Security popups on Windows

One way that hackers operate is by adding a fake security warning to your Windows PC in hopes that you will pay them to remove it or follow additional instructions. These typically come from users accessing hacked sites. (more…)

New Spin on an Old Scam

We have recently come across a new variation on the gift card scam. In the past it was always a vague urgent need.
Now it has appeared under the guise of wanting to setup an employee incentive program. (more…)

Reset DSRM Password

When adding a new Windows Active Directory Server the verification of Safe mode password fails. If you do not have access to the existing password, use NTDSUTIL to change the DSRM password on the current domain controller. (more…)

Sending Photos from the Outlook Mobile App

It’s very likely that you are used to going to your photo library on your phone, selecting the pictures you want to send and then choosing the app.
Outlook on your phone works just like it does on your desktop. Draft a new email and add media to it from the draft.
(The options for what you can add are at the bottom of the draft and above your keypad.)

Enable Mailbox Archiving for Exchange 365

Follow these steps to allow mailbox archiving in 365. (more…)

365 Administration URLs

These are the primary URLs needed to support 365

5G Signal Strength

  • Excellent: -50 dBm to -65 dBm (or full signal bars)
  • Good Signal: -66 dBm to -80 dBm (or 3-4 signal bars)
  • Fair Signal: -81 dBm to -95 dBm (or 2 signal bars)
  • Poor Signal: -96 dBm and below (or 1 signal bar or no signal)

Start Menu and Taskbar Issues

If the start menu stops opening or you cannot use icons from the taskbar, you can reinstall the Windows taskbar:

Press Windows Key+X > Click Powershell (Admin) > Copy the below and paste into Powershell > Enter > Reboot your computer

Get-AppXPackage -Name Microsoft.Windows.ShellExperienceHost | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_.InstallLocation)\AppXManifest.xml"}

To restart the explorer:

Press CTRL+SHIFT+ESC > Locate Windows Explorer in Processes tab and kill it > File > Run new task > Enter “explorer.exe” and Enter

Block Windows 11 Upgrade

In PowerShell as Admin Run:

$Ver=Get-ItemProperty ‘HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion’ | Select-Object CurrentMajorVersionNumber,DisplayVersion;$Ver

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v TargetReleaseversion /t REG_DWORD /d 1

reg add HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v TargetReleaseversionInfo /t REG_SZ /d 22H2

Get-ItemProperty ‘HKLM:SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate’ | Select-Object TargetReleaseversion,TargetReleaseversionInfo

SharePoint Add Custom Color Pallet

To add custom Colors to SharePoint

    1. Install SharePointOnlineManagementShell tools
    2. Run this Scrip in Sharepoint


Install & Update Exchange Module

Install-Module -Name ExchangeOnlineManagement -RequiredVersion 3.0.0

Find-Module ExchangeOnlineManagement -AllVersions -AllowPrerelease

Get-InstalledModule ExchangeOnlineManagement | Format-List Name,Version,InstalledLocation

Update-Module -Name ExchangeOnlineManagement

Windows Time

This command will cause the system clock to sync with Internet time servers. It is useful when an older server is losing time.

$Time = w32tm /stripchart / /samples:1 /dataonly
Write-host ($Time[2]) -ForegroundColor Green
Write-host "The PC time is     "(get-date) -ForegroundColor Yellow
Write-host "NTP Status:" -ForegroundColor Yellow
Write-host (w32tm /query /status) -ForegroundColor Yellow
Write-host (w32tm /query /source) -ForegroundColor Yellow
Write-host "------------------"-ForegroundColor Yellow
Write-host "Setting NTP Source"-ForegroundColorGreen
net stop w32time
w32tm /config /manualpeerlist:"",0x8 /syncfromflags:MANUAL
w32tm /config /reliable:yes
net start w32time
start-sleep 10
Write-host "------------------"-ForegroundColor Green
Write-host (w32tm /query /source) -ForegroundColor Green
Write-host (w32tm /query /status) -ForegroundColor Green
$Time = w32tm /stripchart / /samples:1 /dataonly
Write-host ($Time[2]) -ForegroundColor Green
Write-host "The PC time is Now:"(get-date) -ForegroundColor Green


Remote MSI Installation

WinRS can be used when installing software on remote systems. If you want to quietly install an application using an MSI file onto a remote machine, use the following syntax. This syntax assumes the MSI file has already been deposited into the C:\ folder.

winrs -r:machinename msiexec.exe /i c:\install.msi /quiet



When looking at PC performance it is important to understand what is running behind the scenes. Autoruns will show what is in the registry, startup items, scheduled tasks, etc. It can be helpful when looking at system delays (the blue spinning wheel showing up next to your cursor every two seconds).

Autoruns for Windows – Sysinternals | Microsoft Learn

Spam & URL Filtering in 365

Connect PowerShell to 365 Then use these commands to block senders:

#Add Sender Block

$Email = “”

New-TenantAllowBlockListItems -block -ListType Sender -Entries $Email -NoExpiration


Bluebeam Performance Issues

Changing the Rendering Mode in Revu will improve load time and overall performance.

  1. In Revu, click Revu > Preference > Advanced > 2D Rendering (tab)
  2. Select Wait for completion in the Rendering Mode dropdown menu

The Wait for Completion rendering mode disables partial redrawing of the display..

Changing the AutoCad licensing mode

When Autocad launches to a licensing error, tells you to contact support and only leaves you with the option to quit!


Bluebeam License Change

When migrating Bluebeam to an enterprise license you can use this script to unregister the old license and register the new:

"%ProgramFiles%\Bluebeam Software\Bluebeam Revu\20\Revu\PbMngr5.exe" /register 20 <SerialNo> <KeyABCD3-5FGHIJK>

Room Calendar Settings

By default room calendars delete the notes field of invitations. This eliminates usufull links to Zoom or Teams meetings. to fix this run the following script:

$Rooms = Get-MailBox | where {$_.ResourceType -eq “Room”}

foreach ($Room in $Rooms){

Set-CalendarProcessing -Identity $Room.alias -AddOrganizerToSubject $true -DeleteComments $false -DeleteSubject $false

Get-CalendarProcessing -Identity $Room.alias |select Identity,AddOrganizerToSubject,DeleteComments,DeleteSubject,ResourceDelegates}

Exchange CU Installation Fail: Caused by SSL Cert.

Exchange Installation error 5506 is caused by the 3rd party certificates. To resolve this always change to the Microsoft cert before beginning the upgrading to the next CU.

IIS > Bindings > SSL Certificate > Microsoft Exchange


Dell Command Update


#Dell Command Update Repair

if(test-path “C:\Program Files\Dell\CommandUpdate”){$Path = “C:\Program Files\Dell\CommandUpdate\dcu-cli.exe”}

Else{$Path = “C:\Program Files (x86)\Dell\CommandUpdate\dcu-cli.exe”}

Start-Process -FilePath $Path -ArgumentList “/applyupdates


Voicemail Delayed Delivery

The user misses a call and checks for a voicemail only to find none. The next day the voicemail finally shows up. The fix is to delete all the messages from the carrier’s system and start over. (more…)

365 Hybrid Exchange – User Creation

To build a user account when the client has a hybrid exchange environment, it is important to start on-premise and migrate the account to 365.

Teams Hanging

If teams hangs:
1) Log out and quit Teams
2) Go to %appdata%\Microsoft\teams (more…)

RDP Port Forwarding on ASA

If RDP must be enabled without a VPN follow these instructions. (more…)

MySQL Service Not Starting

If a server running MySQL has an improper shutdown, the service cannot be started. This is because 2 files are in a corrupt state. This will cause WordPress sites hosted on the same server to display a database error. To fix this:

  1. Open: C:\ProgramData\MySQL\MySQL Server n.n\data
  2. Move ib_logfile0 & ib_logfile1 to a temp folder.
  3. Start “MySQL nn” Service

Hybrid User Account Setup

Steps to set up new users. (more…)

AD: BitLocker Recovery Key

Many laptops ship with BitLocker enabled by default. Without the key, there is no possible way to access the data in the event that the PC fails. To Backup this key run this in PowerShell:

manage-bde -protectors -get C:

The Key is stored in AD and can be viewed with his:

$objComputer = Get-ADComputer LAP001

$Bitlocker_Object = Get-ADObject -Filter {objectclass -eq ‘msFVE-RecoveryInformation’} -SearchBase $objComputer.DistinguishedName -Properties ‘msFVE-RecoveryPassword’


To automatically Backup keys via GPO Add this policy: (more…)

AutoCAD: Reset Settings to Default app is missing

This happens when Civil 3D is installed on the system. To fix this: (more…)

Block Outlook from connecting to 365

Beginning with Office 2016 Outlook auto-connects to 365 upon opening. This causes users to be prompted for credentials if their account is on-premise. To disable this,  run this in PowerShell as the user:

Set-ItemProperty -Path HKCU:\software\Microsoft\Office\16.0\Outlook\AutoDiscover -Name ‘ExcludeExplicitO365Endpoint’ -Value 1 -Type DWord -Force

Group Policy & Fast Logon Optimization

Some GPOs can take two logins to be implemented and also trigger a longer logon cycle. This is because there are two types of GPOs. (more…)

Logitech Webcam Mic is Disabled by Default

For some bizarre reason, Logitech started shipping their 920e web camera with the microphone disabled, it does not even show up as an input device in Sound Settings. To resolve this: Install Logi Tune > Enable the mic > Power cycle the camera

Gaming Control Panel

Users are suddenly seeing a new “Gaming Control Panel” open on their system.
To turn it off manually press Win + I > Gaming > deselect “On”
The Control Panel is opened by pressing Win + G and looks like this: (more…)

Daisy Chain Monitors

Daisy chaining is a feature of DisplayPort monitors, and can be helpful when you lack the needed ports on a PC, or cable length. By default this is turned off on most monitors, and when connected the 2nd display will either mirror the first, or be disabled. To enable the feature on Dell monitors from the hardware menu (physical buttons): Menu-> Display-> MST On

Import PSTs to 365

  1. Go to: (365 Exchange ) May take 24 hours to apply
    1. Add Role to: Organization Management > Mailbox Import Export
  2. Go to: (more…)

Advanced System Settings

Microsoft continues to dumb down the Control Panel GUI. To access the now missing” traditional” System control panel, go to Run and enter: SystemPropertiesAdvanced.exe

Powershell posting with color

To add Powershell to a WordPress post with color:

Copy the code from the Powershell ISE > Paste it into Word > Copy it from Word and Paste it into OneNote > Copy it from OneNote and paste it into WordPress

The first steps will let you record in OneNote with color as well.

Hybrid Exchange – Create a New User

Microsoft does NOT perform a true synchronization between on-premise and 365 Exchange. As a result, there are many settings that can only be changed in AD or on-prem Exchange. When creating a user you must follow these steps. (more…)

WordPress add a site

Once PHP, MYSQL & WordPress are set up on a Windows server, you can easily add additional sites. (more…)

Blank screen when signing in to via IE

  1. Install Silverlight
  2. Add the following to Local Intranet zone: https://*. +;;;;;;;;
  3. clear the browser cache/cookies

Partitioning Disks in Linux

  1. lsblk – List all disks & partitions attached (Can change after reboot)
  2. sudoparted /dev/sda mklabel gpt – Initializes the disk with a GPT partition [Destructive!]
  3. sudo parted -a opt /dev/sda mkpart primary ext4 0% 100% – Creates a new partition
  4. mkfs.ext4 -L datapartition /dev/sda1 – Format the partition as Ext4
    Note: Partitions have a number appended to the end of the disk name

Remove Orphaned Exchange Server

Removing a defunct Exchange Server from AD:

ADSI Edit to Configuration\Services\Microsoft Exchange\<org name>\Administrative Group\Exchange Administrative Group (FYDIBOHF23SPDLT)\Servers

+CN=[ServerName Delete from this point including all child-items

If you have any exchange 2003 public folder references or routing groups, those will need to be deleted as well. They can be deleted using the management console if you prefer.

Remotely Join a PC to Domain

  1. Rename PC > Reboot
  2. Connect VPN > Join Domain > Reboot
  3. Login to local account > Connect VPN > Switch User > Login as domain admin (causes VPN to close) > Logoff
  4. Login to local account > Reconnect VPN > Switch User >Login as domain user

Keep Mapped Location Open

If windows continually drops a remote location you can keep it open with this:

do{start-process \\server\path ;start-sleep 5 $a = (New-Object -comObject Shell.Application).Windows() |?{$_.FullName -ne $null} |? {$_.FullName.toLower().Endswith(‘\explorer.exe’)} $a | %$_.Quit() }Start-sleep 3600}while ($True)

Broken OneNote Links

These changes in the cloud will break access to OneNote and risk data loss:

  • Username changes involving the domain name.
  • Moving, or renaming a OneNote notebook

When this happens, notebook owners will need to reshare their notebooks and all users should look for unlinked notebooks after a domain change. (more…)

Wake on LAN (WOL)

$IPC = Get-NetIPAddress |?{$_.IPAddress -like "192.168.*"} |select IPAddress
$I=($IPC.IPAddress).split(".")[2];$IP = "192.168.$I.0"
$Mac = Read-Host "Mac?"
$MacAddress = $Mac.Replace(":","").Replace("-","").Trim()
$Wol = "C:\!MSP\Bin\WolCmd.exe $MacAddress $IP 7"
$Wol |Invoke-Expression; start-sleep 5;
$HostPC = Get-NetNeighbor |?{$_.linkLayerAddress -eq $MacAddress}
if((Test-NetConnection $HostPC.ipaddress).PingSucceeded){
Write-host "The System is onlie!" -ForegroundColor Green}
Else{$Ping ="ping "+$HostPC.ipaddress+" -t"; $Ping|Invoke-Expression}

Migrating PhotoShop Settings

To Migrate a users custom settings:

On the Source PC: Backup Presets & Adobe Photoshop [version] Settings from:  %appdata%/Adobe/Adobe Photoshop [version]/

On the Destination PC: Restore the above folders to: %appdata%/Adobe/Adobe Photoshop [version]/


RDP Security Error

To bypass the error, merge this into the registry:

Windows Registry Editor Version 5.00


WordPress Hack

Hackers first try and access the users database at: /wp-json/wp/v2/users/. If successful you next see repeated attempts to log on to the site, reflected in hits on /wp-login.php & /xmlrpc.php. This is what a WordPress brute force attack looks like:

As you can see these hits come from all over the world:

Windows Server Upgrade Path


To Upgrade the OS Windows Server must be upgraded in steps.

  • 2003 > 2008* > 2012R2 > 2016 > 2019

Incorrect – Data loss will occur

While possible, these upgrades will clean install the OS and not upgrade.

  • 2008* > 2016

*2008 is not supported (no mouse) on newer Hyper-V use 2008R2

IPCONFIG – Remotely Release and Renew

ipconfig /release && ipconfig /renew

If run remotely “ipconfig /release” will disconnect the session and prevent running “ipconfig /renew”. These can be run consecutively from a single line by, connecting the two commands with “&&”.

Installing Exchange 2019


Uninstall Software via Powershell

$Apps = Get-WmiObject win32_product -ComputerName localhost | Out-GridView -PassThru -Title "Select all appliactions to uninstall" -ErrorAction SilentlyContinue
foreach ($App in $Apps){
$returnvalue = $app.uninstall() | Select-Object -Property returnvalue ; $name = $
if($returnvalue.returnvalue -eq "0") 
{write-host "Uninstall was successful $Name" -ForegroundColor Green} 
else{write-host "Uninstall was NOT successful $Name" -ForegroundColor Red} }

Outlook OST/PST scan reset

Outlook requires a data file be scanned when it has detected corruption. This can prevent users from accessing the program. To bypass this requirement the following registry key can be altered.


This is a list of windows variables: (more…)

AD Offline after Virtualization of Domain Controller

After virtualization of a Domain Controller the domain is in a failed state with these issues: (more…)

File Paths

  • Adobe
    • PDF DLL for x64 install
      • C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Xtras\AdobePDF\AMD64
  • Apple
    • iTunes iOS Backups: %APPDATA%\Apple Computer\MobileSync
  • AutoCAD
    • License Info
      • %AppData%(All Users)\Autodesk\AutoCAD LT 2006\R11\Adlm\ *html file
      • C:\ProgramData\Autodesk\Adlm\REVITS2011en_USRegInfo.html
    • Client license – Network
      • c:\program files\Autocad 2010\licpath.lic
      • c:\program files\Autocad\Product 20nn\licpath.lic
    • Client license – Subscription
      • C:\ProgramData\Autodesk\CLM\LGS
  • Google
    • Chrome Bookmarks: C:\Users\hmg\AppData\Local\Google\Chrome\User Data\Profile n\Bookmarks
  • Java
    • MSI Files: C:\Users\%username%\AppData\LocalLow\Sun\Java\
  • Microsoft Office
    • Outlook
      • PSTs: %LocalAppData%\Microsoft\Outlook\*.pst
      • NK2 Autofill: %AppData%\Microsoft\Outlook
      • Settings: %LocalAppData%\Microsoft\Outlook
      • Shortcuts: %AppData%\Microsoft\Outlook\profile.xml
      • Signatures: %AppData%\Microsoft\Signatures
    • Word
      • custom dictionary: %appdata%\microsoft\uproof\Custom.dic
      • Templates: %appdata%\Microsoft\Templates
  • Microsoft Windows
    • Public Desktop: c:\Users\Public\Desktop\
    • Startup Folder
      • C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
      • %AppData%\Microsoft\Windows\Start Menu\Programs\StartUp
    • Windows Error Reports: C:\ProgramData\Microsoft\Windows\WER
    • User Files
      • Photo thumbnail cache: %localappdata%\Microsoft\Windows\Explorer
      • Recent files: %appdata%\Microsoft\Windows\Recent
      • Taskbar Icons: %appdata%\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar
  • Microsoft Server – Active directory
    • NTDS Database Files:
      • Database File (ntds.dit): C:\Windows\NTDS\ntds.dit
      • Transaction Log Files: C:\Windows\NTDS
    • SYSVOL Folder:
      • The main SYSVOL folder: C:\Windows\SYSVOL
      • Scripts and Policies: C:\Windows\SYSVOL\sysvol\<domain>\
      • Group Policy Templates: C:\Windows\SYSVOL\sysvol\<domain>\Policies\PolicyDefinitions
    • Logs Folder:
      • Directory Service Logs: C:\Windows\NTDS
      • Diagnostic Logs: C:\Program Files\Microsoft\Windows\Debug
    • NTFRS Folder (used in older versions of Windows Server with FRS): C:\Windows\SYSVOL\staging\domain
    • SYSVOL_DFSR Folder (used in Windows Server 2016 and later with DFS-R): C:\Windows\SYSVOL_DFSR
    • Netlogon Folder (under SYSVOL): C:\Windows\SYSVOL\sysvol\<domain>\scripts
    • PolicyDefinitions Folder (under SYSVOL): C:\Windows\SYSVOL\sysvol\<domain>\Policies\PolicyDefinitions
    • DO_NOT_REMOVE_NtFrs_PreInstall_Directory: C:\Windows\SYSVOL\sysvol\DO_NOT_REMOVE_NtFrs_PreInstall_Directory

Backdoor RDP

If you need to assist a remote user and nothing seems to work try this:

  1. Have them connect their VPN
  2. From a server on their network, connect via Remote Desktop to the PC by name
  3. If name is not registered in DNS, log into the router and get VPN client IP

Enable RDP via PowerShell

To Enable Remote Desktop from PowerShell run:

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0</pre>
<pre class="wp-block-preformatted">Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

Email Recovery

Here is what to expect when a mailbox is in repair mode : (more…)

Dell Client Configuration Toolkit

This utility provides BIOS configuration capability to Dell Optiplex, Latitude, and Precision systems from within Windows. The tool does not require a reboot and offers a GUI or CLI interface. On the Dell Support Site, this can be found under Drivers > Systems Management > Sys-Man_Application <version number>.exe. (more…)

Remote Desktop with Multiple Screens

If your remote PC is running Windows 10, you can use multiple screens when you remote into the system. To enable this: (more…)

Reset Autodesk subscription login

If you’re having issues with your Revit license, you can reset your login. (more…)

Mac Cisco VPN Setup

To set up a Cisco VPN on your MAC: (more…)

Upgrade Windows 10 from the Network

Batch file for upgrading Windows 10 from the network or C:\Win10:

start /wait \\Server\win10\setup.exe /auto upgrade /migratedrivers all /dynamicupdate enable /priority normal /showoobe none /compat ignorewarning /copylogs C:\Temp\Win10Upgrade.log /pkey YDC6P-XXXXX-XR66V-XXXXX-BBH3B


Remote Execution

Four ways to remotely run an executable.

  1. ([WMICLASS]“PCName:Win32_Process”).create(“notepad.exe”)
  2. Invoke-WmiMethod –ComputerName PCName -Class win32_process -Name create -ArgumentList “notepad”
  3. Invoke-Command –ComputerName PCName –ScriptBlock {Start-Process notepad.exe}
  4. “C:\!msp\bin\PsExec.exe” @Z:\Delpoy\Software\Install.txt -s msiexec.exe /i “z:\Deploy\MSI\firefox.msi” /q


Xfinity modem rental

Xfinity will allow you to install your own modem and drop the rental fee. This does not apply if you have a static IP address. In this case you will be required to use a Comcast owned modem.

Windows Automatic Logon

Create a text file with ext .reg > update the contents with the below > then import it:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]


Office 2019 VL Deployment

Installing 2019 Volume licenses can be a challenge. Here is the procedure.

    1. 2019 Requires Windows 10
    2. Build an XML file (see example)
    3. From CMD as admin Run to these:


Mailbox Sent Items Configuration


Enables you to configure the Sent Items folder to which a message is copied.



Pickup Roller Replacement

Printer not grabbing paper from the tray anymore? There is an easy fix that takes all of 5 minutes.


Dynamics Keyboard Shortcuts

These shortcuts will make you more efficient when working in Microsoft Dynamics. (more…)

Cisco AnyConnect VPN

To enable support for client computers the client software package must be loaded into the ASA in the form of a .pkg file. These can be found here on our network: S:\Software\Networking\!Cisco\AnyConnect This is loaded into the ASA under Config>Remote Access VPN>Network (Client) Access>AnyConnect Client Software (more…)

Provisioning Polycom IP 6000

To set up a Polycom conference phone for Vonage: (more…)

Adobe Creative Cloud App Failing

If the CC Desktop app (required for installing & updating) fails, you must uninstall and reinstall it. This would normally require removing all of the suite as the Desktop App can not be removed until all other Adobe programs are uninstalled. Fortunately, Adobe has created an uninstaller for the Desktop app.

Windows 10 User Migration Tool

Use the User State Migration Tool (USMT) to migrate users on Windows 10. (more…)

VOIP Bridge Setup

To setup a Grandstream fax or conference bridge for Vonage: (more…)

Windows 10 Fake Restart

I recently witnessed a Windows 10 PC restart, only to find that WMIC was reporting it had not been rebooted in a month. This false restart was causing the users VPN to fail. After multiple “Restarts” that appeared to complete, I finally ran restart /f /r /t3 from command. This forced restart took longer, updated the last bootup time in wmic and resolved the VPN issue.

Flex License Manager Update

The AutoDesk Flex License Manager loads but does not distribute, licenses to versions of Autodesk that are newer than the license manager. The Autodesk products will show an expired or no licenses available message when this happens. The easiest way to update the FLM is to:

  1. Install the FLM on a local Windows PC (the Autodesk installer will no longer run on a server)
  2. Stop and Remove the Flex License service on the server
  3. Copy all files from the local PC to the Server found here: C:\Autodesk\Network License Manager\
  4. Create and Start the Flex License Service

Server Manager Totally Blank

Windows Server Manager loads as a blank page. This is caused by a compatability issue with graphics drivers, particularly when the server has an advanced GPU installed. The quick resolution to this, is to uninstall the graphics driver. This will load the basic Microsoft video driver and allow the Server Manager to load.

NVidia GTX vs. Quadro

Purpose – Quadro cards are designed for specific render tasks, like CAD and video rendering, outperforming Geforce by a significant margin. AutoDesk has only certified Quadro Cards for Revit.

Quality – Quadro cards are  designed for maximum durability and longevity and stand up to the rigors of daily strenuous use better than the consumer-oriented Geforce.

For these reasons we recommend Quadro, unless your budget is limited.

iTunes & Drive Space

iTunes requires a great deal of free space when restoring an iOS device. Encrypted backups build an unencrypted copy of the data, as it loads it back to the device. You will need at least enough free space to match 200% of the backup you plan to restore.  Backups are located here:

C:\Users\%username%\AppData\Roaming\Apple Computer\MobileSync\Backup or

Samsung Video Server Plug-in

The plugin will not work, if simply installed with administrative credentials. To install the plug-in:

  1. When logged in as the end user, run Internet Explorer as administrator.
  2. Log into the video server and run the ActiveX plug-in installer.

Audit: AD User Passwords

This PowerShell script will create an HTML file with account password details when run on AD server. (more…)

Increase WordPress Upload Size

  1.  Install Plug-In: Increase Maximum Upload File Size
  2. On the host system > Go to C:\PHP\n.n.n\ > open php.ini
  3. Search for and update size in the below code & run iisreset from cmd
; Maximum allowed size for uploaded files.
upload_max_filesize = 40M

Set Network Type

To change the network type in windows 10 from Public to Private:

$Name = Get-NetConnectionProfile|Select Name |out-gridview -PassThru
Set-NetConnectionProfile -Name $ -NetworkCategory Private 

Office 365 Signatures Button Fix

Create a .reg file with this and add it to the registry. (more…)

Clear Public Desktop

del /q c:\Users\Public\Desktop\*.*

WSUS Directory Move

Run this from cmd, then move the directory to the new path.

CD C:\program files\update services\tools
wsusutil movecontent F:\WSUS F:\WSUS\wsus.log -skipcopy

DRAC Reset

You can reset a drac for firmware upgrade ot when you reach maximum sessions from ssh:

racadm racreset

OneNote MIA in Office 19’ & 365

So Microsoft has gone full Alphabet Soup <&@@?$3> when it comes to where you can keep your virtual notebooks. Starting in 2019 you will no longer be storing data anywhere other than in the cloud. More…

The temporary fix is to add OneNote 2016. this is also required to access any network based notbooks.

Fragmented Tables

This code will locate SQL tables with fragmentation:

--Replace DB_Name
USE DB_Name;  
SELECT OBJECT_NAME(a.OBJECT_ID)AS TableName, a.index_id, name, avg_fragmentation_in_percent,avg_page_space_used_in_percent,page_count  
FROM sys.dm_db_index_physical_stats(DB_ID(N'DB_Name'), NULL, NULL, NULL,'SAMPLED') AS a  
    JOIN sys.indexes AS b 
      ON a.object_id = b.object_id AND a.index_id = b.index_id
WHERE avg_fragmentation_in_percent >= 30
ORDER BY page_count DESC  

User Logon Time

To find when a user last logged onto their PC (drop findstr to return account properties):

net user "johnDoe" /domain | findstr /C:"Last logon"

Mac Outlook Reset Database

Navigate to this location for the user and delete both folders:

/Users/me/Library/Group Containers/UBF8T346G9.Office/Outlook/Outlook 15 Profiles/Main Profile/

WordPress Posts Missing Content

Outdated Plugins can cause the body of posts & pages to appear blank. To resolve this disable plugins until you find the cause.

PHP Manual Upgrade

Manually update PHP on Windows: (more…)

Verizon International Service

Log in to Verizon Wireless for Business. Under Manage Account, navigate to Manage Wireless Numbers. Click on the plus symbol to the left of the wireless number that you want to work with. (more…)

‘WMI exception occurred on server’

When running Move-DatabasePath in Exchange the following error shows up ‘WMI exception occurred on server’. This is caused when the database has too many log files. The fix is to run a backup, time permitting. If time is limited:

  1. Enable circular logging on the database to be moved
  2. Dismount and Mount the database (this will start the log file cleanup)

Abacus Server IP Change

Change the following key to update the server IP (Not a system name) for the Abacus client or create a GPO (more…)

Vonage Phone Access

To log into a Vonage phone, use the 6 digit account number. If the device is not yet provisioned the default password is “admin”.

Removing Adobe Creative Cloud

Adobe Cloud applications will not uninstall without an active adobe cloud account. To circumvent this restriction use the cleaner tool provided by Adobe.

MySQL Service not starting

  1. Create a backup of all current MySQL data and databases at C:\ProgramData\MySQL\MySQL Server n.n\data
  2. Open the C:\ProgramData\MySQL\MySQL Server n.n\my.ini file.
  3. Add the following line into the [MySQLD] section:
    innodb_force_recovery = 1
  4. Try to start MySQL.
  5. Stop MySQL service.
  6. Remove the line innodb_force_recovery from my.ini file and start MySQL.


  1. Open: C:\ProgramData\MySQL\MySQL Server n.n\data
  2. Delete ib_logfile0 & ib_logfile1
  3. Start MySQL Service


To verify a file checksum use

get-filehash -path c:\older\file.ext

View Cellular MEID on Windows 10

Go to: Settings > Network & Internet > Cellular > Advanced Options

Offline install of .NET 3.5

If .NET 3.5 will not install use this by mounting the ISO that matches the current version of Windows and running as Admin:

Dism /online /enable-feature /featurename:NetFX3 /All
/Source:D:\sources\sxs /LimitAccess

Dropping RAID

If you need to drop RAID from a windows box follow these steps:

  1. Reset the Local account password
  2. Sysprep the box and shutdown
  3. Disable RAID from the drives or remove the controller
  4. Let the system boot and rejoin the domain

This can be helpful if you plan the virtualize a windows box that is set to boot from a RAID volume.

Azure HUB Savings

Hybrid Use Benefit is a bring your own license benefit saving clients ~40%.

Each existing Windows Server Standard with SA license will permit you to run either:

  • 1 Azure VM instance up to 16 cores
  • 2 Azure VM instances up to 8 cores

Each Windows 10 or Windows VDA per user with SA


  • The license can be run on-premise or in the cloud, but not both.
  • For Windows 10 a requirement that each user is managed through Azure Active Directory.
  • Requires Enterprise E3/E5 per user cals

Making PowerShell Interactive

Turn a Powershell script into an interactive application with:

Out-GridView -PassThru |

This code will pause your script and present you the data collected in a grid view. You can then select specific items in that view. When you hit OK at the bottom the script will proceed against just the selected items.

Windows updates via PowerShell

The script runs for a while at get-wulist

Install-PackageProvider -Name NuGet -MinimumVersion –Force

Install-Module PSWindowsUpdate


get-wuinstall –acceptall –AutoReboot

Outlook “Signatures” button fails

If the “Signatures” button fails to open the dialogue box for changing your signature, you can take the following steps:

  1. Locate: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0006F03A-0000-0000-C000-000000000046}\LocalServer32]
  2. Direct it to outlook.exe

This file can be renamed .reg and imported to fix this issue on Office 365: Office365

Windows 10 1803 not installing

If the 1803 download gets stuck you can manually install it from here:

Do NOT choose download now. (more…)

Remote Connections

These PowerShell scripts list the remote IPs connecting on 443 , while filtering out local IPs and devices on ATT (107.77) (more…)

Carrier Network IPs

Cellular providers use specific IP ranges that can be filtered. (more…)

Mac O365 Password

If Outlook for Mac repeatedly asks for a password when connecting to an Office 365 e-mail account you need to: Open Utilities > Keychain > delete items referencing: “exchange” “adal” and “office”.

Default MS Store Apps

In Windows 10 the old (win8) tricks for removing Microsoft apps no longer work.
Here are a number of useful powershell commands. (more…)

AnyConnect Password

The Cisco Any Connect Client does not allow you to save a password on the client. This code when saved as a .vbs file will let you get around this.  Be warned that the client’s password is saved in clear text in the file. I hide the file in Drivers and create a shortcut to it with the Cisco VPN logo. (more…)

SMG Queue – 450 4.4.1

If you are seeing the following error, on messages in the Symantec Messaging Gateway queue: 450 4.4.1 [internal] Connection Timed Out

These messages are being interrupted during transmission. This leads to the sender receiving a delayed delivery notice. This is caused by something in the message being rejected by the Cisco router during inspection of the traffic. To fix this you must disable all esmtp_inspect features on the ASA:

On the Cisco ASA local to the Symantec Gateway:Configure>Firewall>Service Policy Rules>Open Inspection_default>Rule Actions[Tab]>Deselect ESMTP 

VPN Interface MIA

If the Cisco VPN launches, but no window appears delete this file:

C:\Program Files (x86)\Cisco Systems\VPN Client\vpnclient.ini

Exchange Permissions

You can list all users with Mailbox permissions with this in PowerShell:

Get-Mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne “NT AUTHORITY\SELF” -and $_.IsInherited -eq $false} | Select Identity,User | Export-Csv -NoTypeInformation mailboxpermissions.csv

PPI – Pixels Per Inch

The PPI of a monitor is a measure of its size in inches and the total number of pixels in the horizontal and vertical directions. It is important to account for PPI when choosing a monitor for a client to ensure a positive user experience. A 20-inch 4k monitor would be virtually useless, as the elements of the Windows interface would be incredibly small. I recommend a PPI between 90 and 120. PPI Calculator

Naming Cloud Services

Choosing a name for your client’s cloud services comes with permanent ramifications. As this post explains there is no ability to change the name.

Autodesk License Mode

Issue: (Example – A trial install to network license)
Your licensing type has changed and you need to change the licensing option within the program.

Delete file in the following folder:

Home Ed. in a Domain

You can connect a Windows home edition PC to a domain as follows:

  1. Change the PCs workgroup to the domain name (pre-Windows 2000)
  2. Change the local username and password to exactly match a domain account.

The PC should now have full access to Outlook, network shares and printers without entering credentials.

AutoCAD Interface Reset

If your toolbars vanish you can do the following to reset AutoCAD:

From the Start menu go to > AutoCAD 20nn – English (Folder icon) > Reset Settings to Default

Backing up the current interface is advisable if you have made extensive customizations.

In some instances, Reset Settings to Default will be missing. More…





Safe Mode from CMD

If you need to put a system into safe mode you can do this from cmd then reboot:

This will set the safemode switch:
bcdedit /set {current} safeboot minimal 
with networking:
bcdedit /set {current} safeboot network
to put back in normal mode via dos:
bcdedit /deletevalue {current} safeboot

SpeechExec License Fix

  1. Stop the FlexNet licensing service
  2. Delete the files in this folder: “C:\Documents and Settings\All Users\Application Data\FLEXnet”
  3. Delete one file in this folder: “C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher” but NOT the FNPLicensingService.exe file.
  4. RestartedFlexNet licensing service
  5. Oened the program and activate it.

Outlook AutoComplete

Copy the AutoComplete list

The steps to export and import the AutoComplete list are different, depending on the version of Outlook that you are using. (more…)

Outlook Autocomplete

A freeware option that I used to use and still comes in handy is called NK2Edit from NirSoft, it does handle newer data just follow the instructions. Has the advantage of being able to edit the autocomplete data as well.

There are also things you can do like importing nk2 files by launching outlook with the /importnk2 switch. Slipstick has a lengthy writeup that covers all sorts of different issues and how to deal with them in different versions of outlook. Read this.


Outlook Shenanigans

So outlook has stopped opening links or attachments and there have been no changes in the trust center and no recent windows updates…. Open Regedit and check the following key. “HKEY_CLASSES_ROOT \.html”

Remote log off

I recently had a console session hang with just a white screen and no start menu on an Exchange Server. Not wanting to reboot the server and disrupt the entire office, I used the following to remotely log the admin out via PowerShell:

(gwmi win32_operatingsystem -ComputerName $PCname).Win32Shutdown(4)

Issues Renaming a Domain Computer Part 1 of 2

If you get an error about multiple connections by the same user using different usernames; net use * /d

Issues Renaming a Domain Computer Part 2 of 2

So you have gone through part 1 and now get an error saying the directory service is busy!
Is SQL Express or SQL installed? If so, from an elevated command prompt type:
setspn -L computername

Note any registered SPN in the format of
MSSQLSvc/[Computer Name]:[Instance Name]

Delete each of the SPN’s noted above.
setspn –d [SPN Name] [ComputerName]
Important: You must use the full SPN name as identified via the setspn –L command.  These will be in the format of MSSQLSvc/Computer.domain.tld:instance


Setup a Printer on Windows 10

  1. Go to start > type Print > Choose Printers & Scanners
  2. Choose Add a printer or scanner


High Sierra network issue

Full article here.

Newer servers use SMB2/3 which has packet signing turn on. The net result is that copied/moved/renamed files never finalize the process.  2 sets of instructions below
based on whether or not there already exists an nsmb.conf file or not. (more…)

Win7 updates not running

Update services are running yet the windows update control panel says that they aren’t when you try to check for updates.

Disable windows update service and then stop it.
At this point go to Windows\SoftwareDistribution and rename the folder to SoftwareDistributionOld.
Enable windows update service and start. You should be able to check for updates now.

C Drive filling up regularly

Windows/Temp filling with cab_XXXX files.
Deleting the cab_xxxx files only resulted in regeneration.
Checking \Logs\CBS folder I found lots of .log and (some) .cab files
It seems, that windows wasn’t able to zip (makecab.exe) one of the .log files.

Solution was:
in \Logs\CBS folder delete the oldest .log file (you can also delete them all)
in \temp folder delete every cab_xxxx

in the following regeneration process, the remaining (CBS) logs where zipped correctly, and \temp was left clean

Network XP & 10

Hopefully this doesn’t come up often but when it does…
Windows 10 no longer supports SMB1. It can be enabled (it is also a big security hole)
Powershell as administrator: Enable-WindowsOptionalFeature -Online -FeatureName
more on the topic in general here.

Exchange13 Discovery

Prerequisites: The user that you are going to run the eDiscovery as must be a member of Mailbox Search Role and the Discovery Management Role Group (The discovery management Role Group will encompass the Mailbox Search Role) You will not see the eDiscovery or litigation hold options (The compliance management menu item on the left side of the EAC) unless you are a member of this group. (more…)

Install Exchange 2016


Autodesk License via VPN

If AutoCAD fails to pull a license over a VPN you need to adjust the time out period that it tries to  connect. Do this by adding a system variable and it fixes all Autodesk products.

  • System>Advanced…>Environment Variables>System Variables>New
  • variable name:   FLEXLM_TIMEOUT                Variable value:   10000000


Segmented Zip Files

7 Zip will segment files as it creates a compressed file with this command:

cd "C:\Program Files\7-Zip"
7z -v500m a c:\backup\Filename C:\FolderToCompress

Usage: 7z a -v{Size}[b|k|m|g] [<switches>…] <archive_name> [<file_names>…]


Site VPN 1/2 Connected

In a Site-toSite VPN setup between two Cisco ASAs you find that traffic stops passing between sites, however, the connection is established. In addition under Monitoring>VPN>IPSec Site-to-Site one side shows: Bytes Rx 0 / Tx increasing and the other ASA shows BytesRx increasing / Tx 0. While rare the fix is to: change nothing, save the configs and restart both.

Prevent .DS_Store files

As each user of the Mac open terminal and execute the following, then log out and in:

defaults write DSDontWriteNetworkStores true

Add an Exchange Relay

To relay through exchange server the following receive connector settings should be used:

  1. Set your Name and Port as needed.
  2. Under security check ONLY: ;
  3.  From Scoping REMOVE the range. (WARNING: Skipping this will create an open relay) and add Static IPs for approved senders.
  4.  From PowerShell run: Restart-Service MSExchangeTransport
  5. Test via Telnet and from outside

This is typically setup for Port 25 so adjust that connector.

Photo Viewer for 10

Some users prefer to use the old Windows Photo Viewer. If the PC was upgraded it is still available. For a system that was clean installed use this registry hack. This also addresses the fact that Outlook is missing from the “Share Pictures” feature of the new photos app.


Crossing the netmask

When a device has a static IP address and it is introduced to a new network with a different IP scheme it is possible to gain access to the device inorder to reprogram it. (more…)

Create macOS ISO

1) Create a blank disk image:
hdiutil create -o /tmp/HighSierra.cdr -size 7316m -layout SPUD -fs HFS+J
2) Mount your image:
hdiutil attach /tmp/HighSierra.cdr.dmg -noverify -nobrowse -mountpoint /Volumes/install_build
3) Restore BaseSystem.dmg from the installer:
asr restore -source /Applications/Install\ macOS\ High\ -target /Volumes/install_build -noprompt -noverify -erase
4) Unmount the image:
hdiutil detach /Volumes/OS\ X\ Base\ System
5) Convert the image you created into an ISO file:
hdiutil convert /tmp/HighSierra.cdr.dmg -format UDTO -o /tmp/HighSierra.iso
6) Move the ISO to the desktop:
mv /tmp/HighSierra.iso.cdr ~/Desktop/HighSierra.iso

Create MacOS USB

To Create a bootable UBS drive for installing Mac OS.

  1. Download the installer from the App Store
  2. From Terminal Enter the following for High Sierra:
sudo /Applications/Install\ macOS\ --volume /Volumes/Mojave
  • Change Mojave to the name of the destination USB Drive

Commands for older Mac OS (more…)

Reset Windows Update

  1. Disable Windows Update service
  2. Rename the folder %windir%\SoftwareDistribution
  3. Restart the Windows Update service

7to10 Remote upgrade

Windows can be upgraded remotely with these steps.

  1. Verify MSP Connect is working on the PC.
  2. Download the ISO and copy the contents to C:\Win10\
  3. Run the upgrade to Windows 10.
  4. After about 30 Min. access the PC with MSP Connect (RDP will not work yet)
  5. Answer the setup questions to complete the upgrade.
  6. Test RDP

Sticky Outlook Accounts

You have removed delegate rights to a users account but the account continues to display in outlook. Slipstick to the rescue again. There are a bunch of interesting solutions in this link. [Key, AD users and groups, Advanced view, Attribute editor]

Remove Windows 10 Bloatware!

Powershell to the rescue.

Windows Updates: Win10 part 1

Windows updates search endlessly then throw an error?

Turn off updating for non-windows software and also disable smartscreen filter as well as Symantec.

Windows Updates info: Win10 Part 2

Microsoft had changed the logging format for WU.
run powershell command: Get-WindowsUpdateLog then type windowsupdate.log at the command prompt.
Additional info can be obtained in c:\Windows\SoftwareDistribution\ReportingEvents.log

Symantec Features

This post details the features of each product we deploy:

Microsoft Update Catalog

Microsoft has a searchable catalog of all their updates located here: You will find links to standalone installers and other resources.

CRM not loading

If CRM hangs you just need to clear the cache for the browser you are using.

Outlook Search Fails

In June Microsoft released a patch for Office that breaks the index on some PCs (users can no longer search Outlook). To fix this install optional update “2017-06 Preview on Monthly Quality Rollup for Windows…”. This only applies to Windows 7.



Clonezilla is a free partition and disk imaging/cloning program. It runs from USB and works with basically every OS. It can be used to do a direct clone to a new drive or backup to an image that can be restored to bare metal.  Instructions: (more…)

Convert KMS to MAK

If Windows is setup for Key Management Services activation it can be converted to Multiple Activation Key.

slmgr.vbs /ipk "MultipleActivationKey"

MFP Color

A vendor recently sent an army of technicians, over four visits, to address the color disparity between 2 identical Xerox MFPs (one had been used twice as much over 3 years). They began by replacing all the consumable parts,  calibrating both units and color correcting via the driver (helped a little), but the unit still had a red haze when printing gray tones. The last tech, after a series of cleanings and calibrations, fixed the color by cleaning the laser plate, then recalibrating both the fiery and the copier, in that order.

Resource mailbox’s calendar shows the organizer’s name instead of the subject

It’s actually the default behavior. Use PowerShell to make it useful again.
for Exchange 2010, 2013 and 2016 use the following…More

Set-CalendarProcessing -Identity -DeleteSubject $False -AddOrganizerToSubject $False

Exchange Email Format

In Exchange, emails sent outside the organization are converted and the format of these can be set per domain or for all domains. If messages are sent in text format, some recipients will have issues viewing attached images.

ContentType should be MimeHtmlText not MimeText when running:
Get-RemoteDomain |fl 
To update it run the following with either a domain or * 
Set-RemoteDomain -identity "Domain or *" -ContentType MimeHtmlText

Brightmail Antispoofing

There has been a rise in the number of instances of email addresses being spoofed. A new technique of masking the sender address by adding a “direct reply to” address, has increased the likelihood that a user will be fooled. The real sender address can only be detected when the user hits reply, at which point the new address is revealed in the Too field. If the users forwards the message  masked when the message is forwarded. There are instances where emails addresses are spoofed for legitimate reasons, such as when marketing email is sent from a 3rd party, which makes blocking messages a bit tricky. To address this issue we will be using a new rule in Brightmail. (more…)

Uninstalling Autodesk

Autodesk products, particularly Building Design Systems, can be very complicated installs. Fortunately Autodesk includes an app manager that will allow you to uninstall all or select certain apps to remove. It is found in Start>All Programs>Autodesk>Uninstall Tool

Brightmail Upgrade

To update the Symantec Gateway run this from the console

  1. Block inbound SMTP from Router
  2. Backup VHD
  3. Check Version: show –version
  4. update list
  5. update check
  6. update download
  7. update install or update install–version 10.6.6-5
  8. Monitor with: tail -f update.log
  9. Read Agreement (space) and agree (Y)
  10. Verify Version: show –version
  11. Enable SMTP from the router

If step 6 fails use: update install

Restore Brightmail

  1. Block inbound SMTP from router
  2. Mount ISO and boot
  3. Logon with: admin & symantec
  4. Set time zone: 10
  5. Add ALL previous Ethernet Interfaces
  6. Load license and add basic settings
  7. Restore the last backup
  8. From console reboot
  9. Login and verify settings
  10. Enable inbound SMTP from router

AutoCAD install fails

The AutoDesk installer does not do any prequalification checks. This means that when a deployment, which has a dozen or more components,  begins it will install what it can until it finds a resource missing and then it will stop without any notice. You will be left with some of the components, but AutoCAD will be missing. (more…)

Installing Windows 10

Windows is 10 is finally stable, but not easy to deploy. Here is what I have found: (more…)

Repair Revit Files

To repair a corrupt Revit file that will not open, copy the file locally, from File>Open check “Audit” and open the file.

WordPress Plugins

These plugins extend WordPress functionality. (more…)

Financing options

When dealing with clients and making recommendations, keep in mind and mention to them that there are a number of companies that offer competitive financing, or will make it possible for the client to purchase equipment as part of a lease with a $1 buyout. We work with a number of companies that specialize in financing IT infrastructure.

This option might make a large expense easier to swallow for your client; keep in mind also that not just hardware, but any software and service associated with the project can be financed.

Uninstall Office 2016

IMPORTANT: Before you start, you need to know removing Office manually is a long, complex process and might require that you reinstall the operating system if certain steps are done incorrectly.


Clean All Temp Folders

$tempfolders = @(“C:\Windows\Temp\*”, “C:\Windows\Prefetch\*”, “C:\Documents and Settings\*\Local Settings\temp\*”, “C:\Users\*\Appdata\Local\Temp\*”,”C:\ProgramData\Microsoft\Windows\WER\ReportArchive\*”); Remove-Item $tempfolders -force -recurse

Exchange 2003 to 2010

There is no direct upgrade to 2013. 2010 is the preferred intermediate version (more…)

Migrate Public Folders


This will work for moving PFs from 2007 or 2010 to 2013 or 2016 (more…)

0x80070520 when adding SSL binding in IIS

This is caused when the SSL certificate is imported into IIS and the selection to allow it to be Exported is not chosen.

ATT DSL Arris Modem

To enable inbound traffic for a client network follow these steps. (more…)

Exporting Mailboxes

You can export entire mailboxes (smaller than 50GB) to PST, from the Exchange console:

New-MailboxExportRequest -Mailbox "Amy Smith" -FilePath "\\Server\Share\AmySmith.pst"

To get Status of the request:

Get-MailboxExportRequest | Get-MailboxExportRequestStatistics | fl

These should be output to a fast drive with plenty of capacity (not a shadow copy volume). When decommissioning a user account move the file  to the company archive.

Begin by verifying the mailbox size:

Get-MailboxStatistics -server "post" | Sort @{expression=”database”;Ascending=$true},@{expression=”TotalItemSize”;Descending=$true} | select DisplayName,database,ItemCount,TotalItemSize

To enable these tools for the first time:


Windows 7 Updates

Microsoft is limiting the performance of windows updates from their end for Windows 7. If you need to clean install a PC that will require updates to reach full functionality I would build it 24 hours in advance to allow windows updates to download and install. Set client expectations.

Buzzsaw: Clear Cashe

To Clear the Cache follow these steps:
· Close out of Buzzsaw
· Navigate to C:\Users
· Open the folder labeled with your username
· Open the folder labeled “AppData”
· Open the folder labeled “Roaming”
· Open the folder labeled “ProjectPoint-2013”
· Delete only the “Cache” folder

To Reinstall:
· Click on this link
· Follow the steps to install Buzzsaw (you do not need to uninstall before you do this)

Rename your RDserver did you?

Thank heavens you aren’t the first.
Here is a blog entry to save you.

Reverse DNS

Reverse DNS or rDNS is one of the older methods used to verify an email was sent from the domain. It is a record created by the ISP and not the DNS records associated with the domain. It should be setup anytime an ISP is added or changed. Each ISP has their own way of setting these up from sending an email to particular address (sent from the client domain not ours) to calling support. This should be done before email starts going out from the new IP to prevent NDRs. To set up a reverse DNS record: (more…)

Dell RAID Firmware

To prevent loss of data on Dell servers,  firmware and Windows drivers for the RAID controllers must be updated as new versions are released.

  1. Use Dell Open Manage to determine which RAID controller you have.
  2. Collect your system Service tag. (CMD: WMIC csproduct)
  3. Go to and enter your service tag.
  4. Narrow the category down to SAS Raid. Download the PERC Raid controller Firmware and Windows driver for your OS.
  5. Verify all client data is backed up before proceeding.
  6. Run the firmware installer. Note: This will require a reboot.
  7. Run the Windows driver update. Note: This will require a 2nd reboot.
    Dell stresses that keeping your iDRAC up to date is also important…


EDB Recovery

To recover an Exchange database:

1) Run eseutil /mh E:\Exchange\mailbox.edb

  • If the state is Clean Shutdown skip to step 4

2)Verify Logs are not damaged: eseutil /ml E:\Exchange\Log\E01 (path ends with the first 3 characters of log files to be inspected)

3) Try eseutil /r E00 /a /t /d E:\Exchange\Mailbox.edb /l E:\Exchange\Log

  • For this error: “Operation terminated with error -528 (JET_errMissingLogFile
    • Include the Exchange Bin Folder Path with “/s” switch:      /s “C:\Program Files\Microsoft\Exchange Server\V15\bin”
  • For this error: “Operation terminated with error -1216 (JET_errAttachedDatabaseMismatch
    • Run soft recovery with the “/i ” switch at the end and it will override the EDB-STM mismatch.

4) For a Dirty Shutdown State run:

  • Run eseutil /p E:\Exchange\Mailbox.edb /t C:\Temp\Temp.edb

5) Verify state is Clean Shutdown then De-fragment

  • Run eseutil /d E:\Exchange\Mailbox.edb /t C:\Temp\Temp.edb

For best speed write the temp database to a separate drive with enough space.

Bootable USB installer

Make sure that you use 8GB or larger USB drive. All existing data will be deleted.

list Volume
select volume "X" (where X is the USB vol. number from 2)
create partition primary
format fs=ntfs label=OS_Install quick

Copy the contents of a bootable ISO to your USB.

iPhone 7 Reset

  • Force reboot: Hold power and down volume for 10 Seconds.
  • Apps stop loading: General>Reset>Reset Network Settings.

Virtualize a server

This post will walk through the NMS standard process for virtualizing a server using the utility Disk2vhd v2.01 or greater. (more…)

Convert .pfx to .pem

Download and install OpenSSL then run the following:

openssl pkcs12 -in "certificate.pfx" -out "certificate.pem" -nodes

Transfer Speed Calculator

Very handy calculator can be found here.

Disable UAC via GPO

This is usually achieved through Active Directory policies. Most documents and guides will tell you that you just need to turn off three policies in Windows 2008, under Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies -> Security Options: (more…)

Allow user to manage AD

How To Delegate the Unlock Account Right (It’s rather buried)


Scan to Email

  1. Find the Scanners IP
    1. For a local scanner find the LAN IP of the Scanner
    2. For a remote office: Find the external WAN IP of the office via
  2. Go To: Exchange admin center>MailFlow> receive connectors
  3. Find the connector that works on port 25 and go to scoping
  4. Add the IP From step 1 to the section:“Receive mail from servers that have these remote IP addresses.”
  5. Program the scanner to send to the Exchange server LAN(local) or WAN(remote) IP Do not send these to the spam server.

Manage 2012 from Win7

Server 2008 can be managed by installing remote server administration tools (RSAT, very specific version requirements!) Same can be done with Win8 and up and Server 2012 and up…
Win7, however, is a bit more complicated. (more…)

Ajera and Notifications

Ajera updates at least once a month. In doing so it also replaces the AjeraService.sysajera file. (in the root of the Ajera directory tree) This file contains the path to Ajera and if you changed it on install it will overwrite it. If the path is wrong email notifications will break. You will find Ajera and exchange errors in your logs.

Windows Installer Coordinator Loop

Installing in a terminal server environment and a window pops up saying “Windows Installer Coordinator” is preparing for first time use. (more…)

Reset Apple TV Remote

Aluminum remote:

  1. Hold menu and left for ten seconds
  2. Hold menu and right for ten seconds

Missing Volume Icon

Use this if the option to turn the icon on is greyed out in the system tray. (more…)

Rhino unable to find a license manager.

Network license manger for for Chaos products is the “Zoo License Manager” Restart it.

Jungledisk Failed Uploads

In the event a connection is lost while working on a remote file check


JungleDisk & Windows 10

JungleDisk recommends that WebDav be turned on with Windows 10. They don’t say why however and doing so will add extra steps for the user as all windows links will take you to a web page which won’t actually work. Instructions on breaking it are here so that you can un-break it.

New Category

I have added Client Intranet as a new category. Add this to any post you think might be helpful to clients for example new threats, a walk through on how apps works, etc.

Ajera Passwords

The next update of Ajera 8.10 will require more advanced passwords. The requirements:

  • Minimum of 8 characters
  • An upper and lower case letter
  • A number
  • A special character

Amazon and the cloud!!!!

Do not blacklist * as companies such as Expensify and Adobe have begun using them as a mail provider.
At the same time DO NOT whitelist as it is a notorious source junk.

Outlook 2011 Mac issues

This article has lots of tips… unless your issues began with an upgrade to El Capitan. (Separate post on that)

Outlook 2011 Hangs after upgrade to OS 10.11

Here is the link to the issue.
Midway down the page under the resolution section is the link to update 14.5.6

Remote Desktop Connection Manager

RDCMan makes it really easy to organize your hosts into groups, each group can have its own defaults that are automatically used (unless you choose to manually override), you can connect groups of servers with one click, plus many other nifty features.

iTunes Updates on Windows….

Apple seems to get their folder structure wrong on a regular basis.
If you’ve been getting an “AppleSyncNotifier.exe – Entry Point Not Found” error every time you reboot your PC, here’s how to fix it.

Disable Aggressive Mode on Cisco ASA

Configuration > Remote Access VPN > Network (Client) Access > IKE Parameters > Check the box where it says “Disable inbound aggressive mode connections (IKEv1 only)

Workgroup & Outlook

It is possible to totally eliminate the outlook log on requirement when a user is on a workgroup PC. 1) set the workgroup name to match the pre2k log on domain that hosts the exchange server.  2) Set the user name on the users local account to match the user name in AD. These settings cause Outlook to send “Workgroup Name\Local User Name” when connecting and will eliminate the credential prompt for the user.

Outlook 2016 setup

When connecting Outlook 2016 first ensure is setup. Next use the auto configuration wizard not manual setup (depreciated). If prompted for a user name DO NOT prepend it with the domain: NMS\Jon Smith becomes Jon Smith

Manually Setting a Printers IP

Canon Plotter

  1. Go to settings (4th icon) > Interface Setup > TCP/IP > IPv4
  2. Set IPv4 Mode to Manual
  3. Go back then Choose IPv4 Settings
  4. Set the IP, Subnet Mask and Gateway

Konica Copier

  1. Press Utility (Button) > Administrative Settings
  2. Log in with Password: 12345678 or 1234567812345678
  3. Go to Network Settings > TCP/IP Settings
  4. Set the IP, Subnet Mask and Gateway

Xerox Copier

  1. Press Machine Status (Button) > Press “Guest” icon (Top Right)
  2. Log in as: User: admin     Password: 1111
  3. Go to “Tools” (Tab) > Network Settings > TCP/IP Settings > IPv4(3rd box)
  4. Set the IP, Subnet Mask and Gateway

AutoDiscover Req in ’16

AutoDiscover must be configured or Outlook 2016 will be unable to connect to Exchange Server. Outlook 2016 retrieves Exchange connectivity settings directly from AutoDiscover instead of the registry, making profiles more reliable, but that also makes AutoDiscover a required feature. If you have not yet configured AutoDiscover, you will need to do this prior to deploying Outlook 2016. DNS must be set both internally and externally. More information can be found here: Account Auto Configuration process (Autodiscover)

Outlook 2010 Only Starts in Safe Mode

MS Update KB3114409 (Update for Microsoft Outlook 2010 32-Bit Edition) issued on Dec 8, 2015 is the culprit.
Remove it and you are all good. Microsoft removed the update so if you haven’t seen it you shouldn’t.

Verify SSL Certs

Qualys SSL Server Test

I tested a site with a DigiCert SHA2 Extended Validation Server CA and only received a “C” rating. See the links below

SSL3 notes, RC4 in TLS notes


PDFs crashing Outlook

Issue:Trying to launch pdf attachments directly from Outlook causes Acrobat to crash.
Environment: Acrobat XI or above and Outlook 2010 on Win7 pro x64.
Fix: Set reader to run as administrator

Fully Format Disks

To Clear all partitions form a disk including Dell OEM run the following:

List Disk
Select Disk "#"

From Disk Manager: Right Click the drive and Choose online Select GPT Create a New Volume with NTFS and 64K Allocation Size

Clean Install Windows

  1. When installing Windows ONLY connect the drive(s) that will run the OS and the optical drive. Be sure all others are disconnected by: inspecting the internal connections in the PC, disconnecting all externals, and verifying the target drive specs in BIOS > Drives
  2.  Disable drives not connected in BIOS > Drives
  3. Set the RAID to AHCI for a single drive in BIOS > Drives.
  4. Reboot and verify no errors about missing drives
  5. With the Windows USB inserted, Reboot and press F12 at Dell splash screen > Choose USB Device
  6. During Windows setup, choose Custom, NOT Upgrade
  7. Determine the fate of the data on the drive and choose
    1. Preserve All Files – (SOP): On the “Where do you want to install Window?” page you will select the largest partition and proceed. Windows.old will be created with the old OS. This will contain any data that was on the partition. If no Drives show up you may need to turn off BitLocker or install drivers. Dell has custom installers for newer laptops that include the needed drivers.
    2. Wipe All Data – VERY RARE: Data will be destroyed: On the “Where do you want to install Window?” page you will need to DELETE all the partitions. Select each one then delete. Once you have only one selection which is Free Space proceed with the installation.
  8. Set User to account name or NMS and Password to Mon…
  9. Verify All Drivers are loaded in Device Manager

Move iTunes backup

  1. Open current iTunes backup: %APPDATA%\Apple Computer\MobileSync
  2. Move the folder” Backup” to the new destination
  3. At the original folder location, press the SHIFT key, right-click and select “Open command window here” and enter this command (ends in new location):
mklink /J %APPDATA%\Apple Backup “E:\Backup\iTunes”

M-Color menu reload

This assumes it’s installed and you have run the executable that adds it to your apps.
1. In AutoCAD execute command CUILOAD
2. Select MCOLOR9x and Unload it (eg. MCOLOR97 for M-Color 9.7)
3. Restart AutoCAD

If CUILOAD did not not restore M-Color menu:

How old is that MAC?

Get the serial number (“About this MAC”) then enter it here (Do not use 3rd party sites)

Disable Hibernation

Windows default has hibernation turned on. This take good piece of the hard drive in the form of the hiberfil.sys file which takes up about as much c drive space as there is RAM installed. To dispose of the file and disable hibernation instantly use this in PowerShell:

powershell -Command "Start-Process 'powercfg.exe' -Verb runAs -ArgumentList '/h off'"

Exchange PS vs. GUI

Some things can be done in the GUI, lots require powershell.
Part 1
Part 2

MAC Outlook Archive

This is not pretty.

Exchange Version

Get-ExchangeServer | Format-Table Name, *Version*
Get-ExchangeServer | Format-List Name, Edition, AdminDisplayVersion

Here is the list of versions: (more…)

DisplayPort 1.2

With Display port 1.2 you can daisy chain multiple monitors from 1 port. I found that this feature is disabled by default in the monitor hardware hardware. Based on the warning enabling this with a non compliant card will cause issues. (more…)

SNMP Service tabs

In Server 2012 the tabs for Agent, Traps and Security are missing?
“In order for the SNMP management-tabs to show, the Remote Server and Administration Tools feature SNMP Tools must also be installed.”

Send as – Sent item

Email that you send on behalf of someone is not saved in their Sent Items folder

There is a registry key to allow this but it is not available after 2007 without applying the hotfix to outlook.

There are more variations detailed here: (ie, Exchange 2010 outlook 2013)

Delayed/Rejected Emails

Apparently some mail servers/spam appliances are using a Cisco service that monitors email and web traffic. punch in your IP and find out what they think of you…. I have yet to figure out what to do about things like a “Neutral” rating which apparently will get you bounced. (Please add any info if you find it) Also, there is the ability to search by domain but it yields less useful info.

Win7: Explorer Crashing

Some time ago I ran across a situation where the windows preview would cause files to lock, particularly excel and word files. More recently I came across a situation at Pasma Group where explorer would just randomly close up when you tried to open a window. We assumed it was related to the user’s profile until another user said it was happening but only when there were large files like sketchup files in the folder…. Turning off the preview option made the crashing go away

Dell Performance issue

Dell is once again shipping their workstations with Intel Speed Step enabled. This should be turned off in the BIOS.

Text comparision tool

NotePadCompareNotepad++ has a plugin called compare. Note the visual map on the right side. This makes finding small changes in a script much easier.

To access it: Install it from Plugins>Plugin Manager


Google Earth Pro is now Free

New Earth Pro keys are no longer being generated. If you do not have a key, use your email address and the key GEPFREE to sign in once you download the software here:

Deploying AutoDesk

This is our standard process for deploying Autodesk products. (more…)

Outlook Rendering Complexities.

The link above is to an article on the different rendering possibilities for different versions of outlook. It is lengthy and complex even though it’s just an overview! For clients that have issues with the way their email is displayed, or not displayed, or particularly for design oriented clients interested in email marketing the fact that so many features are either supported or not supported means that the client that expects adherence to tight design will be frustrated and ultimately disappointed.  This is an expectation that needs to be managed.

NIC Driver Mystery

I setup an older Dell Latitude 6410 with Windows 8, checked the drivers, tested the Wi-Fi and sent it out the door. The only problem was the the laptop could only connect to some networks. (more…)

Search for PSTs

Before removing a drive from service or when moving a user to a new system, it is important to verify no PSTs have been left behind. To find all PSTs launch ISE as admin then run:

Get-ChildItem -path c:\users\ -force -Recurse -filter '*.pst' -erroraction 'silentlycontinue' | select name, Length, LastWriteTime, directory #Run as admin 


Set Outlook permisions

In this example abaldwin is granted reviewer access to jjohnson’s calendar:

get-mailbox -identity "jjohnson"| foreach {Add-MailboxfolderPermission $_":\calendar" -User "abaldwin" -AccessRights Reviewer}

To do this for an entire Co. use Excel and a list of all users then use Concatenate to edit the individual cmdlets which can be pasted in bulk to PowerShell.

Exchange 2013 Error “X-FEServer:”

This is caused after a new SSL Certificate is installed on Exchange. To resolve this go to IIS MMC find the certificate hash for the new cert then run the following PowerShell commands:

Enable-ExchangeCertificate CertificateHash -Services SMTP
Enable-ExchangeCertificate CertificateHash -Services IIS

Installing Exchange 2013


  1. Contact ISP and setup a Reverse DNS Record on public IP if not reusing existing.
  2. First, decommission and uninstall all Exchange servers older than 2007.
  3. Add the Feature: Media Foundation: Install-WindowsFeature Server-Media-Foundation
  4. Next load the following components: Unified Communications Managed API 4.0 Runtime, Filter Pack 2010 x64, Filter Pack 2010 SP1 x64
  5. Run the install package that includes the current service pack.  Do NOT install it to the C Drive. The remaining Features and Roles with be installed automatically.
  6. Run Windows Updates (more…)

Hardware migration via Sysprep

I was recently retiring the admin PC at HSLA and giving it to an end user for home use. At the same time I had a newer T3500 with a clean install of Windows that would make a great admin PC, however, I did not want to reinstall all the software and transfer the files. I first tried swapping hard drives (which in some instances will work), but both PCs blue screened. My quick fix (more…)

OST & PST Max file size

Microsoft Outlook 2007-2013 support American National Standards Institute (ANSI) and UNICODE personal folders (.pst) and offline folder (.ost) files. The WarnFileSize registry entry determines the maximum data that both the .pst and the .ost files can have. After this maximum data is reached, neither the .pst nor the .ost files are permitted to add any more data. These limits can be changed per user in the registry: (more…)


Fiddler Screen

Fiddler is a free web debugging proxy which logs all HTTP(s) traffic between your computer and the Internet. Use it to debug traffic from virtually any application that supports a proxy like IE, Chrome, Safari, Firefox, Opera and more.

Uninstall Office 2013

IMPORTANT: Before you start, you need to know removing Office manually is a long, complex process and might require that you reinstall the operating system if certain steps are done incorrectly.


Uninstall Office 2010

Uninstall using the Program and Uninstall troubleshooter

You can try running the Program Install and Uninstall Troubleshooter to uninstall Office 2010.

Warning:  The troubleshooter only removes traditional MSI-based installation files. If you have a Microsoft Office Click-to-Run 2010 entry in Control Panel and you’re trying to uninstall it, the troubleshooter will not uninstall this type of Office 2010 installation. (more…)


Making Ethernet cables:

  • Straight = wO,O,WG,Bl,wBl,G,wBr,Br
  • Cross Over = wG,GwO,B,wB,O,wBr,Br

Patch Cable Color standard:

Color Use
Black Desk side Patch
Blue PC to Switch 1000
Green Router to ISP
Orange PC to Switch 10/100 [Cat5]
Red Server to Switch
White DRAC & KVM


Switch to Router

Switch to Switch

Switch to Wireless

Ajera not on C: update

Ajera updates when install path is non-standard. Open d:\Ajera\AjeraService.sysajera with Notepad and update path from C:\… to D:\… (Where D is the install drive)