Aravinda's questions

We got a requirement to reject external emails sent to one distribution group (test_dl1@xyz.com) using exchange 2010 transport rule in this manner. (and send NDR to the original external sender)

We have not restricted external senders in "message delivery restrictions", in test_dl1 distribution group, in this manner. (as per the requirement, goal here is to allow unauthenticated users by the group itself, but control it via above transport rule)

There is only one group member in this distribution group. And the Group member is rejected@xyz.com

Above transport, rule works perfectly fine until up to this step. I have tested using external Gmail address ( that is testing@gmail.com).

(for one thing, I've noticed, NDR initiated from rejected@xyz.com, not the distribution group (test_dl1@xyz.com), which means if I include more members there will be more than one NDR sent to the original sender at this point. )

I get below NDR to testing@gmail.com from postmaster@xyz.com. .

---------------------------------------------------------------------------------------------------------------------------------------------------------------

.

.

---------------------------------------------------------------------------------------------------------------------------------------------------------------

.

But

Crazy thing happens when rejected@xyz.com is being forwarded to another external mail address (that is forward@gmail.com) in this manner.

(Where forward@gmail.com is a mail-enabled exchange 2010 contact. )

Sending a test mail using same external sender (** that is testing@gmail.com**), while above forwarding in place, NDR is sent to forward@gmail.com claiming it is not delivered to forward@gmail.com.

(NDR is supposed to send to the original outside sender that is testing@gmail.com)

. . .

---------------------------------------------------------------------------------------------------------------------------------------------------------------

---------------------------------------------------------------------------------------------------------------------------------------------------------------

.

and also at this point, I noticed NDR is sent by Microsoft Outlook .. NDR is supposed to send by postmaster@xyz.com not by Microsoft Outlook and at any point in this testing, I have not used web outlook or Microsoft outlook fat client.

Cannot figure out how to fix the above transport rule to send NDR to the original sender, while forwarding in place.

Already wasted so many hours .. any help would be very much appreciated

Ps: Looks like by allowing un-authenticated users, in a distribution group, ReturnPath is changed from the original sender to the address of the distribution list. and followed by few more changes according to this

https://practical365.com/exchange-server/exchange-server-ndr-loop-distribution-list/

No work around found so far

I have a problem with portal.azure.com user password reset. I have configured hybrid identity with single sign on in azure AD and onpremis AD. The connection was made via Azure AD Connect.

The problem is I have configured password writeback already in AD Connect

Yet when I try to reset a password of a Windows Server AD user (For example "n3 n4" user in the below image) which is already populated in Azure AD it says

**Unfortunately, you cannot reset this user's password because password writeback is not enabled in your tenant.**

but users made in in Azure Active Directory (for example "admna" in the below image) can be reset.

This same azure tenant has a office 365 tenant as well. If i reset a user password via office 365, reset successful yet, then there are two passwords, one for onpremis windows login and the other is for office 365 . Apparently office 365 can reset password and its not sync to the local AD, while Azure portal cant reset password at all .

I can reset passwords via local AD and successfully sync to the cloud.If i reset via local AD and it will sync without any issue. Apparently sync works one way from local to Cloud and not vise versa.

When we look at directory sync no issues reported. (All green)

and here is my AD connect settings, Where "Adsync" user is a enterprise admin.

and also "Adsync" user has full control over Active directory users and computers in the below manner

And the azure global admin (admna) used to sync has following license. (https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-whats-next)

No matter what password reset in azure says,

Please guide me what I'm messing up? which direction I should take to troubleshoot/fix this? any help would be appreciated .

Thanks in advanced for you valuable time spent on this.

KR

Aravinda

I have configured WSUS server in order to preserve bandwith in the network wile keeping essential updates turned on using that WSUS.

Intranet WSUS server pointing to client pc and other settings are pushed via group policies in Domain controller 2003.

Following policies are configured in the domain..

Computer configuration section

User configuration section

and its correctly configured in the clients in this manner..

yet I wish to disable/remove ,

(1) Ability for users to check the updates (since its automatically scheduled to install at friday 4 pm)

(2) Ability for users to install the updates

(3) ability to check online for updates from windows (Only i want wsus to be the source of download)

If I out line above 3 facts, in the windows 7 client settings its below what i Wish to disable

Is this possible using existing Server 2003 Group policies ? To achieve above 3 requirements? As clients we do have windows xp,7,8,8.1 that needs above 3 requirements.

Any help would be greatly appreciated.

We have an old ms sql 2005 server and for some reason, most of the features in sa account settings are grayed out..

Even I cant change sa password It will though this error "Could not find stored procedure 'master.dbo.sp_password'. (.Net SqlClient Data Provider"

Though I have enabled mixed mode I cant login using sa account.. (only windows authentication works)

Any help where to start troubleshooting steps? googled around a day and yet could not find a clue fixing the issue.. Thanks in advanced for any tip!

PS:only the default instance is having this issue.. other one is fine, login working for sa and not grayed out

I have a share folder in this location and im trying to share using samba (Version 4.1.11) in ubuntu 14.10 /media/aravinda/f6c682f3-5271-4f2b-99e8-93aa3bd39990/share

/media/aravinda/f6c682f3-5271-4f2b-99e8-93aa3bd39990/ is a mounted partition /dev/sda1 .. mounted as ext4 ..

This is my share permissions for above folder..

and samba configuration is as follows

#======================= Global Settings =====================================
[global]

workgroup = REXXXXPSL

   hosts allow = 127. 172. 172.16.

   load printers = yes

   security = user
   map to guest = Bad User
   dns proxy = no

#============================ Share Definitions ==============================
[shaa]
    path = "/media/aravinda/f6c682f3-5271-4f2b-99e8-93aa3bd39990/share"
    force user = nobody
    force group = nogroup
    nt acl support = no
    browsable = yes
    guest ok = yes
    read only = no

I'm getting this error in the windows pc .. no matter what i google and try..

error is "you might not have permission to use this network resource. Contact the Administrator of this server to find out if you have access permissions. Access is denied. "

net config workstation is as below..

testparm results

Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[shaa]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
        workgroup = REXXXXPSL
        map to guest = Bad User
        dns proxy = No
        idmap config * : backend = tdb
        hosts allow = 127., 172., 172.16.

[shaa]
        path = "/media/aravinda/f6c682f3-5271-4f2b-99e8-93aa3bd39990/share"
        force user = nobody
        force group = nogroup
        read only = No
        create mask = 0755
        guest ok = Yes
        nt acl support = No

ps : my ubuntu pc ip is 172.16.30.110 and the network range is 172.16.0.0./16

Not sure where im doing silly, cannot figure out though i have spend lot more time checking configurations and similar threads in google.. Any help/tip would be greatly appreciated as im fully stuck in this no matter what i do ..

I have added login to my smb.conf file by adding

log level = 3
log file = /var/log/samba/log.%p

max log size = 5000
debug timestamp = yes

then used tail -f log.%p | grep 172.16.100.190 (where 172.16.100.190 is the windows clent )

Below is the error output...

Allowed connection from 172.16.100.190 (172.16.100.190)
com-dc01-hof (ipv4:172.16.100.190:1644) connect to service IPC$ initially as user nobody (uid=65534, gid=65534) (pid 6096)
com-dc01-hof (ipv4:172.16.100.190:1644) closed connection to service IPC$
process_local_master_announce: from COM-DC01-HOF<46> IP 172.16.100.190 to REXXXXPSL<1e> for server COM-DC01-HOF.
process_local_master_announce: from COM-DC01-HOF<46> IP 172.16.100.190 to REXXXXPSL<1e> for server COM-DC01-HOF.
check_for_master_browser_success: Local master browser for workgroup REXXXXPSL exists at IP 172.16.100.190 (just checking).
check_for_master_browser_success: Local master browser for workgroup REXXXXPSL exists at IP 172.16.100.190 (just checking).

iptables status..

I am researching on wan bandwith/speed checking tools/graphs. Normally we are using pfsence as a firewall/gateway/router. and also we were used to use "Traffic Graph" lan interface. Recently we have installed netbalancer https://seriousbit.com/netbalancer/ .. But when we check/compare both at one time, there is a huge difference/anomaly..

Which one is ok?

I have configured dovecot and postfix...Email server works fine.. (Webmail and outlook both works..) I have created users using unix command ..

usreadd -s /sbin/nologin myuser

But i have a concern, if i want to login to webmail or outlook I have to use myuser instead of myuser@mydomain.com.

For the time being im using, only user name as below..

If i use myuser@mydomain.com it says its invalid user both webmail and outlook..

I tried googling .. no luck.. yet.. kindly some one please shed a light..

10-master.conf is

#default_process_limit = 100
#default_client_limit = 1000

# Default VSZ (virtual memory size) limit for service processes. This is mainly
# intended to catch and kill processes that leak memory before they eat up
# everything.
#default_vsz_limit = 256M

# Login user is internally used by login processes. This is the most untrusted
# user in Dovecot system. It shouldn't have access to anything at all.
#default_login_user = dovenull

# Internal user is used by unprivileged processes. It should be separate from
# login user, so that login processes can't disturb other processes.
#default_internal_user = dovecot

service imap-login {
  inet_listener imap {
    #port = 143
  }
  inet_listener imaps {
    #port = 993
    #ssl = yes
  }

  # Number of connections to handle before starting a new process. Typically
  # the only useful values are 0 (unlimited) or 1. 1 is more secure, but 0
  # is faster. <doc/wiki/LoginProcess.txt>
  #service_count = 1

  # Number of processes to always keep waiting for more connections.
  #process_min_avail = 0

  # If you set service_count=0, you probably need to grow this.
  #vsz_limit = 64M
}

service pop3-login {
  inet_listener pop3 {
    #port = 110
  }
  inet_listener pop3s {
    #port = 995
    #ssl = yes
  }
}

service lmtp {
  unix_listener lmtp {
   # mode = 0666
  }

  # Create inet listener only if you can't use the above UNIX socket
  #inet_listener lmtp {
    # Avoid making LMTP visible for the entire internet
    #address =
    #port = 
  #}
}

service imap {
  # Most of the memory goes to mmap()ing files. You may need to increase this
  # limit if you have huge mailboxes.
  #vsz_limit = 256M

  # Max. number of IMAP processes (connections)
  #process_limit = 1024
}

service pop3 {
  # Max. number of POP3 processes (connections)
  #process_limit = 1024
}

service auth {
  # auth_socket_path points to this userdb socket by default. It's typically
  # used by dovecot-lda, doveadm, possibly imap process, etc. Its default
  # permissions make it readable only by root, but you may need to relax these
  # permissions. Users that have access to this socket are able to get a list
  # of all usernames and get results of everyone's userdb lookups.
 # unix_listener auth-userdb {
 #   mode = 0600
 #   user = postfix
 #   group = postfix
 # }

   #Postfix smtp-auth
  unix_listener /var/spool/postfix/private/auth {
  mode = 0666
  user = postfix
  group = postfix  
}

  # Auth process is run as this user.
  #user = $default_internal_user
}

service auth-worker {
  # Auth worker process is run as root by default, so that it can access
  # /etc/shadow. If this isn't necessary, the user should be changed to
  # $default_internal_user.
  #user = root
}

service dict {
  # If dict proxy is used, mail processes should have access to its socket.
  # For example: mode=0660, group=vmail and global mail_access_groups=vmail
  unix_listener dict {
    #mode = 0600
    #user = 
    #group = 
  }
}

Results for dovecot -n

# 2.0.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-042stab093.4 x86_64 CentOS release 6.6 (Final)
auth_mechanisms = login plain
disable_plaintext_auth = no
mail_location = maildir:~/Maildir
mbox_write_locks = fcntl
passdb {
  driver = pam
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
}
ssl_cert = </etc/pki/tls/certs/mycert.crt
ssl_key = </etc/pki/tls/private/mycert.key
userdb {
  driver = passwd
}

I have setup postfix on CentOS and trying to configure phpmailer with smtp authentication.

Phpmailer will only work if i put 0.0.0.0/0 under mynetworks in postfix main.conf

mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, 0.0.0.0/0

But in this thread (How do I configure PostFix to allow other machines to send out email through it? ) someone said don't put 0.0.0.0/0 in mynetworks since it can cause spam problems, etc.

Can someone please advice what should I do, to keep my server out of spam problems and also to to work phpmailer?

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = example.com
mydomain = example.com
myorigin = /etc/mailname
inet_interfaces = all
inet_protocols = all
mydestination = localhost.localdomain localhost $mydomain
virtual_alias_maps = hash:/etc/postfix/virtual
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, 0.0.0.0/0
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, permit
relayhost = 
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/postfix/virtual
mailbox_size_limit = 0
recipient_delimiter = +
home_mailbox = Maildir/
smtpd_use_tls = yes
#smtpd_tls_auth_only = yes
smtpd_tls_key_file  = /etc/pki/tls/private/my.key
smtpd_tls_cert_file = /etc/pki/tls/certs/my.crt
smtpd_tls_CAfile = /etc/pki/tls/certs/my.ca-bundle
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
#smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_security_level = may
#SASL SMTP Authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_authenticated_header = yes
debug_peer_level = 2
debugger_command =
     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
     ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES

if i remove 0.0.0.0/0 and keep only mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128

phpmailer says it cant sent mail..

phpmailer debug...

2014-11-23 04:57:10 SERVER -> CLIENT: 220 myhost.com ESMTP Postfix
2014-11-23 04:57:10 CLIENT -> SERVER: EHLO www.myhost.com
2014-11-23 04:57:10 SERVER -> CLIENT: 250-myhost.com
                              250-PIPELINING
                              250-SIZE 10240000
                              250-VRFY
                              250-ETRN
                              250-STARTTLS
                              250-AUTH LOGIN PLAIN
                              250-AUTH=LOGIN PLAIN
                              250-ENHANCEDSTATUSCODES
                              250-8BITMIME
                              250 DSN
2014-11-23 04:57:10 CLIENT -> SERVER: AUTH LOGIN
2014-11-23 04:57:10 SERVER -> CLIENT: 334 VXNlcm5hbWU6
2014-11-23 04:57:10 CLIENT -> SERVER: XXXX
2014-11-23 04:57:10 SERVER -> CLIENT: 334 UGFzc3dvcmQ6
2014-11-23 04:57:10 CLIENT -> SERVER: XXXX
2014-11-23 04:57:10 SERVER -> CLIENT: 235 2.7.0 Authentication successful
2014-11-23 04:57:10 CLIENT -> SERVER: MAIL FROM: sender@example.com
2014-11-23 04:57:10 SERVER -> CLIENT: 250 2.1.0 Ok
2014-11-23 04:57:10 CLIENT -> SERVER: RCPT TO: someone@yahoo.com
2014-11-23 04:57:10 SERVER -> CLIENT: 554 5.7.1 :Relay access denied
2014-11-23 04:57:10 SMTP ERROR: RCPT TO command failed: 554 5.7.1 : Relay access denied
2014-11-23 04:57:10 CLIENT -> SERVER: QUIT
2014-11-23 04:57:10 SERVER -> CLIENT: 221 2.0.0 Bye
2014-11-23 04:57:10 SMTP Error: The following recipients failed: someone@yahoo.com Mailer Error: SMTP Error: The following recipients failed: someone@yahoo.com

and postfix error log

myhost postfix/smtpd[8272]: connect from myhost.com[168.x.x.x]
myhost postfix/smtpd[8272]: NOQUEUE: reject: RCPT from myhost.com[168.x.x.x]: 
554 5.7.1 <mymail@yahoo.com>: Relay access denied; from=<ara@myhost.com> 
to=<mymail@yahoo.com> proto=ESMTP helo=<www.myhost.com>Nov 22 23:57:10 myhost 
postfix/smtpd[8272]: disconnect from myhost.com[168.x.x.x]

Php mailer settings (I have changed only index of php mailer. other files keep as it is/untouched)

<!DOCTYPE html>
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
    <title>PHPMailer - SMTP email test</title>
</head>
<body>
<?php

//SMTP needs accurate times, and the PHP time zone MUST be set
//This should be done in your php.ini, but this is how to do it if you don't have access to that
date_default_timezone_set('Etc/UTC');

require 'PHPMailerAutoload.php';

//Create a new PHPMailer instance
$mail = new PHPMailer();
$mail->isSMTP();
$host = "myhost.com";
$username = "ara";
$password = "ara";
$Port = 25;

$mail->FromName = "Mail from gottsf3 ";
$mail->From = "ara@myhost.com";
$mail->Host = $host;
$mail->Port = $Port;
//$mail->SMTPSecure = 'tls'; //optional 
$mail->SMTPAuth = true;
$mail->Username = $username;
$mail->Password = $password;


$mail->AddAddress("someone@yahoo.com");
$mail->Subject = 'gottsf3PHPMailer - SMTP email test';
$mail->Body = 'This is a plain-text message body';
$mail->SMTPDebug  = 2;

//send the message, check for errors
if (!$mail->send()) {
    echo "Mailer Error: " . $mail->ErrorInfo;
} else {
    echo "Message sent!";
}
?>
</body>
</html>

Just wondering , is there a way to check upload content or any data related to uploads using squid logs ? Any plugin or enhancement? any other viable option. grateful for any advice . Thanks..

I am a Newbie to linux. I'm trying to figure out things. Can someone kindly help me how to combine these two commands?

(1) Normally cron can results can be directed to a log file by editing crontab in the below manner

*/10 * * * * /scripts/mysc.sh >> /home/ara/Desktop/test/log.txt 2>&1 

(2) and in case we need cron results to be emails we can use MAILTO=someemail@domain.com such as

MAILTO=someemail@domain.com
*/10 * * * * /scripts/mysc.sh

But how to combine both options (1) and (2)? I have seen some webhosting space do have both options enabled simultaneously. I did my research/googling but failed to do it. I'm using centos 6.5 and use crontab -e to edit.