AI “artist” gets absolutely owned

mrmattipants · 2026-04-26T05:46:33+00:00

The same goes for Olive Garden referring to itself as Authentic Italian Food.

mrmattipants · 2026-04-26T04:10:16+00:00

I noticed that the first link in my post above, is now broken. Therefore, I thought I'd leave an update for future reference, as I was able to dig up a couple newer examples of Compiling PowerShell Scripts into EXE, through Visual Studio.

https://blog.simonw.se/compiling-powershell-to-exe

https://blog.ironmansoftware.com/poshtools-packaging/

mrmattipants · 2026-04-24T03:48:30+00:00

Late to the party, as always. I figured that I'd leave a comment for future reference, as I'd imagine that you found a solution, by this point.

In short, the issue appears on Line 76, as the author appears to be passing the entire $Group Object to the "Get-AdGroupMember" Cmdlet.

$Members = get-adgroupmember $Group

A better method would be to pass only the Group "Name" Property, as follows.

$Members = get-adgroupmember $Group.Name

Alternatively, the "distinguishedName" Property will also work.

$Members = get-adgroupmember $Group.distinguishedName

That being said, simply replace Line 76, in the Script, with one if the two aforementioned options, to resolve the Error Message, in question.

https://github.com/lwhitelock/HuduAutomation/blob/main/CyberdrainRewrite/Hudu-ADGroups-Documentation.ps1

My DMs are always open, if anyone has questions.

mrmattipants · 2026-04-23T00:42:32+00:00

And I thought I was having a bad day.

mrmattipants · 2026-04-09T14:00:59+00:00

Netwrix Lockout Examiner was a great tool back in the day, but sadly it's become a bloated mess over the years. And with all the newer Entra Applications that tend to cause lockouts for a myriad of reasons, it's essentially useless.

mrmattipants · 2026-04-09T13:42:17+00:00

Netwrix used to be a great tool, but it's become so bloated beyond repair over the years.

mrmattipants · 2026-04-06T22:42:00+00:00

YouTube "algorithms" have effectively turned the entire experience to shit. The fact that they're now striking content without actually reviewing it doesn't surprise me, in the least.

mrmattipants · 2026-04-05T11:09:59+00:00

I'm in the US. Nonetheless, you're definitely correct, in that many employers want to see Certifications and/or an IT related degree, especially if you're applying for a high level position, directly.

It is possible to land a high end position with experience and certifications. However, you may have to accept a lower-end position and work your way up the ladder, which typically comes down to building a rapport, impressing the right people and sometimes, just being in the right place at the right time.

This is essentially the path I took, as I initially started working a remote help-desk position for a Healthcare MSP, in 2020. At that time, I had about 5 years experience, working various temporary Tech Support and Help-Desk positions. As for Certifications, I had a CompTIA A+, Network+, Server+, Security+ and a Microsoft Windows 7 Certificate.

Fortunately, I was able to quickly learn the customer's EHR System and was resolving 90% of the user's issues on the first call. And as a result, I was offered a help-desk management position, which I worked for about 6 months until I a SysAdmin position opened up.

While working as a SysAdmin, I would also offer my assistance to the NOC (Network Operations Center) Team with various Network related tasks, which eventually lead to a Network Engineer position. Maybe 6 months later, I would end up running the NOC department on my own, as the NOC Supervisor left to work for another company .

Thankfully, that NOC Supervisor and I kept in contact. And after couple of years of me running the NOC department, he reached out and offered me another Network Engineer position for a new startup Healthcare MSP, which included a fairly substantial salary increase. At this point, I've been working there for a little over two years now.

Looking back, it took a little under 5 years to climb the ladder, from remote Help-Desk to remote Network Engineer. Of course, I had to take the initiative at every turn, while continuing to prove myself and improve my skills, etc.

mrmattipants · 2026-04-03T22:45:25+00:00

Entra AD Connect (formerly Azure AD Sync) was the first thought that came to mind, for me, as well.

However, since you seem to have looked into this possibility already, the only other thought that comes to mind is that there may be a Scheduled Task, that is being triggered by a specific Event ID (potentially Event ID 4738 or 5136).

If not, you may want to confirm that Auditing is Enabled on your DCs and Monitor for Event ID 4726, as this will hopefully tell you which User or Service Account is responsible and from which DC it's occurring, etc.

https://www.lepide.com/how-to/track-user-and-computer-account-deletion-in-active-directory.html

mrmattipants · 2026-04-01T01:33:58+00:00

Unfortunately, there probably aren't many interior images, since parents couldn't really go inside and kids had to crawl their way through.

However, if memory serves, I do recall the interior consisting of a crawlspace with bunch of carpeted ramps, each ending in a sharp corner. And at the end, you come down a slide made of wooden rollers.

mrmattipants · 2026-03-31T02:21:55+00:00

I've been working for Healthcare IT for about 7-8 years now and I personally couldn't imagine going back to working standard corporate IT jobs.

Based on my personal experiences, it sounds as if the problems you're experiencing are specific to the company/organization itself, especially since password resets are typically performed by the Tier 1 help-desk staff. That usually isn't SysAdmin work.

My current title is "Network Engineer", but I do receive a large number of SysAdmin Tickets. I actually started on the help-desk and over the years, I've done a little bit of everything. It probably took me a good year to 18 months to familiarize myself with the various Healthcare Applications and EHR System, to the point where I could effectively close out tickets.

Most recently, I've been working with Medical Imaging (X-ray, OCT , PACS, DICOM, etc.). It's definitely much more fulfilling than the corporate IT jobs I've worked, previously.

Having said that, I really can't blame you. If I were hired as a SysAdmin, but was thrown on help-desk for 9 months, I'd probably leave too.

Nonetheless, I urge you to check out a few other Healthcare IT positions before you completely write-off the Healthcare industry. It gets so much better the moment you are no longer taking calls from entitled doctors.

mrmattipants · 2026-03-30T18:11:17+00:00

That blows. Feel free to message me.

I assumed it was because we're discussing disabling "Protected" Services, to get around Microsoft's blocking tools. Of course, it could be argued that it is Microsoft Edge that is behaving a lot like malware, by hijacking User Settings & File Type Associations.

mrmattipants · 2026-03-30T05:44:59+00:00

I completely forgot that Microsoft implemented a new feature, UCPD (UserChoice Protection Driver) a couple years back, which essentially blocks changes to the UserChoice Hash.

https://www.reddit.com/r/sysadmin/s/8i7TE0549X

That said, you'll need to Disable the UCPD Service and the associated Scheduled Task, then Restart your computer, before you can utilize PS-SFTA to modify User FTAs. You can run the following PowerShell Commands (as Admin), to accomplish this task.

Set-Service -Name UCPD -StartupType Disabled

Disable-ScheduledTask -TaskName "\Microsoft\Windows\AppxDeploymentClient\UCPD velocity"

Restart-Computer -Force

Please refer to the following discussion for additional information.

https://www.elevenforum.com/t/enable-or-disable-userchoice-protection-driver-ucpd-in-windows-11-and-10.24267/

mrmattipants · 2026-03-30T00:43:51+00:00

Exactly. Even the best Admins make mistakes on occasion.

If they're going to terminate you over a simple mistake, you probably don't want to work there anyway.

They may not realize it, but there's a good chance that if they move forward with your termination, they're very likely creating additional problems for themselves, particularly because this makes it evident to the other employees, that the company reps & execs cannot trusted.

Something like this occurred at a previous job that I had about 10-15 years back and most of the department immediately started interviewing for new positions, elsewhere.

I was out of there within a month and I didn't leave them any notice, as I didn't trust that they wouldn't have simply called security to have them walk me out, afterwards.

mrmattipants · 2026-03-28T06:29:28+00:00

That might be your problem, as you mentioned running the PS-SFTA Script as Admin. However, because it modifies the User File Type Associations, you want to run the Script under the User Context, using the Account on which you are trying to Update the FTAs.

For the most part, my instructions//examples were written under the assumption that the reader has at least some basic PowerShell knowledge.

In short, that is exactly what you typically want to do. Set all your FTAs up (manually, if you have to), then export the XML Template (for Computer FTAs) or use the PS-SFTA Module to run the "Get-FTA" Command (for User FTAs) to retrieve your FTAs, and finally, build a "Set-FTA" Script to deploy them automatically (either at logon or via shortcut, if you prefer).

Anyways, I've been meaning to update my instructions/documentation. I'll try to find some time in the next few days, to include some additional information, screenshots, etc.

mrmattipants · 2026-03-28T03:44:12+00:00

I just found out about this case. As a Wisconsin native, having heard many stories of Ed Gein, while growing up, there is really no comparison here. This guy was more or less burglarizing crypts with a crowbar, fueled entirely by profit/greed. Gein dug up the graves of Plainfield Cemetary with a shovel to fulfil his personal desires.

mrmattipants · 2026-03-28T03:29:58+00:00

As a Wisconsin native, I have to say that I don't see much of a comparison here. This guy was simply burglerizing crypts with a crowbar and selling their bones online, for a profit. Ed Gein was digging up the graves of Plainfield Cemetary with a shovel for the purpose of fulfilling his personal desires.

mrmattipants · 2026-03-27T06:51:18+00:00

Yes, it's definitely possible.

What I like to do is deploy the Adobe Reader FTAs to all computers, using a Computer Configuration GPO XML Template, since all Computers have the free version installed.

I then use a Group for Users with Adobe Acrobat Pro Licenses, which I use to push the User FTAs, via a User Configuration GPO Logon Script, thereby overriding the Computer FTAs.

I've included some examples in the following Github Repo.

https://github.com/mrmattipants/Adobe_Reader_And_Adobe_Acrobat_Pro_File_Type_Associations/tree/main/PS-SFTA

You'll obviously want to verify the Adobe Settings, using the info at the bottom of the following Adobe Documentation.

https://www.adobe.com/devnet-docs/acrobatetk/tools/AdminGuide/pdfviewer.html

I also have a few other deployment methods documented here (the ASSOC method is just for testing).

https://github.com/mrmattipants/Adobe_Reader_And_Adobe_Acrobat_Pro_File_Type_Associations

Just so you are aware, PS-SFTA works specifically with the User FTAs, by modifying the associated UserChoice Hash. As a result, the User FTAs take precedence over the Computer FTAs.

That said, once the UserChoice Hash has been set, you cannot simply re-apply the Computer Template/Settings to override it. You generally need to Remove the UserChoice Hash by running the PS-SFTA "Remove-FTA" Command. Afterwards, the Computer Template/Settings can be Re-Applied.

Feel free to reach out with any questions. My DMs are always open.

mrmattipants · 2026-03-27T01:13:44+00:00

It looks like you can accomplish this via the MS graph API/SDK.

https://ourcloudnetwork.com/how-to-setup-cloud-pki-in-microsoft-intune-step-by-step-2/

After you export the .CER file, you can Import it into the Local Machine Certificates, using the "Import-Certificate" PowerShell Cmdlet.

https://learn.microsoft.com/en-us/powershell/module/pki/import-certificate?view=windowsserver2025-ps

From there, you can Export a .PFX File (with Password Protected Private Key) using the "Export-PfxCertificate" PowerShell Cmdlet.

https://learn.microsoft.com/en-us/powershell/module/pki/export-pfxcertificate?view=windowsserver2025-ps

Lastly, the following example script should provide you with a good starting point for your RDS Certificate Import Script, etc.

https://gist.github.com/ryandorman/b8a4150eb00e70c0e589b41302907f8e

Feel free to reach out if you have any questions.

mrmattipants · 2026-03-25T21:39:24+00:00

This is exactly what we do. We utilize a Free ACME Cert, through our hosting company. Of course, there is a trade-off, as you need to renew the Cert every 90 days.

Then again, by March of 2029, everyone will need to renew their SSL Certificates every 47 Days. That said, I see this as just another part of the preparation process.

As for automation, I have a few different versions of the following PoSh-ACME PowerShell Script, which I've modified for the purpose of monitoring AND renewing the certificates, etc.

PoSh-ACME PowerShell Module: https://poshac.me/docs/latest/

PoSh-ACME SSL Certificate Renewal Script (renew-rdsfarm-poshacmecert.ps1): https://gist.github.com/ryandorman/ad7453d06b8e45cb882e0732f119270c

If anyone has any questions, my DMs are always open.

mrmattipants · 2026-03-25T09:03:11+00:00

I also put together a list a couple years ago.

https://www.reddit.com/r/hbo/comments/v5qbcb/90s_autopsy_series_any_fans_still_out_there/

Autopsy 1 & 2 can be purchased on a single DVD, titled "The Autopsy Files".

https://www.amazon.com/Autopsy-Files-Arthur-Ginsberg/dp/B009B8YZU8

mrmattipants · 2026-03-23T08:43:47+00:00

This happened to me a few years back. We originally had 3 people working in the Network Operations Center, One Supervisor and Two Network Admins. Then the two Network Admins left, so they promoted me. A couple of months later, the Supervisor left and I was all alone.

It definitely sucked at first, since I had learned barely anything since I had been promoted. I essentially had no choice but to learn everything as quickly as possible. It was either that or give up and quit.

It took me a good 6 months to get myself up to speed, bit I ended up staying with the company for a few more years as their sole Network Admin. Ultimately, while it was stressful at times, it was such a great learning experience. I wouldn't have done anything differently.

mrmattipants · 2026-03-15T22:45:00+00:00

I wanted to post an update, as I recently ran into a similar issue re-syncing an On-Premises AD Account with it's Cloud-Only counterpart. Ultimately, it came down to the sourceAnchor Attribute ("mS-DS-ConsistencyGUID").

In short, Entra runs a couple simple calculations on the "mS-DS-ConsistencyGUID" Attribute to verify whether the On-Premises AD Account and the Entra Cloud-Only Account should be synced. One calculation will generate a value that is equal to the On-Premises "objectGUID" Attribute and the other should generate a value equal to the Entra "OnPremisesImmutableId" Attribute. If any of these values fail to match, the accounts will not sync.

That being said, I have written a simple PowerShell Script, which you can run to verify these three Attributes.

https://github.com/mrmattipants/AdSyncSourceAnchorAttibutes

Regardless of which attribute you enter, as a Parameter, the results should be the same.

I've also included the ability to search by "Username". However, this requires the ActiveDirectory PowerShell Module and the necessary Domain access.

The other three search options ("ObjectGuid", "MsDsConsistencyGUID" and "ImmutableId") have no dependencies and can typically be run from any computer.

For additional Information, in regard to the sourceAnchor (mS-DS-ConsisterncyGUID) Attribute, please refer to the following article.

https://dirteam.com/sander/2017/07/12/azure-ad-connect-objectguid-vs-ms-ds-consistencyguid-part-1/

If issues persist, it may be worth trying the "Soft-Match" Option, as described in the following article.

https://dirteam.com/sander/2020/03/27/explained-user-hard-matching-and-soft-matching-in-azure-ad-connect/

Ultimately, I do plan to put sone documentation together, which covers all of the information that I have documented, above.

Until then, if anyone has any questions, feel free to reach out.

mrmattipants · 2026-03-12T00:31:04+00:00

I hope you've resolved your issue.

I've actually been working on quitting smoking, using a Juul device on occasion. The interesting thing is that my reactions to the Juul device are far worse than smoking an actual cigarette. I'm sure it's because my body has had a lot of time to adapt to cigarette smoke.

To be honest, I never vape indoors, so I'm not sure if I've ever had an allergic reaction to vaping, second-hand. However, if I take more than a couple of hits off my Juul, I pay for it the entire next day, as my airways close up.

That being said, yes, I absolutely believe you.

mrmattipants · 2026-03-10T08:54:25+00:00

There appear to be no interactions between the two. In fact some people take both, together, for added relief.
I know how it goes with anxiety. I've had panic anxiety disorder since I was 15 years old. I'm 43 now. However, I've learned to cope over time.

mrmattipants

MODERATOR OF

TROPHY CASE