https://tailscale.com/
Adam Cushing Blog
Adam Cushing's Blog. Information interesting to Adam Cushing
Tuesday, April 15, 2025
Friday, March 21, 2025
How to uninstall Entra AAD Sync (and disable it/convert all users to cloud only)
How to disable Active Directory synchronization in Microsoft Entra ID
Step 1. Install the Microsoft Graph PowerShell module
Install-Module Microsoft.Graph -Force
Step 2. Connect to Microsoft Graph
Connect-MgGraph -Scopes "Organization.ReadWrite.All"
Step 3. Check on-premise sync status
Get-MgOrganization | Select-Object DisplayName, OnPremisesSyncEnabled
DisplayName OnPremisesSyncEnabled
----------- ---------------------
EXOIP True
Step 4. Disable on-premise directory synchronization
$OrgID = (Get-MgOrganization).Id
$params = @{
onPremisesSyncEnabled = $false
}
Update-MgOrganization -OrganizationId $OrgID -BodyParameter $params
Step 5. Verify on-premise sync status - It should be empty.
Get-MgOrganization | Select-Object DisplayName, OnPremisesSyncEnabled
DisplayName OnPremisesSyncEnabled
----------- ---------------------
EXOIP
The Sync status should have a picture of a cloud-
Step 6. Uninstall Entra AD Sync
Unable to connect to Office 365 / Exchange online, or Entra ID - Microsoft.Online.Administration.Automation.MicrosoftOnlineException was thrown.
Forget all of the former connection to 365. Microsoft broke it as of ... 3/2025.
For powershell, you need to install the latest Exchange online management -
Find-Module ExchangeOnlineManagement -AllVersions
Remove-Module ExchangeOnlineManagement
Uninstall-Module ExchangeOnlineManagement -AllVersions -Force
Install-Module ExchangeOnlineManagement -RequiredVersion 3.7.2 -Scope AllUsers
Import-Module ExchangeOnlineManagement -RequiredVersion 3.7.2
Connect-ExchangeOnline
Friday, February 21, 2025
How to install Windows 11 on a PC that doesn't support it (No TPM)
How to install Windows 11 on a PC that doesn't support it (No TPM)
- When you get to the Windows 11 setup screen, press Shift + F10 to open Command Prompt.
- Type
regedit
and press Enter. - Navigate to:
HKEY_LOCAL_MACHINE\SYSTEM\Setup
- Right-click Setup, select New > Key, and name it LabConfig.
- Inside LabConfig, right-click and create the following DWORDs:
- BypassTPMCheck → Set value to
1
- BypassSecureBootCheck → Set value to
1
- BypassRAMCheck → Set value to
1
(if needed)
- BypassTPMCheck → Set value to
- Close Registry Editor, then exit Command Prompt and continue installation.
Thursday, December 19, 2024
FortiGate FortiNet FortiClient VPN stuck at Connecting with SAML Enabled.
Resolving FortiClient Stuck on 'Connecting' with SAML on Windows 11
I encountered an issue where FortiClient would hang on "connecting" when using SAML authentication on new Windows 11 machines. After some troubleshooting, I found the solution: install the latest version of the Microsoft Visual C++ Redistributable.
https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170
Tuesday, December 17, 2024
Windows Domain Controller (Server) boots up in "Private" network zone instead of "Domain"
Troubleshooting Windows Domain Controller Booting in "Private" Network Zone
Occasionally, your Windows Domain Controller (Server) may boot into the "Private" network zone instead of the expected "Domain" network zone. Here are steps to address this issue:
Primary Solution
The issue may stem from incorrect DNS configuration. If the server cannot resolve the domain name before the Network Location Awareness (NLA) service starts, the network zone may default to "Private."
To resolve this:
- Set the server's primary DNS to
127.0.0.1
(its loopback address). - Set the secondary DNS to either:
- Another Domain Controller's IP address, or
- The server's other IP address (if it is the only Domain Controller).
- Set the Network Location Awareness server to "Delayed Start" in Services.
Emergency "Break Glass" Solution
If the server continues to boot into the "Private" profile and the primary solution doesn't resolve the issue, you can disable the domain discovery negative cache by adding specific registry keys.
Registry Keys to Disable Domain Discovery Negative Cache
Add the following registry keys:
1. Disable the Domain Discovery Negative Cache
Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
- Name: NegativeCachePeriod
- Type: REG_DWORD
- Value Data:
0
(Default value: 45 seconds. Set to0
to disable caching.)
Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
- Name: MaxNegativeCacheTtl
- Type: REG_DWORD
- Value Data:
0
(Default value: 5 seconds. Set to0
to disable caching.)
Note: Disabling the negative cache ensures that failed domain detection results (e.g., ERROR_NO_SUCH_DOMAIN
) are not cached. By default, Network Location Awareness (NLA) attempts domain detection multiple times during network setup (triggered by route or IP address changes). However, if the first detection fails and is cached negatively, subsequent attempts may also fail.
2. Alter NLA Domain Detection Behavior
Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters
- Name: AlwaysExpectDomainController
- Type: REG_DWORD
- Value Data:
1
Note: This registry key modifies how NLA handles retries for domain detection, ensuring it always expects a Domain Controller.
By following these steps, you can mitigate issues with your Domain Controller booting into the wrong network profile. Always exercise caution when editing the registry and ensure you have backups before making changes.
Sunday, December 15, 2024
Mysterious Orbs Identified as Advanced Drone Technology
Mysterious Orbs Identified as Advanced Drone Technology
By Jim Addison | East Coast News Bureau
After weeks of speculation surrounding the mysterious glowing orbs spotted along the East Coast, experts now confirm that the phenomena are the result of advanced drone technology, likely part of ongoing military and commercial testing programs. Sources close to the investigation have revealed that both private-sector drone manufacturers and government agencies have been conducting trials involving autonomous drone swarms equipped with advanced lighting systems.
The orbs, described by witnesses as hovering, darting, and disappearing without sound, align closely with the behavior of next-generation drones designed for surveillance, reconnaissance, and synchronized operations. Defense analysts suggest the sightings are connected to classified military exercises, with testing zones coincidentally overlapping with civilian airspace.
“Cutting-edge drone technology is capable of extreme maneuverability and virtually silent operation,” said Dr. Lucas Bryant, an aerospace systems expert. “The lighting effects seen on these orbs are likely advanced LED arrays used for both signaling and stealth purposes during tests.”
Several sightings occurred near military bases, including reports from residents of Grissom Joint Air Reserve Base in Indiana and along the Pamlico Sound in North Carolina, further strengthening the theory of coordinated defense-related experiments. Officials, while reluctant to comment directly, have neither confirmed nor denied the connection.
In the private sector, drone manufacturers are pushing the boundaries of autonomous flight. One unnamed industry insider disclosed that large-scale drone swarms are being developed for commercial light shows, emergency response, and infrastructure monitoring—capabilities that match the erratic but organized flight paths of the reported orbs.
While natural and optical phenomena were considered early in the investigation, such as ball lightning or atmospheric reflections, experts now agree that these factors fail to explain the structured and intentional movements observed.
For now, the public can rest assured: the glowing orbs illuminating the night sky are not extraterrestrial visitors but a glimpse into the future of drone technology—silent, swift, and undeniably advanced.