Known Folder Move is a “new” functionality in OneDrive that enables you to seamlessly recreate the same user experience across multiple devices .
Expecially useful in a Windows Virtual Desktop / VDI environment, it automatically syncs all the “Known Folders” (Desktop, Documents, Pictures etc.) when a user logs in.
To enable it via Registry Editor you’ll first have to get your tenant ID. Find it here under “Directory ID”:
To cancel a reservation you have to have specific permissions on the reservation order. The permissions are not inherited from the subscription, so… contact who created the reservation (or just open a ticket with the Azure Engineers).
Once you have the right account, (or you’ve been given the permissions) go to the reservations tab in the Azure Portal. It’s best to have at least a couple of people who have permissions on the resource. To get to the reservations tab follow the link below:
Project Freta is a newly announced offer from Microsoft, which aims at discovering any malware or rootkit running on Linux systems, by conducting memory forensic analysis automatically. The analysis is conducted at no cost and is very easy to extrapolate the data, democratizing the forensic process.
Project Freta was designed and built with survivor bias at its core. It is a security project designed from first principles to drive the cost of sensor evasion as high as possible and in many cases render evasion technically infeasible.
At the moment there are more than 4,000 supported kernel versions.
The process is very useful because the malware cannot “hide” himself, since the image processing system is non-intrusive to the VM, giving analysts a complete view on what’s running and potentially bad for the server.
The supported memory images formats are the following:
vmrs
lime
core
raw
The memory can be captured using various tools, such as:
vmss2core (VMware)
Hyper-V Manager
AVML
The tool works by analyzing an image uploaded on the cloud. Once the image has been acquired, you can let the program scan it.
The move resources request contains resources like “*OsDisk*” that are being backed up as part of a Azure Backup job. Browse the link https://aka.ms/vmbackupmove for information
If you encounter this error check if the VM’s backup is stopped. If it’s stopped you need to remove the istant snapshot that has been created by the system:
Find the location of your virtual machine.
Find a resource group with the following naming pattern: AzureBackupRG_<location of your VM>_1. For example, AzureBackupRG_westus2_1
In the Azure portal, check Show hidden types.
Find the resource with type Microsoft.Compute/restorePointCollections that has the naming pattern AzureBackup_<name of your VM that you're trying to move>_###########.
Delete this resource. This operation deletes only the instant recovery points, not the backed-up data in the vault.
After the delete operation is complete, you can move your virtual machine.
If you encounter this error while creating a new VM from the host pool wizard, try following these suggestions to solve the issue, or at least drill down on the problem:
Check whether you can resolve your domain from your VNET
Check what DNS Servers are configured on your VNET, correct accordingly (follow this guide: Change VNet DNS Servers)
Check if you have permissions to join the domain using the credentials you provided
Check if the specified credentials are correct
Check if the domain to join (and the OU), specified in the wizard, is correct (parameters in the JSON: domainToJoin, ouPath, existingDomainUPN, existingDomainPassword).
Try to join a VM to the domain from the same network and subnet
If all the above are met, you should be able to join the VM successfully to the domain. If not, at least you should have more context to further troubleshoot the issue.
To scan the servers / PCs using the MAP Toolkit, you will need an AD user with administrative privileges on all the components to scan.
This will be enough if you need a report of what’s installed on a series of servers/clients, their roles, and all “local” related queries, or basic AD queries.
For Exchange related queries, you will need an Exchange Admin or Domain Admin. Please refer to the following TechNet page for the full requirements:
Requirements: i. Log Analytics workspace ii. Azure Automation Account
From the Log Analytics Workspace, click Connect a data source Save the Workspace ID and Workspace key Install the agent on the server, providing the Workspace ID and Key found in the workspace
Go into the automation account, then from the left into update management Enable update management on the VM by clicking on “Click to manage machines”
You can then see the missing updates and create an update deployment
Please allow up to 24hrs for all the servers to show up (it usually takes about an hour)
Here are some common troubleshooting steps that can be used if you are experiencing issues with OneDrive:
Exit the OneDrive Desktop App and open it again
Check for Disk space in the local PC. Check if the storage quota on OneDrive has been reached
Check if the file path has exceeded the 255 characters quota or the 15 GB quota
Right click the OneDrive icon, then go under Settings, Office and deselect “Use Office to sync Offices files that i open”. Save, exit, then enable it again.
Reset OneDrive using the following command. No data will be lost: %localappdata%\Microsoft\OneDrive\onedrive.exe /reset
If after the reset you don’t see any folder listed as synchronized on the device start the synchronization again from SharePoint. After you synchronize the first one the others will pop back up in the synchronized folders tab.
Azvise 