Hi,

I’m working on a dashboard to keep track of my finances. I have several monthly reoccurring payments and I’m simply trying to create a way to get a quick view of upcoming payments for the month based on today’s date. IE: Electric bill is due every 22nd and I want to be able to see that it’s coming up if the current date is the 19th. Given that several of the payments happen regularly, I want to be able to see what’s coming up when I open my workbook, based on the current day. Can anyone shine some light?

​Hi, I’m working on a dashboard to keep track of my finances. I have several monthly reoccurring payments and I’m simply trying to create a way to get a quick view of upcoming payments for the month based on today’s date. IE: Electric bill is due every 22nd and I want to be able to see that it’s coming up if the current date is the 19th. Given that several of the payments happen regularly, I want to be able to see what’s coming up when I open my workbook, based on the current day. Can anyone shine some light?  Read More

​

Hello 

Please i need your help on this issue.

We invited a guest in our tenant and provided access on a SharePoint folder in a document library.

The user was added to a SharePoint group on a document library and we shared a specific folder with that user by sending a SharePoint invitation.

When the user clicks on the SharePoint invitation, they can log in successfully, but the user gets an access denied message.

Please note that we provided external access to multiple people from that specific client in the same manner. The rest can successfully access the specific folder, but one of the user gets an access denied message.

As troubleshooting steps we did the following: 
– removed the user from user profile service on the SharePoint admin center
– removed the user from the site collection
– deleted and re-created the user in Azure AD
– invited the user again in the same manner we invited the others
– and we also had a Teams call with the client and assisted the user via share screen, making sure the user is following the correct steps for logging in

After all these troubleshooting steps, the user keeps getting an “access denied” message while the others have access.

Could you please assist us with this issue?

​Hello Please i need your help on this issue. We invited a guest in our tenant and provided access on a SharePoint folder in a document library. The user was added to a SharePoint group on a document library and we shared a specific folder with that user by sending a SharePoint invitation. When the user clicks on the SharePoint invitation, they can log in successfully, but the user gets an access denied message. Please note that we provided external access to multiple people from that specific client in the same manner. The rest can successfully access the specific folder, but one of the user gets an access denied message. As troubleshooting steps we did the following: – removed the user from user profile service on the SharePoint admin center- removed the user from the site collection- deleted and re-created the user in Azure AD- invited the user again in the same manner we invited the others- and we also had a Teams call with the client and assisted the user via share screen, making sure the user is following the correct steps for logging in After all these troubleshooting steps, the user keeps getting an “access denied” message while the others have access. Could you please assist us with this issue?  Read More

​

I have a dvi.doc file containing table with students’ entrance exams’ results (names + scored points). I ask Copilot for Word a prompt “Analyze /dvi.doc”. And then copilot creates a report where along with actual data from my file it pretends to use imaginary source files I never heard of (dvi.xls with qualification exams’ results of the same persons, exam.doc with scores split by subjects etc). Altogether it makes a complete mess. What shall I do to just have my original doc file analyzed in a reliable way?

​I have a dvi.doc file containing table with students’ entrance exams’ results (names + scored points). I ask Copilot for Word a prompt “Analyze /dvi.doc”. And then copilot creates a report where along with actual data from my file it pretends to use imaginary source files I never heard of (dvi.xls with qualification exams’ results of the same persons, exam.doc with scores split by subjects etc). Altogether it makes a complete mess. What shall I do to just have my original doc file analyzed in a reliable way?  Read More

​

Hello.

I am looking for a complete or at least well-documented list of detections that Microsoft “Defender for  endpoint” can actually detect as:

“Malicious credential theft tool execution detected”

We need to show some clients the missing detections that they don´t have because Defender is not active!… so if we have a list of detections it is easier to understand the surface of protection of the EDR.

Hope someone has something!

​Hello.I am looking for a complete or at least well-documented list of detections that Microsoft “Defender for  endpoint” can actually detect as:”Malicious credential theft tool execution detected”We need to show some clients the missing detections that they don´t have because Defender is not active!… so if we have a list of detections it is easier to understand the surface of protection of the EDR.Hope someone has something!  Read More

​

Hello!

Does anyody have a solution share for the following two problems: 
1. When connecting to Tableau the units of the metric seem to show billion times larger. Why so? 

2. Can the OKR import Excel be used to efficiently update only metric targets that already exist in Goals and have Tableau integrations set up. 

​Hello!Does anyody have a solution share for the following two problems: 1. When connecting to Tableau the units of the metric seem to show billion times larger. Why so? 2. Can the OKR import Excel be used to efficiently update only metric targets that already exist in Goals and have Tableau integrations set up.   Read More

​

Major Update Version 22H2 of Windows 10 Home

Following the input of my password at the login prompt, the system now exhibits a significant delay of approximately 4 minutes before fully loading. Interestingly, a different user account on the same computer experiences a much faster loading time of under 30 seconds. Seeking guidance on how to address this discrepancy.

​Major Update Version 22H2 of Windows 10 Home Following the input of my password at the login prompt, the system now exhibits a significant delay of approximately 4 minutes before fully loading. Interestingly, a different user account on the same computer experiences a much faster loading time of under 30 seconds. Seeking guidance on how to address this discrepancy.  Read More

​

Hello everyone, I’m in need of assistance with a perplexing issue. 

My HP Elitebook 840 laptop has started behaving erratically. Upon pressing the power button, it powers up and functions normally for a variable duration, ranging from 30 seconds to 10 minutes. Unexpectedly, it then abruptly shuts down, and subsequent attempts to turn it back on are unsuccessful. It remains off.

Strangely, the laptop spontaneously restarts at unpredictable intervals, sometimes after an hour and occasionally up to twelve hours later. The only indication of this is when the Windows welcome startup sound plays.

I am unable to provide the Windows 10 version number as the laptop shuts down before I can locate it. However, it has been consistently updated until this issue arose a few weeks ago.

Despite not overheating and with the fan working properly, the problem persists even after swapping the SSD with an identical clone. The battery has been ruled out as a cause. During a brief period when the laptop remained on, it was tested and found to be in good condition. This behavior occurs regardless of whether the laptop is connected to a power source.

Any advice or recommendations would be greatly appreciated.

​Hello everyone, I’m in need of assistance with a perplexing issue.  My HP Elitebook 840 laptop has started behaving erratically. Upon pressing the power button, it powers up and functions normally for a variable duration, ranging from 30 seconds to 10 minutes. Unexpectedly, it then abruptly shuts down, and subsequent attempts to turn it back on are unsuccessful. It remains off. Strangely, the laptop spontaneously restarts at unpredictable intervals, sometimes after an hour and occasionally up to twelve hours later. The only indication of this is when the Windows welcome startup sound plays. I am unable to provide the Windows 10 version number as the laptop shuts down before I can locate it. However, it has been consistently updated until this issue arose a few weeks ago. Despite not overheating and with the fan working properly, the problem persists even after swapping the SSD with an identical clone. The battery has been ruled out as a cause. During a brief period when the laptop remained on, it was tested and found to be in good condition. This behavior occurs regardless of whether the laptop is connected to a power source. Any advice or recommendations would be greatly appreciated.  Read More

​

I am creating a new script. The script is running unattended. The script doing a couple things, the important part here is: setting a new user a license and setting the new user mailbox Address book policy. The address book is an Exchange online task the license is Graph. I am getting an error.

How to reproduce the error:

1. connect to MgGraph, I am using this command

Connect-MgGraph -TenantId $tenantID -AppId $appID -CertificateThumbprint $CertificateThumbPrint -NoWelcome

do some work, Disconnect-MgGraph

2. Connect to Exchange online, in the same script:

Connect-ExchangeOnline -CertificateThumbPrint $CertificateThumbPrint -AppID $appID -Organization $tenantID -CommandName Get-EXOMailbox,Get-mailbox,Set-mailbox -SkipLoadingCmdletHelp -ShowBanner:$false

The command verbose debug output is this:

DEBUG:
using System;
using System.Net;
using System.Management.Automation;
using Microsoft.Win32.SafeHandles;
using System.Security.Cryptography;
using System.Runtime.InteropServices;
using System.Runtime.ConstrainedExecution;
using System.Runtime.Versioning;
using System.Security;

namespace Microsoft.PowerShell.Commands.PowerShellGet
{
public static class Telemetry
{
public static void TraceMessageArtifactsNotFound(string[] artifactsNotFound, string operationName)
{
Microsoft.PowerShell.Telemetry.Internal.TelemetryAPI.TraceMessage(operationName, new { ArtifactsNotFound = artifactsNotFound });
}

public static void TraceMessageNonPSGalleryRegistration(string sourceLocationType, string sourceLocationHash, string installationPolicy, strin
g packageManagementProvider, string publishLocationHash, string scriptSourceLocationHash, string scriptPublishLocationHash, string operationName)
{
Microsoft.PowerShell.Telemetry.Internal.TelemetryAPI.TraceMessage(operationName, new { SourceLocationType = sourceLocationType, SourceLoca
tionHash = sourceLocationHash, InstallationPolicy = installationPolicy, PackageManagementProvider = packageManagementProvider, PublishLocationHash = p
ublishLocationHash, ScriptSourceLocationHash = scriptSourceLocationHash, ScriptPublishLocationHash = scriptPublishLocationHash });
}

}

/// <summary>
/// Used by Ping-Endpoint function to supply webproxy to HttpClient
/// We cannot use System.Net.WebProxy because this is not available on CoreClr
/// </summary>
public class InternalWebProxy : IWebProxy
{
Uri _proxyUri;
ICredentials _credentials;

public InternalWebProxy(Uri uri, ICredentials credentials)
{
Credentials = credentials;
_proxyUri = uri;
}

/// <summary>
/// Credentials used by WebProxy
/// </summary>
public ICredentials Credentials
{
get
{
return _credentials;
}
set
{
_credentials = value;
}
}

public Uri GetProxy(Uri destination)
{
return _proxyUri;
}

public bool IsBypassed(Uri host)
{
return false;
}
}

[StructLayout(LayoutKind.Sequential, CharSet=CharSet.Unicode)]
public struct CERT_CHAIN_POLICY_PARA {
public CERT_CHAIN_POLICY_PARA(int size) {
cbSize = (uint) size;
dwFlags = 0;
pvExtraPolicyPara = IntPtr.Zero;
}
public uint cbSize;
public uint dwFlags;
public IntPtr pvExtraPolicyPara;
}

[StructLayout(LayoutKind.Sequential, CharSet=CharSet.Unicode)]
public struct CERT_CHAIN_POLICY_STATUS {
public CERT_CHAIN_POLICY_STATUS(int size) {
cbSize = (uint) size;
dwError = 0;
lChainIndex = IntPtr.Zero;
lElementIndex = IntPtr.Zero;
pvExtraPolicyStatus = IntPtr.Zero;
}
public uint cbSize;
public uint dwError;
public IntPtr lChainIndex;
public IntPtr lElementIndex;
public IntPtr pvExtraPolicyStatus;
}

// Internal SafeHandleZeroOrMinusOneIsInvalid class to remove the dependency on .Net Framework 4.6.
public abstract class InternalSafeHandleZeroOrMinusOneIsInvalid : SafeHandle
{
protected InternalSafeHandleZeroOrMinusOneIsInvalid(bool ownsHandle)
: base(IntPtr.Zero, ownsHandle)
{
}

public override bool IsInvalid
{
get
{
return handle == IntPtr.Zero || handle == new IntPtr(-1);
}
}
}

// Internal SafeX509ChainHandle class to remove the dependency on .Net Framework 4.6.
[SecurityCritical]
public sealed class InternalSafeX509ChainHandle : InternalSafeHandleZeroOrMinusOneIsInvalid {
private InternalSafeX509ChainHandle () : base(true) {}

internal InternalSafeX509ChainHandle (IntPtr handle) : base (true) {
SetHandle(handle);
}

internal static InternalSafeX509ChainHandle InvalidHandle {
get { return new InternalSafeX509ChainHandle(IntPtr.Zero); }
}

[SecurityCritical]
override protected bool ReleaseHandle()
{
CertFreeCertificateChain(handle);
return true;
}

[DllImport(“Crypt32.dll”, SetLastError=true)]

[SuppressUnmanagedCodeSecurity,
ResourceExposure(ResourceScope.None),
ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]

private static extern void CertFreeCertificateChain(IntPtr handle);
}

public class Win32Helpers
{
[DllImport(“Crypt32.dll”, CharSet=CharSet.Auto, SetLastError=true)]
public extern static
bool CertVerifyCertificateChainPolicy(
[In] IntPtr pszPolicyOID,
[In] SafeX509ChainHandle pChainContext,
[In] ref CERT_CHAIN_POLICY_PARA pPolicyPara,
[In,Out] ref CERT_CHAIN_POLICY_STATUS pPolicyStatus);

[DllImport(“Crypt32.dll”, CharSet=CharSet.Auto, SetLastError=true)]
public static extern
SafeX509ChainHandle CertDuplicateCertificateChain(
[In] IntPtr pChainContext);

[DllImport(“Crypt32.dll”, CharSet=CharSet.Auto, SetLastError=true)]

[ResourceExposure(ResourceScope.None)]

public static extern
SafeX509ChainHandle CertDuplicateCertificateChain(
[In] SafeX509ChainHandle pChainContext);

public static bool IsMicrosoftCertificate([In] SafeX509ChainHandle pChainContext)
{
//————————————————————————-
// CERT_CHAIN_POLICY_MICROSOFT_ROOT
//
// Checks if the last element of the first simple chain contains a
// Microsoft root public key. If it doesn’t contain a Microsoft root
// public key, dwError is set to CERT_E_UNTRUSTEDROOT.
//
// pPolicyPara is optional. However,
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG can be set in
// the dwFlags in pPolicyPara to also check for the Microsoft Test Roots.
//
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG can be set
// in the dwFlags in pPolicyPara to check for the Microsoft root for
// application signing instead of the Microsoft product root. This flag
// explicitly checks for the application root only and cannot be combined
// with the test root flag.
//
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_DISABLE_FLIGHT_ROOT_FLAG can be set
// in the dwFlags in pPolicyPara to always disable the Flight root.
//
// pvExtraPolicyPara and pvExtraPolicyStatus aren’t used and must be set
// to NULL.
//————————————————————————–
const uint MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG = 0x00010000;
const uint MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG = 0x00020000;
//const uint MICROSOFT_ROOT_CERT_CHAIN_POLICY_DISABLE_FLIGHT_ROOT_FLAG = 0x00040000;

CERT_CHAIN_POLICY_PARA PolicyPara = new CERT_CHAIN_POLICY_PARA(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_PARA)));
CERT_CHAIN_POLICY_STATUS PolicyStatus = new CERT_CHAIN_POLICY_STATUS(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_STATUS)));
int CERT_CHAIN_POLICY_MICROSOFT_ROOT = 7;

PolicyPara.dwFlags = (uint) MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG;
bool isMicrosoftRoot = false;

if(CertVerifyCertificateChainPolicy(new IntPtr(CERT_CHAIN_POLICY_MICROSOFT_ROOT),
pChainContext,
ref PolicyPara,
ref PolicyStatus))
{
isMicrosoftRoot = (PolicyStatus.dwError == 0);
}

// Also check for the Microsoft root for application signing if the Microsoft product root verification is unsuccessful.
if(!isMicrosoftRoot)
{
// Some Microsoft modules can be signed with Microsoft Application Root instead of Microsoft Product Root,
// So we need to use the MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG for the certificate verification.
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG can not be used
// with MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG,
// so additional CertVerifyCertificateChainPolicy call is required to verify the given certificate is in Microsoft Application Root.
//
CERT_CHAIN_POLICY_PARA PolicyPara2 = new CERT_CHAIN_POLICY_PARA(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_PARA)));
CERT_CHAIN_POLICY_STATUS PolicyStatus2 = new CERT_CHAIN_POLICY_STATUS(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_STATUS)));
PolicyPara2.dwFlags = (uint) MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG;

if(CertVerifyCertificateChainPolicy(new IntPtr(CERT_CHAIN_POLICY_MICROSOFT_ROOT),
pChainContext,
ref PolicyPara2,
ref PolicyStatus2))
{
isMicrosoftRoot = (PolicyStatus2.dwError == 0);
}
}

return isMicrosoftRoot;
}
}
}
IDX12729: Unable to decode the header ‘[PII of type ‘System.String’ is hidden. For more details, see https://aka.ms/IdentityModel/PII.]’ as Base64Url
encoded string.
At C:Program FilesWindowsPowerShellModulesExchangeOnlineManagement3.5.1netFrameworkExchangeOnlineManagement.psm1:762 char:21
+ throw $_.Exception.InnerException;
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], ArgumentException
+ FullyQualifiedErrorId : IDX12729: Unable to decode the header ‘[PII of type ‘System.String’ is hidden. For more details, see https://aka.ms/Id
entityModel/PII.]’ as Base64Url encoded string.

I tired:

updateing both modules to the latest versionremoveing the  Microsoft.Graph and Microsoft.Graph.Authentication module before connecting to Exchange onlineclearing the token cache file from AppDataLocal.IdentityServicemg.msal.cache

I would like to avoid running two separate script or script isolation like new processes or jobs. Because i need to pass many variables between the two script, input and output.

The app I am using and the cert is okay. If i am running separately it is working, so I can connect Exchange online with it.

Any idea why is this happening? What should i check?

​I am creating a new script. The script is running unattended. The script doing a couple things, the important part here is: setting a new user a license and setting the new user mailbox Address book policy. The address book is an Exchange online task the license is Graph. I am getting an error. How to reproduce the error:1. connect to MgGraph, I am using this commandConnect-MgGraph -TenantId $tenantID -AppId $appID -CertificateThumbprint $CertificateThumbPrint -NoWelcome do some work, Disconnect-MgGraph 2. Connect to Exchange online, in the same script:Connect-ExchangeOnline -CertificateThumbPrint $CertificateThumbPrint -AppID $appID -Organization $tenantID -CommandName Get-EXOMailbox,Get-mailbox,Set-mailbox -SkipLoadingCmdletHelp -ShowBanner:$false The command verbose debug output is this: DEBUG:
using System;
using System.Net;
using System.Management.Automation;
using Microsoft.Win32.SafeHandles;
using System.Security.Cryptography;
using System.Runtime.InteropServices;
using System.Runtime.ConstrainedExecution;
using System.Runtime.Versioning;
using System.Security;

namespace Microsoft.PowerShell.Commands.PowerShellGet
{
public static class Telemetry
{
public static void TraceMessageArtifactsNotFound(string[] artifactsNotFound, string operationName)
{
Microsoft.PowerShell.Telemetry.Internal.TelemetryAPI.TraceMessage(operationName, new { ArtifactsNotFound = artifactsNotFound });
}

public static void TraceMessageNonPSGalleryRegistration(string sourceLocationType, string sourceLocationHash, string installationPolicy, strin
g packageManagementProvider, string publishLocationHash, string scriptSourceLocationHash, string scriptPublishLocationHash, string operationName)
{
Microsoft.PowerShell.Telemetry.Internal.TelemetryAPI.TraceMessage(operationName, new { SourceLocationType = sourceLocationType, SourceLoca
tionHash = sourceLocationHash, InstallationPolicy = installationPolicy, PackageManagementProvider = packageManagementProvider, PublishLocationHash = p
ublishLocationHash, ScriptSourceLocationHash = scriptSourceLocationHash, ScriptPublishLocationHash = scriptPublishLocationHash });
}

}

/// <summary>
/// Used by Ping-Endpoint function to supply webproxy to HttpClient
/// We cannot use System.Net.WebProxy because this is not available on CoreClr
/// </summary>
public class InternalWebProxy : IWebProxy
{
Uri _proxyUri;
ICredentials _credentials;

public InternalWebProxy(Uri uri, ICredentials credentials)
{
Credentials = credentials;
_proxyUri = uri;
}

/// <summary>
/// Credentials used by WebProxy
/// </summary>
public ICredentials Credentials
{
get
{
return _credentials;
}
set
{
_credentials = value;
}
}

public Uri GetProxy(Uri destination)
{
return _proxyUri;
}

public bool IsBypassed(Uri host)
{
return false;
}
}

[StructLayout(LayoutKind.Sequential, CharSet=CharSet.Unicode)]
public struct CERT_CHAIN_POLICY_PARA {
public CERT_CHAIN_POLICY_PARA(int size) {
cbSize = (uint) size;
dwFlags = 0;
pvExtraPolicyPara = IntPtr.Zero;
}
public uint cbSize;
public uint dwFlags;
public IntPtr pvExtraPolicyPara;
}

[StructLayout(LayoutKind.Sequential, CharSet=CharSet.Unicode)]
public struct CERT_CHAIN_POLICY_STATUS {
public CERT_CHAIN_POLICY_STATUS(int size) {
cbSize = (uint) size;
dwError = 0;
lChainIndex = IntPtr.Zero;
lElementIndex = IntPtr.Zero;
pvExtraPolicyStatus = IntPtr.Zero;
}
public uint cbSize;
public uint dwError;
public IntPtr lChainIndex;
public IntPtr lElementIndex;
public IntPtr pvExtraPolicyStatus;
}

// Internal SafeHandleZeroOrMinusOneIsInvalid class to remove the dependency on .Net Framework 4.6.
public abstract class InternalSafeHandleZeroOrMinusOneIsInvalid : SafeHandle
{
protected InternalSafeHandleZeroOrMinusOneIsInvalid(bool ownsHandle)
: base(IntPtr.Zero, ownsHandle)
{
}

public override bool IsInvalid
{
get
{
return handle == IntPtr.Zero || handle == new IntPtr(-1);
}
}
}

// Internal SafeX509ChainHandle class to remove the dependency on .Net Framework 4.6.
[SecurityCritical]
public sealed class InternalSafeX509ChainHandle : InternalSafeHandleZeroOrMinusOneIsInvalid {
private InternalSafeX509ChainHandle () : base(true) {}

internal InternalSafeX509ChainHandle (IntPtr handle) : base (true) {
SetHandle(handle);
}

internal static InternalSafeX509ChainHandle InvalidHandle {
get { return new InternalSafeX509ChainHandle(IntPtr.Zero); }
}

[SecurityCritical]
override protected bool ReleaseHandle()
{
CertFreeCertificateChain(handle);
return true;
}

[DllImport(“Crypt32.dll”, SetLastError=true)]

[SuppressUnmanagedCodeSecurity,
ResourceExposure(ResourceScope.None),
ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]

private static extern void CertFreeCertificateChain(IntPtr handle);
}

public class Win32Helpers
{
[DllImport(“Crypt32.dll”, CharSet=CharSet.Auto, SetLastError=true)]
public extern static
bool CertVerifyCertificateChainPolicy(
[In] IntPtr pszPolicyOID,
[In] SafeX509ChainHandle pChainContext,
[In] ref CERT_CHAIN_POLICY_PARA pPolicyPara,
[In,Out] ref CERT_CHAIN_POLICY_STATUS pPolicyStatus);

[DllImport(“Crypt32.dll”, CharSet=CharSet.Auto, SetLastError=true)]
public static extern
SafeX509ChainHandle CertDuplicateCertificateChain(
[In] IntPtr pChainContext);

[DllImport(“Crypt32.dll”, CharSet=CharSet.Auto, SetLastError=true)]

[ResourceExposure(ResourceScope.None)]

public static extern
SafeX509ChainHandle CertDuplicateCertificateChain(
[In] SafeX509ChainHandle pChainContext);

public static bool IsMicrosoftCertificate([In] SafeX509ChainHandle pChainContext)
{
//————————————————————————-
// CERT_CHAIN_POLICY_MICROSOFT_ROOT
//
// Checks if the last element of the first simple chain contains a
// Microsoft root public key. If it doesn’t contain a Microsoft root
// public key, dwError is set to CERT_E_UNTRUSTEDROOT.
//
// pPolicyPara is optional. However,
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG can be set in
// the dwFlags in pPolicyPara to also check for the Microsoft Test Roots.
//
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG can be set
// in the dwFlags in pPolicyPara to check for the Microsoft root for
// application signing instead of the Microsoft product root. This flag
// explicitly checks for the application root only and cannot be combined
// with the test root flag.
//
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_DISABLE_FLIGHT_ROOT_FLAG can be set
// in the dwFlags in pPolicyPara to always disable the Flight root.
//
// pvExtraPolicyPara and pvExtraPolicyStatus aren’t used and must be set
// to NULL.
//————————————————————————–
const uint MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG = 0x00010000;
const uint MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG = 0x00020000;
//const uint MICROSOFT_ROOT_CERT_CHAIN_POLICY_DISABLE_FLIGHT_ROOT_FLAG = 0x00040000;

CERT_CHAIN_POLICY_PARA PolicyPara = new CERT_CHAIN_POLICY_PARA(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_PARA)));
CERT_CHAIN_POLICY_STATUS PolicyStatus = new CERT_CHAIN_POLICY_STATUS(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_STATUS)));
int CERT_CHAIN_POLICY_MICROSOFT_ROOT = 7;

PolicyPara.dwFlags = (uint) MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG;
bool isMicrosoftRoot = false;

if(CertVerifyCertificateChainPolicy(new IntPtr(CERT_CHAIN_POLICY_MICROSOFT_ROOT),
pChainContext,
ref PolicyPara,
ref PolicyStatus))
{
isMicrosoftRoot = (PolicyStatus.dwError == 0);
}

// Also check for the Microsoft root for application signing if the Microsoft product root verification is unsuccessful.
if(!isMicrosoftRoot)
{
// Some Microsoft modules can be signed with Microsoft Application Root instead of Microsoft Product Root,
// So we need to use the MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG for the certificate verification.
// MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG can not be used
// with MICROSOFT_ROOT_CERT_CHAIN_POLICY_ENABLE_TEST_ROOT_FLAG,
// so additional CertVerifyCertificateChainPolicy call is required to verify the given certificate is in Microsoft Application Root.
//
CERT_CHAIN_POLICY_PARA PolicyPara2 = new CERT_CHAIN_POLICY_PARA(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_PARA)));
CERT_CHAIN_POLICY_STATUS PolicyStatus2 = new CERT_CHAIN_POLICY_STATUS(Marshal.SizeOf(typeof(CERT_CHAIN_POLICY_STATUS)));
PolicyPara2.dwFlags = (uint) MICROSOFT_ROOT_CERT_CHAIN_POLICY_CHECK_APPLICATION_ROOT_FLAG;

if(CertVerifyCertificateChainPolicy(new IntPtr(CERT_CHAIN_POLICY_MICROSOFT_ROOT),
pChainContext,
ref PolicyPara2,
ref PolicyStatus2))
{
isMicrosoftRoot = (PolicyStatus2.dwError == 0);
}
}

return isMicrosoftRoot;
}
}
}
IDX12729: Unable to decode the header ‘[PII of type ‘System.String’ is hidden. For more details, see https://aka.ms/IdentityModel/PII.]’ as Base64Url
encoded string.
At C:Program FilesWindowsPowerShellModulesExchangeOnlineManagement3.5.1netFrameworkExchangeOnlineManagement.psm1:762 char:21
+ throw $_.Exception.InnerException;
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], ArgumentException
+ FullyQualifiedErrorId : IDX12729: Unable to decode the header ‘[PII of type ‘System.String’ is hidden. For more details, see https://aka.ms/Id
entityModel/PII.]’ as Base64Url encoded string.  I tired:updateing both modules to the latest versionremoveing the  Microsoft.Graph and Microsoft.Graph.Authentication module before connecting to Exchange onlineclearing the token cache file from AppDataLocal.IdentityServicemg.msal.cache I would like to avoid running two separate script or script isolation like new processes or jobs. Because i need to pass many variables between the two script, input and output. The app I am using and the cert is okay. If i am running separately it is working, so I can connect Exchange online with it. Any idea why is this happening? What should i check?  Read More

​

Greetings,

I am encountering difficulties while attempting to reinstall Windows 10, and I am concerned about the potential loss of my data and applications. Furthermore, my current hard drive does not offer sufficient storage capacity to create a backup. Despite my efforts to initiate the Windows 10 setup process, it consistently crashes. I have also tried entering safe mode, which allowed me to progress a bit further; however, I was unable to complete the installation due to system limitations. In an attempt to troubleshoot, I disabled all non-Microsoft services and startup programs using ‘msconfig,’ which enabled me to reach 100% completion during the update in normal mode, only for it to crash afterward.

​Greetings, I am encountering difficulties while attempting to reinstall Windows 10, and I am concerned about the potential loss of my data and applications. Furthermore, my current hard drive does not offer sufficient storage capacity to create a backup. Despite my efforts to initiate the Windows 10 setup process, it consistently crashes. I have also tried entering safe mode, which allowed me to progress a bit further; however, I was unable to complete the installation due to system limitations. In an attempt to troubleshoot, I disabled all non-Microsoft services and startup programs using ‘msconfig,’ which enabled me to reach 100% completion during the update in normal mode, only for it to crash afterward.  Read More

​