Username to SID Assosiation

To find the sid of a user using the username and vice versa use the following command:

wmic useraccount get name,sid

Popular posts from this blog

Syslog Message Collection for OMS from sources that do not support the agent

Image
On the previous article of the OMS series, we've installed and configured the OMS agent on a linux machine and started collecting syslog messages and performance statistics.

Today, we are going to use that machine to collect syslog messages from other machines, devices or applications that are not supported by the OMS agent. This is a two step process, first we are going to enable the remote syslog collection on the linux machine and then we are going to update the configuration of the agent to support high volume of syslog traffic. Let's dive in!

The syslog server is going to be rsyslog since it came with Ubuntu server and the configuration file is stored at /etc/rsyslog.conf.

To enable the remote collection, the below lines have to be uncommented in the configuration file:

module(load="imudp")
input(type="imudp" port="514")
and
module(load="imtcp")
input(type="imtcp" port="514")

Since we are going to be collecting messa…
Keep reading

How to Configure Message Forwarding on a Mailbox Level

Image
The Set-Mailbox cmdlet has two parameters to configure forwarding for a mailbox: ForwardingAddress and ForwardingSmtpAddress. Those two parameters serve the same puspose but in two different ways. There is also a third parameter called DeliverToMailboxAndForward that when set will leave a copy of the message on the mailbox.

The "ForwardingAddress" accepts RecipientIdParameter input which means that you have to use the identity of an existing object on your organization such as another mailbox or a mail contact.

The "ForwardingSmtpAddress" accepts input in a proxy address format such as plain old email addresses. Although this is pretty straight forward, there's a catch you need to be aware of. This will only work if the remote domain of the recipient is configured to allow message forwarding. Let me elaborate.

There's a thing on Exchange, called Remote Domains. Those are used in order to define settings for the communication between your Exchange server and…
Keep reading

Generating Alerts On OMS

Image
On the previous articles about Microsoft OMS, we've configured event and log collection from various systems and we've queried the workspace for information. We have the information, wouldn't it be great if we could also act on it?

The Operations Management Suite has a feature named "Alerts" that provides this functionality. Creating alerts is a straight forward and only takes a few minutes. To illustrate the process, we are going to configure an alert for a Windows Server Failover Cluster that hosts the File Server role.

When a cluster resource is moving to another node of the cluster, an event with id 1641 is generated under the source "FaileoverClustering" of the log "Microsoft-Windows-FailoverClustering/Operational".

To create the alert, we are going to need a query that returns the above events:


Let's create the alert. From the main OMS blade, select "Alerts" and then "Create New Rule":


This will bring you to the n…
Keep reading