• i have to create role that has priviledge to create/delete and apply affinity and anti-affinity rules

  • 8 yrs, still very relevant.

    I point this article to all my students when they get their first go at Task Sequencing.

  • Joesph,

    I have always on device tunnels working.  However one important aspect is not functioning, I cannot communicate with VPN connected devices from internal resources.  However I can communicate with all internal resources from the device tunnel.  Is there a route I need to publish to my core switch?  Right now both of my NICs on the vpn server are on the same subnet, should the external one be on a separate subnet in the dmz?  I've tried adding routes to the VPN server, but to no avail.  I see aside from the two NICs I have on the VM, RRAS creates a virtual NIC I assume as the gateway for VPN connected devices.



  • Great overview! Do you intend to do a follow-up blog on the Service Principal onboarding approach?

  • Thanks for sharing, Graham. I came up with a similar solution for CloudWatch alarms. Check out:

    How to send CloudWatch alarms to Microsoft Teams?

  • V-locity is is for Windows servers. We have been letting product development know that there are requests for Linux.

  • I followed this and then found out there's a missing step. After you have moved the SUSDB and LogFile, you need to make sure this account has read and write permissions to both or your WSUS will not sync because it will be in READONLY mode: NT ServiceMSSQL$MICROSOFT##WID

    Source: https://mivilisnet.wordpress.com/2018/01/30/relocating-the-wsus-databases/

  • How is it possible to autoconnect Always on vpn client when windows startup? So the user does not have todo anything.

  • Hello.  We use a tool ADAxes to configure the security on OUs.  This tool uses powershell to modify rights and can use PowerShell cmdlets as needed.  This tool exists in a different forest from the forest where the computers/OUs are located.

    The AdmPwd,PS cmdlets to set security does not seem to function with the target in a different forest (there is a forest-level trust between the two).

    Is there a work-around?  For simplicity, we prefer to use the cmdlets to modify our 200 OUs rather than translate the security into pure PowerShell commands to modify ACLs.

  • I have a problem with TightVNC. When I login to user using this method over VNC, and I want to install something, o run an application from the user then I can't paste the password to the UAC-promt. With the other programs installed as service, like Teamviewer or Anydesk I can use the copy-paste.

  • WOuld like to find a wzay to set permissions "manage printers" on the system, not on a printer. 
    Then the users could add printers, drivers, etc.

    is there a way, programatically ?

  • I'd like to know if it is possible to exclude the Desktop folder from KFM and only move Documents and Pictures folders up to OneDrive.

  • while i am joining local to domain computer  0"Domain"option is inactive.

    plz help me !

    workstation setting is correct

  • But I noticed it removed BitLocker that was enabled on the OS drive!

  • IPv6 was supposed to be the future and yet 25 years later it has yet to be widely adopted. This is how IPv6 looks like in 2020: https://stats.labs.apnic.net/ipv6

    I think the main reason is the lack of backward compatibility. Apparently, when it was engineered no one thought about compatibility because back then IPv4 was not widely adopted yet.

  • The AD join method worked perfectly, thank you very much for providing this information. Saved us a ton of work rebuilding an ESX host!

    Note to others - it may take a little while for AD to replicate the group, membership and computer account information around all DCs if you have several DCs, so just be patient - it took about 20 minutes for the replication to complete for me (4 DCs).

  • It really does work with Windows 10 Home edition.

    First attempt failed . . . I had the complete MS Office 2016 Professional Plus suite installed on my laptop and tried to remove the unwanted components with a script. This didn't work at all and I was left with a second installation of MS Office.

    At second attemp I first removed both Office installations using the Control Panel. Next I installed Word, Excel, PowerPoint and Outlook with the following script:


      <Add OfficeClientEdition="32" SourcePath="I:">
        <Product ID="ProPlusRetail">
          <Language ID="nl-NL" />
                    <ExcludeApp ID="Access" />
                    <ExcludeApp ID="OneNote" />
                    <ExcludeApp ID="Publisher" />
                    <ExcludeApp ID="OneDrive" />
                    <ExcludeApp ID="Groove" />
                    <ExcludeApp ID="Lync" />
                    <ExcludeApp ID="Teams" />


    Explanation of the lines in the script:

    • I installed the 32 bit version --> <Add OfficeClientEdition="32"
    • I mounted an image of the Office installation DVD to virtual drive I --> SourcePath="I:">
    • Because I have MS Office 2016 Professional Plus, I changed <Product ID="O365ProPlusRetail"> into <Product ID="ProPlusRetail">
    • I'm Dutch, so . . . --> <Language ID="nl-NL" />
    • The next 7 lines exclude the unwanted programs.

    Save the script as 'configuration.xml' in the folder where you extracted the zip file. In my case 'D:ODT'.

    To start the installation, I opened a DOS box as administrator and changed to 'D:/ODT. Finally the setup process was started with the command 'setup /configure .configuration.xml'.

  • Load More