Thursday, December 27, 2018

How to Delete an AzureAD object that Won't Delete

1. Ok. You deleted a user from your on-premise Active Directory and it's still showing that bugger in Azure Active Directory. Your Google Kung-Fu is strong, but you can't find the dang commands. Here is what worked for me.

2. Get Connected via Powershell to Office365 / AzureAD: (Install) (Install)

3. Install-Module -Name AzureAD

4. After your connected. Run the following command:

PS C:\Windows\system32> Remove-MsolUser -UserPrincipalName

Continue with this operation?
[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"): Y

5. Check your AzureAD portal to make sure it's gone.

6. Freaking dance man!

Reference Links:

Unhelpful Real World Training Junk:

How to Connect Powershell to Office365

1. Install the Microsoft Online Services Sign-In Assistant for IT Professionals RTW MSI application. You cannot perform the next steps without it being installed:

2. Open Powershell and install the Install-Module MSOnline module. (Note: Use the Administrator elevated PS)

3. URL for Powershell commands to Manage User accounts and licenses with Office 365 PowerShell:

4. PS Command to Connect to O365: Connect-MsolService -Credential $credential

5. You will be prompted to log in with your O365 administrator account (you cannot use a regular account).

6. Run commands without headaches if your environment permits it: Set-ExecutionPolicy Unrestricted -Force

PS C:\Windows\system32> $UserCredential = Get-Credential

7. Sign-in to Office 365 with Administrator Account

8. Run this command so that you are connected via PowerShell (no there is no GUI):

PS C:\Windows\system32> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection

9. Turn off the pain in the neck prompts:

PS C:\Windows\system32> Import-PSSession $Session -DisableNameChecking


Thursday, December 13, 2018

How to Connect to AWS Snowball and Copy Data

1. Order the AWS Snowball from your AWS Account and have it shipped to you.

Note: Good YouTube Video by AWS:

2. Download the AWS Snowball Client

3. Download the Manifest File

Note: (Security Alert!) Protect the location of the file. King of the Kingdom access if someone snatches it or accesses it unauthorized for the workload/data.

4. Make sure the manifest file is in a path you can access easily. If it's on your workstation, it may be a delay. Use a jump server.


Wednesday, December 12, 2018

How to Remove a Failed Move Request for the Current Batch of Exchange 2013 to Office 365

1. MS Blog:

2. Open Powershell as an Administrator and install the AzureAD Powershell Modules on your Windows 10 machine.

3.  Install-Module -Name AzureAD (Doesn't seem to work on W2012 R2 Server)

4. Login with your Office365 Account (You have to be a Global admin). Type in Connect-AzureAD

5. After you type in the password you will get this screen:

6. Connect to Office 365 through PowerShell from the elevated prompt on your local Windows 10 Machine.

PS C:\Windows\system32> $UserCredential = Get-Credential

7. Sign-in to Office 365 with Administrator Account

8. Run this command so that you are connected via PowerShell (no there is no GUI):

PS C:\Windows\system32> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection

9. Turn off the pain in the neck prompts:

PS C:\Windows\system32> Import-PSSession $Session -DisableNameChecking

10. Check your batch that is migrating:

PS C:\Windows\system32> Get-MigrationBatch | fl

11. Get your Move Request (See what's failed)

PS C:\Windows\system32> Get-MoveRequest

12.  Remove the Completed Jobs (Optional):

PS C:\Windows\system32> Get-MoveRequest -movestatus completed | remove-moverequest

13. Delete all of them:

PS C:\Windows\system32> Get-MoveRequest -MoveStatus Failed | Remove-MoveRequest

14. Delete one at a time.

PS C:\Windows\system32> Get-MigrationUser

Kill the failed jobs:                      Final2-12.12.2018              Failed

PS C:\Windows\system32> Remove-MigrationUser

Are you sure you want to perform this action?
Remove the migration user ""?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [?] Help (default is "Y"): A

Reference Blogs:


Monday, December 3, 2018

Default AWS Storage Gateway Password

1. After downloading the AWS Storage Gateway and importing the .OVA file into VMware you have to login after you start the VM.

2. Default login is the following:

Username: admin
Password: password

Note: It is no longer sguser / sgpassword

3. After you have logged in test your networking connectivity to AWS:

4. You will need to change the password inside the AWS Console under "Actions"


Wednesday, November 21, 2018

How to Speed Up VMware Converter 6.2

1. Taking forever to P2V or V2V a server? Disable SSL on VMware converter.

2. Edit "converter-worker.xml" with your favorite editor. Your going to have to save it as another file name because if you attempt to edit the actual file. It will bark "Access Denied" errors.

PATH: c:\programdata\vmware\VMware vCenter Converter Standalone

3. Open the "converter-worker" XML file and edit the section called:

<useSsl>true</useSsl> and change it to <useSsl>false</useSsl>

4. Save the file as converter-worker-bak.xml.

5. Delete the original converter-worker.xml file and then remove the -bak from the one you created.

6. Re-launch VMware Converter and go after that migration!

Tuesday, November 20, 2018

Top 10 IT Certifications 2019

2019 is here already! Good grief! Time is flying. Ok. So here is your Top 10 IT Certifications for 2019. If you are not working in the cloud, seriously...stop playing around and get serious about your career before one of us hungry IT people eat your lunch!

The days of playing guardian over an infrastructure and hiding what can be done in the cloud, in a colocation data center or offsite outside of your company, non-profit or organization are OVER. FUD (Fear, Uncertainty and Doubt) no longer will work to your benefit if your one of these dinosaurs in an organization scared of change. It will happen whether you like it or not.

Drumroll!!! Hands-on IT Certifications where recruiters will blow up your LinkedIn with offers!

1. AWS Solutions Architect - Associate Level (Champion):

2. AWS Solutions Architect - Professional Level:

3. Azure Solutions Architect Expert - ***NEW***NEW***NEW***

4. Certified Ethical Hacker - ***Enterprises and Defense (Globally)***

5. VMware Certified Professional 6.5 - Datacenter Virtualization

6. Cisco CCNA (Cisco Certified Networking Associate)

7. Red Hat Certified Engineer (RHCE) **Always A Hotcake**

8. Nutanix Platform Expert ***Jack of All Trades - Will Not Pass without Vast Experience***

9. Google Cloud Architect

10. Whatever you like!

Innovating Technologies that will drive Technological change:

1. Blockchain and its derivative technologies (e.g. Holochain)

2. AI (Artificial Intelligence) / ML (Machine Learning)

3. Mobile (Android and iPhone) - Full Stack Development


Saturday, November 10, 2018

How to Configure a Default Login Screen for Windows 10 with Group Policy

1. Create a folder called "Logo" under NETLOGON

2. Add the image to the folder

3. Use %logonserver% to identify multiple domain controllers since if you identify one specific DC and it goes down or there is any other problem with a particular DC, user's won't get the login screen image (the policy won't run on login).

Example: \\%logonserver%\netlogon\Logo\w10-lock-screen.jpg

4. The GPO Setting is under Personalization under Computer Configuration


Thursday, November 8, 2018

Migration from Exchange 2013 to Office365 Authentication Error

1. Verify that the Administrative user has the permission for "Application Impersonation" in the Exchange Admin Center.

2. Change all users in your local Active Directory over to the UPN for the verified (publicly resolvable Active Directory Domain). Powershell command:

$LocalUsers = Get-ADUser -Filter {UserPrincipalName -like '*domain.local'} -Properties userPrincipalName -ResultSetSize $null

$LocalUsers | foreach {$newUpn = $_.UserPrincipalName.Replace("domain.local",""); $_ | Set-ADUser -UserPrincipalName $newUpn}

3. Sync your Azure Active Directory Tool (Force the Update)

Start-ADSyncSyncCycle -PolicyType initial

4. Verify that your login with "" is working on

Password: test0!

You call that a password?

This is a password son!!: %&^*(LUIKG/73&^%HVJB)&*(YIU)(&*^UTY8567irtufgykA&*(^RTUFGYOHPI()$%^^#$%TE

How to Fix Microsoft Exchange 2013 to Office 365 Error ews/mrsproxy.svc' failed.The HTTP request was forbidden with client authentication scheme ‎’Negotiate‎’

1. The first part of the denial is that the Exchange 2013 server has to be set to "0" instead of "1" in their attributes.

2. Login to your DC and then search for ADSI Edit (Windows 2012/2016/2019 Server):

Change the "adminCount" setting to "1" and then reboot the server (NOTE: I saw that even on reboot, this flag remained. So I doubt it has anything to do with the http authentication.) This is when I then ran the following commands on the Exchange 2013 Server itself in EMS. This is the Microsoft article: but it had no impact at all on the error even after rebooting. It just came back.

3. Login to the CAS or Exchange Server and Open the Exchange Management Shell

4. Run the following command in the EMS:
[PS] c:\Windows\system32\Get-WebServicesVirtualDirectory | select *auth*

5. Look at the output for BasicAuthentication. You will see it set to false:

6. Run the command: Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory –BasicAuthentication $TRUE

NOTE: if it times out in CAS you can also run it on the Exchange Server or do it in the Exchange Admin Center under Servers >> Virtual Directories >> OWA (etc)

7. After this fix. Run the Microsoft Office 365 Hybrid Connection Wizard (You will need your O365 Administrator account and an AD account that is an Exchange organization administrator so that you can complete the wizard.

8. You will need to install the application on the CAS server itself (NOTE: Do not install it on Exchange or your local machine. It will just fail).

9. Run the Data Migration from the Exchange Admin Center after you verify that you have successfully configured the Hybrid tool (also make sure you have already assigned licenses to users and you have the Azure AD Connect tool already configured on your local domain controller.

(NOTE: You have to have a subscription active in Microsoft Azure or if you purchase from Rackspace then your account will have a Tenant account and you will be able to configure the tool).

10. ADFS Configuration using AD Directory Sync:

Lifesaver Credit (Thanks Guys!!!): (Jaap Wesselius) (Dan Djurasovic)

Helpful (Not Used, but relevant and may help others):

Thursday, November 1, 2018

Transfer FSMO Roles

1. Login with a forest level administrator account

2. Open CMD prompt as an Administrator

3. Run the following commands:

ntdsutil - > roles -- > connections --> connect to server dc-servername -- > quit

Schema Master
transfer schema master
<Enter Key>

RID Master
transfer rid master
<Enter Key>

Domain Naming Master
transfer naming master
<Enter Key>

PDC Emulator
transfer pdc
<Enter Key>

Infrastructure Master
transfer infrastructure master
<Enter Key>

Type q / q and that's it! Shut the box down or do whatever you were going to do!


Wednesday, October 31, 2018

Microsoft Exchange Transport Services Won't Start

Open PowerShell with the Exchange PowerShell CMD Tool

Check the Health of Exchange:

Check the Exchange Database Status:
Get-MailboxDatabase -Status | Format-List name,server,mounted

Check the Queues:
Get-Queue | Select Identity,Status,MessageCount

Open up Event Viewer and Read the logs and check what's going on. If you cannot start the EdgeSync Service. Re-Add:

New-EdgeSyncServiceConfig - Site YourSitesandServicesLocation

Start --> Run --> services.msc

Re-Start the services. If Microsoft Filtering is hung. Bounce the server. Mail should start flowing again. If not...Microsoft Support is your friend. Don't take all day...troubleshoot what you can and then bow humbly, give up and call support. Your busy right?

Microsoft US Support: 1 (800) 642-7676
Microsoft US Support (URL):

Mount Exchange Database

Mount-Database -identity Domain\Exchange Server Name\ mailbox name

Get-Server *Exchange* | Start-Service
Get-ServerHealth -Identity Domain\Exchange Server Name
Get-ServerComponentState -Identity Domain\Exchange Server Name
Get-DomainController | fl name,adsite
Get-ExchangeServer | fl name,admindisplayversion,serverrole,site Add=PSSnapin *exch*


Sunday, October 28, 2018

How to Install VMware ESXi 6.7 on VMware Workstation 15

Static IP configuration were causing me some headaches. The alternative options are DHCP and DHCP with a reservation if you have a DHCP server you manage. Optionally, you can go the static configuration route but it was a headache for me and I'm busy and have other things to do.

Lab Scenario with VMware Workstation 15 (WS15 was on W10)

1. Download the ISO and then double-click until you find the .ova and double-click it or right click and open it in VMware Workstation. The wizard is pretty simple.

2. After you import the VM and configure the VM with the Wizard. VMware Photon 1.0 will launch and run the scripts in the background. Be patient. It runs for like 5-8 minutes. Just leave it alone. It will boot and you will see the screen. NOTE: Make sure you type in :5480 after the IP or the hostname or you will see bupkis.

https://ipaddress or FQDN:5480. I recommend using the FQDN

3. Select the option that works for you and install everything.


Wednesday, October 24, 2018

How to Create a Bootable .wim File

1. Download Rufus (Windows Based Systems) / Linux WinUSB doesn't work worth a damn on Ubuntu 18.04.1 LTS at the time of this writing so don't waist your time. (Don't download it anywhere else)

2. Grab your W10 EE/Pro ISO Image if you don't have VLSC: (You need a license if you need it more than 90 Days, but for testing/evaluation/school purposes, it's fine.)

3. Launch Rufus and configure the ISO

4. After everything is done. Open the USB and delete the "install" .wim file from \sources and replace it with your .wim file and then rename it  to "install"

5. Boot that sucker and verify everything is working. You're done.


Tuesday, October 9, 2018

How to Create Bootable Windows 10 USB on Ubuntu 18.04.1 LTS

1. Open Disks app on Ubuntu and format the drive NTFS

Do It The Hard OCD Way:

2. Grab the source code from WoeUSB:

3. Open Terminal and create a location for WoeUSB:

4. sudo mkdir /opt/woeusb

5. cd /opt/woeusb  && git clone

6. In order to run mk-build-debs you need to install devscripts

7. sudo apt-get install devscripts equivs gdebi-core -y (NOTE: Remove when your done for security of your system)

8. Then prep the environment: sudo ./setup-development-environment.bash

9. cd /opt/woeusb/WoeUSB/ and then run sudo mk-build-deps

10. sudo gdebi woeusb-build-deps_*

Do It the Fast...I Don't Have Time, I'm Busy Way:

2. sudo add-apt-repository ppa:nilarimogard/webupd8 && sudo apt-get update -y && sudo apt-get install woeusb -y


Tuesday, October 2, 2018

How to Fix "The Specified Virtual Disk Needs Repair" on VMware Workstation 15 on Ubuntu 18.04.1 LTS

You try to enlarge the disk and you run into the error about the disk needing repair.

Verified that works on VMware Workstation 15 on Ubuntu 18.04.1

1. Open terminal on the machine you have VMware Workstation installed

2. /usr/bin/vmware-diskmanager -R /path/to/.vmdk file

3. Go to settings of the VM and try your advanced operation to compact the disk or expand it. Bam...done.


Wednesday, September 26, 2018

How to Remove Windows 10 Bloatware Permanently

First and foremost...I want to thank at least 10 different bloggers for posting general information and one of the most helpful was Daniel's IT Blog. and Andre Picker (This is for removal of the unwanted W10 Apps from .WIM only)

This is for an IT Image for Windows 10. Why on earth Microsoft doesn't have an "IT" script to remove all the junk they know damn well will never go on a business, enterprise or government computer is beyond me. So we IT Managers, Solution Architects, Systems Engineer's are left figuring out ways to remove the crapware so user's don't put in a million tickets asking questions about using the software or locking their machine up doing something crazy no one anticipated.

Here you go:

1. You can use a Powershell script from How-To-Geek: but for IT purposes. It's only removing the junk from one profile. Not the entire machine. As soon as you log in with another user.'s back like a software cancer.

2. You have to disable things in the registry for it to be permanent or you can rely on some task to run from SCCM, but they're not always reliable and many times it appears and then the script has to run for it to disappear. Again, this will do nothing but generate support tickets and unnecessary calls about "What is this thing on my machine? Do I have a virus?".

3. #1 Rule of IT and Troubleshooting. Never give up. Somebody has solved the problem or you will get close enough to fix the issue yourself.

4. Completed on Windows 10 Enterprise Version 1803. OS Build 17134.285

5.  Launch services.msc and stop and then disable the services you don't need (this worked for me, but you may do something different):

Touch and Keyboard and Handwriting
Hyper-V (All)
Microsoft iSCSI
Microsoft App-V Client
dmwappushsvc (Data Collection service)
Downloaded Maps Manager (Microsoft Maps)
Phone Service
Remote Registry
Retail Demo Service
Routing and Remote Access (Unless you have a business need)
User Experience Virtualization Service
Windows Backup
Xbox Settings (All) - FYI. You have to disable the Xbox Gaming Monitoring Feature in the Registry. It won't disable from services.msc. Great Tutorial to Disable in the Registry:

6. Disable the crapware/bloatware permanently (Thanks Daniel:

Disable by changing to a [0]

7. Create a new local account and verify everything is disabled.

Start >> Settings >> Family & other people >> Add someone Else to this PC >> Click on "I don't have this person's sign-in information >> Click Add a user without a Microsoft Account. >> Type in your username, password and temporary recovery. You will be blowing this away. It's just for testing so don't bother getting all fancy.

8. Those of us that have been around for a while know about Computer Management. Just use this one and blow it away when your done. 

9. If you have to find the account you created (like you joined it to the domain BEFORE you removed it and started working on it locally in a VM...cough...cough). You can find the buried System Properties under Control Panel:

10. Go under Settings and delete the other profiles (Domain Accounts you cannot delete from Computer Management. (*While you're at it, Adjust for Best Performance). PRO TIP: Just leave the thing open. You will be blowing away test accounts.

11. OCD Style (Be Careful):

Delete the packages under C:\MSOCache\All Users\ (One Note/Groove). If you have MS Office installed. Do NOT just go in there and wipe out all of the folders. 

12. PRO TIP: Turn the Hidden Files feature back off before you forget and do something terrible.

13. Windows System Apps Location: C:\WindowsSystemApps. This is where the files and executables are stored. 

14. Location of the files in the registry (FYI. Microsoft makes it difficult to edit these entries): 

15. Disabling the "PackageRoot" and "PackageRepositoryRoot" could cause unintended consequences. Test and configure to your liking.

16. Appx >> Config >> Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy >> SetupPhase [Default is 27] Changed to 0 (launches the new profile quicker)

17. Appx >> Config >> Microsoft.BioEnrollment_cw5n1h2txyewy >> SetupPhase [Default is 81] Changed to 0 (launches the new profile quicker)

18. At this point, the bloatware is still coming up on launch. Now we kill it. (FYI. I didn't mess with Windows Store at all since it can break all manner of things on updates, etc)

19. Before you run any PowerShell Scripts. You have to enable the ability to run Scripts on Windows 10. Right-click on PowerShell and "Run As Administrator"

PS C:\Windows\system32> Get-ExecutionPolicy
PS C:\Windows\system32> Set-ExecutionPolicy unrestricted

Click Y or S (Suspend) and then run your script

cd ~ to return to your profile location and then cd into your location of the PowerShell Script

20. Powershell easy peasy...Save it as "CleanUp.ps1" and cd to the folder from PowerShell and run it.

#Retrieved on 9.26.2018 from
#Be careful removing Windows Store from Windows 10 since it can
#have unintended consequences for Windows Updates
Get-AppxPackage *3dbuilder* | Remove-AppxPackage
Get-AppxPackage *windowsalarms* | Remove-AppxPackage
Get-AppxPackage *windowscommunicationsapps* | Remove-AppxPackage
Get-AppxPackage *officehub* | Remove-AppxPackage
Get-AppxPackage *skypeapp* | Remove-AppxPackage
Get-AppxPackage *getstarted* | Remove-AppxPackage
Get-AppxPackage *zunemusic* | Remove-AppxPackage
Get-AppxPackage *windowsmaps* | Remove-AppxPackage
Get-AppxPackage *solitairecollection* | Remove-AppxPackage
Get-AppxPackage *bingfinance* | Remove-AppxPackage
Get-AppxPackage *zunevideo* | Remove-AppxPackage
Get-AppxPackage *bingnews* | Remove-AppxPackage
Get-AppxPackage *onenote* | Remove-AppxPackage
Get-AppxPackage *people* | Remove-AppxPackage
Get-AppxPackage *windowsphone* | Remove-AppxPackage
Get-AppxPackage *photos* | Remove-AppxPackage
Get-AppxPackage *bingsports* | Remove-AppxPackage
#Do Not disable if you have any visually impaired
Get-AppxPackage *soundrecorder* | Remove-AppxPackage
Get-AppxPackage *bingweather* | Remove-AppxPackage
Get-AppxPackage *xboxapp* | Remove-AppxPackage

21. None SCCM Option/Failsafe Option:

Save the file under c:\Users\Default\AppData\Local\Microsoft\CleanUp\CleanUp.bat
The actual powershell file will live under c:\%WinDir%\system32\CleanUp.ps1

Batch File under AppData:
REM Run an unsigned PowerShell script and log the output
Powershell.exe -ExecutionPolicy Unrestricted .\%WINDIR%\system32\Cleanup.ps1 >> "%TEMP%\CleanUpLog.txt" 2>&1

REM If an error occured, return to errorlevel.
EXIT /B %errorlevel%

22. Setup a Task and configure it to run weekly or on login in or script in in SCCM

23. Remember when you are setting up a Task Scheduler item that you have to have a  bypass for the script to run. I don't recommend turning PowerShell scripting off because it can have a nasty impact on your environment is PS execution is off for all of your machines. Definitely, not a good idea.

Under Actions: Start a Program >> Program/Script: >> Type in powershell.exe >> Add Arguments (Optional): -ExecutionPolicy Bypass c:\path to your script

24. Test it under a demo user. (You will see now why I said just keep Computer Management Open.)

25. Before you shutdown the system and convert it to the .wim image. Make sure that you run disk cleanup and that you delete the unnecessary Windows Update files to shrink the image and cleanup the junk:

CMD Prompt:
C:\ net stop wuauserv
C:\ cd %windir%\SoftwareDistribution
C:\del /F /S /Q Download && Start .

Once in Downloads. Wipe it all out.

c:\net start wuauserv

26. Open Powershell as administrator and clear all of the system logs (so you know that everything is fresh):

wevtutil el | Foreach-Object {wevttil cl "$_"}

If you want to use Command Prompt instead:

for /F "tokens=*" %1 in ('wevtutil.exe el') DO wevtutil.exe cl "%1"

27. Type in cmd and then shutdown /s /t 00

28. Use this to remove the apps from the .wim (This is for removal of the unwanted W10 Apps from .WIM only) *FYI. Didn't work for me.


Tuesday, September 25, 2018

How to Disable SharePoint Features for Adobe Document Cloud Reader

1. Disable Adobe Cloud Features:

2. This is how you Disable SharePoint features:

2a. Right Click on FeatureLockDown and add a New Key and type cSharePoint

2b. Right-click on cSharepoint and add bDisableSharePointFeatures. Enter and type 1. 

3. You can also block all of the cloud services if you don't want your users doing anything from the cloud.

4. Now it's nice and clean! 

5. FYI. You can disable the "Sign In" button up top but it wipes out the tools. It's up to you.

6. Lastly, the more things that you disable. The more features will be locked down. If you disable bToggleAdobeDocumentServices your users will not be able to edit PDF files, create PDF's, Export PDF's, Combine files, etc.

How to Install VMware Workstation 15 on Ubuntu 18.04 LTS

1. Do a clean uninstall of any previous versions for a clean installation.

2. VMware Workstation 14 on Ubuntu 18.04 LTS

3. Open Terminal and run the following command:

sudo vmware-installer -u vmware-workstation

4. Download the file from VMware's website

5. from terminal cd to the location where you saved the downloaded file. Run the following command to make the package executable:

chmod a+x VMware-Workstation*

6. Execute the Installer from the command line:

sudo ./VMware-Workstation*

Create your location/path for the shared VM's. I made mine /opt/vmware/shared instead of the default