顯示具有 Microsoft 標籤的文章。 顯示所有文章
顯示具有 Microsoft 標籤的文章。 顯示所有文章

2024/01/23

EDGE開啟pdf檔直接另存

 有時後用EDGE在瀏覽網頁時,看到一些PDF檔,EDGE可以直接顯示,不用另存成PDF檔,再用 PDF reader開啟。

如果希望直接存在PDF檔,不要在EDGE中直接開啟,可以調整機碼來達行。

機碼位置如下,如果沒有的話,可以自行手動新增,設定好要重開機才會生效。



Sometimes, when browsing web pages using EDGE, you may come across PDF files that EDGE can display directly without the need to save them as PDF files and then open them with a PDF reader.

If you prefer to save the PDF file directly instead of opening it in EDGE, you can adjust the registry to achieve this.

If you cannot find this registry entry, you can manually add it yourself and ensure that the changes take effect after restarting your computer.



2024/01/19

WIN10 安裝framework 3.5失敗 0X800F0954

 win10在裝framework 3.5一直失敗,錯誤代碼是 0X800F0954 。

有人說要去HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ 裡面調機碼,把UseWUServer的值改成0。

但發現自己的電腦裡並沒有這個機碼,所以就手動新增,設定好重開機,就可以成功安裝。



Windows 10 fails to install Framework 3.5, and the error code is 0X800F0954.

Some suggest modifying the registry key at HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\ by changing the value of UseWUServer to 0.

However, it was found that the registry key was not present on the computer, so it was manually added. After configuring and restarting, the installation was successful.



2024/01/05

WINDOWS複製資料夾 包含權限

 如果要把A資料夾整個完整複製,包含裡面的權限跟所有資料,然後名稱變成B資料夾。

而且B資料夾本身的權限必須跟A資料夾相同,可以使用robocopy這個內建指令。

執行指令前要確認B資料夾不存在,再執行指令。

指令: robocopy D:\A D:\B /E /COPYALL



If you want to completely copy the entire A folder, including its permissions and all data inside, and rename it to B folder, you can use the built-in command robocopy.

Ensure that the B folder does not exist before executing the command.

Command: robocopy D:\A D:\B /E /COPYALL

2024/01/03

WINDOWS 檔案總管內點選檔案時速度很慢

使用者反應,他在檔案總管裡,開啟一個pdf檔案時很正常,然後再點其他pdf檔案後,檔案不會馬上開啟,要等個幾十秒,他認為是程式有問題。

把程式重新安裝後,還是一樣,後來發現在檔案總管內,是有開啟預覽窗格的功能,如果這個功能關閉,連續開啟不同檔案時,就不會有緩慢的問題了。




User feedback indicates that when he opens a PDF file in File Explorer, it works fine. However, when he tries to open another PDF file after that, the file doesn't open immediately; instead, it takes several seconds. He believes there is an issue with the program.

Even after reinstalling the program, the problem persists. Later, it was discovered that within File Explorer, there is a feature to open a preview pane. When this feature is disabled, there is no longer a delay issue when opening different files consecutively.

2023/11/28

無法使用IP連線共用資料夾 錯誤訊息 0x80004005

 某台win2012的電腦使用本機登入,要連到一個共用資料夾。

使用 \\電腦名稱\ 連線,會跳出帳號密碼驗證,接著輸入 網域\使用者帳號 做登入,沒問題。

但使用 \\IP\ 連線,會跳出帳號密碼驗證,接著輸入 網域\使用者帳號 做登入,會跳錯誤,代碼是 0x80004005。

查了網路上一些方法,改機碼,改gpedit安全性都沒用。

後來是會跳出帳號密碼驗證時,輸入 使用者帳號@網域,就成功了,很特別的狀況。


A Windows 2012 computer logged in locally attempts to connect to a shared folder.

When connecting to \\HostName\, a username and password prompt appears. Entering Domain\Username works without issue.

However, when connecting to \\IP\, a username and password prompt appears. Entering Domain\Username results in an error code of 0x80004005.

After trying some methods found online, such as changing registry keys and Group Policy security, the issue was not resolved.

Finally, entering Username@Domain at the username and password prompt resolved the issue.


2023/11/21

Edge用IE模式開網頁出現錯誤訊息 "Internet Explorer 已修改這網頁以協助防止跨網站指令碼攻擊"

 



在透過Edge的IE模式開啟某個內部網頁時,無法正常顯示內容,下方出現"Internet Explorer 已修改這網頁以協助防止跨網站指令碼攻擊"的錯誤訊息。
這時就到控制台裡的網際網路選項,在安全性裡面,找到這個網頁所屬的區域,開啟自訂層級,在裡面找到啟用xss篩選器,把它停用就行了。



When opening an internal web page in IE mode of Edge, the content cannot be displayed normally. The error message "Internet Explorer has modified this page to help prevent cross-site scripting attacks" appears below.

At this time, go to the Internet Options in Control Panel, find the area to which this page belongs in Security, open the Custom Level, find Enable XSS Filter, and disable it.



2023/10/06

Word插入物件出現錯誤-此物件是使用程式Acrobat建立。您的電腦並未安裝此程式

 在WORD程式內,透過插入物件的功能,要插入一個PDF檔,卻跳出"此物件是使用程式Acrobat建立。您的電腦並未安裝此程式......請安裝Acrobat或確定已關閉Acrobat中任何的對話"



先確認PDF檔都是可直接用Acrobat PDF Reader開啟,WORD試著插入EXCEL物件也正常。

所以就決定先重裝Acrobat PDF Reader,結果就解決問題了。


When trying to insert a PDF file into a Word document using the "Insert Object" function, the following error message appears: "This object was created using the Acrobat program. This program is not installed on your computer. Please install Acrobat or make sure that all Acrobat dialog boxes are closed."

I confirmed that the PDF files could be opened directly using Acrobat Reader. I also tried inserting an Excel object into a Word document, and that worked fine.

Based on these findings, I decided to reinstall Acrobat Reader. After doing so, the problem was resolved.

2023/08/24

GPO佈署EDGE IE瀏覽模式突然失效 被略過

原本有透過GPO在使用者的電腦,佈署EDGE政策,讓EDGE在開啟一些特定網頁時,會啟用IE瀏覽模式。

但這兩天開始有電腦的IE瀏覽模式沒被啟用,查看GPO確定是有套用沒錯,所以不是GPO的問題。

開啟EDGE查看設定,發現套用的政策被略過了,但只有少數人有這個狀況。


查了一下才知道是因為EDGE最近升級後,有一些改變。
如果使用者在EDGE裡登入了私人帳號,GPO佈署的政策就會被略過,只要登出帳號,就會恢愎正常了。



Originally, we deployed EDGE policies via GPO on users' computers to enable IE browsing mode when opening certain websites.


However, in the past two days, some computers have failed to enable IE browsing mode. After checking the GPO, we confirmed that it is being applied correctly. Therefore, the issue is not with the GPO.


When we opened EDGE and checked the settings, we found that the applied policies were being ignored. However, this was only happening for a small number of users.


After some investigation, we learned that this is because EDGE was recently updated. If a user is logged in to a personal account in EDGE, the policies deployed via GPO will be ignored. Simply logging out of the account will restore normal behavior.


2023/08/07

windows 使用batch 指令匯出dhcp lease位址租用紀錄

 如果是windows2012,powershell 4.0裡面有get-dhcp的指令把DHCP目前租用IP的清單做匯出。

但在windows2008,powershell 1.0沒這個指令,不想升級powershell,可以用netsh來完成,指令如下:


@echo off

netsh dhcp server scope 172.16.11.0 show clients > "%DATE:~0,4%%DATE:~5,2%%DATE:~8,2%_dhcp_clients.txt"

exit

指令會把172.16.11.0這個領域的IP租用匯出到txt中,檔名是會以當天的日期呈現。

如果要把每個領域都匯出,就把指令重覆貼上,改掉scope後面的領域IP就行了。



If you are using Windows 2012, PowerShell 4.0 includes the get-dhcp command to export a list of currently leased IP addresses from DHCP.

However, in Windows 2008, PowerShell 1.0 does not have this command. If you do not want to upgrade PowerShell, you can use netsh to complete the task. The command is as follows:

@echo off

netsh dhcp server scope 172.16.11.0 show clients > "%DATE:~0,4%%DATE:~5,2%%DATE:~8,2%_dhcp_clients.txt"

exit

This command will export the IP leases for the 172.16.11.0 scope to a text file. The file name will be in the format of YYYYMMDD_dhcp_clients.txt.

To export leases for all scopes, simply copy and paste the command, and change the scope IP address after scope.

2023/06/04

FreeFileSync 同步檔案時出現 sync.ffs_lock的相關錯誤 code error 5: Access refuse [create file]

 在win2019透過freefilesync要把遠端win2003的檔案同步過來本機的時後,有些資料夾都會出現錯誤,內容都是在本機端的資料夾中 sync.ffs_lock有錯誤, code error 5: Access refuse [create file]。

照字面上的意思應該就是同步的過程程式要產生一個sync檔,但無法建立。

可是我在本機端自己建立檔案時,都沒什麼異狀,就覺得很怪。

後來就手動用複製貼上檔案的方式,發現有時後會跳出錯誤訊息,大概就是說沒有權限,要用系統管理者執行之類的,可是我就是用本機管理者帳號在執行啊。

這時突然想到,那執行freefilesync時,要用系統管理者身份去執行,有三四個在同步會跳錯誤的資料夾,就通通都沒問題了。


When using FreeFileSync on Windows Server 2019 to sync files from a remote Windows Server 2003 to the local machine, some folders encounter errors. The error message states that there is an issue with the "sync.ffs_lock" file in the local folder, with error code 5: Access refused [create file].

According to the literal meaning of the error, it seems that the sync process is unable to create the "sync" file.

However, I noticed that there were no issues when manually creating files on the local machine, which struck me as odd.

Later, while manually copying and pasting files, I encountered occasional error messages indicating a lack of permission and suggesting the need for administrator privileges. However, I was already using the local administrator account to perform the operation.

At this point, it occurred to me that when running FreeFileSync, it should be executed with administrator privileges. When I ran the program as an administrator, the folders that were previously causing errors during synchronization, about three or four of them, synced without any problems.

2023/05/25

查詢DHCP IP的發送記錄

 如果想查詢近期DHCP server 的IP發送給哪一台主機,可以用下列方式查詢。

先開啟DHCP的管理工具,在server名稱按下滑鼠右鍵,選擇內容。 


接著就可以看到資料庫的路徑,進到該路徑後,就可以看到近期每天DHCP的發送記錄。



To determine which host was assigned a specific IP address by the DHCP server, you can follow these steps:

  1. Open the DHCP management tool.
  2. Right-click on the server name and select "Properties."
  3. In the properties window, you will find the database path.
  4. Navigate to the specified path, and you will be able to view the DHCP lease history for each day.
Note: Please note that the exact steps may vary depending on the DHCP management tool you are using and the version of Windows Server.

2023/05/24

chrome 部署自動清除cookie 設定

透過chrome登入某些網站後,都會產生cookie,下次在登入時,就可以不用輸入帳密就登入了,像是spotify,teams等等的網站。

但有時後卻希望網頁關閉,這些cookie就清除掉,避免下一次登入又自動使用上一次的帳密登入。

chrome的設定裡有一個清除cookie的功能,但這會清除所有的cookie,沒辦法只清除特定網站的cookie,也不太方便。






如果希望某網站的cookie在網頁關閉後清除,其實有另一個地方可以設定。
一律在視窗關閉時清除 Cookie這邊就可以把要自動清除cookie的網站加入就行了。





如果公司裡電腦很多台,要一台一台設定太麻煩了。
可以去下載chrome的adm檔(https://enterprise.google.com/chrome/chrome-browser/#download)
然後在群組原則管理工具中,新建一個gpo,先把chrome的adm新增到系統管理範本中,就可以看到裡面有google chrome的設定可以做部署。
在"將來自相符網址的cookie限制在目前的工作階段中",把網址加入,之後使用者開啟這些網站,只要關掉chrome,cookie就會刪除,不保留。


To enhance and translate the content provided:

When logging into certain websites using Chrome, cookies are generated. These cookies allow subsequent logins without the need to enter the username and password again. Websites like Spotify, Teams, and others utilize this feature.

However, there are times when you may prefer to clear these cookies upon closing the webpages to avoid automatically using the previous login credentials during the next login.

Chrome's settings include a cookie-clearing function, but it clears all cookies and lacks the ability to selectively remove cookies from specific websites, which can be inconvenient.

If you wish to automatically clear cookies from a particular website upon closing the webpage, there is another way to configure this setting. You can choose to "Clear cookies and site data when you quit Chrome" by adding the desired websites to this option.

If there are multiple computers within your company, individually configuring the settings on each one can be tedious. You can download the Chrome ADM template from (https://enterprise.google.com/chrome/chrome-browser/#download).

Next, in the Group Policy Management tool, create a new GPO and add the Chrome ADM file to the Administrative Templates section. This will allow you to see the available Google Chrome settings for deployment.

Under the "Limit cookies from sites that match the following URL" option, add the website URLs. Once users open these websites, closing Chrome will automatically delete the cookies, ensuring they are not retained.




2023/04/24

網域DC時間錯誤造成client電腦時間也錯了

 一台虛擬機DC的時間被設定成與底層hyperv系統同步,結果與正確的時間差了一分多鐘。

PDC的時間是正確的,所以並不是所有client電腦的時間都錯了,就看是抓到哪台DC做時間同步。

時間錯誤的DC一開始就直接用NTPCLOCK這個小工具調整成對的時間,但沒多久又變回錯的時間,在該伺服器執行"w32tm /query /configuration",有看到有一區"VMICTimeProvider"的設定,enable=1,這就是設定成與底層hyperv系統同步的地方。

直接找到HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider ,把enable改成0就好,不用重開機,然後在用NTPCLOCK調成正確時間就行了。

Client端如果不想等重開機做時間同步的話,可以下指令直接強制同步。

要用系統管理員執行cmd,然後輸入 w32tm /resync就可以開始同步了,時間不會馬上就變正確的,而且會慢慢的縮小與正確時間的差距,所以要等一下。

可以開啟client的時鐘,如果是client的時間是比較慢,就會發現秒數有時後會跳的比較快,然後慢慢跟上正確的時間。



Domain Controller Time Error Causing Incorrect Client Computer Time

The time of a virtual machine Domain Controller (DC) was initially set to synchronize with the underlying Hyper-V system, but it ended up being more than a minute off from the correct time.

The time displayed on PDC files was accurate, indicating that not all client computers had incorrect time settings. It depended on which DC the clients synchronized their time with.

Initially, the DC with the time error was adjusted using a small utility called NTPCLOCK to set the correct time. However, after a short while, it reverted back to the incorrect time. When running the command "w32tm /query /configuration" on the server, the configuration showed a section called "VMICTimeProvider" with enable=1, indicating synchronization with the underlying Hyper-V system.

To resolve this, the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider was located, and the "enable" value was changed to 0. There was no need to restart the server. Afterward, the correct time could be set using NTPCLOCK.

For client computers that didn't want to wait for a reboot to synchronize their time, a command could be executed to force synchronization. By running cmd as an administrator and entering "w32tm /resync," the synchronization process would begin. The time wouldn't immediately become correct but would gradually narrow the gap with the accurate time. Patience was required.

Observing the client's clock, if the client's time was slower, one would notice that the seconds occasionally jumped ahead and slowly caught up with the correct time.

2023/03/17

OPENVAS(GVM)進行弱點掃描會造成網域帳號被鎖住

在使用 OPENVAS對內部電腦進行弱點掃描,發現一個問題,就是會造成一些AD帳號因輸入太多次錯號密碼被鎖住。

個人猜測是在做掃描時,可能會隨便找一些帳號做登入測試,剛好有人的帳號就是一樣的,所以就被鎖了。

帳號被鎖,可以參考下列這個網站的教學,來查是哪一台設備在在做登入驗證的行為。

https://evotec.xyz/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out/


OPENVAS(GVM) Vulnerability Scanning Causing Domain Account Lockouts

During the use of OPENVAS for vulnerability scanning on internal computers, I encountered an issue where it resulted in some AD accounts getting locked due to multiple incorrect password attempts. My personal speculation is that during the scanning process, the tool may attempt to log in using random accounts, and if there happens to be a match with a valid account, it leads to the account being locked.

To determine the source of the account lockouts, you can refer to the tutorial provided on the following website. It explains how to track down the device responsible for the login authentication attempts:

https://evotec.xyz/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out/

2022/12/29

WIN10 在EDGE 用IE模式開網頁

 有些網頁必須要用IE才能正常顯示,如果透過EDGE,就要啟用裡面的IE模式才行。

可以直接在EDGE設定中加入要用IE模式開起的網頁,但這有個缺點,要一台一台做,而且還有期限,預設30天,最長可以改到90天,不適合在公司裡這樣設定。



這時就可以用GPO來佈署,步驟如下:

1. 確認GPO裡有EDGE設定,因為DC都是2012版的,所以要自己下載ADMX檔來增加EDGE功能,方式可參考 https://www.anoopcnair.com/download-microsoft-edge-admx-group-policy-templates/

2. GPO裡有EDGE設定後,要啟用兩個設定

設定企業模式網站清單-這個先設定好檔案路徑跟檔名,例如

C:\ielist.xml,這個檔案在第3步會產生。

再來是要啟用設定InternetExplorer整合



3. 安裝Enterprise Mode Site List Manager,透過這個檔案把要用IE模式開啟的網站建成一個xml的清單,取名成ielist.xml,派送到使用者電腦C槽中,跟第2步GPO裡的設定配合。清單的設定方式一樣網路上很多教學,可參考https://www.anoopcnair.com/configure-enterprise-mode-site-list-using-intune/
4.上述都設定好後,GPO佈署下去就ok了。
當用EDGE開啟IE模式的網站,看一下網址例左邊有出現一樣IE的檔案,就表示現在已在IE模式下執行,設定成功。

機碼的位置可參考這篇
https://admx.help/?Category=EdgeChromium&Policy=Microsoft.Policies.Edge::InternetExplorerIntegrationLevel&Language=zh-tw


Using IE Mode to Open Websites in EDGE on Windows 10

Some websites require Internet Explorer (IE) to be displayed correctly. If you're using EDGE, you can enable the built-in IE mode to access these websites. While you can manually add websites to open in IE mode within EDGE settings, this method has its drawbacks. It requires configuring each device individually and has a time limit, typically set to 30 days (extendable up to 90 days), which is not ideal for company-wide settings.

To address this, you can deploy the settings using Group Policy Objects (GPO) with the following steps:

1.Ensure that the GPO includes the EDGE settings. Since the domain controllers are running the 2012 version, you'll need to download the ADMX files to add EDGE functionality. You can refer to the following link for the process: link to download ADMX files.

2.Once the EDGE settings are available in the GPO, enable two specific settings:

3.Configure the Enterprise Mode Site List: Set the file path and name, for example, C:\ielist.xml. This file will be generated in the next step.
Enable the Internet Explorer Integration setting.
Install the Enterprise Mode Site List Manager. Using this tool, create an XML list named ielist.xml that contains the websites to be opened in IE mode. Place the file in the C:\ directory of users' computers and align it with the settings from step 2. There are various tutorials available online on how to configure the list. You can refer to this link: link to configure Enterprise Mode Site List using Intune.

4.Once all the settings are configured, deploy the GPO to the desired devices.

To verify if a website is opened in IE mode using EDGE, check the URL. If you see the IE file icon on the left side, it indicates that the website is being accessed in IE mode, confirming the successful configuration.




2022/11/21

AD查詢4776 登入失敗的電腦 來源工作站錯誤

 在AD查看被鎖定的帳號,用id 4776去撈出登入出敗的訊息,要找出是在哪台電腦做登入行為的。

結果在來源工作站的資訊,是一台沒看到的電腦名稱,也ping不到,覺得很奇怪。

就想到之前遇到來源工作站是空白的問題,那時就繼續在事件檢視器裡去找NTLM的log,可以找到相關的訊息。

這次也想說去NTLM裡面找找,就找到了,在NTLM裡記錄的登入失敗log裡,除了來源工作站,還多了一個安全通道名稱,這邊顯示的才是正確的電腦名稱。

至於為啥來源工作站是一個奇怪的名稱,目前也不知原因。


When checking the locked accounts in Active Directory, I used ID 4776 to retrieve the information about failed logins in order to determine the workstation where the login attempts originated.

The result showed an error in the workstation information, indicating a computer name that I couldn't find or ping, which seemed unusual.

I recalled a previous encounter where the workstation information was blank, so I continued searching for NTLM logs in the Event Viewer, as they often contain relevant details.

This time, I decided to check the NTLM logs and successfully found the failed login log. In addition to the workstation information, there was also a security channel name recorded. The computer name displayed in this section was the correct one.

As for why the workstation information appeared as a strange name, I am currently unaware of the underlying reason.

2022/11/04

Teams JavaScript error the specified procedure could no be found

 突然有幾台電腦的teams開啟都會有這個錯誤,無法使用。









重裝teams也沒用。

查了一下,原來是可轉發套件的問題,處理流程如下。

1. 移除teams,並把%appdata%底下teams相關的資料夾全刪除。

2. 移除電腦內所有的visual c++可轉發套件,然後重開機。

3. 安裝最新的2015to2022,visual c++可轉發套件。

4. 安裝teams。

之後就可以正常開啟了。


Teams JavaScript error: "The specified procedure could not be found."

Suddenly, several computers are experiencing this error when opening Teams, rendering it unusable.

Reinstalling Teams did not resolve the issue.

Upon investigation, it was discovered that the problem lies with the redistributable package. The following steps can be taken to address it:

Uninstall Teams and delete all related folders under "%appdata%".

Remove all Visual C++ redistributable packages from the computer and restart.

Install the latest version of the Visual C++ redistributable package (2015 to 2022).

Install Teams.

After following these steps, Teams should open without any errors.


2022/11/03

OUTLOOK編輯郵件貼圖沒東西

 outlook在編輯郵件時,要直接把圖貼在內文中,但貼上後,就是空白沒東西。

有時後在郵件的預覽內文視窗,在上下滾動畫面時,畫面也會很頓。

後來有查到,就是WIN10的DPI設定。

就是在解析度的設定上面,還有一個百分比可以調整畫面上字型與項目的大小,如果設定是超過100%,像是125%或150%時,就會造成在編輯郵件時的一些問題,只要調成100%,就可以排除這個怪問題,很奇特的一個問題。



There is nothing in the image pasted in the email while editing it in Outlook.

Sometimes, when scrolling up and down in the preview pane of the Outlook, the screen becomes sluggish. Later, it was found that it is due to the DPI (Dots Per Inch) settings in Windows 10. In the display settings, there is a percentage that can be adjusted to change the size of fonts and items on the screen. If the setting is above 100%, such as 125% or 150%, it can cause issues when editing emails. By adjusting it to 100%, this strange issue can be resolved.

2022/10/19

發信通知AD帳號 密碼快到期的人

 windows系統內建的提醒實在太小了,就縮在右下角,而且預設兩週前會天天提醒,到剩一週後,就不會在顯示了,使用者早就忘了,所以需要一個比較顯示的提示。

 可以參考這個下列這個powershell,就可以執到此功能,裡面程式碼有夠多,但只要先把要搜尋的dc位置,mail server位置,管理者信箱這3個設定值,調成自己環境內的資訊,就可以執行測試了。

預設是測試模式,所以只會寄給管理者,測試ok後再關閉測試模式,通知信就會發給使用者了,不需要修改太多東西就可以用了,讚。

https://gist.github.com/meoso/3488ef8e9c77d2beccfd921f991faa64#file-example-com-password-expiration-notifications-ps1



Notifying Users of Expiring Passwords via Email in Active Directory

The default built-in password reminder in Windows is quite inconspicuous, residing in the bottom right corner. Additionally, it only displays reminders every day up to two weeks before the expiration date. Once there is only one week left, the reminder disappears, and users tend to forget about it. Therefore, a more prominent notification is needed.

You can refer to the following PowerShell script to achieve this functionality. Although the code may seem extensive, you only need to adjust three configuration values: the location of the domain controller (DC), the mail server, and the administrator's email address. Once you set them according to your environment, you can execute a test run.

By default, the script runs in test mode, sending notifications only to the administrator. After confirming that it works correctly, you can disable test mode, and the notifications will be sent to the users. It requires minimal modifications, making it easy to use.

You can find the PowerShell script at the following link:

https://gist.github.com/meoso/3488ef8e9c77d2beccfd921f991faa64#file-example-com-password-expiration-notifications-ps1

2022/07/11

Teams 登入失敗 Error Code caa20002

 突然多位user的Teams登入失敗,錯誤代碼都是caa20002。

這些登入失敗的電腦,都是win7,但又不是每一台win7都有這個問題,有點奇怪。

後來找了幾台不同的電腦測試後,才發現原因。

主要是因為IE的關係,要IE11才能正常登入Teams程式,其他比較低階的版本,都會失敗。

很討厭的問題,因為錯誤訊息根本跟IE沒關係,很難查原因。


Teams Login Failure with Error Code caa20002

Multiple users suddenly encountered login failures in Teams, with the error code caa20002.

Interestingly, these login issues were observed on computers running Windows 7, but not every Windows 7 device was affected, which seemed puzzling.

After conducting tests on several different computers, the root cause was identified.

The problem primarily stemmed from Internet Explorer (IE) compatibility. Teams application requires IE11 to function properly, and lower versions of IE would result in login failures.

This issue was frustrating because the error message provided no indication of an IE-related problem, making it difficult to identify the cause.