I got deployment failed when trying to change a SQL servers License from Express to Developer.

I checked the Server and it had developer license installed on SQL

Looking at the JSON

{
    “status”: “Failed”,
    “error”: {
        “code”: “ResourceDeploymentFailure”,
        “message”: “The resource operation completed with terminal provisioning state ‘Failed’.”,
        “details”: [
            {
                “code”: “MismatchSqlVmSku”,
                “message”: “The SQL sku provided is ‘Developer’ which does not match the sku installed in the virtual machine ‘Express’. Make sure to provide the correct sku type.”
            }
        ]
    }
}
 
Its because there was an old version of SQL express installed , removing this fixed the issue
GD Star Rating
loading...
GD Star Rating
loading...

Recently trying to setup a user to be able to access IRM documents out of a SharePoint library , and when opening the documents from the browser , an error would appear

access denied contact your administrator

I tested and the user could protect documents themselves showing the IRM platform was working. I tested setting up a test AD user and getting them to sign into that and still would open in login in a ‘Modern Authentication” login loop.

In the end a fix was to download the file before opening it ( Instead of clicking from the browser ) 

GD Star Rating
loading...
GD Star Rating
loading...

You cannot open PDF files directly to Adobe Reader due to Adobe not releasing their API to Intunes SDK

Workaround : 

  • Add Adobe Reader to Protected Files in your MAM policy
  • Install Microsoft Onedrive on the device
  • Download the file \ Attachment ( It will download it to Onedrive secure area ) 
  • Open it with Adobe Reader
GD Star Rating
loading...
GD Star Rating
loading...

Had a user trying to reauthenticate her Iphone Mail , however after clicking approve on the App , it would just wait on the below screen ( it should refresh after receiving the push approval and go back to Mail )

Tried rebooting and re-adding the Mail account to no avail

1) Upgrading all Apps and Iphone IOS version resolved it

2) If you kill the mail app then go to settings and update the password there it works, happens every few weeks for me

3)

I’ve found that the native iOS mail app will go into an endless loop unless you tap on the top-right to go back to Settings, then it will complete the sign in process:

 

GD Star Rating
loading...
GD Star Rating
loading...

Unlike WAF v2 , the v1 product does not have custom rules for blocking IP , so you will need to do this at the IIS Level still

When the WAF forwards the request it tags on “x-forwarded-for” to the HTTP header and leaves the c-ip ( client IP ) the same

By Default IIS will check IP Address Domain and Restrictions list on the site and block the c-ip ( client IP ) using this list. 

Enabling Proxy Mode ( In IIS 8 and up ) means it will also adhere to the x-forwarded-for , but you will need to add the Subnet of the WAF ( as it picks a different IP each time ) to the allow list as well or the Health probe won’t be able to make sure the site is UP

GD Star Rating
loading...
GD Star Rating
loading...

# Example .inf file:

[Version]

Signature=”$Windows NT$”

 

[NewRequest]

Subject = “CN=dcname.domain.com.au”

KeySpec = 1

KeyLength = 2048

Exportable = TRUE

MachineKeySet = TRUE

SMIME = FALSE

PrivateKeyArchive = FALSE

UserProtected = FALSE

UseExistingKeySet = FALSE

ProviderName = “Microsoft RSA SChannel Cryptographic Provider”

ProviderType = 12

RequestType = PKCS10

KeyUsage = 0xa0

 

[EnhancedKeyUsageExtension]

OID = 1.3.6.1.5.5.7.3.1 ; Server Authentication

 

# Create CSR

certreq -new C:\temp\cert.inf c:\temp\csr.csr

# Issue cert on CA

certreq -submit -attrib “CertificateTemplate:2016KerberosAuthentication” “C:\Users\matt.soltau\Desktop\csr.csr”

– Copy cert.cer from CA to DC

# Accept cert on DC

certreq -accept c:\temp\cert.cer

# Copy Cert form Personal store to ADDS service

# Find Thumbprint (PowerShell)

> Cd Cert:\LocalMachine\My\

> Get-ChildItem

Copy-Item “HKLM:\SOFTWARE\Microsoft\SystemCertificates\MY\Certificates\<Thumbprint>” “HKLM:\SOFTWARE\Microsoft\Cryptography\Services\NTDS\SystemCertificates\MY\Certificates\”

GD Star Rating
loading...
GD Star Rating
loading...

Under Renderer there’s a Scan option. Click it to find your Chromecast. If VLC is stuck on scanning for renderer, you should use VLC to open a random multicast network stream in the range of address 224.0.0.X, where X is between 100 and 199. You should notice there is nothing played (since there is no such stream available). Wait for a while and then check for available renderers again. Now they should show up (might take a couple of seconds but not more than a minute). Note: once you have used a number X, you cannot use it again. A way to generate new numbers might be to set X to 100 + current date. If you get stuck more than once a day, then add 30 to the date or just use 100 + current minute as a random number. And when all numbers are exhausted, well then you have to powercycle the laptop unless that has already been done in a month. The complete syntax for the multicast network stream to open is udp://@224.0.0.X:5000

GD Star Rating
loading...
GD Star Rating
loading...