26. July 2018
Rich
Tech Guides
Problem
Unable to RDP to Machine: CredSSP Encryption Oracle Remediation
Cause
Windows Update: https://support.microsoft.com/en-gb/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018
Solution
The fix is to open your local group policy settings and do this.
Computer Configuration -> Administrative Templates -> System -> Credentials Delegation--Encryption Oracle Remediation
enable and set to 'vulnerable'.
If Windows Home edition reg key change...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters] "AllowEncryptionOracle"=dword:00000002
I had to create the CredSSP key, then the Parameters key, then the dword value as none of them existed.
Reference, Links and Imges
https://blogs.technet.microsoft.com/mckittrick/unable-to-rdp-to-virtual-machine-credssp-encryption-oracle-remediation/
https://support.microsoft.com/en-gb/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018
27. February 2018
Rich
Tech Guides
Problem
You are unable to remotly manage a server using server administrator getiing a DCOM and Remote Event Management firewall error.
Cause
The firewall on the remote computer is not configured to allow remote management of the server.
Solution
You can run this PowerShell command to enable the rules on all servers in one command.
Import-Module NetSecurity
Invoke-Command Server1,Server2,Server3 {Get-NetFireWallRule *COM* | Enable-NetFirewallRule}
Invoke-Command Server1,Server2,Server3 {Get-NetFireWallRule *RemoteEvent* | Enable-NetFirewallRule}
7. January 2018
Rich
Tech Guides
Scenario
We have two servers, server1 and server2.
Server1 is a DC and Server2 is a web server. We want to be able to use the IIS management console to administer Server2 from Server1.
To allow remote management of a server role we need to enable the via PowerShell. Below is an example for enabling the management of IIS.
First we need to modify the registry to allow the connection and then we need to set the server "WMSVC" to startup automatically. After the two comands below have been run from Server2, you can then add server2 via the IIS Management Console on Server1.
Set-ItemProperty -Path "HKLM:\Software\Microsoft\WebManagement\Server" -Force -Restart
Set-Service WMSVC -StartupType Automatic
23. March 2016
Rich
Tech Guides
The clutter folder can be annoying or useful. Here's how to turn it off and on useing powershell (for administrators).
1.Remote onto O365 via PowerShell -
Click here for a guide2.
a. To enable:
Set-Clutter -Identity [email protected] -Enable $Trueb. To disable:
Set-Clutter -Identity [email protected] -Enable $False
3.
a. For disabling all users:
Get-Mailbox | Set-Clutter -Enabled $False
b. For enabling all users:
Get-Mailbox | Set-Clutter -Enabled $True
15. January 2016
Rich
Tech Guides
If you created a subscription name "Disk Events" and you wanted the delay to be two minutes instead of the default 15 Minutes, you would run the following commands:
wecutil ss "Disk Events" /cm:custom
wecutil ss "Disk Events" /hi:12000
To check the current interval time:
wecutil gs "Disk Events"
To minimize Bandwidth and Latency options both batch a default number of items at a time. You can determine the value of this default by typing the following command:
winrm get winrm/config
---
To configure Subscriptions over HTTPS the following winrm command should be run on setup
winrm quickconfig -transport:https