Pauls Blog

Browse to https://myprofile.microsoft.com https://aka.ms/mfasetup

 From:  Grant Send on Behalf Permissions using Powershell (morgantechspace.com) Set-Mailbox "[Identity]" -GrantSendOnBehalfTo @{add="[User]"}

  Check Certificate Expiry Date in .NET Core | Steve Fenton DateTime notAfter = DateTime . UtcNow ; var httpClientHandler = new HttpClientHandler { ServerCertificateCustomValidationCallback = ( request , cert , chain , policyErrors ) => { notAfter = cert . NotAfter ; return true ; } }; using HttpClient httpClient = new HttpClient ( httpClientHandler ); await httpClient . SendAsync ( new HttpRequestMessage ( HttpMethod . Head , url )); Assert . IsTrue ( notAfter > DateTime . UtcNow . AddDays ( 60 ));

Incoming Text Example: Group1@domain.com MgtGroup Group1@domain.com MgtGroup Template - Sets Name, SamAccountName, ManagedBy New-DistributionGroup           -Name '<% $0.split('@')[0] %>'           -SamAccountName '<% $0.split('@')[0] %>'           -ManagedBy '$1'           -OrganizationalUnit 'OU=Distribution Groups DLs),OU=Managed,DC=XXXX,DC=XXX,DC=XXX,DC=au'      -Type 'Security' Update Email Address (when the target address is in col 2  of input )  Set-DistributionGroup '$2'  -EmailAddresses @{Add='$2@XXX.com.au'}

  Tip when using LetsEncrypt in Windows - Feature Requests - Let's Encrypt Community Support In a paragraph, just use the web.config file to set the mime type, eg...  After trying to figure out why my Lets Encrypt failed to generate in Windows, and discovering that it's the no extension mime type problem, I wondered whether certbot could fill in the missing gap. All that is needed is the following web.config file to be placed in the same directory as the challenge <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> <staticContent> <mimeMap fileExtension="." mimeType="text/xml" /> </staticContent> </system.webServer> </configuration> Because there's no mime type for files without an extension on IIS, IIS sends back a 404 when verification happens. The web.config file above sets the mime type. After I created the .well-known

 The trick is that you use Set-DistributionGroup, not Set-Group eg:  Set-DistributionGroup "groupname" -HiddenFromAddressListsEnabled $true It's the same as Set-Mailbox when you use Set-DistributionGroup

  hostnamectl set-hostname new_hostname

 I renewed a https cert today in Windows and had problems with the new Cert sticking in Windows It would add fine, without error, but would disappear when the IIS Server Certificates screen would refresh.  Open the Certificates in MMC (Local Machine) and inspecting the Web Hosting gave a clue, the new certificate was there, but with a key - the private key was missing.  Could be because the original certificate was created on a completely different machine and imported to this new server.  At any rate, a simple certutil command fixed it .  A tip I received from  SSL disappears from the certificate list on Windows server - SSL Certificates - Namecheap.com Key steps are:  Double-click the certificate and go to  Details  tab. In certificate details locate the  Serial Number  field, click on it and copy its value. Open Command Prompt, pressing  Win+R  and typing  cmd , then click  OK In the command prompt type:  certutil -repairstore my Serial_number  from step 9 I actually typed       cer

A good read.    Deciding between COALESCE and ISNULL in SQL Server (mssqltips.com) Key Points :  The COALESCE and ISNULL SQL Server statements handle data type precedence differently COALESCE determines the type (and length) of the output based on data type precedence.   ISNULL takes the first parameter.  The SQL Server COALESCE statement supports more than two arguments COALESCE and ISNULL perform about the same (in  most  cases) in SQL Server ISNULL is not consistent across Microsoft products/languages COALESCE is ANSI standard

 Press  shift - alt -s in VS Code Then select "SignCurrentScript"

  SELECT      a. ZDIRECTORY || '/' || a. ZFILENAME LocationOnFileSystem      , att. ZORIGINALFILENAME FROM ZADDITIONALASSETATTRIBUTES att JOIN ZASSET a ON att. ZASSET = a. Z_PK      -- WHERE att.ZORIGINALFILENAME = 'IMG_0938.JPG'      WHERE a. ZFILENAME = '6E44872E-FA7C-424A-9136-6B0DC24D7E8F.jpeg' NB: the photo is located at: /Users/ username /Pictures/Photos Library.photoslibrary/originals The sqlite file is at: /Users/ username /Pictures/Photos Library.photoslibrary/database/Photos.sqlite If you want the time, just grab , a. ZDATECREATED This is the seconds since Monday, 1 January 2001 12:00:00 AM or "Apple Cocoa Core Data timestamp"

Just say you wanted to get a list of properties from a class  var model = new Person(); foreach (var property in model.GetType().GetProperties()) {    Console.WriteLine(property + " " + property.PropertyType.Name); }

  Get All rules for a mailbox       Get-InboxRule -Mailbox mailbox Gives something like  Name                  Enabled Priority RuleIdentity ----                  ------- -------- ------------ Forward mail to Yahoo True    1        nnnnnnnnnnnnnnnnnnnnn Select all rule properties  Get-InboxRule -Mailbox mailbox -Identity nnnnnnnnnnnnnnnnnnnnnnn

  There's a few different ways to do this, but for me, with a Blazor Server application and backend API, this seemed to work the best.  Step 1 - Create Certificate  I got this script from  Develop Locally with HTTPS, Self-Signed Certificates and ASP.NET Core (humankode.com) It's fairly well documented, but there's a few things to note:  - Change Subject and Dnsname to your preferred name  - Note the certifcate store location, in your personal store - Note the hard coded password  YourSecurePassword - I don't know what the TextExtension field does, need to research that - Note that the created cer file is deleted at the last step   However, this process didn't get me in a position where the server itself trusted the certificate, which is what I needed for Blazor, see Step 2 below. # setup certificate properties including the commonName (DNSName) property for Chrome 58+ $certificate = New - SelfSignedCertificate ` - Subject localhost ` - DnsName localhost `

Having problems with Windows Update on a Windows Server 2016 on AWS Lightsail.  AWS turn off Windows Update by default, and there is some other tool AWS uses to process update, however I don't think it manages LightSail machines.  I made some changes to the group policy, and that seems to have started Windows Updates, but they don't seem to be installable on demand.  I found this at  https://docs.microsoft.com/en-us/answers/questions/356003/windows-10-updates-kb2267602-security-intelligence.html Run Windows update troubleshooter firstly, this tool can diagnose and repair update issue automatically. Then, restart computer and check for updates again. If still no help, reset Windows update component manually: Open an elevated command prompt windows, type the following commands one after the other, and hit Enter: net stop wuauserv net stop bits rename c:\windows\SoftwareDistribution SoftwareDistribution.bak net start wuauserv net start bits Open an elevated Command Prompt, type th

Set-Mailbox EmailAddress -Type Regular

Basically follow the instructions to install certbot for ubuntu from  Certbot (eff.org) Note that it uses snap to install certbot , not some bespoke apt repo There's only 2 things you need to worry about, because snapd is already installed at part of openvpn / ubuntu:   Install Certbot sudo snap install --classic certbot Create a symbolic link sudo ln -s /snap/bin/ certbot / usr /bin/ certbot This is where we can depart the normal process, and create the lets encrypt certs. run the following command and follow the prompts sudo certbot certonly --standalone --preferred-challenges http -d vpnserver.yourdomain.com Finally install the certificates in the website, using the web interface    Automation .    I haven't tried this myself, but you should be able to automate this by creating a file with the   following  ( remember to chmod it with +x) #!/ bin/bash certbot renew — standalone sleep 1m / usr /local/ o

  Use Powershell  Step 1 - Put your existing password in a Secure String  $oldPassword = Read-Host "Your old Password" -AsSecureString  Step 2 - Start the password change set-AdAccountPassword -Identity paul-admin -OldPassword  $oldPassword Step 3 - Enter your new password You'll be prompted for your new password... Please enter the desired password for 'CN=xxxx,OU=Admin Users,OU=Users,OU=Privileged,DC=CAIS,DC=com,DC=edu,DC=au' Password: ************************** Repeat Password: **************************

 Today I was asked to find the mailbox that held a certain alias, or additional email address The Exchange Admin Web client wasn't very helpful, but LDAP was with the following query... searcher.Filter = $"(proxyaddresses=smtp:sales@company.com)"; The trick with the ldap query was I needed to include the smtp: prefix.  In the end, it wasn't a mailbox or sharedbox, but rather a distribution list, and LDAP didn't care. 

 The 3cx call logs are typically found at  /var/lib/3cxpbx/Instance1/Data/Logs/CDRLogs

 For mailboxes Set-Mailbox dave -HiddenFromAddressListsEnabled $true  For Groups Set-DistributionGroup group1 -HiddenFromAddressListsEnabled $true

 See Repair Outlook Data Files (.pst and .ost) - Outlook (microsoft.com) Scanpst locations: Outlook 2019: C:\Program Files (x86)\Microsoft Office\root\Office16 Outlook 2016: C:\Program Files (x86)\Microsoft Office\root\Office16 Outlook 2013: C:\Program Files (x86)\Microsoft Office\Office15 Outlook 2010: C:\Program Files (x86)\Microsoft Office\Office14 Outlook 2007: C:\Program Files (x86)\Microsoft Office\Office12

  Powershell - Initial Start  get-acl | % { $_.Access } | Select IdentityReference , FileSystemRights Other things to look at are:  AccessControlType, ie: Allow, Deny Whether it's inherited and the inheritance flags Propagation Flags ?? - what is that 

$sessionOption = New-PSSessionOption -SkipCACheck -SkipCNCheck -SkipRevocationCheck $session = New-PSSession -ConnectionUri $yourUrl -Credential $credential -Authentication Basic -AllowRedirection -SessionOption $sessionOption