Pacific Computer Wizards - Repository ....

An information repository of … thoughts, data, sharing, and ideas, posted.
    – Use the information in these posts at your own risk.      
                                The ideas, thoughts, and expressions posted here are for my own use.                 
                                 
  -President & Chief Wizard                                                        


Enable sandboxing for Windows Defender

posted Oct 30, 2018, 7:30 AM by Andrew Chadick   [ updated Oct 30, 2018, 7:58 AM ]

Setx Command Reference.

Running Windows Defender in a sandbox is supported on Windows 10, v1703 or later. 
You enable the sandbox by setting up a machine-wide environment variable: 
(setx /M MP_FORCE_USE_SANDBOX 1) and restarting the computer.

Run CMD as Administrator:
setx /M MP_FORCE_USE_SANDBOX 1

How it all works - and When to use it

posted Oct 12, 2018, 8:24 AM by Andrew Chadick   [ updated Oct 30, 2018, 7:37 AM ]

Microsoft Office 365 - Teams, Yammer, Outlook and SharePoint.  How all the tools work together on the one Windows 10 Interface.
https://blogs.technet.microsoft.com/cloudyhappypeople/2017/09/28/now-it-makes-sense-microsofts-collaboration-story-in-a-single-slide/

GSuite to Other (as Back up)

posted Oct 8, 2018, 10:15 AM by Andrew Chadick   [ updated Oct 8, 2018, 10:19 AM ]

Suite -> Gmail -> Adv Settings -> General Settings -> Recipient Address Map -> Edit
All Incoming Messages
Also Route to Original (True)
Add X-Gm-Original-To Header (Yes)


Note:  Name@Domain.x, Name@Domain.y   Then Click Add.

https://support.google.com/a/answer/4524505?hl=en

Let's Encrypt

posted Sep 28, 2018, 9:13 AM by Andrew Chadick   [ updated Oct 4, 2018, 12:16 PM ]

Configuration.xml - Office 2019 Standard - Office Deployment Tool

posted Sep 26, 2018, 2:48 PM by Andrew Chadick   [ updated Oct 4, 2018, 12:15 PM ]

<Configuration>
<Add OfficeClientEdition="64">
<Product ID="Standard2019Volume"  PIDKEY="AAAAA-BBBBB-CCCCC-DDDDD-EEEEE">
           <Language ID="en-us"/>
            <ExcludeApp ID="Access"/>
            <ExcludeApp ID="Groove"/>
            <ExcludeApp ID="Lync"/>
</Product>
</Add>
<Display Level="Full" AcceptEULA="TRUE"/>
<Property Name="AUTOACTIVATE" Value="1"/>
<Property Name="FORCEAPPSHUTDOWN" Value="TRUE"/>
<Property Name="SharedComputerLicensing" Value="0"/>
<Property Name="PinIconsToTaskbar" Value="TRUE"/>
<Updates Enabled="TRUE" Channel="Monthly" />
</Configuration>




Notes Office Deploy Tool / XML Usage:
Elevated CMD Prompt
setup /download configuration.xml
setup /configure configuration.xml
For the Retail version, you can use this Product ID: "Standard2019Retail"; 
<Add OfficeClientEdition="64" Channel="Monthly">
<Product ID="Standard2019Retail" PIDKEY="AAAAA-BBBBB-CCCCC-DDDDD-EEEEE">
If you want to enter your MAK key after the fact, under Account, Change Product Key, you can leave off the PIDKEY.

Cyber Safety -

posted Sep 7, 2018, 10:53 AM by Andrew Chadick   [ updated Sep 7, 2018, 10:54 AM ]

1) YOU ARE YOUR DATA


Criminals need 2 things to perpetrate cyber crime: Your Personal Identifying Information(PII), and access to a Point of Compromise(PoC). 


Examples of Personal Identifying Information (PII):

Names/Usernames

Date of Birth

Mother's Maiden Name

Address(es)

Phone Number(s)

Email Account(s)

Passwords

Social Security Number

Account Number(s)


Examples of Points of Compromise:

   Physical Items -

      Dumpster diving, mail theft, check fraud, burglaries, purse/wallet snatching


   Technology -

      Skimming, Shoulder Surfing, Gas Pumps, Point of Sale (POS) devices, Radio Frequency Identification (RFID)


   Computer and Internet -

      Social Media, Email, Unsecure Websites, Online Shopping, Classifieds, Unsecure Wifi, Filesharing, Bot Nets, Data Breach


   Mobile Devices -

      SMS Phishing, GeoTagging, Spyware, Malware, Bluejacking, Near Field Communication (NFC), Quick Response Codes


 

2) IF IT HAS A LOCK, USE IT


Secure Points of Compromise- Balance convenience versus safety/security

   Physical Items

      Use physical locks, purge, shred, secure mail


   Technology

      Credit versus Debit versus Cash (Pin number versus Zip Code)


   Computer and Internet

      Strong Passwords - A password as a lock (15 digits or more, Caps, lowercase, Number, Symbol!)  StrongPassCodes@HomeBEasy693.us

      Two Factor - If a dual authentication method is available USE IT


   Mobile devices

      Limit access, use passcodes/finger prints/application locks/pin access to applications


3) WHEN ASKED FOR PII, ASK WHAT FOR?


Practice responsible sharing!


   ASK:

      WHY do you need my PII?

      WHAT are you going to do with it?

      HOW will you protect my data?

      HOW can I monitor my data?

      WHAT will you do when you are done with the data?


Plan for Safety -

        It costs more NOT to pay attention 

               Use technology to monitor and protect your data

               Educate yourself on emerging technologies

               Be mindful of safety versus convenience when accessing technology


Resources for Remediation:

Federal Trade Commission:  File a complaint: 1-877-FTC-HELP or  1-877-382-4357  http://www.ftc.gov

Identity Theft Resource Center: 888-400-5530  http://www.idtheftcenter.org

Privacy Rights Clearinghouse:   http://www.privacyrights.org

These tips provided by NOVA - National Organization for Victim Assistance 1-800-879-6682.

Facebook feed on Chrome isn't loading correctly

posted Sep 7, 2018, 9:09 AM by Andrew Chadick   [ updated Sep 7, 2018, 9:30 AM ]

Chrome is an interesting browser, like IE back in the day, there are lots of configuration options, and lots of things that can break it.  You have to learn the areas that Google has placed all the switches that give it functionality.  One of the things that gives it more ability, is also one of the things that breaks it most, and that is the Browser Extension area.  

Google built in a function called Incognito, which in essence, is the browser, with just default settings, no add-ons, no changes to the way it works.  It also doesn't track you.

So, Facebook, it's a site that requires a pretty barebones browser to work correctly.  If there are too many extensions, or just the wrong function in the way, it doesn't load correctly.  For me, I had Grammerly enabled, and it was getting in the way.  So, when I encounter this issue, I disable it, using this shortcut method.  It can be a pain, or you can simply have a browser with as few mods as possible.  It's your choice.  Anyway, this is a quick run through on making a short cut that is for Incognito, and using it to switch on and off Chrome Extensions.


1. First, make a copy of your Chrome shortcut, that way you can access the browser as you normally would, once you’ve fixed the problem you’re having.

2. Find your copied Chrome shortcut, right click on it and select “Properties”. Be sure to Name it “troubleshooting” or something similar.

3. Select the “Target” field and add  “–incognito” to the end of the command.

4. Click “Apply” and then “Ok” to save the changes.

5. Now, double click on the new shortcut to enter into a “Safe Mode/Incognito Mode” Chrome browser.  

6. In the address bar, put “chrome://extensions” (minus the quote marks) into the browser’s address bar to view and change the extensions.

7. Disable each extension either all at once, or one at a time if you’re unsure which extension broke Chrome, simply switch them on and off, back and forth, until you figure out which one did it, using both shortcuts.


Delegation of Contacts - Groups within Contacts - The New Interface (9 dots)

posted Aug 29, 2018, 4:02 PM by Andrew Chadick   [ updated Oct 8, 2018, 10:29 AM ]

In general,  Google Apps, and most everything Google is pretty cool.  
.............But I'm going to be scratching my head on what happened here on this one for a while...

In the enterprise, you are used to a certain configuration for your email, contacts and contact groups.  You have your contacts, and within contacts you have groups.  Those groups may be board members, committees, internal and external employees, or what-have-you.  You open an email, and you send a message to boardmembers@domain.com and all your board members that are in that group receive the email.  Clean and easy - Everything managed from one contact manager interface.
In an enterprise setup, you also have assistants that help manage contacts and groups on behalf of their managers.  
These are Delegates to the owner of the account, be that the CEO, Director, or Manager.
  
Within Google Apps, it used to be, that you would assign a delegate (assistant) within settings on behalf of a master account (ie manager/owner/CEO), and the delegate would manage the contacts and members of the groups within, from their own account under it's own contact interface.  
It Was really straight forward once delegation was configured.  

But it's all changed with the new Google Apps Mail interface.  

The contacts were moved from:

Over to:

Within the new contacts(Preview), you were, up until not long ago(the last couple of months?), very limited to what you were able to do (import, export, delegate, merge, were all functions you had to drop out of preview to do); so you would be forced to go back to the old interface in order to get full functionality.  Note: as I update this post, I'm noticing a lot of changes.  So this post is changing along with it.... 

When you reverted back to the classic "old version" of the interface these functions like import / export would work. So you would tend to stay in the Classic interface...  Under the Classic Contact interface, you will even now still see your Groups listed that were pulled from the old Contacts during the change over.  However, the Groups listed here are only email addresses associated with the Group names from your contact group objects that were created in Contacts.  You can't add/edit/delete contacts to these group names from within a contact email address now, as they are simply an email address now.  You might as well go through and purge them.  They are pretty much useless the way things have changed.

While playing with this, since the migration/changes.... I figured out a few things.  

Your contact groups from the migration are not totally gone per se.  They have been split, in to an email address within contacts, and a group migrated to a new location of the same name.  

Groups are now also within the 9 dots, but under the Groups icon within (they are now "email list groups".  Contact Groups are now like the very old "Listserv" System Groups from yesteryear and treated much the same way, with members, permissions, posts, notifications of membership and opt-out options. 

 

The new contact group, now, not only has members of it, like it did before, under contacts, but now requires many new permissions to be set up, including changes to the way your delegate has to be defined. See the "Roles" area. See snip below with permissions/changes.

Note to Google Dev's: 
Contact Groups were a very simple set up, you had contacts, and groups within contacts.  You had a delegate that could make changes for you. 

Now you have a mess of details to hash through; email list membership, permissions(what is and isn't allowed), and managers/owners that have to be defined, along with various restrictions that just aren't necessary in this particular type of group.
  
I can understand using "Groups" as you have for "listserv-like" functionality, where you have posts and topics, and the like.  But a listserv is completely different to an enterprise setup of members of a contact group that can be managed by an assistant.  

This new way of doing groups is truly broken. Someone at Google needs to revisit the way contacts are configured, managed, and delegated.   

Another downside to this new way of handling members of the group, is that your delegate needs to be added and be part of the group in order to be able to have them assigned/listed as a 'manager' of it.  
It muddies the make up and membership in the various groups, and makes it more than a bit strange.  

Imagine if you will,  your board of directors as the members of the "Board@domain.com" group; and your assistant listed in there too as a "member" of the group - just so you can identify him/her as the the manager/delegate in a different section.  

... I'm really baffled by whomever thought all of this was a good idea.

Anyway, this post is just so others can figure this out, and make sense of what and where everything went...
------------- - -----------------------
***Old Contact Interface***  After the migration to the Nine dots; under the Classic Contacts interface, you will still see the option to create a new group (see below), and you can still add members to the group, much the same way you used to, and it will create the group under contacts under a heading, that indicates 'groups' by indenting them under your 'My Contacts'. You can click the group and see it's members.
These groups are not the same as they were, when you direct an email to them, they auto-populate the members of the group and the group name just goes away. The email address just vanishes.  It's more like an alias now, than a group name with a specific email address associated with it...

Further; These new group names created here will not automatically migrate into the "Groups" icon under the 9 dots.  You will not be able to manage the members and permissions.  It is now completely separate, and just makes all the changes seem a bit more confusing.

After playing with this, and learning that the new Preview interface has been updated to include Import/Export/Merge of contacts, I really see no reason to still be using the "classic" interface.  It's now just a broken shell of it's former function.  

-- - -------------------------------
So, now, dropping the old, and only working with the new... Stuff changes, you just get over it, and move on... right?

The biggest problem that I can see with this "new" Group method, is that it's changed the Contact Group object into a Listserv style Group Object; now making a host of options/permissions necessary to configure a group. 
Also; when you invite members to the group, either as "Invite members" or as "Direct add members", an email goes out to each member of your group.  There is no way around it.  So, while you are organizing your next board leadership group, and each committee group for the new year, you will be sending out emails to each member letting them know they are being added to a group name, possibly emailing the same individuals multiple times while you work through your list of committees, and other member groups.   Do you really want your board members to be flooded with emails showing your work flow as you add them to the various lists you use in your org

Check out what the simple contact group object has become: 
  The above is just insane and wholly not necessary.

Contact groups should be very simple: (like this:)

CEO's Computer:
Master Account Name: CEO@domain.com (example)
Contact Group Name: Board Members 2018
Members: Board Member Email 1, Board Member Email 2, Board Member Email 3
Delegate: Assistant email address (assigned and given "full access to edit"-Nothing more).

Assistant on their Computer:
Assistant on their account, and in their Email Interface, Opens Contacts, selects delegated CEO Contacts/Groups as the manager of those contacts.
Selects Group Name (Board Members 2018), then manages the contact members under that group, makes a change.  Pushes SAVE.  Then, it's Done.
(There is no division of a contacts icon and groups icon, no special permissions, it's plain and simple.)

As indicated above; I think Google needs to revisit this.  A Contact Group is very much different than a Listserv Group.  
They both need to be managed, they both need to have a delegate option, but they both don't need to be managed or handled the same way.

Lumping the types of groups together like this is needlessly complicated and pointless. 

BMC iDRAC Logs

posted Aug 28, 2018, 10:47 AM by Andrew Chadick   [ updated Aug 28, 2018, 2:32 PM ]

This is older info: Logged here for archival purposes

To clear LED or LCD error you need to clear BMC/iDRAC sel logs. You can run following ipmitool command to clear SEL log.

ipmitool -I lanplus -H <BMC/iDRAC IP> -U <BMC user name> -P <BMC Password> sel clear

Default BMC username and password is root and calvin

Exchange to PST Export

posted Aug 28, 2018, 10:23 AM by Andrew Chadick

This routine was drafted up for Exchange 2007 - Documenting for archival purposes

To List all mailboxes, use this command at the Exchange Shell:
Get-Mailbox -Database "Exchange2007\Mailbox Database"


To Export to PST Files for Each User, use this command:
Get-Mailbox -Identity "Domain\UserN" | Export-Mailbox -PSTFolderPath E:\PST\ -Confirm:$false

To Execute ps1 batch file use  ".\NameFile.ps1"  the .\ allows execution of the batch


[PS] C:\Windows\system32>Get-Mailbox -Database "Exchange2007\Mailbox Database"

Depending on Server load, you can script these, or run each of the ones below as a single command.

Get-Mailbox -Identity "Domain\AName1" | Export-Mailbox -PSTFolderPath C:\PST\ -Confirm:$false
Get-Mailbox -Identity "Domain\AName2" | Export-Mailbox -PSTFolderPath C:\PST\ -Confirm:$false
Get-Mailbox -Identity "Domain\AName3" | Export-Mailbox -PSTFolderPath C:\PST\ -Confirm:$false
Get-Mailbox -Identity "Domain\AName4" | Export-Mailbox -PSTFolderPath C:\PST\ -Confirm:$false

1-10 of 177

Comments