vrijdag 7 oktober 2016

FIXED - ANOMALY: use of REX.w is meaningless (default operand size is 64) - FIXED


There is a fix for this published by Trendmicro:



Came across this strange error after reinstalling my pc.

Same goes for PowerShell.

The command itself doesn't matter, the error appears at every command or applet.

Removed TrendMicro Maximum Security 2017, rebooted and the error was gone.
Installed TrendMicro Maximum Security 2017 again and there is was again.


Then removed the TrendMicro Password manager and the TrendMicro troubleshooting tool.

Reboot, still there.
Now i can't just remove TrendMicro Maximum Security 2017 well because....
It has some thing to do with TrendMicro Maximum Security 2017 itself.

I will see if i can contact the support team and try to get this fixed or at least under the attention of TrendMicro.

To be continued.

donderdag 29 september 2016

Top 30 Quick reminders for SysOps

Came across this over at gfi.com/blog, this is just here for my own quick sneak and peek.
But if you have more quick wins, tips or oneliners let me know and i'll add them.


  1. netsh int ip reset all will reset your NIC back to DHCP quickly, blanking out all static settings.
  2. net use will show you all open SMB connections on your machine.
  3. If you need to grab a quick network capture, but aren’t allowed to install Wireshark or another similar tool, open an admin command prompt and run netsh trace start capture=yes tracefile=c:\capture.etl to create a file you can open in Wireshark or Netmon later. Use netsh trace stop to end the capture.
  4. If you just need to know what is happening, but not capture a trace, use netstat as a poor man’s packet analyzer. netstat –ano 1 | findstr X will update once a second and highlight whatever you replace X with, like :443 or SYN_SENT or the destination ip.addr you are trying to confirm your machine is attempting to communicate with.
  5. netstat –e can give you a quick diagnosis of layer 2. Watch out for high or increasing numbers of errors.
  6. Grab the TCPING utility from http://www.elifulkerson.com/projects/tcping.php and use it to monitor not just when a server reboots, but when a service is back up. Try tcping –t –b 2 addr 3389 when you reboot a Windows server. It will start to use your default beep sound when the service starts responding to SYN requests, so you know you can RDP back into the box after a reboot.
  7. Use netstat –r to dump your IP routing table so you can see if everything goes to the default gateway, or somewhere unexpected.
  8. Download BIND for Windows from https://www.isc.org/downloads/# and use the Windows ports of DIG and HOST to do DNS queries.
  9. And if you like DIG and HOST, grab the whois port from https://technet.microsoft.com/en-us/sysinternals/bb897435 to do command line lookups of domain names and IP networks.

Active Directory

  1. netdom query fsmo will list all the Flexible Single Master Operations members in your domain, so you can find the PDC emulator, schema master, etc.
  2. repadmin /replsummary will give you a quick status on AD replication. It will also let you know if you cannot reach a domain controller from the machine on which you run the command.
  3. repadmin /syncall will trigger an AD replication so you don’t have to wait.
  4. net accounts will list the domain security policy.
  5. gpresult /v will dump all the Group Policy Object settings affecting you and the machine you’re on.
  6. whoami and whoami /groups will confirm your AD account and group memberships.
  7. set l will let you know what domain controller authenticated you, or if you are running with cached credentials.


  1. Use the Windows+Arrow Keys to move windows around, including both half- and quarter-monitor views.
  2. Windows+Tab to bring up a quick preview of all running applications.
  3. Windows+X brings up the Quick Access Menu.
  4. Windows+P brings up projection options for when you connect to a second monitor or projector.
  5. Windows+number will launch whatever app is in that numeric position, from left to right, on your taskbar.
  6. CTRL+SHIFT+P launches an “In Private” session of Internet Explorer.
  7. Use the Problem Steps Recorder to automatically capture screenshots of a process or procedure. It’s great for documentation and training too. Windows+R, PSR, Enter!
  8. Run powercfg –h off to turn off hibernation, and buy back several GB of disk space by dropping the hiberfil.sys file that is just taking up space on your hard drive.
  9. Look up most error codes at the command prompt by downloading the Microsoft ERR tool and saving it in your path.
  10. All the Sysinternals command-line tools can be executed from the web using \\live.sysinternals.com\tools\toolname*. Check out http://live.sysinternals.com/ for all the tools that are there.


  1. If you are not sure of a command, run get-command *something* to get a list of appropriate commands.
  2. Use get-help command to get help on a command. –full gives you everything, -examples just lists some examples, and –online brings up the online help.
  3. PowerShell v4 and later has copy and paste already turned on, and can use the highlight, CTRL-C, CTRL-V just like any other Windows app.
  4. There are 155 aliases in PowerShell v5, making cmdlets from DOS and Linux available to you in PowerShell. Run alias to see all the ones that are built-in, and use the alias command to create your own.

woensdag 28 september 2016

Onedrive - This feature has been disabled by your administrator

How anoying, now how to get to your Onedrive?

Copy the text below and paste in a new text file, save the file as a ".reg".

Windows Registry Editor Version 5.00


Then double click the reg file and close Onedrive, then reopen Onedrive and sign in from an Office application.

dinsdag 27 september 2016

Skype for Business client addressbook not downloading - Force Addressbook download - Why would you?

Skype for Business client addressbook not downloading - Force Addressbook download - Why would you?

This is one of those things that happens to all of us.
The Lync or Skype for Business addressbook won't download to the local computer.

I wrote about this once before for Lync 2010 here.

After upgrading to Office 2016 you get the new collaboration/communication client as well: Skype for Business. And with that comes a version change, and i don't mean in what you see at the client i mean on the file system level.

The previous path to the Lync client profile was:
C:\Users\Username\AppData\Local\Microsoft\Office\14.0\Lync\sip_username@domain.com for Lync 2010.
C:\Users\Username\AppData\Local\Microsoft\Office\15.0\Lync\sip_username@domain.com for Lync 2013.
But now it's:
C:\Users\Username\AppData\Local\Microsoft\Office\16.0\Lync\sip_username@domain.com for Skype for Business 2016.

So you have to update you registry path accordingly.
So instead of looking for:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Office\14.0\Lync\GalDownloadInitialDelay for Lync 2010.
Or HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Office\15.0\Lync\GalDownloadInitialDelay for Lync 2013.

Go to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Office\16.0\Lync\GalDownloadInitialDelay for the new Skype for Business 2015 client.

Make sure the value for GalDownloadInitialDelay is set at 1 for instant GAL retrieval.


Why bother with local copies of files when you can search at the source?
The one place where the GAL originates from: The Skype for Business server it self.

On the frontend server open an elevated Skype for Business Management PowerShell:
To get the current Addresbook policy:
PS C:\> Get-CsClientPolicy | select identity, addressbook*

 Identity               AddressBookAvailability
Global                 WebSearchOnlyWebSearchAndFileDownload
To set the Addressbookavailability to "WebsearchOnly":
Set-CsClientPolicy -Name Global -AddressBookAvailability "WebSearchOnly"
To see more about ClientPolicies go here.

vrijdag 23 september 2016

Backup local user contacts from Lync 2013 and Skype for Business 2015 with Powershell

After migrating from Lync 2010 to Skype for Business 2015 the moment came to move all the users to the new registrar pool and all the local user contacts went missing.

To avoid this from happening to you, here's what you can do.

Copy the text below into a new text file and name it "Skype4BusinessUserContactsBackup.ps1"
$fileName = (Get-Date -Format ddMMyyyy) + "-SkypeUsersContactsBackup.zip"
$Path = "\\Domain.lan\Some\path\to\some\where"
# Set limit for older than days
$limit = (Get-Date).AddDays(-365)
# Delete files older than the $limit.
Get-ChildItem -Path $path -Recurse -Force | Where-Object { !$_.PSIsContainer -and $_.CreationTime -lt $limit } | Remove-Item -Force
#(Join-Path $Path $filename)
Export-CsUserData -PoolFqdn Yourpoolname -FileName (Join-Path $Path $filename)
Short description of what this all does:
$filename, set a filename in current date and time format and add SkypeUsersContactsBackup.zip.
File name looks like this: 23092016-SkypeUsersContactsBackup.zip.
$path, specify a path where the file will be saved.
$limit, how many days before we start deleting the backup zip files.
At the end the export from the pool will be written in the destination made from $path and $filename.

Then create a scheduled task with these action settings:

Program/script: Powershell.exe -command ". 'path to your script\scriptname.ps1'"
Set it to run at a monthly schedule or more as you desire.
The file in my environment is about 16MB for roughly 1600 users.

Now when the time comes to restore some contacts for a user, several or all users, you'll need this GUI script from Anthony Caragol.
Download from here:
It still works on Skype for Business.

maandag 12 september 2016

Migrate from Office Web Apps 2013 to Office Online Server 2016 for Skype for Business 2015

Sharing PowerPoint's in Skype for Business 2015 was done with Office Web Apps 2013.

Now we have Office Online Server 2016 to do this.

A few things before starting the migration:

The installation ISO can be found on the Volume License Servicing Center
Find "Office Professional Plus 2016" click "Download" select your language bit version and click "Continue", "Office Online Server x64" is listed under the Office 2016 Pro suite.
There is a serial listed, but i couldn't find where to enter it. (if you know let me know)

- .NET Framework 4.5.2
- Visual C++ Redistributable for Visual Studio 2015 (14.0.23026)

Run "Get-OfficeWebAppsFarm | FL internalurl,externalurl,certificatename" copy the output to a notepad file, you'll need this later.

Remove the Office web App Server from Skype for business, and the association within all the Skype for Business pools and publish the topology.

Uninstall "Microsoft Office Web Apps Server 2013"

Install Windows Identity Foundation 3.5 (Add Roles and Features > Features)

Install the Update for Universal C Runtime in Windows KB (https://support.microsoft.com/en-gb/kb/2999226)

Install the required features from an elevated PowerShell session:

Install-WindowsFeature Web-Server, Web-Mgmt-Tools, Web-Mgmt-Console, Web-WebServer, Web-Common-Http, Web-Default-Doc, Web-Static-Content, Web-Performance, Web-Stat-Compression, Web-Dyn-Compression, Web-Security, Web-Filtering, Web-Windows-Auth, Web-App-Dev, Web-Net-Ext45, Web-Asp-Net45, Web-ISAPI-Ext, Web-ISAPI-Filter, Web-Includes, InkandHandwritingServices, Windows-Identity-Foundation

Mount the ISO and run "Setup.exe", next, next, finish, you know the drill.

In an elevated PowerShell run:
New-OfficeWebAppsFarm -InternalURL "https://oos.domain.lan" -ExternalURL "https://oos.domain.com" -CertificateName "OOS_Cert"

To be on the safe side you could reboot the server, but in this case i didn't.

Go to the Skype for Business Topology Builder with elevated privileges.
Create a new "Office Web Apps Server" in Skype for Business.

Enter the FQDN of the Office Online Server and click OK.

Right click each pool you would like to associate with the OOS Server, and select Edit Properties. Associate the Office Online Server with the Skype for Business pool:

Publish the topology.
A few minutes after the Topology is published, be on the lookout for event IDs 41032 & 41034 on the Skype for Business Front End Server. These confirm that the discovery of the Office Online Server has been successful.

To manually check if the Office Online Server website is running check:

Https://localhost/hosting/discovery or Https://servername/hosting/discovery

Source 1

woensdag 31 augustus 2016

Exchange 2013 installing a CU, Schema update required or not?

This is some of those things you need to check before updating an Exchange environment every time a new CU gets put out.

Do i need to do a Schema update or not?

I came across this post from Rhoderick Milne,

Table Of Exchange 2013 Schema Versions

Exchange Version



MESO objectVersion

Organisation objectVersion

Exchange 2013 RTM15.00.0516.032151371323615449
Exchange 2013 CU115.00.0620.029152541323615614
Exchange 2013 CU215.00.0712.024152811323615688
Exchange 2013 CU315.00.0775.038152831323615763
Exchange 2013 SP115.00.0847.032152921323615844
Exchange 2013 CU515.00.0913.022153001323615870
Exchange 2013 CU615.00.0995.029153031323615965
Exchange 2013 CU715.00.1044.025153121323615965
Exchange 2013 CU815.00.1076.009153121323615965
Exchange 2013 CU915.00.1104.005153121323615965
Exchange 2013 CU1015.00.1130.007153121323616130
Exchange 2013 CU1115.00.1156.006153121323616130
Exchange 2013 CU1215.00.1178.004153121323616130
Exchange 2013 CU1315.00.1178.004153121323616130

TechNet documents the expected values for the various Exchange 2013 objects in AD.

Check back here when a new CU is released.

Another top tip from Rhoderick is to install .net 4.6.1 after installing the CU and having the machine rebooted.