www.butsch.ch - Page 4 of 29 - Enterprise IT explained for you and me

Deployment ENS | Endpoint Security FW Fortigate FW Sophos Mcafee/Trellix Scripting SECURITY

Certutil.exe –url –urlcache how to use and freeware GUI crl check to automate CRL verify

21.04.2024 admin

How to use Microsoft certutil.exe –url or –urlcache to find CRL and OCSP on Windows manually, or utilize our freeware tool crlcheck.exe, which performs the same function fully automatically for all EXE files on your system. crlcheck.exe https://www.butsch.ch/post/crlcheck-exe-certificate-revocation-list-check-tool-to-verify-all-crl-and-ocsp-on-windows-client/ What is a CRL Certificate Revocation List file? Each certificate authority (CA) periodically issues […]

EPO | ePolicy Orchestrator Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection Tools we made

McAfee ATD – Trellix TIS MASU.exe Sandbox Uploader. A freeware tool to submit files to ATD/TIS automatic

09.04.2024 admin

M.A.S.U (M)CAFEE (A)TD (S)ANDBOX (U)PLOADER V4.1, Mike Butsch, Senior System Engineer, www.butsch.ch Remark 2024: Everything will work for TIS / Trellix Intelligent Sandbox we have been using the same tool with every release of TIS. Hopefully there is a ready solution for FireEye without using Python The tool is freeware, feel free to use it. […]

Mcafee/Trellix CRUNCH ENS | Endpoint Security FW Fortigate FW Sophos GPO | Gruppenrichtlinien Intunes M365 - Exchange Online M365,AZURE,INTUNE Microsoft SCCM,MEM,MDT Microsoft Server OS Scripting Tools we made Uncategorized W10 WSUS

CRL check, Zertifikatsperrlisten Software, Certificate Revocation List Check Tool zum suchen aller geblockten CRL in Firmenumgebungen, crlcheck.exe

06.04.2024 admin

Mit diesem Tool findet man schnell und einfach alle verwendeten CRL eines clients und kann prüfen ob der client diese erreicht. In den vergangenen Jahren habe ich persönlich miterlebt, wie die Zertifikatssperrung auf Windows-Systemen oft unterschätzt wird, selbst in großen Unternehmen. Dieses Problem beeinträchtigt sowohl Client- als auch Server-Systeme erheblich, wenn es nicht korrekt verwaltet […]

Deployment Hotfixes, Updates WSUS

Problematic W11 preview patch KB5035942 do not install rollback HP laptop seen

03.04.2024 admin

Patch: 2024-03 Cumulative Update Preview for Windows 11 Version 23H2 for x64-based Systems (KB5035942) OS Builds : 22621.3374 22631.3374 Patch details: March 26, 2024—KB5035942 (OS Builds 22621.3374 and 22631.3374) Preview – Microsoft Support https://support.microsoft.com/en-us/topic/march-26-2024-kb5035942-os-builds-22621-3374-and-22631-3374-preview-3ad9affc-1a91-4fcb-8f98-1fe3be91d8df The KB5035942 preview patch seems to make some problem on different brands of systems. Some customer reported bluescreen or […]

Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online M365,AZURE,INTUNE

Powershell to show and log SMTP Port 25, 465, 2525 after decomission old Exchange Server

03.04.2024 admin

Powershell to show and log SMTP Port 25, 465, 2525 after Decomission old Exchange Server When decommissioning an Exchange Server, it’s common to install SMTP/IIS to capture and redirect the failing SMTP sender traffic, allowing us to monitor if there’s still traffic coming to the old Exchange. Below is a PowerShell script that you […]

Hotfixes, Updates Server 2016 WSUS

WSUS ImportUpdateToWSUS.ps1, March 2024 security update DC fails SRV 2019 and 2022 how to fix all steps

26.03.2024 admin

03/2024, out of Band patches for DC crash KB5037422, KB5037425, KB5037423, KB5037426 DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/ We explain how to import the 4-5 manual patches for Server 2012R2, 2016, 2019, 2022 and what to fix if you get an error when you run the script to ImportUpdateToWSUS.ps1 to import the patches into […]

Server 2016 Server 2022 [21H2/22H2/32H2] WSUS

Windows Update Server Import Fehler Powershell KB5037422, KB5037425, KB5037423, KB5037426

26.03.2024 admin

Notfall Patche, Out of Band patche für Domain Controller DC crash KB5037422, KB5037425, KB5037423, KB5037426 DEUTSCH https://www.butsch.ch/post/windows-update-server-import-fehler-powershell-kb5037422-kb5037425-kb5037423-kb5037426/ ENGLISCH https://www.butsch.ch/post/wsus-importupdatetowsus-ps1-march-2024-security-update-dc-fails-srv-2019-and-2022-how-to-fix-all-steps/ Um die 4-5 manuellen Patches für Server 2012R2, 2016, 2019 und 2022 zu importieren und zu erklären, was zu tun ist, wenn beim Ausführen des Skripts “ImportUpdateToWSUS.ps1” zum Importieren der Patches in WSUS ein […]

FW Fortigate KEMP Load Balancer Mcafee/Trellix SECURITY

KEMP service option Detect Malicious Request Intrusion handling blocks Winword Blog posts

25.03.2024 admin

The KEMP option “Detect Malicious Requests” blocks Winword from connecting to WordPress or BLOGengine.net blog provider configurations, changing or uploading existing blog entries with pictures. We lost quite some time on this one because we were initially searching forever on our firewall and other WAF appliances. Finally, we found out that this is due […]

Deployment CRUNCH DLP | Data Loss Prevention ENS | Endpoint Security Exchange 2010 Exchange 2013 Exchange 2016 Exchange 2019 FW Fortigate FW Sophos Intunes M365 - Exchange Online Mcafee/Trellix Microsoft Exchange Microsoft SCCM,MEM,MDT Microsoft Server OS MSME | Security for Exchange Scripting SECURITY Server 2016 Server 2022 [21H2/22H2/32H2] TIE/ATD/ATP | Sandbox - Advanced Threat Protection Tools we made VMWare W10

CRLcheck.exe Certificate Revocation List Check Tool to verify all CRL and OCSP on Windows client

23.03.2024 admin

CRLcheck.exe, Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs. Download 01.01.2026, NEW Release 2.2.0.0 rebuilt for server and small display resolutions like VM’s Version 2.2.0.0, https://www.butsch.ch/wp-content/uploads/tools/crlcheck/latest/crlcheck.7z https://www.softpedia.com/get/Security/Security-Related/Certificate-Revocation-List-Check-Tool.shtml Over the past 20 years, I have personally witnessed how Certificate Revocation […]

EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee/Trellix EPO 5.10 SP1 Update 2, LDAP Sync Save Agent Settings FAILS/Stalls Bug

12.03.2024 admin

Mcafee/Trellix EPO 5.10 SP1 Update 2, LDAP Sync Save Agent Settings FAILS/Stalls Bug Do not add, change, or modify Organizational Units (OUs) in Active Directory where you sync via LDAP. You won’t be able to change the LDAP Sync settings in EPO 5.10 SP1 UPD. We have just wasted a full morning on a bug […]

Exchange 2013 M365,AZURE,INTUNE

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Exchange server version is out-of-date

04.03.2024 admin

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Mode, Queue is growing SMTP ERROR: Connecting Exchange server version is out-of-date Since December 2023, Microsoft has been throttling or blocking on-premises Exchange 2013 servers that are in Hybrid Mode, connecting to their cloud environment. Even if 99% of the mailboxes are already in the […]

Exchange 2007 M365,AZURE,INTUNE

Unable to delete Exchange Mailbox DSID-03152d1c, problem 4003 INSUFF_ACCESS_RIGHTS

29.02.2024 admin

ERROR: You want to delete a Exchange MAILBOX of a user. The user account is decativated. Crypt error: 0000005: SecErr: DSID-03152d1c, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 This is because a local normal employee user has the ADMINSholder/adminCount flags set to 1/true. (Which is not good in Domain Environments) This is because the Active […]

Exchange 2016 Exchange 2019 M365 - Exchange Online

Enable Extended Protection for OS 2016 and Exchange 2016 (on-premises, no hybrid, no DAG) sample all steps explained

22.02.2024 admin

Here you will find all steps to protect from CVE-2024-21410 Exchange Leak. This sample handels and standlaone Exchange 2016 running on Server 2016. The customer has no DAG (Cluster), He is NOT in Hybrid Mode Classic or Modern (He has no CLOUD connection), all latest 02/2024 Windows Updates are installed, the latest CU for […]

Server 2022 [21H2/22H2/32H2] VMWare

Managing external time server NTP on Microsoft Server DC and Vmware ESX in Switzerland

31.01.2024 admin

Managing Windows Time Service: A Comprehensive Guide The Windows Time service (W32Time) plays a crucial role in synchronizing the date and time for all computers managed by Active Directory Domain Services (AD DS). This article delves into the tools and settings used to effectively manage the Windows Time service. Default Synchronization By default, […]

Deployment Intunes M365,AZURE,INTUNE Scripting

INTUNES-MEM: 32 or 64-bit Runtime and Registry Hive explained (WOW6432Node)

27.01.2024 admin

The normal Intunes Agent that is running on a Windows 10/11 64-bit OS is a 32-bit Agent. INTUNES-MEM: 32 or 64-bit Runtime and Registry Hive explained (WOW6432Node) Short sample why you maybe landed here…. What is the problem that we often see: A Win32APP with import_registry.cmd or import_registry.ps1 is run via Intunes. Before deployment […]

Highroller