www.butsch.ch

CRUNCH Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online M365,AZURE,INTUNE Microsoft Exchange

M365/Exchange Hybrid OAuth Testing command, OAuth-Cert out-of-sync 4001, IIS VDIR OAuth wrong

21.06.2023 admin

www.butsch.ch Resolve and find OAuth problem in Exchange Hybrid Setup Environment Short Understanding OAuth: OAuth (Open Authorization) is an industry-standard protocol that enables secure authorization for third-party applications without the need to disclose user credentials. It allows users to grant limited access to their resources on one site to another site, without sharing their credentials. […]

GPO | Gruppenrichtlinien Hotfixes, Updates Intunes M365,AZURE,INTUNE Server 2025 WSUS

W11 24H2 + Server 2025 Hotpatch without Reboot how to set VBS via GPO so it works

05.03.2025 admin

Hotpatching is coming to Windows 11 24H2 Enterprise E3+. Users will be able to patch “Security ONLY” updates on Patch Tuesday without requiring a reboot each time. W11 Hotpatch only available for Windows Enterprise E3 or E5 (e.g. Microsoft 365 A3/A5 or Microsoft 365 F3); or a Windows 365 Enterprise subscription. Windows 11 version […]

SQL WSUS

Unable to connect to WSUS WID with SQL Management Studio V20, does not support encryption

25.02.2025 admin

Unable to connect to WSUS WID with SQL Management Studio V20, does not support encryption We just had a customer where a newer version of SQL Server Management Studio was installed to manage the WID (Windows Internal Database) of the WSUS server on a Server 2022 OS. With the EOL for WSUS Server (only […]

M365 - Exchange Online M365,AZURE,INTUNE

Exchange Online SMTP Volumen Limiten für ausgehende E-Mail ab März 2025 – TERRL

25.02.2025 admin

Microsoft führt Limit für ausgehenden SMTP-E-Mail-Flow von Tenants ein Back to the roots? Ein weiterer neuer Grund wieso grössere Firmen gewisse Services zurück on-premise holen? Microsoft beschränkt künftig die Anzahl an E-Mails, die ein Tenant pro Tag versenden kann. Dabei ist zu beachten, dass auch Kalendereinladungen und Terminbenachrichtigungen als E-Mails gezählt werden. Falls durch […]

Exchange 2019 M365 - Exchange Online M365,AZURE,INTUNE

Exchange Tenant, EXO, EWS Security change (Fehlervermeidung Security), 02-2025

20.02.2025 admin

Exchange Tenant, EXO, EWS Security change (Fehlervermeidung Security) Microsoft verbessert die Sicherheit von EWS und löst das Problem bei der Kombination von “per Tenant” und “per User” Rechten. Dies erleichtert es insbesondere grossen Unternehmen, Compliance-Vorgaben konsequent durchzusetzen. Ein wesentlicher Grund für diese Änderung ist, dass viele Personen im M365-Portal oder über Graph API Änderungen vornehmen, […]

Server 2016 VMWare WSUS

Packet loss older NIC VMWARE 1.9.11.0 on ESXi 8.0.2

20.02.2025 admin

Packet loss with VMXNET3, NIC VMWARE, 14.09.2022, 1.9.11.0, Server 2016 ON ESXi 8.0.2, 238255 Did you update the NIC driver when migrating to ESX V8? We recently encountered issues on a server running WSUS and Trellix ePO, which normally generate a lot of traffic in all directions. For several days, I observed sporadic packet loss […]

M365,AZURE,INTUNE Microsoft Server OS Server 2025 WSUS

Inplace Upgrade of WSUS Server 2016 to 2025 in one step

17.02.2025 admin

English: In-Place Upgrade: WSUS Server from Server 2016 to Server 2025 Good news for IT admins and engineers: An in-place upgrade from Windows Server 2016 to Server 2025 for WSUS is now fully feasible. During our tests, we successfully migrated the entire WSUS server role, including all prerequisites, WSUS content, console views, and approval settings, […]

Hotfixes, Updates Intunes WSUS

Block 24H2 W11 Update which comes with februar Patchday 02-2025

12.02.2025 admin

The Microsoft 02-2025 Patchday brings a hidden surprise for all valid systems. It pre-downloads and offersthe 24H2 W11 Feature Update. Most of the existing problems target home/gamer users, but still,some people would like to block the update on single systems. Pre-download folder for W11 > W11 Release Migration, around 450 MB you see if too […]

DLP | Data Loss Prevention ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 4

05.02.2025 admin

Trellix ePolicy Orchestrator 5.10.0 Service Pack 1 Update 4 We have installed the latest Update 4 on several customer on-premises EPO installation and the update works fine and without any problems. Key Considerations for Updating Trellix ePO 5.10 SP1 to the Latest Rollup 4 Check your ePO database size. Some Trellix SP or Rollup […]

Deployment GPO | Gruppenrichtlinien Hotfixes, Updates Scripting

Microsoft EDGE fails to Update from WSUS, from MSI-file or repair APPS because of GPO, 0x80070643, 1722

16.01.2025 admin

Microsoft EDGE fails to Update from WSUS, from MSI-file or repair APPS because of GPO, 0x80070643, 1722 Cause: GPO / EdgeUpdate Policies In this case, we have a GPO (Group Policy) created by or for a customer who uses Firefox as the default browser because a Citrix engineer advised them that this was the best […]

Scripting

Auto resize pictures in Winword for a blog Post automatic with VBA macro

02.01.2025 admin

WHO: You Blog with Winword to WordPress or Blogengine.net and want to auto resize the pictures direct in Winword (Not in the blog with some risky plugin) I do not like macros in any form due to security reasons (we block them wherever we can), but there might be a reason to use one locally […]

Deployment Microsoft SCCM,MEM,MDT

MDT/SCCM, bluescreen intcpmt.sys, 3.1.2.2 A0 on W10 1909, Intel Platform Technology on Dell 5690

28.11.2024 admin

MDT/SCCM, bluescreen intcpmt.sys, 3.1.2.2 A0 on W10 1909, Intel Platform Technology driver on DELL 5690 We have a customer where, besides other OS releases, we still run Windows 10 1909 because they have so many different DELL laptop models. We roll out 1909 and then silently update it to Windows 10 21XX afterward. This […]

Exchange 2016 Exchange 2019 M365 - Exchange Online Outlook

Outlook.exe, delay in receive and sending E-Mail in cached mode how to solve with GPO

11.11.2024 admin

In the OLD KB-Number: 982697 MS explains….. The default Behavior for downloading shared folders can be modified using Group Policy and registry settings. Some of these policies and registry values may have improved the performance of shared folders in earlier versions of Outlook or when the shared folders were located in Exchange Server on-premises mailboxes. […]

M365,AZURE,INTUNE Microsoft SCCM,MEM,MDT

M365, Intunes Company Portal 0x87D1041C when UWP assigned to user AND device

11.11.2024 admin

If you see Error 0x87D1041C in the Company Portal (Unternehmensportal), it may be related to the assignment types. In Intunes you should avoid mixing “USER” and “SYSTEM/DEVICE” assignments for UWP apps. In this case, Error 0x87D1041C will appear in the M365 Portal, but the app will still function. If the UWP app is already […]

Microsoft Server OS Server 2019

Server 2019 bug c:\windows\system32\control.exe error

17.09.2024 admin

Windows Server 2019 Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item Reason is this local GPO on the Server: User Account Control: Admin Approval Mode for the Built-in Administrator account If you follow the process below with gpedit.msc you WILL FIND OUT That […]

Exchange 2016 Exchange 2019 M365 - Exchange Online Microsoft Exchange Microsoft Server OS Server 2019 Server 2022 [21H2/22H2/32H2] Server 2025 Tools we made Uncategorized

MS SRV Disable IPv6 the correct way CVE-2024-38063

16.08.2024 admin

Recommendation 16.08.2024 for CVE-2024-38063 and IPV6 There is a patch from 2008-2022+ Servers so use it See following LINK on how to import the older OS patches into WSUS CVE-2024-38063, CVSS 9.8, import free 2008/R2 + 2012R2 into WSUS – www.butsch.ch https://www.butsch.ch/post/cve-2024-38063-cvss-9-8-how-to-import-the-free-2008-2008r2-patch-into-wsus/ If you can’t patch then as least options CAREFULLY consider disabling IPV6 the […]


Try our new Certificate Revocation List Check Tool CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Highroller