AD查詢4776 登入失敗的電腦 來源工作站錯誤

 在AD查看被鎖定的帳號，用id 4776去撈出登入出敗的訊息，要找出是在哪台電腦做登入行為的。

結果在來源工作站的資訊，是一台沒看到的電腦名稱，也ping不到，覺得很奇怪。

就想到之前遇到來源工作站是空白的問題，那時就繼續在事件檢視器裡去找NTLM的log，可以找到相關的訊息。

這次也想說去NTLM裡面找找，就找到了，在NTLM裡記錄的登入失敗log裡，除了來源工作站，還多了一個安全通道名稱，這邊顯示的才是正確的電腦名稱。

至於為啥來源工作站是一個奇怪的名稱，目前也不知原因。

When checking the locked accounts in Active Directory, I used ID 4776 to retrieve the information about failed logins in order to determine the workstation where the login attempts originated.

The result showed an error in the workstation information, indicating a computer name that I couldn't find or ping, which seemed unusual.

I recalled a previous encounter where the workstation information was blank, so I continued searching for NTLM logs in the Event Viewer, as they often contain relevant details.

This time, I decided to check the NTLM logs and successfully found the failed login log. In addition to the workstation information, there was also a security channel name recorded. The computer name displayed in this section was the correct one.

As for why the workstation information appeared as a strange name, I am currently unaware of the underlying reason.

win7 chrome 播放線上影片 有聲音沒畫面

最近發現在透過chrome看一些線上課程影片時，影片會有聲音沒畫面。

win10的電腦都沒問題，只有win7的電腦會有這種狀況，所以排除影片本身的問題。

後來才發現竟是chrome裡面設定造成的，在win7電腦中，需要把chrome裡面有一個硬體加速的功能關閉，影片的畫面才能正常顯示。

No Video but Sound when Playing Online Videos in Chrome on Windows 7

Recently, I noticed that when using Chrome to watch online course videos, there would be sound but no video playback. This issue was specific to computers running Windows 7, as there were no problems on Windows 10 machines. Therefore, I ruled out any problems with the videos themselves.

Later, I discovered that the issue was actually caused by a setting within Chrome. On the Windows 7 computers, it was necessary to disable a feature called hardware acceleration in Chrome to enable proper video playback.

Teams JavaScript error the specified procedure could no be found

 突然有幾台電腦的teams開啟都會有這個錯誤，無法使用。

重裝teams也沒用。

查了一下，原來是可轉發套件的問題，處理流程如下。

1. 移除teams，並把%appdata%底下teams相關的資料夾全刪除。

2. 移除電腦內所有的visual c++可轉發套件，然後重開機。

3. 安裝最新的2015to2022，visual c++可轉發套件。

4. 安裝teams。

之後就可以正常開啟了。

Teams JavaScript error: "The specified procedure could not be found."

Suddenly, several computers are experiencing this error when opening Teams, rendering it unusable.

Reinstalling Teams did not resolve the issue.

Upon investigation, it was discovered that the problem lies with the redistributable package. The following steps can be taken to address it:

Uninstall Teams and delete all related folders under "%appdata%".

Remove all Visual C++ redistributable packages from the computer and restart.

Install the latest version of the Visual C++ redistributable package (2015 to 2022).

Install Teams.

After following these steps, Teams should open without any errors.

OUTLOOK編輯郵件貼圖沒東西

 outlook在編輯郵件時，要直接把圖貼在內文中，但貼上後，就是空白沒東西。

有時後在郵件的預覽內文視窗，在上下滾動畫面時，畫面也會很頓。

後來有查到，就是WIN10的DPI設定。

就是在解析度的設定上面，還有一個百分比可以調整畫面上字型與項目的大小，如果設定是超過100%，像是125%或150%時，就會造成在編輯郵件時的一些問題，只要調成100%，就可以排除這個怪問題，很奇特的一個問題。

There is nothing in the image pasted in the email while editing it in Outlook.

Sometimes, when scrolling up and down in the preview pane of the Outlook, the screen becomes sluggish. Later, it was found that it is due to the DPI (Dots Per Inch) settings in Windows 10. In the display settings, there is a percentage that can be adjusted to change the size of fonts and items on the screen. If the setting is above 100%, such as 125% or 150%, it can cause issues when editing emails. By adjusting it to 100%, this strange issue can be resolved.

7zip 壓縮檔案指令

為了想要定期把一些檔案壓縮成一個檔案，所以就想到要用batch加排程的方式。

7zip有提供相關的指令可以做

指令如下，

7z a d:\backup[%DATE:~0,4%-%DATE:~5,2%-%DATE:~8,2%].7z  @d:\list.txt 

第一欄(7z) - 就是執行程式的名稱，最好是用完整路徑

第二欄(a) - 就是要壓縮的意思

第三欄(d:\xxx) - 就是壓縮檔的名稱，上面的範例是檔名會自動產生當天的日期，後面的副檔名也可以改用zip

第四欄(@:xxx) - @後面要接一個文字檔，這個文字檔裡就列出要壓縮的檔案存放的路徑，所以有3個不同資料夾的檔案要壓在一起，就把三個路徑分三行存在文字檔裡就行了。

以上就是batch檔的內容。

7zip File Compression Command

In order to periodically compress files into a single archive, I decided to use batch scripting along with scheduled tasks. Fortunately, 7zip provides relevant commands to achieve this.

The command is as follows:

7z a d:\backup[%DATE:~0,4%-%DATE:~5,2%-%DATE:~8,2%].7z @d:\list.txt

Here is a breakdown of the command:

The first field (7z) represents the name of the executable program. It is recommended to use the full path to the program.

The second field (a) indicates the action of compressing.

The third field (d:\xxx) specifies the name of the compressed file. In the example above, the file name will be automatically generated based on the current date. You can also change the file extension to .zip if desired.

The fourth field (@:xxx) specifies a text file. This text file contains the paths of the files to be compressed. So, if you have files from three different folders that need to be compressed together, you can list the three paths on separate lines in the text file.

The above instructions can be included in a batch file to automate the process.

發信通知AD帳號 密碼快到期的人

 windows系統內建的提醒實在太小了，就縮在右下角，而且預設兩週前會天天提醒，到剩一週後，就不會在顯示了，使用者早就忘了，所以需要一個比較顯示的提示。

 可以參考這個下列這個powershell，就可以執到此功能，裡面程式碼有夠多，但只要先把要搜尋的dc位置，mail server位置，管理者信箱這3個設定值，調成自己環境內的資訊，就可以執行測試了。

預設是測試模式，所以只會寄給管理者，測試ok後再關閉測試模式，通知信就會發給使用者了，不需要修改太多東西就可以用了，讚。

https://gist.github.com/meoso/3488ef8e9c77d2beccfd921f991faa64#file-example-com-password-expiration-notifications-ps1

Notifying Users of Expiring Passwords via Email in Active Directory

The default built-in password reminder in Windows is quite inconspicuous, residing in the bottom right corner. Additionally, it only displays reminders every day up to two weeks before the expiration date. Once there is only one week left, the reminder disappears, and users tend to forget about it. Therefore, a more prominent notification is needed.

You can refer to the following PowerShell script to achieve this functionality. Although the code may seem extensive, you only need to adjust three configuration values: the location of the domain controller (DC), the mail server, and the administrator's email address. Once you set them according to your environment, you can execute a test run.

By default, the script runs in test mode, sending notifications only to the administrator. After confirming that it works correctly, you can disable test mode, and the notifications will be sent to the users. It requires minimal modifications, making it easy to use.

You can find the PowerShell script at the following link:

https://gist.github.com/meoso/3488ef8e9c77d2beccfd921f991faa64#file-example-com-password-expiration-notifications-ps1

outlook 收件都變成純文字格式

 outlook正常的話，收進來的信會是html格式。

如果信突然都變成文字格式，就是設定被調到，改回來就行了，就在信任中心裡有個以純文字讀取所有標準郵件，取消就行了。

Outlook emails are appearing as plain text format.

In a normal Outlook setup, incoming emails are displayed in HTML format.

If suddenly all emails are appearing as plain text, it means that a setting has been changed. To revert back to the original format, follow these steps:

Open Outlook and go to the Trust Center.

Look for the option "Read all standard mail in plain text" within the Trust Center settings.

Uncheck this option to disable plain text reading for all standard emails.

Once you have made this change, Outlook will display emails in their original format again.

選擇權單賣 慘啊

 最近兩個月真的就是上下刷，做單賣當沖實在慘，一直打到停損，超累的。

還好都有控制好停損，至少都沒大賠。

linux 掛載 windows 共用資料夾

 有一台centos要把windows的file server內的其中一個資料夾掛載上去。

先在windows主機192.168.1.1上，建立一個掛載專用的本機帳號abc，設定好密碼123。

接著就在cenotos上，執行下列指令就行了。

mount -t cifs -o username=abc,password=123 //192.168.1.1/documents /mnt/winshare

Mounting a Windows shared folder on Linux.

To mount a specific folder from a Windows file server on a CentOS machine, follow these steps:

On the Windows host with the IP address 192.168.1.1, create a local user account "abc" specifically for the mounting purpose. Set the password for this account as "123".

On the CentOS machine, execute the following command:

mount -t cifs -o username=abc,password=123 //192.168.1.1/documents /mnt/winshare

Kaspersky Embedded Systems Security 病毒碼更新失敗 Error code: 0x02C2. Subsystem code: 0x4

有兩台裝有Kaspersky Embedded Systems Security3.0的主機病毒碼一直更新失敗，但還有四台都正常。

發信問廠商，回覆是說要做資料庫回溯，但做了也沒用，所以又給了另一個解法，就是升級到3.1。

如果升3.1才有用，那沒道理其他四台用3.0的都沒事啊，所以就覺得廠商的回覆蠻隨便的。

因為是server，也不能隨意重開機，所以就決定把防毒主程式重啟好了。

這版本比較鳥的是，沒有選項讓你直接關閉服務，要去裝kess console，然後裡面才有關閉跟啟用的服務。

重啟後，更新還是失敗，但再一次，就成功了。

原本的錯誤訊息如下

Internal task error occurred. Error code: 0x02C2. Subsystem code: 0x4 (General). For more details go to the Kaspersky Technical Support site: https://click.kaspersky.com/?hl=en-US&link=error&pid=wsee&version=11.0.0.0&error=B4X706X

Kaspersky Embedded Systems Security Virus Database Update Failure Error code: 0x02C2. Subsystem code: 0x4

We encountered issues with two hosts running Kaspersky Embedded Systems Security 3.0, as the virus database updates consistently failed. However, the other four hosts had no problems with the updates.

We reached out to the vendor for assistance, and they suggested performing a database rollback. Unfortunately, this solution did not resolve the issue. They then proposed upgrading to version 3.1 as an alternative resolution.

It seemed odd that only upgrading to 3.1 would solve the problem, considering the other four hosts running 3.0 were functioning fine. We found the vendor's response somewhat casual.

Since these were server systems, we couldn't simply restart them without careful consideration. Instead, we decided to restart the antivirus main service.

One drawback of this version is that it lacks an option to directly disable the service. Instead, we had to install the Kaspersky Endpoint Security for Business console, where we found options to enable and disable services.

After restarting the service, the update initially failed again, but upon a subsequent attempt, it succeeded.

The original error message received was as follows:

"Internal task error occurred. Error code: 0x02C2. Subsystem code: 0x4 (General). For more details, please visit the Kaspersky Technical Support site: https://click.kaspersky.com/?hl=en-US&link=error&pid=wsee&version=11.0.0.0&error=B4X706X"