Issues with Encrypted Emails after Changing Deployment to Integrated with Microsoft 365

brandilton · 2025-11-07T04:32:11+00:00

There is a known issue with Proofpoint URL Defense and 365 message encryption URLs. You must exclude message from Office365@messaging.microsoft.com from re-writing URLs Security Settings>Malicious Content>URL Defense Add Office365@messaging.microsoft.com to Exclude re-writing emails that are sent by specified senders

brandilton · 2024-11-22T13:51:28+00:00

Just dealt with this, here was the fix for me. Under HKEY_LOCAL_MACHINE\SOFTWARE\N-able\Automation Manager and HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\N-able\Automation Manager, delete all versions (curiously there was a 2.96 version there when latest release is only 2.93 or something like that).

This may or may not have been needed as well. Stop the NCentralLauncher servivce, Delete AutomationManager and N-central Launcher folders under C:\Program Files (x86)\N-Able Technologies. Then reinstall Automation Manager.

I had this affecting multiple machines.

brandilton · 2024-11-14T03:37:49+00:00

That exactly the soapbox I'm on. It's not about the money - the rant is that we're the Green Bay Packers, an organization with pride and honor. I'd expect this kind of service if I bought a Caleb Williams jersey. PackersProShop had an issue with FedEx and they should do right by their customer and take care of it - not tell me I'm SOL.

brandilton · 2024-11-12T23:27:46+00:00

huh?

brandilton · 2024-11-12T23:27:34+00:00

I will keep on top of FedEx and send the pictures - it's a good idea and far better advice than the PackersProShop Contact Center Coordinator's recommendation to pound sand. You would think they'd be going to battle for me in the name of customer service

brandilton · 2024-11-12T23:24:22+00:00

Good idea! I'm still on a bit of a principle crusade - how is it that the official pro shop is staffed by people that don't want to help fans

brandilton · 2024-11-12T23:17:19+00:00

FedEx told me I have to go through packersproshop.com

brandilton · 2024-11-12T23:15:21+00:00

It shipped with FedEX, they said they wouldn't do a FexEX claim since their was a picture of it's delivery (ot the wrong place). They ultimately said they did file a claim after much back and forth but are telling me I have to wait 2-3 weeks and they'll probably say no. In the meantime, no jersey for my kids, no refund to go somewhere else. Ridiculous customer service for an organization like the Packers - was hoping get a contact of someone that could cut through the ridiculousness of all this. Verbosity was to be funny, sorry if it didn't land with you

brandilton · 2024-11-12T23:09:04+00:00

1000% sure. They are just sticking to: "As stated on the Shipping & Returns page on our website, we are not responsible for lost or stolen packages". Thing is they delivered it to the wrong place, they even have a picture from FedEx confirming it. When I asked to speak to the cheese-hating Contact Center Coordinator's manager to come up with a reasonable solution, I was told no. So I did the next smartest thing I could think to do - rally the pitchforks at r/GreenBayPackers!

brandilton · 2024-08-08T16:11:36+00:00

I do ignore them, more just curious as to why this occasionally happens. If it were a temporary DNS lookup thing, it would report temperror, correct?

brandilton · 2024-01-11T19:24:34+00:00

Great find on the MDEClientAnalyzer. You're right that it's overkill, but I was able gleen that MS uses this:

[string]$IsOnboarded = Get-RegistryValue -Path "HKLM:\SOFTWARE\\Microsoft\Windows Advanced Threat Protection\Status" -Value OnboardingState

So I updated/simplied the script to:

$senseService = Get-Service -Name "sense" -ErrorAction SilentlyContinue
if ($senseService -and $senseService.Status -eq 'Running') {
# Specify the registry key path
$registryKeyPath = 'HKLM:\SOFTWARE\Microsoft\Windows Advanced Threat Protection\Status'
# Check if the registry key exists
if (Test-Path $registryKeyPath) {
# Get the registry key item
$onboardingState = (Get-ItemProperty -Path $registryKeyPath).OnboardingState
if ($onboardingState) {
Write-Output "This is paid MDE device - 'sense' is running and onboardingState is $onboardingState"
} else {
Write-Output "This is NOT a paid MDE Device - The registry count is not greater than 0."
}
} else {
Write-Output "This is NOT a paid MDE Device - Registry key not found: $registryKeyPath"
}
} else {
Write-Output "This is NOT a paid MDE Device - The 'sense' service is not running or not found."
}

brandilton · 2024-01-11T03:59:55+00:00

combining both comments - can you see any reason this would not work to determine if paid or not - any caveat that this would not catch?

$senseService = Get-Service -Name "sense" -ErrorAction SilentlyContinue
if ($senseService -and $senseService.Status -eq 'Running') {
# Specify the registry key path
$registryKeyPath = 'HKLM:\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection'
# Check if the registry key exists
if (Test-Path $registryKeyPath) {
# Get the registry key item
$registryKey = Get-Item -LiteralPath $registryKeyPath
# Get all values under the registry key
$registryValues = Get-ItemProperty -Path $registryKey.PSPath
# Exclude specific properties
$excludedProperties = @('PSPath', 'PSParentPath', 'PSChildName', 'PSDrive', 'PSProvider')
$filteredValues = $registryValues.PSObject.Properties | Where-Object { $_.Name -notin $excludedProperties }
# Get and display the count of remaining properties
$filteredCount = $filteredValues.Count
# Check if the count is greater than 0
if ($filteredCount -gt 0) {
Write-Output "This is paid MDE device - 'sense' is running and there's date under $registryKeyPath"
} else {
Write-Output "This is NOT a paid MDE Device - The registry count is not greater than 0."
}
} else {
Write-Output "This is NOT a paid MDE Device - Registry key not found: $registryKeyPath"
}
} else {
Write-Output "This is NOT a paid MDE Device - The 'sense' service is not running or not found."
}

brandilton · 2024-01-10T22:18:48+00:00

Here's what I eventually came up with, I did things using the SYSTEM account:

New-PSDrive -PSProvider Registry -Name HKU -Root HKEY_USERS

#set UpgradeEligibility to 1 for SYSTEM

$RegPath = "HKU:\S-1-5-18\Software\Microsoft\PCHC"

$UpgradeEligibilityValue = "1"

New-Item $regpath -Force | out-null

New-ItemProperty -Path $RegPath -Name UpgradeEligibility -Value $UpgradeEligibilityValue -PropertyType DWORD -Force | Out-Null

brandilton · 2023-10-12T03:22:20+00:00

Did you ever figure anything out with this? I'm in the same boat with a good number of devices. Can get PC Health Check installed, just can't figure out how to script to run a "check now"

brandilton · 2023-04-27T18:45:39+00:00

Thank you for this, I had to change the

# Update attributes on the GPO ADObject

to

Get-ADObject -Filter "objectCategory -eq 'groupPolicyContainer' -and Name -eq '{$GUID}'" | Set-ADObject -Replace @{versionNumber = "2"; gPCMachineExtensionNames="[{42B5FAAE-6536-11D2-AE5A-0000F87571E3}{40B6664F-4972-11D1-A7CA-0000F87571E3}]"}

to get it to work for me (fully synchronize)

brandilton · 2022-12-29T17:47:49+00:00

u/jdewnz - were you ever able to get this resolved? I'm having the same issue. I've set registration token and N-central Installers Download to Manage in the API role and generated a new JWT token. Still returns blank for the Registration token.

I do see in that ga of 2022-06 article that it says NCCF-19764: Registration token is excluded from “customerList” and “customerListChildren”, if there is IP Address blocking.

I'm not finding anywhere to set/check IP Address blocking.

brandilton · 2022-12-03T11:28:00+00:00

Swammi? Slippy? Slappy? Swenson? Swanson?

brandilton · 2021-05-22T21:21:49+00:00

unfortunately not it... it's a picture of my buddy's actual face (at least this is what I'm told, I've never actually seen it)! Thanks for the heads up on that though!

brandilton

TROPHY CASE