Recently we had a Mac not be able to access a Windows Samba (SMB) Share

Thinking a windows update could have caused some issue, we tested another Mac but it worked fine 

OS X Mavericks 10.9 brings a change of SMB2 instead of SMB1 , which can be disabled with the below command 

echo "[default]" >> ~/Library/Preferences/nsmb.conf; echo "smb_neg=smb1_only" >> ~/Library/Preferences/nsmb.conf

This still didn’t work so we reverted back to SMB2 with the below

rm ~/Library/Preferences/nsmb.conf

I used Telnet to make sure there wasn’t a network issue on port 445 ( Open Terminal , enter Telnet and open IP 445) which worked

I installed a trial of this on the Windows File Server which creates an AFP share , which worked by is 1000$!

https://www.acronis.com/en-au/mobility/mac-windows-compatibility/

We upgraded the Mac to the latest OS 10.14 ( for free )  and it solved the issues

• No Comments

Recently we installed Nable on a Mac however when trying to remote control it , the screen would stay black with a Please Wait…. Message

The knowledge online said to whitelist it from here as it was OSX 10.14 Mojave , however there was nothing displaying here : 

We Installed the Take Control Viewer manually v6.00.00 directly from the installer link. https://swi-rc.cdn-sw.net/n-central/mac_viewer/6.00.00/MSPA_N-central_Installer_Viewer_6.00.00.zip

• No Comments

When you install Windows using a Legacy Device is marks the Boot Volume with an Master Boot Record (MBR) label

I use easybcd to load all my ISO’s on a single USB which doesn’t support UEFI 

You need GUID Partition Table (GPT) for UEFI Boot

You can check this via Disk Management

Restart the PC into Safemode with Command Prompt

Run this command to make sure the drive can support GPT 

mbr2gpt /validate

Then Run this 

mbr2gpt /convert

After this you need to change the Boot Loader to use UEFI instead of Legacy

• No Comments

Recently trying to diagnose an issue with Radius 2fa, looking at the AzuraMFA Logs , I saw users trying to Authenticate with Mandarin Characters per below

Wondering if it was chinese hackers  , I tried a simple test using a username that does not exist in AD , which actually produces this for each login, so not to worry! 

NPS Extension for Azure MFA: NPS Extension for Azure MFA only performs Secondary Auth for Radius requests in AccessAccept State. Request received for User

NPS Extension for Azure MFA: NPS AuthN extension bypassed for User

• No Comments

Download this tool 

• No Comments

Here are the steps to change the owner of Workspace/Folder in Worksite 10

–To change the owner of a Workspace/Folder, first we need to find the prj_id of the Workspace/Folder 

select * where prj_name LIKE ‘%FOLDER\WORKSPACE_NAME%’

–To change it to a different owner…

update mhgroup.projects set prj_owner = ‘NEW_USERID’ where prj_id = ‘WORKSPACE_ID’

After changing the owner of the workspace, the author in the docmaster table for this workspace needs to change as well. The owner is still shown as the old one, but after updating the author, the new owner should appear on the workspace profile.

Please run the following additional query:

– update mhgroup.docmaster set author =’new userID’ where docnum = ‘you can get this from the query below ‘

–also, to change the underlying Workspace/Folder document’s owner update mhgroup.docmaster set operator = ‘NEW_USERID’, author = ‘NEW_USERID’ where docnum = ‘DOCNUM’

Please test this against a backup copy of the database. Also make sure you backup the database before running this against production database.

To find the docnum of a workspace: select * from mhgroup.projects where prj_name = ‘Exact Name of Workspace’ and subtype = ‘work’

• No Comments

 If you host your Azure MFA User Portal outside of your MFA Server e.g. in a DMZ , the User portal server has to speak to this MFA server via SSL using the SDK and also via a certificate. Make sure the SSL of you MFA server is valid. It might be self signed internally on that server ( cannot be from the domain as the DMZ server can’t speak to your domain ) so you need to create a new one and transfer it securely to the User portal and install it on the Trusted Root Authority 

System.Security.Authentication

This certificate cannot be verified up to a trusted certification

• No Comments

Trying to login to the Webportal of GFI Archiver brings up a basic authentication prompt. It should use your signed in credentials to SSO into the App

Recycling the site Application pool in ISS and was then able to login successfully.

• No Comments

Latency Threshold – I would say to start with 50-60 Seconds to avoid any false positives.

Failure Counter threshold –  I would suggest to start with 5-6 for the same reasons.

Admin Notifications – I would suggest to notify via SMS as well, in case email is down. But if you are doing that, you will firstly have to make sure you are syncing the Mobile numbers from AD using the correct AD Attribute in Mimecast(https://community.mimecast.com/docs/DOC-1478). Then you also have to make sure that you set that attribute up to be used as the mobile attribute for SMS notifications in Administration > Account > Account Settings > System Notification Options. Then, you also have to make sure that the admins that need these SMS notifications, subscribe to them. Guidance on subscribing here – https://community.mimecast.com/docs/DOC-2085. Further details on using SMS in Continuity Here – https://community.mimecast.com/docs/DOC-2104.

Affected Group – You have to select a group that covers all users. Otherwise when you get the notification, if you opt to start a Continuity Event from the dashboard, it will only affect the Admin group you have selected.

• No Comments

Recently a newly installed Vocus link was running 100mb Down but only 30mb up , multiple back an forths with support showed the link back to vocus was fine , however the speed was still bad.

Finally they told me the answer , the package ordered was not full 100mb up!

Best Effort Internet Access
VBU is delivered to site using Telstra Wholesale Ethernet Access (Fibre) Standard CoS (Class of Service) access tails. Note Standard CoS is 100% EIR (Excess Information Rate) which means, under congestion in the Telstra network, this traffic may be discarded. If the customer requires an Internet Service with continual sustained throughput or other medium to high performance requirements, please use Vocus IP Transit or Enterprise Internet rather than VBU.

Fix

Recommended VCT or VIE onnet service
or alternatively Telstra tail can be made premium.

• No Comments