Exchange 2013 – Get-DataClassification command

I learnt something last week.

I was reading about Data Loss Prevention (DLP) implementation in Exchange 2013 when my attention got caught on “Data Classification”.

In Exchange 2007 and 2010, I was aware of message classification, but vaguely as I never had time focusing properly on it.

So I’ve decided to have a deeper look to the concept of classification.

In Exchange 2010, message classification is added by the sender of an e-mail before sending it, or through a transport rule. There are three default message classifications: Attachment Removed, Originator Requested Alternate Recipient Mail, and Partner Mail. The usage of these message classifications may vary.

i.e: You create a message classification, then you add it to a transport rule enforcing the appending of a disclaimer to the e-mail based on that classification.

In Exchange 2013, DLP adds to this “traditional” classification, the Sensitive Information Types. They are as various as Credit Card numbers, IP addresses, Driver’s license numbers, Passport numbers, Bank Accounts numbers,…

Exchange 2013 provides a set of types in the “Microsoft Rule Pack” that gets installed during the application deployment. To view the types, you can run the PowerShell command Get-DataClassification.

In each of them is defined the type of information to validate:

So, once you have associated a Sensitive Information Type to a Transport Rule (this association is then called a DLP Policy), if a user inserts information such as Credit card numbers, IP addresses, etc. in an e-mail and sends it, depending on your settings, Exchange 2013 can replace the message, drop it, reply with a warning to the sender, and so on.

But what I have found more interesting, is the introduction of Policy Tips in Exchange 2013.

Policy Tips work just like MailTips in Exchange 2010. They can help you warn the user before he/she sends the message being composed about sensitive information detected inside. This can help removing some processing on the server side (not significant but still useful), the user being warned BEFORE the e-mail is sent, and not after the server processes the message and finds it eventually non-compliant with a policy.

I think all this adds some more possibilities to security policies enforcement in organizations.

If you want to read more about DLP implementation on Microsoft Exchange 2013, please look at: http://technet.microsoft.com/en-us/library/jj150527(v=exchg.150).aspx

And more about Policy Tips : http://technet.microsoft.com/en-us/library/jj150512(v=exchg.150).aspx

 

Let’s celebrate the SysAdmins

After reading the words below I shared to my colleagues earlier today, one person asked me what I was thinking about when I wrote them.

I guess I remembered all those sleepless nights in the datacenter and the tremendous joy of overcoming a big outage.

There is something special when you know you have done well, when you know you have… saved the business.

Happy SysAdmin day!!!

🙂

 

Mount EMC SAN Volumes to Windows Server 2008 x64

For this procedure, I used QLogic HBA cards 2462 to connect my Windows Server 2008 x64 server (an IBM x3650 m2 with 2 x Intel(R) Xeon(R) CPU X5570 2.93GHz) to the EMC SAN.

I downloaded the x64 drivers from QLogic website (q23wx64Storv91718), along with the QLogic SanSurfer version 5.0.1b57.

I used the BIOS 2.1.0 from QLogic.

Navisphere agent and PowerPath tool (EMCPower.X64.signed.5.5.b289.exe) are needed to properly complete the SAN access from the Windows server. They are provided on the EMC support website.

I. Add the HBA card to the server

To connect an HBA card to the server:

· In a session with admin rights, Shut down the server

· Disconnect any plugged cable from the box

· Open the lid

· Locate the PCI slot and insert the Qlogic 2462 card

· Close the lid

· Start the server

· Open a session with admin rights

· Copy the file q23wx64Storv91718 and unzip it locally

· In Server Manager console, browse to Diagnostics -> Device Manager and locate the HBA device. Right-click it and select “Update Driver” and indicate the unzipped folder as path to the MPIO Driver version 9.1.8.17

· Install the SAN Surfer 5.0.1b57 tool.

Task	Illustration
Select Next twice
Make sure the option of installing windows agent with the Manager GUI is selected (see in blue)
The installation goes to the Program Files folder under “QLogic Corporation” folder. You may change it if needed. Click Next twice, then Install	image008 image010
At the end of the installation, open the console from Start -> All Programs -> QLogic Management Suite -> SanSurfer	image012 image014 image016

· In SAN Surfer browse to “Port 1” on the left side of the window:

a) Select “Parameters” tab and in Select Settings section drop-down list, choose “Advanced HBA Parameters” and configure settings as below:

b) Select tab “Utilities”. First click on button “Save Entire Image” and indicate a folder to save the configuration. Then click on “Update Entire Image” and select the .BIN file located in the BIOS 2.1.0 download unzipped folder.

Wait for the update to complete. When prompted for a password, type “config” (unless you have set another password before).

· Do the same for “Port 2”.

· Shut down the server.

· Connect the FC cables.

· Restart the server.

· Back in SANSurfer, configure:

a) General settings: when prompted, just follow the wizard or open it from Wizard -> General Configuration Wizard

Task	Illustration
Select Yes if prompted automatically
Select Next twice
Make sure you bind all disks and click Next twice again to complete the configuration

b) the LUN Masking from the menu Wizards -> LUN Masking Wizard

Click Next twice
Make sure you enable all LUNs and click Next thrice to complete the configuration

· After the server restart, install Navisphere Agent and PowerPath.

· Run the EMCGrab results to make sure your configuration is compliant.

 

II. Configure access to SAN volumes

Right-click “Command Prompt” from Start menu and select “Run as administrator”

In the command prompt type: DISKPART

Run the commands:

DISKPART> san policy=onlineall

DISKPART> list disk (you’ll be able to see the disks)

Disk ### Status Size Free Dyn Gpt

  ——–  ————-  ——-  ——-  —  —

  Disk 0    Online          136 GB      0 B

  Disk 1    Offline         300 GB   299 GB

* Disk 4    Offline         300 GB   300 GB

  Disk 5    Offline         300 GB   299 GB

  Disk 8    Offline         300 GB   300 GB

For each disk representing a SAN volume (where # is the number), do the following:

DISKPART> select disk #

Disk # is now the selected disk.

DISKPART> attributes disk clear readonly

Disk attributes cleared successfully.

 

DISKPART> online disk

DiskPart successfully onlined the selected disk.

 

You are now able to see your disks in the Server Manager console, under “Disk Management”, as Online Basic disks. You may continue formatting the volumes with DISKPART or in this console.

 

To close DISKPART, type:

DISKPART> exit

You’re done!

 

How to Clear App Notifications When Logging Off Windows 8

Melissa did some good job, so I thought it is worth sharing it J

How to Clear App Notifications When Logging Off Windows 8

 

What’s New in Windows 8.1?

Some insights for IT professionals on TechNet website!

http://technet.microsoft.com/en-us/windows/dn140266.aspx?ocid=wc-nl-flash&loc=zTS1z&prod=zWin8z&tech=zOttechz&prog=zOTprogz&type=zOTtypez&media=zOTmediaz&country=zUSz

 

Google Doodle! You missed that one! Ethernet 40th anniversary!

Today is Ethernet 40th anniversary!

I thought we would have a Google Doodle celebrating this!

Google ! I am dis-app-oint-ed! 🙂

 

Microsoft, what means the “Inactive Date” on my MCP Transcript?

You may have noticed your MCP Transcript mentions a future “Inactive Date” for some of your certifications.

I’ve found this good explanation on the BornToLearn blog and I think it’s worth sharing it:

http://borntolearn.mslearn.net/btl/b/weblog/archive/2011/03/23/transcript-and-certificate-changes-coming-soon.aspx#fbid=gnhaf2p-G0c

An excerpt of the blog article :

“Let’s take a moment to discuss the Inactive Date, because I’m sure that some of you are reading that phrase and thinking “that’s Microsoft-speak for decertification date.” It isn’t—in fact, even if all of your certifications go inactive, you’ll still have access to your MCP benefits, and your inactive certifications will still appear on your transcript. All that’s changing is that we’re signaling to you, your clients, and employers that these particular certifications have outlived their market relevance. Just to clarify what we mean by market relevance is that in most cases Microsoft isn’t even supporting the technology through mainstream support. In other cases, it may be that the way that the technology was used (many years ago or with cloud it could even be a few months ago) when it was first released has changed, because we all know that technology is ever evolving and changing at such a rapid pace. This means the certification may have validated how to use the technology in a different way and since then we have not re-validated the skills necessary to use the technology in the market.”

 

How to move a document from a document library (or folder) to another without losing the version history in SharePoint 2010

When using SharePoint 2010, you may notice that using the simple copy functionality from the web browser does not allow you to keep the files version history.

SharePoint proposes the copy feature in the Documents tab inside a Document Library.

image013

image014

If you would like to keep your version history, you should use the “Open with Explorer” functionality to move the files.

1. First, browse to the SharePoint file source location and check your file Version history.

2. Now click on the “Edit Page” in the “Site Actions” menu.

3. Under the Library tab, click on “Open with Explorer”.

4. A Windows Explorer window opens. You may have to enter credentials to access it (a pop-up would ask for your SharePoint username and password).

You see your files listed.

5. Go back to SharePoint in your browser and navigate to the target SharePoint document library or folder. Follow steps 1 to 4 to open it with the Windows Explorer.

6. Now you can move the file(s) you need from a Windows Explorer window to another, by using drag and drop, or cut/paste.

7. Once the file has been moved, go back to the browser and refresh the SharePoint target page.

8. Check the file and open the Version History. You should be able to see all the versions you had in the source location.

***I attempted to move a document which had already a version existing in the target folder. I chose the “Move and Replace” option. After the moving, I could only see the versions from the source location, not the one that was already in the target folder.

 

Windows 2008 R2 Service Pack Support End Date is April 2013!

Good to know…

Service Pack Support for Windows Server 2008 R2 all versions is ending this month!!!

On 9-April 2013.

Products Released	Lifecycle Start Date	Mainstream Support End Date	Extended Support End Date	Service Pack Support End Date	Notes
Windows Server 2008 R2 Datacenter	10/22/2009	1/13/2015	1/14/2020	4/9/2013
Windows Server 2008 R2 Enterprise	10/22/2009	1/13/2015	1/14/2020	4/9/2013
Windows Server 2008 R2 for Itanium-Based Systems	10/22/2009	1/13/2015	1/14/2020	4/9/2013
Windows Server 2008 R2 Standard	10/22/2009	1/13/2015	1/14/2020	4/9/2013

Notes from Microsoft:

When a new service pack is released, Microsoft will provide either 12 or 24 months of support for the previous service pack, varying according to the product family (for example, Windows, Office, Servers, or Developer tools).

When support for a service pack ends, Microsoft will no longer provide new security updates, DST updates, hotfixes or other updates for that service pack. Limited support will continue to be available.

For more, check here.

 

Creating Shared Folders using command line on Windows Server 2008

I was looking for a command line to modify the Share permissions on a Shared Folder. In vain. Unless you write a script, there is no native command that deals with modifying share permissions.

Looking for this reminded me of the different command lines that can be used to create shares. I thought I could share this with you.

***The well-old-known “Net share” to be used locally

Syntax: net share My_Share /grant:MyAccount1,READ /grant:MyAccount2,FULL

Look for more options with net share /?

***Rarely used “WMIC” to create a share remotely

Syntax: /node:%REMOTESERVER% share call create “”, “%DESCRIPTION%”,”%MAX CONNECTIONS (LEAVE BLANK FOR UNLIMITED)%”, “%SHARENAME%”,”” , “%LOCAL PATH TO FOLDER%”, 0

Have a look to: http://support.microsoft.com/kb/295622

***Powershell!

No native command, you have to create one. Try this forum.

Enjoy!