Proxy configuration from CMD line

How to set the proxy for the server from the CMD line.

Windows 2003

1. Open a CMD prompt
2. Type: proxycfg -p proxy.fqdn.com:8080, *.microsoft.com
• Everything after the comma is for anything you want in the bypass proxy list.
3. Hit ENTER

Windows 2008

1. Open a CMD prompt, type:
• NetSH
• WinHTTP
• Set Proxy proxy-server="PROXY.COM:8080" bypass-list="SERVER.COM"
• Show Proxy

Kill a Terminal Server Session from the Command Line

How to Kill a Terminal Services Session from the Command Line

1. Open a CMD prompt
2. To query for current sessions, type:
• qwinsta.exe /server:<servername>
3. To kill a session, type:
• rwinsta.exe /server:<servername> <session id>

How to delete an Outlook Calendar item that causes Outlook to crash

We had a customer who was trying to delete an Outlook calendar entry, but it wouldn't delete no matter what we tried or who tried to delete it.  We used the following steps to delete it:

1. Download the MFCMAPI tool.
2. Run the downloaded too
3. Go to Session->Logon and Display Store Table
4. Select your profile
5. Select Mailbox
6. Expand "Root Container"
7. Right click "Reminders" and select "Open Contents Table"
8. New Window Launches with Title Reminders
9. Select all the reminder items listed there, Right click and select "Delete Message"
10. Close MFCMAPI

Reopen Outlook and see if the problem entry is gone.

IIS 6.x - Encrypt Web.Config

Steps for IIS 6.x to encrypt web.config

1. Create a custom RSA key container (MyKeys can be replaced with any name).
• Open a CMD prompt
• Navigate to: c:\windows\microsoft.net\framework\v2.0
• Run the following command:
• aspnet_regiis.exe -pc "MyKeys" -exp
• Hit the ENTER key
2. Find out what the identity of your ASP.NET application is running as.
• Open Notepad
• Paste in the following:
<%@ Page Language="C#" %> 
<% 
Response.Write(System.Security.Principal.WindowsIdentity.GetCurrent().Name); 
%>



Save the file as "identity.aspx" somewhere within your website where you can access from a browser
Access this identity.aspx file from a browser.  Make note of the account it displays to you
3. Grant the identity access to the RSA key container (created in Step 1).
• Open a CMD prompt (if not already opened)
• Navigate to: c:\windows\microsoft.net\framework\v2.0
• Run the following command:
• aspnet_regiis.exe -pa "MyKeys" "NameOfASP.NETaccountReturnedAbove"
• Hit the ENTER key
4. Specify an instance of a Protected Configuration provider in the web.config.
• Open your web.config in Notepad or some other editor.
• Make sure you have a <connectionStrings> section in your <configuration> section.
• Add a <configProtectedData> section.  "MyProvider" can be replaced with any name.
• Example:

<configuration>
   <configProtectedData>
      <providers>
         <add name="MyProvider"
              type="System.Configuration.RsaProtectedConfigurationProvider, System.Configuration, Version=2.0.0.0,
                    Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a,
                    processorArchitecture=MSIL"
              keyContainerName="MyKeys" 
              useMachineContainer="true" />
      </providers>
   </configProtectedData>
 
   <connectionStrings>
      <add name="SqlServices" connectionString="Data Source=localhost;Integrated Security=SSPI;Initial Catalog=Northwind;" />
   </connectionStrings>
</configuration>

5. Encrypt the actual web.config.
• Open a CMD prompt (if not already opened)
• Navigate to: c:\windows\microsoft.net\framework\v2.0
• Run the following command.  "MyApplication" should be replaced with your actual .NET application name:
• aspnet_regiis.exe -pe "connectionStrings" -app "/MyApplication" -prov "MyProvider"
• Or if using a UNC path:
• aspnet_regiis.exe -pe "connectionStrings" "\\path\path\to\.net\directory -prov "MyProvider"

More information from Microsoft.

Disable CRL Checking

How to Disable CRL Checking in IIS 6.x:

1. Open a CMD prompt
2. Navigate to c:\inetpub\adminscripts
3. To disable for ALL sites, run the following command:
• cscript adsutil.vbs set w3svc/CertCheckMode 1
• Hit the ENTER key
4. To disable for SPECIFIC sites, run the following command:
• cscript adsutil.vbs set w3svc/siteid#/CertCheckMode 1
• Hit the ENTER key

To query to see if the CertCheckMode is already set or not, you can run one of the following commands:

• cscript adsutil.vbs get w3svc/CertCheckMode
• cscript adsutil.vbs get w3svc/siteid#/CertCheckMode

Handle is Invalid

A co-worker was once trying to update some certificates on one of his Windows 2003 servers.  Every time he tried to access the certificates stores via MMC, he would receive an error similar to:

Handle is Invalid

It turns out that he somehow reset the security on the certificates.  The following steps fixed the issue:

1. Navigate to: C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA
2. Permissions should be set to the following for the "MachineKeys" folder:



Administrator	(Full Control)	This folder only
Everyone	(Special)	This folder, subfolders, and files
SYSTEM	(Full Control)	This folder, subfolders, and files



3. To set the Special permissions for the Everyone group:
• RIGHT click the MachineKeys folder
• Select PROPERTIES
• Click on the SECURITY tab
• Click on the ADVANCED button
• Highlight the EVERYONE entry
• Click on the EDIT button
• CHECK the following entries under the ALLOW column:
• List Folder/Read Data
• Read Attributes
• Read Extended Attributes
• Create Files/Write Data
• Create Folders/Append Data
• Write Attributes
• Write Extended Attributes
• Read Permissions
• Click OK
• Check BOTH "Allow inheritable permissions..." and "Replace permission entries..."
• Click OK
• Click OK again

CASPOL

Windows 2003 - IIS 6.x

Command:
caspol.exe -machine -addgrouop 1 -url file://\\uncpath\whatever\* FullTrust -n "Some_name_to_identify_it"

Active Directory (ADUC) with Exchange tabs - Windows 7

How to get the Exchange tabs in Active Directory Users and Computer and Windows 7.

1. Download and install the RSAT Tools (Remote Server Admin Tools) for Windows 7.
• Make sure to download the correct x86 or x64 version depending on your computer.
2. Download Exchange System Manager for Windows Vista (ESMVista.exe), but do not install yet.
3. Install ESM silently.  This will bypass the OS check and lets you install it on Windows 7:
• From a CMD prompt type: esmvista.msi /q

That's all you need to do for Windows 7 32 bit.  If you run ADUC you should now see the Exchange tabs.

If you're running Windows 7 64 bit, you have a few additional steps:

1. You need to run MMC in 32 bit mode.
• Go to START
• Go to RUN
• Type: MMC /32
2. Go to FILE
3. Select ADD/REMOVE SNAP-INS
4. From the list, select ACTIVE DIRECTORY USERS AND COMPUTERS
5. Click ADD
6. Click OK
7. For easier future access, make sure to Save this MMC to a location on your computer.

Let me know if there's an easier process for this now.  I went through these steps a couple of years ago, but it may be much more simple now.

Activate Windows 2008

How to Activate Windows 2008.

1. Launch a CMD prompt
2. Navigate to c:\windows\system32
3. Run: cscript slmgr.vbs -skms addressofKMSserver:portnumber
4. Hit Enter
5. Run: cscript slmgr.vbs -ato

IIS 7.5 - uploadReadAheadSize

A developer recently reported a problem that when a customer attempted to upload an attachment, they would sometime receive the error:

The page was not displayed because the request entity is too large.

In our case it did not include an error number, but it will sometimes include the error number:

HTTPS 413

The fix for us is listed below:

How to set the uploadReadAheadSize in IIS 7.5

1. Launch "Internet Information Services (IIS) Manager"
2. Expand the Server field
3. Expand Sites
4. Select the site you want to make the modification for.
5. In the Features section, double click "Configuration Editor"
6. Under "Section" select: system.webServer>serverRuntime
7. Modify the "uploadReadAheadSize" section
8. Click Apply

- Note that the value is in BYTES