We’ve been seeing problems where students have trouble accessing the recordings for a class meeting even when the permissions on that recording indicate that a Microsoft unified group of which the students are members have viewing rights.
The Microsoft Stream Classic service appears to create a local cached copy of the group at the time of the recording, and this group appears not to get updated in a reliable fashion. This means that if a recording is made when a student is not yet a member of the class team, they may not be able to view a video.
There’s no way to modify or update the organizer of an existing Microsoft Outlook or Teams meeting.
The organizer is the person (or account) that created and owns the meeting. Importantly, only that account can make changes or updates to the meeting.
But what happens when someone changes roles or leave the organization?
If you need to change who can modify a meeting, then you need to delete the old meeting and create new a meeting with the new account. I know canceling and recreating meetings is a bunch of busy work. Unfortunately, there aren’t any other solutions. Microsoft Teams adds some additional challenges (and also hope); see below.
I may be late to the party, but I just found the cmlets I need to update the properties of modern Windows event logs. The Limit-EventLog cmdlet only works with classic event logs. I want to be able to manage the size of a modern event log, the kind that lives under Applications and Services logs.
To read these logs, we need to use the Get-WinEvent cmdlet, but that doesn’t let us change the properties of a log. The other cmdlet with the WinEvent noun is New-WinEvent, also not helpful.
And you can use the Set-LogProperties cmdlet (running as admin) to change these settings. But the only two parameters are -force and -LogDetails. So first, you need to save the output of Get-LogProperties to a variable, change the properties you want to modify with the new values, and then provide this variable as input to Set-LogProperties.
# Store Log Propertied in variable
PS C:\> $ntfslog = Get-LogProperties 'Microsoft-Windows-Ntfs/Operational'
# Confirm the ibject type
PS C:\> $ntfslog.GetType()
IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True False LogDetails System.Object
# Set the new desired log szie value in the variable
PS C:\> $ntfslog.MaxLogSize = 40MB
# Supply the variable with the new size as the input to the Set- cmdlet
PS C:\> Set-LogProperties -LogDetails $ntfslog
# Checking our work
PS C:\> Get-LogProperties 'Microsoft-Windows-Ntfs/Operational'
Name : Microsoft-Windows-Ntfs/Operational
Enabled : True
Type : Operational
Retention : False
AutoBackup : False
MaxLogSize : 41943040
PS C:\> (Get-LogProperties 'Microsoft-Windows-Ntfs/Operational').MaxLogSize / 1MB
I have a Windows file server with thousands of shares. Occasionally, create hidden shares for data migration or other administrative tasks. How do you find these shares?
Some websites suggest running Get-WmiObject -Class Win32_Share and piping the output of that to Where-Object to filter. That can work, but it has the computer send you all the share objects. If you want to run this command to get shares from a remote computer, this is highly inefficient.
Instead, we can specify a filter in the initial Get- cmdlet. I’m also going to switch to the Get-CimInstance cmdlet, which is optimized for remote execution.
PS Z:\> Get-CimInstance -ComputerName ServerName -ClassName Win32_Share -Filter 'Type = "0" AND Name LIKE "%$"'
The Filter parameter uses a WQL query to specific that I want regular shares (not administrative shares like C$ or IPC$;Â see the Win32_Share class doc for details) AND whose names end with a dollar sign. It may not return data much faster, but it sends much less data over the wire, which is important especially for remote scenarios.
This post and this twitterÂ thread describe a mechanism to prevent the latest ransomware cyber attack from running. It involves creating 1 (or 3) files with a specific name(s) and with the Read-only attribute set. Although the instructions on the first post describe copying and renaming notepad.exe, any file, even an empty file, with the correct names and the Read-only attribute will suffice, if I read the twitter thread correctly.
There are numerous ways to accomplish this in a large organization, including an SCCM package that either deploys some files, or that runs a script to create the files.Â However, I decided to use Group Policy File Preferences to copy a small text file to the three filenames described, including setting the Read-only attribute.
This should be executed on the affected computers at their next GP refresh, which might be sooner than a reboot for a start-up script.
I struggled with getting a new Server 2016 Remote Desktop Gateway Service running. I followed the official documentation from Microsoft, configuring two servers as a farm, and creating a single CAP and RAP identically on each server. But every time I tried to connect, I received an error message from the client that my account:
I found a corresponding entry in the Microsoft-Windows-TerminalServices-Gateway/Operational log with the following text:
The user “CAMPUS\[username]”, on client computer “132.198.xxx.yyy”, did not meet connection authorization policy requirements and was therefore not authorized to access the RD Gateway server. The authentication method used was: “NTLM” and connection protocol used: “HTTP”. The following error occurred: “23003”.
I double-checked the groups I had added to the CAP and verified the account I was using should be authorized. I even removed everything and inserted “Domain Users”, which still failed.
I found different entries that also corresponded to each failure in the System log from the Network Policy Service (NPS) with Event ID 4402 claiming:
“There is no domain controller available for domain CAMPUS.”
I know the server has a valid connection to a domain controller (it logged me into the admin console). But I double-checked using NLTEST /SC_QUERY:CAMPUS. Yup; all good.
A few more Bingoogle searches and I found a forum post about this NPS failure. The marked solution just points to a description of the Event ID, but one of the comments contains the solution: the Network Policy Service on the gateway systems needs to be registered. This instruction is not part of the official documentation, though upon re-reading that doc, I now see that someone has mentioned this step in the comments.
You may have noticed that Microsoft OneNote displays a little warning for notebooks stored in your Documents folder.
This is because Windows computers that are part of UVM’s Active Directory domain use a feature called Offline Files to make your Documents folder available to you when you’re not on the campus network. (see my Offline Files post for more info.)
The warning shows up because OneNote has its own file sync process, and having another file sync process layer under that can mess up its syncing, theoretically. In my many years of using OneNote, I’ve only seen one (maybe two) situations where this may have created problems. That said, ignoring warnings is generally a bad idea; it makes it easier to miss an issue that really does need attention.