31 July 2012

Configure Citrix XenApp Web site to use HTTPS / SSL

By default the XenApp Web interface sites do not use HTTPS.  To ensure that credential being passed to the interface are not in clear text a good recommendation is to encrypt the site using SSL.

Step 1 Add the required management console
The Citrix installer does a great job of installing all the prerequisites but for this procedure you will have to add the IIS 7 management console


  • Open Server Manager
  • Expand roles
  • Select IIS
  • Add Role Services
  • Check Management Tools so that all the child check boxes are ticked



Step 2 Add the SSL certificate
HTTPS / SSL requires a certificate.  Depending on your configuration you would different certificates.  But since the most interoperable of these is to use a trusted public 3rd part cert I will step through that process.


  • Open the IIS Management Console
  • Select the Web server (not the site)
  • In the Middle Pane Open Server Certificates
  • In the Actions Pane select Create Certificate Request
  • Specify the web sites URL's FQDN
  • Complete the rest of the details
  • On the Next page select  Bit length of 2048
  • Complete the wizard


The process will generate a text file that contains the certificate request.  This will be required by the 3rd party CA to generate the certificate for you.  Follow their process and they should return a similar text file contain the response.



  • Open the IIS Management Console
  • Select the Web server (not the site)
  • In the Middle Pane Open Server Certificates
  • In the Actions Pane select Complete Certificate Request
  • Specify the file that contains the response
  • Complete the wizard


The certificate should now be installed on the Web server and can be selected in configuring the IIS site.

Step 3 Enable SSL on the XenApp web site
Once we have the site and the certificate we now need to configure the site to use it and always require SSL.



  • Open the IIS Management Console
  • Select the Web Site
  • In the Actions pane select Bindings
  • Click Add
  • Type is HTTPS
  • For SSL Certificate - select the certificate created earlier



  • Select SSL setting from the middle pane
  • Check Require SSL
  • Client Certificates should be left as Ignore
  • Click Apply in the Actions Pane



Step 4 Redirect HTTP to HTTPS
Once you change the site SSL setting to Require SSL an normal  HTTP requiest will fail with a 403 Forbidden Access.  To fix this configure a redirect in the 403 Error page.



  • Open the IIS Management Console
  • Select the Web Site
  • In the Actions pane select Error Pages
  • Edit status code 403
  • Select Respond with a 302 Redirect
  • Specify the full URL - eg httpS://citrixwebint.company.com 


That is all there is to it.




30 July 2012

VBScript to rename a computer

This script will append the existing computer name with "-V"  The function of this script is to change the machine name to comply with the naming convention that all virtual machines need to be named as follows:

ComputerName-V

This script can be run as part of your P2V preparation scripts to ensure that the virtual machine does not conflict with the physical machines should both accidentally be turned on at the same time on the network.



dim NewName
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_ComputerSystem",,48)
For Each objItem in colItems
Wscript.echo "Existing Computername " & objItem.DNSHostName
NewName = objItem.DNSHostName &"-v"
wscript.echo NewName
Next
Set colComputers = objWMIService.ExecQuery ("Select * from Win32_ComputerSystem")
For Each objComputer in colComputers
err = objComputer.Rename(NewName)
if err <> 0 then
'wscript.echo "There was an error - Rename manually"
MSGBOX "There was an error - Rename manually",16,"Error"
else
wscript.echo "Machine successfully renamed: " & Name
end if
Next




I have set the script to pop up a message box should the script fail.  You can comment this out and use the normal script echo if you wish.


29 July 2012

Convert recorded TV into a torrent ready video file

Ever wonder how those torrent TV shows are made?

I have been using Windows Media Centre for a very long time and before that I used Beyond TV and before that I used, and before that...

It does not really matter what you use to record your TV with.  There are various way and methods of doing it.  This article will cover converting the recording into a nice ad free compressed file that is high in quality and small in file size.

In the past I needed a toolbox full of tools to do this.  Now I have found a single app that allows me to do everything in one place.  This one is a paid for app but it is quite worthwhile if you plan on doing this often.
The app is called VideoRedo TVSuite.

Step 1 Keep only the good stuff
Open the Video 
Run Ad Detective (Ctrl +A)


This will go through the video file and attempt to fins scene changes and identify ads.  It is creepy how accurate it is. The portions of the video file that is either ads or pre or post recording will be added to the cut list.  Every now and again you might have tweak a scene here or there but it is pretty good just out the box.


Step 2 Make it smaller
Now that you have just the show that you want you can start the process of converting it to a much higher compression codec like H.264 MP4.  The reason you would want to do this is because most recorders, Media-centre included, use MPEG2 based hardware encoding.  This allows the hardware to to do all the heavy lifting for recoding video on-the-fly as it is aired.  The output file is high quality but can be very big.

Once you are happy with your cut list do the following:

Save the video File (Ctrl + S)
Select the default H.264 MP4 profile.
Click Options

This is where things get interesting.  There are a few "standard" formats for ripping and encoding TV series.  The following setting will convert the video to wide screen "Standard Definition"

In the Video Section
  • Change the Max Resolution to 720 x 400
  • Aspect Ratio 16:9
  • Max Bitrate 1100 Kbps
  • Aspect Correction Custome crop adn resize
  • Deinterlace Smart




Click Cropping and Resizing

From the Presets select "Letterbox to Widescreen"
OK



In the Audio Section
  • Encoding Type AAC
  • Bitrate 128 Kbps
  • Sample rate 48 KHZ
  • Compression Automatic

Check "Save as new Profile"

This will now now set the setting up a a template so for all future conversion just select the profile and it will be the same.

Click OK
Click Save and wait for the video to convert.

That's all there is to it.


Step 3 Store or Share you new video file

In this example the original file was 2.15GB the converted file is 270MB.  The new file is much smaller and would generally be considered to be "the same quality."  You can select higher resolution and bit rates for a better quality conversion, but the files will be correspondingly bigger.  Because we selected an industry standard codec the file would play on most media players.


Next up you might want to create and host a torrent for it.  You can use the guide below to do so.

http://fixmyitsystem.com/2011/10/using-private-torrent-to-transfer-large.html




21 July 2012

How to recover deleted or formatted files easily for free

It is inevitable that your or someone you know will delete files they need. That is delete and then decide that they also need to empty the recycle bin right away.  Flash drives also are often formatted accidentally.  If you are a IT tech you will also inevitable need to try and pull data from a windows machine that will no boot or that had been formatted.

I was introduce to a nice utility for doing just this.  Piriform make a tool called Recuver.  What makes this one very nice is that it is wizard driven so it is very easy to use.




It allows you to also specify "Deep Scan" which will read all sectors of the disk picking up discarded file fragments.


Once the scan is complete it present you with the result window which give you quite a bit of information regarding the deleted files it has found.  A nice touch is the preview option that allows you to see the contents without needing to recover first.




The State column is an interesting one as it show you the viability of recovering the file.  Excellent indicates that it is 100% in tact where Unrecoverable indicates that too much of the file fragments have been overwritten.  This will also explain why it is best to recover files sooner rather than later.

Once you have found and selected the file(s) hit the recover button and you are able to select a restore location.  ideally you should be recovering data to another drive, but it is not essential.


A nice add on feature is that you can also use this tool to complete erase a file form the system in such a manner that it is not recoverable again.  It does this by using multiple overwrites on all the sectors containing the file fragments.


The utility is free to use, but there are paid for versions that comes with support.  My take is if it has bailed you out with lost data you would probably want to give them the $25 asking price.


There is also a portable version of the app that allows you to run the app without needing to install anything.  This is very handy for that once off recovery or if you want to run it form a recover boot disk.  That version is available for download form here http://www.piriform.com/recuva/download/portable




09 July 2012

Webspy Malware Aliases

One of the added features TMG added over ISA 2006 is malware scanning and the Network Intrusion System.  The additional fields are present in the TMG proxy and firewall logs. The awesome Webspy log analysing tool by default however does not contain aliases for them.

Here are the aliases I use.  Save these files as .alias files and drop then in them in the specifies Aliases folder.  Check Tools - Options - Path for the location.


Malware Inspection Action 

<stringAlias name="Malware Inspection Action" wildcards="False">
  <bindings>
    <aliasBinding schema="Forefront Threat Management Gateway 2010 Web" expression="[MalwareInspectionAction]" displayName="Malware Inspection Action" />
  </bindings>
  <entries>
    <entry name="None">
      <value>0</value>
    </entry>
    <entry name="Allowed">
      <value>1</value>
    </entry>
    <entry name="Cleaned">
      <value>2</value>
    </entry>
    <entry name="Blocked">
      <value>3</value>
    </entry>
  </entries>
</stringAlias>

Malware Inspection Result


<stringAlias name="Malware Inspectiob Result" wildcards="False">
  <bindings>
    <aliasBinding schema="Forefront Threat Management Gateway 2010 Web" expression="[MalwareInspectionResult]" displayName="Malware Inspection Result" />
  </bindings>
  <entries>
    <entry name="None">
      <value>0</value>
    </entry>
    <entry name="None Detected">
      <value>1</value>
    </entry>
    <entry name="Low &amp; Medium Threats Allowed">
      <value>2</value>
    </entry>
    <entry name="Infected">
      <value>3</value>
    </entry>
    <entry name="Suspicious File">
      <value>4</value>
    </entry>
    <entry name="Encrypted Files">
      <value>5</value>
    </entry>
    <entry name="Max Archive Nesting Exceeded">
      <value>6</value>
    </entry>
    <entry name="Max Size Exceeded">
      <value>7</value>
    </entry>
    <entry name="Mex Unpacked Size Exceeded">
      <value>8</value>
    </entry>
    <entry name="Unknown Encoding">
      <value>9</value>
    </entry>
    <entry name="Corrupted File">
      <value>10</value>
    </entry>
    <entry name="Timeout">
      <value>11</value>
    </entry>
    <entry name="Storage Limit Exceeded">
      <value>12</value>
    </entry>
    <entry name="Unsupported Format">
      <value>13</value>
    </entry>
    <entry name="Status Not Required">
      <value>14</value>
    </entry>
    <entry name="Other">
      <value>15</value>
    </entry>
    <entry name="Disabled">
      <value>16</value>
    </entry>
    <entry name="Disabled For Policy Rule">
      <value>17</value>
    </entry>
    <entry name="Disabled For Chaining Rule">
      <value>18</value>
    </entry>
    <entry name="Exception List">
      <value>19</value>
    </entry>
    <entry name="Proxy Originated Response">
      <value>20</value>
    </entry>
    <entry name="Served By Filter">
      <value>21</value>
    </entry>
    <entry name="Streaming">
      <value>22</value>
    </entry>
    <entry name="Response To Connect">
      <value>23</value>
    </entry>
    <entry name="Routed By CARP">
      <value>24</value>
    </entry>
    <entry name="Source Exeption List">
      <value>25</value>
    </entry>
    <entry name="Definition Folder Not Specified">
      <value>26</value>
    </entry>
    <entry name="Range Response">
      <value>27</value>
    </entry>
  </entries>
</stringAlias>

Malware Inspection Delivery Method

<stringAlias name="Malware Inspection Delivery Method" wildcards="False">
  <bindings>
    <aliasBinding schema="Forefront Threat Management Gateway 2010 Web" expression="[MalwareInspectionContentDeliveryMethod]" displayName="Malware Inspection Content Delivery Method" />
  </bindings>
  <entries>
    <entry name="Unchnaged">
      <value>0</value>
    </entry>
    <entry name="Standard Trickling">
      <value>1</value>
    </entry>
    <entry name="Fast Trickling">
      <value>2</value>
    </entry>
    <entry name="Progress Notification">
      <value>3</value>
    </entry>
  </entries>
</stringAlias>

Malware Inspection Threat Level


<stringAlias name="Malware Inspection Threat Level" wildcards="False">
  <bindings>
    <aliasBinding schema="Forefront Threat Management Gateway 2010 Web" expression="[MalwareInspectionThreatLevel]" displayName="Malware Inspection Threat Level" />
  </bindings>
  <entries>
    <entry name="None">
      <value>0</value>
    </entry>
    <entry name="Low">
      <value>1</value>
    </entry>
    <entry name="Medium">
      <value>2</value>
    </entry>
    <entry name="High">
      <value>3</value>
    </entry>
    <entry name="Severe">
      <value>4</value>
    </entry>
  </entries>
</stringAlias>


NIS Inspection Result


<stringAlias name="NIS Scan Result" wildcards="False">
  <bindings>
    <aliasBinding schema="Forefront Threat Management Gateway 2010 Web" expression="[IpsScanResult]" displayName="NIS Scan Result" />
  </bindings>
  <entries>
    <entry name="Unknown">
      <value>0</value>
    </entry>
    <entry name="Inspected">
      <value>1</value>
    </entry>
    <entry name="Blocked">
      <value>2</value>
    </entry>
    <entry name="Detected">
      <value>3</value>
    </entry>
  </entries>
</stringAlias>

These fields together with the other Malware fields will give you all the info you would want.  For more information as to what the different alies option mean check out MSDN  http://msdn.microsoft.com/en-us/library/ff827532(v=vs.85).aspx 


For a real-time view of these malware events you can use Fastvue TMG Reporter.  It will not only idicate these events, you can also enable email alerts for thresholds for these.  You can therefore rapidly apply corrective action should it be required.   Download a 30 day free trial from here http://fastvue.co/download?lrRef=dfzs4