Here’s how to activate two free guest virtual machine licenses

Download and install Windows Window Server 2022 ISO for your guest VMs. Once isntalled you’re going to have an evaluation version of the operating system.

Make sure all Windows Updates are installed so that all components are available.

Open up elevated command prompt or PowerShell window and run these commands:

slmgr.vbs /upk                  To remove uninstall the current product key.

slmgr.vbs /cpky                To remove the current product key from registry.

slmgr.vbs /ipk Key from the COA Label that came with the server    This installs the product key. Refer to the image below for Syntax.

Two commands which will change the Evaluation copy to OEM with activation.

Dism /Online /Get-CurrentEdition              This Display current version as Evaluation

Dism /Online /set-edition:ServerStandard /ProductKey:”xxxxx-xxxxx-xxxxx-xxxxx-xxxxx” /AcceptEula    This will take care of the activation.

Finally, run:

slmgr.vbs /xpr                   To confirm the expiration date of the license you have just activated.

Alternatively, run the following commands to activate guest VMs:

slmgr /upk   “to uninstall the old license key”
slmgr /ipk <product key>   ” to install the new license key”
slmgr /ato   “to activate the newly install key with MicroSoft”

These commands are used with full version OS installs

dism /Online /Set-Edition:<target edition> /ProductKey:<product key> /AcceptEULA is used to convert eval copies of the OS to full and activate.

The post How to activate two free VM guest licenses on Server 2022 Standard running Hyper-V appeared first on Kontech IT Services.

By now, you have likely discovered that UniFi WI-FI isn’t quite a plug and play solution and it always requires optimizing controller settings to achieve best WI-FI experience.

Now, since every network is different and there are different use cases, density of clients, some settings may not be applicable to all.

Below are outlined general best practices to optimize performance on your Ubiquity WI-FI networks.

On WLANs greater than three WAPs, typically one should disable some of 2.4 GHz radios to reduce crosstalk/Co-Channel interference (CCI)

Always perform RF Environment scans when installing WAPs and set channels manually (never Auto)

For 2GHZ use channels: 1, 6, 11 on adjecent WAPs to eliminate overlap

For 5GHz use: 36, 40, 44, 48, 149, 153, 157, 161 – recommended to use 40MHz, if use 80MHz, available non-overlapping channels are: 36 and 149 or 48 and 161

Do not use DFS channels

Channel width: 20Mhz, 40mhz, 80mhz (more airtime, more noise, more interference), when using higher channel width, the number of available channels goes DOWN

Settings – services – Uplink connectivity monitor – Off

Automatic upgrade AP firmware – Off

Auto Optimize Network – Off

Wireless Networks – Fast Roaming – Off

Multicast and Broadcast Filtering – Off

High Performance Devices – Off

Power – Auto or Low

YMMV

802.11 Rate and Beacon Controls – 6mbps for 2GHz and 9-12Mbps for 5GHz

Disable CCK Rates (1/2/5/11 Mbps)

The post Unifi WI-FI Best Practices appeared first on Kontech IT Services.

Namely, the issue appears to be impacting printers from Kyocera, Ricoh, Brother and Zebra, among others. After the latest KB5000802 update is installed, according to Microsoft, Windows 10 users can experience “an issue that might cause a blue screen when attempting to print to certain printers using some apps and might generate the error, APC_INDEX_MISMATCH for win32kfull.sys“” The error appears to be related to a mismatched driver and happens when printing from Windows apps.

How to fix the BOD errors cases by win32kfull.sys crashes when printing

To uninstall the KB5000802 or KB5000808 updates for printing to work correctly again.

If you are affected by the printing bug, you can uninstall the Windows 10 KB5000802 cumulative update by closing applications and opening an elevated command prompt. At the command prompt, type in the following command:

wusa /uninstall /kb:5000802

To uninstall the Windows 10 KB5000808 cumulative update, use this command instead:

wusa /uninstall /kb:5000808

Microsoft has released  the cumulative updates containing the fix published as optional updates so they will not be installed automatically via Windows Update.

To install the updates manually, you have will have to open Windows Update and ‘Check for updates.’ You’ll then be able to directly click a link to download and install the update or go to the ‘Optional updates available’ area and pick it from the list.

Alternatively, Microsoft has released out-of-band non-security updates to fix a known Windows 10 problem causing blue screens when printing to network printers after installing the March 2021 cumulative updates. They can be downloaded manually from the Microsoft Catalog using the following links:

• KB5001567 for Win10 v2004/20H2
• KB5001566 for Win10 v1909
• KB5001568 for Win10 v1809 enterprise/education/LTSC 2019
• KB5001565 for Win10 v1803 enterprise/education

After installing this update, Windows 10, version 2004 will be updated to build 19041.868 and Windows 10, version 20H2 to build 19042.868.

The post Windows Update causing blue screen of death errors with Widows 10 printers appeared first on Kontech IT Services.

While we are still at the onset of 2021 let’s make sure disabling of deprecated security protocol is on the top of our new year’s resolutions list. If you’ve already done it, you can focus on losing those extra pounds…

Why should you care?

First, the problem with insecure TLS protocols is so real and serious that the National Security Agency (NSA) has released a guide for eliminating obsolete Transport Layer Security configurations along with recommended TLS configurations, and remediation recommendations for the public. Here’s the link to the 6-pager guide.

Secondly, if TLS 1.0 and 1.1 are still enabled on your network, it will very likely throw red flags and cause compliance issues for cybersecurity insurance carriers.

Thirdly, the reasons for not allowing old TLS protocols are very much valid and worthy today. If you still do not know why, comply, and just disable those protocols. Period.

Here are several tools that will help you get where you need to be.

Free

Nartac IIS Crypto is a free tool  https://www.nartac.com/Products/IISCrypto

Qualys free tool https://www.ssllabs.com/ssltest/

Free browser check https://www.ssllabs.com/index.html

Guide for Windows servers https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/manage-ssl-protocols-in-ad-fs

Paid

Tenable Nessus, paid for with free trial https://www.tenable.com/products

Rapid7 Nexpose, paid for with 30-day trial https://www.rapid7.com/products/nexpose/

It is strongly recommended that vulnerability scans against perimeter and internal networks are performed regularly by cyber security vendor.

Disable SSL v2, v3, TLS v1.0, 1.1 and enforce TLS 1.2 and TLS 1.3 only. Plus implement only strong ciphers and algorithms.

To recap, make certain all your users and vendors are using TLS 1.2, 1.3 and their ciphers correlate with supported ciphers or it may hinder communication and/or cause blocking of all access inadvertently.

The post Rid of Old Transport Layer Security (TLS) Protocol Configurations Today appeared first on Kontech IT Services.

Controller running on Cloud Key G2, firmware re2.0.24 , network version: 6.0.43 appears to have lost all configuration overnight. Whether accessed locally or via cloud the controller configuration is missing – no devices, no clients, etc..

Interestingly, the LCD display of the cloud key (UCKG2) displays all devices and clients currently online. Again, zero devices and clients are reported in controller’s GUI as if the key weren’t communicating with the software.

This coincides with hardening access to Unifi account: password changes and enabling MFA due to recent security UniFi security breach debacle. Multiple attempts to restore from any available backups (via controller software) do not seem to work. The system keeps reverting to clean slate after every restore attempt.

Factory reset fixes it. Of course, if you have no backup you’re SOL. Very annoying…

As usual, gotta arm yourself with a lot of patience to deal with ubiquitous (pun intended) corks of the Ubiquity software or get a commercial grade WI-FI system like Aruba, Meraki or Ruckus, swallow that price tag and focus your resources on more important things, like cybersecurity.

The post UniFi – No devices Found – Everything is Great! appeared first on Kontech IT Services.

Zero Trust approach is here to stay

As organizations rely more on remote computing and remote access, they are compelled to look at, adopt and implement Zero Trust models. The premise is breach is inevitable. It assumes breach and verifies each authentication request to access data as though it originates from an untrusted network.

Ransomware remains prevalent and its vectors are ever evolving

One of the main driving forces behind most cyber-attacks is still monetization. As long as attackers continue to get paid by victims to get their sensitive data back or systems unlocked the vicious circle perpetuates and they only get more creative with new vectors of attack.

Focus of cyber attacks on MSPs/MSSPs and their systems

As seen recently, especially with the high-profile and unprecedented breach of SolarWinds cyber criminals are honing in on breaking into systems and tools like RMMs utilized by Managed Service and Managed Security Service providers. The stakes are high as treasure troves of valuable customer’s data are to be had. Ask your provider how they guard your information today. Don’t get comfortable and complacent because they have implemented multi-factor authentication (MFA). The hackers bypassed MFA solution utilized by SolarWinds after all.

End of VPN?

As Zero Trust models are espoused it becomes apparent that VPN approaches are unwieldy to manage and pose significant risks. This in turn, makes CASB and cloud-native tools and solutions ever more attractive to organizations. A Cloud access security broker, or CASB, is cloud-hosted software or on-premises software/hardware that act as an intermediary between users and cloud service providers.

An increase in cyber attacks against remote work infrastructure.

As organizations scramble to deploy organization-wide technology solutions and to support remote workforce in a pinch, they often leave themselves vulnerable. Therefore, attackers are expected to target areas like VPNs and collaboration applications that are in high use and under increased scrutiny from security perspective. The remote devices and remote users are often left outside the scope and perimeter of corporate security.

Social engineering attacks are leveraged

As phishing has evolved over the years—from generic (Nigerian prince types) to personalized emails (spear phishing), to context-aware methods that are scarily realistic. Criminals get creative and emboldened by leveraging video or audio recordings to impersonate important figures at an organization to gain access to critical data and valuable assets.

The usual suspects – targeting known exploits and unpatched systems

Hackers will continue to utilize more tried and well known, vulnerabilities being targeted for exploitation, along with less targeted attacks using bleeding-edge vulnerabilities due to the ease of using known exploits. Addressing vulnerabilities timely is just as important as ever and that includes patching of all endpoints. Attackers persevere to find a device on your network that is exploitable through an unpatched, but patchable, vulnerability. It only takes one to wreak havoc! So, keep ‘em all updated.

Get cyber insurance policy

Cyber insurance has been gaining traction over the years and will continue its trajectory as the occurrence of cyber incidents only rises. With this trend, insurance companies and their actuaries come up with numerous stipulations on what or how much cyber-insurance policy covers as a result of a ransomware incident or alike. Naturally, the insured will have to provide the proof they have implemented preventive measures and they adhere to industry standards and best practices to protect their assets.

2021 may very well be another consequential year in cybersecurity

In 2021, IT budgets will likely be strained by growing and evolving needs, especially for deploying remote access technology solutions with less focus on comprehensive cybersecurity strategy.  As workforce gets dispersed across remote locations, shadow IT will increase while investment in security decreases. This can lead to breaches from missing patches, misconfigurations, and improper cyber hygiene. Exacerbated by ubiquitous onslaughts of ransomware, the 2021 is expected to bring more security breaches and exploits leading up to the new highs in number of losses.

The post 2021 top cybersecurity trends appeared first on Kontech IT Services.

If you have been using multifactor authentication in Microsoft account for a while, you have likely encountered app password. Its sole purpose has been to secure devices and apps that do not support two step authentications (via Microsoft Authenticator app). This includes Outlook desktop app, mail apps for iOS, Android, Xbox 360 to name a few.

It is a long, random string of alphanumeric characters that gets generated as a separate app password for each Microsoft service or device that does not support two-step verification codes. Since it’s a one-time type of setup, once you’ve configured your devices with app password, you can stash it way in a safe place.

If you have attempted to set up new email profile in Outlook recently and have not been able to get past the initial attention phase, no matter how many times you triple checked you credentials – read on.

It turns out Microsoft has phased out app password recently (a couple of months back) and many users with MFA enabled may have gotten caught off-guard. When adding a new Outlook profile, you get caught in a vicious circle without any meaningful feedback. You may get a message box stating that “an encrypted connection to mail server is not available” and “We’re sorry, we couldn’t set up your account automatically…” Manual set up will not work either.

If you attempt to sing in to you Microsoft account you notice that  Security & Privacy section has been updated and notably Additional security verification, where app password section used to reside under is now GONE.

The fix is to have Exchange admin to enable Modern Authentication for Outlook.

What is Modern Authentication?            

Modern Authentication brings Active Directory Authentication Library (ADAL)-based sign-in to Office client apps across platforms. It enables sign-in features such as Multi-Factor Authentication (MFA), SAML-based third-party Identity Providers with Office client applications, smart card and certificate-based authentication, and it removes the need for Outlook to use the basic authentication protocol.  

Here’s how to enable Modern Authentication: Log on as admin (with Global Administrator role)– launchpad – Admin – Show All – Settings – Org settings.

Under Services tab, choose Modern authentication, and in the Modern authentication pane, make sure Enable Modern authentication is selected. Choose Save changes.

Now, you will be setup Outlook profile using the same password you log on to Microsoft account with. MFA authentication is still in force, whether be authenticator app or Text code option.

The post Missing app password and Modern Authentication. appeared first on Kontech IT Services.

In the wake of the pandemic and stagnant travel business, many hotel chains creatively pitch daytime room reservations to protect their bottom line. They try to allure WFH guest by offering sterile, distraction-free work environment, away from so called home offices and free and fast WI-FI.

How it’s done?

Hackers are poised to steal personal data and take over hotel guests’ laptops/phones by means of an “evil twin attack”. They install and create an alternative WAP and wireless network that mimic the name of the hotel’s real WI-FI service. Once the unsuspecting victims unknowingly connect to the malicious WI-FI and stay connected for the work hours, unexpected things can take place behind the scenes.

How to protect yourself?

If you intend to use hotel offered setting to do telecommuting work and are concerned about security risks, you can do the following:

• do not connect to hotel WI-FI at all and use your own mobile hotspot or mobile data card instead
• take advantage of VPN to encrypt any sensitive data transferred from/to your device
• always make sure to keep security updates and patches current on your computer equipment
• consult with the hotel staff about specific of connecting to their WI-FI i.e. captive portal details, security options to ensure you’re connecting to the right WI-FI

How to tell if you got hacked?

So one can tell of their laptop or smartphone may have been compromised after being connected to hotel’s WI-FI? Per FBI there is a number telltale signs to watch out for:

• laptop / mobile device starts to run slowly or erratically
• apps are launching on their own
• increased pop-up ads and website redirections while browsing the web
• computer running hotter than usual and battery lifespan decreases
• cursor moving “on its own”
• an increase of unwanted emails, text messages and/or calls

While these symptoms may appear obvious they can be easily ignored or missed as one is immersed in their work.

The post Do Not Use Hotel Offered WI-FI appeared first on Kontech IT Services.

Unfortunately, the said 1 TB limit isn’t visible in UI. No administrative interface exists either to allow tenant administrators to see the state of large archive mailboxes or receive warnings through Office 365 admin portal.

When a user within-place archive gets this message: ‘Your archive mailbox is almost full’ you can remedy it by enabling Auto-Expanding Archive via PowerShell. Here’s the steps:

1. Connect to Exchange Online PowerShell (run as admin)

Import-Module ExchangeOnlineManagement

$UserCredential = Get-Credential

Connect-ExchangeOnline -Credential $UserCredential -ShowProgress $true

2. Run the following command in Exchange Online PowerShell to enable auto-expanding archiving for a specific user. 

Enable-Mailbox jdoe@domain.net -AutoExpandingArchive

3. Verify that auto-expanding archiving is enabled

Get-Mailbox jdoe@domain.net | FL AutoExpandingArchiveEnabled

Note: The storage quota for the user’s primary archive mailbox is increased by 10 GB (from 100 GB to 110 GB). The archive warning quota is also increased by 10 GB (from 90 GB to 100 GB).

At the same time the storage quota for the Recoverable Items folder in the user’s primary mailbox is increased by 10 GB (also from 100 GB to 110 GB). The Recoverable Items warning quota is also increased by 10 GB (from 90 GB to 100 GB). These changes are applicable only if the mailbox in on hold or assigned to a retention policy.

The post How to enable and manage unlimited archiving in Exchange Online appeared first on Kontech IT Services.

So, you have transitioned your office into makeshift full-time remote workplace. While you may not realize, it is a band aid solution.

OK, but it only needs to work for a little while, and then you can pick up where you left off and resume the previously working network-security status quo…

Not so fast. Experts say we should not expect to resume business until sometime in 2021 at the earliest. Even then, remote computing is to remain at its prevalence for many organizations.   

It is time to shift from a “Band-Aid” mindset to a boundless cybersecurity mindset. Your long-term remote workforce strategy can be realized by:

Securing and re-architecting your fragmented and  distributed networks with a cost-effective platform

Protecting your organization from the explosion of exposure points and new risks from remote workforces

Thwarting known and unknown cyber threats that rapidly change to target the latest vulnerabilities

Get ready to pull off the “band aid” and ask us to help you devise a security strategy that offers the simplicity, reliability, and cost-effectiveness your business needs to face the uncertain future.

The post Reevaluate and reformulate your long-term security strategy appeared first on Kontech IT Services.