SPF - DKIM - DMARC
SPF Google
DNS →
TXT @ v=spf1 include:_spf.google.com -all Microsoft
DNS →
TXT @ v=spf1 include:spf.protection.outlook.com -allDKIMGoogle
Admin → Apps → Workspace → Gmail → Authenticate
DNS →
TXT → @ → google._domainkey v=DKIM1...Microsoft
Defender →
DNS →
CNAME → selector1._domainkey → selector1-mycompany-com._domainkey.MyCompany999.onmicrosoft.comDNS →
CNAME → selector2._domainkey → selector2-mycompany-com._domainkey.MyCompany999.onmicrosoft.comhttps://security.microsoft.com/dkimv2
DMARC•
https://outerlimitsconsulting.com/spf-dkim-dmarc•
https://support.google.com/a/answer/10583557•
https://security.microsoft.com/dkimv2Unable to restore network connection. SMB1 vs SMB2
note sure where this came from
Unable to restore network connection.
You can't connect to the file share because it's not secure.
This share requires the obsolete SMB1 protocol which is unsafe and could expose your system to attack.
Your system requires SMB2 or higher.Amazon
AWS CLI
aws --version
aws configure
Dentrix
Create a Dentrix database Quick Snapshot
Run the
QuickSnapshot.exe on the desktop,
not the
C:\Program Files (x86)\Dentrix\Snapshot.exe one.
Dentrix
Dentrix - Fix Document Center
As of Version 24, Dentrix Dcoument Center doens't use Adobe to open PDF's anymore, it now uses Microsoft Edge. There have been alot of reported failures. Before calling Dentrix Tech support you can try the ollowing fix:
Uninstall:
Microsoft Edge Webview2Reinstall:
\\SERVER3\DTX Common\Installs\24.23.0.29383\Dentrix\Prerequisites\MicrosoftEdgeWebview2Setup.exeDentrix
Dentrix Database Refresh
→ Shutdown all computers (from Server or RMM)
→ Install any pending Windows Updates on Server
→ Restart Server
→ Dentrix Quick Snapshot → Run Dentrix Snapshot
→ Dentrix Task Manager → stop all
→ C:\Program Files (X86)\Dentrix\Utilities\Dentrix Server Administration
→ Maintenance Tasks → Stop Dentrix Server Process
→ C:\Program Files (X86)\Dentrix\Utilities\Dentrix Maintenance
→ Run → Reset Communications Files
→ C:\Program Files (X86)\Dentrix\Utilities\_Dbsweep.exe (or)
→ C:\Program Files (X86)\Dentrix\Utilities\DatabaseSweep.exe → Select All → Sweep DB
See ConnectWise Captures for 2023-03-28 to watch recording of process
also:
DATABASE FIX on SERVER
Backup the Server by copying the whole D:\DENTRIX folder
On the Server, run: D:\DENTRIX\_Rebuild.exe
then fix the appointment book conversion D:\DENTRIX\Abconv.eve
Dentrix
Dentrix Updates
Run:
C:\Program Files (x86)\Dentrix\UpdateManager.exeDentrix
Dentrix Upgrade
Check system requirements: https://www.dentrix.com/support/system-requirements
Install Dentrix Upgrade on Server
Install Dentrix upgrade on Clients
- Smart-Image
- Dexis
- Vyne Dental for Remote-Lite Claims
- Weave
Check for Upgrade Manager:
Dentrix → ApptBook → Help → About → Check for Updates
Also server services:
Services → Dentrix Updates Service → Enable or Disable
Dentrix
Fix Dentrix workstation Refresh problems
This is from: https://www.sodiumdental.com/fixing-your-dentrix-workstation-refresh-problems/
This fix should alleviate issues with the appointment book not refreshing at workstations and issues with errors showing up on screens that say your file is locked open at a different location.
Shut down all workstations except for your server.
Shut down all Dentrix software on the server, including any Dentrix related apps running in your task manager
Run a complete backup of your Dentrix folder and make sure if your Dentrix Data folder isnt in your Dentrix folder, make sure this Data folder is fully backed up as well.
In The Dentrix Folder on your server run _abconv.exe press OKAY to the popup message.
Click Convert to Appointment Book and then click OK
Now Run _Maint.exe and choose the option clear Machine IDs
Now Reboot your server and turn on your workstations and open appointment book one at a time
To be fully sure this has worked Turn off opportunistic locking on all machines including the serverThe location of the client registry entry for opportunistic locking has changed from the location in Microsoft Windows NT. In later versions of Windows, you can disable opportunistic locking by setting the following registry entry to 1:
HKEY_LOCAL_MACHINESystemCurrentControlSetServicesMRXSmbParameters
OplocksDisabled REG_DWORD 0 or 1
Default: 0 (not disabled)
Note The OplocksDisabled entry configures Windows clients to request or not to request opportunistic locks on a remote file.
You can also deny the granting of opportunistic locks by setting the following registry entry to 0:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLanmanServerParameters
EnableOplocks REG_DWORD 0 or 1
Default: 1 (enabled)
If these Keys dont exist you will need to make them.
Dentrix
How to setup Printers
Office Manager → File → Printer Setup
Keywords: dentrix printers setup
Dentrix - eServices
Stop/Remove eServices from workstation
del "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\eSync.lnk"
Startup → Disable:
HSPS.OpenInterface.Client... Services → Stop and Disable:
Digital Highway Server Services → Stop and Disable:
Service Management Tooldelete
eSync icon on desktop
Restart computer
Dexis
Buying Dexis Licenses
when offices buy Interoral cameras
Patrick Humm - Sales Manager - doesn't sell licenses, but will put you in contact with Henry Schein to purchase
Ty Cox - Patrick's backup person
Nicole Patrick - National Sales Mananger in California
Keywords: Dexis license licenses interoral camera
Dexis
Restarting SQL Service if Dexis not working
If Dexis isn't working at all in the whole office, check the
Services, and start or
restart the
SQL(DEXIS) service.
Epson
How to install Epson ES-400
Install the software
• Do not plug in USB.
• Download from
http://www.epson.com/support/es400downloads (copied to server)
• Run the installation
ES400-Lite-AM.exe • Choose the first software option (EPSON Scan) only, not all the software.
• Wait for it to finish.
• Plug in USB cable.
Georgias Own Bank
Fix Ranger Remote Check Scanner
Start → Settings → Printers and Scanners →
Ensure
Canon-CR120 is listed as connected.
Start → Services → Restart:
SBT Ranger Remote Service service
GoDaddy
How to SSH into GoDaddy VPS Server
Option 1 - Use
putty.exe tool on Windows computer, most likely port: 22 for SSH
Option 2 - In Chrome go to
WHM look for
Terminal which will give you a browser-based
SSH for
rootGoDaddy
How to transfer domain to GoDaddy
. Setup GoDaddy account (if necessary)☐ Unlock domain at old registrar☐ Check registration email address ☐ Export DNS records from old registrar☐ Copy/paste DNS records to NotePad☐ Initiate transfer at GoDaddy☐ Get transfer code from old Registrar☐ Finish transfer at GoDaddy☐ Wait and check emails from old and new registrars☐ Change name servers at GoDaddy (at night) ☐ Add all DNS records (right away)☐ Verify A,MX,TXT and SPF/DKIM/DMARC☐ GoogleDig to test☐ Test WebSite☐ Test incoming Email ☐ Test outgoing Email
Google
Clear Chrome Notifications Settings
Chrome → 3 dot menu (top right) → Settings → Privacy and Security → Notifications → Scroll down to "Allowed" and delete them
Google
How to run Chrome from Command Line
Start → run
taskkill /IM chrome.exe
start "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.google.com
"Program Files (x86)\Google\Chrome\Application>chrome.exe" --test-third-party-cookie-phaseout
Google
Setup free Google Workspace Super Admin without license
How to create a super admin user without a Google Workspace subscription license
Admin console → Menu → Billing → Get more services → Cloud Identity
Admin console → Menu → Billing → License settings → Automatic Licensing = Off
Admin console → Menu → Directory → Users → (username) → Manage → License section at the bottom
•
https://knowledge.workspace.google.com/kb/how-to-create-a-super-admin-us...Google
Where is Chrome Bookmarks file?
C:\Users\(username)\AppData\Local\Google\Chrome\User Data\(profile)\Bookmarks
Hewlett Packard
Install HPE ProLiant ML350 Gen10
----------------------------------------
NOTE: Use
5-port Switch to plug in all 4 NIC's before starting
Intelligent Provisioning----------------------------------------------------------------------------------------------
HP ProLiant InitializationMobile documentation: http://hpe.com/qref/ml350gen10
METHOD 1
Step 1 - Plug in VGA monitor and USB keyboard/mouse into Server
Step 2 - Press F10 to go into Intelligent Provisioning
METHOD 2
Step 1 - Plug USB Network cable (dongle) into Server's ILO USB port on top left of Server
Step 2 - Plug Laptop into ILO5 using network cable into network dongle
Step 3 - Set Laptop IP address to
DHCP or to IP:
169.254.1.7 GW:
169.254.1.1Step 4 - Use Chrome to browse to:
169.254.1.2 Step 5 - Sign into ILO5 as
Administrator using password written on top of server
Choose
Intelligent Provisioning and the
First Time StartupEnter Language, Time Zone, Time, etc
----------------------------- old -----------------------------------------
HP Bios → early initialization (3 minutes)
HP ProLiant - boot screen (2 minutes)
F5 - HP Smart Storage Administrator (optional)
F8 - ILO Configuration
F10 - Intelligent Provisioning
ProLiant ML350p G8
Step 1 - Set preferences
Network IPv4 Static 192.168.x.201
ILO IPv4 Static 192.168.x.209
Step 2 - Activate Intelligent Provisioning
Activate
Insite Remote Support
Hewlett Packard
Install HPE ProLiant ML350 Gen10 (2024)
Install SSP (Service PAck ProLiant)
Install ProLiant Windows Pack
Check HP-ACU/SSA
Join Domain
Add AD
Check DNS replication
Raise domain/forest funtional levels on old server
Upgrade to DFRS
Hewlett Packard
Proliant ML350 Server - Firmware / Service Packs (2021)
Download the latest Service Pack (SSP) from HPE support website.
Download the .ISO file
Mount the .ISO file
Run
launch_sum.bat as Administrator
Wait and watch it run in the Command window.
It will jump to browser https://localhost:63002
Allow it to open the page and follow steps.
•
https://www.hpe.com/servers/spp/downloadHewlett Packard
Proliant ML350 Server - Firmware / Service Packs (old?)
HP ProLiant Intelligent ProvisioningDownload the ISO file:
http://h20564.www2.hp.com/hpsc/swd/public/detail?sp4ts.oid=5195931&swItemId=MTX_8c62649bf1b746779063c19c44&swEnvOid=4064
Make a bootable USB Flash Drive using this HP USB Key Utility windows program:
https://h20566.www2.hp.com/hpsc/swd/public/detail?swItemId=MTX_2aa85604194243afbdb1c29a34
( this file: cp015352.exe is stored in Google drive cp015352.zip )
Upgrade Intelligent Provision firmware version by following these steps:
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/mostViewedDisplay/?sp4ts.oid=5287871&spf_p.tpst=psiContentDisplay&spf_p.prp_psiContentDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03458406-4%257CdocLocale%253Den_US&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
Hewlett Packard
Proliant Service Packs (old?)
This loads all the appropriate drivers and software on a server after the OS has been loaded.
ftp://es123890:cj}ZT9wi@h1.usa.hp.com -----------------------------------------------------
screen shot of browser window
-----------------------------------------------------
ftp://h1.usa.hp.com
Index of /
HP_Service_Pack_for_Proliant_2014.06.0_784915....iso 3.6GB
SPP2014090.2014_0827.10.iso 3.9GB
--------------------------------------------------------
Download the most recent ISO file ( SPP2014090.2014_0827.10.iso )
Use
HP USB Key Utility to copy it to a USB drive.
Copy everything from the USB Drive to the a folder on the Servers desktop.
Open folder
\hp\swpackages\Right-click Run As Administrator:
hpsum.batClick
Get Started and Automatic and let it do its thing.
Hewlett-Packard
Fix HotKeyServiceUWP
Eventlog shows error message about: HotKeyServiceUWP
Hewlett-Packard has a fix:
C:\SWSetup\SP139275
The description for Event ID 0 from source HotKeyServiceUWP cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.•
https://h30434.www3.hp.com/t5/Notebooks-Knowledge-Base/Update-HP-Hotkey-...Keywords: HotKeyServiceUWP
Hewlett-Packard
HP LaserJet Help
Stuck on Initializing
If your HP LaserJet printer get's stuck "Initializing", try these steps:
• Unplug the USB cable and/or network cable
• Unplug power cable
• Wait 60 seconds
• Plug in power cable
• Press the
Power button
• Press the
Copy button and then
Cancel button until it says something about permanent storage initialization
If necessary repeats all the steps above, but instead:
• Press the
Right arrow button and then
Cancel button until it says something about permanent storage initialization
If this works and your printer finishes the initalization stage, you can try to fix firmware to prevent this from happening in the future:
• Download latest firmware on your computer
• Plug in USB cable (not network cable)
• Apply firmware update
• Plug in network cable (if applicable)
• If the printer is connected to the network, try to disable IPV6 in the printer's network configuration
Keywords: HP LaserJet Help Stuck Initializing
Hewlett-Packard
Power Supply
Part Numbers
HP EliteDesk 800 - G5 SFF HP Part: 7LL87UT Power Supply: D16-250P1A (250W) or L08417-002
- G4 SFF HP Part: 4DP06UT Power Supply: L08417-004 (250W) Model: PCH022
- G3 SFF HP Part: 1FY88UT Power Supply: D16-180P2A (180W) or 901763-002
Keywords: Power supply repair replacement
Intuit
Add Report to QuickBooks Icon Bar
First view the memorized report, then click
View →
Add MyReport to Icon BarThen right-click the Icon bar and select →
Customize Icon BarLinux
Allow URL fopen
Allow URL fopen (either for whole server, or just certain domains)
WHM → MultiPHP INI Editor → Version: ea-php72 → Basic → enable: "allow_url_fopen"
cPanel → Software → MultiPHP INI Editor → Editor Mode → Location: Home → add: "allow_url_fopen = 1 "
Linux
Clean out files
/home/webstorehouse/logs
/home/webstorehouse/WSH/logs
/home/webstorehouse/WSH/uploads
/home/webstorehouse/WSH/temporary
/home/webstorehouse/WSH/minified/published/backups
Linux
How to find folders in TAR.GZ files
cron →
homedir → home directory
mysql → database backups
Z-zip ->
open: ..\Downloads\webstorehouse.tar.gz\webstorehouse.tar\webstorehouse\mysql\...
Linux
Increase Apache connections
WHM → Service Configuration → Apache Configuration → Global Configuration
Server Limit: 256 → 512
Max Workers: 150 → 300
Linux
Linux Commands
ls -l
rm -f /home/webstorehouse/mail/new/*
/usr/local/cpanel/bin/backup --force --debug
Microsoft
Converting M365 mailbox to Shared Mailbox
Microsoft365 Admin → Users → Active Users
put checkmark beside username and then look up at top for "Convert to Shared Mailbox"
Microsoft
DOS Commands
Run → Command → systemtools
Run → shellcommand startup
Run → shellstartup
Microsoft
Fix for Windows Updates KB5034441 that keeps failing
Start → Command
reagentc /info
reagentc /disable
(if necessary)Create two temporary folders:
C:\ISO
C:\MountDir
Download the appropriate "Windows Create Installation Media" Tool from link below.
Windows Create Installation Media
→ "Create Installation Media" → ISO file → download the ISO file to C:\ISO\
→ Mount the ISO-file in Explorer > Take note of the Drive Letter (e.g. E:)
Start → Command
DISM.exe /Get-ImageInfo /ImageFile:
DriveLetter:\sources\install.esd /Index:1
DISM.exe /Export-Image /SourceImageFile:
DriveLetter:\sources\install.esd /SourceIndex:1 /DestinationImageFile:C:\install.wim /Compress:fast /CheckIntegrity
DISM.exe /Mount-Wim /WimFile:C:\install.wim /index:1 /MountDir:C:\MountDir /ReadOnly
Copy C:\MountDir\Windows\System32\Recovery\ReAgent.xml and Winre.wim to C:\WindowsFix\Recovery
DISM.exe /Unmount-Wim /MountDir:C:\MountDir /discard
Unmount the ISO Drive (likley e:
Delete the folders C:\MountDir, C:\ISO and the file C:\install.wim.
C:\WindowsFix\Recovery into C:\Windows\System32\Recovery (replace the files if they already exist)
reagentc /enable
Attempt to run a Windows Update again, and this time it should install the KB5034441 update.
The nice thing is now that you have a portable solution to the problem. The next machine you need to fix for this issue, you simply have to do the following:
Open CMD and write: reagentc /disable
Copy the two files to C:\Windows\System32\Recovery\
Write in CMD: reagentc /enable
Run Windows Update, and voila
The simplicity of this fix once you have the two files, makes it easy to implement as a GPO or simple script that distributes these files to C:\Windows\System32\Recovery\ and write the CMD commands.
I hope this guide will find its way and can be used by other system admins desperately seeking to find a solution in this headless Windows world.
•
https://www.reddit.com/r/WindowsUpdate/comments/1bjkxv7/fix_for_kb503444...•
https://support.microsoft.com/en-us/windows/create-installation-media-fo...•
https://catalog.update.microsoft.com/Keywords: Windows Update KB5034441
Microsoft
How to check Domain Trust
Start → Command
nltest /sc_query:
{MYDOMAIN}.local
Start → PowerShell
Test-ComputerSecureChannel -Verbose
Test-ComputerSecureChannel -Server SERVER3
Microsoft
How to check Last Boot time
Start → Command
systeminfo | find "System Boot Time"
Start → Command
wmic path Win32_OperatingSystem get LastBootUpTime
Alternate method:
Task Manager → Performance → CPU → Up time
Microsoft
How to Clear DNS Cache
Start → Command →
ipconfig /flushdnsChrome →
chrome://net-internals/#dnsAdvanced:netsh winsock reset
netsh int ip reset
ipconfig /release
ipconfig /renew
ipconfig /flushdns
Microsoft
How to Disable Widgets
Taskbar Settings → Widgets → Off
Settings ->Personalization → Taskbar
regedit
→ HKEY_CURRENT_USER → Software → Microsoft → Windows → Current Version → Explorer → Advanced
→ TaskbarDa → Value: 0
Microsoft
How to find RecycleBin
Start → Run →
shell:RecycleBinFolderMicrosoft
How to find Windows Profiles in Registry
Regedit → HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
Microsoft
How to fix Domain Trust
Start → Command
regedit → hklm-SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\MaximumPasswordAge
Start → PowerShell
test-ComputerSecureChannel -Verbose
Start → Command
ipconfig /release
ipconfig /renew
ipconfig /all
Start → Command
netdom resetpwd /Server:SERVER1 /UserD:administrator /passwordD: password
Start → PowerShell
Reset-ComputerMachinePassword -Server SERVER1 -Credential Administrator
Microsoft
How to fix Time on Windows computer
Start → Command
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
Microsoft
How to get computer serial number
Start → Command
wmic bios get serialnumber > > USERPROFILE\Downloads\SerialNumber.txt
Microsoft
How to run Computer / Disk Management and other things from command prompt
Windows 10/11
Start → run →
compmgmt.msc <=
Start → run →
diskmgmt.msc <=
Windows Server 2016
→ Server Manager → Storage → Disk Management
How to Run things from command prompt:
Services →
services.mscDNS Management →
dnsmgmt.mscEvent Viewer →
eventvwr.mscComputer Management →
compmgmt.mscDisk MAnagement →
diskmgmt.mscGroup Policy Management →
gpmc.mscDNScommand →
dnscmd /Diagnose ???
Microsoft
How to see all mapped drives on a computer
Start → Command →
net userMicrosoft
Microsoft 365 Audit logs
admin.microsoft.com → Show All → Compliance → Microsoft Purview → Solutions → Audit
•
https://admin.microsoft.comMicrosoft
Microsoft 365 Show usernames
Microsoft 365 reports show anonymous user names instead of actual user names
admin.microsoft.com → Settings → Org Settings > Services → Reports☐ Display concealed user, group, and site names in all reports
•
https://admin.microsoft.comKeywords: m365 admin usernames view hidden anonymous
Microsoft
Open Windows User Accounts
Search → netplwiz
Microsoft
Outlook365 stuck Updating Inbox
Control Panel → Program Features → Microsoft Office → Change → Quick Repair / Full Repair
Account → Settings → Change → Use Cached Exchange Mode
Microsoft SARA tool → https//www.microsoft.com/en-us/download/100607
•
https//www.microsoft.com/en-us/download/100607Microsoft
Remote Desktop - MSTSC Command Windows
MSTSC is the official command for Remote Desktop on Windows computers. The mstsc command can be used from the command prompt to perform special and specific tasks quickly along with parameters also called switches. Some switch example are:
v:computer: Specifies the remote computer to which you want to connect.
Mstsc /v:computer1 Launches the RDP connection immediately. It only prompts for your Username and Password for authentication.
f: Starts remote desktop connection in fullscreen mode..
Mstsc /f Launches the RDP connection in fullscreen mode.
admin: Log in as an administrator.
Mstsc /admin Launches the RDP connection in admin mode.
w:width /h:height: Specifies the screen size of the remote desktop.
Mstsc /w:1024 /h:800 Launches the RDP connection with the screen at width 1024 and height 800
edit: Open an .rdp file so you can edit.
Mstsc /edit:computer1.rdp This launches the specified RDP file computer1.rdp file to be edited (you must have saved the RDP file to use this switch to open and edit that file)
You can combine switches. Like this
Mstsc /v:computer1 /admin This launches the RDP connection immediately with admin rights.
Mstsc /v:computer1 /admin /f This does the same thing as the previous example with the addition of opening the session in full screen mode.
There are more than 15 switches that can be used with the MSTSC command. Details can be found by typing mstsc /help in the command prompt to see the full list and their descriptions.
• https://v2cloud.com/tutorials/mstsc-adminMicrosoft
Repair Windows System files
SFC /Scannow
Microsoft
Safely Remove Hardware Icon
Start → Run
RunDll32.exe shell32.dll,Control_RunDLL hotplug.dllKeywords: remove disconnect USB
Microsoft
Where is Windows HOSTS?
C:\Windows\System32\drivers\etc
Microsoft
Where is Windows NETLOGON?
C:\Windows\SYSVOL\sysvol\domain\scripts\ netlogon.bat
Microsoft
Windows10 Network Discovery Fix Services
Start → Services Computer Browser, DNS Client, Function Discovery, SSDP Discovery, UPnP Device Host
Microsoft Cloud
Fix Azure Cloud Desktop time issue
FSXLogix (Azure) tries to set time and timezone based on local client information.
If the local computer time and timezone is manually set and correct, BUT not set to "Set Time Automatically" then FSXLogix messes up the time on the cloud desktop.
Local computer time must be set to "Set Time Automatically" for FSXLogix to set the cloud desktop time correctly.
Microsoft PowerShell
Manage Printers using PowerShell
Get-Printerport
Remove-Printerport -name "192.168.3.221"
Add-Printerport -name "192.168.3.221" -printerhostaddress "192.168.3.221"
Get-PrinterDriver
Add-PrinterDriver -name "HP LaserJet Pro M402-M403 n-dne PCL-6" -infpath "\\SERVER3\ClientApps\D:\ClientApps\Hewlett Packard\LaserJet M402n\HP_LaserJet_Pro_M402-M403_n-dne\hpdo602a4_x64.inf"
Add-Printer -name "CheckOut Printer Direct" -drivername "HP LaserJet Pro M402-M403 n-dne PCL-6" -port "192.168.3.221"
Microsoft Server
Build Active Directory Server
→ Server Manager → Manage → Add Roles and Features → Roles → Active DIrectory Domain Services
next,next,next and wait a long time
Do NOT click "Close", wait and message will complain: Additional steps required..
→ Promote this server to a domain controller
→ Add a domain controller to an existing domain☒ Domain Name System (DNS) server☒ Global Catalog (GC)
Directory Services Restore Mode (DSRM) Password: (same as Administrator password)
next,next,next and wait a long time, it will install DNS automatically
Server reboots
Wait a minute for PowerShell scripts to finish.
> Server Manager → Manage → Look for the warning icon →
DHCP Post-Install configuration wizard to install DHCP
•
https://outerlimitsconsulting.com/scriptsKeywords: AD PDC
Microsoft Server
DHCP Lease and DNS Scavenging
SET DHCP LEASEStart → Programs → Administrative Tools → DHCP → DHCP Manager
Expand the server, right-click the IPv4 Scope, click
PropertiesGeneral → Lease limited to:
3 daysSET DNS SCAVENGINGStart → Programs → Administrative Tools → DNS → DNS Manager
Right-click the DNS server, click
Set Aging/Scavenging for all zones☒ Scavenge stale resource records
No-refresh interval:
1 dayRefresh interval:
1 daySCAVENGE DNS IMMEDIATELYStart → Programs → Administrative Tools → DNS → DNS Manager
Right-click the DNS server, and click
Scavenge Stale Resource RecordsFor more information on DNS scavenging, see the Microsoft TechNet article How DNS Aging and Scavenging Works.
Keywords: Scavenge / Scavage
Microsoft Server
Disable NetBIOS on the DHCP server
DHCP → Server_name → Scope → Scope Options → Configure Options
Advanced → Microsoft Windows 2000 Options (in the Vendor class list. Make sure that Default User Class is selected in the User class list.)
Select →
001 Microsoft Disable Netbios → Data →
0x2 → Okay
Microsoft Server
DNS Health Check on Windows Server
Hello there,
Performing a DNS health check on a Windows Server 2019 involves several steps. Here's a guide on how to do it:
Check DNS Service
→ Run → services.msc → look for the "DNS Server" service in the list
Verify DNS Zones
→ Run → dnsmgmt.msc → expand server → check "Forward Lookup Zones" and "Reverse Lookup Zones"
Check DNS Records: ensure that all required DNS records are present and correct.
Look for essential records like A, AAAA, CNAME, MX, PTR, etc., and verify their settings.
Check DNS Server Event Logs:
→ Run → eventvwr.msc → Navigate to Windows Logs > System and look for events with the Source "DNS Server."
DNSSEC (Domain Name System Security Extensions):
If you're using DNSSEC, verify its status.
Open the DNS Manager, right-click on your server node, and select "Properties."
Go to the "DNSSEC" tab and check the DNSSEC status.
DNS Cache:
Check the DNS cache to ensure that it's not causing any problems.
Open Command Prompt or PowerShell as an administrator.
To display the current DNS cache entries, run the command: ipconfig /displaydns.
To flush the DNS cache, run the command: ipconfig /flushdns.
DNS Diagnostics (Optional):
Windows Server 2019 includes built-in DNS Diagnostics that can help troubleshoot issues.
Open Command Prompt or PowerShell as an administrator.
Run the command: dnscmd /Diagnose to perform DNS diagnostics.
I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.
Hope this resolves your Query !!
--If the reply is helpful, please Upvote and Accept it as an answer--
Please sign in to rate this answer.
Sign in to comment
Dave Patrick
425.9K Reputation points MVP
Aug 6, 2023, 8:43 AM
You can use dcdiag
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/dcdiag#dns-test-syntax
--please don't forget to upvote and Accept as answer if the reply is helpful--
DNSLINT see link below to download
→ command →
cd c:\dnslint →
dnslint.exe /ad 192.168.3.203 /s 192.168.3.203 → dir
•
https://learn.microsoft.com/en-us/windows-server/administration/windows-...•
https://outerlimitsconsulting.com/files/software/dnslint.v204.exeMicrosoft Server
DNS Standard Configuration
SERVER
→ NIC #1: IP: 192.168.3.201 with DNS: 192.168.3.201 (itself)
→ NIC #2: disabled
→ NIC #3: disabled
→ NIC #4: disabled
→ DHCP Service → DNS: 192.168.3.201, 8.8.8.8, 8.8.4.4 → WINS: off → NetBios: Off
→ DNS Service: → Forwarders: 8.8.8.8, 8.8.4.4
CLIENTS
→ NIC: via dhcp → DNS: 192.168.3.201, 8.8.8.8, 8.8.4.4
Basically
→ Server's NIC only points to itself for DNS.
→ Server's DHCP tells clients to use itself and then Google for DNS
→ Server's DNS forwards to Google
•
https://sabrinaksy.com/2022/09/18/active-directory-and-dns-why-you-shoul...Microsoft Server
Fix Windows Server 2019 - Unable to change UAC or add Printers
Fixing Windows Server 2019
Unable to change UAC or add Printers
run gpedit.msc
Computer Configuration
Windows Settings
Security Settings
Local Policies
Security Options
Enable:
User Account Control:
Admin Approval Mode for the Built-in Administrator account
Reboot
Microsoft Server
FRS to DFSR SYSVOL migration
powershell →
net sharepowershell →
dfsrmig /getglobalstatepowershell →
dfsrmig /setglobalstate 1powershell →
dfsrmig /getglobalstatepowershell →
dfsrmig /setglobalstate 2powershell →
dfsrmig /getglobalstatepowershell →
dfsrmig /setglobalstate 3powershell →
dfsrmig /getglobalstatepowershell →
dfsrmig /getmigrationstatepowershell →
dfsrmig /getglobalstatepowershell →
net share1) State 0 Start
2) State 1 Prepared
3) State 2 Redirected
4) State 3 Eliminated
State 0 Start
With initiating this state, FRS will replicate the SYSVOL folder amongst the domain controllers. It is important to have a current copy of SYSVOL before begins the migration process to avoid any conflicts.
State 1 Prepared
In this state, FRS continues replicating the SYSVOL folder while DFSR will replicate a copy of SYSVOL folder. It will be located in %SystemRoot%\SYSVOL_DFRS by default. But this SYSVOL will not respond to any other domain controller service requests.
State 2 Redirected
In this state, the DFSR copy of SYSVOL starts to respond for SYSVOL service requests. FRS will continue the replication of its own SYSVOL copy but will not involve with production SYSVOL replication.
State 3 Eliminated
In this state, DFS Replication will continue its replication and servicing SYSVOL requests. Windows will delete original SYSVOL folder users by FRS replication and stop the FRS replication.
In order to migrate from FRS to DFSR it must to go from State 1 to State 3. Lets look into the migration steps in more detail.
Prepared State
Log in to domain controller as Domain admin or Enterprise Admin
2. Launch PowerShell console
3. Type dfsrmig /setglobalstate 1 and press enter
FRS to DFSR SYSVOL Migration Steps
4. Type dfsrmig /getmigrationstate to confirm all domain controllers have reached the prepared state
FRS to DFSR SYSVOL Migration Steps
Redirected State
Log in to domain controller as Domain admin or Enterprise Admin
2. Launch PowerShell console
3. Type dfsrmig /setglobalstate2 and press enter
FRS to DFSR SYSVOL Migration Steps
4. Type dfsrmig /getmigrationstate to confirm all domain controllers have reached redirected state
FRS to DFSR SYSVOL Migration Steps
Eliminated State
Log in to domain controller as Domain admin or Enterprise Admin
2. Launch powershell console
3. Type dfsrmig /setglobalstate 3and press enter
FRS to DFSR SYSVOL Migration Steps
4. Type dfsrmig /getmigrationstate to confirm all domain controllers have reached eliminated state
FRS to DFSR SYSVOL Migration Steps
This completes the migration process and to confirm the SYSVOL share, type net share command and press enter.
FRS to DFSR SYSVOL Migration Steps
Also make sure in each domain controller FRS service is stopped and disabled.
FRS to DFSR SYSVOL Migration Steps
NOYNIM IT Solutions
At NOYNIM, we offer comprehensive & completely customizable outsourced IT services. NOYNIM is an IT solutions provider founded on the belief that all businesses deserve the same centralized support capabilities as large corporations, but at a fraction of the cost. Our goal is to perpetuate the growth of our clients while supporting them as their outsourced IT department.
NOYNIM offers outsourced IT services in Denver, Ft. Collins, Boulder, and Colorado Springs. We also service clients nationwide.
Date Published: June 15, 2021
•
https://techcommunity.microsoft.com/t5/storage-at-microsoft/sysvol-migra...•
https://noynim.com/blog/technical-fixes/frs-to-dfsr-sysvol-migration-ste...Microsoft Server
How to check Active Directory
dcdiag test DNSStart → Command
dcdiag
dcdiag /test:DNS
Check FSMOStart → PowerShell
netdom query fsmo
Check 5 critical servicesStart → PowerShell
$Services='DNS','DFS Replication','Intersite Messaging','Kerberos Key Distribution Center','NetLogon',Active Directory Domain Services
ForEach ($Service in $Services) {Get-Service $Service | Select-Object Name, Status}
Check EventLog for LDAP errorsStart → Powershell
Get-WinEvent -FilterHashtable @{
LogName = 'Security'
ID = 2889
}
Check Replication SyncRepadmin /replsummary
Start → Command → wmic bios get serialnumber > > %USERPROFILE%\Downloads\SerialNumber.txt
•
https://outerlimitsconsulting.com/scriptsMicrosoft Server
How to fix time on Windows Server 2019
Start (right-click) → Windows PowerShell (Admin)
→
timedate.cpl to launch the Date and Time window.
Microsoft Server
Migrate SYSVOL
Active Directory - SYSVOL MigrationThe File Replication Service (FRS) is used for replicating the contents of the SYSVOL share between Windows domain controllers. However, Windows Server 2008 domain controllers, which are operating in the Windows Server 2008 domain functional level, can use the DFS Replication service for replicating the contents of the SYSVOL share. A new Windows Server 2008 feature makes it possible for administrators to migrate replication of the SYSVOL share from FRS to the more reliable and efficient DFS Replication service.
This series of blog posts describe the procedure for migrating the replication of the SYSVOL share on Windows Server 2008 domain controllers from FRS replication to the DFS Replication service.
•
https://techcommunity.microsoft.com/t5/storage-at-microsoft/sysvol-migra...Microsoft Server
Promote server to PDC/FSMO
(need to put steps to promote server to Primary Domain Controller)
• Raise Domain functional level
• Raise Forest functional level
Change 5 FSMO Roles:
First 1,2,3:
RID, PDC, Infrastructure masterOn the
new server:
Download and run the script:
CheckDomainController-Server.batActive Directory Users and Computers → MYCOMPANY.local → Operations Masters
→
RID → Change to SERVER3.MYCOMANY.local
→
PDC → Change to SERVER3.MYCOMANY.local
→
Infrastructure → Change to SERVER3.MYCOMANY.local
Run the script again:
CheckDomainController-Server.batActive Directory Domains and Trusts → Active Directory Domains and Trusts (not MYCOMPANY.local) → Operations Master
→ Operations Master → Change to SERVER3.MYCOMPANY.local
Run the script again:
CheckDomainController-Server.batThen 4:
Schema masterOn the
old server:
run → cmd → regsvr32 schmmgmt.dll
run → cmd → mmc → File → Add/Remove Snap-In → Active Directory Schema → Add → OK
Console Root → Active Directory Schema → Change Active Directory Domain Controller → new server
Console Root → Active Directory Schema → Operations Master
→
Change Schema Master → Change To SERVER3.MYCOMPANY.local
Finally 5:
Domain naming masterOn the
new server:
Run the script again:
CheckDomainController-Server.batStart → Active Directory Domain and Trusts → Active Directory Domain and Trusts
→ Operations Master → Change to SERVER3.MYCOMPANY.local
Run the script one last time:
CheckDomainController-Server.batOld server: DCPROMO?
On new server:
- Active Directory Domain and Trusts → Remove all occurances of old SERVER0
- Active Directory Computers and Users → Remove all occurances of old SERVER0
Don't forget ->
• Make sure the new server points to itself for DNS after it becomes the PDC.
• Turn off WINS in DHCP
• Turn off WINS & NetBIOS on NIC
•
https://outerlimitsconsulting.com/files/scripts•
https://outerlimitsconsulting.com/files/scripts/CheckDomainController-Se...Microsoft Server
Windows Server Password Policy
Start → Run →
gpmc.msc Group Policy Management
→ Forest: MYDOMAIN.local → Domains → MYDOMAIN.local → Group Policy Objects
→ Default Domain Policy > right-click > edit
Computer Configurations > Policies > Windows Settings >Security Settings > Account Policies > Password Policy
Disable password complexity, password length, etc
Start → Run →
rsop.mscStart → Command → gpresult
gpresult /R
gpresult /V
gpresult /Z
Keywords: Windows Server Domain Password Complexity Policy Policies
Microsoft Windows
Add/Delete Printers with Adminstrative Rights
Start → cmd ← run as administrator
rundll32 printui.dll,PrintUIEntry /ilStart → cmd ← run as administrator
printui.exe /dn /n "\\SERVER2\HP Color LaserJet M454dn on SERVER2"
printui.exe /dn /n "\\SERVER2\HP Color LaserJet M454dn on SERVER2.DAVIS.local"
printui.exe /dn /n "\\SERVER2\HP LaserJet M428fdw on SERVER2"
printui.exe /dn /n "\\SERVER2\HP LaserJet M428fdw on SERVER2.DAVIS.local"
List Printers with Powershell ->
Get-WmiObject win32_printer | select -Property name
Delete Printers with PowerShell ->
$Printer = Get-WmiObject win32_printer | where {$_.name -imatch "$Description"}
$Printer.Delete()
Microsoft Windows
Connect to invisible Server UNC
If you have any trouble connecting to the company files from a computer, here's a trick:
Copy the shortcut "QuickBooks SERVER2 UNC" from this installation folder to the computer's desktop,
then when you try to open the company file from inside QuickBooks, select the Desktop
and then select that UNC shortcut and then it should open up the QB folders using the proper UNC path.
Once uUickBooks has found the compnay file using that shortcut, you can remove the shortcut from the desktop.
Note: UNC is the Universal Naming Convention that Windows uses to connect to resources on network devices.
QuickBooks recommends using UNC instead of the obsolete mapped drive method.
Microsoft Windows
Fix WindowsRE partion for Windows Update error
KB5028997: Instructions to manually resize your partition to install the WinRE update
Start → cmd (as administrator)
→ reagentc /info
→ reagentc /disable
→ diskpart
-→ list disk
-→ sel disk 0
-→ list part
-→ sel part 9 (Primary - largest)
-→ shrink desired=250 minimum=250
-→
wait couple of minutes-→ sel part 9 (Recovery)
-→ delete partition override
-→ list disk (check if * in GPT column)
if GTP do this
-→ create partition primary id=de94bba4-06d1-4d40-a16a-bfd50179d6ac
-→ gpt attributes =0x8000000000000001
otherwise it's MBR so do this
→ create partition primary id=27
-→ format quick fs=ntfs label="Windows RE tools"
-→ list vol
-→ exit
→ reagentc /enable
→ reagentc /info
Advanced:Windows Update Failure (0x80070643) for Windows10 22H2 update January 2024
Update KB5034441 fails to install
•
https://support.microsoft.com/en-us/topic/kb5028997-instructions-to-manu...•
https://www.minitool.com/news/kb5034441-fails-to-install-with-code-0x800...Keywords: Windows Updates KB5034441
Microsoft Windows
How to fix printer #740 error when installing printers
Instead of using the Settings or Control Panel to add a printer, use File Explorer and go the the Network, Server and the when you see the Printers and Sharewd folders select the printer and right-click "Connect".
That didn't work
We can't install this printer right now. Try again later or contact your network administrator for help.
Error: #740Keywords: printer intall 740
Microsoft Windows
How to force Windows 11 install
1) Download the Windows 11 ISO
https://www.microsoft.com/en-us/software-download/windows11
2) Edit Windows Registry to bypass CPU check
Start → regedit ->
Computer\HKEY_LOCAL_MACHINE\SYSTEM\Setup\MoSetupNew → DWORD (32-bit) Value
Name:
AllowUpgradesWithUnsupportedTPMOrCPU → Value: 1
3) Open ISO file in Windows Explorer and launch setup
Open With → Windows Explorer
•
https://www.theverge.com/22715331/how-to-install-windows-11-unsupported-...Microsoft Windows
How to tell if computer has SSD or HDD
Start → Run →
dfrguiMicrosoft Windows
Remove Notifications
It's bad enough we have to deal with non-stop notifications in our Inbox, but these seemingly incessant interruptions are becoming worse, especially with Windows 10.
Try the steps below to turn off some of these notifications.
Chrome → Chrome → Settings → Privacy and security → Site settings → Permissions → Notifications
Microsoft Edge → Start → Settings → System → Notifications & actions → Edge → Notifications
Microsoft Windows10 → Start → Settings → System → Notifications & actions → Notifications
Microsoft Windows
Reset USB drive
Start → Search → Computer Managemenr → Device Manager -
→ USB Root Hub ← disable then enable
→ USB Root Hub 3.0 ← disable then enable
→ USB Root Mass Media ← disable then enable
Microsoft Windows
Top 12 Windows Commands
1. Ping
2. IPConfig
3. Getmac
4. HostName
5. NSLookUp
6. Tracert
7. Netstat
8. Arp
9. PathPing
10. SystemInfo
11. Nbtstat
12. Netsh
Microsoft Windows
Where is Windows PRINTERS spool folder?
C:\Windows\System32\spool\PRINTERS
Keywords: printer spooler
Planmeca
How to clear out unsaved Panorex images
Clear out the folder:
C:\ProgramData\Sirona\Twain\Planmeca TwainError: The TWAIN device 'Planmeca Twain' cannot be used to create another exposure since there are still data in the transfer folder 'C:\ProgramData\Sirona\Twain\Planmeca Twain' from a previous exposure that have not yet been imported into Sidexis 4.Keywords: SIDEXIS4 PLANMECA
Sage
Sage100 Year End Guide
Basically:
License Administrator → ensure no one is in Sage100
Database Adminstrator → Backup
Reid → Sage100 →
5-3-7 Payroll Audit → AuditReid → Sage100 →
5-2-1 Employees → review statuses
Reid → Sage100 →
5-2-2 Payroll Records → File ->CountReid → Sage100 →
5-1-2-41 Check Register Totals → print report
Reid → Sage100 →
5-4-3 ACA Hours Allocation → print report
Reid → Sage100 →
4-1-1-31 Vendor List Report → verify tax id for each vendor
Reid → Sage100 →
4-1-5-61 Vendor Payment → verify 1099 balances
License Administrator → ensure no one is in Sage100
Database Adminstrator →
Backup - twice
Database Adminstrator →
Archive Company Data → Archive Payroll Data →
Name: CAI 2023 Payroll Archive
Remove employees: No to all
Wait a long time... be patient.... it will automatically backup, archive and backup in many steps which an take 30 minutes, so watch the Task Manager Processes/CPU.
Sage100 for new archive company: 7-1 Company Information → General → Color → HotPink
Sage100 for new archive company: 7-2-1 → Change all Groups to No for Save, Print,Delete, etc
Then there are a whole bunch of steps for REid to do to compare counts between Old, Archive and Current company files.
Finally:
→ ASk SysCon to fix SQL access so that people can see the Archive databasebases when signing into "regular Reote desktop" instad of having to go into "REmote DEsktop Server" to see alll the ARchive Compnies.
•
https://cdn.na.sage.com/docs/en/customer/100contractor/24_1US/open/Year-...Sage100
How to fix Payroll/Direct Deposit emailing problem
Sage100 Contractor → 5-2-4-22 → Options → Direct Deposit Email Settings → Email Settings
→ set to 2nd option → Save → Save
Ubiquiti
Ubiquiti ER-X EdgeRouter ER-X Firmware
1 - Download firmware TAR file from link below
2 - Remove
Windows Internet Lock on TAR file ←
3 - Go to 192.168.x.1
4 - Click
System tab at the very bottom.
5 - Upgrade Firmware on right side.
Note: if the upgrade fails, restart the router and you might see that it did install
•
https://www.ui.com/download/software/er-xUbiquiti
Ubiquiti ER-X EdgeRouter Factory Reset
1 - Connect power
2 - Press and hold
reset button for 20 seconds
3 - Wait 1 minute for router to restart
4 - Continue with regular setup
Keywords: Reset to Factory Default Settings
Ubiquiti
Ubiquiti ER-X EdgeRouter Installation
1 - Set laptop NIC Static IP:
192.168.1.72 - Plug laptop into
eth0 port
3 - Power on router and wait 2 minutes
4 - Browse to
192.168.1.1 → ubnt / ubnt
5 - Do setup wizard
6 - Set LAN IP to
192.168.x.1 as needed
7 - Turn on/off DHCP as needed
8 - Reboot
9 - Wait 2 minutes for router to restart
10 - Plug laptop into
eth111 - Plug Internet into
eth012 - Set Laptop NIC to DHCP
13 - Renew IP address
14 - Browse to router's new IP address
192.168.x.115 - Check/update firmware
16 - Change username/password
Advanced:Web interface top right → click
CLI
show version
configure
set system offload hwnat enable
set system offload ipsec enable
commit
save
exit
Keywords: setup installation
Ubiquiti
Ubiquiti Unifi 6 Lite installation
1 - Set laptop NIC Static IP:
192.168.1.72 - Plug laptop into
eth0 port
3 - Browse to
192.168.1.1 → ubnt / ubnt
4 - Do setup wizard
5 - Set LAN IP to
192.168.x.1 as needed
6 - Turn on/off DHCP as needed
7 - Reboot
8 - Wait 1 minute for router to restart
9 - Plug laptop into
eth110 - Plug Internet into
eth011 - Set Laptop NIC to DHCP
12 - Renew IP address
13 - Browse to router's new IP address
192.168.x.1 (Copy)
Keywords: setup installation
Vipre
Set VIPRE exclusions
Folder:
C:\Program Files (x86)\DentrixFolder:
C:\Program Files (x86)\DEXISFolder:
C:\Program Files (x86)\KaVoFolder:
C:\Program Files (x86)\Henry ScheinFolder:
C:\DentrixFolder:
C:\DEXISFolder:
\\SERVER1\DTXCommonFilepath:
C:\Windows\Dentrix.ini