Disable "News and Interests" in Windows 10
article #1570, updated 1 day ago

Here is Group Policy:

Computer Configuration / Administrative Templates / Windows Components / News and interests

Categories:      

==============

Check web sites for active infections, via sandbox analysis
article #1569, updated 3 days ago

This tool does the job, it uses Crowdstrike and other major-player tools:

www.hybrid-analysis.com

Categories:      

==============

Download Microsoft Teams (newest)
article #1568, updated 7 days ago

Here’s the download page:

www.microsoft.com/en-us/microsoft-teams/download-app

This downloads an .MSIX, which one can usually double-click effectively. The link appears to be nicely static at this writing:

statics.teams.cdn.office.net/production-windows-x64/enterprise/webview2/lkg/MSTeams-x64.msix

Categories:      

==============

Block personal use of Microsoft Teams
article #1567, updated 7 days ago

If you want to prevent non-M365 login to Teams:

answers.microsoft.com/en-us/msteams/forum/all/how-to-disable-the-access-to-team-for-personal-use/79c67ef8-e58f-4ebb-9f82-8e5937348c57

Categories:      

==============

New public DNS: cleanbrowsing.org
article #1566, updated 10 days ago

Appears to be very very good. Has three different kinds of filtration:

cleanbrowsing.org/filters/

Categories:      

==============

Get HP serial number for a Windows PC
article #1565, updated 11 days ago

This just worked well, reportedly also works on Dell:

Get-WmiObject Win32_BIOS | Select-Object SerialNumber

Categories:      

==============

Microsoft Entra Connect - Rename of Azure AD Connect - Download
article #1564, updated 17 days ago

OK, so it started as DirSync, is still being called on some pages “Azure AD Connect”, including the download page as of this writing:

www.microsoft.com/en-us/download/details.aspx?id=47594

but it is, apparently, officially renamed Microsoft Entra Connect:

learn.microsoft.com/en-us/entra/identity/hybrid/connect/whatis-azure-ad-connect-v2

except within the URL itself :-)

Please note that this is NOT the same as Microsoft Entra Cloud Sync. The above does LDAP, Cloud Sync does not.

Categories:      

==============

Preventing System Volume Information buildup
article #1507, updated 27 days ago

The overall cause of buildup of orphan shadows in “System Volume Information” folders, is physical storage not being able to keep up with demand.

The best first steps I have, are to run what I sometimes call general cleanup. After that, I run PrivaZer without checking traces in free space, which saves time and does not affect performance results. PrivaZer cleans up an amazing variety of NTFS issues, even new installs often benefit.

And after that, three registry entries. Here’s Powershell code to get them in and engaged.

$NewMaxShadowCopies = 8
$NewMinDiffAreaFileSize = 128

# http://www.tomsitpro.com/articles/powershell_registry-powershell_command_line,2-152.html

function setupDWORD {
    param( [string]$regPath, [string]$nameForDWORD, [long]$valueForDWORD )

    ##############
    # Error out if cannot touch the registry area at all
    If ( !(Test-Path $regPath) ) {
        Try {
            New-Item $regPath -Force -ErrorAction SilentlyContinue
            }
        Catch {
            Write-Error ("Could not visit or create registry path " + $regPath)
            Return
            }
        }

    #############
    # If an existing registry entry exists, store its value to report later
    Try {
        $oldValueProperty = Get-ItemProperty -Path $regPath -Name $nameForDWORD -ErrorAction SilentlyContinue
        $oldValue = $oldValueProperty.$nameforDWORD
        }
    Catch {
        $oldValue = ""
        }

    #############
    # Report the changes to make
    Write-Output ("DWORD to write: " + $nameForDWORD)
    Write-Output ("at registry path " + $regPath)
    If ($oldValue -ne "") {
        Write-Output ("Original value is " + $oldValue)
        }
    else {
        Write-Output "No original present."
        }
    Write-Output ("New value is " + $valueforDWORD)

    ############
    # Report no changes to make, set new registry entry, or error out
	If ($oldValue -eq $valueforDWORD) {
		Write-Output "No change to make."
		""
		Return
		}
    Try {
        New-ItemProperty -Path $regPath -Name $nameForDWORD -Value $valueForDWORD -PropertyType DWORD -Force -ErrorAction SilentlyContinue > $null
        }
    Catch {
        Write-Error "Failed!"
        ""
        Return
        }

    "Succeeded!"
    ""
    }

setupDWORD "HKLM:\System\CurrentControlSet\Services\VSS\Settings" "MaxShadowCopies" $NewMaxShadowCopies

setupDWORD "HKLM:\System\CurrentControlSet\Services\VolSnap" "MinDiffAreaFileSize" $NewMinDiffAreaFileSize

setupDWORD 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows' 'DeleteStaleTaskCache' 1

""

"Restarting VSS..."

Restart-Service -Force -Name "VSS"

""

"Complete!"
""

Categories:      

==============

IP Reputation Checks
article #1563, updated 29 days ago

Recently, one site has been blocked from multiple web-based services. All of the services were using Amazon CloudFront as backend. One by one, when the vendors were contacted, they all found that CloudFront was blocking their site’s external Internet IP. This was happening despite the fact that a large number of blacklist checks were coming up green. Eventually, I found these:

talosintelligence.com/reputation_center

www.ipqualityscore.com

www.apivoid.com/tools/ip-reputation-check/

which do a lot more. Not sure how timely some of the reporting is. And they still did not explain the CloudFront issues.

Categories:      

==============

Reestablish Windows Domain Relationship in Powershell
article #1562, updated 32 days ago

If you can get to an administrative or system shell:

Reset-ComputerMachinePassword -Server DC.domain.local -Credential (Get-Credential)

Categories: