Tips N Tricks

Various Tips and Tricks

0

Stale DNS Server Blocking Captive Portal Or Simply Inaccessible

Posted on by Rhoderick Milne [MSFT]
Stale DNS Server Entries Causing Issues On Windows 10 and 11

It’s always DNS.  That’s the typical mantra when troubleshooting AD issues.

But what about a fully updated Windows 10/11 machine totally ignoring the DNS server it was told to use via DHCP?  Yes, that unfortunately was a recent problem.  On the machine it appeared to have the public Google DNS server (8.8.8.8) stuck.  Regardless of what network the machine connected to, it ignored the DNS server as… Read the rest “Stale DNS Server Blocking Captive Portal Or Simply Inaccessible”

0

Quick Tip – Easily Allow JIT to Azure VMs In A Resource Group

Posted on by Rhoderick Milne [MSFT]
Azure Portal Connect to VM

Controlling connections to Azure VMs using the just in time (JIT) policy of Microsoft Defender for Cloud (MDC) certainly improves the overall security of the Azure resource.  However, then having to enable JIT on a given VM runs into issues pretty quickly.

Azure Portal Too Permissive

Who thought it was a great idea to have “All configured IPs” as the default option? No thanks – I do not want to enab… Read the rest “Quick Tip – Easily Allow JIT to Azure VMs In A Resource Group”

0

Quick Tip – Easily Start All Azure VMs In A Particular Resource Group

Posted on by Rhoderick Milne [MSFT]
Quick Tip Easily Start Azure VMs Using Azure Cloud Shell

Manually starting up lab VMs is painfully slow, and since many organisations will implement management policy to auutomatically shut them down to save costs you may find yourself powering them on a lot...

While you can set up automated tasks to power them on, not all really need to be running every day.  For example, I always want the DC's running so they are able to maintain replication and there … Read the rest “Quick Tip – Easily Start All Azure VMs In A Particular Resource Group”

1

Remediate SWEET32 — Disable TLS_RSA_WITH_3DES_EDE_CBC_SHA For Windows Server 2012 R2

Posted on by Rhoderick Milne [MSFT]
Remediate Sweet32

Admins have become very aware of the need to adjust the Schannel protocol settings for TLS to enable TLS 1.2 and to disable older versions.  However, the cipher suites do not always receive the same amount of attention and may be left at their default values.

If you are reading this post there is a good chance that your security auditors have flagged a weak cipher is enabled on your server, and the… Read the rest “Remediate SWEET32 — Disable TLS_RSA_WITH_3DES_EDE_CBC_SHA For Windows Server 2012 R2”

0

Remote Desktop Connection Manager Download (RDCMan) 2.90

Posted on by Rhoderick Milne [MSFT]
RDCMan 2.90

Welcome to 2022 and a new release of Remote Desktop Connection Manager (RDCMan) version 2.90!

The Sysinternals blog lists the following changes to RDCMan which are well worth reviewing from a security standpoint.

Receives support for Restricted Admin (/restrictedAdmin from mstsc) and Remote Credential Guard (/remoteGuard from mstsc) and bug fixes.

RDCMan Version 2.90

Below you can see the Security Settings tab with these… Read the rest “Remote Desktop Connection Manager Download (RDCMan) 2.90”

0

Updating to RDCMan 2.8

Posted on by Rhoderick Milne [MSFT]
RDCMan 2.7 Version

Now that we have a new version of Remote Desktop Connection Manager (RDCMan), I wanted to list out some of my initial thoughts and upgrade experience as I did encounter  a couple of minor bumps.  Please add a comment if you are running into issues as well please.

Like many other administrators, I heavily used RDCMan 2.2 and 2.7 over the last 11 years.  This was my primary tool for managing a wide r… Read the rest “Updating to RDCMan 2.8”

0

Create Azure Az VM Using Existing UnManaged VHD

Posted on by Rhoderick Milne [MSFT]

The days change, but sometimes the issues stay the same.  This is a redux of an existing post where there was an issue back in 2016 when I was not able to easily re-create a VM in a different Availability Set.  As you can see in Create Azure RM VM Using Existing VHD – 250 Hello (rmilne.ca)  PowerShell was used to re-create the VM as it allowed all of the resources to be specified.

The original VM was… Read the rest “Create Azure Az VM Using Existing UnManaged VHD”

0

Faulting Module Name NTdll.dll

Posted on by Rhoderick Milne [MSFT]

One of my hosted lab environments ran into series of issues, and after unplanned maintenance there were multiple problems to resolve.  The below error with a faulting ntdll.dll module was something I recall seeing many years ago with a Microsoft Operations Manager (MOM) deployment where the MOM agent simply would not start.  On every single attempt to start the service it would crash with the erro… Read the rest “Faulting Module Name NTdll.dll”

1

QuickTip – Removing IE11 Via Command Line

Posted on by Rhoderick Milne [MSFT]
IE11 Support Lifecycle

Now that multiple services have stopped supporting IE11 coupled with the end of support for legacy Edge, it is imperative that we transition to an updated browser on all of our devices.  IE11 is already unsupported for multiple Microsoft services, and the list will grow over time.  For example Microsoft Teams support ceased on the 30th November 2020, and overall Microsoft 365 support ends on the 17t… Read the rest “QuickTip – Removing IE11 Via Command Line”

3

Unable To Install PowerShell Modules – Unable To Download From URI Error

Posted on by Rhoderick Milne [MSFT]

When you try to install a PowerShell module or connect to the PowerShell Repository you may get the below error messages:

WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409' to ''.
WARNING: Unable to download the list of available providers. Check your internet connection.

PowerShell Error - Unable to download from URI

For make most glorious benefit engine of search:

PackageManagement\Install-PackagRead the rest “Unable To Install PowerShell Modules – Unable To Download From URI Error”