IT Infrastructure blog

July 16, 2009

Disable ActiveSync WSS/UNC Access In Exchange 2007 Server

How can we secure Exchange 2007 server?  This settings we can consider for Exchange 2007 baseline security.

Here is the one option.

WSS and UNC provided file share access for mobile devices. If the functionality is not needed by mobile users then it should be disabled to reduced Exchanges attack surface and exposure to internal file shares.

How to implement

Open the Exchange Management Console, perform the following steps:

–   Microsoft Exchange  Organization Configuration –> Client Access –>Exchange ActiveSync Mailbox Policies

–   Right Click on <name> Policy, Select Properties

–   General Tab WSS/UNC Access Windows File Shares: Unchecked

Windows SharePoint Services : Unchecked

activesync

OR-

  • Open the Exchange Management Shell, perform the following:

Set-ActiveSyncMailboxPolicy –identity <name> -WSSAccessEnabled $false -UNCAccessEnabled $false

Thanks

Akther

July 2, 2009

Software updates reports in SCCM Server 2007

Filed under: SCCM 2007 — Akther @ 11:12 am
Tags: , ,

Reports are the greate companion in my sccm journey. Through the below reports we can easily identify the windows /software updates  status on  sccm  clients.

Report 1Enforcement state for deployment : Will give following status

Compliant status

Failed to install upates

Non compliance

Pending system restart

Report 2 –  Evaluation state of deploymnet

Evaluation succeeded

Evaluation failed

Evaluation state unknown

Report 3 -Compliance 1- overall compliance

This report will give the full windows update details by client by client.

reports

How to check scavenging is working or not in DNS Server

What is scavenging in DNS Server?

Removing stale records from DNS database based on the refresh interval and no-refresh interval settings in Aging tab.

How to configure Scavenging in DNS Server?

Properties of the zone—> Aging Tab—> select the box scavenge stale resource record. and configure the proper refresh interval and no refresh interval.

For example: Refresh Interval – 7 days.

No-refresh interval – 8 dyas.   In this case scavenging will happen every 15 days.

How to find out Scavenging is working properly or not?

Check the Event ID 2501 in Event viewr. In this id you can see the status of scavenging.

scavenjing-jpeg

Please note that if you create a DNS record on the console manually and this record will not be eligible for scavenging process. However if a client sends a dynamic update (or maybe the DHCP server) for the record you created manually, the record will become a dynamic record.

For manual creted record there will not be any time stamp.

no time stamp

Blog at WordPress.com.