<!--{{{-->
<link rel='alternate' type='application/rss+xml' title='RSS' href='index.xml'/>
<!--}}}-->
Background: #fff
Foreground: #000
PrimaryPale: #8cf
PrimaryLight: #18f
PrimaryMid: #04b
PrimaryDark: #014
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
/*{{{*/
body {background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]];}

a {color:[[ColorPalette::PrimaryMid]];}
a:hover {background-color:[[ColorPalette::PrimaryMid]]; color:[[ColorPalette::Background]];}
a img {border:0;}

h1,h2,h3,h4,h5,h6 {color:[[ColorPalette::SecondaryDark]]; background:transparent;}
h1 {border-bottom:2px solid [[ColorPalette::TertiaryLight]];}
h2,h3 {border-bottom:1px solid [[ColorPalette::TertiaryLight]];}

.button {color:[[ColorPalette::PrimaryDark]]; border:1px solid [[ColorPalette::Background]];}
.button:hover {color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::SecondaryLight]]; border-color:[[ColorPalette::SecondaryMid]];}
.button:active {color:[[ColorPalette::Background]]; background:[[ColorPalette::SecondaryMid]]; border:1px solid [[ColorPalette::SecondaryDark]];}

.header {background:[[ColorPalette::PrimaryMid]];}
.headerShadow {color:[[ColorPalette::Foreground]];}
.headerShadow a {font-weight:normal; color:[[ColorPalette::Foreground]];}
.headerForeground {color:[[ColorPalette::Background]];}
.headerForeground a {font-weight:normal; color:[[ColorPalette::PrimaryPale]];}

.tabSelected{color:[[ColorPalette::PrimaryDark]];
	background:[[ColorPalette::TertiaryPale]];
	border-left:1px solid [[ColorPalette::TertiaryLight]];
	border-top:1px solid [[ColorPalette::TertiaryLight]];
	border-right:1px solid [[ColorPalette::TertiaryLight]];
}
.tabUnselected {color:[[ColorPalette::Background]]; background:[[ColorPalette::TertiaryMid]];}
.tabContents {color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::TertiaryPale]]; border:1px solid [[ColorPalette::TertiaryLight]];}
.tabContents .button {border:0;}

#sidebar {}
#sidebarOptions input {border:1px solid [[ColorPalette::PrimaryMid]];}
#sidebarOptions .sliderPanel {background:[[ColorPalette::PrimaryPale]];}
#sidebarOptions .sliderPanel a {border:none;color:[[ColorPalette::PrimaryMid]];}
#sidebarOptions .sliderPanel a:hover {color:[[ColorPalette::Background]]; background:[[ColorPalette::PrimaryMid]];}
#sidebarOptions .sliderPanel a:active {color:[[ColorPalette::PrimaryMid]]; background:[[ColorPalette::Background]];}

.wizard {background:[[ColorPalette::PrimaryPale]]; border:1px solid [[ColorPalette::PrimaryMid]];}
.wizard h1 {color:[[ColorPalette::PrimaryDark]]; border:none;}
.wizard h2 {color:[[ColorPalette::Foreground]]; border:none;}
.wizardStep {background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]];
	border:1px solid [[ColorPalette::PrimaryMid]];}
.wizardStep.wizardStepDone {background:[[ColorPalette::TertiaryLight]];}
.wizardFooter {background:[[ColorPalette::PrimaryPale]];}
.wizardFooter .status {background:[[ColorPalette::PrimaryDark]]; color:[[ColorPalette::Background]];}
.wizard .button {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::SecondaryLight]]; border: 1px solid;
	border-color:[[ColorPalette::SecondaryPale]] [[ColorPalette::SecondaryDark]] [[ColorPalette::SecondaryDark]] [[ColorPalette::SecondaryPale]];}
.wizard .button:hover {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::Background]];}
.wizard .button:active {color:[[ColorPalette::Background]]; background:[[ColorPalette::Foreground]]; border: 1px solid;
	border-color:[[ColorPalette::PrimaryDark]] [[ColorPalette::PrimaryPale]] [[ColorPalette::PrimaryPale]] [[ColorPalette::PrimaryDark]];}

#messageArea {border:1px solid [[ColorPalette::SecondaryMid]]; background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]];}
#messageArea .button {color:[[ColorPalette::PrimaryMid]]; background:[[ColorPalette::SecondaryPale]]; border:none;}

.popupTiddler {background:[[ColorPalette::TertiaryPale]]; border:2px solid [[ColorPalette::TertiaryMid]];}

.popup {background:[[ColorPalette::TertiaryPale]]; color:[[ColorPalette::TertiaryDark]]; border-left:1px solid [[ColorPalette::TertiaryMid]]; border-top:1px solid [[ColorPalette::TertiaryMid]]; border-right:2px solid [[ColorPalette::TertiaryDark]]; border-bottom:2px solid [[ColorPalette::TertiaryDark]];}
.popup hr {color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::PrimaryDark]]; border-bottom:1px;}
.popup li.disabled {color:[[ColorPalette::TertiaryMid]];}
.popup li a, .popup li a:visited {color:[[ColorPalette::Foreground]]; border: none;}
.popup li a:hover {background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]]; border: none;}
.popup li a:active {background:[[ColorPalette::SecondaryPale]]; color:[[ColorPalette::Foreground]]; border: none;}
.popupHighlight {background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]];}
.listBreak div {border-bottom:1px solid [[ColorPalette::TertiaryDark]];}

.tiddler .defaultCommand {font-weight:bold;}

.shadow .title {color:[[ColorPalette::TertiaryDark]];}

.title {color:[[ColorPalette::SecondaryDark]];}
.subtitle {color:[[ColorPalette::TertiaryDark]];}

.toolbar {color:[[ColorPalette::PrimaryMid]];}
.toolbar a {color:[[ColorPalette::TertiaryLight]];}
.selected .toolbar a {color:[[ColorPalette::TertiaryMid]];}
.selected .toolbar a:hover {color:[[ColorPalette::Foreground]];}

.tagging, .tagged {border:1px solid [[ColorPalette::TertiaryPale]]; background-color:[[ColorPalette::TertiaryPale]];}
.selected .tagging, .selected .tagged {background-color:[[ColorPalette::TertiaryLight]]; border:1px solid [[ColorPalette::TertiaryMid]];}
.tagging .listTitle, .tagged .listTitle {color:[[ColorPalette::PrimaryDark]];}
.tagging .button, .tagged .button {border:none;}

.footer {color:[[ColorPalette::TertiaryLight]];}
.selected .footer {color:[[ColorPalette::TertiaryMid]];}

.sparkline {background:[[ColorPalette::PrimaryPale]]; border:0;}
.sparktick {background:[[ColorPalette::PrimaryDark]];}

.error, .errorButton {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::Error]];}
.warning {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::SecondaryPale]];}
.lowlight {background:[[ColorPalette::TertiaryLight]];}

.zoomer {background:none; color:[[ColorPalette::TertiaryMid]]; border:3px solid [[ColorPalette::TertiaryMid]];}

.imageLink, #displayArea .imageLink {background:transparent;}

.annotation {background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]]; border:2px solid [[ColorPalette::SecondaryMid]];}

.viewer .listTitle {list-style-type:none; margin-left:-2em;}
.viewer .button {border:1px solid [[ColorPalette::SecondaryMid]];}
.viewer blockquote {border-left:3px solid [[ColorPalette::TertiaryDark]];}

.viewer table, table.twtable {border:2px solid [[ColorPalette::TertiaryDark]];}
.viewer th, .viewer thead td, .twtable th, .twtable thead td {background:[[ColorPalette::SecondaryMid]]; border:1px solid [[ColorPalette::TertiaryDark]]; color:[[ColorPalette::Background]];}
.viewer td, .viewer tr, .twtable td, .twtable tr {border:1px solid [[ColorPalette::TertiaryDark]];}

.viewer pre {border:1px solid [[ColorPalette::SecondaryLight]]; background:[[ColorPalette::SecondaryPale]];}
.viewer code {color:[[ColorPalette::SecondaryDark]];}
.viewer hr {border:0; border-top:dashed 1px [[ColorPalette::TertiaryDark]]; color:[[ColorPalette::TertiaryDark]];}

.highlight, .marked {background:[[ColorPalette::SecondaryLight]];}

.editor input {border:1px solid [[ColorPalette::PrimaryMid]];}
.editor textarea {border:1px solid [[ColorPalette::PrimaryMid]]; width:100%;}
.editorFooter {color:[[ColorPalette::TertiaryMid]];}

#backstageArea {background:[[ColorPalette::Foreground]]; color:[[ColorPalette::TertiaryMid]];}
#backstageArea a {background:[[ColorPalette::Foreground]]; color:[[ColorPalette::Background]]; border:none;}
#backstageArea a:hover {background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]]; }
#backstageArea a.backstageSelTab {background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]];}
#backstageButton a {background:none; color:[[ColorPalette::Background]]; border:none;}
#backstageButton a:hover {background:[[ColorPalette::Foreground]]; color:[[ColorPalette::Background]]; border:none;}
#backstagePanel {background:[[ColorPalette::Background]]; border-color: [[ColorPalette::Background]] [[ColorPalette::TertiaryDark]] [[ColorPalette::TertiaryDark]] [[ColorPalette::TertiaryDark]];}
.backstagePanelFooter .button {border:none; color:[[ColorPalette::Background]];}
.backstagePanelFooter .button:hover {color:[[ColorPalette::Foreground]];}
#backstageCloak {background:[[ColorPalette::Foreground]]; opacity:0.6; filter:'alpha(opacity:60)';}
/*}}}*/
/*{{{*/
* html .tiddler {height:1%;}

body {font-size:.75em; font-family:arial,helvetica; margin:0; padding:0;}

h1,h2,h3,h4,h5,h6 {font-weight:bold; text-decoration:none;}
h1,h2,h3 {padding-bottom:1px; margin-top:1.2em;margin-bottom:0.3em;}
h4,h5,h6 {margin-top:1em;}
h1 {font-size:1.35em;}
h2 {font-size:1.25em;}
h3 {font-size:1.1em;}
h4 {font-size:1em;}
h5 {font-size:.9em;}

hr {height:1px;}

a {text-decoration:none;}

dt {font-weight:bold;}

ol {list-style-type:decimal;}
ol ol {list-style-type:lower-alpha;}
ol ol ol {list-style-type:lower-roman;}
ol ol ol ol {list-style-type:decimal;}
ol ol ol ol ol {list-style-type:lower-alpha;}
ol ol ol ol ol ol {list-style-type:lower-roman;}
ol ol ol ol ol ol ol {list-style-type:decimal;}

.txtOptionInput {width:11em;}

#contentWrapper .chkOptionInput {border:0;}

.externalLink {text-decoration:underline;}

.indent {margin-left:3em;}
.outdent {margin-left:3em; text-indent:-3em;}
code.escaped {white-space:nowrap;}

.tiddlyLinkExisting {font-weight:bold;}
.tiddlyLinkNonExisting {font-style:italic;}

/* the 'a' is required for IE, otherwise it renders the whole tiddler in bold */
a.tiddlyLinkNonExisting.shadow {font-weight:bold;}

#mainMenu .tiddlyLinkExisting,
	#mainMenu .tiddlyLinkNonExisting,
	#sidebarTabs .tiddlyLinkNonExisting {font-weight:normal; font-style:normal;}
#sidebarTabs .tiddlyLinkExisting {font-weight:bold; font-style:normal;}

.header {position:relative;}
.header a:hover {background:transparent;}
.headerShadow {position:relative; padding:4.5em 0em 1em 1em; left:-1px; top:-1px;}
.headerForeground {position:absolute; padding:4.5em 0em 1em 1em; left:0px; top:0px;}

.siteTitle {font-size:3em;}
.siteSubtitle {font-size:1.2em;}

#mainMenu {position:absolute; left:0; width:10em; text-align:right; line-height:1.6em; padding:1.5em 0.5em 0.5em 0.5em; font-size:1.1em;}

#sidebar {position:absolute; right:3px; width:16em; font-size:.9em;}
#sidebarOptions {padding-top:0.3em;}
#sidebarOptions a {margin:0em 0.2em; padding:0.2em 0.3em; display:block;}
#sidebarOptions input {margin:0.4em 0.5em;}
#sidebarOptions .sliderPanel {margin-left:1em; padding:0.5em; font-size:.85em;}
#sidebarOptions .sliderPanel a {font-weight:bold; display:inline; padding:0;}
#sidebarOptions .sliderPanel input {margin:0 0 .3em 0;}
#sidebarTabs .tabContents {width:15em; overflow:hidden;}

.wizard {padding:0.1em 1em 0em 2em;}
.wizard h1 {font-size:2em; font-weight:bold; background:none; padding:0em 0em 0em 0em; margin:0.4em 0em 0.2em 0em;}
.wizard h2 {font-size:1.2em; font-weight:bold; background:none; padding:0em 0em 0em 0em; margin:0.4em 0em 0.2em 0em;}
.wizardStep {padding:1em 1em 1em 1em;}
.wizard .button {margin:0.5em 0em 0em 0em; font-size:1.2em;}
.wizardFooter {padding:0.8em 0.4em 0.8em 0em;}
.wizardFooter .status {padding:0em 0.4em 0em 0.4em; margin-left:1em;}
.wizard .button {padding:0.1em 0.2em 0.1em 0.2em;}

#messageArea {position:fixed; top:2em; right:0em; margin:0.5em; padding:0.5em; z-index:2000; _position:absolute;}
.messageToolbar {display:block; text-align:right; padding:0.2em 0.2em 0.2em 0.2em;}
#messageArea a {text-decoration:underline;}

.tiddlerPopupButton {padding:0.2em 0.2em 0.2em 0.2em;}
.popupTiddler {position: absolute; z-index:300; padding:1em 1em 1em 1em; margin:0;}

.popup {position:absolute; z-index:300; font-size:.9em; padding:0; list-style:none; margin:0;}
.popup .popupMessage {padding:0.4em;}
.popup hr {display:block; height:1px; width:auto; padding:0; margin:0.2em 0em;}
.popup li.disabled {padding:0.4em;}
.popup li a {display:block; padding:0.4em; font-weight:normal; cursor:pointer;}
.listBreak {font-size:1px; line-height:1px;}
.listBreak div {margin:2px 0;}

.tabset {padding:1em 0em 0em 0.5em;}
.tab {margin:0em 0em 0em 0.25em; padding:2px;}
.tabContents {padding:0.5em;}
.tabContents ul, .tabContents ol {margin:0; padding:0;}
.txtMainTab .tabContents li {list-style:none;}
.tabContents li.listLink { margin-left:.75em;}

#contentWrapper {display:block;}
#splashScreen {display:none;}

#displayArea {margin:1em 17em 0em 14em;}

.toolbar {text-align:right; font-size:.9em;}

.tiddler {padding:1em 1em 0em 1em;}

.missing .viewer,.missing .title {font-style:italic;}

.title {font-size:1.6em; font-weight:bold;}

.missing .subtitle {display:none;}
.subtitle {font-size:1.1em;}

.tiddler .button {padding:0.2em 0.4em;}

.tagging {margin:0.5em 0.5em 0.5em 0; float:left; display:none;}
.isTag .tagging {display:block;}
.tagged {margin:0.5em; float:right;}
.tagging, .tagged {font-size:0.9em; padding:0.25em;}
.tagging ul, .tagged ul {list-style:none; margin:0.25em; padding:0;}
.tagClear {clear:both;}

.footer {font-size:.9em;}
.footer li {display:inline;}

.annotation {padding:0.5em; margin:0.5em;}

* html .viewer pre {width:99%; padding:0 0 1em 0;}
.viewer {line-height:1.4em; padding-top:0.5em;}
.viewer .button {margin:0em 0.25em; padding:0em 0.25em;}
.viewer blockquote {line-height:1.5em; padding-left:0.8em;margin-left:2.5em;}
.viewer ul, .viewer ol {margin-left:0.5em; padding-left:1.5em;}

.viewer table, table.twtable {border-collapse:collapse; margin:0.8em 1.0em;}
.viewer th, .viewer td, .viewer tr,.viewer caption,.twtable th, .twtable td, .twtable tr,.twtable caption {padding:3px;}
table.listView {font-size:0.85em; margin:0.8em 1.0em;}
table.listView th, table.listView td, table.listView tr {padding:0px 3px 0px 3px;}

.viewer pre {padding:0.5em; margin-left:0.5em; font-size:1.2em; line-height:1.4em; overflow:auto;}
.viewer code {font-size:1.2em; line-height:1.4em;}

.editor {font-size:1.1em;}
.editor input, .editor textarea {display:block; width:100%; font:inherit;}
.editorFooter {padding:0.25em 0em; font-size:.9em;}
.editorFooter .button {padding-top:0px; padding-bottom:0px;}

.fieldsetFix {border:0; padding:0; margin:1px 0px 1px 0px;}

.sparkline {line-height:1em;}
.sparktick {outline:0;}

.zoomer {font-size:1.1em; position:absolute; overflow:hidden;}
.zoomer div {padding:1em;}

* html #backstage {width:99%;}
* html #backstageArea {width:99%;}
#backstageArea {display:none; position:relative; overflow: hidden; z-index:150; padding:0.3em 0.5em 0.3em 0.5em;}
#backstageToolbar {position:relative;}
#backstageArea a {font-weight:bold; margin-left:0.5em; padding:0.3em 0.5em 0.3em 0.5em;}
#backstageButton {display:none; position:absolute; z-index:175; top:0em; right:0em;}
#backstageButton a {padding:0.1em 0.4em 0.1em 0.4em; margin:0.1em 0.1em 0.1em 0.1em;}
#backstage {position:relative; width:100%; z-index:50;}
#backstagePanel {display:none; z-index:100; position:absolute; margin:0em 3em 0em 3em; padding:1em 1em 1em 1em;}
.backstagePanelFooter {padding-top:0.2em; float:right;}
.backstagePanelFooter a {padding:0.2em 0.4em 0.2em 0.4em;}
#backstageCloak {display:none; z-index:20; position:absolute; width:100%; height:100px;}

.whenBackstage {display:none;}
.backstageVisible .whenBackstage {display:block;}
/*}}}*/
/***
StyleSheet for use when a translation requires any css style changes.
This StyleSheet can be used directly by languages such as Chinese, Japanese and Korean which need larger font sizes.
***/
/*{{{*/
body {font-size:0.8em;}
#sidebarOptions {font-size:1.05em;}
#sidebarOptions a {font-style:normal;}
#sidebarOptions .sliderPanel {font-size:0.95em;}
.subtitle {font-size:0.8em;}
.viewer table.listView {font-size:0.95em;}
/*}}}*/
/*{{{*/
@media print {
#mainMenu, #sidebar, #messageArea, .toolbar, #backstageButton, #backstageArea {display: none ! important;}
#displayArea {margin: 1em 1em 0em 1em;}
/* Fixes a feature in Firefox 1.5.0.2 where print preview displays the noscript content */
noscript {display:none;}
}
/*}}}*/
<!--{{{-->
<div class='header' macro='gradient vert [[ColorPalette::PrimaryLight]] [[ColorPalette::PrimaryMid]]'>
<div class='headerShadow'>
<span class='siteTitle' refresh='content' tiddler='SiteTitle'></span>&nbsp;
<span class='siteSubtitle' refresh='content' tiddler='SiteSubtitle'></span>
</div>
<div class='headerForeground'>
<span class='siteTitle' refresh='content' tiddler='SiteTitle'></span>&nbsp;
<span class='siteSubtitle' refresh='content' tiddler='SiteSubtitle'></span>
</div>
</div>
<div id='mainMenu' refresh='content' tiddler='MainMenu'></div>
<div id='sidebar'>
<div id='sidebarOptions' refresh='content' tiddler='SideBarOptions'></div>
<div id='sidebarTabs' refresh='content' force='true' tiddler='SideBarTabs'></div>
</div>
<div id='displayArea'>
<div id='messageArea'></div>
<div id='tiddlerDisplay'></div>
</div>
<!--}}}-->
<!--{{{-->
<div class='toolbar' macro='toolbar [[ToolbarCommands::ViewToolbar]]'></div>
<div class='title' macro='view title'></div>
<div class='subtitle'><span macro='view modifier link'></span>, <span macro='view modified date'></span> (<span macro='message views.wikified.createdPrompt'></span> <span macro='view created date'></span>)</div>
<div class='tagging' macro='tagging'></div>
<div class='tagged' macro='tags'></div>
<div class='viewer' macro='view text wikified'></div>
<div class='tagClear'></div>
<!--}}}-->
<!--{{{-->
<div class='toolbar' macro='toolbar [[ToolbarCommands::EditToolbar]]'></div>
<div class='title' macro='view title'></div>
<div class='editor' macro='edit title'></div>
<div macro='annotations'></div>
<div class='editor' macro='edit text'></div>
<div class='editor' macro='edit tags'></div><div class='editorFooter'><span macro='message views.editor.tagPrompt'></span><span macro='tagChooser'></span></div>
<!--}}}-->
To get started with this blank TiddlyWiki, you'll need to modify the following tiddlers:
* SiteTitle & SiteSubtitle: The title and subtitle of the site, as shown above (after saving, they will also appear in the browser title bar)
* MainMenu: The menu (usually on the left)
* DefaultTiddlers: Contains the names of the tiddlers that you want to appear when the TiddlyWiki is opened
You'll also need to enter your username for signing your edits: <<option txtUserName>>
These InterfaceOptions for customising TiddlyWiki are saved in your browser

Your username for signing your edits. Write it as a WikiWord (eg JoeBloggs)

<<option txtUserName>>
<<option chkSaveBackups>> SaveBackups
<<option chkAutoSave>> AutoSave
<<option chkRegExpSearch>> RegExpSearch
<<option chkCaseSensitiveSearch>> CaseSensitiveSearch
<<option chkAnimate>> EnableAnimations

----
Also see AdvancedOptions
<<importTiddlers>>
Fix: apply sp1 or sp2
{{{
Here is the format.
# add password <router name glob> <vty passwd> <enable passwd>
#
# add user <router name glob> <username>
#       The default user is $USER (i.e.: the user running clogin).
#
# add userprompt <router name glob> <username prompt>
#       What the router prints to prompt for the username.
#       Default: {"(Username|login|user name):"}
#
# add userpassword <router name glob> <user password>
#       The password for user if different than the password set
#       using 'add password'.
#
# add passprompt <router name glob> <password prompt>
#       What the router prints to prompt for the password.
#       Default: {"(\[Pp]assword|passwd):"}
#
# add method <router name glob> {ssh} [...]
#       Defines, in order, which connection method(s) to use for a device
#       from the set {ssh,telnet,rsh}.  e.g.: add method * {ssh} {telnet} {rsh}
#       will attempt ssh connection first.  if ssh fails with connection
#       refused (i.e.: not due to authentication failure), then try telnet,
#       then rsh.
#       Default: {telnet} {ssh}
#
# add noenable <router name glob>
#       equivalent of -noenable on the cmd line to not enable at login.
#
# add enableprompt <router name glob> <enable prompt>
#       What the router prints to prompt for the enable password.
#       Default: {"\[Pp]assword:"}
#
# add enauser <router name glob> <username>
#       This is only needed if enable asks for a username and this
#       username is different from what user is set to.
#
# add autoenable <router name glob> <1/0>
#       This is used if you are automatically enabled by the login process.
#
# add cyphertype <router name glob> <ssh encryption type>
#       Default is 3des.
#
# add identity <router name glob> <path to ssh identity file>
#       Default is your default ssh identity.
}}}
If you have a comment or question send me an email: jeff.wardlaw@gmail.com
from: http://blogs.techrepublic.com.com/networking/?p=470
by: David Davis


Recently, Cisco Subnet blogger Brad Reese wrote the article, “Expert warns of scam to blackmail companies for cash to get back access to their Cisco routers.” In that post, he wrote about hackers who manage to hijack a company’s routers and then extort money from them by threatening to take down the network. The hackers were able to obtain control of the network because of poorly written Cisco IOS ACLs, easily guessed passwords, and unencrypted SNMP community strings (or easily guessed community strings).

Don’t let this happen to you and your network. Here are my top five best practices to secure your routers, your network, and your company from malicious attacks.
1. Understand the basics of router security

You must understand the basics of router security. Here are the essentials:

Physically secure the routers
If your routers are not physically secured, anyone can walk up, perform a password reset, and gain full access to that router’s configuration. Even if this isn’t a core router, they could take down your network by poisoning the routing tables on all routers. For this reason, routers should be in a locked room and preferably have video surveillance. Additionally, reliable electrical power and cooling must be provided.

Lock down the router with passwords
Routers must be secured with passwords at both the login mode (to prevent initial access) and the privileged mode (to prevent configuration changes). For more information on these different levels in the Cisco IOS, please see my article, “Understand the levels of privilege in the Cisco IOS.”

Apply login mode passwords on Console, AUX, and VTY (telnet/ssh) interfaces
Password controlled access needs not only to be on the VTY lines to prevent network access, but also on the Console and AUX ports. If the Console port is locked but the AUX port doesn’t have a password, then locking the Console wasn’t of much use, was it?

Set the correct time and date
To ensure that logs are correct and have not been tampered with, you must ensure that the router has the correct time and date. For more information, please see “Synchronize a Cisco router’s clock with Network Time Protocol (NTP).”

Enable proper logging
Logging should be enabled, preferably, back to a central source like a syslog server. At minimum, you need to configure a buffered log on the router. However, if the power is lost to that router, that local buffered log is lost. For this reason, to really be secure, you need to configure a syslog server (see the article, “SolutionBase: Monitor your network with Kiwi Syslog“), and send all router logs to that server. You could also put in the open source or commercial version of Tripwire. Preferably, you should increase the level of logging and even log configuration changes to the router. For example, you can use the following command to enable SNMP traps for configuration changes:

snmp-server enable traps config

For more information on Cisco router logging, please see, “Get to know your logging options in the Cisco IOS.”

Back up router configurations to a central source
Let’s say that someone does take control of your router or wipes out your router configurations. To replace that router quickly or replace the configuration, you need to have a backup of that configuration. To do this, ensure that your routers are backed up whenever configuration changes are made or each week or day. I have enjoyed using Kiwi CatTools to do this. For more information, see “Automate changes to your Cisco router with Kiwi CatTools.”

Secure other network devices such as switches and wireless access
Most of the items listed here also apply to Cisco switches and wireless access points. Here are a couple of articles on those topics that you should check out:

    * 10 things you should know about securing wireless connections
    * Lock Down Switch Port Security

Two more areas that I consider to be at the basic level of router security are locking down network access to the router with a stateful firewall or ACL and encrypting sensitive network traffic, but I will cover these points in more detail below (sections three and five, respectively).
2. Know your network: Diagram, audit, and document

If you are responsible for the security of a network you should know that network like you know the vulnerable doors and windows (think entry points) of your house.

You should diagram your network so that you have a map to help you and others visualize the entire network.

You should have the router configurations backed up (see Kiwi CatTools above). Finally, you should periodically audit your network security, both internally and externally (via a third party). There are tons of network scanning and auditing tools available. Here is a recent article of mine that covered one of them: “Audit your Cisco router’s security with Nipper.”
3. Protect your router with a firewall and ACLs

In Reese’s post about the hackers, he mentioned the fact that the company had poor access control lists (ACLs) in place on their routers. ACLs are typically what protect routers from attack. However, due to their complexity, many of them end up being misconfigured or ineffective. Make sure that your ACLs allow only traffic to the router and through the router that should be there. For internal routers this will only be internal traffic.

Make sure you understand that whatever isn’t permitted will be denied (the implicit deny), that ACLs are processed from the top down, that there should never be a permit any in the ACL, and that the ACL must be applied to an interface in the proper direction to be enabled. For more information on ACLs, please see some of my articles and video on this topic:

    * Secure your router with Cisco’s SDM Firewall Policy Wizard
    * Cisco IOS access lists: 10 things you should know
    * Use advanced parameters on your Cisco IOS ACLs
    * VIDEO: Harden your Cisco Router with IOS ACLs

Keep in mind that ACLs aren’t just used to prevent traffic from going through the router. They are also used to control SSH traffic, routing update, and to throttle traffic. For more information, see:

    * Learn additional uses for Cisco IOS access control lists
    * Control unwanted traffic on your Cisco router with CAR

Besides ACLs, the Cisco IOS offers a real stateful firewall if you use the Security/Firewall version of the IOS. A stateful firewall will be much better than just using ACLs. I recommend checking out my article, “Protect your network with the Cisco IOS Firewall,” and consider implementing one on your routers.
4. Change your passwords and make them complex

Another method that hackers use to take control of networks is password guessing or password sniffing. To prevent this, you should CHANGE YOUR PASSWORDS TO COMPLEX PASSWORDS TODAY. Don’t wait another day! An example of a complex password is MySuper!S3cr3tPa$$.

Make sure you always use type 5 password encryption on your routers (see “Be aware of how easily someone can crack a Cisco IOS password“). Make sure this command is on your router to encrypt most (but not all) passwords with type 5 encryption:

service password-encryption

Also, keep in mind that we aren’t just talking about login passwords. This includes all SNMP community strings and routing protocol update passwords. All of those should be complex and changed periodically.

For more information on this topic, please see, “How to Configure Passwords to Secure your Cisco Router.”
5. Always encrypt sensitive network traffic

Finally, hackers can obtain passwords to your routers by sniffing network traffic when you log in to your router with telnet, perform a “show run” via telnet, or use unencrypted SNMP strings.

You should always encrypt sensitive network traffic by using SSH and SNMP encryption. Start by enabling SSH and disable telnet to all network devices that support it (see “Configure SSH on your Cisco Router“).

If you are using SNMP, enable SNMP v3 with encryption and use it exclusively (for more information, see AES and 3-DES Encryption Support for SNMP Version 3).
Be careful

The point of this article is to (1) encourage you to take action to secure your network before malicious attackers take control of it and (2) to show you exactly which actions you need to take. You shouldn’t assume that your network isn’t a target because your company isn’t high profile or your data wouldn’t be valuable to an attacker. Take every reasonable step to protect your network; as you can see from this post, these steps aren’t necessarily difficult or costly.
{{{
configure factory-default
}}}
Version: 5.0
Updated 20090303

{{{
<username>
<Name>
<password>
<Nat0ACL>
<localnet>
<localmask>
<poolnet>
<poolmask>
<presharedkey>
}}}

{{{
username <username> password <password> priv 0

ip local pool <Name>Pool a.b.c.d-a.b.c.e mask w.x.y.z
!
access-list <Nat0ACL> remark >>>> Begin <Name> VPN Client Nat0
access-list <Nat0ACL> extended permit ip <localnet> <localmask> <poolnet> <poolmask>
access-list <Nat0ACL> remark >>>> End <Name> VPN Client Nat0
!
access-list <Name>SplitTunnelACL extended permit ip <localnet> <localmask> <poolnet> <poolmask>
!
!uncomment following if you don't have a nat0 line
!nat (inside) 0 access-list <Nat0ACL>
!
group-policy <Name>VPNPolicy internal
group-policy <Name>VPNPolicy attributes
 vpn-tunnel-protocol IPSec
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value <Name>SplitTunnelACL 
!
tunnel-group <Name>VPNTunnelGroup type ipsec-ra
tunnel-group <Name>VPNTunnelGroup general-attributes
 address-pool <Name>Pool
 default-group-policy <Name>VPNPolicy
tunnel-group <Name>VPNTunnelGroup ipsec-attributes
 pre-shared-key <presharedkey>
! uncomment following if you don't want to use usernames & passwords
! isakmp ikev1-user-authentication none
}}}
replace these:
{{{
<Name>
<Nat0ACL>
<localnet>
<localmask>
<remotenet>
<remotemask>
<MapName>
<SeqNumber>
<PeerIP>
<InterfaceName>
<presharedkey>
}}}

{{{
access-list <Nat0ACL> remark >>>> Begin <Name> VPN Tunnel Nat0
access-list <Nat0ACL> extended permit ip <localnet> <localmask> <remotenet> <remotemask>
!repeat as necessary
!  .
access-list <Nat0ACL> remark >>>> End <Name> VPN Tunnel Nat0
!
!cryptomap acl
access-list <MapName>-<SeqNumber> remark >>>> Begin <Name> VPN Tunnel CryptoMap ACL
access-list <MapName>-<SeqNumber> extended permit ip <localnet> <localmask> <remotenet> <remotemask>
!repeat as necessary
!  .
access-list <MapName>-<SeqNumber> remark >>>> End <Name> VPN Tunnel CryptoMap ACL
!
!nat 0 
!nat (inside) 0 access-list <Nat0ACL>
!
!
!Phase2
!crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
crypto map <MapName> <SeqNumber> match address <MapName>-<SeqNumber>
crypto map <MapName> <SeqNumber> set peer <PeerIP>
crypto map <MapName> <SeqNumber> set transform-set 3DES-SHA
!crypto map <MapName> interface <InterfaceName>

!Phase 1
!crypto isakmp identity address
!crypto isakmp enable <InterfaceName>
!crypto isakmp policy <PolicySeqNumber>
! authentication pre-share
! encryption 3des
! hash sha
! group 2
! lifetime 86400
!
tunnel-group <PeerIP> type ipsec-l2l
tunnel-group <PeerIP> ipsec-attributes
! pre-shared-key <presharedkey>
}}}

{{{for /r F:\Test_Set_1 %%a in (*) do echo %%~sfa}}}
If your pair of ASAs has failed over, and you want to fail back:
*log into the primary-standby member
*{{{failover active}}}
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008045a2d2.shtml#cis
{{{
Performing Password Recovery for the ASA 5500 Series Adaptive Security Appliance

To recover from the loss of passwords, perform the following steps:

Step 1 Connect to the security appliance console port according to the "Accessing the Command-Line Interface" section on page 2-1.

Step 2 Power off the security appliance, and then power it on.

Step 3 During the startup messages, press the Escape key when prompted to enter ROMMON.

Step 4 To set the security appliance to ignore the startup configuration at reload, enter the following command:

rommon #1> confreg


The security appliance displays the current configuration register value, and asks if you want to change the value:

Current Configuration Register: 0x00000011

Configuration Summary:

  boot TFTP image, boot default image from Flash on netboot failure

Do you wish to change this configuration? y/n [n]:


Step 5 Record your current configuration register value, so you can restore it later.

Step 6 At the prompt, enter Y to change the value.

The security appliance prompts you for new values.

Step 7 Accept the default values for all settings, except for the "disable system configuration?" value; at that prompt, enter Y.

Step 8 Reload the security appliance by entering the following command:

rommon #2> boot


The security appliance loads a default configuration instead of the startup configuration.

Step 9 Enter privileged EXEC mode by entering the following command:

hostname> enable


Step 10 When prompted for the password, press Return.

The password is blank.

Step 11 Load the startup configuration by entering the following command:

hostname# copy startup-config running-config


Step 12 Enter global configuration mode by entering the following command:

hostname# configure terminal


Step 13 Change the passwords in the configuration by entering the following commands, as necessary:

hostname(config)# password password

hostname(config)# enable password password

hostname(config)# username name password password


Step 14 Change the configuration register to load the startup configuration at the next reload by entering the following command:

hostname(config)# config-register value


Where value is the configuration register value you noted in Step 5. 0x1 is the default configuration register. For more information about the configuration register, see the Cisco Security Appliance Command Reference.

Step 15 Save the new passwords to the startup configuration by entering the following command:

hostname(config)# copy running-config startup-config

}}}
http://asn.cymru.com/cgi-bin/whois.cgi
On an NTFS file-system, cannot have more than 1820 Access Control Entries (ACEs) per file.
*Determine Array
*Determine Prod LUN
*Determine Clone LUN
*Determine RG for Prod LUN additional space
*Create LUN for Prod LUN expansion
*Determien RG for Clone LUN additional space
*Create LUN for Clone LUN expansion
*Remove Clone LUN from clone group
*Delete clone group
*Expand Prod LUN
*Expand windows volume
*Expand Clone LUN
*Create clone group
*Add Clone LUN to clone group


#Add Alias to WWN
#Create zone for each HBA>SP
#Add zone to zone config
#save config
#apply config
useradd and groupadd are the posix or SUS-standardized tools to create
users and groups. You can expect them to work (almost) identically on all Linux
distributions as well as on HP-UX, Solaris, AIX, ...

adduser and groupadd are distribution specific wrappers which make it
simpler to create users which conform to some (distribution-specific or
local) policy. The options vary wildly between different distributions
and other UNIXes may not have these commands at all.


from 
http://lists.debian.org/debian-powerpc/2004/09/msg00215.html
{{{
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
}}}

hidden system folder
1 Open Global settings in Exchange system manager.

2 Internet Message Formats.

3 Right click "default" (on the right hand panel).

4 Select Properties > Advanced.

5 the "allow out of office responses" box. Click apply/ok.
add
{{{
RedirectMatch ^/$ http://servername/cacti
}}}
http://www.petenetlive.com/KB/Article/0000273.htm
[[Border Gateway Protocol (BGP) Introduction|http://www.cisco.com/en/US/tech/tk365/tk80/tsd_technology_support_sub-protocol_home.html]]
{{{
Q. What is the order of preference of attributes when some or all are applied to one neighbor in BGP?

    A. The order of preference varies based on 
       whether the attributes are applied for inbound updates or outbound updates.

    For inbound updates the order of preference is:

       1. route-map
       2. filter-list
       3. prefix-list, distribute-list

    For outbound updates the order of preference is:

       1. prefix-list, distribute-list
       2. filter-list
       3. route-map

Note: The attributes prefix-list and distribute-list are mutually exclusive, 
and only one command (neighbor prefix-list or neighbor distribute-list) 
can be applied to each inbound or outbound direction for a particular neighbor.
}}}
run ioscan, compare scsi id's to htrmserv.ini

{{{
C:\Htape\RM\bin>ioscan tape
IoScan version 1.2 - BridgeHead Software I/O devices scan
Device           Name             Serial number
SCSI:5:1:0:1     tape0            MXP1115TBE
SCSI:5:1:0:2     tape1            HU11032VU1
SCSI:5:1:1:0     tape2            HU10530JHT
SCSI:5:1:1:1     tape3            HU10640NJH
SCSI:5:1:2:0     tape4            HU10804F51
SCSI:5:1:2:1     tape5            HU108041T2

C:\Htape\RM\bin>ioscan changer
IoScan version 1.2 - BridgeHead Software I/O devices scan
Device           Name             Serial number
SCSI:5:1:0:0     changer0         USX602Z02F

C:\Htape\RM\bin>cd\
}}}

{{{
c:\htape\rm\bin>ioscan.exe
IoScan version 1.2 - BridgeHead Software I/O devices scan
Device           Device type      Bus type   Vendor   Product          Rev  Claimed
SCSI:0:0:0:0     CDROM Drive      ATA        TEAC     CD-224E          9.9A Yes
SCSI:2:0:0:0     Unknown device   SCSI       COMPAQ   SCSI COMMUNICATE CISS No
SCSI:2:0:4:0     Disk             SCSI       COMPAQ   LOGICAL VOLUME   2.62 Yes
SCSI:3:1:0:0     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:2     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:3     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:4     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:5     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:7     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:8     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:10    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:11    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:0:12    Disk             FIBRE      DGC      RAID 1           0219 Yes
SCSI:3:1:0:13    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:0     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:2     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:3     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:4     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:5     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:7     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:8     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:10    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:11    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:1:12    Disk             FIBRE      DGC      RAID 1           0219 Yes
SCSI:3:1:1:13    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:3:1:2:0     Disk             FIBRE      DGC      LUNZ             0429 No
SCSI:3:1:2:1     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:3:1:2:2     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:3:1:2:3     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:3:1:3:0     Disk             FIBRE      DGC      LUNZ             0429 No
SCSI:3:1:3:1     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:3:1:3:2     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:3:1:3:3     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:4:1:0:0     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:2     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:3     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:4     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:5     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:7     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:8     Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:10    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:11    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:0:12    Disk             FIBRE      DGC      RAID 1           0219 Yes
SCSI:4:1:0:13    Disk             FIBRE      DGC      RAID 10          0219 Yes
SCSI:4:1:1:0     Disk             FIBRE      DGC      LUNZ             0429 No
SCSI:4:1:1:1     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:4:1:1:2     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:4:1:1:3     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:4:1:2:0     Disk             FIBRE      DGC      LUNZ             0429 No
SCSI:4:1:2:1     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:4:1:2:2     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:4:1:2:3     Disk             FIBRE      DGC      RAID 10          0429 Yes
SCSI:5:1:0:0     Media changer    FIBRE      HP       MSL6000 Series   0520 Yes
SCSI:5:1:0:1     Tape             FIBRE      HP       Ultrium 3-SCSI   G65W Yes
SCSI:5:1:0:2     Tape             FIBRE      HP       Ultrium 3-SCSI   G65W Yes
SCSI:5:1:0:3     Array Device     FIBRE      HP       NS E1200-160     5963 No
SCSI:5:1:1:0     Tape             FIBRE      HP       Ultrium 3-SCSI   G65W Yes
SCSI:5:1:1:1     Tape             FIBRE      HP       Ultrium 3-SCSI   G65W Yes
SCSI:5:1:1:2     Array Device     FIBRE      HP       NS E1200-160     5963 No
SCSI:5:1:2:0     Tape             FIBRE      HP       Ultrium 3-SCSI   G65W Yes
SCSI:5:1:2:1     Tape             FIBRE      HP       Ultrium 3-SCSI   G65W Yes
SCSI:5:1:2:2     Array Device     FIBRE      HP       NS E1200-320     5963 No
}}}
Blat is a command line smtp mailer for windows. I use it for a lot of my windows scripts: [[robocopy]].

Here's a my installer script:
{{{
@echo off
::installblat.cmd

c:\bin\blat.exe -install <mailhost> %computername%@<domain>.<tld>
}}}

Here's where I use it:

{{{
@echo off
SETLOCAL ENABLEDELAYEDEXPANSION

.
.
.
do stuff
.
.
.
log it to %_logfile%
SET _BLAT=c:\bin\blat.exe
%_BLAT% %_logfile% -t <recipient>@<domain>.<tld> -s "%0 done"

}}}

!!!!Gotcha/Hint
use {{{SETLOCAL ENABLEDELAYEDEXPANSION}}} to expand %0 in the -s "%0 done"
{{{
Blat v2.6.2 w/GSS encryption (build : Feb 25 2007 12:06:19)


Win32 console utility to send mail via SMTP or post to usenet via NNTP
by P.Mendes,M.Neal,G.Vollant,T.Charron,T.Musson,H.Pesonen,A.Donchey,C.Hyde
  http://www.blat.net
syntax:
  Blat <filename> -to <recipient> [optional switches (see below)]

  Blat -SaveSettings -f <sender email addy> -server <server addr>
       [-port <port>] [-try <try>] [-profile <profile>]
       [-u <login id>] [-pwd <password>]
  or
  Blat -install <server addr> <sender's addr> [<try>[<port>[<profile>]]] [-q]

  Blat -profile [-delete | "<default>"] [profile1] [profileN] [-q]
  Blat -h

-------------------------------- Installation ---------------------------------
-SaveSettings   : store common settings to the Windows Registry.  Takes the
                  same parameters as -install, and is only for SMTP settings.
-install[SMTP|NNTP|POP3|IMAP] <server addr> <sender email addr> [<try n times>
                [<port> [<profile> [<username> [<password>]]]]]
                : set server, sender, number of tries and port for profile
                  (<try n times> and <port> may be replaced by '-')
                  port defaults are SMTP=25, NNTP=119, POP3=110, IMAP=143
                  default profile can be specified with a '-'
                  username and/or password may be stored to the registry
                  order of options is specific
                  use -installNNTP for storing NNTP information
                  use -installPOP3 for storing POP3 information
                      (sender and try are ignored, use '-' in place of these)
                  use -installIMAP for storing IMAP information
                      (sender and try are ignored, use '-' in place of these)

--------------------------------- The Basics ----------------------------------
<filename>      : file with the message body to be sent
                  if your message body is on the command line, use a hyphen (-)
                  as your first argument, and -body followed by your message
                  if your message will come from the console/keyboard, use the
                  hyphen as your first argument, but do not use -body option.
-of <file>      : text file containing more options (also -optionfile)
-to <recipient> : recipient list (also -t) (comma separated)
-tf <file>      : recipient list filename
-cc <recipient> : carbon copy recipient list (also -c) (comma separated)
-cf <file>      : cc recipient list filename
-bcc <recipient>: blind carbon copy recipient list (also -b)
                  (comma separated)
-bf <file>      : bcc recipient list filename
-maxNames <x>   : send to groups of <x> number of recipients
-ur             : set To: header to Undisclosed Recipients if not using the
                  -to and -cc options
-subject <subj> : subject line, surround with quotes to include spaces(also -s)
-ss             : suppress subject line if not defined
-sf <file>      : file containing subject line
-bodyF <file>   : file containing the message body
-body <text>    : message body, surround with quotes (") to include spaces
-sig <file>     : text file containing your email signature
-tag <file>     : text file containing taglines, to be randomly chosen
-ps <file>      : final message text, possibly for unsubscribe instructions

----------------------------- Registry overrides ------------------------------
-p <profile>    : send with server, user, and port defined in <profile>
                : use username and password if defined in <profile>
-profile        : list all profiles in the Registry
-server <addr>  : specify SMTP server to be used (optionally, addr:port)
-serverSMTP <addr>
                : same as -server
-serverNNTP <addr>
                : specify NNTP server to be used (optionally, addr:port)
-serverPOP3 <addr>
                : specify POP3 server to be used (optionally, addr:port)
                  when POP3 access is required before sending email
-serverIMAP <addr>
                : specify IMAP server to be used (optionally, addr:port)
                  when IMAP access is required before sending email
-f <sender>     : override the default sender address (must be known to server)
-i <addr>       : a 'From:' address, not necessarily known to the server
-port <port>    : port to be used on the SMTP server, defaults to SMTP (25)
-portSMTP <port>: same as -port
-portNNTP <port>: port to be used on the NNTP server, defaults to NNTP (119)
-portPOP3 <port>: port to be used on the POP3 server, defaults to POP3 (110)
-portIMAP <port>: port to be used on the IMAP server, defaults to IMAP (110)
-u <username>   : username for AUTH LOGIN (use with -pw)
-pw <password>  : password for AUTH LOGIN (use with -u)
-pu <username>  : username for POP3 LOGIN (use with -ppw)
-ppw <password> : password for POP3 LOGIN (use with -pu)
-iu <username>  : username for IMAP LOGIN (use with -ppw)
-ipw <password> : password for IMAP LOGIN (use with -pu)

---------------------- Miscellaneous RFC header switches ----------------------
-organization <organization>
                : Organization field (also -o and -org)
-ua             : include User-Agent header line instead of X-Mailer
-x <X-Header: detail>
                : custom 'X-' header.  eg: -x "X-INFO: Blat is Great!"
-noh            : prevent X-Mailer/User-Agent header from showing Blat homepage
-noh2           : prevent X-Mailer header entirely
-d              : request disposition notification
-r              : request return receipt
-charset <cs>   : user defined charset.  The default is ISO-8859-1
-a1 <header>    : add custom header line at the end of the regular headers
-a2 <header>    : same as -a1, for a second custom header line
-dsn <nsfd>     : use Delivery Status Notifications (RFC 3461)
                  n = never, s = successful, f = failure, d = delayed
                  can be used together, however N takes precedence
-hdrencb        : use base64 for encoding headers, if necessary
-hdrencq        : use quoted-printable for encoding headers, if necessary
-priority <pr>  : set message priority 0 for low, 1 for high
-sensitivity <s>   : set message sensitity 0 for personal, 1 for private,
                  2 for company-confidential

----------------------- Attachment and encoding options -----------------------
-attach <file>  : attach binary file(s) to message (filenames comma separated)
-attacht <file> : attach text file(s) to message (filenames comma separated)
-attachi <file> : attach text file(s) as INLINE (filenames comma separated)
-embed <file>   : embed file(s) in HTML.  Object tag in HTML must specify
                  content-id using cid: tag.  eg: <img src="cid:image.jpg">
-af <file>      : file containing list of binary file(s) to attach (comma
                  separated)
-atf <file>     : file containing list of text file(s) to attach (comma
                  separated)
-aef <file>     : file containing list of embed file(s) to attach (comma
                  separated)
-base64         : send binary files using base64 (binary MIME)
-uuencode       : send binary files UUEncoded
-enriched       : send an enriched text message (Content-Type=text/enriched)
-unicode        : message body is in 16- or 32-bit Unicode format
-html           : send an HTML message (Content-Type=text/html)
-alttext <text> : plain text for use as alternate text
-alttextf <file>: plain text file for use as alternate text
-mime           : MIME Quoted-Printable Content-Transfer-Encoding
-8bitmime       : ask for 8bit data support when sending MIME
-multipart <size>
                : send multipart messages, breaking attachments on <size>
                  KB boundaries, where <size> is per 1000 bytes
-nomps                : do not allow multipart messages

---------------------------- NNTP specific options ----------------------------
-groups <usenet groups>
                : list of newsgroups (comma separated)

-------------------------------- Other options --------------------------------
-xtndxmit       : Attempt to use POP3 to transmit when accessing POP3 first
-h              : displays this help (also -?, /?, -help or /help)
-q              : suppresses all output to the screen
-debug          : echoes server communications to a log file or screen
                  (overrides -q if echoes to the screen)
-log <file>     : log everything but usage to <file>
-timestamp      : when -log is used, a timestamp is added to each log line
-overwritelog   : when -log is used, overwrite the log file
-ti <n>         : set timeout to 'n' seconds.  Blat will wait 'n' seconds for
                  server responses
-try <n times>  : how many times blat should try to send (1 to 'INFINITE')
-binary         : do not convert ASCII | (pipe, 0x7c) to CrLf in the message
                  body
-hostname <hst> : select the hostname used to send the message via SMTP
                  this is typically your local machine name
-raw            : do not add CR/LF after headers
-delay <x>      : wait x seconds between messages being sent when used with
                  -maxnames or -multipart
-comment <char> : use this character to mark the start of commments in
                  options files and recipient list files.  The default is ;
-superdebug     : hex/ascii dump the data between Blat and the server
-superdebugT    : ascii dump the data between Blat and the server
-------------------------------------------------------------------------------

Note that if the '-i' option is used, <sender> is included in 'Reply-to:'
and 'Sender:' fields in the header of the message.

Optionally, the following options can be used instead of the -f and -i
options:

-mailfrom <addr>   The RFC 821 MAIL From: statement
-from <addr>       The RFC 822 From: statement
-replyto <addr>    The RFC 822 Reply-To: statement
-returnpath <addr> The RFC 822 Return-Path: statement
-sender <addr>     The RFC 822 Sender: statement

For backward consistency, the -f and -i options have precedence over these
RFC 822 defined options.  If both -f and -i options are omitted then the
RFC 821 MAIL FROM statement will be defaulted to use the installation-defined
default sender address.
}}}

cuzimlazier [[Robocopy Help]]
http://www.microsoft.com/technet/sysinternals/information/bootini.mspx

Boot INI Options Reference
Published: November 1, 2006
Introduction

There are number of BOOT.INI switches that are useful for driver developers that wish to test their drivers under a variety of different system configurations without having to have a separate machine for every one. For example, limiting the amount of memory NT sees can be useful for stressing memory loads, and limiting the number of processors for testing scalability. I've compiled a complete list of the options that BOOT.INI currently supports. This list is reproduced in the Startup, Shutdown and Crashes chapter of Windows Internals, where you'll find more information about the boot process. Entries in red were introduced in Windows 2000 and those in blue introduced in Windows XP or Windows Server 2003.

Note: to see what options a system has booted with examine HKLM\System\CurrentControlSet\Control\SystemStartOptions.
•	

/3GB
•	

Increases the size of the user process address space from 2 GB to 3 GB (and therefore reduces the size of system space from 2 GB to 1 GB). Giving virtual-memory- intensive applications such as database servers a larger address space can improve their performance. For an application to take advantage of this feature, however, two additional conditions must be met: the system must be running Windows XP, Windows Server 2003, Windows NT 4 Enterprise Edition, Windows 2000 Advanced Server or Datacenter Server and the application .exe must be flagged as a 3-GB-aware application. Applies to 32-bit systems only.
•	

/BASEVIDEO
•	

Causes Windows to use the standard VGA display driver for GUI-mode operations.
•	

/BAUDRATE=
•	

Enables kernel-mode debugging and specifies an override for the default baud rate (19200) at which a remote kernel debugger host will connect. Example: /BAUDRATE=115200.
•	

/BOOTLOG
•	

Causes Windows to write a log of the boot to the file %SystemRoot%\Ntbtlog.txt.
•	

/BOOTLOGO
•	

Use this switch to have Windows XP or Windows Server 2003 display an installable splash screen instead of the standard splash screen. First, create a 16-color (any 16 colors) 640x480 bitmap and save it in the Windows directory with the name Boot.bmp. Then add "/bootlogo /noguiboot" to the boot.ini selection.
•	

/BREAK
•	

Causes the hardware abstraction layer (HAL) to stop at a breakpoint at HAL initialization. The first thing the Windows kernel does when it initializes is to initialize the HAL, so this breakpoint is the earliest one possible. The HAL will wait indefinitely at the breakpoint until a kernel-debugger connection is made. If the switch is used without the /DEBUG switch, the system will Blue Screen with a STOP code of 0x00000078 (PHASE0_ EXCEPTION).
•	

/BURNMEMORY=
•	

Specifies an amount of memory Windows can't use (similar to the /MAXMEM switch). The value is specified in megabytes. Example: /BURNMEMORY=128 would indicate that Windows can't use 128 MB of the total physical memory on the machine.
•	

/CHANNEL=
•	

Used on conjunction with /DEBUGPORT=1394 to specify the IEEE 1394 channel through which kernel debugging communications will flow. This can be any number between 0 and 62 and defaults to 0 if not set.
•	

/CLKLVL
•	

Causes the standard x86 multiprocessor HAL (Halmps.dll) to configure itself for a level-sensitive system clock rather then an edge-triggered clock. Level-sensitive and edge-triggered are terms used to describe hardware interrupt types.
•	

/CMDCONS
•	

Passed when booting with into the Recovery Console (described later in this chapter).
•	

/CRASHDEBUG
•	

Causes the kernel debugger to be loaded when the system boots, but to remain inactive unless a crash occurs. This allows the serial port that the kernel debugger would use to be available for use by the system until the system crashes (vs. /DEBUG, which causes the kernel debugger to use the serial port for the life of the system session).
•	

/DEBUG
•	

Enables kernel-mode debugging.
•	

/DEBUGPORT=
•	

Enables kernel-mode debugging and specifies an override for the default serial (usually COM2 on systems with at least two serial ports) to which a remote kernel-debugger host is connected. Windows XP and Windows Server 2003 also support debugging through accept IEEE 1394 ports. Examples: /DEBUGPORT=COM2, /DEBUGPORT=1394.
•	

/EXECUTE
•	

This option disables no-execute protection. See the /NOEXECUTE switch for more information.
•	

/FASTDETECT
•	

Default boot option for Windows. Replaces the Windows NT 4 switch /NOSERIALMICE. The reason the qualifier exists (vs. just having NTDETECT perform this operation by default) is so that NTDETECT can support booting Windows NT 4. Windows Plug and Play device drivers perform detection of parallel and serial devices, but Windows NT 4 expects NTDETECT to perform the detection. Thus, specifying /FASTDETECT causes NTDETECT to skip parallel and serial device enumeration (actions that are not required when booting Windows), whereas omitting the switch causes NTDETECT to perform this enumeration (which is required for booting Windows NT 4).
•	

/INTAFFINITY
•	

Directs the standard x86 multiprocessor HAL (Halmps.dll) to set interrupt affinities such that only the highest numbered processor will receive interrupts. Without the switch, the HAL defaults to its normal behavior of letting all processors receive interrupts.
•	

/KERNEL=/HAL=
•	

Enable you to override Ntldr's default filename for the kernel image (Ntoskrnl.exe) and/or the HAL (Hal.dll). These options are useful for alternating between a checked kernel environment and a free (retail) kernel environment or even to manually select a different HAL. If you want to boot a checked environment that consists solely of the checked kernel and HAL, which is typically all that is needed to test drivers, follow these steps on a system installed with the free build:
•	

Copy the checked versions of the kernel images from the checked build CD to your \Windows\System32 directory, giving the images different names than the default. For example, if you're on a uniprocessor, copy Ntoskrnl.exe to Ntoschk.exe and Ntkrnlpa.exe to Ntoschkpa.exe. If you're on a multiprocessor, copy Ntkrnlmp.exe to Ntoschk.exe and Ntkrpamp.exe to Ntoschkpa.exe. The kernel filename must be an 8.3-style short name.
•	

Copy the checked version of the appropriate HAL needed for your system from \I386\Driver.cab on the checked build CD to your \Windows\System32 directory, naming it Halchk.dll. To determine which HAL to copy, open \Windows\Repair\Setup.log and search for Hal.dll; you'll find a line like \WINDOWS\system32\ hal.dll="halacpi.dll","1d8a1". The name immediately to the right of the equals sign is the name of the HAL you should copy. The HAL filename must be an 8.3-style short name.
•	

Make a copy of the default line in the system's Boot.ini file.
•	

In the string description of the boot selection, add something that indicates that the new selection will be for a checked build environment (for example, "Windows XP Professional Checked").
•	

Add the following to the end of the new selection's line: /KERNEL=NTOSCHK.EXE /HAL= HALCHK.DLL

Now when the selection menu appears during the boot process you can select the new entry to boot a checked environment or select the entry you were using to boot the free build.
•	

/LASTKNOWNGOOD
•	

Causes the system to boot as if the LastKnownGood boot option was selected.
•	

/MAXMEM=
•	

Limits Windows to ignore (not use) physical memory beyond the amount indicated. The number is interpreted in megabytes. Example: /MAXMEM=32 would limit the system to using the first 32 MB of physical memory even if more were present.
•	

/MAXPROCSPERCLUSTER=
•	

For the standard x86 multiprocessor HAL (Halmps.dll), forces cluster-mode Advanced Programmable Interrupt Controller (APIC) addressing (not supported on systems with an 82489DX external APIC interrupt controller).
•	

/MININT
•	

This option is used by Windows PE (Preinstallation Environment) and causes the Configuration Manager to load the Registry SYSTEM hive as a volatile hive such that changes made to it in memory are not saved back to the hive image.
•	

/NODEBUG
•	

Prevents kernel-mode debugging from being initialized. Overrides the specification of any of the three debug-related switches, /DEBUG, /DEBUGPORT, and /BAUDRATE.
•	

/NOEXECUTE
•	

This option is only available on 32-bit versions of Windows when running on processors supporting no-execute protection. It enables no-execute protection (also known as Data Execution Protection - DEP), which results in the Memory Manager marking pages containing data as no-execute so that they cannot be executed as code. This can be useful for preventing malicious code from exploiting buffer overflow bugs with unexpected program input in order to execute arbitrary code. No-execute protection is always enabled on 64-bit versions of Windows on processors that support no-execute protection. There are several options you can specify with this switch:
•	

/NOEXECUTE=OPTIN Enables DEP for core system images and those specified in the DEP configuration dialog.
•	

/NOEXECUTE=OPTOUT Enables DEP for all images except those specified in the DEP configuration dialog.
•	

/NOEXECUTE=ALWAYSON Enables DEP on all images.
•	

/NOEXECUTE=ALWAYSOFF Disables DEP.
•	

/NOGUIBOOT
•	

Instructs Windows not to initialize the VGA video driver responsible for presenting bitmapped graphics during the boot process. The driver is used to display boot progress information, so disabling it will disable the ability of Windows to show this information.
•	

/NOLOWMEM
•	

Requires that the /PAE switch be present and that the system have more than 4 GB of physical memory. If these conditions are met, the PAE-enabled version of the Windows kernel, Ntkrnlpa.exe, won't use the first 4 GB of physical memory. Instead, it will load all applications and device drivers, and allocate all memory pools, from above that boundary. This switch is useful only to test device driver compatibility with large memory systems.
•	

/NOPAE
•	

Forces Ntldr to load the non-Physical Address Extension (PAE) version of the Windows kernel, even if the system is detected as supporting x86 PAEs and has more than 4 GB of physical memory.
•	

/NOSERIALMICE=[COMx | COMx,y,z...]
•	

Obsolete Windows NT 4 qualifier-replaced by the absence of the /FASTDETECT switch. Disables serial mouse detection of the specified COM ports. This switch was used if you had a device other than a mouse attached to a serial port during the startup sequence. Using /NOSERIALMICE without specifying a COM port disables serial mouse detection on all COM ports. See Microsoft Knowledge Base article Q131976 for more information.
•	

/NUMPROC=
•	

Specifies the number of CPUs that can be used on a multiprocessor system. Example: /NUMPROC=2 on a four-way system will prevent Windows from using two of the four processors.
•	

/ONECPU
•	

Causes Windows to use only one CPU on a multiprocessor system.
•	

/PAE
•	

Causes Ntldr to load Ntkrnlpa.exe, which is the version of the x86 kernel that is able to take advantage of x86 PAEs. The PAE version of the kernel presents 64-bit physical addresses to device drivers, so this switch is helpful for testing device driver support for large memory systems.
•	

/PCILOCK
•	

Stops Windows from dynamically assigning IO/IRQ resources to PCI devices and leaves the devices configured by the BIOS. See Microsoft Knowledge Base article Q148501 for more information.
•	

/RDPATH=
•	

Specifies the path to a System Disk Image (SDI) file, which can be on the network, that the system will use to boot from. Often used in conjunction with the /RDIMAGEOFFSET= flag to indicate to NTLDR where in the file the system image starts.
•	

/REDIRECT
•	

Introduced with Windows XP. Used to cause Windows to enable Emergency Management Services (EMS) that reports boot information and accepts system management commands through a serial port. Specify serial port and baudrate used in conjunction with EMS with redirect= and redirectbaudrate= lines in the [boot loader] section of the Boot.ini file.
•	

/SAFEBOOT:
•	

Specifies options for a safe boot. You should never have to specify this option manually, since Ntldr specifies it for you when you use the F8 menu to perform a safe boot. (A safe boot is a boot in which Windows only loads drivers and services that are specified by name or group under the Minimal or Network registry keys under HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot.) Following the colon in the option you must specify one of three additional switches: MINIMAL, NETWORK, or DSREPAIR. The MINIMAL and NETWORK flags correspond to safe boot with no network and safe boot with network support, respectively. The DSREPAIR (Directory Services Repair) switch causes Windows to boot into a mode in which it restores the Active Directory directory service from a backup medium you present. An additional option you can append is (ALTERNATESHELL), which tells Windows to use the program specified by the HKLM\SYSTEM\CurrentControlSet\ SafeBoot\AlternateShell value as the graphical shell rather than to use the default, which is Windows Explorer.
•	

/SCSIORDINAL:
•	

Directs Windows to the SCSI ID of the controller. (Adding a new SCSI device to a system with an on-board SCSI controller can cause the controller's SCSI ID to change.) See Microsoft Knowledge Base article Q103625 for more information.
•	

/SDIBOOT=
•	

Used in Windows XP Embedded systems to have Windows boot from a RAM disk image stored in the specified System Disk Image (SDI) file.
•	

/SOS
•	

Causes Windows to list the device drivers marked to load at boot time and then to display the system version number (including the build number), amount of physical memory, and number of processors.
•	

/TIMERES=
•	

Sets the resolution of the system timer on the standard x86 multiprocessor HAL (Halmps.dll). The argument is a number interpreted in hundreds of nanoseconds, but the rate is set to the closest resolution the HAL supports that isn't larger than the one requested. The HAL supports the following resolutions: Hundreds of nanoseconds Milliseconds (ms) 9766 0.98 19532 2.00 39063 3.90 78125 7.80 The default resolution is 7.8 ms. The system timer resolution affects the resolution of waitable timers. Example: /TIMERES=21000 would set the timer to a resolution of 2.0 ms.
•	

/USERVA=
•	

This switch is only supported on Windows XP and Windows Server 2003. Like the /3GB switch, this switch gives applications a larger address space. Specify the amount in MB between 2048 and 3072. This switch has the same application requirements as the /3GB switch and requires that the /3GB switch be present. Applies to 32-bit systems only.
•	

/WIN95
•	

Directs Ntldr to boot the Consumer Windows boot sector stored in Bootsect.w40. This switch is pertinent only on a triple-boot system that has MS-DOS, Consumer Windows, and Windows installed. See Microsoft Knowledge Base article Q157992 for more information.
•	

/WIN95DOS
•	

Directs Ntldr to boot the MS-DOS boot sector stored in Bootsect.dos. This switch is pertinent only on a triple-boot system that has MS-DOS, Consumer Windows, and Windows installed. See Microsoft Knowledge Base article Q157992 for more information.
•	

/YEAR=
•	

Instructs the Windows core time function to ignore the year that the computer's real-time clock reports and instead use the one indicated. Thus, the year used in the switch affects every piece of software on the system, including the Windows kernel. Example: /YEAR=2001. (This switch was created to assist in Y2K testing.)

Thanks to Jonas Fischer for pointing out the PCILOCK and NOSERIALMICE switches. Thanks to Rob Green for information on the FASTDETECT switch.

Top of pageTop of page
bootcfg.exe

{{{
D:\>bootcfg.exe /?

BOOTCFG /parameter [arguments]

Description:
    This command line tool can be used to configure, query, change or
    delete the boot entry settings in the BOOT.INI file.

Parameter List:
    /Copy       Makes a copy of an existing boot entry [operating
                systems] section for which you can add OS options to.

    /Delete     Deletes an existing boot entry in the [operating
                systems] section of the BOOT.INI file. You must specify
                the entry# to delete.

    /Query      Displays the current boot entries and their settings.

    /Raw        Allows the user to specify any switch options to be
                added for a specified boot entry.

    /Timeout    Allows the user to change the Timeout value.

    /Default    Allows the user to change the Default boot entry.

    /EMS        Allows the user to configure the /redirect switch
                for headless support for a boot entry.

    /Debug      Allows the user to specify the port and baudrate for
                remote debugging for a specified boot entry.

    /Addsw      Allows the user to add predefined switches for
                a specific boot entry.

    /Rmsw       Allows the user to remove predefined switches for a
                specific boot entry.

    /Dbg1394    Allows the user to configure 1394 port debugging
                for a specified boot entry.

    /?          Displays this help/usage.

Examples:
    BOOTCFG /Copy /?
    BOOTCFG /Delete /?
    BOOTCFG /Query /?
    BOOTCFG /Raw /?
    BOOTCFG /Timeout /?
    BOOTCFG /EMS /?
    BOOTCFG /Debug /?
    BOOTCFG /Addsw /?
    BOOTCFG /Rmsw /?
    BOOTCFG /Dbg1394 /?
    BOOTCFG /Default /?
    BOOTCFG /?

D:\>
}}}
clear crypto ipsec sa

sh ipsec sa
main: http://www.boxbackup.org/

wiki: http://www.boxbackup.org/trac/wiki

server configuration: http://www.boxbackup.org/trac/wiki/ConfiguringAServer
!!!Installation
# Procure an nslu2
# Install [[debian]] on the nslu2
## [[Change the hostname|Change Hostname Debian]]
# Install boxbackup-server on the nslu2
## Add this line {{{deb http://www.backports.org/debian etch-backports main contrib non-free}}} to your /etc/apt/sources.list.
## Run {{{apt-get update}}}
## Install backports keyring {{{apt-get install debian-backports-keyring}}}
## All backports are deactivated by default. If you want to install something from backports run: {{{apt-get -t etch-backports install “package”}}}
## run {{{aptitude -t etch-backuports install boxbackup-server}}}
### [[Example install output|install-output]]
!!!Server Configuration
# Debian automatically creates the user {{{bbstored}}}
# Create initial keys and configuration
## Run {{{/usr/sbin/bbstored-config}}} 
## e.g. {{{/usr/sbin/bbstored-config /etc/boxbackup hostb.ath.cx bbstored}}}
## See [[bbstored-config output]]
# Initialize keys: {{{bbstored-certs}}}
### See [[bbstored-certs output]]
## [[Contents of /etc/boxbackup/ca|etc-boxbackup-ca]]
# Sign keys
## {{{bbstored-certs ca sign-server ./bbstored/boxbackup-server-cert-req.pem}}}
# Copy keys to /etc/boxbackup/bbstored/
## {{{hostb:/etc/boxbackup# cp ca/roots/clientCA.pem  ./bbstored/}}}
## {{{hostb:/etc/boxbackup# cp ca/servers/hostb-cert.pem ./bbstored/}}}
# Create backup locations
## Edit /etc/boxbackup/raidfile.conf
### [[default raidfile.conf|default-raidfile-conf]]
### [[example raidfile.conf|example-raidfile-conf]]
!!!Install client on client computer

 
!!!Links
backports from http://backports.org/dokuwiki/doku.php?id=instructions
target directory should be disk number as it shws in disk mgmt
*Control Node Object Manager > Tools > Options
*Screenshot: http://screencast.com/t/z75H1P3s

!!!Confirm current alias entries
;alishow ["pattern"][,mode]
:{{{ alishow "*xp*"}}}
{{{
fcs11:FID128:admin> alishow "*xp*"
 alias: xp_cl1a 50:06:0e:80:05:71:2a:00
 alias: xp_cl1b 50:06:0e:80:05:71:2a:01
 alias: xp_cl1e 50:06:0e:80:05:71:2a:04
 alias: xp_cl1f 50:06:0e:80:05:71:2a:05
 alias: xp_cl3a 50:06:0e:80:05:71:2a:20
 alias: xp_cl3b 50:06:0e:80:05:71:2a:21
 alias: xp_cl3e 50:06:0e:80:05:71:2a:24
 alias: xp_cl3f 50:06:0e:80:05:71:2a:25
fcs11:FID128:admin>
}}}
!!!Create new alias
;alicreate "aliName", "member[; member...]"
:{{{alicreate "toc_bh2_hba2_port1", "10:00:00:00:c9:98:73:5f"}}}
!!!Create zone
;zonecreate "zonename", "member[; member...]"
:{{{zonecreate "toc_bh2_hba2_port1_xp_cl3e", "toc_bh2_port1; xp_cl3e"}}}
!!!Add zone to config
;cfgadd "cfgName", "member[; member]"
:{{{cfgadd "Test_cfg", "greenzone; bluezone"
}}}
!!!Save config
{{{
cfgsave
}}}
!!!Enable config
{{{
cfgEnable "USA_cfg"
}}}






{{{
chassisshow
}}}
{{{
configupload
configdownload
}}}
;zoneremove "zonename", "zoneMemberList"
:{{{zoneRemove "Blue_zone", "array2"}}}
; cfgremove "cfgName, "member[; member...]"
:{{{ cfgRemove "Test_cfg", "bluezone"}}}

show tech: {{{supportshow}}}

shutdown: {{{sysshutdown}}}
full reboot with POST: {{{reboot}}}
reboot without POST: {{{fastboot}}}

when zoning, use device port wwn, not device node wwn.
device node wwn is like a parent of device port, if you zone to the device node, then all of the device ports are in that zone, lose control of the zoning.
{{{
nszonemember -a
}}}
{{{
porterrshow
}}}
{{{
fcs11:FID128:admin> help
aaaconfig                  Configure RADIUS for AAA services
ad                         Specifies all administration domain (AD)-level
                           operations
ag                         Configure the Access Gateway feature
agshow                     Displays the Access Gateway information registered
                           with the fabric
agtcfgdefault              Reset SNMP agent to factory default
aliadd                     Add a member to a zone alias
alicreate                  Create a zone alias
alidelete                  Delete a zone alias
aliremove                  Remove a member from a zone alias
alishow                    Print zone alias information
aptpolicy                  Get and set Advanced Performance Tuning policy
auditcfg                   Modifies and displays audit log filter
                           configuration.
auditdump                  Display audit log
authutil                   Get and set authentication configuration
backplanetest              Backplane connection test for multi-blade systems.
backport                   Test for back-end ASIC pair to ASIC pair links.
bannerset                  Set security banner
bannershow                 Display security banner
bcastshow                  Display broadcast routing information
bladebeacon                Enables or disables blade beaconing or displays the
                           current mode.
bladedisable               Disables all user ports on a blade.
bladeenable                Enables all User Ports on a blade.
bpportloopbacktest         Functional test of port via blade processor path.
bpturboramtest             MBIST test for AP blade BP ASICs
burninerrclear             Clear errors that are stored in the non-volatile
                           storage
burninerrshow              Display errors that are stored in the non-volatile
                           storage
burninstatus               Display the diagnostics burnin status.
camtest                    Verify QuickLoop's Content Addressable Memory
                           (CAM).SID translation
centralmemorytest          Test ASIC central memory operation.
cfgactvshow                Display Effective zone configuration information
cfgadd                     Add a member to a configuration
cfgclear                   Clear all zone configurations
cfgcreate                  Create a zone configuration
cfgdelete                  Delete a zone configuration
cfgdisable                 Disable a zone configuration
cfgenable                  Enable a zone configuration
cfgmcdtmode                Configure legacy MCDT zoning behavior
cfgremove                  Remove a member from a configuration
cfgsave                    Save zone configurations in flash
cfgsaveactivetodefined     Moves the effective configuration to the defined
                           configuration
cfgshow                    Print zone configuration information
cfgsize                    Print size details of zone database
cfgtransabort              Abort zone configuration transaction
cfgtransshow               Print zone configurations in transaction buffer
chassisbeacon              Set chassis beacon on or off
chassisconfig              Display or set the chassis configuration
chassisdisable             Disable all ports in chassis
chassisenable              Enable all ports in chassis
chassisname                Display or set the chassis's Name
chassisshow                Display all Field Replaceable Units (FRU)
chipregshow                Displays the port registers for a given chip
                           number.
clihistory                 Displays a log of most recently executed CLI
                           commands
cmemretentiontest          Data retention test of the central memory SRAMs.
cmitest                    Verify CMI bus between ASICs.
configdefault              Reset config to factory default
configdownload             Load switch config from a server
configlist                 List the stored config files
configremove               Remove a stored config file
configshow                 Print switch config parameters
configupload               Save switch config to a server
configure                  Set logical switch config parameters
configurechassis           Set chassis config parameters
cryptocfg                  Configure encryption node functions
datatypeshow               Display available diagnostic data types.
date                       Print/set the system date and time
dbgshow                    Display debug levels of various modules
defzone                    Activates or deactivates a default zone
                           configuration.
diagclearerror             Clears diagnostics failure status.
diagcommandshow            Display diagnostic command descriptions.
diagdisablepost            Disable diagnostic POST.
diagenablepost             Enable diagnostic POST.
diagenv                    Diagnostic debug parameters management package.
diaghelp                   Display diagnostic command descriptions.
diagloopid                 Select the diagnostics loop ID.
diagmodeshow               Displays diagnostic mode configuration.
diagpost                   Displays the contents of port registers and
                           memories.
diagretry                  Sets diagnostic retry mode
diagsetburnin              Initializes the blade for a burnin run.
diagsetcycle               Set diagnostic script parameters.
diagsetesdmode             Set or display ESD mode.
diagsetshowtime            Set or display diagnostic show-time mode.
diagshow                   Display diagnostic status.
diagshowtime               Set or display diagnostic show-time mode.
diagstatus                 Display currently running diagnostic tests.
diagstopburnin             Terminate burnin run on a blade.
distribute                 Distributes data to switches in a fabric.
dlsreset                   Turn off the dynamic load sharing (DLS) option
dlsset                     Turn on the dynamic load sharing (DLS) option
dlsshow                    Display the state of the dynamic load sharing
                           option
dnsconfig                  Configure DNS service
enclosureshow              Display the switch enclosure attributes
errclear                   Clear error log
errdelimiterset            Sets the error log start and end delimiter for
                           messages sent to the console and syslog
errdump                    Print error log (no page breaks)
errfilterset               Sets a filter for an error log destination
errmoduleshow              Displays all the defined modules in the system
errshow                    Print error log
fabportshow                Display contents of a particular port's data
fabretryshow               Display retry count of various fabric commands
fabriclog                  Displays or manipulates the fabric log
fabricprincipal            Configure Principal Switch Selection mode
fabricshow                 Print fabric membership info
fabstateclear              Clears the fabric state information
fabstateresize             Changes the number of state entries
fabstateshow               Displays the fabric state information
fabstatsshow               Displays the fabric statistics information
fabswitchshow              Display fabric switch state information
fandisable                 Disables a fan unit.
fanenable                  Enables a fan unit.
fanshow                    Print fan status
fastboot                   Reboot this switch and bypass POST
fastwritecfg               Configure FC fastwrite feature
fcipchiptest               Functional Test of Components in FCIP Complex.
fciphelp                   Print FCIP help info
fcippathtest               Data Path Test of the FCIP complex.
fcping                     Sends a FC ELS ECHO request to a port
fcplogclear                Clear the FCP log
fcplogdisable              Disable logging of FCP events
fcplogenable               Enable logging of FCP events
fcplogshow                 Display FCP probing log information
fcpprobeshow               Display FCP probing information
fcprlsshow                 Display FCP RLS (read link state) information
fcrbcastconfig             Configure interfabric broadcast frame forwarding
fcrchiptest                Functional Test of FCR FPGA.
fcrconfigure               Sets FC Router configuration parameters.
fcrfabricshow              Displays FC Routers on a backbone fabric.
fcrlsan                    Configure LSAN policies
fcrlsancount               Display maximum LSAN zone limit.
fcrlsanmatrix              Manage LSAN fabric matrix configuration.
fcrpathtest                Data Path Test on Connection between FCR FPGA and
                           Central ASIC.
fcrphydevshow              Displays FC Router physical device information.
fcrproxyconfig             Displays or configures proxy devices presented by
                           an FC Router.
fcrproxydevshow            Displays FC Router proxy device information.
fcrresourceshow            Displays FC Router physical resource usage.
fcrrouterportcost          Modify FC Router port cost configuration.
fcrrouteshow               Displays FC Router route information.
fcrxlateconfig             Displays or persistently configures a translate
                           (xlate) domain's domain ID for both
                           EX_Port-attached fabric and backbone fabric.
fddcfg                     fddcfg manages the fabric data distribution
                           configuration parameters.
fdmicacheshow              Display abbreviated remote FDMI device information
                           according to remote domain ID
fdmishow                   Display detailed FDMI device information
ficonclear                 Clears contents of the specified FICON management
                           database
ficoncupset                Sets FICON-CUP parameters for a switch
ficoncupshow               Displays FICON-CUP parameters for a switch
ficonhelp                  Displays FICON commands
ficonshow                  Displays contents of the specified FICON management
                           database
filtertest                 Run frame filter test for bloom ASICs.
fipscfg                    Configure FIPS mode operation
firmwarecommit             Commit firmware to stable storage
firmwaredownload           Download firmware into switch
firmwaredownloadstatus     Display the progress and status of firmwareDownload
firmwarekeyshow            Manage the keys used to check firmware signatures
firmwarekeyupdate          Manage the keys used to check firmware signatures
firmwarerestore            Restore the old firmware in the switch
firmwareshow               Display firmware versions in the switch
fosconfig                  Enable/disable FabOS services
fosexec                    Invoke command in alternate VF context
fporttest                  Functional test of F->N N->F point to point path.
framerpathtest             Tests data path between ASICs
frureplace                 Replace a Field Replacable Unit
fspfshow                   Print FSPF global information
fwalarmsfilterset          Configure alarms filtering for Fabric Watch
fwalarmsfiltershow         Show alarms filtering for Fabric Watch
fwclassinit                Initialize all Fabric Watch classes
fwconfigreload             Reload Fabric Watch configuration
fwconfigure                Configure Fabric Watch
fwfrucfg                   Configure FRU state and notification
fwhelp                     Print Fabric Watch help info
fwmailcfg                  Configure Fabric Watch Email Alert
fwportdetailshow           Create a report with detailed port information
fwsamshow                  Show availability monitor information
fwset                      Set port persistence time
fwsettocustom              Set boundary & alarm level to custom
fwsettodefault             Set boundary & alarm level to default
fwshow                     Show thresholds monitored and port persistence time
grep                       Linux grep command
h                          Print shell history
hadisable                  Disables the High Availability feature in the
                           switch.
hadump                     Displays information about the status of the High
                           Availability feature in the switch.
haenable                   Enables the High Availability feature in the switch
hafailover                 Forces the failover mechanism so that the Standby
                           Control Processor (CP)becomes the Active CP.
hashow                     Displays control processor (CP) status
hasyncstart                Enables HA state synchronization.
hasyncstop                 Disables the HA state synchronization.
help                       Print this list
historylastshow            Displays last history record
historymode                Display or set the mode of the history log
historyshow                Displays entire history log
httpcfgshow                Used to show the version of the Java plug-in used
                           by the Webtools
i                          Display process summary
iclcfg                     Configure ICL state
ifmodeset                  Set the link operating mode for a network interface
ifmodeshow                 Display the link operating mode for a network
                           interface
interfaceshow              Display the FSPF (TM) interface information
interopmode                Displays/enables/disables Brocade switch
                           interoperability with switches from other
                           manufacturers
ioddelayreset              Configure in-order-delivery (IOD) delay parameter
ioddelayset                Configure in-order-delivery (IOD) delay parameter
ioddelayshow               Configure in-order-delivery (IOD) delay parameter
iodreset                   Turn off the in-order delivery (IOD) option
iodset                     Manage the in-order delivery (IOD) option
iodshow                    Display the state of the in-order delivery option
ipaddrset                  Set ethernet and FC IP addresses
ipaddrshow                 Print ethernet and FC IP addresses
ipfilter                   Manage/display IP filters
ipsecconfig                Configure IPSec feature
iscsihelp                  Print iSCSI help info
islshow                    Display the current connections and status
killtelnet                 Terminate telnet/serial login sessions
                           interactively
ldapcfg                    Configure LDAP role mapping
ledtest                    Cycle system LEDs.
lfcfg                      Configure logical fabrics
lfexec                     Invoke command in alternate VF context
licenseadd                 Adds license keys to switch
licensehelp                Print license help info
licenseidshow              Displays the system license ID
licenseport                Configure per-port POD license assignments
licenseremove              Removes a license key from this system
licenseshow                Displays current license keys
linkcost                   Set or print the FSPF cost of a link
login                      Login as a new user
logout                     Logout from remote session
loopporttest               Functional test of L-port M->M path on a loop.
lscfg                      Configure logical switches
lsdbshow                   Displays the FSPF link state database
memshow                    Display memory usage in the system.
minispropshow              Displays ASIC pair properties.
more                       Linux more command
mscapabilityshow           Display Management Server Capability.
msconfigure                Configure Management Server
msplatshow                 Display the Management Server Platform Database
msplatshowdbcb             Display the Management Server Database Control
                           Block
msplcleardb                Clear the Management Server Platform Database
                           fabric-wide
msplmgmtactivate           Activate the Management Server Platform Database
                           fabric-wide
msplmgmtdeactivate         Deactivate the Management Server Platform Database
                           fabric-wide
mstddisable                Disables the Management Server Topology Discovery
                           Management Service
mstdenable                 Enables the Management Server Topology Discovery
                           Management Service
mstdreadconfig             Display status of Management Server Topology
                           Discovery Service
myid                       Display the current login session details
nbrstateshow               Display FSPF (TM) neighbors' states
nbrstatsclear              Reset the FSPF (TM) interface counters
netstat                    Display network connections and statistics
nodefind                   Display all the devices' PID matching the given
                           world wide name
nsaliasshow                Display local Name Server information with Aliases
nsallshow                  Print global Name Server information
nscamshow                  Print local Name Server Cache information
nsshow                     Print local Name Server information information
nszonemember               Display the information of all the online devices
                           which are zoned with the given device.
opensource                 Display information on open source software
                           utilized in FabOS
passwd                     Set usernames and passwords
passwdcfg                  passwdcfg manages the password policies.
pathinfo                   Display routing information between two ports
pdshow                     Show information from Panic Dump file
perfaddeemonitor           Add end-to-end monitor
perfaddipmonitor           Add monitor for IP trafic frame count
perfaddreadmonitor         Add filter-based monitor - SCSI Read
perfaddrwmonitor           Add monitor - SCSI Read and Write
perfaddscsimonitor         Add monitor for SCSI frame count
perfaddusermonitor         Add filter-based monitor
perfaddwritemonitor        Add filter-based monitor - SCSI Write
perfcfgclear               Clear Performance settings from FLASH
perfcfgrestore             Restore Performance configuration from FLASH
perfcfgsave                Save Performance configuration to FLASH
perfclearalpacrc           Clears the CRC error count associated with a port
                           and Arbitrated Loop Physical Address (AL_PA).
perfcleareemonitor         Clears statistics counters of one or more
                           end-to-end performance monitors.
perfclearfiltermonitor     Clears counters of one or more filter-based
                           performance monitors.
perfdeleemonitor           Delete end-to-end monitor
perfdelfiltermonitor       Delete filter-based monitor
perfhelp                   Print Performance Monitoring help info
perfmonitorclear           Clear end-to-end/filter-based/ISL monitors
perfmonitorshow            Show end-to-end/filter-based/ISL monitors
perfsetporteemask          Set overall mask for end-to-end monitors
perfshowalpacrc            Get ALPA CRC count by port and ALPA
perfshoweemonitor          Show user-defined end-to-end monitors
perfshowfiltermonitor      Show filter-based monitors
perfshowporteemask         Show the current end-to-end mask
perfttmon                  Configure bandwidth usage monitor
ping                       Display the link operating mode for a network
                           interface
ping6                      Display the link operating mode for a network
                           interface
pkicreate                  Creates public key infrastructure (PKI) objects
pkiremove                  Removes existing public key infrastructure (PKI)
                           objects
pkishow                    Displays existing public key infrastructure (PKI)
                           objects
policy                     Configure IPSec encryption and authentication
                           algorithms
portaddress                Configure low 16 bits of Fibre Channel Porrt ID
portalpashow               Show the ALPAs of a port
portbuffershow             Print the buffer allocations for the ports of a
                           quad
portcamshow                Display filter utilization
portcfg                    Create/Delete a new ip interface/route/arp entry on
                           the GigE port
portcfgalpa                Set AL_PA to 0x0 (default) or 0x13
portcfgautodisable         Configure auto disable
portcfgcreditrecovery      Configure credit recovery
portcfgdefault             Restore the port configuration to defaults
portcfgeport               Enable/Disable a port from becoming E_Port
portcfgexport              Sets a port to be an EX_Port and sets and displays
                           EX_Port configuration parameters.
portcfgfillword            Configure a port to a particular fill word
portcfgfportbuffers        Configure F_Port buffers
portcfggport               Lock a port as a G_Port
portcfgislmode             Configure a port to be ISL R_RDY Mode
                           enabled/disabled
portcfglongdistance        Configure a Long Distance Port
portcfglosstov             Configure frontend port signal debounce
portcfglport               Lock a port as a L_Port
portcfgnpivport            Enables and disables NPIV functionality on a port.
portcfgnport               Enable/disable N_Port capability for a port
portcfgpersistentdisable   Persistently disable a port
portcfgpersistentenable    Enable a persistently disabled port
portcfgqos                 Configure QoS feature
portcfgshow                Displays port configuration settings.
portcfgspeed               Configure a port to a particular speed level
portcfgtrunkport           Configure a port for trunking
portcfgvexport             Sets a port to be an VEX_Port connected to FC-IP
                           and sets and displays VEX_Port configuration
                           parameters.
portcmd                    Execute commands (ping etc) on the GigE port
portdebug                  Set debug level and verbosity level of port modules
portdisable                Disable a specified port
portenable                 Enable a specified port
porterrshow                Print port error summary
portflagsshow              Display the port status bitmaps of all ports in a
                           switch
portledtest                Cycle user port LEDs.
portlogclear               Clear port activity log
portlogconfigshow          Display portlog configuration
portlogdisable             Disable portlog facility
portlogdump                Print port log (no page breaks)
portlogdumpport            Print port log (no page breaks)
portlogenable              Enables port log facility
portlogeventshow           Display information about port log events
portloginshow              Display port login information
portlogpdisc               Set or clear the debug_pdisc_flag
portlogreset               Enable portlog facility
portlogresize              Resize the port log
portlogshow                Print port activity log
portlogshowport            Print port activity log
portlogtypedisable         Disable port logging
portlogtypeenable          Enable port logging
portloopbacktest           Functional test of port N->N path.
portmirror                 Set a port's configuration to be disabled or
                           enabled
portname                   Assign or display the name associated with a port
portperfshow               Print port throughput numbers
portregtest                Write/read test of the ASIC SRAMs portregtest.
portrouteshow              Display various routing tables for a port
portshow                   Show configured ip interfaces/routes/arp entries on
                           the GigE Port
portstats64show            Display the 64-bit hardware statistics for a port
portstatsclear             Clear the status of a specified switch port
portstatsshow              Print hardware statistics
portswap                   Swaps area numbers
portswapdisable            Disable portswap feature
portswapenable             Enable portswap feature
portswapshow               Display port and area information
porttest                   Functional test on a live fabric. Starts porttest.
porttestshow               Retreive information from porttest.
porttrunkarea              Configure area trunking
portzoneshow               Displays the enforced zone type of the F/FL-ports
                           of a switch.
powerofflistset            sets slot power off list order
powerofflistshow           Displays slot power-off order.
psshow                     Print power supply status
quietmode                  Displays/enables/disables quietmode on telnet
                           session
reboot                     Reboot this processor
routehelp                  Print routing help info
saschiptest                Functional Test of Components in SAS Complex.
saspathtest                Data Path Test of the SAS complex.
secactivesize              Displays size of the active (security) database
secauthsecret              Creates/Manages DHCHAP secret key details
seccertutil                Creates/Manages/Displays third party PKI
                           certificates
secdefinesize              Displays size of the defined (security) database
secglobalshow              Displays current internal security state
                           information
sechelp                    Displays information about security commands
secpolicyabort             Aborts changes to defined policy
secpolicyactivate          Activates all policy sets
secpolicyadd               Adds members to an existing policy
secpolicycreate            Creates a new policy
secpolicydelete            Deletes an existing policy
secpolicydump              Displays all members of existing policies
secpolicyfcsmove           Moves a member in the FCS policy
secpolicyremove            Removes members from an existing policy
secpolicysave              Saves defined policy set and sends to all switches
secpolicyshow              Shows members of one or more policies
secstatsreset              Resets security statistics
secstatsshow               Displays security statistics
sensorshow                 Display sensor readings
setdbg                     Set debug level of the specified module
setesdmode                 Set or display ESD mode.
setmfgmode                 Set or display diagnostic MFG mode.
setmodem                   Enables or disables modem login to a control
                           processor (CP)
setsplbmode                Set or display SPLB mode.
setverbose                 Set verbosity level of the specified module
sfpshow                    Print Serial ID SFP information
shellflowcontroldisable    Disable xon-xoff flow control on console serial
                           port
shellflowcontrolenable     Enable xon-xoff flow control on console serial port
slotpoweroff               Removes power from a slot.
slotpoweron                Restores power to a slot.
slotshow                   Displays the status of all slots in the system.
sltest                     Serial link test of port N->N path.
snmpconfig                 Configure SNMP
snmpmibcapset              Set options for configuring SNMP Mib/Trap
                           Capability
snmpmibcapshow             Show SNMP Mib/Trap Configuration
spinfab                    Functional test of switch to switch ISL cabling and
                           trunk group operation.
spinjitter                 line-speed jitter measurement
spinsilk                   Functional test of internal and external transmit
                           and receive paths at full speed
sramretentiontest          Data retention test of the miscellaneous SRAMs in
                           ASIC.
sshutil                    Configure SSH authentication options
statsclear                 Clear port and diagnostic statistics.
statstest                  Statistics counter test for the ASICs.
stopporttest               Terminate the running porttest.
supportffdc                Modifies or displays first-failure data capture
                           (FFDC) configuration.
supportftp                 set support Ftp parameters
supportsave                retrieve support data from switch to host
supportshow                Prints switch information for debugging purposes.
supportshowcfgdisable      Disables a group of commands under supportshow
                           command.
supportshowcfgenable       Enables a group of commands under supportshow
                           command.
supportshowcfgshow         Displays the groups of commands enabled for
                           display. by the supportshow command.
switchbeacon               Set switch beacon on or off
switchcfgpersistentdisable Persistently disable a switch
switchcfgpersistentenable  Enable a persistently disabled switch
switchcfgspeed             Configures all ports of the switch to a particular
                           speed level
switchcfgtrunk             Configure all ports on the switch for trunking
switchdisable              Disable this switch
switchenable               Enable this switch
switchname                 Print/set this switch's name
switchshow                 Print switch and port status
switchstatuspolicyset      Set policy parameters for overall switch status
switchstatuspolicyshow     Print policy parameters for overall switch status
switchstatusshow           Print overall switch status
switchuptime               Display the amount of time for which the switch is
                           up
switchviolation            Display policy violations recorded in RAS log
syslogdfacility            Change the syslog facility
syslogdipadd               Add syslog daemon IP address
syslogdipremove            Remove syslog daemon IP address
syslogdipshow              Print the syslog daemon targets
sysshutdown                Provides a graceful shutdown to protect the switch
                           file systems.
systemverification         Run a suit of diagnostic tests on all switches in a
                           system.
tempshow                   Print temperature readings
timeout                    Set/show the IDLE timeout value for a login session
topologyshow               Display the unicast fabric topology
tracedump                  generate/remove trace dump or display trace dump
                           status
traceftp                   enable/disable trace auto-FTP or transfer trace
                           dump
trackchangeshelp           Print Track Changes help info
trackchangesset            Configure alert for login/logout/config update
trackchangesshow           Displays status of track changes
trunkdebug                 Debug a trunk link failure
trunkshow                  Display trunking information
tsclockserver              Displays or sets the NTP server address
tstimezone                 Displays or sets the time zone
turboramtest               Turbo SRAM test for bloom ASICs.
txdpath                    Functional test of ASIC pair TXA TXD connections.
uptime                     Print how long switch has been up
urouteconfig               Configure a static route
urouteremove               Remove a static route
urouteshow                 Display unicast routing information
usbstorage                 Manage USB storage device (available on Brocade
                           Data Center Director only).
userconfig                 Display or configure user accounts
userrename                 Rename user login name
version                    Print firmware version
wwn                        Display or set the world wide name
zone                       Configure zone objects
zoneadd                    Add a member to a zone
zonecreate                 Create a zone
zonedelete                 Delete a zone
zonehelp                   Print zoning help info
zoneobjectcopy             Copies a zone object
zoneobjectexpunge          Expunges a zone object
zoneobjectrename           Rename a zoning Object
zoneremove                 Remove a member from a zone
zoneshow                   Print zone information
}}}
CPE: customer premise equipment
{{{(FileSizeMegabyte*8Megabits/Megabyte)/(TransferSpeedMegabit/Second)/(60Seconds)=TransferTimeMinutes}}}

Does not take into account overhead (TCP/IP or VPN or other).
{{{
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}]
@="Computer"
"InfoTip"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,\
  6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\
  00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,\
  2d,00,32,00,32,00,39,00,31,00,33,00,00,00
"LocalizedString.orig"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,\
  52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,\
  00,32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,\
  6c,00,2c,00,2d,00,39,00,32,00,31,00,36,00,00,00
"LocalizedString"=hex(2):25,00,63,00,6f,00,6d,00,70,00,75,00,74,00,65,00,72,00,\
  6e,00,61,00,6d,00,65,00,25,00,3a,00,3a,00,25,00,75,00,73,00,65,00,72,00,6e,\
  00,61,00,6d,00,65,00,25,00,20,00,00,00
}}}
edit /etc/hostname
edit /etc/hosts
{{{
Control A      Goes to the beginning of the line
Control E      Goes to the end of the line
Control K      Deletes everything to the right of the cursor
Control P      Recalls the previous command in the history buffer
Control N      Recalls the next command in the history buffer
}}}
From http://blogs.techrepublic.com.com/networking/?p=569
by David Davis 

{{{
Why do you need to secure your router with passwords?

The question you might ask is: Doesn’t the router already have default passwords? The answer is NO, it doesn’t. There is no automatic password defense that comes with your router.

As a Cisco admin, this should be taken very seriously. It is so important and so easy to set up passwords.

First, let’s discuss the different modes of the Cisco IOS. They are set up in a hierarchical manner, which means that the deeper the access, the more privilege you have and, hopefully, the more passwords you have set up for each level. For additional information on security for your router, please see another of my TechRepublic articles, “Fundamentals: Five Ways to Secure Your Cisco Routers and Switches.”
What are the three modes of the Cisco IOS?

Before I can tell you how to secure your router with passwords, I need to first make sure you know the three modes of the Cisco IOS. They are:

User: In User mode, basic interface information on the router is displayed. Well-known Cisco CCNA author, Todd Lammle, once called the user mode “useless mode” because no configuration changes can be made, nor can you view anything important at this level. It is also called user exec mode.

Privileged: Sometimes called the privileged exec (or just priv mode), configuration views and changes are made at this level. In my opinion, this is the first point at which it is absolutely critical to have a password set (although you should have password access even at user mode). To move from user mode to priv mode, you just type enable while in user exec mode and press [Enter]:

Router> enable

Router#

Global Configuration: From the exec priv mode, we can now access the global configuration mode. This is where you would make changes that would affect your whole router, including configuration changes. You will need to step in a little deeper in the router’s commands to make changes to your configuration.

Here’s an example of how to access that mode:

Router# configure terminal

Router(config)#

Note: you can also just type conf t.
How to configure the five main passwords of the Cisco IOS

The five main passwords of the Cisco IOS are:

    * Console
    * Aux
    * VTY
    * Enable password
    * Enable secret

Console

If you have no password set on the router’s console, by default, you can access user mode (and then on to the other modes if no passwords are set there either). The console port is where you would initially start to configure a new router. It is critical to set a password on the console port of the router to protect someone from physically walking up to the router, connecting, and gaining access to user mode (and, potentially, much more).

Because there is only one console port per router, you would use the command line console 0 in global configuration mode, and then use the login and password commands to finish up the configuration. The command, login, tells the router to look under the console line configuration for the password. The command, password, sets the actual password.

Here is what it looks like:

Router# config t

Router(config)# line console 0

Router(config-line)# password SecR3t!pass

Router(config-line)# login

Note: Complex passwords are important to keep someone from guessing your password.
Aux

This is short for auxiliary port. This is also a physical access port on the router. Not all routers have this port. As the aux port is a backup configuration port for the console, it is equally important to configure a password on it.

Router# config t

Router(config)# line aux 0

Router(config-line)#password SecR3t!pass

Router(config-line)# login

VTY

The “virtual tty” line is not a physical connection, but a virtual connection. You would use this line to Telnet or SSH into the router (for SSH configuration, see my article “Configure SSH on Your Cisco Router“). Of course, you would need to have an active LAN or WAN interface set up on your router for Telnet to work. As different routers and switches can have a different number of vty ports, you should see how many you have before you configure them. To do this, just type line ? in privileged mode.

Here’s an example of configuring vty lines:

Router# config t

Router(config)# line vty 0 4

Router(config-line)# password SecR3t!pass

Router(config-line)# login

Enable password

The enable password prevents someone from getting full access to your router. The enable command is actually used to change between different security levels on the router (there are 0-15 levels of security). However, it is typically used to go from user mode (level 1) to privileged mode (level 15). In fact, if you are at user mode and you just type enable, it assumes you want to go to privileged mode.

To set a password to control access from user mode to privileged mode, go to the global configuration mode and use the enable password command, like this:

Router# config t

Router(config)# enable password SecR3t!enable

Router(config)# exit

The downside of the enable password is that it can be easily unencrypted by someone, and that is why you should use enable secret instead.
Enable secret

The enable secret password has the same function as the enable password, but with enable secret, the password is stored in a much stronger form of encryption:

Router(config)# enable secret SecR3t!enable

Conclusion

I’ve introduced you to the different modes of the Cisco IOS and the five different types of passwords you need to set to ensure that your Cisco router or switch is secure. Remember that, many times, entire networks can be brought down due to the lack of simple password security. Make sure that your Cisco router and switch passwords are set properly.
}}}
Hi Marc,

For version 7.x you may collect tunnel info w/
show vpn-sessiondb detail remote

The command to clear one tunnel at a time is:
clear ipsec sa peer <remote_public_ip>
This will not affect or break all other tunnel's running simultaneouly on your pix.

I'm not aware of any command doing this in previous ver. (except clear isakmp sa/clear ipsec sa that you have mentionned earlier).

HTH
Mike
To remove the entire access list, use the clear configure access-list command.
/***
|Name:|CloseOnCancelPlugin|
|Description:|Closes the tiddler if you click new tiddler then cancel. Default behaviour is to leave it open|
|Version:|3.0.1 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#CloseOnCancelPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{
merge(config.commands.cancelTiddler,{

	handler_mptw_orig_closeUnsaved: config.commands.cancelTiddler.handler,

	handler: function(event,src,title) {
		this.handler_mptw_orig_closeUnsaved(event,src,title);
		if (!store.tiddlerExists(title) && !store.isShadowTiddler(title))
			story.closeTiddler(title,true);
	 	return false;
	}

});

//}}}
Name: MptwGreen
Background: #fff
Foreground: #000
PrimaryPale: #9b9
PrimaryLight: #385
PrimaryMid: #031
PrimaryDark: #020
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
This doesn't work on a stand-alone server.


How to Rename a Computer
1.	Install Windows Server 2003 Support Tools from the Support\Tools folder on the Windows Server 2003 CD-ROM. (To do this, right-click the Suptools.msi file in the Support\Tools folder, and then click Install.)
2.	At a command prompt, type the following command.NOTE: The following command line has been wrapped to multiple lines to make it easier to read. Enter the command as a single line.
netdom renamecomputer Computername /newname:new_computername
/userd:domain\UserName /passwordd:password |* /usero:UserName
/passwordo:password |* /force /reboot:Time in seconds
The following is a description of this command line:

•	Computername: The current name of the computer to be renamed.

•	New_computername: The name that the computer will be renamed to. Both the Domain Name System (DNS) host label and the NetBIOS name are changed to the new name. If the new name is longer than 15 characters, the NetBIOS name is derived from the first 15 characters.

•	/userd:Domain\UserName: The user account to be used for the destination domain. This account is used to make the connection with the domain to which the computer is joined. This parameter is required, and if no domain is specified, the computer's domain is assumed.

•	/usero:UserName: A user account to be used for the originating domain that has local administrative permissions (this can be the same account specified for /userd:). This account is used to make the connection with the computer to be renamed. If omitted, the currently logged on user's account is used. The user's domain can be specified as "/uo:domain\user". If the domain is omitted, a local computer account is assumed.

•	/passwordd: password: The password of the user account specified by /userd.

•	/passwordo: password: The password of the user account specified by /usero.

The asterisk symbol (*): A value that can be connected to either /passwordd or /passwordo and which indicates to prompt for the password.

•	force: This command can adversely affect some services running on the computer. The user will be prompted for confirmation unless the /force switch is specified.

•	Reboot: This specifies that the computer should be shut down and automatically restarted after the rename operation is completed. The number of seconds before automatic shutdown can also be provided. The default is 30 seconds. If this parameter is not specified, the computer must be restarted manually.
For example, assume that you have a workstation named "Mycomputer" that is a member of a domain named "Mydomain." You want to change the workstation name to "Yourcomputer," and then automatically restart the workstation after 60 seconds. You can use the following command.

NOTE: The following command-line syntax has been wrapped to multiple lines to make it easier to read. You must enter the command as a single line.
netdom renamecomputer mycomputer /newname:yourcomputer
/userD:mydomain\administrator /passwordd:*
/usero:administrator /passwordo:* /reboot:60
The following warning message may be displayed and you may be prompted about whether or not you want to continue:
This operation will rename the computer "Mycomputer" to "Yourcomputer". Certain services, such as certification authority, rely on a fixed computer name. If any services of this type are running on "Mycomputer", a computer name change would have an adverse impact.
If you do not want to be prompted to continue, include the /force switch when you enter the netdom command in addition to the other parameters.


http://support.microsoft.com/kb/325354
//{{{
config.options.chkHttpReadOnly = false; // means web visitors can experiment with your site by clicking edit
config.options.chkInsertTabs = true;    // tab inserts a tab when editing a tiddler
config.views.wikified.defaultText = ""; // don't need message when a tiddler doesn't exist
config.views.editor.defaultText = "";   // don't need message when creating a new tiddler 
//}}}
#Enable "Use Directory Default Schema"
#Enter value for "Directory Server Address"
#Enter value for "Directory User Context 1"
##This should be the DN (distinguished name) of the OU that holds the accounts that are going to authenticate. You can find the DN via dsquery [[Determine Distinguished Name from Command Line]]
#Click on "Apply Settings" button
#Click on "Administer Groups" button
#Select the group "Administrators"
#Click on "View/Modify" button
##Select the "Allowed" button for all options
##Enter in the DN of the security group that the accounts must be a member of in order to authenticate.
!!!Links
http://www.dynamicnetworks.us/netflow/index.html
http://www.velocityreviews.com/forums/t33339-stopping-traceroute.html
{{{echo %date:~-4,4%%date:~-7,2%%date:~10,2%-%time:~0,2%%time:~3,2%}}}

{{{
C:\>echo %date:~-4,4%%date:~-7,2%%date:~10,2%-%time:~0,2%%time:~3,2%
20102820-1545
}}}
add a tilde before the word:
output:
DeWikiFy
~DeWikify
code:
{{{
DeWikiFy
~DeWikify
}}}
[[127.0.0.1]]
#open cmd
#cd to path
#drop to 16bit command.com {{{command}}}
#copy and paste

{{{
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.

C:\WINDOWS\system32>cd \progra*

C:\Program Files>cd hew*

C:\Program Files\Hewlett-Packard>cd san*

C:\Program Files\Hewlett-Packard\Sanworks>cd el*

C:\Program Files\Hewlett-Packard\Sanworks\Element Manager for StorageWorks HSV>command
Microsoft(R) Windows DOS
(C)Copyright Microsoft Corp 1990-2001.

C:\PROGRA~1\HEWLET~1\SANWORKS\ELEMEN~1>
}}}
From: http://windowspeople.com/brocade/brocadehow-to-find-out-the-model-brocade-switch-from-a-switchshow/supportshow.html

{{{
[Brocade]How to find out the model Brocade Switch from a Switchshow/Supportshow?  	  Print   	  E-mail
Tag it:
Delicious
Furl it!
Spurl
NewsVine
Reddit
YahooMyWeb
Technorati
To find out the switch model (Brocade), you can either run a switchshow or open supportshow output and located the "switchType". Below is a switchshow output(for security reason the output is truncted)Type:9.2   is a DS-16b2 switch with revision 2 of the motherboard

DIR1:root> switchshow

switchName:     DIR3

switchType:     42.2

switchState:    Online  

switchMode:     Native

switchRole:     Subordinate

switchDomain:   3

switchId:       fffc03

switchWwn:      10:00:00:00:00:00:00:00

zoning:         ON (COMP_FABRIC_A)

switchBeacon:   OFF

blade1 Beacon:  OFF

blade2 Beacon:  OFF

blade3 Beacon:  OFF

blade4 Beacon:  OFF

blade7 Beacon:  OFF

blade8 Beacon:  OFF

blade9 Beacon:  OFF

blade10 Beacon: OFF

For the appropriate switchtype entry, see the below chart for description of the switch:
switchType – <model_type>.<motherboard_revision_level> The model types are as follows: 1.x = Brocade SilkWorm 1000 series 2.x = DS-16B / Brocade SilkWorm 2800 series 3.x = DS-8B / Brocade SilkWorm 2400 series 4.x = Brocade SilkWorm 20x0;
5.x = Brocade SilkWorm 22x0;
6.x = DS-16B / Brocade SilkWorm 3800 Series (Includes parity checking on all paths)
7.x = SCB
9.x = DS-16B2 / Brocade SilkWorm 3800 series
10.x = ED-12000B / Brocade SilkWorm 12000 switch blade
12.x = DS-32B2 / Brocade SilkWorm 3900 series
16.x = DS-8B2 / Brocade SilkWorm 3200 series
17.x =  Brocade SilkWorm 3800VL series
18.x =  Brocade SilkWorm 3000 series
21.x = ED-24000B / Brocade 24000 switch blade
22.x=  Brocade SilkWorm 3016 2GB Embedded Switch for IBM and Intel Blade Servers
26.x = DS-16B3 / Brocade 3850 series
27.x = DS-8B3 / Brocade 3250 series
29.x=  Brocade SilkWorm 4012 4GB Embedded Switch for HP Blade Servers
32.x = DS-4100B / Brocade Silkworm 4100 series
33.x =  Brocade SilkWorm 3014 2GB Embedded Switch for Dell, Fujitsu-Siemens and Hitachi Blade Servers
34.x = DS-220B /  Brocade 200E
36.x =  PB-48000-18i / Brocade SilkWorm FR4-18i 48000 Director Blade
37.x =  Brocade SilkWorm 4020 4GB Embedded Switch for IBM and Intel Blade Servers
38.0 = AP-7420
40.x= Fibre Channel Routing (FCR) Front Domain
41.x= Fibre Channel Routing (FCR) Xlate Domain
42.2 = ED-48000B / Brocade Silkworm 48000 series
43.x =  Brocade SilkWorm 4024 4GB Embedded Switch for NEC Blade Servers
44.x =  DS-4900 / Brocade SilkWorm 4900 series
45.x =  Brocade SilkWorm 4016 4GB Embedded Switch for Hitachi Blade Servers
46.x =  MP-7500B / Brocade SilkWorm 7500 series
47.x =  PB-48K-16IP / Brocade SilkWorm FC4-16IP 48000 Director Blade
51.x =  Brocade SilkWorm 4018 4GB Embedded Switch for Blade Servers
55.x =  Brocade SilkWorm FA4-18 48000 Director Blade
55.2 =  AP7600B / Brocade SilkWorm 7600 series
58.x =  DS-5000B / Brocade SilkWorm 5000 series
SwitchBlade: If the model type shows up as switchblade this is the Blade Server sold by IBM, which is a 4.x OS switch on a blade that is installed into and IBM server. We have qualified this but do not sale it directly.
The motherboard revision level varies per type. ex:  switch
And it's not difficult to see that the output above is Brocade Silkworm 48000. 



1 Brocade 1000 Switches 
2,6 Brocade 2800 Switch 
3 Brocade 2100, 2400 Switches 
4 Brocade 20x0, 2010, 2040, 2050 Switches 
5 Brocade 22x0, 2210, 2240, 2250 Switches 
Switch Types and Product Names 
Generated by Jive SBS on 2011-01-06-07:00 
2 
7 Brocade 2000 Switch 
9 Brocade 3800 Switch 
10 Brocade 12000 Director 
12 Brocade 3900 Switch 
16 Brocade 3200 Switch 
17 Brocade 3800VL 
18 Brocade 3000 Switch 
21 Brocade 24000 Director 
22 Brocade 3016 embedded Blade Switch 
23 8Gbit 10-port embedded fabric switch 
26 Brocade 3850 Switch 
27 Brocade 3250 Switch 
29 Brocade 4012 Embedded Blade Switch 
32 Brocade 4100 Switch 
33 Brocade 3014 Switch 
34 Brocade 200E Switch 
36 Brocade FR4-18i Director Blade 
37 Brocade 4020 Embedded Blade Switch 
38 Brocade 7420 SAN Router 
40 Fibre Channel Routing (FCR) Front Domain 
41 Fibre Channel Routing (FCR) Xlate Domain 
42 Brocade 48000 Director 
43 Brocade 4024 Embedded Blade Switch 
44 Brocade 4900 Switch 
45 Brocade 4016 Embedded Blade Switch 
46 Brocade 7500 Switch 
Switch Types and Product Names 
Generated by Jive SBS on 2011-01-06-07:00 
3 
47 Brocade FC4-16IP Director Blade 
50 Brocade 4GB FC Port Blade 
51 Brocade 4018 Embedded Blade Switch 
55 Brocade FA4-18i Extension Director Blade 
55,2 Brocade 7600 Switch 
58 Brocade 5000 Switch 
62 Brocade DCX Backbone 
63 Brocade 8Gb Backbone Core Fabric Switch 
64 Brocade 5300 Switch 
66 Brocade 5100 Switch 
67 Brocade Encryption Switch 
68 Brocade 8Gb 16 FC 2 GigE ports Director Encryption 
Blade 
69 Brocade 5410 Blade 
70 Brocade 8GB 10 Port Embedded Fabric Switch 
71 Brocade 300 Switch 
72 Brocade 5480 Embedded Blade Switch 
75 Brocade M5424 Embedded Blade Switch 
76,6 Brocade 8000 FCoE Switch 
77,3 Brocade DCX-4S 
82 Brocade 8Gb 24-port Embedded Blade Switch 
83 Brocade 16-FC port, 6-GE port, auto sensing 1, 2, 4 or 
8Gbit Switch 
86 Brocade 8Gbit 26-port embedded Switch 
88 Brocade 10Gb 24 GigE ports DCE Blade 
Switch Types and Product Names 
Generated by Jive SBS on 2011-01-06-07:00 
4 
89 Brocade 8Gb 12 FC, 1Gb 10 GigE FCIP Blade, 10Gb 2 
GigE ports FCR
}}}
{{{
runlevel
}}}
{{{
HP5308# sh mod

 Status and Counters - Module Information

  Slot  Module Description                   Serial Number
  ----- ------------------------------------ --------------
  A     HP J4907A XL Gig-T/GBIC module       SG432PM0AY
  B     HP J4907A XL Gig-T/GBIC module       SG432PM0B3
  C     HP J8161A XL PoE 10/100-TX module    SG436QD03H
  D     HP J4820A XL 10/100-TX module        SG416KZ0J4
  G     HP J8161A XL PoE 10/100-TX module    SG423QD086
  H     HP J8161A XL PoE 10/100-TX module    SG423QD0BQ
}}}
{{{
show running-config

Running configuration:

; J4819A Configuration Editor; Created on release #E.10.44
}}}
{{{
HP5308# sh system-information

 Status and Counters - General System Information

  System Name        : HP5308
  System Contact     : System Contact
  System Location    : System Location

  MAC Age Time (sec) : 300

  Time Zone          : -300
  Daylight Time Rule : Continental-US-and-Canada


  Software revision  : E.10.44          Base MAC Addr      : 00110a-90f400
  ROM Version        : E.05.04          Serial Number      : SG432JZ09C

  Up Time            : 175 days         Memory   - Total   : 17,973,152
  CPU Util (%)       : 1                           Free    : 5,163,144

  IP Mgmt  - Pkts Rx : 441,182,527      Packet   - Total   : 2176
             Pkts Tx : 129,797,247      Buffers    Free    : 1665
                                                   Lowest  : 643
                                                   Missed  : 0

HP5308#
}}}
Command: dsquery

{{{
e:\>dsquery ou -name "Domain Admins"
"OU=Domain Admins,DC=test,DC=internal"

e:\>dsquery group -name "Domain Admins"
"CN=Domain Admins,CN=Users,DC=test,DC=internal"

e:\>dsquery user -name Bob
"CN=Bob,OU=Domain Admins,DC=test,DC=internal"
}}}

If you only know the account id, which can be different from the CN, try this:
{{{
e:\>dsquery user -samid root
"CN=Smith\, Brad,OU=Domain Admins,DC=test,DC=internal"

e:\>dsquery user -name "Smith, Brad"
"CN=Smith\, Brad,OU=Domain Admins,DC=test,DC=internal"

C:\WINDOWS\system32>dsquery group -samid "Domain Admins"
"CN=Domain Admins,CN=Users,DC=asdf,DC=internal"
}}}

{{{
Dsquery can output many object attributes, including the SID (objectSID). The easiest way is to use a filter query to show the objectsid attribute, as in the following example:

dsquery * -filter "&(objectcategory=user)(samaccountname=john)" -attr objectsid

The return is:

objectsid S-1-5-21-2835294230-785241407-2532694646-1106

You can also use Dsget to get the distinguished name (DN), like the following example:

dsget user "cn=john savill,cn=users,dc=savilltech,dc=net" -sid

The return would be:

sid S-1-5-21-2835294230-785241407-2532694646-1106 dsget succeeded 
}}}
Look for *release or *version in /etc. Sometimes /etc/issue will have something too.

Slackware: /etc/slackware-version
Mandrake: /etc/mandrake-release
Red Hat: /etc/redhat-release
Fedora: /etc/fedora-release
Debian: /etc/Debian_version


{{{
# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=6.06
DISTRIB_CODENAME=dapper
DISTRIB_DESCRIPTION="Ubuntu 6.06 LTS"
# cat /etc/debian_version
testing
}}}
http://support.microsoft.com/kb/321185

!!!~SQL2008
{{{
SELECT SERVERPROPERTY('productversion'), SERVERPROPERTY ('productlevel'), SERVERPROPERTY ('edition')
}}}
!!!~SQL2005
{{{
SELECT  SERVERPROPERTY('productversion'), SERVERPROPERTY ('productlevel'), SERVERPROPERTY ('edition')
}}}
!!!SQL Build Numbers
|SQL Server 2008 R2 CU2|10.5.1720.0 |
|SQL Server 2008 R2 CU1     |10.5.1702.0|
|SQL Server 2008 R2 RTM|10.5.1600.1 	|
|SQL Server 2008 RTM 	|2007.100.1600.0|
|SQL Server 2008 SP1 	|2007.100.2531.0|
|SQL Server 2005 RTM 	|2005.90.1399|
|SQL Server 2005 SP1 	|2005.90.2047|
|SQL Server 2005 SP2 	|2005.90.3042|
|SQL Server 2005 SP3 	|2005.90.4035|
|SQL Server 2000 RTM 	|2000.80.194.0|
|SQL Server 2000 SP1 	|2000.80.384.0|
|SQL Server 2000 SP2 	|2000.80.534.0|
|SQL Server 2000 SP3 	|2000.80.760.0|
|SQL Server 2000 SP3a 	|2000.80.760.0|
|SQL Server 2000 SP4 	|2000.8.00.2039|
|SQL Server 7.0 RTM 	|7.00.623|
|SQL Server 7.0 SP1 	|7.00.699|
|SQL Server 7.0 SP2 	|7.00.842|
|SQL Server 7.0 SP3 	|7.00.961|
|SQL Server 7.0 SP4 	|7.00.1063|
|SQL Server 6.5 RTM 	|6.50.201|
|SQL Server 6.5 SP1 	|6.50.213|
|SQL Server 6.5 SP2 	|6.50.240|
|SQL Server 6.5 SP3 	|6.50.258|
|SQL Server 6.5 SP4 	|6.50.281|
|SQL Server 6.5 SP5 	|6.50.415|
|SQL Server 6.5 SP5a 	|6.50.416|
|SQL Server 6.5 SP5a Update 	|6.50.479|
Two ways:
{{{
show trunks
}}}
{{{
show interfaces brief
}}}
{{{
show trunks

 Load Balancing

  Port | Name                             Type      | Group Type
  ---- + -------------------------------- --------- + ----- -----
  A15  |                                  1000SX    | Mesh
  B15  |                                  1000SX    | Trk1  LACP

}}}
{{{
show interfaces brief

 Status and Counters - Port Status

                     | Intrusion                           MDI   Flow
  Port     Type      | Alert     Enabled Status Mode       Mode  Ctrl
  -------- --------- + --------- ------- ------ ---------- ----- -----
  A1       100/1000T | No        Yes     Down   1000FDx    Auto  off
  A2       100/1000T | No        Yes     Down   1000FDx    Auto  off
  A3       100/1000T | No        Yes     Down   1000FDx    MDIX  off
  A4       100/1000T | No        Yes     Up     1000FDx    MDIX  off
  A5       100/1000T | No        Yes     Up     100FDx     MDIX  off
  A6       100/1000T | No        Yes     Up     100FDx     MDIX  off
  A7       100/1000T | No        Yes     Down   1000FDx    Auto  off
  A8       100/1000T | No        Yes     Down   1000FDx    MDIX  off
  A9       100/1000T | No        Yes     Down   1000FDx    Auto  off
  A10      100/1000T | No        Yes     Down   1000FDx    Auto  off
  A11      100/1000T | No        Yes     Down   1000FDx    Auto  off
  A12      100/1000T | No        Yes     Down   1000FDx    Auto  off
  A13      100/1000T | No        Yes     Up     10HDx      MDIX  off
  A14      100/1000T | No        Yes     Down   1000FDx    Auto  off
  A15-Mesh 1000SX    | No        Yes     Up     1000FDx          off
  A16      100/1000T | No        Yes     Down   1000FDx    Auto  off
  B1       100/1000T | No        Yes     Up     1000FDx    MDI   off
  B2       100/1000T | No        Yes     Up     100FDx     MDIX  off
  B3       100/1000T | No        Yes     Down   1000FDx    Auto  off
  B4       100/1000T | No        Yes     Down   1000FDx    Auto  off
  B5       100/1000T | No        Yes     Up     100FDx     MDIX  off
  B6       100/1000T | No        Yes     Down   1000FDx    MDIX  off
  B7       100/1000T | No        Yes     Down   1000FDx    MDIX  off
  B8       100/1000T | No        Yes     Down   1000FDx    Auto  off
  B9       100/1000T | No        Yes     Up     100FDx     MDIX  off
  B10      100/1000T | No        Yes     Down   1000FDx    Auto  off
  B11      100/1000T | No        Yes     Down   1000FDx    Auto  off
  B12      100/1000T | No        Yes     Down   1000FDx    Auto  off
  B13      100/1000T | No        Yes     Up     100FDx     MDIX  off
  B14      100/1000T | No        Yes     Down   1000FDx    Auto  off
  B15-Trk1 1000SX    | No        Yes     Up     1000FDx          off
  B16      100/1000T | No        Yes     Down   1000FDx    Auto  off
  C1       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C2       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C3       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C4       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C5       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C6       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C7       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C8       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C9       10/100TX  | No        Yes     Down   10FDx      Auto  off
  C10      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C11      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C12      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C13      10/100TX  | No        Yes     Down   100FDx     MDIX  off
  C14      10/100TX  | No        Yes     Down   100FDx     MDIX  off
  C15      10/100TX  | No        Yes     Up     100FDx     MDI   off
  C16      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  C17      10/100TX  | No        Yes     Up     10HDx      MDIX  off
  C18      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C19      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C20      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  C21      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C22      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C23      10/100TX  | No        Yes     Down   10FDx      Auto  off
  C24      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D1       10/100TX  | No        Yes     Up     100FDx     MDI   off
  D2       10/100TX  | No        Yes     Up     100FDx     MDIX  off
  D3       10/100TX  | No        Yes     Down   10FDx      Auto  off
  D4       10/100TX  | No        Yes     Up     100FDx     MDIX  off
  D5       10/100TX  | No        Yes     Down   10FDx      Auto  off
  D6       10/100TX  | No        Yes     Down   10FDx      Auto  off
  D7       10/100TX  | No        Yes     Up     100FDx     MDIX  off
  D8       10/100TX  | No        Yes     Down   10FDx      Auto  off
  D9       10/100TX  | No        Yes     Down   10FDx      Auto  off
  D10      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  D11      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D12      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D13      10/100TX  | No        Yes     Up     100FDx     MDI   off
  D14      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D15      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D16      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D17      10/100TX  | No        Yes     Up     100FDx     MDI   off
  D18      10/100TX  | No        Yes     Up     100FDx     MDI   off
  D19      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D20      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D21      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D22      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D23      10/100TX  | No        Yes     Down   10FDx      Auto  off
  D24      10/100TX  | No        Yes     Down   10FDx      Auto  off
  G1       10/100TX  | No        Yes     Down   10FDx      Auto  off
  G2       10/100TX  | No        Yes     Down   10FDx      Auto  off
  G3       10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G4       10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G5       10/100TX  | No        Yes     Down   10FDx      Auto  off
  G6       10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G7       10/100TX  | No        Yes     Down   10FDx      Auto  off
  G8       10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G9       10/100TX  | No        Yes     Down   100FDx     MDIX  off
  G10      10/100TX  | No        Yes     Down   10FDx      Auto  off
  G11      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G12      10/100TX  | No        Yes     Up     100FDx     MDI   off
  G13      10/100TX  | No        Yes     Up     10HDx      MDI   off
  G14      10/100TX  | No        Yes     Down   10FDx      Auto  off
  G15      10/100TX  | No        Yes     Down   10FDx      Auto  off
  G16      10/100TX  | No        Yes     Up     100FDx     MDI   off
  G17      10/100TX  | No        Yes     Down   100FDx     MDIX  off
  G18      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G19      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G20      10/100TX  | No        Yes     Up     100HDx     MDI   off
  G21      10/100TX  | No        Yes     Down   100FDx     MDI   off
  G22      10/100TX  | No        Yes     Down   10FDx      Auto  off
  G23      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  G24      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  H1       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H2       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H3       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H4       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H5       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H6       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H7       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H8       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H9       10/100TX  | No        Yes     Down   10FDx      Auto  off
  H10      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H11      10/100TX  | No        Yes     Down   100FDx     MDIX  off
  H12      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H13      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H14      10/100TX  | No        Yes     Up     100FDx     MDIX  off
  H15      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H16      10/100TX  | No        Yes     Up     100FDx     MDI   off
  H17      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H18      10/100TX  | No        Yes     Down   100FDx     MDIX  off
  H19      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H20      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H21      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H22      10/100TX  | No        Yes     Down   10FDx      Auto  off
  H23      10/100TX  | No        Yes     Down   10FDx      Auto  off
}}}
{{{
[root@ESX01 /]# find / -name qla* -print | grep proc
/proc/scsi/qla2xxx
[root@ESX01 /]# grep Firmware /proc/scsi/qla2xxx/*
/proc/scsi/qla2xxx/4:        FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/4:        MPI Firmware Version:  1.40.03 (66304)
/proc/scsi/qla2xxx/4:        PHY Firmware Version:  1.08.00
/proc/scsi/qla2xxx/5:        FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/5:        MPI Firmware Version:  1.40.03 (66304)
/proc/scsi/qla2xxx/5:        PHY Firmware Version:  1.08.00
/proc/scsi/qla2xxx/6:        FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/6:        MPI Firmware Version:  1.40.03 (66304)
/proc/scsi/qla2xxx/6:        PHY Firmware Version:  1.08.00
/proc/scsi/qla2xxx/7:        FC Firmware version 5.04.01 (48d4), Chip Type: QLE815x
/proc/scsi/qla2xxx/7:        MPI Firmware Version:  1.40.03 (66304)
/proc/scsi/qla2xxx/7:        PHY Firmware Version:  1.08.00
[root@ESX01 /]#
[root@ESX01 /]# grep BIOS /proc/scsi/qla2xxx/*
/proc/scsi/qla2xxx/4:BIOS version 3.00
/proc/scsi/qla2xxx/5:BIOS version 3.00
/proc/scsi/qla2xxx/6:BIOS version 3.00
/proc/scsi/qla2xxx/7:BIOS version 3.00
[root@ESX01 /]#

}}}
{{{
for i in /proc/scsi/qla2xxx/*; do echo; echo $i; grep hba $i; grep node $i; done
}}}
* In the Start Menu go to Run type “gpedit.msc” and press Enter
* Now a Group Policy editor will open. In this window navigate to: Computer Configuration -> Administrative Template -> Windows Components -> Windows Update
* Double click on No auto-restart for scheduled Automatic Updates installations
* In the settings window Choose Enabled and click OK
* Close Group Policy Editor



from: http://www.aviransplace.com/2004/12/18/tip-disable-auto-restart-in-windows-update/
ios:
{{{sh ip nat translations}}}
{{{sh ip nat statistics}}}
{{{
rtr-PDCity#sh ip nat translations
Pro Inside global         Inside local          Outside local         Outside global
--- 192.168.69.17         10.20.14.100          192.168.69.2          192.168.5.11
--- 10.90.204.12          10.90.204.12          192.168.69.2          192.168.5.11
--- ---                   ---                   192.168.69.2          192.168.5.11
--- 192.168.69.17         10.20.14.100          ---                   ---
rtr-PDCity#
rtr-PDCity#sh ip nat statistics
Total active translations: 4 (1 static, 3 dynamic; 0 extended)
Outside interfaces:
  Ethernet0
Inside interfaces:
  FastEthernet0
Hits: 23  Misses: 2
Expired translations: 0
Dynamic mappings:
-- Inside Source
[Id: 1] access-list 1 pool city refcount 2
 pool city: netmask 255.255.255.248
        start 192.168.69.17 end 192.168.69.22
        type generic, total addresses 6, allocated 1 (16%), misses 0
rtr-PDCity#
}}}


PIX/ASA:
{{{sh xlate}}}

[[IOS Doc|http://www.cisco.com/en/US/products/ps6441/products_command_reference_chapter09186a0080611830.html#wp1163231]]
Can only change group types/scopes in native mode. Cannot in mixed mode.
!!!ESX
|ESX 4.0 ||Build 164009| 21 May 2009|
|ESX 4.0 |Update 1 |Build 208167 |19 Nov 2009|
|ESX 4.0 |Update 2 |Build 261974 |10 Jun 2010|
|ESX 4.0 |Update 3 |Build 398348 |5 May 2011|
|ESX 4.0 |Update 4 |Build 504850 |November 17, 2011|
|ESX 4.1 ||Build 260247 |July 13, 2010|
|ESX 4.1 |Update 1 |Build 348481 |Feb 10, 2011|
|ESX 4.1 |Update 2 |Build 502767 |Oct 27, 2011|
!!!ESXi
|ESXi 4.0||Build 164009 |May 21, 2009|
|ESXi 4.0 |Update 1 |Build 208167|
|ESXi 4.0 |Update 2 |Build 261974 |June 10, 2010|
|ESXi 4.0 |Update 3 |Build 398348 |May 5, 2011|
|ESXi 4.0 |Update 4 |Build 504850 |November 17, 2011|
|ESXi 4.1 ||Build 260247 |July 13, 2010|
|ESXi 4.1 |Update 1 |Build 348481 |February 10, 2011|
|ESXi 4.1 |Update 2 |Build 502767 |October 27, 2011|
|ESXi 5.0 ||Build 456551 |August 24, 2011|
{{{
http://<ip or hostname>:2372
}}}
Password Management

Passwords and similar secrets, such as Simple Network Management Protocol (SNMP) community strings, are the primary defense against unauthorized access to your router. The best way to handle most passwords is to maintain them on a TACACS+ or RADIUS authentication server. However, almost every router still has a locally configured password for privileged access, and can also have other password information in its configuration file.
enable secret

The enable secret command is used to set the password that grants privileged administrative access to the IOS system. An enable secret password must always be set. Use the enable secret command, not the older enable password command. The enable password command uses a weak encryption algorithm. See the service password-encryption section of this document for more information.

If no enable secret is set, and a password is configured for the console TTY line, the console password can be used to receive privileged access, even from a remote VTY session. This is almost certainly not what you want, and is another reason to be certain to configure an enable secret. 
http://www.cisco.com/warp/public/701/64.html

''The enable password command should no longer be used.''
http://tombuntu.com/index.php/2008/09/23/encrypted-private-directory-in-ubuntu-810/
CTRL+SHIFT+6, twice
{{{
2/27/2006 9:38:16 AM    Getting Excel MDI/SDI/Excel Instance to behave more logically

I put this in a reply to a related post which may confuse people. It  
  
should be in it's own topic.  
  
I think I have figured out this stupid Excel thing.  
  
Excel has this bast%^%^ized MDI SDI thing.  
  
I think most people run Excel with it's child Window Maximized (which  
  
makes it really confusing).  
  
So when you click on another file it switches to that file, hides the  
  
other window but adds another icon on your task bar giving you the  
  
feeling you started another instance of excel (but it didn't !!). I've  
  
been burned by this too many times and shutdown what I thought was one  
  
instance of excel turned out to be all of them. Word does not behave  
  
this way.  
  
So there is an option to disable this feature called "Ignore Other  
  
Applications" (under Options-> General). If you look at the help on  
  
this it basically shuts of DDE. What DDE basically does is when you  
  
click on a file it checks to see if Excel is already running and if it  
  
is, it passes the file to that already running instance. The problem  
  
with turning this switch on is the file mappings that are already  
  
installed assume DDE is on and things break. So when you shut that  
  
option off you suddenly start getting errors that Excel cannot find the  
  
file.  
  
To fix this go into your File Explorer (My Computer) and Choose Folder  
  
-> Options -> File Type. Find XLS and select it, then click advanced  
  
button. Now Select the "Open" Action and choose Edit button. Now this  
  
is the trick, shutoff DDE by unchecking it. Then edit the end of the  
  
action. The end should be something like this (note the "%1") and note  
  
there must be a space between the /e and the first quote.  
  
"C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE" /e "%1"  
  
Now this allows you to create a SEPERATE instance of excel everytime  
  
you click on an Excel file. And when you close that excel instance it  
  
has no impact on any other. It also gets rid of the I can't find the  
  
file problem. In some cases you will see a %1 without the quotes. That  
  
causes the problem that excel can't find files when the path has spaces  
  
in it.  
  
You may want to repeat this for other files types that maps to Excel.  
  
Like .CSV  
  
If you have "ignore other applications" switch unchecked (default  
  
behavior) you get the funky SDI/MDI/Excel Instance behavior.  
  
If you have "ignore other applications" switch checked, you get the  
  
more logical MDI/SDI/Excel Instance behavior but the file type mappings  
  
must be fixed as I described above.  
  
This all assumes under WinXP.
}}}
http://searchexchange.techtarget.com/tip/1,289483,sid43_gci1112139,00.html
{{{
net stop MSExchangeSRS
net stop MSExchangeMGMT
net stop IISAdmin /Y
net stop MSExchangeSA /Y

ntbackup backup /f "D:<dirbackup.bkf" /j "Directory services backup" DS "<exchange_server>" /d "Directory services backup set created %date% %time%" /v:yes /r:no /rs:no

ntbackup backup /f "D:<exchangebackup.bkf" /j "Exchange server backup" IS "<exchange_server>" /d "Exchange backup set created %date% %time%" /v:yes /r:no /rs:no

net start MSExchangeSRS
net start ExIFS
net start IISAdmin
net start MSExchangeSA
}}}

http://www.petri.co.il/backup_exchange_2000_2003_with_ntbackup.htm

http://technet.microsoft.com/en-us/library/8bcc6e38-363a-43ad-9c43-3f558a435b06.aspx

[[How to use command line parameters with the Ntbackup command in Windows Server 2003|http://support.microsoft.com/kb/814583]]

ntbackup information store:

{{{
::C:\WINDOWS\system32\ntbackup.exe backup "@C:\Documents and Settings\Administrator.NEWFIELD2\Local Settings\Application Data\Microsoft\Windows NT\NTBackup\data\exch-is.bks" /n "exch-is1.bkf created 8/6/2007 at 10:58 AM" /d "Set created 8/6/2007 at 10:58 AM" /n "exch-is1.bkf created 8/6/2007 at 10:58 AM" /v:no /r:no /rs:no /hc:off /m normal /j "ExchangeInfoStore" /l:s /f "c:\backup\exch-is1.bkf"
}}}
!!General Links
http://msexchangeteam.com/


!!!Exchange 2007
allow smtp relay: http://msexchangeteam.com/archive/2006/12/28/432013.aspx

Configuring Exchange 2007 Hub Transport role to receive Internet mail: http://msexchangeteam.com/archive/2006/11/17/431555.aspx
#Create LUN for Source LUN Expansion
#Create LUN for Clone LUN Expansion
#Remove Clone LUN from Storage Group
#Remove Clone LUN from Clone Group
#Destroy Clone Group
#Expand Source LUN
#Expand Clone LUN
#Extend Source LUN in Windows
#Create Clone Group
#Add Clone LUN to Clone Group
#Add Clone to Storage Group
#Restart hubsan service on source server
/***
|Name:|ExtentTagButtonPlugin|
|Description:|Adds a New tiddler button in the tag drop down|
|Version:|3.2 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#ExtendTagButtonPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{

window.onClickTag_mptw_orig = window.onClickTag;
window.onClickTag = function(e) {
	window.onClickTag_mptw_orig.apply(this,arguments);
	var tag = this.getAttribute("tag");
	var title = this.getAttribute("tiddler");
	// Thanks Saq, you're a genius :)
	var popup = Popup.stack[Popup.stack.length-1].popup;
	createTiddlyElement(createTiddlyElement(popup,"li",null,"listBreak"),"div");
	wikify("<<newTiddler label:'New tiddler' tag:'"+tag+"'>>",createTiddlyElement(popup,"li"));
	return false;
}

//}}}
!!!PDC Emulator
The PDC emulator is a domain controller that advertises itself as the primary domain controller (PDC) to workstations, member servers, and domain controllers that are running earlier versions of Windows. It is also the Domain Master Browser, and it handles password discrepancies. All ~DCs synchronize their time with the PDC emulator. At any one time, there can be only one domain controller acting as the PDC emulator master in each domain in the ''forest''.
!!!!Transfer PDC emulator role:
# Open Active Directory Users and Computers MMC snap-in.
# In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master.
# Click the PDC emulator tab, and then click Change.
# Click OK to confirm that you want to transfer the role, and then click Close.
!!!RID Master
The RID (Relative ID) master is responsible for processing RID pool requests from all domain controllers in a particular domain. At any one time, there can be only one domain controller acting as the RID master in the ''domain''.
!!!!Transfer RID master role:
# Open Active Directory Users and Computers MMC snap-in.
# In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master.
# Click the RID master role tab, and then click Change.
# Click OK to confirm that you want to transfer the role, and then click Close.
!!!Infrastructure Master
The infrastructure master is responsible for updating references from objects in its domain to objects in other domains. At any one time, there can be only one domain controller acting as the infrastructure master in each ''domain''.
!!!!Transfer infrastructure master role
# Open Active Directory Users and Computers MMC snap-in.
# In the console tree, right-click Active Directory Users and Computers, point to All Tasks, and then click Operations Master.
# Click the infrastructure master role tab, and then click Change.
# Click OK to confirm that you want to transfer the role, and then click Close.
!!!Schema Master
The schema master domain controller controls all updates and modifications to the schema. To update the schema of a forest, you must have access to the schema master. There can be only one schema master in the whole ''forest''.
!!!!Transfer schema master role
#Register Schmmgmt.dll
##Run: {{{regsvr32 schmmgmt.dll}}} from command line or run dialog box.
#Transfer the Schema Master Role
##Click Start, click Run, type mmc in the Open box, and then click OK.
##On the File, menu click Add/Remove Snap-in.
##Click Add.
##Click Active Directory Schema, click Add, click Close, and then click OK.
##In the console tree, right-click Active Directory Schema, and then click Change Domain Controller.
##Click Specify Name, type the name of the domain controller that will be the new role holder, and then click OK.
##In the console tree, right-click Active Directory Schema, and then click Operations Master.
##Click Change.
##Click OK to confirm that you want to transfer the role, and then click Close.
!!!Domain Naming Master
The domain naming master domain controller controls the addition or removal of domains in the forest. There can be only one domain naming master in the whole ''forest''.
!!!!Transfer domain naming master role
   1. Click Start, point to Administrative Tools, and then click Active Directory Domains and Trusts.
   2. Right-click Active Directory Domains and Trusts, and then click Connect to Domain Controller.
      NOTE: You must perform this step if you are not on the domain controller to which you want to transfer the role. You do not have to perform this step if you are already connected to the domain controller whose role you want to transfer.
   3. Do one of the following:
          * In the Enter the name of another domain controller box, type the name of the domain controller that will be the new role holder, and then click OK.
            -or-
          * In the Or, select an available domain controller list, click the domain controller that will be the new role holder, and then click OK.
   4. In the console tree, right-click Active Directory Domains and Trusts, and then click Operations Master.
   5. Click Change.
   6. Click OK to confirm that you want to transfer the role, and then click Close.
!!!Global Catalog
!!!Notes:
How to view and transfer FSMO roles in Windows Server 2003: http://support.microsoft.com/kb/324801
Using ntdsutil to view FSMO roles: http://technet.microsoft.com/en-us/library/cc758870.aspx [[NTDSUTIL to view FSMO]]
|!Bookmark Name|!Location|!Keyword|
|Google Search|http://www.google.com/search?q=%s|g|
|Wikipedia Search|???|wp|
ForecastFox
AdBlock
filtersetg updater
tiny menu
fireftp
pdfdownload
download statusbar
ie tab
sage
{{{
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\>for /?
Runs a specified command for each file in a set of files.

FOR %variable IN (set) DO command [command-parameters]

  %variable  Specifies a single letter replaceable parameter.
  (set)      Specifies a set of one or more files.  Wildcards may be used.
  command    Specifies the command to carry out for each file.
  command-parameters
             Specifies parameters or switches for the specified command.

To use the FOR command in a batch program, specify %%variable instead
of %variable.  Variable names are case sensitive, so %i is different
from %I.

If Command Extensions are enabled, the following additional
forms of the FOR command are supported:

FOR /D %variable IN (set) DO command [command-parameters]

    If set contains wildcards, then specifies to match against directory
    names instead of file names.

FOR /R [[drive:]path] %variable IN (set) DO command [command-parameters]

    Walks the directory tree rooted at [drive:]path, executing the FOR
    statement in each directory of the tree.  If no directory
    specification is specified after /R then the current directory is
    assumed.  If set is just a single period (.) character then it
    will just enumerate the directory tree.

FOR /L %variable IN (start,step,end) DO command [command-parameters]

    The set is a sequence of numbers from start to end, by step amount.
    So (1,1,5) would generate the sequence 1 2 3 4 5 and (5,-1,1) would
    generate the sequence (5 4 3 2 1)

FOR /F ["options"] %variable IN (file-set) DO command [command-parameters]
FOR /F ["options"] %variable IN ("string") DO command [command-parameters]
FOR /F ["options"] %variable IN ('command') DO command [command-parameters]

    or, if usebackq option present:

FOR /F ["options"] %variable IN (file-set) DO command [command-parameters]
FOR /F ["options"] %variable IN ('string') DO command [command-parameters]
FOR /F ["options"] %variable IN (`command`) DO command [command-parameters]

    filenameset is one or more file names.  Each file is opened, read
    and processed before going on to the next file in filenameset.
    Processing consists of reading in the file, breaking it up into
    individual lines of text and then parsing each line into zero or
    more tokens.  The body of the for loop is then called with the
    variable value(s) set to the found token string(s).  By default, /F
    passes the first blank separated token from each line of each file.
    Blank lines are skipped.  You can override the default parsing
    behavior by specifying the optional "options" parameter.  This
    is a quoted string which contains one or more keywords to specify
    different parsing options.  The keywords are:

        eol=c           - specifies an end of line comment character
                          (just one)
        skip=n          - specifies the number of lines to skip at the
                          beginning of the file.
        delims=xxx      - specifies a delimiter set.  This replaces the
                          default delimiter set of space and tab.
        tokens=x,y,m-n  - specifies which tokens from each line are to
                          be passed to the for body for each iteration.
                          This will cause additional variable names to
                          be allocated.  The m-n form is a range,
                          specifying the mth through the nth tokens.  If
                          the last character in the tokens= string is an
                          asterisk, then an additional variable is
                          allocated and receives the remaining text on
                          the line after the last token parsed.
        usebackq        - specifies that the new semantics are in force,
                          where a back quoted string is executed as a
                          command and a single quoted string is a
                          literal string command and allows the use of
                          double quotes to quote file names in
                          filenameset.

    Some examples might help:

FOR /F "eol=; tokens=2,3* delims=, " %i in (myfile.txt) do @echo %i %j %k

    would parse each line in myfile.txt, ignoring lines that begin with
    a semicolon, passing the 2nd and 3rd token from each line to the for
    body, with tokens delimited by commas and/or spaces.  Notice the for
    body statements reference %i to get the 2nd token, %j to get the
    3rd token, and %k to get all remaining tokens after the 3rd.  For
    file names that contain spaces, you need to quote the filenames with
    double quotes.  In order to use double quotes in this manner, you also
    need to use the usebackq option, otherwise the double quotes will be
    interpreted as defining a literal string to parse.

    %i is explicitly declared in the for statement and the %j and %k
    are implicitly declared via the tokens= option.  You can specify up
    to 26 tokens via the tokens= line, provided it does not cause an
    attempt to declare a variable higher than the letter 'z' or 'Z'.
    Remember, FOR variables are single-letter, case sensitive, global,
    and you can't have more than 52 total active at any one time.

    You can also use the FOR /F parsing logic on an immediate string, by
    making the filenameset between the parenthesis a quoted string,
    using single quote characters.  It will be treated as a single line
    of input from a file and parsed.

    Finally, you can use the FOR /F command to parse the output of a
    command.  You do this by making the filenameset between the
    parenthesis a back quoted string.  It will be treated as a command
    line, which is passed to a child CMD.EXE and the output is captured
    into memory and parsed as if it was a file.  So the following
    example:

      FOR /F "usebackq delims==" %i IN (`set`) DO @echo %i

    would enumerate the environment variable names in the current
    environment.

In addition, substitution of FOR variable references has been enhanced.
You can now use the following optional syntax:

    %~I         - expands %I removing any surrounding quotes (")
    %~fI        - expands %I to a fully qualified path name
    %~dI        - expands %I to a drive letter only
    %~pI        - expands %I to a path only
    %~nI        - expands %I to a file name only
    %~xI        - expands %I to a file extension only
    %~sI        - expanded path contains short names only
    %~aI        - expands %I to file attributes of file
    %~tI        - expands %I to date/time of file
    %~zI        - expands %I to size of file
    %~$PATH:I   - searches the directories listed in the PATH
                   environment variable and expands %I to the
                   fully qualified name of the first one found.
                   If the environment variable name is not
                   defined or the file is not found by the
                   search, then this modifier expands to the
                   empty string

The modifiers can be combined to get compound results:

    %~dpI       - expands %I to a drive letter and path only
    %~nxI       - expands %I to a file name and extension only
    %~fsI       - expands %I to a full path name with short names only
    %~dp$PATH:I - searches the directories listed in the PATH
                   environment variable for %I and expands to the
                   drive letter and path of the first one found.
    %~ftzaI     - expands %I to a DIR like output line

In the above examples %I and PATH can be replaced by other valid
values.  The %~ syntax is terminated by a valid FOR variable name.
Picking upper case variable names like %I makes it more readable and
avoids confusion with the modifiers, which are not case sensitive.

C:\>
}}}
Per User setting:
{{{
Windows 2003

Start regedit and go to

   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects2

You'll see a "Settings" value, which contains something like this:

   28 00 00 00 ff ff ff ff 02 00 00 00 03 00 00 00 6d 00 00 00 20 00 00 00 00 00 00 00 e0 03 00 00 00 05 00 00 00 04 00 00

The nineth pair of digits determines the Taskbar properties. Possible values are:

   Always on top                                 = 0x02   
   Auto hide                                     = 0x01
   Show small icons in Start menu                = 0x04
   Hide clock                                    = 0x08

Combine the properties you want and set the byte. For example:

   Always on top + Show small icons + Show clock = 06   
   Always on top + Show small icons + Hide clock = 0e

Note that the changes do not take effect immediately, you have to restart Explorer, or logoff and logon again to see the changes. 	

If you want to set this for all users, you'll have to export the registry key into a .reg file 
and import it into the user profile in a logon script. Start the logon script in your GPO to 
make sure that it runs (and imports the registry file) before Explorer is started. 
}}}

Source: http://ts.veranoest.net/ts_faq_configuration.htm#enable_clock

Regfile:
{{{
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRects2]
"Settings"=hex:28,00,00,00,ff,ff,ff,ff,06,00,00,00,03,00,00,00,3c,00,00,00,1e,\
  00,00,00,fe,ff,ff,ff,e4,02,00,00,02,04,00,00,02,03,00,00
}}}
*You can create ''Bold'' text by enclosing it in pairs of single quotes:
{{{
''bold text''
}}}

*You can create ==Strikethrough== text by enclosing it in pairs of equal signs:
{{{
==strikethrough text==
}}}

*You can __Underline__ text by enclosing it in pairs of underscores:
{{{
__underlined text__
}}}

*You can create //Italic// text by enclosing it in pairs of forward slashes:
{{{
//italic text//
}}}

*You can create ^^superscript^^ text by enclosing it in pairs of carets:
{{{
^^superscript text^^
}}}

*You can create ~~subscript~~ text by enclosing it in pairs of tildes:
{{{
~~subscript text~~
}}}

*You can @@highlight text@@ by enclosing it in pairs of at-signs.
{{{
@@highlighted text@@
}}}

*You can also change many other CSS attributes by adding arguments to the highlight command. For example, you can change the text color to @@color:red;red@@ or give it a background-color of @@background-color:#0000FF;color:white;blue@@.
{{{
@@CSS attributes separated by semicolons;text@@
}}}

You can find out more about CSS from the excellent [[w3schools tutorial|http://w3schools.com/css/default.asp]].

*Finally, you can add new CSS classes to the Tiddlywiki so that you can style a number of items with the same CSS formatting. Simply add the new class to the StyleSheet [[ShadowTiddler|ShadowTiddlers]], such as:
{{{
.moveover{
margin-left:120px;
}
}}}
Then, when you want to use that CSS class, use the following formatting:
{{{
{{classname{text to be formatted}}}
}}}
{{moveover{So, for example, this paragraph has been formatted using the moveover CSS class.}}}
[[Tutorial|file:///C:/Documents%20and%20Settings/jcw/My%20Documents/data/docs/wiki/TiddlyWikiTutorial.html]]
{{{
4.2.2.2 dns server (vnsc-bak.sys.gtei.net.)

FLTG routers:
66.152.113.33 virt ip 
66.152.113.34
66.152.113.35

FLTG interconnects:
208.20.35.2 fltg dns
208.20.35.3 fltg dns
128.253.161.221 www.cornell.edu
132.236.56.250 ntp0.cornell.edu

TW routers:
24.39.87.101

TW interconnects:
24.92.226.11 time warner dns
24.92.226.12 time warner dns
72.43.91.85 web1.compguard.net
}}}
http://yoopergeek.blogspot.com/2007/07/vmware-loosing-eth0-after-youve-copied.html

{{{
Wednesday, July 18, 2007
VMWare : Loosing eth0 after you've copied your VM

Background

Here's a bit of weird-behavior I've noticed when working with some of our production virtual machines (running Gentoo Linux) here at work.

In order to update the OS's on our virtual machines, I will copy them to my local machine, power them on, update them, and then push the updated OS's back out into production at the earliest convenience.

When you copy the VM from one location to another, VMWare notices this and asks you "Hey, it looks like this machine has been physically moved or copied, do you want me to create a new VM-UUID?" If you answer in the affirmative, VMWare internally regenerates any unique-identifiers tied to this virtual machine. The one thing that's really noticeable is that any virtual ethernet adapters get their MAC addresses changed.

The problem I've experienced is that when you power on the new-UUID'd VM, you no longer have an ethernet adapter. Gentoo tries to bring-up eth0 and it says "network interface eth0 does not exist" and "Please verify hardware or kernel module (driver)"


Explanation

"So, what's going on?"

Try a couple things:

    * If you run lspci you should still see the ethernet adapter.

    * If you run 'dmesg' and should see the kernel find the network card and it even calls it eth0



"So, where does eth0 go?"

Try running ifconfig -a. I bet you now have an eth1 and it's MAC address matches the newly-generated virtual MAC address specified in the virtual machine's .vmx file.

"Oh great, so every time I copy the VM I need to update the system configs to use the new eth1, or eth2, etc!?!?!"

No, hush, I'm getting to the answer.

The problem stems from the linux distro 'remembering' the MAC address of the network adapter and expecting it to be the same between boots. In the case of our Gentoo VM's, it's udev that mucks this up.

"Ok, fine, it's udev's fault. We know it's broken because it's expecting the ethernet adapter to have a MAC address that it no longer has. What to do?

The Answer

To fix this problem you need to tell your linux distro the VM's new MAC address. How you do this can vary by distro. In my spelunking, I found a few ways:

    * In Gentoo do one of the following: (Do #1, it's the easiest.)
         1. Delete /etc/udev/rules.d/70-persistent-net.rules and reboot. Your eth0 should be back.
                o 2007/09/13 Update: This almost-always works for me. But, for some reason, sometimes it seems to confuse udev even more; after rebooting, I'll have an eth2 or eth3. When this happens, I end up following #2, making sure the udev config file has 'eth0' listed, and not eth1, eth2, or eth3.
         2. Edit /etc/udev/rules.d/70-persistent-net.rules (or whatever it's named) to match your new MAC address and reboot. Your eth0 should be back.
    * Other distros:
          o Look for, (and edit if you find,) /etc/iftab
          o Look for, and delete, then reboot /etc/udev/rules.d/25-iftab.rules
          o Look for, (and edit if you find,) /etc/sysconfig/network-scripts/ifcfg-eth0




Give Credit Where Credit Is Due

I got hints from a number of pages, but in the end, it was the folks over at the VMWare discussion forums for the win:
VMWare Discussion Forums
Posted by Jason Poll at 4:35 PM 
}}}
{{{
dir /b /s
}}}
/b :: bare format
/s :: include subdirectories

It looks like:

{{{
D:\>cd vmware

D:\vmware>dir /b /s
D:\vmware\centos
D:\vmware\gwopen5
D:\vmware\fc5nagios
D:\vmware\CentOS-4.4.ServerCD-i386.iso
D:\vmware\en_office_2003_pro.iso
D:\vmware\ISPConfig_Appliance
D:\vmware\m0n0wall-1.2-HD
D:\vmware\perfectsetup-1
D:\vmware\iscsi
D:\vmware\centos\Red Hat Enterprise Linux 4.vmx
D:\vmware\centos\Red Hat Enterprise Linux 4.vmsd
D:\vmware\centos\Red Hat Enterprise Linux 4.nvram
D:\vmware\centos\vmware-2.log
D:\vmware\centos\vmware-1.log
D:\vmware\centos\vmware-0.log
D:\vmware\centos\vmware.log
D:\vmware\gwopen5\gwopen5.vmdk
D:\vmware\gwopen5\gwopen5-vm-readme.txt
}}}
{{{
foreach ($ServerName in get-content "E:\data\zWorking\adps1\tocservernames.txt") {

"$ServerName"

## check the machine is pingable
	
$query = "select * from win32_pingstatus where address = '$ServerName'"
$result = Get-WmiObject -query $query

if ($result.protocoladdress) {

	# $build = @{n="Build";e={$_.BuildNumber}}
	# $SPNumber = @{n="SPNumber";e={$_.CSDVersion}}
	# $sku = @{n="SKU";e={$_.OperatingSystemSKU}}
	# $hostname = @{n="HostName";e={$_.CSName}}

   $Win32_OS = Get-WmiObject Win32_OperatingSystem -computer $ServerName | select servicepackmajorversion, caption

   ## Get the Service pack level
   $servicepack = $Win32_OS.servicepackmajorversion
	$osversion = $Win32_OS.caption
   ## Get the OS build

   # switch ($Win32_OS.build) {
     # the break statement will stop at the first match
     # 2600 {$os = "XP"; break}
     # 3790 { if ($Win32_OS.caption -match "XP") { $os = "XPx64" } else { $os = "Server 2003" }; break }
     # 6000 {$os = "Vista"; break}
     # 6001 { if ($Win32_OS.caption -match "Vista" ) { $os = "Vista" } else { $os = "Server 2008"}; break }
     # }

   "$osversion"
	"Service Pack: $servicepack"
	"`n"
   #"Operating System: $os Service Pack: $servicepack" | out-file -filepath C:\ServicePack.txt
} else {
            "Not Responding"
			"`n"}
}
}}}
force create mode = 0775
force directory mode = 0775
force group = web
http://www.hp.com/rnd/itmgrnews/technical_tips.htm
|fiber|fiber channel switch|
|procurve|network switch|
|blade|blade running microsoft|
|proliant|proliant running microsoft|
|eva|eva disk|
|msl6000|msl tape proliant|
|xp|xp disk|
Windows Registry Editor Version 5.00



[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]

"ConnectionsTab"=dword:00000001


Windows Registry Editor Version 5.00



[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet
Explorer\Control Panel]

"ConnectionsTab"=dword:00000001
/***
|Name:|HideWhenPlugin|
|Description:|Allows conditional inclusion/exclusion in templates|
|Version:|3.1 ($Rev: 3919 $)|
|Date:|$Date: 2008-03-13 02:03:12 +1000 (Thu, 13 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#HideWhenPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
For use in ViewTemplate and EditTemplate. Example usage:
{{{<div macro="showWhenTagged Task">[[TaskToolbar]]</div>}}}
{{{<div macro="showWhen tiddler.modifier == 'BartSimpson'"><img src="bart.gif"/></div>}}}
***/
//{{{

window.hideWhenLastTest = false;

window.removeElementWhen = function(test,place) {
	window.hideWhenLastTest = test;
	if (test) {
		removeChildren(place);
		place.parentNode.removeChild(place);
	}
};


merge(config.macros,{

	hideWhen: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( eval(paramString), place);
	}},

	showWhen: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( !eval(paramString), place);
	}},

	hideWhenTagged: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( tiddler.tags.containsAll(params), place);
	}},

	showWhenTagged: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( !tiddler.tags.containsAll(params), place);
	}},

	hideWhenTaggedAny: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( tiddler.tags.containsAny(params), place);
	}},

	showWhenTaggedAny: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( !tiddler.tags.containsAny(params), place);
	}},

	hideWhenTaggedAll: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( tiddler.tags.containsAll(params), place);
	}},

	showWhenTaggedAll: { handler: function (place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( !tiddler.tags.containsAll(params), place);
	}},

	hideWhenExists: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( store.tiddlerExists(params[0]) || store.isShadowTiddler(params[0]), place);
	}},

	showWhenExists: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( !(store.tiddlerExists(params[0]) || store.isShadowTiddler(params[0])), place);
	}},

	hideWhenTitleIs: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( tiddler.title == params[0], place);
	}},

	showWhenTitleIs: { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( tiddler.title != params[0], place);
	}},

	'else': { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
		removeElementWhen( !window.hideWhenLastTest, place);
	}}

});

//}}}
{{{
access-list 101 permit icmp any host 192.168.1.5 echo-reply
access-list 101 permit icmp any host 192.168.1.5 source-quench
access-list 101 permit icmp any host 192.168.1.5 unreachable
access-list 101 permit icmp any host 192.168.1.5 time-exceeded
access-group 101 in interface outside
}}}
Scripts to backup/import iis metabase:

iiscnfg.vbs
iisback.vbs
from: http://redmondmag.com/columns/article.asp?EditorialsID=498
seems to be from win2k

{{{
[Components]
  iis_common=On
  iis_inetmgr=On
  iis_www=On
  iis_ftp=On
  iis_htmla=Off
  iis_doc=Off
  iis_pwmgr=Off
  iis_smtp=Off
  iis_smtp_docs=Off
  iis_nntp=Off
  iis_nntp_docs=Off
  iisdbg=Off
  Fp=Off
[InternetServer]
  PathFTPRoot=D:\Inetpub\ftproot
  PathWWWRoot=D:\Inetpub\wwwroot

If you plan on using the server as an Exchange 2000 platform, you’ll need to enable SMTP and NNTP, as well.

Once you’ve built the script (call it IIS.txt), use Sysocmgr with the following syntax to install the components:

sysocmgr/inf:%windir%\inf\sysoc.inf /u:c:\iis.txt 
}}}

here's a list for w2k3/iis6
{{{
aspnet= on/off            Enable ASP.NET .
complusnetwork = on/off   Enable network COM+ access.
dtcnetwork = on/off       Enable network Distributed Transaction Coordinator (DTC) network access.
bitsserverextensionsisapi = on/off      Enable the BITS Server Extensions ISAPI.
bitsserverextensionsmanager = on/off    Enable the BITS Server Extensions snap-in.
iis_common = on/off                     Enable Common Files.
iis_ftp = on/off                        Enable the File Transfer Protocol (FTP) service.
fp_extensions = on/off                  Enable FrontPage®  2002 Server Extensions from Microsoft.
iis_inetmgr = on/off                    Enable IIS Manager.
iis_nntp = on/off                       Enable the Network News Transfer Protocol (NNTP) service.
iis_smtp = on/off                       Enable the Simple Mail Transfer Protocol (SMTP) service.
iis_asp = on/off                        Enable Active Server Pages (ASP).
iis_internetdataconnector = on/off      Enable Internet Data Connector (IDC).
sakit_web = on/off                      Enable Remote Administration (HTML).
You cannot perform an unattended installation of this feature simultaneously with performing an unattended installation of the operating system.
You can perform an unattended installation of this feature if you install IIS after you have installed the operating system by using the Sysocmgr.exe command-line utility.
This feature is not available on Itanium-based computers running Windows XP 64-Bit Edition; the 64-bit version of Windows Server 2003, Enterprise Edition; or the 64-bit version of Windows Server 2003, Datacenter Edition.

tswebclient = on/off                    Enable remote desktop Web connection.
iis_serversideincludes = on/off         Enable server-side includes (SSI).
iis_webdav = on/off                     Enable WebDAV publishing.
iis_www = on/off                        Enable the WWW service.
appsrv_console = on/off                 Enable Application Server Console.
This feature is not available on Itanium-based computers running Windows XP 64-Bit Edition.
inetprint = on/off                      Enable Internet printing.
}}}
It's a virtual box (on VMware ESX), so my fav distro, debian, isn't supported. ubuntu 8.04 is, though. Standard install of that off of the server install cd.
{{{
apt-get install ejabberd
}}}

Now it's time to play around with the config.
Goals: chatrooms, conversation logging, ad integration

Documentation: http://www.process-one.net/en/ejabberd/guide_en
{{{
Performs conditional processing in batch programs.

IF [NOT] ERRORLEVEL number command
IF [NOT] string1==string2 command
IF [NOT] EXIST filename command

  NOT               Specifies that Windows XP should carry out 
                    the command only if the condition is false.

  ERRORLEVEL number Specifies a true condition if the last program run
                    returned an exit code equal to or greater than the number
                    specified.

  string1==string2  Specifies a true condition if the specified text strings
                    match.

  EXIST filename    Specifies a true condition if the specified filename
                    exists.

  command           Specifies the command to carry out if the condition is
                    met.  Command can be followed by ELSE command which
                    will execute the command after the ELSE keyword if the
                    specified condition is FALSE

The ELSE clause must occur on the same line as the command after the IF.  For
example:

    IF EXIST filename. (
        del filename.
    ) ELSE (
        echo filename. missing.
    )

The following would NOT work because the del command needs to be terminated
by a newline:

    IF EXIST filename. del filename. ELSE echo filename. missing

Nor would the following work, since the ELSE command must be on the same line
as the end of the IF command:

    IF EXIST filename. del filename.
    ELSE echo filename. missing

The following would work if you want it all on one line:

    IF EXIST filename. (del filename.) ELSE echo filename. missing

If Command Extensions are enabled IF changes as follows:

    IF [/I] string1 compare-op string2 command
    IF CMDEXTVERSION number command
    IF DEFINED variable command

where compare-op may be one of:

    EQU - equal
    NEQ - not equal
    LSS - less than
    LEQ - less than or equal
    GTR - greater than
    GEQ - greater than or equal

and the /I switch, if specified, says to do case insensitive string
compares.  The /I switch can also be used on the string1==string2 form
of IF.  These comparisons are generic, in that if both string1 and
string2 are both comprised of all numeric digits, then the strings are
converted to numbers and a numeric comparison is performed.

The CMDEXTVERSION conditional works just like ERRORLEVEL, except it is
comparing against an internal version number associated with the Command
Extensions.  The first version is 1.  It will be incremented by one when
significant enhancements are added to the Command Extensions.
CMDEXTVERSION conditional is never true when Command Extensions are
disabled.

The DEFINED conditional works just like EXISTS except it takes an
environment variable name and returns true if the environment variable
is defined.

%ERRORLEVEL% will expand into a string representation of
the current value of ERRORLEVEL, provided that there is not already
an environment variable with the name ERRORLEVEL, in which case you
will get its value instead.  After running a program, the following
illustrates ERRORLEVEL use:

    goto answer%ERRORLEVEL%
    :answer0
    echo Program had return code 0
    :answer1
    echo Program had return code 1

You can also using the numerical comparisons above:

    IF %ERRORLEVEL% LEQ 1 goto okay

%CMDCMDLINE% will expand into the original command line passed to
CMD.EXE prior to any processing by CMD.EXE, provided that there is not
already an environment variable with the name CMDCMDLINE, in which case
you will get its value instead.

%CMDEXTVERSION% will expand into a string representation of the
current value of CMDEXTVERSION, provided that there is not already
an environment variable with the name CMDEXTVERSION, in which case you
will get its value instead.
}}}
{{{
@echo off
::insightsprep.cmd
::author: me@domain.tld
::

net use z: /d /y
net use z: \\server\scriptlogicfiles\InsightsPrep /persistent:no

::install .net35
SET FileName=%windir%\Microsoft.NET\Framework\v3.5
IF NOT EXIST %FileName% (
	start /wait z:\dotnetfx35.exe /passive /norestart
	)

::modify registry so that authenticated users have full rights to asp.net regkey
ECHO y| SECEDIT.EXE /CONFIGURE /CFG z:\InsightsASPDotNetFix.inf /DB c:\windows\InsightsASPDotNetFix.sdb /OVERWRITE /AREAS REGKEYS /LOG c:\windows\InsightsASPDotNetFix.log /QUIET
	
::install crystal reports
start /wait msiexec /i z:\Insights_5_Crystal_11_5.msi /qn /norestart

::mail install link
for /f "skip=1 tokens=2" %%i in ('qwinsta.exe') do set recip=%%i
::echo %recip% 
z:\blat.exe - -to %recip%@domain.tld -f me@domain.tld -server mail3.domain.tld -body "\\server\insights5deploy\Insights.application" -s "Insights Installer Link" -q


net use z: /d /y
set recip=
set filename=
}}}
!!!Change Welcome Message to indicate service downtime
#open gpedit.msc
#browse to {{{local computer policy > computer configuration > windows settings > security settings > local policies > security options}}}
#change text for {{{Interactive logon: Message text for users attempting to logon}}}
!!!Disable logins
#open command prompt
#run: {{{change logon /disable}}}
!!!Change to install mode
#open command prompt
#run: {{{change user /install}}}
!!!Install app
#follow application installation instructions
!!!Change to execute mode
#open command prompt
#run: {{{change user /execute}}}
!!!Enable logins
#open command prompt
#run: {{{change logon /enable}}}
/***
|Name:|InstantTimestampPlugin|
|Description:|A handy way to insert timestamps in your tiddler content|
|Version:|1.0.10 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#InstantTimestampPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Usage
If you enter {ts} in your tiddler content (without the spaces) it will be replaced with a timestamp when you save the tiddler. Full list of formats:
* {ts} or {t} -> timestamp
* {ds} or {d} -> datestamp
* !ts or !t at start of line -> !!timestamp
* !ds or !d at start of line -> !!datestamp
(I added the extra ! since that's how I like it. Remove it from translations below if required)
!!Notes
* Change the timeFormat and dateFormat below to suit your preference.
* See also http://mptw2.tiddlyspot.com/#AutoCorrectPlugin
* You could invent other translations and add them to the translations array below.
***/
//{{{

config.InstantTimestamp = {

	// adjust to suit
	timeFormat: 'DD/0MM/YY 0hh:0mm',
	dateFormat: 'DD/0MM/YY',

	translations: [
		[/^!ts?$/img,  "'!!{{ts{'+now.formatString(config.InstantTimestamp.timeFormat)+'}}}'"],
		[/^!ds?$/img,  "'!!{{ds{'+now.formatString(config.InstantTimestamp.dateFormat)+'}}}'"],

		// thanks Adapted Cat
		[/\{ts?\}(?!\}\})/ig,"'{{ts{'+now.formatString(config.InstantTimestamp.timeFormat)+'}}}'"],
		[/\{ds?\}(?!\}\})/ig,"'{{ds{'+now.formatString(config.InstantTimestamp.dateFormat)+'}}}'"]
		
	],

	excludeTags: [
		"noAutoCorrect",
		"noTimestamp",
		"html",
		"CSS",
		"css",
		"systemConfig",
		"systemConfigDisabled",
		"zsystemConfig",
		"Plugins",
		"Plugin",
		"plugins",
		"plugin",
		"javascript",
		"code",
		"systemTheme",
		"systemPalette"
	],

	excludeTiddlers: [
		"StyleSheet",
		"StyleSheetLayout",
		"StyleSheetColors",
		"StyleSheetPrint"
		// more?
	]

}; 

TiddlyWiki.prototype.saveTiddler_mptw_instanttimestamp = TiddlyWiki.prototype.saveTiddler;
TiddlyWiki.prototype.saveTiddler = function(title,newTitle,newBody,modifier,modified,tags,fields,clearChangeCount,created) {

	tags = (typeof(tags) == "string") ? tags.readBracketedList() : tags;
	var conf = config.InstantTimestamp;

	if ( !tags.containsAny(conf.excludeTags) && !conf.excludeTiddlers.contains(newTitle) ) {

		var now = new Date();
		var trans = conf.translations;
		for (var i=0;i<trans.length;i++) {
			newBody = newBody.replace(trans[i][0], eval(trans[i][1]));
		}
	}

	// TODO: use apply() instead of naming all args?
	return this.saveTiddler_mptw_instanttimestamp(title,newTitle,newBody,modifier,modified,tags,fields,clearChangeCount,created);
}

// you can override these in StyleSheet 
setStylesheet(".ts,.ds { background-color:#ddd; font-style:italic; }","instantTimestampStyles");

//}}}
bounce back book: http://www.amazon.com/Bounce-Back-Book-Adversity-Setbacks/dp/076114627X/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1213964816&sr=8-1

never ending list:
http://www.huffingtonpost.com/linda-stone/is-it-time-to-retire-the_b_106624.html
http://communities.vmware.com/docs/DOC-9279

Interviewing job candidates is tough, especially because some candidates are a lot better at interviewing than they are at working.

To get the core info you need about the candidates you interview, here's a simple but incredibly effective interview technique I learned from John Younger, the CEO of Accolo, a cloud recruiting solutions provider. (If you think you've conducted a lot of interviews, think again: Younger has interviewed thousands of people.)

Here's how it works. Just start from the beginning of the candidate's work history and work your way through each subsequent job. Move quickly, and don't ask for detail. And don't ask follow-up questions, at least not yet.

Go through each job and ask the same three questions:

1. How did you find out about the job?

2. What did you like about the job before you started?

3. Why did you leave?

"What's amazing," Younger says, "is that after a few minutes, you will always have learned something about the candidate-whether positive or negative-that you would never have learned otherwise."

Here's why:

How did you find out about the job?

Job boards, general postings, online listings, job fairs-most people find their first few jobs that way, so that's certainly not a red flag.

But a candidate who continues to find each successive job from general postings probably hasn't figured out what he or she wants to do-and where he or she would like to do it.

He or she is just looking for a job; often, any job.

And that probably means he or she isn't particularly eager to work for you. He or she just wants a job. Yours will do-until something else comes along.

"Plus, by the time you get to Job Three, Four, or Five in your career, and you haven't been pulled into a job by someone you previously worked for, that's a red flag," Younger says. "That shows you didn't build relationships, develop trust, and show a level of competence that made someone go out of their way to bring you into their organization."

On the flip side, being pulled in is like a great reference-without the letter.

What did you like about the job before you started?

In time, interviewees should describe the reason they took a particular job for more specific reasons than "great opportunity," "chance to learn about the industry," or "next step in my career."

Great employees don't work hard because of lofty titles or huge salaries. They work hard because they appreciate their work environment and enjoy what they do. (Titles and salary are just icing on the fulfillment cake.)

That means they know the kind of environment they will thrive in, and they know the type of work that motivates and challenges them-and not only can they describe it, they actively seek it.

Why did you leave?

Sometimes people leave for a better opportunity. Sometimes they leave for more money.

Often, though, they leave because an employer is too demanding. Or the employee doesn't get along with his or her boss. Or the employee doesn't get along with co-workers.

When that is the case, don't be judgmental. Resist the temptation to ask for detail. Hang on to follow-ups. Stick to the rhythm of the three questions. That makes it natural for candidates to be more open and candid.

In the process, many candidates will describe issues with management or disagreements with other employees or with taking responsibility-issues they otherwise would not have shared.

Then follow up on patterns that concern you.

"It's a quick way to get to get to the heart of a candidate's sense of teamwork and responsibility," Younger says. "Some people never take ownership and always see problems as someone else's problem. And some candidates have consistently had problems with their bosses-which means they'll also have issues with you."

And a bonus question:

How many people have you hired, and where did you find them?

Say you're interviewing candidates for a leadership position. Want to know how their direct reports feel about them?

Don't look only for candidates who were brought into an organization by someone else; look for candidates who brought employees into their organization.

"Great employees go out of their way to work with great leaders," Younger says. "If you're tough but fair, and you treat people well, they will go out of their way to work with you. The fact that employees changed jobs just so they could work for you speaks volumes to your leadership and people skills."
Jeff Haden learned much of what he knows about business and technology as he worked his way up in the manufacturing industry. Everything else he picks up from ghostwriting books for some of the smartest leaders he knows in business. @jeff_haden
5 Questions Great Job Candidates Ask
Many of the questions potential new hires ask are throwaways. But not these.

Be honest. Raise your hand if you feel the part of the job interview where you ask the candidate, "Do you have any questions for me?" is almost always a waste of time.

Thought so.

The problem is most candidates don't actually care about your answers; they just hope to make themselves look good by asking "smart" questions. To them, what they ask is more important than how you answer.

Great candidates ask questions they want answered because they're evaluating you, your company-and whether they really want to work for you.

Here are five questions great candidates ask:

What do you expect me to accomplish in the first 60 to 90 days?

Great candidates want to hit the ground running. They don't want to spend weeks or months "getting to know the organization."

They want to make a difference-right away.

What are the common attributes of your top performers?

Great candidates also want to be great long-term employees. Every organization is different, and so are the key qualities of top performers in those organizations.

Maybe your top performers work longer hours. Maybe creativity is more important than methodology. Maybe constantly landing new customers in new markets is more important than building long-term customer relationships. Maybe it's a willingness to spend the same amount of time educating an entry-level customer as helping an enthusiast who wants high-end equipment.

Great candidates want to know, because 1) they want to know if they fit, and 2) if they do fit, they want to be a top performer.

What are a few things that really drive results for the company?

Employees are investments, and every employee should generate a positive return on his or her salary. (Otherwise why are they on the payroll?)

In every job some activities make a bigger difference than others. You need your HR folks to fill job openings... but what you really want is for HR to find the right candidates because that results in higher retention rates, lower training costs, and better overall productivity.

Great candidates want to know what truly makes a difference. They know helping the company succeed means they succeed as well.

What do employees do in their spare time?

Happy employees 1) like what they do and 2) like the people they work with.

Granted this is a tough question to answer. Unless the company is really small, all any interviewer can do is speak in generalities.

What's important is that the candidate wants to make sure they have a reasonable chance of fitting in-because great job candidates usually have options.

How do you plan to deal with...?

Every business faces a major challenge: technological changes, competitors entering the market, shifting economic trends... there's rarely a Warren Buffett moat protecting a small business.

So while a candidate may see your company as a stepping-stone, they still hope for growth and advancement... and if they do eventually leave, they want it to be on their terms and not because you were forced out of business.

Say I'm interviewing for a position at your bike shop. Another shop is opening less than a mile away: How do you plan to deal with the new competitor? Or you run a poultry farm (a huge industry in my area): What will you do to deal with rising feed costs?

A great candidate doesn't just want to know what you think; they want to know what you plan to do-and how they will fit into those plans.
http://www.nslu2-linux.org/wiki/HowTo/MountDisksByLabel
/***
|Name:|LessBackupsPlugin|
|Description:|Intelligently limit the number of backup files you create|
|Version:|3.0.1 ($Rev: 2320 $)|
|Date:|$Date: 2007-06-18 22:37:46 +1000 (Mon, 18 Jun 2007) $|
|Source:|http://mptw.tiddlyspot.com/#LessBackupsPlugin|
|Author:|Simon Baird|
|Email:|simon.baird@gmail.com|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Description
You end up with just backup one per year, per month, per weekday, per hour, minute, and second.  So total number won't exceed about 200 or so. Can be reduced by commenting out the seconds/minutes/hours line from modes array
!!Notes
Works in IE and Firefox only.  Algorithm by Daniel Baird. IE specific code by by Saq Imtiaz.
***/
//{{{

var MINS  = 60 * 1000;
var HOURS = 60 * MINS;
var DAYS  = 24 * HOURS;

if (!config.lessBackups) {
	config.lessBackups = {
		// comment out the ones you don't want or set config.lessBackups.modes in your 'tweaks' plugin
		modes: [
			["YYYY",  365*DAYS], // one per year for ever
			["MMM",   31*DAYS],  // one per month
			["ddd",   7*DAYS],   // one per weekday
			//["d0DD",  1*DAYS],   // one per day of month
			["h0hh",  24*HOURS], // one per hour
			["m0mm",  1*HOURS],  // one per minute
			["s0ss",  1*MINS],   // one per second
			["latest",0]         // always keep last version. (leave this).
		]
	};
}

window.getSpecialBackupPath = function(backupPath) {

	var now = new Date();

	var modes = config.lessBackups.modes;

	for (var i=0;i<modes.length;i++) {

		// the filename we will try
		var specialBackupPath = backupPath.replace(/(\.)([0-9]+\.[0-9]+)(\.html)$/,
				'$1'+now.formatString(modes[i][0]).toLowerCase()+'$3')

		// open the file
		try {
			if (config.browser.isIE) {
				var fsobject = new ActiveXObject("Scripting.FileSystemObject")
				var fileExists  = fsobject.FileExists(specialBackupPath);
				if (fileExists) {
					var fileObject = fsobject.GetFile(specialBackupPath);
					var modDate = new Date(fileObject.DateLastModified).valueOf();
				}
			}
			else {
				netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect");
				var file = Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsILocalFile);
				file.initWithPath(specialBackupPath);
				var fileExists = file.exists();
				if (fileExists) {
					var modDate = file.lastModifiedTime;
				}
			}
		}
		catch(e) {
			// give up
			return backupPath;
		}

		// expiry is used to tell if it's an 'old' one. Eg, if the month is June and there is a
		// June file on disk that's more than an month old then it must be stale so overwrite
		// note that "latest" should be always written because the expiration period is zero (see above)
		var expiry = new Date(modDate + modes[i][1]);
		if (!fileExists || now > expiry)
			return specialBackupPath;
	}
}

// hijack the core function
window.getBackupPath_mptw_orig = window.getBackupPath;
window.getBackupPath = function(localPath) {
	return getSpecialBackupPath(getBackupPath_mptw_orig(localPath));
}

//}}}
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2219

{{{
Linux Guest Clock Runs Slowly on ESX Server 3
Products
	
VMware ESX
Details
	

Why does the clock in my Linux guest run more slowly than real time?

Solution
	
ESX Server 3.x (and earlier versions) programs the physical timer hardware to deliver between 1000 and 2500 clock interrupts per second per CPU, depending on the requirements of the virtual machines being run. This is ordinarily enough for all guest operating systems in their default configurations. However, it is possible for a guest to require a higher virtual clock interrupt rate. For example, a guest that uses the Linux /dev/rtc feature can request over 8000 virtual clock interrupts per second. ESX Server generally cannot sustain a virtual clock interrupt rate higher than the real hardware rate.
 
With ESX Server 3, you can increase the maximum hardware clock interrupt rate to correct this problem, at the cost of increased CPU overhead for interrupt handling. To do so, perform the following steps:

   1. Log on to VI Client as root.
   2.
      Select the relevant ESX Server host.
   3.
      Go to the Configuration tab and look under Software.
   4.
      Choose Advanced Settings > Misc.
   5.
      Scroll to the Misc.TimerMinHardPeriod parameter and click the current value. This opens a new window where you can update the value.
   6.
      Type a new value, then click the OK button to exit. The default value is 400; that is, a minimum of 400 microseconds between interrupts, or in other words, 2500 interrupts per second.

Important: If the clock in your Linux guest is running faster than real time, do not attempt to change TimerMinHardPeriod to slow it down. It is impossible to achieve correct timekeeping that way. Instead, see http://kb.vmware.com/kb/1420 for an explanation of this issue and a correct workaround.
 
Neither ESX Server nor the guest need to be rebooted after changing TimerMinHardPeriod.

This workaround does not apply to VMware products other than ESX Server 3. For a similar workaround that applies to ESX Server version 2, refer to Linux Guest Clock Runs Slowly on ESX Server 2 (kb.vmware.com/kb/1518). For a similar workaround that applies to some Linux hosts with VMware Workstation or GSX Server, refer to Virtual Machine Seems Slow when Running a Particular Program - Clock Issue (kb.vmware.com/kb/892). For additional information about timekeeping in virtual machines, see the following white paper at www.vmware.com/pdf/vmware_timekeeping.pdf.

Note: If you implemented Linux Guest Clock Runs Slowly on ESX Server 2 (kb.vmware.com/kb/1518) on your ESX Server 2 system, you generally don't need to re-implement this workaround after upgrading to ESX Server 3.
}}}
/***
|''Name:''|LoadRemoteFileThroughProxy (previous LoadRemoteFileHijack)|
|''Description:''|When the TiddlyWiki file is located on the web (view over http) the content of [[SiteProxy]] tiddler is added in front of the file url. If [[SiteProxy]] does not exist "/proxy/" is added. |
|''Version:''|1.1.0|
|''Date:''|mar 17, 2007|
|''Source:''|http://tiddlywiki.bidix.info/#LoadRemoteFileHijack|
|''Author:''|BidiX (BidiX (at) bidix (dot) info)|
|''License:''|[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D ]]|
|''~CoreVersion:''|2.2.0|
***/
//{{{
version.extensions.LoadRemoteFileThroughProxy = {
 major: 1, minor: 1, revision: 0, 
 date: new Date("mar 17, 2007"), 
 source: "http://tiddlywiki.bidix.info/#LoadRemoteFileThroughProxy"};

if (!window.bidix) window.bidix = {}; // bidix namespace
if (!bidix.core) bidix.core = {};

bidix.core.loadRemoteFile = loadRemoteFile;
loadRemoteFile = function(url,callback,params)
{
 if ((document.location.toString().substr(0,4) == "http") && (url.substr(0,4) == "http")){ 
  url = store.getTiddlerText("SiteProxy", "/proxy/") + url;
 }
 return bidix.core.loadRemoteFile(url,callback,params);
}
//}}}
{{{
Jeff writes:

> is there a preferred method to logging bash scripts, especially from a
> cron job?

There are many options; it sort of depends on what you're looking to
record.

* Redirection in shell scripts

 You can redirect all output from a shell script by inserting a call to
 the "exec" builtin, as in the following transcript:

$ cat > redirection-demonstration.sh
#!/bin/sh
exec > /tmp/redirection-demonstration.txt

echo "This line will go to that file"
^D
$ chmod 755 redirection-demonstration.sh
$ ./redirection-demonstration.sh
$ cat /tmp/redirection-demonstration.txt
This line will go to that file

 (That this works as it does is just an obscure detail of the POSIX
 shell: the exec builtin doubles both as a way of invoking a program
 and as a way to manipulate file descriptors.)

* Tracing shell scripts

 The shell has an option, -x, which makes the shell write every command
 to standard error before execution.  These traces can therefore record
 everything a script does.  You can turn tracing on or off for regions
 in a program via the set builtin:

$ cat > trace-demonstration.sh
#!/bin/sh
echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
  echo "The current second is even"
else
  echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"
^D
$ chmod 755 trace-demonstration.sh
$ ./trace-demonstration.sh
Hello from ./trace-demonstration.sh
++ date +%s
+ test 1 -eq 0
+ echo 'The current second is odd'
The current second is odd
+ set +x
Goodbye from ./trace-demonstration.sh

 Combining tracing with redirection can be handy:

$ cat > trace-and-redirection-demonstration.sh
exec >& /tmp/trace-and-redirection-demonstration.txt 2>&1

echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
  echo "The current second is even"
else
  echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"
^D
$ chmod 755 trace-and-redirection-demonstration.sh
$ ./trace-and-redirection-demonstration.sh
$ cat /tmp/trace-and-redirection-demonstration.txt
Hello from ./trace-and-redirection-demonstration.sh
+++ date +%s
++ test 0 -eq 0
++ echo 'The current second is even'
The current second is even
++ set +x
Goodbye from ./trace-and-redirection-demonstration.sh

* Logging via syslog

 There's a command called "logger" which sends a message to the system
 log facility.  An example use:

$ cat > logger-demonstration.sh
#!/bin/sh
logger "message from $0: fooooo!"
^D
$ chmod 755 logger-demonstration.sh
$ ./logger-demonstration.sh
$ su -c "tail -1 /var/log/syslog"
Password:
Oct  6 10:43:33 tan-ru logger: message from ./logger-demonstration.sh: fooooo!

 The standard doesn't mandate any options for the logger command, so
 all you can do portably across conforming POSIX platforms is send a
 string as above.  However, the implementation of logger on the Debian
 and NetBSD hosts I can reach has many nifty extensions, including an
 option for sending a whole file to syslog.  With this option, it
 becomes possible to combine redirection, tracing, and logging to
 syslog:

$ cat > trace-and-redirection-and-logger-demonstration.sh
#!/bin/sh
exec > /tmp/trace-and-redirection-and-logger-demonstration.txt 2>&1

echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
  echo "The current second is even"
else
  echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"

logger -f /tmp/trace-and-redirection-and-logger-demonstration.txt
$ chmod 755 trace-and-redirection-and-logger-demonstration.sh
$ ./trace-and-redirection-and-logger-demonstration.sh
$ su -c "tail -7 /var/log/syslog"
Password:
Oct  6 11:39:41 tan-ru logger: Hello from ./trace-and-redirection-and-logger-demonstration.sh
Oct  6 11:39:41 tan-ru logger: ++ date +%s
Oct  6 11:39:41 tan-ru logger: + test 1 -eq 0
Oct  6 11:39:41 tan-ru logger: + echo 'The current second is odd'
Oct  6 11:39:41 tan-ru logger: The current second is odd
Oct  6 11:39:41 tan-ru logger: + set +x
Oct  6 11:39:41 tan-ru logger: Goodbye from ./trace-and-redirection-and-logger-demonstration.sh

 Some upsides to logging via syslog are that you get automatic,
 consistently formatted timestamps, that syslog can be configured in
 various flexible ways (including shipping messages to another host on
 a network), and that system logs are likely already to be managed by
 something like logrotate, so you don't have to roll your own facility
 for cleaning up after your cron jobs [1].

--
The Other Marty

[1] In the examples above, I used constant filenames in /tmp, and left
   those files behind.  In a real script, I'd use mktemp to generate
   fresh files for writing into, and then either delete or rename those
   files once the program stops doing I/O.  For temporary files that
   should not exist after the program exits, the trap shell builtin can
   run a command at exit-time.  So the last program should probably be
   written like this:

#!/bin/sh
output_and_error_tempfile="`mktemp`"
trap "rm \"$output_and_error_tempfile\"" 0
exec > "$output_and_error_tempfile" 2>&1
echo "Hello from $0"
set -x # Turn tracing /on/
if test $((`date +%s` % 2)) -eq 0; then
  echo "The current second is even"
else
  echo "The current second is odd"
fi
set +x # Turn tracing /off/
echo "Goodbye from $0"
logger -f "$output_and_error_tempfile"

}}}
MPTW is a distribution or edition of TiddlyWiki that includes a standard TiddlyWiki core packaged with some plugins designed to improve usability and provide a better way to organise your information. For more information see http://mptw.tiddlyspot.com/.
{{{
dpkg-reconfigure exim4-config
apt-get install mailutils
}}}
[[Home|127.0.0.1]] [[Other]] [[More]]
from 0.53 change log:
<<<
Enable handling of {{{telnet://hostname:port/}}} ~URLs on the command line. With this feature, you can now set ~PuTTY as the default handler for Telnet ~URLs. If you run the Registry Editor and set the value in ~HKEY_CLASSES_ROOT\telnet\shell\open\command to be "\path\to\putty.exe %1" (with the full pathname of your ~PuTTY executable), you should find that clicking on telnet links in your web browser now runs ~PuTTY.
<<
{{{
@echo off

set drive=

for /f "tokens=2" %%a in ('net use * \\SERVER\SHARE password /user:fileserver\administrator /persistent:no 2^>NUL ^| findstr "Drive"') do (
	set drive=%%a
	)
if "%drive%"=="" (
  echo Could not map to server.
  pause
  goto :EOF
)

echo Drive: %drive%

net use %drive% /del >NUL 2>&1
}}}
65.52.0.0/14 (255.252.0.0)
64.4.0.0/18 (255.255.192.0)
2 monitors: 5280x1080
Monitoring the NTP Service

Perform these steps as root on the service console.

#After you have edited the previous files, restart the NTP service.
##To restart the service now, run:
###{{{service ntpd restart}}}
##To enable the NTP daemon to autostart when the server is rebooted, run:
###{{{chkconfig --level 345 ntpd on}}}
#Now you can set the local hardware clock to the NTP synchronized local system time. Run:
##{{{hwclock --systohc}}}
##As ntpd successfully polls NTP servers, the kernel automatically sets the hardware clock to the system clock time periodically.
#Monitor the NTP service as desired:
##To see the offset (in seconds) between the local clock and the source clock, run:
###{{{ntpdate -q time_server_name_or_ip_address}}}
##If the correction resulting from synchronizing the local clock with the time server is large enough, it could affect the operating systems or applications running in virtual machines when they synchronize their clocks with the ESX Server system on which they are running.
##To watch the status of the ntpd process, run:
###{{{watch "ntpq -p"}}}
###Press Ctrl-c to stop watching the process
###Note the information in the following columns:
####The character in the first column indicates the quality of the source.
####The asterisk ( * ) indicates the source is the current reference.
####{{{remote}}} lists the IP address or host name of the source.
####{{{when}}} indicates how many seconds have passed since the source was polled.
####{{{poll}}} indicates the polling interval. This value increases depending on the accuracy of the local clock.
####{{{reach}}} is an octal number that indicates reachability of the source. A value of 377 indicates the source has answered the last eight consecutive polls.
####{{{offset}}} is the time difference between the source and the local clock in milliseconds. 
###Note: If ntpq -p returns ntpq: read: Connection refused, check /var/log/messages for a more detailed error message. 

Additional documentation for NTP is available at http://ntp.isc.org/bin/view/Main/DocumentationIndex.

from http://kb.vmware.com/selfservice/viewContent.do?externalId=1339
In monospaced text, also known as non-proportional text, all the characters are of an equal width. So while in a normal font, i is thinner than W is, in {{{monospaced text, i and W are the same width}}}. It is primarily used in programming manuals and sites to identify blocks of code. 

Also, <<tag Formatting>> and [[macros|Macros]] that are in a monospaced block are not executed. For example:

{{{
<<today>>
}}}

To add a monotype text block, enclose the text in triple squiggly-brackets: 
{{{
{{{This is monotype}}}
}}}
Export dhcp database on server1:
{{{
netsh dhcp server export <filename> all
}}}

Import dhcp database on server2:
{{{
netsh dhcp server import <filename> all
}}}

See http://support.microsoft.com/kb/325473 for more info.
Name: MptwBlack
Background: #000
Foreground: #fff
PrimaryPale: #333
PrimaryLight: #555
PrimaryMid: #888
PrimaryDark: #aaa
SecondaryPale: #111
SecondaryLight: #222
SecondaryMid: #555
SecondaryDark: #888
TertiaryPale: #222
TertiaryLight: #666
TertiaryMid: #888
TertiaryDark: #aaa
Error: #300

This is in progress. Help appreciated.
Name: MptwBlue
Background: #fff
Foreground: #000
PrimaryPale: #cdf
PrimaryLight: #57c
PrimaryMid: #114
PrimaryDark: #012
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
/***
|Name:|MptwConfigPlugin|
|Description:|Miscellaneous tweaks used by MPTW|
|Version:|1.0 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#MptwConfigPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#MptwConfigPlugin|
!!Note: instead of editing this you should put overrides in MptwUserConfigPlugin
***/
//{{{
var originalReadOnly = readOnly;

config.options.chkHttpReadOnly = false; 		// means web visitors can experiment with your site by clicking edit
readOnly = false;								// needed because the above doesn't work any more post 2.1 (??)

config.options.chkInsertTabs = true;    		// tab inserts a tab when editing a tiddler
config.views.wikified.defaultText = "";			// don't need message when a tiddler doesn't exist
config.views.editor.defaultText = "";			// don't need message when creating a new tiddler 

config.options.chkAutoSave = true;				// do autosave
config.options.chkSaveBackups = true;			// do save backups
config.options.txtBackupFolder = 'twbackup';	// put backups in a backups folder

config.mptwVersion = "2.4.0";

config.macros.mptwVersion={handler:function(place){wikify(config.mptwVersion,place);}};

if (config.options.txtTheme == '')
	config.options.txtTheme = 'MptwTheme';

// add to default GettingStarted
config.shadowTiddlers.GettingStarted += "\n\nSee also [[MPTW]].";

// add select theme and palette controls in default OptionsPanel
config.shadowTiddlers.OptionsPanel = config.shadowTiddlers.OptionsPanel.replace(/(\n\-\-\-\-\nAlso see AdvancedOptions)/, "{{select{<<selectTheme>>\n<<selectPalette>>}}}$1");

// these are used by ViewTemplate
config.mptwDateFormat = 'DD/MM/YY';
config.mptwJournalFormat = 'Journal DD/MM/YY';

//}}}
Name: MptwGreen
Background: #fff
Foreground: #000
PrimaryPale: #9b9
PrimaryLight: #385
PrimaryMid: #031
PrimaryDark: #020
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
Name: MptwRed
Background: #fff
Foreground: #000
PrimaryPale: #eaa
PrimaryLight: #c55
PrimaryMid: #711
PrimaryDark: #500
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
|Name|MptwRounded|
|Description|Mptw Theme with some rounded corners (Firefox only)|
|ViewTemplate|MptwTheme##ViewTemplate|
|EditTemplate|MptwTheme##EditTemplate|
|PageTemplate|MptwTheme##PageTemplate|
|StyleSheet|##StyleSheet|

!StyleSheet
/*{{{*/

[[MptwTheme##StyleSheet]]

.tiddler,
.sliderPanel,
.button,
.tiddlyLink,
.tabContents
{ -moz-border-radius: 1em; }

.tab {
	-moz-border-radius-topleft: 0.5em;
	-moz-border-radius-topright: 0.5em;
}
#topMenu {
	-moz-border-radius-bottomleft: 2em;
	-moz-border-radius-bottomright: 2em;
}

/*}}}*/
Name: MptwSmoke
Background: #fff
Foreground: #000
PrimaryPale: #aaa
PrimaryLight: #777
PrimaryMid: #111
PrimaryDark: #000
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #eee
TertiaryLight: #ccc
TertiaryMid: #999
TertiaryDark: #666
Error: #f88
|Name|MptwStandard|
|Description|Mptw Theme with the default TiddlyWiki PageLayout and Styles|
|ViewTemplate|MptwTheme##ViewTemplate|
|EditTemplate|MptwTheme##EditTemplate|
Name: MptwTeal
Background: #fff
Foreground: #000
PrimaryPale: #B5D1DF
PrimaryLight: #618FA9
PrimaryMid: #1a3844
PrimaryDark: #000
SecondaryPale: #ffc
SecondaryLight: #fe8
SecondaryMid: #db4
SecondaryDark: #841
TertiaryPale: #f8f8f8
TertiaryLight: #bbb
TertiaryMid: #999
TertiaryDark: #888
Error: #f88
|Name|MptwTheme|
|Description|Mptw Theme including custom PageLayout|
|PageTemplate|##PageTemplate|
|ViewTemplate|##ViewTemplate|
|EditTemplate|##EditTemplate|
|StyleSheet|##StyleSheet|

http://mptw.tiddlyspot.com/#MptwTheme ($Rev: 1829 $)

!PageTemplate
<!--{{{-->
<div class='header' macro='gradient vert [[ColorPalette::PrimaryLight]] [[ColorPalette::PrimaryMid]]'>
	<div class='headerShadow'>
		<span class='siteTitle' refresh='content' tiddler='SiteTitle'></span>&nbsp;
		<span class='siteSubtitle' refresh='content' tiddler='SiteSubtitle'></span>
	</div>
	<div class='headerForeground'>
		<span class='siteTitle' refresh='content' tiddler='SiteTitle'></span>&nbsp;
		<span class='siteSubtitle' refresh='content' tiddler='SiteSubtitle'></span>
	</div>
</div>
<!-- horizontal MainMenu -->
<div id='topMenu' refresh='content' tiddler='MainMenu'></div>
<!-- original MainMenu menu -->
<!-- <div id='mainMenu' refresh='content' tiddler='MainMenu'></div> -->
<div id='sidebar'>
	<div id='sidebarOptions' refresh='content' tiddler='SideBarOptions'></div>
	<div id='sidebarTabs' refresh='content' force='true' tiddler='SideBarTabs'></div>
</div>
<div id='displayArea'>
	<div id='messageArea'></div>
	<div id='tiddlerDisplay'></div>
</div>
<!--}}}-->

!ViewTemplate
<!--{{{-->
[[MptwTheme##ViewTemplateToolbar]]

<div class="tagglyTagged" macro="tags"></div>

<div class='titleContainer'>
	<span class='title' macro='view title'></span>
	<span macro="miniTag"></span>
</div>

<div class='subtitle'>
	(updated <span macro='view modified date {{config.mptwDateFormat?config.mptwDateFormat:"MM/0DD/YY"}}'></span>
	by <span macro='view modifier link'></span>)
	<!--
	(<span macro='message views.wikified.createdPrompt'></span>
	<span macro='view created date {{config.mptwDateFormat?config.mptwDateFormat:"MM/0DD/YY"}}'></span>)
	-->
</div>

<div macro="showWhen tiddler.tags.containsAny(['css','html','pre','systemConfig']) && !tiddler.text.match('{{'+'{')">
	<div class='viewer'><pre macro='view text'></pre></div>
</div>
<div macro="else">
	<div class='viewer' macro='view text wikified'></div>
</div>

<div class="tagglyTagging" macro="tagglyTagging"></div>

<!--}}}-->

!ViewTemplateToolbar
<!--{{{-->
<div class='toolbar'>
	<span macro="showWhenTagged systemConfig">
		<span macro="toggleTag systemConfigDisable . '[[disable|systemConfigDisable]]'"></span>
	</span>
	<span macro="showWhenTagged systemTheme"><span macro="applyTheme"></span></span>
	<span macro="showWhenTagged systemPalette"><span macro="applyPalette"></span></span>
	<span macro="showWhen tiddler.tags.contains('css') || tiddler.title == 'StyleSheet'"><span macro="refreshAll"></span></span>
	<span style="padding:1em;"></span>
	<span macro='toolbar closeTiddler closeOthers +editTiddler deleteTiddler > fields syncing permalink references jump'></span> <span macro='newHere label:"new here"'></span>
	<span macro='newJournalHere {{config.mptwJournalFormat?config.mptwJournalFormat:"MM/0DD/YY"}}'></span>
</div>
<!--}}}-->

!EditTemplate
<!--{{{-->
<div class="toolbar" macro="toolbar +saveTiddler saveCloseTiddler closeOthers -cancelTiddler cancelCloseTiddler deleteTiddler"></div>
<div class="title" macro="view title"></div>
<div class="editLabel">Title</div><div class="editor" macro="edit title"></div>
<div macro='annotations'></div>
<div class="editLabel">Content</div><div class="editor" macro="edit text"></div>
<div class="editLabel">Tags</div><div class="editor" macro="edit tags"></div>
<div class="editorFooter"><span macro="message views.editor.tagPrompt"></span><span macro="tagChooser"></span></div>
<!--}}}-->

!StyleSheet
/*{{{*/

/* a contrasting background so I can see where one tiddler ends and the other begins */
body {
	background: [[ColorPalette::TertiaryLight]];
}

/* sexy colours and font for the header */
.headerForeground {
	color: [[ColorPalette::PrimaryPale]];
}
.headerShadow, .headerShadow a {
	color: [[ColorPalette::PrimaryMid]];
}

/* separate the top menu parts */
.headerForeground, .headerShadow {
	padding: 1em 1em 0;
}

.headerForeground, .headerShadow {
	font-family: 'Trebuchet MS' sans-serif;
	font-weight:bold;
}
.headerForeground .siteSubtitle {
	color: [[ColorPalette::PrimaryLight]];
}
.headerShadow .siteSubtitle {
	color: [[ColorPalette::PrimaryMid]];
}

/* make shadow go and down right instead of up and left */
.headerShadow {
	left: 1px;
	top: 1px;
}

/* prefer monospace for editing */
.editor textarea, .editor input {
	font-family: 'Consolas' monospace;
	background-color:[[ColorPalette::TertiaryPale]];
}


/* sexy tiddler titles */
.title {
	font-size: 250%;
	color: [[ColorPalette::PrimaryLight]];
	font-family: 'Trebuchet MS' sans-serif;
}

/* more subtle tiddler subtitle */
.subtitle {
	padding:0px;
	margin:0px;
	padding-left:1em;
	font-size: 90%;
	color: [[ColorPalette::TertiaryMid]];
}
.subtitle .tiddlyLink {
	color: [[ColorPalette::TertiaryMid]];
}

/* a little bit of extra whitespace */
.viewer {
	padding-bottom:3px;
}

/* don't want any background color for headings */
h1,h2,h3,h4,h5,h6 {
	background-color: transparent;
	color: [[ColorPalette::Foreground]];
}

/* give tiddlers 3d style border and explicit background */
.tiddler {
	background: [[ColorPalette::Background]];
	border-right: 2px [[ColorPalette::TertiaryMid]] solid;
	border-bottom: 2px [[ColorPalette::TertiaryMid]] solid;
	margin-bottom: 1em;
	padding:1em 2em 2em 1.5em;
}

/* make options slider look nicer */
#sidebarOptions .sliderPanel {
	border:solid 1px [[ColorPalette::PrimaryLight]];
}

/* the borders look wrong with the body background */
#sidebar .button {
	border-style: none;
}

/* this means you can put line breaks in SidebarOptions for readability */
#sidebarOptions br {
	display:none;
}
/* undo the above in OptionsPanel */
#sidebarOptions .sliderPanel br {
	display:inline;
}

/* horizontal main menu stuff */
#displayArea {
	margin: 1em 15.7em 0em 1em; /* use the freed up space */
}
#topMenu br {
	display: none;
}
#topMenu {
	background: [[ColorPalette::PrimaryMid]];
	color:[[ColorPalette::PrimaryPale]];
}
#topMenu {
	padding:2px;
}
#topMenu .button, #topMenu .tiddlyLink, #topMenu a {
	margin-left: 0.5em;
	margin-right: 0.5em;
	padding-left: 3px;
	padding-right: 3px;
	color: [[ColorPalette::PrimaryPale]];
	font-size: 115%;
}
#topMenu .button:hover, #topMenu .tiddlyLink:hover {
	background: [[ColorPalette::PrimaryDark]];
}

/* make 2.2 act like 2.1 with the invisible buttons */
.toolbar {
	visibility:hidden;
}
.selected .toolbar {
	visibility:visible;
}

/* experimental. this is a little borked in IE7 with the button 
 * borders but worth it I think for the extra screen realestate */
.toolbar { float:right; }

/* fix for TaggerPlugin. from sb56637. improved by FND */
.popup li .tagger a {
   display:inline;
}

/* makes theme selector look a little better */
#sidebarOptions .sliderPanel .select .button {
  padding:0.5em;
  display:block;
}
#sidebarOptions .sliderPanel .select br {
	display:none;
}

/* make it print a little cleaner */
@media print {
	#topMenu {
		display: none ! important;
	}
	/* not sure if we need all the importants */
	.tiddler {
		border-style: none ! important;
		margin:0px ! important;
		padding:0px ! important;
		padding-bottom:2em ! important;
	}
	.tagglyTagging .button, .tagglyTagging .hidebutton {
		display: none ! important;
	}
	.headerShadow {
		visibility: hidden ! important;
	}
	.tagglyTagged .quickopentag, .tagged .quickopentag {
		border-style: none ! important;
	}
	.quickopentag a.button, .miniTag {
		display: none ! important;
	}
}

/* get user styles specified in StyleSheet */
[[StyleSheet]]

/*}}}*/
|Name|MptwTrim|
|Description|Mptw Theme with a reduced header to increase useful space|
|ViewTemplate|MptwTheme##ViewTemplate|
|EditTemplate|MptwTheme##EditTemplate|
|StyleSheet|MptwTheme##StyleSheet|
|PageTemplate|##PageTemplate|

!PageTemplate
<!--{{{-->

<!-- horizontal MainMenu -->
<div id='topMenu' macro='gradient vert [[ColorPalette::PrimaryLight]] [[ColorPalette::PrimaryMid]]'>
<span refresh='content' tiddler='SiteTitle' style="padding-left:1em;font-weight:bold;"></span>:
<span refresh='content' tiddler='MainMenu'></span>
</div>
<div id='sidebar'>
	<div id='sidebarOptions'>
		<div refresh='content' tiddler='SideBarOptions'></div>
		<div style="margin-left:0.1em;"
			macro='slider chkTabSliderPanel SideBarTabs {{"tabs \u00bb"}} "Show Timeline, All, Tags, etc"'></div>
	</div>
</div>
<div id='displayArea'>
	<div id='messageArea'></div>
	<div id='tiddlerDisplay'></div>
</div>
For upgrading. See [[ImportTiddlers]].
URL: http://mptw.tiddlyspot.com/upgrade.html
/***
|Description:|A place to put your config tweaks so they aren't overwritten when you upgrade MPTW|
See http://www.tiddlywiki.org/wiki/Configuration_Options for other options you can set. In some cases where there are clashes with other plugins it might help to rename this to zzMptwUserConfigPlugin so it gets executed last.
***/
//{{{

// example: set your preferred date format
//config.mptwDateFormat = 'MM/0DD/YY';
//config.mptwJournalFormat = 'Journal MM/0DD/YY';

// example: set the theme you want to start with
//config.options.txtTheme = 'MptwRoundTheme';

// example: switch off autosave, switch on backups and set a backup folder
//config.options.chkSaveBackups = true;
//config.options.chkAutoSave = false;
//config.options.txtBackupFolder = 'backups';

//}}}
 Use the mount command to mount a shared NFS directory from another machine:

mount shadowman.example.com:/misc/export /misc/local

Warning	Warning
 	

The mount point directory on local machine (/misc/local in the above example) must exist.

In this command, shadowman.example.com is the hostname of the NFS fileserver, /misc/export is the directory that shadowman is exporting, and /misc/local is the location to mount the file system on the local machine. After the mount command runs (and if the client has proper permissions from the shadowman.example.com NFS server) the client user can execute the command ls /misc/local to display a listing of the files in /misc/export on shadowman.example.com. 
View the current operations master role holders

Updated: March 2, 2005

Once an operations master role has been transferred, it should be verified that the transfer has occurred successfully throughout the domain. The change must be replicated to all relevant domain members in order to truly take effect.

To view the current operations master role holders, use Ntdsutil.exe with the roles option. This option displays a list of all current role holders.

Administrative Credentials

To perform this procedure, you must be logged on as a User or an Administrator.
To view the current operations master role holder

   1.

      Click Start, click Run, type ntdsutil, and then press ENTER.
   2.

      At the ntdsutil: prompt, type roles and press ENTER.
   3.

      At the fsmo maintenance: prompt, type connections and press ENTER.
   4.

      At the server connections: prompt, type connect to server servername (where servername is the name of the domain controller that belongs to the domain containing the operations masters).
   5.

      After receiving confirmation of the connection, type quit and press ENTER to exit this menu.
   6.

      At the fsmo maintenance: prompt, type select operation target and press ENTER.
   7.

      At the select operations target: prompt, type list roles for connected server and press ENTER.

      The system responds with a list of the current roles and the Lightweight Directory Access Protocol (LDAP) name of the domain controllers currently assigned to host each role.
   8.

      Type quit and press ENTER to exit each prompt in Ntdsutil.exe. Type quit and press ENTER at the ntdsutil: prompt to close the window.

Your System event log contains:

Event ID: 7000

Event Source: Service Control Manager

Description: The Network Load Balancing service failed to start due to the following error:

The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Network Load Balancing is not installed?

Use Regedt32 to remove the following registry keys, if they exist:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\WLBS

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WLBS
{{{
nsr_render_log <filename>
}}}

backups == nsrmedisv.raw
recovers == nsrmeidrc.raw

{{{

F:\>nsr_render_log --help

Usage:  nsr_render_log [-acdehlmoptyz] 
[-L locale] 
[-S starttimestamp] 
[-E endtimestamp] 
[-N no of lines] 
[-x exportspec] 
[-T Threadid] 
[-P processid] 
[-O programname] 
[-B StartLineNo] 
[-M message id] 
[-G groupname] 
[-H host name] 
[-J hostname_referenced] 
[-A activityID] 
[-C category] 
[-F devicename] 
[-Y severity]  
log_file_name
}}}

To render all lines since yesterday
{{{
nsr_render_log -S 12/11/2011 nsrmedirc.raw > nsrmedirc.log
}}}


!skip missing files
{{{
save -a '"ignore-all-missing-system-files=yes"'
}}}
append "-c <fqdn proxy host>" to the shortcut parameters
/***
|Name:|NewHerePlugin|
|Description:|Creates the new here and new journal macros|
|Version:|3.0 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#NewHerePlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{
merge(config.macros, {
	newHere: {
		handler: function(place,macroName,params,wikifier,paramString,tiddler) {
			wikify("<<newTiddler "+paramString+" tag:[["+tiddler.title+"]]>>",place,null,tiddler);
		}
	},
	newJournalHere: {
		handler: function(place,macroName,params,wikifier,paramString,tiddler) {
			wikify("<<newJournal "+paramString+" tag:[["+tiddler.title+"]]>>",place,null,tiddler);
		}
	}
});

//}}}
/***
|Name:|NewMeansNewPlugin|
|Description:|If 'New Tiddler' already exists then create 'New Tiddler (1)' and so on|
|Version:|1.1 ($Rev: 2263 $)|
|Date:|$Date: 2007-06-13 04:22:32 +1000 (Wed, 13 Jun 2007) $|
|Source:|http://mptw.tiddlyspot.com/empty.html#NewMeansNewPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Note: I think this should be in the core
***/
//{{{

String.prototype.getNextFreeName = function() {
       var numberRegExp = / \(([0-9]+)\)$/;
       var match = numberRegExp.exec(this);
       if (match) {
               var num = parseInt(match[1]) + 1;
               return this.replace(numberRegExp," ("+num+")");
       }
       else {
               return this + " (1)";
       }
}

config.macros.newTiddler.checkForUnsaved = function(newName) {
	var r = false;
	story.forEachTiddler(function(title,element) {
		if (title == newName)
			r = true;
	});
	return r;
}

config.macros.newTiddler.getName = function(newName) {
       while (store.getTiddler(newName) || config.macros.newTiddler.checkForUnsaved(newName))
               newName = newName.getNextFreeName();
       return newName;
}


config.macros.newTiddler.onClickNewTiddler = function()
{
	var title = this.getAttribute("newTitle");
	if(this.getAttribute("isJournal") == "true") {
		var now = new Date();
		title = now.formatString(title.trim());
	}

	title = config.macros.newTiddler.getName(title); // <--- only changed bit

	var params = this.getAttribute("params");
	var tags = params ? params.split("|") : [];
	var focus = this.getAttribute("newFocus");
	var template = this.getAttribute("newTemplate");
	var customFields = this.getAttribute("customFields");
	story.displayTiddler(null,title,template,false,null,null);
	var tiddlerElem = document.getElementById(story.idPrefix + title);
	if(customFields)
		story.addCustomFields(tiddlerElem,customFields);
	var text = this.getAttribute("newText");
	if(typeof text == "string")
		story.getTiddlerField(title,"text").value = text.format([title]);
	for(var t=0;t<tags.length;t++)
		story.setTiddlerTag(title,tags[t],+1);
	story.focusTiddler(title,focus);
	return false;
};

//}}}
Create Alias
{{{
fcalias name stor-array-processor-a vsan XXX
member pwwn AA:BB:CC:DD:EE:FF:00:11
}}}
Create Zone
{{{
zone name first-new-zone vsan XXX
member fcalias stor-array-processor-a
member fcalias server-hba
}}}
Add Zone to Zoneset
{{{
zoneset new-zoneset vsan XXX
member first-new-zone
member second-new-zone
}}}

Example
{{{
!Info from ESX server
/proc/scsi/qla2xxx/12
Host Device Name vmhba5
scsi-qla3-adapter-node=200000c0dd1c3cc3:bf0012:1;
scsi-qla3-adapter-port=210000c0dd1c3cc3:bf0012:1;

/proc/scsi/qla2xxx/9
Host Device Name vmhba2
scsi-qla0-adapter-node=200000c0dd1b6d41:bf0010:1;
scsi-qla0-adapter-port=210000c0dd1b6d41:bf0010:1;

!Infor from Nexus
vfc23            11    0xbf0010  21:00:00:c0:dd:1b:6d:41 20:00:00:c0:dd:1b:6d:41
vfc24            11    0xbf0012  21:00:00:c0:dd:1c:3c:c3 20:00:00:c0:dd:1c:3c:c3


!Create Aliases
fcalias name Site01_ESX06_VMHBA2 vsan 11
member pwwn 21:00:00:c0:dd:1b:6d:41
fcalias name Site01_ESX06_VMHBA5 vsan 11
member pwwn 21:00:00:c0:dd:1c:3c:c3

!Create Zones
zone name Site01_ESX06_VMHBA2_CX4_240_SPA0 vsan 11
member fcalias CX4_240_SPA0 vsan 11
member fcalias Site01_ESX06_VMHBA2 vsan 11

zone name Site01_ESX06_VMHBA2_CX4_240_SPB1 vsan 11
member fcalias CX4_240_SPB1 vsan 11
member fcalias Site01_ESX06_VMHBA2 vsan 11

zone name Site01_ESX06_VMHBA5_CX4_240_SPA0 vsan 11
member fcalias CX4_240_SPA0 vsan 11
member fcalias Site01_ESX06_VMHBA5 vsan 11

zone name Site01_ESX06_VMHBA5_CX4_240_SPB1 vsan 11
member fcalias CX4_240_SPB1 vsan 11
member fcalias Site01_ESX06_VMHBA5 vsan 11

!Add Zones to Zoneset
zoneset name VSAN11 vsan 11
member Site01_ESX06_VMHBA2_CX4_240_SPA0
member Site01_ESX06_VMHBA2_CX4_240_SPB1 
member Site01_ESX06_VMHBA5_CX4_240_SPA0 
member Site01_ESX06_VMHBA5_CX4_240_SPB1 

!Activate Zoneset
zoneset activate name VSAN11 vsan 11
}}}
ONT: Optical Network Terminal
ONT is an media converter that is installed by Verizon either outside or inside your home, during the FiOS installation. This device will convert fiber-optic/light to copper (which is installed in your home, currently).
#Create incident
#Create change 
#Create request for CE to access site
208.67.222.222
208.67.220.220

http://www.opendns.com/start/
OpenFiler local LDAP server setup

OpenFiler is a powerful open-source NAS/SAN system based on rPath Linux. You can use an old PC to load up OpenFiler to use as file server.

OpenFile uses LDAP/AD server for authentication only. For local users, you must setup a local LDAP for authentication.

- Click "Services" and then "LDAP Setup" on the right.
- Click "Clear LDAP" and then "Yes".
- Click "Rebuild LDAP".
- Click "Accounts"
- Check the box next to "Use LDAP"
- In the LDAP section set the following values:
- Local LDAP Server: Checked
- Use TLS: Unchecked
- Server: 127.0.0.1
- Base DN: "dc=openfiler,dc=local"
- Root bind DN: "cn=Manager,dc=openfiler,dc=local"
- Root bind password: "password"
- Login SMB server to root DN: Checked
- Allow user to change password: Checked
- Click "Submit" at the bottom of the page.
- Check the "Services" tab to see if the "LDAP Server" service is running (it should have started automatically)
- Click "Accounts" and then "Administration" and you should be able to start adding groups and users.
from: http://office.microsoft.com/en-us/outlook/HP010031101033.aspx


The command that starts Microsoft Outlook is Outlook.exe. A command-line switch is the addition of a forward slash (/) followed by the switch name and any parameters the switch has.

ShowHow to use switches

   1. Search for the Microsoft Outlook executable file, Outlook.exe, and make a note of the path to Outlook.exe. For example, the path might be C:\Program Files\Microsoft Office\Office11\Outlook.exe.
   2. Click Start, and then click Run.
   3. In the Open box, type the complete path you noted in step 1, including the file name. Press the SPACEBAR once, and then type a forward slash mark (/) followed by the switch.

      For example, if you want to use the CleanReminders switch, the command you type in the Open box should look like this:
      "C:\Program Files\Microsoft Office\Office11\Outlook.exe" /Cleanreminders

       Note   Paths that include spaces between words must be enclosed in quotation marks (") and are case sensitive.
   4. To run the command, click OK.

HideSwitch reference
Switch	Description

/a
	

Creates an item with the specified file as an attachment.

Example:

    * "C:\Program Files\Microsoft Office\Office11\Outlook.exe" /a "C:\My Documents\labels.doc"

If no item type is specified, IPM.Note is assumed. Cannot be used with message classes that aren't based on Outlook.

/altvba otmfilename
	

Opens the VBA program specified in otmfilename, rather than %appdata%\Microsoft\Outlook\VbaProject.OTM.

/c messageclass
	

Creates a new item of the specified message class (Outlook forms or any other valid MAPI form).

Examples:

    * /c ipm.activity creates a Journal entry
    * /c ipm.appointment creates an appointment
    * /c ipm.contact creates a contact
    * /c ipm.note creates an e-mail message
    * /c ipm.stickynote creates a note
    * /c ipm.task creates a task

/checkclient
	

Prompts for the default manager of e-mail, news, and contacts.

/cleanclientrules
	

Starts Outlook and deletes client-based rules.

/cleandmrecords
	

Deletes the logging records saved when a manager or a delegate declines a meeting.

/cleanfinders
	

Removes Search Folders from the Microsoft Exchange server store.

/cleanfreebusy
	

Clears and regenerates free/busy information. This switch can only be used when you are able to connect to your Microsoft Exchange server.

/cleanprofile
	

Removes invalid profile keys and recreates default registry keys where applicable.

/cleanpst
	

Launches Outlook with a clean Personal Folders file (.pst) (Personal Folders file (.pst): Data file that stores your messages and other items on your computer. You can assign a .pst file to be the default delivery location for e-mail messages. You can use a .pst to organize and back up items for safekeeping.).

/cleanreminders
	

Clears and regenerates reminders.

/cleanrules
	

Starts Outlook and deletes client- and server-based rules.

/cleanschedplus
	

Deletes all Schedule+ data (free/busy, permissions, and .cal file) from the server and enables the free/busy information from the Outlook Calendar to be used and viewed by all Schedule+ 1.0 users.

/cleanserverrules
	

Starts Outlook and deletes server-based rules.

/cleansniff
	

Deletes duplicate reminder messages.

/cleansubscriptions
	

Deletes the subscription messages and properties for subscription features.

/cleanviews
	

Restores default views. All custom views you created are lost.

/designer
	

Starts Outlook without figuring out if Outlook should be the default client in the first run.

/embedding
	

Opens the specified message file (.msg) as an OLE embedding. Also used without command-line parameters for standard OLE co-create.

/f msgfilename
	

Opens the specified message file (.msg) or Microsoft Office saved search (.oss).

/firstrun
	

Starts Outlook as if it were run for the first time.

/hol holfilename
	

Opens the specified .hol file.

/ical icsfilename
	

Opens the specified .ics file.

/importprf prffilename
	

Launches Outlook and opens/imports the defined MAPI profile (*.prf). If Outlook is already open, queues the profile to be imported on the next clean launch.

/l olkfilename
	

Opens the specified .olk file.

/launchtraininghelp assetid
	

Opens a Help window with the Help topic specified in assetid.

/m emailname
	

Provides a way for the user to add an e-mail name to the item. Only works in conjunction with the /c command-line parameter.

Example:

    * Outlook.exe /c ipm.note /m emailname

/nocustomize
	

Starts Outlook without loading outcmd.dat (customized toolbars) and *.fav file.

/noextensions
	

Starts Outlook with extensions turned off, but listed in the Add-In Manager.

/nopollmail
	

Starts Outlook without checking mail at startup.

/nopreview
	

Starts Outlook with the Reading Pane off.

/p msgfilename
	

Prints the specified message (.msg). Does not work with HTML.

/profile profilename
	

Loads the specified profile. If your profile name contains a space, enclose the profile name in quotation marks (").

/profiles
	

Opens the Choose Profile dialog box regardless of the Options setting on the Tools menu.

/recycle
	

Starts Outlook using an existing Outlook window, if one exists. Used in combination with /explorer or /folder.

/resetfoldernames
	

Resets default folder names (such as Inbox or Sent Items) to default names in the current Office user interface language.

For example, if you first connect to your mailbox Outlook using a Russian user interface, the Russian default folder names cannot be renamed. To change the default folder names to another language such as Japanese or English, you can use this switch to reset the default folder names after changing the user interface language or installing a different language version of Outlook.

/resetfolders
	

Restores missing folders for the default delivery location.

/resetnavpane
	

Clears and regenerates the Navigation Pane for the current profile.

/rpcdiag
	

Opens Outlook and displays the remote procedure call (RPC) connection status dialog.

/s filename
	

Loads the specified shortcuts file (.fav).

/safe
	

Starts Outlook without extensions, Reading Pane, or toolbar customization.

/safe:1
	

Starts Outlook with the Reading Pane off.

/safe:2
	

Starts Outlook without checking mail at startup.

/safe:3
	

Starts Outlook with extensions turned off, but listed in the Add-In Manager.

/safe:4
	

Starts Outlook without loading Outcmd.dat (customized toolbars) and *.fav file.

/select foldername
	

Starts Outlook and opens the specified folder in a new window. For example, to open Outlook and display the default calendar use: "c:\Program Files\Microsoft Office\Office11\Outlook.exe" /select outlook:calendar

/sniff
	

Starts Outlook and forces a detection of new meeting requests in the Inbox, and then adds them to the calendar.

/t oftfilename
	

Opens the specified .oft file.

/v vcffilename
	

Opens the specified .vcf file.

/vcal vcsfilename
	

Opens the specified .vcs file.

/x xnkfilename
	

Opens the specified .xnk file.
Was this information helpful?
*reset local admin password
**see tcccinfo for password
*reset local user "user" password
**i generally use the location: auburn, cortland...
*confirm windows update set to automatically download and install
*internet explorer lockdown
**set home page to http://www.flsmiledocs.com 
**add flsmiledocs.com and invisalign to links folder
**copy proxy.pac from http://www.compcenter.com/public/ortho/proxy.pac to c:\proxy\proxy.pac
**set inet options proxy script file://c:/proxy/proxy.pac
**confirm that websites fail
*email lockdown (only if user uses email!)
**install mozilla thunderbird (http://www.mozilla.com/products/download.html?product=thunderbird-2.0.0.0&os=win&lang=en-US)
**import settings from outlook express during first run
**use Mail Pass View from http://www.nirsoft.net/password_recovery_tools.html to determine user's password if it is unknown
*im lockdown (only if user uses im)
**install pidgin (http://downloads.sourceforge.net/pidgin/pidgin-2.0.1.exe)
**determine username from msn
**use MessenPass from http://www.nirsoft.net/password_recovery_tools.html to determine user's im password, or reset it at Windows Live website
*app uninstalls
**uninstall MSN Messenger (though i've done this, and it still shows)
***control panel > add/remove programs > add/remove windows components
**uninstall outlook express
***control panel > add/remove programs > add/remove windows components
*disable access to connections tab in internet options
***run gpedit.msc
***navigate to User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel.
***enable "Disable Connections Tab"
**or
***to disable connections tab run http://www.compcenter.com/public/ortho/remove-connectionstab.reg
***to enable connections tab run http://www.compcenter.com/public/ortho/add-connectionstab.reg
*remove local user from local administrators group
*test email
*test im
*test internet access
*test access to connections tab
Site: http://www.accesspdf.com/index.php?topic=pdftk

cat two pdf files:
{{{
pdftk in1.pdf in2.pdf cat output out1.pdf
}}}
{{{
pdftk.exe *.pdf cat output outputname.pdf
}}}
Summary:
{{{
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authorization command LOCAL
username user1 password TUgFoweE932kS0z  privilege 15
username user2 password TUgFoweE932kS0z  privilege 15
}}}

PIX Authentication Using Local User Database (and Kiwi CatTools)

So here's the scenario I ran into...I just set up a new client for managed network services (where my company (AdTEC Networks) is doing the management). This client happened to have some fairly technical people on staff who wanted privileged mode access to the PIX firewall. No problemo...that is, until I received phone calls with people screaming, "THE NETWORK IS DOWN!!!"

There I am, feeling a cold drip of sweat trickling down the side of my face, scrolling through a running config on a PIX firewall. Aha! Who put that command there?!?! After removing the 'mystery' NAT statement, the network magically works again...now who's to blame...

Of course, all my customer's network admins deny any responsibility, and since there's only a single username / password combination on the PIX (and enable password), there was no way of telling who was responsible. It's time for deeper authentication on the PIX firewall.

Three commands to make this happen:

aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authorization command LOCAL

Then create your user accounts using this syntax:

username user1 password TUgFoweE932kS0z encrypted privilege 15
username user2 password TUgFoweE932kS0z encrypted privilege 15
...and so on

Here's the powerful result: The users now log in using their own username (i.e. user1 and user2 in this case) rather than the generic "pix" and their own password. The ultra-cool thing (in my opinion) is that second command "aaa authentication enable console LOCAL" - it synchronizes the enable password with the user account, so the admin can use the same password for the SSH/Telnet session as they do to access enable mode. Sweet!

Last, but not least, pick up a copy of Kiwi CatTools. This AWESOME (and cheap - free for 5 devices) utility does configuration change management. Now, if the configuration changes, I get an email showing me what changed and who made the changes. Niiice.


from http://www.ciscoblog.com/archives/2006/09/pix_authenticat.html
interface ethernet0 100full
pixfirewall#copy tftp flash 
Address or name of remote host [127.0.0.1]? 172.18.125.3 
Source file name [cdisk]?pix611.bin 
copying tftp://172.18.125.3/pix611.bin to flash
[yes|no|again]?yes 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
Received 2562048 bytes. 
Erasing current image. 
Writing 2469944 bytes of image. 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
Image installed. 
pixfirewall# 
{{{
>Get-Command | where { $_.parameters.keys -contains "computername" }

CommandType     Name                                      Definition
-----------     ----                                      ----------
Cmdlet          Clear-EventLog                            Clear-EventLog [-LogName] <String[]> [..
Cmdlet          Connect-WSMan                             Connect-WSMan [[-ComputerName] <String..
Cmdlet          Disconnect-WSMan                          Disconnect-WSMan [[-ComputerName] <Str..
Cmdlet          Enter-PSSession                           Enter-PSSession [-ComputerName] <Strin..
Alias           etsn                                      Enter-PSSession
Cmdlet          Get-Counter                               Get-Counter [[-Counter] <String[]>] [-..
Cmdlet          Get-EventLog                              Get-EventLog [-LogName] <String> [[-In..
Cmdlet          Get-HotFix                                Get-HotFix [[-Id] <String[]>] [-Comput..
Cmdlet          Get-Process                               Get-Process [[-Name] <String[]>] [-Com..
Cmdlet          Get-PSSession                             Get-PSSession [[-ComputerName] <String..
Cmdlet          Get-Service                               Get-Service [[-Name] <String[]>] [-Com..
Cmdlet          Get-WinEvent                              Get-WinEvent [[-LogName] <String[]>] [..
Cmdlet          Get-WmiObject                             Get-WmiObject [-Class] <String> [[-Pro..
Cmdlet          Get-WSManInstance                         Get-WSManInstance [-ResourceURI] <Uri>..
Alias           gps                                       Get-Process
Alias           gsn                                       Get-PSSession
Alias           gsv                                       Get-Service
Alias           gwmi                                      Get-WmiObject
Alias           icm                                       Invoke-Command
Cmdlet          Invoke-Command                            Invoke-Command [-ScriptBlock] <ScriptB..
Cmdlet          Invoke-WmiMethod                          Invoke-WmiMethod [-Class] <String> [-N..
Cmdlet          Invoke-WSManAction                        Invoke-WSManAction [-ResourceURI] <Uri..
Alias           iwmi                                      Invoke-WMIMethod
Cmdlet          Limit-EventLog                            Limit-EventLog [-LogName] <String[]> [..
Cmdlet          New-EventLog                              New-EventLog [-LogName] <String> [-Sou..
Cmdlet          New-PSSession                             New-PSSession [[-ComputerName] <String..
Cmdlet          New-WSManInstance                         New-WSManInstance [-ResourceURI] <Uri>..
Alias           nsn                                       New-PSSession
Alias           ps                                        Get-Process
Alias           rcjb                                      Receive-Job
Cmdlet          Receive-Job                               Receive-Job [-Job] <Job[]> [[-Location..
Cmdlet          Register-WmiEvent                         Register-WmiEvent [-Class] <String> [[..
Cmdlet          Remove-EventLog                           Remove-EventLog [-LogName] <String[]> ..
Cmdlet          Remove-PSSession                          Remove-PSSession [-Id] <Int32[]> [-Ver..
Cmdlet          Remove-WmiObject                          Remove-WmiObject [-Class] <String> [-A..
Cmdlet          Remove-WSManInstance                      Remove-WSManInstance [-ResourceURI] <U..
Cmdlet          Restart-Computer                          Restart-Computer [[-ComputerName] <Str..
Alias           rsn                                       Remove-PSSession
Alias           rwmi                                      Remove-WMIObject
Cmdlet          Set-Service                               Set-Service [-Name] <String> [-Compute..
Cmdlet          Set-WmiInstance                           Set-WmiInstance [-Class] <String> [[-A..
Cmdlet          Set-WSManInstance                         Set-WSManInstance [-ResourceURI] <Uri>..
Cmdlet          Show-EventLog                             Show-EventLog [[-ComputerName] <String..
Cmdlet          Stop-Computer                             Stop-Computer [[-ComputerName] <String..
Alias           swmi                                      Set-WMIInstance
Cmdlet          Test-Connection                           Test-Connection [-ComputerName] <Strin..
Cmdlet          Test-WSMan                                Test-WSMan [[-ComputerName] <String>] ..
Cmdlet          Write-EventLog                            Write-EventLog [-LogName] <String> [-S..
}}}
Documentation: 
http://www.openideas.info/wiki/index.php?title=Pandora_2.0:Documentation_en:Introduction
|Total Available|73728|
|/|10240|
|/boot|256|
|swap|1600|
|/var|5120|
|/tmp|2048|
|/opt|5120|
|(vmcore)|103|
|/home|5120|
|vmfs|rest|
http://www.tech-archive.net/Archive/Windows/microsoft.public.windows.terminal_services/2008-01/msg00430.html

http://support.microsoft.com/?kbid=186498
{{{
#!/bin/bash
# author: Jeff Wardlaw
# email: jeff@urgo.org

# list of hosts to ping
# add ip / hostname separated by while space
HOSTS="10.1.1.1 10.1.1.12"

# # of pings
COUNT=5

EMAILID="me@mydomain.org"

for myHost in $HOSTS
do
  ping -c $COUNT $myHost > /dev/null
  if [ $? -ne 0 ]; then   # Test exit status of "ping" command.
        echo "host:$myHost failed icmp connectivity test at $(date)" | mail -s "ISPNAME icmp connectivty failed $(date)" -t $EMAILID
  fi
done

}}}

!!!Note:
When running this script I kept getting:
{{{
+ mail -s 'FLTG icmp connectivty failed Wed Aug 20 16:05:33 EDT 2008'
Cannot parse address `10.1.1.1 failed icmp connectivity test at Wed Aug 20 16:05:33 EDT 2008' (while expanding `10.1.1.1 failed icmp connectivity test at Wed Aug 20 16:05:33 EDT 2008'): Format of RFC822 object is bad
+ netadmins@cayugamed.org
./fltgpingtest.bash: line 20: netadmins@cayugamed.org: command not found
}}}
It's because stupid nano added a cr to the end of the mail line.
Edited it vi, joined the two lines, it worked.
{{{
#!/bin/bash
# Simple SHELL script for Linux and UNIX system monitoring with
# ping command
# -------------------------------------------------------------------------
# Copyright (c) 2006 nixCraft project <http://www.cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Setup email ID below
# See URL for more info:
# http://www.cyberciti.biz/tips/simple-linux-and-unix-system-monitoring-with-ping-command-and-scripts.html
# -------------------------------------------------------------------------
 
# add ip / hostname separated by while space
HOSTS="cyberciti.biz theos.in router"
 
# no ping request
COUNT=1
 
# email report when
SUBJECT="Ping failed"
EMAILID="me@mydomain.com"
for myHost in $HOSTS
do
  count=$(ping -c $COUNT $myHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }')
  if [ $count -eq 0 ]; then
    # 100% failed
    echo "Host : $myHost is down (ping failed) at $(date)" | mail -s "$SUBJECT" $EMAILID
  fi
done
}}}
{{{
access-list Net1-PAT extended permit ip a.b.c.d 255.255.255.0 any
nat (inside) 10 access-list Net1-PAT
global (outside) 10 z.x.y.w
}}}
Definitions:
#Mirror Port: the port that receives monitored traffic
#Monitored Port: the port that sends traffic to the mirror port

{{{
StackMbr-2# conf t
StackMbr-2(config)# mirror-port 11
StackMbr-2(config)# int 12 monitor
StackMbr-2(config)#
StackMbr-2#
StackMbr-2# sh mon

 Network Monitoring Port

  Mirror Port: 11

  Monitoring sources
  ------------------
  12


StackMbr-2#

}}}
{{{
#Connect to your vcenter server
connect-viserver -server yourvcenterservername

#Put ESX host into maintenance mode
Set-VMHost -vmhost youresxservername -state maintenance

#Take ESX host out of maintenance mode
Set-VMHost -vmhost youresxservername -state connected

#Reboot your ESX host  (must be in maintenance mode or also use -force in the command)
Restart-VMHost -vmhost youresxservername
}}}
{{{
gwmi blahblah | format-list *
}}}
{{{
enable-psremoting -force
set-item wsman:localhost\client\trustedhosts * -force
restart-service winrm
}}}

Requires psh v2 & bits 40
Server 2008x86:
pshv2:http://download.microsoft.com/download/F/9/E/F9EF6ACB-2BA8-4845-9C10-85FC4A69B207/Windows6.0-KB968930-x86.msu
bits40: http://download.microsoft.com/download/8/F/9/8F917766-5CBA-4B9A-81FB-10A97E851392/Windows6.0-KB960568-x86.msu
Server 2008x64:
pshv2:http://download.microsoft.com/download/2/8/6/28686477-3242-4E96-9009-30B16BED89AF/Windows6.0-KB968930-x64.msu
bits40: http://download.microsoft.com/download/D/D/3/DD3CECA2-0866-4DFB-9873-16B5F354EB9F/Windows6.0-KB960568-x64.msu

Additionally: the winrm service may get screwed up try these:
# {{{winrm quickconfig}}}
# {{{enable-psremoting -force}}}
{{{
# if your user name is whatever\test

$domain = "whatever"
$strComputer = "XYZ"
$username = "test"

$computer = [ADSI]("WinNT://" + $strComputer + ",computer")
$computer.name

$Group = $computer.psbase.children.find("administrators")
$Group.name

# This will list what’s currently in Administrator Group so you can verify the result

function ListAdministrators

{$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
$members}
ListAdministrators

# Even though we are adding the AD account but we add it to local computer and so we will need to use WinNT: provider

$Group.Add("WinNT://" + $domain + "/" + $username)

ListAdministrators

$Group.Remove("WinNT://" + $domain + "/" + $username)

ListAdministrators
}}}
Dont use enter-pssession...

use 
{{{
Invoke-Command -ComputerName XYZ -FilePath c:\myscript.ps1
}}}
{{{
C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe "C:\ScheduledTaskScripts\scriptname.ps1" -noprofile -Noninteractive
}}}
{{{
Set-ExecutionPolicy RemoteSigned
}}}
!!!v1.0:
{{{
(Get-WmiObject -computer Server1 Win32_Service -filter "name='vpxd'").InvokeMethod("StartService",$null)
}}}
!!!v2.0:
{{{
PS C:\> Invoke-Command { Stop-Service -force vpxd } -Computer Server1
PS C:\> Invoke-Command { Start-Service vpxd } -Computer Server1
WARNING: Waiting for service 'VMware VirtualCenter Server (vpxd)' to finish
starting...
WARNING: Waiting for service 'VMware VirtualCenter Server (vpxd)' to finish
starting...
PS C:\>
}}}
{{{
find /n /v "" <filename>
}}}

{{{
C:\bin>find /n /v "" br.cmd

---------- BR.CMD
[1]@echo off
[2]::br.cmd
[3]setlocal enabledelayedexpansion
[4]
[5]::logfile settings
[6]call :GetDate year month day
[7]call :GetTime hour minute second hsecond
[8]set DateTimeString=%year%%month%%day%T%hour%%minute%%second%
[9]set logfile=%~f0
[10]set logfile=%logfile:~0,-4%
[11]set logfile=%logfile%%DateTimeString%.log
[12]echo %0 beginning at... > %logfile%
[13]date /t >> %logfile%
[14]time /t >> %logfile%
[15]echo logfile = %logfile% >> %logfile%
[16]echo. >> %logfile%
[17]
[18]::files to rename
[19]set rootname=rootname
[20]set filename1=CLAIM_FORMS_FILE_
[21]set dirname1=D:\ssiapp\renws\billing\uploadh
[22]
[23]::email settings
[24]set operatoremailaddress=me@domain.tld
[25]set operatoremailserver=mail3.domain.tld
[26]set emailprogram=c:\bin\blat.exe
[27]set fromaddress=server@domain.tld
[28]set emailsubject=%0 log
[29]
.
.
.
}}}
/***
|Name:|PrettyDatesPlugin|
|Description:|Provides a new date format ('pppp') that displays times such as '2 days ago'|
|Version:|1.0 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#PrettyDatesPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Notes
* If you want to you can rename this plugin. :) Some suggestions: LastUpdatedPlugin, RelativeDatesPlugin, SmartDatesPlugin, SexyDatesPlugin.
* Inspired by http://ejohn.org/files/pretty.js
***/
//{{{
Date.prototype.prettyDate = function() {
	var diff = (((new Date()).getTime() - this.getTime()) / 1000);
	var day_diff = Math.floor(diff / 86400);

	if (isNaN(day_diff))      return "";
	else if (diff < 0)        return "in the future";
	else if (diff < 60)       return "just now";
	else if (diff < 120)      return "1 minute ago";
	else if (diff < 3600)     return Math.floor(diff/60) + " minutes ago";
	else if (diff < 7200)     return "1 hour ago";
	else if (diff < 86400)    return Math.floor(diff/3600) + " hours ago";
	else if (day_diff == 1)   return "Yesterday";
	else if (day_diff < 7)    return day_diff + " days ago";
	else if (day_diff < 14)   return  "a week ago";
	else if (day_diff < 31)   return Math.ceil(day_diff/7) + " weeks ago";
	else if (day_diff < 62)   return "a month ago";
	else if (day_diff < 365)  return "about " + Math.ceil(day_diff/31) + " months ago";
	else if (day_diff < 730)  return "a year ago";
	else                      return Math.ceil(day_diff/365) + " years ago";
}

Date.prototype.formatString_orig_mptw = Date.prototype.formatString;

Date.prototype.formatString = function(template) {
	return this.formatString_orig_mptw(template).replace(/pppp/,this.prettyDate());
}

// for MPTW. otherwise edit your ViewTemplate as required.
// config.mptwDateFormat = 'pppp (DD/MM/YY)'; 
config.mptwDateFormat = 'pppp'; 

//}}}
/***
|Name:|QuickOpenTagPlugin|
|Description:|Changes tag links to make it easier to open tags as tiddlers|
|Version:|3.0.1 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#QuickOpenTagPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
***/
//{{{
config.quickOpenTag = {

	dropdownChar: (document.all ? "\u25bc" : "\u25be"), // the little one doesn't work in IE?

	createTagButton: function(place,tag,excludeTiddler) {
		// little hack so we can do this: <<tag PrettyTagName|RealTagName>>
		var splitTag = tag.split("|");
		var pretty = tag;
		if (splitTag.length == 2) {
			tag = splitTag[1];
			pretty = splitTag[0];
		}
		
		var sp = createTiddlyElement(place,"span",null,"quickopentag");
		createTiddlyText(createTiddlyLink(sp,tag,false),pretty);
		
		var theTag = createTiddlyButton(sp,config.quickOpenTag.dropdownChar,
                        config.views.wikified.tag.tooltip.format([tag]),onClickTag);
		theTag.setAttribute("tag",tag);
		if (excludeTiddler)
			theTag.setAttribute("tiddler",excludeTiddler);
    		return(theTag);
	},

	miniTagHandler: function(place,macroName,params,wikifier,paramString,tiddler) {
		var tagged = store.getTaggedTiddlers(tiddler.title);
		if (tagged.length > 0) {
			var theTag = createTiddlyButton(place,config.quickOpenTag.dropdownChar,
                        	config.views.wikified.tag.tooltip.format([tiddler.title]),onClickTag);
			theTag.setAttribute("tag",tiddler.title);
			theTag.className = "miniTag";
		}
	},

	allTagsHandler: function(place,macroName,params) {
		var tags = store.getTags(params[0]);
		var filter = params[1]; // new feature
		var ul = createTiddlyElement(place,"ul");
		if(tags.length == 0)
			createTiddlyElement(ul,"li",null,"listTitle",this.noTags);
		for(var t=0; t<tags.length; t++) {
			var title = tags[t][0];
			if (!filter || (title.match(new RegExp('^'+filter)))) {
				var info = getTiddlyLinkInfo(title);
				var theListItem =createTiddlyElement(ul,"li");
				var theLink = createTiddlyLink(theListItem,tags[t][0],true);
				var theCount = " (" + tags[t][1] + ")";
				theLink.appendChild(document.createTextNode(theCount));
				var theDropDownBtn = createTiddlyButton(theListItem," " +
					config.quickOpenTag.dropdownChar,this.tooltip.format([tags[t][0]]),onClickTag);
				theDropDownBtn.setAttribute("tag",tags[t][0]);
			}
		}
	},

	// todo fix these up a bit
	styles: [
"/*{{{*/",
"/* created by QuickOpenTagPlugin */",
".tagglyTagged .quickopentag, .tagged .quickopentag ",
"	{ margin-right:1.2em; border:1px solid #eee; padding:2px; padding-right:0px; padding-left:1px; }",
".quickopentag .tiddlyLink { padding:2px; padding-left:3px; }",
".quickopentag a.button { padding:1px; padding-left:2px; padding-right:2px;}",
"/* extra specificity to make it work right */",
"#displayArea .viewer .quickopentag a.button, ",
"#displayArea .viewer .quickopentag a.tiddyLink, ",
"#mainMenu .quickopentag a.tiddyLink, ",
"#mainMenu .quickopentag a.tiddyLink ",
"	{ border:0px solid black; }",
"#displayArea .viewer .quickopentag a.button, ",
"#mainMenu .quickopentag a.button ",
"	{ margin-left:0px; padding-left:2px; }",
"#displayArea .viewer .quickopentag a.tiddlyLink, ",
"#mainMenu .quickopentag a.tiddlyLink ",
"	{ margin-right:0px; padding-right:0px; padding-left:0px; margin-left:0px; }",
"a.miniTag {font-size:150%;} ",
"#mainMenu .quickopentag a.button ",
"	/* looks better in right justified main menus */",
"	{ margin-left:0px; padding-left:2px; margin-right:0px; padding-right:0px; }", 
"#topMenu .quickopentag { padding:0px; margin:0px; border:0px; }",
"#topMenu .quickopentag .tiddlyLink { padding-right:1px; margin-right:0px; }",
"#topMenu .quickopentag .button { padding-left:1px; margin-left:0px; border:0px; }",
"/*}}}*/",
		""].join("\n"),

	init: function() {
		// we fully replace these builtins. can't hijack them easily
		window.createTagButton = this.createTagButton;
		config.macros.allTags.handler = this.allTagsHandler;
		config.macros.miniTag = { handler: this.miniTagHandler };
		config.shadowTiddlers["QuickOpenTagStyles"] = this.styles;
		store.addNotification("QuickOpenTagStyles",refreshStyles);
	}
}

config.quickOpenTag.init();

//}}}
RSYNC
Trailing Slashes Do Matter...Sometimes

This isn't really an article about rsync, but I would like to take a momentary detour to clarify one potentially confusing detail about its use. You may be accustomed to commands that don't care about trailing slashes. For example, if a and b are two directories, then cp -a a b is equivalent to cp -a a/ b/. However, rsync does care about the trailing slash, but only on the source argument. For example, let a and b be two directories, with the file foo initially inside directory a. Then this command:
{{{
rsync -a a b
}}}
produces b/a/foo, whereas this command:
{{{
rsync -a a/ b
}}}
produces b/foo. The presence or absence of a trailing slash on the destination argument (b, in this case) has no effect.

Slash means copy content, no slash means copy directory.

generally: don't use slashes, don't specify target directory, specify target directory parent
OR
use slashes, make sure directories are the same
{{{
rsync -a /home/jcw /var/backup/
}}}
should create /var/backup/jcw and subsequent files
{{{
rsync -a /home/jcw/ /var/backup/jcw/
}}}
should do the same thing
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806de37e.shtml
{{{
raidqry.exe -h
}}}
!!!Files: all located in /home/rancid/
{{{~/.cloginrc}}}: contains login information for devices. see [[.cloginrc]]
You can do router specific configs in [[.cloginrc]]

{{{~/etc/rancid.conf}}}: contains groups (to organize the devices, and determine email recipients) and general options

{{{~/var/rancid/$groupname/router.db}}}: contains fqdn of devices for that group

{{{~/var/rancid/$groupname/$groupname/configs}}}: contain the downloaded config files for the devices

!!!Email
Email is sent to two email addresses: {{{rancid-$groupname}}} and {{{rancid-admin-$groupname}}}. By default it is sent to the local mail server running on the server. That can be changed by using adding a line to {{{~/etc/rancid.conf}}}
{{{
MAILDOMAIN="@domain.org"; export MAILDOMAIN
}}}

!!!CVSWEB
install:
{{{
apt-get install httpd 
apt-get install cvsweb
}}}
config:
edit {{{/etc/cvsweb/cvsweb.conf}}}
{{{
@CVSrepositories = ( 
        'Rancid' => ['Rancid', '/home/rancid/var/rancid/CVS'],
);
}}}
Browse to http://servername/cgi-web/cvsweb

!!!Notes
http://www.samag.com/documents/s=10093/sam0609a/0609a.htm (not available anymore as of 20090223)

Maybe try: http://homepage.mac.com/duling/halfdozen/
create access list
{{{
access-list 101 permit ip any host 72.43.91.125
access-list 101 permit ip host 72.43.91.125 any
}}}
add rate limit commands
{{{
rate-limit input access-group 101 768000 14400 28800 conform-action transmit exceed-action drop
rate-limit output access-group 101 768000 14400 28800 conform-action transmit exceed-action drop
}}}
So I was creating a backup solution for me and a friend using a couple of [[nslu2s|http://www.linksys.com/servlet/Satellite?c=L_Product_C2&childpagename=US%2FLayout&cid=1115416906769&pagename=Linksys%2FCommon%2FVisitorWrapper&lid=0676923093B14]] running [[debian|http://nslu2-linux.org/wiki/Debian/HomePage]] with large usb2 hard drives. One of the drives crashed after I installed debian gnu/linux on it. Luckily, no data was lost, just time. Here is how I plan to recover.

!!Put the nslu2 in upgrade mode
You can force the NSLU2 into "upgrade mode" using the reset button at power-on. You will need to do this if you want to use the Upslug2 or Sercomm program to reprogram the flash. Proceed as follows:
# Shutdown the slug
# Using a paper clip, push and hold in the reset button. (The reset button is located on the back of the NSLU2 above the power connection.)
# While holding in the reset button, press and release the power button.
# Watch the orange Ready/Status LED and after approx 10 seconds the LED will turn solid red (except for some models, see note below). Quickly release the reset button.
# You should be in upgrade mode which is indicated by the Ready/Status LED alternating between red and green. 
If the Ready/Status LED is flashing yellow rather than red/green, you didn't release the reset button quickly enough after the Ready/Status LED turned red, and the Slug is now in "assign mode", whatever that means. Don't panic; just remove the power and start again.
Note on LED colours
Older slugs have a clearly distinguishable red status LED color. Newer ones (sometime in late 2006) are not as distinguishable, it is more like orange to a darker orange. If you have trouble seeing the change, the secret is to not look directly at the led; at about 45 degrees off center the contrast change is much clearer. Adjust the lighting conditions also if necessary (darker room is probably better). The procedure to enter the upgrade mode is just the same as described above though, but you have to eye the status LED more carefully to get the right reset release moment. In my case, the timing was also closer to 7 seconds rather than 10.

from: http://www.nslu2-linux.org/wiki/HowTo/UseTheResetButtonToEnterUpgradeMode

!!Run upslug to re-flash the nslu2

http://www.nslu2-linux.org/wiki/Main/UpSlug2

!!Run the debian installer to re-install debian on the device
follow the directions from: http://www.cyrius.com/debian/nslu2/


Installing Debian on the Linksys NSLU2
Requirements and Preparation

In order to install Debian on a Linksys NSLU2, you need the following:

    * A Linksys NSLU2, obviously.
    * An external USB disk (or a big USB stick).
    * A network connection.
    * Another machine on which you have an SSH client. Every Linux distribution includes an OpenSSH client and there is PuTTY for Windows.

There is one complication: the Ethernet drivers require a proprietary microcode that cannot be included in the official images from Debian. There are basically two ways around this:

    * Use an USB Ethernet adapter which has an open source driver. Note that if you choose this option, you will have to change the network cable a number of times. When you flash debian-installer, you have to use the internal Ethernet device whereas debian-installer itself needs the USB gadget.
    * Use an unofficial image which consists of the official Debian image plus the proprietary IXP4xx microcode.

Regardless of which image you intend to use, you should configure your network settings (IP address, DNS, hostname) using the web interface before flashing the debian-installer image in case you do not want to use DHCP. Debian's installer will use those settings to bring up the network.

Please note that if you use a static IP configuration, you have to specify all information, including netmask, gateway and DNS. If you don't specify all information, debian-installer will not be able to bring up the network and there's currently no way to tell the user that an error has occurred. An incomplete network configuration has so far been the most common reasons for problems with these images, so please make sure you have filled in all values.
Starting the Installer

First, you need to download a debian-installer firmware image which you can then flash to your NSLU2. As mentioned above, the Intel IXP4xx chip used in the Linksys NSLU2 needs some proprietary microcode for the Ethernet driver. As such, it cannot be distributed by the Debian project since we believe in free software and the advantages it offers to our users. While you can download an NSLU2 image directly from Debian this is probably not what you are looking for. It will only work if you use a USB Ethernet adapter. If you wish to use the Ethernet port of your NSLU2, you have to use the unofficial image which is a copy of the Debian images plus the proprietary Ethernet microcode.

You can choose between one of the following methods to write the installer image di-nslu2.bin to flash:

   1.

      Using the web interface from the original NSLU2 firmware. Go to the administration section, choose Upgrade, browse your disk for the debian-installer image you have just downloaded. Then press the Start Upgrade button, confirm, wait for a few minutes and confirm again.

      Upgrading the firmware via the web interface

      Upgrading the firmware via the web interface

      Upgrading the firmware via the web interface
   2. Using upslug2 from any Linux or Unix machine to upgrade the machine via the network (the software is packaged for Debian).

      First, you have to put your NSLU2 in upgrade mode:
         1. Disconnect any disks and/or devices from the USB ports.
         2. Power off the NSLU2
         3. Press and hold the reset button (accessible through the small hole on the back just above the power input).
         4. Press and release the power button to power on the NSLU2.
         5. Wait for 10 seconds watching the ready/status LED. After 10 seconds it will change from amber to red (old older NSLU2) or dark orange (on newer machines). Immediately release the reset button.
         6. The NSLU2 ready/status LED will flash alternately dark orange and green (there is a 1 second delay before the first green). The NSLU2 is now in upgrade mode.

      See the NSLU2-Linux pages if you have problems with this.

      Once your NSLU2 is in upgrade mode, you can flash the new image:

      $ sudo upslug2 -i di-nslu2.bin
      Password:
      NSLU2     00:13:10:d6:1e:a7 Product ID: 1 [...]
      Upgrading LKGD61EA7 00:13:10:d6:1e:a7
          . original flash contents  * packet timed out
          ! being erased             - erased
          u being upgraded           U upgraded
          v being verified           V verified

        Display:
          <status> <address completed>+<bytes transmitted but not completed>
        Status:
          * timeout occurred         + sequence error detected

        2a013f+000000 ...UUUUUUUUUUUUUUUUUUu--------------------[...]

      By default, upslug2 will look for the NSLU2 on the network connected to the eth0 interface of your machine. If you have multiple network interfaces and the NSLU2 is not connected to eth0, you have to specify the network interface with the -d option (for example, -d eth1).

      Note that the tool also shows the MAC address of your NSLU2, which may come in handy to configure your DHCP server.

      After the whole image has been written and verified, the system will automatically reboot:

      [...]
        7fffff+000000 ...VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV[...]
      Rebooting... done

      Make sure you connect and turn on your USB disk again, otherwise debian-installer won't be able to find it.
   3. Using a tool for Windows to upgrade via the network.

After you have flashed the debian-installer image, your NSLU2 will boot and start the Debian installer. Since the NSLU2 does not have any IO device, SSH will be used for the installation. The installer will bring up the network, start the OpenSSH server and you can then connect to the device using SSH. You have to wait approximately five minutes after the debian-installer firmware has been flashed before you can connect, but please be patient as it can sometimes take slightly longer, say 10-15 minutes. When the installer is ready, it will beep three times to indicate that you can now login via SSH.

Since the NSLU2 does not have an LCD, the installer cannot tell you which IP address to connect to or which password to use. With regards to the IP address, the following strategy is used:

   1. If you have configured your network settings through the Linksys web interface to use a static IP address other than the default address 192.168.1.77, these values will be used (including the hostname). Note that the installer will not start if your network configuration configuration was incomplete (this includes gateway and DNS). In this case, flash the original firmware again and enter the missing values.
   2. Otherwise, DHCP will be used. You can use the MAC address of your NSLU2 to tell your DHCP server to give out a specific IP address to your machine.
   3. If no address can be found via DHCP, the default value which Linksys uses will be used: 192.168.1.77

Please make sure that the NSLU2 is on a local network to which only you have access since the password from the NSLU2 firmware is not used for the installer but rather the the very generic password install. The user is installer. Connect to the installer:

ssh installer@192.168.1.77

The Installation

The installation itself should be pretty standard and you can follow the installation guide. It knows about the NSLU2 and at the end of the installation it will flash a kernel and initramfs that will automatically boot into Debian.

Since the NSLU2 doesn't have much memory, the installer won't automatically load all installer modules that are available. You therefore need to manually select which modules to load:

Module selection

In order for the installation to succeed, you need to select the following modules:

    * partman-auto: Automatically partition storage devices (partman)
    * partman-ext3: Add to partman support for ext3
    * usb-storage-modules-2.6.18-6-ixp4xx-di: USB storage support

If you have a USB stick with only 1 GB the current version of the installer will by default create a swap partition that is too small and your system will run out of memory during the installation and fail (the symptom of this is that your SSH connection will be closed). On such systems, you therefore have to manually partition your hard drive instead of using the guided partition option. Make sure that you have at least a swap partition with at least 256 MB.

Please also note that LVM and RAID are not really supported on this device, although there is an external page with some information about such a setup.

The installation will take roughly 2.5 hours (or slightly more if you have a slow Internet connection). At the end of the installation, the installer will write the new kernel to flash. Afterwards you will get a confirmation that the installation is complete. Confirm, wait for the installer to finish and once your SSH session terminates, wait a few minutes before you can connect to your newly installed system vis SSH. You will be able to log in as root or your newly created user via SSH.

Flashing the kernel

Rebooting after d-i finishes

When you first login to your new system, it is recommended that you install the ntpdate (or ntp) package to make sure the clock is always up-to-date; otherwise attempts to install new packages might fail due to GPG verification errors (for the first time, you'll probably have to setup the clock manually using the date command).
Success

You should now have a complete Debian system running on your NSLU2. You can use apt-get and other tools to install additional software. The NSLU2 is an ARM based device and the ARM architecture is fully supported by Debian. Unlike the original firmware, the Debian port runs in little-endian mode. In case you faced any problems with the installer that couldn't be resolved, it's also possible to install Debian on your NSLU2 by manually unpacking a tar ball which I've prepared.

There are a number of resources where you can find more information about running Debian on your NSLU2. The NSLU2-Linux wiki has lots of information about Debian and the README file from the nslu2-utils package (/usr/share/doc/nslu2-utils/README.Debian on your newly installed system) includes some important information you should definitely read. Also, there are some tips for running Linux on a flash device (in case you didn't install Debian on a hard drive but a USB flash stick) and for reducing memory usage.
Troubleshooting

There are some common problems found during or after the installation:

    * The installer disconnects while formating the disk. This happens sometimes when the installer runs out of memory. The best workaround is to manually partition and format the disk before starting the installer and to reuse the existing partitions; read this page for instructions.
    * The machine fails to boot after connecting more than one drive: this is because Debian currently doesn't use persistent naming for disks, which means that it might try to boot from the wrong disk. There is a manual workaround that is documented in section "The slug fails to reboot with 2 drives connected" of the troubleshooting wiki page.
    * For other issues, please refer to the troubleshooting wiki page.

If you find this site helpful, you're welcome to make a donation.
Last modified on 2008-02-18 11:14:24 +0100 (Mon, 18 Feb 2008). 


!!Here's the link for the image
http://www.slug-firmware.net/d-dls.php
{{{
Regsvr32.exe /u msutb.dll
}}}
http://www.vmware.com/community/message.jspa?messageID=503451

 AZDeveloper    	  
	Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 1:38 PM 	  	
Host OS: XP Pro x64
Guest OS: Windows 2000

I took a snapshot of my VM, but now I cannot "remove" the snapshot so that I may take another one. The "Remove Snapshot" menu item in the VMWare Console is greyed out.

Any ideas ?

devzero 	 

Posts: 1,823
From: Germany
Registered: 12/27/04
	
	Re: Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 2:16 PM   in response to: AZDeveloper 	  	
  	Click to reply to this topic 	Reply

shutdown the Guest OS

AZDeveloper 	 

Posts: 5
Registered: 4/4/06
	
	Re: Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 4:36 PM   in response to: devzero 	  	
  	Click to reply to this topic 	Reply

I've shut down the guest OS.
I've rebooted the machine.
It is still greyed out.

KevinG 	   

Posts: 13,808
From: VCP Palo Alto, CA USA
Registered: 1/8/04
	
	Re: Remove Snapshot menu item greyed out
Posted: Oct 27, 2006 4:46 PM   in response to: AZDeveloper 	  	
  	Click to reply to this topic 	Reply

You must power off the virtual machine to use the "Remove" snapshot menu option.

By the way, "Remove" will commit the changes in the snapshot to the base .vmdk file. "Revert" option will throw away the changes and go back to using the base .vmdk file 
[HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\VMware Tools]
"ShowTray"=dword:00000000

Source: http://communities.vmware.com/message/453374;jsessionid=35FD72C6830395710F802633085BAACB
{{{
grep -v "^$" filename > newfilename
}}}
{{{
grep -v "^[ \t]" drivers2.txt > drivers3.txt
}}}
{{{
sp_dropserver <old_name>
GO
sp_addserver <new_name>, local
GO
}}}
#delete any maintenance plans {{{<<<<<}}}''IMPORTANT''
#rename server
#reboot server
#run sql commands [[Rename SQL 2005 Server Script]]
#recreate maintenance plans
http://msdn.microsoft.com/en-us/library/ms143799(SQL.90).aspx
/***
|Name:|RenameTagsPlugin|
|Description:|Allows you to easily rename or delete tags across multiple tiddlers|
|Version:|3.0 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#RenameTagsPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License|http://mptw.tiddlyspot.com/#TheBSDLicense|
Rename a tag and you will be prompted to rename it in all its tagged tiddlers.
***/
//{{{
config.renameTags = {

	prompts: {
		rename: "Rename the tag '%0' to '%1' in %2 tidder%3?",
		remove: "Remove the tag '%0' from %1 tidder%2?"
	},

	removeTag: function(tag,tiddlers) {
		store.suspendNotifications();
		for (var i=0;i<tiddlers.length;i++) {
			store.setTiddlerTag(tiddlers[i].title,false,tag);
		}
		store.resumeNotifications();
		store.notifyAll();
	},

	renameTag: function(oldTag,newTag,tiddlers) {
		store.suspendNotifications();
		for (var i=0;i<tiddlers.length;i++) {
			store.setTiddlerTag(tiddlers[i].title,false,oldTag); // remove old
			store.setTiddlerTag(tiddlers[i].title,true,newTag);  // add new
		}
		store.resumeNotifications();
		store.notifyAll();
	},

	storeMethods: {

		saveTiddler_orig_renameTags: TiddlyWiki.prototype.saveTiddler,

		saveTiddler: function(title,newTitle,newBody,modifier,modified,tags,fields) {
			if (title != newTitle) {
				var tagged = this.getTaggedTiddlers(title);
				if (tagged.length > 0) {
					// then we are renaming a tag
					if (confirm(config.renameTags.prompts.rename.format([title,newTitle,tagged.length,tagged.length>1?"s":""])))
						config.renameTags.renameTag(title,newTitle,tagged);

					if (!this.tiddlerExists(title) && newBody == "")
						// dont create unwanted tiddler
						return null;
				}
			}
			return this.saveTiddler_orig_renameTags(title,newTitle,newBody,modifier,modified,tags,fields);
		},

		removeTiddler_orig_renameTags: TiddlyWiki.prototype.removeTiddler,

		removeTiddler: function(title) {
			var tagged = this.getTaggedTiddlers(title);
			if (tagged.length > 0)
				if (confirm(config.renameTags.prompts.remove.format([title,tagged.length,tagged.length>1?"s":""])))
					config.renameTags.removeTag(title,tagged);
			return this.removeTiddler_orig_renameTags(title);
		}

	},

	init: function() {
		merge(TiddlyWiki.prototype,this.storeMethods);
	}
}

config.renameTags.init();

//}}}
{{{
::Date Variables - replace characters that are not legal as part of filesystem file names (to produce name like "backup_04.15.08.7z")
SET DT=%date%
SET DT=%DT:/=.%
SET DT=%DT:-=.%
}}}
{{{
wr erase
}}}
Robocopy is great for moving files among Windows hosts. It logs nicely, tells me how long it took, and I can script it easily. My primary directory synchronization script looks like:

{{{
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION

SET _ROBO=c:\bin\robocopy.exe
SET _BLAT=c:\bin\blat.exe

SET _sourcedir=\\server1\c$\dir1
SET _destdir=G:\dir2

SET _logfile=%0.log

SET _what=/COPYALL /ZB /SEC /MIR
:: /COPYALL :: COPY ALL file info
:: /ZB      :: use restartable mode; if access denied use Backup mode.
:: /SEC     :: copy files with SECurity
:: /MIR     :: MIRror a directory tree 

SET _options=/R:5 /W:30 /LOG+:%_logfile% /NFL /NDL
:: /R:n :: number of Retries
:: /W:n :: Wait time between retries
:: /LOG :: Output log file
:: /NFL :: No file logging
:: /NDL :: No dir logging

%_ROBO% %_sourcedir% %_destdir% %_what% %_options%

%_BLAT% %_logfile% -t <recipient>@<domain>.<tld> -s "%0 done"
}}}
!!!Gotcha
The above script works great on directories, I've used it many, many times. However, here's the gotcha: If you're trying to sync only certain files (*.txt or *.mdf or *.ldf) from just the source directory (and not child directories), you have to do two things: 1) add a parameter: {{{files}}}, and 2) add an argument: {{{/lev:###}}}.
This is what the file sync script looks like:
{{{
@ECHO OFF
SETLOCAL ENABLEDELAYEDEXPANSION

SET _ROBO=c:\bin\robocopy.exe
SET _BLAT=c:\bin\blat.exe

SET _sourcedir=\\server1\c$\dir1
SET _destdir=G:\dir2
SET _files=*.txt
SET _logfile=%0.log

SET _what=/COPYALL /ZB /SEC /MIR
:: /COPYALL :: COPY ALL file info
:: /ZB      :: use restartable mode; if access denied use Backup mode.
:: /SEC     :: copy files with SECurity
:: /MIR     :: MIRror a directory tree 

SET _options=/R:5 /W:30 /LOG:%_logfile% /NFL /NDL
:: /R:n :: number of Retries
:: /W:n :: Wait time between retries
:: /LOG :: Output log file
:: /NFL :: No file logging
:: /NDL :: No dir logging

%_ROBO% %_sourcedir% %_destdir% %_files% %_what% %_options%

%_BLAT% %_logfile% -t smaug9@tld.org -s "%0 complete"
}}}
There are a couple key points here:
*Robocopy doesn't work like copy or xcopy, the source and destination must be directories, eg:
**Incorrect: {{{source=c:\test\*.txt}}}
**Correct: {{{source=c:\test}}}, {{{files=*.txt}}}
*The source and destination directories must __not__ have a trailing backslash eg: 
**Incorrect: {{{source=c:\test\}}}
**Correct: {{{source=c:\test}}}
*If you don't specify the levels argument ({{{/lev:###}}}), robocopy will default to copy the entire directory tree, and create child directories as needed, even if there aren't any files in those child directories that match the files parameter.

You can get v26 of robocopy by installing the robocopy gui app, and copy robocopy/exe from %windir%\system32\ to wherever.
Get the robocopy app here: http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359cc0842/UtilitySpotlight2006_11.exe

Helpfiles:
[[Robocopy V026 Help]]
[[Robocopy V010 Help]]
{{{

-------------------------------------------------------------------------------
   ROBOCOPY     ::     Robust File Copy for Windows     ::     Version XP010
-------------------------------------------------------------------------------

  Started : Fri Nov 07 17:44:32 2008

              Usage :: ROBOCOPY source destination [file [file]...] [options]

             source :: Source Directory (drive:\path or \\server\share\path).
        destination :: Destination Dir  (drive:\path or \\server\share\path).
               file :: File(s) to copy  (names/wildcards: default is "*.*").

::
:: Copy options :
::
                 /S :: copy Subdirectories, but not empty ones.
                 /E :: copy subdirectories, including Empty ones.
             /LEV:n :: only copy the top n LEVels of the source directory tree.

                 /Z :: copy files in restartable mode.
                 /B :: copy files in Backup mode.
                /ZB :: use restartable mode; if access denied use Backup mode.

  /COPY:copyflag[s] :: what to COPY (default is /COPY:DAT).
                       (copyflags : D=Data, A=Attributes, T=Timestamps).
                       (S=Security=NTFS ACLs, O=Owner info, U=aUditing info).

               /SEC :: copy files with SECurity (equivalent to /COPY:DATS).
           /COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).
            /NOCOPY :: COPY NO file info (useful with /PURGE).

             /PURGE :: delete dest files/dirs that no longer exist in source.
               /MIR :: MIRror a directory tree (equivalent to /E plus /PURGE).

               /MOV :: MOVe files (delete from source after copying).
              /MOVE :: MOVE files AND dirs (delete from source after copying).

       /A+:[RASHNT] :: add the given Attributes to copied files.
       /A-:[RASHNT] :: remove the given Attributes from copied files.

            /CREATE :: CREATE directory tree and zero-length files only.
               /FAT :: create destination files using 8.3 FAT file names only.
               /FFT :: assume FAT File Times (2-second granularity).
               /256 :: turn off very long path (> 256 characters) support.

             /MON:n :: MONitor source; run again when more than n changes seen.
             /MOT:m :: MOnitor source; run again in m minutes Time, if changed.

      /RH:hhmm-hhmm :: Run Hours - times when new copies may be started.
                /PF :: check run hours on a Per File (not per pass) basis.

             /IPG:n :: Inter-Packet Gap (ms), to free bandwidth on slow lines.

::
:: File Selection Options :
::
                 /A :: copy only files with the Archive attribute set.
                 /M :: copy only files with the Archive attribute and reset it.
    /IA:[RASHCNETO] :: Include only files with any of the given Attributes set.
    /XA:[RASHCNETO] :: eXclude files with any of the given Attributes set.

 /XF file [file]... :: eXclude Files matching given names/paths/wildcards.
 /XD dirs [dirs]... :: eXclude Directories matching given names/paths.

                /XC :: eXclude Changed files.
                /XN :: eXclude Newer files.
                /XO :: eXclude Older files.
                /XX :: eXclude eXtra files and directories.
                /XL :: eXclude Lonely files and directories.
                /IS :: Include Same files.
                /IT :: Include Tweaked files.

             /MAX:n :: MAXimum file size - exclude files bigger than n bytes.
             /MIN:n :: MINimum file size - exclude files smaller than n bytes.

          /MAXAGE:n :: MAXimum file AGE - exclude files older than n days/date.
          /MINAGE:n :: MINimum file AGE - exclude files newer than n days/date.
          /MAXLAD:n :: MAXimum Last Access Date - exclude files unused since n.
          /MINLAD:n :: MINimum Last Access Date - exclude files used since n.
                       (If n < 1900 then n = n days, else n = YYYYMMDD date).

                /XJ :: eXclude Junction points. (normally included by default).

::
:: Retry Options :
::
               /R:n :: number of Retries on failed copies: default 1 million.
               /W:n :: Wait time between retries: default is 30 seconds.

               /REG :: Save /R:n and /W:n in the Registry as default settings.

               /TBD :: wait for sharenames To Be Defined (retry error 67).

::
:: Logging Options :
::
                 /L :: List only - don't copy, timestamp or delete any files.
                 /X :: report all eXtra files, not just those selected.
                 /V :: produce Verbose output, showing skipped files.
                /TS :: include source file Time Stamps in the output.
                /FP :: include Full Pathname of files in the output.

                /NS :: No Size - don't log file sizes.
                /NC :: No Class - don't log file classes.
               /NFL :: No File List - don't log file names.
               /NDL :: No Directory List - don't log directory names.

                /NP :: No Progress - don't display % copied.
               /ETA :: show Estimated Time of Arrival of copied files.

          /LOG:file :: output status to LOG file (overwrite existing log).
         /LOG+:file :: output status to LOG file (append to existing log).

               /TEE :: output to console window, as well as the log file.

               /NJH :: No Job Header.
               /NJS :: No Job Summary.

::
:: Job Options :
::
       /JOB:jobname :: take parameters from the named JOB file.
      /SAVE:jobname :: SAVE parameters to the named job file
              /QUIT :: QUIT after processing command line (to view parameters). 
              /NOSD :: NO Source Directory is specified.
              /NODD :: NO Destination Directory is specified.
                /IF :: Include the following Files.
}}}

cuz im lazy
{{{
C:\0\bin>ROBOCOPY.EXE /?

-------------------------------------------------------------------------------
   ROBOCOPY     ::     Robust File Copy for Windows     ::     Version XP026
-------------------------------------------------------------------------------

  Started : Thu Feb 12 11:42:38 2009

              Usage :: ROBOCOPY source destination [file [file]...] [options]

             source :: Source Directory (drive:\path or \\server\share\path).
        destination :: Destination Dir  (drive:\path or \\server\share\path).
               file :: File(s) to copy  (names/wildcards: default is "*.*").

::
:: Copy options :
::
                 /S :: copy Subdirectories, but not empty ones.
                 /E :: copy subdirectories, including Empty ones.
             /LEV:n :: only copy the top n LEVels of the source directory tree.

                 /Z :: copy files in restartable mode.
                 /B :: copy files in Backup mode.
                /ZB :: use restartable mode; if access denied use Backup mode.

  /COPY:copyflag[s] :: what to COPY for files (default is /COPY:DAT).
                       (copyflags : D=Data, A=Attributes, T=Timestamps).
                       (S=Security=NTFS ACLs, O=Owner info, U=aUditing info).

           /DCOPY:T :: COPY Directory Timestamps.

               /SEC :: copy files with SECurity (equivalent to /COPY:DATS).
           /COPYALL :: COPY ALL file info (equivalent to /COPY:DATSOU).
            /NOCOPY :: COPY NO file info (useful with /PURGE).

            /SECFIX :: FIX file SECurity on all files, even skipped files.
            /TIMFIX :: FIX file TIMes on all files, even skipped files.

             /PURGE :: delete dest files/dirs that no longer exist in source.
               /MIR :: MIRror a directory tree (equivalent to /E plus /PURGE).

               /MOV :: MOVe files (delete from source after copying).
              /MOVE :: MOVE files AND dirs (delete from source after copying).

     /A+:[RASHCNET] :: add the given Attributes to copied files.
     /A-:[RASHCNET] :: remove the given Attributes from copied files.

            /CREATE :: CREATE directory tree and zero-length files only.
               /FAT :: create destination files using 8.3 FAT file names only.
               /256 :: turn off very long path (> 256 characters) support.

             /MON:n :: MONitor source; run again when more than n changes seen.
             /MOT:m :: MOnitor source; run again in m minutes Time, if changed.

      /RH:hhmm-hhmm :: Run Hours - times when new copies may be started.
                /PF :: check run hours on a Per File (not per pass) basis.

             /IPG:n :: Inter-Packet Gap (ms), to free bandwidth on slow lines.

::
:: File Selection Options :
::
                 /A :: copy only files with the Archive attribute set.
                 /M :: copy only files with the Archive attribute and reset it.
    /IA:[RASHCNETO] :: Include only files with any of the given Attributes set.
    /XA:[RASHCNETO] :: eXclude files with any of the given Attributes set.

 /XF file [file]... :: eXclude Files matching given names/paths/wildcards.
 /XD dirs [dirs]... :: eXclude Directories matching given names/paths.

                /XC :: eXclude Changed files.
                /XN :: eXclude Newer files.
                /XO :: eXclude Older files.
                /XX :: eXclude eXtra files and directories.
                /XL :: eXclude Lonely files and directories.
                /IS :: Include Same files.
                /IT :: Include Tweaked files.

             /MAX:n :: MAXimum file size - exclude files bigger than n bytes.
             /MIN:n :: MINimum file size - exclude files smaller than n bytes.

          /MAXAGE:n :: MAXimum file AGE - exclude files older than n days/date.
          /MINAGE:n :: MINimum file AGE - exclude files newer than n days/date.
          /MAXLAD:n :: MAXimum Last Access Date - exclude files unused since n.
          /MINLAD:n :: MINimum Last Access Date - exclude files used since n.
                       (If n < 1900 then n = n days, else n = YYYYMMDD date).

                /XJ :: eXclude Junction points. (normally included by default).

               /FFT :: assume FAT File Times (2-second granularity).
               /DST :: compensate for one-hour DST time differences.

               /XJD :: eXclude Junction points for Directories.
               /XJF :: eXclude Junction points for Files.

::
:: Retry Options :
::
               /R:n :: number of Retries on failed copies: default 1 million.
               /W:n :: Wait time between retries: default is 30 seconds.

               /REG :: Save /R:n and /W:n in the Registry as default settings.

               /TBD :: wait for sharenames To Be Defined (retry error 67).

::
:: Logging Options :
::
                 /L :: List only - don't copy, timestamp or delete any files.
                 /X :: report all eXtra files, not just those selected.
                 /V :: produce Verbose output, showing skipped files.
                /TS :: include source file Time Stamps in the output.
                /FP :: include Full Pathname of files in the output.
             /BYTES :: Print sizes as bytes.

                /NS :: No Size - don't log file sizes.
                /NC :: No Class - don't log file classes.
               /NFL :: No File List - don't log file names.
               /NDL :: No Directory List - don't log directory names.

                /NP :: No Progress - don't display % copied.
               /ETA :: show Estimated Time of Arrival of copied files.

          /LOG:file :: output status to LOG file (overwrite existing log).
         /LOG+:file :: output status to LOG file (append to existing log).

       /UNILOG:file :: output status to LOG file as UNICODE (overwrite existing
log).
      /UNILOG+:file :: output status to LOG file as UNICODE (append to existing
log).

               /TEE :: output to console window, as well as the log file.

               /NJH :: No Job Header.
               /NJS :: No Job Summary.

           /UNICODE :: output status as UNICODE.

::
:: Job Options :
::
       /JOB:jobname :: take parameters from the named JOB file.
      /SAVE:jobname :: SAVE parameters to the named job file
              /QUIT :: QUIT after processing command line (to view parameters).

              /NOSD :: NO Source Directory is specified.
              /NODD :: NO Destination Directory is specified.
                /IF :: Include the following Files.
}}}
<X>:\htape\sn\bin\setup.ini
!!SUMMARY
SQL Server 2000 Books ~On-Line states that the Database Maintenance Plan Wizard only supports backups to local disks. Backups can be done to a network resource under certain circumstances.
!!RESOLUTION
Backups to a network folder require the following prerequisites:
1)  The SQL Server service must be running under a domain-level account.
2)  The SQL Server service account must have FULL CONTROL rights to the file system folder and to the share.
3)  The remote share should only be accessed via UNC name.  Mapped drives may not be consistently visible to the SQL Service.

Once these prerequisites are met, the UNC name can be typed into the 'Use this directory' text field on the 'Complete Backup' and/or the 'Transaction Log Backup' tabs of the Database Maintenance plan.  SQL will then write backups to this location.  Do not use the '…' button.  This button will only enumerate local disk resources.
!!MORE INFORMATION
The most common failure cause is incorrect access permissions to the share or the underlying folder(s).  Access to the share can be tested by logging into the console of the SQL Server as the SQL Service account.  Test using the UNC share name only and not a mapped drive. 
 
Note that backing up to a network share can cause significant network traffic.  Make sure your network can handle this load without adversely affecting other systems or end users.  You may find it beneficial to establish a dedicated physical network connection between your database server and your backup file host.

from article: http://support.microsoft.com/?id=555128
MSSQL box looks like transaction logs on server have never worked.
Windows Application Log has: 
{{{
Event Type:	Warning
Event Source:	SQLSERVERAGENT
Event Category:	Job Engine 
Event ID:	208
Date:		7/1/2008
Time:		10:00:01 PM
User:		N/A
Computer:	Computer
Description:
SQL Server Scheduled Job 'Transaction Log Backup Job for DB Maintenance Plan 'DB Maintenance Plan1'' (0x045DE9CE32CFE344AB93033E1A400017) 
- Status: Failed 
- Invoked on: 2008-07-01 22:00:00 
- Message: The job failed.  The Job was invoked by Schedule 2 (Schedule 1).  The last step to run was step 1 (Step 1). 
}}}
SQL Job has:
{{{
Executed as user: NT AUTHORITY\SYSTEM. sqlmaint.exe failed. [SQLSTATE 42000] (Error 22029).  The step failed.
}}}
DB Maintenance Plan History has:
{{{
Backup can not be performed on this database. This sub task is ignored
}}}

Woohoo, so descriptive =\

Found this: [[A transaction log backup job that is created in Database Maintenance Planner fails to execute|http://support.microsoft.com/kb/303229]]

Basically, in the db properties, options tab, change the recovery model from simple to full. Doesn't look like you can do this for master or msdb.

Have fun!
http://www.mssqltips.com/tip.asp?tip=1219
If you receive the following error when creating a maintenance plan...
{{{
Create maintenance plan failed.

Additional information:
Create failed for JobStep 'Subplan'. (Microsoft.SqlServer.MaintenancePlanTasks)

An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)

The specified '@subsystem' is invalid (valid values are returned by sp_enum_sqlagent_subsystems). (Microsoft SQL Server, Error 14234)
}}}

Install the integration service component.
see: http://support.microsoft.com/kb/909036/en-us
{{{
SSH(1)                    BSD General Commands Manual                   SSH(1)

NAME
     ssh - OpenSSH SSH client (remote login program)

SYNOPSIS
     ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec] [-D
         [bind_address:]port] [-e escape_char] [-F configfile]
         [-i identity_file] [-L  [bind_address:]port:host:hostport]
         [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port] [-R
         [bind_address:]port:host:hostport] [-S ctl_path] [-w tunnel:tunnel]
         [user@]hostname [command]

DESCRIPTION
     ssh (SSH client) is a program for logging into a remote machine and for
     executing commands on a remote machine.  It is intended to replace rlogin
     and rsh, and provide secure encrypted communications between two
     untrusted hosts over an insecure network.  X11 connections and arbitrary
     TCP ports can also be forwarded over the secure channel.

     ssh connects and logs into the specified hostname (with optional user
     name).  The user must prove his/her identity to the remote machine using
     one of several methods depending on the protocol version used (see
     below).

     If command is specified, it is executed on the remote host instead of a
     login shell.

     The options are as follows:

     -1      Forces ssh to try protocol version 1 only.

     -2      Forces ssh to try protocol version 2 only.

     -4      Forces ssh to use IPv4 addresses only.

     -6      Forces ssh to use IPv6 addresses only.

     -A      Enables forwarding of the authentication agent connection.  This
             can also be specified on a per-host basis in a configuration
             file.

             Agent forwarding should be enabled with caution.  Users with the
             ability to bypass file permissions on the remote host (for the
             agentâs Unix-domain socket) can access the local agent through
             the forwarded connection.  An attacker cannot obtain key material
             from the agent, however they can perform operations on the keys
             that enable them to authenticate using the identities loaded into
             the agent.

     -a      Disables forwarding of the authentication agent connection.

     -b bind_address
             Use bind_address on the local machine as the source address of
             the connection.  Only useful on systems with more than one
             address.

     -C      Requests compression of all data (including stdin, stdout,
             stderr, and data for forwarded X11 and TCP connections).  The
             compression algorithm is the same used by gzip(1), and the
             âlevelâ
                                 tocol version 1.  Compression is desirable on modem lines and
             other slow connections, but will only slow down things on fast
             networks.  The default value can be set on a host-by-host basis
             in the configuration files; see the Compression option.

     -c cipher_spec
             Selects the cipher specification for encrypting the session.

             Protocol version 1 allows specification of a single cipher.  The
             supported values are â3desâblowfishâdesâ
                                                                  (triple-des) is an encrypt-decrypt-encrypt triple with three d
ifâ
             ferent keys.  It is believed to be secure.  blowfish is a fast
             block cipher; it appears very secure and is much faster than
             3des.  des is only supported in the ssh client for interoperabilâ
             ity with legacy protocol 1 implementations that do not support
             the 3des cipher.  Its use is strongly discouraged due to cryptoâ
             graphic weaknesses.  The default is â3desâ

             For protocol version 2, cipher_spec is a comma-separated list of
             ciphers listed in order of preference.  The supported ciphers
             are: 3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, aes128-ctr,
             aes192-ctr, aes256-ctr, arcfour128, arcfour256, arcfour, blowâ
             fish-cbc, and cast128-cbc.  The default is:

                   aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
                   arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
                   aes192-ctr,aes256-ctr

     -D [bind_address:]port
             Specifies a local âdynamicâ
                                                     This works by allocating a socket to listen to port on the local
             side, optionally bound to the specified bind_address.  Whenever a
             connection is made to this port, the connection is forwarded over
             the secure channel, and the application protocol is then used to
             determine where to connect to from the remote machine.  Currently
             the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
             as a SOCKS server.  Only root can forward privileged ports.
             Dynamic port forwardings can also be specified in the configuraâ
             tion file.

             IPv6 addresses can be specified with an alternative syntax:
             [bind_address/]port or by enclosing the address in square brackâ
             ets.  Only the superuser can forward privileged ports.  By
             default, the local port is bound in accordance with the
             GatewayPorts setting.  However, an explicit bind_address may be
             used to bind the connection to a specific address.  The
             bind_address of âlocalhostâ
                                                     bound for local use only, while an empty address or â*â indicates
             that the port should be available from all interfaces.

     -e escape_char
             Sets the escape character for sessions with a pty (default: â~â).
             The escape character is only recognized at the beginning of a
             line.  The escape character followed by a dot (â.â) closes the
             connection; followed by control-Z suspends the connection; and
             followed by itself sends the escape character once.  Setting the
             character to ânoneâ
                                             fully transparent.

     -F configfile
             Specifies an alternative per-user configuration file.  If a conâ
             figuration file is given on the command line, the system-wide
             configuration file (/etc/ssh/ssh_config) will be ignored.  The
             default for the per-user configuration file is ~/.ssh/config.

     -f      Requests ssh to go to background just before command execution.
             This is useful if ssh is going to ask for passwords or
             passphrases, but the user wants it in the background.  This
             implies -n.  The recommended way to start X11 programs at a
             remote site is with something like ssh -f host xterm.

     -g      Allows remote hosts to connect to local forwarded ports.

     -I smartcard_device
             Specify the device ssh should use to communicate with a smartcard
             used for storing the userâs private RSA key.  This option is only
             available if support for smartcard devices is compiled in
             (default is no support).

     -i identity_file
             Selects a file from which the identity (private key) for RSA or
             DSA authentication is read.  The default is ~/.ssh/identity for
             protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for proâ
             tocol version 2.  Identity files may also be specified on a per-
             host basis in the configuration file.  It is possible to have
             multiple -i options (and multiple identities specified in configâ
             uration files).

     -K      Enables forwarding (delegation) of GSSAPI credentials to the
             server.

     -k      Disables forwarding (delegation) of GSSAPI credentials to the
             server.

     -L [bind_address:]port:host:hostport
             Specifies that the given port on the local (client) host is to be
             forwarded to the given host and port on the remote side.  This
             works by allocating a socket to listen to port on the local side,
             optionally bound to the specified bind_address.  Whenever a conâ
             nection is made to this port, the connection is forwarded over
             the secure channel, and a connection is made to host port
             hostport from the remote machine.  Port forwardings can also be
             specified in the configuration file.  IPv6 addresses can be specâ
             ified with an alternative syntax:
             [bind_address/]port/host/hostport or by enclosing the address in
             square brackets.  Only the superuser can forward privileged
             ports.  By default, the local port is bound in accordance with
             the GatewayPorts setting.  However, an explicit bind_address may
             be used to bind the connection to a specific address.  The
             bind_address of âlocalhostâ
                                                     bound for local use only, while an empty address or â*â indicates
             that the port should be available from all interfaces.

     -l login_name
             Specifies the user to log in as on the remote machine.  This also
             may be specified on a per-host basis in the configuration file.

     -M      Places the ssh client into âmasterâ
                                                             Multiple -M options places ssh into âmasterâ
                                                                                                                      tion requi
red before slave connections are accepted.  Refer to
             the description of ControlMaster in ssh_config(5) for details.

     -m mac_spec
             Additionally, for protocol version 2 a comma-separated list of
             MAC (message authentication code) algorithms can be specified in
             order of preference.  See the MACs keyword for more information.

     -N      Do not execute a remote command.  This is useful for just forâ
             warding ports (protocol version 2 only).

     -n      Redirects stdin from /dev/null (actually, prevents reading from
             stdin).  This must be used when ssh is run in the background.  A
             common trick is to use this to run X11 programs on a remote
             machine.  For example, ssh -n shadows.cs.hut.fi emacs & will
             start an emacs on shadows.cs.hut.fi, and the X11 connection will
             be automatically forwarded over an encrypted channel.  The ssh
             program will be put in the background.  (This does not work if
             ssh needs to ask for a password or passphrase; see also the -f
             option.)

     -O ctl_cmd
             Control an active connection multiplexing master process.  When
             the -O option is specified, the ctl_cmd argument is interpreted
             and passed to the master process.  Valid commands are: âcheckâ
exitâ
                  the master to exit).

     -o option
             Can be used to give options in the format used in the configuraâ
             tion file.  This is useful for specifying options for which there
             is no separate command-line flag.  For full details of the
             options listed below, and their possible values, see
             ssh_config(5).

                   AddressFamily
                   BatchMode
                   BindAddress
                   ChallengeResponseAuthentication
                   CheckHostIP
                   Cipher
                   Ciphers
                   ClearAllForwardings
                   Compression
                   CompressionLevel
                   ConnectionAttempts
                   ConnectTimeout
                   ControlMaster
                   ControlPath
                   DynamicForward
                   EscapeChar
                   ForwardAgent
                   ForwardX11
                   ForwardX11Trusted
                   GatewayPorts
                   GlobalKnownHostsFile
                   GSSAPIAuthentication
                   GSSAPIDelegateCredentials
                   HashKnownHosts
                   Host
                   HostbasedAuthentication
                   HostKeyAlgorithms
                   HostKeyAlias
                   HostName
                   IdentityFile
                   IdentitiesOnly
                   KbdInteractiveDevices
                   LocalCommand
                   LocalForward
                   LogLevel
                   MACs
                   NoHostAuthenticationForLocalhost
                   NumberOfPasswordPrompts
                   PasswordAuthentication
                   PermitLocalCommand
                   Port
                   PreferredAuthentications
                   Protocol
                   ProxyCommand
                   PubkeyAuthentication
                   RekeyLimit
                   RemoteForward
                   RhostsRSAAuthentication
                   RSAAuthentication
                   SendEnv
                   ServerAliveInterval
                   ServerAliveCountMax
                   SmartcardDevice
                   StrictHostKeyChecking
                   TCPKeepAlive
                   Tunnel
                   TunnelDevice
                   UsePrivilegedPort
                   User
                   UserKnownHostsFile
                   VerifyHostKeyDNS
                   XAuthLocation

     -p port
             Port to connect to on the remote host.  This can be specified on
             a per-host basis in the configuration file.

     -q      Quiet mode.  Causes all warning and diagnostic messages to be
             suppressed.  Only fatal errors are displayed.  If a second -q is
             given then even fatal errors are suppressed.

     -R [bind_address:]port:host:hostport
             Specifies that the given port on the remote (server) host is to
             be forwarded to the given host and port on the local side.  This
             works by allocating a socket to listen to port on the remote
             side, and whenever a connection is made to this port, the connecâ
             tion is forwarded over the secure channel, and a connection is
             made to host port hostport from the local machine.

             Port forwardings can also be specified in the configuration file.
             Privileged ports can be forwarded only when logging in as root on
             the remote machine.  IPv6 addresses can be specified by enclosing
             the address in square braces or using an alternative syntax:
             [bind_address/]host/port/hostport.

             By default, the listening socket on the server will be bound to
             the loopback interface only.  This may be overriden by specifying
             a bind_address.  An empty bind_address, or the address â*â, indiâ
             cates that the remote socket should listen on all interfaces.
             Specifying a remote bind_address will only succeed if the
             serverâs GatewayPorts option is enabled (see sshd_config(5)).

     -S ctl_path
             Specifies the location of a control socket for connection sharâ
             ing.  Refer to the description of ControlPath and ControlMaster
             in ssh_config(5) for details.

     -s      May be used to request invocation of a subsystem on the remote
             system.  Subsystems are a feature of the SSH2 protocol which
             facilitate the use of SSH as a secure transport for other appliâ
             cations (eg. sftp(1)).  The subsystem is specified as the remote
             command.

     -T      Disable pseudo-tty allocation.

     -t      Force pseudo-tty allocation.  This can be used to execute arbiâ
             trary screen-based programs on a remote machine, which can be
             very useful, e.g., when implementing menu services.  Multiple -t
             options force tty allocation, even if ssh has no local tty.

     -V      Display the version number and exit.

     -v      Verbose mode.  Causes ssh to print debugging messages about its
             progress.  This is helpful in debugging connection, authenticaâ
             tion, and configuration problems.  Multiple -v options increase
             the verbosity.  The maximum is 3.

     -w tunnel:tunnel
             Requests a tun(4) device on the client (first tunnel arg) and
             server (second tunnel arg).  The devices may be specified by
             numerical ID or the keyword âanyâ
                                                           tunnel device.  See also the Tunnel directive in ssh_config(5).

     -X      Enables X11 forwarding.  This can also be specified on a per-host
             basis in a configuration file.

             X11 forwarding should be enabled with caution.  Users with the
             ability to bypass file permissions on the remote host (for the
             userâs X authorization database) can access the local X11 display
             through the forwarded connection.  An attacker may then be able
             to perform activities such as keystroke monitoring.

             For this reason, X11 forwarding is subjected to X11 SECURITY
             extension restrictions by default.  Please refer to the ssh -Y
             option and the ForwardX11Trusted directive in ssh_config(5) for
             more information.

     -x      Disables X11 forwarding.

     -Y      Enables trusted X11 forwarding.  Trusted X11 forwardings are not
             subjected to the X11 SECURITY extension controls.

     ssh may additionally obtain configuration data from a per-user configuraâ
     tion file and a system-wide configuration file.  The file format and conâ
     figuration options are described in ssh_config(5).

     ssh exits with the exit status of the remote command or with 255 if an
     error occurred.

AUTHENTICATION
     The OpenSSH SSH client supports SSH protocols 1 and 2.  Protocol 2 is the
     default, with ssh falling back to protocol 1 if it detects protocol 2 is
     unsupported.  These settings may be altered using the Protocol option in
     ssh_config(5), or enforced using the -1 and -2 options (see above).  Both
     protocols support similar authentication methods, but protocol 2 is preâ
     ferred since it provides additional mechanisms for confidentiality (the
     traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and
     integrity (hmac-md5, hmac-sha1, hmac-ripemd160).  Protocol 1 lacks a
     strong mechanism for ensuring the integrity of the connection.

     The methods available for authentication are: host-based authentication,
     public key authentication, challenge-response authentication, and passâ
     word authentication.  Authentication methods are tried in the order specâ
     ified above, though protocol 2 has a configuration option to change the
     default order: PreferredAuthentications.

     Host-based authentication works as follows: If the machine the user logs
     in from is listed in /etc/hosts.equiv or /etc/ssh/shosts.equiv on the
     remote machine, and the user names are the same on both sides, or if the
     files ~/.rhosts or ~/.shosts exist in the userâs home directory on the
     remote machine and contain a line containing the name of the client
     machine and the name of the user on that machine, the user is considered
     for login.  Additionally, the server must be able to verify the clientâs
     host key (see the description of /etc/ssh/ssh_known_hosts and
     ~/.ssh/known_hosts, below) for login to be permitted.  This authenticaâ
     tion method closes security holes due to IP spoofing, DNS spoofing, and
     routing spoofing.  [Note to the administrator: /etc/hosts.equiv,
     ~/.rhosts, and the rlogin/rsh protocol in general, are inherently inseâ
     cure and should be disabled if security is desired.]

     Public key authentication works as follows: The scheme is based on pubâ
     lic-key cryptography, using cryptosystems where encryption and decryption
     are done using separate keys, and it is unfeasible to derive the decrypâ
     tion key from the encryption key.  The idea is that each user creates a
     public/private key pair for authentication purposes.  The server knows
     the public key, and only the user knows the private key.  ssh implements
     public key authentication protocol automatically, using either the RSA or
     DSA algorithms.  Protocol 1 is restricted to using only RSA keys, but
     protocol 2 may use either.  The HISTORY section of ssl(8) contains a
     brief discussion of the two algorithms.

     The file ~/.ssh/authorized_keys lists the public keys that are permitted
     for logging in.  When the user logs in, the ssh program tells the server
     which key pair it would like to use for authentication.  The client
     proves that it has access to the private key and the server checks that
     the corresponding public key is authorized to accept the account.

     The user creates his/her key pair by running ssh-keygen(1).  This stores
     the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
     2 DSA), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
     ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), or
     ~/.ssh/id_rsa.pub (protocol 2 RSA) in the userâs home directory.  The
     user should then copy the public key to ~/.ssh/authorized_keys in his/her
     home directory on the remote machine.  The authorized_keys file correâ
     sponds to the conventional ~/.rhosts file, and has one key per line,
     though the lines can be very long.  After this, the user can log in withâ
     out giving the password.

     The most convenient way to use public key authentication may be with an
     authentication agent.  See ssh-agent(1) for more information.

     Challenge-response authentication works as follows: The server sends an
     arbitrary "challenge" text, and prompts for a response.  Protocol 2
     allows multiple challenges and responses; protocol 1 is restricted to
     just one challenge/response.  Examples of challenge-response authenticaâ
     tion include BSD Authentication (see login.conf(5)) and PAM (some non-
     OpenBSD systems).

     Finally, if other authentication methods fail, ssh prompts the user for a
     password.  The password is sent to the remote host for checking; however,
     since all communications are encrypted, the password cannot be seen by
     someone listening on the network.

     ssh automatically maintains and checks a database containing identificaâ
     tion for all hosts it has ever been used with.  Host keys are stored in
     ~/.ssh/known_hosts in the userâs home directory.  Additionally, the file
     /etc/ssh/ssh_known_hosts is automatically checked for known hosts.  Any
     new hosts are automatically added to the userâs file.  If a hostâs idenâ
     tification ever changes, ssh warns about this and disables password
     authentication to prevent server spoofing or man-in-the-middle attacks,
     which could otherwise be used to circumvent the encryption.  The
     StrictHostKeyChecking option can be used to control logins to machines
     whose host key is not known or has changed.

     When the userâs identity has been accepted by the server, the server
     either executes the given command, or logs into the machine and gives the
     user a normal shell on the remote machine.  All communication with the
     remote command or shell will be automatically encrypted.

     If a pseudo-terminal has been allocated (normal login session), the user
     may use the escape characters noted below.

     If no pseudo-tty has been allocated, the session is transparent and can
     be used to reliably transfer binary data.  On most systems, setting the
     escape character to ânoneâ
                                    a tty is used.

     The session terminates when the command or shell on the remote machine
     exits and all X11 and TCP connections have been closed.

ESCAPE CHARACTERS
     When a pseudo-terminal has been requested, ssh supports a number of funcâ
     tions through the use of an escape character.

     A single tilde character can be sent as ~~ or by following the tilde by a
     character other than those described below.  The escape character must
     always follow a newline to be interpreted as special.  The escape characâ
     ter can be changed in configuration files using the EscapeChar configuraâ
     tion directive or on the command line by the -e option.

     The supported escapes (assuming the default â~â) are:

     ~.      Disconnect.

     ~^Z     Background ssh.

     ~#      List forwarded connections.

     ~&      Background ssh at logout when waiting for forwarded connection /
             X11 sessions to terminate.

     ~?      Display a list of escape characters.

     ~B      Send a BREAK to the remote system (only useful for SSH protocol
             version 2 and if the peer supports it).

     ~C      Open command line.  Currently this allows the addition of port
             forwardings using the -L and -R options (see above).  It also
             allows the cancellation of existing remote port-forwardings using
             -KR hostport.  !command allows the user to execute a local comâ
             mand if the PermitLocalCommand option is enabled in
             ssh_config(5).  Basic help is available, using the -h option.

     ~R      Request rekeying of the connection (only useful for SSH protocol
             version 2 and if the peer supports it).

TCP FORWARDING
     Forwarding of arbitrary TCP connections over the secure channel can be
     specified either on the command line or in a configuration file.  One
     possible application of TCP forwarding is a secure connection to a mail
     server; another is going through firewalls.

     In the example below, we look at encrypting communication between an IRC
     client and server, even though the IRC server does not directly support
     encrypted communications.  This works as follows: the user connects to
     the remote host using ssh, specifying a port to be used to forward conâ
     nections to the remote server.  After that it is possible to start the
     service which is to be encrypted on the client machine, connecting to the
     same local port, and ssh will encrypt and forward the connection.

     The following example tunnels an IRC session from client machine
     â127.0.0.1âserver.example.comâ

         $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
         $ irc -c â#usersâ -p 1234 pinky 127.0.0.1

     This tunnels a connection to IRC server âserver.example.comâ
                                                                      channel â#usersâpinkyâ
                                                                                                 which port is used, as long as
itâs greater than 1023 (remember, only
     root can open sockets on privileged ports) and doesnât conflict with any
     ports already in use.  The connection is forwarded to port 6667 on the
     remote server, since thatâs the standard port for IRC services.

     The -f option backgrounds ssh and the remote command âsleep 10â
                                                                         fied to allow an amount of time (10 seconds, in the exa
mple) to start the
     service which is to be tunnelled.  If no connections are made within the
     time specified, ssh will exit.

X11 FORWARDING
     If the ForwardX11 variable is set to âyesâ
                                                    -X, -x, and -Y options above) and the user is using X11 (the DISPLAY
     environment variable is set), the connection to the X11 display is autoâ
     matically forwarded to the remote side in such a way that any X11 proâ
     grams started from the shell (or command) will go through the encrypted
     channel, and the connection to the real X server will be made from the
     local machine.  The user should not manually set DISPLAY.  Forwarding of
     X11 connections can be configured on the command line or in configuration
     files.

     The DISPLAY value set by ssh will point to the server machine, but with a
     display number greater than zero.  This is normal, and happens because
     ssh creates a âproxyâ
                               connections over the encrypted channel.

     ssh will also automatically set up Xauthority data on the server machine.
     For this purpose, it will generate a random authorization cookie, store
     it in Xauthority on the server, and verify that any forwarded connections
     carry this cookie and replace it by the real cookie when the connection
     is opened.  The real authentication cookie is never sent to the server
     machine (and no cookies are sent in the plain).

     If the ForwardAgent variable is set to âyesâ
                                                      the -A and -a options above) and the user is using an authentication
     agent, the connection to the agent is automatically forwarded to the
     remote side.

VERIFYING HOST KEYS
     When connecting to a server for the first time, a fingerprint of the
     serverâs public key is presented to the user (unless the option
     StrictHostKeyChecking has been disabled).  Fingerprints can be determined
     using ssh-keygen(1):

           $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key

     If the fingerprint is already known, it can be matched and verified, and
     the key can be accepted.  If the fingerprint is unknown, an alternative
     method of verification is available: SSH fingerprints verified by DNS.
     An additional resource record (RR), SSHFP, is added to a zonefile and the
     connecting client is able to match the fingerprint with that of the key
     presented.

     In this example, we are connecting a client to a server,
     âhost.example.comâ
                            the zonefile for host.example.com:

           $ ssh-keygen -f /etc/ssh/ssh_host_rsa_key.pub -r host.example.com.
           $ ssh-keygen -f /etc/ssh/ssh_host_dsa_key.pub -r host.example.com.

     The output lines will have to be added to the zonefile.  To check that
     the zone is answering fingerprint queries:

           $ dig -t SSHFP host.example.com

     Finally the client connects:

           $ ssh -o "VerifyHostKeyDNS ask" host.example.com
           [...]
           Matching host key fingerprint found in DNS.
           Are you sure you want to continue connecting (yes/no)?

     See the VerifyHostKeyDNS option in ssh_config(5) for more information.

SSH-BASED VIRTUAL PRIVATE NETWORKS
     ssh contains support for Virtual Private Network (VPN) tunnelling using
     the tun(4) network pseudo-device, allowing two networks to be joined
     securely.  The sshd_config(5) configuration option PermitTunnel controls
     whether the server supports this, and at what level (layer 2 or 3 trafâ
     fic).

     The following example would connect client network 10.0.50.0/24 with
     remote network 10.0.99.0/24, provided that the SSH server running on the
     gateway to the remote network, at 192.168.1.15, allows it:

           # ssh -f -w 0:1 192.168.1.15 true
           # ifconfig tun0 10.0.50.1 10.0.99.1 netmask 255.255.255.252

     Client access may be more finely tuned via the /root/.ssh/authorized_keys
     file (see below) and the PermitRootLogin server option.  The following
     entry would permit connections on the first tun(4) device from user
     âjaneâjohnâ
                     set to âforced-commands-onlyâ

       tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
       tunnel="2",command="sh /etc/netstart tun1" ssh-rsa ... john

     Since a SSH-based setup entails a fair amount of overhead, it may be more
     suited to temporary setups, such as for wireless VPNs.  More permanent
     VPNs are better provided by tools such as ipsecctl(8) and isakmpd(8).

ENVIRONMENT
     ssh will normally set the following environment variables:

     DISPLAY               The DISPLAY variable indicates the location of the
                           X11 server.  It is automatically set by ssh to
                           point to a value of the form âhostname:nâ
                                                                                               âhostnameâ

    and ânâ is an integer ⥠1.  ssh uses this special
                           value to forward X11 connections over the secure
                           channel.  The user should normally not set DISPLAY
                           explicitly, as that will render the X11 connection
                           insecure (and will require the user to manually
                           copy any required authorization cookies).

     HOME                  Set to the path of the userâs home directory.

     LOGNAME               Synonym for USER; set for compatibility with sysâ
                           tems that use this variable.

     MAIL                  Set to the path of the userâs mailbox.

     PATH                  Set to the default PATH, as specified when compilâ
                           ing ssh.

     SSH_ASKPASS           If ssh needs a passphrase, it will read the
                           passphrase from the current terminal if it was run
                           from a terminal.  If ssh does not have a terminal
                           associated with it but DISPLAY and SSH_ASKPASS are
                           set, it will execute the program specified by
                           SSH_ASKPASS and open an X11 window to read the
                           passphrase.  This is particularly useful when callâ
                           ing ssh from a .xsession or related script.  (Note
                           that on some machines it may be necessary to rediâ
                           rect the input from /dev/null to make this work.)

     SSH_AUTH_SOCK         Identifies the path of a UNIX-domain socket used to
                           communicate with the agent.

     SSH_CONNECTION        Identifies the client and server ends of the conâ
                           nection.  The variable contains four space-sepaâ
                           rated values: client IP address, client port numâ
                           ber, server IP address, and server port number.

     SSH_ORIGINAL_COMMAND  This variable contains the original command line if
                           a forced command is executed.  It can be used to
                           extract the original arguments.

     SSH_TTY               This is set to the name of the tty (path to the
                           device) associated with the current shell or comâ
                           mand.  If the current session has no tty, this
                           variable is not set.

     TZ                    This variable is set to indicate the present time
                           zone if it was set when the daemon was started
                           (i.e., the daemon passes the value on to new conâ
                           nections).

     USER                  Set to the name of the user logging in.

     Additionally, ssh reads ~/.ssh/environment, and adds lines of the format
     âVARNAME=valueâ
                         allowed to change their environment.  For more information, see the
     PermitUserEnvironment option in sshd_config(5).

FILES
     ~/.rhosts
             This file is used for host-based authentication (see above).  On
             some machines this file may need to be world-readable if the
             userâs home directory is on an NFS partition, because sshd(8)
             reads it as root.  Additionally, this file must be owned by the
             user, and must not have write permissions for anyone else.  The
             recommended permission for most machines is read/write for the
             user, and not accessible by others.

     ~/.shosts
             This file is used in exactly the same way as .rhosts, but allows
             host-based authentication without permitting login with
             rlogin/rsh.

     ~/.ssh/authorized_keys
             Lists the public keys (RSA/DSA) that can be used for logging in
             as this user.  The format of this file is described in the
             sshd(8) manual page.  This file is not highly sensitive, but the
             recommended permissions are read/write for the user, and not
             accessible by others.

     ~/.ssh/config
             This is the per-user configuration file.  The file format and
             configuration options are described in ssh_config(5).  Because of
             the potential for abuse, this file must have strict permissions:
             read/write for the user, and not accessible by others.  It may be
             group-writable provided that the group in question contains only
             the user.

     ~/.ssh/environment
             Contains additional definitions for environment variables; see
             ENVIRONMENT, above.

     ~/.ssh/identity
     ~/.ssh/id_dsa
     ~/.ssh/id_rsa
             Contains the private key for authentication.  These files contain
             sensitive data and should be readable by the user but not accesâ
             sible by others (read/write/execute).  ssh will simply ignore a
             private key file if it is accessible by others.  It is possible
             to specify a passphrase when generating the key which will be
             used to encrypt the sensitive part of this file using 3DES.

     ~/.ssh/identity.pub
     ~/.ssh/id_dsa.pub
     ~/.ssh/id_rsa.pub
             Contains the public key for authentication.  These files are not
             sensitive and can (but need not) be readable by anyone.

     ~/.ssh/known_hosts
             Contains a list of host keys for all hosts the user has logged
             into that are not already in the systemwide list of known host
             keys.  See sshd(8) for further details of the format of this
             file.

     ~/.ssh/rc
             Commands in this file are executed by ssh when the user logs in,
             just before the userâs shell (or command) is started.  See the
             sshd(8) manual page for more information.

     /etc/hosts.equiv
             This file is for host-based authentication (see above).  It
             should only be writable by root.

     /etc/ssh/shosts.equiv
             This file is used in exactly the same way as hosts.equiv, but
             allows host-based authentication without permitting login with
             rlogin/rsh.

     /etc/ssh/ssh_config
             Systemwide configuration file.  The file format and configuration
             options are described in ssh_config(5).

     /etc/ssh/ssh_host_key
     /etc/ssh/ssh_host_dsa_key
     /etc/ssh/ssh_host_rsa_key
             These three files contain the private parts of the host keys and
             are used for host-based authentication.  If protocol version 1 is
             used, ssh must be setuid root, since the host key is readable
             only by root.  For protocol version 2, ssh uses ssh-keysign(8) to
             access the host keys, eliminating the requirement that ssh be
             setuid root when host-based authentication is used.  By default
             ssh is not setuid root.

     /etc/ssh/ssh_known_hosts
             Systemwide list of known host keys.  This file should be prepared
             by the system administrator to contain the public host keys of
             all machines in the organization.  It should be world-readable.
             See sshd(8) for further details of the format of this file.

     /etc/ssh/sshrc
             Commands in this file are executed by ssh when the user logs in,
             just before the userâs shell (or command) is started.  See the
             sshd(8) manual page for more information.

SEE ALSO
     scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-argv0(1), ssh-keygen(1),
     ssh-keyscan(1), tun(4), hosts.equiv(5), ssh_config(5), ssh-keysign(8),
     sshd(8)

     T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH
     Protocol Architecture, draft-ietf-secsh-architecture-12.txt, January
     2002, work in progress material.

AUTHORS
     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
     de Raadt and Dug Song removed many bugs, re-added newer features and creâ
     ated OpenSSH.  Markus Friedl contributed the support for SSH protocol
     versions 1.5 and 2.0.

BSD                           September 25, 1999                           BSD
idptransfer:~#

}}}
{{{
idp@deb-nfs1:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/idp/.ssh/id_rsa):
/home/idp/.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/idp/.ssh/id_rsa.
Your public key has been saved in /home/idp/.ssh/id_rsa.pub.
The key fingerprint is:
b0:06:31:1c:8b:30:46:72:cb:db:b1:57:c1:3a:d5:0a idp@deb-nfs1
idp@deb-nfs1:~$ cd .ssh
idp@deb-nfs1:~/.ssh$ ls -Flash
total 20K
4.0K drwx------ 2 idp idp 4.0K 2007-06-12 16:09 ./
4.0K drwx------ 3 idp idp 4.0K 2007-06-12 16:02 ../
4.0K -rw------- 1 idp idp 1.7K 2007-06-12 20:03 id_rsa
4.0K -rw-r--r-- 1 idp idp  394 2007-06-12 20:03 id_rsa.pub
4.0K -rw-r--r-- 1 idp idp  442 2007-06-12 16:09 known_hosts
idp@deb-nfs1:~/.ssh$ scp ./id_rsa.pub idp@192.168.10.201:~/
idp@192.168.10.201's password:
id_rsa.pub                                                                                    100%  394     0.4KB/s   00:00
idp@deb-nfs1:~/.ssh$ ssh idp@192.168.10.201
idp@192.168.10.201's password:
Linux idptransfer 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Jul  5 12:40:28 2007 from 192.168.10.109
idp@idptransfer:~$ ls -Flash
total 44K
4.0K drwxr-xr-x 4 idp  idp  4.0K 2007-08-21 07:47 ./
4.0K drwxr-xr-x 4 root root 4.0K 2007-06-08 10:44 ../
4.0K -rw------- 1 idp  idp  1.6K 2007-08-21 07:43 .bash_history
4.0K -rw-r--r-- 1 idp  idp   220 2007-06-08 10:44 .bash_logout
4.0K -rw-r--r-- 1 idp  idp   414 2007-06-08 10:44 .bash_profile
4.0K -rw-r--r-- 1 idp  idp  2.2K 2007-06-08 10:44 .bashrc
4.0K -rw-r--r-- 1 idp  idp   394 2007-08-21 07:47 id_rsa.pub
4.0K -rw------- 1 idp  idp    47 2007-08-21 06:32 .lesshst
4.0K -rw-r--r-- 1 root root  402 2007-08-21 10:14 ssalomon.lxwypweb01.pub
4.0K drwx------ 2 idp  idp  4.0K 2007-08-21 07:45 .ssh/
4.0K drwxrw-rw- 2 idp  idp  4.0K 2007-07-05 11:45 TRANSFER/
idp@idptransfer:~$ mv id_rsa.pub idp.deb-nfs1.pub
idp@idptransfer:~$ cat idp.deb-nfs1.pub >> .ssh/authorized_keys
idp@idptransfer:~$ logout
Connection to 192.168.10.201 closed.
idp@deb-nfs1:~/.ssh$ ssh idp@192.168.10.201
Linux idptransfer 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Aug 21 07:47:51 2007 from 192.168.10.100
idp@idptransfer:~$
}}}
!!! 6.x:
{{{
passwd <password>
enable password <password>
hostname <hostname>
domain-name <domainname>
ca gen rsa key 1024
ca save all
}}}
!!!7.x:
{{{
passwd <password>
enable password <password>
hostname <hostname>
crypto key generate rsa modulus 2048
end
wr me
}}}
{{{
FW1#  sh ssh sessions

SID Client IP       Version Mode Encryption Hmac     State            Username
1   72.43.91.101    2.0     IN   aes256-cbc sha1     SessionStarted   pix
                            OUT  aes256-cbc sha1     SessionStarted   pix
}}}
Private Key is on the host you are connecting from (source/ssh client)
Public key is on the host you are connecting to (target/ssh server)

RSA: ssh version 1
DSA: ssh version 2

I'm using dsa/v2 here.

On the source/ssh client run:
{{{
ssh-keygen -t dsa
}}}

Notice the perms: ~/.ssh has 700, id_dsa has 600, and id_dsa.pub has 644.
{{{
idp@idptransfer:~/.ssh$ pwd
/home/idp/.ssh
idp@idptransfer:~/.ssh$ ls -Flash
total 16K
4.0K drwx------ 2 idp idp 4.0K 2007-07-05 09:32 ./
4.0K drwxr-xr-x 4 idp idp 4.0K 2007-07-05 09:31 ../
4.0K -rw------- 1 idp idp  668 2007-07-05 09:32 id_dsa
4.0K -rw-r--r-- 1 idp idp  605 2007-07-05 09:32 id_dsa.pub
idp@idptransfer:~/.ssh$
}}}

Now copy the id_dsa.pub to your remote machine (target/ssh server), append the file to ~/.ssh/authorized_keys and you should have a secured, passwordless login from remote to local

From [[SSH Man Page]]
{{{
     The file ~/.ssh/authorized_keys lists the public keys that are permitted
     for logging in.  When the user logs in, the ssh program tells the server
     which key pair it would like to use for authentication.  The client
     proves that it has access to the private key and the server checks that
     the corresponding public key is authorized to accept the account.

     The user creates his/her key pair by running ssh-keygen(1).  This stores
     the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
     2 DSA), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
     ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), or
     ~/.ssh/id_rsa.pub (protocol 2 RSA) in the userâs home directory.  The
     user should then copy the public key to ~/.ssh/authorized_keys in his/her
     home directory on the remote machine.  The authorized_keys file correâ
     sponds to the conventional ~/.rhosts file, and has one key per line,
     though the lines can be very long.  After this, the user can log in withâ
     out giving the password.

     The most convenient way to use public key authentication may be with an
     authentication agent.  See ssh-agent(1) for more information.
}}}

References:
http://sourceforge.net/docman/display_doc.php?docid=761&group_id=1
http://www.ibm.com/developerworks/library/l-keyc.html

[[SSH Man Page]]
{{{
<Name>
<VPNGroupPolicyName>
<LocalNet>
<LocalNetMask>
<VPNClientIPPoolName>
<VPNClientIPPoolNet>
<VPNClientIPPoolNetMask>
<VPNClientIPPoolNetBegin>
<VPNClientIPPoolNetEnd>
<VPNClientSplitTunnelACLName>
<Nat0ACLName>
}}}
{{{
!ADD Group & User Account to AD
!Group account MUST be located in *VPNGroups OU
}}}
{{{
ldap attribute-map LDAPMap
map-value memberOf CN=<VPNGroupPolicyName>,OU=*VPNGroups,OU=MyUsers,DC=domain,DC=internal <VPNGroupPolicyName>

access-list <Nat0ACLName> remark BEGIN >>>>> <Name> Support SSL VPN Client Nat0
access-list <Nat0ACLName> extended permit ip <LocalNet> <LocalNetMask> <VPNClientIPPoolNet> <VPNClientIPPoolNetMask>
access-list <Nat0ACLName> extended permit ip <LocalNet> <LocalNetMask> <VPNClientIPPoolNet> <VPNClientIPPoolNetMask>
access-list <Nat0ACLName> remark END   >>>>> <Name> Support SSL VPN Client Nat0

ip local pool <VPNClientIPPoolName> <VPNClientIPPoolNetBegin>-<VPNClientIPPoolNetEnd> mask <VPNClientIPPoolNetMask>

access-list <VPNClientSplitTunnelACLName> extended permit ip object-group <GroupName> host <z.y.x.w>

group-policy <VPNGroupPolicyName> internal
group-policy <VPNGroupPolicyName> attributes
!change below to accomodate # of logins on this VPN Client Policy
!3 for a single user
!I use (# of users) +5
 vpn-simultaneous-logins 3
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value <VPNClientSplitTunnelACLName>
 address-pools value <VPNClientIPPoolName>
}}}
/***
|Name:|SaveCloseTiddlerPlugin|
|Description:|Provides two extra toolbar commands, saveCloseTiddler and cancelCloseTiddler|
|Version:|3.0 ($Rev: 3861 $)|
|Date:|$Date: 2008-03-08 10:53:09 +1000 (Sat, 08 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#SaveCloseTiddlerPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
To use these you must add them to the tool bar in your EditTemplate
***/
//{{{
merge(config.commands,{

	saveCloseTiddler: {
		text: 'done/close',
		tooltip: 'Save changes to this tiddler and close it',
		handler: function(e,src,title) {
			config.commands.saveTiddler.handler(e,src,title);
			config.commands.closeTiddler.handler(e,src,title);
			return false;
		}
	},

	cancelCloseTiddler: {
		text: 'cancel/close',
		tooltip: 'Undo changes to this tiddler and close it',
		handler: function(e,src,title) {
			config.commands.cancelTiddler.handler(e,src,title);
			config.commands.closeTiddler.handler(e,src,title);
			return false;
		}
	}

});

//}}}
{{{
@echo off
setlocal enabledelayedexpansion
for /f %%g in (file.txt) do (
	sleep 61
	for /f "tokens=1,2 delims=: " %%h in ('time /t') do (
		set NowTime=%%h:%%i
	)
	xcopy /e /c /y /i "\\fs1\data\information systems\installers\bin" \\%%g\c$\bin
	schtasks /create /f /tn ServerAudit /tr c:\bin\helpstaraudit\serveraudit.cmd /sc daily /st !nowtime! /s %%g /ru "System"
	schtasks /run /tn ServerAudit /s %%g	
)
}}}
!!!Starting
screen
!!!reattaching
screen -ls
screen -R
!!!listing
Ctrl-a "
!!!navigation
Ctrl-a n :: next screen
Ctrl-a c :: create new screen
Ctrl-a p :: previous screen
Ctrl-a A :: assign name to a screen
!!!Regions
CTRL-a S :: Start new region
CTRL-a [TAB] :: switch regions
CTRL-a X :: Close  region
http://www.cymru.com/Documents/secure-ios-template.html

This version: 5.4 5/12/2008
{{{
Template

The commands are in BOLD text so that they stand out from the surrounding comments.

! Secure router configuration template.
! Version 3.1
! @(#)Secure IOS template v3.1 17 NOV 2003 Rob Thomas noc@cymru.com
! @(#)http://www.cymru.com/Documents/secure-ios-template.html
!
! This configuration assumes the following topology:
!
! Upstream/Internet
! 5.5.5.1/24
!       |
! 5.5.5.254/24 (Ethernet 2/0)
! THIS ROUTER
! 6.6.6.254/24 (Ethernet 2/1)
!       |
! 6.6.6.1/24
! Firewall
! 7.7.7.1/24
!       |
! 7.7.7.0/24
! Intranet
!
! In this case, 7.7.7.5 is the loghost, FTP server, etc.
! for the router. It could also be the firewall if
! circumstances dictate.
!
service nagle
service tcp-keepalives-in
service tcp-keepalives-out
! Show copious timestamps in our logs
service timestamps debug datetime msec show-timezone localtime
service timestamps log datetime msec show-timezone localtime
service password-encryption
no service dhcp
!
hostname secure-router01
!
boot system flash slot0:rsp-pv-mz.121-5a.bin
logging buffered 16384 debugging
no logging console
enable secret <PASSWORD>
no enable password
!
! Use TACACS+ for AAA. Ensure that the local account is
! case-sensitive, thus making brute-force attacks less
! effective.
aaa new-model
aaa authentication login default group tacacs+ local-case
aaa authentication enable default group tacacs+ enable
aaa authorization commands 15 default group tacacs+ local
aaa accounting exec default stop-only group tacacs+
aaa accounting commands 15 default stop-only group tacacs+
aaa accounting network default stop-only group tacacs+
tacacs-server host 7.7.7.5
tacacs-server key cheezit
!
! In the event that TACACS+ fails, use case-sensitve local
! authentication instead. Keeps the hackers guessing, and
! the router more secure.
username <USERNAME> secret <PASSWORD>
!
! Logging the commands run while at enable level access is
! a great way to track mistakes, security issues, etc.
archive
 log config
  logging enable
  logging size 500
  notify syslog
  hidekeys
!
! Ensure TCL doesn't use an initilizaion file where available. This won't show up in the
! config. It will break your router-based TCL scripts if
! if you use such, so use with care!
no scripting tcl init
no scripting tcl encdir
!
! Enable the netflow top talkers feature.
! You can see the top N talkers (50 in this example) with the
! show ip flow top-talkers command. This is a handy
! utility to use during DDoS attacks and traffic issues. You
! can sort-by either packets or bytes, as you prefer.
ip flow-top-talkers
 top 50
 sort-by packets
!
! Don't run the HTTP server.
no ip http server
no ip http secure-server
!
! Allow us to use the low subnet and go classless
ip subnet-zero
ip classless
!
! Disable noxious services
no service pad
no ip source-route
no ip finger
no ip bootp server
no ip domain-lookup
!
! Catch crash dumps; very important with a "security router."
ip ftp username rooter
ip ftp password <PASSWORD>
! Give our core dump files a unique name.
exception core-file secure-router01-core
exception protocol ftp
exception dump 7.7.7.5
! Fire up CEF for both performance and security.
ip cef
! Set the timezone properly. It is best to standardize on one
! timezone for all routers, thus making problem tracking easier.
clock timezone GMT 0
! Synchronize our clocks with a local (trusted and authenticated)
! NTP server. The SECRETKEY must be the same on both the router
! and the NTP server.
ntp authentication-key 6767 md5 <SECRETKEY>
ntp authenticate
ntp update-calendar
ntp server 7.7.7.5
!
! Configure the loopback0 interface as the source of our log
! messages. This is often used for routing protocols as well.
! Select an IP address that uniquely identifies this router.
! One trick is to allocate a netblock for use as the router
! loopback netblock.
int loopback0
 ip address 10.10.10.10 255.255.255.255
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
! Configure null0 as a place to send naughty packets. This
! becomes the "roach motel" for packets -- they can route in,
! but they can't route out.
interface null0
 no ip unreachables
!
interface Ethernet2/0
 description Unprotected interface, facing towards Internet
 ip address 5.5.5.254 255.255.255.0
 ! Do we run CEF verify? Yes if the data path is symmetric. No
 ! if the data path is asymmetric.
 ip verify unicast reverse-path
 ! Apply our template ACL
 ip access-group 2010 in
 ! Allow UDP to occupy no more than 2 Mb/s of the pipe.
 rate-limit input access-group 150 2010000 250000 250000 conform-action transmit exceed-action drop
 ! Allow ICMP to occupy no more than 500 Kb/s of the pipe.
 rate-limit input access-group 160 500000 62500 62500 conform-action transmit exceed-action drop
 ! Allow multicast to occupy no more than 5 Mb/s of the pipe.
 rate-limit input access-group 170 5000000 375000 375000 conform-action transmit exceed-action drop
 ! Don't send redirects.
 no ip redirects
 ! Don't send unreachables.
 ! NOTE WELL that this may break PMTU discovery.
 ! For example, if this router is edge for a VPN of any sort, you might need
 ! to enable ip unreachables
 ! A typical symptom is ping working but a larger transmission doesn't.
 no ip unreachables
 ! Don't propogate smurf attacks.
 no ip directed-broadcast
 ! Don't pretend to be something you're not. :-)
 no ip proxy-arp
 ! Do not reveal our netmask
 no ip mask-reply
 ! Log all naughty business.
 ip accounting access-violations
 ! If you allow multicast in your network or participate in the
 ! MBONE, the following multicast filtering steps will help to
 ! ensure a secure multicast environment. These must be applied
 ! per interface.
 ip multicast boundary 30
 !
 ! Keep flow data for analysis. If possible, export it to a
 ! cflowd server.
 ip route-cache flow
!
interface Ethernet2/1
 description Protected interface, facing towards DMZ
 ip address 6.6.6.254 255.255.255.0
 ! Do we run CEF verify? Yes if the data path is symmetric. No
 ! if the data path is asymmetric.
 ip verify unicast reverse-path
 ! If we are using RPF, comment out the ACL below.
 ip access-group 115 in
 no ip redirects
 no ip unreachables
 no ip directed-broadcast
 no ip proxy-arp
 ip accounting access-violations
 ip multicast boundary 30
 no ip mask-reply
 ip route-cache flow
!
! Default route to the Internet (could be a routing
! protocol instead)
ip route 0.0.0.0 0.0.0.0 5.5.5.1
! Route to network on the other side of the firewall
ip route 7.7.7.0 255.255.255.0 6.6.6.1
! Black hole routes. Do not combine this with TCP Intercept;
! in fact, don't use TCP Intercept at all.
ip route 1.0.0.0 255.0.0.0 null0
ip route 2.0.0.0 255.0.0.0 null0
ip route 5.0.0.0 255.0.0.0 null0
ip route 10.0.0.0 255.0.0.0 null0
ip route 14.0.0.0 255.0.0.0 null0
ip route 23.0.0.0 255.0.0.0 null0
ip route 27.0.0.0 255.0.0.0 null0
ip route 31.0.0.0 255.0.0.0 null0
ip route 36.0.0.0 255.0.0.0 null0
ip route 37.0.0.0 255.0.0.0 null0
ip route 39.0.0.0 255.0.0.0 null0
ip route 42.0.0.0 255.0.0.0 null0
ip route 46.0.0.0 255.0.0.0 null0
ip route 49.0.0.0 255.0.0.0 null0
ip route 50.0.0.0 255.0.0.0 null0
ip route 100.0.0.0 255.0.0.0 null0
ip route 101.0.0.0 255.0.0.0 null0
ip route 102.0.0.0 255.0.0.0 null0
ip route 103.0.0.0 255.0.0.0 null0
ip route 104.0.0.0 255.0.0.0 null0
ip route 105.0.0.0 255.0.0.0 null0
ip route 106.0.0.0 255.0.0.0 null0
ip route 107.0.0.0 255.0.0.0 null0
ip route 108.0.0.0 255.0.0.0 null0
ip route 109.0.0.0 255.0.0.0 null0
ip route 110.0.0.0 255.0.0.0 null0
ip route 111.0.0.0 255.0.0.0 null0
ip route 112.0.0.0 255.0.0.0 null0
ip route 113.0.0.0 255.0.0.0 null0
ip route 127.0.0.0 255.0.0.0 null0
ip route 169.254.0.0 255.255.0.0 null0
ip route 172.16.0.0 255.240.0.0 null0
ip route 175.0.0.0 255.0.0.0 null0
ip route 176.0.0.0 255.0.0.0 null0
ip route 177.0.0.0 255.0.0.0 null0
ip route 178.0.0.0 255.0.0.0 null0
ip route 179.0.0.0 255.0.0.0 null0
ip route 180.0.0.0 255.0.0.0 null0
ip route 181.0.0.0 255.0.0.0 null0
ip route 182.0.0.0 255.0.0.0 null0
ip route 183.0.0.0 255.0.0.0 null0
ip route 184.0.0.0 255.0.0.0 null0
ip route 185.0.0.0 255.0.0.0 null0
ip route 192.0.2.0 255.255.255.0 null0
ip route 192.168.0.0 255.255.0.0 null0
ip route 197.0.0.0 255.0.0.0 null0
ip route 223.0.0.0 255.0.0.0 null0
!
! Export our NetFlow data to our NetFlow server, 7.7.7.5. NetFlow
! provides some statistics that can be of use when tracing the true
! source of a spoofed attack.
ip flow-export source loopback0
ip flow-export destination 7.7.7.5 2055
ip flow-export version 5 origin-as
!
! Log anything interesting to the loghost. Capture all of
! the logging output with FACILITY LOCAL5.
logging trap debugging
logging facility local5
logging source-interface loopback0
logging 7.7.7.5
!
! With the ACLs, it is important to log the naughty folks.
! Thus, the implicit drop all ACL is replaced (augmented,
! actually) with an explicit drop all that logs the attempt.
! You may wish to keep a second list (e.g. 2011) that does not
! log. During an attack, the additional logging can impact the
! performance of the router. Simply copy and paste access-list 2010,
! remove the log-input keyword, and name it access-list 2011. Then
! when an attack rages, you can replace access-list 2010 on the
! Internet-facing interface with access-list 2011.
!
! Block SNMP access to all but the loghost
access-list 20 remark SNMP ACL
access-list 20 permit 7.7.7.5
access-list 20 deny any log
!
! Multicast - filter out obviously naughty or needless traffic
access-list 30 remark Multicast filtering ACL
! Link local
access-list 30 deny 224.0.0.0 0.0.0.255 log
! Locally scoped
access-list 30 deny 239.0.0.0 0.255.255.255 log
! sgi-dogfight
access-list 30 deny host 224.0.1.2 log
! rwhod
access-list 30 deny host 224.0.1.3 log
! ms-srvloc
access-list 30 deny host 224.0.1.22 log
! ms-ds
access-list 30 deny host 224.0.1.24 log
! ms-servloc-da
access-list 30 deny host 224.0.1.35 log
! hp-device-disc
access-list 30 deny host 224.0.1.60 log
! Permit all other multicast traffic
access-list 30 permit 224.0.0.0 15.255.255.255 log
!
! Block access to all but the loghost and the firewall, and log any
! denied access attempts. This also serves to create an audit trail
! of all access to the router. Extended ACLs are used to log some
! additional data.
access-list 100 remark VTY Access ACL
access-list 100 permit tcp host 7.7.7.5 host 0.0.0.0 range 22 23 log-input
access-list 100 permit tcp host 6.6.6.1 host 0.0.0.0 range 22 23 log-input
access-list 100 deny ip any any log-input
!
! Leave one VTY safe for access, just in case. The host
! 7.7.7.8 is a secure host in the NOC. If all the VTYs are
! occupied, this leaves one VTY available.
access-list 105 remark VTY Access ACL
access-list 105 permit tcp host 7.7.7.8 host 0.0.0.0 range 22 23 log-input
access-list 105 deny ip any any log-input
!
! Configure an ACL that prevents spoofing from within our network.
! This ACL assumes that we need to access the Internet only from the
! 7.7.7.0/24 network. If you have additional networks behind
! 7.7.7.0/24, then add them into this ACL.
access-list 115 remark Anti-spoofing ACL
! First, allow our intranet to access the Internet.
access-list 115 permit ip 7.7.7.0 0.0.0.255 any
! Second, allow our firewall to access the Internet. This is useful
! for testing.
access-list 115 permit ip host 6.6.6.1 any
! Now log all other such attempts.
access-list 115 deny ip any any log-input
!
! Rate limit (CAR) ACLs for UDP, ICMP, and multicast.
access-list 150 remark CAR-UDP ACL
access-list 150 permit udp any any
access-list 160 remark CAR-ICMP ACL
access-list 160 permit icmp any any
access-list 170 remark CAR-Multicast ACL
access-list 170 permit ip any 224.0.0.0 15.255.255.255
!
! Deny any packets from the RFC 1918, IANA reserved, test,
! multicast as a source, and loopback netblocks to block
! attacks from commonly spoofed IP addresses.
access-list 2010 remark Anti-bogon ACL
! Claims it came from the inside network, yet arrives on the
! outside (read: Internet) interface. Do not use this if CEF
! has been configured to take care of spoofing.
! access-list 2010 deny ip 6.6.6.0 0.0.0.255 any log-input
! access-list 2010 deny ip 7.7.7.0 0.0.0.255 any log-input
! Bogons
access-list 2010 deny ip 0.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 1.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 2.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 5.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 10.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 14.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 23.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 27.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 31.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 36.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 37.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 39.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 42.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 46.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 49.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 50.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 100.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 101.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 102.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 103.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 104.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 105.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 106.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 107.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 108.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 109.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 110.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 111.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 112.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 113.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 127.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 169.254.0.0 0.0.255.255 any log-input
access-list 2010 deny ip 172.16.0.0 0.15.255.255 any log-input
access-list 2010 deny ip 175.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 176.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 177.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 178.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 179.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 180.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 181.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 182.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 183.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 184.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 185.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 192.0.2.0 0.0.0.255 any log-input
access-list 2010 deny ip 192.168.0.0 0.0.255.255 any log-input
access-list 2010 deny ip 197.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 223.0.0.0 0.255.255.255 any log-input
access-list 2010 deny ip 224.0.0.0 31.255.255.255 any log-input
! Drop all ICMP fragments
access-list 2010 deny icmp any any fragments log-input
! Allow IP access to the intranet (firewall filters specific ports)
access-list 2010 permit ip any 7.7.7.0 0.0.0.255
! Allow multicast to enter. See also access-list 30 for more
! specific multicast rules.
access-list 2010 permit ip any 224.0.0.0 15.255.255.255
! Our explicit (read: logged) drop all rule
access-list 2010 deny ip any any log-input
!
! Do not share CDP information, which contains key bits about our
! configuration, etc. This command disabled CDP globally. If you
! require CDP on an interface, use cdp run and disable cdp
! (no cdp enable) on the Internet-facing interface.
no cdp run
! SNMP is VERY important, particularly with MRTG.
! Treat the COMMUNITY string as a password - keep it difficult to guess.
snmp-server community <COMMUNITY> RO 20
!
! Introduce ourselves with an appropriately stern banner.
banner motd %
Router foo. Access to this device or the attached
networks is prohibited without express written permission.
Violators will be prosecuted to the fullest extent of both civil
and criminal law.

We don't like you. Go away.

%
!
line con 0
 exec-timeout 15 0
 transport input none
line aux 0
 exec-timeout 15 0
line vty 0 3
 access-class 100 in
 exec-timeout 15 0
! Enable SSH connectivity. This is much more secure than telnet.
! Obviously, you must have an IOS image that supports SSH, and don't
! forget to generate the key with crypto key generate rsa.
 transport input telnet ssh
line vty 4
 access-class 105 in
 exec-timeout 15 0
 transport input telnet ssh
!
}}}
/***
|Name:|SelectThemePlugin|
|Description:|Lets you easily switch theme and palette|
|Version:|1.0 ($Rev: 3646 $)|
|Date:|$Date: 2008-02-27 02:34:38 +1000 (Wed, 27 Feb 2008) $|
|Source:|http://mptw.tiddlyspot.com/#SelectThemePlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!Notes
* Borrows largely from ThemeSwitcherPlugin by Martin Budden http://www.martinswiki.com/#ThemeSwitcherPlugin
* Theme is cookie based. But set a default by setting config.options.txtTheme in MptwConfigPlugin (for example)
* Palette is not cookie based. It actually overwrites your ColorPalette tiddler when you select a palette, so beware. 
!Usage
* {{{<<selectTheme>>}}} makes a dropdown selector
* {{{<<selectPalette>>}}} makes a dropdown selector
* {{{<<applyTheme>>}}} applies the current tiddler as a theme
* {{{<<applyPalette>>}}} applies the current tiddler as a palette
* {{{<<applyTheme TiddlerName>>}}} applies TiddlerName as a theme
* {{{<<applyPalette TiddlerName>>}}} applies TiddlerName as a palette
***/
//{{{

config.macros.selectTheme = {
	label: {
      		selectTheme:"select theme",
      		selectPalette:"select palette"
	},
	prompt: {
		selectTheme:"Select the current theme",
		selectPalette:"Select the current palette"
	},
	tags: {
		selectTheme:'systemTheme',
		selectPalette:'systemPalette'
	}
};

config.macros.selectTheme.handler = function(place,macroName)
{
	var btn = createTiddlyButton(place,this.label[macroName],this.prompt[macroName],this.onClick);
	// want to handle palettes and themes with same code. use mode attribute to distinguish
	btn.setAttribute('mode',macroName);
};

config.macros.selectTheme.onClick = function(ev)
{
	var e = ev ? ev : window.event;
	var popup = Popup.create(this);
	var mode = this.getAttribute('mode');
	var tiddlers = store.getTaggedTiddlers(config.macros.selectTheme.tags[mode]);
	// for default
	if (mode == "selectPalette") {
		var btn = createTiddlyButton(createTiddlyElement(popup,'li'),"(default)","default color palette",config.macros.selectTheme.onClickTheme);
		btn.setAttribute('theme',"(default)");
		btn.setAttribute('mode',mode);
	}
	for(var i=0; i<tiddlers.length; i++) {
		var t = tiddlers[i].title;
		var name = store.getTiddlerSlice(t,'Name');
		var desc = store.getTiddlerSlice(t,'Description');
		var btn = createTiddlyButton(createTiddlyElement(popup,'li'),name ? name : title,desc ? desc : config.macros.selectTheme.label['mode'],config.macros.selectTheme.onClickTheme);
		btn.setAttribute('theme',t);
		btn.setAttribute('mode',mode);
	}
	Popup.show();
	return stopEvent(e);
};

config.macros.selectTheme.onClickTheme = function(ev)
{
	var mode = this.getAttribute('mode');
	var theme = this.getAttribute('theme');
	if (mode == 'selectTheme')
		story.switchTheme(theme);
	else // selectPalette
		config.macros.selectTheme.updatePalette(theme);
	return false;
};

config.macros.selectTheme.updatePalette = function(title)
{
	if (title != "") {
		store.deleteTiddler("ColorPalette");
		if (title != "(default)")
			store.saveTiddler("ColorPalette","ColorPalette",store.getTiddlerText(title),
					config.options.txtUserName,undefined,"");
		refreshAll();
		if(config.options.chkAutoSave)
			saveChanges(true);
	}
};

config.macros.applyTheme = {
	label: "apply",
	prompt: "apply this theme or palette" // i'm lazy
};

config.macros.applyTheme.handler = function(place,macroName,params,wikifier,paramString,tiddler) {
	var useTiddler = params[0] ? params[0] : tiddler.title;
	var btn = createTiddlyButton(place,this.label,this.prompt,config.macros.selectTheme.onClickTheme);
	btn.setAttribute('theme',useTiddler);
	btn.setAttribute('mode',macroName=="applyTheme"?"selectTheme":"selectPalette"); // a bit untidy here
}

config.macros.selectPalette = config.macros.selectTheme;
config.macros.applyPalette = config.macros.applyTheme;

config.macros.refreshAll = { handler: function(place,macroName,params,wikifier,paramString,tiddler) {
	createTiddlyButton(place,"refresh","refresh layout and styles",function() { refreshAll(); });
}};

//}}}
http://support.microsoft.com/kb/291964

you have to have outlook running.

also sometimes the outlook vba gets disabled
goto help>about>disabled items, enable it.
from http://help.lockergnome.com/office/Outlook-2003-Visual-Basic-Editor-open--ftopict1009111.html
{{{
Displays, sets, or removes cmd.exe environment variables.

SET [variable=[string]]

  variable  Specifies the environment-variable name.
  string    Specifies a series of characters to assign to the variable.

Type SET without parameters to display the current environment variables.

If Command Extensions are enabled SET changes as follows:

SET command invoked with just a variable name, no equal sign or value
will display the value of all variables whose prefix matches the name
given to the SET command.  For example:

    SET P

would display all variables that begin with the letter 'P'

SET command will set the ERRORLEVEL to 1 if the variable name is not
found in the current environment.

SET command will not allow an equal sign to be part of the name of
a variable.

Two new switches have been added to the SET command:

    SET /A expression
    SET /P variable=[promptString]

The /A switch specifies that the string to the right of the equal sign
is a numerical expression that is evaluated.  The expression evaluator
is pretty simple and supports the following operations, in decreasing
order of precedence:

    ()                  - grouping
    ! ~ -               - unary operators
    * / %               - arithmetic operators
    + -                 - arithmetic operators
    << >>               - logical shift
    &                   - bitwise and
    ^                   - bitwise exclusive or
    |                   - bitwise or
    = *= /= %= += -=    - assignment
      &= ^= |= <<= >>=
    ,                   - expression separator

If you use any of the logical or modulus operators, you will need to
enclose the expression string in quotes.  Any non-numeric strings in the
expression are treated as environment variable names whose values are
converted to numbers before using them.  If an environment variable name
is specified but is not defined in the current environment, then a value
of zero is used.  This allows you to do arithmetic with environment
variable values without having to type all those % signs to get their
values.  If SET /A is executed from the command line outside of a
command script, then it displays the final value of the expression.  The
assignment operator requires an environment variable name to the left of
the assignment operator.  Numeric values are decimal numbers, unless
prefixed by 0x for hexadecimal numbers, and 0 for octal numbers.
So 0x12 is the same as 18 is the same as 022. Please note that the octal
notation can be confusing: 08 and 09 are not valid numbers because 8 and
9 are not valid octal digits.

The /P switch allows you to set the value of a variable to a line of input
entered by the user.  Displays the specified promptString before reading
the line of input.  The promptString can be empty.

Environment variable substitution has been enhanced as follows:

    %PATH:str1=str2%

would expand the PATH environment variable, substituting each occurrence
of "str1" in the expanded result with "str2".  "str2" can be the empty
string to effectively delete all occurrences of "str1" from the expanded
output.  "str1" can begin with an asterisk, in which case it will match
everything from the beginning of the expanded output to the first
occurrence of the remaining portion of str1.

May also specify substrings for an expansion.

    %PATH:~10,5%

would expand the PATH environment variable, and then use only the 5
characters that begin at the 11th (offset 10) character of the expanded
result.  If the length is not specified, then it defaults to the
remainder of the variable value.  If either number (offset or length) is
negative, then the number used is the length of the environment variable
value added to the offset or length specified.

    %PATH:~-10%

would extract the last 10 characters of the PATH variable.

    %PATH:~0,-2%

would extract all but the last 2 characters of the PATH variable.

Finally, support for delayed environment variable expansion has been
added.  This support is always disabled by default, but may be
enabled/disabled via the /V command line switch to CMD.EXE.  See CMD /?

Delayed environment variable expansion is useful for getting around
the limitations of the current expansion which happens when a line
of text is read, not when it is executed.  The following example
demonstrates the problem with immediate variable expansion:

    set VAR=before
    if "%VAR%" == "before" (
        set VAR=after
        if "%VAR%" == "after" @echo If you see this, it worked
    )

would never display the message, since the %VAR% in BOTH IF statements
is substituted when the first IF statement is read, since it logically
includes the body of the IF, which is a compound statement.  So the
IF inside the compound statement is really comparing "before" with
"after" which will never be equal.  Similarly, the following example
will not work as expected:

    set LIST=
    for %i in (*) do set LIST=%LIST% %i
    echo %LIST%

in that it will NOT build up a list of files in the current directory,
but instead will just set the LIST variable to the last file found.
Again, this is because the %LIST% is expanded just once when the
FOR statement is read, and at that time the LIST variable is empty.
So the actual FOR loop we are executing is:

    for %i in (*) do set LIST= %i

which just keeps setting LIST to the last file found.

Delayed environment variable expansion allows you to use a different
character (the exclamation mark) to expand environment variables at
execution time.  If delayed variable expansion is enabled, the above
examples could be written as follows to work as intended:

    set VAR=before
    if "%VAR%" == "before" (
        set VAR=after
        if "!VAR!" == "after" @echo If you see this, it worked
    )

    set LIST=
    for %i in (*) do set LIST=!LIST! %i
    echo %LIST%

If Command Extensions are enabled, then there are several dynamic
environment variables that can be expanded but which don't show up in
the list of variables displayed by SET.  These variable values are
computed dynamically each time the value of the variable is expanded.
If the user explicitly defines a variable with one of these names, then
that definition will override the dynamic one described below:

%CD% - expands to the current directory string.

%DATE% - expands to current date using same format as DATE command.

%TIME% - expands to current time using same format as TIME command.

%RANDOM% - expands to a random decimal number between 0 and 32767.

%ERRORLEVEL% - expands to the current ERRORLEVEL value

%CMDEXTVERSION% - expands to the current Command Processor Extensions
    version number.

%CMDCMDLINE% - expands to the original command line that invoked the
    Command Processor.
}}}
Hive: HKEY_LOCAL_MACHINE
Key: Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders

DelegateFolders has a subkey : {59031a47-3f72-44a7-89c5-5595fe6b30ee}. Once you delete this subkey, all of the Shared Documents folders displayed on My Computer will be gone. Effect of hack is immediate. No reboot needed in XP.
{{{
@echo off

if [%1]==[] exit /b
if /i not %1==doit (exit /b)

echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b

echo.
echo Stopping MEDITECH Services.
net stop ANPServer > NUL 2>&1
net stop MAST > NUL 2>&1
net stop MSO > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Application Manager" > NUL 2>&1
net stop "MEDITECH CS Bkg Jobs" > NUL 2>&1
net stop "MEDITECH CSProxy Server" > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Network Services (JMK)" > NUL 2>&1
net stop "MEDITECH UNV Daemon (JMK)" > NUL 2>&1
net stop "MEDITECH UNV TCP (JMK)" > NUL 2>&1
net stop "MEDITECH ISB-TXN" > NUL 2>&1
net stop "MEDITECH Task Service" > NUL 2>&1
net stop "MEDITECH CS File Server" > NUL 2>&1
net stop "Meditech Authorization Service" > NUL 2>&1
net stop "DRServer31" > NUL 2>&1
net stop "SQL Server (MSSQLSERVER)" > NUL 2>&1

echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b
echo Shutting down %computername%.
::shutdown /s /f /c "Datacenter Move Shutdown"
}}}
{{{
@echo off
set site=<sitename>
set shutdownreason="MT Reboot"
if [%1]==[] exit /b
if /i not %1==doit (exit /b)

echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b

echo.
echo Stopping MEDITECH Services.
net stop ANPServer > NUL 2>&1
net stop MAST > NUL 2>&1
net stop MSO > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Application Manager" > NUL 2>&1
net stop "MEDITECH CS Bkg Jobs" > NUL 2>&1
net stop "MEDITECH CSProxy Server" > NUL 2>&1
net stop "MEDITECH Document Manager" > NUL 2>&1
net stop "MEDITECH Event Scheduler" > NUL 2>&1
net stop "MEDITECH Network Services (%site%)" > NUL 2>&1
net stop "MEDITECH UNV Daemon (%site%)" > NUL 2>&1
net stop "MEDITECH UNV TCP (%site%)" > NUL 2>&1
net stop "MEDITECH ISB-TXN" > NUL 2>&1
net stop "MEDITECH Task Service" > NUL 2>&1
net stop "MEDITECH CS File Server" > NUL 2>&1
net stop "Meditech Authorization Service" > NUL 2>&1
net stop "DRServer31" > NUL 2>&1
net stop "SQL Server (MSSQLSERVER)" > NUL 2>&1


echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to kill the MEDITECH processes on %computername%?"
if %errorlevel% neq 1 exit /b
echo Killing MEDITECH processes on %computername%.
taskkill /f /im:CSMAGIC.EXE
taskkill /f /im:Magic.exe
taskkill /f /im:Magic_Console.exe

echo.
echo This server is %computername%.
choice /c:yn /m "Are you prepared to shutdown %computername%?"
if %errorlevel% neq 1 exit /b
echo Shutting down %computername%.
::shutdown /s /f /c %shutdownreason%
}}}
ravings from a nearly lucid sysadmin
~TechNotebook
from: http://www.lostinthebox.com/viewtopic.php?t=117

en and the Art of Creating BLACKBOX Styles.

by thewayofzen (thewayofzen@gmail.com) & snkmchnb (snkmchnb@crackmonkey.us)

Blackbox was originally a window manager for the X Window System in the *NIX environments. It aimed at providing the user with a minimalistic, attractive yet customizeable and fast interface. Blackbox then influenced the creation of several other window managers aiming to do more or less the same thing.

Fluxbox, OpenBox, Hackedbox.. all taking more or less the same approach. It was only a matter of time before alternative shell users who were NOT *NIX users grabbed onto the concept.. and before long BlackBox for Windows (and its sister branches) was born.

The actual look of blackbox, as far as the colouring is concerned, is all done through the use of a text file called a STYLE. This text file contains all the definitions for each component of the interface, assigns the way it looks (bevelled or flat?), the appearance of the color (gradients or solid?), fonts and their sizes, and it will even change your wall paper for you. This
tutorial has one goal and that is simple. Helping you create your own styles for blackbox, whether you choose to use any of the *NIX variants.. or a WINDOWS branch. Thats the beauty of it because they all manage to use the same definitions.

Before one begins to create their own style it is important to understand a few things first. Here are those things:

1. Any item can take on a number of different "looks" or "feels" The first of which would be RAISED, SUNKEN or FLAT. These are rather self explanitory but for the sake of keeping things simple do you wish your style to look "3d" then use RAISED or SUNKEN.. if you would prefer a "2D" approach then use FLAT

2. If you choose to use RAISED of SUNKEN as a definition you then enter the realm of BEVEL. Bevel will effect the appearance of the RAISED or SUNKEN object. BEVEL can be defined as either bevel1 or bevel2 . Forgetting to assign a bevel type to any 3D object defaults to bevel1. (Play with these..you will grasp the concept better if you actaully see them in action)

3. The next part of any object definition usually determines the color format. Is your style going to be one color? or do u wish it to fade from one color and then into another different or darker shade of color? This is determined with either GRADIENT or SOLID. Solid is self explanitory while a gradient can be either horizontal, vertical, elliptical, rectangular, or pipecross. (grasped much better through practice)

4. You can add texture to any object you define by making it INTERLACED. This will add the effect that the object is composed somewhat like a ruffled potato chip.

5. The colors of any object can be assigned using a number of different
formats. You can choose from HEX code or RGB.

6. Certain "appearance" definitions can also be given the definition of
PARENTRELATIVE whereby the item will inherit the look of that object which blackbox considers its parent. (for example a toolbar button.. or a toolbar label considers the toolbar itself to be parent)

Any object on the interface you wish to script will generally use an approach where you will assign the LOOK of the object and then assign the color(s) of the object and the font.

To put the above information in perspective consider the following
configuration if you wish to make a toolbar that is 3d and "pops out" at you and changes color vertically from WHITE to BLACK with a GREY font. The standard would be:

Code:
toolbar: raised bevel1 gradient vertical
toolbar.color: #ffffff
toolbar.colorTO: #000000
toolbar.textcolor: #989898

Time to get your hands dirty.

The first thing you will find in any style is a blurb at the top tht will fill
you in on the name of the artist, the name of the style and maybe any comments that wish to be made. These usually take the format of:

Code:
style.name:
style.author:
style.date:
style.credits:
style.comments:

This is quite self explanitory. After you have created this portion of your
style its time to worry about actual parts of a style and the definitions that
effect how they look to the user. These are handled below.. object by object.

A. THE BLACKBOX TOOLBAR!

The first thing you will notice about Blackbox is the TOOLBAR. The toolbar is made up of a few components. Your toolbar is generally at the top or bottom of the screen. It looks like a stick with buttons on each end. Generally the toolbar itself is made up of a few import elements when it comes to style. They are:


1.Toolbar

The toolbar is assigned its appearance and its color using the following
extensions

Code:
toolbar: 
toolbar.color:
toolbar.colorTo:
toolbar.textcolor:

2.Toolbar Button

Buttons are defined in a few different ways because they are likely the only moving part of your default interface in blackbox. The toolbar buttons are defined as follows:

Code:
toolbar.button:
toolbar.button.color:
toolbar.button.colorTo:
toolbar.button.picColor:  (this is the color of the picture on the button)
toolbar.button.pressed:
toolbar.button.pressed.color:
toolbar.button.pressed.colorTo:
toolbar.button.pressed.picColor:

3.Toolbar Label

This is the portion of the toolbar that will display your workspace names
informing you of which virtual desktop you are currently working. Its
definitions are:

Code:
toolbar.label:
toolbar.label.color:
toolbar.label.colorTo:
toolbar.label.textColor:

4.Toolbar Window Label

The part of the toolbar that you find between both sets of buttons is called
the window label. If you are a blackbox for windows user this portion of the style will also define the portion of your systembar that indicates which of your tasks is currently active and focused. It is defined as:

Code:
toolbar.windowLabel:
toolbar.windowLabel.color:
toolbar.windowLabel.colorTo:
toolbar.windowLabel.textColor:

5.Toolbar Clock

Simply put this is your clock. It might even have the date. It is defined with the following extensions:

Code:
toolbar.clock:
toolbar.clock.color:
toolbar.clock.colorTo:
toolbar.clock.textColor:

B. THE BLACKBOX MENU

If one was to right click anywhere on the actual desktop not covered by a
window one would discover the menu. A menu in blackbox is composed of the following elements.

1.MENU TITLE

The menu title is the top part of the menu. It is defined using:

Code:
menu.title:
menu.title.color:
menu.title.colorTo:
menu.title.textColor:

2. MENU FRAME

The menu frame is perhaps the largest part of the menu. It is here that any applications you wish to open or any submenus etc will be found. Change its appearance using:

Code:
menu.frame:
menu.frame.color:
menu.frame.colorTo:
menu.frame.textColor:

3. MENU HILITE

The menu hilite is self explanitory. But it is basically the way that the menu shows the user what part of the menu is user is about to choose. Its settings are changed using:

Code:
menu.hilite:
menu.hilite.color:
menu.hilite.colorTo:
menu.hilite.textColor:

4. BULLET

The bullet is the little thingy that lets you know when something splits off
into a submenu. It defines itself with a shape (square, circle, triangle and empty) and
also a direction (left or right) as:

Code:
menu.bullet:
menu.bullet.position:

C. BLACKBOX WINDOWS

Any application in blackbox will open in a window. Each of these windows are made up of a few different parts that all work together to provide you with that window you see. Any window definition found in this section will actually look like it might be assigned its look twice. A closer look will let the user know that there are actually two windows that need to be defined. These are the FOCUS WINDOW(which is the currently ACTIVE window being used by the user) and UNFOCUS WINDOW(any window in the back ground that is open but not necessarily active and being used). The parts of a window that need definition are:

1. Window Title

The window title is the part of the window that, if anything resembles the
toolbar. It is the top portion of the window which houses a few other things on it. (the buttons and labels) Remember: There are two window titles that need be configured. (focus and unfocus)

Code:
window.title.focus:
window.title.focus.color:
window.title.focus.colorTo:
window.title.unfocus:
window.title.unfocus.color:
window.title.unfocus.colorTo:

2. Label

The label on the window is the portion of the window which contains the TEXT. This is the part of the label which lets the user know what that window actually is. It is defined as follows:

Code:
window.label:
window.label.color:
window.label.colorTo:
window.label.textColor:
window.label.unfocus:
window.label.unfocus.color:
window.label.unfocus.colorTo:
window.label.unfocus.textColor:

3. HANDLES

The window handle is actually part of the BOTTOM of a window. You will likely notice that the window bottom is divided into THREE and that there are two short outer segments with a long bar in the middle. That long bar is the handle. Change its appearance with:

Code:
window.handle.focus:
window.handle.focus.color:
window.handle.focus.colorTo:
window.handle.unfocus:
window.handle.unfocus.color:
window.handle.unfocus.colorTo:

4. Grips

Look at the bottom part of your window again. The grips are the two short
segments that are on each end of the handle. They look to these definitions for their look:focus

Code:
window.grip.focus:
window.grip.focus.color:
window.grip.focus.colorTo:
window.grip.unfocus:
window.grip.unfocus.color:
window.gip.unfocus.colorTo:

5. Buttons

Window buttons are defined in much the same way as the buttons on the toolbar. But with one difference, you have to define the unfocused buttons as well. Use these definitions and you will be fine:

Code:
window.button.focus:
window.button.focus.color:
window.button.focus.colorTo:
window.button.focus.picColor:
window.button.unfocus:
window.button.unfocus.color:
window.button.unfocus.colorTo:
window.button.unfocus.picColor:
window.button.pressed:
window.button.pressed.color:
window.button.pressed.colorTo:
window.button.pressed.picColor:

D. Fonts

Fonts can be assigned in two ways. You can assign a font to each of the above elements (A.B.C.) or you can assign one font to be applied to all of them universally. To assign your fonts use the following definitions:

Code:
toolbar.font:
menu.title.font:
menu.frame.font:
window.font:

Or if you wish to assign one font to be associated with EVERY object that would use or have use for a font use this as a definition:

Code:
*font:

Along with assigning a font one is also able to effect the way it sits in its
object. This is called JUSTIFICATION and can be determined as either Center, Right, Or Left:

Code:
toolbar.justify:
menu.title.justify:
menu.frame.justify:
window.justify:

If one does not assign a font size the window manager or shell will use the
default. If the default bores you, a fonts appearance can be changed by
definings its size (numeric value) or weight (normal or bold)

Code:
toolbar.fontHeight:
toolbar.fontWeight:
menu.fontHeight:
menu.fontWeight:
window.fontHeight:   
window.fontWeight:

E. Misc Values

There are certain values that will help you further customize the look and feel of your interface.

1. border

Border is the portion of the window that outlines pretty much every object. It is effected by two values, its color (hex or rgb), and its width (numeric). Use these definitions for your border:

Code:
borderColor:
borderWidth:

2. Handle Width

This value will change how thick your handle is and then, as a result also
effect the grips on each end. Using a numeric value it is defined with:

Code:
handleWidth:

3. Bevel

The bevel setting allows you to change the size of the bevel (3d effect) of any object you have defined. It also uses a numeric value and is defined with:

Code:
bevelWidth:

F. RootCommand

The rootCommand in your style is optional. It is this line that will change
the wallpaper of your desktop if you wish it to. It call upon other
applications that may be available on your system to change the background of your desktop. Some of these applications are bsetroot and bsetbg or perhaps xsri or fluxbg. An example of a rootcommand using bsetbg would be:

Code:
rootCommand:  bsetbg -full ~/.blackbox/delaneysucks.jpg  (*NIX)

or
Code:
rootCommand:  bsetbg -full c:\blackbox\backgrounds\delaneysucks.jpg  (WIN)

PARENTS AND THEIR CHILDREN?

At some point in this tutorial i have already mentioned the idea of
parentrelative-ness. Here is a general idea of items that you most often see set to parent relative who their "parent" may be:

Code:
toolbar.window.label:  will adopt the toolbar setttings.
toolbar.button: will adopt the toolbar setting
toolbar.button.pressed: will adopt the toolbar setting
toolbar.label: will adopt the toolbar setting
toolbar.clock: will adopt the toolbar setting

window.label: will adopt the window setting
window.label.unfocus: will adopt the unfocus window setting
window.button: will adopt the window setting
window.button.pressed: will adopt the window setting
window.button.unfocus: will adopt the unfocus window setting

*IMPORTANT* Any definition that is mentioned in this tutorial is done so using its correct form. And while people might tell you that a style is a style and can be used on any *BOX variant this is not necessarily so. *NIX box is case sensitive while the windows shell replacement *BOX is not. *NIX box requires that the style be in *NIX format, while the windows variants are lazy and do not seem to care. So if you want to be known around the world for your elite style creating talent.. do yourself a favor and learn it right the first time.

For ease of use, and the well being of everyone involved, i include this
template. Feel free to copy and paste. Any value that beings with a "!" is
ignored.

Code:
style.name:
style.author:
style.date:
style.credits:
style.comments:

!toolbar: change your toolbar with these settings.

toolbar.label:
toolbar.label.color:
toolbar.label.colorTo:
toolbar.label.textColor:

toolbar.button:
toolbar.button.color:
toolbar.button.colorTo:
toolbar.button.picColor: 

toolbar.button.pressed:
toolbar.button.pressed.color:
toolbar.button.pressed.colorTo:
toolbar.button.pressed.picColor:

toolbar.label:
toolbar.label.color:
toolbar.label.colorTo:
toolbar.label.textColor:

toolbar.windowLabel:
toolbar.windowLabel.color:
toolbar.windowLabel.colorTo:
toolbar.windowLabel.textColor:

toolbar.clock:
toolbar.clock.color:
toolbar.clock.colorTo:
toolbar.clock.textColor:

!menu: change your menu appearance with these values.

menu.title:
menu.title.color:
menu.title.colorTo:
menu.title.textColor:

menu.frame:
menu.frame.color:
menu.frame.colorTo:
menu.frame.textColor:

menu.hilite:
menu.hilite.color:
menu.hilite.colorTo:
menu.hilite.textColor:

menu.bullet:
menu.bullet.position:

!window: change your window appearance here.

window.title.focus:
window.title.focus.color:
window.title.focus.colorTo:

window.title.unfocus:
window.title.unfocus.color:
window.title.unfocus.colorTo:

window.label:
window.label.color:
window.label.colorTo:
window.label.textColor:

window.label.unfocus:
window.label.unfocus.color:
window.label.unfocus.colorTo:
window.label.unfocus.textColor:

window.grip.focus:
window.grip.focus.color:
window.grip.focus.colorTo:

window.grip.unfocus:
window.grip.unfocus.color:
window.gip.unfocus.colorTo:

window.handle.focus:
window.handle.focus.color:
window.handle.focus.colorTo:

window.handle.unfocus:
window.handle.unfocus.color:
window.handle.unfocus.colorTo:

window.button.focus:
window.button.focus.color:
window.button.focus.colorTo:
window.button.focus.picColor:

window.button.unfocus:
window.button.unfocus.color:
window.button.unfocus.colorTo:
window.button.unfocus.picColor:

window.button.pressed:
window.button.pressed.color:
window.button.pressed.colorTo:
window.button.pressed.picColor:

!fonts: configured here

toolbar.font:
menu.title.font:
menu.frame.font:
window.font:

toolbar.justify:
menu.title.justify:
menu.frame.justify:
window.justify:

toolbar.fontHeight:
toolbar.fontWeight:
menu.fontHeight:
menu.fontWeight:
window.fontHeight:   
window.fontWeight:

!misc: borders bevels and handle widths

borderColor:
borderWidth:
bevelWidth:
handleWidth:
rootCommand:

The End!
_________________
surely there is a way..
Last edited by snkmchnb on Sat Dec 17, 2005 2:33 pm; edited 6 t
|!CIDR|!CIDR Shortcut|!~DecimalMaskBase|!~DecimalMaskEnd|!~BinaryMask|!~TotalHosts|!Note|
|/11|
|/12|
|/13|
|/14|
|/15|
|/16|
|/17|
|/18|
|/19|
|/20|
|/21|
|/22|
|/23|
|/24|/24+0|255.255.255.|0|00000000|254|  |
|bgcolor(#cccccc):/25|bgcolor(#cccccc):/24+1|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):128|bgcolor(#cccccc):10000000|bgcolor(#cccccc):126|bgcolor(#cccccc):  |
|/26|/24+2|255.255.255.|192|11000000|62|  |
|bgcolor(#cccccc):/27|bgcolor(#cccccc):/24+3|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):224|bgcolor(#cccccc):11100000|bgcolor(#cccccc):30|bgcolor(#cccccc):  |
|/28|/24+4|255.255.255.|240|11110000|14|  |
|bgcolor(#cccccc):/29|bgcolor(#cccccc):/24+5|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):248|bgcolor(#cccccc):11111000|bgcolor(#cccccc):6|bgcolor(#cccccc):  |
|/30|/24+6|255.255.255.|252|11111100|2| |
|bgcolor(#cccccc):/31|bgcolor(#cccccc):/24+7|bgcolor(#cccccc):255.255.255.|bgcolor(#cccccc):254|bgcolor(#cccccc):11111110|bgcolor(#cccccc):1|bgcolor(#cccccc):Not used, added for completeness|
|/32|/24+8|255.255.255.|255|11111111|0|Host mask|
Syslog daemon is on by default in debian. Thing that screwed me up was that the {{{/etc/init.d/}}} entry is {{{sysklogd}}}. Don't know why.
!!1. Edit {{{/etc/default/syslogd}}}
change the line
{{{
SYSLOGD=""
}}}
to
{{{
SYSLOGD="-r -m0"
}}}
{{{-r}}} allows remote hosts access to syslog
{{{-m0}}} removes the "mark" messages in the syslog.
!!2. Configure which hosts log to which file, I just send everything to one file: {{{/var/log/cisco.log}}}
Edit {{{/etc/syslog.conf}}}
Add the line
{{{
local7.*        /var/log/cisco.log
}}}
Also, modify the default line that sends everything to {{{/var/log/syslog}}}
from:
{{{
*.*;auth,authpriv.none              -/var/log/syslog
}}}

to:
{{{
*.*;auth,authpriv.none;local7.none              -/var/log/syslog
}}}
Remeber to use tabs between facility.priority and file.
"You may prefix each entry with the minus '-' sign to omit syncing the file  after every logging."

!!3. Enable log rotation
Create file {{{/etc/logrotate.d/cisco}}}
{{{
touch /etc/logrotate.d/cisco
}}}
Edit file {{{/etc/logrotate.d/cisco}}}
{{{
/var/log/cisco.log {
        daily
        rotate 12
        compress
        delaycompress
        missingok
        notifempty
        create 640 root adm
}
}}}



!!End Notes:
Cisco PIX/ASA syslog configuration
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094030.shtml#logfacility
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml

Here's a table to map Cisco Facility numbers to syslog local numbers:
|!Cisco|!Linux|
|16|local0|
|17|local1|
|18|local2|
|19|local3|
|20|local4|
|21|local5|
|22|local6|
|23|local7|
Exchange System Manager in Exchange Server 2003 stops responding when you try to access Exchange Help after you install Internet Explorer 7
View products that this article applies to.
Article ID	:	932513
Last Review	:	February 19, 2007
Revision	:	1.1
On This Page
SYMPTOMS
CAUSE
WORKAROUND
You have installed Internet Explorer 7 on the Exchange server that also has Exchange System Manager installed
You have installed Internet Explorer 7 on a workstation that also has Exchange System Manager installed
STATUS
SYMPTOMS
Consider the following scenario. You are using Microsoft Exchange Server 2003 on a computer that is running Microsoft Windows Server 2003 Service Pack 1 (SP1). You install Windows Internet Explorer 7 on the computer that is running Exchange System Manager. In this scenario, when you try to access Exchange Help in Exchange System Manager, Exchange System Manager stops responding because of an access violation.

Back to the top
CAUSE
This problem occurs because of a conflict between the newer version of the Psapi.dll file that Internet Explorer 7 uses and the older version that Exchange System Manager uses.

Back to the top
WORKAROUND
To work around this issue, you must rename the Psapi.dll file in the Exchsrvr\Bin directory so that the Exchange services use the Psapi.dll file from the %Windir%\System32 directory. To do this, follow the steps that are appropriate for your situation.

Back to the top
You have installed Internet Explorer 7 on the Exchange server that also has Exchange System Manager installed
If you have installed Internet Explorer 7 on the Exchange server that also has Exchange System Manager installed, follow these steps:
1.	Stop all Exchange and Internet Information Services (IIS) services.
a. 	Open the Services snap-in.
b. 	Stop the Microsoft Exchange System Attendant service.

Important Note the list of dependent services that will be stopped. For example, the list of dependent services may resemble the following:
•	Microsoft Exchange Information Store
•	Microsoft Exchange MTA Stacks
c. 	Stop the IIS Admin Service.

Important Note the list of dependent services that will be stopped. For example, the list of dependent services may resemble the following:
•	World Wide Web Publishing Service
•	Simple Mail Transfer Protocol (SMTP)
•	HTTP SSL
•	AntigenIMC
2.	Rename the Psapi.dll file. To do this, follow these steps:
a. 	Open a command prompt.
b. 	Move to the following directory:
Drive_Letter:\Program Files\Exchsrvr\bin
c. 	Change the name of the Psapi.dll file to Psapi.dll.old.
d. 	Close the Command Prompt window.
3.	Restart the Exchange services and the IIS services. This includes the dependent services that were stopped.

Back to the top
You have installed Internet Explorer 7 on a workstation that also has Exchange System Manager installed
If you have installed Internet Explorer 7 on a workstation that also has Exchange System Manager installed, follow these steps:
1.	Stop all IIS services. To do this, open the Services snap-in, and then stop the IIS Admin Service.

Important Note the list of dependent services that will be stopped. For example, the list of dependent services may resemble the following:
•	World Wide Web Publishing Service
•	HTTP SSL
2.	Rename the Psapi.dll file.
a. 	Open a command prompt.
b. 	Move to the following directory:
Drive_Letter:\Program Files\Exchsrvr\bin
c. 	Change the name of the Psapi.dll file to Psapi.dll.old.
d. 	Close the Command Prompt window.
3.	Restart the IIS services. This includes the dependent services that were stopped.

Back to the top
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

Back to the top
APPLIES TO
•	Microsoft Exchange Server 2003 Enterprise Edition
•	Microsoft Exchange Server 2003 Standard Edition

Back to the top
Keywords: 
	kbdll kbcrashes kbexchesm kbexpertiseadvanced kbtshoot kbprb KB932513


From: http://support.microsoft.com/?kbid=932513
Domain Controller:
*Active Directory (NTDS)
*The boot files
*The COM+ class registration database
*The registry
*The system volume (SYSVOL)

Non-Domain Controller:
*The Boot file
*The COM+ class registration database
*The registry

If Certificate Server installed:
*Certificate Server

ASR Backups:
System State
Operating System Files
!!copy files via tar

{{{
tar cf - .| (cd ../2; tar xvf -)
}}}

{{{
tar cvf - /source/directory | (cd /target/directory ; tar x -)
}}}
If I wanted to copy the directory 'jcw' from /home/jcw to /var/backup/jcw it might look like:
{{{
cd /home
tar cvf - ./jcw | (cd /var/backup ; tar x -)
}}}

!!!Tar through ssh
{{{
tar zcvf - /home | ssh root@rhost "cat > /backup/homes.tgz"
}}}

!!!Tar restore through ssh
{{{
ssh root@rhost cat /backup/homes.tgz | ( cd /restore && tar xzvf - )
}}}


!!!Tarring through netcat
from http://compsoc.dur.ac.uk/~djw/tarpipe.html

{{{
Using netcat and tar to quickly transfer files between machines, aka tar pipe

So you have gigs of data to transfer between two machines over ethernet. 
A nice quick and dirty method is to use netcat and tar. 
This is by no means secure, but if you haven't got the time or desire to setup NFS, FTPd, Samba. 
Or wait hours for scp to do it's job then this can save you a lot of time.
Linux System using tar and netcat

On the receiving end do:
# netcat -l -p 7000 | tar x

And on the sending end do:
# tar cf - * | netcat otherhost 7000

Notes
Depending on your hardware you might want to use compression with tar. 
You'll probably find your hard disk drive is a bottleneck on a fast network. 
Compression is useless if you can't saturate your network and will probably just slow things down. tar cf - * is copy everything in the current working directory. 
And your files will be untared at the other end from where you started the listening netcat. 
It won't be obivous that the operation is finished so you'll need to check network activity or top. This is indeed quick and dirty. 
}}}
0022: SSH
0023: Telnet
0080: HTTP
0110: POP
0443: HTTPS
8300: GroupWise Messenger
Install atftpd (Advanced TFTP Daemon) and tftp client.
{{{
apt-get install atftpd tftp
}}}
Create and configure tftp directory. Default is {{{/tftpboot}}}.
{{{
mkdir /tftpboot
chown nobody /tftpboot
chmod 770 /tftpboot
}}}
Start inetd
{{{
inetd
}}}
Test tftp
{{{
tftp 127.0.0.1
}}}
Power cycle test
TLA: Three Letter Acronym
http://www.google.com/search?hl=en&q=exchange%202003%20encrypt%20email&safe=on

http://www.networkworld.com/news/2007/011807-tls1.html

http://www.google.com/search?hl=en&q=tls%20exchange%202003&safe=on

http://msexchangeteam.com/archive/2006/10/04/429090.aspx

http://support.microsoft.com/default.aspx?scid=kb;EN-US;829721

http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/Email/SMTP/Q_22494569.html

http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_23219508.html

http://support.microsoft.com/kb/329061/
client license key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing

terminal server license server: 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TermService\Parameters\LicenseServers
http://www.ctrl-alt-del.com.au/CAD_TSUtils.htm
{{{
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"disablecad"=dword:00000000
"legalnoticecaption"="Legal Notice Caption"
"legalnoticetext"="This is a private system. Authorized Users only."
}}}
<<allTags excludeLists>>
<<tabs txtMoreTab "Tags" "All Tags" TabAllTags "Miss" "Missing tiddlers" TabMoreMissing "Orph" "Orphaned tiddlers" TabMoreOrphans "Shad" "Shadowed tiddlers" TabMoreShadowed>>
<<allTags excludeLists [a-z]>>
/***
|Name:|TagglyTaggingPlugin|
|Description:|tagglyTagging macro is a replacement for the builtin tagging macro in your ViewTemplate|
|Version:|3.1 ($Rev: 4092 $)|
|Date:|$Date: 2008-03-24 12:32:33 +1000 (Mon, 24 Mar 2008) $|
|Source:|http://mptw.tiddlyspot.com/#TagglyTaggingPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!Notes
See http://mptw.tiddlyspot.com/#TagglyTagging
***/
//{{{
config.taggly = {

	// for translations
	lingo: {
		labels: {
			asc:        "\u2191", // down arrow
			desc:       "\u2193", // up arrow
			title:      "title",
			modified:   "modified",
			created:    "created",
			show:       "+",
			hide:       "-",
			normal:     "normal",
			group:      "group",
			commas:     "commas",
			sitemap:    "sitemap",
			numCols:    "cols\u00b1", // plus minus sign
			label:      "Tagged as '%0':",
			excerpts:   "excerpts",
			descr:      "descr",
			slices:     "slices",
			contents:   "contents",
			sliders:    "sliders",
			noexcerpts: "title only"
		},

		tooltips: {
			title:    "Click to sort by title",
			modified: "Click to sort by modified date",
			created:  "Click to sort by created date",
			show:     "Click to show tagging list",
			hide:     "Click to hide tagging list",
			normal:   "Click to show a normal ungrouped list",
			group:    "Click to show list grouped by tag",
			sitemap:  "Click to show a sitemap style list",
			commas:   "Click to show a comma separated list",
			numCols:  "Click to change number of columns",
			excerpts: "Click to show excerpts",
			descr:    "Click to show the description slice",
			slices:    "Click to show all slices",
			contents: "Click to show entire tiddler contents",
			sliders:  "Click to show tiddler contents in sliders",
			noexcerpts: "Click to show entire title only"
		}
	},

	config: {
		showTaggingCounts: true,
		listOpts: {
			// the first one will be the default
			sortBy:     ["title","modified","created"],
			sortOrder:  ["asc","desc"],
			hideState:  ["show","hide"],
			listMode:   ["normal","group","sitemap","commas"],
			numCols:    ["1","2","3","4","5","6"],
			excerpts:   ["noexcerpts","excerpts","descr","slices","contents","sliders"]
		},
		valuePrefix: "taggly.",
		excludeTags: ["excludeLists","excludeTagging"],
		excerptSize: 50,
		excerptMarker: "/%"+"%/"
	},

	getTagglyOpt: function(title,opt) {
		var val = store.getValue(title,this.config.valuePrefix+opt);
		return val ? val : this.config.listOpts[opt][0];
	},

	setTagglyOpt: function(title,opt,value) {
		if (!store.tiddlerExists(title))
			// create it silently
			store.saveTiddler(title,title,config.views.editor.defaultText.format([title]),config.options.txtUserName,new Date(),"");
		// if value is default then remove it to save space
		return store.setValue(title,
			this.config.valuePrefix+opt,
			value == this.config.listOpts[opt][0] ? null : value);
	},

	getNextValue: function(title,opt) {
		var current = this.getTagglyOpt(title,opt);
		var pos = this.config.listOpts[opt].indexOf(current);
		// a little usability enhancement. actually it doesn't work right for grouped or sitemap
		var limit = (opt == "numCols" ? store.getTaggedTiddlers(title).length : this.config.listOpts[opt].length);
		var newPos = (pos + 1) % limit;
		return this.config.listOpts[opt][newPos];
	},

	toggleTagglyOpt: function(title,opt) {
		var newVal = this.getNextValue(title,opt);
		this.setTagglyOpt(title,opt,newVal);
	}, 

	createListControl: function(place,title,type) {
		var lingo = config.taggly.lingo;
		var label;
		var tooltip;
		var onclick;

		if ((type == "title" || type == "modified" || type == "created")) {
			// "special" controls. a little tricky. derived from sortOrder and sortBy
			label = lingo.labels[type];
			tooltip = lingo.tooltips[type];

			if (this.getTagglyOpt(title,"sortBy") == type) {
				label += lingo.labels[this.getTagglyOpt(title,"sortOrder")];
				onclick = function() {
					config.taggly.toggleTagglyOpt(title,"sortOrder");
					return false;
				}
			}
			else {
				onclick = function() {
					config.taggly.setTagglyOpt(title,"sortBy",type);
					config.taggly.setTagglyOpt(title,"sortOrder",config.taggly.config.listOpts.sortOrder[0]);
					return false;
				}
			}
		}
		else {
			// "regular" controls, nice and simple
			label = lingo.labels[type == "numCols" ? type : this.getNextValue(title,type)];
			tooltip = lingo.tooltips[type == "numCols" ? type : this.getNextValue(title,type)];
			onclick = function() {
				config.taggly.toggleTagglyOpt(title,type);
				return false;
			}
		}

		// hide button because commas don't have columns
		if (!(this.getTagglyOpt(title,"listMode") == "commas" && type == "numCols"))
			createTiddlyButton(place,label,tooltip,onclick,type == "hideState" ? "hidebutton" : "button");
	},

	makeColumns: function(orig,numCols) {
		var listSize = orig.length;
		var colSize = listSize/numCols;
		var remainder = listSize % numCols;

		var upperColsize = colSize;
		var lowerColsize = colSize;

		if (colSize != Math.floor(colSize)) {
			// it's not an exact fit so..
			upperColsize = Math.floor(colSize) + 1;
			lowerColsize = Math.floor(colSize);
		}

		var output = [];
		var c = 0;
		for (var j=0;j<numCols;j++) {
			var singleCol = [];
			var thisSize = j < remainder ? upperColsize : lowerColsize;
			for (var i=0;i<thisSize;i++) 
				singleCol.push(orig[c++]);
			output.push(singleCol);
		}

		return output;
	},

	drawTable: function(place,columns,theClass) {
		var newTable = createTiddlyElement(place,"table",null,theClass);
		var newTbody = createTiddlyElement(newTable,"tbody");
		var newTr = createTiddlyElement(newTbody,"tr");
		for (var j=0;j<columns.length;j++) {
			var colOutput = "";
			for (var i=0;i<columns[j].length;i++) 
				colOutput += columns[j][i];
			var newTd = createTiddlyElement(newTr,"td",null,"tagglyTagging"); // todo should not need this class
			wikify(colOutput,newTd);
		}
		return newTable;
	},

	createTagglyList: function(place,title) {
		switch(this.getTagglyOpt(title,"listMode")) {
			case "group":  return this.createTagglyListGrouped(place,title); break;
			case "normal": return this.createTagglyListNormal(place,title,false); break;
			case "commas": return this.createTagglyListNormal(place,title,true); break;
			case "sitemap":return this.createTagglyListSiteMap(place,title); break;
		}
	},

	getTaggingCount: function(title) {
		// thanks to Doug Edmunds
		if (this.config.showTaggingCounts) {
			var tagCount = store.getTaggedTiddlers(title).length;
			if (tagCount > 0)
				return " ("+tagCount+")";
		}
		return "";
	},

	getExcerpt: function(inTiddlerTitle,title,indent) {
		if (!indent)
			indent = 1;

		var displayMode = this.getTagglyOpt(inTiddlerTitle,"excerpts");
		var t = store.getTiddler(title);

		if (t && displayMode == "excerpts") {
			var text = t.text.replace(/\n/," ");
			var marker = text.indexOf(this.config.excerptMarker);
			if (marker != -1) {
				return " {{excerpt{<nowiki>" + text.substr(0,marker) + "</nowiki>}}}";
			}
			else if (text.length < this.config.excerptSize) {
				return " {{excerpt{<nowiki>" + t.text + "</nowiki>}}}";
			}
			else {
				return " {{excerpt{<nowiki>" + t.text.substr(0,this.config.excerptSize) + "..." + "</nowiki>}}}";
			}
		}
		else if (t && displayMode == "contents") {
			return "\n{{contents indent"+indent+"{\n" + t.text + "\n}}}";
		}
		else if (t && displayMode == "sliders") {
			return "<slider slide>\n{{contents{\n" + t.text + "\n}}}\n</slider>";
		}
		else if (t && displayMode == "descr") {
			var descr = store.getTiddlerSlice(title,'Description');
			return descr ? " {{excerpt{" + descr  + "}}}" : "";
		}
		else if (t && displayMode == "slices") {
			var result = "";
			var slices = store.calcAllSlices(title);
			for (var s in slices)
				result += "|%0|<nowiki>%1</nowiki>|\n".format([s,slices[s]]);
			return result ? "\n{{excerpt excerptIndent{\n" + result  + "}}}" : "";
		}
		return "";
	},

	notHidden: function(t,inTiddler) {
		if (typeof t == "string") 
			t = store.getTiddler(t);
		return (!t || !t.tags.containsAny(this.config.excludeTags) ||
				(inTiddler && this.config.excludeTags.contains(inTiddler)));
	},

	// this is for normal and commas mode
	createTagglyListNormal: function(place,title,useCommas) {

		var list = store.getTaggedTiddlers(title,this.getTagglyOpt(title,"sortBy"));

		if (this.getTagglyOpt(title,"sortOrder") == "desc")
			list = list.reverse();

		var output = [];
		var first = true;
		for (var i=0;i<list.length;i++) {
			if (this.notHidden(list[i],title)) {
				var countString = this.getTaggingCount(list[i].title);
				var excerpt = this.getExcerpt(title,list[i].title);
				if (useCommas)
					output.push((first ? "" : ", ") + "[[" + list[i].title + "]]" + countString + excerpt);
				else
					output.push("*[[" + list[i].title + "]]" + countString + excerpt + "\n");

				first = false;
			}
		}

		return this.drawTable(place,
			this.makeColumns(output,useCommas ? 1 : parseInt(this.getTagglyOpt(title,"numCols"))),
			useCommas ? "commas" : "normal");
	},

	// this is for the "grouped" mode
	createTagglyListGrouped: function(place,title) {
		var sortBy = this.getTagglyOpt(title,"sortBy");
		var sortOrder = this.getTagglyOpt(title,"sortOrder");

		var list = store.getTaggedTiddlers(title,sortBy);

		if (sortOrder == "desc")
			list = list.reverse();

		var leftOvers = []
		for (var i=0;i<list.length;i++)
			leftOvers.push(list[i].title);

		var allTagsHolder = {};
		for (var i=0;i<list.length;i++) {
			for (var j=0;j<list[i].tags.length;j++) {

				if (list[i].tags[j] != title) { // not this tiddler

					if (this.notHidden(list[i].tags[j],title)) {

						if (!allTagsHolder[list[i].tags[j]])
							allTagsHolder[list[i].tags[j]] = "";

						if (this.notHidden(list[i],title)) {
							allTagsHolder[list[i].tags[j]] += "**[["+list[i].title+"]]"
										+ this.getTaggingCount(list[i].title) + this.getExcerpt(title,list[i].title) + "\n";

							leftOvers.setItem(list[i].title,-1); // remove from leftovers. at the end it will contain the leftovers

						}
					}
				}
			}
		}

		var allTags = [];
		for (var t in allTagsHolder)
			allTags.push(t);

		var sortHelper = function(a,b) {
			if (a == b) return 0;
			if (a < b) return -1;
			return 1;
		};

		allTags.sort(function(a,b) {
			var tidA = store.getTiddler(a);
			var tidB = store.getTiddler(b);
			if (sortBy == "title") return sortHelper(a,b);
			else if (!tidA && !tidB) return 0;
			else if (!tidA) return -1;
			else if (!tidB) return +1;
			else return sortHelper(tidA[sortBy],tidB[sortBy]);
		});

		var leftOverOutput = "";
		for (var i=0;i<leftOvers.length;i++)
			if (this.notHidden(leftOvers[i],title))
				leftOverOutput += "*[["+leftOvers[i]+"]]" + this.getTaggingCount(leftOvers[i]) + this.getExcerpt(title,leftOvers[i]) + "\n";

		var output = [];

		if (sortOrder == "desc")
			allTags.reverse();
		else if (leftOverOutput != "")
			// leftovers first...
			output.push(leftOverOutput);

		for (var i=0;i<allTags.length;i++)
			if (allTagsHolder[allTags[i]] != "")
				output.push("*[["+allTags[i]+"]]" + this.getTaggingCount(allTags[i]) + this.getExcerpt(title,allTags[i]) + "\n" + allTagsHolder[allTags[i]]);

		if (sortOrder == "desc" && leftOverOutput != "")
			// leftovers last...
			output.push(leftOverOutput);

		return this.drawTable(place,
				this.makeColumns(output,parseInt(this.getTagglyOpt(title,"numCols"))),
				"grouped");

	},

	// used to build site map
	treeTraverse: function(title,depth,sortBy,sortOrder) {

		var list = store.getTaggedTiddlers(title,sortBy);
		if (sortOrder == "desc")
			list.reverse();

		var indent = "";
		for (var j=0;j<depth;j++)
			indent += "*"

		var childOutput = "";
		for (var i=0;i<list.length;i++)
			if (list[i].title != title)
				if (this.notHidden(list[i].title,this.config.inTiddler))
					childOutput += this.treeTraverse(list[i].title,depth+1,sortBy,sortOrder);

		if (depth == 0)
			return childOutput;
		else
			return indent + "[["+title+"]]" + this.getTaggingCount(title) + this.getExcerpt(this.config.inTiddler,title,depth) + "\n" + childOutput;
	},

	// this if for the site map mode
	createTagglyListSiteMap: function(place,title) {
		this.config.inTiddler = title; // nasty. should pass it in to traverse probably
		var output = this.treeTraverse(title,0,this.getTagglyOpt(title,"sortBy"),this.getTagglyOpt(title,"sortOrder"));
		return this.drawTable(place,
				this.makeColumns(output.split(/(?=^\*\[)/m),parseInt(this.getTagglyOpt(title,"numCols"))), // regexp magic
				"sitemap"
				);
	},

	macros: {
		tagglyTagging: {
			handler: function (place,macroName,params,wikifier,paramString,tiddler) {
				var refreshContainer = createTiddlyElement(place,"div");
				// do some refresh magic to make it keep the list fresh - thanks Saq
				refreshContainer.setAttribute("refresh","macro");
				refreshContainer.setAttribute("macroName",macroName);
				if (params[0])
					refreshContainer.setAttribute("title",params[0]);
				else {
        			refreshContainer.setAttribute("title",tiddler.title);
				}
				this.refresh(refreshContainer);
			},

			refresh: function(place) {
				var title = place.getAttribute("title");
				removeChildren(place);
				addClass(place,"tagglyTagging");
				if (store.getTaggedTiddlers(title).length > 0) {
					var lingo = config.taggly.lingo;
					config.taggly.createListControl(place,title,"hideState");
					if (config.taggly.getTagglyOpt(title,"hideState") == "show") {
						createTiddlyElement(place,"span",null,"tagglyLabel",lingo.labels.label.format([title]));
						config.taggly.createListControl(place,title,"title");
						config.taggly.createListControl(place,title,"modified");
						config.taggly.createListControl(place,title,"created");
						config.taggly.createListControl(place,title,"listMode");
						config.taggly.createListControl(place,title,"excerpts");
						config.taggly.createListControl(place,title,"numCols");
						config.taggly.createTagglyList(place,title);
					}
				}
			}
		}
	},

	// todo fix these up a bit
	styles: [
"/*{{{*/",
"/* created by TagglyTaggingPlugin */",
".tagglyTagging { padding-top:0.5em; }",
".tagglyTagging li.listTitle { display:none; }",
".tagglyTagging ul {",
"	margin-top:0px; padding-top:0.5em; padding-left:2em;",
"	margin-bottom:0px; padding-bottom:0px;",
"}",
".tagglyTagging { vertical-align: top; margin:0px; padding:0px; }",
".tagglyTagging table { margin:0px; padding:0px; }",
".tagglyTagging .button { visibility:hidden; margin-left:3px; margin-right:3px; }",
".tagglyTagging .button, .tagglyTagging .hidebutton {",
"	color:[[ColorPalette::TertiaryLight]]; font-size:90%;",
"	border:0px; padding-left:0.3em;padding-right:0.3em;",
"}",
".tagglyTagging .button:hover, .hidebutton:hover, ",
".tagglyTagging .button:active, .hidebutton:active  {",
"	border:0px; background:[[ColorPalette::TertiaryPale]]; color:[[ColorPalette::TertiaryDark]];",
"}",
".selected .tagglyTagging .button { visibility:visible; }",
".tagglyTagging .hidebutton { color:[[ColorPalette::Background]]; }",
".selected .tagglyTagging .hidebutton { color:[[ColorPalette::TertiaryLight]] }",
".tagglyLabel { color:[[ColorPalette::TertiaryMid]]; font-size:90%; }",
".tagglyTagging ul {padding-top:0px; padding-bottom:0.5em; margin-left:1em; }",
".tagglyTagging ul ul {list-style-type:disc; margin-left:-1em;}",
".tagglyTagging ul ul li {margin-left:0.5em; }",
".editLabel { font-size:90%; padding-top:0.5em; }",
".tagglyTagging .commas { padding-left:1.8em; }",
"/* not technically tagglytagging but will put them here anyway */",
".tagglyTagged li.listTitle { display:none; }",
".tagglyTagged li { display: inline; font-size:90%; }",
".tagglyTagged ul { margin:0px; padding:0px; }",
".excerpt { color:[[ColorPalette::TertiaryDark]]; }",
".excerptIndent { margin-left:4em; }",
"div.tagglyTagging table,",
"div.tagglyTagging table tr,",
"td.tagglyTagging",
" {border-style:none!important; }",
".tagglyTagging .contents { border-bottom:2px solid [[ColorPalette::TertiaryPale]]; padding:0 1em 1em 0.5em;",
"  margin-bottom:0.5em; }",
".tagglyTagging .indent1  { margin-left:3em;  }",
".tagglyTagging .indent2  { margin-left:4em;  }",
".tagglyTagging .indent3  { margin-left:5em;  }",
".tagglyTagging .indent4  { margin-left:6em;  }",
".tagglyTagging .indent5  { margin-left:7em;  }",
".tagglyTagging .indent6  { margin-left:8em;  }",
".tagglyTagging .indent7  { margin-left:9em;  }",
".tagglyTagging .indent8  { margin-left:10em; }",
".tagglyTagging .indent9  { margin-left:11em; }",
".tagglyTagging .indent10 { margin-left:12em; }",
"/*}}}*/",
		""].join("\n"),

	init: function() {
		merge(config.macros,this.macros);
		config.shadowTiddlers["TagglyTaggingStyles"] = this.styles;
		store.addNotification("TagglyTaggingStyles",refreshStyles);
	}
};

config.taggly.init();

//}}}

/***
InlineSlidersPlugin
By Saq Imtiaz
http://tw.lewcid.org/sandbox/#InlineSlidersPlugin

// syntax adjusted to not clash with NestedSlidersPlugin
// added + syntax to start open instead of closed

***/
//{{{
config.formatters.unshift( {
	name: "inlinesliders",
	// match: "\\+\\+\\+\\+|\\<slider",
	match: "\\<slider",
	// lookaheadRegExp: /(?:\+\+\+\+|<slider) (.*?)(?:>?)\n((?:.|\n)*?)\n(?:====|<\/slider>)/mg,
	lookaheadRegExp: /(?:<slider)(\+?) (.*?)(?:>)\n((?:.|\n)*?)\n(?:<\/slider>)/mg,
	handler: function(w) {
		this.lookaheadRegExp.lastIndex = w.matchStart;
		var lookaheadMatch = this.lookaheadRegExp.exec(w.source)
		if(lookaheadMatch && lookaheadMatch.index == w.matchStart ) {
			var btn = createTiddlyButton(w.output,lookaheadMatch[2] + " "+"\u00BB",lookaheadMatch[2],this.onClickSlider,"button sliderButton");
			var panel = createTiddlyElement(w.output,"div",null,"sliderPanel");
			panel.style.display = (lookaheadMatch[1] == '+' ? "block" : "none");
			wikify(lookaheadMatch[3],panel);
			w.nextMatch = lookaheadMatch.index + lookaheadMatch[0].length;
		}
   },
   onClickSlider : function(e) {
		if(!e) var e = window.event;
		var n = this.nextSibling;
		n.style.display = (n.style.display=="none") ? "block" : "none";
		return false;
	}
});

//}}}
!!!OS Install & Update
# Install OS
# Update OS
!!! Terminal Services Installation
#full security
#autodiscover licensing server
#per device licensing mode
!!!Lockdown Server
#Set Filesystem Permissions
!!!Install Applications
http://www.msterminalservices.org/articles/Windows-Terminal-Services-Printing.html

http://www.msterminalservices.org/articles/Managing-Printer-Drivers.html?printversion

http://ts.veranoest.net/ts_printing.htm
{{{
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd]
"PrinterMappingINFName"="C:\\WINDOWS\\SYSTEM32\\TSPDRW\\NTPrintSubs.inf"
"PrinterMappingINFSection"="Printers"
}}}

There's the tsredirect utility from MS: tspdrw.exe
http://www.microsoft.com/downloads/details.aspx?familyid=9AD27BE9-40DB-484F-862E-38A094EEEAF7&displaylang=en
test aaa-server

Use the test aaa-server command to check whether the security appliance can authenticate or authorize users with a particular AAA server. Failure to reach the AAA server may be due to incorrect configuration on the security appliance, or the AAA server may be unreachable for other reasons, such as restrictive network configurations or server downtime.

test aaa-server {authentication | authorization} <server-tag> [host server-ip] [username <username>] [password <password>]

Syntax Description

authentication
Specifies that the security appliance should send a test authentication request.

authorization
Specifies that the security appliance should send a test authorization request.

host server-ip
Specifies The IP address of the AAA server.

password <password>
Specifies the password for the username given. The password argument is available only for authentication tests. Make sure the password is correct for the username entered; otherwise, the authentication test will fail.

server-tag
Specifies the symbolic name of the server group, as defined by the aaa-server protocol command.
Look for 
{{{
aaa-server RADIUS protocol radius
aaa-server RADIUS host 10.0.0.33
}}}

username <username>
Specifies the username of the account used to test the AAA server settings. Make sure the username exists on the AAA server; otherwise, the test will fail. 

{{{
FW1# test aaa authentication RADIUS host 10.0.0.33
Username: jcw
Password: *********
INFO: Attempting Authentication test to IP address <10.0.0.33> (timeout: 12 seconds)
ERROR: Authentication Server not responding: No error
FW1#
}}}
{{{
test aaa authentication radius host 10.11.1.2
}}}
DNS & Email:
https://dns-email.twcbc.com/

Help & Support:
http://help.twcbc.com

TW Biz Class Webmail:
http://mail.twcbc.com/
/***
|Name:|ToggleTagPlugin|
|Description:|Makes a checkbox which toggles a tag in a tiddler|
|Version:|3.1.0 ($Rev: 4907 $)|
|Date:|$Date: 2008-05-13 03:15:46 +1000 (Tue, 13 May 2008) $|
|Source:|http://mptw.tiddlyspot.com/#ToggleTagPlugin|
|Author:|Simon Baird <simon.baird@gmail.com>|
|License:|http://mptw.tiddlyspot.com/#TheBSDLicense|
!!Usage
{{{<<toggleTag }}}//{{{TagName TiddlerName LabelText}}}//{{{>>}}}
* TagName - the tag to be toggled, default value "checked"
* TiddlerName - the tiddler to toggle the tag in, default value the current tiddler
* LabelText - the text (gets wikified) to put next to the check box, default value is '{{{[[TagName]]}}}' or '{{{[[TagName]] [[TiddlerName]]}}}'
(If a parameter is '.' then the default will be used)
* TouchMod flag - if non empty then touch the tiddlers mod date. Note, can set config.toggleTagAlwaysTouchModDate to always touch mod date
!!Examples
|Code|Description|Example|h
|{{{<<toggleTag>>}}}|Toggles the default tag (checked) in this tiddler|<<toggleTag>>|
|{{{<<toggleTag TagName>>}}}|Toggles the TagName tag in this tiddler|<<toggleTag TagName>>|
|{{{<<toggleTag TagName TiddlerName>>}}}|Toggles the TagName tag in the TiddlerName tiddler|<<toggleTag TagName TiddlerName>>|
|{{{<<toggleTag TagName TiddlerName 'click me'>>}}}|Same but with custom label|<<toggleTag TagName TiddlerName 'click me'>>|
|{{{<<toggleTag . . 'click me'>>}}}|dot means use default value|<<toggleTag . . 'click me'>>|
!!Notes
* If TiddlerName doesn't exist it will be silently created
* Set label to '-' to specify no label
* See also http://mgtd-alpha.tiddlyspot.com/#ToggleTag2
!!Known issues
* Doesn't smoothly handle the case where you toggle a tag in a tiddler that is current open for editing
* Should convert to use named params
***/
//{{{

if (config.toggleTagAlwaysTouchModDate == undefined) config.toggleTagAlwaysTouchModDate = false;

merge(config.macros,{

	toggleTag: {

		createIfRequired: true,
		shortLabel: "[[%0]]",
		longLabel: "[[%0]] [[%1]]",

		handler: function(place,macroName,params,wikifier,paramString,tiddler) {
			var tiddlerTitle = tiddler ? tiddler.title : '';
			var tag   = (params[0] && params[0] != '.') ? params[0] : "checked";
			var title = (params[1] && params[1] != '.') ? params[1] : tiddlerTitle;
			var defaultLabel = (title == tiddlerTitle ? this.shortLabel : this.longLabel);
			var label = (params[2] && params[2] != '.') ? params[2] : defaultLabel;
			var touchMod = (params[3] && params[3] != '.') ? params[3] : "";
			label = (label == '-' ? '' : label); // dash means no label
			var theTiddler = (title == tiddlerTitle ? tiddler : store.getTiddler(title));
			var cb = createTiddlyCheckbox(place, label.format([tag,title]), theTiddler && theTiddler.isTagged(tag), function(e) {
				if (!store.tiddlerExists(title)) {
					if (config.macros.toggleTag.createIfRequired) {
						var content = store.getTiddlerText(title); // just in case it's a shadow
						store.saveTiddler(title,title,content?content:"",config.options.txtUserName,new Date(),null);
					}
					else 
						return false;
				}
				if ((touchMod != "" || config.toggleTagAlwaysTouchModDate) && theTiddler)
						theTiddler.modified = new Date();
				store.setTiddlerTag(title,this.checked,tag);
				return true;
			});
		}
	}
});

//}}}
/***
Contains the stuff you need to use Tiddlyspot
Note you must also have UploadPlugin installed
***/
//{{{

// edit this if you are migrating sites or retrofitting an existing TW
config.tiddlyspotSiteId = 'smaug9';

// make it so you can by default see edit controls via http
config.options.chkHttpReadOnly = false;
window.readOnly = false; // make sure of it (for tw 2.2)
window.showBackstage = true; // show backstage too

// disable autosave in d3
if (window.location.protocol != "file:")
	config.options.chkGTDLazyAutoSave = false;

// tweak shadow tiddlers to add upload button, password entry box etc
with (config.shadowTiddlers) {
	SiteUrl = 'http://'+config.tiddlyspotSiteId+'.tiddlyspot.com';
	SideBarOptions = SideBarOptions.replace(/(<<saveChanges>>)/,"$1<<tiddler TspotSidebar>>");
	OptionsPanel = OptionsPanel.replace(/^/,"<<tiddler TspotOptions>>");
	DefaultTiddlers = DefaultTiddlers.replace(/^/,"[[WelcomeToTiddlyspot]] ");
	MainMenu = MainMenu.replace(/^/,"[[WelcomeToTiddlyspot]] ");
}

// create some shadow tiddler content
merge(config.shadowTiddlers,{

'WelcomeToTiddlyspot':[
 "This document is a ~TiddlyWiki from tiddlyspot.com.  A ~TiddlyWiki is an electronic notebook that is great for managing todo lists, personal information, and all sorts of things.",
 "",
 "@@font-weight:bold;font-size:1.3em;color:#444; //What now?// &nbsp;&nbsp;@@ Before you can save any changes, you need to enter your password in the form below.  Then configure privacy and other site settings at your [[control panel|http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/controlpanel]] (your control panel username is //" + config.tiddlyspotSiteId + "//).",
 "<<tiddler TspotControls>>",
 "See also GettingStarted.",
 "",
 "@@font-weight:bold;font-size:1.3em;color:#444; //Working online// &nbsp;&nbsp;@@ You can edit this ~TiddlyWiki right now, and save your changes using the \"save to web\" button in the column on the right.",
 "",
 "@@font-weight:bold;font-size:1.3em;color:#444; //Working offline// &nbsp;&nbsp;@@ A fully functioning copy of this ~TiddlyWiki can be saved onto your hard drive or USB stick.  You can make changes and save them locally without being connected to the Internet.  When you're ready to sync up again, just click \"upload\" and your ~TiddlyWiki will be saved back to tiddlyspot.com.",
 "",
 "@@font-weight:bold;font-size:1.3em;color:#444; //Help!// &nbsp;&nbsp;@@ Find out more about ~TiddlyWiki at [[TiddlyWiki.com|http://tiddlywiki.com]].  Also visit [[TiddlyWiki.org|http://tiddlywiki.org]] for documentation on learning and using ~TiddlyWiki. New users are especially welcome on the [[TiddlyWiki mailing list|http://groups.google.com/group/TiddlyWiki]], which is an excellent place to ask questions and get help.  If you have a tiddlyspot related problem email [[tiddlyspot support|mailto:support@tiddlyspot.com]].",
 "",
 "@@font-weight:bold;font-size:1.3em;color:#444; //Enjoy :)// &nbsp;&nbsp;@@ We hope you like using your tiddlyspot.com site.  Please email [[feedback@tiddlyspot.com|mailto:feedback@tiddlyspot.com]] with any comments or suggestions."
].join("\n"),

'TspotControls':[
 "| tiddlyspot password:|<<option pasUploadPassword>>|",
 "| site management:|<<upload http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/store.cgi index.html . .  " + config.tiddlyspotSiteId + ">>//(requires tiddlyspot password)//<br>[[control panel|http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/controlpanel]], [[download (go offline)|http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/download]]|",
 "| links:|[[tiddlyspot.com|http://tiddlyspot.com/]], [[FAQs|http://faq.tiddlyspot.com/]], [[blog|http://tiddlyspot.blogspot.com/]], email [[support|mailto:support@tiddlyspot.com]] & [[feedback|mailto:feedback@tiddlyspot.com]], [[donate|http://tiddlyspot.com/?page=donate]]|"
].join("\n"),

'TspotSidebar':[
 "<<upload http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/store.cgi index.html . .  " + config.tiddlyspotSiteId + ">><html><a href='http://" + config.tiddlyspotSiteId + ".tiddlyspot.com/download' class='button'>download</a></html>"
].join("\n"),

'TspotOptions':[
 "tiddlyspot password:",
 "<<option pasUploadPassword>>",
 ""
].join("\n")

});
//}}}
/etc/udev/rules.d/z25_persistent-net.rules is the home of where Debian remembers the network adapters
http://www-128.ibm.com/developerworks/aix/library/au-unix-find.html
{{{

    ASA#copy tftp [[flash:/disk0:][software image name/asdm image name]]

    !--- Command to set an image as bootup or specify the 
    !--- ASDM image file. 

    ASA(config)#boot system [flash:/disk0:]/[software image name]

    !--- Save active configuration to the Flash.

    ASA#write memory

    !--- Reboot the security appliance and load 
    !--- with the new boot image as per the configuration file.

    ASA#reload

Example:

    ASA5510#copy tftp disk0:

    Address or name of remote host []? 172.16.31.1
    Source filename []? asa722-k8.bin
    Destination filename [asa722-k8.bin]?
    Accessing tftp://172.16.31.1/asa722-k8.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    Writing file disk0:/asa722-k8.bin...
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    8312832 bytes copied in 163.350 secs (50998 bytes/sec)

    ASA5510#show disk0:
    -#- --length-- -----date/time------ path
      6 5124096    Jan 01 2003 00:06:22 asa702-k8.bin
      7 5623108    Feb 12 2007 00:23:48 asdm-522.bin
     10 5539756    Feb 12 2007 00:14:18 asdm-521.bin
     11 8294400    Dec 07 2006 05:47:20 asa721-24-k8.bin
     12 6002680    Dec 21 2006 03:58:30 asdm-52034.bin
     13 8312832    Feb 12 2007 22:46:30 asa722-k8.bin

    23949312 bytes available (38932480 bytes used)

    !--- Command to set "asa722-k8.bin" as the boot image.

    ASA5510(config)# boot system disk0:/asa722-k8.bin

    !--- Command to set "asdm-522.bin" as the ASDM image.

    ASA5510(config)# asdm image disk0:/asdm-522.bin
    ASA5510# write memory
    ASA5510# reload

}}}
| !date | !user | !location | !storeUrl | !uploadDir | !toFilename | !backupdir | !origin |
| 04/09/2012 15:43:23 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 04/09/2012 15:45:26 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 21/09/2012 08:12:47 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 28/09/2012 16:54:17 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 07/03/2013 02:12:12 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
| 26/11/2013 16:13:45 | smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 16:14:22 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 16:15:02 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 17:29:01 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . | ok |
| 26/11/2013 17:56:20 | Smaug9 | [[/|http://smaug9.tiddlyspot.com/]] | [[store.cgi|http://smaug9.tiddlyspot.com/store.cgi]] | . | [[index.html | http://smaug9.tiddlyspot.com/index.html]] | . |
/***
|''Name:''|PasswordOptionPlugin|
|''Description:''|Extends TiddlyWiki options with non encrypted password option.|
|''Version:''|1.0.2|
|''Date:''|Apr 19, 2007|
|''Source:''|http://tiddlywiki.bidix.info/#PasswordOptionPlugin|
|''Author:''|BidiX (BidiX (at) bidix (dot) info)|
|''License:''|[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D ]]|
|''~CoreVersion:''|2.2.0 (Beta 5)|
***/
//{{{
version.extensions.PasswordOptionPlugin = {
	major: 1, minor: 0, revision: 2, 
	date: new Date("Apr 19, 2007"),
	source: 'http://tiddlywiki.bidix.info/#PasswordOptionPlugin',
	author: 'BidiX (BidiX (at) bidix (dot) info',
	license: '[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D]]',
	coreVersion: '2.2.0 (Beta 5)'
};

config.macros.option.passwordCheckboxLabel = "Save this password on this computer";
config.macros.option.passwordInputType = "password"; // password | text
setStylesheet(".pasOptionInput {width: 11em;}\n","passwordInputTypeStyle");

merge(config.macros.option.types, {
	'pas': {
		elementType: "input",
		valueField: "value",
		eventName: "onkeyup",
		className: "pasOptionInput",
		typeValue: config.macros.option.passwordInputType,
		create: function(place,type,opt,className,desc) {
			// password field
			config.macros.option.genericCreate(place,'pas',opt,className,desc);
			// checkbox linked with this password "save this password on this computer"
			config.macros.option.genericCreate(place,'chk','chk'+opt,className,desc);			
			// text savePasswordCheckboxLabel
			place.appendChild(document.createTextNode(config.macros.option.passwordCheckboxLabel));
		},
		onChange: config.macros.option.genericOnChange
	}
});

merge(config.optionHandlers['chk'], {
	get: function(name) {
		// is there an option linked with this chk ?
		var opt = name.substr(3);
		if (config.options[opt]) 
			saveOptionCookie(opt);
		return config.options[name] ? "true" : "false";
	}
});

merge(config.optionHandlers, {
	'pas': {
 		get: function(name) {
			if (config.options["chk"+name]) {
				return encodeCookie(config.options[name].toString());
			} else {
				return "";
			}
		},
		set: function(name,value) {config.options[name] = decodeCookie(value);}
	}
});

// need to reload options to load passwordOptions
loadOptionsCookie();

/*
if (!config.options['pasPassword'])
	config.options['pasPassword'] = '';

merge(config.optionsDesc,{
		pasPassword: "Test password"
	});
*/
//}}}

/***
|''Name:''|UploadPlugin|
|''Description:''|Save to web a TiddlyWiki|
|''Version:''|4.1.0|
|''Date:''|May 5, 2007|
|''Source:''|http://tiddlywiki.bidix.info/#UploadPlugin|
|''Documentation:''|http://tiddlywiki.bidix.info/#UploadPluginDoc|
|''Author:''|BidiX (BidiX (at) bidix (dot) info)|
|''License:''|[[BSD open source license|http://tiddlywiki.bidix.info/#%5B%5BBSD%20open%20source%20license%5D%5D ]]|
|''~CoreVersion:''|2.2.0 (#3125)|
|''Requires:''|PasswordOptionPlugin|
***/
//{{{
version.extensions.UploadPlugin = {
	major: 4, minor: 1, revision: 0,
	date: new Date("May 5, 2007"),
	source: 'http://tiddlywiki.bidix.info/#UploadPlugin',
	author: 'BidiX (BidiX (at) bidix (dot) info',
	coreVersion: '2.2.0 (#3125)'
};

//
// Environment
//

if (!window.bidix) window.bidix = {}; // bidix namespace
bidix.debugMode = false;	// true to activate both in Plugin and UploadService
	
//
// Upload Macro
//

config.macros.upload = {
// default values
	defaultBackupDir: '',	//no backup
	defaultStoreScript: "store.php",
	defaultToFilename: "index.html",
	defaultUploadDir: ".",
	authenticateUser: true	// UploadService Authenticate User
};
	
config.macros.upload.label = {
	promptOption: "Save and Upload this TiddlyWiki with UploadOptions",
	promptParamMacro: "Save and Upload this TiddlyWiki in %0",
	saveLabel: "save to web", 
	saveToDisk: "save to disk",
	uploadLabel: "upload"	
};

config.macros.upload.messages = {
	noStoreUrl: "No store URL in parmeters or options",
	usernameOrPasswordMissing: "Username or password missing"
};

config.macros.upload.handler = function(place,macroName,params) {
	if (readOnly)
		return;
	var label;
	if (document.location.toString().substr(0,4) == "http") 
		label = this.label.saveLabel;
	else
		label = this.label.uploadLabel;
	var prompt;
	if (params[0]) {
		prompt = this.label.promptParamMacro.toString().format([this.destFile(params[0], 
			(params[1] ? params[1]:bidix.basename(window.location.toString())), params[3])]);
	} else {
		prompt = this.label.promptOption;
	}
	createTiddlyButton(place, label, prompt, function() {config.macros.upload.action(params);}, null, null, this.accessKey);
};

config.macros.upload.action = function(params)
{
		// for missing macro parameter set value from options
		var storeUrl = params[0] ? params[0] : config.options.txtUploadStoreUrl;
		var toFilename = params[1] ? params[1] : config.options.txtUploadFilename;
		var backupDir = params[2] ? params[2] : config.options.txtUploadBackupDir;
		var uploadDir = params[3] ? params[3] : config.options.txtUploadDir;
		var username = params[4] ? params[4] : config.options.txtUploadUserName;
		var password = config.options.pasUploadPassword; // for security reason no password as macro parameter	
		// for still missing parameter set default value
		if ((!storeUrl) && (document.location.toString().substr(0,4) == "http")) 
			storeUrl = bidix.dirname(document.location.toString())+'/'+config.macros.upload.defaultStoreScript;
		if (storeUrl.substr(0,4) != "http")
			storeUrl = bidix.dirname(document.location.toString()) +'/'+ storeUrl;
		if (!toFilename)
			toFilename = bidix.basename(window.location.toString());
		if (!toFilename)
			toFilename = config.macros.upload.defaultToFilename;
		if (!uploadDir)
			uploadDir = config.macros.upload.defaultUploadDir;
		if (!backupDir)
			backupDir = config.macros.upload.defaultBackupDir;
		// report error if still missing
		if (!storeUrl) {
			alert(config.macros.upload.messages.noStoreUrl);
			clearMessage();
			return false;
		}
		if (config.macros.upload.authenticateUser && (!username || !password)) {
			alert(config.macros.upload.messages.usernameOrPasswordMissing);
			clearMessage();
			return false;
		}
		bidix.upload.uploadChanges(false,null,storeUrl, toFilename, uploadDir, backupDir, username, password); 
		return false; 
};

config.macros.upload.destFile = function(storeUrl, toFilename, uploadDir) 
{
	if (!storeUrl)
		return null;
		var dest = bidix.dirname(storeUrl);
		if (uploadDir && uploadDir != '.')
			dest = dest + '/' + uploadDir;
		dest = dest + '/' + toFilename;
	return dest;
};

//
// uploadOptions Macro
//

config.macros.uploadOptions = {
	handler: function(place,macroName,params) {
		var wizard = new Wizard();
		wizard.createWizard(place,this.wizardTitle);
		wizard.addStep(this.step1Title,this.step1Html);
		var markList = wizard.getElement("markList");
		var listWrapper = document.createElement("div");
		markList.parentNode.insertBefore(listWrapper,markList);
		wizard.setValue("listWrapper",listWrapper);
		this.refreshOptions(listWrapper,false);
		var uploadCaption;
		if (document.location.toString().substr(0,4) == "http") 
			uploadCaption = config.macros.upload.label.saveLabel;
		else
			uploadCaption = config.macros.upload.label.uploadLabel;
		
		wizard.setButtons([
				{caption: uploadCaption, tooltip: config.macros.upload.label.promptOption, 
					onClick: config.macros.upload.action},
				{caption: this.cancelButton, tooltip: this.cancelButtonPrompt, onClick: this.onCancel}
				
			]);
	},
	refreshOptions: function(listWrapper) {
		var uploadOpts = [
			"txtUploadUserName",
			"pasUploadPassword",
			"txtUploadStoreUrl",
			"txtUploadDir",
			"txtUploadFilename",
			"txtUploadBackupDir",
			"chkUploadLog",
			"txtUploadLogMaxLine",
			]
		var opts = [];
		for(i=0; i<uploadOpts.length; i++) {
			var opt = {};
			opts.push()
			opt.option = "";
			n = uploadOpts[i];
			opt.name = n;
			opt.lowlight = !config.optionsDesc[n];
			opt.description = opt.lowlight ? this.unknownDescription : config.optionsDesc[n];
			opts.push(opt);
		}
		var listview = ListView.create(listWrapper,opts,this.listViewTemplate);
		for(n=0; n<opts.length; n++) {
			var type = opts[n].name.substr(0,3);
			var h = config.macros.option.types[type];
			if (h && h.create) {
				h.create(opts[n].colElements['option'],type,opts[n].name,opts[n].name,"no");
			}
		}
		
	},
	onCancel: function(e)
	{
		backstage.switchTab(null);
		return false;
	},
	
	wizardTitle: "Upload with options",
	step1Title: "These options are saved in cookies in your browser",
	step1Html: "<input type='hidden' name='markList'></input><br>",
	cancelButton: "Cancel",
	cancelButtonPrompt: "Cancel prompt",
	listViewTemplate: {
		columns: [
			{name: 'Description', field: 'description', title: "Description", type: 'WikiText'},
			{name: 'Option', field: 'option', title: "Option", type: 'String'},
			{name: 'Name', field: 'name', title: "Name", type: 'String'}
			],
		rowClasses: [
			{className: 'lowlight', field: 'lowlight'} 
			]}
}

//
// upload functions
//

if (!bidix.upload) bidix.upload = {};

if (!bidix.upload.messages) bidix.upload.messages = {
	//from saving
	invalidFileError: "The original file '%0' does not appear to be a valid TiddlyWiki",
	backupSaved: "Backup saved",
	backupFailed: "Failed to upload backup file",
	rssSaved: "RSS feed uploaded",
	rssFailed: "Failed to upload RSS feed file",
	emptySaved: "Empty template uploaded",
	emptyFailed: "Failed to upload empty template file",
	mainSaved: "Main TiddlyWiki file uploaded",
	mainFailed: "Failed to upload main TiddlyWiki file. Your changes have not been saved",
	//specific upload
	loadOriginalHttpPostError: "Can't get original file",
	aboutToSaveOnHttpPost: 'About to upload on %0 ...',
	storePhpNotFound: "The store script '%0' was not found."
};

bidix.upload.uploadChanges = function(onlyIfDirty,tiddlers,storeUrl,toFilename,uploadDir,backupDir,username,password)
{
	var callback = function(status,uploadParams,original,url,xhr) {
		if (!status) {
			displayMessage(bidix.upload.messages.loadOriginalHttpPostError);
			return;
		}
		if (bidix.debugMode) 
			alert(original.substr(0,500)+"\n...");
		// Locate the storeArea div's 
		var posDiv = locateStoreArea(original);
		if((posDiv[0] == -1) || (posDiv[1] == -1)) {
			alert(config.messages.invalidFileError.format([localPath]));
			return;
		}
		bidix.upload.uploadRss(uploadParams,original,posDiv);
	};
	
	if(onlyIfDirty && !store.isDirty())
		return;
	clearMessage();
	// save on localdisk ?
	if (document.location.toString().substr(0,4) == "file") {
		var path = document.location.toString();
		var localPath = getLocalPath(path);
		saveChanges();
	}
	// get original
	var uploadParams = Array(storeUrl,toFilename,uploadDir,backupDir,username,password);
	var originalPath = document.location.toString();
	// If url is a directory : add index.html
	if (originalPath.charAt(originalPath.length-1) == "/")
		originalPath = originalPath + "index.html";
	var dest = config.macros.upload.destFile(storeUrl,toFilename,uploadDir);
	var log = new bidix.UploadLog();
	log.startUpload(storeUrl, dest, uploadDir,  backupDir);
	displayMessage(bidix.upload.messages.aboutToSaveOnHttpPost.format([dest]));
	if (bidix.debugMode) 
		alert("about to execute Http - GET on "+originalPath);
	var r = doHttp("GET",originalPath,null,null,null,null,callback,uploadParams,null);
	if (typeof r == "string")
		displayMessage(r);
	return r;
};

bidix.upload.uploadRss = function(uploadParams,original,posDiv) 
{
	var callback = function(status,params,responseText,url,xhr) {
		if(status) {
			var destfile = responseText.substring(responseText.indexOf("destfile:")+9,responseText.indexOf("\n", responseText.indexOf("destfile:")));
			displayMessage(bidix.upload.messages.rssSaved,bidix.dirname(url)+'/'+destfile);
			bidix.upload.uploadMain(params[0],params[1],params[2]);
		} else {
			displayMessage(bidix.upload.messages.rssFailed);			
		}
	};
	// do uploadRss
	if(config.options.chkGenerateAnRssFeed) {
		var rssPath = uploadParams[1].substr(0,uploadParams[1].lastIndexOf(".")) + ".xml";
		var rssUploadParams = Array(uploadParams[0],rssPath,uploadParams[2],'',uploadParams[4],uploadParams[5]);
		bidix.upload.httpUpload(rssUploadParams,convertUnicodeToUTF8(generateRss()),callback,Array(uploadParams,original,posDiv));
	} else {
		bidix.upload.uploadMain(uploadParams,original,posDiv);
	}
};

bidix.upload.uploadMain = function(uploadParams,original,posDiv) 
{
	var callback = function(status,params,responseText,url,xhr) {
		var log = new bidix.UploadLog();
		if(status) {
			// if backupDir specified
			if ((params[3]) && (responseText.indexOf("backupfile:") > -1))  {
				var backupfile = responseText.substring(responseText.indexOf("backupfile:")+11,responseText.indexOf("\n", responseText.indexOf("backupfile:")));
				displayMessage(bidix.upload.messages.backupSaved,bidix.dirname(url)+'/'+backupfile);
			}
			var destfile = responseText.substring(responseText.indexOf("destfile:")+9,responseText.indexOf("\n", responseText.indexOf("destfile:")));
			displayMessage(bidix.upload.messages.mainSaved,bidix.dirname(url)+'/'+destfile);
			store.setDirty(false);
			log.endUpload("ok");
		} else {
			alert(bidix.upload.messages.mainFailed);
			displayMessage(bidix.upload.messages.mainFailed);
			log.endUpload("failed");			
		}
	};
	// do uploadMain
	var revised = bidix.upload.updateOriginal(original,posDiv);
	bidix.upload.httpUpload(uploadParams,revised,callback,uploadParams);
};

bidix.upload.httpUpload = function(uploadParams,data,callback,params)
{
	var localCallback = function(status,params,responseText,url,xhr) {
		url = (url.indexOf("nocache=") < 0 ? url : url.substring(0,url.indexOf("nocache=")-1));
		if (xhr.status == httpStatus.NotFound)
			alert(bidix.upload.messages.storePhpNotFound.format([url]));
		if ((bidix.debugMode) || (responseText.indexOf("Debug mode") >= 0 )) {
			alert(responseText);
			if (responseText.indexOf("Debug mode") >= 0 )
				responseText = responseText.substring(responseText.indexOf("\n\n")+2);
		} else if (responseText.charAt(0) != '0') 
			alert(responseText);
		if (responseText.charAt(0) != '0')
			status = null;
		callback(status,params,responseText,url,xhr);
	};
	// do httpUpload
	var boundary = "---------------------------"+"AaB03x";	
	var uploadFormName = "UploadPlugin";
	// compose headers data
	var sheader = "";
	sheader += "--" + boundary + "\r\nContent-disposition: form-data; name=\"";
	sheader += uploadFormName +"\"\r\n\r\n";
	sheader += "backupDir="+uploadParams[3] +
				";user=" + uploadParams[4] +
				";password=" + uploadParams[5] +
				";uploaddir=" + uploadParams[2];
	if (bidix.debugMode)
		sheader += ";debug=1";
	sheader += ";;\r\n"; 
	sheader += "\r\n" + "--" + boundary + "\r\n";
	sheader += "Content-disposition: form-data; name=\"userfile\"; filename=\""+uploadParams[1]+"\"\r\n";
	sheader += "Content-Type: text/html;charset=UTF-8" + "\r\n";
	sheader += "Content-Length: " + data.length + "\r\n\r\n";
	// compose trailer data
	var strailer = new String();
	strailer = "\r\n--" + boundary + "--\r\n";
	data = sheader + data + strailer;
	if (bidix.debugMode) alert("about to execute Http - POST on "+uploadParams[0]+"\n with \n"+data.substr(0,500)+ " ... ");
	var r = doHttp("POST",uploadParams[0],data,"multipart/form-data; boundary="+boundary,uploadParams[4],uploadParams[5],localCallback,params,null);
	if (typeof r == "string")
		displayMessage(r);
	return r;
};

// same as Saving's updateOriginal but without convertUnicodeToUTF8 calls
bidix.upload.updateOriginal = function(original, posDiv)
{
	if (!posDiv)
		posDiv = locateStoreArea(original);
	if((posDiv[0] == -1) || (posDiv[1] == -1)) {
		alert(config.messages.invalidFileError.format([localPath]));
		return;
	}
	var revised = original.substr(0,posDiv[0] + startSaveArea.length) + "\n" +
				store.allTiddlersAsHtml() + "\n" +
				original.substr(posDiv[1]);
	var newSiteTitle = getPageTitle().htmlEncode();
	revised = revised.replaceChunk("<title"+">","</title"+">"," " + newSiteTitle + " ");
	revised = updateMarkupBlock(revised,"PRE-HEAD","MarkupPreHead");
	revised = updateMarkupBlock(revised,"POST-HEAD","MarkupPostHead");
	revised = updateMarkupBlock(revised,"PRE-BODY","MarkupPreBody");
	revised = updateMarkupBlock(revised,"POST-SCRIPT","MarkupPostBody");
	return revised;
};

//
// UploadLog
// 
// config.options.chkUploadLog :
//		false : no logging
//		true : logging
// config.options.txtUploadLogMaxLine :
//		-1 : no limit
//      0 :  no Log lines but UploadLog is still in place
//		n :  the last n lines are only kept
//		NaN : no limit (-1)

bidix.UploadLog = function() {
	if (!config.options.chkUploadLog) 
		return; // this.tiddler = null
	this.tiddler = store.getTiddler("UploadLog");
	if (!this.tiddler) {
		this.tiddler = new Tiddler();
		this.tiddler.title = "UploadLog";
		this.tiddler.text = "| !date | !user | !location | !storeUrl | !uploadDir | !toFilename | !backupdir | !origin |";
		this.tiddler.created = new Date();
		this.tiddler.modifier = config.options.txtUserName;
		this.tiddler.modified = new Date();
		store.addTiddler(this.tiddler);
	}
	return this;
};

bidix.UploadLog.prototype.addText = function(text) {
	if (!this.tiddler)
		return;
	// retrieve maxLine when we need it
	var maxLine = parseInt(config.options.txtUploadLogMaxLine,10);
	if (isNaN(maxLine))
		maxLine = -1;
	// add text
	if (maxLine != 0) 
		this.tiddler.text = this.tiddler.text + text;
	// Trunck to maxLine
	if (maxLine >= 0) {
		var textArray = this.tiddler.text.split('\n');
		if (textArray.length > maxLine + 1)
			textArray.splice(1,textArray.length-1-maxLine);
			this.tiddler.text = textArray.join('\n');		
	}
	// update tiddler fields
	this.tiddler.modifier = config.options.txtUserName;
	this.tiddler.modified = new Date();
	store.addTiddler(this.tiddler);
	// refresh and notifiy for immediate update
	story.refreshTiddler(this.tiddler.title);
	store.notify(this.tiddler.title, true);
};

bidix.UploadLog.prototype.startUpload = function(storeUrl, toFilename, uploadDir,  backupDir) {
	if (!this.tiddler)
		return;
	var now = new Date();
	var text = "\n| ";
	var filename = bidix.basename(document.location.toString());
	if (!filename) filename = '/';
	text += now.formatString("0DD/0MM/YYYY 0hh:0mm:0ss") +" | ";
	text += config.options.txtUserName + " | ";
	text += "[["+filename+"|"+location + "]] |";
	text += " [[" + bidix.basename(storeUrl) + "|" + storeUrl + "]] | ";
	text += uploadDir + " | ";
	text += "[[" + bidix.basename(toFilename) + " | " +toFilename + "]] | ";
	text += backupDir + " |";
	this.addText(text);
};

bidix.UploadLog.prototype.endUpload = function(status) {
	if (!this.tiddler)
		return;
	this.addText(" "+status+" |");
};

//
// Utilities
// 

bidix.checkPlugin = function(plugin, major, minor, revision) {
	var ext = version.extensions[plugin];
	if (!
		(ext  && 
			((ext.major > major) || 
			((ext.major == major) && (ext.minor > minor))  ||
			((ext.major == major) && (ext.minor == minor) && (ext.revision >= revision))))) {
			// write error in PluginManager
			if (pluginInfo)
				pluginInfo.log.push("Requires " + plugin + " " + major + "." + minor + "." + revision);
			eval(plugin); // generate an error : "Error: ReferenceError: xxxx is not defined"
	}
};

bidix.dirname = function(filePath) {
	if (!filePath) 
		return;
	var lastpos;
	if ((lastpos = filePath.lastIndexOf("/")) != -1) {
		return filePath.substring(0, lastpos);
	} else {
		return filePath.substring(0, filePath.lastIndexOf("\\"));
	}
};

bidix.basename = function(filePath) {
	if (!filePath) 
		return;
	var lastpos;
	if ((lastpos = filePath.lastIndexOf("#")) != -1) 
		filePath = filePath.substring(0, lastpos);
	if ((lastpos = filePath.lastIndexOf("/")) != -1) {
		return filePath.substring(lastpos + 1);
	} else
		return filePath.substring(filePath.lastIndexOf("\\")+1);
};

bidix.initOption = function(name,value) {
	if (!config.options[name])
		config.options[name] = value;
};

//
// Initializations
//

// require PasswordOptionPlugin 1.0.1 or better
bidix.checkPlugin("PasswordOptionPlugin", 1, 0, 1);

// styleSheet
setStylesheet('.txtUploadStoreUrl, .txtUploadBackupDir, .txtUploadDir {width: 22em;}',"uploadPluginStyles");

//optionsDesc
merge(config.optionsDesc,{
	txtUploadStoreUrl: "Url of the UploadService script (default: store.php)",
	txtUploadFilename: "Filename of the uploaded file (default: in index.html)",
	txtUploadDir: "Relative Directory where to store the file (default: . (downloadService directory))",
	txtUploadBackupDir: "Relative Directory where to backup the file. If empty no backup. (default: ''(empty))",
	txtUploadUserName: "Upload Username",
	pasUploadPassword: "Upload Password",
	chkUploadLog: "do Logging in UploadLog (default: true)",
	txtUploadLogMaxLine: "Maximum of lines in UploadLog (default: 10)"
});

// Options Initializations
bidix.initOption('txtUploadStoreUrl','');
bidix.initOption('txtUploadFilename','');
bidix.initOption('txtUploadDir','');
bidix.initOption('txtUploadBackupDir','');
bidix.initOption('txtUploadUserName','');
bidix.initOption('pasUploadPassword','');
bidix.initOption('chkUploadLog',true);
bidix.initOption('txtUploadLogMaxLine','10');


/* don't want this for tiddlyspot sites

// Backstage
merge(config.tasks,{
	uploadOptions: {text: "upload", tooltip: "Change UploadOptions and Upload", content: '<<uploadOptions>>'}
});
config.backstageTasks.push("uploadOptions");

*/


//}}}
so the vlans get listed as root-enumerated devices.

{{{
ROOT\IANSMINIPORT\0000   : Intel(R) 82566DM Gigabit Network Connection - VLAN : ID30
ROOT\IANSMINIPORT\0001   : Intel(R) 82566DM Gigabit Network Connection - VLAN : Untagged VLAN
}}}

which means that you have to refer to them with an '@' sign when using it with devcon. something like:
{{{
devcon disable @ROOT\IANSMINIPORT\0000
}}}
online quiz:
http://www.vmuser.com/joomla/index.php?option=com_joomlaquiz&Itemid=7

Ref Card:
http://vmreference.googlepages.com/vmreferenceVI3Card1.1.pdf

VMware Blueprint
http://mylearn1.vmware.com/lcms/mL_faq/1714/VCP3.5Blueprint.PDF
!!!Undo:
{{{
u
}}}
!!line numbers
on: 
{{{
:set number
}}}

off: 
{{{
:set nonumber
}}}
Trunk Port: tagged for all vlans
Access Port: untagged for 1 vlan



     VLAN1     VLAN2
1        Tagged     Tagged
2-12     Untagged   Untagged
13-24    Untagged   Tagged
But I'm beginning to think that this is incorrect.  I tagged port 1 to both because of the PIX interface being trunked.  I left the remaineder untagged because this is the native vlan (now I'm not 100% sure if these two issues are even related).  I can ping the default gateway on the PIX which is defined as physical.  However, if I change port 2 (where the PC I'm testing from is plugged into) then I can no longer reach the pix.  I don't quiet understand that, surely Tagging it into VLAN1 is a more explicit way of saying that the port belongs to VLAN1.

On the second VLAN however, where I've tagged all the ports for VLAN2, I cannot reach the interface on the pix (same subnet, defined on the PIX as logical).  Am I completely missing the point here?  Could somebody explin to me a little about the tagging?  If I changed the VLAN assignement for VLAN2 on port 13 to Unassigned, would it work?  Sorry, I didn't have much time to test yet ... but it just seems the more I think about this the more confused I get about the tagging and the native VLAN.  Can somebody help me out at all?

Irish Poetry - Karen O'Connor
Get your Irish Poetry Published
Garten und Landschaftsbau
Start your own Tek-Tips Group! Click Here!
Helpful Member!TheBublitz (IS/IT--Management) 	
7 Jul 06 16:29
OK here is the skinny on VLAN tagging.



1. You ONLY tagg a port if it is going to recieve traffic from more than 1 vlan.(Examples would be an access point may be connected to a switch port. The access point may serv requests for Laptops<--Not 802.1q compatible so only get traffic from untagged vlan ususally vlan 1, and then wireless ip phones <---probably vlan 2 Tagged) another example is some people connect their PC to their IP phones  to conserv cable drops. SO you set the phone to vlan 2 TAGGED and the pc only gets vlan 1 info Untagged.

2. You can only have 1 Untagged Vlan per port.

3. All non 802.1q devices will only recieve traffic on a port from the UNtagged VLan

4.Trunk ports to other hp switchs NEED to have both ends configured for 802.1q so both switchs get vlan 1 and 2 info

5. If you assign a device to ONLY 1 vlan lets say vlan 2. You dont need to tagg the vlan. so you would enter.....

vlan 2 untagged ethernet 5

This would take port 5 out of vlan 1 and into vlan 2 untagged(there is No need for the tag since its apart of only 1 vlan which is vlan 2).

If you wanted port 5 to be an access point OR a trunk port to another hp switch you would enter this

vlan 2 tagged ethernet 5

This would leave port 5 in vlan 1 untagged, and it would also be apart of vlan 2 tagged

6. If your PIX isn't 802.1q compatible then you need to enable IP routing on your switch to route between vlans. to do this enter the command...

ip routing

VERY important hehe

7. If you switch is going to be routing the vlans(most common setup)

All devices on vlan 2 Need to set their gateway to the switch IP configured for vlan 2.

The same can be said for vlan 1 devices unless you want the pix to be the gateway. (I woulden't reccommend this unless there wont be much traffic between the vlans)

8. The switch should use the PIX as its gateway or make a route

0.0.0.0 0.0.0.0 (ip of pix)

9. The pix needs a route to lan 2 also if its not handling vlan 2 traffic. Ill use 10.50.10.0/24 as an example for vlan 2 network and 10.30.30.0/24 for vlan 1 netowrk.

"10.50.10.0 255.255.255.0 (vlan 1)" (ip addres of vlan 1 configured into switch

and another route (if vlan 1 devices are using switch as gateway)

"10.30.30.0 255.255.255.0 (vlan 1)" (ip configured in the switch)

Billy Bublitz
Integrity Windows and Doors
{{{get-vm | get-vmresourceconfiguration | select VM,MemLimitMB,CpuLimitMhz | sort MemLimitMB | ft -auto}}}
#configure pNIC parameters
##[[esxcfg-nics]] 
#create vswitch
##[[esxcfg-vswitch -a]]
#link pNIC with vswitch
##[[esxcfg-vswitch -L]]
#link additional pNIC with vswitch
##[[esxcfg-vswitch -L]]
#create portgroup on vswitch
##[[esxcfg-vswitch -A]]

Help: [[esxcfg-vswitch help]]
{{{
Add-PSSnapin VMware.VimAutomation.Core
}}}
{{{
Connect-VIServer vcenter2.domain.tld
}}}
{{{
ASA# conf t
ASA(config)# group-policy groupname attributes
ASA(config-group-policy)# vpn-idle-timeout 30
ASA(config-group-policy)# <control z>
ASA# wr m
}}}
{{{
hostname fw-compguard
domain-name compguard.net
access-list NONAT permit ip 192.168.10.0 255.255.255.0 172.31.1.0 255.255.255.0
access-list VPN-ACL permit ip 192.168.10.0 255.255.255.0 172.31.1.0 255.255.255.0


ip address outside 72.43.91.75 255.255.255.192
ip address inside 192.168.10.1 255.255.255.0

ip local pool VPNPOOL 172.31.1.10-172.31.1.20

global (outside) 1 interface
nat (inside) 0 access-list NONAT
nat (inside) 1 0.0.0.0 0.0.0.0 0 0

route outside 0.0.0.0 0.0.0.0 72.43.91.65 1

aaa-server LOCAL protocol local

sysopt connection permit-ipsec

crypto ipsec transform-set SET1 esp-3des esp-md5-hmac
crypto dynamic-map VPNMAP1 20 set transform-set SET1
crypto map CLIENT-MAP 65535 ipsec-isakmp dynamic VPNMAP1
crypto map CLIENT-MAP client authentication LOCAL
crypto map CLIENT-MAP interface outside

isakmp enable outside
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400

vpngroup VPN address-pool VPNPOOL
vpngroup VPN default-domain compguard.net
vpngroup VPN split-tunnel VPN-ACL
vpngroup VPN idle-time 1800
vpngroup VPN password ********

username mjz2 password XXXXXXXXXXXXXXx encrypted privilege 2
}}}
http://www.microsoft.com/downloads/thankyou.aspx?familyId=95ac1610-c232-4644-b828-c55eec605d55&displayLang=en
{{{
@echo off && for /l %i in (1,1,9999) do echo.|time | findstr current && ping -n 1 4.2.2.2 | findstr Reply && timeout /t 5 > nul
}}}
{{{
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,1d,00,3a,00,00,00,00,00 
}}}
Registry Keys for Environment Variables

For those who are experienced with editing the Registry, there is another way to make changes in environment variables. 
User environment variables are stored in the Registry in the key:
{{{
HKEY_CURRENT_USER\Environment
}}}
System variables are found in the key:
{{{
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
}}}
Note that any environment variable that is in the form that needs to be expanded (for example, %PATH%) must be stored in the registry as a REG_EXPAND_SZ registry value. Editing the Registry is primarily for scripts used by systems administrators and is not recommended for the average PC user. 

Using the add-on tool Setx.exe

It is not part of the standard Windows XP setup but a command-line tool called setx.exe is included in the Windows XP Service Pack 2 Support Tools. This tool extends the set command so that permanent changes in the environment variables can be made. For example, to add a folder C:\New Folder to the path, the command would be setx path "%PATH%;C:\New Folder" 
I recently set up disk space alerts for a few servers.

The trick to get the alerts to run all the time: 
Configure the alert on the Schedule tab:
#set the 'Start scan' time to a time in the past
#set the 'Stop scan' to 'After' 100000 days

If moving a task between servers (or cloning a vm template), you may need to change the account that the alert runs under.

Here's my setup:
General tab:
{{{
Comment: Free space on system volume
Counters:\LogicalDisk(C:)\Free Megabytes
Alert when the value is: 'Under' Limit: '5000'
Sample data every: Interval: '30' Units: 'seconds'
Run As: host\username
}}}
Action tab:
{{{
When an alert is triggered:
[X] Log an entry int he application event log
[ ] Send a network message to:
[ ] Start performance data log
[ ] Run this program: 'c:\bin\diskspacealert.cmd
}}}
Command Line Arguments:
{{{
[ ] Single argument string
[X] Date/time
[X] Measured Value
[X] Alert Name
[X] Counter Name
[X] Limit Value
[ ] Text Message
}}}
Schedule tab:
{{{
Start scan: any time in the past
Stop scan: after 100000 days
When an alert scan finishes: [X] start a new scan
}}}


c:\bin\diskspacealert.cmd:
{{{
date /t >> c:\bin\alert.txt
time /t >> c:\bin\alert.txt
set emailprogram=c:\bin\blat.exe
set recip=netadmins@domain.org
set subject="%computername% Disk Space Alert: %~4 MB Free"
set body="%~1 %~2 %~3 %~4 %~5"

%emailprogram% - -t %recip% -s %subject% -body %body% >> c:\bin\alert.txt 2>&1

echo args = %* >> c:\bin\alert.txt
echo blat = %emailprogram% >> c:\bin\alert.txt
echo recip = %recip% >> c:\bin\alert.txt
echo subject = %subject% >> c:\bin\alert.txt
echo body = %body% >> c:\bin\alert.txt
echo. >> c:\bin\alert.txt
echo. >> c:\bin\alert.txt
}}}

Note to self: this alert batch file could probably be engineered for any alert.
{{{
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=-
}}}
{{{
ip proto ICMP
}}}

Case F@#%$in Sensitive.
*add c:\horcm\etc to path
*set environmental variables, then open new command prompt to get those variables:
{{{
horcc_mrcf=1
horcminst=0
}}}
*horcm files must be the same on both sides, local & remote
**Local
{{{
HORCM_MON
#host	    service		poll	timeout(10ms)
<LocalHost> horcm0		-1	3000

HORCM_CMD
\\.\CMD-<XPSN>-<hex of entire cu:ldev>

HORCM_LDEV
#device_group		device_name	serial	cu:ldev	                               mu
<groupname>		<devname> 	<SN>	<cu:ldev local to server> 	<mu>

HORCM_INST
<localhost> 	<remotehost>	<horcminstance (usually horcm0)>
}}}
**Remote
{{{
HORCM_MON
#host	    service		poll	timeout(10ms)
<remotehost> horcm0		-1	3000

HORCM_CMD
\\.\CMD-<XPSN>-<hex of entire cu:ldev>

HORCM_LDEV
#device_group		device_name	serial	cu:ldev   mu
<groupname>		<devname> 	<SN>	00:41 	0

HORCM_INST
<remotehost> 	<localhost>	<horcminstance (usually horcm0)>
}}}
*Start the horcmstart0 service from services.msc, not from cli. Otherwise the service stops when you logout. Acchh!
*add everycli=1 to horcmstart0run.txt if you want to run it as localservice

!!!!Create pair
{{{
paircreate -g <groupname> -vl (localprimary) | -vr (remoteprimary)
}}}
!!!!Fracture pair
{{{
pairsplit -g <groupname>
}}}
!!!!Resynch pair
{{{
pairresync -g <groupname>
}}}
!!!!Delete pair
{{{
pairsplit -S -g <groupname>
}}}

The dash character is a special character in Bash as noted at http://tldp.org/LDP/abs/html/special-chars.html#DASHREF. So escaping this once just gets you past Bash, but Grep still has it's own meaning to dashes (by providing options).

So you really need to escape it twice (if you prefer not to use the other mentioned answers). The following will/should work
{{{
grep \\-X
grep '\-X'
grep "\-X"
}}}

One way to try out how Bash passes arguments to a script/program is to create a .sh script that just echos all the arguments. I use a script called echo-args.sh to play with from time to time, all it contains is:
{{{
echo $*
}}}
I invoke it as:
{{{
bash echo-args.sh \-X
bash echo-args.sh \\-X
bash echo-args.sh "\-X"
}}}
{{{
hostb:~# cd /etc/boxbackup/
hostb:/etc/boxbackup# /usr/bin/bbstored-certs ca init
Generating RSA private key, 2048 bit long modulus
....+++
.............+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:

Signature ok
subject=/CN=Backup system client root
Getting Private key
Generating RSA private key, 2048 bit long modulus
.................+++
...................................................................................+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:

Signature ok
subject=/CN=Backup system server root
Getting Private key
hostb:/etc/boxbackup#
}}}
{{{
hostb:~# /usr/sbin/bbstored-config /etc/boxbackup hostb.ath.cx bbstored
Checking permissions on /home/108boxbackup/backup
Checking permissions on /home/108boxbackup/backup
Checking permissions on /home/108boxbackup/backup

Setup bbstored config utility.

Configuration:
   Writing configuration file: /etc/boxbackup/bbstored.conf
   Writing empty accounts file: /etc/boxbackup/bbstored/accounts.txt
   Server hostname: hostb.ath.cx
   RaidFile config: /etc/boxbackup/raidfile.conf

Creating blank accounts file
Generating private key...
Generating RSA private key, 2048 bit long modulus
............................................+++
.......+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:

Writing configuration file /etc/boxbackup/bbstored.conf

===================================================================

bbstored basic configuration complete.

What you need to do now...

1) Sign /etc/boxbackup/bbstored/hostb.ath.cx-csr.pem
   using the bbstored-certs utility.

2) Install the server certificate and root CA certificate as
      /etc/boxbackup/bbstored/hostb.ath.cx-cert.pem
      /etc/boxbackup/bbstored/clientCA.pem

3) You may wish to read the configuration file
      /etc/boxbackup/bbstored.conf
   and adjust as appropraite.

4) Create accounts with bbstoreaccounts

5) Start the backup store daemon with the command
      /usr/local/bin/bbstored
   in /etc/rc.local, or your local equivalent.

===================================================================

hostb:~#
}}}
SN? eprpsave, Server EXE-BGTST10 responded with an error "" (4) to a prepare save request

toggle listener
#save all switch info: {{{supportsave}}}
#save switch config info: {{{configupload}}}
#confirm current firmware version: {{{firmwareshow}}}
#download new firmware: {{{firmwaredownload}}}
#confirm new firmware version: {{{firmwareshow}}}
http://wiki.centos.org/Repositories/CentOSPlus
#Go to Start>> Control Panel>> System.
#At the bottom of the System applet, you'll see a link titled: "Change product key". Click this link.
#Click Next, then in the resulting window, enter your new product key ID information.
#Click OK.
{{{
LunCount=0
for DEVICE in $( esxcli nmp device list | grep naa.60060e8005712a000000712a | grep -v Device | sort); do
        set -x
        esxcli nmp device setpolicy --device $DEVICE --psp VMW_PSP_RR
        set +x
	(( ++LunCount ))
	echo LunCount: $LunCount
        for count in {30..1}; do
                sleep 1
        done
done
}}}

{{{
fw(config)# ip local pool vpnpool1 172.29.129.1-172.29.129.10 mask 255.255.255$
fw(config)# username Smaug9 password xxxxxxx
fw(config)# tunnel-group vpn1 type ipsec-ra
fw(config)# tunnel-group vpn1 general-attributes
fw(config-tunnel-general)# address-pool vpnpool1
fw(config-tunnel-general)# tunnel-group vpn1 ipsec-attributes
fw(config-tunnel-ipsec)# pre-shared-key xxxxxxxx
fw(config-tunnel-ipsec)# exit
fw# conf t
fw(config)# isakmp policy 10 authentication pre-share
fw(config)# isakmp policy 10 encryption 3des
fw(config)# isakmp policy 10 hash shaI
fw(config)# isakmp policy 10 group 2
fw(config)# isakmp enable outside
fw(config)# crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
fw(config)# crypto dynamic-map map1 10 set transfor ESP-3DES-SHA
fw(config)# crypto dynamic-map map1 10 set reverse-route
fw(config)# crypto dynamic-map map1 10 set security-association lifetime seconds 28800
fw(config)# crypto map map2 65534 ipsec-isakmp dynamic map1
fw(config)# crypto map map2 interface outside
fw(config)# crypto isakmp nat-traversal
fw(config)# sysopt connection permit-vpn
fw(config)# group-policy vpn1 internal
fw(config)# group-policy vpn1 attributes
fw(config-group-policy)# vpn-tunnel-protocol ipsec
fw(config-group-policy)# access-list split-tunnel standard permit 10.90.0.0 25$
fw(config-group-policy)# split-tunnel-policy tunnelspecified
fw(config-group-policy)# split-tunnel-network-list value split-tunnel
fw(config-group-policy)# exit
fw# wr me
}}}



from: http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_example09186a008060f25c.shtml#cli

{{{

ASA-AIP-CLI(config)#show running-config 
ASA Version 7.2(2) 
!
hostname ASAwAIP-CLI
domain-name corp.com
enable password WwXYvtKrnjXqGbu1 encrypted
names
!
interface Ethernet0/0
 nameif Outside
 security-level 0
 ip address 10.10.10.2 255.255.255.0 
!
interface Ethernet0/1
 nameif inside
 security-level 100
 ip address 172.16.1.2 255.255.255.0 
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Ethernet0/3
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 shutdown
 no nameif
 no security-level
 no ip address
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
dns server-group DefaultDNS
 domain-name corp.com
pager lines 24
mtu Outside 1500
mtu inside 1500
ip local pool vpnpool 172.16.1.100-172.16.1.199 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
group-policy hillvalleyvpn1 internal
group-policy hillvalleyvpn1 attributes
 dns-server value 172.16.1.11
 vpn-tunnel-protocol IPSec 
 default-domain value test.com
username marty password 6XmYwQOO9tiYnUDN encrypted
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto dynamic-map Outside_dyn_map 10 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 10 set security-association lifetime seconds 288000
crypto map Outside_map 10 ipsec-isakmp dynamic Outside_dyn_map
crypto map Outside_map interface Outside
crypto isakmp enable Outside
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha     
 group 2
 lifetime 86400
crypto isakmp nat-traversal  20
tunnel-group hillvalleyvpn type ipsec-ra
tunnel-group hillvalleyvpn general-attributes
 address-pool vpnpool
tunnel-group hillvalleyvpn ipsec-attributes
 pre-shared-key *
telnet timeout 5
ssh timeout 5
console timeout 0
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect netbios 
  inspect rsh 
  inspect rtsp 
  inspect skinny 
  inspect esmtp 
  inspect sqlnet 
  inspect sunrpc 
  inspect tftp 
  inspect sip 
  inspect xdmcp 
!
service-policy global_policy global
prompt hostname context 
Cryptochecksum:0f78ee7ef3c196a683ae7a4804ce1192
: end
ASA-AIP-CLI(config)#
}}}
*List sessions
{{{
query session /server:<servername>
}}}
*Reset session
{{{
reset session <ID> /server:<servername>
}}}
{{{
dpkg-reconfigure exim4-common
}}}

{{{
echo `date +%Y%m%d`.`date +%H%M`
}}}
{{{
[rsync@northernstaging rsync]$ date
Wed Nov 22 10:07:20 EST 2006
[rsync@northernstaging rsync]$ date +%Y%m%d%H%M
200611221011
[rsync@northernstaging rsync]$ date +%Y%m%d
20061122
}}}
{{{

Domain Controller Diagnosis

dcdiag.exe /s:<Domain Controller> [/u:<Domain>\<Username> /p:*|<Password>|""]
           [/hqv] [/n:<Naming Context>] [/f:<Log>] [/ferr:<Errlog>]
           [/skip:<Test>] [/test:<Test>]
   /h: Display this help screen
   /s: Use <Domain Controller> as Home Server. Ignored for DcPromo and
       RegisterInDns tests which can only be run locally.
   /n: Use <Naming Context> as the Naming Context to test
       Domains may be specified in Netbios, DNS or DN form.
   /u: Use domain\username credentials for binding.
       Must also use the /p option
   /p: Use <Password> as the password.  Must also use the /u option
   /a: Test all the servers in this site
   /e: Test all the servers in the entire enterprise.  Overrides /a
   /q: Quiet - Only print error messages
   /v: Verbose - Print extended information
   /i: ignore - ignores superfluous error messages.
   /fix: fix - Make safe repairs.
   /f: Redirect all output to a file <Log>, /ferr will redirect error output
       seperately.
   /ferr:<ErrLog> Redirect fatal error output to a seperate file <ErrLog>
   /c: Comprehensive, runs all tests, including non-default tests but excluding
       DcPromo and RegisterInDNS. Can use with /skip
   /test:<TestName> - Test only this test.  Required tests will still
                      be run.  Do not mix with /skip.
   Valid tests are:
       Connectivity  - Tests whether DCs are DNS registered, pingeable, and
		have LDAP/RPC connectivity.
       Replications  - Checks for timely replication between domain controllers.
       Topology  - Checks that the generated topology is fully connected for
		all DCs.
       CutoffServers  - Check for servers that won't receive replications
		because its partners are down
       NCSecDesc  - Checks that the security descriptosrs on the naming
		context heads have appropriate permissions for replication.
       NetLogons  - Checks that the appropriate logon priviledges allow
		replication to proceed.
       Advertising  - Checks whether each DC is advertising itself, and whether
		it is advertising itself as having the capabilities of a DC.
       KnowsOfRoleHolders  - Check whether the DC thinks it knows the role
		holders, and prints these roles out in verbose mode.
       Intersite  - Checks for failures that would prevent or temporarily
		hold up intersite replication.
       FsmoCheck  - Checks that global role-holders are known, can be
		located, and are responding.
       RidManager  - Check to see if RID master is accessable and to see if
		it contains the proper information.
       MachineAccount  - Check to see if the Machine Account has the proper
		information. Use /RecreateMachineAccount to attempt a repair
		if the local machine account is missing. Use /FixMachineAccount
		if the machine account flags are incorrect
       Services  - Check to see if appropriate DC services are running.
       OutboundSecureChannels  - See if we have secure channels from all of the
		DC's in the domain the domains specified by /testdomain:.
		/nositerestriction will prevent the test from
		being limited to the DC's in the site.
       ObjectsReplicated  - Check that Machine Account and DSA objects have
		replicated. Use /objectdn:<dn> with /n:<nc> to specify an
		additional object to check.
       frssysvol  - This test checks that the file replication system (FRS)
		SYSVOL is ready
       frsevent  - This test checks to see if there are any operation errors
		in the file replication system (FRS).  Failing replication
		of the SYSVOL share, can cause Policy problems.
       kccevent  - This test checks that the Knowledge Consistency Checker
		is completing without errors.
       systemlog  - This test checks that the system is running without errors.
       DcPromo  - Tests the existing DNS infrastructure for promotion to domain
		controller. If the infrastructure is sufficient, the computer
		can be promoted to domain controller in a domain specified in
		<Active_Directory_Domain_DNS_Name>. Reports whether any
		modifications to the existing DNS infrastructure are required.
		Required argument:
		/DnsDomain:<Active_Directory_Domain_DNS_Name>
		One of the following arguments is required:
		/NewForest
		/NewTree
		/ChildDomain
		/ReplicaDC
		If NewTree is specified, then the ForestRoot argument is
		required:
		/ForestRoot:<Forest_Root_Domain_DNS_Name>
       RegisterInDNS  - Tests whether this domain controller can register the
		Domain Controller Locator DNS records. These records must be
		present in DNS in order for other computers to locate this
		domain controller for the <Active_Directory_Domain_DNS_Name>
		domain. Reports whether any modifications to the existing DNS
		infrastructure are required.
		Required argument:
		/DnsDomain:<Active_Directory_Domain_DNS_Name>
       CrossRefValidation  - This test looks for cross-refs that are in some
		way invalid.
       CheckSDRefDom  - This test checks that all application directory
		partitions have appropriate security descriptor reference
		domains.
       VerifyReplicas  - This test verifys that all application directory
		partitions are fully instantiated on all replica servers.
       VerifyReferences  - This test verifys that certain system references
		are intact for the FRS and Replication infrastructure.
       VerifyEnterpriseReferences  - This test verifys that certain system
		references are intact for the FRS and Replication
		infrastructure across all objects in the enterprise
		on each DC.
       CheckSecurityError  - Locates security errors (or those possibly security related)
		and performs the initial diagnosis of the problem.
		Optional Arguments:
		/ReplSource:<Source DC> to target a specific source,
		regardless of it's error status.  Need not be a current partner.

       DNS  - This test checks the health of DNS settings
		for the whole enterprise. Sub tests can be run individually
		using the switches below. By default, all tests except
		external name resolution are run)
		/DnsBasic (basic tests, can't be skipped)
		/DnsForwarders (forwarders and root hints tests)
		/DnsDelegation (delegations tests)
		/DnsDynamicUpdate (dynamic update tests)
		/DnsRecordRegistration (records registration tests)
		/DnsResolveExtName (external name resolution test)
		/DnsAll (includes all tests above)
		/DnsInternetName: <internet name> (for test /DnsResolveExtName)
			 (default is www.microsoft.com)


   /skip:<TestName> - Skip the named test.  Required tests will still
                      be run.  Do not mix with /test.
   Tests that can be skipped are:
       Replications  - Checks for timely replication between domain controllers.
       Topology  - Checks that the generated topology is fully connected for
		all DCs.
       CutoffServers  - Check for servers that won't receive replications
		because its partners are down
       NCSecDesc  - Checks that the security descriptosrs on the naming
		context heads have appropriate permissions for replication.
       NetLogons  - Checks that the appropriate logon priviledges allow
		replication to proceed.
       Advertising  - Checks whether each DC is advertising itself, and whether
		it is advertising itself as having the capabilities of a DC.
       KnowsOfRoleHolders  - Check whether the DC thinks it knows the role
		holders, and prints these roles out in verbose mode.
       Intersite  - Checks for failures that would prevent or temporarily
		hold up intersite replication.
       FsmoCheck  - Checks that global role-holders are known, can be
		located, and are responding.
       RidManager  - Check to see if RID master is accessable and to see if
		it contains the proper information.
       MachineAccount  - Check to see if the Machine Account has the proper
		information. Use /RecreateMachineAccount to attempt a repair
		if the local machine account is missing. Use /FixMachineAccount
		if the machine account flags are incorrect
       Services  - Check to see if appropriate DC services are running.
       OutboundSecureChannels  - See if we have secure channels from all of the
		DC's in the domain the domains specified by /testdomain:.
		/nositerestriction will prevent the test from
		being limited to the DC's in the site.
       ObjectsReplicated  - Check that Machine Account and DSA objects have
		replicated. Use /objectdn:<dn> with /n:<nc> to specify an
		additional object to check.
       frssysvol  - This test checks that the file replication system (FRS)
		SYSVOL is ready
       frsevent  - This test checks to see if there are any operation errors
		in the file replication system (FRS).  Failing replication
		of the SYSVOL share, can cause Policy problems.
       kccevent  - This test checks that the Knowledge Consistency Checker
		is completing without errors.
       systemlog  - This test checks that the system is running without errors.
       DcPromo  - Tests the existing DNS infrastructure for promotion to domain
		controller. If the infrastructure is sufficient, the computer
		can be promoted to domain controller in a domain specified in
		<Active_Directory_Domain_DNS_Name>. Reports whether any
		modifications to the existing DNS infrastructure are required.
		Required argument:
		/DnsDomain:<Active_Directory_Domain_DNS_Name>
		One of the following arguments is required:
		/NewForest
		/NewTree
		/ChildDomain
		/ReplicaDC
		If NewTree is specified, then the ForestRoot argument is
		required:
		/ForestRoot:<Forest_Root_Domain_DNS_Name>
       RegisterInDNS  - Tests whether this domain controller can register the
		Domain Controller Locator DNS records. These records must be
		present in DNS in order for other computers to locate this
		domain controller for the <Active_Directory_Domain_DNS_Name>
		domain. Reports whether any modifications to the existing DNS
		infrastructure are required.
		Required argument:
		/DnsDomain:<Active_Directory_Domain_DNS_Name>
       CrossRefValidation  - This test looks for cross-refs that are in some
		way invalid.
       CheckSDRefDom  - This test checks that all application directory
		partitions have appropriate security descriptor reference
		domains.
       VerifyReplicas  - This test verifys that all application directory
		partitions are fully instantiated on all replica servers.
       VerifyReferences  - This test verifys that certain system references
		are intact for the FRS and Replication infrastructure.
       VerifyEnterpriseReferences  - This test verifys that certain system
		references are intact for the FRS and Replication
		infrastructure across all objects in the enterprise
		on each DC.
       CheckSecurityError  - Locates security errors (or those possibly security related)
		and performs the initial diagnosis of the problem.
		Optional Arguments:
		/ReplSource:<Source DC> to target a specific source,
		regardless of it's error status.  Need not be a current partner.

       DNS  - This test checks the health of DNS settings
		for the whole enterprise. Sub tests can be run individually
		using the switches below. By default, all tests except
		external name resolution are run)
		/DnsBasic (basic tests, can't be skipped)
		/DnsForwarders (forwarders and root hints tests)
		/DnsDelegation (delegations tests)
		/DnsDynamicUpdate (dynamic update tests)
		/DnsRecordRegistration (records registration tests)
		/DnsResolveExtName (external name resolution test)
		/DnsAll (includes all tests above)
		/DnsInternetName: <internet name> (for test /DnsResolveExtName)
			 (default is www.microsoft.com)


   The following tests are not run by default:
       Topology  - Checks that the generated topology is fully connected for
		all DCs.
       CutoffServers  - Check for servers that won't receive replications
		because its partners are down
       OutboundSecureChannels  - See if we have secure channels from all of the
		DC's in the domain the domains specified by /testdomain:.
		/nositerestriction will prevent the test from
		being limited to the DC's in the site.
       VerifyReplicas  - This test verifys that all application directory
		partitions are fully instantiated on all replica servers.
       VerifyEnterpriseReferences  - This test verifys that certain system
		references are intact for the FRS and Replication
		infrastructure across all objects in the enterprise
		on each DC.
       CheckSecurityError  - Locates security errors (or those possibly security related)
		and performs the initial diagnosis of the problem.
		Optional Arguments:
		/ReplSource:<Source DC> to target a specific source,
		regardless of it's error status.  Need not be a current partner.

       DNS  - This test checks the health of DNS settings
		for the whole enterprise. Sub tests can be run individually
		using the switches below. By default, all tests except
		external name resolution are run)
		/DnsBasic (basic tests, can't be skipped)
		/DnsForwarders (forwarders and root hints tests)
		/DnsDelegation (delegations tests)
		/DnsDynamicUpdate (dynamic update tests)
		/DnsRecordRegistration (records registration tests)
		/DnsResolveExtName (external name resolution test)
		/DnsAll (includes all tests above)
		/DnsInternetName: <internet name> (for test /DnsResolveExtName)
			 (default is www.microsoft.com)


	All tests except DcPromo and RegisterInDNS must be run on computers
	after they have been promoted to domain controller.

Note: Text (Naming Context names, server names, etc) with International or
      Unicode characters will only display correctly if appropriate fonts and
      language support are loaded
}}}

{{{
hostb:/etc/boxbackup# cat raidfile.conf
#To reconfigure boxbackup-server run #dpkg-reconfigure boxbackup-server
disc0
{
        SetNumber = 0
        BlockSize = 4096
        Dir0 = /home/108boxbackup
        Dir1 = /home/108boxbackup
        Dir2 = /home/108boxbackup
}
hostb:/etc/boxbackup#
}}}
The usual {{{df}}} doesn't show all partitions of your ESX-server, instead try {{{vdf}}}

{{{
[root@mother]# vdf -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/cciss/c0d0p2     4.9G  2.0G  2.6G  44% /
/dev/cciss/c0d0p1      99M   29M   65M  31% /boot
none                  131M     0  131M   0% /dev/shm
/dev/cciss/c0d0p6     2.0G   45M  1.8G   3% /var/log
/vmfs/devices         197G     0  197G   0% /vmfs/devices
/vmfs/volumes/4643f1e7-629ddfdd-904c-0019bbccc348
                       60G   21G   38G  35% /vmfs/volumes/storage1
/vmfs/volumes/46440f8b-b438c1fc-2890-0019bbccc348
                       68G   58G  9.6G  85% /vmfs/volumes/storage2
}}}
{{{
[root@sc-bromine04 vmfs]# esxcfg-nics -h
esxcfg-nics <options> [nic]
   -s|--speed <speed>      Set the speed of this NIC to one of 10/100/1000/10000.
                           Requires a NIC parameter.
   -d|--duplex <duplex>    Set the duplex of this NIC to one of 'full' or 'half'.
                           Requires a NIC parameter.
   -a|--auto               Set speed and duplexity automatically.  Requires a NIC parameter.
   -l|--list               Print the list of NICs and their settings.
   -r|--restore            Restore the nics configured speed/duplex settings (INTERNAL ONLY)
   -h|--help               Display this message.
[root@sc-bromine04 vmfs]# esxcfg-nics -l
Name    PCI      Driver      Link Speed    Duplex MTU    Description
vmnic0  03:00.00 bnx2        Up   1000Mbps Full   1500   Broadcom Corporation Broadcom NetXtreme II BCM5708 1000Base-T
vmnic1  05:00.00 bnx2        Up   1000Mbps Full   1500   Broadcom Corporation Broadcom NetXtreme II BCM5708 1000Base-T
vmnic2  0b:00.00 e1000       Up   1000Mbps Full   1500   Intel Corporation 82572EI Gigabit Ethernet Controller
[root@sc-bromine04 vmfs]#
}}}

Example: set vmnic0 to 10half
{{{
esxcfg-nics -s 10 -d half vmnic0
}}}
Syntax:
{{{
esxcfg-vswitch -A <portgroupname> <vswitchname>
}}}

Example:
{{{
esxcfg-vswitch -A SNOOP vSwitch2
}}}
Example:
{{{
esxcfg-vswitch -L vmnic2 vSwitch2
}}}
Example:
{{{
esxcfg-vswitch -a vSwitch1
}}}
{{{
[root@sc-bromine04 vmfs]# esxcfg-vswitch -h
esxcfg-vswitch [options] [vswitch[:ports]]
  -a|--add              Add a new virtual switch.
  -d|--delete           Delete the virtual switch.
  -l|--list             List all the virtual switches.
  -L|--link=pnic        Set pnic as an uplink for the vswitch.
  -U|--unlink=pnic      Remove pnic from the uplinks for the vswitch.
  -M|--add-pg-uplink    Add an uplink to the list of uplinks for a portgroup
  -N|--del-pg-uplink    Delete an uplink from the list of uplinks for a portgroup
  -p|--pg=portgroup     Specify a portgroup for operation
                        Use ALL to set VLAN IDs on all portgroups
  -v|--vlan=id          Set vlan id for portgroup specified by -p
                        0 would disable the vlan
  -c|--check            Check to see if a virtual switch exists.
                        Program outputs a 1 if it exists, 0 otherwise.
  -A|--add-pg=name      Add a new portgroup to the virtual switch.
  -D|--del-pg=name      Delete the portgroup from the virtual switch.
  -C|--check-pg=name    Check to see if a portgroup exists.  Program
                        outputs a 1 if it exists, 0 otherwise.
  -B|--set-cdp          Set the CDP status for a given virtual switch.
                        To set pass one of "down", "listen", "advertise", "both".
  -b|--get-cdp          Print the current CDP setting for this switch.
  -m|--mtu=MTU          Set MTU for the vswitch. This affects all the nics attached on the vswitch.
  -r|--restore          Restore all virtual switches from the configuration file
                        (FOR INTERNAL USE ONLY).
  -h|--help             Show this message.
[root@sc-bromine04 vmfs]#
}}}
{{{
hostb:/etc/boxbackup/ca# ls -FlashR
.:
total 6.0K
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ./
1.0K drwxr-xr-x 4 root root 1.0K Jun 29 20:30 ../
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 clients/
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 keys/
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 roots/
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 servers/

./clients:
total 2.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../

./keys:
total 8.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../
1.0K -rw-r--r-- 1 root root  911 Jun 29 20:30 clientRootCSR.pem
2.0K -rw-r--r-- 1 root root 1.7K Jun 29 20:30 clientRootKey.pem
1.0K -rw-r--r-- 1 root root  911 Jun 29 20:33 serverRootCSR.pem
2.0K -rw-r--r-- 1 root root 1.7K Jun 29 20:33 serverRootKey.pem

./roots:
total 6.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:33 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../
1.0K -rw-r--r-- 1 root root 1021 Jun 29 20:30 clientCA.pem
1.0K -rw-r--r-- 1 root root    3 Jun 29 20:30 clientCA.srl
1.0K -rw-r--r-- 1 root root 1021 Jun 29 20:33 serverCA.pem
1.0K -rw-r--r-- 1 root root    3 Jun 29 20:33 serverCA.srl

./servers:
total 2.0K
1.0K drwx------ 2 root root 1.0K Jun 29 20:30 ./
1.0K drwx------ 6 root root 1.0K Jun 29 20:30 ../
hostb:/etc/boxbackup/ca#
}}}
{{{
hostb:/etc/boxbackup# cat /etc/boxbackup/raidfile.conf
#To reconfigure boxbackup-server run #dpkg-reconfigure boxbackup-server
108inspiron
{
        SetNumber = 0
        BlockSize = 4096
        Dir0 = /home/bbstored/108/inspiron
        Dir1 = /home/bbstored/108/inspiron
        Dir2 = /home/bbstored/108/inspiron
}
hostb:/etc/boxbackup#

}}}
{{{
cmp $1 $2 &> /dev/null  # /dev/null buries the output of the "cmp" command.
#   cmp -s $1 $2  has same result ("-s" silent flag to "cmp")
#   Thank you  Anders Gustavsson for pointing this out.
#
# Also works with 'diff', i.e.,   diff $1 $2 &> /dev/null

if [ $? -eq 0 ]         # Test exit status of "cmp" command.
then
  echo "File \"$1\" is identical to file \"$2\"."
else  
  echo "File \"$1\" differs from file \"$2\"."
fi

}}}
{{{
[root@esx01 qla2xxx]# for file in $(ls); do echo; grep 'Device Name' $file ; grep \\-adapter\\- $file; done
}}}
{{{
for i in $(find /proc/scsi/qla2xxx/*); do echo $i; grep ersion $i; done
}}}
{{{
for file in $(find /proc/scsi/qla2xxx/*); do echo; echo $file; grep \\-adapter\\- $file; done
}}}

{{{
~ # for file in $(find /proc/scsi/qla2xxx/*); do echo; echo $file; grep 'Device Name' $file; grep \\-adapter\\- $file ; done

/proc/scsi/qla2xxx/10
Host Device Name vmhba3
scsi-qla1-adapter-node=200000c0dd1b6d43:be0011:1;
scsi-qla1-adapter-port=210000c0dd1b6d43:be0011:1;

/proc/scsi/qla2xxx/11
Host Device Name vmhba4
scsi-qla2-adapter-node=200000c0dd1c3cc1:be0013:1;
scsi-qla2-adapter-port=210000c0dd1c3cc1:be0013:1;

/proc/scsi/qla2xxx/12
Host Device Name vmhba5
scsi-qla3-adapter-node=200000c0dd1c3cc3:bf0012:1;
scsi-qla3-adapter-port=210000c0dd1c3cc3:bf0012:1;

/proc/scsi/qla2xxx/9
Host Device Name vmhba2
scsi-qla0-adapter-node=200000c0dd1b6d41:bf0010:1;
scsi-qla0-adapter-port=210000c0dd1b6d41:bf0010:1;
~ #
}}}
requires fping.exe

{{{
::@echo off
setlocal enabledelayedexpansion
::fpinger.cmd

for /l %%i in (1,1,99) do (
        set count=%%i
        rem echo !count!
        set count=0!count!
        set count=!count:~-2!
        rem echo !count!
        d:\data\bin\fping.exe -H d:\data\bin\hostlist.txt -n 10000 -T -L d:\data\bin\fping!count!.log
        )
}}}
{{{
::filename: g.cmd
::description: starts firefox with a google search
::creator: jeff wardlaw, jeff@urgo.org
::create date: 20070505
::version: 0.1
start firefox "http://www.google.com/search?q=%*"
}}}
{{{get-vmhost | select name,cpuusagemhz,cputotalmhz,memoryusagemb,memorytotalmb | sort name | ft -auto}}}

{{{
PS C:\> get-vmhost | select name,cpuusagemhz,cputotalmhz,memoryusagemb,memorytotalmb | sort name | ft -auto

Name             CpuUsageMhz CpuTotalMhz MemoryUsageMB MemoryTotalMB                                                                             
----             ---------- ----------- ------------- ------------
esx01.lan        2604       20264         35784        65526
esx02.lan        8735       20264         31874        65526
esx03.lan        5041       20264         32499        65526
esx04.lan        4519       20264         36664        65526
esx05.lan        4667       20264         27532        65526
esx06.lan        5403       20264         42974        65526
}}}
{{{ get-vm | select name,memorymb | sort name | ft -auto}}}
{{{
::hosts
set param1=%1
if defined param1 (
	type c:\windows\system32\drivers\etc\hosts | findstr -i %1
	) else (
	type c:\windows\system32\drivers\etc\hosts
	)
exit /b
}}}
Ya gotta use IE. Damn.
Ya gotta add the ilo site to your trusted sites.
Ya gotta add configure the trusted sites with custom security level
*Internet Options
**Security
***Trusted Sites
****Custom Level
*****ActiveX controls and plug-ins
******Initialize and script ActiveX controls not marked as safe for scripting == Prompt
{{{
C:\Program Files (x86)\Compaq\Hpacucli\Bin>hpacucli.exe
}}}

{{{
=> ctrl all show config detail
}}}
{{{
The right thing would be to use a "if defined" statement, which is used to test for the existence of a variable. For example:

IF DEFINED somevariable echo Value exists
In this particular case, the negative form should be used:

IF NOT DEFINED somevariable echo Value missing
PS: the variable name should be used without "%" caracters.
}}}
{{{
~#
hostb:~# aptitude -t etch-backuports install boxbackup-server
Reading package lists... Done
Building dependency tree... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
Reading task descriptions... Done
Building tag database... Done
The following NEW packages will be automatically installed:
  openssl
The following packages have been kept back:
  linux-image-2.6.18-6-ixp4xx
The following NEW packages will be installed:
  boxbackup-server openssl
0 packages upgraded, 2 newly installed, 0 to remove and 1 not upgraded.
Need to get 0B/1833kB of archives. After unpacking 4375kB will be used.
Do you want to continue? [Y/n/?]
Writing extended state information... Done
Preconfiguring packages ...
Selecting previously deselected package openssl.
(Reading database ... 16183 files and directories currently installed.)
Unpacking openssl (from .../openssl_0.9.8c-4etch3_arm.deb) ...
Selecting previously deselected package boxbackup-server.
Unpacking boxbackup-server (from .../boxbackup-server_0.11~rc2-3~bpo40+1_arm.deb) ...
Setting up openssl (0.9.8c-4etch3) ...

Setting up boxbackup-server (0.11~rc2-3~bpo40+1) ...
Creating bbstored user.
Adding system user `bbstored' (UID 104) ...
Adding new group `bbstored' (GID 104) ...
Adding new user `bbstored' (UID 104) with group `bbstored' ...
Not creating home directory `/var'.
Generating RSA private key, 2048 bit long modulus
............................+++
......................................+++
e is 65537 (0x10001)
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:State or Province Name (full name) [Some-State]:Locality Name (eg, city) []:Organization Name (eg, company) [Internet Widgits Pty Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, YOUR name) []:Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:An optional company name []:
Creating config file /etc/boxbackup/raidfile.conf with new version

Creating config file /etc/boxbackup/bbstored.conf with new version

hostb:~#
}}}
Hmm, need a cheap enterprise network monitoring solution: let's try nagios.

Install base debian in a vm.

Install ntpd, exim, mailutils.
{{{
apt-get install ntpd exim mailutils
}}}

Configure ntp
Configure mail
Test mail

Install nagios, now what?
{{{
WindowsServer2003-KB914961-SP2-x86-ENU.exe /passive /norestart
}}}
{{{
@echo off
setlocal EnableDelayedExpansion
::ip.cmd
::by jeff wardlaw, jeff@urgo.org
::Date: 20070211
::windows batch file to set ip information from the command line

set interface=%1
set dhcp=%2

::testing value for interface
if not defined interface goto config
netsh interface ip show config | findstr /c:%interface% > nul
if %errorlevel% neq 0 goto config

::testing value for dhcp
if not defined dhcp goto dhcpconfig
if %dhcp%==dhcp goto %dhcp%
if %dhcp%==static goto %dhcp%
echo Second argument needs to be either "static" or "dhcp"
goto usage

:config
echo Huh?
if defined interface (
	echo Interface %interface% doesn't seem to exist on this computer.
	echo Maybe it's one of the following?
	netsh interface ip show config | findstr interface
	echo Use one of the interfaces in quotes as argument 1.
) else (
	echo I need an interface to work on.
	echo Try one of these:
	netsh interface ip show config | findstr interface
)
goto usage

:dhcpconfig
if defined dhcp (
	echo something is really wrong here
	goto usage
) else (
	echo I need a dhcp or static argument.
	goto usage
)


:usage
echo.
echo Usage:
echo ip.cmd ^<interface name^> ^<static^|dhcp^>
echo.
echo If the interface name has spaces in it, please enclose the name in quotes.
echo example: ip.cmd "local area connection" dhcp
echo example: ip.cmd e0 static
goto cleanup


:dhcp
echo Doing:
echo netsh interface ip set address %interface% %dhcp%
netsh interface ip set address %interface% %dhcp%
echo Doing:
echo netsh interface ip set dns %interface% source=dhcp
netsh interface ip set dns %interface% source=dhcp
echo Doing: ipconfig /release
ipconfig /release
echo Doing: ipconfig /renew
ipconfig /renew
goto precleanup

:static
set /p ip="IP Address: "
set /p mask="Subnet Mask: "
set /p gateway="Gateway: "
set /p metric="Gateway Metric: "
set /p dns1="DNS1: "
set /p dns2="DNS2: "
echo Doing: 
echo netsh interface ip set address name=%interface% static %ip% %mask% %gateway% %metric%
	 netsh interface ip set address name=%interface% static %ip% %mask% %gateway% %metric%
echo Doing: 
echo netsh interface ip set dns name=%interface% static %dns1% 
	 netsh interface ip set dns name=%interface% static %dns1% 
echo Doing: 
echo netsh interface ip add dns name=%interface% %dns2% index=2
	 netsh interface ip add dns name=%interface% %dns2% index=2
goto precleanup

:precleanup
netsh interface ip show config %interface%
goto cleanup

:cleanup
set interface=
set dhcp=
set ip=
set mask=
set gateway=
set metric=
endlocal
echo.
echo.
echo here's your current config:
echo.
ipconfig /all
exit /b
}}}
{{{
iptables -F
iptables -A INPUT -i lo -p all -j ACCEPT
iptables -A OUTPUT -o lo -p all -j ACCEPT
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp --tcp-option ! 2 -j REJECT --reject-with tcp-reset
iptables -A INPUT -p tcp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --syn -s 192.168.10.0/24 --destination-port 139 -j ACCEPT
iptables -A INPUT -p tcp --syn -s trancas --destination-port 139 -j ACCEPT
iptables -P INPUT DROP
}}}
 
from http://www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html
start up up in debian with /etc/network/interfaces:

{{{
iface eth0 inet dhcp
        pre-up iptables-restore < /etc/iptables.conf
}}}

Then redirect the output of iptables-save to the above location:

{{{
CactiVM:~# iptables-save > /etc/iptables/iptables.conf 
}}}

You could even save this as a script to backup your current fw config before saving it:

{{{
cat > wrme.bash
today=`date +%Y%m%d%H%M`
cp /etc/iptables/iptables.conf /etc/iptables/iptables.conf.$today
iptables-save > /etc/iptables/iptables.conf
}}}
{{{
PS C:\> (get-vm | where {$_.name -like "*template_2k8*"} | get-view).markastemplate()
PS C:\>
}}}
sanity.exe needs to be in the same directory as the mtsan.dll. 
sanity.exe –iqx 1 to query the state of the clone
sanity.exe –ibx 1 to fracture
sanity.exe –iBx 1 to synch
sanity.exe -ibBx 1 to fracture & sync in 1 command
!!Searching in less:
/<searchterm>
n to find againin doc

!!line numbers: 
less -N

!!!Samba stuff
((SambaHostsAllow))
((SambaTestParm))
{{{
::mute.cmd
::created  by jeff wardlaw, jeff@urgo.org
::20080323
::version 0.1
::requires nircmd.exe in path from http://www.nirsoft.net/utils/nircmd.html
::toggles mute on/off
nircmd.exe mutesysvolume 2
}}}
{{{C:\bin>netdom remove <computername> /domain:asdf.internal /UserD:jcw /PasswordD:* /REBoot}}}

{{{
C:\bin>netdom /?
The syntax of this command is:
NETDOM HELP command
      -or-
NETDOM command /help

   Commands available are:

   NETDOM ADD              NETDOM RESETPWD         NETDOM RESET
   NETDOM COMPUTERNAME     NETDOM QUERY            NETDOM TRUST
   NETDOM HELP             NETDOM REMOVE           NETDOM VERIFY
   NETDOM JOIN             NETDOM RENAME
   NETDOM MOVE             NETDOM RENAMECOMPUTER

   NETDOM HELP SYNTAX explains how to read NET HELP syntax lines.
   NETDOM HELP command | MORE displays Help one screen at a time.

   Note that verbose output can be specified by including /VERBOSE with
   any of the above netdom commands.

The command completed successfully.

C:\bin>netdom help remove
The syntax of this command is:

NETDOM REMOVE machine /Domain:domain [/UserD:user]
           [/PasswordD:[password | *]]
           [UserO:user] [/PasswordO:[password | *]]
           [/REBoot[:Time in seconds]]

NETDOM REMOVE Removes a workstation or server from the domain.

machine is the name of the computer to be removed

/Domain         Specifies the domain in which to remove the machine

/UserD          User account used to make the connection with the domain
                specified by the /Domain argument

/PasswordD      Password of the user account specified by /UserD.  A * means
                to prompt for the password

/UserO          User account used to make the connection with the machine to be
                removed

/PasswordO      Password of the user account specified By /UserO.  A * means
                to prompt for the password

/REBoot         Specifies that the machine should be shutdown and automatically
                rebooted after the Remove has completed.  The number of seconds
                before automatic shutdown can also be provided.  Default is
                30 seconds

NETDOM HELP command | MORE displays Help one screen at a time.
The command completed successfully.

C:\bin>
}}}
{{{
netsh int ip show config
}}}
{{{
netsh int ip reset c:\filename.txt
}}}
showmount -e <host> shows exported directories

(13:02:23) jcmoore: smaug9: I use rsize=8192,wsize=8192, from what I've seen, those are fairly "standard"
{{{
nmap -PN -p1-65535 <hostname>
}}}

{{{
e:\>nmap
Nmap 4.62 ( http://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
  Can pass hostnames, IP addresses, networks, etc.
  Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
  -iL <inputfilename>: Input from list of hosts/networks
  -iR <num hosts>: Choose random targets
  --exclude <host1[,host2][,host3],...>: Exclude hosts/networks
  --excludefile <exclude_file>: Exclude list from file
HOST DISCOVERY:
  -sL: List Scan - simply list targets to scan
  -sP: Ping Scan - go no further than determining if host is online
  -PN: Treat all hosts as online -- skip host discovery
  -PS/PA/PU [portlist]: TCP SYN/ACK or UDP discovery to given ports
  -PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
  -PO [protocol list]: IP Protocol Ping
  -n/-R: Never do DNS resolution/Always resolve [default: sometimes]
  --dns-servers <serv1[,serv2],...>: Specify custom DNS servers
  --system-dns: Use OS's DNS resolver
SCAN TECHNIQUES:
  -sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
  -sU: UDP Scan
  -sN/sF/sX: TCP Null, FIN, and Xmas scans
  --scanflags <flags>: Customize TCP scan flags
  -sI <zombie host[:probeport]>: Idle scan
  -sO: IP protocol scan
  -b <FTP relay host>: FTP bounce scan
  --traceroute: Trace hop path to each host
  --reason: Display the reason a port is in a particular state
PORT SPECIFICATION AND SCAN ORDER:
  -p <port ranges>: Only scan specified ports
    Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080
  -F: Fast mode - Scan fewer ports than the default scan
  -r: Scan ports consecutively - don't randomize
  --top-ports <number>: Scan <number> most common ports
  --port-ratio <ratio>: Scan ports more common than <ratio>
SERVICE/VERSION DETECTION:
  -sV: Probe open ports to determine service/version info
  --version-intensity <level>: Set from 0 (light) to 9 (try all probes)
  --version-light: Limit to most likely probes (intensity 2)
  --version-all: Try every single probe (intensity 9)
  --version-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:
  -sC: equivalent to --script=safe,intrusive
  --script=<Lua scripts>: <Lua scripts> is a comma separated list of
           directories, script-files or script-categories
  --script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts
  --script-trace: Show all data sent and received
  --script-updatedb: Update the script database.
OS DETECTION:
  -O: Enable OS detection
  --osscan-limit: Limit OS detection to promising targets
  --osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
  Options which take <time> are in milliseconds, unless you append 's'
  (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
  -T[0-5]: Set timing template (higher is faster)
  --min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
  --min-parallelism/max-parallelism <time>: Probe parallelization
  --min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies
      probe round trip time.
  --max-retries <tries>: Caps number of port scan probe retransmissions.
  --host-timeout <time>: Give up on target after this long
  --scan-delay/--max-scan-delay <time>: Adjust delay between probes
  --min-rate <number>: Send packets no slower than <number> per second
FIREWALL/IDS EVASION AND SPOOFING:
  -f; --mtu <val>: fragment packets (optionally w/given MTU)
  -D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys
  -S <IP_Address>: Spoof source address
  -e <iface>: Use specified interface
  -g/--source-port <portnum>: Use given port number
  --data-length <num>: Append random data to sent packets
  --ip-options <options>: Send packets with specified ip options
  --ttl <val>: Set IP time-to-live field
  --spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address
  --badsum: Send packets with a bogus TCP/UDP checksum
OUTPUT:
  -oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
     and Grepable format, respectively, to the given filename.
  -oA <basename>: Output in the three major formats at once
  -v: Increase verbosity level (use twice or more for greater effect)
  -d[level]: Set or increase debugging level (Up to 9 is meaningful)
  --open: Only show open (or possibly open) ports
  --packet-trace: Show all packets sent and received
  --iflist: Print host interfaces and routes (for debugging)
  --log-errors: Log errors/warnings to the normal-format output file
  --append-output: Append to rather than clobber specified output files
  --resume <filename>: Resume an aborted scan
  --stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML
  --webxml: Reference stylesheet from Insecure.Org for more portable XML
  --no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
  -6: Enable IPv6 scanning
  -A: Enables OS detection and Version detection, Script scanning and Traceroute
  --datadir <dirname>: Specify custom Nmap data file location
  --send-eth/--send-ip: Send using raw ethernet frames or IP packets
  --privileged: Assume that the user is fully privileged
  --unprivileged: Assume the user lacks raw socket privileges
  -V: Print version number
  -h: Print this help summary page.
EXAMPLES:
  nmap -v -A scanme.nmap.org
  nmap -v -sP 192.168.0.0/16 10.0.0.0/8
  nmap -v -iR 10000 -PN -p 80
SEE THE MAN PAGE FOR MANY MORE OPTIONS, DESCRIPTIONS, AND EXAMPLES
}}}
*Copy backup
**A copy backup copies all selected files but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations.
*Daily backup
** daily backup copies all selected files that have been modified the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared).
*Differential backup
**A differential backup copies files created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup.
*Incremental backup
**An incremental backup backs up only those files created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups, you will need to have the last normal backup set as well as all incremental backup sets in order to restore your data.
*Normal backup
**A normal backup copies all selected files and marks each file as having been backed up (in other words, the archive attribute is cleared). With normal backups, you need only the most recent copy of the backup file or tape to restore all of the files. You usually perform a normal backup the first time you create a backup set.

Backing up your data using a combination of normal backups and incremental backups requires the least amount of storage space and is the quickest backup method. However, recovering files can be time-consuming and difficult because the backup set can be stored on several disks or tapes.

Backing up your data using a combination of normal backups and differential backups is more time-consuming, especially if your data changes frequently, but it is easier to restore the data because the backup set is usually stored on only a few disks or tapes. 

From: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/ntbackup_options_type.mspx?mfr=true
http://ask.metafilter.com/35884/My-keyboard-is-all-screwed-up-in-Outlook
!!!Evacuate datastore using pcli/svmotion
{{{
get-vm -datastore "<SourceDSName>" | % {move-vm $_ -datastore (get-datastore "<TargetDSName>")}
}}}
{{{
move-vm <vmname> -datastore <dsname>
}}}

!!!get datastore capacity/free
{{{
get-datastore zTemp*
}}}

{{{

PS C:\> get-datastore *temp* | sort freespacemb -descending | ft name, freespacemb -auto

Name       FreeSpaceMB
----       -----------
zTempDS102      143266
zTempDS105      121853
zTempDS101       83103
zTempDS103       81092
zTempDS104       81059
zTempDS106       48305
}}}
{{{
pdftk 1.pdf 2.pdf 3.pdf cat output 123.pdf
}}}

{{{
>for ($i=1; $i -le 7; $i++)
>> {write-host fs0$i}
>>
fs01
fs02
fs03
fs04
fs05
fs06
fs07
[38]is45 {C:\}
>for ($i=1; $i -le 7; $i++)
>> {invoke-command {stop-service -force horcm0} -computer fs0$i
>> invoke-command {start-service horcm0} -computer fs0$i
>> }{
>> }
>>
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
WARNING: Waiting for service 'horcm0 (HORCM0)' to finish starting...
}}}
{{{
>get-vm -location vmhost1.dom.tld | Where-Object {$_.name -like "*test*"} | % {move-vm $_.name -location vmhost2.dom.tld}
}}}
Method1:
{{{
PS C:\> foreach ($_ in gc C:\bin\locservers.txt) {$_}
server-locfs01
server-locfs02
server-locfs03
server-locbg01
server-locbg02
server-locbg03
server-locbg04
server-eapplication
server-locsc01
server-locimage01
server-locportal
PS C:\>
}}}

Method2:
{{{
PS C:\bin> gc .\locservers.txt | foreach {$_}
server-locfs01
server-locfs02
server-locfs03
server-locbg01
server-locbg02
server-locbg03
server-locbg04
server-eapplication
server-locsc01
server-locimage01
server-locportal
PS C:\bin>
}}}

Shortcut: %sign
{{{
gci "c:\" -r | where {$_.name -like "*.txt"} | % {write-host $_.fullname}
}}}


See also:
http://technet.microsoft.com/en-us/library/ff730958.aspx


[[How to add, modify, or delete registry subkeys and values by using a registration entries (.reg) file|http://support.microsoft.com/kb/310516]]
{{{
idptransfer:~# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[transfer]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions

[global]
        workgroup = SMIC1
        server string = %h server
        security = SHARE
        syslog = 0
        log file = /var/log/samba/log.%m
        max log size = 1000
        name resolve order = lmhosts host wins bcast
        dns proxy = No
        panic action = /usr/share/samba/panic-action %d
        invalid users = root

[transfer]
        comment = idp transfer
        path = /home/idp/TRANSFER
        force user = idp
        force group = idp
        read only = No
        guest ok = Yes
}}}
smbclient -L <host> lists smb shares
{{{
$ sed -i 's/ugly/beautiful/g' /home/bruno/old-friends/sue.txt
}}}
 To ECHO from the command line, the name of every environment variable.

   FOR /F "delims==" %G IN ('SET') DO @Echo %G

The same command with usebackq (Windows 2000 and above)

   FOR /F "usebackq delims==" %G IN (`SET`) DO @Echo %G

To put the Windows Version into an environment variable

   @echo off 
   ::parse the VER command 
   FOR /F "tokens=4*" %%G IN ('ver') DO SET _version=%%G 
   :: show the result 
   echo %_version%

List all the text files in a folder

   FOR /F "tokens=*" %%G IN ('dir /b C:\docs\*.txt') DO echo %%G

   FOR /F "tokens=*" %%G IN ('dir/b ^"c:\program files\*.txt^"') DO echo %%G
{{{
HP5308-NCR1# sh lacp

                           LACP

   PORT   LACP      TRUNK     PORT      LACP      LACP
   NUMB   ENABLED   GROUP     STATUS    PARTNER   STATUS
   ----   -------   -------   -------   -------   -------
   A2     Passive   A2        Down      No        Success
   A4     Active    Trk1      Up        Yes       Success
   C1     Disable   C1        Up        No        Success
   C2     Passive   C2        Down      No        Success
   C3     Passive   C3        Down      No        Success
   C4     Passive   C4        Down      No        Success
   C5     Passive   C5        Up        No        Success
   C6     Passive   C6        Down      No        Success
   C7     Passive   C7        Down      No        Success
   C8     Passive   C8        Down      No        Success
   C9     Passive   C9        Up        No        Success
   C10    Passive   C10       Down      No        Success
   C11    Passive   C11       Down      No        Success
   C12    Passive   C12       Up        No        Success
   C13    Passive   C13       Down      No        Success
   C14    Passive   C14       Down      No        Success
   C15    Passive   C15       Up        No        Success
   C16    Passive   C16       Down      No        Success
   C17    Passive   C17       Up        No        Success
   C18    Passive   C18       Down      No        Success
   C19    Passive   C19       Down      No        Success
   C20    Passive   C20       Up        No        Success
   C21    Passive   C21       Down      No        Success
   C22    Passive   C22       Down      No        Success
   C23    Passive   C23       Down      No        Success
   C24    Passive   C24       Down      No        Success
   D1     Active    Trk10     Up        Yes       Success
   D2     Passive   D2        Up        No        Success
   D3     Passive   D3        Up        No        Success
   D4     Passive   D4        Down      No        Success
   D5     Passive   D5        Down      No        Success
   D6     Passive   D6        Down      No        Success
   D7     Passive   D7        Down      No        Success
   D8     Passive   D8        Down      No        Success
   D9     Passive   D9        Down      No        Success
   D10    Passive   D10       Down      No        Success
   D11    Passive   D11       Down      No        Success
   D12    Passive   D12       Down      No        Success
   D13    Passive   D13       Down      No        Success
   D14    Passive   D14       Down      No        Success
   D15    Passive   D15       Up        No        Success
   D16    Passive   D16       Down      No        Success
   D17    Passive   D17       Up        No        Success
   D18    Passive   D18       Down      No        Success
   D19    Passive   D19       Down      No        Success
   D20    Passive   D20       Down      No        Success
   D21    Passive   D21       Down      No        Success
   D22    Passive   D22       Up        No        Success
   D23    Passive   D23       Down      No        Success
   D24    Passive   D24       Down      No        Success
   E1     Passive   E1        Down      No        Success
   E2     Passive   E2        Down      No        Success
   E3     Passive   E3        Up        No        Success
   E4     Passive   E4        Up        No        Success
   E5     Passive   E5        Up        No        Success
   E6     Passive   E6        Up        No        Success
   E7     Passive   E7        Down      No        Success
   E8     Passive   E8        Down      No        Success
   E9     Passive   E9        Down      No        Success
   E10    Passive   E10       Down      No        Success
   E11    Passive   E11       Down      No        Success
   E12    Passive   E12       Down      No        Success
   E13    Passive   E13       Down      No        Success
   E14    Passive   E14       Up        No        Success
   E16    Passive   E16       Up        No        Success
   F1     Active    Trk10     Up        Yes       Success
   F2     Passive   F2        Down      No        Success
   F3     Passive   F3        Up        No        Success
   F4     Passive   F4        Down      No        Success
   F5     Passive   F5        Down      No        Success
   F6     Passive   F6        Down      No        Success
   F7     Passive   F7        Down      No        Success
   F8     Passive   F8        Down      No        Success
   F9     Passive   F9        Up        No        Success
   F10    Passive   F10       Down      No        Success
   F11    Passive   F11       Up        No        Success
   F12    Passive   F12       Up        No        Success
   F13    Passive   F13       Down      No        Success
   F14    Passive   F14       Down      No        Success
   G1     Active    Trk14     Up        Yes       Success
   G2     Passive   G2        Down      No        Success
   G3     Passive   G3        Down      No        Success
   G4     Passive   G4        Up        No        Success
   G5     Active    Trk2      Up        Yes       Success
   G6     Active    Trk4      Up        Yes       Success
   G7     Active    Trk4      Up        Yes       Success
   G8     Active    Trk14     Up        Yes       Success
   G9     Passive   G9        Down      No        Success
   G10    Passive   G10       Down      No        Success
   G11    Passive   G11       Up        No        Success
   G12    Passive   G12       Down      No        Success
   G13    Passive   G13       Down      No        Success
   G14    Passive   G14       Down      No        Success
   G15    Active    Trk15     Up        Yes       Success
   H1     Passive   H1        Blocked   Yes       Failure
   H2     Passive   Dyn1      Blocked   Yes       Failure
   H3     Passive   Dyn1      Blocked   Yes       Failure
   H4     Passive   H4        Up        No        Success
   H5     Passive   H5        Down      No        Success
   H6     Passive   H6        Up        No        Success
   H7     Passive   H7        Up        No        Success
   H8     Active    Trk2      Down      No        Success
   H9     Passive   H9        Down      No        Success
   H10    Passive   H10       Down      No        Success
   H11    Passive   H11       Down      No        Success
   H12    Passive   H12       Down      No        Success
   H13    Passive   H13       Down      No        Success
   H14    Passive   H14       Down      No        Success
   H15    Passive   H15       Down      No        Success
   H16    Passive   H16       Up        No        Success


HP5308-NCR1#
}}}
{{{
bladecage1sw03#sh int trunk

Port        Mode         Encapsulation  Status        Native vlan
Gi0/1       on           802.1q         trunking      1
Gi0/2       on           802.1q         trunking      1
Gi0/3       on           802.1q         trunking      1
Gi0/4       on           802.1q         trunking      1
Po1         on           802.1q         trunking      1
Po2         on           802.1q         trunking      1

Port        Vlans allowed on trunk
Gi0/1       1-4094
Gi0/2       1-4094
Gi0/3       1-4094
Gi0/4       1-4094
Po1         1-4094
Po2         1-4094

Port        Vlans allowed and active in management domain
Gi0/1       1,3,8
Gi0/2       1,3,8
Gi0/3       1,3,8
Gi0/4       1,3,8
Po1         1,3,8
Po2         1,3,8

Port        Vlans in spanning tree forwarding state and not pruned
Gi0/1       1,3,8
Gi0/2       1,3,8
Gi0/3       1,3,8
Gi0/4       1,3,8
Po1         1,3,8
Po2         none
bladecage1sw03#
}}}
{{{
e:\>shutdown /?
Usage: shutdown [-i | -l | -s | -r | -a] [-f] [-m \\computername] [-t xx] [-c "comment"] [-d up:xx:y
y]

        No args                 Display this message (same as -?)
        -i                      Display GUI interface, must be the first option
        -l                      Log off (cannot be used with -m option)
        -s                      Shutdown the computer
        -r                      Shutdown and restart the computer
        -a                      Abort a system shutdown
        -m \\computername       Remote computer to shutdown/restart/abort
        -t xx                   Set timeout for shutdown to xx seconds
        -c "comment"            Shutdown comment (maximum of 127 characters)
        -f                      Forces running applications to close without warning
        -d [u][p]:xx:yy         The reason code for the shutdown
                                u is the user code
                                p is a planned shutdown code
                                xx is the major reason code (positive integer less than 256)
                                yy is the minor reason code (positive integer less than 65536)

e:\>

}}}
if you do not already have a key pair
$ ssh-keygen -t dsa

send your public key to each host you ssh into
$ cat ~/.ssh/id_dsa.pub | ssh you@host 'cat - >> ~/.ssh/authorized_keys2'
{{{
::start.cmd
rasdial dragnet5americas /phonebook:c:\dell\dragnet5\dragnet5.pbk
ping 4.2.2.2

start communicator

start outlook

start np

start ie http://siebelapp/service_enu/
}}}
You can run the script using the -x option which will trace
through it. You can do this in one of several ways:

Put this at the top of your script:
#!/bin/bash -x

From the command line:
bash -x scriptname

Or, for long scripts, put this line where you want to
start tracing (this way, you don't have to wade through
a lot of junk):
set -x

And this line where you want to stop:
set +x 
pace = permission access control entry
pacl = permission access control list
sacl = system access control list (audit permissions)
dacl = discretionary access control list (grant/deny permissions)

Also see: http://alt.pluralsight.com/wiki/default.aspx/Keith.GuideBook/WhatIsAnAccessControlList.html
{{{
SubInAcl version 5.2.3790.1180

USAGE
-----

Usage :
     SubInAcl [/option...] /object_type object_name [[/action[=parameter]...]



 /options    :
    /outputlog=FileName                 /errorlog=FileName
    /noverbose                          /verbose (default)
    /notestmode (default)               /testmode
    /alternatesamserver=SamServer       /offlinesam=FileName
    /stringreplaceonoutput=string1=string2
    /expandenvironmentsymbols (default) /noexpandenvironmentsymbols
    /statistic (default)                /nostatistic
    /dumpcachedsids=FileName            /separator=character
    /applyonly=[dacl,sacl,owner,group]
    /nocrossreparsepoint (default)      /crossreparsepoint

 /object_type :
    /service            /keyreg             /subkeyreg
    /file               /subdirectories[=directoriesonly|filesonly]
    /clustershare       /kernelobject       /metabase
    /printer            /onlyfile           /process
    /share              /samobject

 /action      :
    /display[=dacl|sacl|owner|primarygroup|sdsize|sddl] (default)
    /setowner=owner
    /replace=[DomainName\]OldAccount=[DomainName\]New_Account
    /accountmigration=[DomainName\]OldAccount=[DomainName\]New_Account
    /changedomain=OldDomainName=NewDomainName[=MappingFile[=Both]]
    /migratetodomain=SourceDomain=DestDomain=[MappingFile[=Both]]
    /findsid=[DomainName\]Account[=stop|continue]
    /suppresssid=[DomainName\]Account
    /confirm
    /ifchangecontinue
    /cleandeletedsidsfrom=DomainName[=dacl|sacl|owner|primarygroup|all]
    /testmode
    /accesscheck=[DomainName\]Username
    /setprimarygroup=[DomainName\]Group
    /grant=[DomainName\]Username[=Access]
    /deny=[DomainName\]Username[=Access]
    /sgrant=[DomainName\]Username[=Access]
    /sdeny=[DomainName\]Username[=Access]
    /sallowdeny==[DomainName\]Username[=Access]
    /revoke=[DomainName\]Username
    /perm
    /audit
    /compactsecuritydescriptor
    /pathexclude=pattern
    /objectexclude=pattern
    /sddl=sddl_string
    /objectcopysecurity=object_path
    /pathcopysecurity=path_container

Usage  : SubInAcl   [/option...] /playfile file_name

Usage  : SubInAcl   /help [keyword]
         SubInAcl   /help /full
    keyword can be :
    features  usage syntax sids  view_mode test_mode object_type
    domain_migration server_migration substitution_features editing_features
	 - or -
    any [/option] [/action] [/object_type]

}}}

{{{
Display or modify Access Control Entries (ACEs) for file and folder Permissions, Ownership and Domain.

Access Control Lists apply only to files stored on an NTFS formatted drive, each ACL determines which users (or groups of users) can read or edit the file. When a new file is created it normally inherits ACL's from the folder where it was created.

Syntax
      SUBINACL [/noverbose] /object_type object_name [/action=parameter] [/help]
	  
Key
    object_type: service        e.g.  /service Messenger \\ServerName\Messenger
                 keyreg         e.g.  /keyreg HKEY_CURRENT_USER\Software
                                      /keyreg \\Srv\HKEY_LOCAL_MACHINE\KeyPath
                 file           e.g.  /file *.obj  /file c:\test.txt
                                      /file \\ServerName\Share\Path
                 subdirectories manipulate files in specified directory and all subdirectories

   object_name : This will vary according to the object_type - see the examples above

   action      : setowner=owner
                 will change the owner of the object e.g. /setowner=MyDomain\Administrators

                 replace=SamName\OldAccount=DomainName\New_Account
                 will replace all ACE (Audit and Permissions) in the object
                 e.g. /replace=MyOldDomain\Finance=NEWDOM\Finance

                 changedomain=OldDomainName=NewDomainName
                 will replace all ACEs with a Sid from OldDomainName
                 with the equivalent Sid found in NewSamServer 
                 e.g. /changedomain=MyOldDomain=NEWDOMAIN
                 This option requires a trust relationship with the server containing the object.   

Examples:

subinacl can do everything that cacls and xcacls can do and more besides.

List permissions to log file:
subinacl /noverbose /nostatistic /outputlog=my.log /subdirectories "C:\Program Files\My Folder" /display

Restore Permissions:
subinacl /nostatistic /playfile my.log

Change owner :
subinacl /file C:\demofile.doc /setowner=MYDOMAIN\BillG

Bugs

Running subinacl against a subfolder, as in the example above will affect just that folder and it's contents. However if you run subinacl against a folder in the root of the drive it will scan the entire drive for folders matching that name (which can take some time).
e.g.
subinacl /subdirectories "C:\Spud"
Will also match
C:\Program Files\Spud
C:\Documents and Settings\Spud etc 
}}}

{{{
tcpdump -nnvvSs 1514 -w capture1.pcap -C 100
}}}
Determine interface:
{{{
C:\>"c:\Program Files\Wireshark\tshark.exe" -D
1. \Device\NPF_GenericDialupAdapter (Adapter for generic dialup and VPN capture)

2. \Device\NPF_{4DB8640A-8B6A-464F-8788-71396098B36A} (EL574ND4 Ethernet Adapter
)
3. \Device\NPF_{24D2A19D-8CA2-4C95-9BAA-051DA889E5FF} (Intel(R) PRO/Wireless 220
0BG Network Connectio (Microsoft's Packet Scheduler) )
4. \Device\NPF_{57583FDA-71E3-4BC3-AE8B-6EE5F9C558B4} (Broadcom NetXtreme Gigabi
t Ethernet Driver (Microsoft's Packet Scheduler) )

C:\>
}}}

{{{
:: ts.cmd
set ts=c:\progra~1\wireshark\tshark.exe

%ts% -i 2 -w e:\wireshark\mtechd.pcap -b filesize:100000
:: -i :: interface #
:: -w :: filename
:: -b :: multiple file option filesize:<k>
}}}
1. If you'd asked someone in the 18th century what the perfect mode of transportation would be, they'd describe a faster horse that can run all day, carry a heavy load, and not need much food or water. They would not describe a car or a train or an airplane because, no one had yet laid out a vision for these modes of transportation.

2. The task is not to ask customers what they want but to ask them what they are trying to accomplish and what obstacles they face in meeting those goals.

[Paraphrased from http://www.userdriven.org/blog/2007/1/17/a-faster-horse.html]

This is an interesting example of what our department's focus should be. Segues nicely into a discussion about our mission statement.
*suspend vm
{{{
vmware-cmd /path/to/vmware.vmx suspend
}}}
*copy files to /vmfiles/backups
{{{
tar cf dirname.date.tar
}}}
*restart vm
{{{
vmware-cmd /path/to/vmware.vmx start
}}}
*compress files
{{{
bzip2 dirname.date.tar
}}}
*mail results
{{{
mail 
{{{
[root@vmhost4 root]# /usr/local/bin/vmbk.pl --help
"my" variable $Tivoli masks earlier declaration in same scope at /usr/local/bin/
vmbk.pl line 211.
Unknown option: -

vmbk.pl Version 3.00.0 rev.11
Massimiliano Daneri
for support send email to
support@vmts.net
usage: /usr/local/bin/vmbk.pl -h | -d directory |-f <params> |-B <params> |-G <p
arams>  <option>

-h  print this help message

-------------------------------------------------------------------------------
-d  backup destination directory
-f  ftp server  syntax: ftp='host',dir='remote directory',user='user name',
        password='password',passive='true or false',timeout=<number>
-B  use Veritas Netbackup syntax:policy='policyname'[,master='masterserver']
        [,clientname='clientname'][,logfile='logfile][,prepost=true|false]
-G  use Legato Networker syntax:server='servername',group='groupname'
        [,pool='poolname'][,clientname='clientname']
-M  use Tivoli Storage Manager syntax:type='incremental/selective/archive'
                [,stanza='servername'][,archmc='management class']
-------------------------------------------------------------------------------
Options

    -n  nfs mount syntax: nfs='host:/share',mountpoint='/dir',options='options'
    -s  smb mount syntax: smb='//host/share'[,mountpoint='/dir']
        [,user='domain\user name'][,password='password'][,options='options']

    -e  smtp='host',to='email address'[,from='email address'][,encode='encode ty
pe']
        [,html=true|false]   send a report by email
    -l  <logfile> create a test format log
    -L  <logfile> create a HTML format log
    -y  [facility=<facility>],{level=<level>] use syslog default 'local6' and 'i
nfo'


    -t  test mode
    -i  interactive mode
    -H  don't display header
    -a  backup all VM also guest with backup="manual"
    -4  backup configuration file and CMOS
    -c  create restore command on export directory
    -m  export disk to unique directory
    -j  set minimum space permitted on destination directory
        DEFAULT = 1024 (value in MB)
    -J  set min space permitted on VMFS partition to permit REDO disk
        DEFAULT = 512 (value in MB)
    -z  use command cp instead of vmkfstools
    -R  use vmkfstool(raw mode more faster than cp. !!caution with smb share!!)
        command to disk instead of cp
    -5  set pre directory name (default 'vm-')
    -b  Backup session DEFAULT = 'default'
        (use vmx parameter 'backup.session'=name)
    -6  set timeout default 60000 ms (1min)
    -v  set guest to backup using "vm number order"
    -F  backup host configuration
    -C  Configuration File (set parameters by file)
    -2  Force a dismount before the mount operation
    -N  create a file with a list of files to backup
    -O  Only do add redo (without redo commit)
    -o  Only do commit (without add redo)
    -P  run command before backup process
    -p  run command after backup process
    -x  select guest by vmx file ( es. -x /home/vmware/win2000/win2000.vmx,etc)
    -7  use  a temporary directory for export (move file after export)
    -r  create snapshot with memory dump
    -Q  create a tar.gz file one for each disk inside a unique guest directory
    -q  create only one tar.gz for each vm guest, with inside every file owned b
y vm
    -g  create a zip for each vm guest
    -8  use the original vmdk disk filename

[root@vmhost4 root]#
}}}

{{{
::@echo off
::::::::::::::::::::::::::::::::::::::::
::wakeit.cmd
::purpose: wakes a list of computers via mc-wol.exe and then shuts them down.
::
::file requirements: 
::sleep.exe
::Mc-wol.exe
::shutdown.exe from a winxp box (no 600sec limit)
::
::usage:
::wakeit.cmd <filename.ext>
::example: 
::wakeit.cmd daves.txt
::::::::::::::::::::::::::::::::::::::::

set shutit=c:\wol\shutdown.exe
set sleepit=c:\wol\sleep.exe
set wake=c:\wol\mc-wol.exe
set shutdelay=10800
set sleepdelay=240

set file=%1

FOR /F "eol=# tokens=2,3 delims=," %%i in (%file%) do (
::wake it up
	%wake% wakeup %%j > nul
)

sleep %sleepdelay%

FOR /F "eol=# tokens=2,3 delims=," %%i in (%file%) do (
::shut it down in 10800 seconds (3 hours)
	%shutit% /m \\%%i /f /s /t %shutdelay%
)

exit /b
}}}
!!!1. Install Debian.
*Install from bizcard cd
*Update Debian
!!!3. Install apache
{{{
apt-get install apache
}}}
!!!4. Install mysql
run dispart volume list

then 
{{{
C:\>for %i in (d h i z c y g e r) do (
More? echo %i >> diskfree.txt
More? fsutil volume diskfree %i: >> diskfree.txt
More? )
}}}

where the letters are the used drive letters
{{{
Xnest :1 -ac &
fluxbox -display :1
}}}

{{{
xset mouse 5/1 5
}}}