Enable support for TLS 1.2 for Microsoft Cloud Service (Exchange、AVD、Teams....etc.)

近幾個月微軟更新雲端服務,幾乎各種連線都開始只支援 TLS 1.2

Update to enable TLS 1.1 and TLS 1.2 as default secure protocols in WinHTTP in Windows

上述網頁中的 EasyFix 直連按這裡

或是跑 PowerShell

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force

If (-Not (Test-Path 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319')) {
    New-Item 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319' -Force | Out-Null;


Store Birlocker Recovery Password To AD via GPO and Powershell

Computer Configuration (Enabled)
=> Policies
=> => Windows Settings
=> => => Scripts
=> => => => Startup
=> => => => => StoreBitlockerRecoveryRasswordToAD.ps1  

ACL Add Allow Domain Computers to Read and Execute
$keyID = Get-BitLockerVolume -MountPoint c: | select -ExpandProperty keyprotector |  where {$_.KeyProtectorType -eq 'RecoveryPassword'};

if ($keyID.KeyProtectorId -ne $Null) {
Backup-BitLockerKeyProtector -MountPoint c: -KeyProtectorId $keyID.KeyProtectorId;



Deal with Azure Virtual Desktop FSLogix failed to attach user profile disk (Open File)

User 在登入 Azure Virtual Desktop 的時候出現無法掛載 User Profile Disk 的問題
經過檢查該 User 沒有任何殘留的 Session 在同一個 Host Pool 的任何一台 Session Host 上
思考方向是 User Profile Disk 在某個 Sign-out event 沒有被正常 Detached 導致 Open File 的問題


以 PoweShell 先登入 Azure Account


選取可管理該 User Profile Disk 所存放 Storage Account 的 Subscription

    Select-AzSubscriptionSelect -subscriptionid 'oooooo-xxxxx-oooo-oooo-xxxxxxx'