PSSBS Monthly Meeting, November 17, 2016

Join us at Microsoft’s Lincoln Square Offices in Bellevue Washington for an evening of “non-NDA” reports from Microsoft’s 2016 MVP Summit, and a discussion and demo of the Azure Portal and Marketplace. See how our new group Webpage was setup in Azure.
Pizza is on the menu for the evening, so if you have a few bucks to contribute to the pizza fund, great, if not, you’re still welcome to join us and have a slice! The meeting space and beverages graciously provided by Microsoft.
We will meet at our usual location, at Microsoft’s Lincoln Square offices in downtown Bellevue (700 Bellevue Way NE – Lincoln Square, Bellevue, WA 98004).
Park in the Lincoln Square garage and meet at the elevators on the first floor by 6 PM to head up to the meeting (take a ticket when you enter the garage, but parking will be free for the evening).
Meeting will be from 6:00 PM – 8:30 PM.

Posted in Uncategorized | Tagged , , | Leave a comment

Windows Server 2016 and System Center 2016 Launched today at Ignite!

Here’s a great list that was shared with some of us earlier today by Rob Hindman with Microsoft. A BIG thank you Rob for getting all these links together in one document!

We are delighted to announce that today we launched Windows Server 2016 and System Center 2016 as announced at the Ignite conference in Atlanta !!!!

Evaluation bits, which are valid for 180 days, are available for download now…

Windows Server 2016: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016?i=1

System Center 2016: https://www.microsoft.com/en-us/evalcenter/evaluate-system-center-2016

  • Note that we recommend installing zero-day patches, specifically KB3192366 for S2D clusters, from Windows Update using Settings | Update & security | Check online for updates from Microsoft Update as soon as practical.
  • Windows Server 2016 and System Center 2016 are on the October 2016 Price List.
  • Windows Server 2016 and System Center 2016 will be Generally Available in mid-October, meaning that VL versions will be available at that time.

Announcing the launch of Windows Server 2016, Erin Chapple: https://blogs.technet.microsoft.com/hybridcloud/2016/09/26/announcing-the-launch-of-windows-server-2016/

Microsoft Web site for Server 2016:  https://www.microsoft.com/en-us/cloud-platform/windows-server

Here are some great Windows Server 2016 videos that have already been posted to YouTube. More are coming:

  • Software Defined Networking is a huge step forward in how you configure, manage and secure your network. Check out Greg Cusanza talking about the build in load balancer: https://www.youtube.com/watch?v=5q3sEQN4GSM
Posted in Uncategorized | Tagged , , | Leave a comment

Office 365 2010 Professional Plus and Terminal Servers (RDS Servers)

JeremyChapmanPassing on clarification from Microsoft’s Jeremy Chapman (pictured left) regarding Office 365’s Click-to-Run Office 2010 Professional Plus (available through “normal” subscriptions, such as the E3 plan as of this writing, April, 2015) and why it will not install on a RDS/TS Server:

“The Office 2010 subscription (365) install has activation based on retail activation, which is incompatible with RDS. RDS requires a Volume Activation package of Office 2010 – there is no way to make it work using the Office 2010 subscription package.

“The updated Office 365 ProPlus package has a new form of subscription retail activation (Shared Computer Activation), which works when installed on a server with the RDS role enabled. In that case, Office doesn’t activate in the traditional machine-level sense, but provides the logged in user-based temporary activation within that user’s profile. If the user has been provisioned for Office 365 ProPlus, they can log in with those credentials to unlock Office. In a VDI or hosted/remote app architecture, each user logging into the RDS host would need to be provisioned in Office 365 ProPlus to unlock Office for their session.”

A big thank you to Jeremy for clarifying the underlying reasons why 2010 does not work and 2013 does! Be sure to catch his great work over on the Office Blogs at http://blogs.office.com/author/jeremy-chapman too!

Posted in Uncategorized | Tagged , , , | Leave a comment

Tired of dealing with password resets

Issue Description

==============

Password Expiration Policy

 

 

Issue Resolution

==============

  1. Click Start > Search for Windows PowerShell > Right click ‘Run as administrator’.
  2. To establish connection, Open Windows Powershell (Run as administrator) then enter the Global Admin credential (Email address format) after running below script

 

$cred = Get-Credential

 

Set-ExecutionPolicy Unrestricted

 

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection

 

Import-PSSession $Session

 

 

  1. Then we need to make sure we have Microsoft Online Module for Powershell already installed, in case if we don’t please download it from below source :

 

64 bit module version – http://go.microsoft.com/fwlink/p/?linkid=236297

                It may ask us to install the Microsoft Online Services Sign-In Assistant from below link : http://www.microsoft.com/en-us/download/details.aspx?id=39267

 

Then run the below commands and when asked enter the Global Administrator credentials again

 

Import-Module MSOnline

 

Connect-Msolservice

 

 

  1. To set the password policy to never expire, we may run the below commands
    1. For Individual user :-

Set-MsolUser –UserPrincipalName user@lmitc.com -PasswordNeverExpires $True

  1.  
    1. For All Users in the Organisation :-

Get-MsolUser | Set-MsolUser –PasswordNeverExpires $True

  1. To verify if password is set to never expire run the following command.

Get-MsolUser –UserPrincipalName user@lmitc.com | fl

See the below variable in the command shell ( PasswordNeverExpires :True )

 

  1. To set the password expiration to some number of days at domain level :
    Set-MsolPasswordPolicy -DomainName domain.com -NotificationDays 15 -ValidityPeriod 180

 

Note : Once we create a new user, we will have to set the password policy for that user again, as it is not possible to inherit that policy to the new user, so we will need to run the above commands again.

 

Posted in Uncategorized | Leave a comment

What does a fake voicemail virus email get you?

Well, for one example, here’s what Windows Defender Offline (http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline) found from a scan of an infected machine. Fortunately the user powered down the computer immediately after realizing he had been had.

Rogue:Win32/Winwebsec
Trojan
file:D:\ProgramData\hDa3n3aV\serv.bat
file:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\Antivirus Security Pro support.url
file:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\Antivirus Security Pro.url
folders:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\

TrojanDownloader:Win32/Kuluoz.D
containerfile:D:\Users\–username-removed–\Downloads\VoiceMail_Seattle_(206)4581802.zip
file:D:\Users\–username-removed–\AppData\Local\dqegmcmb.exe
file:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Recent\VoiceMail_Seattle_(206)4581802.lnk
file:d:\users\–username-removed–\Downloads\VoiceMail_Seattle_(206)4581802.zip->VoiceMail_Seattle_(206)4581802.exe
regkey:HKCU@S-1-5-21-3504191443-3983057376-3714753911-2621\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\ojphvgtg
runkey:HKCU@S-1-5-21-3504191443-3983057376-3714753911-2621\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\ojphvgtg

A tip for you. After running the cleanup removal in Windows Defender Offline, reboot the machine with network disconnected to a Microsoft ERD Commander disc and use the registry editor and Windows Explorer to check the work of the cleanup tool and ensure everything is out of there. Then reboot and run Norton Power Eraser (https://security.symantec.com/nbrt/npe.aspx) for a final cleanup (has to be online for the Norton tool to work).

Posted in 4729 | Leave a comment

Need to pull data from your Exchange 2007 – 2013 logs?

Here’s how using PowerShell in the Exchange Management Shell:

get-messagetrackinglog -EventID “RECEIVE” -Start “10/22/2013 10:30:00 AM” -End “10/22/2013 4:00:00 PM” -ResultSize Unlimited |fl >c:\trackinglog.txt

By the way, the “-ResultSize Unlimited” will get you the full results to your text file and not truncate it.

Posted in 11361, 13090, 18152, 4885, Uncategorized | Leave a comment

Poor performance when you enable RemoteFX in Hyper-V on a Windows Server 2012-based computer that uses AMD processors

Working with Hyper-V on Windows Server 2012? Check out this KB article if you have AMD proc’s in your server(s) for a hotfix:

http://support.microsoft.com/kb/2770440/en-us?sd=rss&spid=16526

 

Posted in 12675, 15587, 15589, 17621, 17622 | Leave a comment

Windows 8 Mail requires 3rd party SSL certificate for Exchange

If you have a Windows 8 Mail client that won’t connect to an Exchange account, check to see if you have a self-assigned SSL certificate installed on your Exchange Server. A “3rd party” certificate (GeoTrust, Thawte, VeriSign, Go Daddy for example) will take care of your problem. You can confirm if this is in fact the case by running the Microsoft Remote Connectivity Analyzer, testing Exchange ActiveSync (https://www.testexchangeconnectivity.com/).

Posted in 12406, 17239, 3202 | Leave a comment

No PSSBS Meeting for November, 2012

For those who are not members of the PSSBS Yahoo Group, or in case you haven’t seen the announcement in our PSSBS Yahoo Group, there is NO NOVEMBER MEETING. I am in Las Colinas, Texas at an MVP “Deep Dive” in Server 2012 Essentials and Multipoint. We will be meeting in December, with a presentation by CRU-DataPort.

Posted in 2828 | Leave a comment

Install Exchange 2010 in two (2) steps

At SMB Nation 2012 in Las Vegas, I have been asked multiple times for the URL to the TechNet Article that has the simple steps to install Exchange Server 2010 on a member server in a Windows Server 2012 Essentials network. You can find it at http://technet.microsoft.com/en-us/library/aa997281.aspx.

Steps below from the comments at the bottom of the TechNet page:

How to install Exchange 2010 in two steps!
The following comments are from Michael Smith, Exchange MVP, and posted here with his permission. – Steve

In general, I ignore the wizards when installing Exchange. It’s literally easier (IMHO) to install from the command line. And it takes only two steps.

1. In an elevated cmd prompt, install the Exchange prerequisites and reboot:
sc.exe config NetTcpPortSharing start= auto
REM cd into the ‘Scripts’ directory in the Exchange installation folder/media
cd /d c:\Ex2010SP2\Scripts
ServerManagerCmd.exe -ip Exchange-Typical.xml -Restart

 
(You’ll get a warning about ServerManagerCmd being old-fashioned. Ignore it.)

2. After the reboot, in an elevated cmd prompt, install Exchange:
setup /r:mb,ca,ht /on:”First Organization”

That’s it.

How do you use this with Windows Server Essentials 2012?

1. Purchase Windows Server 2012 Standard (Volume Licensing is your best bet in order to get the required Essentials keys for installation).
2. Install as parent Hyper-V OS. Windows Server 2012 provides 1+2 licensing. (http://download.microsoft.com/documents/uk/SMB/products/windows-server/WS2012_Licensing-Pricing_Customer_FAQ.pdf)
3. Install Windows Server 2012 Essentials (Download the trial available at http://www.microsoft.com/click/services/Redirect2.ashx?CR_CC=200142594 to get the bits) as your first child virtual machine. You will need an Essentials key for this at install. You are exercising your downgrade rights of Windows Server 2012 Standard in this process.
4.

Posted in Uncategorized | Leave a comment