ProTips

Category for various tips and tricks

1

How To Use Nslookup To Check TLS Reporting Record (TLS-RPT)

Posted on by Rhoderick Milne [MSFT]
NSLookup To Check TLS-RPT Record
As we move to add newer email security standards such as MTA-STS (Mail Transfer Agent Strict Transport Security) and DANE (DNS-Based Authentication of Named Entities), the reporting aspect of these standards needs to also be implemented.  Even though both MTA-STS & DANE enforce encryption, TLS Reporting (TLS-RPT) is what gives you visibility into whether that encryption is actually working or b
Read the rest “How To Use Nslookup To Check TLS Reporting Record (TLS-RPT)”
0

Entra SSPR Failing–Unexpected Error During A Set Password Operation

Posted on by Rhoderick Milne [MSFT]
Entra SSPR - Unable to Reset Password

On-premises users were unable to use Entra SSPR to reset their passwords.  This needs to use the Password Writeback feature, and in this case Entra Connect was used.  Nowadays there is also Entra Cloud Sync, but that was not an option for this customer.  Users were able to access the SSPR page at https://aka.ms/SSPR and successfully go through all of the steps of the wizard.  This included the CAPT… Read the rest “Entra SSPR Failing–Unexpected Error During A Set Password Operation”

0

QuickTip – Use WIM File As DISM Repair Source

Posted on by Rhoderick Milne [MSFT]
DISM Mount for WinSXS Repair

The Windows servicing stack relies heavily on the WinSxS (Windows Side-by-Side) component store, which houses all the system files, manifests, and metadata required to service, patch, and maintain the operating system. Corruption within this store can manifest as persistent update failures, integrity check errors, or an inability to apply new servicing operations. Traditional file-level repair met… Read the rest “QuickTip – Use WIM File As DISM Repair Source”

0

QuickTip – Capture Network Without Installing Wireshark

Posted on by Rhoderick Milne [MSFT]
Converted ETL To Wireshark

Wireshark is the industry tool for packet inspection, but you don’t always want, or are able, to install this onto production systems without a change request.  Whether you’re troubleshooting or investigating an issues, there are alternative ways to capture meaningful network traffic without installing Wireshark.  Ultimately we want to produce PCAPs easily without having to mess with switchport mi… Read the rest “QuickTip – Capture Network Without Installing Wireshark”

0

Windows Server 2025 DC Requires AD DS FFL 2016 Minimum

Posted on by Rhoderick Milne [MSFT]
Windows Server 2025 DC Blocked By Unsupported FFL

This is an issue that can appear when trying to introduce a Windows Server 2025 domain controller into an existing Active Directory forest.  You were planning a change, followed the change request process only for it to be torpedoed as the deployment failed.  The installation was blocked because the forest functional level is still set to Windows Server 2012R2. At first glance, this can be confusi… Read the rest “Windows Server 2025 DC Requires AD DS FFL 2016 Minimum”

0

Quick Tip–Verify Which Hyper-V VMs Have ISO Mounted

Posted on by Rhoderick Milne [MSFT]
Use PowerShell to Easily Show All Mounted ISO

It’s very common that we mount ISO files when needed, then forget to remove them after the fact.

This is generally a non issue until you want to move the mounted ISO file as Hyper-V may have a lock on the file.  Yes we could open up the properties of each VM in the console, but nope.  Not doing that.

Rather than search VMs one by one to see which is the offending VM, just run the below command in Po… Read the rest “Quick Tip–Verify Which Hyper-V VMs Have ISO Mounted”

0

Save The Date 14th October 2025

Posted on by Rhoderick Milne [MSFT]
Exchange Server 2019 End of Support Dates

The 14th of October 2025 marks another pivotal moment in Microsoft’s product lifecycle, as a large spectrum of very popular and widely deployed software reaches end-of-support. This includes Windows 10 and Windows 11 22H2.  On the productivity front, the extended support for Office 2016 and 2019, along with Visio 2016/2019, Project 2016/2019, and server-side tools like Exchange Server 2016/2019, S… Read the rest “Save The Date 14th October 2025”

0

Commands to Publish Exchange Using WAP

Posted on by Rhoderick Milne [MSFT]
Publish Exchange Via WAP

This post was created as I have to rebuild multiple test environments, some of which use AD FS and Web Application Proxy (WAP) to publish Exchange services to the Internet.  WAP allows you to publish only the specific Exchange virtual directories required for external access, for example /owa & /ecp along with the others.  This means that only those particular paths are then available external… Read the rest “Commands to Publish Exchange Using WAP”

0

QuickTip – ASR Generate Passphrase

Posted on by Rhoderick Milne [MSFT]
Azure Migrate Generate Configuration Server Passphrase

In the context of an Azure Migrate deployment, particularly when using the Azure Migrate Appliance, the files MobSvc.passphrase and config.json are key components used to register and securely connect the on-premises appliance with the Azure Migrate service. MobSvc.passphrase contains the registration passphrase that Azure Migrate generates when you set up a new appliance in the Azure portal.  The… Read the rest “QuickTip – ASR Generate Passphrase”

0

Upgrade to Azure Standard Load Balancer

Posted on by Rhoderick Milne [MSFT]
Azure Outbound Network Options

On September 30, 2025, the Azure Basic Load Balancer will be retired. For more information, see the official announcement. If you are currently using Basic Load Balancer, make sure to upgrade to Standard Load Balancer prior to the retirement date.

You can use the guidance to upgrade, please ensure that all of the steps are followed when you test and then implement the change.  This is due to the fact… Read the rest “Upgrade to Azure Standard Load Balancer”