Here’s a useful video from Microsoft on how to fully setup guest access in teams. It involves changing settings in Azure Active Directory, Teams Admin, Microsoft 365 Groups, SharePoint Admin and individual SharePoint sites.
PROBLEM: I need to stop users saving data to a bitlocker usb flash drive that they use to unlock their laptop.
SOLUTION: Use the DiskPart command line utility to enable read only access to the USB flash drive in question.
- Press the Windows key + R to open the run box.
- Type diskpart and press enter.
- If you receive a UAC prompt asking for permission click Yes.
- At the DISKPART > prompt type list disk and press enter.
- Figure out which is your USB disk based on the size (mine was disk 1) so I typed select disk 1 and pressed enter.
- You can check the attributes for the disk by typing attributes disk.
- To enable disk write protection (making it not possible to save files to the disk) use the command attributes disk set readonly and press enter.
- You’re done! Type exit to quit.
- If you ever wanted to revert back and disable write protection then use the command attributes disk clear readonly and press enter.
Please note that the above method will only enable write protection for that particular usb flash drive on that specific windows machine. If you were to put the same usb flash drive in a different machine you can still write files to it.
Windows 10 allows you to join your computer to the Azure Active Directory and login with your cloud credentials. The first account that joins the AAD becomes a local administrator. Subsequent users are not.
To add additional azure accounts as local admins you need to do the following…
- Open a command prompt with Administrator proviledges
- Enter the following command…
net localgroup administrators /add "AzureAD\<users office 365 email address>"
You should see “The command completed successfully”, now go check it worked by going into computer management > Local Users and Groups > Groups > Administrators and check to see if the user is listed.
Starting in Outlook 2016 version 16.0.6741.2017, Microsoft has enabled a new feature called Direct Connect to Office 365. What this feature does is connect Outlook directly to Office 365 if Autodiscover is not working. This is great feature but a network hiccup may cause your mailbox to connect to Office 365 rather than your on premise Exchange, even with a valid autodiscover record.
For Direct Connect to take effect the user must have an active mailbox on Office 365 with a valid license. Typically Direct Connect would be a neat feature unles you are in the middle of a migration to 365, but a network hiccup could incorrectly connect you to 365 even though you havent completed your migration yet.
During 365 migrations deom Hosted Exchange or On-Premise, we recommend disabling this option from the user computer registry:
You can stop Outlook from checking Office 365 for settings by setting a registry key.
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover DWORD: ExcludeExplicitO365Endpoint Value = 1
Then restart your computer and it should stop trying to connect to Office 365. When you are ready to flip the switch on your migration, remove this registry key.
Heres a great article describing the whole thing in more detail…
While working on an Azure ADConnect deployment we had a few users with export errors. The users seemed to sync into the cloud so I was not fully aware of what the export error actually affected but… it was still there..
Anyway I found the following article that explains why you get the error and how to fix it. Its basically down to the security settings of the users profile in AD. Basically, enabling the inheritance solved the issue and the ADConnect was able to export these identities.
User > Properties > Security > Advanced > Enable Inheritance
To move a SSL certificate from Microsoft IIS 8 to Apache, the certificate must be converted from a PKCS#12 (.p12 or .pfx) to two separate files (private and public key).
Step 1: Export certificate in IIS 8
- From the web server, click Start
- In the Search programs and files field, type manage computer certificates
- From the search suggestions list, click Manage computer certificates
- At the permission prompt, click Yes
- Double click on the Personal folder, and then on Certificates.
- Right Click on the Certificate you would like to backup and choose > All Tasks > Export
- Follow the Certificate Export Wizard to backup your certificate to a .pfx file.
- Choose to ‘Yes, export the private key‘
- Choose to “Include all certificates in certificate path if possible.” (do NOT select the delete Private Key option)
- Enter a password you will remember
- Choose to save file on a set location
- Click Finish
- You will receive a message > “The export was successful.” > Click OK
- The .pfx file backup is now saved in the location you selected.
Step 2: Convert PFX file to compatible files for Apache
Move the .pfx file to the Apache server.
To extract the private key, run the OpenSSL command:
openssl pkcs12 -in <filename>.pfx -nocerts -out key.pem
To extract the certificate (public key), run the OpenSSL command:
openssl pkcs12 -in <filename>.pfx -clcerts -nokeys -out cert.pem
How to Check the Active Directory Schema Version
Get-ADObject (Get-ADRootDSE).schemaNamingContext -Property objectVersion
Firstly I take no credit for this, the original article can be found here.
When you connect to a network for the first time in Windows, Windows saves the network profile and assigns a name to it.
Connections using Ethernet (wired) use a generic name such as Network 7 usually while wireless networks the SSID of the Wi-Fi network the device connected to.
Some users and administrators may dislike the non-descriptive nature of wired network connections on Windows.
Good news is that it is possible to rename network profile names to make them more descriptive on the operating system.
The following guide was written for Microsoft’s Windows 10 operating system but the process should work in previous versions of Windows as well.
Changing the network name on Windows
You can check the current name in the Network and Sharing Center on Windows or in the Settings application on Windows 10.
- Tap on Windows-I to open the Settings application.
- Go to Network & Internet > Ethernet or Wi-Fi depending on the connection type.
The name of the network is displayed at the very top of the page.
To display the name in the Control Panel instead, do this:
- Tap on the Windows-key to activate the Start menu.
- Type Control Panel and select the result.
- Go to Network and Sharing Center
The name is listed under “view your active networks”.
Windows administrators and users have two main options to change a network name. The first involves editing the Windows Registry using Local Security Policy. Note that Local Security Policy is only available in professional versions of Windows, e.g. Windows 10 Pro.
Using the Windows Registry
I recommend that you back up the Windows Registry before you make any changes to it. Check out ghacks.net Windows Registry backup guide to find out how to do that.
- Open the Start Menu.
- Type regedit.exe and select the result to open the Registry Editor.
- Confirm the UAC prompt that is displayed.
- Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles
- The next step requires some trial and error. Windows lists all network connections with a unique ID and you need to click on each to check the ProfileName variable of it until you find the network name that you want to change.
- Double-click on ProfileName once you have found the right entry and type the new name of the network that you want used on the device. The change is only active on the device.
The change takes affect immediately. You can verify that by opening the Settings app or the Network and Sharing Center to verify that the name change was successful.
Repeat the process for any other network name that you want to change.
I was trying to figure out how many lenghts of skirting board i’ll need to finish off my loft conversion and found the following useful tool.
This online linear cut calculator is designed to solve problems of cutting stock material into pieces of specified lengths with minimal material waste, named as cutting stock problem. In general, it’s a kind of length optimization software, in other words, it’s 1D nesting optimizer or linear cut calculator.