TMG 2010 with HTTPS inspection enabled, unable to access some websites

In this case I'm going to point to two Microsoft KB articles that helped me to resolve the following issue: Microsoft TMG 2010 with HTTPS inspection enabled is used as proxy server and users are reporting that cannot access some https web sites.
Access to those https websites is possible when TMG is not used as a proxy server. Web server certificates are valid and issued by public certification authorities. TMG server also trusts the root certificates of those web server certificates. For testing purposes domain names of those websites were put into destinations exceptions for HTTPS inspection, and users were still unable to access those website. TMG logs were showing the following HTTP Error code when users were accessing those websites:
12030 The connection with the server was terminated abnormally
According from this log the destination web server was terminating the https connection, and reason for that behavior was that TMG server was trying to negotiate the session with destination web server using old protocols. In order to fix that behavior I used the following Microsoft KB articles:

FIX: You cannot access a website that does not support TLS v1.0 when you enable HTTPS inspection and set HTTPSiClientProtocols
FIX: You cannot access a website that is listed on the Destination Exception tab of the HTTPS Outbound Inspection dialog box in Forefront TMG 2010

Note: Before using these fixes please check the requirements for service pack and rollup updates of Microsoft Threat Management Gateway 2010.

How to find the latest OS Image from Microsoft Azure Galery

This post is for reference and is intended to simplify the way of finding the latest available operating system image from Azure gallery using PowerShell (I will not get into details how to connect to your azure subscription using PowerShell).
Here is an example of how to get the latest image for Windows Server 2012 R2 Datacenter edition:

$OSImage = (Get-AzureVMImage | where {$_.ImageFamily -like "Windows Server 2012 R2 Datacenter*"} | sort PublishedDate -Descending)[0].ImageName

or Ubuntu Server 14 LTS:

$OSImage = (Get-AzureVMImage | where {$_.ImageFamily -like "Ubuntu Server 14*LTS*"} | sort PublishedDate -Descending)[0].ImageName

The logic in these one liners PowerShell is very simple, the output from Get-AzureVMImage is first filtered by ImageFamily and then sorted descending by PublishedDate. The first listed (latest published) image name is put into $osimage variable. Now, "armed" with latest image of the operating system, you can proceed in creating Azure Virtual Machine.

Check Microsoft Exchange Services

In this post I would like to share one liner PowerShell, which I'm using in my Exchange test lab environment to check if all Microsoft Exchange services set to start automatically are running, and if not to start them:
"exserver1","exserver2" | % { get-wmiobject win32_service -computername $_ -filter "startmode = 'auto' and state != 'running' and name like 'MSExchange%'" |  % {write-host $_.PSComputername, $; $_.startservice() | out-null }}

In my case there are two exchange servers exserver1 and exserver2, but you can change them to reflect your environment.
I'm also sharing this one liner PowerShell with my students when I'm teaching Microsoft Exchange courses to easily check MS Exchange services on their lab virtual machines. Sometimes not all necessary MSExchange services are started when the lab virtual machines boots up, and there might be problems during student's testing of lab scenarios. This one liner PowerShell is very simple way to avoid that situation.

Updated SCCM 2012 R2 clients version in Admin Console

In this case I was manually updating SCCM R2 clients on some Windows based servers with latest rollup update, but the newly (updated) SCCM client version for those servers was not refreshed (reported) in SCCM 2012 R2 Admin console. The reason for this behavior was that the SCCM client versions are reported by heartbeat discovery. Default value for heartbeat discovery is 7 days.

In order to make SCCM clients to report client version as soon as possible there are two options:
  • Lowering the default value of 7 days for heartbeat discovery, or
  • Manually trigger Discovery Data Collection Cycle action from client
Update the collection membership and new version of SCCM client will be shown in SCCM admin console.

Hyper V VMs revert to snapshot

I'm writing this post because I would like to share my experience of teaching MOC 20341B Core Solutions of Microsoft Exchange Server 2013 with my fellows MCTs. After each module there is a lab in which students can practice with virtual machines reverted to initially created snapshot. Also, after teaching each module I'm reverting VMs to their initial state, before starting to teach the next module.
In order to simplify this task of reverting VMs to their initial state, I wrote quick single liner powershell in which I'm reverting VMs that are running and their name contains 20341B:

Get-VM | ? { $_.state -eq 'Running' -and $ -like '*20341B*' } | % { Write-host $ ; Get-VMSnapshot $ | Restore-VMSnapshot -Confirm:$false }

This single liner powershell can be improved and adjusted to your needs, for example revert VMs on all student's Hyper V hosts ...

Windows 8.1 x86 unable to boot

In this case a friend of mine was complaining that his pc was unable to boot to Windows 8.1 x86 OS, because it was stuck in endless loop of automatic repair and restart. Automatic repair was unable to fix windows booting problem.
Since Automatic Repair was unable to fix the booting problem, I've entered into command prompt (Troubleshoot->Advanced Options-> Command Prompt) and tried to fix the problem using bootrec.exe. I ran the bootrec.exe with /Fixmbr and /Fixboot options, but none of them have succeeded to fix the booting problem.
Diskpart was showing all the partitions on the disk that should be present, and configured as should.

Because bootrec.exe didn't fix the booting problem, I've tried to run bootsect with following options :
bootsect /nt60 C:
And finally the Windows 8.1 x86 booting problem was successfully solved.

For more info about these utilities check Microsoft articles bootsect, bootrec, diskpart .

How to check EMBG (Unique Master Citizen Number) using regex

In this post, I will share my implementation of how to check if some number looks like EMBG or Unique Master Citizen Number. For those of yo...