My Active Directory command Webstore :)

Extract All Users information from AD using CSVDE:
CSVDE -f C:\ADExport\ADAllUsers.csv -r "(&(objectClass=user))"

Extract All Groups information from AD using CSVDE
CSVDE -f C:\ADExport\ADAllGroups.csv -r "(&(objectClass=group))"

Extract Specific Groups from AD using CSVDE
csvde -f C:\ADExport\AdministratorsGroup.csv -r "(memberOf=CN=Administrators,CN=Builtin,DC=abc,DC=co,DC=com)"

csvde -f C:\ADExport\DomainAdminsGroup.csv -r "(memberOf=CN=Domain Admins,OU=Groups,DC=abc,DC=co,DC=com)"

csvde -f C:\ADExport\ENTAdminsGroup.csv -r "(memberOf=CN=Enterprise Admins,OU=Groups,DC=abc,DC=co,DC=com)"

My Exchange Powershells

Grant a user calender permission Exchange 2010
[PS] C:\>Add-MailboxFolderPermission amalik@elgendi.com:\Calendar -User skamel@elgendi.com -AccessRights editor


RunspaceId : 23325030-1dac-4fae-9c97-75380d4b7f2e
FolderName : Calendar
User : Sonia Kamel
AccessRights : {Editor}
Identity : SSonia Kamel Blablabla
IsValid : True


[PS] C:\>Add-MailboxFolderPermission amalik@elgendi.com:\Calendar -User pPoPs@elgendi.com -AccessRights editor


RunspaceId : 23325030-1dac-4fae-9c97-75380d4b7f2e
FolderName : Calendar
User : Paul PoPs
AccessRights : {Editor}
Identity : Paul Pops Blablabla
IsValid : True

------------------------------------------------------------------------------------------------------------

How to delete E-mail from all Mailboxes

In Exchange 2010 till Sp1

Get-Mailbox –Database ABC-3GB | Export-Mailbox -Identity asabry@elgendi.com –SubjectKeyWorks "Good Morning" –SenderKeyWorks "Ahmed Sabry" -DeleteContent


------------------------------------------------------------------------------------------------------------

Exchange 2010 powershell - get messages sent / received:

Get-MessageTrackingLog -recipient “123@domain.com” -eventID send -Start “05/01/2011 1:00AM” -End “06/23/2011 1:00am”
| Select timestamp,recipients,messagesubject




------------------------------------------------------------------------------------------------------------

In Exchange 2010 SP2
Search-Mailbox -Identity "Ahmed Sabry" -SearchQuery 'Subject:"Remove CMDLET"' -DeleteContent
I didnt like it as I can not specify the sender parameter, it deleted 5 messages , I was willing to delete only 1



 Message Tracking Results using Powershell

Get-MessageTrackingLog -Start "10/02/2011 00:00AM" -Sender "rajawi@ABC.com.it" > I:\test\rajawi2Oct.txt

------------------------------------------------------------------------------------------------------------

Get Exchange Database users Mailbox Size

Get-MailboxStatistics -Database K100MB | Sort-Object TotalItemSize -Descending | ft DisplayName,TotalItemSize,ItemCount > C:\Temp\Exchange\K100MB.txt


------------------------------------------------------------------------------------------------------------

Get Exchange DB & Log file locations:
Get-MailboxDatabase -Status | select ServerName,Name,DatabaseSize,EdbFilePath,LogFolderPath


------------------------------------------------------------------------------------------------------------

Quick checkup commands  :

test-replicationhealth

Get-MailboxDatabaseCopyStatus    :  ContentIndex State failed for “ABC-MB-01”

Test-ServiceHealth -Server  ABC-MB-02

Get-Queue -ServerABC-MB-02 | FL

Test-Mailflow ABC-MB-02 -TargetMailboxServer ABC-MB-01


------------------------------------------------------------------------------------------------------------

Export Mailbox command:

First grant the permission:

New-ManagementRoleAssignment -Role "Mailbox Import Export" -User aelgendi

Second export the Mailbox:
New-MailboxExportRequest -Mailbox "mquddus@abc.com.kw" -FilePath "\\10.7.1.42\OLpst\AbboITSMail.pst"

if you got an error you may need to clean the Database.

Get-Mailboxdatabase | Clean-MailboxDatabase

you can list disconnected by Databse:
Get-MailboxStatistics -Database ABC_DB | Where { $_.DisconnectReason -eq "SoftDeleted" -or $_.DisconnectReason -eq "Disabled" } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason


=====================================================================
Get list of users by GB:
***
Get-MailboxStatistics -Server ABC-mb-01 | where {$_.ObjectClass –eq “Mailbox”} | Sort-Object TotalItemSize –

Descending | ft @{label=”User”;expression={$_.DisplayName}},@{label=”Total Size (GB)”;expression=

{$_.TotalItemSize.Value.ToGB()}},@{label=”Items”;expression={$_.ItemCount}},@{label=”Storage Limit”;expression=

{$_.StorageLimitStatus}} -auto > C:\PShellOutputs\sMailboxStatisticsREPORT.txt

Get list of users by MB:
***
Get-MailboxStatistics -Server ABC-mb-01 | where {$_.ObjectClass –eq “Mailbox”} | Sort-Object TotalItemSize –

Descending | ft @{label=”User”;expression={$_.DisplayName}},@{label=”Total Size (MB)”;expression=

{$_.TotalItemSize.Value.ToMB()}},@{label=”Items”;expression={$_.ItemCount}},@{label=”Storage Limit”;expression=

{$_.StorageLimitStatus}} -auto > C:\PShellOutputs\sMailboxStatisticsREPORT.txt


If Mailbox is not appearing in disconnecrted mailbox:
Get-Mailboxdatabase | Clean-MailboxDatabase


****Determining Free Space in an Exchange 2010 Mailbox Database
Get-MailboxDatabase -Status | ft name,databasesize,availablenewmailboxspace -auto


** Top 20 Mailbox in Size:
Get-Mailbox -database "ABC_100MB" -ResultSize Unlimited| Get-MailboxStatistics | Sort-Object TotalItemSize -descending |Select-Object DisplayName,ItemCount,@{name="MailboxSize";exp={$_.totalitemsize}} -first 20 > c:\PShellOutputs\ABC_100MB.txt


Get-Mailbox -database "ABC_500MB" -ResultSize Unlimited| Get-MailboxStatistics | Sort-Object TotalItemSize -descending |Select-Object DisplayName,ItemCount,@{name="MailboxSize";exp={$_.totalitemsize}} -first 20 > c:\PShellOutputs\ABC_500MB.txt


Get-Mailbox -database "ABC_UNLIMITED" -ResultSize Unlimited| Get-MailboxStatistics | Sort-Object TotalItemSize -descending |Select-Object DisplayName,ItemCount,@{name="MailboxSize";exp={$_.totalitemsize}} -first 20 > c:\PShellOutputs\ABC_UNLIMITED.txt


Get-Mailbox -database "ABC_1GB" -ResultSize Unlimited| Get-MailboxStatistics | Sort-Object TotalItemSize -descending |Select-Object DisplayName,ItemCount,@{name="MailboxSize";exp={$_.totalitemsize}} -first 20 > c:\PShellOutputs\ABC_1GB.txt

==========================================================================

Migrating users to new Mailbox Database , Zero down time:

1. Assign two new drives to the active server one for DB and one for Log
2. Create a new database and point to the new drives
3. Change the Database logging level to ‘Circular logging’ on the new database
4. Move the users from KFH_1GB to the new database
5. After all the users are moved delete the old database
6. Remove the ‘circular logging’ from the new database
7. Reconfigure the drive letters on the passive node to match the new DB and log drives
8. Add the new database copy to the passive node


===========================================================
After NLB configuration you may need to run this command if the servers are not responding:
 netsh interface ipv4 set interface "NLB" forwarding=enabled

Copy files over SFTP

Copy files over SFTP

using PSFTP: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html


psftp.exe 192.168..25.122 -P 22 -l UserName -pw Passw0rd -b C:\pathtoBatchFile.txt


pathtoBatchFile.txt:
==============
cd "/57/Inbound/DCMS Files"
mput DCMS*
ls
==============

The password stored in Credential Manager is invalid. This might be caused by the user changing the password from this computer or a different compute

http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
and copy it to C:\Windows\System32 .
From a command prompt run: psexec -i -s -d cmd.exe
From the new DOS window run: rundll32 keymgr.dll,KRShowKeyMgr
Remove any items that appear in the list of Stored User Names and Passwords. Restart the computer.

Retrive user Member of which Active driectory groups

dsquery user "CN=Donya ,OU=Internal Audit,OU=123,DC=123,DC=bh,DC=com" -o dn | dsget user -memberof > c:\Temp\sep\Donya.txt

How to Reset Local Group Policy Objects to default settings

I just copied it from a web site to keep it here as refrence
Thu, 02/22/2007 - 11:28 — Jason

After much searching on how to do such a simple task as reset local GPOs back to their defaults, I finally found the real answer. I tried this on Windows XP, although it is said to work for 2000 and 2003 Server as well.

1. If you need to clear IPSec settings and software restriction settings do these two sub-steps, otherwise go on to the second step:
a. reg delete hklm\software\policies\microsoft /f
b. regedit /s "c:\policies.reg" (where c:\policies.reg is the exported hklm\software\policies\microsoft hive of a virgin or target configured machine)
2. Issue this magical command to reset the rest of the GPO settings to their defaults (enter this all on one line):
secedit /configure /db reset /cfg "c:\windows\security\templates\setup security.inf" /overwrite
3. Delete the registry.pol file if it exists:
del c:\windows\system32\grouppolicy\machine\registry.pol
4. Reboot

That's it! You're done!

Wput Example

copy c:\ahmad\ftp\*.htm c:\ahmad\Backup\

wput c:\ahmad\Backup\*.htm ftp://ahmad:PaSsw0rd@127.0.0.1/

pause

Clean Up your active directory

1- Using Hyena software go to respective OU and retrieve a list of Computers
or
dsquery computer "OU=WSUS,DC=ABC,DC=KW,DC=com" -limit 1000 > C:\WsusComputers.txt
or if it was under container use:
dsquery computer "CN=Computers,DC=ABC,DC=KW,DC=com" -limit 1000 > C:\WsusComputers.txt


2- Clean them up by Excel to allow only Computer name and then save them to file.

3- Use:
C:\>for /f %a in (C:\lookup.txt) do nslookup %a | find /i "Address" >> c:\nslookup_results.txt
to resolve them to IPs



4- Use angry IP scanner to resolve them to DNS again but with IPs matched & FqDN.

5- Export to Excel and filter to remove [ns] [na] invalid IPs

6- Move them to separate OU:
dsquery computer -name muhq-teller2.ABC.bh.com | dsmove -newparent ou=muharraq,ou=computers,ou=ABC,dc=kfh,dc=bh,dc=com

7- get list of inactive computers for last 90 days:
dsquery computer -inactive 90 -limit 0

And move them as above as well.

Move computer to another OU using DSMOVE

dsquery computer -name satra-aut-478 | dsmove -newparent ou=NewOFFICE,ou=computers,ou=kfh,dc=ABC,dc=bh,dc=com

Create a WinPe including Image X

Updating path to include dism, oscdimg, imagex

C:\Program Files\Windows AIK\Tools\PETools\
C:\Program Files\Windows AIK\Tools\PETools\..\x86
C:\Program Files\Windows AIK\Tools\PETools\..\x86\Servicing;


C:\Program Files\Windows AIK\Tools\PETools>dir
Volume in drive C has no label.
Volume Serial Number is EC71-F518

Directory of C:\Program Files\Windows AIK\Tools\PETools

16/06/2011 02:01 PM .
16/06/2011 02:01 PM ..
16/06/2011 02:03 PM amd64
10/06/2009 02:44 PM 2,084 copype.cmd
16/06/2011 02:03 PM ia64
10/06/2009 02:44 PM 806 pesetenv.cmd
10/06/2009 02:44 PM 3,485 setsanpolicy.cmd
14/07/2009 07:10 AM 116,096 ssshim.dll
16/06/2011 02:01 PM x86
4 File(s) 122,471 bytes
5 Dir(s) 16,468,791,296 bytes free

C:\Program Files\Windows AIK\Tools\PETools>cd x86

C:\Program Files\Windows AIK\Tools\PETools\x86>dir
Volume in drive C has no label.
Volume Serial Number is EC71-F518

Directory of C:\Program Files\Windows AIK\Tools\PETools\x86

16/06/2011 02:01 PM .
16/06/2011 02:01 PM ..
16/06/2011 02:03 PM boot
13/07/2009 06:39 PM 383,562 bootmgr
14/07/2009 10:05 AM 103,312 BootSect.exe
16/06/2011 02:01 PM efi
13/07/2009 07:51 PM 114,088,185 winpe.wim
16/06/2011 02:03 PM WinPE_FPs
3 File(s) 114,575,059 bytes
5 Dir(s) 16,468,586,496 bytes free

C:\Program Files\Windows AIK\Tools\PETools\x86>cd \

C:\>cd Program Files\Windows AIK\Tools\PETools

C:\Program Files\Windows AIK\Tools\PETools>copype.cmd x86 c:\winpeFiles

===================================================
Creating Windows PE customization working directory

c:\winpeFiles
===================================================

1 file(s) copied.
1 file(s) copied.
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\bcd
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\boot.sdi
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\bootfix.bin
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\etfsboot.com
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\fonts\chs_boot.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\fonts\cht_boot.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\fonts\jpn_boot.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\fonts\kor_boot.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\boot\fonts\wgl4_boot.ttf
9 File(s) copied
C:\Program Files\Windows AIK\Tools\PETools\x86\EFI\microsoft\boot\bcd
C:\Program Files\Windows AIK\Tools\PETools\x86\EFI\microsoft\boot\fonts\chs_boot
.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\EFI\microsoft\boot\fonts\cht_boot
.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\EFI\microsoft\boot\fonts\jpn_boot
.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\EFI\microsoft\boot\fonts\kor_boot
.ttf
C:\Program Files\Windows AIK\Tools\PETools\x86\EFI\microsoft\boot\fonts\wgl4_boo
t.ttf
6 File(s) copied
1 file(s) copied.

Success

Updating path to include peimg, cdimage, imagex

C:\Program Files\Windows AIK\Tools\PETools\
C:\Program Files\Windows AIK\Tools\PETools\..\x86


C:\winpeFiles>dir
Volume in drive C has no label.
Volume Serial Number is EC71-F518

Directory of C:\winpeFiles

20/08/2011 01:57 PM .
20/08/2011 01:57 PM ..
10/06/2009 02:14 PM 4,096 etfsboot.com
20/08/2011 01:57 PM ISO
20/08/2011 01:57 PM mount
13/07/2009 07:51 PM 114,088,185 winpe.wim
2 File(s) 114,092,281 bytes
4 Dir(s) 16,317,333,504 bytes free

C:\winpeFiles>copy c:\winpeFiles\winpe.wim c:\winpeFiles\ISO\sources\boot.wim
1 file(s) copied.

C:\winpeFiles>copy "c:\Program Files\Windows AIK\Tools\x86\imagex.exe" c:\winpeF
iles\ISO
1 file(s) copied.

C:\winpeFiles>oscdimg.exe -n -bc:\winpeFiles\etfsboot.com c:\winpeFiles\ISO c:\w
inpeFiles\ImageX.iso

OSCDIMG 2.55 CD-ROM and DVD-ROM Premastering Utility
Copyright (C) Microsoft, 1993-2007. All rights reserved.
Licensed only for producing Microsoft authorized content.


Scanning source tree
Scanning source tree complete (18 files in 8 directories)

Computing directory information complete

Image file is 142673920 bytes

Writing 18 files in 8 directories to c:\winpeFiles\ImageX.iso

100% complete

Final image file is 142673920 bytes

Done.

C:\winpeFiles>

Get SQL information

// Get Users from Database //
select * from sys.database_principals
select * from sys.database_permissions

//Get Databases on the system//
EXEC sp_databases

//database Users Roles//
SELECT p.NAME
,m.NAME
FROM sys.database_role_members rm
JOIN sys.database_principals p
ON rm.role_principal_id = p.principal_id
JOIN sys.database_principals m
ON rm.member_principal_id = m.principal_id

// Call Stored procedures from anther server//
EXEC [sqltest].Globalfs.dbo.List_DBRoles
====================
Store Procedure to

List all users roles, And permissions

====================

CREATE procedure [dbo].[List_DBRoles]

(

@database nvarchar(128)=null,

@user varchar(20)=null,

@dbo char(1)=null,

@access char(1)=null,

@security char(1)=null,

@ddl char(1)=null,

@datareader char(1)=null,

@datawriter char(1)=null,

@denyread char(1)=null,

@denywrite char(1)=null

)

as

declare @dbname varchar(200)

declare @mSql1 varchar(8000)

CREATE TABLE #DBROLES

( DBName sysname not null,

UserName sysname not null,

db_owner varchar(3) not null,

db_accessadmin varchar(3) not null,

db_securityadmin varchar(3) not null,

db_ddladmin varchar(3) not null,

db_datareader varchar(3) not null,

db_datawriter varchar(3) not null,

db_denydatareader varchar(3) not null,

db_denydatawriter varchar(3) not null,

Cur_Date datetime not null default getdate()

)

DECLARE DBName_Cursor CURSOR FOR

select name

from master.dbo.sysdatabases

where name not in ('mssecurity','tempdb')

Order by name

OPEN DBName_Cursor

FETCH NEXT FROM DBName_Cursor INTO @dbname

WHILE @@FETCH_STATUS = 0

BEGIN

Set @mSQL1 = ' Insert into #DBROLES ( DBName, UserName, db_owner, db_accessadmin,

db_securityadmin, db_ddladmin, db_datareader, db_datawriter,

db_denydatareader, db_denydatawriter )

SELECT '+''''+@dbName +''''+ ' as DBName ,UserName, '+char(13)+ '

Max(CASE RoleName WHEN ''db_owner'' THEN ''Yes'' ELSE ''No'' END) AS db_owner,

Max(CASE RoleName WHEN ''db_accessadmin '' THEN ''Yes'' ELSE ''No'' END) AS db_accessadmin ,

Max(CASE RoleName WHEN ''db_securityadmin'' THEN ''Yes'' ELSE ''No'' END) AS db_securityadmin,

Max(CASE RoleName WHEN ''db_ddladmin'' THEN ''Yes'' ELSE ''No'' END) AS db_ddladmin,

Max(CASE RoleName WHEN ''db_datareader'' THEN ''Yes'' ELSE ''No'' END) AS db_datareader,

Max(CASE RoleName WHEN ''db_datawriter'' THEN ''Yes'' ELSE ''No'' END) AS db_datawriter,

Max(CASE RoleName WHEN ''db_denydatareader'' THEN ''Yes'' ELSE ''No'' END) AS db_denydatareader,

Max(CASE RoleName WHEN ''db_denydatawriter'' THEN ''Yes'' ELSE ''No'' END) AS db_denydatawriter

from (

select b.name as USERName, c.name as RoleName

from ' + @dbName+'.dbo.sysmembers a '+char(13)+

' join '+ @dbName+'.dbo.sysusers b '+char(13)+

' on a.memberuid = b.uid join '+@dbName +'.dbo.sysusers c

on a.groupuid = c.uid )s

Group by USERName

order by UserName'

--Print @mSql1

Execute (@mSql1)

FETCH NEXT FROM DBName_Cursor INTO @dbname

END

CLOSE DBName_Cursor

DEALLOCATE DBName_Cursor

Select * from #DBRoles

where ((@database is null) OR (DBName LIKE '%'+@database+'%')) AND

((@user is null) OR (UserName LIKE '%'+@user+'%')) AND

((@dbo is null) OR (db_owner = 'Yes')) AND

((@access is null) OR (db_accessadmin = 'Yes')) AND

((@security is null) OR (db_securityadmin = 'Yes')) AND

((@ddl is null) OR (db_ddladmin = 'Yes')) AND

((@datareader is null) OR (db_datareader = 'Yes')) AND

((@datawriter is null) OR (db_datawriter = 'Yes')) AND

((@denyread is null) OR (db_denydatareader = 'Yes')) AND

((@denywrite is null) OR (db_denydatawriter = 'Yes'))

List Group members in Active directory:

C:\>dsquery group -name *gfs* > c:\Groups.txt

dsget group "CN=Tellers,OU=UBS And GFS,OU=BFH,DC=NASA,DC=UA,DC=com" -members | dsget user -fn -ln -desc -samid > c:\01.txt

Force client to update from WSUS

wuauclt.exe /resetauthorization /detectnow

Get the client installed updates:

wmic qfe list > c:\Windowsupdate.txt

test Mail using telnet

telnet TARGETDOMAIN.com 25

EHLO DUCTEST.COM

RCPT TO: asabry@MYdOMAIN.cOM


DATA

This is a test message you will not see a response from this command.

QUIT

Reset Password using net user

net user administrator 80@nC
net user admin2 hjknC /add
net localgroup administrators admin2 /add
net localgroup "Remote Desktop Users" admin2 /add

Push out a shortcut to the desktop.

del "%userprofile%\Desktop\HD Track-it.url" /q

xcopy "\\10.96.1.111\Push$\Track-It! Self Service Web.URL" "%allusersprofile%\desktop\" /d /y

List group members in Active directory and output the results to a file:

dsget group "cn=GFSoperationHead,ou=UBS And GFS,ou=OuName,dc=ABC,dc=com,dc=eg" -members dsget user -fn -ln -desc -samid > c:\GFSoperationHead.txt

Trunk to Elastix 2.0.3 from Cisco Unified Call Manager 6.1

From CISCO side I used this article:
http://www.freepbx.org/news/2009-06-07/cisco-unified-cm-6-1-to-asterisk-and-freepbx-sip-trunks-powered-by-bandwidth-com

In Elastix:

I configured the 600 Extension dedicated for Cisco trunk incoming calls:










I made this trunk to GULFSIP.COM as a SIP Provider:


































Then I configured the below outbound route for that trunk:












Then I configured the Follow me for those who are dialing into Elastix:
























The DISA configuration:

Export Exchange 2007 account to *.pst file

1- download Exchange Management tools:
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=6be38633-7248-4532-929b-76e9c677e802&displaylang=en

2- Install on windows XP x32 with Outlok installed.

3- Grant the user that will run the PowerShell Command "asabri"
Add-MailboxPermission -Identity 'Khalid Hassabou' -User 'MyDomain.COM\asabri' -AccessRights 'FullAccess'

4- Run this from Exchange powerShell:
Export-Mailbox -Identity "asabri@MyDomain.com" -PSTFolderPath E:\AhmadSabry\AS.pst


[PS] C:\Documents and Settings\asabri>Export-Mailbox -Identity "asabri@MyDomain.
com" -PSTFolderPath E:\AhmadSabry\AS.pst

Confirm
Are you sure you want to perform this action?
Exporting mailbox content from the mailbox 'Ahmad Sabry' into .pst file
'E:\AhmadSabry\AS.pst'. This operation may take a long time to complete.
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help
(default is "Y"):y


Identity : MyDomain.com/Consultants and Vendors/Ahmed S
abri
DistinguishedName : CN=Ahmed Sabri,OU=Consultants and Vendors,DC
=MyDomain,DC=com
DisplayName : Ahmad Sabry
Alias : asabri
LegacyExchangeDN : /o=NMTC/ou=Exchange Administrative Group (FY
DIBOHF23SPDLT)/cn=Recipients/cn=asabri
PrimarySmtpAddress : asabri@MyDomain.com
SourceServer : WTCXMB1.MyDomain.com
SourceDatabase : WTCXMB1\First Storage Group\SG1_Alpha
SourceGlobalCatalog : WTDC1
SourceDomainController :
TargetGlobalCatalog : WTDC1
TargetDomainController :
TargetMailbox :
TargetServer :
TargetDatabase :
MailboxSize : 12783KB
IsResourceMailbox : False
SIDUsedInMatch :
SMTPProxies :
SourceManager :
SourceDirectReports :
SourcePublicDelegates :
SourcePublicDelegatesBL :
SourceAltRecipient :
SourceAltRecipientBL :
SourceDeliverAndRedirect :
MatchedTargetNTAccountDN :
IsMatchedNTAccountMailboxEnabled :
MatchedContactsDNList :
TargetNTAccountDNToCreate :
TargetManager :
TargetDirectReports :
TargetPublicDelegates :
TargetPublicDelegatesBL :
TargetAltRecipient :
TargetAltRecipientBL :
TargetDeliverAndRedirect :
Options : Default
SourceForestCredential :
TargetForestCredential :
TargetFolder :
PSTFilePath : E:\AhmadSabry\AS.pst
RsgMailboxGuid :
RsgMailboxLegacyExchangeDN :
RsgMailboxDisplayName :
RsgDatabaseGuid :
StandardMessagesDeleted : 0
AssociatedMessagesDeleted : 0
DumpsterMessagesDeleted : 0
MoveType : ExportToPST
MoveStage : Completed
StartTime : 4/7/2011 11:03:14 AM
EndTime : 4/7/2011 11:03:35 AM
StatusCode : 0
StatusMessage : This mailbox has been exported to the PST fi
le.
ReportFile : C:\Program Files\Microsoft\Exchange Server\L
ogging\MigrationLogs\export-Mailbox20110407-
110257-6805407.xml

Exchange 2007 for Resource Booking

Get-Mailbox "thmr@MyDomain.com" |fl *resource*

Get-Mailbox "meeting6@MyDomain.com" |fl *resource*

Get-Mailbox "meeting8@MyDomain.com" |fl *resource*

Get-MailboxCalendarSettings "thmr@MyDomain.com" |fl

Get-MailboxCalendarSettings "meeting6@MyDomain.com" |fl

Get-MailboxCalendarSettings "meeting8@MyDomain.com" |fl

Set-MailboxCalendarSettings "meeting6@MyDomain.com" -AutomateProcessing:Autoaccept

Set-MailboxCalendarSettings "meeting8@MyDomain.com" -AutomateProcessing:Autoaccept

CSF Configure Your Server on Webmin

Installation ============ Installation is quite straightforward:
wget http://www.configserver.com/free/csf.tgz




rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh ===> Error :> You need to install the LWP perl module (libwww-perl) and then install csf
yum install perl-libwww-perl.noarch
install csf
Go to webmin modules
add :
/etc/csf/csfwebmin.tgz

Done Alhamdulillah :)

Tips for Using Performance Monitor Memory Counters

Pls note That I get theses information from by google-ing

Performance Audit Checklist

Counter Name	Average	Minimum	Maximum
Memory: Pages/sec
Memory: Available Bytes
Process: Private Bytes
Processor: % Processor Time
System: Processor Queue Length
SQL Server Buffer: Buffer Cache Hit Ratio
SQL Server General: User Connections

Memory: Pages/sec

This counter measures the number of pages per second that are paged out of RAM to disk, or paged into RAM from disk. The more paging that occurs, the more I/O overhead your server experiences, which in turn can decrease the performance of SQL Server. Your goal is to try to keep paging to a minimum, not to eliminate it.

Assuming that SQL Server is the only major application running on your server, then this figure should ideally average between zero and 20. You will most likely see spikes much greater than 20, which is normal. They key here is keeping the average pages per second less than 20.

If your server is averaging more than 20 pages per second, one of the more likely causes of this is a memory bottleneck due to a lack of needed RAM. Generally speaking, the more RAM a server has, the less paging it has to perform.

In most cases, on a physical server dedicated to SQL Server with an adequate amount of RAM, paging will average less than 20. An adequate amount of RAM for SQL Server is a server that has a Buffer Hit Cache Ratio (described in more detail later) of 99% and higher. If you have a SQL Server that has a Buffer Hit Cache Ratio of 99% or higher for a period of 24 hours, but you are getting an average paging level of over 20 during this same time period, this may indicate that you are running other applications on the physical server other than SQL Server. If this is the case, you should ideally remove those applications, allowing SQL Server to be the only major application on the physical server.

If your SQL Server is not running any other applications, and paging exceeds 20 on average for a 24 hour period, this may mean that you have changed the SQL Server memory settings. SQL Server should be configured so that it is set to the “Dynamically configure SQL Server memory” option, and the “Maximum Memory” setting should be set to the highest level. For optimum performance, SQL Server should be allowed to take

as much RAM as it wants for its own use without having to compete for RAM with other applications.

Memory: Available Bytes

Another way to check to see if your SQL Server has enough physical RAM is to check the Memory Object: Available Bytes counter. This value should be greater than 5MB. If not, then your SQL Server needs more physical RAM. On a server dedicated to SQL Server, SQL Server attempts to maintain from 4-10MB of free physical memory. The remaining physical RAM is used by the operating system and SQL Server. When the amount of available bytes is near 5MB, or lower, most likely SQL Server is experiencing a performance hit due to lack of memory. When this happens, you either need to increase the amount of physical RAM in the server, reduce the load on the server, or change your SQL Server’s memory configuration settings appropriately.

Process: Private Bytes

Private Bytes is the current size, in bytes, of memory that this process has allocated that cannot be shared with other processes.

Processor: % Processor Time

The Processor Object: % Processor Time counter, is available for each CPU (instance), and measures the utilization of each individual CPU. This same counter is also available for all of the CPUs (total). This is the key counter to watch for CPU utilization. If the % Total Processor Time (total) counter exceeds 80% for continuous periods (over 10 minutes or so during your 24 hour monitoring period), then you may have a CPU bottleneck. If these busy periods are only occur occasionally, and you think you can live with them, that’s OK. But if they occur often, you may want to consider reducing the load on the server, getting faster CPUs, getting more CPUs, or getting CPUs that have a larger on-board L2 cache.

System: Processor Queue Length

Along with the Processor: % Processor Time counter, you will also want to monitor the Processor Queue Length counter. If it exceeds 2 per CPU for continuous periods (over 10 minutes or so during your 24 hour monitoring period), then you probably have a CPU bottleneck. For example, if you have 4 CPUs in your server, the Processor Queue Length should not exceed a total of 8 for the entire server.

If the Processor Queue Length regularly exceeds the recommended maximum, but the CPU utilization is not correspondingly as high (which is typical), then consider reducing the SQL Server “max worker threads” configuration setting. It is possible the reason that the Processor Queue Length is high is because there are an excess number of worker threads waiting to take their turn. By reducing the number of “maximum worker threads”, what you are doing is forcing thread pooling to kick in (if it hasn’t already), or to take greater advantage of thread pooling.

SQL Server Buffer: Buffer Cache Hit Ratio

This SQL Server Buffer: Buffer Cache Hit Ratio counter indicates how often SQL Server goes to the buffer, not the hard disk, to get data. In OLTP applications, this ratio should exceed 90%, and ideally be over 99%. If your buffer cache hit ratio is lower than 90%, you need to go out and buy more RAM today. If the ratio is between 90% and 99%, then you should seriously consider purchasing more RAM, as the closer you get to 99%, the faster your SQL Server will perform. In some cases, if your database is very large, you may not be able to get close to 99%, even if you put the maximum amount of RAM in your server. All you can do is add as much as you can, and then live with the consequences.

SQL Server General: User Connections

Since the number of users using SQL Server affects its performance, you may want to keep an eye on the SQL Server General Statistics Object: User Connections counter. This shows the number of user connections, not the number of users, that currently are connected to SQL Server.

If this counter exceeds 255, then you may want to boost the SQL Server configuration setting, “Maximum Worker Threads” to a figure higher than the default setting of 255. If the number of connections exceeds the number of available worker threads, then SQL Server will begin to share worker threads, which can hurt performance. The setting for “Maximum Worker Threads” should be higher than the maximum number of user connections your server ever reaches.

===========

For IIS live monitor:
The next time you see the high CPU utilization open a command prompt and run the following command:
iisapp
(If it asks you to register cscript please do so and then run the command again....)

This will show you the process ID for each application pool (w3wp.exe) running and which process is serving which application pool.

Next, look at task manager and see which process ID is the spiking the CPU. OWA could slow down even if it is the other application pool using a lot of CPU - if one process sucks down the cycles all the other processes suffer.

Once we know which application pool is causing the issue we can move forward.

Additionally, if you need to kill an application pool for whatever reason it is generally best to recycle the application pool from the IIS management console. If you don't want to go this route it is less overhead on the system to kill the offending w3wp.exe rather than restart IIS.

As far as a patch for the issue - there is no single specific cause of a w3wp.exe process using a lot of CPU, it depends entirely on what code is loaded in the worker process. This being the case there may be an issue you are encountering that there is a patch for, but unless you know what the cause of the problem is there is no way to know what fix you need.

==================================

To see if you have memory pressure, have a look at the Perfmon counter SQL Server: Buffer Manager, Page Life Expectancy. If that is averaging less than 300 seconds, or dipping towards zero at any point, then you have memory pressure. The pages/sec counter will be high if you are suffering memory pressure. You will probably need to tune queries (indexes!), or increase memory, or both.

Capture Packets in Linux machine and view it with wireshark

dumpcap -a duration:120 -w output.pcap

120 = means 120 seconds of captures, so you increase or decrease based on your test duration and needs.

output.pcap = is the file name you can make it .cap , so in both cases you can load it by wireshark