Andy – Page 3 – Absoblogginlutely!

I use Azure’s automation accounts to stop and start virtual machines when they are not needed. One of our machines is used to host backups and is only used for a limited amount of time during the day when the backups run so it is shut down automatically after the backups have completed.

Recently I ran some cleanup on my Azure subscription to get rid of some old test machines and in doing so removed one of the machines that was listed in an exclusion list of machines that should not be started or stopped (as I did not want this obsolete test machine starting on a daily basis).

Navigating to the Dashboard / Automation Accounts / Jobname / Scheduled Job/All logs shows that there is an invalid computer name.

Navigating through to Automation Account logs

It turns out that removing a machine from the Azure inventory but still keeping it in the VM’s exclude list actually stops the entire script from running. Short term fix is to remove it from VM’s Exclude list and the machines start to run again. The long term fix (one day) is to continue if the Exclude list contains invalid servers.

Office

Fixed: Failed_To_Auto_Discover_Domain error shows up when trying to administer Microsoft Teams in Office365

By Andy on Tuesday, November 27, 2018

A week or so ago I was trying to administer a new Office365 Tenant in preparation for an Office365 migration. Part of the process is to configure the various services to reduce the security risk due to unauthorised sharing of files etc.

Attempting to log into the Teams admin interface gave me the worst error message of “Something has happened” when clicking on the Teams admin link as per the screenshot below. Not only is the Error devoid of anything useful but it’s inaccurate as actually *Nothing* has happened.

The error code FAILED_TO_AUTO_DISCOVER_DOMAIN was misleading – it has nothing to do with the autodiscover record.

It turns out that the admin interface for Teams only works if you have at least one user with a Teams licence. I didn’t have any as this was a new Tenant and the only users in the system are currently Global Admins that don’t have any licences assigned to them. Once a licence was applied and 5 minutes had gone by (with a successful Teams login) I was then able to login and make the required settings.

Books Reviews

Review: The Forbidden Door by Dean Koontz – Jane Hawk #4

By Andy on Monday, August 27, 2018

The Forbidden Door by Dean Koontz
My rating: 3 of 5 stars

The fourth book in the Jane Hawk series is definitely one that should be read after the others. This could be read as a standalone novel (and indeed the first few pages are a recap) but it would spoil the fun if you later decided to go back and read the first few.

I have the book 3 stars as the beginning of this book felt really stilted due to being written in a weird third person tense that jarred as it attempted to tell the story and it just felt like it was interrupting all the time.
The latter part of the book did not have this issue so I was finally able to enjoy the last part of the book.
Note there is a lot of violence in the book and lots of extreme methods of dying so stay away if squeamish, however it does help to paint the dark, screwed up world that would occur when mind control is used for bad purposes and when things go wrong….really wrong.

The ending was very abrupt and almost felt like it was in mid plot. The Kindle version does have the first couple of chapters for the next book but I didn’t want to read those until the entire book comes out.

Thanks to Netgalley for the ARC copy of this book.
You can get your own copy from your book retailer September 11, 2018.

View all my reviews

Email Gmail

Workaround to Dreamhost stopping the support of catchall emails by using Gmail and scripts

By Andy on Tuesday, August 7, 2018

About 3 months ago, my hosting provider Dreamhost announced that it was stopping the support of catch-all email addresses claiming that this was to reduce the server load and improve antispam features.
Unfortunately this is a feature that I rely on heavily as I always provide unique email address’s to companies such as companya@ or companyb@ so that I can filter out emails into different labels, blacklist a spammer and lastly see who has had their website compromised and leaked or sold my email address to someone else. I’ve had at least two email addresses, one of which was a local government agency, start to be used as a spam destination. Unfortunately it is frustrating when I report it to the company and they deny it has happened even though I’ve shown them headers of the email address after the initial contact to let them know they have been compromised. One of the companies I contacted denied they had been breached and I hadn’t even provided them the email address so I knew they hadn’t looked very hard!

Anyway….that is all now over as Dreamhost no longer provide this option.

The solution I am using is as follows:-

Use gmail as the primary interface for email (No change since I got gmail back in 2005ish)
Use gmail pop3 access to pull in the original catch all email and apply a “ca” label to the email (No change)
Use Google Sheets to analyze email and retrieve email address used
Create a list of incoming emails and destination email addresses
Add emails to Dreamhost control panel

If you wish to continue using the email addresses you can either add them as an alias or set up a forward for the email address. I was previously using the catchall mailbox and had gmail setup to retrieve the email on a regular basis. The upside of this was that I didn’t have to do anything after setting up the pop account in Google. The downside is that I would have to wait for Google to poll the email account, or go to the accounts tab and pull the mail down manually if I was using a computer. The tablet/mobile access did not provide the ability to “check for mail now”

I had also setup gmail to label all mail retrieved from this catchall account with “ca”. This shows up in the google interface and can also be filtered/searched on.

This meant that I already have email in my gmail account. If you haven’t done that already and wish to use these instructions, then set up gmail to pull in the email as a pop3 account.

Once you have all email coming into Google I then used a slight modification of Helge Klein’s spreadsheet that lists all email address’s for a single label. Use the provided link to copy the sheet into your own Google Drive account. Select the Tools menu, Edit script and review the script to make sure it’s not malicious.

Around line 45 will be the text

var mailFrom = messages[i][j].getFrom ();

Replace this with

var mailFrom = messages[i][j].getTo ();

Yes I know the variable name doesn’t make sense, but this is the easiest way to quickly change the code. The neater solution is to then search and replace mailFrom with MailTo

Save the document and then use the text “ca newer:2017/12/31 older:2018/09/01” (without quotes) in B2in the sheets document. Obviously adjust the dates as appropriate. Sheets label to search for emails in 2018

Note that I found that if my date selection was too large the script would time out. Depending on how many emails you have in gmail, I would probably filter out a year at a time. The filter syntax you enter into the B2 field is the syntax you would use to search in gmail.

Once you have your filter, selectHK Scripts/Extract email addresses.

Hopefully all goes well and you now have a list of emails that were sent to your catch all address in a new tab.

The neat thing is that you can run the script multiple times and each search result will generate a new tab. This way you can run this periodically to capture mail received each month. The caveat is that you do need to keep emails with the ca label in your gmail for at least a month!

The screenshot below shows a few results from this search.

Note that I do have a couple of oddities in this result (which is why I included them). There are a couple of email address’s that go to my catchall address but the emails were not forwarded to my original domain. My gravatar email address is actually another gmail address forwarded to a catch all address. As the original TO field is not my domain it doesn’t look quite right. Some other oddities have included google groups targets or some other nefarious/badly formed bcc emails. These should be treated as an exception and handled manually (outside the scope of this document.

L:ist of catch all email addresses used

Grab the contents of column B and save to a new tab – this new tab will be used to split the email addresses into a format suitable to paste into Dreamhosts mail control panel.

I then did the following to parse the email address into a useable format. Note that this may not be the most efficient but it gives me the ability to easily verify each stage rather than debug a complicated excel formula.

The screenshot below shows what it should look like when completed. (The two shaded rows are the odd ones that I deal with manually) Spreadsheet of email addresses ready to paste into Dreamhost

Column A should be your original To field. The other cells are filled out as follows. Note you need the starting = sign to signify a calculated field.

D =split(A1,“@”)

E – not used.

G =” yourgooglealias+” & D1 & “@gmail.com”

Note there is a space at the start of G as this is used as the separator in the next step. Yourgooglealias is the bit before the @ sign in your gmail address

K =(substitute(substitute(A1& G1,“<“,“”),“>”,“”))

This replaces any chevrons that may be around the email address and then takes the original email address, adds a space and then adds the new gmail address where the alias now becomes +alias.

Finally, copy the contents of column K into dreamhosts control panel. https://panel.dreamhost.com/index.cgi?tree=mail.addresses&current_step=Index&next_step=Bulk should hopefully work but make sure you are pointing to the right domain!

Select Mail, your mail domain, Forwarding Only/Edit All.

Pasting emails into Dreamhost

Hit the save button and you are done.

Your email should be quickly delivered to gmail and still easily filtered out based on the to field.

The downside is that there are still some webforms out there that do not recognise the + character as valid in the email address. Spammers can also easily work out what your main email address is and send directly to that mailbox.

Please let me know if you have any questions or comments

DNS Powershell Work

Powershell oneliner to check network connections used on current machine based on Mike Robin’s blog post

By Andy on Friday, July 20, 2018

Mike Robins had a nice tip yesterday about using powershell to see what your system is talking to and I thought I would tweak it slightly to potentially make it even more useful.

When I ran the command on my machine it took a while to run and I also thought it would be nice to tweak it so that the machine does a reverse dns lookup to retrieve the host names that the system is talking to. This might provide an indication of whether the connection is good or not.

I saved the output of the command to a variable so if I need to tweak the display output I can do so easily without running the script again.

$a=Get-NetTCPConnection -State Established | `
Select-Object -Property LocalPort, RemoteAddress, RemotePort, State,`
@{name='Process';expression={(Get-Process -Id $_.OwningProcess).Name}}, `
@{name='fqdn';expression={([System.Net.Dns]::GetHostByAddress($_.Remoteaddress).Hostname)}},`
 CreationTime
$a

This is a very quick and dirty hack and takes ages to run on my computer. It probably doesn’t help that I have a ton of chrome tabs open which will require a lot of dns lookups and several of them are the same host but this method will lookup them all up individually. IP and dns lookup on active network connections

Yes, I split this ‘one-liner’ into multiple lines to make it easier to read on the screen but if you have to do that, then it’s not really a one-liner and even more so if you are unlikely to remember it.

Office Powershell Work

Office365 Exchange Control Panel now has command logging for admins.

By Andy on Thursday, July 19, 2018

Help Button, Show command logging. One of my annoyances with Office365 administration tasks was that I could make changes to the interface but had no idea what commands were being run behind the scenes. This made creating scripts a frustrating trial and error attempt at finding the correct verbs to run.
However, this morning I stumbled under the Help/Show Command Logging option in the admin panel. This is similar to the Show command output that was available in the Exchange 2010 admin console that I used extensively in the good old on-premise days.

I have no idea how long this has been here but it really made my day.

Now if only the rest of the Office365 admin panels had the same functionality.

Books

Book Review – Lies by T.M. Logan

By Andy on Saturday, June 23, 2018

Lies by T.M. Logan
My rating: 4 of 5 stars

T.M. Logan was a new author to me that I came across on Netgalley who gave me an arc version of the book for my review.
Overall I enjoyed the book but the first part seemed a bit tedious with all the dialog and very short chapters that seemed to interrupt the flow of the book.
However as the mystery and lies unfolded, the book got easier to read and the plot twists suck the reader deeper into the story.
I didn’t suspect the ending twist but it did seem plausible enough.
A good, reasonably quick summers read that would be perfect for the beach.

View all my reviews

Work

Fixed: Unmountable Boot Volume error with Windows Server 2016 and Storagecraft’s SPX

By Andy on Thursday, May 3, 2018

BSOD image We’ve been tracking down issues with Windows Server 2016 on a multitude of servers this week where the servers will reboot and come back with Unmountable Boot Volume which is a pretty nasty experience for oncall. So far we’ve mainly seen it on Domain Controllers but also on a Hyper-V server. The solution is typically to do a last known good boot on the machine and then try to work out what has changed on the server and needs redoing. So far we’ve had issues with duplicate servers in Webroot and Automate along with a couple of server functions not working correctly.

Initially we thought it was a problem with Windows Updates, but it seems that the culprit is Storagecraft’s SPX version 6.7.4
The solution is either to downgrade to version 6.5 or get a patch for 6.7.4 that fixes this issue.

Download location for SPX 6.5.2:

For 6.7.4, You will need to get the patched stcvsm.sys from Storagecraft and then apply these instructions.

Patch is a very manual process. New version of the stcvsm.sys driver is 2.2.73.0.36
1. Install SPX 6.7.2:
2. Do NOT reboot
3. Rename %windir%\system32\drivers\stcvsm.sys to %windir%\system32\drivers\stcvsm-rtm.sys
4. Copy the 2.2.73 driver to %windir%\system32\drivers. Be sure to select the correct ‘bitness’.
5. Reboot

It’s been very frustrating to have gone through this issue without any notification of this pretty serious bug from #Storagecraft

Edit: Today I discovered that Storagecraft now have a more detailed knowledge base article about resolving Inaccessible Boot Device after upgrade to 6.7.x. Judging from the comments I’ve had here, I’m not the only one who has had this issue and it still keeps happening for some users.

Books

Book Review: The Book Of Joe

By Andy on Monday, January 1, 2018

The Book of Joe: The Life, Wit, and (Sometimes Accidental) Wisdom of Joe Biden by Jeff Wilser
My rating: 4 of 5 stars

The last book I read in 2017 but I’ve been sick and unable to post to the blog until 2018! The description of this book was interesting and I’ve been trying to alternate my reading between fiction and non fiction and as a Brit in the USA I basically know nothing about Joe Biden apart from his much meme’d bromance with Obama so I figured this might make an interesting read.

The book is a simple, short biography of Biden that focus’s on tips of wisdom from Biden along with the stories behind them. Covering a lot of episodes from being a kid through to life after the election, the reader is taken through several key moments in his life, along with a challenge to apply these tips to our lives.

Thankfully the book doesn’t get too political so is suitable for all to read – treat it as a biography rather than a political memoir.
The author is obviously a huge, huge fan of Biden and if Biden’s bromance with Obama never worked out, I think Jeff would be waiting in the wings!

Thanks to Blogging for Books for the review copy of this book and the opportunity to read a funny, inspiring book about a politician (not something I would ever expect to say!)

View all my reviews

Windows10

How to work around “Thank you for updating to the latest version of Windows 10”

By Andy on Tuesday, October 17, 2017

Getting “Thank you for updating to the latest version of Windows 10” message with an exit button rather than the option to upgrade to Windows 10 Fall Creators Update?

I’ve been waiting for the Fall Creators update to be available so that I can now start using the Files On Demand feature that allows you to see files from OneDrive that have not been synched down to the pc yet – a feature that used to be called placeholders. I saw it demoed at Ignite and this finally means Onedrive for Business can be useful for businesses now.

Anyway – In a classic sleepless early morning I checked Windows Update last night and this morning and it said that my computer was up to date.

Checking the Windows 10 download page, and then using the update now button downloads the upgrade tool but I then get “Thank you for updating to the latest version of windows 10” error message.

The trick is to download the “create media tool”. Oddly enough, the first question this tool asks is if you want to update this machine or download the media iso to update other machines. Pick the first option and away you go!

Installing Windows 10 Fall Creators Update

Now where did paint go? 😉

So what new features are you looking forward to using?