www.butsch.ch

CRUNCH Deployment DLP | Data Loss Prevention ENS | Endpoint Security Exchange 2010 Exchange 2013 Exchange 2016 Exchange 2019 FW Fortigate FW Sophos Intunes M365 - Exchange Online Mcafee/Trellix Microsoft Exchange Microsoft SCCM,MEM,MDT Microsoft Server OS MSME | Security for Exchange Scripting SECURITY Server 2016 Server 2022 [21H2/22H2/32H2] TIE/ATD/ATP | Sandbox - Advanced Threat Protection Tools we made VMWare W10

CRLcheck.exe Certificate Revocation List Check Tool to verify all CRL and OCSP on Windows client

23.03.2024 admin

CRLcheck.exe Certificate Revocation List Check Tool to automatic verify CRL and OCSP internet reachability of all your EXE files that your client runs. Over the past 20 years, I have personally witnessed how Certificate Revocation on Windows systems is often underestimated, even within large enterprises. This issue significantly affects both client and server […]

EPO | ePolicy Orchestrator Mcafee/Trellix SQL

Mcafee/Trellix EPO 5.10 SP1 Update 2, LDAP Sync Save Agent Settings FAILS/Stalls Bug

12.03.2024 admin

Mcafee/Trellix EPO 5.10 SP1 Update 2, LDAP Sync Save Agent Settings FAILS/Stalls Bug Do not add, change, or modify Organizational Units (OUs) in Active Directory where you sync via LDAP. You won’t be able to change the LDAP Sync settings in EPO 5.10 SP1 UPD. We have just wasted a full morning on a bug […]

Exchange 2013 M365,AZURE,INTUNE

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Exchange server version is out-of-date

04.03.2024 admin

Microsoft M365 O365 EXO throttles Exchange 2013 in HYBRID Mode, Queue is growing SMTP ERROR: Connecting Exchange server version is out-of-date Since December 2023, Microsoft has been throttling or blocking on-premises Exchange 2013 servers that are in Hybrid Mode, connecting to their cloud environment. Even if 99% of the mailboxes are already in the […]

Exchange 2007 M365,AZURE,INTUNE

Unable to delete Exchange Mailbox DSID-03152d1c, problem 4003 INSUFF_ACCESS_RIGHTS

29.02.2024 admin

ERROR: You want to delete a Exchange MAILBOX of a user. The user account is decativated. Crypt error: 0000005: SecErr: DSID-03152d1c, problem 4003 (INSUFF_ACCESS_RIGHTS), data 0 This is because a local normal employee user has the ADMINSholder/adminCount flags set to 1/true. (Which is not good in Domain Environments) This is because the Active […]

Exchange 2016 Exchange 2019 M365 - Exchange Online

Enable Extended Protection for OS 2016 and Exchange 2016 (on-premises, no hybrid, no DAG) sample all steps explained

22.02.2024 admin

Here you will find all steps to protect from CVE-2024-21410 Exchange Leak. This sample handels and standlaone Exchange 2016 running on Server 2016. The customer has no DAG (Cluster), He is NOT in Hybrid Mode Classic or Modern (He has no CLOUD connection), all latest 02/2024 Windows Updates are installed, the latest CU for […]

Server 2022 [21H2/22H2/32H2] VMWare

Managing external time server NTP on Microsoft Server DC and Vmware ESX in Switzerland

31.01.2024 admin

Managing Windows Time Service: A Comprehensive Guide The Windows Time service (W32Time) plays a crucial role in synchronizing the date and time for all computers managed by Active Directory Domain Services (AD DS). This article delves into the tools and settings used to effectively manage the Windows Time service. Default Synchronization By default, […]

Deployment Intunes M365,AZURE,INTUNE Scripting

INTUNES-MEM: 32 or 64-bit Runtime and Registry Hive explained (WOW6432Node)

27.01.2024 admin

The normal Intunes Agent that is running on a Windows 10/11 64-bit OS is a 32-bit Agent. INTUNES-MEM: 32 or 64-bit Runtime and Registry Hive explained (WOW6432Node) Short sample why you maybe landed here…. What is the problem that we often see: A Win32APP with import_registry.cmd or import_registry.ps1 is run via Intunes. Before deployment […]

ENS | Endpoint Security EPO | ePolicy Orchestrator Mcafee/Trellix SECURITY

Mcafee Trellix, GetSusp.exe EPO Version reports back to EPO Dashboard

23.01.2024 admin

With EPO 5.10 on a fresh install, you have GetSusp.exe in both 32-bit and 64-bit versions in the Master if you perform an automatic product check-in. You can easily run the small tool GETSUPS.exe (command line/GUI standalone scanner) via EPO. I am not sure if I missed it because I never use the […]

EPO | ePolicy Orchestrator Mcafee/Trellix TIE/ATD/ATP | Sandbox - Advanced Threat Protection

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express

23.01.2024 admin

Trellix EPO 5.10 base install or upgrade fail Rollback with SQL 2022 Express Does also happen with: EPO5100_ServicePack1_4098_LR1.zip (lATEST DOWNLOAD 01.05.2024) Just had a case where we searched for longer, but it was NOT related to a dual install of WSUS+EPO. Because we sometimes have a dual install of EPO and WSUS roles on the […]

Exchange 2013 Exchange 2016 Exchange 2019 M365 - Exchange Online Microsoft Exchange Server 2022 [21H2/22H2/32H2]

Exchange CVE-2024-21410 2016 2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem

19.01.2024 admin

Exchange CVE-2024-21410 2013/2016/2019 Extended Protection Kemp-F5 and Modern Hybrid Mode problem Primary target which is part of the attack: Make sure you ROLLOUT the Outlook.exe 02/2024 Patch. That is the most important thing. Esp. On Home Office/Remote Office which may have SMB/445 to WAN open and for VPN users NO traffic to/via VPN-2-HQ policy (Which […]

Hotfixes, Updates Microsoft Server OS Server 2022 [21H2/22H2/32H2] WSUS

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition

11.01.2024 admin

Microsoft Patch KB5034439 Server 2022 also fails on SRV 2022 without Recovery Partition or with too small recovery Partition (Free space under 250MB) ERROR: KB5034439, 0x8024200B, 0x80070643 ERROR_INSTALL_FAILURE. PATCH: 024-01 Security Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5034439). Status 12.01.2024 —————————————————– Microsoft has releases two PowerShell with which you should […]

FW Fortigate FW Sophos M365,AZURE,INTUNE SECURITY

Troubleshooting CRC Errors on Fortinet Fortigate Firewalls – Intunes CRC download error

28.11.2023 admin

We just had a case where we in detail explored the CRC errors with Intunes Packets. Simply WIN32 Package with 300MB failed just for one client. One client had a CRC error same day while others just fine. Here is how to check local on-premises to be sure you can tell it’s M365 side failing […]

DLP | Data Loss Prevention EPO | ePolicy Orchestrator Hotfixes, Updates

Mcafee/Trellix EPO 5.10 SP1 UPD2 (Update 2) Installation CVE-2023-5444 (RISK HIGH) and CVE-2023-5445

28.11.2023 admin

Exploit/Lücken CVE-2023-5444 (RISK HIGH) und CVE-2023-5445. Update Mcafee/Trellix EPO Management Server There is emergency patch for EPO and the Trellix Forum seems to be down or rebuilt? Here is some info to help you this way. We have just updated around 10 EPO on-premises installations from EPO 5.10 SP1 to UPD2 or from 5.10 […]

Deployment FW Fortigate FW Sophos Intunes KEMP Load Balancer Microsoft SCCM,MEM,MDT SECURITY

Mastering Firewalls for Intunes and Autopilot Success, FQDN, IP, CRL to get Intunes running

24.11.2023 admin

Mastering Firewalls for Intunes and Autopilot Success In the realm of IT, especially with the advent of cloud-based systems like M365 and Intune, managing firewalls has evolved into a complex challenge. Gone are the days of a handful of external ports; now, it’s like navigating a digital maze of ports and IP ranges. Enter the […]

CRUNCH Deployment FW Fortigate M365,AZURE,INTUNE W10

Missing entry in Fortigate Application Filter ROOT.CERTIFICATE.URL and OCSP source of W10 Setup failing

24.11.2023 admin

FortiGate Application Filter Certificate wrong/missing Entry sample for an important laptop driver (W10 Deployment fails because of signed Driver Revocation Lookup) Missing entry in Fortigate Application Filter “ROOT.CERTIFICATE.URL” and “OCSP” source of failing Windows 10 Deployment with commercial Deployment Products (This includes HP client hardware, Microsoft SCCM, Landesk or Ivanti Frontrange). During the Unattend phase […]


Try our new Certificate Revocation List Check Tool CRLcheck.exe is a tool developed to verify digital signatures of executable files. It collects files from known paths on your client, checks their signature, and checks Certificate Revocation Lists (CRL) and OCSP download. This helps avoid delays in launching files.

Highroller