Enable Windows Update “Features on Demand” and “Turn Windows features on or off” in WSUS Environments

I Found this website very usefull and searched long for this.

If you are running Microsoft Windows in a domain environment with WSUS configured, you may notice that you’re not able to install some FODs (Features on Demand), or use the “Turn Windows features on or off”. This will stop you from installing things like the RSAT tools, .NET Framework, Language Speech packs, etc…

You may see “failure to download files”, “cannot download”, or errors like “0x800F0954” when running DISM to install packages.

To resolve this, you need to modify your domain’s group policy settings to allow your workstations to query Windows Update servers for additional content. The workstations will still use your WSUS server for approvals, downloads, and updates, however in the event content is not found, it will query Windows Update.

Enable download of “Optional features” directly from Windows Update

  1. Open the group policy editor on your domain
  2. Create a new GPO, or modify an existing one. Make sure it applies to the computers you’d like
  3. Navigate to “Computer Configuration”, “Policies”, “Administrative Templates”, and then “System”.
  4. Double click or open “Specify settings for optional component installation and component repair”
  5. Make sure “Never attempt to download payload from Windows Update” is NOT checked
  6. Make sure “Download repair content and optional features directly from Windows Update instead of Windows Server Update Services (WSUS)” IS checked.
  7. Wait for your GPO to update, or run “gpupdate /force” on the workstations.

Please see an example of the configuration below:

Download repair content and optional features directly from Windows Update instead of Windows Server Update Services (WSUS)

You should now be able to download/install RSAT, .NET, Speech language packs, and more!

Install Fonts with Powershell

$ssfFonts = 0x14

$fontSourceFolder = ""

$Shell = New-Object -ComObject Shell.Application

$SystemFontsFolder = $Shell.Namespace($ssfFonts)

$FontFiles = Get-ChildItem $fontSourceFolder

$SystemFontsPath = $SystemFontsFolder.Self.Path

$rebootFlag = $false

 

foreach($FontFile in $FontFiles) {

    # $FontFile will be copied to this path:

    $targetPath = Join-Path $SystemFontsPath $FontFile.Name

    # So, see if target exists...

    if(Test-Path $targetPath){

        # font file with the same name already there.

        # delete and replace.

        $rebootFlag = $true

        Remove-Item $targetPath -Force

        Copy-Item $FontFile.FullName $targetPath -Force

    }else{

        #install the font.

        $SystemFontsFolder.CopyHere($FontFile.fullname)

    }

}

 

#Follow-up message

if($rebootFlag){

    Write-Host "At least one existing font overwritten. A reboot may be necessary."

}

Fix Domoticz DB

The FIX::

You need to have sqlite3 installed on your Pi

CODE: SELECT ALL

sudo apt-get install sqlite3 

If you have it you can do the following commands:

CODE: SELECT ALL

cd ~
cd domoticz
sqlite3 domoticz.db
.mode insert
.output dump.sql
.dump
.exit

Remove first line of dumped database:
tail dump.sql -n +2 > dump1.sql
# Make back-up of original just in case:
mv domoticz.db domoticz.bak.db
# Import into fresh database:
sqlite3 domoticz.db < dump1.sql
# Clean-up the temporary files:
rm dump*.sql

https://www.domoticz.com/forum/viewtopic.php?t=10984

Domoticz Cisco Port on / of switch

Script is created by Johan ven Boomgaard.

#!/bin/bash
# Set-cisco-port.sh
# ==============
# |Author: JvdB|
# ==============
# 
# Find,disable,enable port using SNMP at Cisco switch#
# 
# Usage: cd <directory> ./Set-cisco-port.sh <switch ip-address> <description> <action>
# Example: cd <directory> ./Set-cisco-port.sh 192.168.2.250 Test-pc e 
#
# Where:
# - 1st parameter is switch IP address
# - 2nd is Description of NIC/Device
# - 3rd is operation(e - enable port when find description at port, d -disable port when find description at port)
#
# =======================================
# Start script with setting the variables
# =======================================
#
switch_ip=$1;
desc=$(echo $2 | sed 's/://g');
community="private";
operation=$3;
#
2970_get_port(){
# Check for description at port
for i in `snmpwalk -On -v2c -c $community@1 192.168.2.250 .1.3.6.1.4.1.9.9.46.1.3.1.1.2  | sed 's/.1.3.6.1.4.1.9.9.46.1.3.1.1.2.1.//g'  | awk '{print $1}'`; do
        find_mac=`snmpwalk -On -v2c -c  $community@$i 192.168.2.250 .1.3.6.1.2.1.17.4.3.1.1 | sed s/' '//g  | grep -i $desc | sed 's/^.*Hex-STRING\://g'| awk '{print $1}'`;
        if [[ $find_mac != "" ]]; then
                point1=$(snmpwalk -On -v2c -c $community@$i $switch_ip .1.3.6.1.2.1.17.4.3.1.1 | sed s/' '//g  | grep -i $desc  | sed 's/.1.3.6.1.2.1.17.4.3.1.1.//g' | sed 's/=.*//g' );
                port_numb=`snmpwalk -v2c -c $community@$i $switch_ip .1.3.6.1.2.1.17.4.3.1.2  | grep -i $point1 | sed 's/^.*INTEGER\: //g'`;
                echo "Description $desc was found at port number #"$port_numb;
        fi
done;
}
disable_port(){
        echo "Going to disable port by Description";
	# Find by port description
        port_to_disable=`snmpwalk -v2c -On -c $community $switch_ip .1.3.6.1.2.1.31.1.1.1.18 | grep -i $desc | sed 's/.1.3.6.1.2.1.31.1.1.1.18.//g' | awk '{print $1}'`;
        # If port was not found
        if [[ $port_to_disable == "" ]]; then
                echo "Port wasn't found by port description. Exiting ...";
                2970_get_port;
                $port_to_disable=$port_numb;
                echo $ $port_to_disable;
                exit;
        fi;
        # Disable port
        snmpset -v2c -c $community $switch_ip .1.3.6.1.2.1.2.2.1.7.$port_to_disable i 2;
        # Save running config of Cisco switch to startup
        save_2970_cfg;
}
enable_port(){
        echo "Going to enable port by Description";
        # Find by port description
        port_to_enable=`snmpwalk -v2c -On -c $community $switch_ip .1.3.6.1.2.1.31.1.1.1.18 | grep -i $desc | sed 's/.1.3.6.1.2.1.31.1.1.1.18.//g' | awk '{print $1}'`;
        # If port was not found
        if [[ $port_to_enable == "" ]]; then
                echo "Port wasn't found by port description. Exiting ...";
                2970_get_port;
                $port_to_enable=$port_numb;
                echo $ $port_to_enable;
                exit;
        fi;
        # Enable port
        snmpset -v2c -c $community $switch_ip .1.3.6.1.2.1.2.2.1.7.$port_to_enable i 1;
        # Save running config of Cisco switch to startup
        save_2970_cfg;
}
save_2970_cfg(){
        echo "Saving Cisco 2970 switch configuration";
         snmpset -t60 -v2c -c $community $switch_ip 1.3.6.1.4.1.9.2.1.54.0 i 1
}
main(){
        if [[ $operation == "f" ]]; then
                echo "Find port operation";
                2970_get_port;
        elif [[ $operation == "d" ]]; then
                echo "Disable port operation";
                disable_port;
        elif [[ $operation == "e" ]]; then
                echo "Enable port operation";
                enable_port;
        else
                echo "Wrong arguments given";
        fi;
}
main;

 

Disable-Enable automapping Echange 2016

Because automapping is not always working correct, just created this script to re-enable automapping with the correct settings. This script you need to run on the Exchange server.

# Created by Daag van der Meer
# blog.van-daag.nl
# This script gives the user full access to the mailbox. This will update also the folders below the inbox with the rights.

Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn;


# Enter the mailbox name here
$mailbox= "<mailboxname>"

# Add here the usernames like "<USERNAME>", "<ÜSERNAME>"
$users= "<USERNAME>", "<ÜSERNAME>"


####### Start of the Script. Do not edit below

foreach ($user in $users){ 
# First disable AutoMapping
Add-MailboxPermission -Identity $mailbox -User $user -AccessRights FullAccess -InheritanceType All -Automapping $false


# Now enable Automapping
Add-MailboxPermission -Identity $mailbox -User $user -AccessRights FullAccess -InheritanceType All -Automapping $true
} 

 

Update Synology Mail Plus spam server more than once a day.

Update Synology Mail Plus spam server more than once a day

Just found the scripts that you can run and schedule to run more often than once a day. And if you run ClaimAV as virusscanner.

Run the following scripts.

bash /volume1/@appstore/MailPlus-Server/scripts/SpamRuleUpdate.sh all
bash /volume1/@appstore/MailPlus-Server/scripts/SpamAutoLearn.sh
bash /volume1/@appstore/AntiVirus/scripts/clamav.sh check_update