Powershell script to set Registry Key Permissions with Subkeys for a User ( Needs to be run as admin as its changing things in HKCU:\Software\Policies

$acl = Get-Acl HKCU:\Software\Policies\Google
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]"None"
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("domain\user","FullControl",$inherit,$propagation,"Allow")
$acl.SetAccessRule($rule)
$acl |Set-Acl -Path HKCU:\Software\Policies\Google
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Use this to Generate a Command for Open SSL e.g the below 

https://www.digicert.com/easy-csr/openssl.htm

openssl req -new -newkey rsa:2048 -nodes -out test_test_com.csr -keyout test_test_com.key -subj "/C=US/ST=Test/L=/O=Test/CN=test.test.com" 

Now add to the end : -config “C:\Program Files\Autonomy\WorkSite\Apache\conf\openssl.cnf”

In Comand Prompt Navigate to Openssl.exe (  C:\Program Files\Autonomy\WorkSite\Apache\bin ) 

Run the full command

openssl req -new -newkey rsa:2048 -nodes -out test_test_com.csr -keyout test_test_com.key -subj "/C=US/ST=Test/L=/O=Test/CN=test.test.com" -config "C:\Program Files\Autonomy\WorkSite\Apache\conf\openssl.cnf"

It will generate a .csr and a .key file , copy these to C:\SSL

Use the CSR with your certificate Authority to Generate a .crt file and also a chain file

Download these to C:\SSL

Open the file : C:\Program Files\Autonomy\WorkSite\Apache\conf\worksite.conf

Add or Change the Lines to the below

SSLCertificateFile “C:\SSL\certs_test_test_com.crt”
SSLCertificateKeyFile “C:\SSL\test_test_com.key”
SSLCertificateChainFile “C:\SSL\certs_DigiCertCA.crt”

Restart iManage Work Server Service

 

Next

Copy “C:\SSL\test_test_com.key” to “C:\SSL\test_test_comkey.pem”

Open certs_test_test_com.crt with Notepad and copy the contents into a new file

Open certs_DigiCertCA.crt with Notepad and copy the contents to the below of the new file ( directly under the other certificate on a new Line ) 

Save this as C:\SSL\test_test_comfullchain.pem

On the Worksite Service Properties  , Configure Hosted DM

Change .PEM files to your new file

 

 

Restart iManageMicroServiceHub Service

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

The ubiquiti controller software listens to the Unifi broadcast traffic , however if this is on a different subnet you won’t get this!

To get around this , you need to create some records for the Access point to manually point to the controller

DNS

Create a DNS pointer of UniFi.domain.local on your DNS to point to the CNAME of your Ubiquiti Controller

DHCP

You can also use DHCP Option 43

 

        option ubnt.unifi-address 201.10.7.31;  ### UniFi Controller IP ###
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Trying to setup a subdomain for iManage communication server in 365. I created a Connection from 365 to OnPrem server

Create a Connector

What I needed to do was also add the domain to 365 and change it to Internal Relay

Add the domain in below

Change the accepted Domain Type for the subdomain to internal relay

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

By default this is disabled , to Enable , open the registry key : 

SOFTWARE\Interwoven\WorkSite\imDmsSvc\Databases\%databasename%

“Workspace Index”

Set to Y

Then

Restart Worksite Service

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently had to help someone launch a site that was going to get significant traffic, estimates were 100,000 Global Visitors/hour. 

The site was going to be a simple one paralex site that redirected people to a newsletter for future communication. It was going to be written in wordpress with some plugins. After the developer showed me the site the page was loading at 3.3MB and took 10seconds network tools in chrome showed. This was actually mostly alot of JS files ( due to Plugins etc etc ) and a 400KB background image.

My first thought straight away was Cloudflare to help with the cache of this site around the world on their network and also for their awesome simple free tools e.g. Minify. Enabling Minify dropped the site down to 1.1mb and halved the load times. 

Next we installed Jetpack to help offload images to their CDN. 

The site was not actually going to be updated either so we enabled Static Content : https://support.cloudflare.com/hc/en-us/articles/200172256-How-do-I-cache-static-HTML-

The backend of the site ran on normal webhosting , and we enabled loadbalancing on Cloudflare just in case one server was overloaded

Results : 

 

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

When trying to deploy BigHand Via GPO via the system account uses for Computer installations the below error comes up 

 

You will need to deploy the MSI with the MST Transform attached here : no updater

e.g. to test

msiexec /i “bighand install.msi” Transforms=”no updater.mst” /qb

 

VN:F [1.9.22_1171]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: +1 (from 1 vote)

Trying to deploy Bighand via GPO MSI , running the System App Via the Transform brings up the below error

 

That error relates AD authentication, but because you are using BigHand Professional, this should always be turned off.


Browse to – 
[HKEY_LOCAL_MACHINE\Software\Bighand\Totalspeech\v3] 
(on a 64 bit machine this will change to [HKEY_LOCAL_MACHINE\Software\Wow6432Node\BigHand\Totalspeech\v3]) 

The REG_DWORD to look for is called “AuthenticationType” This should be set to “0” 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently we had deployed Desksite to a few users , however some of them when opening PDF would get a connection Dialog box opening up and clicking on Connect in the Server List would freeze the screen with 

“Not Responding” 

And the connection would stay disconnected, even though the user was connected fine to Desksite.

We made sure Adobe Protected Mode was disable and ran a Repair of Desksite.

In the End we had to remove and reinstall Desksite from Scratch to repair this

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)