If the Email Page button stops working correct these registry keys: (more…)

One way that hackers operate is by adding a fake security warning to your Windows PC in hopes that you will pay them to remove it or follow additional instructions. These typically come from users accessing hacked sites. (more…)

We have recently come across a new variation on the gift card scam. In the past it was always a vague urgent need.
Now it has appeared under the guise of wanting to setup an employee incentive program. (more…)

When adding a new Windows Active Directory Server the verification of Safe mode password fails. If you do not have access to the existing password, use NTDSUTIL to change the DSRM password on the current domain controller. (more…)

It’s very likely that you are used to going to your photo library on your phone, selecting the pictures you want to send and then choosing the app.
Outlook on your phone works just like it does on your desktop. Draft a new email and add media to it from the draft.
(The options for what you can add are at the bottom of the draft and above your keypad.)

Follow these steps to allow mailbox archiving in 365. (more…)

These are the primary URLs needed to support 365
(more…)

• Excellent: -50 dBm to -65 dBm (or full signal bars)
• Good Signal: -66 dBm to -80 dBm (or 3-4 signal bars)
• Fair Signal: -81 dBm to -95 dBm (or 2 signal bars)
• Poor Signal: -96 dBm and below (or 1 signal bar or no signal)

If the start menu stops opening or you cannot use icons from the taskbar, you can reinstall the Windows taskbar:

Press Windows Key+X > Click Powershell (Admin) > Copy the below and paste into Powershell > Enter > Reboot your computer

Get-AppXPackage -Name Microsoft.Windows.ShellExperienceHost | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}

To restart the explorer:

Press CTRL+SHIFT+ESC > Locate Windows Explorer in Processes tab and kill it > File > Run new task > Enter “explorer.exe” and Enter

In PowerShell as Admin Run:

$Ver=Get-ItemProperty ‘HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion’ | Select-Object CurrentMajorVersionNumber,DisplayVersion;$Ver

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v TargetReleaseversion /t REG_DWORD /d 1

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v TargetReleaseversionInfo /t REG_SZ /d 22H2

Get-ItemProperty ‘HKLM:SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate’ | Select-Object TargetReleaseversion,TargetReleaseversionInfo

To add custom Colors to SharePoint

1. 1. Install SharePointOnlineManagementShell tools
   2. Run this Scrip in Sharepoint

(more…)

Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.0.0

Find-Module ExchangeOnlineManagement -AllVersions -AllowPrerelease

Get-InstalledModule ExchangeOnlineManagement | Format-List Name,Version,InstalledLocation

Update-Module -Name ExchangeOnlineManagement

This command will cause the system clock to sync with Internet time servers. It is useful when an older server is losing time.

$Time = w32tm /stripchart /computer:time.windows.com /samples:1 /dataonly
Write-host ($Time[2]) -ForegroundColor Green
Write-host "The PC time is     "(get-date) -ForegroundColor Yellow
Write-host "NTP Status:" -ForegroundColor Yellow
Write-host (w32tm /query /status) -ForegroundColor Yellow
Write-host (w32tm /query /source) -ForegroundColor Yellow
Write-host "------------------"-ForegroundColor Yellow
Write-host "Setting NTP Source"-ForegroundColorGreen
net stop w32time
w32tm /config /manualpeerlist:"0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org",0x8 /syncfromflags:MANUAL
w32tm /config /reliable:yes
net start w32time
start-sleep 10
Write-host "------------------"-ForegroundColor Green
Write-host (w32tm /query /source) -ForegroundColor Green
Write-host (w32tm /query /status) -ForegroundColor Green
$Time = w32tm /stripchart /computer:time.windows.com /samples:1 /dataonly
Write-host ($Time[2]) -ForegroundColor Green
Write-host "The PC time is Now:"(get-date) -ForegroundColor Green

(more…)

WinRS can be used when installing software on remote systems. If you want to quietly install an application using an MSI file onto a remote machine, use the following syntax. This syntax assumes the MSI file has already been deposited into the C:\ folder.

winrs -r:machinename msiexec.exe /i c:\install.msi /quiet

(more…)

When looking at PC performance it is important to understand what is running behind the scenes. Autoruns will show what is in the registry, startup items, scheduled tasks, etc. It can be helpful when looking at system delays (the blue spinning wheel showing up next to your cursor every two seconds).

Autoruns for Windows – Sysinternals | Microsoft Learn

Connect PowerShell to 365 Then use these commands to block senders:

#Add Sender Block

$Email = “email@domain.com”

New-TenantAllowBlockListItems -block -ListType Sender -Entries $Email -NoExpiration

(more…)

Changing the Rendering Mode in Revu will improve load time and overall performance.

1. In Revu, click Revu > Preference > Advanced > 2D Rendering (tab)
2. Select Wait for completion in the Rendering Mode dropdown menu

The Wait for Completion rendering mode disables partial redrawing of the display..

When Autocad launches to a licensing error, tells you to contact support and only leaves you with the option to quit!

(more…)

When migrating Bluebeam to an enterprise license you can use this script to unregister the old license and register the new:

"%ProgramFiles%\Bluebeam Software\Bluebeam Revu\20\Revu\PbMngr5.exe" /register 20 <SerialNo> <KeyABCD3-5FGHIJK>

By default room calendars delete the notes field of invitations. This eliminates usufull links to Zoom or Teams meetings. to fix this run the following script:

$Rooms = Get-MailBox | where {$_.ResourceType -eq “Room”}

foreach ($Room in $Rooms){

Set-CalendarProcessing -Identity $Room.alias -AddOrganizerToSubject $true -DeleteComments $false -DeleteSubject $false

Get-CalendarProcessing -Identity $Room.alias |select Identity,AddOrganizerToSubject,DeleteComments,DeleteSubject,ResourceDelegates}

Exchange Installation error 5506 is caused by the 3rd party certificates. To resolve this always change to the Microsoft cert before beginning the upgrading to the next CU.

IIS > Bindings > SSL Certificate > Microsoft Exchange

(more…)

Powershell:

#Dell Command Update Repair

if(test-path “C:\Program Files\Dell\CommandUpdate”){$Path = “C:\Program Files\Dell\CommandUpdate\dcu-cli.exe”}

Else{$Path = “C:\Program Files (x86)\Dell\CommandUpdate\dcu-cli.exe”}

Start-Process -FilePath $Path -ArgumentList “/applyupdates”

(more…)

The user misses a call and checks for a voicemail only to find none. The next day the voicemail finally shows up. The fix is to delete all the messages from the carrier’s system and start over. (more…)

To build a user account when the client has a hybrid exchange environment, it is important to start on-premise and migrate the account to 365.
(more…)

If teams hangs:
1) Log out and quit Teams
2) Go to %appdata%\Microsoft\teams (more…)

If RDP must be enabled without a VPN follow these instructions. (more…)

If a server running MySQL has an improper shutdown, the service cannot be started. This is because 2 files are in a corrupt state. This will cause WordPress sites hosted on the same server to display a database error. To fix this:

1. Open: C:\ProgramData\MySQL\MySQL Server n.n\data
2. Move ib_logfile0 & ib_logfile1 to a temp folder.
3. Start “MySQL nn” Service

Steps to set up new users. (more…)

Many laptops ship with BitLocker enabled by default. Without the key, there is no possible way to access the data in the event that the PC fails. To Backup this key run this in PowerShell:

manage-bde -protectors -get C:

The Key is stored in AD and can be viewed with his:

$objComputer = Get-ADComputer LAP001

$Bitlocker_Object = Get-ADObject -Filter {objectclass -eq ‘msFVE-RecoveryInformation’} -SearchBase $objComputer.DistinguishedName -Properties ‘msFVE-RecoveryPassword’

$Bitlocker_Object

To automatically Backup keys via GPO Add this policy: (more…)

This happens when Civil 3D is installed on the system. To fix this: (more…)

Beginning with Office 2016 Outlook auto-connects to 365 upon opening. This causes users to be prompted for credentials if their account is on-premise. To disable this,  run this in PowerShell as the user:

Set-ItemProperty -Path HKCU:\software\Microsoft\Office\16.0\Outlook\AutoDiscover -Name ‘ExcludeExplicitO365Endpoint’ -Value 1 -Type DWord -Force

Some GPOs can take two logins to be implemented and also trigger a longer logon cycle. This is because there are two types of GPOs. (more…)

For some bizarre reason, Logitech started shipping their 920e web camera with the microphone disabled, it does not even show up as an input device in Sound Settings. To resolve this: Install Logi Tune > Enable the mic > Power cycle the camera

Users are suddenly seeing a new “Gaming Control Panel” open on their system.
To turn it off manually press Win + I > Gaming > deselect “On”
The Control Panel is opened by pressing Win + G and looks like this: (more…)

Daisy chaining is a feature of DisplayPort monitors, and can be helpful when you lack the needed ports on a PC, or cable length. By default this is turned off on most monitors, and when connected the 2nd display will either mirror the first, or be disabled. To enable the feature on Dell monitors from the hardware menu (physical buttons): Menu-> Display-> MST On

1. Go to: https://outlook.office365.com/ecp/UsersGroups/AdminRoleGroups.slab (365 Exchange ) May take 24 hours to apply
   1. Add Role to: Organization Management > Mailbox Import Export
2. Go to:https://protection.office.com/import (more…)

Microsoft continues to dumb down the Control Panel GUI. To access the now missing” traditional” System control panel, go to Run and enter: SystemPropertiesAdvanced.exe

To add Powershell to a WordPress post with color:

Copy the code from the Powershell ISE > Paste it into Word > Copy it from Word and Paste it into OneNote > Copy it from OneNote and paste it into WordPress

The first steps will let you record in OneNote with color as well.

Microsoft does NOT perform a true synchronization between on-premise and 365 Exchange. As a result, there are many settings that can only be changed in AD or on-prem Exchange. When creating a user you must follow these steps. (more…)

Once PHP, MYSQL & WordPress are set up on a Windows server, you can easily add additional sites. (more…)

1. Install Silverlight
2. Add the following to Local Intranet zone: https://*. + live.com; microsoft.com; microsoftazuread-sso.com; microsoftonline.com; msftauth.net; msocdn.com; office.com; office365.com; windows.net
3. clear the browser cache/cookies

1. lsblk – List all disks & partitions attached (Can change after reboot)
2. sudoparted /dev/sda mklabel gpt – Initializes the disk with a GPT partition [Destructive!]
3. sudo parted -a opt /dev/sda mkpart primary ext4 0% 100% – Creates a new partition
4. mkfs.ext4 -L datapartition /dev/sda1 – Format the partition as Ext4
   Note: Partitions have a number appended to the end of the disk name

Removing a defunct Exchange Server from AD:

ADSI Edit to Configuration\Services\Microsoft Exchange\<org name>\Administrative Group\Exchange Administrative Group (FYDIBOHF23SPDLT)\Servers

+CN=[ServerName]  Delete from this point including all child-items

If you have any exchange 2003 public folder references or routing groups, those will need to be deleted as well. They can be deleted using the management console if you prefer.

1. Rename PC > Reboot
2. Connect VPN > Join Domain > Reboot
3. Login to local account > Connect VPN > Switch User > Login as domain admin (causes VPN to close) > Logoff
4. Login to local account > Reconnect VPN > Switch User >Login as domain user

If windows continually drops a remote location you can keep it open with this:

do{start-process \\server\path ;start-sleep 5 $a = (New-Object -comObject Shell.Application).Windows() |?{$_.FullName -ne $null} |? {$_.FullName.toLower().Endswith(‘\explorer.exe’)} $a | % {  $_.Quit() }Start-sleep 3600}while ($True)

These changes in the cloud will break access to OneNote and risk data loss:

• Username changes involving the domain name.
• Moving, or renaming a OneNote notebook

When this happens, notebook owners will need to reshare their notebooks and all users should look for unlinked notebooks after a domain change. (more…)

$IPC = Get-NetIPAddress |?{$_.IPAddress -like "192.168.*"} |select IPAddress
$I=($IPC.IPAddress).split(".")[2];$IP = "192.168.$I.0"
$Mac = Read-Host "Mac?"
$MacAddress = $Mac.Replace(":","").Replace("-","").Trim()
$Wol = "C:\!MSP\Bin\WolCmd.exe $MacAddress $IP  255.255.255.0 7"
$Wol |Invoke-Expression; start-sleep 5;
$HostPC = Get-NetNeighbor |?{$_.linkLayerAddress -eq $MacAddress}
if((Test-NetConnection $HostPC.ipaddress).PingSucceeded){
Write-host "The System is onlie!" -ForegroundColor Green}
Else{$Ping ="ping "+$HostPC.ipaddress+" -t"; $Ping|Invoke-Expression}

To Migrate a users custom settings:

On the Source PC: Backup Presets & Adobe Photoshop [version] Settings from:  %appdata%/Adobe/Adobe Photoshop [version]/

On the Destination PC: Restore the above folders to: %appdata%/Adobe/Adobe Photoshop [version]/

(more…)

To bypass the error, merge this into the registry:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters]
“AllowEncryptionOracle”=dword:00000002

Hackers first try and access the users database at: /wp-json/wp/v2/users/. If successful you next see repeated attempts to log on to the site, reflected in hits on /wp-login.php & /xmlrpc.php. This is what a WordPress brute force attack looks like:

As you can see these hits come from all over the world:

Correct

To Upgrade the OS Windows Server must be upgraded in steps.

• 2003 > 2008* > 2012R2 > 2016 > 2019

Incorrect – Data loss will occur

While possible, these upgrades will clean install the OS and not upgrade.

• 2008* > 2016

*2008 is not supported (no mouse) on newer Hyper-V use 2008R2

ipconfig /release && ipconfig /renew

If run remotely “ipconfig /release” will disconnect the session and prevent running “ipconfig /renew”. These can be run consecutively from a single line by, connecting the two commands with “&&”.

• • Upgrade Active Directory Forest Functional level in the organization to Server 2012 R2 or later.
  • Install
    • .NET Framework 4.8
    • Unified Communications Managed API 4.0
    • Visual C++ 2013 Redistributable Package

(more…)

$Apps = Get-WmiObject win32_product -ComputerName localhost | Out-GridView -PassThru -Title "Select all appliactions to uninstall" -ErrorAction SilentlyContinue
foreach ($App in $Apps){
$returnvalue = $app.uninstall() | Select-Object -Property returnvalue ; $name = $app.name
if($returnvalue.returnvalue -eq "0") 
{write-host "Uninstall was successful $Name" -ForegroundColor Green} 
else{write-host "Uninstall was NOT successful $Name" -ForegroundColor Red} }

Outlook requires a data file be scanned when it has detected corruption. This can prevent users from accessing the program. To bypass this requirement the following registry key can be altered.
(more…)

This is a list of windows variables: (more…)

After virtualization of a Domain Controller the domain is in a failed state with these issues: (more…)

• Adobe
  • PDF DLL for x64 install
    • C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Xtras\AdobePDF\AMD64
• Apple
  • iTunes iOS Backups: %APPDATA%\Apple Computer\MobileSync
• AutoCAD
  • License Info
    • %AppData%(All Users)\Autodesk\AutoCAD LT 2006\R11\Adlm\ *html file
    • C:\ProgramData\Autodesk\Adlm\REVITS2011en_USRegInfo.html
  • Client license – Network
    • c:\program files\Autocad 2010\licpath.lic
    • c:\program files\Autocad\Product 20nn\licpath.lic
  • Client license – Subscription
    • C:\ProgramData\Autodesk\CLM\LGS
• Google
  • Chrome Bookmarks: C:\Users\hmg\AppData\Local\Google\Chrome\User Data\Profile n\Bookmarks
• Java
  • MSI Files: C:\Users\%username%\AppData\LocalLow\Sun\Java\
• Microsoft Office
  • Outlook
    • PSTs: %LocalAppData%\Microsoft\Outlook\*.pst
    • NK2 Autofill: %AppData%\Microsoft\Outlook
    • Settings: %LocalAppData%\Microsoft\Outlook
    • Shortcuts: %AppData%\Microsoft\Outlook\profile.xml
    • Signatures: %AppData%\Microsoft\Signatures
  • Word
    • custom dictionary: %appdata%\microsoft\uproof\Custom.dic
    • Templates: %appdata%\Microsoft\Templates
• Microsoft Windows
  • Public Desktop: c:\Users\Public\Desktop\
  • Startup Folder
    • C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
    • %AppData%\Microsoft\Windows\Start Menu\Programs\StartUp
  • Windows Error Reports: C:\ProgramData\Microsoft\Windows\WER
  • User Files
    • Photo thumbnail cache: %localappdata%\Microsoft\Windows\Explorer
    • Recent files: %appdata%\Microsoft\Windows\Recent
    • Taskbar Icons: %appdata%\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
• Microsoft Server – Active directory
  • NTDS Database Files:
    • Database File (ntds.dit): C:\Windows\NTDS\ntds.dit
    • Transaction Log Files: C:\Windows\NTDS
  • SYSVOL Folder:
    • The main SYSVOL folder: C:\Windows\SYSVOL
    • Scripts and Policies: C:\Windows\SYSVOL\sysvol\<domain>\
    • Group Policy Templates: C:\Windows\SYSVOL\sysvol\<domain>\Policies\PolicyDefinitions
  • Logs Folder:
    • Directory Service Logs: C:\Windows\NTDS
    • Diagnostic Logs: C:\Program Files\Microsoft\Windows\Debug
  • NTFRS Folder (used in older versions of Windows Server with FRS): C:\Windows\SYSVOL\staging\domain
  • SYSVOL_DFSR Folder (used in Windows Server 2016 and later with DFS-R): C:\Windows\SYSVOL_DFSR
  • Netlogon Folder (under SYSVOL): C:\Windows\SYSVOL\sysvol\<domain>\scripts
  • PolicyDefinitions Folder (under SYSVOL): C:\Windows\SYSVOL\sysvol\<domain>\Policies\PolicyDefinitions
  • DO_NOT_REMOVE_NtFrs_PreInstall_Directory: C:\Windows\SYSVOL\sysvol\DO_NOT_REMOVE_NtFrs_PreInstall_Directory

If you need to assist a remote user and nothing seems to work try this:

1. Have them connect their VPN
2. From a server on their network, connect via Remote Desktop to the PC by name
3. If name is not registered in DNS, log into the router and get VPN client IP

To Enable Remote Desktop from PowerShell run:

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0</pre>
<pre class="wp-block-preformatted">Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

Here is what to expect when a mailbox is in repair mode : (more…)

This utility provides BIOS configuration capability to Dell Optiplex, Latitude, and Precision systems from within Windows. The tool does not require a reboot and offers a GUI or CLI interface. On the Dell Support Site, this can be found under Drivers > Systems Management > Sys-Man_Application <version number>.exe. (more…)

If your remote PC is running Windows 10, you can use multiple screens when you remote into the system. To enable this: (more…)

If you’re having issues with your Revit license, you can reset your login. (more…)

To set up a Cisco VPN on your MAC: (more…)

Batch file for upgrading Windows 10 from the network or C:\Win10:

start /wait \\Server\win10\setup.exe /auto upgrade /migratedrivers all /dynamicupdate enable /priority normal /showoobe none /compat ignorewarning /copylogs C:\Temp\Win10Upgrade.log /pkey YDC6P-XXXXX-XR66V-XXXXX-BBH3B

(more…)

Four ways to remotely run an executable.

1. ([WMICLASS]“PCName:Win32_Process”).create(“notepad.exe”)
2. Invoke-WmiMethod –ComputerName PCName -Class win32_process -Name create -ArgumentList “notepad”
3. Invoke-Command –ComputerName PCName –ScriptBlock {Start-Process notepad.exe}
4. “C:\!msp\bin\PsExec.exe” @Z:\Delpoy\Software\Install.txt -s msiexec.exe /i “z:\Deploy\MSI\firefox.msi” /q

(more…)

Xfinity will allow you to install your own modem and drop the rental fee. This does not apply if you have a static IP address. In this case you will be required to use a Comcast owned modem.

Create a text file with ext .reg > update the contents with the below > then import it:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

"DefaultPassword"="Password"
"AutoAdminLogon"="1"
"DefaultDomainName"="Domain"
"DefaultUserName"="User"

Installing 2019 Volume licenses can be a challenge. Here is the procedure.

1. 1. 2019 Requires Windows 10
   2. Build an XML file (see example)
   3. From CMD as admin Run to these:

(more…)

Set-MailboxSentItemsConfiguration

Enables you to configure the Sent Items folder to which a message is copied.

Set-MailboxSentItemsConfiguration 

(more…)

These shortcuts will make you more efficient when working in Microsoft Dynamics. (more…)

To enable support for client computers the client software package must be loaded into the ASA in the form of a .pkg file. These can be found here on our network: S:\Software\Networking\!Cisco\AnyConnect This is loaded into the ASA under Config>Remote Access VPN>Network (Client) Access>AnyConnect Client Software (more…)

To set up a Polycom conference phone for Vonage: (more…)

If the CC Desktop app (required for installing & updating) fails, you must uninstall and reinstall it. This would normally require removing all of the suite as the Desktop App can not be removed until all other Adobe programs are uninstalled. Fortunately, Adobe has created an uninstaller for the Desktop app.

Use the User State Migration Tool (USMT) to migrate users on Windows 10. (more…)

To setup a Grandstream fax or conference bridge for Vonage: (more…)

I recently witnessed a Windows 10 PC restart, only to find that WMIC was reporting it had not been rebooted in a month. This false restart was causing the users VPN to fail. After multiple “Restarts” that appeared to complete, I finally ran restart /f /r /t3 from command. This forced restart took longer, updated the last bootup time in wmic and resolved the VPN issue.

The AutoDesk Flex License Manager loads but does not distribute, licenses to versions of Autodesk that are newer than the license manager. The Autodesk products will show an expired or no licenses available message when this happens. The easiest way to update the FLM is to:

1. Install the FLM on a local Windows PC (the Autodesk installer will no longer run on a server)
2. Stop and Remove the Flex License service on the server
3. Copy all files from the local PC to the Server found here: C:\Autodesk\Network License Manager\
4. Create and Start the Flex License Service

Windows Server Manager loads as a blank page. This is caused by a compatability issue with graphics drivers, particularly when the server has an advanced GPU installed. The quick resolution to this, is to uninstall the graphics driver. This will load the basic Microsoft video driver and allow the Server Manager to load.

Purpose – Quadro cards are designed for specific render tasks, like CAD and video rendering, outperforming Geforce by a significant margin. AutoDesk has only certified Quadro Cards for Revit.

Quality – Quadro cards are  designed for maximum durability and longevity and stand up to the rigors of daily strenuous use better than the consumer-oriented Geforce.

For these reasons we recommend Quadro, unless your budget is limited.

iTunes requires a great deal of free space when restoring an iOS device. Encrypted backups build an unencrypted copy of the data, as it loads it back to the device. You will need at least enough free space to match 200% of the backup you plan to restore.  Backups are located here:

C:\Users\%username%\AppData\Roaming\Apple Computer\MobileSync\Backup or
C:\Users\%username%\Apple\MobileSync\Backup

The plugin will not work, if simply installed with administrative credentials. To install the plug-in:

1. When logged in as the end user, run Internet Explorer as administrator.
2. Log into the video server and run the ActiveX plug-in installer.

This PowerShell script will create an HTML file with account password details when run on AD server. (more…)

1.  Install Plug-In: Increase Maximum Upload File Size
2. On the host system > Go to C:\PHP\n.n.n\ > open php.ini
3. Search for and update size in the below code & run iisreset from cmd

; Maximum allowed size for uploaded files.
upload_max_filesize = 40M

To change the network type in windows 10 from Public to Private:

$Name = Get-NetConnectionProfile|Select Name |out-gridview -PassThru
Set-NetConnectionProfile -Name $Name.name -NetworkCategory Private 

Create a .reg file with this and add it to the registry. (more…)

del /q c:\Users\Public\Desktop\*.*

Run this from cmd, then move the directory to the new path.

CD C:\program files\update services\tools
wsusutil movecontent F:\WSUS F:\WSUS\wsus.log -skipcopy

You can reset a drac for firmware upgrade ot when you reach maximum sessions from ssh:

racadm racreset

So Microsoft has gone full Alphabet Soup <&@@?$3> when it comes to where you can keep your virtual notebooks. Starting in 2019 you will no longer be storing data anywhere other than in the cloud. More…

The temporary fix is to add OneNote 2016. this is also required to access any network based notbooks.

This code will locate SQL tables with fragmentation:

--Replace DB_Name
USE DB_Name;  
GO  
SELECT OBJECT_NAME(a.OBJECT_ID)AS TableName, a.index_id, name, avg_fragmentation_in_percent,avg_page_space_used_in_percent,page_count  
FROM sys.dm_db_index_physical_stats(DB_ID(N'DB_Name'), NULL, NULL, NULL,'SAMPLED') AS a  
    JOIN sys.indexes AS b 
      ON a.object_id = b.object_id AND a.index_id = b.index_id
WHERE avg_fragmentation_in_percent >= 30
ORDER BY page_count DESC  
GO

To find when a user last logged onto their PC (drop findstr to return account properties):

net user "johnDoe" /domain | findstr /C:"Last logon"

Bluebeam

Navigate to this location for the user and delete both folders:

/Users/me/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/

Outdated Plugins can cause the body of posts & pages to appear blank. To resolve this disable plugins until you find the cause.

Manually update PHP on Windows: (more…)

Log in to Verizon Wireless for Business. Under Manage Account, navigate to Manage Wireless Numbers. Click on the plus symbol to the left of the wireless number that you want to work with. (more…)

When running Move-DatabasePath in Exchange the following error shows up ‘WMI exception occurred on server’. This is caused when the database has too many log files. The fix is to run a backup, time permitting. If time is limited:

1. Enable circular logging on the database to be moved
2. Dismount and Mount the database (this will start the log file cleanup)

Change the following key to update the server IP (Not a system name) for the Abacus client or create a GPO (more…)

To log into a Vonage phone, use the 6 digit account number. If the device is not yet provisioned the default password is “admin”.

Adobe Cloud applications will not uninstall without an active adobe cloud account. To circumvent this restriction use the cleaner tool provided by Adobe.

1. Create a backup of all current MySQL data and databases at C:\ProgramData\MySQL\MySQL Server n.n\data
2. Open the C:\ProgramData\MySQL\MySQL Server n.n\my.ini file.
3. Add the following line into the [MySQLD] section:
   innodb_force_recovery = 1
   skip-grant-tables
4. Try to start MySQL.
5. Stop MySQL service.
6. Remove the line innodb_force_recovery from my.ini file and start MySQL.

Alternative

1. Open: C:\ProgramData\MySQL\MySQL Server n.n\data
2. Delete ib_logfile0 & ib_logfile1
3. Start MySQL Service

To verify a file checksum use

get-filehash -path c:\older\file.ext

Go to: Settings > Network & Internet > Cellular > Advanced Options

If .NET 3.5 will not install use this by mounting the ISO that matches the current version of Windows and running as Admin:

Dism /online /enable-feature /featurename:NetFX3 /All
/Source:D:\sources\sxs /LimitAccess

If you need to drop RAID from a windows box follow these steps:

1. Reset the Local account password
2. Sysprep the box and shutdown
3. Disable RAID from the drives or remove the controller
4. Let the system boot and rejoin the domain

This can be helpful if you plan the virtualize a windows box that is set to boot from a RAID volume.

Hybrid Use Benefit is a bring your own license benefit saving clients ~40%.

Each existing Windows Server Standard with SA license will permit you to run either:

• 1 Azure VM instance up to 16 cores
• 2 Azure VM instances up to 8 cores

Each Windows 10 or Windows VDA per user with SA

Limitations:

• The license can be run on-premise or in the cloud, but not both.
• For Windows 10 a requirement that each user is managed through Azure Active Directory.
• Requires Enterprise E3/E5 per user cals

Turn a Powershell script into an interactive application with:

Out-GridView -PassThru |

This code will pause your script and present you the data collected in a grid view. You can then select specific items in that view. When you hit OK at the bottom the script will proceed against just the selected items.

The script runs for a while at get-wulist

If the “Signatures” button fails to open the dialogue box for changing your signature, you can take the following steps:

1. Locate: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0006F03A-0000-0000-C000-000000000046}\LocalServer32]
2. Direct it to outlook.exe

This file can be renamed .reg and imported to fix this issue on Office 365: Office365

If the 1803 download gets stuck you can manually install it from here:

https://www.microsoft.com/en-us/software-download/windows10

Do NOT choose download now. (more…)

These PowerShell scripts list the remote IPs connecting on 443 , while filtering out local IPs and devices on ATT (107.77) (more…)

Cellular providers use specific IP ranges that can be filtered. (more…)

If Outlook for Mac repeatedly asks for a password when connecting to an Office 365 e-mail account you need to: Open Utilities > Keychain > delete items referencing: “exchange” “adal” and “office”.

In Windows 10 the old (win8) tricks for removing Microsoft apps no longer work.
Here are a number of useful powershell commands. (more…)

The Cisco Any Connect Client does not allow you to save a password on the client. This code when saved as a .vbs file will let you get around this.  Be warned that the client’s password is saved in clear text in the file. I hide the file in Drivers and create a shortcut to it with the Cisco VPN logo. (more…)

If you are seeing the following error, on messages in the Symantec Messaging Gateway queue: 450 4.4.1 [internal] Connection Timed Out

These messages are being interrupted during transmission. This leads to the sender receiving a delayed delivery notice. This is caused by something in the message being rejected by the Cisco router during inspection of the traffic. To fix this you must disable all esmtp_inspect features on the ASA:

On the Cisco ASA local to the Symantec Gateway:Configure>Firewall>Service Policy Rules>Open Inspection_default>Rule Actions[Tab]>Deselect ESMTP 

If the Cisco VPN launches, but no window appears delete this file:

C:\Program Files (x86)\Cisco Systems\VPN Client\vpnclient.ini

You can list all users with Mailbox permissions with this in PowerShell:

Get-Mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne “NT AUTHORITY\SELF” -and $_.IsInherited -eq $false} | Select Identity,User | Export-Csv -NoTypeInformation mailboxpermissions.csv

The PPI of a monitor is a measure of its size in inches and the total number of pixels in the horizontal and vertical directions. It is important to account for PPI when choosing a monitor for a client to ensure a positive user experience. A 20-inch 4k monitor would be virtually useless, as the elements of the Windows interface would be incredibly small. I recommend a PPI between 90 and 120. PPI Calculator

Choosing a name for your client’s cloud services comes with permanent ramifications. As this post explains there is no ability to change the name.

Issue: (Example – A trial install to network license)
Your licensing type has changed and you need to change the licensing option within the program.

Delete LGS.data file in the following folder:
C:\ProgramData\Autodesk\CLM\LGS\ProductKey_ProductVersion.0.0.F
(more…)

You can connect a Windows home edition PC to a domain as follows:

1. Change the PCs workgroup to the domain name (pre-Windows 2000)
2. Change the local username and password to exactly match a domain account.

The PC should now have full access to Outlook, network shares and printers without entering credentials.

If your toolbars vanish you can do the following to reset AutoCAD:

From the Start menu go to > AutoCAD 20nn – English (Folder icon) > Reset Settings to Default

Backing up the current interface is advisable if you have made extensive customizations.

In some instances, Reset Settings to Default will be missing. More…

If you need to put a system into safe mode you can do this from cmd then reboot:

This will set the safemode switch:
bcdedit /set {current} safeboot minimal 
with networking:
bcdedit /set {current} safeboot network
to put back in normal mode via dos:
bcdedit /deletevalue {current} safeboot

1. Stop the FlexNet licensing service
2. Delete the files in this folder: “C:\Documents and Settings\All Users\Application Data\FLEXnet”
3. Delete one file in this folder: “C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher” but NOT the FNPLicensingService.exe file.
4. RestartedFlexNet licensing service
5. Oened the program and activate it.

A freeware option that I used to use and still comes in handy is called NK2Edit from NirSoft, it does handle newer data just follow the instructions. Has the advantage of being able to edit the autocomplete data as well.

There are also things you can do like importing nk2 files by launching outlook with the /importnk2 switch. Slipstick has a lengthy writeup that covers all sorts of different issues and how to deal with them in different versions of outlook. Read this.

So outlook has stopped opening links or attachments and there have been no changes in the trust center and no recent windows updates…. Open Regedit and check the following key. “HKEY_CLASSES_ROOT \.html”
(more…)

I recently had a console session hang with just a white screen and no start menu on an Exchange Server. Not wanting to reboot the server and disrupt the entire office, I used the following to remotely log the admin out via PowerShell:

(gwmi win32_operatingsystem -ComputerName $PCname).Win32Shutdown(4)

If you get an error about multiple connections by the same user using different usernames; net use * /d

So you have gone through part 1 and now get an error saying the directory service is busy!
Is SQL Express or SQL installed? If so, from an elevated command prompt type:
setspn -L computername

Note any registered SPN in the format of
MSSQLSvc/[Computer Name]:[Instance Name]

Delete each of the SPN’s noted above.
setspn –d [SPN Name] [ComputerName]
Important: You must use the full SPN name as identified via the setspn –L command.  These will be in the format of MSSQLSvc/Computer.domain.tld:instance

1. Go to start > type Print > Choose Printers & Scanners
2. Choose Add a printer or scanner

(more…)

Full article here.

Newer servers use SMB2/3 which has packet signing turn on. The net result is that copied/moved/renamed files never finalize the process.  2 sets of instructions below
based on whether or not there already exists an nsmb.conf file or not. (more…)

Update services are running yet the windows update control panel says that they aren’t when you try to check for updates.

Disable windows update service and then stop it.
At this point go to Windows\SoftwareDistribution and rename the folder to SoftwareDistributionOld.
Enable windows update service and start. You should be able to check for updates now.

Windows/Temp filling with cab_XXXX files.
Deleting the cab_xxxx files only resulted in regeneration.
Checking \Logs\CBS folder I found lots of .log and (some) .cab files
It seems, that windows wasn’t able to zip (makecab.exe) one of the .log files.

Solution was:
in \Logs\CBS folder delete the oldest .log file (you can also delete them all)
in \temp folder delete every cab_xxxx

in the following regeneration process, the remaining (CBS) logs where zipped correctly, and \temp was left clean

Hopefully this doesn’t come up often but when it does…
Windows 10 no longer supports SMB1. It can be enabled (it is also a big security hole)
Powershell as administrator: Enable-WindowsOptionalFeature -Online -FeatureName
smb1protocol
more on the topic in general here.

Prerequisites: The user that you are going to run the eDiscovery as must be a member of Mailbox Search Role and the Discovery Management Role Group (The discovery management Role Group will encompass the Mailbox Search Role) You will not see the eDiscovery or litigation hold options (The compliance management menu item on the left side of the EAC) unless you are a member of this group. (more…)

If AutoCAD fails to pull a license over a VPN you need to adjust the time out period that it tries to  connect. Do this by adding a system variable and it fixes all Autodesk products.

• System>Advanced…>Environment Variables>System Variables>New
• variable name:   FLEXLM_TIMEOUT                Variable value:   10000000

(more…)

7 Zip will segment files as it creates a compressed file with this command:

cd "C:\Program Files\7-Zip"
7z -v500m a c:\backup\Filename C:\FolderToCompress

Usage: 7z a -v{Size}[b|k|m|g] [<switches>…] <archive_name> [<file_names>…]

(more…)

In a Site-toSite VPN setup between two Cisco ASAs you find that traffic stops passing between sites, however, the connection is established. In addition under Monitoring>VPN>IPSec Site-to-Site one side shows: Bytes Rx 0 / Tx increasing and the other ASA shows BytesRx increasing / Tx 0. While rare the fix is to: change nothing, save the configs and restart both.

As each user of the Mac open terminal and execute the following, then log out and in:

defaults write com.apple.desktopservices DSDontWriteNetworkStores true

To relay through exchange server the following receive connector settings should be used:

1. Set your Name and Port as needed.
2. Under security check ONLY: Transport Layer Security (TLS); Externally secured (for example, with IPsec); Exchange Servers; Anonymous Users
3.  From Scoping REMOVE the 0.0.0.0-255.255.255.255 range. (WARNING: Skipping this will create an open relay) and add Static IPs for approved senders.
4.  From PowerShell run: Restart-Service MSExchangeTransport
5. Test via Telnet and from outside

This is typically setup for Port 25 so adjust that connector.

Some users prefer to use the old Windows Photo Viewer. If the PC was upgraded it is still available. For a system that was clean installed use this registry hack. This also addresses the fact that Outlook is missing from the “Share Pictures” feature of the new photos app.

(more…)

When a device has a static IP address and it is introduced to a new network with a different IP scheme it is possible to gain access to the device inorder to reprogram it. (more…)

1) Create a blank disk image:
hdiutil create -o /tmp/HighSierra.cdr -size 7316m -layout SPUD -fs HFS+J
2) Mount your image:
hdiutil attach /tmp/HighSierra.cdr.dmg -noverify -nobrowse -mountpoint /Volumes/install_build
3) Restore BaseSystem.dmg from the installer:
asr restore -source /Applications/Install\ macOS\ High\ Sierra.app/Contents/SharedSupport/BaseSystem.dmg -target /Volumes/install_build -noprompt -noverify -erase
4) Unmount the image:
hdiutil detach /Volumes/OS\ X\ Base\ System
5) Convert the image you created into an ISO file:
hdiutil convert /tmp/HighSierra.cdr.dmg -format UDTO -o /tmp/HighSierra.iso
6) Move the ISO to the desktop:
mv /tmp/HighSierra.iso.cdr ~/Desktop/HighSierra.iso

To Create a bootable UBS drive for installing Mac OS.

1. Download the installer from the App Store
2. From Terminal Enter the following for High Sierra:

sudo /Applications/Install\ macOS\ Mojave.app/Contents/Resources/createinstallmedia --volume /Volumes/Mojave

• Change Mojave to the name of the destination USB Drive

Commands for older Mac OS (more…)

1. Disable Windows Update service
2. Rename the folder %windir%\SoftwareDistribution
3. Restart the Windows Update service

Windows can be upgraded remotely with these steps.

1. Verify MSP Connect is working on the PC.
2. Download the ISO and copy the contents to C:\Win10\
3. Run the upgrade to Windows 10.
4. After about 30 Min. access the PC with MSP Connect (RDP will not work yet)
5. Answer the setup questions to complete the upgrade.
6. Test RDP

You have removed delegate rights to a users account but the account continues to display in outlook. Slipstick to the rescue again. There are a bunch of interesting solutions in this link. [Key, AD users and groups, Advanced view, Attribute editor]

Powershell to the rescue.
https://www.howtogeek.com/224798/how-to-uninstall-windows-10s-built-in-apps-and-how-to-reinstall-them/

Windows updates search endlessly then throw an error?

Turn off updating for non-windows software and also disable smartscreen filter as well as Symantec.

Microsoft had changed the logging format for WU.
run powershell command: Get-WindowsUpdateLog then type windowsupdate.log at the command prompt.
Additional info can be obtained in c:\Windows\SoftwareDistribution\ReportingEvents.log

This post details the features of each product we deploy:

https://support.symantec.com/en_US/article.INFO3162.html

Microsoft has a searchable catalog of all their updates located here: http://www.catalog.update.microsoft.com/Home.aspx. You will find links to standalone installers and other resources.

If CRM hangs you just need to clear the cache for the browser you are using.

In June Microsoft released a patch for Office that breaks the index on some PCs (users can no longer search Outlook). To fix this install optional update “2017-06 Preview on Monthly Quality Rollup for Windows…”. This only applies to Windows 7.

Clonezilla is a free partition and disk imaging/cloning program. It runs from USB and works with basically every OS. It can be used to do a direct clone to a new drive or backup to an image that can be restored to bare metal.  Instructions: (more…)

If Windows is setup for Key Management Services activation it can be converted to Multiple Activation Key.

slmgr.vbs /ipk "MultipleActivationKey"

A vendor recently sent an army of technicians, over four visits, to address the color disparity between 2 identical Xerox MFPs (one had been used twice as much over 3 years). They began by replacing all the consumable parts,  calibrating both units and color correcting via the driver (helped a little), but the unit still had a red haze when printing gray tones. The last tech, after a series of cleanings and calibrations, fixed the color by cleaning the laser plate, then recalibrating both the fiery and the copier, in that order.

It’s actually the default behavior. Use PowerShell to make it useful again.
for Exchange 2010, 2013 and 2016 use the following…More

Set-CalendarProcessing -Identity -DeleteSubject $False -AddOrganizerToSubject $False

In Exchange, emails sent outside the organization are converted and the format of these can be set per domain or for all domains. If messages are sent in text format, some recipients will have issues viewing attached images.

ContentType should be MimeHtmlText not MimeText when running:
Get-RemoteDomain |fl 
To update it run the following with either a domain or * 
Set-RemoteDomain -identity "Domain or *" -ContentType MimeHtmlText

There has been a rise in the number of instances of email addresses being spoofed. A new technique of masking the sender address by adding a “direct reply to” address, has increased the likelihood that a user will be fooled. The real sender address can only be detected when the user hits reply, at which point the new address is revealed in the Too field. If the users forwards the message  masked when the message is forwarded. There are instances where emails addresses are spoofed for legitimate reasons, such as when marketing email is sent from a 3rd party, which makes blocking messages a bit tricky. To address this issue we will be using a new rule in Brightmail. (more…)

Autodesk products, particularly Building Design Systems, can be very complicated installs. Fortunately Autodesk includes an app manager that will allow you to uninstall all or select certain apps to remove. It is found in Start>All Programs>Autodesk>Uninstall Tool

To update the Symantec Gateway run this from the console

1. Block inbound SMTP from Router
2. Backup VHD
3. Check Version: show –version
4. update list
5. update check
6. update download
7. update install or update install–version 10.6.6-5
8. Monitor with: tail -f update.log
9. Read Agreement (space) and agree (Y)
10. Verify Version: show –version
11. Enable SMTP from the router

If step 6 fails use: update install

1. Block inbound SMTP from router
2. Mount ISO and boot
3. Logon with: admin & symantec
4. Set time zone: 10
5. Add ALL previous Ethernet Interfaces
6. Load license and add basic settings
7. Restore the last backup
8. From console reboot
9. Login and verify settings
10. Enable inbound SMTP from router

The AutoDesk installer does not do any prequalification checks. This means that when a deployment, which has a dozen or more components,  begins it will install what it can until it finds a resource missing and then it will stop without any notice. You will be left with some of the components, but AutoCAD will be missing. (more…)

Windows is 10 is finally stable, but not easy to deploy. Here is what I have found: (more…)

To repair a corrupt Revit file that will not open, copy the file locally, from File>Open check “Audit” and open the file.

These plugins extend WordPress functionality. (more…)

When dealing with clients and making recommendations, keep in mind and mention to them that there are a number of companies that offer competitive financing, or will make it possible for the client to purchase equipment as part of a lease with a $1 buyout. We work with a number of companies that specialize in financing IT infrastructure.

This option might make a large expense easier to swallow for your client; keep in mind also that not just hardware, but any software and service associated with the project can be financed.

(more…)

$tempfolders = @(“C:\Windows\Temp\*”, “C:\Windows\Prefetch\*”, “C:\Documents and Settings\*\Local Settings\temp\*”, “C:\Users\*\Appdata\Local\Temp\*”,”C:\ProgramData\Microsoft\Windows\WER\ReportArchive\*”); Remove-Item $tempfolders -force -recurse

There is no direct upgrade to 2013. 2010 is the preferred intermediate version (more…)

This will work for moving PFs from 2007 or 2010 to 2013 or 2016 (more…)

This is caused when the SSL certificate is imported into IIS and the selection to allow it to be Exported is not chosen.

To enable inbound traffic for a client network follow these steps. (more…)

You can export entire mailboxes (smaller than 50GB) to PST, from the Exchange console:

New-MailboxExportRequest -Mailbox "Amy Smith" -FilePath "\\Server\Share\AmySmith.pst"

To get Status of the request:

Get-MailboxExportRequest | Get-MailboxExportRequestStatistics | fl

These should be output to a fast drive with plenty of capacity (not a shadow copy volume). When decommissioning a user account move the file  to the company archive.

Begin by verifying the mailbox size:

Get-MailboxStatistics -server "post" | Sort @{expression=”database”;Ascending=$true},@{expression=”TotalItemSize”;Descending=$true} | select DisplayName,database,ItemCount,TotalItemSize

To enable these tools for the first time:

(more…)

Microsoft is limiting the performance of windows updates from their end for Windows 7. If you need to clean install a PC that will require updates to reach full functionality I would build it 24 hours in advance to allow windows updates to download and install. Set client expectations.

To Clear the Cache follow these steps:
· Close out of Buzzsaw
· Navigate to C:\Users
· Open the folder labeled with your username
· Open the folder labeled “AppData”
· Open the folder labeled “Roaming”
· Open the folder labeled “ProjectPoint-2013”
· Delete only the “Cache” folder

To Reinstall:
· Click on this link http://getbuzzsaw.com
· Follow the steps to install Buzzsaw (you do not need to uninstall before you do this)

Thank heavens you aren’t the first.
Here is a blog entry to save you.

Reverse DNS or rDNS is one of the older methods used to verify an email was sent from the domain. It is a record created by the ISP and not the DNS records associated with the domain. It should be setup anytime an ISP is added or changed. Each ISP has their own way of setting these up from sending an email to particular address (sent from the client domain not ours) to calling support. This should be done before email starts going out from the new IP to prevent NDRs. To set up a reverse DNS record: (more…)

To prevent loss of data on Dell servers,  firmware and Windows drivers for the RAID controllers must be updated as new versions are released.

1. Use Dell Open Manage to determine which RAID controller you have.
2. Collect your system Service tag. (CMD: WMIC csproduct)
3. Go to support.dell.com and enter your service tag.
4. Narrow the category down to SAS Raid. Download the PERC Raid controller Firmware and Windows driver for your OS.
5. Verify all client data is backed up before proceeding.
6. Run the firmware installer. Note: This will require a reboot.
7. Run the Windows driver update. Note: This will require a 2nd reboot.
   Dell stresses that keeping your iDRAC up to date is also important…

To recover an Exchange database:

1) Run eseutil /mh E:\Exchange\mailbox.edb

• If the state is Clean Shutdown skip to step 4

2)Verify Logs are not damaged: eseutil /ml E:\Exchange\Log\E01 (path ends with the first 3 characters of log files to be inspected)

3) Try eseutil /r E00 /a /t /d E:\Exchange\Mailbox.edb /l E:\Exchange\Log

• For this error: “Operation terminated with error -528 (JET_errMissingLogFile
  • Include the Exchange Bin Folder Path with “/s” switch:      /s “C:\Program Files\Microsoft\Exchange Server\V15\bin”
• For this error: “Operation terminated with error -1216 (JET_errAttachedDatabaseMismatch
  • Run soft recovery with the “/i ” switch at the end and it will override the EDB-STM mismatch.

4) For a Dirty Shutdown State run:

• Run eseutil /p E:\Exchange\Mailbox.edb /t C:\Temp\Temp.edb

5) Verify state is Clean Shutdown then De-fragment

• Run eseutil /d E:\Exchange\Mailbox.edb /t C:\Temp\Temp.edb

For best speed write the temp database to a separate drive with enough space.

• Force reboot: Hold power and down volume for 10 Seconds.
• Apps stop loading: General>Reset>Reset Network Settings.

This post will walk through the NMS standard process for virtualizing a server using the utility Disk2vhd v2.01 or greater. (more…)

Download and install OpenSSL then run the following:

openssl pkcs12 -in "certificate.pfx" -out "certificate.pem" -nodes

Very handy calculator can be found here.

This is usually achieved through Active Directory policies. Most documents and guides will tell you that you just need to turn off three policies in Windows 2008, under Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options: (more…)

How To Delegate the Unlock Account Right (It’s rather buried)

(more…)

1. Find the Scanners IP
   1. For a local scanner find the LAN IP of the Scanner
   2. For a remote office: Find the external WAN IP of the office via www.aboutmyip.com
2. Go To: Exchange admin center>MailFlow> receive connectors
3. Find the connector that works on port 25 and go to scoping
4. Add the IP From step 1 to the section:“Receive mail from servers that have these remote IP addresses.”
5. Program the scanner to send to the Exchange server LAN(local) or WAN(remote) IP Do not send these to the spam server.

Server 2008 can be managed by installing remote server administration tools (RSAT, very specific version requirements!) Same can be done with Win8 and up and Server 2012 and up…
Win7, however, is a bit more complicated. (more…)

Ajera updates at least once a month. In doing so it also replaces the AjeraService.sysajera file. (in the root of the Ajera directory tree) This file contains the path to Ajera and if you changed it on install it will overwrite it. If the path is wrong email notifications will break. You will find Ajera and exchange errors in your logs.

Installing in a terminal server environment and a window pops up saying “Windows Installer Coordinator” is preparing for first time use. (more…)

Aluminum remote:

1. Hold menu and left for ten seconds
2. Hold menu and right for ten seconds

Use this if the option to turn the icon on is greyed out in the system tray. (more…)

Network license manger for for Chaos products is the “Zoo License Manager” Restart it.

In the event a connection is lost while working on a remote file check

c:\programdata\jungledisk\wg-cache\faileduploads

JungleDisk recommends that WebDav be turned on with Windows 10. They don’t say why however and doing so will add extra steps for the user as all windows links will take you to a web page which won’t actually work. Instructions on breaking it are here so that you can un-break it.

I have added Client Intranet as a new category. Add this to any post you think might be helpful to clients for example new threats, a walk through on how apps works, etc.

The next update of Ajera 8.10 will require more advanced passwords. The requirements:

• Minimum of 8 characters
• An upper and lower case letter
• A number
• A special character

Do not blacklist *@amazonses.com as companies such as Expensify and Adobe have begun using them as a mail provider.
At the same time DO NOT whitelist as it is a notorious source junk.

This article has lots of tips… unless your issues began with an upgrade to El Capitan. (Separate post on that)

Here is the link to the issue.
Midway down the page under the resolution section is the link to update 14.5.6

RDCMan makes it really easy to organize your hosts into groups, each group can have its own defaults that are automatically used (unless you choose to manually override), you can connect groups of servers with one click, plus many other nifty features. http://www.microsoft.com/download/en/details.aspx?id=21101

Apple seems to get their folder structure wrong on a regular basis.
If you’ve been getting an “AppleSyncNotifier.exe – Entry Point Not Found” error every time you reboot your PC, here’s how to fix it.

Configuration > Remote Access VPN > Network (Client) Access > IKE Parameters > Check the box where it says “Disable inbound aggressive mode connections (IKEv1 only)

It is possible to totally eliminate the outlook log on requirement when a user is on a workgroup PC. 1) set the workgroup name to match the pre2k log on domain that hosts the exchange server.  2) Set the user name on the users local account to match the user name in AD. These settings cause Outlook to send “Workgroup Name\Local User Name” when connecting and will eliminate the credential prompt for the user.

When connecting Outlook 2016 first ensure autodiscover.domain.com is setup. Next use the auto configuration wizard not manual setup (depreciated). If prompted for a user name DO NOT prepend it with the domain: NMS\Jon Smith becomes Jon Smith

Canon Plotter

1. Go to settings (4th icon) > Interface Setup > TCP/IP > IPv4
2. Set IPv4 Mode to Manual
3. Go back then Choose IPv4 Settings
4. Set the IP, Subnet Mask and Gateway

Konica Copier

1. Press Utility (Button) > Administrative Settings
2. Log in with Password: 12345678 or 1234567812345678
3. Go to Network Settings > TCP/IP Settings
4. Set the IP, Subnet Mask and Gateway

Xerox Copier

1. Press Machine Status (Button) > Press “Guest” icon (Top Right)
2. Log in as: User: admin     Password: 1111
3. Go to “Tools” (Tab) > Network Settings > TCP/IP Settings > IPv4(3rd box)
4. Set the IP, Subnet Mask and Gateway

AutoDiscover must be configured or Outlook 2016 will be unable to connect to Exchange Server. Outlook 2016 retrieves Exchange connectivity settings directly from AutoDiscover instead of the registry, making profiles more reliable, but that also makes AutoDiscover a required feature. If you have not yet configured AutoDiscover, you will need to do this prior to deploying Outlook 2016. DNS must be set both internally and externally. More information can be found here: Account Auto Configuration process (Autodiscover)

MS Update KB3114409 (Update for Microsoft Outlook 2010 32-Bit Edition) issued on Dec 8, 2015 is the culprit.
Remove it and you are all good. Microsoft removed the update so if you haven’t seen it you shouldn’t.

Qualys SSL Server Test

I tested a site with a DigiCert SHA2 Extended Validation Server CA and only received a “C” rating. See the links below

SSL3 notes, RC4 in TLS notes

Issue:Trying to launch pdf attachments directly from Outlook causes Acrobat to crash.
Environment: Acrobat XI or above and Outlook 2010 on Win7 pro x64.
Fix: Set reader to run as administrator

To Clear all partitions form a disk including Dell OEM run the following:

DISKPART
List Disk
Select Disk "#"
Clean

From Disk Manager: Right Click the drive and Choose online Select GPT Create a New Volume with NTFS and 64K Allocation Size

1. When installing Windows ONLY connect the drive(s) that will run the OS and the optical drive. Be sure all others are disconnected by: inspecting the internal connections in the PC, disconnecting all externals, and verifying the target drive specs in BIOS > Drives
2.  Disable drives not connected in BIOS > Drives
3. Set the RAID to AHCI for a single drive in BIOS > Drives.
4. Reboot and verify no errors about missing drives
5. With the Windows USB inserted, Reboot and press F12 at Dell splash screen > Choose USB Device
6. During Windows setup, choose Custom, NOT Upgrade
7. Determine the fate of the data on the drive and choose
   1. Preserve All Files – (SOP): On the “Where do you want to install Window?” page you will select the largest partition and proceed. Windows.old will be created with the old OS. This will contain any data that was on the partition. If no Drives show up you may need to turn off BitLocker or install drivers. Dell has custom installers for newer laptops that include the needed drivers.
   2. Wipe All Data – VERY RARE: Data will be destroyed: On the “Where do you want to install Window?” page you will need to DELETE all the partitions. Select each one then delete. Once you have only one selection which is Free Space proceed with the installation.
8. Set User to account name or NMS and Password to Mon…
9. Verify All Drivers are loaded in Device Manager

1. Open current iTunes backup: %APPDATA%\Apple Computer\MobileSync
2. Move the folder” Backup” to the new destination
3. At the original folder location, press the SHIFT key, right-click and select “Open command window here” and enter this command (ends in new location):

mklink /J %APPDATA%\Apple Backup “E:\Backup\iTunes”

This assumes it’s installed and you have run the executable that adds it to your apps.
1. In AutoCAD execute command CUILOAD
2. Select MCOLOR9x and Unload it (eg. MCOLOR97 for M-Color 9.7)
3. Restart AutoCAD

If CUILOAD did not not restore M-Color menu:
1. Run AutoCAD commands: MCO_MCOLOR_MENU & MCO_MCOLOR_MENU2

Get the serial number (“About this MAC”) then enter it here (Do not use 3rd party sites)

Windows default has hibernation turned on. This take good piece of the hard drive in the form of the hiberfil.sys file which takes up about as much c drive space as there is RAM installed. To dispose of the file and disable hibernation instantly use this in PowerShell:

powershell -Command "Start-Process 'powercfg.exe' -Verb runAs -ArgumentList '/h off'"

Some things can be done in the GUI, lots require powershell.
Part 1
Part 2

This is not pretty.
http://www.valiant-ny.com/2012/02/archive-email-in-outlook-2011-for-mac/

Get-ExchangeServer | Format-Table Name, *Version*

Get-ExchangeServer | Format-List Name, Edition, AdminDisplayVersion

Here is the list of versions: (more…)

With Display port 1.2 you can daisy chain multiple monitors from 1 port. I found that this feature is disabled by default in the monitor hardware hardware. Based on the warning enabling this with a non compliant card will cause issues. (more…)

In Server 2012 the tabs for Agent, Traps and Security are missing?
“In order for the SNMP management-tabs to show, the Remote Server and Administration Tools feature SNMP Tools must also be installed.”

Email that you send on behalf of someone is not saved in their Sent Items folder

https://support.microsoft.com/en-us/kb/2181579

There is a registry key to allow this but it is not available after 2007 without applying the hotfix to outlook.

There are more variations detailed here: (ie, Exchange 2010 outlook 2013)

Apparently some mail servers/spam appliances are using a Cisco service that monitors email and web traffic. http://www.senderbase.org/ punch in your IP and find out what they think of you…. I have yet to figure out what to do about things like a “Neutral” rating which apparently will get you bounced. (Please add any info if you find it) Also, there is the ability to search by domain but it yields less useful info.

Some time ago I ran across a situation where the windows preview would cause files to lock, particularly excel and word files. More recently I came across a situation at Pasma Group where explorer would just randomly close up when you tried to open a window. We assumed it was related to the user’s profile until another user said it was happening but only when there were large files like sketchup files in the folder…. Turning off the preview option made the crashing go away

Dell is once again shipping their workstations with Intel Speed Step enabled. This should be turned off in the BIOS.

Notepad++ has a plugin called compare. Note the visual map on the right side. This makes finding small changes in a script much easier.

To access it: Install it from Plugins>Plugin Manager

New Earth Pro keys are no longer being generated. If you do not have a key, use your email address and the key GEPFREE to sign in once you download the software here: https://geoauth.google.com/gev0/free_trial.html.

https://www.apple.com/support/systemstatus/

This is our standard process for deploying Autodesk products. (more…)

https://litmus.com/blog/a-guide-to-rendering-differences-in-microsoft-outlook-clients

The link above is to an article on the different rendering possibilities for different versions of outlook. It is lengthy and complex even though it’s just an overview! For clients that have issues with the way their email is displayed, or not displayed, or particularly for design oriented clients interested in email marketing the fact that so many features are either supported or not supported means that the client that expects adherence to tight design will be frustrated and ultimately disappointed.  This is an expectation that needs to be managed.

I setup an older Dell Latitude 6410 with Windows 8, checked the drivers, tested the Wi-Fi and sent it out the door. The only problem was the the laptop could only connect to some networks. (more…)

Before removing a drive from service or when moving a user to a new system, it is important to verify no PSTs have been left behind. To find all PSTs launch ISE as admin then run:

Get-ChildItem -path c:\users\ -force -Recurse -filter '*.pst' -erroraction 'silentlycontinue' | select name, Length, LastWriteTime, directory #Run as admin 

This is caused after a new SSL Certificate is installed on Exchange. To resolve this go to IIS MMC find the certificate hash for the new cert then run the following PowerShell commands:

Enable-ExchangeCertificate CertificateHash -Services SMTP

Enable-ExchangeCertificate CertificateHash -Services IIS

Pre-install:

1. Contact ISP and setup a Reverse DNS Record on public IP if not reusing existing.
2. First, decommission and uninstall all Exchange servers older than 2007.
3. Add the Feature: Media Foundation: Install-WindowsFeature Server-Media-Foundation
4. Next load the following components: Unified Communications Managed API 4.0 Runtime, Filter Pack 2010 x64, Filter Pack 2010 SP1 x64
5. Run the install package that includes the current service pack.  Do NOT install it to the C Drive. The remaining Features and Roles with be installed automatically.
6. Run Windows Updates (more…)

I was recently retiring the admin PC at HSLA and giving it to an end user for home use. At the same time I had a newer T3500 with a clean install of Windows that would make a great admin PC, however, I did not want to reinstall all the software and transfer the files. I first tried swapping hard drives (which in some instances will work), but both PCs blue screened. My quick fix (more…)

Microsoft Outlook 2007-2013 support American National Standards Institute (ANSI) and UNICODE personal folders (.pst) and offline folder (.ost) files. The WarnFileSize registry entry determines the maximum data that both the .pst and the .ost files can have. After this maximum data is reached, neither the .pst nor the .ost files are permitted to add any more data. These limits can be changed per user in the registry: (more…)

Fiddler is a free web debugging proxy which logs all HTTP(s) traffic between your computer and the Internet. Use it to debug traffic from virtually any application that supports a proxy like IE, Chrome, Safari, Firefox, Opera and more.

http://www.telerik.com/download/fiddler

(more…)

Making Ethernet cables:

• Straight = wO,O,WG,Bl,wBl,G,wBr,Br
• Cross Over = wG,GwO,B,wB,O,wBr,Br

Patch Cable Color standard:

Ajera updates when install path is non-standard. Open d:\Ajera\AjeraService.sysajera with Notepad and update path from C:\… to D:\… (Where D is the install drive)