Aruba ClearPass SQL Filters

Custom SQL filter to get NAS-Port-ID

SELECT as session_id, source as req_source ,user_name,service_name,alerts_present,nas_ip,nas_port,conn_status,login_status,error_code,host_mac as mac_address,tips_dashboard_summary.timestamp,tips_dashboard_summary.write_timestamp,attr_value,attr_name FROM tips_dashboard_summary INNER JOIN tips_session_log_details ON = session_id where attr_name = ‘Radius:IETF:NAS-Port-Id’ AND ((tips_dashboard_summary.timestamp >= –START-TIME–) AND (tips_dashboard_summary.timestamp <= –END-TIME–));

Aruba Instant Mesh Wifi

When setting up Aruba Mesh with instants do not forget to turn off extended SSID.


  1. Create cluster with IAP let them sync with image and configuration (update them to lateist code)
  2. Disable the extended SSID ( in the latest version 4.x, it is enabled) in options
  3. you will find both the IAPs as mesh portals.
  4. Remove the IAP from the Switch which you want to make mesh point and provide external power.
  5. After booting, there will be a mesh link between two IAPs.

OWA Blank Page Fix

Run Script Fix
At flashing cursor, type the following commands

If you are using Exchange 2010

1. CD “C:\Program Files\Microsoft\Exchange Server\V14\Bin” and then press <ENTER>
2. Subdirectory will change to the above.
3. updatecas.ps1, then press <ENTER>

If you are using Exchange 2007

1. CD “C:\Program Files\Microsoft\Exchange Server\Bin” and then press <ENTER>
2. Subdirectory will change to the above
3. UpdateOwa.ps1, and then press <ENTER>

The script will perform a number of different commands, and then simply complete by dropping you back to the DOS prompt
Type EXIT to close the Shell window

Get Exchange to use single host Certificate

While moving to office 365 some peoples exchange 2007 do not have correct certificates for the move.

Once a correct certificate is installed say “”

you can use the following script;


Get-ClientAccessServer $CName | Set-ClientAccessServer -AutodiscoverServiceInternalUri https://$URL/autodiscover/autodiscover.xml
Get-WebServicesVirtualDirectory -Server $CName | Set-WebServicesVirtualDirectory -InternalUrl https://$URL/ews/exchange.asmx
Set-OWAVirtualDirectory -identity “$cname\owa (Default Web Site)” -InternalURL https://$URL/owa -ExternalURL https://$URL/owa
Get-OABVirtualDirectory -Server $CName | Set-OABVirtualDirectory -InternalURL https://$URL/OAB -ExternalURL https://$URL/OAB
Get-ActiveSyncVirtualDirectory -Server $CName | Set-ActiveSyncVirtualDirectory -InternalURL https://$URL/Microsoft-Server-ActiveSync -ExternalURL https://$URL/Microsoft-Server-ActiveSync
Set-OutlookAnywhere -identity “$cname\RPC (Default Web Site)” -ExternalHostname $URL

Boom this into powershell happy days

Server 2008 DHCP assigns leases but can not displays leases in the GUI

Easy fix:

  1. Open DHCP mmc
  2. Open Command prompt: cmd “make sure this is with admin user”
  3. Type: netsh dhcp server export C:\dhcp.txt all in command prompt and press Enter
  4. Delete ALL scope information from within the DHCP mmc, server config can stay
  5. Type: netsh dhcp server import C:\dhcp.txt all in command prompt and press Enter
  6. Right-click server name within DHCP mmc and choose refresh
  7. Enjoy

Generate UC Certificate

When generating a UC Certificate via the snap in i get this from the MMC:

Error:  “Certificate Request Processor The request contains no certificate template information. 0x80094801 (-2146875391) Denied by Policy Module 0x80094801 the request does not contain a certificate template extension or the Certificate Template request attribute”

Microsoft’s resolution: Generate the request some other way. yeah ok

J’s solution: certreq -submit -attrib “CertificateTemplate: WebServer” WebServerCertReq.txt

Error installing CA Web Enrollment after migrating or restoring a CA


Certification Authority Web Enrollment: Configuration Failed Active Directory Certificate Services setup failed with the following error:

The parameter is incorrect. 0x80070057 (WIN32: 87)

Cause The likely issue is that the value of SetupStatus at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration is configured to hexidecimal 6003, but should be configured to hexidecimal 6001.

This is because 6003 indicates that CA Web Enrollment is already installed and 6001 indicates that it is not yet installed.


Resolution Modify the registry SetupStatus to read 6001 and then install CA Web Enrollment. You can modify that registry setting with the following certutil command from Windows PowerShell or a command prompt run as Administrator: certutil -setreg config\setupstatus 0x6001