• Interesting article.
    It appears the Windows open operating system is going the direction of the Mac and many commercial firewalls. It is moving away from Promiscuous mode to Restricted. I’m not a Mac guy, but I can understand the value of a closed system, same as a closed firewall, to keep the bad actors at bay.

  • 1. Note, if your organisation has disabled RDP for security reasons, **do not** go about with processes like this to enable it, unless you have the specific blessing of that team.
    2. PsExec is a very handy tool, to be sure. But it is a huge security risk and will be flagged as a malicious executable by many AV systems. This is because it is literally just too powerful 🙂 So don’t run this on any corporate network without first talking to your security team.
    Group Policy should always be the preferred course of action which negates the need for any of these actions in the first place.
    But for home users, the write-up is ideal. :thumbsup:

  • I was having trouble with memory errors when running WSMT (2016 -> 2022).
    I came across this page looking for a solution.
    I followed the instructions given and found the solution immediately.
    Thank you very much.
    From Tokyo,Japan.

  • Hi,

    Can we setup alerts for emails that breach our DLP policies?

  • Wow… that was a very impressive article.
    I have just under 50 years in the computer business, and it all went over my head.
    My last employed position was doing PowerShell automation for system deployment.

    After reading the above, I see just how much the world has moved on.
    Kudos to those who can, and do, work in the above environment.
    I’m glad to be retired now.

  • Note that while Windows Contacts also offers a vCard export option, a long-standing bug in all versions (Vista through 11) converts Unicode characters to question marks in the VCF files (CSV export does not suffer from this issue): https://tinyapps.org/blog/201402210715_editing_vcards_with_bash.html

  • It’s not a question of how worthy it is. It’s a question of what is going to happen.
    And this IS going to happen. I read up on how the tool works and it will find and copy every email in every pst the end users have regardless of where it resides, with the exception of copies of pst files with the same contents.
    Many of these end users also have legal obligations to retain emails for extensive amounts of time. So, like I said, this is going to happen. So how is performance affected when it is moving the contents of say a 20 gb pst file to the archive? And if it’s local, how long would that take? And if they still (many do) have their pst’s on network drives and are on vpn. how will that affect performance?

  • I am in IT at a global IT company working in an enterprise environment. While the video was educational, I don’t see how Outlook performance will not be degraded if the pst migrator tool is moving literally 10’s of gigabytes of data, often over a vpn connection to a network drive.
    Even if the files are all local, I have personally seen pst files in the 60 gb and higher range or a number of them totaling that much space. How is moving that much data not going to impact Outlook performance and what measures can be implemented in the event this occurs? I saw the configuration guide but at my level, I won’t have access to that. I’m fairly certain they are deploying via gpo. What kinds of issues HAVE you seen with this software?

  • Good idea there, didn’t know that option existed, will come in useful.

    You can get directly to the path regardless of the user using this rather than having to put in username too:


  • Is there any way that i can use powershell or powercli to test if port open or not and then tell where packet gets dropped and what is the interface ip

  • As soon as the restored machine boots it will contact the domain and set a new password.

    If you only want some files use file level recovery.

    If you want the full machine but not connected to the network get the attribute from your AD backup (you backup your AD, right?) or boot from a DaRT CD and use Locksmith to set a new local admin PW.

    I can’t see any problem.

  • Hi Mohammed,

    Thank you for a clear and neat explanation of affinity and anti-affinity rules.

  • Same with me. LAPs is useless. More damage from curing…

  • We are using LAPS and facing the next issue.
    When we have to restore a machine from the backup before the moment the LAPS password has changed ,we cannot login with the local administrator account.
    Do you have a solution for this issue?

  • Hi Graham,

    very useful post for users who wish to track daily spend proactively. thanks.

    One question, on this topic. AWS organizations with multi account setup and have centralised billing. In such cases, If we setup this daily spend alerts at root account, Is it going to send consolidated spend of all member accounts including root account?


  • How is this? Rather than try to grant permissions to a folder when it becomes created, what about just giving authenticated users full-control of the outer folder which already is there?

    How do I define “all users”appdatalocal? That is all I need. I can grant full control to the local folder with inheritable permissions inward. I just can’t figure out the correct syntax to define the all-usersappdatalocal folder.

  • Hello,
    I haven’t tried this. However, I will check and let you know. This is the link where they explain about advanced hunting query language.

  • I used this to get the OU:

    Get-ADComputer -Filter {OperatingSystem -Like “*Server*”} -Properties * | select Name, @{n=’OU’;e={$_.canonicalname -replace “/$($_.cn)”,””}}, Enabled

  • Load More
© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account