Friday, January 21, 2011

Outlook Anywhere Configuration by Script (GPO/Login Script)

Outlook Anywhere Configuration by Script (GPO/Login Script)


Need to configure your Outlook Clients for Outlook Anywhere? You can do this with a VBScript that you can plug into a GPO or run it as part of your login script. There aren't a whole lot of articles out there about this, one, maybe two of any real use. So I need to make sure I give credit for getting me started on this path to begin with.

Cyrus: http://cyrusbuilt.net/wordpress/?p=150

Anyhow, on to the show! So taking the info from the previously mentioned article, some C# and some VBS and I have a way you can change users mail settings for Outlook Anywhere. As of right now, it will only setup the Server name, on Fast/Slow networks, and Authentication methods.

You need to get hex values, so I wrote this page with C# to generate part of the VBScript code for you. Use this link to generate the Code that goes in between these blocks in the code
http://www.intellus.net/support/HexConverterInline.aspx

The script you want to download is here:
http://www.intellus.net/support/OutlookAnywhereConfig.txt

Basically, here is what the keys do:

Reg Value: 00036623
Represents the "connect using HTTP Fast or Slow" settings
off = key doesn't exist
on only 03 00 00 00
on + slow 23 00 00 00
on + fast 0b 00 00 00
on + fast + slow 2b 00 00 00

Reg Value: 00036627
Represents the Authentication type
01 00 00 00 = Basic
02 00 00 00 = NTLM

The script is currently setup for "mail.testdomain.com"


'**********************************************************************************************
'**********************************************************************************************
'**********************************BEGIN VARIABLE BLOCK****************************************
'**********************************************************************************************
'**********************************************************************************************
'**********************************************************************************************
iKey1="00036623"
iValue1 = Array(&H2b,&H00,&H00,&H00)


iKey2 = "00036627"
iValue2 = Array(&H01,&H00,&H00,&H00)


iKey3 = "001f6622"
iValue3 = Array(&H6D,&H00,&H61,&H00,&H69,&H00,&H6C,&H00,&H2E,&H00,&H74,&H00,&H65,&H00,&H73,&H00,&H74,&H00,&H64,&H00,&H6F,&H00,&H6D,&H00,&H61,&H00,&H69,&H00,&H6E,&H00,&H2E,&H00,&H63,&H00,&H6F,&H00,&H6D,&H00,&H00)
'**********************************************************************************************
'**********************************************************************************************
'***********************************END VARIABLE BLOCK*****************************************
'**********************************************************************************************
'**********************************************************************************************
'**********************************************************************************************




Follow these instructions.
1. First copy the script below to a file and rename it to *.vbs.
http://www.intellus.net/support/OutlookAnywhereConfig.txt
OR
Copy the code below between
"************************Script Begin************************"
and
"************************Script End************************"
2. Next hit this link to determine what settings you want. When you select your settings, it generate the HEX strings required.
3. Once you get the settings, copy and paste it into your script and replace the big block of stars that
say "REPLACE ME WITH THE CODE FROM THE HEX GENERATOR"



*** Here's the fine print: I offer no guarantees on this, please use at your own risk. Make sure you test this on a test environment over and over to make sure it does what you want it to do.
Feel free to contact me if you have any questions though!







"************************Script Begin************************"
'--------------------------------------------------------------------------------
'
'
'
'
'
' Outlook Anywhere Config via Login Script
' Will configure Outlook Client
' 1/1/2011
' Author Name
'
' connect using HTTP
' off = key doesn't exist
' on only 03 00 00 00
' on + slow 23 00 00 00
' on + fast 0b 00 00 00
' on + fast + slow 2b 00 00 00
'
' Auth type
' 01 00 00 00 = Basic
' 02 00 00 00 = NTLM
'
'
'
'
'--------------------------------------------------------------------------------
On Error Resume Next

Const HKEY_CURRENT_USER = &H80000001

strComputer = "."
Set objReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" & strComputer & "\root\default:StdRegProv")

strKeyPath = "Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles"
strSubKeyPath = "\13dbb0c8aa05101a9bb000aa002fc45a"

blnResult1 = true
blnResult2 = true
blnResult3 = true

'**********************************************************************************************
'**********************************************************************************************
'**********************************BEGIN VARIABLE BLOCK****************************************
'**********************************************************************************************
'**********************************************************************************************
'**********************************************************************************************
iKey1="00036623"
iValue1 = Array(&H2b,&H00,&H00,&H00)


iKey2 = "00036627"
iValue2 = Array(&H01,&H00,&H00,&H00)


iKey3 = "001f6622"
iValue3 = Array(&H6D,&H00,&H61,&H00,&H69,&H00,&H6C,&H00,&H2E,&H00,&H74,&H00,&H65,&H00,&H73,&H00,&H74,&H00,&H64,&H00,&H6F,&H00,&H6D,&H00,&H61,&H00,&H69,&H00,&H6E,&H00,&H2E,&H00,&H63,&H00,&H6F,&H00,&H6D,&H00,&H00)
'**********************************************************************************************
'**********************************************************************************************
'***********************************END VARIABLE BLOCK*****************************************
'**********************************************************************************************
'**********************************************************************************************
'**********************************************************************************************



'get the registry key object for strKeyPath
objReg.EnumKey HKEY_CURRENT_USER, strKeyPath, arrSubkeys

'loop through all keys in the strKeyPath so you get all profile names in there.
For Each strSubkey In arrSubkeys

strKeyPathFull = strKeyPath & "\" & strSubKey

'get the first value to determine if Outlook Anywhere is turned on
strReturn = objReg.GetBinaryValue(HKEY_CURRENT_USER, strKeyPathFull & strSubKeyPath,iKey1, arrVal)

'if exists, then proceed
if strReturn = 0 then

'*****************************************Begin Options Key****************************************************
'Options key - check to see if theres a match, if not, change it, if match, then bypass
'get the current value for server, if there's a match, proceed to correct auth key
strReturn1 = objReg.GetBinaryValue(HKEY_CURRENT_USER, strKeyPathFull & strSubKeyPath,iKey3, arrVal1)
'if exists, then proceed
if strReturn1 = 0 then
for i1 = 0 to ubound(arrVal1)
for i2 = 0 to ubound(iValue1)
if i1=i2 then
if arrVal1(i1) <> iValue1(i2) then
blnResult1 = false
'msgbox "nomatch3: " & arrVal2(i1) & " " & iValue3(i2)
end if
end if
next
next
end if
'No match make the change, else bypass
if blnResult1 = false then
'make the change
objReg.SetBinaryValue HKEY_CURRENT_USER,strKeyPathFull & strSubKeyPath,iKey1,iValue1
end if
'*****************************************End Options Key****************************************************



'*****************************************Begin Auth Type Key****************************************************
'Auth type key - check to see if theres a match, if not, change it, if match, then bypass
'get the current value for server, if there's a match, proceed to correct auth key
strReturn2 = objReg.GetBinaryValue(HKEY_CURRENT_USER, strKeyPathFull & strSubKeyPath,iKey2, arrVal2)
'if exists, then proceed
if strReturn2 = 0 then
for i1 = 0 to ubound(arrVal2)
for i2 = 0 to ubound(iValue2)
if i1=i2 then
if arrVal2(i1) <> iValue2(i2) then
blnResult2 = false
'msgbox "nomatch2: " & arrVal2(i1) & " " & iValue2(i2)
end if
end if
next
next
end if
'No match make the change, else bypass
if blnResult2 = false then
'make the change
objReg.SetBinaryValue HKEY_CURRENT_USER,strKeyPathFull & strSubKeyPath,iKey2,iValue2
end if
'*****************************************End Auth Type Key****************************************************


'*****************************************Begin Server Key****************************************************
'Server key - check to see if theres a match, if not, change it, if match, then bypass
'get the current value for server, if there's a match, proceed to correct auth key
'get the 2nd key, if correct, bypass, if wrong, then correct it
strReturn3 = objReg.GetBinaryValue(HKEY_CURRENT_USER, strKeyPathFull & strSubKeyPath,iKey3, arrVal3)

'build comparison to see if it's the same, if same bypass, if different, correct (set to basic)
if strReturn3 = 0 then
for i1 = 0 to ubound(arrVal3)
for i2 = 0 to ubound(iValue3)
if i1=i2 then
if arrVal3(i1) <> iValue3(i2) then
blnResult3 = false
'msgbox "nomatch3: " & arrVal3(i1) & " " & iValue3(i2)
end if
end if
next
next
end if
'if there's a match, then bypass, if no match, then correct it
if blnResult3 = false then
'msgbox "setting keys" & vbcrlf & strKeyPathFull & strSubKeyPath & vbcrlf & iKey2
objReg.SetBinaryValue HKEY_CURRENT_USER,strKeyPathFull & strSubKeyPath,iKey3,iValue3
end if
'*****************************************End Server Key****************************************************

else
'key doesn't exist - Outlook Anywhere is not turned on for this profile
end if

next

"************************Script End************************"

Tuesday, August 4, 2009

Update 8/4

Lots of things happening lately, it's been a while since the last update.

Pictures are up on my Picasaweb from the Concan vacation. They had a huge rock that we jumped off of into the Frio River. Man it was awesome. However, I HATE sleeping in a tent in the Texas heat. I guess I'm no longer a country boy, I'm full blown city boy. I gotta find a cabin next time. :-)

I've been working on the house. I got to use my cool tools (mitre saw, router, circular saw, electric planer, mini router, nail guns) while replacing all the interior doors in my house. I love my tools. They rock. Hopefully, we can get the house ready to sell so we can move into a bigger house.

Been working on some software for Citrix. I've actually wrote it all in VBScript about 5 years ago. I've since re-written it all in C# and making it ASP.Net and Service based. Hopefully I can get it perfected and start distributing it. We will see, that's a looong road.

Football has officially started. Boys started their football practices, 6 times a week for the first 3 weeks. It actually started last week, shorts and cleats only. They strapped on the pads yesterday and had their first full day of hitting. We get to scrimmage League City next Saturday. So we are prepping for the long season. It's gonna be a good one!! Keep an eye on my Picasaweb page, I will be posting pictures when the games start.

Marching practice has started. My 2 younger ones are playing youth football, but my oldest is starting his first year (freshman) of Friendswood Mighty Mustang Marching Band this year. His first practice was yesterday and they went from 12-9. WHEW! Funny thing though, his band big brothers came and woke him up at 5 AM yesterday with a whistle and a horn. Scared the crap out of him, he screamed like a little girl, that was funny as heck!! Wish I would have videotaped that. Oh well, it was funny. Now the serious band stuff starts.

Go Colts and Go Mustangs!!

Monday, June 22, 2009

Yall be goin on vacation?

Remember that? I still have that clip somewhere, Delta Airlines, it's still funny as all get out. Anyhow, I can't wait for Friday.

My wife and I are heading out to Concan, TX. My parents are taking the kiddos tomorrow, my wife and I are meeting them out there Friday. We will be staying over the weekend and then coming home on Monday. Hopefully we can get to Schlitterbahn again. We went there last year and I think I had more fun than them kids, haha! Nah, it was awesome though. I should have some pictures up next week.

Well, until next time, see ya, and HURRY UP FRIDAY!!

Thursday, June 11, 2009

X-Files

I love the X-Files, have been a huge fan since 1996 or so. Up to about a year ago, I had seen almost every episode up to the first Movie, X-Files Fight The Future. Well I sought to change that and I bought seasons 6, 7, 8, and 9. I pretty much watched seasons 6-8 in about 2 months. Then I started watching season 9 and got to the last episode (THE LAST EPISODE!!). I think I last watched it in November or December 2008 on a business trip to Montreal. Then my laptop battery died and I couldn't finish it. I was just so busy, I never finished it. That is until last night. I finally sat down and watched it. It ended pretty much how I expected. Geez, I wish they were still on the air. Now that I've finally finished the seasons, I'm going to watch the new movie X-Files - I Want To Believe.

Anybody remember where the phrase "I want to believe" came from?

Monday, June 8, 2009

Using NTDSUTIL to Seize FSMO Roles

Ok, here's the scenario.

You have 3 domain controllers, single domain, lets call them DC01, DC02, and DC03.
The FSMO roles are setup this way:
DC01 (GC) - RID, PDC, Infrastructure
DC02 (GC)- Schema Master, Domain Naming Master
DC03 (NON GC) - No roles assigned

Then one day, DC02 decides to go on permanent vacation for whatever reason. Power supplies died, 2 RAID 5 hard drives died, somebody spills coke all over your server, etc.

Now you have this scenario, 2 live DC's 1 non live DC. You have a server that has 2 FSMO roles on it. Not good. Meaning if you try to change the schema with ADSIEDIT.MSC, you will get an error. If you try to add a new domain to your forest, you will get an error. Not good...not REAL bad, but not a good situation to be in.

Not so fast there, here's how you fix it.

Lets cleanup, do this from DC01, or DC02

  • Remove the replication links to and from this server in AD Sites and Services
  • Remove the GC functionality from this server in AD Sites and Services
  • Force remove DC02 from AD Users and Computers. Tell it "yes this DC is no longer functional, whatever..."
  • Remove the NTDS settings node from AD Sites and Services
  • Remove the DC02 Server Node from the site, if you get prompted tell it "yes this DC is no longer function, whatever...again"


**If you run into any problems doing these, then you may have to get into ADSIEDIT.msc and manually make some changes. I would suggest you try to test these out before doing any of this in a production environment.**

Now we have to seize the roles (in this case Schema and Domain Naming Master)

  • Make sure your account is part of Schema Admins. - otherwise you will get an "access denied"
  • Get on a server, open up a command line.
  • Run NTDSUTIL
  • type "roles" - at the ntdsutil: prompt
  • type "connections" - at the fsmo maintenance: prompt
  • type "connect to server %servername%" - sub an active DC name for the %servername% (dc03) - this is for the server that you want to be the new FSMO role masters.
  • type "q" - to get back to the fsmo maintenance: prompt.
  • type "seize domain naming master" - to seize the domain naming master role
  • type "seize schema master" - to seize the schema master role

**If you get any errors running these, you will have to investigate the error and find out why. The error I had was an access denied error. Put my account in Schema Admins and logged out/in and it worked.

Verification and Testing:


  • Make sure all the Operations Masters are correct.
  • -RID, PDC, and Infrastructure - Use AD Users and Computers
  • -Schema Master - Use schmmgmt.msc
  • -Domain Naming Master - Use AD Domains and Trusts
  • Check replication - Replication Monitor
  • Check your event log and make sure you're no longer getting the 2091 errors in the
  • Directory Service. You might have to wait a while.

http://support.microsoft.com/kb/255504

This is basically what I did this past weekend. Other than that, it was all good, pretty simple and straight forward. Hope this helps.

Friday, June 5, 2009

Recent Movies

Ok, I'm not a real big movie fan, but my wife and I have watched about 4 movies in the past 5 days. Here they are and my thoughts.


Drag Me to Hell
http://www.imdb.com/title/tt1127180/
Not like gory-scary, but more like things popping out at you scary. I screamed like a little girl at one point, I'll admit. I've never seen Evil Dead 2, but according to my wife, this was very similar as far as the type. I thought overall it was a good film, it was a kind of silly but yet scary with a pretty good storyline. I'd recommend it, but don't expect Friday the 13th kind of horror.


Tropic Thunder
http://www.imdb.com/title/tt0942385/
Well, I think this was hyped up a little too much for me. I didn't really read the cover so the whole actors doing a movie in the movie was a little suprise for me. From there, it was just bits and pieces of humor. I will say that Robert Downey plays one hell of a old school brotha. He kinda made me think that's what Ving Rhames would sound like in that role playing himself. It was pretty good. That was easily the best part of the movie. Maybe I missed something, maybe it was hyped up too much for me, but I've seen and laughed harder at other movies.

Pineapple Express
http://www.imdb.com/title/tt0910936/
Lots of smokin goin on in this movie if you know what I mean. It was ok. Again, another movie I thought I may have read too much hype on. It was funny, but some of that dumb college mary jane goofy humor. Not was I was expecting. Seth Rogen played perfectly into his role in this movie. However, seeing Harry from Spider Man (James Franco) in that part was really wild. That was surely a different side, and yet he was pretty good.

The Number 23
http://www.imdb.com/title/tt0481369/
I love Jim Carrey, I've always thought he was a great actor and had great sense of humor. Liar Liar was probably the funniest movie he's done, though Ace Ventura was really good too (part 1, not part 2, 3, 4, 5, or 6). Anyhow, this was surely a brain trip. Right when you think you have it figured out, or even if you're on the verge of still being confused, it takes a quick right turn and you're like "WOW, didn't expect that!". I liked it, check it out.

This concludes the movie review list for today. Hopefully I'll have some more reviews for you coming up soon.

Thursday, June 4, 2009

Intro - First Blog

Howdy, this is my first blog. You'd think that being a tech guy, I would have done this a long time ago. Well, consider it done.

Well I chose Speed of Light as my Blog Title because it seems everything is moving so fast. I have 3 boys, seems like only yesterday they were in diapers. Now, my oldest is starting his first year in High School and will be in the Marching Band and golf. My younger two are both going to be in intermediate school together (4th and 5th) and playing youth football. Geez, time flies. So now you get an idea of what Speed of Light means to me.