A customer was using Sharepoint via office 365 using Drive Mappings to their different libraries. We use Network locations deployed via group policy to enable users to access files in Windows Explorer. The customer uses 2fa however we have AD Premium P1 Licenses to whitelist the Office IP’s.

The customer would need to login to Internet explorer once and save the browser cookie and the drives would map.

This was working fine until we enabled AAD connect Single Sign in their environment to simplify signing in. Drives would suddenly start to drop off randomly. Remapping a single library manually by going to any one of the libraries and choosing “View in File Explorer” per below would fix the issue until the next day

Remove the AAD connect Single Sign in from their environment resolved the issue …. must be a bug with SSO and Passing through Sharepoint libraries in IE

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

23.103.132.0/22
23.103.136.0/21
23.103.144.0/20
23.103.198.0/23
23.103.200.0/21
40.92.0.0/14
40.107.0.0/16
52.100.0.0/14
65.55.88.0/24
65.55.169.0/24
94.245.120.64/26
104.47.0.0/17
134.170.101.0/24
134.170.140.0/24
134.170.171.0/24
157.55.133.160/27
157.56.87.192/26
157.56.110.0/23
157.56.112.0/24
157.56.116.0/25
157.56.120.0/25
207.46.51.64/26
207.46.100.0/24
207.46.108.0/25
207.46.163.0/24
213.199.154.0/24
213.199.180.128/26
216.32.180.0/23

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently trying to release and whitelist an item using Barracuda’s cloud Spam filter. however was getting the below error:

The message couldn’t be downloaded either. Tried from Multiple pcs and still an issue

Trying the next day and the issue was fine which shows it must have been something on Barracuda’s side!

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Changes to the Distributed File System (DFS) namespace are made on the domain controller with the PDC Emulator role. DFS root servers periodically request updated metadata from it. Inaccessibility of the PDC Emulator may result in incorrect operation of the DFS.

How to find you PDC

NetDOM /query FSMO


 

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently during a DR test we spun up a file server that was protected using Microsoft Shared Cluster Services. The drives where mapped using a Physical Lun. Zerto protects this as long as you backup the Active Node of the cluster.

On Startup you need to change the VM Scsi mapping from Physical to None

Once booted , you should stop the Cluster Service and start is again with the /fixquorum flah

net start clussvc /fixquorum.

Now open the Cluster Manger and remove the Disks from the Server ( you will need to do this twice for each drive )

Once removed , stop the cluster service

bring Online the Disks in Computer manager.

If the disks come up as Raw , you will need to go back and perform a ReSync , then bring up again

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

For the trusted ips box to show up on the multi-factor authentication server settings in 365 multi-factor authentication so you can whitelist IP’s , you need to purchase and activate at least one single Microsoft Azure Multi-Factor Authentication License ( cheaper optoin ) or a single AD Premium License. This will give you the below options

 

trusted ips (learn more)
Skip multi-factor authentication for requests from federated users on my intranet
Skip multi-factor authentication for requests from following range of IP address subnets

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Many internal companies use Newsletter services such as Mailchimp to email out internal newsletters. The From Address of this is usually an internal email address which means it will get rejected by the anti spoofing policy

Option 1

In Mimecast Administration Panel go to : 

Administration -> Gateway -> Policies -> Anti Spoofing SPF based Bypass

  1. Add the following Policy, this will only whitelist IP’s in your SPF Record,  so putting servers.mcsv.net will not work , you will also have to put “ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:148.105.0.0/16” in your SPF record. If your SPF is over 255 characters : try option 2

 

Option 2

Administration -> Gateway -> Policies -> Anti Spoofing

Add the policy below , you can get a list of IP’s Mailchimp user here

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently I was trying to add a Virtual Switch to a new Hyper V Server and I got an error similar to below

Image result for adding ports to the switch failed hyper v

Although the Virtual Switch seemed to add ok , it was coming up with Errors in the Cluster Manager ( Status Unavailable ) 

The server was actually already added to the Failover Cluster Manager. And I noticed that the

“Microsoft vmm dhcpv4 server switch extension” filter was missing. This gets added to a Node on adding to cluster

Evicting the Hyper V host from the Cluster then deleting and re-adding the VSwitch Resolved this

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

So you are fully up-t0-date with Outlook however you are having issues with performance

  1. The first thing Microsoft 365 support will do it recreate your profile, and also recreate your OST , so make sure you have done this

  2. Next they will get you to run this :  Microsoft Support and Recovery Assistant for Office 365 (also known as ‘SaRA’). If will give you a list of problems you can work towards resolving

  3. Make sure you upgrade to 64bit Version of Office

Outlook display issues only affect 32-bit versions of Office. Normally, 32-bit applications can only access 2 GB of memory that all 32-bit apps share. Outlook appears to handle this limit poorly, making it unusable once available memory dips below what Outlook requires to run smoothly.

To see how much memory is available for Outlook, try the VMMap Sysinternals tool, which shows the private bytes or memory distributed for a process that cannot be shared. VMMap shows the bit version of Outlook, as well. For 32-bit Outlook, a number at 250,000 K or less is bad.

Use the following registry setting to prevent add-ins from using the extra memory available from LAA mode. Change the xx to 15 for Outlook 2013 or 16 for Outlook 2016:
HKEY_CURRENT_USER\Software\Microsoft\Office\xx.0\Outlook\ReserveHighAddressRange DWORD Value ‘1’

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)