Error:

Object Cache: The super user account utilized by the cache is not configured. This can increase the number of cache misses, which causes the page requests to consume unneccesary system resources.
To configure the account use the following command ”stsadm -o setproperty -propertyname portalsuperuseraccount -propertyvalue account -url webappurl”. The account should be any account that has Full Control access to the SharePoint databases but is not an application pool account.
Additional Data:
Current default super user account: SHAREPOINTsystem

Analisys:

Slow performance expierience on Sharpoint Websites and hi server load.

Solution:

Run this command for each sharepoint site and specify the sharepoint administrator user:

stsadm -o setproperty –propertyname DOMAINsharepointadminuser -propertyvalue account -url http://sharepoint.site.url

Please leave a comment

Problem:

I’m trying to connect to my mySQL instance and I receive one of the following errors:

ERROR 1045: Access denied for user: ”root@localhost” (Using password: NO)

or:

ERROR 1045: Access denied for user: ”root@localhost” (Using password: YES)

Solution:

Reset root password!

To do this, you need to connect to mySQL without using password.

First stop your mySQL service:

service mysql stop

Start mySQL with special parameter to not require password and to not accept connections via network:

sudo /usr/sbin/mysqld –skip-grant-tables –skip-networking &

Connect to mySQL console:

mysql -u root

To reset root password use this (this will reset root password for local and remote connections):

FLUSH PRIVILEGES;

SET PASSWORD FOR root@”localhost” = PASSWORD(”password”);

UPDATE mysql.user SET Password=PASSWORD(”newpwd”) WHERE User=”root”;

FLUSH PRIVILEGES;

Now restart mySQL with normal configuration and connect using the configured password:

service mysql stop

service mysql start

Src: https://help.ubuntu.com/community/MysqlPasswordReset

Please leave feedback

When you try to directly select data using SQL Server ODBC driver without using a linked server, and without special grants, you receive this error:

Erro : [Microsoft][ODBC SQL Server Driver][SQL Server]Ad hoc access to OLE DB provider ”MSDASQL” has been denied. You must access this provider through a linked server.

Note: MSDASQL could be ADsDSOObject, Microsoft.ACE.OLEDB.12.0, MSDAOSP, MSIDXS, MSOLAP, SQLNCLI10 and SQLOLEDB.

If you receive this error, open regedit:

regedit

Now on regedit go to this key:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft SQL ServerMSSQL10_50.MSSQLSERVERProviders

Here you can see all the drivers:

Now, on the driver you are receiving the error, you could allow add hoc access adding a new DWord (32bit) to each ODBC driver with name “DisallowAdHocAccess” and the value 0:

After this, you need to restart the SQL Server Service and try again!

The final result:

Hope this help!

Please leave some feedback!

There are many ways to read text files with SQL Server, and one of them is to read this file using MSDASQL driver.

Using MSDASQL you can read text files with this t-sql:

SELECT *
FROM   OPENROWSET(”MSDASQL”,
   ”Driver={Microsoft Access Text Driver (*.txt, *.csv)};DefaultDir=\serverfolder;”,
   ”SELECT * FROM test.txt;”
) 

Note: This Driver works on MS SQL Server 2008 R2 on Windows Server 2008 R2 x64.

If you use another older version, you receive this error:

Error message:

OLE DB provider "MSDASQL" for linked server "(null)" returned message "[Microsoft][ODBC Driver Manager] Invalid connection string attribute".

OLE DB provider "MSDASQL" for linked server "(null)" returned message "[Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified".

Msg 7303, Level 16, State 1, Line 1

Cannot initialize the data source object of OLE DB provider "MSDASQL" for linked server "(null)".

If you receive those errors you have to change this:

Microsoft Access Text Driver (*.txt, *.csv)

with:

Microsoft Text Driver (*.txt; *.csv)

This works perfectly if you use a txt file that is separated with commas (,) and not semicolon (;).

Trying to resolve this, I try to use this query (without success!!!):

SELECT *
FROM   OPENROWSET(”MSDASQL”,
   ”Driver={Microsoft Access Text Driver (*.txt,*.csv)}; Format=Delimited(;);MaxScanRows=0; FIL=text; DefaultDir=\serverfolder;”,
   ”SELECT * FROM test.txt;”
)

To successfully work with semi-colon separated files on my Windows Server 2008 R2 x64 with MSDASQL driver, I search my registry for the word “JET”, and I found this registry path:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftOffice14.0Access Connectivity EngineEnginesText

Here I found that I have “string value” with name “Format” with value “CSVDelimited”:

I change this string value to “Delimited(;)” and then I try again, et voilá……

IT WORKS!!!!

I also change the value of the “FirstRowHasNames” Binary Values to 00 to show columns name:

The final result is:

Hope you enjoy

Please leave feedback

On SQL Server 2008 R2, 2008, or 2005:

EXEC sp_helpdb

or

EXEC sp_databases

On SQL Server 2000:

EXEC sp_msForEachDB ”PRINT ””?”””

Please leave feedback!

On my laptop I have Linux Mint Debian Edition installed on, and to enhance OpenGL graphics performance, I need to install the nVidia Graphics Driver.

To do this, I just install using this command:

aptitude install nvidia-kernel-dkms nvidia-settings nvidia-xconfig nvidia-xconfig

Now you need to update kernel modules:

m-a update

m-a prepare

m-a a-i nvidia

Now reboot and good luck!

Have fun, leave some feedback!

IPTables is the best-known Linux Firewall and is very fast/optimized with high level of security.

To configure it first you need to install:

apt-get update

apt-get install iptables

Start IPTables:

/etc/init.d/iptables start

Now configure IPTables.

Create the IPTables Rule file:

vi /etc/iptables.temp.rules

And add the rules you need to allow or deny traffic. here is some rules that can help you:

*filter

# Allows all loopback traffic and drop all traffic to 127/8 that doesn”t use lo
-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

# Accepts all established inbound connections
-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT

# Allows all outbound traffic
-A OUTPUT -j ACCEPT

#SSH
-A INPUT -p tcp -m tcp –dport 22 -j ACCEPT
#HTTP
-A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
#HTTPS
-A INPUT -p tcp -m tcp –dport 443 -j ACCEPT
#SMTP
-A INPUT -p tcp -m tcp –dport 25 -j ACCEPT
#IMAP
-A INPUT -p tcp -m tcp –dport 143 -j ACCEPT
#POP3
-A INPUT -p tcp -m tcp –dport 110 -j ACCEPT
#PING
-A INPUT -p icmp -m icmp –icmp-type 8 -j ACCEPT

# Log
-I INPUT 5 -m limit –limit 5/min -j LOG –log-prefix "iptables denied: " –log-level 7

#10 Rules to block common attacks

-A INPUT -p tcp ! –syn -m state –state NEW -j DROP

#Drop packets to deny kernel panic

-A INPUT -f -j DROP

#Drop all XMAS packets:

-A INPUT -p tcp –tcp-flags ALL ALL -j DROP

#Drop all NULL packets:

-A INPUT -p tcp –tcp-flags ALL NONE -j DROP

# Reject all other inbound – default deny unless explicitly allowed policy
-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

Apply IPTables rules to running IPTables instance:

iptables-restore < /etc/iptables.temp.rules

Check they loaded correctly:

iptables –L

Test connections to your services, and if everything looks OK, save this configuration to a secondary file:

iptables-save > /etc/iptables.up.rules

Edit /etc/network/interfaces file to start IPTables rules before Network Interface goes up:

vi /etc/network/interfaces

Find the following:

auto lo

iface lo inet loopback

Add this line before this two lines:

pre-up iptables-restore < /etc/iptables.up.rules

Source: http://www.cyberciti.biz/tips/linux-iptables-10-how-to-block-common-attack.html and http://www.cyberciti.biz/tips/linux-iptables-10-how-to-block-common-attack.html

Please leave some feedback

SELinux is an NSA security solution to Linux. This enhance your server security adding rules that control actions and configurations on the server.

If you want more info, read this page: http://www.nsa.gov/research/selinux/

Pre-install checks:

Is your file System Compatible with SELinux? Check if it is one of this supported filesystems: ext2, ext3, ext4, jfs, and xfs.

Important Note: RiserFS is only partial supported, read this: http://james-morris.livejournal.com/3580.html

If you use XFS, you should create filesystem using “.isize=512” option, by default is 256 witch is not large enough for SELinux XATTR, and it should not be stored in separate blocks, read this: http://www.redhat.com/magazine/001nov04/features/selinux/

Check your kernel includes all necessary features for running SELinux. If you use Debian Kernel, ignore this check.

1.) Install SELinux:

apt-get install selinux-basics selinux-policy-default

or

apt-build install selinux-basics selinux-policy-default

2.) Run this command to activate SELinux on GRUB and PAM and create /.autorelabel file:

selinux-activate

3.) Reboot your server, this can take a while to label the filesystems on boot, and it will reboot a second time when relabel is complete.

4.) After reboot, run this command to check that everything is OK:

check-selinux-installation

—-> Message:

/usr/sbin/check-selinux-installation:19: DeprecationWarning: os.popen3 is deprecated.  Use the subprocess module.
  @staticmethod
/usr/sbin/check-selinux-installation:23: DeprecationWarning: os.popen2 is deprecated.  Use the subprocess module.
  def fix():
/etc/pam.d/login is not SELinux enabled
FSCKFIX is not enabled – not serious, but could prevent system from booting…

Ok, simply ignore this because there are no critical audit errors, and continue:

5.) The system is in permissive mode, you can now enable Enforcing mode, and test it running:

setenforce 1

6.) Now that you already test the system working on enforcing mode, you can activate this mode on boot, to do this run:

selinux-config-enforcing

7.) Apply Package Specific Fixes:

7.1) pam:

This correction is needed to login, kdm, and wdm.

Edit /etc/pam.d/login file:

vi /etc/pam.d/login

Add this:

session required pam_selinux.so multiple

Activate changes running:

selinux-activate

Need to reboot, but you can wait to the end of this how-to.

7.2) initscripts:

Edit /etc/default/rcS file:

vi /etc/default/rcS

Set:

FSCKFIX=yes

And add:

EDITMOTD=no

7.3) static ttys/ptys:

First, make sure that you have devpts mounted on system by running:

mount | grep devpts

Now remove the static nodes by running:

rm -f /dev/[tp]ty[abcdepqrstuvwxyz][0-9a-f]

7.4) udev:

Edit /etc/udev/udev.conf:

vi /etc/udev/udev.conf

Add:

no_static_dev="1"

And run:

update-initramfs -k all –u

7.5) Cron daily backup job:

Edit:

vi /etc/cron.daily/standard

Comment the lines who backup /etc/shadow and /etc/gshadow:

More info @: http://bugs.debian.org/333837

7.6) locate and updatedb

Uninstall locate and updatedb or disable editing:

vi /etc/cron.daily/find

or

vi /etc/cron.daily/mlocate

And adding to the second line:

exit 0

Finally: Useful commands

Before install software, disable enforcing:

setenforce 0

After install software, enable enforcing:

setenforce 1

To verify SELinux status:

sestatus

This article is based on: http://wiki.debian.org/SELinux/Setup

Please leave feedback

If you are a Gentoo fan, you will smile when you read this article, because this is similar to emerge.

If you want to install your software, but you are not happy with the software performance, you could now simply build the software and then install with a simple command: apt-build

First you need to install apt-build

apt-get install apt-build

After accept and install the whole dependences and apt-build you have to define what type of Optimization Level you want.

If you select Strong, it takes more time to compile, but you get better optimization.

In my opinion, if I do not have time, I install my software using apt-get, if I have time, I install using apt-build, so I select Strong:

Now, add apt-build repository to your sources-list:

Define your processor:

Now, apt-build is installed, we can now install software building from source with optimization.

Now, the important commands:

apt-build update – updates repository lists and info;

apt-build upgrade – updates operating system;

apt-build install <package> – install software;

apt-build world – Wow… This re-compiles the whole system

Have Fun, and Please leave some feedback (Facebook Like, Twitter, Share, Leave comment)

If you need to allow users to send a message on behalf to, send as another user or have full access to a mailbox, you can give the appropriate permissions running this commands:

Grant "Send on behalf" permission:

Set-Mailbox testmailbox -GrantSendOnBehalfTo dcosta

Grant "Send-As" permission:

Add-ADPermission testmailbox -ExtendedRights Send-As -user dcosta

Grant full mailbox access permission:

Add-MailboxPermission testmailbox -AccessRights FullAccess -user dcosta

If you have a service like CRM that needs to send messages as all users, you need to allow access to all users mailbox, so you can allow it using this command’s:

Grant "Send on behalf" permission to all users:

Get-Mailbox | Set-Mailbox -GrantSendOnBehalfTo dcosta

Grant "Send-As" permission to all users:

Get-Mailbox | Add-ADPermission -ExtendedRights Send-As -user dcosta

Grant full mailbox access permission to all users:

Get-Mailbox | Add-MailboxPermission -AccessRights FullAccess -user dcosta

Don’t forget to change username (“dcosta”) to what you need.

Hope you enjoy please leave feedback.