You might have setup a new Ubiqiti access point using a controller based at another site, which is not the final destination of the device, so it is no longer configurable when you get to the new site.

If you can get the Old controller back up and connect to the access points you can use the below to move the Access Points to a new site via the Site Migration 

If you cannot connect to the old controller anymore you can try logging into the access point via IP and doing:

You can use the Same Old Controller name : 

  1. SSH into AP with former controller’s credentials
  2. in controller, forget AP
  3. reset to default with ‘ restor-default’
    connection will be terminated
  4. SSH into AP with ubnt/ubnt
  5. use mca-cli shell
  6. set-inform x.x.x.x:8080/inform
  7. where x.x.x.x is the ip of the new unifi controller
  8. in controller, adopt the AP
  9. repeat step 7 after adoption (sometimes this is necessary to get to provisioning)
  10. AP will reboot and provision

Finally you can perform a factory reset on the device to join it to a new controller 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

When trying to create an IMAP Mailbox Sync via Office 365 , I was getting the following Failed Error next to the Sync Status

TLS negotiation failed with status AlgorithmMismatch

The IMAP Server I was syncing from was using SSL  on port 993 however the SSL cert was self signed rather than from a proper cert authority

In the end I had to enable syncing through 143 Uncrypted or you can purchase a sign SSL cert for the migration

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Shared mailbox is added as a second exchange account in cached mode in outlook 2016. Microsoft does not recommend to add shared mailbox as a separate account in outlook. This is non-supportive scenario for us. However we can provide best effort support in this case. We tried following steps to resolve the issue,

  • We were not able to search items in current folder but Subfolders; All Outlook Items; Current Mailbox; All Mailboxes in cache mode.
  • We were able to search items in current folder in online mode.
  • Unchecking download shared folder from account settings did not make any difference.
  • Issue is reproducible in safe mode, different machines, different networks, new user profile and other user who has access to this shared folder.
  • If we add normal user account to outlook, search works fine.
  • Outlook and windows are up to date.
  • Rebuilding indexing did not fix the issue.
  • Unchecking search option, “Improve search speed by limiting the number of results shown” did not make any difference.
  • Search works fine in current folder after auto mapping of shared mailbox in outlook by running PowerShell commandlet,


Please find below search scopes in Outlook,


Shared mailbox configuration

Allowed Search Scopes

Search Provider

Added via Advanced tab with Download
Shared Folders turned on

Current Folder


Added via Advanced tab with Download
Shared Folders turned off

Current Folder; All Subfolders

Exchange Search

AutoMapped with Download Shared
Folders turned on

Current Folder


AutoMapped with Download Shared
Folders turned off

Current Folder; All Subfolders;

Exchange Search

Second Exchange account in cached mode

Current Folder; All Subfolders;
All Mail Items; All Outlook Items


Second Exchange account in online mode

Current folder; All Subfolders;
All Mail Items; All Outlook Items

Exchange Search




  • As the size of OST is around 20 GB so you may face performance issues in outlook while accessing secondary mail.




VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Download the .tgz upgrade file from here

Save your configuration first ( remember this does not save automatically ) and backup a config backup.

If this is a virtual machine do a snapshot / chekpoint

Let’s get started with the upgrade wizard:

NetScaler upgrade wizard

select the location for the firmware file:


Next, verify the licenses you have already installed these will work with the new netscaler and begin the upgrade.\

NetScaler upgrade warning

The upgrade will take down the gui first , then after the netscaler when it says rebooting

Other key things to note – the upgrade has turned back on SSLv3 support on the Gateway vServer…however, it has enabled support for TLSv1.1 and TLSv1.2 which was missing from the 8007.e release. Nice!




The new web interface will look like below

If you see a solid black screen after upgrade you will need to delete your cache or do a CTRL and F5



Double check the SSL Profile on your virtual server make sure it’s set to : ns_default_ssl_profile_frontend

With SSL3 off and TLS 1.2 on , you can check via :

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Edit the Group Policy that is applying to your domain controllers

Server 2003

Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Audit Policy 

-> Enable Audit Directory Access Service

Server 2008 or Above

Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Security Options->Audit: Force audit policy subcategory settings

Computer Configuration->Policies->Windows Settings->Security Settings->Advanced Audit Policy Configuration->Audit Policies->DS Access




Target OU or Whole Domain

Right-click on where you want to enable Auditing and bring up the properties.  Under Extensions you will see the Security tab.  From there select Advanced and then choose the Auditing tab.  If you want to be comprehensive, I would select the Everyone security principal, set Type to Success and Applies to: This object and all descendant objects.  For the permissions, again if you want to be comprehensive, set the following:

  • Write all properties
  • Delete
  • Delete subtree
  • Modify permissions
  • Modify owner
  • All validated writes
  • All extended writes
  • Create all child objects
  • Delete all child objects

Open Event viewer and filter Security log to find event id’s (Windows Server 2003/2008-2012):
– 631, 635, 648, 653, 658, 663/4727, 4731, 4754 , 4759, 4744, 4749 – Group created
– 632, 636, 650, 655, 660, 665/4728, 4732, 4756 , 4761, 4746, 4751 – Member added to a group
– 633, 637, 651, 656, 661, 666/4729, 4733, 4757, 4762, 4747, 4752 – Member removed from a group
– 634, 638, 652, 662, 667, 657/4730, 4734, 4758, 4748, 4753, 4763 – Group deleted
– 639, 641, 649, 654, 659, 664/4735, 4737, 4745, 4750, 4755, 4760 – Group changed
– 566/4662 – An operation was performed on an object(OU Changes) (Type: Directory Service Access).

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

When a user VPN into a Fortigate Router , make sure they can access all Subnet available to the router not just the local one :

  1. Added security policy – allow from SSL VPN interface to IPsec VPN  

Name : SSL VPN to New Subnet

Incoming Interface : SSL-VPN tunnlel Interface ( ssl.root ) 

Outgoing Interface – %Interface of Site to Site VPN for Remote Site%

Source : SSL VPN Client Range / SSLVPN_Users

Destination Address : %new subnet%

Schedule : Always

Service : ALl

Action : Accept

Nat : Enabled (  to traverse IPsec VPN as local address (192.168.0.x) as opposed to SSL VPN client range (192.168.1.x) 

IP Pool Configuration : Use Dymanic IP Pool and NAT Pool for SSL VPN Clients


2.  Make you have DHCP NAT pool Range excluded from your onsite DHCP 

3.Added New Subnet to routing address in SSL VPN portal – tunnel mode

VPN – > SSL VPN Portals

Tunnel Mode -> Enable Split Tunnelings -> Routing Address 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

hasWorkspaceContent=true (if you have Workspace CE)
hasMetadataContent=true (if you have Metadata CE)


Please ensure you run it after hours (after synctool has run) or increase the synctool schedule. Difftool will pick all those documents in Active Content and will reindex them, so to avoid duplicates you should be running the diffscan once the synctool has finished processing.



VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Start by downloading the RSAT for Windows 7 from

Next, select the DFS tools from the “Turn Windows Features On and Off” under “Control Panel”, “Programs” (as shown below).

You can then run : 

DFSUTIL /PKTINFO to get the output

And a

DFSUTIL /PKTFLUSH to see if this helps with the issue

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
  1. Login to iManage / Worksite Communication Server 
  2. Go to : C:\inetpub\mailroot\Badmail to see the bad mail
  3. Open up one of the emails with wordpad / notepad
  4. Get the Folder ID ( FID ) of where the email is being filed
  5. Get the username of the operator trying to file the email (Control + F “ref” can help alot)

Subject: RE: xxxxxxxxxxxxx (Our Ref:  xxxxxx)[xxx-xxx.FID102361]
If the IRN is not visible in the subject, look for the folder ID


From this example, the folder ID is 650594.

Put that folder id into this SQL query and run it against the iManage SQL database:

Replace the XXXXXXX with the folder ID

select * from [%imanageDBName%].[MHGROUP].[PROJECT_NVPS] where PRJ_ID=’XXXXXXXX’
Look for the value of iMan_26. this is the IRN:

You may also use:
select * from [%imanageDBName%].[MHGROUP].[PROJECTS] where PRJ_ID=’XXXXXXXXX’

The IRN can be found under the PRJ_DESCRIPT column:
Once you have IRN,

In Outlook search for the workspace that is found in the reference number.
if reference number does not exsist search for a document and use the FID number to find workspace number.
open the IRN Workspace in Filesite/Outlook
expand the IRN so you can see the “File” Folder
right click on the “File” folder , click properties
click profile tab
select the operator Click “Add/Edit” button
The operator might have a Red Circle on it
this means the User is disabled – Enable the user or change to the live user.
Change to the live user is prefered
Click yes to the prompt (don’t need to tick any boxes) let it update, once complete click “close”
Now cut + paste the email from C:\inetpub\mailroot\Badmail to C:\inetpub\mailroot\Drop , make sure it does not go back into C:\inetpub\mailroot\Badmail.
If we see many emails (over 3) in the badmail folder the comms server may have lost contact with the DB server.
Start the worksite service manager from deskop (imanage user)

Check that the service account isn’t locked out 
Move all badmails to the drop folder and see what get’s bounced to badmail and work from there.
If doing alot of these, you may want to edit Communications Server port so it doesn’t bombard users with emails
Check User filing with email Enabled in the Database?
User filing has write access to database ( Archive01 only read only ) ?
User filing has the same Email Address she’s sending from then the Same in AD as iManage ?
Try enabling all users and refilling all
Check the Workspace Folder double check the author / operator is installed and change to enabled user

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)