Finally figured it out.
Our Skype for Business 2015 Server Front-End service wouldn't start, it kept displaying "Starting".
The event-viewer kept filling up with:
Event ID: 32192
Closing routing group service due to an error.
Calling ReportFault on routing group {3C86EE90-FB81-5FC0-9B41-2C787B4ACC20} with FaultType 2 and ReasonCode 3. Error code: 0x00000000(ERROR_SUCCESS)
Cause: This may indicate a problem with the routing group. Please examine the server event logs and traces to identify the cause.
Resolution:
Run the commandlet Get-CsPoolFabricState -RoutingGroup [ROUTING GROUP] and make sure quorum is achieved. If the Pool is running and the Front-End is just started, this is normal for some time. If the error persists while the Front-End is running, restart the server.
And:
Event ID: 32179
Request to sync data from backup store for routing group {353B9BC5-A12D-578B-BAD5-F7F8BD5E02FC} was throttled due to pending requests.
Cause: This can happen when a Pool is re-started, and should go away automatically.
Turns out TLS 1.0 was disabled but this would be effective after the first reboot.
So when we rebooted for the latest WSUS updates it got activated and thereby killing the RTCSRV.exe service.
You can find the key here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0|Server
REG_DWORD - Enabled
Value: ffffffff (decimal: 4294967295)
The disabled value is:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0|Server
REG_DWORD - Enabled
Value: 0(decimal: 0)
About: Exchange 2013-2016-2019-Online - Powershell - Windows 2012-2016-2019 - Teams - Office365 - PKI - Microsoft365
24 May 2017
23 May 2017
Start Menu locations - Or add a simple Start Menu yourself without 3rd party tools
I keep forgetting the path to the Start Menu:
"C:\Program Data\Microsoft\Windows\Start Menu\Programs"
This is the same for Windows 7 up to Windows 10, and for Server 2012 to Server 2016.
But, wouldn't it be nice to have some sort of start menu without installing some malware/spyware infested tool? Then this quick fix is for you:
- Display "Hidden items" on your C: Drive.
- Open File Explorer and browse to your C: Drive.
- On the View tab, check the "Hidden items" checkbox.
- Add a New Toolbar on your Taskbar.
- Right-click on a blank area of your Taskbar and select Toolbars > New Toolbars.
- Browse to the Start Menu\Programs folder.
- In the New Toolbar dialog box, browse to the "C:\Program Data\Microsoft\Windows\Start Menu\Programs" folder.
- Click the "Select Folder" button.
- Click the "Select Folder" button to add the new Toolbar to your Taskbar.
Here's what it looks like:
Labels:
start menu,
Windows 10,
Windows 2008,
WIndows 2008 R2,
Windows 2012,
Windows 2012 R2,
Windows 2016,
windows 7,
Windows 8
Location:Utrecht
Utrecht, Netherlands
19 May 2017
Find all the KB's for Wannacry with PowerShell
I know this stuff is all over the place, but still could come in handy:
Check to see if the necessary Microsoft KB's are installed on your computer or server to protect you from "Wannacry":
Check to see if the necessary Microsoft KB's are installed on your computer or server to protect you from "Wannacry":
#Current list of all the hotfixes from https://technet.microsoft.com/en-us/library/security/ms17-010.aspx $hotfixes = "KB3205409", "KB3210720", "KB3210721", "KB3212646", "KB3213986", "KB4012212", "KB4012213", "KB4012214", "KB4012215", "KB4012216", "KB4012217", "KB4012218", "KB4012220", "KB4012598", "KB4012606", "KB4013198", "KB4013389", "KB4013429", "KB4015217", "KB4015438", "KB4015546", "KB4015547", "KB4015548", "KB4015549", "KB4015550", "KB4015551", "KB4015552", "KB4015553", "KB4015554", "KB4016635", "KB4019213", "KB4019214", "KB4019215", "KB4019216", "KB4019263", "KB4019264", "KB4019472", "KB4015221", "KB4019474", "KB4015219", "KB4019473" #Check the computer it's run on if any of the listed hotfixes are present $hotfix = Get-HotFix -ComputerName $env:computername | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property "HotFixID" #Confirms whether hotfix is found or not if (Get-HotFix | Where-Object {$hotfixes -contains $_.HotfixID}) { "Found HotFix: " + $hotfix.HotFixID } else { "Didn't Find HotFix" }If you are running Windows 10 Creator Update (Winver: 1703) you are good to go, as this build is not affected by Wannacry.
Labels:
Powershell,
Ransomware,
wannacry
Location:Utrecht
Utrecht, Netherlands
17 May 2017
PSGallery module gone - add it back to PowerShell-ISE
Unable to add modules from the PSGallery provider
When your Package provider list is empty:
Run CMD.exe as an administrator and run the following command:
Close the CMD window, now you have a PS Repository:
When your Package provider list is empty:
Get-PackageProvider -ListAvailable
Run CMD.exe as an administrator and run the following command:
@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex
((new-object net.webclient).DownloadString('https://chocolatey.org/
install.ps1'))" && SET PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin
Close the CMD window, now you have a PS Repository:
PS C:\windows\system32> Get-PSRepository Name InstallationPolicy SourceLocation
--------- ------------------ --------------
PSGallery Untrusted https://www.powershellgallery.com/api/v2/Set the PSGallery as trusted:
PS C:\windows\system32> Set-PackageSource -Name PSGallery -Trusted Name ProviderName IsTrusted Location --------- ------------- --------- -------- PSGallery PowerShellGet True https://www.powershellgallery.com/api/v2/
Force add PSGallery
Register-PSRepository -Name PSGallery -SourceLocation https://www.powershellgallery.com/api/v2/ -PublishLocation https://www.powershellgallery.com/api/v2/package/ -ScriptSourceLocation https://www.powershellgallery.com/api/v2/items/psscript/ -ScriptPublishLocation https://www.powershellgallery.com/api/v2/package/ -InstallationPolicy Trusted -PackageManagementProvider NuGet
Labels:
Powershell,
PowerShellISE,
PSGallery
Location:Utrecht
Utrecht, Netherlands
11 May 2017
Bitlocker everything - Store your bitlockerkeys in Onedrive
I was fooling around with bitlocker the other day and needed a way to store my bitlocker key other than on an external drive or USB drive and especially something else than printing them.
Right click on the physical drive you want to bitlocker and select "Turn on bitlocker".
Then your asked where the bitlocker recovery key has to be stored.
The first options that is presented turned out to be the most excellent one.
Save to your cloud domain account.
Right click on the physical drive you want to bitlocker and select "Turn on bitlocker".
Then your asked where the bitlocker recovery key has to be stored.
The first options that is presented turned out to be the most excellent one.
Now you might think that you need an Azure joined machine, this is partially correct.
If your machine is Azure Active Directory domain joined your bitlocker keys are stored in the "Devices" section in your account, you can the key under the details of your device.
But if you're not Azure domain joined but do have a Onedrive account setup than it will save your bitlocker key in your Onedrive.
Eureka, this means there is no more reason to not use bitlocker on your personal computers.
Knowing that in the case of theft or loss your data will not be compromised.
And the recovery key can be accessed fairly easy through this site:
https://onedrive.live.com/RecoveryKey.
Now this site is not accessible from your onedrive site directly, you won't find a link to it there, you have to know it and type it.
Now this site is not accessible from your onedrive site directly, you won't find a link to it there, you have to know it and type it.
Here's what it looks like:
Subscribe to:
Posts (Atom)