Using SAMAccountName to Login to ADFS in Windows Server 2012R2/2016

When setting up Active Directory Federation Services (ADFS), by default it requires that users log in using their User Principal Name (UPN) or using DOMAIN\username. However this can be confusing to users, especially when you're in a single domain environment.

It took me way longer than it should have to figure out how to accomplish this. Hopefully this will help some folks find some more recent info than all the ADFS 2.0 stuff

Fixing Exchange 2010 WinRM MaxEnvelopeSize Exceeded Error

Once upon a time, I was trying to make a change to the allowed sender IP address list on our Exchange 2010 server. However every time I tried to add or remove an IP address, I received an error that looked very much like one of the below messages:

  • The WinRM client sent a request to the remote WS-Management service and was notified that the request size exceeded the configured MaxEnvelopeSize quota
  • The response that

How to Remove Home Folder Mapping for all AD Users

With so many businesses adopting Microsoft Office 365 or Google Apps for Work, users are now able to put more of their files in the cloud - thus replacing on-site server storage and user home directories. The below Powershell script will remove all user home folder mappings in Active Directory:

Get-AdUser -Filter * -Properties * | Foreach {
   Write-Host "- " $_.Name
   if ($_.HomeDrive -ne $null) {
    Write-Host -NoNewline "|-  Current home:" $_.HomeDrive "->"

Automatically Pull Old Computer Name with MDT Task Sequence

One of the biggest slowdowns when reimaging an entire lab of computers is the naming process in MDT. Of course, you could simply do a refresh deployment but often you just want to completely wipe everything on the machine and start fresh but also keep the same computer name.

This can easily be done using a UserExit.vbs script in just a couple steps.

  1. Open up your MDT deployment share and add the following two
Posted on
Tagged in windows , mdt

How to Write an Auto-Updater (for Adobe Flash)

In what is sure to be one of my least read posts, I'm going to share with you how to write an auto-updater for upgrading Adobe Flash.

But why on Earth would you want to write your own (other than because your boss told you to cough)? It comes with its own updater! Or you could use a tool such as PDQ Deploy or SCCM to deploy! Well if you have limited internet bandwidth, you

Event 8228 - SRMSVC Quick Fix

For some reason, a couple of our Server 2012R2 file servers randomly logging a bunch of Event 8228 SRMSVC warnings. Every 10 seconds, it logs a warning similar to this in the event log:

File Server Resource Manager was unable to access the following file or volume: '\\?\Volume{ed7228df-ce3e-11e4-8253-001018973e08}\System Volume Information\SRM\FciNrt.usn'. This file or volume might be locked by another application right now, or you might need to give Local

Posted on
Tagged in windows , fsrm

Stop Cryptolocker from Hitting Windows File Shares with FSRM

Imagine this - you have thousands of users across dozens of departments, all having their own set of file shares that are set up as mapped drives, and all users have full read/write access to their drives. Now a user gets infected with whatever variant of Cryptolocker is currently going around and starts encrypting all mapped drives...and no one realizes anything is amiss until the next morning when you find hundreds of gigs

Quick Tip: Allowing FSRM to Send Email via Exchange

Last week, I was working on configuring File Server Resource Manager (FSRM) on Windows Server 2008R2 but I noticed I wasn't getting any emails. Luckily there's a built-in "Send Test Email" button but it thru a less than helpful error:

Error Message

To find more details, I opened up the event viewer to see these details:

Error: IFsrmEmailExternal::SendMail, 0x8004531c, Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to