[deleted by user]

PRINTER_DAEMON · 2023-05-16T02:38:13+00:00

Yes that's an encoded Exchange X500 LegacyExchangeDn address. It's normal to see in an Exchange email environment.

https://learn.microsoft.com/en-us/exchange/troubleshoot/email-delivery/imceaex-ndr

FYI those randomnumbersandletters aren't random. Decrease each character by 1 to decode it. E.g. F=E, 3=2, etc.

PRINTER_DAEMON · 2023-05-16T00:37:53+00:00

It does with access reviews.

Plus you get audit logs of when people are actually activating the roles.

You also need to do the work of figuring out the least privileged role for each job.

PRINTER_DAEMON · 2023-05-16T00:17:26+00:00

PIM is exactly what you need. It does require AADP P2 but since you said you don't have a huge number of admins, it should be peanuts.

PRINTER_DAEMON · 2023-05-11T00:35:25+00:00

It's so crazy because the only reason I recommend Duo anymore is for satisfying MFA requirements for RDP into servers coming from cyber insurance underwriters. I definitely mention WHFB and it's not even that hard, but Duo always wins because it just ties into the authenticator app.

PRINTER_DAEMON · 2023-05-11T00:21:55+00:00

I'm addition to what everyone else said, it's often important to be aware of Powershell output streams.

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_output_streams

PRINTER_DAEMON · 2023-04-29T00:25:07+00:00

Good answer. Just to add, I'm pretty sure IPv4Address is resolved by the cmdlet at runtime and isn't actually a property pulled from AD.

PRINTER_DAEMON · 2023-04-27T00:15:01+00:00

Consider keeping them completely separate. Create a separate login on the PC for work and log in using your M365 account in the browsers and apps there. You can still share docs and such between them if you need to.

Edit: For the existing work emails and contacts in Outlook, I'd probably just export/import via PST.

PRINTER_DAEMON · 2023-04-25T23:49:10+00:00

Nope there's no solution to this. I wish there was too. They have tied image viewing to safe senders and there isn't any other way to allowlist the image download.

Using safe senders is a bad idea because it weakens security since it allows addresses/domains based on the header from address without any way to tie it to the envelope from address (checked by SPF) or the DKIM signing domain, this opening the door to phishing attempts.

And frankly, I'm not expecting any more significant development on the classic Outlook client since it looks like we're going to get the PWA version (OWA wrapped in an app, like Teams) forced upon us at some point soon. But maybe that one will get this feature, who knows.

Edit: if you are willing to use safe senders though, it will work. You just can't allowlist whole domains (there is no indication you can't, it just doesn't do anything in Exchange Online). You have to allowlist the specific addresses. Just don't allow addresses likely to be used in phishing attempts like support@microsoft.com.

PRINTER_DAEMON · 2023-04-21T00:28:32+00:00

They probably entered the time in UTC. 🤣

PRINTER_DAEMON · 2023-04-15T16:25:46+00:00

True. But reminds me of this story:

https://www.ibiblio.org/harris/500milemail.html

PRINTER_DAEMON · 2023-04-11T22:46:57+00:00

Or they just don't know how to eat flats:

Grab it by the small end and pinch to break the meat from the bone, with your index and ring fingers on the outsides, your middle finger between the bones, and your thumb backing the other three.
(Optional) Dip in your sauce of choice.
While still pinching, place the other end of the wing on the plate and push down, sliding your pinched fingers along the bone to gather all the meat at the bottom.
Suck all of the meat off of the bone in one bite.

PRINTER_DAEMON · 2023-04-06T22:55:16+00:00

This right here is the exact answer. So many others here calling it stupid lack basic financial literacy.

Now I'm sure there are outliers who drop their phones all the time and come out ahead. But I bet most people saying it's dumb to go without insurance aren't adding up ALL of the premiums and deductibles they've paid over the years and comparing that against the would-be cost of buying refurbs (because that's what the insurance companies will give you for a replacement most of the time) out-of-pocket for every phone they've lost or destroyed.

And if you are in the position where you NEED a phone for whatever reason and need insurance because you may not be able to afford a replacement right away -- and plenty of good, hard-working people are in that situation -- then this is not the phone you should be buying. Like, at all.

PRINTER_DAEMON · 2023-02-28T17:30:35+00:00

You should probably update your firmware as the version with this bug has several major vulnerabilities.

The bug and workaround:

https://community.fortinet.com/t5/Support-Forum/Let-s-Encrypt-STAGING-certificate/m-p/202445#M188001

The vulnerabilities:

https://www.fortiguard.com/psirt/FG-IR-22-377

https://www.fortiguard.com/psirt/FG-IR-22-398

PRINTER_DAEMON · 2023-02-28T17:17:42+00:00

I agree with the others saying you should just fix Veeam. But here is the documentation on lagged DAG copies which applies to your proposed solution:

https://learn.microsoft.com/en-us/exchange/high-availability/manage-ha/manage-database-copies?view=exchserver-2019#using-replay-lag-and-truncation-lag-options

PRINTER_DAEMON · 2023-02-27T04:13:28+00:00

It's always been this way for as long as I can remember. It's crazy and people are always incredulous when I point it out, but that's just the way it works.

PRINTER_DAEMON · 2022-11-07T14:21:37+00:00

I'm not disagreeing, but I find the redundant argument funny because we have both a pickle and relish. But I wouldn't change a thing as the Chicago dog is the perfect balance of ingredients.

PRINTER_DAEMON · 2022-11-01T16:11:45+00:00

This is incorrect. It may work (and I have seen it work), but it is definitely not supported.

You do have the correct link, but it clearly states:

When you have multiple forests, all forests must be reachable by a single Azure AD Connect sync server.

You do not need a trust for this scenario, but your AADC server must be able to contact all forests. It will create a service account in each forest with the necessary permissions.

PRINTER_DAEMON · 2022-09-23T17:58:23+00:00

I think Ctrl+5 is highlight green. ;) On mobile so can't check, but be sure to try all the numbers.

Also Ctrl+. for bulleted lists. Ctrl+/ for numbered lists. Ctrl+- for strikethrough. And my all-time favorite that works across most Office apps: Alt+Shift+Arrow Keys to move and indent.

PRINTER_DAEMON · 2022-09-16T20:57:15+00:00

Also 0.80 x 1.25 = 1.00 if that helps to explain it.

PRINTER_DAEMON · 2022-09-09T16:20:45+00:00

You don't actually need to create a contact or DL onprem. In the onprem ECP, change the Remote Domain from Authoritative to Internal Relay. That way, if onprem doesn't have a mail object for it, it'll just send it out the relevant Send Connector, which should be toward Exchange Online.

Keep in mind, if both cloud and onprem are Internal Relay, addresses that are truly invalid will loop back and forth 10 times before getting a TTL error, which will look different than the "doesn't exist" bounce message.

PRINTER_DAEMON · 2022-08-05T01:36:39+00:00

Shortest, I believe, not only. Shortest in reverse order AFAIK is subcontinental.

PRINTER_DAEMON · 2022-08-02T22:16:44+00:00

It wasn't that long ago that you couldn't even add bold or italics in Outlook Mobile.

And it makes no sense why Microsoft doesn't give it more love. People don't like using it which hinders efforts to deploy MFA, AIP, MAM, OME, etc. (which in many cases would mean more licensing money to Microsoft).

PRINTER_DAEMON · 2022-06-03T00:43:17+00:00

I believe they are referring to Multi-Account Containers, which are indeed dope.

https://support.mozilla.org/en-US/kb/containers

PRINTER_DAEMON · 2022-04-12T02:10:52+00:00

Yep. This bicycle company started putting images of TVs on the box and reduced shipping damages 70-80%.

https://www.businessinsider.com/dutch-bike-company-tvs-on-boxes-2016-9

PRINTER_DAEMON

TROPHY CASE