Skip Ribbon Commands
Skip to main content

Xadean's Empirical Musing

:

Quick Launch

Home
Xadean's contribution to the consulting community through sharing his anthology of lesson's learned and technical insights.
May 28
Enable TLS 1.1 & 1.2 as Default Secure Protocols in WinHTTP

Reference Links:

https://www.admin-enclave.com/en/articles/windows/402-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in-winhttp.html

https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in

 

The setting in the graphic is INCORRECT (this setting enables TLS 1.0, 1.1, and 1.2).  The CORRECT setting is 0x00000a00 (2560), which is Hex 0200 + Hex 0800 to enable TLS 1.1 & 1.2.

 

The registry value is a DWORD bitmap. The value to use is determined by adding the values corresponding to the protocols desired. 

DefaultSecureProtocols Value

Protocol enabled

0x00000008

Enable SSL 2.0 by default

0x00000020

Enable SSL 3.0 by default

0x00000080

Enable TLS 1.0 by default

0x00000200

Enable TLS 1.1 by default

0x00000800

Enable TLS 1.2 by default

For example:

The administrator wants to override the default values for WINHTTP_OPTION_SECURE_PROTOCOLS to specify TLS 1.1 and TLS 1.2.

Take the value for TLS 1.1 (0x00000200) and the value for TLS 1.2 (0x00000800) then add them together in calculator (in programmer mode), the resulting registry value would be 0x00000A00.

May 17
Two-Factor Authentication with Skype for Business
May 07
OneNote Desktop Client Unable to Open Notebooks Stored on O365 SharePoint/OneDrive for Business

Issue: On a Mac where previously notebooks were opened simultaneously from multiple sources (OneDrive (Personal), OneDrive for Business, SharePoint (multiple tenants)) was reset to default and now not able to open notebooks stored in different O365 tenant subscriptions.

Root Cause: Cached ADAL credentials need to be removed.

Resolution: Perform the following steps:

  1. Go to applications -> utilities -> keychain access -> search and delete cache/identity and ADAL.
  2. During above steps, please check to have all the Office applications closed.
  3. Once all those deleted, please check the behavior again.

   

If notebook fails to open after following the preceding steps, please try to reinstall the Office package:

-          https://support.office.com/en-us/article/uninstall-office-2016-for-mac-eefa1199-5b58-43af-8a3d-b73dc1a8cae3 

May 02
Microsoft Announces Support for TLS 1.0 & 1.1 will be disabled in Office 365

Reference Links:

April 25
Enable DirectAccess on Windows 2012 R2
April 04
Accessing Website on the Actual Hosting Windows IIS (Web) Server Does Not Work

As a safeguard for reflection attacks, Microsoft has disabled loopback access to websites on the actual server that is hosting the site when attempting to access with something other than the DNS FQDN (i.e. "localhost" or "hostname of server"). However, it works when the site is accessed externally from another computer. To fix this so that you may access the site from the server, do the following:

  1. Configure the registry settings as prescribed in the following reference links:

    Reference Links:

    https://support.microsoft.com/en-us/help/896861/you-receive-error-401-1-when-you-browse-a-web-site-that-uses-integrate

    https://support.microsoft.com/en-us/help/281308

  2. Ensure that the Internet Options settings of Internet Explorer are using the same protocols as are enabled or disabled on the server. For instance, if the server has TLS 1.0, SSL 2.0, and SSL 3.0 disabled, uncheck TLS 1.0, SSL 2.0 and SSL 3.0 in the Internet Options settings of Internet Explorer. Close the browser and then re-open. Attempt again.
April 04
Using “?” Rather Than “Where-Object” in PowerShell Query

In a PowerShell (PS) query, "?" and "where-object" are aliases. The following is an example of how to use this in a PS command.

 

The following command will list the users who are not Exchange UM enabled when ran from a Lync / Skype for Business Management Shell:

 

Get-CsUser | ? {$_.ExUmEnabled -eq "False"} | select DisplayName, ExUmEnabled | sort-object DisplayName

April 03
Exchange (On-Prem) PowerShell Tip #16: Display Users that are UM Enabled

$Mailboxes = Get-Mailbox

$Mailboxes | ForEach { If($_.UmEnabled -Eq $True){$_.Name}}

April 03
Using the LDIFDE Tool to Output AD Attributes of an Object to a Text File

Syntax: Ldifde -f <Filename> -d "<Distinguished Name of AD Object>"

Example: Ldifde -f "C:\test.txt" -d "CN= Test1,OU=Users,DC=contoso,DC=com"

Reference Links:

https://support.microsoft.com/en-us/help/555636

https://msdn.microsoft.com/en-us/library/ms870068(v=exchg.65).aspx

    

March 21
Disabling Weak and Enabling Strong Ciphers/Security Protocols
1 - 10Next
 

 Image Viewer

 
 

 About this blog

 
About this blog
Welcome to Xadean's contribution to the consulting community through sharing his anthology of lesson's learned and technical insights.