https://lazywinadmin.com/2016/08/powershell-composite-formatting.html

If you play often with PowerShell you might have encountered something called “Composite Formatting”. What is that ?

Each format item takes the following form and consists of the following components:

{index[,alignment][:formatString]}

The matching braces { and } are required.

Here is a quick example "Welcome to {0}" -f "LazyWinAdmin.com"

##########
# STRING #
##########
# One string
"{0}" -f "Francois-Xavier" #Francois-Xavier
# Multiple Strings
"My name is {0}, From {1} and live in {2}" -f 'FX', 'France', 'Montreal (Canada)'
# You can also shuffle around the tags
"My name is {2} I'm From {1} and live in {0}" -f 'Montreal (Canada)', 'France', 'FX'

Found a new tool for better selecting files based on patterns or wildcards in Windows Explorer:

see: https://www.publicspace.net/windows/BetterFileSelect/index.html

#tool #app #windows #filework

Select the text

Press:

• Ctrl + H on PC, or
• Command + Alt + F on Mac or
• Click Find->Replace.

Make sure you have selected 'regular expression' by pressing:

• Alt + R on PC or
• Command + Alt + R on Mac or
• Click .* in the Find box.

Find what: ^\n or ^(\r|\n\r?)

Replace With: (nothing, leave in blank).

#sublimetext #regex

Lokales Dokumentenmanagement für die eigenen Dokumente:

- https://openpaper.work/de/

- https://www.agorum.com/preisinfo-agorum-core-dms/

- https://www.devontechnologies.com/de/apps/devonthink

- https://www.tagspaces.org/ (TagSpaces)

- https://www.mayan-edms.com/

Artikel bei heise.de zum Thema:

https://www.heise.de/tests/Digital-Ordnung-schaffen-Fuenf-Dokumentenmanagementsysteme-im-Test-601271...

Weiterführende Links:

https://www.heise.de/forum/heise-online/Kommentare/Digital-Ordnung-schaffen-Fuenf-Dokumentenmanageme...

#dms #dokumentenmanagement

Da richtet man gerade seinen neuen Windows 10-Laptop ein und installiert Office 365 über den Installer von office.com und dann weigert sich Outlook partou die Einrichtung des Office 365-Kontos vorzunehmen.

Bedauerlicherweise ist Outlook bei der Fehlerbehandlung nicht gerade auskunftsfreudig und daher bin ich über die Recherche im Internet auf verschiedene Lösungsansätze gestoßen.

Lösung 1 - Registry

Ursache: AutoDiscovery schlägt fehlt, weil der Webserver hinter der Domain eine ungültige Antwort zurückgibt

Folgende Registry-Werte setzen:

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AutoDiscover]

"ExcludeLastKnownGoodUrl"=dword:00000001

"ExcludeHttpsRootDomain"=dword:00000001

"ExcludeSrvRecord"=dword:00000001

Lösung 2 - Legacy-Modus für Account-Erstellung

In der Registry unter "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Outlook\AutoDiscover" folgenden Wert setzen:

"ExcludeExplicitO365Endpoint"=dword:00000001

Nach dem nächsten Start von Outlook startet nicht mehr der neue Assistent zur Einrichtung des Kontos, sondern man kann über "Konto hinzufügen" in den Konto-Einstellungen wieder die alte gewohnte Maske für die Account-Anlage verwenden.

Lösung 3 - Gespeicherte Zugangsdaten löschen

Der neue Assistent in Outlook sucht zunächst auf dem System nach bereits vorhandenen Microsoft-Konten. Gespeicherte Konto mit samt Zugangsdaten können im System unter Systemsteuerung > Anmeldeinformationen. In diesem Menü auf Windows-Anmeldeinformationen klicken und dann die dort gelisteten Accounts nach dem eigenen Microsoft-Konto durchsuchen. Dort entsprechende Einträge mit der eigenen E-Mail-Adresse entfernen bzw. bereinigen (ausklappen und auf entfernen klicken).

Danach den Account in Outlook erneut hinzufügen, diesmal sollte nach dem Kennwort gefragt werden. Hier ist wichtig: Bitte das App-Kennwort für das Office 356-Konto verwenden!

Bei mir hats dann soweit funktioniert. Eine große Schande, dass man keine konkrete Fehlermeldung erhält! Viel Glück!

Simple way to create a MD5 hash value of a file with windows command line tool:

https://support.microsoft.com/de-ch/help/889768/how-to-compute-the-md5-or-sha-1-cryptographic-hash-v...

Its necessary to download the following tool:

https://support.microsoft.com/en-us/help/841290

After extracting the exe file you can add the extraction path to environment variable "PATH" in the system settings to access the tool from any location in cmd:

While trying to read the contents of a DAT file, I came across an interesting article about Stackoverflow. There the tool XORSearch was recommended.

https://reverseengineering.stackexchange.com/questions/11659/extract-text-data-from-a-compressed-enc...

https://blog.didierstevens.com/programs/xorsearch/

Found the App "RAW Power" as an powerful RAW post processing app in iOS and macOS. Its benefit over other apps is the use of the icloud photo library and its sync.

Source: https://www.mactechnews.de/forum/discussion/iPad-Capture-One-Ersatz-336710.html

I made a workflow that filters all your photos from your camera roll. It gets all your photos, excluding an album(select album your chat photos are stored) and also screenshots(you can disable it if you want). The workflow will ask you if you want to save it all in a new album or in an existing one. You will need to run it each time to update the album. You will need the Workflow app to run this.

Take a look at: https://support.plesk.com/hc/en-us/articles/115003766853-How-to-specify-PHP-version-for-command-line...

I had to add PATH to .bash_profile file

1. Connect via SSH with the system user to the server

2. Add the PHP path toe .bash_profile file

echo "PATH=/opt/plesk/php/7.3/bin:$PATH" >> ~/.bash_profile

3. Reconnect SSH Connection

How to add and remove programs to a chrooted shell environment template

Look at: https://support.plesk.com/hc/en-us/articles/213909545

The above adds the OS version of PHP to the chroot environment, not the PHP executables that are used for the websites.

I therefore replaced

./update_chroot.sh --add php

with

./update_chroot.sh --add /opt/plesk/php/7.1/bin/php

You may want to repeat that with other available php versions.

For convenience I also linked that php binary to usr/bin:

ln -s /opt/plesk/php/7.1/bin/php /var/www/vhosts/chroot/usr/bin/php

Afterwards, of course, do a ./update_chroot.sh --apply <domain>|all

in modern times, private companies and intelligence agencies collect more and more data on our daily living, the use of your smartphones and want to know where we are, what we eat, what we buy, how we spend our free time, and much more. those companies use these data for any kind of marketing, like personalised advertising, and even individual pricing. yes, you probably spend more money on the exact same product, than your neighbour does. because of all this, the numbers of people using vpn services to improve their online privacy and security is growing.

in this blog post, i will guide you through the basic steps and some more complex on demand rules setting up vpn on demand using a .mobileconfig configuration profiles for iphone and mac

the basic structure

first of all, the configuration file for vpn on demand is a plain text document, with xml markup. to create one, just open up your favourite text editor, and save a new file with extension .mobileconfig. see also the official configuration profile reference.

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>PayloadContent</key>
	<array>
		...
	</array>
		
	<!-- Universally unique identifier and payload information for the configuration file itself -->
	<key>PayloadDisplayName</key>
	<string>VPN OnDemand</string>
	<key>PayloadIdentifier</key>one.nerd.vpn.a4303bdf-0857-4f61-8eac-76d6e8a81fbf</string>
	<key>PayloadRemovalDisallowed</key>
	<false/>
	<key>PayloadType</key>
	<string>Configuration</string>
	<key>PayloadUUID</key>
	<string>4-712c9be856fe</string>
	<key>PayloadVersion</key>
	<integer>1</integer>
</dict>
</plist>

there are some information already propagated. do you see those payload information? they are mandatory to let the system (ios/macos) correctly identify the configuration profile's contents once imported. feel free to change PayloadDisplayName, PayloadIdentifier and PayloadUUID, but keep in mind to use different uuids for different configuration profiles. read more about uuids on wikipedia.

adding vpn configuration

using the above structure, the actual vpn configuration like vpn type, server settings, and login credentials need to be added. this example configuration profile uses ipsec for an average amount of security and speed (ipsec needs to be supported by your vpn provider and some information may vary). now back to your configuration profile:

<key>PayloadContent</key>
	<array>
		<dict>
			<!-- Configuration for VPNType "IPSec" -->
			<key>IPSec</key>
			<dict>

				<!-- AuthenticationMethod can either be "SharedSecret" or "Certificate" -->

				<!-- Configuration for AuthenticationMethod "SharedSecret" -->
				<key>AuthenticationMethod</key>
				<string>SharedSecret</string>
				<key>LocalIdentifierType</key>
				<string>KeyID</string>

				<!-- RemoteAdress should be the VPN server's IP or DNS name -->
				<key>RemoteAddress</key>
				<string>remote.example.com</string>

				<!-- SharedSecret must be base64 encoded  -->
				<key>SharedSecret</key>
				<data>YXJlZCBTZWNyZXQgSGVyZQ==</data>

				<!-- XAuth Configuration -->
				<key>XAuthEnabled</key>
				<integer>1</integer>

				<!-- XAuthName is the login name used for authentication -->
				<!-- Remove the following two lines if you don't want the username to be stored in this file  -->
				<key>XAuthName</key>
				<string>Insert Username Here</string>
				
				<!--  XAuthPassword is the password used for authentication -->
				<!-- Remove the following two lines if you don't want the password to be stored in this file -->
				<key>XAuthPassword</key>
				<string>Insert Password Here</string>

				<!-- Enabling OnDemand – This can be toggled on/off via System Settings/Network [macOS] and Settings/VPN [iOS] -->
				<key>OnDemandEnabled</key>
				<integer>1</integer>
				
				<!-- OnDemand Rules -->
				<key>OnDemandRules</key>
				<array>
					...
				</array>
			</dict>
			
			<!-- IPv4 Configuration -->
			<!-- Set OverridePrimary to "1" to send all traffic through the VPN interface -->
			<key>IPv4</key>
			<dict>
				<key>OverridePrimary</key>
				<integer>1</integer>
			</dict>
			
			<!-- Payload information for this configuration-->
			<key>PayloadDescription</key>
			<string>VPN OnDemand Settings</string>
			<key>PayloadDisplayName</key>
			<string>VPN</string>
			
			<!-- Universally unique identifier and some more information for the configuration -->
			<key>PayloadIdentifier</key>
			<string>9cbe-631bd9be35f6</string>
			<key>PayloadType</key>
			<string>one.nerd.vpn</string>
			<key>PayloadUUID</key>
			<string>f-55cd6bd8374c</string>
			<key>PayloadVersion</key>
			<integer>1</integer>
			<key>Proxies</key>
			<dict>
				<key>HTTPEnable</key>
				<integer>0</integer>
				<key>HTTPSEnable</key>
				<integer>0</integer>
			</dict>
			<key>UserDefinedName</key>
			<string>VPN OnDemand</string>
			<key>VPNType</key>
			<string>IPSec</string>
		</dict>
	</array>

these information needs to be changed:

• RemoteAddress should match your vpn provider's server url
• SharedSecret is a base64 encoded string (ask your provider for that string), use duckduckgo to encode YourSharedSecret
• XAuthName is your username
• XAuthPassword is your password

if you prefer not to store the login credentials inside the configuration file, you can easily remove those lines. when importing the profile to your iphone or mac, you will be asked to provide those once.

on demand rules

the on demand rules, is a set (dictionary) of different rules. this dictionary is being used to check the current network configuration. the first rule which matches is being used. based on the action described for the matching rule (action value in brackets), a vpn connection can either be established (Connect), disconnected (Disconnect), evaluated for each connection attempt (EvaluateConnection), or should remain as is (Ignore). this is the structure of an on demand rule:

<dict>
	<key>Action</key>
	<string>Connect</string>
</dict>

this simple rule--which always matches--consists only of a key (Action) and a value (Connect). to add more spice we can use InterfaceTypeMatch (allowed values are Cellular, Ethernet, and WiFi).

some basic on demand rules for different network interfaces

let's create rules to always connect on wifi and cellular networks, but disconnect on ethernet. since we can define two rules for cellular and wifi, we can safely skip adding InterfaceTypeMatch to the third rule. the resulting code for this scenario is this:

<dict>
	<key>Action</key>
	<string>Connect</string>
	<key>InterfaceTypeMatch</key>
	<string>Cellular</string>
</dict>

<dict>
	<key>Action</key>
	<string>Connect</string>
	<key>InterfaceTypeMatch</key>
	<string>WiFi</string>
</dict>

<dict>
	<key>Action</key>
	<string>Disconnect</string>
</dict>

only establish a vpn connection when connected to certain networks

let's say, you want vpn on demand for every new wifi network you connect to, but don't want to have it established on the two wifi networks you have at home and at work. this can be done using the key SSIDMatch. the rule will then look like this:

<dict>
	<key>Action</key>
	<string>Disconnect</string>
	<key>InterfaceTypeMatch</key>
	<string>WiFi</string>
	<key>SSIDMatch</key>
	<array>
		<!-- List one or more WiFi networks -->
		<string>My Private Home Network</string>
		<string>Company WiFi SSID</string>
	</array>
</dict>

<dict>
	<key>Action</key>
	<string>Connect</string>
	<key>InterfaceTypeMatch</key>
	<string>WiFi</string>
</dict>

reminder: the first rule which matches will be used. therefor it's important to have the rules in the order shown above. if it would be the other way round, the more complex rule to disconnect for certain wifi networks will never be used.

evaluate connection: vpn on demand for specific domains only

maybe you want to establish a vpn connection for some domains only. or you want to make sure, that accessing to those domains will always trigger a vpn connection. the rules for this look like this:

<dict>
	<key>Action</key>
	<string>EvaluateConnection</string>
	
	<key>ActionParameters</key>
	<array>
		<dict>
			<key>Domains</key>
			<array>
				<string>example.com</string>
			</array>
			<key>DomainAction</key>
			<string>ConnectIfNeeded</string>
		</dict>
	</array>
</dict>

now, let me explain what all that means. EvaluateConnection tells the operating system to look for ActionParameters, a list (array) of dictionaries similar to the on demand rules. allowed keys for these dictionaries are:

• Domains, required: an array of domains that trigger the evaluation
• DomainAction, required: ConnectIfNeeded or NeverConnect--self-explanatory
• RequiredDNSServers, optional: array of ip addresses for resolving domain names, might be necessary for your company's internal urls
• RequiredURLStringProbe, optional: a url to probe, if no connection code is received, a vpn connection will be established

more complex rules

if you want to, you can even merge EvaluateConnection with InterfaceTypeMatch and SSIDMatch:

<dict>
	<key>Action</key>
	<string>EvaluateConnection</string>
	
	<key>InterfaceTypeMatch</key>
	<string>WiFi</string>
	<key>SSIDMatch</key>
	<array>
		<!-- List one or more WiFi networks -->
		<string>Company WiFi SSID</string>
	</array>

	<key>ActionParameters</key>
	<array>
		<dict>
			<key>Domains</key>
			<array>
				<string>example.com</string>
			</array>
			<key>DomainAction</key>
			<string>ConnectIfNeeded</string>
			<key>RequiredURLStringProbe</key>
			<string>https://internal.yourawesomecompany.com</string>;
		</dict>
	</array>
</dict>

feel free to add as many dictionaries to your OnDemandRules array, until all your wishes and needs are mapped.

appendix, or: ConnectIfNeeded not working

what i found out is, that in some circumstances my device does not establish a vpn connection for certain domain, even when i am sure, the EvaluateConnection rule is being used. therefor, i created a workaround (a nice little script on my server) to help me out.

it takes an input ip address or range of ip addresses, then compares it to the connecting client's ip address and sends back a specific http status code. if the client's ip address is equal to the input or is within the range of ip addresses provided, that status code will be HTTP/1.1 200 Ok. if the client's ip can not be described using the input, status code HTTP/1.1 404 Not Found will be returned.

using this and knowing the possible ip addresses your vpn provider assigns, we can use the RequiredURLStringProbe key to make sure, a vpn connection will always be established when connecting to a certain domain, even if resolving the domain name works. the code snipped will look like this:

<dict>
	<key>Domains</key>
	<array>
		<string>nerd.one</string>
	</array>
	<key>DomainAction</key>
	<string>ConnectIfNeeded</string>
	<key>RequiredURLStringProbe</key>
	<string>https://example.com/12.34.56.78-87</string>
</dict>

assuming the possible ip addresses the vpn provider assigns is from 12.34.56.78 to 12.34.56.87, the string to use will be https://example.com/12.34.56.78-87. if the range is bigger than that, it's possible to change the input to something different. all this would be valid input:

single ip addresses, i.e.:

• 95.143.172.196
• 95.143.172.240

a range or subnet of ip addresses, i.e.:

• 95.143.172.140-250
• 95.143.172.0-255
• 95.143.171-172.0-255
• 95.143.0-255.50-100

feel free to open that url in your browser and check different input, until you are happy with your input ip or range of ip addresses.

a sample configuration file

a sample configuration file is contributed by nerd one (see original article on https://nerd.one/vpn-on-demand-configuration-profiles-for-ios-and-macos-explained/)