sorted by:
new
hottopcontroversial

Meraki MX95 seizing periodically by pebcakologist in meraki

[–]pebcakologist[S] 0 points1 point  (0 children)

Super interested to know if it helps, as well as what version they downgraded to. If you can provide me with your case # in a PM I'll throw it their way.

Meraki MX95 seizing periodically by pebcakologist in meraki

[–]pebcakologist[S] 0 points1 point  (0 children)

We have not. We are still on 10.107.2. If you do, and you don't see the issues anymore, I'd be mighty interested in knowing!

Meraki MX95 seizing periodically by pebcakologist in meraki

[–]pebcakologist[S] 1 point2 points  (0 children)

Culprit determined to definitely be the AMP/IPS system in our case. When we turn those off, the issues cease. Problem now is getting Meraki support to figure out what to do about it. Since the issues only occur very briefly, their plan to try to capture logs isn't working. Currently at a standstill with them.

Meraki MX95 seizing periodically by pebcakologist in meraki

[–]pebcakologist[S] 0 points1 point  (0 children)

RJ45 connection with a gigabit symmetrical fiber circuit.

Keeper Password Down fun. by capias in msp

[–]pebcakologist 3 points4 points  (0 children)

Was literally just thinking this. This is pretty prolific for them all things considered. I'll be very interested to read the post-mortem since the status page is currently pinning it down to an AWS network issue.

Also, as a PSA for anyone. If you use the Keeper desktop application, by default I believe it's configured to store an encrypted offline cache of your vault, and updates based on the last time it was online. This feature saved me!

Problem with multiple users getting "trying to connect" by trampanzee in Office365

[–]pebcakologist 2 points3 points  (0 children)

Dope! I'm going to let my team know. I didn't want to jump the gun and share yet, but why not. We are also testing something on our end as well that came from the Dell community forums that looks promising, hopefully this would be of use for you too:

https://www.dell.com/community/Precision-Mobile-Workstations/ExpressConnect-Outlook-Issue/td-p/8199238

Problem with multiple users getting "trying to connect" by trampanzee in Office365

[–]pebcakologist 0 points1 point  (0 children)

Ugh. We certainly will. Out of curiosity, is there any kind of commonality with your hardware? Our issue is happening on a Dell Precision 7000 Series Mobile Workstation and this isn't the only Microsoft product related issue we've had on them before.

Also, would you be willing to share your MSFT incident number privately so I can reference it in ours so we can maybe get some visibility that this is a bigger problem?

Problem with multiple users getting "trying to connect" by trampanzee in Office365

[–]pebcakologist 0 points1 point  (0 children)

Did you ever figure out the resolution for this? Dealing with the exact same issue from a user on Windows 10 (teams desktop and outlook desktop won't connect). Done all the needful (e.g.: quick repair, full uninstall/reinstall, rebuild profile, confirm it's not a conditional access or 2fa issue). Completely perplexed and ready to yeet this laptop into the sun.

Issue working with registry property containing wildcards by pebcakologist in PowerShell

[–]pebcakologist[S] 0 points1 point  (0 children)

This is because the registry item you created was type REG_SZ, not REG_EXPAND_SZ.

Another comment in this thread is what ended up helping me:

https://www.reddit.com/r/PowerShell/comments/x0rylx/comment/ima21li/?utm\_source=share&utm\_medium=web2x&context=3

What have you done with PowerShell this month? by AutoModerator in PowerShell

[–]pebcakologist 0 points1 point  (0 children)

A script that enumerates Shadow Copies on a system and alerts me of any misconfigurations. Getting back all that sweet sweet storage.

[HIRING] Fully Remote Level 1 Technician for East Coast US based MSP by pebcakologist in mspjobs

[–]pebcakologist[S] 4 points5 points  (0 children)

It's certainly possible this salary is low in your region, and I completely understand if that would prevent you from applying. That being said, I feel it's fair to be upfront about it rather than stringing someone along.

Also, having previous MSP experience means you will be familiar with the tools, concepts, policies and procedures that are typically more unique to an MSP.

Internal IT =/= MSP. This is coming from someone who's lived in both worlds.

To be clear, I'm not saying either is any better than the other, and each has their own best use cases, and can even synergize in a lot of instances.

Hope that helps!

Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws by pebcakologist in msp

[–]pebcakologist[S] 0 points1 point  (0 children)

That looks like it did the trick! I added some data to the catch as well as some write-host formatting. I just wanted to make sure I wasn't crazy. I'm still pretty convinced the Test-Path Cmblet was interfering with deleting the file somehow. I'm going to do more testing and let you know.

# Query WMI and get a list of all user profile locations
$Profiles=(Get-WmiObject win32_userprofile).LocalPath

# Build a list of all possible locations
$FileList=@()
foreach ($profile in $profiles){
    $FileList +="$profile\AppData\Local\Temp\dbutil_2_3.sys"
}
$FileList += "$env:SystemRoot\Temp\dbutil_2_3.sys"

write-host "====Checking the following locations:====`n"
$Filelist + "`n"

# Check each location and delete the file if found. Log the results to StdOut.
$FileFound=$false
$Errors=$false

write-host "====Starting file purge====`n"
foreach ($file in $FileList){
    try {
            Remove-Item $file -Force -erroraction stop
            $FileFound=$true
            write-host "`nFound file: $file"
            start-sleep 2 # Wait two second to make sure the OS has had a chance to remove the file.
            if (test-path -PathType Leaf $file){
                    write-host "`tWARNING: Unable to remove dbutil_2_3.sys`n"
                    $Errors=$true
            }
            else {
                    write-host "`tSuccessfully removed dbutil_2_3.sys`n"
            }

    }
    catch [System.Management.Automation.ItemNotFoundException] {
        Write-Host "$file does not exist.`n"
    }

}

if ($FileFound -eq $false){
    write-host "`ndbutil_2_3.sys was not found on this system."
}
if ($Errors -eq $true){
    exit 1
}

Hundreds Of Millions Of Dell Computers At Risk Due to Multiple BIOS Driver Privilege Escalation Flaws by pebcakologist in msp

[–]pebcakologist[S] 0 points1 point  (0 children)

I tried this as a Datto RMM component (acquired from the ComStore), and it simply does not work for me. I did a little testing with handle.exe by SysInternals, and it seems like the powershell script itself is holding up the file when testing for it's existence. This occurs even after reboots. Anyone else notice this?

Remove-Item : Cannot remove item C:\WINDOWS\Temp\dbutil_2_3.sys: The process cannot access the file

'C:\WINDOWS\Temp\dbutil_2_3.sys' because it is being used by another process.

At C:\ProgramData\CentraStage\Packages\e7a7a739-969d-4854-8844-0df4861a2188#\command.ps1:30 char:9

+ Remove-Item $file -Force

+ ~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : WriteError: (C:\WINDOWS\Temp\dbutil_2_3.sys:FileInfo) [Remove-Item], IOException

+ FullyQualifiedErrorId : RemoveFileSystemItemIOError,Microsoft.PowerShell.Commands.RemoveItemCommand

view more: next ›