Disabling “link Azure Active Directory accounts to personal Microsoft accounts”

In some type of bizarre alternate reality, linking a corporate Microsoft account to a personal Microsoft account so the user can earn “Microsoft Rewards points for Microsoft Bing searches done in their browser or Windows search box while signed in with their AAD account” is seen as a good option to have – despite the security concerns and fact that almost no-one uses Bing or knows WTF “Microsoft rewards” are.

For the rest of us – fortunately we can disable this insanity using an MS provided script from https://download.microsoft.com/download/2/4/5/245c3b59-a897-4ee1-a24d-e0ead9007603/AccountLinkingDisable.ps1

General FAQ – https://www.microsoft.com/en-us/bing/account-linking-admin-faq

Ctrl + Alt + Del in nested RDP/VM sessions

If your anything like me – the amount of environments that you are now accessing via a variety of nested citrix/RDP/VPN/Hyper-V Console/JumpBox’s  etc – well…. its now 100% of what you deal with.

 

One of the pains of nested sessions (apart from the clipboard) is pressing Ctrl + Alt + Del for tasks such as changing your password.

A common method around this is to use the on-screen keyboard

  • launch “osk.exe” from a command line
  • press Ctrl + alt – and then use your mouse to press “del”

However, i’ve always found that little painful – and a few years ago i found a direct command line, then lost it again – and have now found it again! So i am now recording it here – for future me – and anyone else

C:\Windows\explorer.exe shell:::{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}

Powershell – Test Network Connection

I’m a little embarrassed that i have only just found out about this.

I, like many old timers, have been using telnet to verify network connectivity over certain ports for many years, with commands such as “telnet www.adexis.com.au 443” in order to verify that specific ports are accessible from the machine im working on. This is very handy when an issue arises with certain machines, especially those in more secured parts of the network, are not working for certain things. The network team always says its not them…. and a quick telnet can help with proving or disproving that.

Today, while compiling some information for a MS support case, i needed to demonstrate that the ports were open…. however, one of the issues with telnet is that you either get an error (port is not accessible) or a blank screen (indicating that it is accessible) which isn’t great for relaying information to a 3rd party….

Enter the powershell command “TNC” or test-networkconnection

tnc www.adexis.com.au -port 443

ComputerName : www.adexis.com.au
RemoteAddress : 10.x.x.x
RemotePort : 443
InterfaceAlias : Ethernet
SourceAddress : 10.x.x.x
TcpTestSucceeded : True

 

In order to get a little bit more information, you can add “-informationlevel Detailed”

tnc www.adexis.com.au -port 443 -InformationLevel detailed

ComputerName : www.adexis.com.au
RemoteAddress : 10.x.x.x
RemotePort : 443
NameResolutionResults : 10.x.x.x
MatchingIPsecRules :
NetworkIsolationContext : Private Network
InterfaceAlias : Ethernet
SourceAddress : 10.x.x.x
NetRoute (NextHop) : 0.0.0.0
TcpTestSucceeded : True

 

much more friendly when having to relay the information onto a 3rd party – and something ill be using in place of telnet from here on in.

MYOB – finding the current library root for server edition

MYOB – other small business owners may be familiar with this software…. its not good software and its expensive…. but it is one of the options out there for small business.

Anyway – upgrade MYOB server edition

When performing this upgrade, it automatically resets the Library location back to the default – which is not helpful…. and there is no way in the GUI to determine the library location (that i can see)

So – in order to ascertain your library location prior to upgrade, check the following registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MYOB\HuxleyServer\LibraryRoot (assuming an x64 server, remove the “wow6432Node” if you are somehow still running a 32 bit server OS in 2019)

Outlook HTML…. holy shit that’s bad.

Recently, I made up a HTML template to use with some summaries we send out to clients – I thought it would look a bit more professional than our existing text with an attached PDF.

I got the HTML looking nice, plugged it into the VS project, and generated some emails…

<eyes pop from sockets> Holy shit that looks terrible! The rendering is all over the place!

After a bit of poking around the web, I found that the rendering engine for outlook since 2007 has been the word html rendering engine – and to say its an unpopular choice would be a massive understatement.

My campaign looks bad in Outlook

Html Email Outlook Padding | The complete guide for email marketers

Outlook Email Rendering Issues and How to Solve Them

Microsoft defends Outlook HTML decision

 

I ended up “editing” my html with word, accepting that it was never going to look good, saving the massively increased html “template” – and using that.

It looks nowhere near as good, the HTML content has gone from 1k to 41k and I have learn the valuable lesson of checking before saying “how hard can something really basic like that be?” to coders when they cannot do something that, on the face of it, would seem incredibly basic.

Good work Microsoft – your ability to introduce absurd amounts of complexity for no benefit is second only to the Australian federal government.

Microsoft culture change to non-sales focused ?

https://www.linkedin.com/pulse/satya-nadella-just-fixed-microsofts-biggest-problem-chris-dodds?trk=hp-feed-article-title-like

I’ll believe it when I see it. For an organisation that is so incredibly entrenched in the culture of selling first and not bothering if the product actually meets customer needs or not – and even worse, very skilled in repositioning the problem as the solution, its a massive claim and would be a massive change.

 

IT support for family and friends

“Hayes…. my Microsoft is doing something weird and when I replied to an email telling me I had won $2 million, a big red message popped up because of YOUR antivirus”

I know I’m not alone in receiving phone calls like this – but it still amazes me.

Computing and technology is not going away any time soon, but for some reason, when talking about anything related to this area – its socially acceptable to put it in the “its hard, so I can be vague, use incorrect terms, give you zero actual information about the issue – and then get shirty when you don’t fix it in 5 seconds!”

hotmail/outlook.com/LiveID constant security prompts

Dear Microsoft – Logging on to outlook.com or a service which uses a Microsoft/Live ID from a different IP address does not fucking constitute “unusual activity”; subsequently blocking access to the account with security measures that

a) are invasive

b) don’t fucking work (the text messages only sometimes come through and when they do – its in 8-16 hours time)

c) are unnecessary for some (if not many) accounts

At least provide the option to opt out of such silly “security” measures.

(oh and I love the irony of the cloud services that are available from “anywhere”…. except if anywhere has a different IP address to the one you used when you last logged on….)

The wastage of the MS partner program….

Over the years, the Microsoft partner program rubbish has built up. I have requested that we no longer be sent the DVD’s, plaques etc…. but at the time (granted, this was years ago) – i was told that was not an option – and asked the courier to no longer deliver packages from MS.

Not sure if it has now changed – but i sure hope so….. imagine this amount of completely and utterly useless junk multiplied by x million partner organisations around the world.