I have my computer connected to Microsoft MDM InTune. I need to get with powershell, wmi or any other tool, the current device synced account.
I'm trying to use wmi with this class: "ROOT\CIMV2\mdm\dmmap:MDM_ActiveSync_User_Accounts01_01", but there is no instance.
How can I achieve this?
Related
first I want to state that I am a novice when it comes to code/programming. Also, I have a Mac (that runs Catalina, if that matters).
This is my first time posting to this forum, so please forgive any missteps in protocol...
Here's some background info to my question:
I have Microsoft 365 for Business and I use Teams. I'm a small business and I'm the owner and administrator. I need to be able to share externally with anyone. I have changed the settings in SharePoint admin and OneDrive admin to be able to share externally. Look here to see an example of what I have done, and the problem: https://techcommunity.microsoft.com/t5/onedrive-for-business/share-with-anyone-with-the-link-setting-is-grey-out-why/m-p/810390
Even after allowing for external sharing, the sharing options are still greyed-out. But this is not my question. I know how to fix it; as it says in the above link, I need to enable sharing in Powershell via set-sposite "siteurl" -sharingcapability ExternalUserAndGuestSharing
After some research, I found that there is a Microsoft Pwsh for Mac. I downloaded Homebrew, Microsoft PowerShell and Azure. (I also have Node.js, if that matters.) Here is a screenshot of my terminal (I hid any identifying information...):
terminal screenshot
As you can see, I get this error: Connect-SPOService -Url https://<organization name here>admin.sharepoint.com Connect-SPOService: The term 'Connect-SPOService' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
I contacted Microsoft and had a technician with me on the phone trying to troubleshoot their way into my SPOService on my Mac using Homebrew in order to fix the greyed-out "share with anyone" option. We were unsuccessful. At the moment, I do have access to a Windows computer, and I was able to enter my SPOService on that Windows computer and resolve the problem. However, for each new SharePoint site I create and want to share externally, I will need to repeat this process (at least, this is what the technician told me). I will not always have access to a Windows computer, therefore I need to be able to enter my SPOService on my Macbook.
Are there any workarounds? Is there an SPOService powershell for Mac? If I have the pswh for Microsoft, why won't it let me into sharepoint?
Thank you in advance for any assistance
First, I can still not rename the domain, but I can help you with a general SharePoint update. It does not work either in Azure or on Mac OX X.
If you like to check, repeat the following steps on your computer setup, assuming you don't use a Windows Computer.
Check the availability of SharePoint
Get-Module -Name Microsoft.Online.SharePoint.PowerShell -ListAvailable | Select Name,Version
Install the module if missing
On a mac with the name of your user directory
Import-Module /Users/username/.local/share/powershell/Modules Microsoft.Online.SharePoint.PowerShell -Verbose
On Azure Powershell
Import-Module Microsoft.Online.SharePoint.PowerShell -Verbose
You get a PowerShell via a one-month Test-Subscription.
Prepare your Admin URL
$AdminCenterURL="https://name_you_used_during_first_setup-admin.sharepoint.com"
Make sure you add "-admin" at the end of your domain name. You received this when you signed up. It is not the domain name you can use for your subscription later; it's, unfortunately, how Microsoft decided to implement it. Therefore, changing from Mac or Azure is not possible.
Connect to your side
Connect-SPOService -Url $AdminCenterURL -Credential (Get-Credential)
And now it will fail with
Connect-SPOService: The type initializer for 'Microsoft.Win32.Registry' threw an exception.
Unfortunately, after exchanging many emails with Microsoft, I could not resolve this with the Support desk. However, the error seems to be known.
I wrote this note to allow others to save valuable time so that somebody would not waste his time if they tried to resolve it as I tried.
If like me, you are stuck with renaming the initial SharePoint subdomain, you currently have the following options.
Buy a Windows PC with a License or install a VM with a MS Windows trial license
Buy an Enterprise License, and use the Beta functionality.
Delete your subscription, but then you might lose the active licenses and the work you have put in already. But you can re-register, and this time put the name into the subscription, which you like to see as a subdomain of SharePoint. But you lose all work put in, in the first place.
I am using windows Os in my office. this is my network administrator policy that every body have SMB open and RDP access.
I want to know who and when accessed my PC via RDP or smb share.
Can i find this log in my windows event log?
Is there any GUI based tools that i can analyze access logs?
I am not advanced user, is there any simple tool to log analyzing in windows?
Best regard.
Can i find this log in my windows event log?
Yes you can ... go take a look at Operational for RDP logs
Computer management->Event Viewer->Applications and Services Logs->Microsoft->TerminalServices-LocalSessionManager->Operational
For SMB-Connections take a look here https://superuser.com/questions/1181937/find-events-for-connections-to-a-shared-drive-in-the-windows-event-log
Summary
I'm developing firmware and a PC test application for a custom USB device, using the STM32F072 Discovery board. The device includes Microsoft Windows Compatible IDs (WCIDs) to enable automatic installation of the WinUSB driver on the PC.
The device is enumerated correctly on other Windows 10 hosts, but not on my Windows 10 development PC. My development PC had previously tried to enumerate the device when it had the same VID/PID combo, but with different descriptors/metadata. If I change the PID to some other number (new to my development PC), it does enumerate correctly.
Questions
How can I get this to work with my desired VID/PID combo on my development PC?
Is Windows caching USB metadata the cause of the failed enumeration on this one PC?
What are best practices on the (Windows) PC-side for testing/development of USB device firmware, during the stage when device descriptors and metadata are in flux? Is it possible to avoid chewing up PIDs just to avoid the Windows caching?
Details
Because of the way Windows caches USB descriptors and the like from previous enumerations, during firmware development, I was incrementing the device Product ID (PID) in the firmware after each time I made other changes, to ensure that Windows wasn't caching things from previous iterations of the descriptors, and messing up stuff that would otherwise work.
Now I've gotten the device to enumerate successfully on Windows 7, 8, and 10 PCs as a WinUSB device, and I've established communication. But when I change the firmware back to using the VID/PID that I started with, and then connect the device to my development PC, it shows up in Device Manager under "Other devices" with an error icon. I think this is because my (Windows 10) development PC previously had seen this VID/PID combo as having different descriptors, so it's getting confused by some bad cached stuff.
I've tried using regedit to delete the device's registry keys under HKLM\SYSTEM\CurrentControlSet\Enum\USB\VID_xxxx&PID_yyyy, but the problem persists. (Also, I get an error, because it can't delete the VID_xxxx&PID_yyyy\zzzzzzzzzzzzz\Properties subfolders.) I also tried using USBDeview to uninstall old iterations of the device, but that hasn't made a difference either.
Also of note is that I can no longer pass the device through to Virtual Box virtual machines. I'm not sure what happened there.
Try removing any relevant registry keys of the form:
HLKM\SYSTEM\CurrentControlSet\Control\UsbFlags\vvvvpppprrrrr
The MSDN article Microsoft OS Descriptors for USB Devices says:
The operating system creates a registry entry, named osvc, under this registry key that indicates whether the device supports Microsoft OS Descriptors. If the device does not provide a valid response the first time that the operating system queries it for a Microsoft OS String Descriptor, the operating system will make no further requests for that descriptor.
I know the OP has resolved his issues, but for future reference for anyone else having this problem: I had similar issues while developing a USB device with a vendor-specific class. Specifically, (similar to your experience) I was unable to delete the keys from:
HKLM\SYSTEM\CurrentControlSet\Enum\USB\VID_xxxx&PID_yyyy,
so I had to increment the PID every time I modified my device code.
The reason why these keys can't be deleted is that the Properties registry subfolder is owned by the System user, so even running as Administrator you can't delete this subfolder nor change its permissions.
Running Regedit via PsExec (which is part of the SysInternals suite from Mark Russinovich) from an elevated command prompt with: psexec -s -i regedit.exe runs regedit as System user, which means you can delete that pesky Properties subfolder and the parent VID_xxxx&PID_yyyy keys.
I'm confronted with the same issue and uninstalling the device did not help.
Messing around with the registry makes me feel uneasy.
I still don't see a real answer to question #3.
What worked in my case: open device manager, select the non-working device and do "update driver". Select the driver manually from the list of locally available (Microsoft) drivers.
This did not solve all my problems but at least Windows does not ignore my device anymore and I can continue developing.
EDIT: I found a very helpful description on a github project named WCID Devices by Pete Batard. I strongly recommend reading the section Implementation and the following on this page WCID Devices
there are tools for removing hidden traces of USB devices like USBOblivion http://www.thewindowsclub.com/usboblivion-remove-usb-traces-windows , USBDeview,...
sources of USBOblivion are here: https://sourceforge.net/projects/usboblivion/ (https://www.openhub.net/p/usboblivion)
http://www.techerator.com/2010/05/how-to-remove-hidden-duplicate-copies-of-usb-device-drivers-in-windows/
To Remove TrustedInstaller Owned Registry Keys
Unfortunately the old PsExec trick of running RegEdit doesn't always work. In that case try to use:
ExecTI - Run as TrustedInstaller
Run it to open the ExecTI GUI and enter: C:\Windows\regedit.exe
To repair file and registry permissions
You can also try using the very old tool: subinacl.exe
Example:
subinacl.exe /subkeyreg HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\Enum\USB\VID_0000&PID_0002\
Further described here. And has been shown to still work on Win10.
Is it possible at all to obtain WMI information (within C#.NET) from an external source such as a hard drive with a Windows installation on?
I ask this because I'm making an automated diagnostic utility for A-Level Computing, and there are often times when the remote machine may not boot, so a host machine needs to connect somehow to the faulty machine to exchange information.
If this isn't possible, do you know any way in which I can achieve this effect (e.g. by booting into a minimal operating system such as Hiren's Boot and running the .NET application)
No you can't, to access the WMI the Windows OS and the WMI Service must be running in the remote machine.
You would have to wake the machine, WMI is a service, if it isnt running then you cant Query it.
I'm looking for a way to obtain information similar to the following console applications, remotely:
net use
net share
netstat -ano
However, I need to be able to do this without running a 3rd party application on the system. This effectively rules out using psexec to execute the command remotely, because psexec would then be installed as a service.
I should add that I have administrative credentials on the remote system. I've considered using WMI's remote execution ability, but that requires me to write output to a file and then retrieve it. It's possible, but I'd like to know if anyone has a better way.
I am using Delphi 2010.
there are a couple Delphi WMI components that allow remote access. I have not used the remote options personally though.
MagWmi - http://www.magsys.co.uk/delphi/magwmi.asp (Delphi 2010 support, and free with source)
WMISet/NTSet - http://www.online-admin.com/ntset.html (TNTShare
Manages shared resources on a local computer and remote hosts. Using this component you can change list of shared devices, see files that have been opened by remote users, watch and terminate remote sessions opened to the destination computer, change list of mapped network drives. It is not free.)
GLibWMI - Found at Torry.net, home page not available. (Delphi 2010 support and Freeware with source). Not sure if its capable of remote access. I have not used it.
Hope this helps
I think the same as Logman.
You can access this information using WMI.
GLibWMI components can be found on this website (http://neftali.clubdelphi.com) or sourceforge (http://sourceforge.net/projects/glibwmi/).
The current version is 1.8b and has a component called SharedInfo with which you can get that information.
The source code is available so you can expand it to access other WMI classes if necessary.
Regards.
P.D: Sorry for my mistakes with english.
You can enumerate shares using the NetShareEnum function (headers are in the Jedi Apilib).
I assume there must be an api for the "net use" but I have never used it (check the WNet functions). Alternative is to use the EnumNetworkDrives method of the WshNetwork com object.
As for netstat I don't think it's possible to do that remotely (other than using some kind of method to spawn a process remotely).