troubleshooting

Please be aware of EUDT. BE unethical and dirty domain sales tricks (EN version)

fraudwarning

For the last 2 months I have been receiving some fraudulent, unethical and threatening mails from a company named “European Domains & Trademarks”, with the e-mail domain EUDT.BE, registered company name “Domeinnaam Register”.

The company is linked to: http://www.domeinnaamregister.com/ en http://www.nederlandsdomeinregister.nl/
In the Netherlands the company is registered as KVK: 64626679 and VAT: NL201158802B01. (as published on their website, the commerce register and DNS registrar).

The company is making false claims and is using unethical practices, and scaring people to extort money and scamming people into ridiculous expensive and fraudulent contracts.

The official registration owner of this URL and company is a Dutch company that is a very well known for very bad scamming practices.
And also the Belgian domain registration authority is warning for this company:
https://www.dnsbelgium.be/en/news/watch-out-domain-name-offers-domeinnaamregistercom

This is not their first warning, it already was reported in 2013 and 2016 (see below).

Also in the Netherlands, this organization is known and has been reported for the same malpractices before, like:

What it is about?

See full text at end of this post.

In short, he company contacts people, entrepreneurs, company owners pretending that they received a request to register a domain name (like company.nl) similar to the company domain you already registered (like company.com) and that they are legally forced to contact you to offer the first registration.

Next they say that they are obliged to register and protect the domain name for 10 year for €19.75 (ex VAT!) per year. And you need to pay this in one shot.

And a lot more bullshit in the mail…

What should you do?

  • DO NOT react to the mail, and ignore the mail,
  • before deleting the mail: report these practices to the authorities (eg Ministry of Economic Affairs)

If you really want that domain

  • DO NOT react to the mail, ignore the mail, delete the mail
  • contact your favorite, official and trusted registrar and by the domain via the regular / official channel

Why is this bullshit?

Please be aware that

  • domain registration is on a “first come, first serve” basis (unless it’s a malicious registration to harm a target company)
  • domains like .BE,  .NL, EU… cost about €6, €8, … 12 EUR per year.
  • Some registrars offer decent discounts, so it can be even cheaper.
  • You can renew domains YEARLY, no need to pay 10 years upfront.

See also

(BE-NL) Verkooptrucs met domeinnamen (*) (Credits: Dries Van Giel op 15 juni 2018)

More information

Credits: Dries Van Giel (*)

Belgium

Official warnings by DNS.BE

Official registrars

Warnings from official domain registrars and site hosters (no strings attached!)

Log a complaint at

If you’re already been caught by these #holes, you can register a complaint at: https://meldpunt.belgie.be/meldpunt/nl/welkommeldpunt.belgie.be

Netherlands

Full text (NL)

(Source: Happywebsites)

Geachte heer/mevrouw ,

Recent hebben wij telefonisch contact met u op proberen te nemen. Dit is tot op heden nog niet gelukt. We sturen u dus een email met daarin informatie over het volgende:
We hebben een aanvraag binnen gekregen om de website http://www.questforsecurity.eu te laten registreren. We zien in ons systeem dat u de eigenaar bent van http://www.questforsecurity.be. Helaas kan dit voor u in de toekomst verstrekkende gevolgen hebben. We zijn daarom dus wettelijk verplicht om contact met u op te nemen om u het eerste registratierecht te bieden. Dit houdt in dat wij de aanvraag van de derde partij afwijzen en de website:

http://www.questforsecurity.eu

Na een akkoord zullen doorlinken naar:

http://www.questforsecurity.be

Het komt er op neer dat u de eerste optie op de domeinnaam krijgt, dit om eventuele problemen in de toekomst te voorkomen. De aanvraag is gedaan vanuit de regio Antwerpen.
Doorgaans zijn wij verplicht om de domeinnaam voor 10 jaar vast te leggen en te beschermen. De jaarlijkse prijs voor de .EU extensie is € 19,75 per jaar. Dit betekent dus een eenmalig bedrag van €197,50. Wanneer de doorlink voltooid is, zal al het verkeer wat naar de .EU extensie gaat, automatisch op uw .BE extensie terecht komen. De verwerking hiervan duurt maximaal 24 uur. Deze domeinnaam is dan wereldwijd bereikbaar. De derde partij wordt afgewezen en deze kan niks met uw domeinnaam doen.
Overige informatie:

U ontvangt een eenmalige factuur van €197,50 exclusief BTW voor een looptijd van 10 jaar.

Na een jaar kan het ten alle tijden geannuleerd worden. U krijgt dan het resterende aantal jaren op uw rekening teruggestort.

Indien u hiermee akkoord gaat, stuur dan binnen 24 uur na ontvangen van deze email een akkoord per mail naar met daarin uw naam, en factuurgegevens naar; bart@eudt.be
Hierop volgend gaan wij de derde partij afwijzen en de doorlink in orde maken. U krijgt dezelfde dag nog alles per mail toegestuurd met alle informatie die u nodig heeft.

Met vriendelijke groeten,

Bart Mulder
European Domains & Trademarks
http://www.eudt.be
bart@eudt.be

And also


Reynaud Laurent
European Domains & Trademarks
http://www.eudt.be
reynaud.laurent@eudt.be

Better be smart.
Be safe.

And I hope these ### will be stopped sooner than later.

Advertisements

#MIM2016 Troubleshooting: SQL Connection issues

On TNWiki you’ll find my latest article on MIM 2016 troubleshooting.

MIM 2016 Troubleshooting: SQL Connection issues

This week I got (dragged into/) involved in a MIM 2016 performance troubleshooting, on a test / dev server, facing a large bunch of errors.

The first detection happened on the sync server, but apparently rather it’s twin brother was causing the issues.

It became pretty quickly obvious that MIM was not able to connect to (one of) it’s databases on the SQL server, so the sync engine was unable to pull information from the MIM service.

Also bizar, we could still work on the MIM sync GUI, but almost any MA action in the GUI failed…

Furthermore the Portal did not respond and finally the “MIM Service” service, didn’t behave as expected, not willing to start.

The event viewer contained the obvious amount of errors…

Finally,  the SQL DBA to the rescue.

I’ve added a lot of significant technical event info into the article, to make it easy to search for you, for later reference.

Read the tech details in: MIM 2016 Troubleshooting: SQL Connection issues

Note-To-Self: ICYMI, #MIM2016 Support for SQL Always On Availability groups

Based on a recent customer support experience with MIM (migrating from MIM 2016 RTM to SP1 latest hotfix), I ran into a few issues…

They have been documented here:

And also

While investigating the MIM Performance, we bumped into some SQL configuration issues, seriously impacting the MIM performance.
Finally ending up with staging the latest hotfix on MIM… (which is in general always a good idea and best practice).

But, talking the SQL performance, in that troubleshooting exercise another question popped up, again: Always on Availability groups.

And while this has been an issues for long time, the good news is : as of MIM 2016 SP1 (4.4.1459.0 or Later), Always On Availability groups are now supported.

You can find the announcement here: https://blogs.technet.microsoft.com/iamsupport/2017/03/22/microsoft-identity-manager-2016-sp14-4-1459-0-or-later-support-for-sql-2016-always-on-availability-groups/

Strangely enough it’s not mentioned in the KB article for the hotfix: SP1 March 2017 Hotfix (4.4.1459.0),

Still, the page on SQL Server availability solutions for Microsoft Identity Manager services databases, is not mentioning AoA, see here: https://support.microsoft.com/en-us/help/3200896/sql-server-availability-solutions-for-microsoft-identity-manager-servi

So, you need to keep that one in your MIM knowledge backpack.

#MIM2016 Troubleshooting: Uninstall fails with error – Administrator privileges are required to run installer. Please re-launch installer with administrator privileges.

I’ve got a new post up on TechNet Wiki about MIM2016 troubleshooting:

Full version at the TNWIKI: MIM2016/FIM2010 Troubleshooting: Uninstall fails with error – Administrator privileges required

Feel free to add useful information yourself, I’m looking forward to your feedback and cooperation to make it better.

The short version is below.

Rikard Strand Jump has published a similar article, which has served as baseline for this article. Rik’s article is focussed on DirSync, but the troubleshooting below is more widely applicable and even programs not related to FIM/MIM/DirSync…

When you try to uninstall or to change the component from the Control Panel > Programs (Uninstall a program), you get a error pop up, saying:

Administrator privileges are required to run installer. Please re-launch installer with administrator privileges.
There are some troubleshooting steps, including running the Control Panel in administrator mode.
If that doesn’t work, you need to find the uninstaller info in the registry and run the msiexec command with the uninstaller info.
Open the registry editor and navigate to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\

In this directory you’ll find the installed programs with their GUID, which is mostly fixed per application.

Eg

  • MIM 2016: {5A7CB0A3-7AA2-4F40-8899-02B83694085F}
  • DirSync/AADConnect: {C9139DEA-F758-4177-8E0F-AA5B09628136}

And finally, the quick and dirty option is to kill the uninstall registry key before your run the uninstall from the control panel again

In case of MIM2016
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5A7CB0A3-7AA2-4F40-8899-02B83694085F}
You know the usual warning: I didn’t tell you to delete the registry key.

Note-to-self: You lost access to your initial Office 365 admin?

Although Microsoft has built in quite some methods to regain access to your 0365 tenant/account, you might have some bad luck one day… (experience talking here)

First of all you should try the default options, meaning : the password reset options.

The direct way to get there is the first link to bookmark: https://passwordreset.microsoftonline.com/

Another way to get there is in the 0365 logon page (also for Azure),

o365_1

If you forgot your password or can’t access the account, hit the link at the bottom.
You get directed to :

o365_2

If you know the logon, you can proceed to

o365_3

You notice that the verification is pointing to your alternative mail address or your mobile number…

But what if you forgot your original logon ID (mail address), eg in case you have setup a test tenant in 0365 with an mail address you don’t use frequently? (yes, that happens)

If that is not working or you need more help, check these options:

And if you really ran out of luck: you might raise a ticket and ask for help. https://portal.office.com/support/newsignupservicerequest.aspx

Anyway, as shown there are some options when configuring 0365 that should keep you out of trouble in the first place

  • make sure to add a mobile number to your user account
  • make sure to add a secondary email address to your account (not belonging to your O365 domain)
  • Configure and test MFA (multifactor Authentication), eg with the Authenticator app
  • add a secondary admin account with sufficient rights (with the same security measures!)

June 2017: @TroyHunt is back in Belgium for his workshop ‘Hack Yourself First’. Wanna join?

ZIONSECURITY will be welcoming Troy Hunt again. The 1st and 2nd of June, he will be leading a ‘Hack Yourself First’ workshop where he will teach professionals how to break into their own applications. Find out the program and register here!

#update: download the flyer with program and details here: Flyer Troy Hunt June.

I have been there the last time, it was great fun, lots of interaction. And I certainly would recommend you to join.

What if you really wanna join, but your boss is not willing to sponsor? (While he SHOULD!).
Or any other silly reason you can’t attend?

Well, you know, if you can provide me a very good, strong, original and unique argument why you MUST be at this workshop, you might be lucky.

You know the channels to reach out to me and test your luck.

Some suggestion, send me a direct message:
1. Comment on this post,

2. mail me, tweet me (direct message!), F@ceBook me, LinkedIn …

Convince me and it could be you sitting at the first row.

Note-to-self: Windows 10 numeric keypad not working

Once they know you do “something with computers”, you can’t escape your family request fixing anything that goes wrong on machines with a CPU, right?

Last weekend a laptop was dropped of with a bizare symptom: once logged in, the numeric keypad stopped working.
Freshly migrated to Windows 10, a Toshiba Satellite c(something)…

When you quickly search for it on bing/google… you’ll find some hints like

  • updating BIOS (check, latest installed)
  • checking BIOS (well, …nah, it is working at logon)
  • registry settings (maybe, but ..nope, lets first try the normal stuff)
  • some other windows settings

This one got me started, but actually discussed the solution for Windows 7.
” if you have Windows 7, just go to Ease of Access Center >>>>>> Turn on Mouse Keys and make sure it’s unchecked”

Well, how about Windows 10?

First go to Settings.

w10settings

Find the Ease Of Access

Within Ease of Access, check the Mouse option

w10_eoa_mouse

In the Mouse settings, check the Mouse Keys settings.
Make sure the option to “use numeric keypad to move mouse around the screen” is disabled/off.

Easy, simple, but this single setting isn’t easily found, as you won’t think about mouse settings.

Certainly, when searching apps, files and settings, and the setting does not show up when typing “numeric” or “keypad”