Exchange Server

Microsoft announced that they deprecated the support for the SmartScreen Antispam content filters for Exchange Servers. This script uninstall the old and retired SmartScreen Antispam Agents from the local Exchange Server.

There are known issues with the SmartScreen AntiSpam content filters if you run Exchange 2016 on Windows Server 2016. So removing them might be always a good idea if you want to have a stable Exchange.

The Script removes the following AntiSpam Agents:

  • Content Filter Agent
  • Sender Id Agent
  • Protocol Analysis Agent

Before running the script and remove the AntiSpam Agents listed above, you should consider a solid alternative solution. There are several good on Premises Solutions available, and there are even more Cloud Services, including Microsoft’s own Exchange Online Protection (EOP). This could be handy if you have Office 365, you just change/tweak the Mailflow and your Mailboxes are protected.
My favorite solution is a CentOS based Linux Box running Postfix, SpamAssassin and MIMEDefang. I use this together with some AntiVirus solutions to scan all inbound and Outbound mails. However, this is just my personal favorite because it’s very reliable and flexible, but I know that many prefer a all-in-one solution running on Windows. Again, there are a lot of great solutions out there!

Read More

By default the Active Directory related commands search for a best domain controller. This is great, but by default, I want them to make use of the closest one.

And when I do bulk operations, I even want to do that on the server who have the PDC role. Some might find that useful as well.


# When it comes to scripts that do bulk operations, especially bulk loads and manipulation,
# I use the following within the Script:
if (Get-Command Set-ADServerUsage -ErrorAction SilentlyContinue) 
{
	Set-ADServerUsage -pdc
}

Please note: The write operations during bulk operations against the server that has the PDC role might not be allowed within your company. Please ask your Domain Admins before doing it! You might see a increased replication traffic if you use the PDC Server. You might also keep in mind.
There is a fine line between the benefit by using the PDC and the drawbacks that you might get. I might be better to use the closest one instead. Something you have to decide based on the operations that you want to do!

I use PowerShell Web Access a lot while commuting and traveling. That comes handy, because I don’t need a working VPN and with an App (comes free from Sapien) even triggering some long-running scripts from the iPad out of a Hotel room as no longer a pain. And it doesn’t use a lot of data.

Here is a little function to tweak the web-based PowerShell window rendered by the gateway:

Time to remove Java?

After Oracle release a bunch of (Yet again: Critical) Patches today, my Munki Server updated my Java installation… Now I start to think abbot a removal.

https://twitter.com/jhochwald/status/887435974644563968

About 18 month ago I decided to do a fresh Installation of my Mac! The first since a very long time. While installing everything I decided to pass on Adobes Flash, and guess what: I don’t miss it anymore. Maybe now is a good time to rethink my Java installation.

I guess with the next MacOS Major release I will do another fresh installation and I will try to pass on it.

What do you think?

Public Domain

I’m a big fan of Munki (pronounced monkey, /ˈmʌŋki/, m ah nk ee, or Mung – KEY) an open-source project started by Walt Disney Animation Studios to deploy software and packages to Mac OS X and MacOS based clients. It is written mostly in Python, and it provides a nice way to enforce software installation and/or updates. And since it offers a Mac App Store like Client experience a lot of optional installations (e.g. self-service).

One of the things that I find very useful: You can use scripting as pre- and post-installation parts to customize everything. A few years ago (yep, I use this software for a while now) I started to build several packaged for others. Then the fist enterprise came along and asked me to help them out with an existing Munki installation, during that project, I created a lot of new packages and tweaked most of the existing ones.

Now, a couple of projects and years later, I found, that many still have issues creating packages with customization.

Here is my approach, and I try to stick with it whenever possible: Use packages that you can get from the Vendor, or the Project (if open Source). Even better: Establish an AutoPKG process and work with overrides!

Then use the power of shell scripts to tweak and customize. I’m a scripting guy! I know.

Read More