I recently had an issue with a client being unable to edit or create new workbooks or documents with the online web based versions of Excel and Word with the Microsoft 365 applications. If he logged into office.com and opened the Excel app and then clicked on the “Blank Workbook” he would get the following error.
Unable to create new workbooks We’re unable to create a new workbook at this time. Please try again later.
The same sort of error would occur if he used Word to create a blank document. In addition any effort to open an existing document would result in an error message. An attachment in OWA could be previewed but if he attempted to edit it it would also error out.
The user was a relatively new addition to our tenant and there was an error when his account was created with the wrong username. The name change may have had something to do with the issue. I struggled with it for a bit and then put in a support ticket with Microsoft. Between the support agent and myself we finally determined that the problem was with the OneDrive storage. Although his account info said that he had OneDrive set up it did not exist. Any attempt to go to onedrive.com took you to Delve instead. After manually creating it everything worked.
From the support ticket wrap-up email.
In the SharePoint admin center, Settings
Click user profiles, click Manage User Permissions.
Add users who require permissions to create their My Sites By default, this setting is set to Everyone except external users.
After you have added the user, users, or group, make sure that the added user, users, or group are selected, scroll to the Permissions section, and then select the checkbox next to Create Personal Site (required for personal storage, newsfeed, and followed content).
In a previous post http://www.wiseoldcat.com/?p=176 I wrote about how to block dictionary attacks with iptables and an adaptive blacklist. I’ve moved the script to several different hosts and it worked on all of them but one. It’s an aging CentOS 5.5 system (I know, I know, it should be updated.) For some reason it wasn’t picking up on the active BLACKLIST entries. It would do its thing just fine when run from the bash prompt but not when run from crontab. Turns out it has to do with the environment.
As anyone knows who has ever administered a server that is exposed to the web the Internet is a hostile place. Our servers are continually bombarded with a never ending stream of attempts to guess user ids and passwords. The source is from countless botnets and is constantly changing. I’ve tried a number of approaches to counter these attacks and I think I have come up with a solution that seems to be working.
Recently our email servers have come under sustained brute force attacks by script kiddies doing dictionary attacks. These go on for 24 hours a day from a variety of sources including pools of IP addresses that alternate probes from a common dictionary. These were flooding the maillog with authentication errors at a rate in excess of one every 10 seconds or so.
Iptables in the Linux network stack has the ability to look inside of a packet and match a string. We’ll use that feature to pick out authentication errors on the outbound side in order to block them on the inbound side.
The latest wave of blackmail scam emails is becoming a genuine PITA. Script-kiddies are harvesting email addys, username and password combinations from the released lists from hacked sites like LinkedIn or MySpace or via dictionary attacks on mail servers and then sending out blackmail emails. They are kinda comical unless you happen to be really stupid and are in the habit of going to pornhub for 10 minutes at a time. There must be enough of those kind of lusers to make it profitable… Here are some sample emails.
Restoring a Windows Server Backup to a Different Server
Something that is not very well documented is the process of recovering a backup created on one server to a different one using Windows Server Backup. When you browse a disk that was part of a scheduled backup the contents are protected by the security settings on the file system. We recently had to recover some files that were on a 2 TB hard drive that was part of a scheduled backup on a Server 2008 R2 system that had been subsequently virtualized and was running under Server 2012 R2 Hyper-V. Attaching the disk to the VM was not an option and the WSB utility in Server 2012 wouldn’t recognize any backups on the hard drive.
Windows Server Backup does a reasonably good job of backing up a Microsoft Server. But like any backup it’s good to have some sort of notification about the success or failure of the backup. I first started to use it with SBS Server 2011 and as part of that bundle the server emails a daily report summarizing the health of the server. When we virtualized and moved a number of SBS servers over to Hyper-V hosts the backup chore moved to the host machine. The summaries still arrived but the backup status was no longer part of it. Besides, it would be nice to be able to see in the subject of the email the status of the backup and not have to open the email if all is good.
We recently have had a number of sites that have been hit by DNS amplification DDOS attacks. You can turn off recursion and do other things in NAMED to prevent you from being a target but once they target you the attack can go on for a long time after your server has been properly configured. This script is also good for thwarting SSH, IMAP, and POP3 probes. Just change the port number and tune the limits.
I hope this saves someone the half a day I just wasted. I was trying to set up dynamic dns for a client. I found a number of helpful links. A useful script that allows you to do dynamic dns from a DD-WRT box. http://sami.rox.fi/linux/dyndns-hack.html A step by step howto for nsupdate. http://www.ops.ietf.org/dns/dynupd/secure-ddns-howto.html The problem was that I was getting an NOTAUTH error every time that I tried it from the name server itself. After regenerating keys, trying every possible variation of configs I finally decided to try it from another server, and it worked! The problem – I had configured different views in my named.conf and I had a localhost view.