Inactive Distribution Lists in Exchange Online
Exchange (Distribution Lists) Friday, 10 July 2026 by paul

You would think there was an easy way to check Exchange Onine distribution list are being used or are stale/not required and can be removed but there is not.

Tony Redmond has come to the rescue again and provided a script to help identify unused distribution lists: https://office365itpros.com/2026/07/09/inactive-distribution-list-2026/

Hopefully at some point Microsoft can add some metadata to each list to automatically record this information and make it easier for admins.

Windows Defender: get-mpcomputerstatus returns nothing
Microsoft (Defender) Thursday, 11 December 2025 by paul

Recently seen an issue where the PowerShell command to return the status of the Microsoft Defender client does not return any results.

 

As found by SnowDev, at https://techcommunity.microsoft.com/discussions/microsoftdefenderatp/get-mpcomputerstatus-output-is-blank/4360952, this looks like a problem with Defenders Protection Management CIM Provider. Registering that fixes the issue with the command below.

 

Register-CimProvider -ProviderName ProtectionManagement -Namespace root\Microsoft\Windows\Defender -Path -Impersonation True -HostingModel LocalServiceHost -SupportWQL -ForceUpdate

 

SnowDev has helpfully written a script to locate the DDL path and update the values below:

 

$DefenderNamespace = "root\Microsoft\Windows\Defender"
$DefenderClass = "MSFT_MpComputerStatus"

function Get-LatestProtectionManagementDllPath {
    $defenderPlatformPath = Join-Path -Path $env:ProgramData -ChildPath "Microsoft\Windows Defender\Platform"
    $latestVersionDir = Get-ChildItem -Path $defenderPlatformPath -Directory | Sort-Object LastWriteTime -Descending | Select-Object -First 1

    if (-not $latestVersionDir) {
        Write-Error "No version directories found under: $defenderPlatformPath"
        return $null
    }

    $dllPath = Join-Path -Path $latestVersionDir.FullName -ChildPath "ProtectionManagement.dll"
    if (-not (Test-Path $dllPath)) {
        Write-Error "ProtectionManagement.dll not found in: $($latestVersionDir.FullName)"
        return $null
    }

    return $dllPath
}

function Reregister-ProtectionManagementDLL {
    $dllPath = Get-LatestProtectionManagementDllPath
    if (-not $dllPath) {
        return $false
    }

    try {
        Register-CimProvider -ProviderName ProtectionManagement `
                             -Namespace $DefenderNamespace `
                             -Path $dllPath `
                             -Impersonation True `
                             -HostingModel LocalServiceHost `
                             -SupportWQL `
                             -ForceUpdate

        Write-Host "Successfully re-registered ProtectionManagement provider."
        return $true
    } catch {
        Write-Error "Error during provider re-registration: $_"
        return $false
    }
}

function Check-RealtimeProtectionStatus {
    try {
        $status = Get-CimInstance -Namespace $DefenderNamespace -ClassName $DefenderClass -ErrorAction Stop
        switch ($status.RealTimeProtectionEnabled) {
            $true  { return "Running" }
            $false { return "NotRunning" }
            default { return "NotFound" }
        }
    } catch {
        Write-Warning "Unable to retrieve RealTimeProtectionEnabled instance from $DefenderClass in $DefenderNamespace. Exception: $_"
        return "Exception"
    }
}

# --- MAIN  ---

$status = Check-RealtimeProtectionStatus
Write-Host "Current RealTimeProtectionEnabled Status: $status"

if ($status -eq "NotFound" -or $status -eq "Exception")  {
    Write-Host "Attempting to re-register Windows Defender's ProtectionManagement provider..."
    if (-not (Reregister-ProtectionManagementDLL)) {
        Write-Error "Failed to re-register the provider. Exiting."
        #exit 1
    }

    Start-Sleep -Seconds 5
    $status = Check-RealtimeProtectionStatus
    Write-Host "Post-registration RealTimeProtectionEnabled Status: $status"

   if ($status -eq "NotFound" -or $status -eq "Exception")  {
        Write-Error "ERROR: RealTimeProtectionEnabled instance still missing after re-registration."
        #exit 1
    }
}
VMware updates failing
Vmware (updates) Wednesday, 20 August 2025 by paul

Recently we have seen issues with VMware Vcenter and Host Update not working as expected. Error like the one below may be displayed when attempting to update hosts:

Cannot download VIB: ''. This might be because of network issues or the specified VIB does NOT exist or does NOT have a proper 'read' privilege set. Please make sure the specified VIB exists and is accessible from vCenter Server.

VMware have recently changed their update processes to require the download URLs for Vcenter and Host updates to be changed to include a unique download token.

This token can be generated by accessing the Broadcom Support portal. You will need product administrator role to be able to generate the token.

Once generated it can be applied to various VMware products using the knowledge article below:

VCF authenticated downloads configuration update instructions - https://knowledge.broadcom.com/external/article/390098

Group Policy to remove Windows default store apps
Microsoft (Windows) Tuesday, 01 July 2025 by paul

Finally, a group policy to remove Windows default store apps!

Cannot Add Print Server sensor in PRTG
PRTG (Print) Tuesday, 25 February 2025 by paul

Trying to add a Windows Print Queue sensor fails in PRTG with the error "Generic Failure". Server has the pre-reqs for .Net 4.7.2 and WMI enabled on target server firewall.

Issue due to the Print Spooler service not running on the Probe server. After the service is started then the sensor works as expected.

Page 1 of 98 (493 Articles) << 1 2 3 4 5  Next >>