User Profile
ViProCon
Brass Contributor
Joined 6 years ago
User Widgets
Recent Discussions
OneDrive on Mac to backup Desktop, Documents, Pictures
HI all! I'm not seeing any concrete answers (via Google results) to the simple question of whether or not on a Mac, you can configure OneDrive for Business to sync additional folders besides the contents of the OneDrive folder itself. All the info floating around out there is outdated or points to a 3rd party tool, or unproven scripting, etc. I'm ok if the answer is No, but it would be great to get a straight answer on this. FWIW, there just doesn't seem to be any option in OneDrive itself for any of that. I'm about to tell my user they just need to stop saving files to Desktop, Documents, etc. and just put everything in OneDrive. Alternatively, can we solve this need through Google Drive, iCloud Drive, DropBox? Thanks 🙂3KViews0likes2CommentsShould I convert to dynamic disk?
Hi all. Decades in IT and I'm ashamed to say, this topic has always eluded me. Back in the NT/2000/2003 days, I briefly touched on the topic of basic vs. dynamic disks (actually I think just 2003, but **bleep** if I can remember). I remember there were too many pitfalls with switching a hard drivec to Dynamic disk, such that I always followed the rule of not ever using that feature. Ok so fast forward to today, and I'm on a Win 10 Pro box that had been restored from a full image backup. Original SSD was 240 GB, the replacement SSD is a Samsung 500GB SSD (Evo 860 mSata). Disk Management shows about half the space as unallocated. I have no options to do anything with the partitions/volumes, but right-clicking on the Disk 0 item on the left of the middle main pane, has the option to convert to Dynamic Disk, which I assume then will allow volume expansion or whatever else, to join that unallocated space to the C:. So my question is, is it now a simple process in Win 10, hassle free? If it's one of those "you can do it but if it's a UEFI thingy with GPT or if it's got an OEM partition formatted as FAT32 and you gotta update the firmware on Serial I/O this or that etc. etc. etc.", forget it, not worth screwing around with, but if this is considered in 2020 a hassle free no risk process, please advise. Thanks 🙂Solved97KViews0likes6CommentsBlocked User without a license still has email?
Hi all. I know that going into the Office 365 Admin Center and setting a user to be Blocked from sign-in has no impact on their email coming and going. But if I remove their Office 365 license so they have no products linked to their account (so it can be reclaimed and given to another user), will that set their mailbox to be deleted at some point? And perhaps a more granular version of this question: if we take away that user's license, but not assign that license to anyone else, therefore we have "1 of xx licenses available" either for this or a new user, will that be any different? The scenario is just that the company would like to retain access to the user's old emails, but not waste a license on keeping that account 'active'. Thanks!Solved3.9KViews0likes4CommentsNTFS confusion: basic permissions not working
Hi all. This is a bit of a redundant post but I have new info, and also realized the Win 10 security forum doesn't have a lot of visibility so here goes in the main forum: A new Win 10 Pro machine, not much done with it yet except to create a handful of users and one test folder. I intend to set this machine as a file share server for 6 people. I've found that if I edit folder permissions such that only SYSTEM and the Administrators group have any access (that is, created a new folder and removed Users and Authenticated Users groups entirely), I cannot get into this folder without being prompted with the Continue/Cancel dialog box saying I don't have permissions, would I like to permanently add myself to have access. Clicking Continue then explicitly puts my user (which is in the Administrators group) with Full Control on this folder. I have Disabled inheritance on this folder, as it is my intent to eventually have various subfolders that only certain users can access. But I also really need to avoid situations where people have to be prompted to gain access to folders. Further, I will have a top-level folder for example that somebody can browse to, but only be able to access certain subfolders therein, and not have any ability to even view the contents of other subfolders inside. This is not an AD environment, so it's all basic shares stuff, though right now I"m just testing locally so it's NTFS stuff for now, no Shares created yet. In Server 2008 R2 I have no problems with this, I can remove Users and Authenticated Users from permissions on a folder, leaving only the Administrators group and the System user, and then just add one user to this folder giving them Modify and below, no issues. But on Win 10, it seems the only way to make this work is to also have another group ther, like Everyone or Authenticated Users. Bottom line: why isn't just having my account, which is in the Administrators group) as the only group allowed to access the folder, not enough to let me access the folder without explicitly having to add my user account or one of the other groups? This is a real pain to type out, sorry for the wordiness.Solved4KViews1like1CommentA bug in basic NTFS permissions?
Hi all, I feel I'm missing something very basic here. I have a new Win 10 Pro machine, build 1909. Created a folder on C:, named DATA. Under DATA, I have a subfolder called SHARED. I've set SHARED to disable inheritance. Then via the Advanced permissions sreen, removed Authenticated Users and Users, leaving only System and Administrators as Full Control for "this folder and all sub items". So, all default stuff so far. I noticed the ownership was set to my actual logged-in user, which is in the Administrators group. I changed the ownership to the Administrators group instead of just me. Clicked all the OK's and what not. Now, every time I go into the SEcurity tab for SHARED, I'm told I don't have Read permissions. Click the Advanced button in the Security tab, that screen tells me it can't show the owner info, and that I need Read permissions. If I click the Change link next to the ownership line, or, click the Continue button to grant myself Read permissions, all permissions/user stuff shows fine. I'm familiar with the idea that to access certain resources on a system where permissions aren't elevated by default you have to basically click a Continue button, like one admin user accessing the Users profile folder of another user on the system, but I don't recall this hassle in the permissions screens. What left me wondering if there's a bug is that when first going into Advanced via the Security tab and seeing the "unable to display owner" line, if I click Change, then just ESC the screen away, it shows me everything after that. In terms of "real world" access, it turns out that if I try to actually browse/double-click to get into the folder called SHARED, I'm met with that prompt about having not permissions and having to click Continue to get in. Am I missing something with how the Administrators group functions in Win 10? I'm trying to set this machine up as a basic file share server for a small business, so I have a half dozen user accounts created - can't have all the shares prompting users constantly with these stupid permissions screens. Edited to add: I intend to have further sets of subfolders up to 5 levels down, most or all with explicit permissions and very little if any inheritance happening.853Views1like0CommentsOffice apps simply disappeared??
A user under a Microsoft 365 Business Standard (formerly O365 Business Premium) license reported to me today that all Office 365 apps have disappeared from her Win 10 Pro computer. No errors, nothing, the software is simply gone. Googling on this, most people focus on missing icons. This is not that. The software is gone completely, nothing in Apps, except the generic Office Click to Run icon that's usually found on Win 10 machines whether Office was actually installed or not. Malware is not suspected on this one. The only slight clue I have on this is that, given that it's gone, I decided to first just re-download the installer after logging into office.com. Running the installer, it tells me an installation is already in progress, yet there are no taskbar/notification area icons. Task Manager shows some OfficeC2R stuff, which I tried to End Task. It wouldn't end, it would just pop back up again in Task Manager (but again nothing in the actual UI). I did the Open File Location, found the exe for this thing, renamed it with .old, (surprisingly it let me without hassle), and upon doing that, I then was able to kill the now-memory-only OfficeC2R exe file from Task Manager. This then let me start the installer I had downloaded, which is currently in progress for downloading (though, extremely slowly, despite a 19ms / 120Mbps connection - MS having issues I wonder? - 11:35 AM Eastern May 15 2020). So I suspect in some kind of dumb way, Office was updating itself and screwed up? The last Windows update was May 12, the quality update for .net framework. I'm not actually sure where to look in the event logs for stuff related to install/uninstall for Office - the started Application log shows msiinstaller stuff related to my installing it, but keyword searching for "office" shows nothing that points to a removal or an update of the software. *sigh*. F'ing computers.64KViews3likes20CommentsAbsolute maddening Win 10 login problem
Hi all. Been 5 hours troubleshooting a ridiculous Win 10 login problem. User at their office had set up their own PC a year or two ago, it's either Win 10 Pro or Enterprise (Office 365's devices list for this user thinks this is Win !0 Enterprise but who knows), The user wasn't aware that by not having a network cable plugged in while unboxing a PC, you'd be able to create a local account instead of this utterly st*pid process of forcing users to create a Microsoft account. Emphasis on st*pid. Ok, rant done. I'm a bit fuzzy on the way the user account was set up, but it does have a PIN set on it. I went in, and create a local admin user account, set it's password and security Q&A stuff, so by all appearance, voila, I have a local account. I then went through the process of converting this MS online account to a local account, which really only requires specifying what you want the username to be and then specifying a password matched pair, anda password hint. All that went fine and password was confirmed, no typos and what have you. We rebooted, and now we are instead being prompted for this new local account, seemingly, but it wants a PIN again. In the bottom left, that other new local account I create is not listed. Instead, we just have this user, and "Other Users". By clicking Other Users we're met with a combination of sign-in options of either an email address+password, and/or username and PIN, but never where we can type in a username and password. The user is quite component so when I ask if this person has tried every combination of user, email, PIN, and passwords that were working earlier today or were set during our troubleshooting, nothing works at all. To bypass all that mess we booted to a WinRE USB stick, renamed cmd . exe to become utilman . exe, rebooted, and opened a command prompt by clicking Ease of Access at the login screen for the editioni of Windows installed on the hard drive We then did things like enabled to built-in Administrator user, simple password, rebooted, and still nothing new shows in the bottom left. So in short, I have created one local user set as admin, have (I assume successfully) converted this MS online account to a local one, and then also enabled the Administrator user account. Through just "net user <username>" command at the command prompt, have confirmed these accounts are Active. We keept getting prompted only for this user account at login, or Other Users. So, I thought why not disable this user account, so maybe we'd then be prompted to log in as Administrator or my other backup account I made. Nothing. Always the same, we only have the user, or Other Users, and in clicking Other Users, no combination of any username typed in the "email address" field and password works. Yet, I have no method of any kind to be prompted to type in a username and password. Is there a kill function to just detach completely from MS online services? Because I suspect strongly there's some kind of unbroken tie to that. I'm at a point where I feel like Reset This PC might be the only option, all this because we converted from a MS online account to a local. Just wondering if anyone else has caught onto the fact that I vehemently hate the way MS forces unaware users to creating these online accounts? lol thank you for any help. (edited for a few typos and clarifications).1KViews0likes2CommentsBoot fail: how to troubleshoot?
Hi all. I just wanted to double-check my troubleshooting thinking here, maybe I'm missing something in the modern era of Win 10. So a laptop with a 2.5" HDD first boots up and gives the light-blue screen with the QR code saying there was a problem with the computer. It then shuts down. There is zero useful error info on screen, though, I did not follow the QR code to see what it said. However, on powering it up again at the bottom during/after POST it gives the "diagnosing your PC" text as Win 10 will do anytime you have boot problems. Long story short, all methods to do repair fail. System Restore does see restore points, to be able to utilize them I had to use cmd to start the vss service and then rstrui.exe /offline:c:\windows=active to be able to try to process them, but they all failed with "unspecified error". Reset this PC > Keep my Files fails, no specific error. So I've gone through all options in the startup diags screen for Win 10, both from the on-disk booted version and having booted from the USB WinRE thingy (Win 10 Media Creation Tool). FWIW I went into the BIOS and boot mooe is UEFI. Set it to Legacy just to see, and that completely fails to even start to boot so i reversed that. I was able to successfully clone the hard drive (took it out, docked to a duplicator). And I can access the data and see no signs of problem if I mount the drive to a working computer. A full virus scan on this docked drive also came up clean, though I do realize there could be more deeply embedded/encrypted malware, but for arguments sake let's say it's clean. Am I missing some key Win 10 boot sector /fixmbr trick or something? I began to follow some command prompt guidance on running these bootrec commands. /fixmbr says it did so successfully, no change to issue. /fixboot said "Access is Denied". The other two bootrec both say they see 0 Windows installations, yet I can easily browse to the Windows folder on the C: I tried to do this "diskpart /s scriptname.txt" thing so I can run diskpart > select disk 0 and maybe some other commands to follow, but apparently that command doesn't work as advertised because I would specify it on the computer having issues and it would just say it can't find the file. My assumption is that the USB boot environment, under the Startup Repair section, tries to do all this mbr/partition type stuff anyway so it's a waste of time doing it manually. Would that be correct? You never know with MIcrosoft though. Thank you.Solved2.2KViews0likes6CommentsEncryption confusion
I do light Office 365 admin for a number of clients, always under Office 365 Business Premium subscriptions. I'm confused about encryption, that either does exist, or not, and where it does and doesn't. I read the following link, and as is often the case, there's plenty about the technology, but nothing about where it is implemented, namely, which subscription level you need to get it. https://docs.microsoft.com/en-us/microsoft-365/compliance/email-encryption So bottom line: if a small business under Office 365 Business Premium asks the question: "Is our email encrypted?", I find myself unable to be certain 100%. I do know it is encrypted in transit between email servers, and presumably it is encrypted from sender to the Office 365 servers, due to Outlook having that Security tab under Account Settings with a (greyed out) checkmark saying "encrypt data between Microsoft Outlook and Microsoft Exchange". If so, this means we're good from the sender, through to the far end of the Office 365 infrastructure, leaving only the recipient server and client end in question. Is that all correct? Any pointers to a real description of this stuff and not the confusing (yet technically interesting) type of link as the one I put in above would be appreciated! 🙂 Thank you.Solved3.6KViews0likes6CommentsDisable BitLocker prompting on boot?
Hi all, I just enabled and completed Bitlocker encryptoni on C: on a Win 10 Pro machine, remotely. I saved the bitlocker key file just in case. In order to maintain remote access over the long term, I want to ensure the computer does not prompt a user for any kind of key, I just need it to boot to Windows as normal. I'vec had users in the past, where BitLocker was on, be prompted by it at times, for no known reason. I really do not need the hassle, so I'm trying to determine how to be sure of this, yet can't. In Bitlocker under Control Panel, if I click the option (paraphrasing as it's not in front of me right now) "change how driver is unlocked at startup". If I go into this, the only available options is to set a PIN, the other two options are greyed out. Do I even want to enable anything in here? I suppose I need to read up on this a bit more but would appreciate the straight up advice on how to avoid users being prompted, ever, ideally.115KViews1like6Comments
Groups
Recent Blog Articles
No content to show