MFA Server

Login to your MFA server and change the below to Succeed Authentication from Failed

In Azure Cloud

Login to Office 365 Portal

Choose Azure Active Directory

Choose MFA

Add One Time Bypass

• No Comments

Powershell script to set Registry Key Permissions with Subkeys for a User ( Needs to be run as admin as its changing things in HKCU:\Software\Policies

$acl = Get-Acl HKCU:\Software\Policies\Google
$inherit = [system.security.accesscontrol.InheritanceFlags]"ContainerInherit, ObjectInherit"
$propagation = [system.security.accesscontrol.PropagationFlags]"None"
$rule = New-Object System.Security.AccessControl.RegistryAccessRule ("domain\user","FullControl",$inherit,$propagation,"Allow")
$acl.SetAccessRule($rule)
$acl |Set-Acl -Path HKCU:\Software\Policies\Google

• No Comments

Use this to Generate a Command for Open SSL e.g the below 

https://www.digicert.com/easy-csr/openssl.htm

openssl req -new -newkey rsa:2048 -nodes -out test_test_com.csr -keyout test_test_com.key -subj "/C=US/ST=Test/L=/O=Test/CN=test.test.com" 

Now add to the end : -config “C:\Program Files\Autonomy\WorkSite\Apache\conf\openssl.cnf”

In Comand Prompt Navigate to Openssl.exe (  C:\Program Files\Autonomy\WorkSite\Apache\bin ) 

Run the full command

openssl req -new -newkey rsa:2048 -nodes -out test_test_com.csr -keyout test_test_com.key -subj "/C=US/ST=Test/L=/O=Test/CN=test.test.com" -config "C:\Program Files\Autonomy\WorkSite\Apache\conf\openssl.cnf"

It will generate a .csr and a .key file , copy these to C:\SSL

Use the CSR with your certificate Authority to Generate a .crt file and also a chain file

Download these to C:\SSL

Open the file : C:\Program Files\Autonomy\WorkSite\Apache\conf\worksite.conf

Add or Change the Lines to the below

SSLCertificateFile “C:\SSL\certs_test_test_com.crt”
SSLCertificateKeyFile “C:\SSL\test_test_com.key”
SSLCertificateChainFile “C:\SSL\certs_DigiCertCA.crt”

Restart iManage Work Server Service

Next

Copy “C:\SSL\test_test_com.key” to “C:\SSL\test_test_comkey.pem”

Open certs_test_test_com.crt with Notepad and copy the contents into a new file

Open certs_DigiCertCA.crt with Notepad and copy the contents to the below of the new file ( directly under the other certificate on a new Line ) 

Save this as C:\SSL\test_test_comfullchain.pem

On the Worksite Service Properties  , Configure Hosted DM

Change .PEM files to your new file

Restart iManageMicroServiceHub Service

• No Comments

The ubiquiti controller software listens to the Unifi broadcast traffic , however if this is on a different subnet you won’t get this!

To get around this , you need to create some records for the Access point to manually point to the controller

DNS

Create a DNS pointer of UniFi.domain.local on your DNS to point to the CNAME of your Ubiquiti Controller

DHCP

You can also use DHCP Option 43

        option ubnt.unifi-address 201.10.7.31;  ### UniFi Controller IP ###

• No Comments

Trying to setup a subdomain for iManage communication server in 365. I created a Connection from 365 to OnPrem server

Create a Connector

What I needed to do was also add the domain to 365 and change it to Internal Relay

Add the domain in below

Change the accepted Domain Type for the subdomain to internal relay

• No Comments

By default this is disabled , to Enable , open the registry key : 

SOFTWARE\Interwoven\WorkSite\imDmsSvc\Databases\%databasename%

“Workspace Index”

Set to Y

Then

Restart Worksite Service

• No Comments

Recently had to help someone launch a site that was going to get significant traffic, estimates were 100,000 Global Visitors/hour. 

The site was going to be a simple one paralex site that redirected people to a newsletter for future communication. It was going to be written in wordpress with some plugins. After the developer showed me the site the page was loading at 3.3MB and took 10seconds network tools in chrome showed. This was actually mostly alot of JS files ( due to Plugins etc etc ) and a 400KB background image.

My first thought straight away was Cloudflare to help with the cache of this site around the world on their network and also for their awesome simple free tools e.g. Minify. Enabling Minify dropped the site down to 1.1mb and halved the load times. 

Next we installed Jetpack to help offload images to their CDN. 

The site was not actually going to be updated either so we enabled Static Content : https://support.cloudflare.com/hc/en-us/articles/200172256-How-do-I-cache-static-HTML-

The backend of the site ran on normal webhosting , and we enabled loadbalancing on Cloudflare just in case one server was overloaded

Results : 

• No Comments

When trying to deploy BigHand Via GPO via the system account uses for Computer installations the below error comes up 

You will need to deploy the MSI with the MST Transform attached here : no updater

e.g. to test

msiexec /i “bighand install.msi” Transforms=”no updater.mst” /qb

• No Comments

Trying to deploy Bighand via GPO MSI , running the System App Via the Transform brings up the below error

That error relates AD authentication, but because you are using BigHand Professional, this should always be turned off.

Browse to – 
[HKEY_LOCAL_MACHINE\Software\Bighand\Totalspeech\v3] 
(on a 64 bit machine this will change to [HKEY_LOCAL_MACHINE\Software\Wow6432Node\BigHand\Totalspeech\v3]) 

The REG_DWORD to look for is called “AuthenticationType” This should be set to “0” 

• No Comments

Recently we had deployed Desksite to a few users , however some of them when opening PDF would get a connection Dialog box opening up and clicking on Connect in the Server List would freeze the screen with 

“Not Responding” 

And the connection would stay disconnected, even though the user was connected fine to Desksite.

We made sure Adobe Protected Mode was disable and ran a Repair of Desksite.

In the End we had to remove and reinstall Desksite from Scratch to repair this

• No Comments