I encountered this one recently. Google doesn’t make it simple (or clear) how to allow external people to send emails to a Google Group (which most people use as the equivalent of a distribution list / Office365 group).
In Google Admin, navigate to the Google Group and check off “Allow” (a checkmark) where Publish Posts and External intersect (seen below with the number 1 in red)
That’s it! External users will now be able to email the group.
Recently, I was trying to perform an audit search on an Office365 organization and found auditing wasn’t enabled. When I tried to do it straight from the audit screen, I encountered this error:
Sorry! We couldn’t update your organization settings. Please try again.
I went straight to PowerShell and ran Get-AdminAuditLogConfig | FL Unified* and it was not enabled.
To resolve this, I ran Enable-OrganizationCustomization
And then I ran the Powershell command Set-AdminAuditLogConfig – UnifiedAuditLogIngestionEnabled $true
It’s been a while and there is plenty of reasons for that, but namely… I got a new job!
Anywho, here is a good one I encountered when trying to update an ESXI host.
Could not find a trusted signer: certificate is not yet valid
Failed to setup patcher for upgrade
Full error and command
I hadn’t used this host in a hot minute and one thing I know is that SSL Certs are time/date-based. I took a look at the date and time in ESXI and lo and behold found an incorrect date.
The incorrect date!
After setting the correct date, I re-ran the command and the ESXI update completed successfully. I also set the server to use NTP so this doesn’t pop up again.
Looking for how to change the active version of PHP in StableHost? Scroll down to the SOFTWARE section. For me, it was the last option. Hit Select PHP Version .
On the ensuing screen, next to Current PHP version choose your version! You can also select your PHP extensions / addons
And that’s it! Once you’ve chosen your PHP version you’ll receive a confirmation and that’s it. Enjoy!
A client of ours wanted to upgrade their Windows 10 Professional licenses to Windows 10 Enterprise by way of E5 licensing in Office365 / Azure Active Directory.
Most computers worked fine, but a few just didn’t work and upgrade as they should have. There isn’t a lot of documentation on this, so I thought I’d put out there what worked for us and what we found. I ended up opening a ticket with Microsoft Escalated Support and worked with a rep over a few weeks.
First and foremost, make sure in Office365 that the E5 license has the option checked off for Windows 10 Enterprise.
First Troubleshooting Recommendation: dsregcmd
Run dsregcmd /status on the affected machine as the logged in user (and not a System or admin account).
If WamDefaultSet : ERROR and / or AzureAdPrt : NO are found, these would indicate an issue on Azure’s end. You want to see both answered with YES. These fields indicate whether the user has successfully authenticated to Azure AD when signing in to the device.
If the values are NO, it could be due to:
Bad storage key in the TPM associated with the device upon registration (check the KeySignTest while running elevated).
It seems that in this Covid world I’ve become very good at troubleshooting and using ConnectWise Control, specifically the cloud-hosted version. Since ConnectWise appears to be shaping itself for sale, it has cut jobs which has clearly affected the level of support I’ve been receiving at all hours.
Let’s begin with configuring mail sending settings with Office365 and ConnectWise Control (formerly ScreenConnect).
Simply put, use these settings!
smtp.office365.com
Port 587 w/SSL option
Email account credentials and set your default from / to address
Something on my list of things to do has been to update SAML roles for an application setup a few years ago before Microsoft simplified certain aspects of SAML applications. After tickets with Microsoft support that ended up escalated but with no assistance from them, I found that these roles could be updated via Microsoft Graph. Let’s dive in.
I have my application ID and have requested the body via GET below and the URL https://graph.microsoft.com/beta/servicePrincipals/{ID}(without the curly brackets surrounding your ID)
In the JSON Response Preview, you can see the appRoles listed for the application. After using my Google-FU and not finding any documentation on this at all, I experimented and after trial and error, figured out how to update the approles while keeping existing appRoles.
First, you’ll need a unique GUID for the new approle. In Powershell, you can run new-guid to generate a new GUID for your new approle(s).
Next, copy your entire existing Approle digest from the Response Preview to your editor of choice; I like Visual Studio Code. This means everything from the approles: [ line to the bracket at the end of the last role.
Add a new approle (you can copy a previously used one), paste in your GUID, and change the description, displayname, and value. Because this is JSON, you’ll need to add a comma to the curly bracket for the previous approle.
Once you’re done editing your approles, go back to Microsoft Graph. Where before you chosen to GET , now select PATCH. Keep the URL the same.
Be sure to validate the JSON (you may need to add curly brackets to the beginning and end of the JSON file) using any free online tool or Visual Studio Code. Paste the JSON code in to the Request Body in Microsoft Graph and hit Run Query.
If everything went well, you should see a green OK!
I recently ran into an error with a client’s off-site backup using Cloudberry to Backblaze B2 that simply said: file name segment must be no more than 250 bytes
Nice, right? Digging into the logs, I found that it was erroring out on an amazingly long .JS file a user had copied over with a bunch of personal files.
Enter SuperDelete on Github. Download it from the release page or compile it yourself, move it to the problem folder and let it do its magic. Simply run the executable (no installation necessary!) and name the file in question and you’re golden!
1. Download Process Explorer from its homepage here: Process Explorer
2. Extract the ZIP file contents to a folder of your choosing. If you don’t have a 3rd party Zip program (I recommend 7-Zip!) you can use Windows’ built-in one: right click the Zip file and select “Extract all…”
3. Double-click the file procexp.exe
4. Enable “Check VirusTotal.com”
The new column VirusTotal will be added automatically, and initially show “Hash submitted…”. After a few seconds it will show the results
5. Processes that are running as System and not as a standard user won’t show a VirusTotal result until Process Explorer is restarted with elevated permissions
You may see a UAC prompt here… click Yes. After a few seconds, we will see the VirusTotal result for every process:
A VirusTotal result of 0/55 means that 55 anti-virus products have checked the file and that non of them have detected anything awry!
Click the result/link to open the detailed report in a web browser. There you’ll find when the scan was done and other useful information like what anti-virus products detected anything and what type of possible infection/malware.
Example of a VirusTotal detection:
Note
If only one AV detected something chances are that
it’s a “false positive” (wrongly detected) and that the file is clean.
Click the VirusTotal link to get more details about it.
6. If you have processes that
show “Unknown” in the VirusTotal column, it means that specific file and
version has never been uploaded to VirusTotal. To automatically upload
these files to VirusTotal select this option:
7. To submit a file to VirusTotal manually, any file (not only “Unknown” ones), which means to upload and re-scan the file, double click a process, go to the Image tab and click the button below named “Submit”
You can then exit the Properties window and wait until you see a result
in the VirusTotal column for that process. It’ll take a few minutes. 8. You can also do a VirusTotal check for all the DLL files a process uses. Select a process and press Ctrl+L to toggle the lower pane. It will submit the file hashes to VirusTotal and show the result after a few seconds:
If you find more than one suspicious process and want to terminate them, it’s recommended by Mark Russinovich, the father of Process Explorer, to first suspend (via right click menu) them. As the vast majority of malware infections include multiple processes that can easily restart each other when a single one is killed, suspending first is a much safer way.