Recreating the Exchange 2013 Receive connectors

by on Feb.10, 2016, under Computer Stuff, Windows Info

Just in case you ever have to recreate the default receive connectors in Exchange 2013, here you go:

Default Client Font End Transport (FrontEnd Transport) – TLS, Basic, Integrated, Exchange users, port 587

Default Client Proxy (Hub Transport) – TLS, Basic, Offer Basic after TLS, Integrated, Exchange Server Auth, Exchange Servers, Exchange users, port 465

Default Front End Transport (FrontEnd Transport) – TLS, Basic, Offer Basic after TLS, Integrated, Exchange server auth, Exchange Servers, Legacy Exchange Servers, Anonymous Users, port 25

Default Hub Transport (hub transport) – TLS, Basic, Offer Basic after TLS, Integrated, Exchange Server Auth, Exchange Servers, Legacy, Exchange Users, port 2525

Default Outbound Proxy Frontend Transport (Frontend transport) TLS, Enable domain security, Basic, Offer basic after TLS, integrated, Exchange server auth, exchange servers, anonymous, port 717

Leave a Comment more...

It’s finally here!! Defer Windows Updates using Group Policy!!

by on Nov.16, 2015, under Computer Stuff, Windows Info

This is big. This changes things. Read this.



Leave a Comment more...

Great post on User Certificate Autoenrollment

by on Oct.26, 2015, under Computer Stuff, Windows Info

If you’re setting up PKI, or 802.1x, go read this-


Leave a Comment more...

R.I.P., 2003

by on Jul.16, 2015, under Windows Info

Microsoft ended support for Windows Server 2003 on July 14th, 2015


Leave a Comment more...

CA Root services cannot start after CA Root certificate expires

by on Dec.04, 2014, under Computer Stuff, Windows Info

Since by design, you cannot recover from a CA root certificate expiring, sometimes you need to limp along, and continue to issue certs even though you cannot necessarily revoke them, because the CRL published in Active Directory is now incorrect, or offline.
While we can argue all day about the benefits/detractors of this, here it is:
To bring the CA Root back online after the Root certificate expires, issue these commands in an elevated powershell:

certutil –setreg ca\CRLFlags +CRLF_REVCHECK_IGNORE_OFFLINE
net stop certsvc && net start certsvc

Now, go back to the drawing board, and PLAN your PKI implementation, and DON’T LET YOUR CA ROOT CERTIFICATE EXPIRE!!!

Incidentally, once you’ve fixed your certificate snafu, to stop ignoring offline CRLs, do this in an elevated command prompt:

certutil –setreg ca\CRLFlags -CRLF_REVCHECK_IGNORE_OFFLINE
net stop certsvc && net start certsvc

Leave a Comment :, , , more...

Cannot print to an HP Laserjet 1020 using Terminal Services

by on Jul.22, 2014, under Networking, Windows Info

Terminal Services can only print to your LPT printers (with proper driver installed on the server). In order to print to network printer or USB printer,

1. Install the printer normally (connecting via TCP port or USB port) and make it a shared printer (ie. \\COMPUTERNAME\PRINTER)
2. Install ANOTHER instance of the printer, using the LPT1: (or LPT2:) port
3. Launch an administrative command prompt, and map the LPT port to the shared printer instance:

net use lpt1: \\COMPUTERNAME\PRINTER /persistent:yes

Now, you have an LPT: printer. If you set it as your default printer you can print locally, and Terminal services should now allow you to print from your TS session, as well.

Leave a Comment more...

CenturyLink is the *WORST ISP* I’ve ever run into…

by on Jul.07, 2014, under Rants

If you have a network of hundreds of servers and workstations, and JUST ONE of your systems gets a drive-by infection, CenturyLink will BREACH YOUR CONTRACT, and DROP YOUR CONNECTIVITY!!
Never mind that you pay thousands monthly for high-speed connectivity, never mind that you’ve got people on staff to deal with infections as they’re found, never mind that almost ALL AV solutions are *CLOUD-BASED* and REQUIRE connectivity to be effective. They will drop your connection, and you’ll have to call and beg them to restore it, and then they’ll threaten to do it again, if they see any more infected traffic.

Hey CenturyLink, YOU SUCK!!
If I find any of my clients using your shitty service, I’m going to tell them that I can no longer support them, until they’ve moved to a new ISP.
DIAF, CenturyLink. Contract-breaching losers….

Leave a Comment more...

Setting a PTR record at Comcast

by on Jul.01, 2014, under Networking

To setup a reverse DNS record for a Comcast IP address, please contact the Enterprise Care Center (ECC) at 1-800-741-4141 (option 2, and then option 1).

Leave a Comment : more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it! is proudly powered by

Use OpenDNS

Entries (RSS) and Comments (RSS)
Register - Login - Stats

Visit our friends!

A few highly recommended friends...