter path Home folder") &VbCr &VbCr _ &"Use the following syntax:" &VbCr _ &"D:\Users\","Home-Folder","D:\Users\")) Domain = objSysInfo.ForestDNSName & "\"
' INSTANTIATING AN OBJECT PART2 SET rootFolder = objFSO.GetFolder(strFolder) SET SubFolders = rootFolder.SubFolders
' ASSIGNING VALUES TO CONSTANTS ' INFO: You can find the possible permissions in the comment CONST Usr1 = "Domain Admins" CONST UsrPerm1 = "F" CONST UsrPerm2 = "F"
IF objFSO.FolderExists(strFolder) THEN FOR Each Folder In SubFolders strUser = replace(Lcase(Folder),strFolder,"") commando = "icacls """ &Folder &""" /grant ""System"":F ""Creator Owner"":F ""Domain Admins"":" &UsrPerm1 _ &" """ &Domain &strUser &""":F /T /C"
iReturn = objShell.Run("%comspec% /K" & commando) Counter = Counter + 1 ' This sleep is specially done to not overload the system with ' xcacls screens. wscript.echo commando wscript.sleep 6000 NEXT wscript.echo "Finished!" &VBCR &Counter &" folders are reset." ELSE wscript.Echo "Folder: " &Ucase(strFolder) &" doesn't exist." &VbCr _ &"Verify the location and try again." END IF
SET objSysInfo = NOTHING SET objFSO = NOTHING SET objShell = NOTHING SET rootFolder = NOTHING SET SubFolders = NOTHING '=============================END=OF=CODE===================================== wscript.quit
This section does not apply to Cisco C3201WMIC and Cisco C3201LAP.
The static IP address of the PC on which your TFTP server software runs should be between 10.0.0.2 and 10.0.0.30.
Disable any software firewall products, such as Windows firewall, ZoneAlarm firewall, McAffee firewall, or others.
