Saturday, January 11, 2020

Outlook 2019 won't autodiscover and keeps prompting for password with on-prem Exchange.


If you have your domain associated with an Office 365 account, Outlook will completely ignore autodiscover and try to authenticate to Office 365.

Open RegEdit
Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover 
New DWORD entry, ExcludeExplicitO365Endpoint -  value of 1.
------------------------------------------------------------
You are using a SAML provider and get a white blank screen or a ghost login screen-

[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity]
"DisableADALatopWAMOverride"=dword:00000001

If the above key change alone does not work, edit this additional Registry key:
[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity] 
"DisableAADWAM"=dword:00000001
------------------------------------------------------------

Posted by at No comments:

Thursday, January 2, 2020

Unlock VMware ESXi root account

Procedure to unlock the ESXi host account at the console

  1. Login to the DCUI (to enable the ESXi Shell if not already done)
  2. Login with root and the correct password
  3. Go to Troubleshooting Options
  4. Select Enable ESXi Shell
  5. Press CTRL+ALT+F1
  6. At the ESXi shell login with root and the password
  7. Run the following commands to show number of failed attempts:
    pam_tally2 --user root
  8. Run the following command to unlock the root account:
    pam_tally2 --user root --reset
Posted by at No comments:

Friday, December 20, 2019

How to migrate from FRS to DFS on a domain

Ensure the health of AD and FRS on all domain controllers is known to be healthy. Ensure SYSVOL and NETLOGON are shared on all DCs.

Migrate to Prepared State - You will migrate to the Prepared state, where both FRS and DFSR are replicating their own individual copies of SYSVOL, but the FRS copy mounts the SYSVOL and Netlogon shares. On the PDC Emulator domain controller, run (as an elevated domain admin):
Dfsrmig /setglobalstate 1

Run the following to force AD to sync.
dfsrdiag pollad
repadmin /syncall /AdeP
Dfsrmig /setglobalstate 1

Wait for this AD value on the PDCE to converge on all domain controllers, Use the following command to see progress:
Dfsrmig /getmigrationstate

Migrate to Redirected State - You will migrate to the Redirected state, where both FRS and DFSR are replicating their own individual copies of SYSVOL, but the DFSR copy mounts the SYSVOL and Netlogon shares. On the PDC Emulator domain controller, run (as an elevated domain admin): 
Dfsrmig /setglobalstate 2

Wait for this AD value on the PDCE to converge on all domain controllers. Use the following command to see progress: 
Dfsrmig /getmigrationstate

You will migrate to the Eliminated state, where DFSR is replicating SYSVOL and FRS is removed. Unlike the Prepared and Redirected states, there is no way to go backwards from this step - once executed, FRS is permanently stopped and cannot be configured again. On the PDC Emulator domain controller, run (as an elevated domain admin): 
Dfsrmig /setglobalstate 3

Wait for this AD value on the PDCE to converge on all domain controllers, then for DFSR to switch to Eliminated state on each domain controller and update AD, and finally for that value to replicate back to the PDCE. Use the following command to see progress: 
Dfsrmig /getmigrationstate

Posted by at 1 comment:

Wednesday, December 11, 2019

WSUS Troubleshooting

gpupdate /force

Check GPO-
gpresult /r
gpresult /h gpreport.html

Check Windows Update Server-
reg query HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate


Posted by at No comments:

Thursday, October 3, 2019

Reset password or unlock account on VMware appliances

Reboot, press e.

Add- rw init=/bin/bash to the Linux command, press F10
mount -o remount, rw /

To reset pw-
passwd

To unlock-
/sbin/pam_tally2 -r -u root

umount /
reboot -f


Posted by at No comments:

Wednesday, July 3, 2019

Cisco Anyconnect, users intermittently do not have DNS Resolution

Cisco Anyconnect, users intermittently do not have DNS Resolution-

This is the bug, CSCtf20226 and CSCtz86314.  You can work around it by bypassing IPv6.

Under the group policy for the VPN-
client-bypass-protocol enable

Posted by at No comments:

Wednesday, May 15, 2019

Cisco ASA ASDM IDM Launcher Won't Run on Windows 10 "this app can't run on your pc"

Go to Start, Cisco ASDM-IDM Launcher, right click the launcher and go to Open file location.

Right Click on the Shortcut and go to Properties.  In the Target Field, you'll see a long path to  wscript.exe.  Change this to C:\Windows\System32\wscript.exe note - leave everything else alone including the invisible.vbs run.bat on the end as these scripts are used to open up ASDM.).


Posted by at 11 comments:
Subscribe to: Posts (Atom)