Pages

Friday, November 16, 2012

AT&T APN Settings for Galaxy S3 SGH-I717

When you install custom ROMs on the AT&T Galaxy S3 SGH-I717, you might have to manually set your APN and 4G LTE PTA settings, here’s the settings you need:

Menu->Settings->Wireless & Networks More->Mobile Networks->Access Point Names.

For 4G LTE PTA/HSPA+:
Name: PTA
APN: pta
MMSC: http://mmsc.mobile.att.net
MMS Proxy: proxy.mobile.att.net
MMS port: 80
MCC: 310
MNC: 410
Auth: none
APN type: default,mms,supl,hipri

For HSPA+:
Name: AT&T
APN: wap.cingular
Username:WAP@CINGULARGPRS.COM
Password:CINGULAR1
MMSC: http://mmsc.cingular.com
MMS Proxy: wireless.cingular.com
MMS Port: 80
MCC:310
MNC:410
APN type: default,supl,mms

You can also use this method to switch between HSPA+ or 4G LTE on your phone to save battery life.

Wednesday, November 14, 2012

Disk Cleanup for Windows Server 2008 R2

 

The Disk Cleanup executable file cleanmgr.exe and the associated Disk Cleanup button are not present in Windows Server® 2008 or in Windows Server® 2008 R2 by default.

This is by design, as the Disk Cleanup button is part of the Desktop Experience feature. In order to have Disk Cleanup button appear on a disk’s Properties dialog, you will need to install the Desktop Experience feature.

So in order to use cleanmgr.exe you’ll need to copy two files that are already present on the server, cleanmgr.exe andcleanmgr.exe.mui. Use the following table to locate the files for your operating system.

Operating System

Architecture

File Location

Windows Server 2008 R2

64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe

Windows Server 2008 R2

64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui

Windows Server 2008

64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.0.6001.18000_en-us_b9f50b71510436f2\cleanmgr.exe.mui

Windows Server 2008

64-bit

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.0.6001.18000_none_c962d1e515e94269\cleanmgr.exe.mui

Windows Server 2008

32-bit

C:\Windows\winsxs\x86_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.0.6001.18000_en-us_5dd66fed98a6c5bc\cleanmgr.exe.mui

Windows Server 2008

32-bit

C:\Windows\winsxs\x86_microsoft-windows-cleanmgr_31bf3856ad364e35_6.0.6001.18000_none_6d4436615d8bd133\cleanmgr.exe

Once you’ve located the files move them to the following locations:

  1. Cleanmgr.exe should go in %systemroot%\System32.
  2. Cleanmgr.exe.mui should go in %systemroot%\System32\en-US.

You can now launch the Disk cleanup tool by running Cleanmgr.exe from the command prompt.

Disk Cleanup can now be run by entering Cleanmgr.exe into a command prompt, or by clicking Start and typing Cleanmgr into the Search bar.

Source

http://technet.microsoft.com/en-us/library/ff630161(WS.10).aspx

Saturday, October 13, 2012

How to Restore ESXi Host Configuration

  • Download vCLI (select release that matches your ESXi version) and install.
  • Navigate to Start->All Programs->VMware->VMware vSphere CLI->Command Prompt.
  • Type CD Bin.
  • Type vicfg-cfgbackup.pl --server SRVNAME --username USER --password PASS –load "x:\host_cfg_backup\esxi5.bak"
 

How to Backup ESXi Host Configuration

 

 

  • Download vCLI (select release that matches your ESXi version) and install.
  • Navigate to Start->All Programs->VMware->VMware vSphere CLI->Command Prompt.
  • Type CD Bin.
  • Type vicfg-cfgbackup.pl --server SRVNAME --username USER --password PASS -s "x:\host_cfg_backup\esxi5.bak"

Tuesday, September 25, 2012

Exchange 2010 This mailbox database contains one or more mailboxes, mailbox plans, archive mailboxes, or arbitration mailboxes

So, let’s say you have a new installation of Exchange Server and you want to move all mailboxes, including Arbitration, from the default database created during the installation to a new mailbox database. Here is how to do it…

First of all, if you just try to delete the default database you will get this message:

DatabaseRemoveError

Stating that the database isn’t empty, even though it does look empty if you do a get-mailbox for the specific database:

get-mailbox -Database “Mailbox Database 1905367170″

DatabaseRemoveError2

There is a switch that you should use if you want to see all mailboxes, even the “hidden” Arbitration mailboxes:

get-mailbox -Database “Mailbox Database 1905367170″ –Arbitration

This gives us different result then the first get-mailbox command:

DatabaseRemoveError3

As you can se the database isn’t as empty as we first thought. To move these mailboxes to the new database you can easily pipe the result of the get-mailbox command and create new move requests for all Arbitration mailboxes:

get-mailbox -Database “Mailbox Database 1905367170″ -Arbitration | New-MoveRequest –TargetDatabase “MailboxDatabase1″

DatabaseRemoveError4

You can check the status of the move request by running:

Get-MoveRequest -SourceDatabase "Database Name".

Make sure that all move requests have a status of Completed.

Before you can actually remove the database you will have to remove the Move Requests. To do this MAKE SURE that the requests have completed then run the following: Get-MoveRequest -SourceDatabase "Database Name" | Remove-MoveRequest.

Note if you deleted the arbitration accounts from Active Directory rerun the Active Directory preparation from the Exchange 2010 media:

Setup.com /PrepareAD

Source

http://msundis.wordpress.com/2010/03/29/show-and-move-hidden-arbitration-mailboxes-in-exchange-server-2010/

http://blog.chrislehr.com/2009/10/exchange-2010-what-is-arbitration.htm

Resizing Windows Server 2008 R2 virtual hard disk in VMWare ESXi

  1. Use the vSphere Client to edit the settings of the server and change the size of the hard disk(s) to the new size;
  2. On the server itself (RDP/console) run the Computer Management snap-in from the Administrative Tools menu;
  3. Expand Storage and select Disk Management. The drive you have increased in size will probably still be showing as the original size. This is because the virtual disk manager caches this information. On the right hand side, click More Actions and select Rescan;
  4. You should now see your new unallocated space. Right click on the *allocated* partition and select Expand.

 

Source

http://calvisblog.wordpress.com/2010/11/22/resizing-windows-server-2008-r2-virtual-hard-disk-in-vmware-esxi/

Increasing Exchange 2010 local move request limit

To increase this limit you can edit

%programfiles%\Exchange Server\V14\Bin\MSExchangeMailboxReplication.exe.config

and change the value for MaxActiveMovesPerTargetMDB to the number you want. Make sure you change it in both locations. I would probably not go over 5. 

Once you do that restart the Microsoft Exchange Mailbox Replication service and your moves should now do more at a time.

Source

http://osj42.blogspot.com/2011/11/increasing-exchange-2010-local-move.html

Monday, August 13, 2012

How to Import Self Signed Certificate in IE9

In Windows 7, navigate to

Start->All Programs

Right click on Internet Explorer

Run as administrator

Tools->Internet Options

Content tab

Certificates button

Import button

Click Next

Browse to saved certificate and click Next

image

Select Place all certificates in the following store and click Browse

image

Check Show physical stores

Expand Trusted Root Certification Authorities

Highlight Local Computer

Click OK, Click Next, Click Finish, Click OK, Click Close, Click OK

Tuesday, July 17, 2012

How to access a mapped network drive within a scheduled task

Windows computers will disconnect a mapped drive after a period of time.  Because of this a scheduled task .bat that calls an executable on a mapped drive will not run and the scheduled task will hang.

Place the below code in a .bat file which will be called from the scheduled task.  The code will disconnect the mapped drive and then remap and connect. After that the code will go to the path of the .exe and then run that exe.

Net use g: /delete
Net use g: \\servername\folder
g:
CD \folder\folder
app.exe
exit

Wednesday, June 27, 2012

Legal disclaimers in Exchange 2010

 

To manage disclaimers in Exchange Server 2010, means that you will need to delve into the art of transport rules. To create a transport rule to apply a disclaimer to all outbound email messages, you can either use the new Transport Rule Wizard in the Exchange Management Console (EMC). Or, you can use the New-TransportRule cmdlet in the Exchange Management Shell (EMS). My preference and this should be your preference, is to use the cmdlet. For example:

New-TransportRule -Name OutboundDisclaimer -Enabled $true -SentToScope 'NotInOrganization' -ApplyHtmlDisclaimerLocation 'Append' -ApplyHtmlDisclaimerText "<h3>Warning</h3><p>This message is confidential. It may also be privileged or otherwise protected by work product immunity or other legal rules. If you have received it by mistake, please let us know by e-mail reply and delete it from your system; you may not copy this message or disclose its contents to anyone. Please send us by fax any message containing deadlines as incoming e-mails are not screened for response deadlines. The integrity and security of this message cannot be guaranteed on the Internet.</p>" -ApplyHtmlDisclaimerFallbackAction Wrap

This example is pretty simple. The only thing to really note is the use of the ApplyHtmlDisclaimerFallbackAction parameter which is being set to Wrap (if the disclaimer can't be inserted into the original message, Exchange encloses, or wraps, the original message in a new message envelope. Then the disclaimer is inserted into the new message) which is the default behavior.

However, what if you wanted to set a disclaimer for all internal email? For example, your legal department wanted some sort of warning message that stated internal email messages cannot be forwarded outside of the organization. Well luckily that is also a pretty simple task as well using the New-Transport cmdlet:

New-TransportRule -Name InternalDisclaimer -Enabled $true -SentToScope 'InOrganization' -ApplyHtmlDisclaimerLocation 'Append' -ApplyHtmlDisclaimerText "<h3>Warning</h3><p>Please do not forward internal email messages outside of the company. Bad things may happen to you!</p>" -ApplyHtmlDisclaimerFallbackAction Wrap

You will notice the SentToScope parameter is set to InOrganization which denotes that the transport rule only applies to messages sent to recipients that are considered inside the organization.

Lastly, what if your legal department is being a real pain and you need to apply a special type of message header (disclaimer) notifying recipients certain information about the email’s sender. For example, what if all internal email messages from trade restricted senders needs to have a TR label applied to them. Luckily, this is pretty simple and might look like the following command:

$Signature = '<div style="backgroun-color:#D5EAff; border:1px dotted #003333; padding:.8em;"> `
<span style="font-size:12pt; color:#ff0000;">TR WARNING</span></br> `
<p style="font-size:8pt; line-height:10pt">This message was sent from a trade restricted (TR) individual!</p> `
</div>
New-TransportRule -Name TRDisclaimer -Enabled $true -SentToScope 'InOrganization' -FromMemberOf "Trade Restricted" -ApplyHtmlDisclaimerLocation 'Prepend' ApplyHtmlDisclaimerText $Signature -ApplyHtmlDisclaimerFallbackAction Wrap

With this command, you will notice that it only applies to senders that are members of the Trade Restricted group. In addition, the ApplyHtmlDisclaimerLocation is being set to Prepend which means that the “disclaimer” will be appended as a header vs. a footer in the message.

Source

http://www.networkworld.com/community/blog/legal-disclaimers-exchange-2010-letting-lawye

How to Add Automatic Email Signatures and Disclaimers with Exchange 2010

 

Exchange Server 2010 has similar capabilities to Exchange Server 2007 when it comes to adding disclaimers to emails sent by end users.

However two improvements have been made in Exchange Server 2010 – the ability to use HTML to format the text, and the ability to insert Active Directory attributes into the text.

These new capabilities make it very easy to add a standardized email signature and disclaimer to all emails sent in the organization.

For this to work the desired Active Directory attributes need to be populated on the user account objects. Attributes that would commonly be used in email signatures include the person’s name, job title, phone number, and street address.

You can view and edit these attributes in the properties of the mailbox or user account.

userattributes01

userattributes02

userattributes03

When the user accounts are populated with the necessary attributes you can proceed with the creation of the Transport Rule that will add the signature and disclaimer.Open the Exchange Management Console and navigate to Organization Configuration/Hub Transport. Right-click and start a New Transport Rule.

transportrule01

Give the rule a meaningful name and description and click Next.

transportrule02

Choose the condition “From users that are inside or outside the organization” and make sure it is set to “Inside the organization“.

transportrule03

Choose the action “Append disclaimer text and fallback to action if unable to apply“.

transportrule04

Now click on the blue highlighted “disclaimer text” to configure the signature and disclaimer. You can use simple HTML tags to format the text, and wrap the Active Directory attribute name in %% tags to insert the attributes automatically.

transportrule05

For example, this is the text that I have used for this demonstration.

Complete the New Transport Rule wizard to finish creating the rule.

transportrule06

You can now test the new rule by sending an email to anyone inside or outside of the organization and seeing the signature and disclaimer text automatically inserted by the Exchange server.

email

Note…to prevent the signature to appear in reply or forwards do the following…

Under the Exceptions section when setting up the rule or editing it, check the “except when the Subject field contains specific words” checkbox and then add the entries “RE” and “FW” to the list.

Source

http://www.theemailadmin.com/2010/01/how-to-add-automatic-email-signatures-and-disclaimers-with-exchange-2010/

Security Software Removal Utilities



Security Software Removal Utilities
Agnitum OutpostAvast
AVGAvira*
BitDefenderBullGuard*
CA AntivirusComputer Associates
Comodo Internet SecurityCounterSpy
Cyber Defender Early Detection Center*Dr. Web
eScanESET
FRISK F-PROT Antivirus*F-Secure
G DataIObit Software
KasperskyKingsoft*
K7 Total SecurityLavaSoft*
Malwarebytes Anti-MalwareMcAfee
Microsoft OneCareMicrosoft Security Essentials*
NormanNorton
PandaPareto Logic*
PC Tools*Prevx
Sophos*SuperAntiSpyware
Trend Micro / Titanium*ThreatFire
VipreWebroot*
Zondex removal tool 1 & 2
(run both in order)
Zone Alarm


*Note: Developer doesn't provide a separate uninstall tool, instead relies on Windows' traditional Add/Remove method or additional manual steps. 


Source
http://www.techspot.com/guides/549-clean-antivirus-removal/

Friday, May 18, 2012

Computer Monitoring and Internet Filter for Children

My recommendation is to have a multi-layer approach. This will help prevent children from bypassing anything and it also helps protect him in case one layer fails.

1. Talk about the internet and have a gameplan
2. Configure the computer to protect
3. Install software to protect
4. Configure router to protect
5. Browser whitelist / blacklist

6. Install kid-friendly browser

 

1. Talk about the internet and have a gameplan:

"Chat" with your kids
Develop an open dialogue so that you can talk with your kids about the benefits and dangers of the Internet. Cultivate an interest in their online activities—their favorite Web sites, online games, and interests. And don’t be afraid to ask your children who they are talking to online and what they are talking about.

Agree on a game plan
Use the InternetSafety.com Gameplan to formally agree on your family’s guidelines for using the Internet. Post them near the family computer as a reminder. Ensure that your kids know to never share personal information on the Internet and that they should tell you about any online activity or contact that makes them uncomfortable.

Print this out and leave next to computer
http://www.internetsafety.com/safety-tips/gameplan/gameplan.pdf

2. Configure the computer to protect:
    Don't let children be admin on computer. Change the child’s account to a restricted lesser account like user.
    Install and configure Microsoft Windows Live Essentials - Family Safety

3. Install software to protect:
    The top 3 software I found are:

    KidsWatch
    $45.95 for up to 3 computers.
    Each year you will need to renew web filter for $29.95

    Cybersitter
    1 computer $24.95; 2 computers $34.95
    Don't know what annual renewal fee is.

    SafeEyes
    $49.95 for up to 3 computers.
    annual renewal fee is $49.95

4. Configure router to protect
    Create an account on opendns and configure router to use opendns.

5. Install browser whitelist / blacklist

Firefox

Chrome

6. KidZui.com, zoodles.com, kid-surf.com

Migrating Firefox From XP to Windows 7

 

Quick Answer:

To migrate Firefox settings from XP to Windows 7 you will need to copy the below folder with Firefox closed.

C:\Documents and Settings\<username>\Application Data\Mozilla\Firefox\Profiles
to
C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\

 

Detailed Instructions

    1. Install Firefox on Windows 7, launch it once, then close it. Make sure Firefox on XP is closed also. Important! Make sure they are the same versions! You cannot migrate between different versions!
    1. On XP, go to: C:\Documents and Settings\<username>\Application Data\Mozilla\Firefox\Profiles\xxxxxxxx.default.
    1. Copy that entire folder to the Windows 7 computer desktop.
    1. On Windows 7, go to C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default .
    1. Copy and paste the folder contents from step 5 to the Windows 7 folder (C:\Users\<username>\AppData\Roaming\Mozilla\Firefox\Profiles\xxxxxxxx.default).

Other options:

Mozbackup

Sources

http://mybroadband.co.za/vb/showthread.php/154264-Migrating-Firefox-from-XP-to-Vista-or-Windows-7
http://support.mozilla.org/en-US/kb/Backing%20up%20your%20information
http://support.mozilla.org/en-US/kb/Managing-profiles

Thursday, March 01, 2012

How to Map SkyDrive in Windows 7

 

Log into your SkyDrive account.

Copy the cid (everything after cid= and before &) from the URL

Right click Computer and select Map Network Drive

Select desired drive letter.  Folder = https://d.docs.live.net/cid (change cid to your actual cid)

Click Finish

For specific folder

Folder URL
Documents https://d.docs.live.net/cid/^.Documents or https://d.docs.live.net/cid/^2Documents
Pictures https://d.docs.live.net/cid/^.Pictures
Public https://d.docs.live.net/cid/^.Public

Monday, February 27, 2012

ICS on Samsung Captivate

 

Download
ROM: BUILD 16: haxer.org / eriador.org (md5: 4bcccf2f665988ab5bd40fa88b0f7621)
Google Apps: Download from ROM Manager.
Google Apps Fixer: MultiUpload / tux-head.net / faramir.eriador.org (md5: af8bcaf5f8158e8e1be7097fc86b6b28)
Google Apps Fixer will fix your problem with not being able to add Google Account or Calendar Sync, but will also reset your Google Apps data. Only flash if you're having problems. If Google Apps Fixer does not work for you, do a factory reset from CWM (or Android Settings) and do not restore system data via TitaniumBackup.

Google Apps
v7.1: MultiUpload / tux-head.net / faramir.eriador.org (md5: 8bf66137f18de45657f29c129a8f4d52)

- First time flashing ICS to your Captivate (or coming from another ROM)?

  1. Root your device and install ClockworkMod Recovery.
  2. Reboot into Recovery using 3-button-combo
  3. Do a Nandroid backup!
  4. WIPE (wipe data/factory reset + wipe cache partition)
  5. Install the ROM from internal sdcard using ClockworkMod Recovery
  6. Optionally install the Google Addon
- Upgrading from CM7?
  1. Do a Nandroid Backup!
  2. WIPE (wipe data/factory reset + wipe cache partition)
  3. Install the ROM from internal sdcard using ClockworkMod Recovery
  4. Optionally install the Google Addon
- Coming from another ICS build?
  1. Do a Nandroid Backup!
  2. Install the ROM from internal sdcard using ClockworkMod Recovery
  3. Optionally install the Google Addon
  4. Reboot into recovery and WIPE (wipe data/factory reset + wipe cache partition)
  5. If radio doesn't work, go back to Samsung ROM and flash from there.
- Upgrading from another build of ICS by teamhacksung?
  1. Do a Nandroid Backup!
  2. Install the ROM from internal sdcard using ClockworkMod Recovery
  3. Optionally install the Google Addon
Note: The upgrade process from CM7 to ICS is automatic, but downgrading from ICS to CM7 (or restoring Nandroid) requires flashing twice. Once from ICS and again from CM7's recovery.

Source

Friday, February 24, 2012

Firmware upgrade fail! Try using recovery mode

 

If you get the message on your Android phone “Firmware upgrade fail! Try using recovery mode” don’t worry.  The phone is in download mode. All you need to do is use Odin 1-click back to stock.

This package is a complete wipe and re-partition package.  It is Stock I897UCKI2 package with Boog's KI1/KI2 Kernel1 with CWM Recovery, no Bootloaders. You need to be on GB bootloaders to run this. This package can be used as Stock before flashing any i897 GB based ROM. Link.

If you are not running on AT&T GB bootloaders, you can get that here.

  1. Unplug the USB cable from your phone
  2. Pull battery
  3. While holding both volume buttons, insert USB cable to phone
  4. Open Odin
  5. Remove USB Cable from computer and re-insert.  Note if that does not work insert cable in different USB port

Tuesday, February 07, 2012

Hard Reset - Galaxy Nexus by Samsung

Hard Reset - Galaxy Nexus by Samsung

Warning Performing a hard reset will remove ALL data including the Google account, system data, application data, application settings, and downloaded applications. Only perform this reset if absolutely necessary.

Warning Pictures, Videos and Music will also be removed. It is recommended to backup this data unless willing to lose it.

Note Personal data such as WiFi passwords, Browser bookmarks, User dictionary, a list of installed Market applications and other customized settings can be backed up to and restored from Google's servers.

Preferred method
Alternate method

Preferred method

  1. From the home screen, select Apps.
    Home screen with Apps
  2. From the APPS tab, select Settings.
    Apps with Settings
  3. From the PERSONAL section, select Backup & reset.
    Settings with Backup & reset
  4. From the PERSONAL DATA section, select Factory data reset.
    Backup & reset with Factory data reset
  5. Select Reset phone.
    Note If presented, enter the current passcode or draw the unlock pattern.
    Reset phone
  6. Select Erase everything.
    Note Allow several minutes for the factory data reset and reboot processes to complete.
    Erase everything
  7. Refer to Initial Activation and Setup.

Top

Alternate method

  1. Press and hold the Power button.
    Power button
  2. Select Power off.
    Phone Options with Power off
  3. Select OK.
    Power off with OK
  4. Press and hold the Volume keys+Power button simultaneously until bootloader mode (image of an Android with Start) appears then release.
    Volume keys and Power button
  5. Select Recovery mode.
    Note Utilize the volume keys to cycle through the available options and the Power button to select.
    Note The device will restart in Recovery mode.
    Bootloader screen with Recovery mode
  6. From the Recovery mode screen, press and hold the Power button then press the Volume up (+) key.
    Recovery mode screen
  7. Select wipe data/factory reset.
    Recovery mode screen with wipe data/factory reset
  8. Select Yes -- delete all user data.
    Note Allow several minutes for the factory data reset process to complete.
    Recovery mode screen with Yes -- delete all user data
  9. Select reboot system now.
    Note Allow several minutes for the reboot process to complete.
    Recovery mode screen with reboot system now
  10. Refer to Initial Activation and Setup.

How to Install ICS on Droid X

Download files either using phone browser or to computer and transfer to sdcard
EncoutnerICSx Beta 3 http://www.multiupload.com/6J90T9DW50
Gapps: http://tux-head.net/...p/gappsv5.1.zip
 

Root Phone (http://www.androidauthority.com/how-to-root-droid-x-running-android-2-3-gingerbread-39804/)

Install ClockworkMod

from Rom Manager
Flash ClockworkMod Recovery
  Reeat
Reboot into Recovery

from clockworkmod recovery
wipe data/factory reset
  yes
wipe cache partition
  yes

advanced
  wipe Dalvik Cache
   yes

back out (power button)

install zip from sdcard
  choose zip from sdcard
   highlight EncoutnerICSx Beta 3 zip and click camera button
    yes
install zip from sdcard
  choose zip from sdcard
   highlight Gapps zip and click camera button
    yes

back out (power button)
 
reboot system now

http://www.androidauthority.com/how-to-install-ice-cream-sandwich-rom-on-motorola-droid-x-40674/

http://forum.xda-developers.com/wiki/index.php?title=Bloatware

Monday, February 06, 2012

How to Boot into Recovery on the DROID X

1. Turn your phone off.
2. Hold down “Home” and press “Power” until the Motorola logo appears.
3. Release ”Power” and continue to hold “Home” until an exclamation appears.
4. Release “Home” and press the “Volume Up” and “Volume Down” at the same time button once.
5. Your phone will now enter recovery.
6. Use the "Power" button to select.

Friday, January 27, 2012

How to Configure a Relay Connector for Exchange Server 2010

In most Exchange Server 2010 environments there will be the need to allow relaying for certain hosts, devices or applications to send email via the Exchange server. This is common with multi-function devices such as network attached printer/scanners, or applications such as backup software that send email reports.

SMTP communication is handled by the Hub Transport server in an Exchange organization. The transport service listens for SMTP connections on it’s default Receive Connector. However, this connector is secured by default to not allow anonymous connections (ie, the type of connection most non-Exchange systems will be making).

You can see this in effect if you telnet to the server on port 25 and try to initiate unauthenticated SMTP communications.

220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 19:42:27 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: somebody@hotmail.com
530 5.7.1 Client was not authenticated

For some Hub Transport servers that are internet-facing, anonymous connections may already be enabled. In those cases relay would still be denied but will behave differently than the first example.

220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:01:44 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: somebody@hotmail.com
250 2.1.0 Sender OK
rcpt to: somebody@gmail.com
550 5.7.1 Unable to relay

You’ll note that relay is denied if I try to send from an @hotmail.com address to an @gmail.com address, because neither is a valid domain for the Exchange organization. But with Anonymous Users enabled on the Receive Connector I can send from an @hotmail.com address to a valid local address.

220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:05:54 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: somebody@hotmail.com
250 2.1.0 Sender OK
rcpt to: alan.reid@exchangeserverpro.local
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
test
.
250 2.6.0 [In
ternalId=2] Queued mail for delivery

However if I try to relay out to an external recipient, the Exchange server does not allow it.

220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:11:27 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: backups@exchangeserverpro.net
250 2.1.0 Sender OK
rcpt to: alerts@managedserviceprovider.com
550 5.7.1 Unable to relay

To permit a non-Exchange server to relay mail we can create a new Receive Connector on the Hub Transport server. Launch the Exchange Management Console and navigate to Server Management, and then Hub Transport. Select the Hub Transport server you wish to create the new Receive Connector on, and from the Actions pane of the console choose New Receive Connector.


Give the new connector a name such as “Relay ” and click Next to continue.


You can leave the local network settings as is, or optionally you can use a dedicated IP address for this connector if one has already been allocated to the server. Using dedicated IP addresses for each connector is sometimes required if you need to create connectors with different authentication settings, but for a general relay connector it is not necessary to change it.


Highlight the default IP range in the remote network settings and click the red X to delete it.


Now click the Add button and enter the IP address of the server you want to allow to relay through the Exchange server. Click OK to add it and then Next to continue.


Click the New button to complete the wizard.

The Receive Connector has now been created but is not yet ready to allow the server to relay through it. Go back to the Exchange Management Console, right-click the newly created Receive Connector and choose properties.

Select the Permission Groups tab and tick the Exchange Servers box.


Select the Authentication Tab and tick the Externally Secured box.


Apply the changes and the Receive Connector is now ready for the server to relay through.

220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:31:00 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.9]
mail from: backups@exchangeserverpro.net
250 2.1.0 Sender OK
rcpt to: alerts@managedserviceprovider.com
250 2.1.5 Recipient OK
data
354 Start mail input; end with .
test
.
250 2.6.0 <924bab1e-0f07-4054-8700-d121577993b4@EX3.exchangeserverpro.local> [In
ternalId=3] Queued mail for delivery

Because the remote IP range has been secured to that single IP address, any other servers on different IP addresses still won’t be able to relay through the Exchange Server. From any other IP address not included in the remote IP range on the Receive Connector relay will be denied.

220 EX3.exchangeserverpro.local Microsoft ESMTP MAIL Service ready at Wed, 18 Au
g 2010 20:46:06 +1000
helo
250 EX3.exchangeserverpro.local Hello [192.168.0.2]
mail from: backups@exchangeserverpro.net
250 2.1.0 Sender OK
rcpt to: alerts@managedserviceprovider.com
550 5.7.1 Unable to relay

You can later add more IP addresses, IP ranges, subnets, or even add multiple IP addresses to the Receive Connector using a script if necessary.

Source


http://exchangeserverpro.com/how-to-configure-a-relay-connector-for-exchange-server-2010