Category: "General"

Use Remote Desktop Connection instead of Remote Web Workplace

October 5th, 2016

For SBS 2008 and 2011 users, an easy and more direct way to connect to your office computer is to configure your Remote Desktop Connection on the computer you want to use to connect to your office computer so that it can find your office computer and connect you without having to use Remote Web Workplace.

Here's How:
Open up your RDP connection, click on the Advanced Tab, then click on the Connect from anywhere Settings Button.
Next, click on the Use these RD Gateway server settings and enter the IP address of your SBS server or fully qualified domain to connect to it. Example: remote.yourdomain.com
Click OK, then in the General Tab, enter the computer name of the computer you are trying to access that is inside your office. Example: mycomputer-pc
Next, enter your domain user name and password, save the connection settings and login!

This is much easier than using Internet Explorer in compatibility view settings, replacing dll's as Microsoft patches them with incompatible versions, etc.

Remote Web Workplace connections to workstations using RDP broken after Windows 10 Anniversary Update

September 27th, 2016

Here is a workaround for the updates for Windows 10 Anniversary update that breaks Remote Web Workplace users connectivity to their workstations:

On the computer used to connect to the remote computer:

I got it working as a workaround by replacing the mstscax.dll (Version 10.0.14393.0) in %windir%\SysWOW64\ with the "backup file" in "Windows.old\WINDOWS\SysWOW64" version (10.0.10586.494)

I had to take ownership of the file and give Administrators Full control access to be able to replace the file.

Remove ^M from linux files

July 22nd, 2016

install dos2unix

dos2unix filenameToModify

How to scan for infected web pages

April 25th, 2016

Here are some common pattterns to look for when scanning web pages for compromised files.  All except the last one create a file where the line is executed called maybeinfected.  You can go through each file and find and remove injected code.  It is typically packed garbled text that hides the code because it is usually obfussicated or encoded to avoid detection.

find . -name '*.php' | while read FILE; do if grep '$GLOBALS' "$FILE"; then echo "$FILE" >> maybeinfected; fi ; done

find . -name '*.php' | while read FILE; do if grep 'eval(base64_decode' "$FILE"; then echo "$FILE" >> maybeinfected; fi ; done

find . -name '*.php' | while read FILE; do if grep '''PCT4BA6ODSE_"$FILE"; then echo "$FILE" >> maybeinfected; fi ; done

Automatically delete any that match a pattern:

find . -name '*.php' | while read FILE; do if grep 'PCT4BA6ODSE_' "$FILE"; then rm  "$FILE" -rf; fi ; done

Windows Update Fails to connect

October 16th, 2015
Delete references to local server to force WSUS to use Microsoft Update Service.
 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate   HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU