Some Notes on the Machines

It’s a recent and active development, works very well, very nicely functional. Currently runs on Windows, macOS and Linux desktop computers, as well as on Android devices and Chromebooks. Uses the Sword Project repositories. The UI is a bit different than others, but it’s very well worth the learn.

ezrabibleapp.net/

This is at the 365 level, not the Exchange level. To connect:

Connect-MgGraph -Scope User.Read.All 

(or User.ReadWrite.All)

To get user info:

Get-MgUser -UserID username@domain.com

To change immutable ID to “a”:

Update-MgUser -UserID username@domain.com -OnPremisesImmutableId "a"

One cannot change ImmutableID to $null, but it can be changed, so an AD/AZ ‘hard match’ is probably still possible. Have not verified yet.

The Exchange Online direct connection from Powershell, does remain, and is freshly updated.

Microsoft is getting rid of Powershell modules we have been learning for years, in favor of something radically different, called Microsoft Graph. Here’s a page which gives us the profoundly different pattern of Graph usage for some nice things to have:

blog.raindrops.dev/blog/force-password-change-for-all-users-in-office-365/

The Exchange Online direct connection from Powershell, does remain, and is freshly updated.

Try this:

@("MsOnline","ExchangeOnlineManagement","AzureAD","AzureRM","Az","Microsoft.Graph","MicrosoftTeams","Microsoft.Online.SharePoint.PowerShell","Microsoft.PowerApps.Administration.PowerShell","Microsoft.PowerApps.PowerShell","WhiteboardAdmin","O365CentralizedAddInDeployment","PnP.PowerShell","MicrosoftPowerBIMgmt")|%{if(!(get-module -listavailable -name $_)){install-module -name $_ -skippublishercheck -allowclobber -force}elseif((get-module -listavailable -name $_).version -lt (find-module $_).version){update-module -name $_ -force;Get-InstalledModule -name $_ -allversions| where {$_.version -lt (get-installedmodule -name $_.name).version} | Uninstall-Module -force}}

From www.tbone.se/2023/02/27/update-your-windows-11-with-some-powerful-one-liners/”

Microsoft has a global MFA override coming to all accounts as a default; their term is “Security Defaults”. To turn this off, log in as Office 365 admin and then:

entra.microsoft.com/#blade/Microsoft_AAD_ConditionalAccess/SecurityDefaults?Microsoft_AAD_IAM_legacyAADRedirect=true

Just now, 2023-06-30 12:50PM CST, I searched in multiple different search engines for something simple but very unusual. All of them but one gave me dozens of pages of useless and irrelevant links which had a word close to the goal but spelled a bit differently. This one, only, gave me just what I needed:

DuckDuckGo

Can be visited at either duckduckgo.com or https://ddg.gg.

This writer will be using DDG by default.

A sample SMTP conversation.  You’ll need Putty (telnet mode!) in Windows, or Cygwin with ‘inetutils’ installed (for telnet), or the telnet for your Linux. The idea is that you are playing the role of a machine trying to send email through a mail server you select. You can learn causes of failure this way that you cannot learn any other way, or not at all easily.

• Blue is transmit.
• Red is receive. 
• We start with a telnet on port 25. The first step is a Linux command line as written, directly translatable to Cygwin’s telnet, and GUIable in Putty.
• The messages received will vary somewhat, but the initial numbers won’t. 
• The greater-than and less-than signs (< >) are required.
• Replace mail.domain.com with the FQDN or IP of the mail server. This is essential to get to the correct SMTP server.
• Replace test.domain.com with the Internet FQDN of the machine you are on if it exists, and otherwise, use test and the final domain name of the mail server you are trying to reach. This is how you are identifying yourself, as legitimately as available, to that mail server.
• Most SMTP servers, especially ESMTP servers, respond well to EHLO these days. A few still need the original, HELO.
• If it says OK at each step, the mail server has accepted what you have sent. Otherwise, it will give a short error, generally with a standard SMTP error code which you can look up.
• Choose the sender and the recipient carefully, according to what kind of test you are needing. For instance, if you are testing a simple mailbox, the FROM can be your own email address, and the TO can be a mailbox to which you have access, behind that mail server. Distribution lists and scan-to-email can indicate needed variations.

telnet mail.domain.com 25

220 mail.domain.com ESMTP

EHLO test.domain.com

250 test.domain.com

MAIL FROM: <sender@domain.com>

250 2.1.0 Sender OK

RCPT TO: <recipient@domain.com>

250 2.1.5 Ok

DATA

354 Enter mail, end with “.” on a line by itself

testing
testing
testing
.

250 2.0.0 Ok: queued as xxxxxxx

There are machines with (say) 16 gigabytes of RAM, where Task Manager shows 97% or more memory in use, but the numbers don’t add up even close to 16G. The first step is to get RAMMap:

learn.microsoft.com/en-us/sysinternals/downloads/rammap

and study the Use Counts tab list. There may be more than one cause, but the one I’m looking at, shows most of my RAM used by “Driver Locked”. Microsoft says updated drivers will fix it. Will continue this article when I have data. Current references:

learn.microsoft.com/en-us/answers/questions/128755/driver-locked

learn.microsoft.com/en-us/windows-hardware/test/assessments/windows-assessment-console

learn.microsoft.com/en-us/windows-hardware/get-started/adk-install

At least on this office LAN, this is helping. Not clear whether it helps everywhere and all.

In Regedit, go to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

You’ll notice several GUIDs. These are all of the network interfaces Windows knows about, virtual, Bluetooth, whatnot. You’ll want to try adding the below to any of them that you use.

TCPAckFrequency = 1

Technically this is called “disabling delayed ACK”. It seems to be helping me a lot for all accesses, including SMB, intranet, and Internet.

Interesting tool by an interesting community.

www.sysnative.com/forums/downloads/sfcfix/

And they have volunteers to help, with another interesting tool which does fixes as well:

www.sysnative.com/forums/threads/windows-update-forum-posting-instructions.4736/