Install ConfigMGR 2007 clients
by Mats Hellman on 24.Jan, 2011 under ConfigMgr, Windows
Previously I used the SUP to deploy clients in our SCCM environment. This was a really easy way to deploy but sadly I had issues with patch-management. The group policy setting for WSUS kept interfering with ConfigMGR client so I had to look for a another way to deploy the client. After some discussion on Microsoft’s Technet Forums Kent Agerlund pointed me to a script written by Jason Sandys. This script really does the job and it’s well documented.
Sync data between two Mac’s
by Mats Hellman on 02.Dec, 2010 under Apple
This is not an in-depth article, it’s more like a note to myself so I remember this the next time I need to sync files between my Mac’s.
There are more than one software out there to do the same task but since rsync is built-in to the operating system I’ll use it for now.
First of all you need to allow remote access to the source computer so go to System Preferences and Sharing. Enable Remote Login for your user.
After that you can log into your target computer and open the terminal. And just type the following
$rsync -avz –delete –exclude ‘.DS_Store’ username@192.168.1.10:/Users/username/FolderToSync /Users/LocalUser/FolderToSyncTo
Change the username, IP-address and folders on both the source and the target computer so they match what you want to sync. This is one-way only, it will copy changed files from the source computer to the target computer.
I might follow up on this, if there is enough interest in it, and write an article on two way synchronization between two Mac’s. For now this will be my note 
Migrating from IMAP to Exchange 2010
by Mats Hellman on 02.Dec, 2010 under Exchange Server 2010, Linux, Windows
I know this is a challenge for many professionals out there. And while there are many third party applications to migrate users from old systems to Exchange 2010 they don’t come cheap. There is also the fact that most old Linux based email systems use databases for user/password storage so you will need to get into them to properly move accounts. Due to this we need to be able to customize the process.
This is a highly customized process for the migration. I suggest you test everything here in your test lab before you even attempt to run it in production. All advice is provided as is and if something goes wrong you are on your own.
Image 1 displays a simplified setup of an Exchange system where we have two client access servers in a simple cluster and three backend mailbox servers.
What this article does not discuss
I will not go into any email routing so you need to make sure the email is routed correctly to your backend servers. This article will only take a look at activating the user mailbox in Exchange 2010 and synchronizing the IMAP account from the Linux server to the Exchange server.
Software and information
To successfully follow this article you need to know how to reset the IMAP users passwords and you need to know their usernames. That’s not something I will go into here, we used scripts to reset the passwords but you might want to do it another way.
You also need to install IMAPSync on the Linux server, it doesn’t necessarily have to be the one hosting the mailboxes, it could be another server. We used a third server for this because it was easier to install IMAPSync on a fresh CentOS 5 server than getting it set up on the old Linux server. The IMAPSync .rpm is available in the rpmforge repository. More information on that here http://dag.wieers.com/rpm/.
Simple walkthrough of the process
The HUB servers have a common FQDN, like exchange.domain.com. The HUB servers need to have the IMAP service started since this is the interface for the transfer. Normally this service is stopped in Exchange servers.
Our Linux server is running IMAP so we can connect to it without making any changes to it.
The flowchart in image 2 shows us the process
As I said above, you need to take care of the email routing before you activate mailboxes. Once the mailbox is activated all internal email from other Exchange users will go to the Exchange mailbox.
So to prepare we need to file the users we want to move in tables to be exported to comma separated values. We used Excel but you may use whatever you want. The file was set up like this
| uname | alias | smtp |
| user1 | Fname.Sname | fname.sname@domain.com |
| user2 | Fname2.Sname2 | fname2.sname2@domain.com |
This table was collected from local support engineers so they were able to define the users they wanted us to move. This article assumes the username for the Linux server is the whole SMTP address. Yours might differ and you would have to adapt this to any of my simple scripts.
The files needed for the servers
For the Exchange Server we need all of the columns so export everything to a CSV file. After export the file should look something like this
uname,alias,smtp
user1,Fname.Sname,fname.sname@domain.com
user2,Fname2.Sname2,fname2.sname2@domain.com
Assuming your alias combined with the domain.com is the username on the Linux server you would only need to export the Alias column to a file which should look something like this
Fname.Sname
Fname2.Sname2
When you have the two files, for simplicity let’s call them Exchange.csv and Linux.txt, copy them to the servers. The Linux.txt file should locate on the server you want to run IMAPSync from.
Activating mailboxes and setting the permissions
To move email we are going to use one special purpose account created only to move other users email. So open up your Active Directory Users and Computers and create a simple domain user account. During this example I’ll call this user Exch_mig_user. You can call it anything, or if you really want to, you can use an existing account.
Once you have an suitable account to set the Full access permissions for we can go ahead and create some mailboxes. So log into your mailbox server and fire up Exchange management shell.
The Exchange.csv file should already be located on the server, let’s say it’s in C:\.
To activate the mailboxes we run the following PowerShell command
PS C:\>Import-CSV C:\Exchange.csv | foreach-object{Enable-Mailbox –Identity $_.uname –Alias $_.alias –PrimarySMTPAddress $_.smtp}
This imports our CSV file and uses the values from the file to fill in the blanks in our Enable-Mailbox command. If you want to see what this command would do before using it just ad –WhatIF after $_.smtp. –WhatIf can be used with any of the PowerShell commands here.
After this we need to set the permissions on the mailboxes so the Exch_mig_user account will be able to access the mailbox.
Once again using PowerShell we run
PS C:\>Import-CSV Exchange.csv |foreach-object{Add-MailBoxPermission $_.Alias –user Exch_mig_user –AccessRights FullAccess}
Again, using –WhatIf will show you what would be done.
After running this we will be able to access any of the user accounts defined in the Exchange.csv file using the Exch_mig_user account. This is done so we don’t have to reset any user passwords in Active directory.
After you’re done move over to the Linux server but do not delete the Exchange.csv file, we will use it again later.
Reset Linux passwords
Looking at the flowchart in Image 2 this is where we reset the passwords for the Linux email users so they wont be able to log into the old system anymore and so we can access their email data. As I said before every system here can be different so I’m going to leave this part to you. You can script it, do it manually or have someone else do it. Just set the password to something useful if the server will continue to be active so it wont get hacked.
Using IMAPSync
Now that we have our Exchange accounts active and our Linux account passwords changed we can start the sync process. Notice the word sync, as this will not remove any email from the old server. It will sync them and if you run it again only new items will be moved.
So in our Linux server we have our Linux.txt file containing the First name and Surname of the users we are going to move.
The simple bash script I used looks like this
#!/bin/bash
logfile="synclog.txt"
testlog="/tmp/testlog.txt"
host1=linuximap.domain.com
#host1 is Source
host2=exchange.domain.com
#host2 is Dest
domain=domain.com
#domain is where email account is #everything after @ symbol ######
Do not modify past here #######################################
date=`date +%X_-_%x`
echo "" >> $logfile echo "————————————" >> $logfile
echo "IMAPSync started.. $date" >> $logfile
echo "" >> $logfile
{ while IFS=’;’ read u1; do
user=$u1"@"$domain
echo "Syncing User $user"
date=`date +%X_-_%x`
echo "Start Syncing User $u1"
echo "Starting $u1 $date" >> $logfile
imapsync –buffersize 8192000 –nosyncacls –subscribe –syncinternaldates –noauthmd5 –host1 $host1 –user1 "$user" –password1 TheLinuxPassword –ssl1 –port1 993 –host2 $host2 –user2 AD_DOMAINNAME/Exch_mig_user/$u1 –password2 Exch_mig_user_PASSWORD
date=`date +%X_-_%x`
echo "User $user done" echo "Finished $user $date" >> $logfile
echo "" >> $logfile
done ; } < Linux.txt
date=`date +%X_-_%x`
echo "" >> $logfile echo "IMAPSync Finished.. $date" >> $logfile
echo "————————————" >> $logfile
As with any script downloaded from the internet, read it, understand it and use it at your own peril!
Since we have changed all Linux users passwords to a specific password we can use a static password. If you want to use different passwords for different accounts you need to modify the script and the Linux.txt file.
Also the user used to access the Exchange mailboxes is the same for every account so the password can be static there to.
You need to change the following in the script
- TheLinuxPassword
- AD_DOMAINNAME
- Exch_mig_user_PASSWORD
Once they are set to your private settings you can run the script and it will sync the users from the IMAP server to Exchange Server via IMAP. Every account synced will be logged to the synclog.txt file.
Once the synchronization is done it’s time to once again go over to the Exchange server and remove the Full Access Permissions for the Exch_mig_user account.
Removing the full access permissions
Now that we have synced the defined users mail from our old system to our new system it’s time to remove the full access permissions of the account we used while moving email.
Again open the Exchange Management shell and run the following
PS C:\>Import-CSV Exchange.csv | foreach-object{Remove-MailboxPermission $_.Alias –user Exch_mig_user –AccessRights FullAccess –confirm: $false}
The –confirm: $false statement is there so we don’t have to confirm every permission change. If you move hundreds of users a time you don’t want to confirm this for every mailbox.
Once the script is done you should be done.
Summary
This might not be the most effective or the best way to move users from IMAP to Exchange, but it works and it does not cost anything but time spent on it. One problem is that IMAP folders will be synced one-to-one so if you have subfolders etc. your Exchange mailbox might get a little cluttered. But users have a tendency to clean it up, and we see to it that they get everything with them from the old system.
If you do use this method I’d really like to hear about it and if you have any questions feel free to ask. You can use comments here or send me an message using the contact page.
Supporting family and friends
by Mats Hellman on 01.Dec, 2010 under Apple, Linux, Windows
As most readers here are quite technical I thought I’d share one little application with you. Some may already be using it and others will be using it in a moment.
Have you ever had a friend or family member call you because they have issues with their computer? I guess all of us have since we are the experts in this area. In a corporate world we fire up some remote assistance software to help the user with his/her issues if we can’t solve it over the phone. What do we do at home? Mostly try to explain where to find settings and when it won’t work we get in our car and go to fix the computer locally. Well not anymore.
TeamViewer to the rescue
This is just one wonderful piece of software, never again will I have to get away from the comfort of my home office to fix a friends computer. I use TeamViewer for every last one of these problems.
There are two reasons for this, the first one is in non-commercial use TeamViewer is free as in beer and the second is the variety of platforms you can run TeamViewer on. TeamViewer runs on Windows, Mac, Linux and mobile devices. Granted I wouldn’t use my iPhone to support someone on a 24″ monitor but it is be possible.
Using it is so easy even your 90-year old grandma can use it. Just have them download and start up the QuickSupport version of TeamViewer and you can install the All-In-One full version.
From your client you will get the sessionID and the password, tap them into your full client and you are connected to their screen.
I promise you will save a lot of time using this. What ever your personal support incidents might be. Just remember it wont work if their problem is the connection to the network
Swedish court and The Pirate bay
by Mats Hellman on 30.Nov, 2010 under Life
By now most of us using the internet have read about the case against the Swedish The Pirate Bay. Lawyers have been hunting them for years now trying to get TPB of the internet and stopping piracy. So far TPB is still in working order even if they have had to move their servers a few times due to legal threats against their ISP’s.
Anyway this isn’t what I’m about to bring up. Instead I noticed last night that many friends had a new status in Facebook with the following text
Skadestånd för våldtäkt på 14-årigflicka: 50.000 kr.
Skadestånd för Pirate Bay: 46 miljoner kronor….Kopiera detta om ni tycker nåt är galet
If you don’t understand swedish that wont tell you anything so I’ll translate, loosely it goes like this
For raping an 14 year old girl the sum of 50 000 SEK in damages
Damages to be paid by The Pirate Bay, 46 000 000 SEK
Copy this if you think something is wrong with this picture
Is this really what we want our world to look like? To give the sums some perspective google says 1000 SEK is 142$. So what do you think? Do you think the above sounds fair?
A few words to the companies sewing TPB
This will go of topic but I just have to say this, sorry.
Instead of paying, a wild guess, millions and millions to lawyers and other specialist to find out who’s sharing what to who how about taking a look in the mirror and ask yourself the question. Is our products really priced as it should be? I still think all the tv networks and music companies are looking at this from the wrong perspective. It’s not that people want to pirate. But we do want value for our money and time.
Not too long ago I read about some company wondering how TV will survive in the future since these darn pirates are downloading all their TV shows. Again, look in the mirror. I know you need to put advertising in between the shows and in the middle of the show to keep your cash flow. But when an 20 minute tv show becomes 45 minutes due to advertising I’m not interested in watching TV anymore. There is, let me say this clear, nothing worth 25 minutes of my time in advertising. So either someone like me, downloads the show or records it using TiVO or some other recording device. That way we can start watching the show 20 minutes behind and just skip the advertising.
My word of advice is, cut down on the ad-time and you will get your watchers back in front of the TV in no time.
