www.butsch.ch

Hotfixes, Updates Server 2016 WSUS

WSUS ImportUpdateToWSUS.ps1, March 2024 security update DC fails SRV 2019 and 2022 how to fix all steps

26.03.2024 admin

03/2024, out of Band patches for DC crash KB5037422, KB5037425, KB5037423, KB5037426 DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/ We explain how to import the 4-5 manual patches for Server 2012R2, 2016, 2019, 2022 and what to fix if you get an error when you run the script to ImportUpdateToWSUS.ps1 to import the patches into […]

Server 2016 Server 2022 [21H2/22H2/32H2] WSUS

Windows Update Server Import Fehler Powershell KB5037422, KB5037425, KB5037423, KB5037426

26.03.2024 admin

Notfall Patche, Out of Band patche für Domain Controller DC crash KB5037422, KB5037425, KB5037423, KB5037426 DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/ Um die 4-5 manuellen Patches für Server 2012R2, 2016, 2019 und 2022 zu importieren und zu erklären, was zu tun ist, wenn beim Ausführen des Skripts “ImportUpdateToWSUS.ps1” zum Importieren der Patches in WSUS ein […]

FW Fortigate KEMP Load Balancer Mcafee/Trellix SECURITY

KEMP service option Detect Malicious Request Intrusion handling blocks Winword Blog posts

25.03.2024 admin

The KEMP option “Detect Malicious Requests” blocks Winword from connecting to WordPress or BLOGengine.net blog provider configurations, changing or uploading existing blog entries with pictures. We lost quite some time on this one because we were initially searching forever on our firewall and other WAF appliances. Finally, we found out that this is due […]

CRUNCH Deployment DLP | Data Loss Prevention ENS | Endpoint Security Exchange 2010 Exchange 2013 Exchange 2016 Exchange 2019 FW Fortigate FW Sophos Intunes M365 - Exchange Online Mcafee/Trellix Microsoft Exchange Microsoft SCCM,MEM,MDT Microsoft Server OS MSME | Security for Exchange Scripting SECURITY Server 2016 Server 2022 [21H2/22H2/32H2] TIE/ATD/ATP | Sandbox - Advanced Threat Protection Tools we made VMWare W10

CRLcheck.exe Certificate Revocation List Check Tool to verify all CRL and OCSP on Windows client

23.03.2024 admin

CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs. Download 11/2024 NEW Release 2.0.1.0 with OSCP check, Proxy Options, AIA Chain check etc. Version 2.0.1.0, https://www.butsch.ch/wp-content/uploads/tools/crlcheck/latest/crlcheck.7z Over the past 20 years, I have personally witnessed how Certificate Revocation […]

EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee/Trellix EPO 5.10 SP1 Update 2, LDAP Sync Save Agent Settings FAILS/Stalls Bug

12.03.2024 admin

Mcafee/Trellix EPO 5.10 SP1 Update 2, LDAP Sync Save Agent Settings FAILS/Stalls Bug Do not add, change, or modify Organizational Units (OUs) in Active Directory where you sync via LDAP. You won’t be able to change the LDAP Sync settings in EPO 5.10 SP1 UPD. We have just wasted a full morning on a bug […]

Exchange 2013 M365,AZURE,INTUNE

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Exchange server version is out-of-date

04.03.2024 admin

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Mode, Queue is growing SMTP ERROR: Connecting Exchange server version is out-of-date Since December 2023, Microsoft has been throttling or blocking on-premises Exchange 2013 servers that are in Hybrid Mode, connecting to their cloud environment. Even if 99% of the mailboxes are already in the […]

Exchange 2007 M365,AZURE,INTUNE

Unable to delete Exchange Mailbox DSID-03152d1c, problem 4003 INSUFF_ACCESS_RIGHTS

29.02.2024 admin

ERROR: You want to delete a Exchange MAILBOX of a user. The user account is decativated. Crypt error: 0000005: SecErr: DSID-03152d1c, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 This is because a local normal employee user has the ADMINSholder/adminCount flags set to 1/true. (Which is not good in Domain Environments) This is because the Active […]

Exchange 2016 Exchange 2019 M365 - Exchange Online

Enable Extended Protection for OS 2016 and Exchange 2016 (on-premises, no hybrid, no DAG) sample all steps explained

22.02.2024 admin

Here you will find all steps to protect from CVE-2024-21410 Exchange Leak. This sample handels and standlaone Exchange 2016 running on Server 2016. The customer has no DAG (Cluster), He is NOT in Hybrid Mode Classic or Modern (He has no CLOUD connection), all latest 02/2024 Windows Updates are installed, the latest CU for […]

Server 2022 [21H2/22H2/32H2] VMWare

Managing external time server NTP on Microsoft Server DC and Vmware ESX in Switzerland

31.01.2024 admin

Managing Windows Time Service: A Comprehensive Guide The Windows Time service (W32Time) plays a crucial role in synchronizing the date and time for all computers managed by Active Directory Domain Services (AD DS). This article delves into the tools and settings used to effectively manage the Windows Time service. Default Synchronization By default, […]

Deployment Intunes M365,AZURE,INTUNE Scripting

INTUNES-MEM: 32 or 64-bit Runtime and Registry Hive explained (WOW6432Node)

27.01.2024 admin

The normal Intunes Agent that is running on a Windows 10/11 64-bit OS is a 32-bit Agent. INTUNES-MEM: 32 or 64-bit Runtime and Registry Hive explained (WOW6432Node) Short sample why you maybe landed here…. What is the problem that we often see: A Win32APP with import_registry.cmd or import_registry.ps1 is run via Intunes. Before deployment […]

ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix SECURITY

Mcafee Trellix, GetSusp.exe EPO Version reports back to EPO Dashboard

23.01.2024 admin

With EPO 5.10 on a fresh install, you have GetSusp.exe in both 32-bit and 64-bit versions in the Master if you perform an automatic product check-in. You can easily run the small tool GETSUPS.exe (command line/GUI standalone scanner) via EPO. I am not sure if I missed it because I never use the […]

EPO | ePolicy Orchestrator Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express

23.01.2024 admin

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express Does also happen with: EPO5100_ServicePack1_4098_LR1.zip (lATEST DOWNLOAD 01.05.2024) Just had a case where we searched for longer, but it was NOT related to a dual install of WSUS+EPO. Because we sometimes have a dual install of EPO and WSUS roles on the […]

Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online Microsoft Exchange Server 2022 [21H2/22H2/32H2]

Exchange CVE-2024-21410 2016 2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem

19.01.2024 admin

Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]

Hotfixes, Updates Microsoft Server OS Server 2022 [21H2/22H2/32H2] WSUS

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition

11.01.2024 admin

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition or with too small recovery Partition (Free space under 250MB) ERROR: KB5034439, 0x8024200B, 0x80070643 ERROR_INSTALL_FAILURE. PATCH: 024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439). Status 12.01.2024 —————————————————– Microsoft has releases two PowerShell with which you should […]

FW Fortigate FW Sophos M365,AZURE,INTUNE SECURITY

Troubleshooting CRC Errors on Fortinet Fortigate Firewalls – Intunes CRC download error

28.11.2023 admin

We just had a case where we in detail explored the CRC errors with Intunes Packets. Simply WIN32 Package with 300MB failed just for one client. One client had a CRC error same day while others just fine. Here is how to check local on-premises to be sure you can tell it’s M365 side failing […]


Try our new Certificate Revocation List Check Tool CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Highroller