The receiving party needed details to enable TLS enforcement 

Mimecast TLS CA 

CN = DigiCert TLS RSA SHA256 2020 CA1
O = DigiCert Inc
C = US

Cipher Strength : 256

Certificate Key Size : 2048

TLS Version : 1.2

• No Comments

With a Cloud Apps conditional access policy only allowing users access to the network if they enrolled in Azure AD ( MDM ) or Registered to Azure AD ( MAM ) , it block them from Joining Azure AD in the first place with the message:

We had to remove All Cloud Apps and change this just to Office 365 per below

• No Comments

1. Create a system repair disc (http://windows.microsoft.com/en-US/windows7/Create-a-system-repair-disc  ). You can skip this step if you have a Windows installation media. Is a good measure to reboot and verify you can start your system from this disc.
2. Identify which disk you want to convert (usually is #0). This can be done by looking at the number in the Windows Disk Management.
3. Download gptgen from here http://sourceforge.net/projects/gptgen  . (You could use the Windows Disk Management Tool for this too. (diskmgmt.msc)) This tool will allow you to convert your MBR disc to GPT with the data included. 
4. ATTENTION: After this step, your computer CANNOT BOOT until the whole process is completed. DO NOT Shut Down Unless Instructed to! 

   Unzip gptgen and then run CMD with elevated privileges. (replace the 0 with the identified disk number).

   This *will* result in a BSOD shortly after and it’s to be expected:

   gptgen.exe -w \\.\physicaldrive0

5. Boot using your Windows installation or previously generated system repair disc.
6. Choose language and preferences, and then select Repair Your Computer -> Troubleshoot -> Advanced options -> Command Prompt
7. We will need the disk partitioning tool. With this, we will recreate the boot partitions. Type:

   diskpart

8. Identify the boot disk where Windows is located, typing:

   list disk 

    Something like this should appear:

    

         Disk ###  Status         Size     Free     Dyn  Gpt

         --------  -------------  -------  -------  ---  ---

       * Disk 0    Online          128 GB      0 B        *

9. Once identified, select the disk (replace with the correct number):

   select disk 0

10. Verify the partitions:

    list partition

11. Something similar at the info below should appear.

           Partition ###  Type              Size     Offset

           -------------  ----------------  -------  -------

           Partition 1    Primary            350 MB  1024 KB

           Partition 2    Primary            126 GB   350 MB

12. Delete the previous system partition:

      select partition 1

      delete partition

13. Create the new boot partition, Microsoft reserved partition:

      create partition EFI size=100 offset=1

      format quick fs=fat32 label="System"

      assign letter=S

      create partition msr size=128 offset=103424

14. If you list the partitions again, you should have ended up with something like this:

           Partition ###  Type              Size     Offset

           -------------  ----------------  -------  -------

           Partition 1    System             100 MB  1024 KB

           Partition 2    Reserved           128 MB   101 MB

           Partition 3    Primary            126 GB   229 MB

15. Ensure that your Windows installation is mounted, replacing 3 with the volume number of the Windows installation (usually 1):

      list volume

      select volume 3

      assign letter=C

16. Exit diskpart:

      exit

17. Generate boot partition data, replacing C: with the letter of the Windows installation (usually C:):

      bcdboot c:\windows /s s: /f UEFI

18. Cross your fingers and then restart your computer!

• No Comments

Recently needed to create an NFS share to hosts some ISO's for Xen server

New-NfsShare -Name "NFSshare01" -Path "C:\NFSshare" -EnableUnmappedAccess $True -Authentication Sys 


Grant-NfsSharePermission -Name "NFSshare01" -ClientName "10.0.0.110" -ClientType "host" -Permission "readwrite" -AllowRootAccess $True 

• No Comments

When you can’t shutdown or power off a VM , this is how to force kill it

Open this directory in File Explorer and find the folder with the same name as your virtual machine has. Copy the GUID that is specified in the name of the VM configuration file with the *.vmcx extension.

Run the Task Manager and go to the Details tab. All virtual machines are running in their own instance of vmwp.exe. To determine which process is responsible for your VM, you need the GUID of the hung-up VM you obtained earlier. Locate the process vmwp.exe that has the GUID of your VM in the User name column. Kill this process (End Task).

• No Comments

Once created , powershell

• No Comments

Any existing CSV Shared Storage Disk was trying to be added to a new host on a different cluster however came up as RAW

What needed to run was the below ( for Disk 0 ) and I could see the CSNTFS permissions again

clear-clusterdiskreservation -disk 0

• No Comments

Trying to enroll a device for MAM and the below error messaged showed up

The user was not in the right groups assigned for Enrolling devices in MAM , changing this fixes the Error

• No Comments

<#  
	.SYNOPSIS  
	Displays list of accounts that have been locked out in AD since the last time each DC's Event Log has rolled over.

	.DESCRIPTION
	By default, this script displays list of accounts that have been locked out on the current domain since the last time the Event Log rolled over. Results can be filtered by using parameters.

	.PARAMETER forest
	Queries all DCs in the current forest

	.PARAMETER Domain
	Queries only DCs within the specified domain. If no domain is listed, it will default to the current domain.
	
	.PARAMETER DCs
	Queries only specified DCs
	
	.PARAMETER Start
	Filter by start time in 'MM/dd/yyyy HH:mm:ss' format.
	
	.PARAMETER End
	Filter by end time in 'MM/dd/yyyy HH:mm:ss' format.
	
	.NOTES  
	Author  : Chrissy LeMaire 
	Requires:     PowerShell Version 3.0
	DateUpdated: 2015-Feb-5
	Version: 1.1
	 
	.LINK
	
	 
	.EXAMPLE
	.\Get-LockoutHistory.ps1
	Gets all locked out accounts in the current domain.
	
	.EXAMPLE
	.\Get-LockoutHistory.ps1 -forest
	Gets all locked out accounts in the current forest
	
	.EXAMPLE
	.\Get-LockoutHistory.ps1 -domain ad.local -start '1/28/2015' -end '1/29/2015'
	Gets all locked out accounts in the ad.local domain, starting at 01/28/2015 00:00:00 and ending at 01/29/2015 00:00:00
#> 
#Requires -Version 3.0
[CmdletBinding(DefaultParameterSetName="Default")]

Param(
	[switch]$forest,
	[string]$domain,
	[string[]]$dcs,
	[datetime]$start,
	[datetime]$end
	)

if ($domain.length -ne 0) { $domain = $domain.toLower() }

if (($forest -eq $true -or $domain -ne $null) -and $dcs.length -eq 0) {
	$currentforest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
	$currentdomains = $currentforest.Domains
	
	if ($domain.length -ne 0) {
		$singledomain = ($currentdomains | Where-Object { $_.Name -eq $domain })
		if ($singledomain -eq $null) { throw "$domain could not be found in the forest." }
		$dcs = $singledomain.DomainControllers.name 
	} else { $dcs = $domains.DomainControllers.name }
} 

if ($dcs -eq $null) {
	$currentdomain = [directoryServices.ActiveDirectory.Domain]::GetCurrentDomain()
	$dcs = $currentdomain.FindAllDomainControllers()
}

$filter = @{LogName='Security';Id=4740;}

if ($start -ne $null) {
	$start = (Get-Date $start -Format 'MM/dd/yyyy HH:mm:ss')
	$filter += @{StartTime=$start;}
	Write-Host "Filter Start: $start" -ForegroundColor Yellow
}

if ($end -ne $null) {
	$end = (Get-Date $end -Format 'MM/dd/yyyy HH:mm:ss')
	$filter += @{EndTime=$end;}
	Write-Host "Filter End: $end" -ForegroundColor Yellow
}

$allevents = $null; $lockedout = @()

foreach ($dc in $dcs) {
Write-Host "Contacting $dc" -ForegroundColor Green
	try {
		$allevents = (Get-WinEvent -ComputerName $dc -FilterHashtable $filter   -ErrorAction Stop).ToXml()
		$allevents = "<root>$allevents</root>"

		foreach ($event in ([xml]$allevents).root.Event) {
			$user = ($event.EventData.data |  Where-Object { $_.Name -eq "TargetUserName" }).'#text'
			$from = ($event.EventData.data | Where-Object { $_.Name -eq "TargetDomainName" }).'#text'
			$dc = (($event.EventData.data | Where-Object { $_.Name -eq "SubjectUserName" }).'#text').TrimEnd("$")
			$domain = ($event.EventData.data | Where-Object { $_.Name -eq "SubjectDomainName" }).'#text'
			$entrytime = [datetime]$event.System.TimeCreated.SystemTime
			$status = (Get-ADUser -Identity $user  -Server $DC -Properties LockedOut).LockedOut
		
			$lockedout += [pscustomobject]@{User=$user; From=$from; DC=$dc; Domain=$domain; Timestamp=$entrytime; "Currently Locked Out"=$status}
		}
	}
	catch {
		$msg = $_.Exception.Message
		if (!$msg.StartsWith("No events were found")) {
			Write-Warning "$dc was unreachable or otherwise unparsable."
			Write-Warning "Ensure your account has Read access to the DC's Security log and the appropriate firewall ports are open."
		}
	}
}

if ($lockedout.count -eq 0) {
	Write-Host "No locked out events could be found."
} else {
	$lockedout | Out-Gridview
}

• No Comments

Symptoms

Start menu not working for all users

System Event log shows the following error

EventID:10001 – Source: DCOM

Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv00qxextfnce9sxb8.mca as Unavailable/Unavailable. The error:

“0”

Happened while starting this command:

“C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe” -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Fix

Backup registry key below (could take awhile 1 hr+)

In powershell

Remove-Item “HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules”

New-Item “HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules”

Set DWORD “DeleteUserAppContainersOnLogoff = 1
in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy

• No Comments