After enabling Mimecast for Inbound routing , Threat Protection Re-Writes the URLs for Safety. When this is enabled with the following 365 Spam Check : Image links to remote sites

Which : Messages that contain <Img> HTML tag links to remote sites (for example, using http) are marked as spam.

All Inbound emails with Images with Hyperlinks get marked as Spam by Office365. Make sure this is turned off!

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

The compact is the recommendation from iManage Support. Ideally, you can stop connector and the ingestion due to it not being used anymore and start the services after DRECOMPACT

You will need 30% free disk space to run DRECompact Successfully.

 

STEPS TO RESOLVE

  1. Stop Worksite Connector and Work Ingestion Server services
  2. Expand Content Engine disks to a point that there is more than 30% capacity free 
  3. Run a DRECOMPACT task against both engines

    http://127.0.0.1:11001/DRECOMPACT
    http://127.0.0.1:12001/DRECOMPACT

    Make a note of the INDEXID number returned to your browser.
  4. Wait until completed

    YOU CANNOT STOP THIS PROCESS AND IT MAY TAKE A CONSIDERABLE AMOUNT OF TIME


  5. You can monitor the status from the IndexerBrowser

    “The compaction is complete when the IndexerGetStatus action reports that the job (INDEXID number) is finished (status=-1, description = Finished).”

 

  1. Restart the Connector and Ingestion Server services once the job has completed and the content engine disks are looking a little emptier

 

To set up a schedule for compaction

  1. Open the Content server configuration file in a text editor.
  2. Find the [Schedule] section. If the configuration file does not contain a [Schedule] section, add one.
  3. Set the following parameters in the [Schedule] section:

 

Compact:                         

Type true to enable a compacting schedule.

 

CompactTime:                

The time (hh:mm) when you want the Compact operation to start.

 

CompactInterval:           

The number of hours between DRECOMPACT operations. Specify the time in the 24-hour clock and the format hh:mm. When you start WorkSite Indexer, the specified CompactInterval must elapse (after the specified CompactTime) before the first  DRECOMPACT

operation takes place. Type 0 to schedule daily compactions.

 

For example:

[Schedule]

Compact=true

CompactTime=01:00

CompactInterval=168

 

This configures a compaction every 168 hours (once a week) at 1:00 a.m.

 

      1. Save and close the configuration file.
      2. Restart the Content server for your changes to take effect.
      3. Repeat Step 1 to Step 5 for all your Content servers.

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Check these recommended Enterprise Cloud Resources and Neutral Resources network settings

Also : 

Exempting the App means the app will allow to be able to access and share company data 

Get-AppLockerFileInformation -Path "C:\Program Files\Windows NT\Accessories\wordpad.exe"

Name : Firefox

Product Name : O=MOZILLA CORPORATION, L=MOUNTAIN VIEW, S=CALIFORNIA, C=US

Publisher : *

File : firefox.exe

Min Verison : *

Max Version : *

 

Name : Chrome

Product Name : O=GOOGLE LLC, L=MOUNTAIN VIEW, S=CA, C=US

Publisher : *

File : chrome.exe

Min Verison : *

Max Version : *

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Currently, there is no way to use the Regex filter to capture “Everything” is not allowed in Microsoft 365 environment. This is by design.

A bit annoying when you want to tag a sensitivity label to all files

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Something went wrong. Here are some possible reasons.
Device already connected to org
Couldnt auto discover a management endpoint assigned to username. If you know your endpoint please enter it.\
mdm server URL: blank     > https://wip.mam.manage.microsoft.com/Enroll didnt work

 

  1. Checked existing connections, if so disconnect and reconnect again.  There wasn’t.
  2. Backup and delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments
  3. Try again.. existing connection popped up, disconnect and reconnect working now
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
  • Needs a specific PDF Reader

https://docs.microsoft.com/en-us/azure/information-protection/rms-client/protected-pdf-readers

Nitro PDF at the time of writing this does not work! Remember this will be for Internal and External People reading a protected document

  • Deployment of Microsoft Azure Information Protection Viewer ( There is no Mac OSX client for Azure Information Protection.)
    To read-protected Txt files and image files, think of files that will be protected without a reader.

  • Authorized Workflow or Users to Remove the Sensitivity Label
    If you want the send the document out of the organization to a user who is not setup in your company’s Azure AD ( e.g Guess Access ) you will need a Workflow that automates and logs this removal for Compliance/Auditing of a User with these permissions
  • Sensitivity Labelling
  1. Enable Sensitivity on a Teams or Sharepoint Library  Does not set Files underneath it
  2. You can set a Default Document Label however you will still need to encrypt old documents ( see below ) 
  3. Auto-Labelling Technology to do this needs License and is still in Preview License needed ( Microsoft 365 E5/A5/G5, Microsoft 365 E5/A5/G5 Compliance, Microsoft 365 E5/A5 Information Protection and Governance, Office 365 E5, Office 365 Advanced Compliance, Enterprise Mobility + Security E5, and AIP Plan 2 provide the rights for a user to benefit from automatic sensitivity labeling. ) 
  4. Use the Microsoft Cloud App Security dashboard with File Policy to Tag the files ( still needs above license ) 
  • Breaks CoAuthoring
    Can only use the web version of Office for Document CoAuthorign

  • Needs the latest version of Office 365 for Client-Side Labelling Modifications 
    Remember any external people you are sharing with will need this as well to open

 

 

 
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

A WNDAP360 can be in Standalone mode , or it can be managed by a Wireless Controller. 

If you want to change the type ( Managed to Standalone mode ) you need to flash the device firmware. Performing a Factory Reset ( Holding down Reset Button ) just resets the WebGui Login password.

 Firmware upgrade sequence for WNDAP360 from 2.x:
  V2.1.11 -> V2.1.12 -> V3.5.20.0 – Correct sequence.

Download the Firmwares from here : 

https://www.netgear.com/support/product/WNDAP360.aspx#download

See – View Previous Versions

Once Download . UnZip the .tar files !

Login to the webportal of the managed WNDAP360 and upload the first  V2.1.11 Firmware (.tar )  ( I used Chrome ) 

What you will see in the console serial cable connection , is the device restart straight away then wait on the below , Leave the webbrowser open

######################### Start SysMon Entity [30] #########################
# Name=RFID Mgr, Path=/ft/bin/rfid_mgr, Type=0
######################### Start SysMon Entity [31] #########################
# Name=RFID Serial Comm, Path=/ft/bin/rfid_serial_comm, Type=0
Executing file /FT_CONF/prepare_upgrade
********* Waiting for Upgrade file *********

Wait on this screen for a few minutes 

Netgear mips #1 Tue Dec 6 11:52:49 IST 2016 (none)
Netgear login:
FACDEF_DRV: Disabling watchdog
TERM

You should then see it formating the file system and rebooting again

Once ready you can go upload V2.1.12 ( takes a while as it has to encrypt the filesystem ) 

Then V3.5.20.0 and whatever’s the latest!

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently working on a Proof Of Concept enabling a MAM policy to lockdown and protect an application (Teams) on a device that not enrolled in Intune, and the File Ownership prompt in guides was not appearing.

The Intune License was applied to the user and the user was enabled for  MAM User Scope , and the MAM policy was applied to the User  

However no file ownership still and no encryption of files. Turns out the device has to be joined to the companys Azure AD ( or Local AD and Hybrid ) for this to happen and display the info box

This will show you its enrolled in MAM ( not MDM ) 

After this File Ownership is displayed !

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

https://techcommunity.microsoft.com/t5/outlook-global-customer-service/how-outlook-2016-utilizes-exchange-server-2016-fast-search/ba-p/381195#

Secondary mailboxes

When Outlook 2016 released, the plan was to only support FAST search on your primary mailbox. However, starting in the Fall of 2017, you should see that any Exchange email account added through File | Account Settings (also known as MultiEx or multiple Exchange accounts) now fully supports FAST search.

 

If you are limited to using an older build of Outlook 2016 and search in a MultiEx mailbox, the FAST query may be submitted in the context of the logged on user (you). This causes the search results to be pulled from your own mailbox, not the secondary mailbox that currently has the focus in your Outlook client. If you are unable to upgrade your Outlook 2016 client to the November 2017 Monthly Channel Build, you can temporarily work around this limitation by using one of the following options:

  • Change the search scope to All Outlook Items, Subfolders, or All Mailboxes
  • Disable Outlook 2016’s use of FAST search via policy or local user registry setting (see the next section)

Note Other types of secondary stores, such as those added via Open these additional mailboxes or those that are automatically configured via AutoMapping, are still limited to WDS.

 

HOWEVER

 

I’ve found users report searching still sucks in their shared and/or secconday mbxs. So per document set the below DWORD key to 1 if a user reports this – though I’m still waiting to hear if there are negative connotations to this change

 

 

Disable Server Assisted Search

Group Policy registry path:
HKEY_CURRENT_USER\software\policies\Microsoft\office\16.0\outlook\search
DWORD: DisableServerAssistedSearch

Disables Outlook from requesting and using Search results from Exchange for cached and non-cached mailbox items. Instead, it will use search results from W

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

 Report % Rate of change from the last Backup Job Run

Add-PSSnapin -Name VeeamPSSnapIn -ErrorAction SilentlyContinue

Disconnect-VBRServer | out-null

connect-vbrserver -server localhost

$JobsOutput = @()

Foreach ($JobObject in Get-VBRJob | ?{$_.JobType -eq "Backup"})

{

$LastSession = $JobObject.FindLastSession()

$ChangeRate = ($LastSession.Info.Progress.TransferedSize/$LastSession.Info.Progress.TotalUsedSize)*100

$JobOutput = New-Object -TypeName PSObject

$JobOutput | Add-Member -Name "Jobname" -MemberType Noteproperty -Value $JobObject.Name

$JobOutput | Add-Member -Name "Endtime" -MemberType Noteproperty -Value $LastSession.endtime

$JobOutput | Add-Member -Name "TotalUsedSize" -MemberType Noteproperty -Value $LastSession.Info.Progress.TotalUsedSize

$JobOutput | Add-Member -Name "ReadSize" -MemberType Noteproperty -Value $LastSession.Info.Progress.ReadSize

$JobOutput | Add-Member -Name "TransferedSize" -MemberType Noteproperty -Value $LastSession.Info.Progress.TransferedSize

$JobOutput | Add-Member -Name "ChangeRate" -MemberType Noteproperty -Value $ChangeRate

$JobsOutput += $JobOutput

}

$JobsOutput | Out-GridView

Disconnect-VBRServer | out-null

However one result is not a fair estimate of rate of change , and I don’t have a Veeam One license so I decided to Average Stuff

You can run on One VM or all the VM’s in a Backup Job

Add-PSSnapin -Name VeeamPSSnapIn -ErrorAction SilentlyContinue

connect-vbrserver -server localhost

#Query to get all jobs in the time period in hours that have processed data (Data ne 0 ) and have completed

$vbrtasksessions = (Get-VBRBackupSession |

Where-Object {($_.EndTime -ge (Get-Date).addhours(-168) -or $_.CreationTime -ge (Get-Date).AddHours(-168) -or $_.State -eq "Working")}) | Get-VBRTaskSession | Where-Object {$_.Status -notmatch "Idle|InProgress|Pending|Fail"-and $_.Info.Progress.TotalSize -ne "0"}

#Get Backup Job and VM

#$getOne = $vbrtasksessions | ? {$_.JobName -eq "%Veeam Backup or Backup Copy Name%" -and $_.Name -eq "%Name of Server%"}

#Or Get Whole Backup Job and average between all the machines

#$getOne = $vbrtasksessions | ? {$_.JobName -eq "%Veeam Backup or Backup Copy Name%"}

#Cannot Get Total usedSize in Backup

Echo ListofAllFullSizesInBytes $getOne.Info.Progress.TotalSize

#Echo AverageTotalFullBackupSizeInGB $([Math]::Round([Decimal]($getOne.Info.Progress.TotalSize | Measure-Object -Average).Average/1GB, 2))

Echo ListofIntcrementalSizeinBytess $getOne.Info.Progress.TransferedSize

#Echo AverageIntSizeinGB $([Math]::Round([Decimal]($getOne.Info.Progress.TransferedSize | Measure-Object -Average).Average/1GB, 2))

Echo RateofChangein% ((($getOne.Info.Progress.TransferedSize | Measure-Object -Average).Average/($getOne.Info.Progress.TotalSize | Measure-Object -Average).Average)*100)

Disconnect-VBRServer | out-null
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)