User Profile
IstvanffyZ
Brass Contributor
Joined 7 years ago
User Widgets
Recent Discussions
Azure AD Authentication Methods logs are empty
Hello, in a customer tenant (with Azure AD P1 license), the Authentication method logs are empty https://portal.azure.com/#blade/Microsoft_AAD_IAM/AuthenticationMethodsMenuBlade/AuthMethodsActivity/menuId/AuthMethodsActivity Screenshot attached. How I can get the logs in the portal? Thank you for your help!1.6KViews0likes0CommentsAccepted domain onnprem Exchange and EXO
Hello, our customer has primary domain (primary.com) with Exchange 2016 Hybrid. Later they bought a new domain (secondary.com), added to O365 and configured some mailboxes wih @secondary.com domain. These are cloud-only mailboxes. This domain is not added to onprem Exchange accepted domain. Is there any risk if I add this secondary.com domain to onprem Exchange accepted domain? (for example, existing cloud-only mailboxes will be deleted or something problematic thing?) Thank you, ZoltanSolved1.2KViews0likes2CommentsAlways on VPN - DNS auto trigger not working
Hello, I have an ikev2 always on VPN connection. I'd like to use DNS based- autotrigger, so if I want to access resources in "corpdomain.hu", VPN should connect immediately in the background. It works if I use application trigger: PS C:\Users\zistvanffy> Get-VpnConnectionTrigger -ConnectionName always_on_vpn ConnectionName : always_on_vpn ApplicationID : {C:\windows\system32\mstsc.exe} But it not works with domain suffix. PS C:\Users\zistvanffy> Get-VpnConnectionTrigger -ConnectionName always_on_vpn ConnectionName : always_on_vpn ApplicationID : {C:\windows\system32\mstsc.exe} TrustedNetwork : {qualysoft.hu} Dns Suffix Search List : qualysoft.hu Dns Suffix Dns Servers _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ .qualysoft.hu qualysoft.hu {10.1.10.10} How should it works? Thank you!Re: RD Gateway VPN problem
Solved: there are network profiles in registry HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles If the VPN profile contains the Managed=1 value, mstsc client go directly to the appserver. If the value Managed=0, then goes to RD gateway.1.4KViews0likes0CommentsRD Gateway VPN problem
Hello, we have a Windows 2016 RD Gateway and some RemoteApp. In remoteapp config, we enabled the "bypass rd gateway server for local addresses" option. From corporate network, remoteapp works well, doesnt go thorugh RD gateway (as expected). However, on VPN connection (VPN is not limited, no port/protocol filtering etc) remoteapp always goes through RD gateway (instead of using local address settings) . I'm wonder how "bypass rd gateway server for local addresses" algorithm works? Why detect the VPN connection as "external network" and force rdgateway usage? Thank you for your help! Regards, ZoltanAdd Bitlocker certificate-based DRA to Inunte managed machines
Hello, We manage Bitlocker with Intune (MEM). How can we add certitificated-based DRA (issued by on-premise CA) for those machines? This feature is requested in August 2020 on Uservoice portal, but no answer yet. Any manual way? Regards, ZoltanSolved1.6KViews0likes1CommentRe: Re-enable ADConnect after last Exchange server decomission
VasilMichev Hello Vasil, thank you, I clearly unterstand what does mean "supported" if have on-premise Exchange and dirsync. If I want to remove last Exchange: dirsync must be disabled. Undestood, ok. But after Exchange uninstall, can I set up dirsync again? or the cloud objects (user account)s cannot switch back to synced account? What are the limitations? If you have more information about this specific situation, i'd be happy 🙂 Have a nice day, Zoltan1.2KViews0likes2CommentsRe-enable ADConnect after last Exchange server decomission
Hello, please advice. There is an Exchange 2016 hybrid environment, with AD Connect. Customer wants to decomission the exchange server. Is it supported to disable adconnect, uninstall the last exchange server, then re-enable ADconnect? Does anybody have experience with it? Dirsync is critical, so it shoud work properly. Thank you for your help, ZoltanSolved1.3KViews0likes4CommentsRe: NDES certificate problem
BenKrah thank you for your suggestion, finally it works. The problem was on NDES server's registry, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\MSCEP\ GeneralPurposeTemplate was not set to the correct certificate template name. After I set the cert template name and reboot NDES server, it started to work correctly. On NDESplugin.log shows: Calling VerifyRequest ... Sending request to certificate registration point... Verify challenge returns true... Exiting VerifyRequest with 0x0 Regards, Zoltan5.8KViews0likes1CommentNDES certificate problem
Hello, I set up the environment used with this guide: https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-cert Everything seems ok, NDES check tool (https://docs.microsoft.com/en-us/troubleshoot/mem/intune/verify-ndes-configuration) did not find any error. However, on NDES server, C:\Program Files\Microsoft Intune\NDESPolicyModule\Logs\NDESPlugin.log shows the following errors: Calling VerifyRequest ... Sending request to certificate registration point... Failed to retrieve client certificate. Error -2147024809 Exiting VerifyRequest with 0x80070057 On NDES server, Application log for NetworkDeviceEnrollmentService, doesnt show any error/warning How next? Thank you for your help! KR, ZoltanSolved6.2KViews0likes5CommentsRe: While actively messaging next message shows in Outlook as "Missed Conversation" not S4B
jtcne Hello, do you have on-premise S4B environment? What coexsitence mode is used for you (eg. Island mode). If everybody is in Island mode, all chat initiated from Skype client will be routed to Skype, and all Teams chat will go Teams client. Have a look the Table 1.a from the documentation: https://docs.microsoft.com/en-us/microsoftteams/coexistence-chat-calls-presence Regards, Zoltan676Views0likes1Comment
Recent Blog Articles
No content to show