Here is Group Policy:
Computer Configuration / Administrative Templates / Windows Components / News and interests
Disable "News and Interests" in Windows 10
article #1570, updated 1 day ago
Check web sites for active infections, via sandbox analysis
article #1569, updated 3 days ago
This tool does the job, it uses Crowdstrike and other major-player tools:
Download Microsoft Teams (newest)
article #1568, updated 7 days ago
Here’s the download page:
www.microsoft.com/en-us/microsoft-teams/download-app
This downloads an .MSIX, which one can usually double-click effectively. The link appears to be nicely static at this writing:
statics.teams.cdn.office.net/production-windows-x64/enterprise/webview2/lkg/MSTeams-x64.msix
Block personal use of Microsoft Teams
article #1567, updated 7 days ago
If you want to prevent non-M365 login to Teams:
New public DNS: cleanbrowsing.org
article #1566, updated 10 days ago
Appears to be very very good. Has three different kinds of filtration:
Get HP serial number for a Windows PC
article #1565, updated 11 days ago
This just worked well, reportedly also works on Dell:
Get-WmiObject Win32_BIOS | Select-Object SerialNumber
Microsoft Entra Connect - Rename of Azure AD Connect - Download
article #1564, updated 17 days ago
OK, so it started as DirSync, is still being called on some pages “Azure AD Connect”, including the download page as of this writing:
www.microsoft.com/en-us/download/details.aspx?id=47594
but it is, apparently, officially renamed Microsoft Entra Connect:
learn.microsoft.com/en-us/entra/identity/hybrid/connect/whatis-azure-ad-connect-v2
except within the URL itself :-)
Please note that this is NOT the same as Microsoft Entra Cloud Sync. The above does LDAP, Cloud Sync does not.
Preventing System Volume Information buildup
article #1507, updated 27 days ago
The overall cause of buildup of orphan shadows in “System Volume Information” folders, is physical storage not being able to keep up with demand.
The best first steps I have, are to run what I sometimes call general cleanup. After that, I run PrivaZer without checking traces in free space, which saves time and does not affect performance results. PrivaZer cleans up an amazing variety of NTFS issues, even new installs often benefit.
And after that, three registry entries. Here’s Powershell code to get them in and engaged.
$NewMaxShadowCopies = 8
$NewMinDiffAreaFileSize = 128
# http://www.tomsitpro.com/articles/powershell_registry-powershell_command_line,2-152.html
function setupDWORD {
param( [string]$regPath, [string]$nameForDWORD, [long]$valueForDWORD )
##############
# Error out if cannot touch the registry area at all
If ( !(Test-Path $regPath) ) {
Try {
New-Item $regPath -Force -ErrorAction SilentlyContinue
}
Catch {
Write-Error ("Could not visit or create registry path " + $regPath)
Return
}
}
#############
# If an existing registry entry exists, store its value to report later
Try {
$oldValueProperty = Get-ItemProperty -Path $regPath -Name $nameForDWORD -ErrorAction SilentlyContinue
$oldValue = $oldValueProperty.$nameforDWORD
}
Catch {
$oldValue = ""
}
#############
# Report the changes to make
Write-Output ("DWORD to write: " + $nameForDWORD)
Write-Output ("at registry path " + $regPath)
If ($oldValue -ne "") {
Write-Output ("Original value is " + $oldValue)
}
else {
Write-Output "No original present."
}
Write-Output ("New value is " + $valueforDWORD)
############
# Report no changes to make, set new registry entry, or error out
If ($oldValue -eq $valueforDWORD) {
Write-Output "No change to make."
""
Return
}
Try {
New-ItemProperty -Path $regPath -Name $nameForDWORD -Value $valueForDWORD -PropertyType DWORD -Force -ErrorAction SilentlyContinue > $null
}
Catch {
Write-Error "Failed!"
""
Return
}
"Succeeded!"
""
}
setupDWORD "HKLM:\System\CurrentControlSet\Services\VSS\Settings" "MaxShadowCopies" $NewMaxShadowCopies
setupDWORD "HKLM:\System\CurrentControlSet\Services\VolSnap" "MinDiffAreaFileSize" $NewMinDiffAreaFileSize
setupDWORD 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows' 'DeleteStaleTaskCache' 1
""
"Restarting VSS..."
Restart-Service -Force -Name "VSS"
""
"Complete!"
""
IP Reputation Checks
article #1563, updated 29 days ago
Recently, one site has been blocked from multiple web-based services. All of the services were using Amazon CloudFront as backend. One by one, when the vendors were contacted, they all found that CloudFront was blocking their site’s external Internet IP. This was happening despite the fact that a large number of blacklist checks were coming up green. Eventually, I found these:
talosintelligence.com/reputation_center
www.apivoid.com/tools/ip-reputation-check/
which do a lot more. Not sure how timely some of the reporting is. And they still did not explain the CloudFront issues.
Reestablish Windows Domain Relationship in Powershell
article #1562, updated 32 days ago
If you can get to an administrative or system shell:
Reset-ComputerMachinePassword -Server DC.domain.local -Credential (Get-Credential)