Azure AD Sync services

Azure AD Sync services

https://msdn.microsoft.com/en-us/library/azure/dn757582.aspx

Azure Active Directory Connect

that's the only one for nowadays

Office 365 groups

take away from MVA

Office 365 Groups provides  the following features

Integration in Outlook 2016
Discussions

to disable the group

Set-OwaMailboxPolicy -Identity test.com\OwaMailboxPolicy-Default -GroupCreationEnabled $false

Office 365 Groups are already integrated with

 OneDrive for Business

Calendar

OneNote

Yammer --- free version and enterprise version

yes,

Yammer got a free version

for enterprise version, you will need manually enable it in O365 admin portal

click included services , enable Yammer

communicate effectively

quote source from the internet

Frank I Luntz 在《有效之词》一书中列出了10条有效沟通方式：
1. 简单用词。（Simplicity: use small words.)
2. 短小用句。（Brevity: use short sentences.）
3. 确实可信。（Credibility is as important as philosophy.）
4. 反复强调。（Consistency matters: repetition, repetition, repetition.）
5. 内容新颖。（Novelty: offer something new.）
6. 朗朗上口。（Sound and texture matter.）
7. 生动有力。（Speak aspirationally.）
8. 绘声绘色。（Visualize.）
9. 以问代述。（Ask a question.）

10.言之有物。（Provide context and explain relevance.）

new comer in the backup world --- the backup world of Veeam

new comer in the backup world --- the backup world of Veeam

- https://www.veeam.com/vmware-esx-backup.html

-

Microsoft Hyper-V

VMware vSphere

NetApp

HP

Cisco

EMC

Cisco Meraki wireless network , cloud based wireless network management

Cisco Meraki wireless solutions
- cloud based management


https://meraki.cisco.com/

HP notebook cannot connect to wireless access point

HP notebook cannot connect to wireless access point

JohnC fixed it himself by un-install the wireless driver and reboot

upon restarting, the notebook re-installed wireless driver and all good

install office mobile app on iPhone 5s

https://products.office.com/en-us/mobile/office-iphone#Send


this include outlook

Microsoft Assessment and Planning Toolkit (MAP) can perform discovery using SSH

Microsoft Assessment and Planning Toolkit (MAP) can perform discovery using SSH

Microsoft Assessment and Planning Toolkit (MAP) can not discover licensing usage data

Microsoft Assessment and Planning Toolkit (MAP) can not discover licensing usage data

牛顿老师的一生是天才的一生，战斗的一生，也是孤独的一生。一辈子没有朋友

some quote from the net

牛顿老师的一生是天才的一生，战斗的一生，也是孤独的一生。一辈子没有朋友，也没有结过婚，很可能到死都是处男，关于牛顿是否处男的问题，由于篇幅过长，将另文论证。当然他肯定不会孤独，因为科学的世界里乐趣无限，快感连连。出乎世俗想象的是，科学其实远比任何娘们儿都风骚，玩科学比玩女人爽得多，得到一个成果所获得的高潮强烈而持久，不仅有快感，更有巨大的自我认同感，远胜于那几秒寒颤之后无边的空虚与落寞。

SBS 2011 C: drive space keeps running low

SBS 2011 C: drive space keeps running low .....

same logs can be 456MB per day.

if you look at the log, you will see you may see APRemoting30 ....

the trick is to close SBS Console

sounds like a joke, yes, it is happening

ISO 27018 and protecting personal information in the cloud

ISO 27018 and protecting personal information in the cloud

one drive for business limitations

filename cannot inlcude %,#,?

extension cannot have svc, json, ashx

a rich guys motto -- way to go

- a rich guys motto

( copied from some websites )

1. 不为模糊不清的未来担忧，只为清清楚楚的现在努力。

　　2. 只有先改变自己的态度，才能改变人生的高度。

　　3. 在抱怨自己赚钱少之前，先努力，学着让自己值钱。

　　4. 学历代表过去，学习能力才代表将来。

　　5. 耐得住寂寞才能守得住繁华，该奋斗的年龄不要选择了安逸。

　　6. 有些事情不是看到希望才去坚持，而是坚持了才看得到希望。

　　7. 压力不是有人比你努力，而是比你牛几倍的人依然在努力。

　　8. 你所做的事情，也许暂时看不到成功，但不要灰心，你不是没有成长，而是在扎根。

　　9. 现实和理想之间，不变的是跋涉，暗淡与辉煌之间，不变的是开拓。

1. 不为模糊不清的未来担忧，只为清清楚楚的现在努力。
　　2. 只有先改变自己的态度，才能改变人生的高度。
　　3. 在抱怨自己赚钱少之前，先努力，学着让自己值钱。
　　4. 学历代表过去，学习能力才代表将来。
　　5. 耐得住寂寞才能守得住繁华，该奋斗的年龄不要选择了安逸。
　　6. 有些事情不是看到希望才去坚持，而是坚持了才看得到希望。
　　7. 压力不是有人比你努力，而是比你牛几倍的人依然在努力。
　　8. 你所做的事情，也许暂时看不到成功，但不要灰心，你不是没有成长，而是在扎根。
　　9. 现实和理想之间，不变的是跋涉，暗淡与辉煌之间，不变的是开拓。
- See more at: http://finance.creaders.net/2015/11/02/1602117.html#sthash.c3nSU96P.dpuf

outlook 2010 could not connect to SBS 2003 --- dns could not resolve

outlook 2010 could not connect to SBS 2003

it turned out the user used external dns. manually put a host entry in the host file fixed the issue

so it is not a O365 2013 conflict with office 2010 issue

VDI in Azure cloud

Azure cloud dont do physical

but VDI requires it

boot to safe mode in windows 8 and windows 10 --- no luck with F8 key ?

http://www.howtogeek.com/107511/how-to-boot-into-safe-mode-on-windows-8-the-easy-way/

quote :

You can still have Safe Mode, however, it is buried deep into the recovery options of Windows 8 or 10. While just mashing the F8 key as we all know will boot you into automatic recovery mode, you can still manually access the recovery options by pressing the Shift+F8 key combination. Even more simple, however, is the option to just hold the SHIFT key and click Restart at the login screen, or even within Windows.

Note: all of this should work exactly the same in Windows 10 as it does in Windows 8.

https://www.asus.com/nz/support/FAQ/1008250/

bcdedit /set {default} safeboot

bcdedit /set  {bootmgr}  displaybootmenu yes

what can I do if I have 13 server 2012 r2 VMs with the same SID in V sphere 6 and I is required to setup AD

what can I do if I have 13 server 2012 r2 VMs (same SID) in V sphere 6 and I is required to setup AD ---

of course , there are many ways to do this ....

use sysprep to generate a new SID for the VM ( domain controller to be )

then other VMs can join to this domian.

ie, only domain controller cares about SID conflict.

SID gala ---- cannot join a server to a domain because of SID conflict, .... use sysprep to generate a new SID

SID gala ---- cannot join a server to a domain because of SID conflict, .... use sysprep to generate a new SID

--- this could happen when a VM is cloned without a new SID.

there is not new sid software for windows server 2012 / R2

I have to re-generate the SID using sysprep ( while doing work in a vSphere 6 enviroment)

sysprep will trip added-drivers. to keep current driver, need do an answer or modify a reg value -- something like persistent pnp

windows 2012 R2 remote desktop services -- active directory is a requirement , and a second RDS server should be able to use the first license server

windows 2003 TS and windows 2008 R2 RDS can work in workgroup mode.

but server 2012 / R2 requires active directory

yes, AD is required

also when I enabled RDS role the other day, the broke role got an error , in this case I need re-enable PS remoting

also add a 2nd RDS server, do it the low-tech way, dont have to configure the gateway, set itself as broker, point the license server to the 1st RDS which has the licensing role.

login to a windows server 2012 R2 as admin mode

it is still useful mstsc /admin, this will work even if the server could not contact the licensing server

and will not consume a license

useful tools - net statistics server

net statistics server

date /t & time /t

psloogedon

net session

netstat


netstat -na

netstat -ano

netstat -nao 1

netstat -nao 1 | find "137"

net users

net localgroup administrators

tasklist

tasklist /svc

openfiles

openfiles /local on


wmic

psfile

wmic process list brief

wmic process list full

wmic startup list

a Dell PC showing blank screen in a Monday morning

A CEO's dell stopped working, nothing on the screen.

I was away that bad day. a co-worker handled it by shuffling the RAM sticks. what a good jb

manual routing between two remote subnets ---- a perfect answer to need add a route back to the source

manual routing between two remote subnets ---- a perfect answer to need add a route back to the source


here is the secenario

192.168.1.x -- HO

192.168,2,x -- remote branch subnet

between these two subnet , there is a site-to-site setup via two Mako firewalls. Mako is a local vendor.

now their VOIP supplier wants to add a SIP trunk attached to the HO network

192.168.1.x -- -- 192.168.1.20 --CISCO router --- 10.x.x.x PABX

I am told by the VOIP vendor, to add a route to 10.x.x.x netowork


I added a static route to 10.x.x.x witjh 192.168.1.20 a gateway

and I did the switch-over with the PABX guy

the 192.168.1.x seems all good

but the phones in the 192.168.2.x not working. as the phones looking for the new pabx location.

eventually called the VOIP vendor to add a route back to 192.168.2.x in their CISCO router

after some argument, they did it, all problem sorted.


lession learned: you add the route to the destination and you also need add a route back to the source

sonicwall global vpn client not working --- L2TP not working

sonicwall global vpn client not working --- L2TP not working

replaced with a different firewall, still the same issue

L2TP packets never reached the firewall, as the netwrok device - dsl router in front of the firewall has its builtin pptp, l2tp server -- some brand do have that

disable the dsl router 's own vpn service, then sonicwall handled l2tp ( ie, not intercepted)

credit /kudos to the team

group policy precedence - revisited

GP precedence

computer settings over user settings

link order 1 takes precedence over link order 2 etc

exchange 2016 roles ---

not like exchange 2013, no separate CAS role

the mailbox role will run CAS role

http://searchexchange.techtarget.com/opinion/Why-it-will-be-easier-to-deploy-Exchange-Server-2016

There's only one option -- deploy the Mailbox Role.

• Mailbox role
• Management tools
• Edge transport role

Exchange 2016 prerequisites ---

https://technet.microsoft.com/en-us/library/bb691354(v=exchg.160).aspx

Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms

Exchange 2016 released ---

https://technet.microsoft.com/en-us/library/mt170645(v=exchg.160).aspx

do not support exchange 2007

can co-exist with exchange 2010

DC need be 2008 and later ( no 2003)

h/w at least 8GB ram

Exchange 2016 can only be installed on windows server 2012 or 2012 R2

again outlook 2007 not supported, like outlook 2016 not supporting exchange 2007

email retention in office 365 -- 14 days for and normal mailbox

email retention in office 365 -- 14 days for and normal mailbox

after talking to MS O365 support this afternoon, it look like emails deleted from deleted item can only recovered for two weeks

unless legal hold in place

what can I do with the Nano server ? --- install BI

what can I do with the Nano server ?

again, refer to this link

http://mcisaacit.com/2015/07/26/windows-server-2016-nano-convert-from-server-core-to-full-gui/

run powershell in cmd line

Get-WindowsFeature *gui*

Dism /get-wiminfo /wimfile:D:\sources\install.wim

we can use index 2

Install-WindowsFeature Server-Gui-Shell –Source wim:D:\sources\install.wim:2

Install-WindowsFeature Server-Gui-Shell,Server-Gui-Mgmt-Infra –Source wim:D:\sources\install.wim:2

restart-computer

manage nano

managing nano

sconfig is still there

http://mcisaacit.com/2015/07/26/windows-server-2016-nano-convert-from-server-core-to-full-gui/

install nano server --- windows server 2016 preview 3

install nano server --- windows server 2016 preview 3

installed on a 2012 R2 hyper-v

nano is smaller than a server core

w8.1 features --

two components used for auth in w8.1
- a certificate
- a physical smard card

3 pillars of client security
- data protection
- hardware protection
- malware resistance

- a virtual smart card --- replace the second stage in the two-factor authentication

- boot protection
- UEFI secure boot
- Trusted Boot

some distances in wireless technology

some distances in wireless technology

- 20cm  between AP and a human
- 2 meters between access points

install 2 Cisco 1700 access points -- in one subnet LAN

I like to install as standalone separate SSIDs even for 2.4GB and 5Ghz channels

but the client want 1 SSID for the whole setup

yes, i did it

it can roam that way

to do it fancy way, WDS , 802.11 r are involved

------
I got an issue what I could re-create / create new SSIDs after done easy setup.

luckily I can create a new VLAN 1, make it native , so I can create new SSIDs after deleting the original SSIDs

netbackup --- symantec

netbackup --- symantec

Exchange 2007 and outlook 2016 --- it may not work

Exchange 2007 and outlook 2016 --- it may not work

like exchange 2003 not working with outlook 2013

provision a new Cisco Aironet 1700 -- as standalone AP

provision a new Cisco Aironet 1700

brand new, telnet / ssh is not working for me

username/password: Cisco / Cisco

eventually used my old cisco console cable -- then roll over cable , this cable is a fit for the new part code listed in the aironet 1700 manual.

luckily my HP probook 650 still has a serial port,

download a 30 day trial version of hyperterminal on w10,

connect on COM1

in the console

type en

type enable password Cisco

capwap ap autonomous

then confirm yes

Cisco 1700 has both lightweight and autonomous loaded initially, change to autonomous will wipe the other

be default , it works as lightweight as it looks for a wireless controller. But I want to configure it in a standalone environment.

then the device will reboot

in dhcp server , identify the device IP, I found out in my s2008 dhcp, it is slow to refresh, then I went home to have dinner, then looked at it again, it showed up not the same ip it used to have.

I can then browse to the web interface, no username, password Cisco

phew ... time to do some CWNA


 

ios9 and windows xp and itunes -- this combination could brick your iphone

ios9 and windows xp and itunes -- this combination could brick your iphone

call Apple support --- take your iPhone to iphone repair store

hopefully you still have your backup

devOps concepts revisited

- 
the integration of development and operations

lean software development test -- hypotheses

minimum viable product (MVP) - is part of lean software development

two agile practices are relevant to DevOps - scrum - continuous integration

work place join and work folders --- two things can work together

work place join and work folders --- two things can work together

work place join need ADFS, it is for applications

work folders are for file sync on windows server 2012 R2 shares

windows performance tool kit

windows performance tool kit

WPT

domain groups

domain groups

AGUDLP

windows 10 --- windows easy transfer --- not there any more , miccrosoft dropped the ball on windows easy transfer

windows 10 --- windows easy transfer --- not there any more , Microsoft dropped the ball on windows easy transfer
----

When I used Windows easy transfer on my w7 PC, and tried to restore files and settings onto the new windows 10

No can do , surprisingly windows 10 does not include the easy transfer ....

instead it outsourced it to our old friend Laplink .... PCmover,

The PCmover is free for personal use, if PCmover detects a domain environment , it will refuse to run

the my solution is easy .... manually copy the files over and setup up again

in retrospect, usmt may be used in the domain

PPTP split tunnell in windows 10 --- cannot be done via the GUI interface

PPTP split tunnell in windows 10 --- cannot be done via the GUI interface

in windows 10 preview days, I thought its a bug ... or an outdated driver ....

now .... it is a feature ..,

in the network properties, select ipv4, click on property again, and again, nothing showing up,..

eventually I did some search ... I am not alone....

you can't do it that way again, you will have to use power shell to do it ...

where is my disk space? --- an Amazon cache drive -- free space disappearing -- its in system info

where is my disk space? --- an Amazon cache drive -- free space disappearing

- well , its an iscsi drive - cache

- its slow , especially run near capacity, the speed is the internet outgoing speed.

the problem I had is that the data is 400GB out of 1 TB, where is the other 600GB, I contacted the vendor 2 times, received no reply.

for a different reason, this drive is replaced by another iscsi drive which kind of a local disk

another guy used treesize, he found 600 GB in sysvol as he said.

blush ... blush ... blush.... I thought there was a bug...

it wasn't .... the hidden files are in system information folder, its a system folder, I manually  add myself to it, then I saw 600B files, even if I turned off -- de-duplication on the server.

there are lots of other files in that folder ...

like shadow copies ?....
 

trying to repair my w10 preview VM

trying to repair my w10 preview VM

The digital signature for this file couldn't be verified.

Error code: 0xc0000428

I tried to boot from the preview ISO, no luck

then I found this link

http://www.tomshardware.com/forum/id-2636035/winload-exe-verified-error-code-0xc0000428.html

quote

The problem is that Technical Preview expired April 15, and this is how they choose to handle it. You can change bios date to before April 15, but toy cannot reach your bios.

---

well this error is most likely due to this preview expired in 2015

time to delete

upgrade my home notebook to windows 10 from windows 8.1

upgrade my home notebook to windows 10 from windows 8.1

its a small HP notebook,

the w10 pop up notification told me that they are working with their partners to tell me what's the best time for upgrade.

waht a sham, after some resaerch, a reg key is needed to bypass that.

also there is a MS link to download upgrade files,

i clicked the link, the upgrade start,

it was late at night, I let it run over night

it is a success.

before upgrade I removed bit defender,

after w10 installed, it used windows defender,

I also downlaoded and installed malwarebytee anti-exploit and MS  EMET

there was a warning before upgrade about the autologon may not working, it actually still working

overall, it is a good experience apart from the thing that I have to manually trigger it

not a thing for ordinary user

disable outlook 2013 security warning on windows 2012 R2 RDS server

disable outlook 2013 security warning on windows 2012 R2 RDS server

load office 2013 templates in GPMC, central store

put the RDS server in an OU

configure disable outlook warning in GPO, ( heaps of link on the internet)

for RDS, enable loopback process, set to merge

also I found I need do GPO settings via the server manager, or one of the settings not being saved

Microsoft_Press_eBook_Introducing_Windows_10_Preview_ , finished reading it

the good point it w8 / w8.1 GUI is a failure

as W10 dont have those so called charms like pop-outs

in retro, w8.x GUI is a waste

configure a CISCO POE switch

well,  blush, bulsh... my first production cisco swx after doing study on that for years

in th GUI, still need to do copy run start

save
 

lenovo servers and IBM servers

now

IBM servers changed to Lenovo server.

two Lenovo branded server here at that place, one has a power supply issue. the other has a faulty mainboard.
 

group policy in Azure Active Directory

https://azure.microsoft.com/en-us/documentation/articles/active-directory-whatis/

not there yet

comments below ....

AzureAD is not a direct replacement for your on-premises AD as it does not bring all the functionality (yet) such as group policies, OU's, Kerberos authentication to other on-premises services. 

install Office 365 office 2013 Pro Plus on windows 2012 R2 Remote Desktop server

install Office 365 office 2013 Pro Plus on windows 2012 R2 Remote Desktop server

ok, i am told by local office architect that I can do that, it is just I need run special click-to-run tools to deploy it

office 365 pro plus wont run on RDS if I do a straight forward install

need follow this

https://technet.microsoft.com/en-us/library/dn782858%28v=office.15%29.aspx

for whatever reason the configuration.xml not working for me , if I created it myself.

so I just edited the sample file

even if I followed all the instructions , I still this error

This copy of office cannot run on terminal server .....

some useful links

here
http://blog.powerbiz.net.au/office-365/installing-office365-proplus-on-a-rds-server-terminal-server-using-shared-computer-activation/

the link saved my work day is here

http://blogs.technet.com/b/uspartner_ts2team/archive/2014/09/10/some-more-info-on-shared-computer-activation-with-office-365-proplus.aspx

many thanks to Rod , the fix is

For anyone who installs Office 365 ProPlus on an RDS server and receives the "This copy of Microsoft Office 2013 cannot be used on a computer running Terminal Services. To use Office 2013 on a computer running Terminal Services, you must use a Volume License edition of Office” message, check HKLM\SOFTWARE\Microsoft\Office\15.0\ClickToRun\Configuration in the registry for the string SharedComputerLicensing with a setting of 1. 

Solved my problem.

its reg_sz string 1

in my case, the string is not there and i created one

Its time to blog office 2013 / office 365 pro plus license activation -- KMS host and KMS VLK office 2013 pro plus activation

it is time to blog about office 2012 / 365 proplus licenses

here is the situation

windows 2012 R2 RDS server,

install VLK version of office 2013 pro plus -- with KMS key

then install VA tools on the same terminal server or rds server

it wont activate

run a MS diag tool, it find out the VA tools and office 2013 install cannot be on the same server

ie KMS host can be on the same host as the client install

shooooot

upgrade to windows 10 --- enterprise edtion

as you probably know, there is no auto-upgrade to enterprise edition as MS only allows home and pro edition free upgrade.

I tried to upgrade my w10 enterprise preview with the new evaluation edition, surprisingly , it wont allow me to upgrade, only a fresh install

so I used the downloaded w10 enterprise ISO from mspartner site ( not free)

then upgrade option is available

I successfully updated my preview to full version


 

see if a VM is Generation 1 or Generation2

http://windowsitpro.com/hyper-v/how-do-i-see-if-vm-generation-1-or-generation2

Get-VM | Format-List Name,Generation

PS C:\Users\Administrator> \Get-VM | Format-List Name,Generation


Name       : WXPDC
Generation : 1

Name       : WXRDS

Generation : 1

OSI model re-visited

Application    ---- http /ftp /smtp

Presentation   ---- jpeg/gif/mpeg

Session        ---- appletalk / winsock

------

Transport   ---- TCP / UDP /SPX

Network     ----- IP / ICMP / IPX

Data Link   ---- ethernet  /ATM --- switch --- bridge

Physical    --- ethernet , toker ring , hub / repeater

Exchange 2013 -- useful interaction --- source MVA

Client Access Server Responsibilities

Authentication, proxy, and limited redirection services

Client access protocols: HTTP, POP, IMAP, and SMTP


Stateless

Mailbox and Client Access Interaction

Which of the following Internet Bandwidth Planning Tools are available for Office 365?

 OneDrive for Business Client Network Bandwidth Calculator

Which of the following tools can be used to check whether firewall ports are opened?

telnet

office 365 network analysis tool

psping

7. All your client computers and servers are connected to the Internet using a web client proxy. Which of the following do you need to configure for your computers to work with Office 365 services (for example, AADSync) or Windows Azure Active Directory Module for PowerShell?

The proxy server in your web browser and Windows PowerShell proxy setting using NETSH

outlook search advanced function - greyed out

- outlook search advanced function - greyed out

- Aimy from MS support did an office 2013 repair, fixed the problem

site collection questions in sharepoint 2013

site collection questions in sharepoint 2013

types of managed paths in sharepoint 2013 -- wildcard , inclusive

types of site collections can be created --- host-names and path-named

site collections logical structure in SP2013 --- sql server databases and web application

site collections in sharepoint 2013

sharepoint 2013 structure

Sharepoint farm 2013

---- application pools ------

---- web applications ------------ service applications
------ site collections -----
--- sub sites -----
---- lists / libraries ----
--- items dociments ----

inbox rules not working after migrating my work email address to office 365

inbox rules not working after migrating my work email address to office 365

https://community.office365.com/en-us/f/148/t/147835

I must set myself as NDRto at ages ago

so

1. Run: Set-TransportConfig –JournalingReportNdrTo “<>”

2. Run: Get-TransportConfig | fl JournalingReportNdrTo*

3. Verify that is JournalingReportNdrTo is empty

windows 2003

nightmare bluescreen continues

Error on boot: "STOP c0000135 unable to locate component csrsrv.dll not found reinstalling the application may fix the problem"

KB3045999 (

Ntdll.dll in system32 and

Ntkrnlmp.exe,

Ntkrnlpa.exe,

Ntkrpamp.exe,

Ntoskrnl.exe

in DriverCache)


copy those most recent files back to overwrite the new ones


https://social.technet.microsoft.com/Forums/windowsserver/en-US/b3f18d7a-8c95-42dc-a0bd-3ca81e26d669/error-on-boot-stop-c0000135-unable-to-locate-component-csrsrvdll-not-found-reinstalling-the?forum=winservergen

import-module msonline error on my windows 10 preview enterprise x64

import-module msonline error on my windows 10 preview enterprise

mot sure where it is broken

tried to install / reinstall MS online assistant, no luck at all

I managed to copy from my x64 windows 8.1 notebook to my windows 10 notebook

two dirs

c:\windows\system32\winddowspowershell\v1.0\modules

msonline
msonlinextended


then I can do import-module msonline

then can do

connect-msolservice

How to Export all Mailboxes with Exchange Server 2010 SP1 to pst file

How to Export Mailboxes with Exchange Server 2010 SP1

http://exchangeserverpro.com/export-mailboxes-exchange-server-2010-sp1/

http://www.codetwo.com/admins-blog/exchange-mailbox-backup-pst-pros-cons/

New-ManagementRoleAssignment –Role "Mailbox Import Export" –User Administrator

the trick is once permission granted, you need close the powershell session, and re-open it, or you will get a connection error.

do it individually ---

new-MailboxExportRequest -Mailbox alan.reid -FilePath \\esp-ho-ex2010a\pst\alan.reid.pst

new-MailboxExportRequest -Mailbox administrator -FilePath \\mikepcs\michael\PST\administrator.pst

do it en masse ---

$AllMailboxes = Get-Mailbox

$AllMailboxes|%{$_|New-MailboxExportRequest -FilePath \\\\$($_.Alias).pst}

recall sent mail in GMAIL --

recall sent mail in GMAIL --

http://www.wikihow.com/Recall-an-Email-in-Gmail

https://support.google.com/mail/answer/1284885?hl=en

25 MB mailbox send size for Office 365 online

25 MB mailbox send size for Office 365 online

recover a windows 2008 R2 Xen 5.6 virtual machine --- my Friday rescue series continues -- restore reg file that happened to be backed up

recover a windows 2008 R2 Xen 5.6 virtual machine --- my Friday rescue series continues

well, not this Firday, its last Friday night...

got a call from co-worker and management off-course , that a fileserver ( PDC as well) has reboot and crashed to bluescreen in a cycle.

by looking at the bluescreen code ( I will post the code later here), one possibilty is the drive letter not be assigned in reg. I booted the windows 2008 R2 server into repair mode, not much help.

tried LKG, tried disabled signed-driver, no luck.

another thing is to check runonce... I didn't try this

in despair, I found a copy of reg back files one week ago, and I make a copy of current ones, and copy the backup ones over, namely they are SOFTWARE /, SYSTEM etc

the location is windows\system32\regback

then miracle happened, the server started ...

a few points need noting: 1/ need windows 2008 R2 ISO, luckily , another co-work made it available during the server initial install
2/ local admin password: I guess this out as it is this company's often used one. this is the domain administrator password, i dont think it is the DSRM password. I never tried AD recovery. as the result proved it is reg corrupted.
I need the local admin passowrd to boot the ill-fated VM to repair mode even if it is a PDC.
3/ I performed this remotely via a XEN console , co-work started teamviewer on the XEN console client PC ( W7)

previously I dont think PC system generated reg files are useful as they tend to be old reg when the PC was new.

this time, the system generated reg backup is 1 week old.

upgrading dirsync failed --- eventually remove and re-install

I changed office365 password.

dirsync broken , I run a tool from office.com, I am told dirsync need be upgraded

I tried and tried , nothing worked .... various errors

installing dirsync on a SQL server with a defaul instance, you dont need to specify the password and servername,

eventually logged a case with Microsoft , the support tried, eventually removed the half-installed new version of dirsync, and installed with the same new version.

in the process he said no password prompt will happen, that;s true

Each user can install Office 365 Pro Plus on which of the following?

Each user can install Office 365 Pro Plus on which of the following?

5 Computers, 5 Tablets and 5 Mobile Devices

Q&A Which of the following services is NOT part of Office 365?

Which of the following services is NOT part of Office 365?

Microsoft Intune

windows 10 joined a windows 2003 domain

windows 10 joined a windows 2003 domain

will that still work? mixed results here


https://social.technet.microsoft.com/Forums/en-US/ad819a03-3341-4266-b998-bafbda23b897/windows-10-build-9926-domain-join-on-active-directory-2003-domain-level?forum=WinPreview2014General

Access Denied on USB drives

Access Denied on USB drives

http://h30434.www3.hp.com/t5/Notebook-Operating-Systems-and-Software/Access-Denied-on-USB-drives/td-p/3662944

like a joke

Yes, I done ADFS 3.0 using Windows Azure VM with Office 365 .... here is my version

Yes, I done ADFS 3.0 using Windows Azure VM with Office 365

I thought of doing this for sometime now. eventually with Windows Azure VM, it bit easier to do the test ADFS,

there is a great post I am referring to

http://office365support.ca/setting-up-the-primary-ad-fs-3-0-server-in-windows-azure-for-office365-single-sign-on/

I basically followed the steps listed above ...

here is my implementation ....

0/ a windows azure AD is setup like datasys.biz like DSLPDC

1/ I setup another server like DSLRDS, installed dirsync

2 / verify in azure portal that you own the domain, put ms=xxxx in the dns record. there is a caveat in doing this as I have to create datasys.biz as standalone rather than federated

3/ then convert the datasys.biz to federated domain

4/ plan ADFS structure , in my case, I use Windows Azure only domain, ie no link to on-premise AD. I would say this method will work as hybrid as well.

5/ plan the farm, a ADFS farm with two servers, a webproxy farm with two servers, ADFS servers are domain-joined; web proxies are not domain joined.

6/ in this test, another network created under the azure network as DMZ network...
172.16.16.x as primary   ---- DC, ADFS on this
then 10.118.118.x as DMZ -- 2 webproxy servers on this one

it is routable between this two sub networks

7/ I used internal load-balancing for ADFS,  so I dont need modify the host file approach in the above mentioned link

8/ plan your ADFS name, I would use one name fs.datasys.biz ; this is the name for all adfs-related servers --- 2 ADFS + 2 Webproxy

8.8/ create a service like dataADFS, install VM - ADFS01 inside ( then adfs02)

9/ get a trial cert from comodo (3 month) or geotrust (1 month) ; with the name fs.datasys.biz ; do this on adfs01 ; export the cert with the private key plus password. this will be imported to 3 other servers

10/  install adfs02 , import cert, install adfs role etc

11/ install internal LB with windows azure powershell cmd, the load balancer name is fs.datasys.biz ; this balancer , is not available to internet; you can do internal test by going to
 https://sts.domain.com/adfs/ls/IdpInitiatedSignon.aspx
in my case , its https://fs.datasys.biz/adfs/ls/ldpInitiatedSignon.aspx
this URL is very important for me for testing

12 / now create a WAP service, put datawap01 in it, install the webproxy role under remoteaccess (assuming you use all server 2012 r2) , import cert, then start the configuration wizard ... follow the wizard the federation name is fs.datasys.biz ; I used domain credentails , as local credentials keeps getting error.

13/ install 2nd dawap02, do the same as above, I kept getting error like something like glabal config ; then I viewed the cert, import the cert again, after a long think , ADFS success what a relief.

14/ configure WAP URL load balance, in azure portal, datawap01, enable https end points, create load balance set

15/ for datawap02, add it to the https balance set

16/ note the wap service public IP

17/ in public dns, put the IP to fs.datasys.biz

(note dattasys.biz is an example domain)

18/ test by browsing to portal.office.com

19/ this will re-direct to the fs.datasys.biz

20/ enter a valid username/password in your windows azure VM AD

21/ then it will re-direct you back to portal.office.com as a logged-on user.

22/ yeah, I have finally done ADFS after thinking-of doing this for years

many thank to Kelsey Epps Office365 MVP

outlook 16 connection error to Exchange 2010

outlook 16 connection error to Exchange 2010

there is an error citing EWS,

this happened with my non-domain joined w8.1 ; my w10-domain-joined notebook seemed fine

https://community.office365.com/en-us/office_2016_preview/f/991/t/347764

https://technet.microsoft.com/en-us/library/aa995956(v=exchg.141).aspx

something to do with the autodiscover

office 2016 first impressions --- it looks like replaced my current office 2013 -- O365 subscription

office 2016 first impressions --- it looks like replaced my current office 2013

enable office 2016 preview for download in office 365

enable office 2016 preview for download in office 365

https://support.office.com/en-nz/article/Office-365-release-options-3B3ADFA4-1777-4FF0-B606-FB8732101F47?ui=en-US&rs=en-NZ&ad=NZ

Set up the release option for your organization

You can change how your organization receives Office 365 updates by following these steps.
Important   It can take up to 24 hours for the below changes to take effect in Office 365. If you opt out of First Release after enabling it, your users may lose access to features that haven’t reached the scheduled release yet.

1. Sign in to Office 365 with your work or school account.
2. Go to the Office 365 admin center.
3. Go to Service settings > Updates.
4. To disable first release, select Standard under the Standard release heading.
   To enable first release choose Entire organization or Select people and follow the steps below.

Select people for First Release

Follow these steps to select individual people for First Release. You might, for example, add your IT staff for First Release so they can review features before the rest of your organization. Enable First Release with select people following these steps.

1. Go to the Office 365 admin center.
2. Go to Service settings > Updates.
3. Under first release, choose Select people.
   Note    If you don't see this option in your admin center, your subscription will soon be updated with it and you can change the setting then.
4. Choose Pick people to add users individually and then use the people picker to select them for first release.

makecert -- write error

makecert -sky exchange -r -n "CN=RootCertificateName" -pe -a sha1 -len 2048 -ss My "RootCertificateName.cer"

run this cmd in admin mode

http://geekswithblogs.net/pranav/archive/2010/08/31/makecert.aspx