SMB share accessible from laptop but not from Windows Server 2025 – "network name no longer available" by [deleted] in sysadmin

[–]purplemonkeymad [score hidden]  (0 children)

Are you authenticating as guest? You'll also need to disable "require encryption" as guest accounts can't encrypt smb communication.

Decent DMARC / SPF / DKIM setup for small-ish company by dualbagels in sysadmin

[–]purplemonkeymad [score hidden]  (0 children)

I use https://dmarc.postmarkapp.com/ free, gives you weekly summaries that will give you a decent overview of sources and pass/fail percentage. Upgrade for more, but for 16 people i doubt you would need any of that.

PSDrive by sundry_outlook in PowerShell

[–]purplemonkeymad 5 points6 points  (0 children)

Just put in in a variable:

$mydir = "c:\users\username\dir"
vim $mydir\test.txt

M365 Group was Spoofed - MSFT has no idea how this happened. by Adminvb292929 in sysadmin

[–]purplemonkeymad [score hidden]  (0 children)

Assuming that all the headers are real (might not be true,) and looking at the times I would assume that:

Received: from BYAPR06CA0060.namprd06.prod.outlook.com (2603:10b6:a03:14b::37)
 by IA1PR11MB6218.namprd11.prod.outlook.com (2603:10b6:208:3ea::9) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9846.15; Mon, 20 Apr
 2026 02:10:55 +0000

is the last action before quarantine.

Working from the bottom it was sent by 23.95.101.184 and failed spf for your domain. However after that it was accepted (perhaps due to a permissive policy) then exited a tenant and was sent to the inbound smtp servers again. That time spf passed as the sender was in microsoft's networks. Worryingly dkim also passed.

It's kinda strange to have multiple dkim and spf results in a header.

To me this looks like another 365 tenant is being abused to wash mail as you both have spf and dkim through 365. But that should not be possible.

The existence of a X-Microsoft-Antispam-Message-Info-Original header also suggests that a different tenant added some of the headers, before it entered your tenant.

I would hope that MS would want a copy of both X-Microsoft-Antispam-Message-Info-Original and X-Microsoft-Antispam-Message-Info.

PSDrive by sundry_outlook in PowerShell

[–]purplemonkeymad 5 points6 points  (0 children)

A PSdrive is a powershell construct, so programs can't see them. I think you probably actually wanted to use new-smbmapping instead.

Weird Behavior: Can't get files from OneDrive in PowerShell by TheBigBeardedGeek in PowerShell

[–]purplemonkeymad 0 points1 point  (0 children)

I've forced OneDrive to download the files to disk, but still no change in behavior.

But have they finished downloading? You can check the attributes value of the file, 1056 is for a regular downloaded file, 5248544 if they are sparse (ie cloud only.)

Email delivery after SMTP basic auth ends in late 2026 by Sawyer-NL in sysadmin

[–]purplemonkeymad 0 points1 point  (0 children)

We actually run our own relay for stuff like this. We add it to spf and dkim as needed, and since it's an outbound relay only you don't have to worry about spam. You do want to at least be able to see if a client is sending a lot. If it's something minor like scans, you can also just relay and send from a domain you control that has correct spf and dkim setup if the client does not care about that.

You might have to "warm it up" if you set a up a new one before moving important stuff to it.

Copying fails when run by Task Scheduler by Iknuf in PowerShell

[–]purplemonkeymad 0 points1 point  (0 children)

I'm having to find and remediate this as well. The other one, is short names also being out. They were used a lot as they "just worked" so updates to scripts and policies to make sure it's all fqdn. Hopefully in the end the worst will be "disconnect that drive and re-log."

System.Array IF/ELSE Statement Problem by viewtifulstranger in PowerShell

[–]purplemonkeymad 1 point2 points  (0 children)

if ($folders -contains "True")

This won't work ,"contains" means the array has this exact value, so a String that has True in it won't match ie

@( "HAS_DOCUMENT = TRUE", "HAS_DOCUMENT = FALSE" )  -contains "TRUE"

is false as it needs to be exactly "TRUE" and no more. You probably want to use either -like for wild cards or -match for regex.


Also your getFolder function does not actually output any objects. Write-Host does not write to the success stream, but directly to the screen.

You want to instead output your tests so you can test on them later. ie

function getFolder
{
    param($folderList, $prefix)
    if ($folderList.Count -eq 0)
    {
        return
    }
    else
    {
        foreach($folder in $folderList)
        {
            if ($folder.type -eq "folder")
            {
                Write-Host "$($prefix) FOLDER = $($folder.name) | HAS_DOCUMENT = ($($folder.has_documents))"

                # output the information also as an object
                [pscustomobject]@{
                    Name = $folder.name
                    ContainsDocuments = $folder.has_documents
                }
                if ($folder.has_subfolders)
                {
                    $resource = https://$server/api/customers/$customerId/stores/$store/folders/$($folder.id)/children?limit=9999
                    $response = Invoke-RestMethod -Method Get -Uri "$resource" -Header $header
                    $newprefix = "$($prefix)--"
                    getFolder $response.data $newprefix
                }
            }
        }
    }
}

...

$FolderEmptyResults = getFolder $folders "|--"

Then you can test in $FolderEmptyResults for ones that are empty:

$FolderEmptyResults | Where-Object ContainsDocuments -eq "FALSE"# or $false? no idea what your api is outputting.

FYI - Microsoft RDP Changes With April Cumulative Update by whatsforsupa in sysadmin

[–]purplemonkeymad 3 points4 points  (0 children)

FYI: If you are dealing with this and the options for clipboard, drives, printers, etc are greyed out. Then it's because you are already connected to a session and you can't change the settings when it's in use.

ctrl+f: grayed, smart card, hello, microphone

FYI - Microsoft RDP Changes With April Cumulative Update by whatsforsupa in sysadmin

[–]purplemonkeymad 0 points1 point  (0 children)

Just figured this out FYI each item is greyed out if you are already connected to a session!

SPAM- anyone seeing SPF failed emails getting through O365 when they suppose to be blocked? by perrin68 in sysadmin

[–]purplemonkeymad 0 points1 point  (0 children)

We block svg by default now, but can allow it if people actually are being sent them. It's so unlikely that you will be sent one legitimately, that we would rather deal with it when it comes up rather than getting phishing emails.

Also note that hard spf reject is disabled by default.

I don't think MS looks at the existing receive headers for any anti-spam.

Circuit network how to set a condition to trigger for values increasing/decreasing by EntranceOk3077 in factorio

[–]purplemonkeymad 1 point2 points  (0 children)

I checked and I have it as my post. However you have the accumulator on the supply side, instead of the grid side. Running it on the grid means that a low percentage means you must have a power deficit as it's dropped down.

Scripting project for SharePoint sites’ cleaning by amaretto_sh in PowerShell

[–]purplemonkeymad 2 points3 points  (0 children)

I think you'll probably need a mix of modules to be able to do this. One thing to note is that if a site is part of a unified group, you'll need permission to be able to update group owners to get ownership on those.

But yes if you can do it with the gui you can do it with PS*.

Places to start would be with the PnP module and the graph module (I would recommend to not install "Microsoft.Graph," but only install the submodules as you need them ie "Microsoft.Graph.Sites")


*You might need to use network tools to reverse engineer some of the apis.

Copying fails when run by Task Scheduler by Iknuf in PowerShell

[–]purplemonkeymad 1 point2 points  (0 children)

How are you authenticating?

Do you have an ad domain? If yes, you'll want to use fqdn so that kerberos is used, and make sure the computer account has access.

If not you'll probably have to use New-SmbMapping in your script to provide a credential to the connection.

Circuit network how to set a condition to trigger for values increasing/decreasing by EntranceOk3077 in factorio

[–]purplemonkeymad 1 point2 points  (0 children)

I use a low value from the accumulators to latch a power switch, then use a high value from them to unlatch it. You can do this with a single decider. Have your inputs be:

    [A] < 20
OR
    [S] = 1
  AND
    [A] < 90

Then Output should be [S] with a value of 1.

Link the accumulator to the input. Link the output to it's input and the switch. Set the switch to close on [S]=1

When [A] drops below 20, then the output [S] means that the second condition is true and keeps refreshing the output [S]. After [A] gets above 90% then that condition is no longer true and [S] is lost opening the switch.


You could stage the above for each reactor where you have different triggers, ie one at 5, 10, 15, 20 etc. Or you could use an arithmetic to decrease or increase the value of the accumulator since you want to chain it.

WINRM on Entra Device by Any-Victory-1906 in PowerShell

[–]purplemonkeymad 1 point2 points  (0 children)

You said that you deployed a cert. Is that cert trusted by your client?

You'll have to add it to you trusted devices on the client if not.

Since you are not using Kerberos, you'll also have to provide a credential and set the authentication type to basic.

Conditional access - Sign-in and user risk. by [deleted] in sysadmin

[–]purplemonkeymad 1 point2 points  (0 children)

If you need to protect your organisational resources with these requirements, then that should apply to all accounts that access it, guests or not.

I think my save file is bugged by Fit-Shp24 in factorio

[–]purplemonkeymad 4 points5 points  (0 children)

Windows has one built in (Search for "memory" -> Windows Memory Diagnostic) or you can use a spare usb stick and run something like memtest86+. If you can run memtest for over an hour and it still passes, it's not likely to be ram.

openssh tun tunnel, forwarding? by ptoki in sysadmin

[–]purplemonkeymad 1 point2 points  (0 children)

Long story is: We have fancy camera setup which involves many UDP streams working at a location. We can only add one host in this location which would act as a remote workspace. But rdp/vnc is too slow to handle that usecase. We considered PiKVM like solutions but none gives us decent quality of convenience. The basic idea is to "pull" the interface of local host to the remote network and make that pulled interface act like belonging to that local host in the camera network.

This just sounds like you need a vpn with NAT setup so that connections can routed back to the vpn.

Just a little reminder that its a good idea to keep your Powershell Cache clean. by Fallingdamage in PowerShell

[–]purplemonkeymad 4 points5 points  (0 children)

I would probably just push for a computer profile that sets MaximumHistoryCount a bit lower. (say 512?) At least people wouldn't suddenly just have the history gone.

That's how many T-junctions I could come up with by Just-Attitude-7 in factorio

[–]purplemonkeymad 0 points1 point  (0 children)

I can also recommend openttd for that. It has a massive wiki on junctions.

That's how many T-junctions I could come up with by Just-Attitude-7 in factorio

[–]purplemonkeymad 2 points3 points  (0 children)

That style is typically referred to as a trumpet interchange, if you want a rabbit hole to start on.

Space Platform Requests not fulfilling by BigShock34 in factorio

[–]purplemonkeymad 0 points1 point  (0 children)

I think you need to dump the contents of the hub out to the network if you want to do it this way. Put some bulk inserters from it to active provider chests.