There Is No Editor Registered To Handle This Attribute Type

KB ID 0001837

Problem

If you attempt to edit the authOrig attribute of a mail enabled group using ADSIedit you will get the following error.

There is no editor registered to handle this attribute type.

Why would you be doing this? This is done when you want to restrict who can email a group.

Solution

If you are running either on-premises Microsoft Exchange (or are running in Hybrid Exchange mode, and have retained an Exchange server for management,) You can simply use the Exchange Admin Center to add the person or group that you want to restrict access to.

Recipients > Groups > Group-Name > Edit > Delivery Management > Set accordingly.

Note: As I’m in Hybrid mode, and have AAD Sync setup, if I attempt to look at this group in O365  / Exchange online, it simply says.

You can only manage this group in your on premises environment. Use Active Directory users and groups, or Exchange AdminCenter tools to edit or delete this group.

Technical Pedantry: The fact it’s been called ‘Active Directory Users and Computers‘ since Windows 2000 makes my OCD flinch at that comment.

Use PowerShell

You can (if you have no access to Exchange Management tools) simply use PowerShell, the syntax is as follows.

[box]

Set-ADGroup -Identity "The-Group" -Server The-Domain-Controller -Add @{authOrig=@('The User or Group to Grand access to')}

e.g.

Set-ADGroup -Identity "CN=DG-Test-Disty-Group,CN=Users,DC=pnl,DC=com" -Server PNL-MGMT.pnl.com -Add @{authOrig=@('CN=Pete Long,CN=Users,DC=pnl,DC=com')}

[/box]

Then to prove it’s not all ‘smoke and mirrors’ you can go back to ADSIedit and check.

Related Articles, References, Credits, or External Links

NA

HP E Series Wireless – Cannot Access Local LAN

 

KB ID 0000486

Problem

You have an HP HP E-Series Mobility E-MSM460, 466 & 430 Access Point, and you cannot access resources on your local LAN (though internet access works fine).

This is default “Out of the box” behavior, a lot of consumers want to provide wireless access but DONT want the wireless clients having access to their local servers. That’s fine but what if you do?

Solution

1. Log into the web management console of the access point, select VSC (Virtual Service Communities) > Locate your wireless VSC and click its name.

2. Scroll to the bottom of the page, Locate the “Wireless security filters” section. Make sure this section is NOT enabled (un-ticked), then click save.

Related Articles, References, Credits, or External Links

NA

Cisco ASA 5500 – Throttling (Rate Limiting) Traffic

KB ID 0001001 

Problem

If you have one client that’s taking all your bandwidth, or a server that’s getting a lot of connections from external IP addresses, and that’s causing you performance problems, you can ‘throttle’ traffic from/to that client by ‘policing’ its traffic.

Solution

To demonstrate, I have a 30Mb connection at home, when I run a test on the download connection speed from my desktop PC this is what I get;

So I’m going to throttle traffic to that IP address (10.254.254.90), so that it can only use 1Mb of the connection.

1. Create an ACL for traffic to and from the IP address you want to throttle. (Note: If your firewall is running a version older than 8.3, and you are throttling an IP that has a public IP address, use its public IP address not its private one).

[box]

User Access Verification

Password:*******
Type help or ‘?’ for a list of available commands.
PetesASA> enable
Password: ********
PetesASA# configure terminal
PetesASA(config)# access-list ACL-THROTTLE extended permit ip host 10.254.254.90 any
PetesASA(config)# access-list ACL-THROTTLE extended permit ip any host 10.254.254.90

   

[/box]

2. Now create a class-map that will match all traffic in that ACL, (so all traffic to and from 10.254.254.90).

[box]

PetesASA(config)# class-map CM-THROTTLE
PetesASA(config-cmap)# match access-list ACL-THROTTLE
PetesASA(config-cmap)# exit

[/box]

3. Then create a policy-map, that takes all traffic identified in your class map, and rate limits the traffic to 1000000 bps (1Mbps) with a ‘burst-rate’ of 2000bps.

[box]

PetesASA(config)# policy-map PM-THROTTLE
PetesASA(config-pmap)# class CM-THROTTLE
PetesASA(config-pmap-c)# police output 1000000 2000
PetesASA(config-pmap-c)# police input 1000000 2000
PetesASA(config-pmap-c)# exit
PetesASA(config-pmap)# exit 

[/box]

4. Now apply that policy-map with a service policy. (Note: Generally you apply the policy to the interface closest to where the traffic is coming from, as this is an internal host, I’m applying it to the inside interface. If you were throttling traffic from outside it would be better to apply the service-policy to the outside interface).

[box]

PetesASA(config)# service-policy PM-THROTTLE interface inside

[/box]

5. Let’s run our test again.

6. Looks good!

 

Related Articles, References, Credits, or External Links

NA