Windows Server – Schedule a Reboot
KB ID 0001321 Problem Back in the day we just used the ‘At’ command to schedule a reboot, but starting with Server 2012 that was stopped! If you try it now you will see the following; The AT command has been depreciated. Please use schtasks.exe instead Solution (The Quick Way) Execute the following command (change time and data accordingly); schtasks /create /tn “Scheduled Reboot” /tr “shutdown /r /t 0” /sc once /st...
Powershell: Get Folder Size ‘Quickly’
KB ID 0001660 Problem Right clicking a folder and selecting properties is usually how you would see how large a folder is. Which is great, but if your folder size is HUGE (i.e. many terabytes) then this takes ages! Solution If you use PowerShell you can get the figure considerably quicker! Below I want to ge the size of E:\Shared; In MegaBytes; “{0:N2}” -f ((Get-ChildItem -path E:\Shared -recurse | Measure-Object -property...
Cannot Recreate Azure AD ‘Local’ AD Connector
KB ID 0001659 Problem While trying to fix another Azure AD Replication problem today I managed to delete one of the connectors (the one for the local ‘on-prem’ Active Directory). In an effort to ‘recreate’ it, I ran the ‘Microsoft Azure Active Directory Connect’ and went to ‘Customise the Synchronisation Options’. Unfortunately I got this error; The forest {forest-name} cannot be added...
Adding Duo 2FA to Microsoft ADFS
KB ID 0001656 Problem I did a Duo run through a few weeks ago, and to be honest their documentation is usually pretty good. I was spinning this up as a PoC for a client so I thought I’d put my take on the procedure here. ADFS Duo Pre-Requisites I already have a Duo Authentication Proxy server setup and my users are enrolled, you will need to set this up first. See the following article; Duo: ADSync and Enroll Users via SMS Log...
PowerShell: Disable MFA For All O365 Users
KB ID 0001655 Problem If you have something boring/repetitive to do then Powershell is your friend! I needed to do this for a client that’s replacing their Office365/Azure AD MFA (Multi Factor Authentication) with Duo. Solution Connect to your Microsoft Services Online, i.e. Office365/Azure, using your administrative credentials with the following command; Connect-MsolService Then (Note: I’ve got more than 1000 users so I...
Group Policy: Item-Level Targeting
KB ID 0001654 Problem Yesterday I wrote a post about Deploying a ‘Mapped’ Drive to a couple of users using Group Policy. This received a comment that was basically ‘Why not simply use Client Targeting?’ To be fair that’s a good point, I was using a Group Policy Preference and they can be specifically targeted. So here’s how to do that. Solution If you do not already have one, create a group for your...
Apply Group Policy To a Security Group
KB ID 0001653 Problem On EE this morning someone asked how to map a drive to only two users, so that wherever they logged in, they got their mapped drive. Seemed like a good Idea for a post so here you go; Solution If you do not already have one, create a group for your users. Add the users, (as appropriate). On a Domain Controller > Administrative Groups > Locate the OU that contains your users (Note: if your group members are...
Outlook: ADFS Error 0xCAA70010
KB ID 0001652 Problem While trying to connect Outlook (2016) to an Office 365 email account; We can’t connect you It looks like we can’t connect you to one of our services the moment. Please try again later, or contact your helpdesk if the issue persists. 0xCAA70010 {ADFS-URL} Solution This was happening because my ADFS server was using a ‘self-signed’ certificate (i.e. not a purchased one). This should NEVER...
DHCP Scope: Full of BAD_ADDRESS Entries
KB ID 0001651 Problem I had a client machine struggling to get an DHCP address, and when I looked in DHCP the scope it was full of this; BAD_ADDRESS This address Is Already in Use Solution A tour of Google and forums is full of posts by people with this problem, and other than, ‘Oh I looked in the logs and fixed it’ (with no mention of what log, or where this log was), or ‘Yeah I used Wireshark and located a problem...
Unable to Connect to the Synchronisation Service
KB ID 0001649 Problem I’m doing some work for a client that has Azure AD Sync running, and we keep kicking each other off the server, so I thought I’d login with another account. However, when I tried to open the Synchronisation Service Manager; Unable to connect to the Synchronisation Service Some possible reasons are: 1) The service is not started. 2) Your account is not a member of the requires security group. See the...