Here is Group Policy:
Computer Configuration / Administrative Templates / Windows Components / News and interests
Here is Group Policy:
Computer Configuration / Administrative Templates / Windows Components / News and interests
This tool does the job, it uses Crowdstrike and other major-player tools:
Here’s the download page:
www.microsoft.com/en-us/microsoft-teams/download-app
This downloads an .MSIX, which one can usually double-click effectively. The link appears to be nicely static at this writing:
statics.teams.cdn.office.net/production-windows-x64/enterprise/webview2/lkg/MSTeams-x64.msix
If you want to prevent non-M365 login to Teams:
Appears to be very very good. Has three different kinds of filtration:
This just worked well, reportedly also works on Dell:
Get-WmiObject Win32_BIOS | Select-Object SerialNumber
OK, so it started as DirSync, is still being called on some pages “Azure AD Connect”, including the download page as of this writing:
www.microsoft.com/en-us/download/details.aspx?id=47594
but it is, apparently, officially renamed Microsoft Entra Connect:
learn.microsoft.com/en-us/entra/identity/hybrid/connect/whatis-azure-ad-connect-v2
except within the URL itself :-)
Please note that this is NOT the same as Microsoft Entra Cloud Sync. The above does LDAP, Cloud Sync does not.
The overall cause of buildup of orphan shadows in “System Volume Information” folders, is physical storage not being able to keep up with demand.
The best first steps I have, are to run what I sometimes call general cleanup. After that, I run PrivaZer without checking traces in free space, which saves time and does not affect performance results. PrivaZer cleans up an amazing variety of NTFS issues, even new installs often benefit.
And after that, three registry entries. Here’s Powershell code to get them in and engaged.
$NewMaxShadowCopies = 8 $NewMinDiffAreaFileSize = 128 # http://www.tomsitpro.com/articles/powershell_registry-powershell_command_line,2-152.html function setupDWORD { param( [string]$regPath, [string]$nameForDWORD, [long]$valueForDWORD ) ############## # Error out if cannot touch the registry area at all If ( !(Test-Path $regPath) ) { Try { New-Item $regPath -Force -ErrorAction SilentlyContinue } Catch { Write-Error ("Could not visit or create registry path " + $regPath) Return } } ############# # If an existing registry entry exists, store its value to report later Try { $oldValueProperty = Get-ItemProperty -Path $regPath -Name $nameForDWORD -ErrorAction SilentlyContinue $oldValue = $oldValueProperty.$nameforDWORD } Catch { $oldValue = "" } ############# # Report the changes to make Write-Output ("DWORD to write: " + $nameForDWORD) Write-Output ("at registry path " + $regPath) If ($oldValue -ne "") { Write-Output ("Original value is " + $oldValue) } else { Write-Output "No original present." } Write-Output ("New value is " + $valueforDWORD) ############ # Report no changes to make, set new registry entry, or error out If ($oldValue -eq $valueforDWORD) { Write-Output "No change to make." "" Return } Try { New-ItemProperty -Path $regPath -Name $nameForDWORD -Value $valueForDWORD -PropertyType DWORD -Force -ErrorAction SilentlyContinue > $null } Catch { Write-Error "Failed!" "" Return } "Succeeded!" "" } setupDWORD "HKLM:\System\CurrentControlSet\Services\VSS\Settings" "MaxShadowCopies" $NewMaxShadowCopies setupDWORD "HKLM:\System\CurrentControlSet\Services\VolSnap" "MinDiffAreaFileSize" $NewMinDiffAreaFileSize setupDWORD 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows' 'DeleteStaleTaskCache' 1 "" "Restarting VSS..." Restart-Service -Force -Name "VSS" "" "Complete!" ""
Recently, one site has been blocked from multiple web-based services. All of the services were using Amazon CloudFront as backend. One by one, when the vendors were contacted, they all found that CloudFront was blocking their site’s external Internet IP. This was happening despite the fact that a large number of blacklist checks were coming up green. Eventually, I found these:
talosintelligence.com/reputation_center
www.apivoid.com/tools/ip-reputation-check/
which do a lot more. Not sure how timely some of the reporting is. And they still did not explain the CloudFront issues.
If you can get to an administrative or system shell:
Reset-ComputerMachinePassword -Server DC.domain.local -Credential (Get-Credential)