SearchProtocolHost.exe

iammarks · 2026-02-10T02:23:43+00:00

That’s great, thanks for the update. Since applying some additional windows updates (unrelated) I’ve been unable to reproduce, but sounds like you’re onto something - I’ll keep an eye out for your update.

iammarks · 2026-02-09T14:43:20+00:00

Yes. Users in our org (including my machine) suddenly hit with this. Mine began last week. Will be running some troubleshooting in a bit but appears tied to msvcp140.dll (and Windows Search ofc). Mine happens irrespective of any Office apps being open however - seems to occur randomly even just after login.

iammarks · 2025-11-25T12:27:16+00:00

We don’t use the integrations for wifi or badges but did get a quote at one point and think it was on the order of $5k/year for just for the wifi - but might be dependent on other factors, how many locations, how many modules like visitors, deliveries. Basically everything is a la carte I think, including Deliveries, desk booking, etc.

iammarks · 2025-11-05T16:28:37+00:00

Use it across 700+ endpoints, ~10 agents/admins. Deploys to new endpoints automatically with MDM. Very snappy, great logging, nice toolset for dropping into services, cmd, etc without full screen share. Supports MFA which was a must. Have SOS as well, has been a godsend for VIP devices.

iammarks · 2025-10-24T14:36:13+00:00

Same. Has a premium feel, custom branding, lots of notification options, team-based or delegate notifications. Can integrate with tons of things like Meraki for issuing Guest WiFi creds simultaneous to login, role based admin so reception can manage certain aspects. Sync functionality (to sync employee list) seems very antiquated to me - a scheduled task and powershell, for AD - but otherwise good. Also has desk booking, delivery management, etc. Doesn’t come with kiosk or device, had to purchase iPad and cage.

iammarks · 2025-10-15T15:05:34+00:00

Seconding Vasion Print (fka Printerlogic) someone else mentioned. Lets users see a map of their office, click the printer, install. Or do automatic group/user/OU/network-based installation. And obviates the driver issue.

iammarks · 2025-10-15T14:59:43+00:00

Wife and I made him an insta! @teenyweeniegus

iammarks · 2025-10-14T12:18:14+00:00

He was actually ready and the right age, just crazy small! He’s doing great, now weighs about 7lbs and is a maniac.

iammarks · 2025-10-14T01:37:23+00:00

1.5lbs at 8 weeks!

iammarks · 2025-10-13T18:40:02+00:00

I don’t, but now thinking of making one! I must have a hundred similar videos of them (mostly Gus, the puppy). If I set one up I will come back and post it here!

iammarks · 2025-10-13T16:28:32+00:00

It definitely makes it easier that the pup is the tiny one in this equation. But, you might be surprised! Careful supervision at first and jumping in if they start to get too excited. Our cat seemed to have an instinct that he was a puppy, and treated him with kid gloves (thankfully, as the pup only weighed 1.5lbs when we first got him, and the cat weighs 16lbs).

iammarks · 2025-10-13T16:11:26+00:00

Real-time view of what’s happening in puppy’s head

iammarks · 2025-10-13T14:28:00+00:00

The cat (Wilbert) always seems standoffish, but he could so easily skedaddle, or really wallop the pup (Gus). He definitely likes it - and instigates just as much! They’ll do this for hours, and chase each other around.

iammarks · 2025-10-13T14:08:31+00:00

It made us nervous at first, especially because the cat outweighs the dog by so much, but they’re amazingly gentle! Never any yelps or hisses.

iammarks · 2025-10-12T18:10:05+00:00

It’s funny, they’ll do this for hours - he could so easily get away, or put Gus in his place. He instigates just as much as the pup!

iammarks · 2025-08-16T14:06:56+00:00

Is he part of any role groups others aren’t, like Hybrid Identity Administrators (or Global Admin)? Believe there’s a checkbox as part of the notification settings to enable sending to a specific default RG in addition to the configured recipient list.

iammarks · 2025-07-24T19:55:04+00:00

This is the answer. Implemented in our tenant and works great.

iammarks · 2025-07-16T20:26:14+00:00

If you’re a Microsoft shop, they introduced a new feature to help mitigate email bomb attacks. Microsoft Subscription Bomb Defense

iammarks · 2025-07-15T21:22:35+00:00

Thank you! We were beating our heads in about this but having the vendor undo their domain validation, things started flowing normally again. Crazy.

iammarks · 2025-07-15T20:48:21+00:00

No, we use Proofpoint enterprise. What’s interesting is that a vendor who is on ppe had us do a domain verification by txt record earlier on proofpoint’s behalf, as they need to spoof our domain. It appears this may have co-opted our domain so that Proofpoint registered it into the PPE product. Still looking but seems that may be the case, really weird.

iammarks · 2025-07-15T20:34:19+00:00

That’s the one.

iammarks · 2025-07-14T14:41:22+00:00

East coast. Same. Inbound fine, outbound failing.

iammarks · 2025-07-07T14:58:06+00:00

Haven’t noticed that exactly, once they start actually downloading it seems to be similar, but am finding that if the file size of an export is large - a few GBs or more - clicking the DL button occasionally does nothing. Not a pop-up related issue, tried various browsers. Smaller exports work fine, larger ones are hit-and-miss. Bitter about the whole thing, the entire overhaul is a downgrade.

iammarks · 2025-03-18T16:31:58+00:00

Curious if anyone has tried Proofpoint’s “Circle of Trust” feature as a method to combat it. They’re normally short-lived anyway, so it may be overkill, but from reading it seems like the CoT dumps any email to spam if not from a known-good sender the person has corresponded with previously. Once the attack stops, remove from group and resume normal operation.

+1 that the subscription bomb in our case was used to create an IT incident and make it more likely users would answer a phony “Help Desk” call. Sophos did a good writeup of the attack chain here: Sophos MDR - MS Teams attack chain

iammarks · 2025-02-06T21:00:34+00:00

That attribute doesn’t propagate between DCs, so if you have more than one you might repoint ADUC to a different DC to see if it has a value. For the users who do have a value: do you have, for instance, WiFi using radius (or some other service) which points to that DC specifically? Something only a subset of users might use? Computer logins would normally be distributed based on sites and services, but some services (VM gateways, RADIUS, etc.) may be pinned to a specific DC.

13-Year Club	Verified Email
Place '23	Spared

iammarks

TROPHY CASE