Event 659 – Error while retrieving password policy sync configuration. System.InvalidOperationException: The ADSync service is not allowed to interact with the desktop to authenticate This error may occur if multifactor or other interactive authentication policies are accidentally enabled for the synchronization account.

Featured by dakseven, posted in Active Directory, Azure AD

Hi If you have recently implemented MFA ( Enforced mode in your tennant). I have found that there is no much information about the Dirsync Account status. As per now if you do enforce mfa the account will be affected. Hence breaking the sync as shown In order to resolve: You will have to exception … Continue reading Event 659 – Error while retrieving password policy sync configuration. System.InvalidOperationException: The ADSync service is not allowed to interact with the desktop to authenticate This error may occur if multifactor or other interactive authentication policies are accidentally enabled for the synchronization account.

Onboarding Deploy Defender for endpoint via intune –

Featured by dakseven, posted in Defender, INTUNE, Office365, Windows 10

As part of security measures , enviorments should be monitored and gaining visibility of threats . For this you can integrate defender for endpoint so all your machines report any threats in form of alerts or automated responses. Make sure you get covered all the licensing requeriments Go in the endpoint Security blade in intune … Continue reading Onboarding Deploy Defender for endpoint via intune –

Redirect your user folders to onedrive using Intune

Featured by dakseven, posted in INTUNE, Office365, OneDrive, Windows 10

Redirecting your user folder to onedrive in your 356 enviorment provides ensurance that files wont be lost if a machine is lost , broken or any other situations . The functionality is called : known folders From a file governance perspective , we also can control using the admin governance center what files are being … Continue reading Redirect your user folders to onedrive using Intune

How to create alerts from Azure sentinel in log analytics

Featured by dakseven, posted in Azure Sentinel, Security

The requirements: Experience for log analytics and setting up alerts ( the guidance assumes you have configured all the requirements)Azure Sentinel integration data sourcesLog Analytics Workspace linked to SentinelAzure Sentinel Alert RuleIntegration in Analytics workspace of Azure AD, Virtual machine logs for analysis Usefull Links https://docs.microsoft.com/en-us/azure/sentinel/quickstart-onboard https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-integrate-activity-logs-with-log-analytics https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/ Create the alert rule from analytics in … Continue reading How to create alerts from Azure sentinel in log analytics

Self service password reset – Intune

Featured by dakseven, posted in Active Directory, Azure, Azure AD, INTUNE

Self service reset password . Introduces the ability to the users on your enviorment to reset their own passwords ( requires a pre - registration ) . and enabling password writeback if using AD sync ( Hybrid model ). Requeriments for the change in intune Impement SSPR in your tentant(Azure AD & All your computers … Continue reading Self service password reset – Intune

Edit host file powershell 1 Liner – Windows OS

Featured by dakseven, posted in PowerShell, Windows 10

In this chapter we are going to explain a little bit what the host file does and how we can make use of it via this powershell 1 liner. Possible uses: Testing a new Server or connectionTesting resolution problems Quick fixes for DNS issues in your enviorment A little bit of history ( wikipedia ) … Continue reading Edit host file powershell 1 Liner – Windows OS

Managed Android System apps & Identifier for Intune . Samsung Phone Dialer

Featured by dakseven, posted in INTUNE, Office365

You may come in situations where as you have for example to configure Kiosk mode or enterprise apps or device shared mode. Certain apps you will need the package name ( examples as for example Samsung phone calls) - Enterprise system android app Note: As per MS post you may have to work with your … Continue reading Managed Android System apps & Identifier for Intune . Samsung Phone Dialer

Update ring for Windows 11 – Intune

Featured by dakseven, posted in Uncategorized

How to upgrade from Intune your pcs into Windows 11 Windows 10 & 11 Important Update informationThe feature quality update contains all the previous updates , Unlike with previous versions of Windows, you now must install the entire update instead of part of an update. Pre-Requisites: Windows 10 version 1607 or later, or Windows 11.TelemetryIntune … Continue reading Update ring for Windows 11 – Intune

This storage type is not supported by azure backup

Featured by dakseven, posted in Azure

This is a comon error when trying to action a backup in recovery services vault in azure using a non supported disk or storage that Azure vault cant supportin your tenant . In order to resolve you will have to check the support matrix and check the limitations or how you configure the vault in … Continue reading This storage type is not supported by azure backup

Azure VPN: Your Computer Trusted Platform Module Malfunctioned 80090034 . Encryption Failed

Featured by dakseven, posted in Azure AD, Windows 10

Error Code: 80090034 Related with AzureAD / Azure Cloud VPN P2S This error has been detected using Azure VPN ( Cloud based ) . Also can be related in Azure Logins. Resolution: 0.Upgrade Bios 1.Clear TPM using TPM.mSC ( run as admin) Press Action → Clear TPM 2.Clear TPM using Troubleshoot In Device Security 3.Registry … Continue reading Azure VPN: Your Computer Trusted Platform Module Malfunctioned 80090034 . Encryption Failed

Azure Vault backup Error: The storage type is not supported by Azure backup.

Featured by dakseven, posted in Azure, Azure Vault, Backups

Today we are going to treat a common error when backing up Azure Virtual Machines If you use ZRS storage: This error is commonly associated when you try to backup an unsupported storage as for exammple zone redundant storage. In this case this backup failed because ZRS ( zone redundant managed disk storage is not … Continue reading Azure Vault backup Error: The storage type is not supported by Azure backup.

Workbook Azure Automation NSG Rules AzureRunAs connection

Featured by dakseven, posted in automation, Azure

Hi here is a piece of coude you could use to open or either close ports in the NSG Azure VMS running a schedule and using automation. Requeriments Automation Account configurated and createdRun as Account configurated and createdRunbook experience-> https://docs.microsoft.com/en-us/azure/automation/manage-runbooksRun as connections : https://docs.microsoft.com/en-us/azure/automation/automation-connections?tabs=azure-powershell Code : #region BoilerplateAuthentication #This requires a RunAs account #AzureServicePrincipal - … Continue reading Workbook Azure Automation NSG Rules AzureRunAs connection

Log query For Heart beat Alerts in VMS with Exemption Azure Log Analytics

Featured by dakseven, posted in Azure, Log Analytics

Heartbeat Alert is often something that you would configure to see if a VM has been not responding to azure for more than 5 minutes ( either a failure or a shutdown). If you plan to monitor your servers but you have some that are test or either get shut down at night to save … Continue reading Log query For Heart beat Alerts in VMS with Exemption Azure Log Analytics

Authentication server could not be deleted. Authentication server is used as primary or secondary authentication server – Sophos XG

Featured by dakseven, posted in Active Directory, firewall

Sophos XG AD integration problem. This usually can occur when trying to decommission a Dc server used for AUTH in Sophos XG. You cant remove such servers if there is still a config pointing to them in Services Solution: Make sure you add the new AD servers in the AUTH or either if you going … Continue reading Authentication server could not be deleted. Authentication server is used as primary or secondary authentication server – Sophos XG

Data Collection Stopped due to daily limit of free data reached . Ingestion status = OverQuota(1). Log Analytics

Featured by dakseven, posted in Azure, Log Analytics

Screenshot of the error on Log analytics: This problem is due to have a limit on the data log collection . You can increase this limits in your Work Analytics section ( cost management ) - Usage and estimated costs. You can look at the Usage charts and try to Match your Daily cap volume … Continue reading Data Collection Stopped due to daily limit of free data reached . Ingestion status = OverQuota(1). Log Analytics

Exchange: The execution of cmdlet Enable-Mailbox failed: An unknown error has occurred. Refer to correlation ID: 9b09bf27-e1ea-40ee-bc1d-294ddf168a12

Featured by dakseven, posted in Azure AD, Office365

Exchange: The execution of cmdlet Enable-Mailbox failed: An unknown error has occurred. Refer to correlation ID: 9b09bf27-e1ea-40ee-bc1d-294ddf168a12 Note: Beware this could be not your solution. This post exposes an issue when using certain character's on cloud users specifically using in the fields Name, First name or last name the character "*" or other characters forbidden … Continue reading Exchange: The execution of cmdlet Enable-Mailbox failed: An unknown error has occurred. Refer to correlation ID: 9b09bf27-e1ea-40ee-bc1d-294ddf168a12

Linux VM Using ARM templates + Snapshot & Disaster recovery

Featured by dakseven, posted in ARM Templates, Azure, Backups, Linux

I strongly recommend to NOT do this in a production enviorment This guidance is meant to create all the related resources after a deletion In this guidance , we do create a resource group to save the Snapshot , even deploying an ARM template would recreate the VM , we would be loosing the data … Continue reading Linux VM Using ARM templates + Snapshot & Disaster recovery

[Error] Dialing VPN connection , Status = Server did not respond properly to VPN Control Packets. Session State: Reset sent – Azure VPN

Featured by dakseven, posted in Azure, Azure AD

This common error in azure VPN when a miss configuration has been made in the process in the gateway settings . I will attach a list of possible solutions that you may find useful .Which also covers local machine time problems. This guidance is meant for engineers that have implemented Azure VPN ( open vpn … Continue reading [Error] Dialing VPN connection , Status = Server did not respond properly to VPN Control Packets. Session State: Reset sent – Azure VPN

Migrate Jira Service Desk ( Linux ) to Jira cloud Atlassian Service Management

Featured by dakseven, posted in Jira, Linux

This is a resumed guide of how to migrate a Linux Server - Jira Servicedesk Instance to Atlassian cloud. This guidance is meant for people trying yo migrate to the cloud . Certain Jira Administration & Linux knowledge is required to follow the guide successfully Migrating attachments will be done in the next post 🙂 … Continue reading Migrate Jira Service Desk ( Linux ) to Jira cloud Atlassian Service Management

The last operation performed on this VM failed . The VM still running Azure VM backup failed

Featured by dakseven, posted in Azure, Windoes Server 2019

The resource operation completed with terminal provisioning state 'Failed'.This can be cause either for an error on the hyper visor or either a component that has been deployed and failed. If this is not your case please check logs before following any steps of this guide As mentioned earlier this resolution may not work for … Continue reading The last operation performed on this VM failed . The VM still running Azure VM backup failed

Import & Export Transport rules in 365 Exchange

Featured by dakseven, posted in Exchange Online, Hybrid Exchange, Office365, PowerShell

On this article we will learn how to export and import transport rules in our exchange What Transport rules do? You can use mail flow rules (also known as transport rules) to identify and take action on messages that flow through your Exchange Online organization. Mail flow rules are similar to the Inbox rules that are available in Outlook and Outlook on the web … Continue reading Import & Export Transport rules in 365 Exchange

The Restore point Collection max limit has reached . – Resolve Azure Backup Restore points issues

Featured by dakseven, posted in Azure, Backups

Today we will cover the several reasons for a collection limit - azure backup can fail Here we can detect the error as shown: UserErrorRpCollectionLimitReached OperationNotAllowed : The number of restore points across restore point collections and resource groups for a VM cannot exceed 18. To create a new restore point, please delete existing restore … Continue reading The Restore point Collection max limit has reached . – Resolve Azure Backup Restore points issues

Install DC Core 2019 with 0 trust NSG in Azure

Featured by dakseven, posted in Active Directory, Azure, Windows Server 2019

Firstly well look at the specs that in this case I have used for this matter In this case since is a Core server we selected B1mS with premium SSD Ensure you patch the server using Sconfig. Beforehand raising it as a Domain controller . Recommended 0 trust config NSGS ( only for AD , … Continue reading Install DC Core 2019 with 0 trust NSG in Azure

The Kerberos ticket instant refresh and Security Legacy Protocols

Featured by dakseven, posted in Security, Security Basics, Windows 10, Windows server 2012, Windows server 2012 R2, Windows Server 2019, Windows Server2016

If you ever wondered why when applying permissions on Windows Enviorment takes time to apply to the user the response is : the Kerberos ticket The trick is simple just running the following command you should refresh the permissions without having to reboot Open cmd.exe run Klist purge Now I would like to go through … Continue reading The Kerberos ticket instant refresh and Security Legacy Protocols

Repairing trust relationship in azure Windows VM using Serial console

Featured by dakseven, posted in Azure, Windows server 2012, Windows server 2012 R2, Windows Server 2019

There is going to be some times that you may restore a VM from a snapshot and the vm effectively is crashed its relationship with the domain since the snapshot was maybe performed long ago In cases like this whether Remote desktop may not be available we should be able to re-join the machine using … Continue reading Repairing trust relationship in azure Windows VM using Serial console

System Centre Endpoint Protection Azure VMS – blocked –

Featured by dakseven, posted in Azure, Windoes Server 2019, Windows server 2012, Windows server 2012 R2, Windows Server 2019, Windows Server2016

I'm back Well be covering over this next year loads of Azure Technologies . Recently I've got my MCSE Core Infrastructure + Azure Admin AZ04 Today we will cover an issue with Endpoint protection when the extension is Deployed in Azure and you wish to interact with the Defender directly on the vm , you … Continue reading System Centre Endpoint Protection Azure VMS – blocked –

Configure External Access for Teams between tenants

Featured by dakseven, posted in Office365, Teams 365

Advise: This will not work as expected if both companies are still using skype. Ideally what you want is to be full Teams mode To configure external access and users being able to talk between different 365 Tenants Log into Tenant 1 365 Admin console / Teams section / org Wide section / External Access … Continue reading Configure External Access for Teams between tenants

Teams sound & camera not working?

Featured by dakseven, posted in Teams 365, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows Tips

Hi Team Opening new section for Teams and Windows tips & today we will cover the most famous one Camera and sound not working. Obviously this can be because your mic is not connected or either speakers.But there is another classic and its Windows preventing it! Here we spot the problem on a test call … Continue reading Teams sound & camera not working?

Exchange AD Objects with an Incorrect Target Address Attribute

Featured by dakseven, posted in Active Directory, Hybrid Exchange, Office365, PowerShell

Within an Hybrid environment , you can notice that a new accepted domain is in the Exchange portal Mail.onmicrosoft.com This domain is going to be used by the on premises to route mail of the account that has been migrated A quick way to view an objects Active Directory targetAddress attribute is through the Active … Continue reading Exchange AD Objects with an Incorrect Target Address Attribute

Restore Windows 10 Store APP via Powershell

Featured by dakseven, posted in PowerShell, Windows 10, Windows Tips

If you have lost you Windows10 Store , there is a quick fix that can bring it back. We will not require admin rights for this fix and is advisable to do it with user permissions as W10 apps mainly work via user context The first that we will do is search for our package … Continue reading Restore Windows 10 Store APP via Powershell

AD PowerShell Get all Security/ Distribution groups including email assigned

Featured by dakseven, posted in Active Directory, Windows server 2012, Windows server 2012 R2, Windows Server2016, Windows Tips

Script for quickly getting any security/distribution list group and if so, they have an email assigned ; #import-module activedirectory $user="Example" $array = Get-ADPrincipalGroupMembership $user | Get-ADGroup -Properties * | select name, description,mail,groupcategory echo "All DL groups and email groups for the user" foreach($i in $array.count){echo $array}