Configuring SQL Memory Limits on Forefront TMG 2010


There is quick guide to limit SQL Memory on TMG or any other MSDE/SQL Express instance:

Open CMD and start osql -E -S localhost\MSFW

Paste that commands for 512MB limit:

USE master

EXEC sp_configure ‘show advanced options’, 1

EXEC sp_configure ‘max server memory (MB)’, 512 

EXEC sp_configure ‘show advanced options’, 0

More info can be find on:


Windows 2008 AD Trust and authentication firewall.


Error on file share opening:
Logon Failure: The machine you are logging onto is protected by an authentication firewall. The specified account is not allowed to authenticate to the machine

The AD external trust setup between DomainA and DomainB is created. External Trust is setup as Selective Authentication, so we need to explicity allow Domain A users access to Domain B Computers.

To allow access open AD Users and Computers –> enable  Advanced Features –> Select the Computer Object –> Properties –> Security –> Add the User or Group You want to allow access to the computer and allow “Allowed to Authenticate”.

Exchange 2010 Deployment


Find text in linux files


For find “somestring” in files on linux disks, you can use one of that commands:

find . -name “*” | xargs grep -l “somestring”

or if first one does not work:

find . -name “*” -exec grep -l “somestring” {} \;

You can change grep options according to your need

How to quick delete large number of files


If you need to delete folder with large numbers of files (like 100.000 and more) is quickest way in windows to run:

rd /s /q <path to folder>



How to create an cmd script in Excell


In excell paste in one column let sy computer names and in second column command, wich you want to script in foloving sintax =CONCATENATE(“ping “;A1;” -n 1″)

Than copy that in whole second columen paste, and script is done… copy paste in .cmd and start it.

Linux delete folder if Directory not empty

To remove a folder together with everything in it, use
rm -rf /path/to/folder
rm -rf ./folder
with root or sudo
and becareful …… this erases files without asking anything….

Scripting help – some help for scripting in windows


Scripting help


=CONCATENATE(“ping “;A19;” -n 1″)

Command Prompt:

SpyBot 1.4
spybotsd.exe /taskbarhide /autoupdate /autocheck /autoimmunize /autoclose

Hide Server
net config server /hidden:yes|no

Sophos 5.x Uninstall
msiexec.exe /X{09C6BF52-6DBA-4A97-9939-B6C24E4738BF} /q RebootYesNo=”No” Reboot=”Suppress”
msiexec.exe /X{C12953C2-4F15-4A6C-91BC-511B96AE2775} /q
msiexec.exe /X{FF11005D-CBC8-45D5-A288-25C7BB304121} /q
start psexec -i \\PC1 (ime .cmdja lokalno)c:\un-3.cmd

Disk ClenUp wizard
REM cleanmgr /sageset:1 “Nastaviš reg key, kaj pucati”
REM cleanmgr /sagerun:1 /d c: “Zaženeš po reg keyu ki si ga nastavil”

Ad-Aware 6.0
REM The parameters have the following function:
REM +A: perform all automatically (scan, remove and clean)”
REM +S: Silent mode, minimize aaw during the operation”
REM +0: don’t use in-depth scan”
REM +1: use in-depth scan”
REM if neither +0 nor +1 is used, the last user setting will be used.”
REM NOTE: to send parameters to an already running instance, add the +SD parameter”
start C:\Progra~1\lavasoft\ad-awa~1\Ad-Aware.exe “C:\” +S +A +1

Aida32 Report
aida32 /R c:\windows\$HOSTNAME /CSV /SILENT

Add local user
NET USER Bostjan Password. /ADD /fullname:”Boštjan Kavčič” /passwordchg:no

Add domain user
dsadd user CN=uporabnik,CN=Users,DC=elmo,DC=local -samid logon_name -fn Ime -ln Priimek -upn mailbox@domain.local -pwd Password.

List of computer accounts
REM ipis NB imen računalnikov iz AD (“BOSTJANKA”):
dsquery computer -scope subtree -limit 500 -o rdn
REM izpis FQDN imen računalnikov iz AD (“CN=BOSTJANKA,OU=Domain Computers,DC=atlantis,DC=local”):
dsquery computer -scope subtree -limit 500

Set Network
netsh interface ip set address name=”Internet” source=static addr= mask=
netsh interface ip set address name=”Internet” gateway= gwmetric=1
netsh interface ip set dns name=”Internet” source=static addr= register=primary
netsh interface ip add dns name=”Internet” addr= index=2

Setup MSDE
C:\sql2ksp3\MSDE\setup.exe INSTANCENAME=MSDE3 SAPWD=”Password.”

Move Trend Micro OfficeScan Client
REM program, -s server, -p srv. port, -m HTTP=1 FILE=0, -c cli. port
\\slugec\ofcscan\Admin\Utility\IpXfer\IpXfer.exe -s slugec.home.local -p 8080 -m 1 -c 33389

REM cmd start to tekst file
@echo off
dir *.* > Log.txt

Logon script
net use s: \\streznik\skupno
net use h: \\streznik\uporabniki\%username%

Linux add user
useradd username -d /home/userhome -p Password.
usermod username -U

Windows Registry Editor Version 5.00

IE more than 2 concurent connections to site
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

Remote Enable RDP
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnection 1 to 0

MSN Proxy


IE Proxy
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

VBScript 1.
Install network printer
‘ VBScript.’ Guy Thomas February 2004.

‘ Purpose of script to create a local printer
‘ ******************************

Dim net
Set net = CreateObject(“WScript.Network”)
net.AddWindowsPrinterConnection “\\elmodc\hp4000n”

VBScript 2.
Hotel first start script

Enabling NLA – Network Level Authentication on Windows XP Service Pack 3 for access to Server 2008 via Remote Desktop


When connecting to a Windows 2008 Server using remote desktop from a Windows XP client running service pack 2 or earlier, you get the following error message:

The remote computer requires Network Level Authentication, which your computer does not support.

To enable NLA in XP machines; first install XP SP3, then edit the registry settings on the XP client machine to allow NLA

• Configure Network Level Authentication

1. Click Start, click Run, type regedit, and then press ENTER.
2. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. In the details pane, right-click Security Packages, and then click Modify.
4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
5. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
6. In the details pane, right-click SecurityProviders, and then click Modify.
7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
8. Exit Registry Editor.
9. Restart the computer.


How to add Windows CA SSL to FileZilla Server


You will need to use something like openssl to generate a Certificate Signing Request first. For Windows users you can install it on FileZilla server from here: Win32 OpenSSL v1.0.0a Light and also need Visual C++ 2008 Redistributables.

– Create personal key: openssl genrsa -out host.key 1024
– Create CSR file: openssl req -new -nodes -key host.key -out host.csr
On your CA just browse to http://localhost/certsrv/, select Request a Certificate, then Submit a certificate request file (open with notepad and copy/paste) using a base-64 encoded PKCS #10 file. The web form gives you the option to select a template to use – web server, and then download certificate (.cer) and certificate chain (.p7b)
– Open .cer, from Details click Copy to File, select  Base-64 and save it to host.cer
Open .p7b and export root certificate in Base-64 format to root.cer
– copy host.key + host.cer + root.cer host_fz.crt

Now you have host_fz.crt for File Zilla FTPS

That work for me.