How to White-list a domain/email in Office 365

Login to the Office 365 and go to the antispam section.  Direct link:

https://security.microsoft.com/antispam

Edit the “Anti-spam Inbound Policy (Default)”

Scroll domain and you should find the a section for allowed domains to enter.

Windows 11 Button/Option Missing from Settings Page

 

If your Windows Updates option/button is missing from the Settings page of Windows 11, check the following Reg_SZ (SettingsPageVisibility), if exists delete.  Close and Re-open Settings.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer

SettingsPageVisibility —-> Value —-> REG_SZ hide:windowsupdate

 

Recovery is trying to change system settings. No Administrator Found

I was trying to enable an Extension on a MAC, but the MAC asked to boot to Recovery, go to System Security settings and enable it from there.

The MAC was part of Jamf.  I logged in to it using a username First.Last, then I needed to login to Azure/Office 365, First.Last@Domain.com and password, and when I went to System Setting/Preferences to enable an extension for Egnyte, I got a message that I would need to shut down the computer, which I did, then pressed and held power button, until I got to the recovery screen, and from there I selected Options, provided encryption recovery key for HD (can’t recall the order here), then when I went  the top menu and chose the system security, and attempted to reduce security and enable Kernel extensions… I got a message saying that “Recovery is trying to change system settings. No Administrator Found

Then another message, Biometric accessory is not connected.

The way I circumvented the issue was by shutting it down, turn it on until it got to the login screen, logged in with the user, then when I got to the Office 365 sign on screen, there was an option to Login Locally (we had a local admin user created on the MAC), I logged in with that local user, and shut down the MAC from there, pressed and held the power button like above, and I went through the above process and I was able make that change to recovery screen.

So the key here is to have been logged in as the local admin user not the Azure user when you shut the mac down, and that seemed to fix the issue.

How to search Outlook phrases using AND / OR

How to search Outlook email for phrases using AND / OR

First make sure you can use quotations in Outlook search, so you might need to make a registry change

https://support.microsoft.com/en-us/topic/unexpected-search-results-when-you-use-double-quotation-marks-to-search-items-in-a-mailbox-in-outlook-d1de87c9-2ce6-0ce7-69b6-a6e872ba14c8

If the leading keys don’t exist, please create them

Example of searching Outlook for emails received between 01/01/2019 to 01/01/2023 with phrases, words or email address like

Name@domain.com

-OR-

New Agreement

-OR-

26/23.6

-AND

Design

How where you can type in Outlook search

received:2019/01/01..2023/01/01 (“Name@Domain.com” OR “New agreement” OR “26/23.6”  AND “Design”)

Manage AD from a PC that is not Member of the Domain

If you are remote and want to manage Active Directory from a computer that is not part of the AD domain.

VPN into the office
For Windows 10/11, add “RSAT: Active Directory Domain Services and Lightweight Directory Services Tool” to Windows. This is an Optional Feature in Windows so if you go to Optional Features you should be able to find it and add it.

Go to command line and change directory to C:\windows\system32

Run the following command

runas /netonly /user:User@Domain.Whatever “mmc dsa.msc /domain=Domain.Whatever”

Where user@Domain.Whatever is a domain user with domain admin privileges so if the user is John and the domain is domain.local, that would be John@Domain.local
Domain.Whatever would be Domain.local in the example above.

How to encrypt drive – Bitlocker – Command Prompt/line

 

How to encrypt drive of Windows 10 / 11 with Bitlocker and print encryption key to copy and save for future recovery.  Don’t save on the same C drive.

Run command line as admin

manage-bde -protectors -add C: -rp

 

How to Schedule Tasks from Command Line Windows 10/11

How to schedule a daily reboot or shutdown and at a certain time using command line / command prompt.  Applies to Windows 10/11

Below is an example of scheduling a shut down of a computer, daily at 6PM.

schtasks /create /sc daily /tn ShutdownAt6PM /tr “shutdown -s -f -t 2” /st 18:00 /NP

schtasks, command to schedule tasks.  the AT command that used to be with earlier versions of Windows has been deprecated

/create, To create a new task

/sc, to schedule frequency.  like once or daily.

/tn, name of the task.  this is a description

/tr, this is the command to schedule like “Shutdown -s -f -t 2”. -s to shutdown, -f to force shutdown, -t 2 to delay by 2 seconds.  The -s can be replaced by -r to reboot instead of shutdown.

/st, this is the time to execute the command.

/NP to run the schedule account on the Windows computers regardless whether the user is logged in or not.

How to Extract Private Key and SSL Certificate from a Certificate.pfx file

 

If you have an SSL certificate in pfx format (also called PKCS#12 format) and that usually includes the SSL certificate for your host or domain along with the private key (usually the key is secured with a password), and if you want to extract the certificate file and the private key, here what you can do

Assuming the name of the certificate is MyCertificate.pfx

1- download/Install/extract OpenSSL command line utility into a temp folder.

2- Copy the the MyCertificate.pfx certificate file into that folder.

3- To export the ssl certificate into pem format

openssl  pkcs12  -in  MyCertificate.pfx  -nokeys  -out  MyCertificate.pem

4- To export private key:
openssl  pkcs12  -in MyCertificate.pfx  -nocerts  -out  MyPrivateKey.pem  -nodes

5- To remove the passphrase/password from the private key:
openssl rsa  -in  MyPrivateKey.pem  -out   NewPrivateKey.key

Now you have you have the certificate MyCerificate.pem & the private key NewPrivateKey.key (the names here could be anything – you can name them or rename them to anything descriptive or to whatever your webserver/web application documentation requires).

 

My notes on Halo (unrelated to the above)

Open the “cert” on the servers desktop, backup the current certificate and private key and move them out.  Copy the new cert and private key and match the names to backup files..

Restart Halo services.

 

Microsoft Office 365 List of outgoing SMTP IP/Network addresses

The following are the outgoing IP addresses and networks of Microsft Office 365 SMTP/Email in case you need to know to white-list in your antispam or firewalls:

52.100.0.0/14
40.92.0.0/15
40.107.0.0/16
104.47.0.0/17
2a01:111:f403::/48
2a01:111:f400::/48

How to Map Network Drive to a SharePoint Folder

Mapping SharePoint Site/Folder to a network drive is only available with Windows Explorer.  This won’t work with Edge or any other browser.

If your SharePoint URL

https://www.MyCompanySite.SharePoint.Com

And the name of the site MySite (could be blank as it’s the root of SharePoint), and the folder on the root to map called Compliance.

1- Go to Control Panel, Internet Options and add that site to Trusted Site list.

2- Open Internet Explorer, login to the share point site and save password on log in.

https://mycompanysite.sharepoint.com/sites/MySite/Shared Documents/Compliance

3- Map the network drive to the Compliance SharePoint folder using the following format

In Explorer choose to Map a network drive, choose a drive and point it to

https://MyCompanySite.SharePoint.com@SSL\DavWWWRoot\sites\MySite\Shared Documents\Compliance