Disable Windows Hello PIN

Method 1: Disable PIN Login Using Registry Trick

  1. Press the Windows key + R to open the Run box. Type regedit and hit Enter.
  2. When the Registry Editor opens, navigate to the following location:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\Settings\AllowSignInOptions
  3. In the right pane, you can see a value DWORD entry named “value“. Double-click on it and set it to 0. (If you want to enable PIN logon later on, just change the value back to 1.)block-sign-in-options
  4. Now open the Settings charms to access the User Account Settings, you’ll find the Add PIN option is disabled (This method will also disable the Picture Password logon). However, if you’ve already set up a PIN before disabling PIN logon, you can still sign in to Windows with your existing PIN.sign-in-options-disabled

Method 2: Disable PIN Login By Renaming NGC Folder

In Windows 10/8, PIN login is encrypted and stored in the following system folder:
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\NGC

If you rename or delete the NGC folder, it will remove your existing PIN login and you’re also not allowed to create a new PIN. Follow these steps to disable PIN login:

  1. In order to see the NGC folder, you have to set Windows to show hidden folders/files firstly. Next use the freeware TakeOwnershipPro to grant you full permissions to rename the NGC folder.
  2. Right-click on the NGC folder and rename it to whatever you like.rename-NGC-folder
  3. Now you can check if you can create a new PIN or not. Press the Windows key + I to open the Settings charm, click Accounts -> Sign-in options. Click the Add button and type in a new PIN and click OK, you’ll see an error message that saying “Something went wrong. Try again later.

If you want to enable the PIN login later, just rename that folder back to NGC or create an empty folder named with NGC.

Command Line To Uninstall Software

Using WMIC:

  • List all installed Programs

Open Command Prompt as Administrator

Type

wmic product get name, version, vendor

and press Enter.

After a few moments, a list will be displayed in the command prompt detailing the programs installed on the target computer.

  • If you want to save the results in a .html file

Type

wmic /output:%USERPROFILE%\DESKTOP\InstalledSoftware.html product get Name, Version /format:htable

and press Enter.

  • If you want to uninstall a program from the list
Echo Y|WMIC Product Where "Name='<INSERT PRODUCT NAME HERE>'" Call Uninstall

Using MSIEXEC

Programs installed with an .MSI are easy and has two choices:

Uninstall Using the Installation MSI

If you still have access to the .MSI installation file you can simply run:

msiexec /x <PROGRAM NAME HERE>.msi /q

Uninstall Using the App’s GUID

If you don’t have access to the .MSI installation file:

  1. Figure out what the GUID of the program is with this Powershell Command:
    get-wmiobject Win32_Product | Sort-Object -Property Name |Format-Table IdentifyingNumber, Name, LocalPackage -AutoSize
  2. Either in a CMD window running as an ADMIN or a script running as an ADMIN
    msiexec /quiet /norestart /uninstall {<GUID>}

    like:

    msiexec /quiet /norestart /uninstall {7FCA6452-46F2-452F-A5A7-DAB7DE12D0E6}

Using PowerShell

  1. You can use the first two steps in e WMIC method above to determine the exact program nae
  2. Use the following commands in a PowerShell running as an admin:
    $app = Get-WmiObject -Class Win32_Product -Filter "Name = '<PROGRAM NAME HERE>'" $app.Uninstall()

Configure DKIM with Office 365

Description

Many administrators are familiar with SPF (Sender Policy Framework) as a system to declare and verify who can send emails from a domain. In the fight against spam and phishing, SPF is not enough anymore.

DKIM (DomainKeys Identified Mail) is an email authentication system based on asymmetric cryptographic keys. A sending email server signs the message body and/or headers with a private key. A receiving email server verifies the key signature, checking for changes in the message fields. The additional identity verification includes a data integrity component using the signature keys to ensure the original message is arriving intact.

Applies to:

Office 365 (O365), Exchange Online, DKIM

Implicit DKIM Signing in Office 365

Administrators with domains on an Office 365 tenant already have an implicit DKIM signature applied to the tenant domain. The tenant domain is the “.onmicrosoft.com” domain, sometimes called the initial domain. Microsoft does this because it controls the DNS for onmicrosoft.com, publishing the public key and storing the private key on behalf of all subscribed tenants. The implicit signing is the basis of creating an explicit signature for your primary domain, the one without the onmicrosoft.com portion.

Implementing DKIM with Office 365

Preparation

  • This article assumes you have access to the Office 365 Admin Center for the tenant domain you are managing.
  • You must have access to the domain’s public DNS zone.

Office 365 Admin Center Prep

  1. Login to the O365 Admin Center and open the Exchange Admin Center 
  2. From the Exchange Admin Center, click on Protection > DKIM 

    Click on the domain and notice the right-side information bar shows the status is “Not signing DKIM signatures for this domain”.Click on the Enable link to turn on explicit DKIM signing on the primary domain.
  3. Note down the information from the yellow pop-up and add it in a Cname record as described below.

Add Two CNAME Records

Depending on the DNS zone management tool being used, the steps below provide the data needed for adding the CNAME records.

  1. Log into the DNS zone management tool for the domain you are working on. 
  2. Add two CNAME records with the following information:
    • 1st CNAME Record
      Host Name: selector1._domainkey.<yourdomain>
      Points to: selector1-<domainGUID>._domainkey.<tenantDomain>
    • 2nd CNAME Record
      Host Name: selector2._domainkey.<yourdomain>
      Points to: selector2-<domainGUID>._domainkey.<tenantDomain>

You can also get your DKIM Records by connecting to Exchange Online via Powershell and running this command:
Get-DkimSigningConfig -Identity <domain> | Format-List Selector1CNAME, Selector2CNAME

Enable DKIM Signing for the Domain in Office 365

  1. Go back to the O365 Admin Center and open the Exchange Admin Center as shown in Figure 3.
  2. From the Exchange Admin Center, click on Protection > DKIM as shown in Figure 4.
  3. Click on the primary domain and notice the right-side information bar shows the status is “Not signing DKIM signatures for this domain” as shown in Figure 5.Since the CNAME records have been added to your domain’s DNS zone the signing of messages for the domain can be enabled. Click on the Enable link to turn on explicit DKIM signing on the primary domain.

Debloat Windows 10

Run the following in Powershell

iex ((New-Object System.Net.WebClient).DownloadString('https://git.io/JJ8R4'))

What this script can do:
Installs Chocolatey, Notepad++, Irfanview, VLC, Java, and asks if you want Adobe Reader or Brave.
Removes all Windows Store Apps EXCEPT office, xbox, and WSL.
Removed Telemetry
Disables Cortana
Deletes various schedules tasks that rebloat the system
Removes Other Bloatware (Candy Crush, etc.)
Fixes problems that other scripts causes (lock screen and personalization options restricted)
Based on User feedback, this no longer uninstalls OneDrive or Office.

Veeam Retention Policies

Removal of Restore Points

To keep up with the retention policy, Veeam Backup & Replication deletes the whole backup file from the backup chain, not data for separate VMs from the backup file. In some situations a certain VM may have fewer restore points than it is specified in retention policy settings. This can happen if a backup job processes a number of VMs or VM containers, and some VMs or VM containers fail to be processed during some job sessions.

Removal of Restore Points from Forward Incremental Chains

In case of a forward incremental backup chain, Veeam Backup & Replication does not remove a restore point immediately. Instead, Veeam Backup & Replication waits for a new full backup (synthetic or active) to be created and a new backup chain to be started. As soon as the last incremental restore point in the “old” backup chain is marked as redundant, Veeam Backup & Replication removes the whole “old” backup chain from the backup repository. For more information, see Retention for Incremental Backup.

For example, a backup job processes 2 VMs: VM 1 and VM 2. According to the retention policy settings, the backup chain must contain 3 restore points. The backup job has already had 5 job sessions and VMs have been processed in the following way:

  • VM 1 has been successfully backed up 3 times and has 3 restore points
  • VM 2 has failed to be processed in 2 job sessions and has 1 valid restore point

When Veeam Backup & Replication adds a new restore point to the backup chain, it will not remove the earliest restore point. Veeam Backup & Replication will wait until a new full backup file and 2 incremental backup files are added to the backup chain. After that, it will remove the whole outdated backup chain from the backup repository. Restore points in the new backup chain, at the same time, may contain data for both VMs or for one VM only: Veeam Backup & Replication regards backup files as restore points, not separate VMs in these files.

Removal of Restore Points

Removal of Restore Points from Reverse Incremental Chains

In case of a reverse incremental backup chain, Veeam Backup & Replication immediately deletes a redundant restore point when the allowed number of restore points is exceeded. For more information, see Retention for Reverse Incremental Backup.

For example, a backup job processes two VMs: VM 1 and VM 2. According to the retention policy settings, the backup chain must contain 5 restore points. The backup job has already had 5 job sessions and VMs have been processed in the following way:

  • VM 1 has been successfully backed up 5 times and has 5 valid restore points
  • VM 2 has failed to be processed in 2 job sessions and has 3 valid restore points
Removal of Restore Points

After that, Veeam Backup & Replication runs a new backup job session in which VM 1 and VM 2 are successfully processed. When a new restore point is added to the chain, Veeam Backup & Replication removes the earliest restore point because the number of restore points in the backup chain has exceeded 5. As a result, you will have 5 restore points for VM 1 and 3 restore points for VM 2.

Removal of Restore Points

Subnet Cheat Sheet


AddressesHostsNetmaskAmount of a Class C
/3042255.255.255.2521/64
/2986255.255.255.2481/32
/281614255.255.255.2401/16
/273230255.255.255.2241/8
/266462255.255.255.1921/4
/25128126255.255.255.1281/2
/24256254255.255.255.01
/23512510255.255.254.02
/2210241022255.255.252.04
/2120482046255.255.248.08
/2040964094255.255.240.016
/1981928190255.255.224.032
/181638416382255.255.192.064
/173276832766255.255.128.0128
/166553665534255.255.0.0256

Office 365 – Setting Default Calendar Permissions To Reviewer For All Users

Step 1: Connect to Exchange Online using PowerShell

$Credential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Credential -Authentication Basic -AllowRedirection
Import-PSSession $Session

Step 2: Generate a list of all mailboxes

$users = Get-Mailbox -Resultsize Unlimited

Step 3: Set Default access to Reviewer for all User mailboxes

foreach ($user in $users) {
Write-Host -ForegroundColor green “Setting permission for $($user.alias)…”
Set-MailboxFolderPermission -Identity “$($user.alias):\calendar” -User Default -AccessRights Reviewer
}

?: if the command says “Action can not be performed, because … was not found.”
It is because the user has changed language and you should run the command again, but substitute “\calendar with the language equivilant.

Step 4: Generate a list of all Room mailboxes

$users = Get-Mailbox -Resultsize Unlimited | Where {$_.ResourceType -eq “Room”} | Select -ExpandProperty Alias

Step 5: Set Default access to Reviewer for all Room mailboxes

foreach ($user in $users) {
Write-Host -ForegroundColor green “Setting permission for $($user.alias)…”
Set-MailboxFolderPermission -Identity “$($user.alias):\calendar” -User Default -AccessRights Reviewer
}

?: if the command says “Action can not be performed, because … was not found.”
It is because the user has changed language and you should run the command again, but substitute “\calendar with the language equivilant.

Outlook Data File Performance

Outlook Data File Performance

If you have a large .pst or .ost file, you may experience application pauses while you perform typical operations in Outlook. These typical operations include reading email messages, moving email messages, and deleting email messages.

The following list summarizes expected behavior based on the size of your Outlook data file.

  • Up to 5 GB: This file size should provide a good user experience on most hardware.
  • Between 5 and 10 GB: This file size is typically hardware dependent. Therefore, if you have a fast hard disk and lots of RAM, your experience will be better. However, slower hard disk drives, such as drives that are typically found on portable computers or early-generation solid-state drives (SSDs), experience some application pauses when the drives respond.
  • More than 10 GB: When the .ost file reaches this size, short pauses begin to occur on most hardware.
  • Very large (25 GB or larger): An .ost file of this size increases the frequency of short pauses, especially while you are downloading new email messages. However, you can use Send/Receive groups to manually sync your mail. For more information about Send/Receive groups, see the “Are you synchronizing many RSS feeds?” section.

Leetspeak, also known as eleet, is a alphabet that is used mostly on the internet. It uses various combinations of ASCII characters to replace Latinate letters. For example, eleet may be spelled 31337 or 3L33t