Author Archive

This could be due to CredSSP encryption oracle remediation – RDP to Windows 10 pro host

Following Windows security updates in May 2018, when attempting to RDP to a Windows 10 Pro workstation the following error message is displayed after successfully entering user credentials:

An authentication error occurred. The function requested is not supported.

This could be due to CredSSP encryption oracle remediation


enter image description here


just add regedit with following below, after that reboot and try again

Categories: Windows Client

Scripting to prepare migration user gmail to o365

February 25, 2017 1 comment

a few days ago I got the project to implement migration from google to o365 incude mailbox and onedrive online, we have done migration data mailbox using third party, but this post i dont want to discuss how to migration the data from google to o365 but I want to share step by step to migration the users using scripting while users will be moved to o365

just for information we have to change the domain from to

  1. Create forwarding users in gmail to forward users o365, here i dont have script to enable forwarding in gmail because i dont have experience in gmail
  2. Remove-MailContact -Identity “” -confirm:$false previously we create all contact in gmail because for this implementation we didnt migration big bang, so we have migration for partial users,
  3. set-aduser “deby” -clear msexchhidefromaddresslists we need to clear exchange address list in proxy SMTP address because we will create new smtp proxy address will be defined
  4. Get-Aduser -identity “deby” | Set-aduser -Clear Proxyaddresses yes we need step to clear proxy addres
  5. Get-Aduser -identity “deby” | Set-aduser -add @{proxyaddresses = “”} we need add SMTP proxy address will be defined
  6. Running delta azure AD Connect, because primary address SMTP on active directory need sync to o365
  7. Set-MsolUserPrincipalName -UserPrincipalName “” -NewUserPrincipalName “” we need to change UPN existing from to
  8. Get-Aduser -identity “deby” | Set-aduser -add @{proxyaddresses = “”}  we need add additional SMTP previously to be secondary SMTP address to o365
Categories: Office 365

AD RMS Troubleshooting: Reset the Client (MSIPC)

February 23, 2017 Leave a comment

In the course of troubleshooting the MSIPC rights management it may be beneficial to reset the client. The reset process removes the pertinent registry settings and files. This reset applies to the logged on user. Other users on the same machine are not reset.

The steps are as follows.

  1. Exit running Office applications.
  2. Delete existing registry entries.
  3. Clear existing licenses, GICs (RACs), and etc.
  4. Reproduce the issue.

NOTE: Feel free to export the DRM registry key before deleting it. Moving the entire MSIPC directory to another location or renaming it may be done instead of deleting it.

Delete the RMS registry settings for the user.

  1. Open regedit.exe.
  2. Navigate to HKCU\Software\Microsoft\Office\XXX\Common\DRM.
    XXX is the current Office version. 15.0 is Office 2013, 16.0 is Office 2016. There may be multiple versions listed (which is normal). Picking the highest is usually the correct one.

    1. Delete the DefaultServer and DefaultServerURL values.
  3. Navigate to HKCU\Software\Classes\Local Settings\Software\Microsoft\MSIPC.
    Note: this step resets the template distribution settings to default.

    1. Delete the <Server name> key that corresponds with desired RMS server/cluster.

Clear the existing licenses, GICs (RACs), and etc.

  1. Use one of the following methods to open the user MSIPC directory.
    1. Open a command prompt and enter the following commands.
      1. Cd %localappdata%
      2. Start . (the command is the word Start followed by a “period” and the enter key.
    2. In the “Search programs and files” dialog type %localappdata%
  2. In the AppData\Local directory navigate to the Microsoft directory.
  3. Delete the MSIPC directory.

NOTE: The CLC*.drm file may be too long for either Explorer or the command prompt to delete. Explorer reports a “destination path too long” error and the command prompt says “the file name or extension is too long.” In this case we may use robocopy.exe to move the MSIPC directory to another location.
I created a C:\Temp directory and used the following command.
robocopy “C:\Temp” %localappdata%\Microsoft\MSIPC /mir


Using the start menu to navigate to the MSIPC directory

Sample contents of the MSIPC directory for the curious.


Categories: EMS, Windows Client

How to uninstall windows intune client

February 23, 2017 Leave a comment

It is not possible to uninstall the Windows Intune client from Programs and Features (for obvious reasons). Step by Step Guide describes how to do this.

There are 3 methods:

  1. Intune Administrator console – “retire the device”.
  1. Command line on the device
  • Open an admin command prompt
  • Navigate to C:\Program Files\Microsoft\OnlineManagement\Common
  • Run “ProvisioningUtil /UninstallAgents /WindowsIntune”

This will create a scheduled task and shortly uninstall all the agents.

3. Download and run the Microsoft uninstall script



Categories: EMS, Windows Client

Azure Active Directory Connect Export profile error: stopped-server-down.

Kloud Blog

Originally posted on Lucian’s blog over at

Follow Lucian on Twitter @LucianFrango.

A couple of weeks ago I deployed Azure AD Connect in production. It was a relatively smooth process. The wizard did most of the work which was great. There was a few hiccups (blog post) along the way, which, in most cases is expected if the problems are not so serious.

Fast forward to my second install of the latest and greatest sync service for Azure AD and Office 365 cloud identities and we have problem no. 2. This time, though, I can say that the process ran through allot smoother. There was no real errors. Things were looking straight great and I was looking at my next task with some enthusiasm.

However, come 8.30ish this morning and going over the AADConnect server once more for peace of mind, I had noticed that the…

View original post 442 more words

Categories: Windows Client

Moving resource Mailbox on premises to O365

Open Powershell Windows Azure

Type Credential and input username and password o365


Type for session Exchange Online

PS C:\Windows\system32> $session = New-PSSession -ConfigurationName -ConnectionUri -Credential $cred -Authentication basic -AllowRedirection

Import Session Exchange Online

PS C:\Windows\system32> Import-PSSession $session

Type Credential for administrator Exchange onpremises with the format domain/username

PS C:\Windows\system32> $onpremadmin = Get-Credential

run moving resource mailbox
Identity = Name room Mailbox
Remotehostname = name URL External OWA onpremises
Remote Credential = Credential onpremises

PS C:\Windows\system32> New-MoveRequest -Identity ruang.rapat -Remote -RemoteHostName -TargetDeliveryDomain -RemoteCredential $onpremadmin -SuspendWhenReadyToComplete -AcceptLargeDataLoss -BadItemLimit 100 -BatchName ruang.rapat

Check Status moving request

PS C:\Windows\system32> Get-MoveRequest -Identity ruang.rapat

if the status detail has autosuspend please continue to moving resource mailbox

PS C:\Windows\system32> Resume-MoveRequest -Identity ruang.rapat


Categories: Lync




set a send/receive message size limit of 150MB for new mailboxes when they are created. The mailbox plan can be updated with that new setting as follows.


Get information exisiting setting mailbox user for message limited send and receive


modify all of your mailboxes you can pipe Get-Mailbox into Set-Mailbox as follows.


To modify a single mailbox we can simply run Set-Mailbox as follows.



Categories: Office 365