To do this go into contacts and press the Blackberry button and select options. Type RSET (nothing appears as you type) from the options menu and when you have typed RSET in it will prompt if you want to erase contacts and reload from server. Select yes and wait a short while for the contacts to be populated.

After restarting these services try and create a new namespace and the option to Enable Windows Server 2008 Mode should be availible.

So it was simply a case of installing XP first then Vista and then 7 onto different partitions on the hard drive. After I installed Vista 64bit there was a problem since both versions of Vista were simply listed as Microsoft Windows Vista at the multiboot prompt to select an OS. There was no way to distinguish what was the 32bit version and what was the 64bit version when given the boot options to choose the OS.

In XP you can modify the display name by modifying the hidden file boot.ini however this feature is abscent in Vista and 7. In Windows Vista and 7 you need to use an elevated command prompt and run the command bcdeit. This displays the boot manager along with the boot loader. In the Windows boot loader you can see an entry called description. This is the entry you see at boot when selecting what OS you want to go into.

Say we were in the 64bit version of Windows 7 and wanted to label the boot loader accordingly simply run the command:

 bcdedit /set {current} Description "Microsoft Windows 7 64bit"

You should be returned with The operation completed successfully. Now when the computer reboots you will be presented with an unambiguous list of operating systems that you can choose from. A simple touch but it makes it a lot easier.

First we need to install fail2ban and jwhois from the rpmforge repository

yum install -y fail2ban jwhois

We then need to create the file /etc/fail2ban/asterisk.conf. This is telling fail2ban how to read the log files for failed authentication attempts.

# Fail2Ban configuration.
#
 
 
[INCLUDES]
 
# Read common prefixes. If any customizations available -- read them from
# common.local
#before = common.conf
 
[Definition]
 
#_daemon = asterisk
 
# Option:  failregex
# Notes.:  regex to match the password failures messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>\S+)
# Values:  TEXT
#
 
failregex = NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Wrong password
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - No matching peer found
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Username/auth name mismatch
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Device does not match ACL
            NOTICE.* .*: Registration from '.*' failed for '<HOST>' - Peer is not supposed to register
            NOTICE.* <HOST> failed to authenticate as '.*'$
            NOTICE.* .*: No registration for peer '.*' \(from <HOST>\)
            NOTICE.* .*: Host <HOST> failed MD5 authentication for '.*' (.*)
            NOTICE.* .*: Failed to authenticate user .*@<HOST>.*
 
# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =

We now need to add some information to /etc/fail2ban/jail.conf that tells fail2ban where the log files are and what to do when it sees failed authentication attempts.
This includes sending an email to alert you of the action.

[asterisk-iptables]
 
enabled  = true
filter   = asterisk
action   = iptables-allports[name=ASTERISK, protocol=all]
           sendmail-whois[name=ASTERISK, dest=alerts@domain.com, sender=fail2ban@domain.com]
logpath  = /var/log/asterisk/full
maxretry = 5
bantime = 432000

Also in the jail.conf you would want to configure the ignoreip or whitelist to tell fail2ban to ignore certain ip addresses or subnets.

ignoreip = 172.16.0.0/12

This is almost working now but we need to tell asterisk to log the date in a specific format which is compatible with fail2ban.

Modify /etc/asterisk/logger.conf and add the following

[general]
dateformat=%F %T

The asterisk logger needs restarted after this change

 asterisk -rx "logger reload"

Now we can start up fail2ban (or restart if it is already running) and set it to start as a service at boot.

service fail2ban start
chkconfig fail2ban on

Naturally we now need to test this and ensure it works as expected. When you start the fail2ban service you should get an email notifying you that the jail has started. This is naturally a good sign. Now from a phone / softphone simply try and register the phone with invalid extension or password (ensuring it address is outwith the specified ignoreip) and repeat this 5 times. It should be banned automatically and you should receive an email notifying you of this ban. When trying to authenticate the first few time you will see a 403 forbidden message. When fail2ban has banned this IP you should notice on the phone / softphone that instead of a 403 error message it should simply state no service. This is a good sign since it appears that the phone / softphone cannot connect at all to the server – the reason is because it has been blocked by fail2ban.

You can see a list of the banned ips / addresses by running the command

iptables -L -n

Now reboot the server and ensure the fail2ban service starts at startup.

All users desktop:

C:\Users\Public\Desktop\

All users start menu:

C:\ProgramData\Microsoft\Windows\Start Menu\

Browsing to:

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Paramaters

provides you with the information on network card(s) and the IP information. In this instance DNS was correct and there was another issue but it was good to be able to confirm the configuration.

 shutdown -s -m \\computername -t 01

In this case the switches are -s = shutdown, -m = remote machine and -t is time until shutdown in seconds, in this example 1 second.

Naturally you must have local admin rights on the remote machine to shutdown.