Here is how I did it:

(%SDPfolder% refers to the “ServiceDesk” folder, in my case this was C:\ManageEngine\ServiceDesk)

Items marked with bold are variables that you have to change to reflect your environment.

1. Rename the default keystore “sdp.keystore”  in %SDPfolder%\jre\bin to “sdp.keystore.original”
2. Start a commando-prompt and “CD” to %SDPfolder%\jre\bin
3. Generate a new keystore with the command: keytool -genkey -alias domain.com -keyalg RSA -keystore sdp.keystore
   Explanation; Alias is only used internally in the keystore, end users will not see it. You should set it to the domain, not the FQDN. As keystore, specify original “sdp.keystore” name – then you don’t have to change any configs later.
4. Next you will be promted for a password for your new keystore – set it to: sdpsecured
   Explanation; By using the default sdpsecured password you don’t have to change any configs later.
5. Now you will be prompted for first name, last name and all that stuff.
   First name and last name: server.domain.com <FQDN>
   Organizational unit: server.domain.com <FQDN>
   Organization: server.domain.com <FQDN>
   City or Locality: dk <2-letter country code> 
   State or Province: dk <2-letter country code> 
   Two-letter country code: dk <2-letter country code> 
   Is CN=server.domain.com, OU=server.domain.com, O=server.domain.com, L=DK, ST=DK, c=DK correct? Yes 
6. Use the same password as keystore password, so press RETURN.
7. Now to generate a Certificate Request: keytool -certreq -keyalg RSA -alias domain.com -file C:\certreq.txt -keystore sdp.keystore
   Keystore password: sdpsecured
8.  Copy all the text from the new Certificate request file C:\certreq.txt
9. Visit your PKI Certificate Enrollment website (https://certenroll.domain.local)
10. Request a certificate -> Submit a certificate request by using a base-64-encoded….
11. Paste the Certificate request, and select an appropriate Certificate Template (a web server certificate with key usage: Server Authentication)
12. Submit and generate the certificate.
13. Download the DER encoded Certificate Chain – this will give you a “certnew.p7b” file. Save this somewhere easy to reach.
14. Open the “certnew.p7b” file (will open with certmgr)
15. Expand the “Certificates” folder.
16. Double-click the certificate issued to your own PKI ROOT CA, click the Details tab and use the Copy to File… button. Save the certificate to C:\root.der
17. Double-click the certificate issued to your own PKI ISSUER CA, click the Details tab and use the Copy to File… button. Save the certificate to C:\intermed.der
18. Back in command promt; keytool -import -trustcacerts -keystore sdp.keystore -alias root -file C:\root.der.cer
19. keytool -import -trustcacerts -keystore sdp.keystore -alias intermed -file C:\intermed.der.cer
20. keytool-import -trustcacerts -keystore -sdp.keystore -alias domain.com -file C:\certnew.p7b
21. Verify all certificates are installed with keytool -list -keystore sdp.keystore
22. Copy the keystore file we have generated and populated: %SDPfolder%\jre\bin\sdp.keystore to %SDPfolder%\server\default\conf\sdp.keystore (overwrite or rename the target file if there is one)
23. Stop and start ServiceDesk Plus – You should now have your own SSL certificate being used, assuming you had already enabled SSL for ServiceDesk Plus

If HTTPS/SSL is not already enabled, do the following to enable:

1. Stop ServiceDesk Plus
2. Run %SDPfolder%\bin\changeWebServerPort.bat 443 https
3. Start ServiceDesk Plus again

Also, another neat trick is to install IIS (Internet Information Services) on the same server, and use this to redirect HTTP users to your HTTPS site:

1. If not already installed, install IIS (Windows Server 2008 – Add Role). Be sure to check the ASP feature when installing.
2. Create a “default.asp” file in C:\Inetpub\wwwroot with the following content;
   <%@ Language=VBScript %>
   <%
   Response.Status=”301 Moved Permanently”
   Response.AddHeader “Location”,”https://server.domain.com/”
   %>
3. Done!

I searched and stumbled upon this discussion; https://getsatisfaction.com/microsoft/topics/need_shortcut_to_change_audio_device_in_one_click

I ended up using the solution provided by “Bas”, which involves a script using AutoIT. It works perfectly! I have added a shortcut to the executable to my Taskbar, and now I can switch audio devices with 1 click.
Get the AutoIT file here: toggle-audio-7

In brief it allows you to view the content of %systemRoot%\Debug\UserMode in a meaningful manner. You will be able to view the exact timestamp for each entry, and this can give you clues to optimize your logon experience.  You will not get exact answers, but hopefully you will be able to translate the results yourself.

To be able to generate logon debug-output, you first have to enable this. See the instructions here: http://support.microsoft.com/kb/221833

In brief:

Use Registry Editor to add or to modify the following registry entry:
Subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Entry: UserEnvDebugLevel
Type: REG_DWORD
Value data: 10002 (Hexadecimal)

You can get SysPro Policy Reporter here: http://www.sysprosoft.com./policyreporter.shtml

Alternative download link: Policy Reporter 4.2.11

Generic PowerShell

Read .CSV file and do something for each object:
ForEach ($usr in Get-Content “C:\temp\Users.csv”) { Get-Mailboxstatisti
cs($usr)}

Groups/AD users

Copy Group Members from Group A to B:
Get-QADGroupMember GroupA | % { Add-QADGroupMember GroupB -Member $_ }

Copy Group Membership information from User A to B:
(Get-QADUser userA).MemberOf | Add-QADGroupMember -Member domain\userB

“Bulk” change attributes on AD users:
Get-QADuser -sizelimit 0 | where-object { $_.Department -eq “Sales” } | foreach-object {Set-QADuser $_ -Department “Commercial”}
(Searches all users (sizelimit 0) where Department = “Sales” and for each object sets Department = “Commercial”)

Find “indirect” (nested) AD group memberships for a specific user:
Get-QADMemberOf “John Doe” -indirect | fl name,description >> C:\JDoe.txt

Find members of AD group, export to CSV:
get-qadgroupmember “group name” | select-object logonname, firstname, lastname | export-csv c:\filename.csv

Export selected ExtensionAttribute (or other) to CSV file

Get-QADUser -IncludedProperties extensionAttribute1 -sizeLimit 0 | Select-Object Name, samaccountname, extensionAttribute1 | Out-File C:\WhoIsWho.csv -width 400

Blank out ExtensionAttribute1 for all users that have it
Get-QADuser -sizelimit 0 | Set-QADUser -ObjectAttribute @{extensionAttribute1=$null}

Select users by country CAUTION, do not edit in this way!
Get-QADuser -sizelimit 0 -IncludedProperties c | Where-Object {$_.C -eq “GB” }

Exchange 2007/2010

Set Exchange mailbox quota:
set-mailbox “John Doe” -UseDatabaseQuotaDefaults $false -IssueWarningQuota 4GB -ProhibitSendQuota 5GB -ProhibitSendReceiveQuota 6GB
(Warning at 4GB, Block Send at 5GB and block receive at 6GB, remember to NOT use QuotaDefaults)

Export mailbox statistics to CSV file
C:\>Get-MailboxStatistics | ft Displayname,totalitemsize,databasename | Out-File C:\Mailboxstatistics.csv -width 200

Export mailboxes to .PST file
Add-mailboxpermission -identity “John Doe” -accessrights fullaccess -user “AdminUser01″
Export-Mailbox -Identity “John Doe” -PSTFolderpath X:\folder
(AdminUser01 has to be the one who’s running the Powershell at the moment of Exporting)

Removing disconnected mailboxes in Exchange Server 2007/2010
Listing all disconnected mailboxes:
Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid
Removing a single entry:
Remove-Mailbox -Database <Database-Name> -StoreMailboxIdentity <MailboxGuid> -confirm:$false
Removing all users at the same time:
$users = Get-MailboxStatistics | where-object { $_.DisconnectDate -ne $null } | Select DisplayName,MailboxGuid
Now that we have all disconnected mailboxes in a var, we can run the following cmdlet to remove all of them:
$users | ForEach { Remove-Mailbox -Database “Mailbox Database” -StoreMailboxIdentity $_.MailboxGuid -confirm:$true }

VBScript program demonstrating how to use ADO to find all user accounts where the password will expire within a specified number of days in the future. The program does not retrieve users whose password has already expired. The program also does not retrieve users whose password does not expire, whose password cannot change, where the user is not required to have a password, or where the account is disabled.

The program uses the domain maximum password age policy and the value of the pwdLastSet attribute of the users to determine when the passwords expire. Do not use this program if you use the new fine-grained password policies feature of Windows Server 2008. This program assumes the same password policy applies to all users.

The program filters on users where the pwdLastSet attribute corresponds to dates in the past such that the password will expire in the specified range. This requires converting the critical dates into the corresponding Integer8 values. For the users retrieved, the program uses the pwdLastSet attribute value to determine when the password will actually expire, in the time zone of the local computer.

For each user account found the program sends an email message to the user. The program uses the value of the “mail” attribute of the user object, which corresponds to the field “E-mail” on the “General” tab of ADUC. If this attribute does not have a value, the program uses the “proxyAddresses” attribute. This multi-valued attribute is used by Exchange to specify email addresses. This program uses the “primary” address of the user, which is the value which has either “SMTP:” or “X400:” as the prefix, in upper case. There can be only one “primary” email address in the collection. All other values have all lower case prefixes.

PwdExpires.txt <<– Click here to view or download the program

Next is a similar PowerShell script that retrieves all users whose passwords will expire within the specified number of days. An email function has recently been added, so the program is identical to the first.

PSPwdExpires.txt <<– Click here to view or download the program

Hosted copies of the original script can be found here:

PSPwdExpires.ps1

PwdExpires.vbs

I modified the script (PowerShell) to allow for HTML emails with multiple lines of text.

First bit:

Function SendEmail($To, $Body)
{
    $Message = New-Object System.Net.Mail.MailMessage `
        $Script:From, $To, $Script:Subject, $Body
	$Message.IsBodyHtml = "true"
    $Client.Send($Message)
}

Last bit (where you enter your custom text):

    If ("$Mail" -ne "")
    {
        $Notice = "<font size='2' face='Verdana'>" `
			+ "<b>This is an automated message!</b><br><br>" `
			+ "Your password for username $Name will expire by: <b>$PwdExpires</b> (mm/dd/yyyy) <br>" `
			+ "Before then you must change your password by following one of the procedures mentioned below: <br>" `
			+ "</font>"
        SendEmail $Mail $Notice
        "Email sent to $Name ($Mail), password expires $PwdExpires"
    }

 

Cause: Avast! Antivirus is causing this.

Solution: Disable Avast! Antivirus when playing Battlefield 3.

Confirmed with Avast! Program Version 6.0.1289, definitions version 111028-0

You have had it before: the “Open File – Security Warning”. Nice feature, but not very interesting during execution of scripts. However you may not want to turn it off.

The simple solution in VBScript has been offered by MS themselve: the SEE_MASK_NOZONECHECKS environment variable. Change it at the start of your script and restore it at the end. Plain & simple!

Sample code (same as the KB article):
set oShell= CreateObject(“Wscript.Shell”)
set oEnv = oShell.Environment(“PROCESS”)
oEnv(“SEE_MASK_NOZONECHECKS”) = 1
oShell.Run “c:\ms04-038\WindowsXP-KB834707-x86-enu /quiet /passive /norestart”,0,True
oEnv.Remove(“SEE_MASK_NOZONECHECKS”)

The Open File – Security Warning dialog box is displayed when you try to silently install a hotfix or an update by using a Visual Basic script in Windows XP Service Pack 2
http://support.microsoft.com/kb/889815

SSL certificates are issued for periods of spanning a number of years (typically in multiples for example 1, 2 or more years – however eventually they do expire and need to be renewed.

The renewal process involves generating a fresh CSR (Certificate Signing Request) on one of your Exchange Client Access servers – this is then sent to a root certification authority (for example VeriSign or Thwate) for processing into a valid SSL certificate (essentially they sign the request).

In order to generate a CSR file on the Exchange 2007 Client Access Servers and Windows 2008 open the Exchange Management Shell [ START -> Programs -> Microsoft Exchange Server 2007 -> Exchange Management Shell ] and type the following command:

New-ExchangeCertificate -GenerateRequest -Path c:\myReq.csr -KeySize 1024 -SubjectName “c=GB, s=Middx, l=MyCompany, ou=IT, cn=mail.mydomain.com” -PrivateKeyExportable $True

The string that you provide after the “-SubjectName” switch is VERY important it is made up of the following values:

c= [This is the Country of origin]

s= [This is the state (that you are in)]

i= [This is the company that you work for - or indeed the SSL certificate will be assigned to - you should note that if you ave purchased SSL certificates before it is worth ensuring that the company naming convention is consistent throughout all certificates that you have purchased]

ou= [This is the organisation unit that the section of the company which will take charge of the certificate - typically I enter in "IT" for this value]

cn= [This should be set to the DNS FQDN of the Client Access server which will be using the certificate - for example "OWA.mydomain.com" or "mail.mydomain.com"

This will produce a file in the root of c:\ on the CAS server called “myReq.csr” – this should be sent to Thwate.

When the CSR has been generated you will be provided with a CRF (Certificate Response File) which looks like the following (this will be returned to you via e-mail):

-----BEGIN CERTIFICATE-----JJkbbssCCAuucgAwIBAgIQcyE6jZgwnFgAq0d7onjMFzANBgkqhkiG9w0BAQUFADCBzj
EEWNNNEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du
MR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
blahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblah
2NybC50aGF3dGUuY29tL1RoYXd0ZVByZW1pdW1TZXJ2ZXJDQS5jcmwwMgYIKwYBBQUHAQEE
JjAkMCIGCCsGAQUFBzABhhZodHRwOi8vpgthennn/ss88877a222129tMAwGA1UdEwE
B/wQCMAAwDQYJKoZIhvcNAQEFBQADgYEAuYSyeOUx53TkjCfol2psVY3E9uzMb6P6nrgs2U
uG8BBQlshPkv+te8G2JpaaaaCmcrCV8J0WQN8mRm5443vbdasafJTBxB2PAZfl3GSWEgDIH
q/lg3IOxG43YK4qDWYTu3j/Ngymq8g/d+0VrqkF/AmXWnGMGIQmE3GUnUDXeZKOR8SM=
-----END CERTIFICATE-----

You should copy the CRF (including the “Begin Certificate” and “End Certificate”) into a text file called “Owa.txt” and then rename the file “owa.cer” – you should then copy this file up to a drive on the CAS server where you are working.

Installing the Certificate on your Client Access Server:

Firstly you need to remove the existing (expired) SSL certificate from your Client Access Server - in order accomplish this you need to perform the following steps:Open the Exchange Management Shell [ START -> Programs -> Microsoft Exchange Server 2007 -> Exchange Management Shell ]

Then type in the following command:

Get-ExchangeCertificate | fl | out-file –filePath c:\certs.txt

This will create a text file in the root of C:\ called “certs.txt” which contains the details of every certificate install on the server – the output should look like the following:

The key property that will identify the certificate that you wish to replace is the “Not After” field – as this is essentially the expiry date and should have already expired or indeed be very close to expiring.Make a note of the thumbprint (the long number at the bottom after the “thumbprint” field) and then type in the following command:

Remove-ExchangeCertificate –thumbprint <The Thumb Print that you noted down>

As a tip here is to copy the thumbprint from the text file above and then paste it into the Powershell Window.When you have typed the command and pressed enter you will be presented with the confirmation message –see below;

Confirm

Are you sure you want to perform this action?

Remove certificate with thumbprint 138B6EC5AAE868F495ECCBDA05C1F011B08A7CD3?

[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help(default is “Y”):y

Confirm the action by entering “a” and then press <ENTER>

You are now ready to import the new certificate onto the Client Access Server – in order to do this type in the following command within the Powershell window (ensure that the path you specify to the certificate file matches the location where you placed the new certificate in the earlier steps:

Import-ExchangeCertificate -path e:\certificates\owa.cer –FriendlyName “owa.mydomain.com”

You should then be presented with the following output – again here you will need to make a note of the thumbprint:

Thumbprint Services Subject

———- ——– ——-

B52842F7408772B7151FF74FDAE914EA7B59B53A ….. CN=owa.mydomain.com,…

Now that the certificate has been imported into the certificates repository you need to enable it for OWA – in order to do this run the following command in the
Powershell window:

Enable-ExchangeCertificate -Thumbprint B52842F7408772B7151FF74FDAE914EA7B59B53A -Services IIS

The new certificate should now be installed you can confirm this by running the following command:

Get-ExchangeCertificate

The output of which should be:

Thumbprint Services Subject

———- ——– ——-

B52842F7408772B7151FF74FDAE914EA7B59B53A …W. CN=owa.mydomain.com,…

The key thing here to note is the “W” under services (this signifies that the cert has been enabled for OWA) and that the thumbprint matched what you have typed in previously

To disable the resize dialog for .JPG file type, use these steps [Reference]:

1. Click Start, Run. Type regedit.exe and press {ENTER}
2. Navigate to the following location: HKEY_CLASSES_ROOT\.JPG
3. Backup the key by exporting it to a file.
4. In the right-pane, double-click PerceivedType and assign a blank data to it.
5. Close Registry Editor.

The same procedure applies for other image types. The original source also gives this caution, however, I did not encounter the mentioned problem:

There may be some minor side effects of using this method, as the PerceivedType string is another important file class information. PerceivedType string helps Windows determine the actual Type (image, video, audio or whatever) for a file. In case you experience image preview issues or any other problems after following the method in this article, you can revert the setting by changing the PerceivedType to image. Alternately, type REGSVR32 SHIMGVW.DLL in Start, Run dialog to regain the functionality.

Not only was the Logitech the cheapest, it was also the only one that included Rudder pedals, as well as Force Feedback! Many people have complaints about the Logitech Gaming software – but having tried this previously with my G25 wheel, I wasn’t concerned. The Logitech G940 has one major drawback though; it shows up as 3 seperate input devices (Joystick, Throttle, Pedals) – and this can render it completely useless for some games.

The Saitek X65-F has ‘Force Sensing’ , which looks really awesome, but is apparently only really good for jet-fighter sims.
With both the Saitek X65-F and Thrustmaster HOTAS WARTHOG you will need separate pedals, further adding to the already high costs. (Saitek Pro Flight Combat Rudder Pedals $200, for the Thustmaster, CH Pro Pedals $123)

Logitech G940 Hardware

The box is huge, and the entire package weigh in at ??? kgs. The build quality is good for an ‘entry-level’ product, even though it’s the only one made in plastic of the 3 brands. All the 3 G940 components can be hard-mounted with countersunk screws. They work okay without but I am looking forward to mounting them for stability. Note that these mounting points are holes all the way through the units, so you don’t need to fiddle around underneath with machine-screws. An easy mounting option would be simple wood screws directly from the top.

The flight stick is a bit too long for my hands, so the big red FIRE button is actually a bit of a hassle to reach, but I think that will improve with a better seating arrangement. The main trigger is metal and double-action (press or press hard), besides this you will find the afore-mentioned red FIRE button, 1 mini-hat (8 positions), 1 analogue mini-hat (with click function), and an additional 5 buttons, labeled S1-5. On the base you will find 2 trim wheels and 1 trim knob/dial. All the buttons have a nice feedback/travel, so you certain when you activate them. The topmost mini-hat functions as an analogue mini-joystick , which makes it very useful, since it can double as a mouse or just for camera movement.  The click function on the analogue mini-hat is a bit too stiff for my taste – I often decide not to use it, even though it would make sense for something like ‘reset camera’ when you’re done looking around.

The throttle (well split-throttle actually) is home to 8 back-lit buttons on the base (P1-8), as well as 4 buttons on the rightmost handle (T1-4), 2 mini-hats, 2 trim-wheels as well as the selector for modes 1-2-3. The throttles lock together with a push-button on the bottom of the handles, and there is a tactile ‘detent’ or ‘resistance increase’ as you approach full throttle, perfect for afterburner. The back-lit buttons P1-8 features removable transparent covers, under which you can place small pieces of paper with function descriptions written on them. Included in the G940 packaging is a pre-printed sheet of paper for just this purpose. It looks nice and especially makes sense if you are switching games often and can’t remember all the buttons. You can toggle between 3 button-presets with the mode-selecter, though I have yet to try this. On the bottom of the unit you can adjust the resistance/weight offered by the throttles.

The rudder pedals has a knob in the center for tuning the resistance/weight (though I can’t really feel the difference?), and 2 flaps underneath with small spikes for staying put on a carpet. The pedals travel back and forth, as well as being able to push the front of the pedals down for wheel brakes (I assume). The pedals themselves are stainless steel and very nicely done – but the edge toward the player is a bit rough when playing barefoot. They are very stable on a hardwood floor with just the rubber feet!

The throttle + rudder pedals + a power connector (same PSU as the Logitech G25) all connect to the joystick base, and from here it’s USB to the PC.

Logitech Gaming Software

I downloaded the latest version of ‘Logitech Gaming Software’ for Windows 7 64-bit, as of today that’s version 5.09.131, and I haven’t had any issues yet. Included in the software is a ‘FW’ folder, containing a firmware update for the G940. I did not notice any difference, but I ran it all the same, very straight-forward procedure, click-n-go.

Game compatability

Based on my limited experience with the Logitech G940, here’s a brief compatability list, and equally important, a list of games that will NOT work.

Compatible games

• Apache Air Assault (Very good, but no force feedback support due to game code)
• Tom Clancy’s H.A.W.X 2  (Good, but no force feedback support due to game code)

UNcompatible games:

• Tom Clancy’s H.A.W.X (does not support 3 different controllers – you should be able to use joystick alone though)
• Enemy Engaged, Apache vs. Havoc (does not support 3 different controllers)