ProTips

Category for various tips and tricks

0

Entra SSPR Failing–Unexpected Error During A Set Password Operation

Posted on by Rhoderick Milne [MSFT]
Entra SSPR - Unable to Reset Password

On-premises users were unable to use Entra SSPR to reset their passwords.  This needs to use the Password Writeback feature, and in this case Entra Connect was used.  Nowadays there is also Entra Cloud Sync, but that was not an option for this customer.  Users were able to access the SSPR page at https://aka.ms/SSPR and successfully go through all of the steps of the wizard.  This included the CAPT… Read the rest “Entra SSPR Failing–Unexpected Error During A Set Password Operation”

0

QuickTip – Use WIM File As DISM Repair Source

Posted on by Rhoderick Milne [MSFT]
DISM Mount for WinSXS Repair

The Windows servicing stack relies heavily on the WinSxS (Windows Side-by-Side) component store, which houses all the system files, manifests, and metadata required to service, patch, and maintain the operating system. Corruption within this store can manifest as persistent update failures, integrity check errors, or an inability to apply new servicing operations. Traditional file-level repair met… Read the rest “QuickTip – Use WIM File As DISM Repair Source”

0

Quick Tip–Verify Which Hyper-V VMs Have ISO Mounted

Posted on by Rhoderick Milne [MSFT]
Use PowerShell to Easily Show All Mounted ISO

It’s very common that we mount ISO files when needed, then forget to remove them after the fact.

This is generally a non issue until you want to move the mounted ISO file as Hyper-V may have a lock on the file.  Yes we could open up the properties of each VM in the console, but nope.  Not doing that.

Rather than search VMs one by one to see which is the offending VM, just run the below command in Po… Read the rest “Quick Tip–Verify Which Hyper-V VMs Have ISO Mounted”

0

Save The Date 14th October 2025

Posted on by Rhoderick Milne [MSFT]
Exchange Server 2019 End of Support Dates

The 14th of October 2025 marks another pivotal moment in Microsoft’s product lifecycle, as a large spectrum of very popular and widely deployed software reaches end-of-support. This includes Windows 10 and Windows 11 22H2.  On the productivity front, the extended support for Office 2016 and 2019, along with Visio 2016/2019, Project 2016/2019, and server-side tools like Exchange Server 2016/2019, S… Read the rest “Save The Date 14th October 2025”

0

Upgrade to Azure Standard Load Balancer

Posted on by Rhoderick Milne [MSFT]
Azure Outbound Network Options

On September 30, 2025, the Azure Basic Load Balancer will be retired. For more information, see the official announcement. If you are currently using Basic Load Balancer, make sure to upgrade to Standard Load Balancer prior to the retirement date.

You can use the guidance to upgrade, please ensure that all of the steps are followed when you test and then implement the change.  This is due to the fact… Read the rest “Upgrade to Azure Standard Load Balancer”

0

Quick Tip–Verify VHDs Mounted In Hyper-V VMs

Posted on by Rhoderick Milne [MSFT]
Using PowerShell to List All Virtual Hard Disks

If you want to easily view all of the VHD or VHDX files that have been configured on Hyper-V VMs, the below PowerShell command makes this easy.

Since I may use a temporary VHDX as a mechanism to copy files into VMs, it sometimes get left mounted and this makes it easy to see which VM has that particular disk file attached.  Creating a temporary VHDX makes it easier to copy large source files to VMs… Read the rest “Quick Tip–Verify VHDs Mounted In Hyper-V VMs”

1

How To Generate File Hash Using Certutil

Posted on by Rhoderick Milne [MSFT]
Create File Hash using Certutil

Windows has the ability to easily generate a hash for a given file using the Certutil.exe utility.  Administrators may have previously used to this tool when they need to generate TLS certificates or to perform other tasks against AD Certificate Services.  As an example of the former, this was a common task for AD FS certificates as described in this post.

To generate the file hash we will use the … Read the rest “How To Generate File Hash Using Certutil”

0

Quick Tip – How Do I View The Deleted Objects Container

Posted on by Rhoderick Milne [MSFT]

Windows Server 2008 R2 Active Directory added the AD Recycle Bin feature.  This allowed for an easier way to recover from an “oops” moment when a small number of objects were mistakenly deleted.  The option to perform an authoritative restored remains to recover from mass deletion events.  The AD Recycle Bin can be enabled via the AD Admin Centre or AD PowerShell using the Enable-ADOptionalFeatureRead the rest “Quick Tip – How Do I View The Deleted Objects Container”

0

MDI–Assign & Verify Permissions To Deleted Objects Container

Posted on by Rhoderick Milne [MSFT]
Granting Permissins to Deleted Objects Containter for MDI

In Active Directory, the Deleted Objects container is a hidden location where objects reside temporarily after they have been deleted, before they are fully removed by the tombstone or recycle bin process. This container plays a critical role in object recovery and directory hygiene.  By default, permissions on it are limited and the container itself is often overlooked since it is out of sight.

Th… Read the rest “MDI–Assign & Verify Permissions To Deleted Objects Container”

0

Time To Stop Using The Legacy Azure MFA & SSPR Portal

Posted on by Rhoderick Milne [MSFT]
Legacy Azure MFA Portal - Time To Migrate

In today's threat landscape, passwords alone are no longer sufficient to protect access to cloud systems. Enter Multifactor Authentication (MFA): a security mechanism that requires users to present two or more independent validation factors—typically something you know (e.g. password), something you have (e.g. a mobile authenticator or hardware key), or something you are (e.g. biometric data)—befo… Read the rest “Time To Stop Using The Legacy Azure MFA & SSPR Portal”