When running the Media Creation Tool, run the Upgrade option. It will take a while and several reboots to upgrade from Windows 7 or 8 to Windows 10. If you started with Windows 7 Home or Windows 8 Home, the tool will most likely upgrade your PC to Windows 10 Home.
After you’ve finished the ‘Windows 7 Home’ to ‘Windows 10 Home’ upgrade, you now need to upgrade from Windows 10 Home to Windows 10 Pro in order to get the Bitlocker feature.
Upgrade from Windows 10 Home to Windows 10 Pro
To upgrade from Windows 10 Home to Windows 10 Pro, click on the start button and type ‘Microsoft Store‘ and press Enter.
In the store, search for Windows 10 Pro in the upper-right corner of the store:
Purchase the upgrade ($99) and then run the upgrade. The process will take a while and several reboots.
Once you are on Windows 10 Pro, open the File Explorer, click This PC, then Righ- click on the C: drive and choose Turn on Bitlocker or Manage Bitlocker.
Enable Bitlocker for the C: drive – Save the Bitlocker encryption/decryption key to a removable USB drive, save to the cloud, and print for a hard copy. This password to unlock the drive and the Recovery/Decryption key are very important, do not lose them.
Follow the default prompts (ok to skip system check) and the drive will begin encryption. You should see a status bar and progress indicator showing the percentage of encryption. When it reaches 100%, the encryption process has finished.
Reboot the system to complete the encryption of the drive.
After the reboot, log in to the desktop again, and use the Windows Control Panel to check the status. Please follow instructions here:
If you have recently enabled MFA multi factor authentication or 2FA on your Office 365 tenant, your Microsoft Outlook for Office 365 MSO 16.0.11929 (desktop version) users may be prompted over and over for their password, even though you are sure you have the correct password and even the apppassword / app password hash. I’m sure you’ve tried to re-configure Outlook, look at Azure settings, reinstall Outlook, check your autodiscover records, make sure you have the correct Office Suite version and perhaps have even attempted to change the windows 10 registry with the following settings:
So I thought it would be helpful to have a step-by-step how to enable modern authentication in Exchange Online for Office 365 based on the instructions provided in the link above.
With MFA enabled, connecting to Exchange Online with powershell is not as simple as it used to be, but still not all that bad. I’ve found the easiest way to connect to Exchange Online with Powershell is to do the following.
Note: A forewarning here, with certain browsers, when clicking on the Exchange Hybrid “Configure” button, and then installing the Hybrid configuration, the Office 365 login screen may may flash on the screen as a white box, and then disappears before you can authenticate and use your 2FA txt code. I’ve seen this when using Microsoft Edge, Chrome, and even the new version of Microsoft Edge based on Chromium. The only browser I’ve gotten this to consistently work with is the Internet Explorer browser built into Windows 10. The Internet Explorer browser is installed on Windows 10 by default, it’s hidden in the start menu under Accessories:
If you do attempt to run the Exchange Powershell Module using chrome you may encounter the error:
“Application cannot be started. Contact the application vendor.”
When clicking the Details… button, you may find information similar to the following:
PLATFORM VERSION INFO
Windows : 10.0.18363.0 (Win32NT)
Common Language Runtime : 4.0.30319.42000
System.Deployment.dll : 4.8.3752.0 built by: NET48REL1
clr.dll : 4.8.4121.0 built by: NET48REL1LAST_C
dfdll.dll : 4.8.3752.0 built by: NET48REL1
dfshim.dll : 10.0.18362.1 (WinBuild.160101.0800)
Deployment url : file:///C:/Users/Jason/Downloads/Microsoft.Online.CSE.PSModule.Client%20(3).application
Deployment Identity : Microsoft.Online.CSE.PSModule.Client.application, Version=16.0.3527.0, Culture=neutral, PublicKeyToken=45baf49ae30bdb15, processorArchitecture=msil
* Installable application.
* Trust url parameter is set.
Below is a summary of the errors, details of these errors are listed later in the log.
* Activation of C:\Users\Jason\Downloads\Microsoft.Online.CSE.PSModule.Client (3).application resulted in exception. Following failure messages were detected:
+ Deployment and application do not have matching security zones.
COMPONENT STORE TRANSACTION FAILURE SUMMARY
No transaction error was detected.
There were no warnings during this operation.
OPERATION PROGRESS STATUS
* [4/3/2020 3:32:57 PM] : Activation of C:\Users\Jason\Downloads\Microsoft.Online.CSE.PSModule.Client (3).application has started.
* [4/3/2020 3:32:57 PM] : Processing of deployment manifest has successfully completed.
* [4/3/2020 3:32:57 PM] : Installation of the application has started.
Following errors were detected during this operation.
* [4/3/2020 3:32:57 PM] System.Deployment.Application.InvalidDeploymentException (Zone)
- Deployment and application do not have matching security zones.
- Source: System.Deployment
- Stack trace:
at System.Deployment.Application.DownloadManager.DownloadApplicationManifest(AssemblyManifest deploymentManifest, String targetDir, Uri deploymentUri, IDownloadNotification notification, DownloadOptions options, Uri& appSourceUri, String& appManifestPath)
at System.Deployment.Application.ApplicationActivator.DownloadApplication(SubscriptionState subState, ActivationDescription actDesc, Int64 transactionId, TempDirectory& downloadTemp)
at System.Deployment.Application.ApplicationActivator.InstallApplication(SubscriptionState& subState, ActivationDescription actDesc)
at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl, Uri& deploymentUri)
at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivationWithRetry(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
--- End of stack trace from previous location where exception was thrown ---
at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivationWithRetry(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
COMPONENT STORE TRANSACTION DETAILS
No transaction information is available.
At this point, it may be necessary to uninstall the existing module and then re-installing and running using Internet Explorer. You my even receive the following error:
"You cannot start application Microsoft Exchange Online Powershell Module from this lcoation because it is already installed from a different location."
To uninstall the module, click the Start Button > type “appwiz.cpl” and press Enter.
Inside of the Programs and Features screen find the application and click Uninstall.
After uninstall, log into your tenant (with an administrator account) at https://www.office.com using Internet Explorer 11, and click the Admin link:
Next, Expand the Menu on the left menu by clicking Show All… and then click on Exchange:
Next we want to click on the Hybrid link to get to our Powershell Configure button:
Go ahead and install the component if it asks, and when it completes, you’ll be greeted with a Windows Powershell screen with the following message:
Experience the fast and reliable Exchange PowerShell V2 Cmdlets via new PowerShellGallery module. Go to https://aka.ms/exops-docs
This PowerShell module allows you to connect to Exchange Online service.
To connect, use: Connect-EXOPSSession -UserPrincipalName <your UPN>
This PowerShell module allows you to connect Exchange Online Protection and Security & Compliance Center services also.
To connect, use: Connect-IPPSSession -UserPrincipalName <your UPN>
To get additional information, use: Get-Help Connect-EXOPSSession, or Get-Help Connect-IPPSSession
We now want to initiate our session using the instructions provided. At the prompt, type in the command:
That’s about it! Give the setting about an hour to propagate and then try testing Outlook on the desktop again. You may get a few clients where their profile needs to be recreated. You can do this by going into the control panel > (1) choose Small Icons > (2) Mail Microsoft Outlook 2016.
Then click Show Profiles
Now when setting up the new mail account, you should be prompted with the modern authentication and you’ll be prompted for your txt code or Microsoft Authentication Application.
If you’re working remote with just a laptop, or
a laptop and a small 2nd monitor, the desktop gets pretty cramped
for a sysadmin. One way to mitigate the pain is to use your OS’s virtual
Here’s links to guides for Windows, Ubuntu, and MacOS on how to get started with them for your OS. Using Windows as the example, you just press Win-Tab and click the plus sign at the top for New Desktop.
Then drag existing windows on to it, and now they’re on a separate screen. To quickly move between virtual desktops, you can use the CTRL-WIN-left/right arrows.
Once you get in a habit of using them, it’s great for keeping multiple small applications visible on a whole desktop, or multiple full screen apps on their own window that you don’t have to constantly minimize/maximize. You can use Win-Tab (or the Task View button next to the Cortana button on your taskbar) to mass organize things or rearrange, and your Taskbar will reflect what items are open on that particular Desktop.
Alerts and notifications will still appear, even if you’re on a different virtual desktop, and interacting with the notification will teleport you to the relevant desktop.
One gripe with the Windows Virtual desktops is that there’s no easy way to move between desktops without taking your hand off the mouse. You can use the buttons on the side of your mouse (if your mouse has them) to switch desktops if you have the buttons on the side. If your mouse software doesn’t support the windows key combos check out X-Button Mouse Control. Set the buttons to generic and tell X-BMC to change it to the virtual desktop switches.
In order to display an application on all virtual desktops, do Win+Tab, then Right click the Chrome window you want Show window on all desktops.
One thing to note is if you have an AWS Workspace desktop open inside of a virtual desktop, it’s best to have the workspaces desktop in the far-left/primary desktop.
When working remotely in RDP, and you have multiple monitors, and you remote into a machine with multiple monitors, when you open the Remote Desktop client, click the Show Options button then under the display tab, ‘select use all my monitors’ for the remote session.
A user complained that valid good email was being sent to the Junk email folder on outlook on the web. To get to the setting, click on the Gear Icon > View all outlook settings > Junk Email. Attempts to uncheck “Only trust email from addresses in my safe senders and domains list and safe mailing lists.” were unsuccessful and we cannot save the setting.
In the event our Ubuntu server has an incorrect time, a clock that is offset may prevent users from logging in, or for example, synchronizing databases. If OpenVPN is in use with 2FA and google authenticator, their login is dependent on the time of the server being correct . We want to ensure our end users can log into the server or OpenVPN successfully. Let’s start by viewing the clock on our server, and then synchronize the clock with an internet-based time service.
First issue the command:
If we compare this time with an accurate clock, such as a cell phone, we may see this time is no accurate. The date display in the above screenshot shows the Day, Date, Hours, Minutes, Seconds, TimeZone and Year.
Let’s check to see if our clock is set to be synchronized. Do this by issuing the command:
Here we see that our “NTP synchronized: no” status indicates our Network Time Protocol synchronization is turned off.
In order to get our clock synchronized and change it to NTP synchronized: yes, we need to do the following.
Stop the ntp service
Sync the time using ntpd with the -g and -q switches (allows the time to be set without restriction)
Start the ntp service
We can do this by issuing the commands:
Sudo service ntp stop
Sudo ntpd -gq
This will produce something like the following output:
In this output we can see that our time was offset and adjusted by -49.77 seconds.
Next let’s start the ntp service again with the command:
Sudo service ntp start
Lastly we can confirm that our time is set correctly and that NTP synchronized: is now set to yes with the command:
That should do it! Try issuing the command date again and compare it to an accurate clock. Check to see that your OpenVPN users can log in. If they continue to have issues, check out the article on Troubleshooting OpenVPN
trying to install Microsoft Visio or Publisher with a Volume License MAK
license key alongside Office 365 Pro Plus, the Visio .iso installer may give
the error: “this version of O365 does not get along with the Installer, or you
cannot install 32bit with 64bit”. You may even have tried uninstalling the 32
bit version of Office, install the 64 bit version, only to receive the same
exact message. You may find installing 64 bit Visio Volume License with 64 bit
Office 2016 Pro Plus doesn’t work, nor does 32 bit with 32 bit, nor 64 bit with
32 bit. It can be frustrating.
The problem is that Microsoft has moved away from mixing the Volume License .iso installations (downloaded from the Volume Licensing website here: https://www.microsoft.com/Licensing/servicecenter/default.aspx ) – on the same computer with the “Click to Run” versions of Office you typically download from within Office 365 online. Instead, to get around the issue, you need to use the Office Deployment Tool. This will allow you build a build a package you’ll run from the command prompt to install for example, Visio or Publisher, on the same computer as Office 365 Pro Plus Click to Run. The configuration and setup is not all too difficult and we’ve documented the installation instructions below.
The first thing we need to do is download the Office deployment tool from the following site:
At this website you can log into your office account (Recommended), or alternatively choose to continue without signing in:
In our example we’ll create the file by logging in first by clicking “Sign in.”
Once logged in, click on Customization > Device Configuration > +Create.
You’ll notice in the screenshot above we’ve already created a customization file which installs the 64 Bit version of Office Click to Run along with Visio 2016 Standard Volume license. We can download ImageFileNamethis configuration file again at a later date if we lose our .xml file.
In this example, we’ll create a customized file that pairs and combines installations of 32bit Office 365 Pro Plus with Visio Standard 2016 Volume License.
Click on the + Create button.
We first give the configuration a title, something like:
Our configuration will be setup something similar to the following:
Take note that Office365 has different versions, and you click the “Learn More” link to decide which version to install or accept the default “Latest”. You might want to install the version that all of your other deployed Office365 versions are using. If you choose “Latest” you’ll most likely get a newer version of Office365 installed than everyone else. As a reference, I’ve copied one of the version tables below:
Also take a look at the primary language, and any other Office Suite apps you don’t want installed. It’s worth it to click through each heading to see what’s inside.
Next, we need to provide our Visio Standard 2016 volume license key. Do this by first logging into the Microsoft Volume Licensing Center here: https://www.microsoft.com/Licensing/servicecenter/default.aspx , find your product, your version, expand the license keys, and copy the license key into the Office Customization Tool under the heading Licensing and Activation > Product Key > Multiple Activation Key:
Finish by clicking Done in the upper right-hand corner.
Next, place a check next to the configuration file we’ve just created and click Download:
Once you’ve downloaded the .xml file, copy it into the c:\admin\ODT folder.
Open the command prompt on the computer onto which we’ll be installing Office 365 and Visio.
Change directory to c:\admin\ODT with the command:
Run the setup.exe tool from the command Prompt first with the /download switch, followed by the name of your .xml configuration file (use tab to auto-complete the long file name.) For example the filename would look like:
setup.exe /download configurationFileName.xml
The download will be “silent” – it will take about 10 minutes to download the installer to the c:\admin\ODT\Office folder.
Once the download completes, the cmd prompt will be waiting for input again. Next run the setup.exe, except this time, with the /configure switch (again, reference your .xml file.) The /configure switch will process and install your applications as demonstrated in the following screenshot. For example the command would look like the following:
setup.exe /configure ConfigurationFileName.xml
When it finishes both the click to run Office365 will be installed as well as the Visio Volume License MAK version.
We’re done! Now if we need to do another install on a different computer of our Office365+Visio, we can copy the deployment tool and the .xml file to the computer and run the command prompt installer again.
Thanks for all your support. Some of you may have noticed a little downtime. I invested a little professional expertise in the site and you should now see better performance and more site reliability and uptime. Special thanks to Gregory Morozov at upwork.com who quickly identified and resolved the following issues:
Say you have a Windows 7 or Windows 10 PC that has Sophos installed on it, but you cannot find the device in the management console in order to disable tamper protection. You want to uninstall Sophos because it is out of date or cannot communicate with the Sophos cloud. However, when you search for the device name in the console, it isn’t listed with the current computer name. The device was probably renamed several times. So how do you remove or uninstall Sophos without disabling tamper protection? My best advice is don’t try to uninstall the client without first disabling tamper protection.
In many instances, the Sophos client is out of date and cannot communicate with “Management Communication”. In the bottom-right corner of the Sophos client, you can click on “About”.
Here we can find the “Run Diagnostic Tool”. After running the tool you may find some errors such as the following: Last Communication – Failed with error ‘504 Gateway Time-out’ at 08:40:48 Jun 28, 2019 (UTC-07:00)
Reading the knowledge base articles about this and attempting to restart MCS Client services etc didn’t work for me. Instead, we need to find the identifier for the device so that we can get to the device page and obtain the Tamper Protection Password. To do this, on the computer with the bad installation of Sophos, open the File Explorer and go to:
C:\programdata\sophos\management communication system\endpoint\persist\
Inside this directory we will want to open the file named EndpointIdentity.txt
Copy the string of letters and numbers into your clipboard.
Next, log into your Sophos Cloud Console at https://cloud.sophos.com/manage/login then go to Overview > Devices. Click on any existing device and you’ll be directed to the page of that identity. At the top of the page, replace the identity string of the device you copied from the EndpointIdentity.txt file into the URL of the sample device, then hit Enter.
You should now be directed to the page with the correct device identity and password to disable Tamper Protection.
*If this article helped you please click on an ad to help pay for hosting and new content. 🙂
So for the past 6 months or so I’ve tried my hand had trading options on Robinhood, and I want to pass on what I’ve learned so perhaps someone new to options can get a head start. *Disclaimer: I’m in no way endorsing or advocating trading options. What you do with your money and your trades has no association with the information presented here. By reading this information you’re agreeing that you hold harmless and no liabilty to myself, my employer or this website. If that scares you, please click here. In all my trades, I’ve only made a little bit of money with a total amount of trade money equaling under $1000.
Before you get started, it’s important to know that trading options are essentially gambling; it’s almost pure speculation on whether or not the market or stock will go up or down and your bets will pan out. I say almost because there are traders out there who make a consistent living doing options trading. This article is not for those who already know the in’s and out’s of options trading or are looking for information about advanced options trading strategies (spreads etc). But back to gambling… if you have a tendency to let emotions get control of you if you win or lose, or if you’ll hurt yourself or your family because one of your trades goes the wrong way, then stay out of options trading. I won’t go into all the other investment vehicles you can use to safeguard your money for retirement, and at a bare minimum, don’t even think of trading options if you don’t first have an emergency fund of several thousand dollars.
I work for a brokerage, and I’m in no way endorsing trading of options as a retirement vehicle. If you trade options, you may lose everything you have in your bank in one week if you’re not careful. Trading options can be stressful and painful when things don’t go your way. You really do have to watch your puts and calls pretty much every minute of the day while your trades are active. But on the flip side, if you are frugal and learn as much as you can, trading options can be a nice way to generate money quickly without too much physical work. Options trading really is just for “play” money; I advocate putting 99% of your money into a Roth IRA or 401K.
Now onto the fourteen things I’ve learned trading options. I, myself, read my list EVERY TIME I’M ABOUT TO PUT IN AN OPTIONS ORDER. I’ve probably canceled a dozen trades after I’ve read my own list just because I’ve let emotions get hold of me and this list brings me back to reality. This list isn’t necessarily in order of importance.
Limit your losses (always) – Decide how much your bottom limit is and stick to it. If I ever let another option expire worthlessly, I’m worthless. It’s my money. Always keep enough in the brokerage account to at least place a couple more orders. When you have to add money to your brokerage account from savings to keep trading, you’re losing.
Don’t buy options for smaller companies, stocks, or ETFs based on hunches or charts. Smaller stocks don’t have the volumes and there will be no one around to buy your Out-of-the-Money option if the market is heading the wrong direction.
If you win (your option hits its price target), you’ll probably be up a good amount, so sell when the trend is favorable. You’ll never know what will happen in the next few hours or days. Some news might hit, the president will tweet about China, or a scandal could erupt, and everything goes down or vice-versa.
You’ll never time the sale of an In-the-money option exactly at the peak price of the day so it’s ok to sell after it’s coming down from the intra-day high. Better to make some money on the drop from the high than to wait for it to get back to the peak.
It’s ok to sell for a $5, $10, or $20 profit if you’re In The Money and not feeling it and the trend changes or news hits.
The whole reason you’re doing this is to make money whether or not the market is Rising or Falling. Don’t get emotional about what you want to happen to the market or company. Only go by the numbers and make money off of the trend.
Don’t let an option ride overnight, after-market trading is a good way to lose a lot of money real quick once the market opens. You need your sleep and you don’t like to wake up early. This is not set in stone because you could be betting on a piece of big after-hours news or earnings.
Sometimes stocks are so beaten up, some more bad news just clears the way for a rally because there isn’t any reason to punish the stock further.
Same with good news, a stock could be so bid-up that more good news essentially causes a ceiling and there is no reason for it to go up more because it is already so priced for perfection so it goes down.
In a bad market, bulls want red openings and bears want green openings. In a bad market, bulls will buy low right? And in a bad market bears will fade a gap (short).
Keep a good positive mindset and just keep hitting singles for $20, $30, $50, whatever, and keep the loser mentality away.
It sucks you can only do 4 same-day trades in 5 days (with Robinhood,) but don’t allow that fact make you ride an option longer than its value. Theta will steal your money anyway so stick to day trades with options. If you have a long-term bet then buy the actual stock.
Implied Volatility (IV) – when looking to buy an option, look at the Implied Volatility. If it is something high like 91%, then you can probably expect to see the value of your options (most likely) swing/drop 91% during the term of your option. Options are not the best vehicle during earnings. It’s best to sell and make any profit you can before earnings come out. I YOLO bought $375 worth of SBUX options on Thursday with IV of 91% which expired the next day (Friday.) The option made almost no money on Thursday, then favorable earnings came out that Thurs night. The stock jumped up a little in after-hours trading then went back down again. The next morning it dropped like a rock 91 %. I got out that morning and lost $300. Then later that day, like not even 2 hours later, the stock went back up to its previous close. See the chart below. I could have just held on through the IV and not lost as much, but it takes real guts to hold in that situation, which you don’t want to go through, believe me. Again, holding options through earnings is very risky unless it’s something like MSFT which beat it’s projected earnings by a lot and IV was low. Place your bet either prior to or after the earnings and then watch the market reaction. Because this option was expiring the same day, theta was going to quickly eat into its value even if I held during the rise after the sharp drop.
No “options guru tweet” nor r/wallstreetbets post will give you a winning trade every time. Trust your own instincts, gather as much information and news as you can, and find out what works for you, not someone else.
Recently a client complained that an Office 365 account had sent out spam messages to a number of clients. Later, the suspect account which had been sending spam could no longer send or receive email. However upon first glance at the mailbox, sent messages were sitting in the sent items folder, and messages sent to the account in question were not receiving bounce-back failures, but the messages sent to the affected account were not in the inbox. After we changed the password to the account, and enabled 2FA on the account we could still not send and receive mail. Below are the steps used to resolve this particular issue. In short, a malicious inbox rule had been created and outbound messages had been blocked by Microsoft.
Log into the tenant’s Admin console with an Administrative account, and change the password of the affected account.
Log into the affected account as the user using the new password.
Click on the Gear icon and then under Your app settings, click Mail.
4. One in the Mail app Settings, go to Mail > Automatic Processing > Inbox and Sweep rules.
Here we can see a malicious rule had been created to mark all inbound mail as Read and move the message to the “RSS Subscriptions” folder:
5. Uncheck and turn off any malicious or invalid rules.
Also check for any new forwarding rules in Mail > Accounts > Forwarding:
6. When we look in our “RSS Subscriptions” folder we find some messages from Microsoft indicating the account has been blocked from sending mail because the account was flagged as sending spam:
Your message couldn't be delivered because you weren't recognized as a valid sender. The most common reason for this is that your email address is suspected of sending spam and it's no longer allowed to send messages outside of your organization. Contact your email admin for assistance.
Remote Server returned '550 5.1.8 Access denied, bad outbound sender. For more information please go to http://go.microsoft.com/fwlink/?LinkId=875724. S(9333) [DM5PR10MB1914.namprd10.prod.outlook.com]'
7. To resolve this issue, we’ll need to go into the Action Center. Log into the Admin console > Admin Centers > Exchange > Protection > Action Center
8. In the Action center, we’ll find an issue flagged regarding our hacked user account. Take action on the issue and after a while due to permission propagation, it may take up to 2 hours for the account to be re-enabled for sending mail again.
9. It might be a good idea to contact Microsoft Support if you continue to experience problems with a user account sending spam. Changing the password should prevent malicious access. Most like the account had been phished or the computer the user has was compromised by a virus/malware or spyware. It’s recommended that the account have two-factor authentication or multi-factor authentication enabled to prevent the account from being hacked again.
tag: outlook cannot send or receive email but sent mail is in sent items folder