Author: Adam Fowler

Oculus Quest Free Utilities Guide

Posted on by Adam Fowler

I’ve reviewed the Oculus Quest separately, but in short it’s a really impressive piece of technology that’s ‘good enough’ graphics wise, and great at everything else.

If you’re a tinkerer however, you’ll want to do more than just use whatever is on offer via the Oculus Quest store. Here’s some free 3rd party utilities to get more out of your VR device:

SideQuest – This is an app to install on your PC which lets you sideload (install) apps outside of the Oculus Quest store. As the device is running on Android, if you’ve played around in that space before you’ll be fairly comfortable with this. Follow the Guide to set this up, you can’t break or brick your device but you could make things a bit messy; worst case is a factory reset.

At a very high level, you’re creating an Oculus Quest developer account (incredibly easy), and allowing 3rd party app installs to your device. Any app loaded via SideQuest won’t appear with a nice giant picture in the main screen, they’re found under Library > Unknown Sources.

There’s a bunch of specially built games and apps for the Oculus Quest already, as well as free betas of games that will launch later. If you’re looking for more free content for your device, this is the easiest way to get it installed.

SideQuest also has detailed Beat Saber integration where you can download and sync custom songs to play using bsaber.com as well as the ability to manage existing apps installed on the device – uninstall, clear data etc.

Scrcpy– This is a utility to run on a computer, that lets you mirror the view from inside the headset. Natively, the Oculus Quest can do some screen sharing via Chromecast, or mirroring to a mobile device, but it’s app dependent, and in beta.

Scrcpy has the ‘negative’ point of giving you the actual view from the headset, as in two giant round circles of graphics rather than a single rectangle view, but it’ll work in all scenarios. It’s really handy when you are trying to talk someone else through how to do something. You can reduce the view to a single circle with certain parameters when running (more below).

It’s possible to do this wirelessly and works quite well. Here’s a batch file you can run that’ll connect the Oculus Quest and launch the viewer. Note you will just see a black screen in the program until the Quest’s sensor starts displaying something.

Questview.txt (download, rename to Questview.Bat, and place in your folder where scrcpy is installed)
Download

@echo off
echo Plug in the Oculus Quest via USB-C
pause
for /f "tokens=9" %%a in ('adb shell ip route') do (echo IP of Oculus GO: %%a&set ipaddr=%%a)
adb tcpip 5678
echo Unplug the Oculus Quest's USB-C Cable
pause
adb connect %ipaddr%:5679
echo Connected! Launching scrcpy...
scrcpy.exe -c 1440:1600:0:0

ALVR (Air Light VR)- This is a utility to run on a computer to be able to use the Oculus Quest like any other VR device that would be plugged directly in (such as an Oculus Rift S).

This opens up a huge library of games and programs to run. You can play any Steam VR game this way – but really fast moving games like Beat Saber can be a bit sensitive to the latency added by wireless – but another game like Rick and Morty: Virtual Rick-ality works perfectly. A 5GHz router is recommended for this for higher throughput, and the Oculus Quest supports this too.

You’ll need to install the ALVR APK onto your headset (SideQuest can do that!), and install the ALVR Server software on the PC and run the ‘alvr.exe’ program.

Side note: Virtual Desktop does the same as ALVR, but it’s a paid product. Early on they were about the same, but Virtual Desktop seems to be a better and smoother experience now, so could be worth considering if you like ALVR.

With these three free solutions, you can get a lot more out of your Oculus Quest. Opening up the Steam library, being able to see what the wearer of the headset is seeing, and being able to add apps outside the Oculus ecosystem all add a lot of extra value to this already impressive (in my opinion) device.

How To Check What Files Are In Use On A Remote Windows Computer

Posted on by Adam Fowler

This one had me stumped for a while, and I even asked on Twitter with a large amount of replies (thanks everyone who did!) but none that I could get to work, or that weren’t overly complicated requiring the compiling of code.

It’s easy locally to find out what files are open, and here’s a great article covering several free ways: https://www.winhelponline.com/blog/find-process-locked-file-openfiles-utility/

None of those worked remotely for me in a Windows 10 environment – but I thought Handle from the SysInternals Suite would be the best bet. Running locally, it did exactly what I wanted – a giant list of every file open, and say what process had it open (like WinWord.exe).

Using PSExec with Handle however, causes it to forever wait for something. On the remote PC, it definitely launches handle.exe and handle64.exe, but they have no activity. I thought it might be the EULA prompt getting stuck somewhere, but there’s a registry setting that will autoaccept that prompt, and putting that in place didn’t help (but I did check locally and it was skipping the EULA agree prompt. Thanks to this blog post explaining the reg key required https://peter.hahndorf.eu/blog/post/2010/03/07/WorkAroundSysinternalsLicensePopups which was:

reg.exe ADD HKCU\Software\Sysinternals /v EulaAccepted /t REG_DWORD /d 1 /f

I added this to the remote machine under both the user logged on to the remote device, and the user I was connecting as, with no luck.

After a bunch of Googling and trying solutions, I ended up finding this thread on stackoverflow. One of the answers with 0 votes (which can be easily overlooked) was a PowerShell script, invoking the command remotely, from a user called A.D – thank you A.D!

I’ve barely modified it for my purposes, but if this helps you please go vote his post up on stackoverflow (I did but don’t have enough rep for it to show):

$computerName = 'computername'
 $stringtoCheck = 'test' # String you want to search for, can be blank by removing text between '' quotes
 $pathtoHandle = 'c:\temp\handle.exe' #location of handle.exe on the remote server.
 Invoke-command -ComputerName $computerName -Scriptblock {
     param(
     [string]$handles,
     [string]$stringToCheck
     )
      "$handles /accepteula $stringToCheck" | Invoke-Expression 
     } -ArgumentList $pathtoHandle,$stringtoCheck

The script requires handle.exe to be on the remote computer under C:\Temp, and that of course you have admin rights to the remote PC with the account this script is being run. Beyond that, it’ll show back all open files that match the variable set in $stringtocheck across any of the results – it could be the path, the process that has the file open etc.

Why would you want to do this remotely at all? You might be troubleshooting something to do with open files and not want to interrupt the user. You might have a reason to see what files the user has open, or maybe it’s a locked PC and the user left.

Hope this helps others as it was a much harder task to accomplish than I assumed.

Converting a user mailbox to shared in Exchange Online Hybrid

Posted on by Adam Fowler

This is a useful process a lot of companies follow when an employee departs: Instead of deleting the mailbox, or continue to leave the mailbox in place and pay for licensing, it’s possible to instead set it as a shared mailbox and keep the data there for free.

There are some catches to this, such as the maximum amount of data is 50gb. You also can’t delete the user’s account, but it can be disabled and moved.

Setting the mailbox from User to Shared in Exchange Online is easy (from docs.microsoft.com):

In the admin center, go to the Users > Active users page.

Choose the user whose mailbox you want to convert.

In the right pane, choose Mail. Under More actions, choose Convert to shared mailbox.

…but there’s two tricks I’ve found when doing this in a hybrid environment. First, docs.microsoft.com says to update the status of the mailbox for Exchange On-Premises:

If this shared mailbox is in a hybrid environment, we strongly recommend (almost require!) that you move the user mailbox back to on-premises, convert the user mailbox to a shared mailbox, and then move the shared mailbox back to the cloud.

That’s a tedious process to do just to make it shared. As they point out, you can change some AD attributes locally to get around this, but there’s still some scenarios where it might get set back as a user, have no license, and end up getting deleted.

This other article on support.microsoft.com however, mentions the main way of getting around this: by setting the account’s msExchRemoteRecipientType and msExchRemoteRecipientTypeDetails attributes to the corresponding values that would match it’s state in Exchange Online:

Set-ADUser -Identity ((Get-Recipient PrimarySmtpAddress).samaccountname) -Replace @{msExchRemoteRecipientType=100;msExchRecipientTypeDetails=34359738368}

This 1 line command will set the attributes correctly, you can check via PowerShell or the Exchange Management Console to see that the mailbox will now show as ‘Shared’.

Update 3rd March 2020: Last time I tried the above, it didn’t work. The good news is that as long as you’re on Exchange 2013 CU21 or later and Exchange 2016 CU10 or later, you can just use the command:

Set-RemoteMailbox -Identity user -Type Regular

This fixed the on-premises status of the mailbox, even though I’d already moved it online. So, worth trying first before doing anything, as it should correctly do both if you Thanks Arttu Astila for the tip! /End of update

The other problem I’ve seen is if a mailbox is Unified Messaging (UM) Enabled, and converted to Shared. You’d think that it would either just lose it’s UM status, or let you configure the UM settings after the fact; but neither are correct. If it’s holding onto an extension number as part of UM, even in it’s Shared Mailbox state it will continue to hold it, and block any other account from using the extension in the future.

To get around this issue, the account will need to both be changed back to a user account from shared, and given a license that supports UM. If you try to disable UM on the account with either of these requirements, you’ll see an error like these:

User [email protected] is already disabled for Unified Messaging.

License validation error: the action ‘Disable-UMMailbox’, ‘Identity’, can’t be performed on the user ‘Test User’ with license ‘BPOS_S_Standard’.

With all of the above, changing a user to a departed mailbox in a hybrid environment with Unified Messaging should be:

  1. Disable Unified Messaging on the user
  2. Set the attributes of the AD account as shared
  3. Set the Exchange Online mailbox as shared

It should work well if you do things in the right order, but it’s easy to not be aware of this and get things into a mess.

There’s also the scenario where you might create an account, give it Office 365 licenses and have a mailbox automatically created before you did it on-premises, or used Exchange On-premises to create the mailbox remotely.

You can fix that by using this script from Adaxes (doesn’t need their software!) which will tell on-premises Exchange about the mailbox and create the record.

I’ve come across another blog that goes into some of this http://jetzemellema.blogspot.com/2016/02/convert-user-mailbox-to-shared-in.html but I haven’t needed to change the license status, but it’s worth mentioning in case there’s a scenario you hit where you do.

Outlook has Blank Emails in the PersonMetadata Folder

Posted on by Adam Fowler

Update 4th June 2020

This is a known issue with Microsoft’s guidance on it available here

Original post

If you use the Outlook client and have a mailbox located in Exchange Online, you might discover mystery blank emails located in a folder called ‘PersonMetadata’. They’re unread, with a blank from/to/subject field and no contents visible, with a size of 2KB. Trying to open them results in opening a blank new email.

They don’t turn up in a normal Outlook search, but will show if you create a Search Folder, and you’ll see a lot of them. The folder itself is hidden by default, and you could use MFCMapi to see the folder in someone’s mailbox.

According to this Microsoft Support article, they’re objects used for Outlook Customer Manager, which actually sounds like a pretty useful set of features around tracking customer relationships and sharing contacts.

I logged a case with Microsoft to try and find out more, and see if this could be disabled. I was told that Outlook Customer Manager is actually enabled in all tenants and mailboxes, regardless if the feature is being used or even ‘on’. There are some forums talking about turning this feature off, but the licensing option is only in some tenants (from what I can tell, Business customers) and not an option at all for Enterprise customers. Too bad if you don’t want this feature!

It’s also recommended by support to not delete these items – and more will just turn up anyway don’t waste your time doing that.

There is also possibly a future patch to Outlook to hide these results, but at the time of writing it was only stated as a possibility with no confirmation or ETA.

I did work out a workaround though – adding an extra filter to the Search Folder:

  • Find the Search Folder in Outlook and right click > ‘Customize this search folder’
  • Click the Criteria button.
  • Click the ‘Advanced’ tab and from the ‘Field’ dropdown menu, choose ‘Frequently-used fields’ and then ‘To’.
  • Type ‘@’ into the Value field and press the ‘Add to List’ button.

Your screen should look like this, and press OK. Because the empty looking mail objects have no To or From field, but any normal email will have to have an ‘@’ in the email address, the results you now see for the Search Folder won’t include the blank objects.

For those who use Search Folders, this is a reasonable workaround but let’s hope it gets fixed properly.

Update 7th May 2020

I’ve had a lot of people visit this blog recently, so I’m guessing something more drastic has broken. If you’re using an inbuilt Search Folder, then the ‘Criteria’ button may be greyed out. You can instead create a new Search Folder by right clicking ‘Search Folders’ and choosing ‘New Search Folder’:

From this New Search Folder window, scroll to the bottom and choose ‘Create a custom Search Folder’. Then press the ‘Choose’ button, which should have the ‘Criteria’ button available.

Cyber Security Essential Eight and Microsoft

Posted on by Adam Fowler

I wrote a 2 part piece on Australia’s Cyber Security Essential Eight and Microsoft over at 24x7ITConnection. Here’s Part 1 and Part 2, where I covered what the Essential Eight are, why they’re a risk, and where Microsoft can help in both a on-premises sense as well as cloud.

I don’t normally cross post from here what I write on other areas, but I put a fair bit of effort into writing this up, and thought it was worth resharing. Regardless if you’re Australian or not, our government actually has practical recommendations on what you should be looking at to harden your IT environment.

If you haven’t looked at these before, see how many of the eight you can tick off. If you can’t tick all eight, then I encourage you to work towards those gaps. Here’s what the eight areas are:

Application whitelisting

Patching applications

Office macros

Harden user applications

Restricting administrative privilege

Patching operating systems

Multi-factor authentication

Backup daily

All pretty obvious, but getting these perfect is still a very big undertaking. We’re seeing more and more security breaches in all different ways, so please don’t think of these items as ‘something to worry about later’!