Static NAT/PAT (one-to-one) Cisco ASA 8.2

Outside IP: aaa.bbb.ccc.ddd
Inside IP:
Port: pppp
Identifier for access-list: NAME

This is a simple one to one NAT example. Traffic will go from aaa.bbb.ccc.ddd port pppp to

c-asa01(config)# static (inside,outside) aaa.bbb.ccc.ddd
c-asa01(config)# access-list NAME permit tcp any host aaa.bbb.ccc.ddd eq pppp
c-asa01(config)# access-group NAME in interface outside

Or if you want to NAT and PAT:

Outside IP: aaa.bbb.ccc.ddd
Inside IP:
Outside Port: pppp
Inside Port: qqqq
Identifier for access-list: NAME

c-asa01(config)# static (inside,outside) tcp aaa.bbb.ccc.ddd pppp qqqq
c-asa01(config)# access-list NAME permit tcp any host aaa.bbb.ccc.ddd eq pppp
c-asa01(config)# access-group NAME in interface outside

Unable to extend a volume in Windows 2003.

Environment: VMware ESXi 5.5.x, Windows 2003 VM, Windows 2012 R2 VM.

I needed to expand the system disk of a Windows 2003 VMware virtual machine. I was able to easily extend the disk using vSphere, and Windows displayed the new size. However, I was unable to extend the filesystem using DISKPART. I would receive the following message, when I tried:
“Diskpart failed to extend the volume. Please make sure the volume is valid for extending.”

To get around this, I shutdown my Windows 2003 server. Then added the virtual disk to a Windows 2012 R2 VM. I opened up the Disk Management console via Computer Management. Made the newly added disk Online by right mousing clicking on the disk name (on the left) and selecting Online. Then, I right mouse clicked on the logical disk, in my case the C: drive, and selected Expand. Then, I took the disk offline, but right mouse clicking on the disk name (on the left again) and selecting Offline. Next, I removed the disk from my Windows 2012 R2 VM WITHOUT deleting the file from disk.

Then, all I to do was boot my Windows 2003 VM, and let the chkdsk do its thing.

Exchange Server Saved Rules

Version: Exchange 2010

To list all the rules a mailbox has saved to the Exchange server:

[PS] C:\>Get-InboxRule -Mailbox mailboxname

Reset Internet Explorer settings from command line.

The group policy can block access to reset Internet Explorer which seems to need it much more than it should. To bypass this and reset the settings back to the default:

From a command prompt:

C:\> RunDll32.exe InetCpl.cpl,ResetIEtoDefaults

This will pop up the Reset Internet Explorer Settings window. Click Reset to reset everything except you personal settings. Obviously, you can check the “Delete personal settings” box if you want to delete you personal settings as well.

Exchange Search Mailbox

In order to search a mailbox, the account you are using must be a member of the “Discovery Management” role group.

To check:
[PS] >Get-RoleGroupMember “Discovery Management”

To add somebody to a role:
When you add somebody as follows, you will prompted for the member. For example, Administrator.
[PS] >Add-RoleGroupMember “Discovery Management”

If you are doing this as Administrator and are adding the Administrator account, you will need to restart your EMS (Exchange Management Shell).

Once you have added the role, you will be able to use the Search-Mailbox cmdlet. There are many search options. Below is a simple example searching the subject of a mailbox. The way this works is that the search results are sent to a target mailbox and folder.

[PS] C:\> Get-Mailbox alias | Search-Mailbox -SearchQuery {Subject:”searchfor“} -TargetMailbox mailbox -TargetFolder “foldername

[PS] C:\> Get-Mailbox jim | Search-Mailbox -SearchQuery {Subject:”work rules“} -TargetMailbox mailadmin -TargetFolder “SearchJim

So, in this example, the mailbox jim will be searched for any message with “work rules” in the subject line. Any results, will be put in the mailadmin’s mailbox in a folder called SearchJim.

You can do the same thing for the body of the message:
-SearchQuery {Body:”somethinginthbody”}

Or a date range, except you have to specify sent or received:
-SearchQuery {Received:(1/1/2010..12/31/2010)}
-SearchQuery {Sent:(1/1/2010..12/31/2010)}

Or if you want to search for more than one criteria:
[PS] C:\> Get-Mailbox alias | Search-Mailbox -SearchQuery {Subject:”searchfor” AND Body:”searchsomethingelse” AND Sent:(01/01/2010..12/31/2010)} -TargetMailbox mailbox -TargetFolder “foldername

Moving mysql to a different partition – Ubuntu 12.04

I needed to move my MySQL databases to a different partition, since I was outgrowing the space. I created new space and used a mv command to move the files and preserve the permissions. I moved them to /mysql.

I set the permissions for the new directory:
chown mysql.mysql /mysql
chmod 700 /mysql
Then, I needed to modify the /etc/apparmor.d/tunables/alias file. Note: It is actually documented in the alias file for MySQL.

# vi /etc/apparmor.d/tunables/alias

alias /var/lib/mysql/ -> /mysql/,

# service apparmor restart
# service mysql start

Grant user permission to unlock Active Directory accounts.

OS: Windows 2012 R2

This is the command I used to grant a group permission to unlock accounts.

C:\> DSACLS “ou distinguished name” /i:s /G “group name“:rpwp;LockOutTime;user



Timestamp and lftp

I was using lftp to get a file and do a local listing of the transferred file. The timestamp was days off when I used “local ls”. With some experimentation, I was able to find that if I pass the command a switch I could get the file creation time.

This is what I used:

lftp> local ls -cl

Internet Explorer Group Policy not changing.

I was trying to change the home page policy and the proxy settings for Internet Explorer 11. I had looked at this a couple times but did not resolve the issue. I even started looking toward a registry option when I knew that this had to work. It turns out that is something really stupid, and has been the case for a long time. I just needed to hit the F6 key while the cursor was still on the changed setting. Then, you will see the red line under the setting go from red to green. It turns out that there are few function keys are important so I will note them here.

F5: This will configure and update of the settings.
F6: This will update only the setting you are currently positioned on.
F7: This will ignore only the setting you are currently positioned on.
F8: This will ignore all changes.

Windows 2012 R2 and .Net 3.5 Features

I changed my CD/DVD drive letter after I installed Windows Server 2012 R2 and a couple other features. Then, I wanted to install the .NET Framework 3.5 feature. It kept complaining out not being able to find the source. I had to set the new source location for it to install correctly.

From Server Manager, you add the role as you normally would until you get to the “Confirm installation selections” window:

Click the “Specify an alertnate source path” link and for the path enter the location with the correct directory of your 2012 R2 installation source. Since I changed my drive letter to the Z drive, mine was as follows.


From here, it installed as it normally would.

Note: I also discovered that if you apply some updates and then need to add the .NET 3.5 Framework feature, you might need to uninstall one or two of the updates. In my case, I had to remove update 2966828. I used the method specified here:

Return top