D

Darryl Mitchell

Senior Product Manager @ Appian

Vim new file recovery in home

Hyper specific title, right? I use both Standard Notes and Obsidian for note taking, but still find myself firing up vim when I need to quickly take a note. In this case I was porting a cell phone number and needed to quickly take down the port PIN and account number. This all sounds fine, but where I went wrong was in forgetting to save. Luckily, vim has a file recovery feature. In the event you've actually editing a saved file, this recovery screen will present itself the next time you edit ...
Read post

Blockchain

At a high level of abstraction, here's how any blockchain works: Someone on the network proposes a block containing a list of recent transactions. Then other network participants verify that the block follows the network's rules. If a sufficient number of other network participants accept the block, it becomes the "official" next block in the chain. As long as most network participants are honest, users can have confidence that transactions accepted by a majority of the network won't be removed...
Read post

Smartphones as a Single Point of Failure

OTP tools like Authy and 1Password can help with this, as can iMessage, but they’re still no full substitute for the web’s reliance on SMS these days. Link ...
Read post

Automating /etc/hosts file entries via API

I ran into a really frustrating problem at work today. My employer-provided laptop is locked down extremely tight for security and compliance reasons and part of that lockdown is the utilization of Cisco's Umbrella software to route certain DNS queries only via VPN. For whatever reason, DNS resolution via Umbrella is completely broken at the moment for my Windows 10 device. This means any of the internal DNS zones I need to get to... I can't. This includes critical tools to my day-to-day like ...
Read post

5-7-700

5.7.700 tl;dr if you're getting this error, it's an automated threshold that Microsoft Support has to reset or expire over time check your message trace logs for signs of abuse and go ahead and call support I'm currently working on an ~800 user hybrid Exchange deployment and due to some issues with the existing 2010 environment decided to deploy an Exchange 2016 server to handle hybrid duties. Becauuse the customer is switching from Mimecast inbound/outbound to EOP/ATP I decided to route all ...
Read post

WinRM error 0x80338012 in Windows 10

Working on getting MFA working with my PowerShell connect script for Office 365 I ran into an issue where a WinRM command wasn't working on my machine. Apparently I had never set it up before, so the command: winrm get winrm/config/client/auth was not working. I was getting an error: WSManFault Message = The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for t...
Read post

External mail is denied to mail-enabled public folders

We came across a somewhat obscure error in support this week that piqued my interest. A customer had created new mail-enabled public folders and set permissions for external users to send to them, but external senders were getting a bounce message: 550 5.4.1 [<sampleMEPF>@<recipient_domain>]: Recipient address rejected: Access denied After some searching online we discovered that changing the domain type from "authoritative" to "internal relay" was the possible solution, and after ...
Read post

Migrating Server 2003 to Microsoft Azure

I was tasked recently with migrating an entire datacenter off of VMware and on to Azure, and their production servers were predominantly Server 2003. Yes, seriously. There is no documented process for migrating Server 2003 to Azure because Microsoft doesn't support running Server 2003 in Azure. But, I was able to find some small tips here and there, and after many months (!) of testing I was able to come up with a relatively foolproof process for getting Server 2003 VMs out to Azure. These are ...
Read post

Understanding mail relay options with Office 365

One of the most commonly misunderstood aspects of an Office 365 rollout is what to do with scanners and other applications that need to relay mail. Microsoft publishes documentation on this but in my experience many who are unfamiliar with SMTP flow quickly get in over their heads. I generally recommend relaying via the MX record for all applications unless your source can't support it. This has several advantages: it can be configured to support both internal and external recipients it doesn...
Read post

PowerShell Profile Syncing

I switch devices a lot - laptops, desktops, management VMs, etc. - and generally whatever device I'm on I'm using PowerShell extensively. I predominantly used Mac/Linux from 2006-2017 and got used to certain tools - openssl, dig, whois, etc. - that I need in a shell, and Windows doesn't have those tools (even if it has some native "equivalents", like Resolve-DnsName). Ironically, I made the switch back to Windows specifically because at the time my most used PowerShell module, MsOnline, wasn't...
Read post

Tips for Decommissioning Microsoft Exchange

I've seen a lot of customers over the years assume that once they've moved to G Suite or Office 365 it's safe to just turn off Exchange and forget about it. While it is possible to manually remove an Exchange server from Active Directory, it's a.) not supported and b.) still leaves remnants of schema on user objects that are difficult to manage without an Exchange server. It's also really difficult to install an Exchange server in the future if you ever need it (as many Office 365 customers do f...
Read post

Easy DirSync hard-matching

If you've ever accidentally ended up in a scenario where you have two accounts for the same user in Office 365 - one synced with AD, and one in the cloud - it can be challenging to recover from this. Azure AD Connect generates a value to store as the "ImmutableID" in Azure AD, which uniquely identifies/ties the user to the correct on-premise account. 99 percent of the time this value is derived from ObjectGuid on-premise. There used to be a manual way to generate this value and set it as the im...
Read post

Using Microsoft Intune to push non-Microsoft apps

Mobile Device Management is quickly becoming a viable alternative to Group Policy in today's cloud-first world. What used to require a domain-joined machine with group policy can now be achieved with an MDM-enrolled machine and configuration or compliance policies. Several things have made this possible: Microsoft overhauled Intune last year to make it part of the native Azure interface, recent Windows 10 builds shipped with an MDM agent built in, and Azure Active Directory join is taking the p...
Read post