True SSO for ShareFile Sync and Drive Mapper

Posted by daro on March 09, 2017
Citrix, ShareFile, Windows / No Comments

ShareFile-logo-1

Lets get those seamless logons one step further!

There is a very good article on how to set up Citrix ShareFile with AD FS 3.0 for Integrated Windows Authentication for WebApp by Jason Samuel. To do this you will need:

Once we have that SSO solution in place, we can easily take it one step further and apply this to ShareFile client applications as well. In this tutorial we will look into implementing Integrated Windows Authentication for ShareFile Sync and Drive Mapper.

Both applications come with Administrative templates that we can deploy via GPO. After the apps are installed, those templates can be found in:

  • Sync – ‘C:\Program Files\Citrix\ShareFile\Sync\Configuration\PolicyDefinitions’
  • Drive Mapper – ‘C:\Program Files\Citrix\ShareFile\DriveMapper\PolicyDefinitions’

Make sure to copy both .admx and .adml files or the GPO processing will fail. The number of times I’ve seen one of those files missing…

If you would like to test it locally you can copy the templates to ‘C:\Windows\PolicyDefinitions’

After templates are imported we can start modyfing settings with Group Policy Editor. Drive Mapper needs only Account setting set in format of mycompany.sharefile.com or .eu

DM GPO

While Sync needs to have Account and Authentication Type set. Account should be configured as above and Authentication Type set to ‘Windows Integrated Authenticaton’

Sync GPOPublishing GPO’s isn’t part of this article but there is plenty of information about that on the web. Once this is done and deployed your users should be able to enjoy seamless logons not only into the ShareFile web but also to the client applications.

Below you’ll find video demonstrating how this all works:

Happy SSO’ing!

Recover files hidden by Downloader.Dromedan

Posted by daro on March 11, 2016
Malware, Windows / No Comments

win7logoApart from other harmful actions Downloader.Dromedan can transfer itself to your USB storage device to aid in replication of itself when you plug it in to another device, and make it look like all the files are gone. Don’t panic! In most cases they are still there but are just hidden and you can still Recover files hidden by Downloader.Dromedan. First of all make sure that infection is gone completely from your system. There are multiple articles on the web on how to do this and this is not the topic for this one.

To recover your files open up an elevated command prompt and if your USB drive letter is F do:

prompt

prompt2

Above command will remove system, hidden, archive and read-only file attributes from all files and folders on your drive, making them accessible to you again. After this you should be able to see folder with no name on your drive with all the files. There you go. If this article helped you, you can help me as well by clicking on one of the ads on my site if you don’t have ad blocking software installed into your browser.

 

How to recreate Windows profile

Posted by daro on December 16, 2015
Windows / No Comments

win7logo

Sometimes you just have to recreate Windows profile

Lets say you have a profile called Bob and you have to refresh it. On most Windows 7/8 systems it is located in “C:\Users\Bob”

1. Rename the user’s profile folder to Bob.old In order to do this user Bob has to be logged off. Otherwise you’ll get an error stating that the files are in use.

2. Logged in as an admin, go to Control Panel, User Accounts, Manage User Accounts. Domain accounts show there after an initial login.

3. Delete the account for Bob

4. Open regedit and make sure that the user is no longer in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. Delete it if present, even if it is followed by “.bak”.

5. Reboot machine. Login as the user. This will create a fresh spanking new profile.

6. Login as admin. Copy contents of (or the files that you really need) “C:\Users\Bob.old” to “C:\Users\Bob” replacing existing ones.

Do not copy the following files from old profile into the new profile:
Ntuser.dat
Ntuser.dat.log
Ntuser.ini

7. Let Bob log back in and praise you as company’s IT Guru!

No sound in Google Hangouts

Posted by daro on May 08, 2015
Google, Hangouts, Windows / No Comments

google-hangouts

No sound in Google Hangouts? Read below.

Certain sound drivers add enhancements to your microphone properties causing it to stop working in Google Hangouts. If you can hear others but they are unable to her you. Or if you sound quiet and muffled to your callers – this is the case.

To resolve this, all that needs to be done is to disable mic enhancements, assuming that you have configured your Hangouts to use correct input and output audio devices. So lets get on with it.

On Windows system go to Control Panel, then Sound. Click on Recording tab, highlight your microphone and click Properties, and Advanced tab. You should see something like this:

mic no sound in google hangouts

Uncheck the ‘Enable audio enhancements’ hit Apply or just OK and you should be good to go.

Send to OneNote 2010 printer missing

Posted by daro on December 02, 2014
MS Office 2010, Windows / 3 Comments

onenote_2010

Send to OneNote 2010 printer missing in Windows 7? Let’s get it back in no time!

After some extensive research on this issue – Send to OneNote 2010 printer missing on Windows 7, there is finally a solution that at least worked for me and good few other users.

All there is that needs to be done is to make sure that below windows features are enabled and then go to  Programs and Features in Control panel, or Start -> Run, type in appwiz.cpl, click OK and repair MS Office installation.

features

Reboot and the long missing option should be back

SendToOneNote

This so far has been tested on Win 7 x86 Enterprise and MS Office 2010 x86. Hope this helps. Best of luck.

Internet Explorer 9 x64 for Windows 7

Posted by daro on October 30, 2014
Internet Explorer, Windows / No Comments

browsersYes, there are times when you have to use Internet Explorer!

When you ask? To download another browser for example. Or more seriously. When a business application won’t work with any other.

When you have to install specific version of this browser like Internet Explorer 9 x64 for Windows 7 and google for it, Microsoft will kindly suggest its newest version which is IE11 and it’s not always what we are looking for. After some research there are the direct links to both versions of IE:

For x86: http://download.microsoft.com/download/C/3/B/C3BF2EF4-E764-430C-BDCE-479F2142FC81/IE9-Windows7-x86-enu.exe

For x64: http://download.microsoft.com/download/C/1/6/C167B427-722E-4665-9A40-A37BC5222B0A/IE9-Windows7-x64-enu.exe

Tmux, Super PuTTY and other useful linux tools

Posted by daro on September 11, 2014
Debian, Linux / No Comments

linux-logo

A few really useful linux monitoring tools. Meet Tmux, Super PuTTY and others.

Terminal  divided into multiple panes with Tmux.

 

This is how I  monitor performance of my server and a list of few useful tools to do so:

  1. Super PuTTY is a Windows application used primarily as a window manager for the PuTTY SSH Client. It allows you to embed PuTTY terminal instances inside of a windows form providing a better tabbed interface when multiple connections are used. SuperPutty does not do any ssh or terminal management itself since PuTTY does an excellent job itself.
  2. Htop – an interactive process viewer for Linux that graphically represents system usage and lets you kill processes from within. A bit like a top but on steroids.
  3. Apachetop – Real time website monitor
  4. ‘tail –f=name /var/log/apache2/access.log’ command that gives me live preview of my web server’s access log.
  5. Iftop – is a real time bandwidth monitor that produces a frequently-updated list of network connections. By default, the connections are ordered by bandwidth usage, with only the “top” bandwidth consumers shown.
  6. Command prompt area for issuing commands to the server.

 

Citrix Receiver – The profile for the user is a temporary profile

Posted by daro on August 28, 2014
Citrix, Windows / No Comments

 

citrix_logo

Citrix Receiver giving you grief? This should help.

When the below error comes up – don’t sweat. There is a quick registry fix that should do the trick and get this application installed in no time.

citrix temp profile

Even though user may not be logged in on a temporary profile, if there are .bak registry keys in ‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList’ citrix may throw up the “the profile for the user is a temporary profile” error while trying to install it. To solve just delete of rename subkeys that end with .bak As with all registry changes please remember to export it first so you can always go back if something goes sideways.

To find out which subkey relates to a specific profile, expand it and look for ProfileImagePath registry entry that points to the original profile folder of the user.

Sendmail: stat=Deferred: Connection refused by [127.0.0.1]

Posted by daro on July 04, 2014
Debian, Email, Linux, Sendmail / 5 Comments

 

Sendmail

 Sendmail not sending messages? There you go!

There is a very helpful manual on setting up sendmail server. However after following it I could receive but not send emails. Messages were queuing with status ‘Deferred: Connection refused by [127.0.0.1]’ and the same error could be found in /var/log/mail.log

Solution to it was just to simply add one more line to your sendmail configuration file /etc/mail/sendmail.cf. Enabling Mail Transport Authority to your local network adapter. By default part of this config file looks like this:

# SMTP daemon options
O DaemonPortOptions=Family=inet, Name=MTA-v4, Port=smtp, Addr=XX.XX.XX.XX
O DaemonPortOptions=Family=inet, Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1

Where XX.XX.XX.XX is an ip address of your public network interface. After enabling MTA on a local interface it should look like below:

# SMTP daemon options
O DaemonPortOptions=Family=inet, Name=MTA-v4, Port=smtp, Addr=XX.XX.XX.XX
O DaemonPortOptions=Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1
O DaemonPortOptions=Family=inet, Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1

Then sendmail restart with ‘/etc/init.d/sendmail restart’ or ‘service sendmail restart’. Depending on your distro, and it finally started sending and receiving emails.

The remote session was disconnected because there are no Terminal Server License Servers available to provide a license

Posted by daro on June 07, 2014
Citrix, Windows / No Comments

citrix_logo

No Terminal Server License Servers available to provide a license? Not quite so

Citrix client, whether it’s Program Neighborhood or Receiver, sometimes comes up with following error:

Warning:
Registry is crucial for Windows systems, before making any changes make sure to export it first so if you mess up you can always go back.
export

There is a very easy fix for this, all you have to do is to remove or rename ‘HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing’ key.

Log off and then log back in and you are done. I presume you all know how to launch registry editor, if not let me know.