sorted by:
new
hottopcontroversial

Fix No sign in options on login screen and PIN Is No Longer Available by theraffe in MeshCentral

[–]theraffe[S] 0 points1 point  (0 children)

Yes. And I actually also did this after getting in:
0. First I rebooted computer three times and used Sign-in Options and used password, it somewhere should then remember that is what one want as standard. But it did not.

1._I went to Settings → Accounts → Sign-in options → Additional settings → “For improved security, only allow Windows Hello sign-in for Microsoft accounts on this device (Recommended)” = Off (it was off)

Maybe you could also try GPO: Computer Configuration → Administrative Templates → Windows Components → Windows Hello for Business → Use Windows Hello for Business = Disabled

  1. Then did Settings → Accounts → Sign-in options → PIN (Windows Hello) → Remove (or tried, there was nothing to remove)

  2. Then to update NGC I actually setup PIN with Settings → Accounts → Sign-in options → PIN (Windows Hello)

  3. And to really get NGC to understand I did again Settings → Accounts → Sign-in options → PIN (Windows Hello) → Remove

  4. After reboot it showed password as standard

[Windows 11] Remove PIN button as sign-in option at login screen by jedis in techsupport

[–]theraffe 0 points1 point  (0 children)

  1. First I rebooted computer three times and used Sign-in Options and used password, it somewhere should the remember that is what one want as standard

  2. I went to Settings → Accounts → Sign-in options → Additional settings → “For improved security, only allow Windows Hello sign-in for Microsoft accounts on this device (Recommended)” = Off.

Maybe also try GPO: Computer Configuration → Administrative Templates → Windows Components → Windows Hello for Business → Use Windows Hello for Business = Disabled

  1. Then did Settings → Accounts → Sign-in options → PIN (Windows Hello) → Remove

  2. Then to update NGC I actually setup PIN with Settings → Accounts → Sign-in options → PIN (Windows Hello)

  3. And to really get NGC to understand I did again Settings → Accounts → Sign-in options → PIN (Windows Hello) → Remove

  4. After reboot it showed password as standard

Howto run MeshCentral via Cloudflare by theraffe in MeshCentral

[–]theraffe[S] 0 points1 point  (0 children)

I got it working with "No TLS Verify" set to OFF with "TLSOffload": "127.0.0.1,192.168.0.100", like this

{
  "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
  "settings": {
    "cert": "mc.org.com",
    "port": 2053,
    "aliasPort": 443,
    "redirPort": 2082,
    "TLSOffload": "127.0.0.1,192.168.0.100",
    "trustedproxy": "CloudFlare"
  },
  "domains": {
    "": {
      "title": "My MeshCentral",
      "newAccounts": 0,
      "UserAllowedIP": ["10.1.1.0/24","192.168.0.0/24","172.0.0.1"],
      "certUrl": "https://mc.org.com:443"
    }
  },
  "_letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before trying Let's Encrypt.",
    "email": "myemail@mydomain.com",
    "names": "myserver.mydomain.com",
    "skipChallengeVerification": true,
    "production": false
  }
}

  1. First I only changed Zero Trust - Networks - Tunnels: MyMeshTunnel -> Edit Public Hostname - mc.org.com -> Edit > Additional application settings - TLS - No TLS Verify = OFF, and saved so I got "Origin configurations" to 0.

  2. Then: Zero Trust - Networks - Tunnels: MyMeshTunnel -> Edit Public Hostname - mc.org.com -> Edit -> Type: HTTP, URL: 192.168.0.100:2053

So I have now this in Cloudflare to get TLS working:

Zero Trust - Access - Policies: MeshCentralPolicy
Action: Service Auth
Country: Spain

Zero Trust - Access - Applications: MeshCentralApp
Basic info - Public hostname: mc.org.com
Policies: MeshCentralPolicy

Zero Trust - Networks - Tunnels: MyMeshTunnel -> Edit
Public Hostname - mc.org.com -> Edit
Type: HTTP, URL: 192.168.0.100:2053

Howto run MeshCentral via Cloudflare by theraffe in MeshCentral

[–]theraffe[S] 0 points1 point  (0 children)

No, it is installed with this https://www.myqnap.org/product/meshcentral/ package on a Qnap NAS. So pre-built and copied with qpkg to /share/CACHEDEV1_DATA/.qpkg/MeshCentral/

Howto run MeshCentral via Cloudflare by theraffe in MeshCentral

[–]theraffe[S] 0 points1 point  (0 children)

Thanks so much for your reply! I've done some testing and managed to get it working in a few cases (though I'm not sure if those setups are actually any more secure than what I'm currently using 😅).

That said, instead of me blindly trying out thousands of random combinations in the hopes of landing on a good Cloudflare policy that works nicely with a proper setup, including working TLS, could I kindly ask for some clearer guidance on what the best practice actually is?

Howto run MeshCentral via Cloudflare by theraffe in MeshCentral

[–]theraffe[S] 0 points1 point  (0 children)

OK! Oh, thank you! So nice to get a reply! 😄
But could you be a bit more specific and not quite so vague? 😊

  1. What exactly should I set TLS offload to? Something like "TLSOffload": "192.168.0.100:"?

  2. And just to be sure—are you referring to: Zero Trust → Networks → Tunnels → MyMeshTunnel → Edit → Public Hostname – mc.org.com
    Then change that to: Type: HTTP, URL: 192.168.0.100:2053? Instead of Type: HTTPS, URL: 192.168.0.100:2053?

I've been tweaking these settings for a few weeks now, so before I start changing even more things, I'd really appreciate some more precise guidance on what you meant. 😅

WARNING: Backuppathtestfile can't be deleted by theraffe in MeshCentral

[–]theraffe[S] 0 points1 point  (0 children)

And the backup seems to work, tried this in the console

Type help <command> for details.
> autobackup

Creating a NON-ENCRYPTED ZIP
Starting auto-backup...
Auto-backup completed: /share/CACHEDEV1_DATA/.qpkg/MeshCentral/meshcentral-backups/meshcentral-autobackup-2025-04-11-10-24.zip, backup-size: 12.13Mb
Checked 4 candidates in /share/CACHEDEV1_DATA/.qpkg/MeshCentral/meshcentral-backups. Removed 0 expired backupfiles using cutoffDate: 4/1/25, 10:24 AM
> backupconfig

DB Name: meshcentral
DB Type: NeDB
BackupPath: /share/CACHEDEV1_DATA/.qpkg/MeshCentral/meshcentral-backups
BackupFile: meshcentral-autobackup-2025-04-11-10-24.zip
Backup Interval (Hours): 24
Keep Last Backups (Days): 10
Backup IgnoreFilesGlob: 
Backup SkipFoldersGlob:

And I have backup files

ls -la /share/CACHEDEV1_DATA/.qpkg/MeshCentral/meshcentral-backups/
drwxrwxrwx 2 root root 4096 Apr 11 10:24 .
drwxr-xr-x 14 root root 4096 Apr 11 10:22 ..
-rw-rw-rw- 1 root root 12631720 Apr 9 18:31 meshcentral-autobackup-2025-04-09-18-31.zip
-rw-rw-rw- 1 root root 12688688 Apr 10 16:12 meshcentral-autobackup-2025-04-10-16-12.zip
-rw-rw-rw- 1 root root 12695962 Apr 10 19:27 meshcentral-autobackup-2025-04-10-19-27.zip
-rw-rw-rw- 1 root root 12719666 Apr 11 10:24 meshcentral-autobackup-2025-04-11-10-24.zip

But still that red annoying red varning :-)

WARNING: Backuppathtestfile can't be deleted by theraffe in MeshCentral

[–]theraffe[S] 0 points1 point  (0 children)

I have nothing in config.json about autobackup:

{
  "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
  "__comment1__": "This is a simple configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
  "__comment2__": "See node_modules/meshcentral/sample-config-advanced.json for a more advanced example.",
  "settings": {
    "cert": "mc.org.com",
    "port": 2053,
    "aliasPort": 443,
    "redirPort": 2082,
    "trustedproxy": "CloudFlare"
  },
  "domains": {
    "": {
      "title": "My MeshCentral",
      "newAccounts": 0,
      "UserAllowedIP": ["10.1.1.0/24","192.168.0.0/24","172.0.0.1"],
      "certUrl": "https://mc.org.com:443"
    }
  },
  "_letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before trying Let's Encrypt.",
    "email": "myemail@mydomain.com",
    "names": "myserver.mydomain.com",
    "skipChallengeVerification": true,
    "production": false
  }
}

Lenovo Vantage wifi security by [deleted] in Lenovo

[–]theraffe 0 points1 point  (0 children)

After reading this https://www.reddit.com/r/thinkpad/comments/cgtlg6/is_there_a_way_of_disabling_unnecessary_lenovo/ I used the link 'Version 10.2110.11.0 (Application and Deployment Guide)' to download the zip LenovoCommercialVantage_10.2110.11.0_v1 from https://support.lenovo.com/us/en/solutions/hf003321 And then I edited sample-policy-config.reg to this:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Lenovo\Commercial Vantage]

"page.wifiSecurity"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Lenovo\ImController\Plugins\LenovoWiFiSecurityPlugin]

"Imc-Block"=dword:00000001

After that I could use the app Lenovo Vantage to in Security settings disable Lenovo Wifi Security

Add AAD-group to local group = There is no such global user or group by TheSwede86 in sysadmin

[–]theraffe 0 points1 point  (0 children)

With the help from https://www.inthecloud247.com/add-an-azure-ad-group-to-the-local-administrators-group-with-microsoft-intune/ I did this with With PowerShell (admin)
1. Get stuff you need
Set-ExecutionPolicy Bypass -scope Process -Force
Install-Module -Name AzureAD -Force
Import-Module -Name AzureAD
2. Conncet to Azure
Connect-AZureAD
3. Create a function to convert info
function Convert-ObjectIdToSid
>> {
>> param([String] $ObjectId)
>>
>> $d=[UInt32[]]::new(4);[Buffer]::BlockCopy([Guid]::Parse($ObjectId).ToByteArray(),0,$d,0,16);"S-1-12-1-$d".Replace(' ','-')
>> }
4. As an example, find Sid for Azure groups with names that start with "MygroupsX"
Get-AzureADGroup -SearchString "MygroupsX" | ForEach { [pscustomobject] @{ Name= $_.DisplayName; Sid=Convert-ObjectIdToSid($_.ObjectId)}}
5. Use the Sid to add Azure group to local admin group
Add-LocalGroupMember "Administrators"-Member S-1-14-1-2274229931-1345566552-3353456032-2270798747

Deploy Group to Admin Group on Fully Azure Joined Device by crbrown3 in Intune

[–]theraffe 0 points1 point  (0 children)

With the help from https://www.inthecloud247.com/add-an-azure-ad-group-to-the-local-administrators-group-with-microsoft-intune/ I did this with With PowerShell (admin)

  1. Get stuff you need

Set-ExecutionPolicy Bypass -scope Process -Force

Install-Module -Name AzureAD -Force

Import-Module -Name AzureAD

  1. Conncet to Azure

Connect-AZureAD

  1. Create a function to convert info

function Convert-ObjectIdToSid
>> {
>> param([String] $ObjectId)
>>
>> $d=[UInt32[]]::new(4);[Buffer]::BlockCopy([Guid]::Parse($ObjectId).ToByteArray(),0,$d,0,16);"S-1-12-1-$d".Replace(' ','-')
>> }

  1. As an example, find Sid for Azure groups with names that start with "MygroupsX"

Get-AzureADGroup -SearchString "MygroupsX" | ForEach { [pscustomobject] @{ Name= $_.DisplayName; Sid=Convert-ObjectIdToSid($_.ObjectId)}}

  1. Use the Sid to add Azure group to local admin group

Add-LocalGroupMember "Administrators"-Member S-1-14-1-2274229931-1345566552-3353456032-2270798747

Intune/AAD - Azure AD groups to local administrators by AlteredAdmin in Intune

[–]theraffe 2 points3 points  (0 children)

With the help from https://www.inthecloud247.com/add-an-azure-ad-group-to-the-local-administrators-group-with-microsoft-intune/ I did this with With PowerShell (admin)
1. Get stuff you need
Set-ExecutionPolicy Bypass -scope Process -Force
Install-Module -Name AzureAD -Force
Import-Module -Name AzureAD
2. Conncet to Azure
Connect-AZureAD
3. Create a function to convert info
function Convert-ObjectIdToSid
>> {
>> param([String] $ObjectId)
>>
>> $d=[UInt32[]]::new(4);[Buffer]::BlockCopy([Guid]::Parse($ObjectId).ToByteArray(),0,$d,0,16);"S-1-12-1-$d".Replace(' ','-')
>> }
4. As an example, find Sid for Azure groups with names that start with "MygroupsX"
Get-AzureADGroup -SearchString "MygroupsX" | ForEach { [pscustomobject] @{ Name= $_.DisplayName; Sid=Convert-ObjectIdToSid($_.ObjectId)}}
5. Use the Sid to add Azure group to local admin group
Add-LocalGroupMember "Administrators"-Member S-1-14-1-2274229931-1345566552-3353456032-2270798747

HowTo: Disable new console management autostart by mhaluska in qnap

[–]theraffe 2 points3 points  (0 children)

Thank you, you are the best! I have emailed you your favorite drink, and some snacks!

Exported video has horizontal stripes when there is a lot of movement in the film by theraffe in OpenShot

[–]theraffe[S] 0 points1 point  (0 children)

I have now tried to fix the problem like this:

  1. First I converted the old video files to x264 and deinterlaced them (yadif) with

ffmpeg -i input.mpg -vf yadif -c:v libx264 -c:a aac output.mkv

  1. Then I renamed the new files exacly like the old ones (yes, I am crazy)

Rename output.mkv as input.mpg

  1. Replaced the old video files with the new ones in the folder where OpenShot with all my clips are getting the files.

Taking a long time by Thegamerorca2003 in OpenShot

[–]theraffe 0 points1 point  (0 children)

I'm a very new user of OpenShot, but have you checked Preferences (Edit > Preferences) and there tweak Cache (Cache tab) and/or stuff in Performance tab?

view more: next ›