IT Managed Services Provider Resource Recommendation Update on November 24, 2021

Tutorial

How to Export Office 365 Mailbox to PST using PowerShell Commands explains how to quickly export user mailboxes from Office 365 to PST format via PowerShell command and an automated tool, thus working around the inefficiencies of Outlook’s built-in options.

Lets talk about email spoofing and prevention (Alt: “That’s not how SPF works….”) is a brilliant post that explains exactly what SPF, DKIM and DMARC can and can’t do, plus what SMTP allows and why. Describes it as, “Probably the best DMARC, DKIM, SPF breakdown out there.”

Understanding Load Balancing on Network Devices explores why total bandwidth is not always increased by implementing a port-channel and clarifies how load balancing really works on most network devices. Recommends it as a “great rundown of why a portchannel/LAG made up of two 10G links is not the same as a 20G link, which is a commonly held misconception about link aggregation.”

Manage Windows 10 default file type associations with SetUserFTA is the answer to the sometimes frustrating defaults that are set in Windows 10. It explains how you can quickly use this tool to manage those associations in bulk for all your users with a single command.

How to remote desktop fullscreen RDP with just SOME of your multiple monitors walks you through how to span a variable number of monitors in Windows RDP, since the feature is buried with no user interface. Explains, “I added a third screen to my setup and was wondering how to get RDP over two screens but use my third screen for (local) my communications, e.g. CTI, Teams, Zoom, Webex. Other sysadmins might have a use case too, so I thought I’d share how to edit the rdp file.”

Reset Windows 10 Local Admin Password with Command Prompt provides a nice solution for occasions where you’ve forgotten/don’t have the password or need to change it. Explains how to quickly reset the password via command prompt whether logged in or logged out.

Free Tool

CVE Details provides an intuitive, browsable web interface for CVE vulnerability data from the National Vulnerability Database (NVD) xml feeds provided by NIST as well as other sources like www.exploit-db.com and vendor-supplied data. You can view statistics about vendors, products and versions of products, with results displayed in a single-page view of the statistics.

Batfish is an open-source analysis tool that locates configuration errors on your existing or planned networks to help minimize outages and security breaches. Who explains, “It will accept your configs as input and allow you to run various analyses like which flows are/not permitted and shadowed rules.”

SuperOrca allows you to scan and manipulate MSI database tables via an intuitive GUI—with powerful compare and search functionality. Can be used to facilitate new MSI package distribution, and since it doesn’t lock the file you are working on, you can still use other tools on that file or even install it while open.

Rainbow CSV is a Vim plugin that highlights columns in different colors in your CSV and TSV files and runs queries in a built-in SQL-like language. Provides additional information about a column when you hover, plus an automatic consistency check for CSV files.

Free eBook

How to Get the Most out of Windows Admin Center – 2nd Edition is Altaro’s new ebook that explains the optimal configurations and applications for harnessing the full potential of Microsoft’s powerful management tool. Covers installation & configuration, getting started, Hyper-V management, security, Azure & PowerShell connections and more. This newly released edition addresses all the latest updates and features Microsoft has added since the original publication in 2019.”

Tip

Some sage advice: “For organizations out there that make their users change their passwords quarterly, it is highly likely that they are using something like: ‘Spring2021!’, ‘Summer2021!’, etc. Implementing a mechanism to make sure your users cannot do this is important. For orgs that use Azure AD, there is a tool called Password Protection that can do this for you. I believe it can run in audit mode or block mode.

While Microsoft has their own list of compromised passwords you can use, you can also set up custom lists with passwords specific to your organization like ‘Companyname123!’. There is also Daniel Miessler’s SecLists that you can pull custom password lists from.”

Some practical advice that might save your from succumbing to ‘cried wolf’ syndrome, “High alert volume will inevitably lead to ‘Alert Fatigue,’ which puts your environment at risk.

All alerts need to be:

  • Relevant (I don’t care if something in a dev environment goes down.)
  • Timely (I don’t care that something was down 8 months ago.)
  • Actionable (If I can’t do anything to fix it, why am I getting an alert for it?)

If you are receiving alerts that fail to meet any of these criteria, you need to spend time tweaking your alerts. Managing alerts is an ongoing process. If after you have done all of that cleanup and tweaking you are still experiencing high alert volumes, then you need to spend time improving your infrastructure to either be more reliable or self healing. See also [Practical Alerting from Time-Series Data].”

Easy way to keep your AD clean: “Automation. HR has a personnel database with a web front end. Our onboarding and off board scripts hook into that and do the needful. This also has the happy outcome that you can deflect any ‘Why is <user account> not setup/deleted/disabled/etc’ queries to ‘Go speak to HR/Line Manager/Head of Department.'”

For anyone who’s been wondering, “Does QoS really matter and improve Zooming latency?” we provides a concept clarification: “This is a bit of a common misconception that is actually correct in most circumstances… let’s address the ‘bandwidth is never fully utilized’… for example, you have a 1Gbps link between two switches. According to graphs, this link never uses more than 200Mbps. No issues. However, in latency-sensitive applications, what you’re seeing as a ‘not even close to full link’ is misleading. Think of any link as either fully utilized or not utilized. When a packet comes into a switch, if there are no other packets on the wire, it gets put on the wire. If there is another packet being put on the wire, it gets queued and then put on the wire. It’s an all-or-nothing situation.

What QoS does in the case of latency-sensitive applications is to say: ‘If this type of packet comes in, it needs to be put on the wire ahead of any other packets that are waiting.’ So while the difference is likely milliseconds, in voice and video that matters. In this case, we’re not using QoS to shape or police traffic [but] simply to assign priorities and force other traffic to get preferential treatment.

So, yes, even if your link is not fully utilized, QoS does make a difference, especially in voice and video applications. Even more so in a shared collision domain medium such as wireless.”

Script

WSUS Optimization Script is a comprehensive Windows Server Update Services cleanup, optimization, maintenance and configuration PowerShell script. Explains, “One of the big things you can do to help WSUS run well is optimize settings, DB configurations and the indexes. Of course Microsoft tells you how to do this but doesn’t have a readily built script, and the inbuilt PS commands sometimes still fail.… I didn’t write this, but damn does this community need this.”

Automating with PowerShell: Disabling application consent on all tenants walks you through how you can get additional options for your automations by shutting off application consent (without MSOL) and then run that on all your tenants. Explains, “Microsoft is removing MSOL support in March, so I figured we’d get an earlier start than most on having a replacement in place.”

Training Resource

Learn and Test DMARC is a console designed to help you understand DMARC by displaying the background communication that occurs between servers when SPF, DKIM and DMARC are validating as an email gets delivered. Also enables you to test how your email is performing. Author adds, “A few years ago, I set up a mail server and noticed that email would regularly fail to reach its destination. While looking for solutions, words like SPF, DKIM, DMARC and alignment started popping up in blogs and manuals. Unfortunately, while there is a lot of information on this subject on the web, I had a hard time understanding these mechanisms and how they relate to each other… I started working on a project with a friend that could probably and hopefully help people with this by visualizing the communication between servers when an email gets delivered.”

Free CCNA 200-301 – Complete Course 2021 is a full CCNA video course from Jeremy’s IT Lab that covers everything you need to pass the latest version of the CCNA exam (exam code 200-301). Whether you’re actively pursuing certification or just interested in understanding the concepts, this is a great free sysadmin resource.

Blog

How I Wifi offers informative posts on the art of wireless design, including the tools that make it easier. Covers surveying, deploying, certification study and wireless standards plus tech and troubleshooting.