Azure AD Password Protection stopped working
Office 365 (Azure AD) Friday, 18 December 2020 by paul

Recently one of our Admins noticed that passwords were being set which should not have been allowed with our Azure AD Password Protection settings. Looking at the DCs showed no errors. A look on the Microsoft Docs site for On-premise password protection (https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-agent-versions) show the latest version is v1.2.125.0. The running version was v1.2.65.0.

v1.2.65.0 includes timed-limited functionality so just stops working on September 1st 2019 with no warning or errors (unless you know what event to look for in the event log). Upgraded Proxy Agent and DC Agents and all working again.

The latest version should automatically update but that functionality was only introduced in version v1.2.116.0.

Enable Plus Email Addressing in Exchange Online
Office 365 (Exchange) Tuesday, 15 December 2020 by paul

Exchange Online now support Plus emailing address like GMail has for many years. So if your email address is [email protected] then you can also use the email address [email protected] to create unique email addresses for mailing list etc. It is not currently enabled by default so needs to be enabled using PowerShell. The following script will do so:

# Enable Plus Emailing in Exchange Online

# Check the ExchangeOnlineManagement module is installed and >= v2.0.4
Import-Module ExchangeOnlineManagement; Get-Module ExchangeOnlineManagement

# Install module if required
#Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.4-Preview2 -AllowPrerelease

# Update module if required
#Update-Module -Name ExchangeOnlineManagement

# Connect to Exchange PowerShell
Connect-ExchangeOnline -UserPrincipalName [email protected]

# Change organisational config to allow plus emailing. It is off by default.
Set-OrganizationConfig -AllowPlusAddressInRecipients $true

Currently only available for mailboxes but will be added to distribution groups soon.

Enable SNMP for Vcenter Appliance
VMWare (SNMP) Tuesday, 15 December 2020 by paul

To enable SNMP on VMWare VCenter Appliance, for monitoring, first SSH to Vcenter Appliance with an authorised user (like root). At the Command prompt (not shell) SNMPv1/v2c can be configured using the following commands.

 

Get the current SNMP config:

Command> snmp.get

 

Set the SNMP Community string:

snmp.set --communities public,secretcommunitystring

Set the device location:

snmp.set --syslocation London

 

Optionally set up users:

snmp.set --users userid/authhash/privhash/security

(example) snmp.set --users test/-/-/none

snmp.hash  --auth_hash secret1 --priv_hash secret2

Finally Enable SNMP:

snmp.enable

 

More information @ VMWare Docs: Configure ESXi for SNMPv1 and SNMPv2c - https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.vsphere.monitoring.doc/GUID-2A8FC3DC-53C3-4245-A4CF-CC5C7935D04B.html

Cannot command line FTP
Windows (FTP) Tuesday, 15 December 2020 by paul

If command line FTP, on Windows 10, is connecting and not allowing items to be downloaded then it may be due to the Windows 10 Firewall blocking incoming connections. When a machine connects with the Active FTP protocol the FTP server makes a separate connection back to the client to transfer the data. This is blocked by default by the Windows Firewall and an exception needs to be added to allow the incoming connection. The following PowerShell command needs to be run as administrator:

 

New-NetFirewallRule -DisplayName "FTP In" -Direction Inbound -Protocol TCP –Enabled True –Action Allow -Profile Any -Program "%SystemRoot%\System32\ftp.exe" -Service Any -LocalPort 20,21,1024-65535 -EdgeTraversalPolicy Allow

 

Now the user should be able to connect and download items.

Windows 10 RSAT Install error
Microsoft (Windows 10) Friday, 11 December 2020 by paul

When installing RSAT tools onto Windows it fails with the error code 0x800f0954.

PS C:\> Get-WindowsCapability -Name RSAT.ActiveDirectory* -Online | Add-WindowsCapability -Online
Add-WindowsCapability : Add-WindowsCapability failed. Error code = 0x800f0954
At line:1 char:61
+ ... y -Name RSAT.ActiveDirectory* -Online | Add-WindowsCapability -Online
+                                             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Add-WindowsCapability], COMException
    + FullyQualifiedErrorId : Microsoft.Dism.Commands.AddWindowsCapabilityCommand

To fix:

  1. Run "gpedit.msc" as Administrator to edit your local computer policy.
  2. Navigate to "Computer Configuration\Administrative Templates\System"
  3. Locate setting "Specify settings for optional component installation and component repair"
  4. Set to Enabled and check the box “Download repair content and optional features directly from Windows Updates instead of Windows Server Updates Services (WSUS)“.
  5. Click Apply and OK.

Now try the install again and it should work as below:

PS C:\temp> Get-WindowsCapability -Name RSAT.ActiveDirectory* -Online | Add-WindowsCapability -Online


Path          :
Online        : True
RestartNeeded : False

 

Page 1 of 87 (436 Articles) << 1 2 3 4 5  Next >>