You get- "You cannot visit localhost right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."
IF YOU'RE CERTAIN the page is safe, you can type thisisunsafe and you will be able to reach the site.
You want to keep a user's mailbox indefinitely, however, you do *not* want to keep their AD account (or you want it disabled). Converting it to a shared mailbox still anchors it to their AD account, so purging that deletes the mailbox.
- Delete or Disable the account in AD, or, move the account to an OU not synced by AD Sync
- Run an AD Sync.
- Ensure the account is gone in Office 365.
- In Office 365 Admin Center, open the Azure Active Directory Admin Center.
- Go into Users, Deleted Users, find the user in question, check the box and click "Restore User".
- Go into the user's cloud account and reapply the license.
- Once their mailbox is in Exchange Admin Center, convert the mailbox to a shared mailbox.
- Remove the license from their user account.
(Get-AuthConfig).CurrentCertificateThumbprint | Get-ExchangeCertificate | Format-List
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -DomainName @()
Set-AuthConfig -NewCertificateThumbprint <ThumbprintFromStep1> -NewCertificateEffectiveDate (Get-Date)
Set-AuthConfig -PublishCertificate
Set-AuthConfig -ClearPreviousCertificate
IISReset
In Veeam Backup and Replication you get the notification "Warning Skipping credentials backup because the encryption is disabled. This will complicate the restore process significantly. Enable configuration backup encryption to stop receiving this warning."
Personally, I do not want the credentials stored in the configuration backups, so this is the desired behavior. To suppress this warning-
HKEY_LOCAL_MACHINE\SOFTWARE\Veeam\Veeam Backup and Replication "ConfigurationBackupSuppressEncryptionWarning", DWORD, value "1"
SSH into ESXi server. In vcenter, go to Configure, Scroll down to Services under System. Start the SSH service.
From SSH-
Disable Firewall-
esxcli network firewall ruleset set -e true -r httpClient
All One Line-
esxcli software profile update -p <INSERT IMAGE NAME> -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
Re-enable firewall
esxcli network firewall ruleset set -e false
esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xmlUse grep to filter the list for your version,
esxcli software sources profile list --depot=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml | grep -i ESXi-6.7If you get [MemoryError]-
esxcli system settings advanced set -o /VisorFS/VisorFSPristineTardisk -i 0
cp /usr/lib/vmware/esxcli-software /usr/lib/vmware/esxcli-software.bak
sed -i 's/mem=300/mem=500/g' /usr/lib/vmware/esxcli-software.bak
mv /usr/lib/vmware/esxcli-software.bak /usr/lib/vmware/esxcli-software -f
esxcli system settings advanced set -o /VisorFS/VisorFSPristineTardisk -i 1https://williamlam.com/2024/03/quick-tip-using-esxcli-to-upgrade-esxi-8-x-throws-memoryerror-or-got-no-data-from-process.html
If you want to convert a mailbox to shared to preserve it, but you want to disable or delete the AD account, do the following-
- Go into mailboxes in Exchange Admin Center, click "Convert to Shared" on the right.
- To to the users in Microsoft 365, remove the users license.
- Disable or delete the AD account, wait for Azure AD to sync.
- Under Admin Centers, click Azure Active Directory, Users, Deleted Users. Select the users and click "Restore Users." This will move them to a "Cloud User" which will need to be maintained to prevent the mailbox from being deleted. This account will not be able to log into the mailbox, however, so it presents a pretty minimal risk. You can set a complex password and enable MFA.
First- Ensure Office 365 is set for Modern Auth-
- Log in to the Office 365 portal, Edge seems to work the best.
- Admin Centers, Exchange, Classic Exchange Admin Center.
- Hybrid, click "Configure" under Exchange Online Powershell Module.
- Type "Connect-EXOPSSession -UserPrincipalName <your UPN>"
- Get-OrganizationConfig | ft OAuth*
- If it's set to "True", you're good to go, modern auth is enabled.
- If it's set to false- Set-OrganizationConfig -OAuth2ClientProfileEnabled $True
- Give it a couple of hours.
If a user is still getting the basic prompt in outlook-
- Go into control panel, credential manager, delete everything related
- In regedit, go to HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Identity.
- Create a new DWORD named "EnableADAL" and give it a value 1
If that doesn't work-
- Create a new DWORD named "DisableAADWAM" and give it a value 1
- Create a new DWORD named "DisableADALatopWAMOverride" and give it a value 1