[{"content":" 🧠 Welcome to CorrCloud # My homelab is the foundation for everything I test, learn, and build.\nIt mirrors many of the systems I design professionally — just scaled for home — giving me a sandbox for automation, Microsoft 365 integration, and infrastructure engineering.\nThis lab blends enterprise-grade tools, open-source platforms, and custom scripting into a cohesive private environment.\n🏗️ Virtualization Environment # At the core of CorrCloud is a clustered virtualization platform hosting a mix of:\nWindows and Linux virtual machines Lightweight LXC containers Docker-based application stacks This setup lets me test migrations, backup workflows, Active Directory sync, Intune configurations, and even cloud integrations — all without touching production tenants.\nMost workloads are managed through a centralized hypervisor interface with automated snapshots and a layered backup strategy.\n🌐 Network \u0026amp; Access Design # Networking is fully segmented into logical zones separating:\nCore services Lab systems Containers and IoT devices Guest and management networks Traffic is routed through a next-gen gateway appliance with VLAN isolation and SSL inspection for select traffic flows.\nAll management interfaces are kept off the primary LAN, and everything external routes through a reverse proxy with SSL certificates managed automatically.\nThis approach gives me a “mini data center” feel while keeping the environment safe and cleanly separated.\n⚙️ Services \u0026amp; Automation # Category Description Infrastructure Management Hypervisor cluster with automated VM health checks, templates, and scheduled snapshot retention. Monitoring \u0026amp; Security Open-source tools providing visibility, logging, and alerting across hosts and containers. Web \u0026amp; App Hosting Reverse proxy environment with self-hosted web apps, internal dashboards, and a documentation portal. Scripting \u0026amp; Tooling Custom PowerShell and Python scripts for Active Directory audits, M365 tenant discovery, and server health validation. Game \u0026amp; Media Lab Lightweight workloads used for container testing, game hosting, and entertainment services — often rebuilt for fun. All services are orchestrated with a goal of efficiency, resilience, and simplicity, making it easy to rebuild or expand.\n📊 Current Focus Areas # Experimenting with Microsoft 365 tenant automation Integrating homelab telemetry into cloud dashboards Building a custom health check dashboard for client environments Testing container-based DevOps pipelines and deployment automation Continuing to refine network segmentation and remote access security 🧭 Long-Term Goals # Migrate workloads into a dedicated virtualization cluster Centralize logging and monitoring Build a unified management dashboard Implement ephemeral VM testing pipelines Expand homelab documentation for public sharing 💬 Why I Built Corr Cloud # This lab started as a simple file server and turned into a hands-on learning environment.\nIt lets me explore enterprise concepts — like automation, clustering, cloud hybridization, and security — in a way that’s practical, visual, and self-contained.\n\u0026ldquo;The best way to learn is to build it yourself — and then make it better.\u0026rdquo;\nA high-level look at my homelab structure — virtualization, networking, and service layers working together.\n","date":"2 November 2025","externalUrl":null,"permalink":"/homelab/","section":"","summary":"CorrCloud — my personal homelab for exploring virtualization, automation, cloud integration, and enterprise IT design.","title":"","type":"homelab"},{"content":"","date":"21 November 2025","externalUrl":null,"permalink":"/categories/","section":"Categories","summary":"","title":"Categories","type":"categories"},{"content":"","date":"21 November 2025","externalUrl":null,"permalink":"/","section":"Corr Cloud","summary":"","title":"Corr Cloud","type":"page"},{"content":"","date":"21 November 2025","externalUrl":null,"permalink":"/tags/homelab/","section":"Tags","summary":"","title":"Homelab","type":"tags"},{"content":"","date":"21 November 2025","externalUrl":null,"permalink":"/categories/homelab/","section":"Categories","summary":"","title":"HomeLab","type":"categories"},{"content":"","date":"21 November 2025","externalUrl":null,"permalink":"/categories/proxmox/","section":"Categories","summary":"","title":"Proxmox","type":"categories"},{"content":"","date":"21 November 2025","externalUrl":null,"permalink":"/tags/proxmox/","section":"Tags","summary":"","title":"Proxmox","type":"tags"},{"content":" Remove Proxmox Subscription Popup # Below is a clean, step‑by‑step Markdown guide you can drop straight into your docs or GitHub.\nOverview # Proxmox shows a subscription warning popup if you\u0026rsquo;re using the free edition. This guide walks you through disabling that popup by modifying the proxmoxlib.js file.\n⚠️ Warning: This is not an officially supported modification. System updates may overwrite these changes, requiring you to re‑apply them.\nSteps # 1. Navigate to the Proxmox widget toolkit directory # cd /usr/share/javascript/proxmox-widget-toolkit/ 2. Back up the original file # cp proxmoxlib.js proxmoxlib.js.bak 3. Edit the file # nano proxmoxlib.js Inside the file, search for the following line:\ntitle: gettext(\u0026#39;No valid subscription\u0026#39;), 4. Modify the subscription check # Locate the section containing:\n.data.status.toLowerCase() !== \u0026#39;active\u0026#39;) Change the operator from:\n!== to:\n=== This reverses the logic so the popup never triggers.\n5. Restart the Proxmox proxy service # service pveproxy restart 6. Clear your browser cache # A cached JS file may cause the popup to continue showing. Clearing your cache ensures the updated script loads.\nAll done! 🎉 # The subscription popup should now be gone!\nIf it ever comes back after an update, just repeat these steps.\n","date":"21 November 2025","externalUrl":null,"permalink":"/homelab/proxmox/remove-subscription-popup/","section":"","summary":"","title":"Remove Proxmox Subscription Popup","type":"homelab"},{"content":"","date":"21 November 2025","externalUrl":null,"permalink":"/tags/","section":"Tags","summary":"","title":"Tags","type":"tags"},{"content":" 👋 Hey, I’m Kolton # I’m a Senior Systems Engineer working at a Managed Service Provider, where I design, build, and support solutions that keep organizations secure, efficient, and connected.\nMy work lives at the intersection of cloud architecture, automation, and hands-on problem solving — blending enterprise-level reliability with creativity and speed.\n💼 What I Do # I spend most of my time architecting and managing environments built around:\nMicrosoft 365 \u0026amp; Azure Entra ID — identity, security, compliance, and hybrid integration Backup \u0026amp; Disaster Recovery — Veeam, Microsoft 365 protection, and business continuity planning Email Systems \u0026amp; Migrations — Exchange Online, DKIM/SPF/DMARC, and secure routing Virtualization — Hyper-V, VMware, and Proxmox cluster design Automation \u0026amp; Scripting — PowerShell, Graph API, and custom tooling for health checks and reporting Security \u0026amp; Governance — Intune compliance, Defender for Cloud Apps, and conditional access policies Every project is an opportunity to blend performance, automation, and security into something elegant.\n⚙️ My Homelab # Outside of work, I maintain a personal homelab — an ever-evolving playground for testing enterprise concepts on a smaller scale.\nIt’s where I prototype new automation scripts, validate deployment models, and experiment with technologies like:\nVirtualization clustering and container orchestration Microsoft 365 tenant automation and telemetry Centralized monitoring and reverse proxy setups Secure remote access and identity-based segmentation My lab, CorrCloud, doubles as both a learning space and a creative outlet — a private cloud that constantly evolves alongside my professional skillset.\n💡 Philosophy # “Build to understand. Automate to improve. Share to teach.”\nI believe technology should be practical, resilient, and human-focused.\nMy favorite part of engineering isn’t just getting systems to work — it’s understanding why they work, documenting it clearly, and helping others grow from it.\n🧰 Core Competencies # Category Expertise Cloud \u0026amp; Identity Microsoft 365, Azure AD / Entra ID, Exchange Online Automation PowerShell, Graph API, scripting workflows Infrastructure Hyper-V, VMware, Proxmox, Windows Server Security \u0026amp; Compliance Intune, Defender, Conditional Access, DLP Networking FortiGate, UniFi, VLAN design, VPN Backup \u0026amp; DR Veeam, M365 retention, recovery strategies ☕ Outside the Console # When I’m not deep in logs or scripting automation, I’m probably:\nTinkering with my homelab setup Writing documentation for my site Spending time with my family Finding new ways to make tech a little more fun A systems engineer with a love for infrastructure, automation, and a good cup of coffee.\n","date":"2 November 2025","externalUrl":null,"permalink":"/aboutme/","section":"","summary":"Senior Systems Engineer at an MSP | Microsoft 365 • Virtualization • Backup \u0026amp; DR • Automation • Security","title":"","type":"aboutme"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/arr/","section":"Tags","summary":"","title":"Arr","type":"tags"},{"content":" Overview # This is my full Arr Stack — a collection of containers that work together to automate media downloading, management, and subtitles.\nThe stack includes all the core Arr applications plus a VPN layer, torrent client, subtitle automation, and metadata support.\nComponents # Prowlarr – Central indexer management that integrates with Sonarr and Radarr. Sonarr – TV show management and automation. Radarr – Movie management and automation. Bazarr – Subtitle downloading and syncing for Sonarr/Radarr media. Lidarr (optional) – Music management (currently disabled). Readarr (optional) – Book management (currently disabled). FlareSolverr – Solves Cloudflare or CAPTCHA-protected search indexer pages. Gluetun – VPN container providing network privacy and port forwarding. qBittorrent – Torrent client running inside the Gluetun VPN network. Huntarr – Search aggregator with an intuitive UI for manual searches. Unpackerr – Extracts and moves completed downloads for Radarr and Sonarr. Environment Variables Required # The following variables are required for the stack to function properly:\nVariable Purpose PIA_USERNAME Private Internet Access VPN username PIA_PASSWORD Private Internet Access VPN password UNPACKERR_SONARR_API_KEY API key from Sonarr for Unpackerr integration UNPACKERR_RADARR_API_KEY API key from Radarr for Unpackerr integration These are stored securely in an .env file and referenced by the compose file.\nDocker Compose Configuration # services: prowlarr: image: linuxserver/prowlarr:latest container_name: arr-suite-prowlarr environment: - PUID=1000 - PGID=1000 - TZ=America/Chicago volumes: - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/prowlarr:/config expose: - 9696/tcp ports: - 9696:9696 restart: unless-stopped sonarr: image: linuxserver/sonarr:latest container_name: arr-suite-sonarr environment: - PUID=1000 - PGID=1000 - TZ=America/Chicago volumes: - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/sonarr:/config - /mnt/media:/mnt/media expose: - 8989/tcp ports: - 8989:8989 restart: unless-stopped radarr: image: linuxserver/radarr:latest container_name: arr-suite-radarr environment: - PUID=1000 - PGID=1000 - TZ=America/Chicago volumes: - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/radarr:/config - /mnt/media:/mnt/media expose: - 7878/tcp ports: - 7878:7878 restart: unless-stopped # lidarr: # image: linuxserver/lidarr:latest # container_name: arr-suite-lidarr # environment: # - PUID=1000 # - PGID=1000 # - TZ=America/Chicago # volumes: # - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/lidarr:/config # - /mnt/media:/mnt/media # expose: # - 8686/tcp # ports: # - 8686:8686 # restart: unless-stopped # readarr: # image: linuxserver/readarr:develop # container_name: arr-suite-readarr # environment: # - PUID=1000 # - PGID=1000 # - TZ=America/Chicago # volumes: # - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/readarr:/config # - /mnt/media:/mnt/media # expose: # - 8787/tcp # ports: # - 8787:8787 # restart: unless-stopped bazarr: image: lscr.io/linuxserver/bazarr:latest container_name: arr-suite-bazarr environment: - PUID=1000 - PGID=1000 - TZ=America/Chicago volumes: - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/bazarr:/config - /mnt/media:/mnt/media expose: - 6767/tcp ports: - 6767:6767 restart: unless-stopped jellyseerr: image: fallenbagel/jellyseerr:latest container_name: jellyseerr environment: - LOG_LEVEL=debug - TZ=Asia/Tashkent ports: - 5055:5055 volumes: - /path/to/appdata/config:/app/config restart: unless-stopped flaresolverr: image: flaresolverr/flaresolverr:latest container_name: arr-suite-flaresolverr environment: - LOG_LEVEL=info - LOG_HTML=false - CAPTCHA_SOLVER=none - TZ=America/Chicago expose: - 8191/tcp # optional — allows other containers to talk to it ports: - \u0026#34;8191:8191\u0026#34; # host:container mapping for direct access restart: unless-stopped gluetun: image: qmcgaw/gluetun:latest container_name: arr-suite-gluetun cap_add: - NET_ADMIN ports: - 8080:8080 # qBittorrent WebUI forwarded dns: - 1.1.1.1 - 9.9.9.9 environment: - VPN_SERVICE_PROVIDER=private internet access - VPN_TYPE=openvpn - OPENVPN_USER=${PIA_USERNAME} - OPENVPN_PASSWORD=${PIA_PASSWORD} - TZ=America/Chicago - SERVER_REGIONS=CA Montreal - BLOCK_MALICIOUS=off - BLOCK_ADS=off - BLOCK_SURVEILLANCE=off - VPN_PORT_FORWARDING=on # - VPN_PORT_FORWARDING_STATUS_FILE=/gluetun/forwarded_port volumes: - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/gluetun:/gluetun - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/gluetun:/tmp/gluetun restart: unless-stopped qbittorrent: image: linuxserver/qbittorrent:5.0.2-libtorrentv1 container_name: arr-suite-qbittorrent environment: - PUID=1000 - PGID=1000 - UMASK_SET=0000 - TZ=America/Chicago - WEBUI_PORT=8080 volumes: - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/qbittorrent:/config - /mnt/media/downloads:/mnt/media/downloads depends_on: - gluetun network_mode: container:arr-suite-gluetun restart: unless-stopped huntarr: image: huntarr/huntarr:latest container_name: arr-suite-huntarr environment: - TZ=America/Chicago volumes: - ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/arr-suite/configs/huntarr:/config ports: - 9705:9705 restart: unless-stopped unpackerr: image: golift/unpackerr:latest container_name: arr-suite-unpackerr environment: - TZ=America/Chicago - UN_LOG_FILE=/downloads/unpackerr.log - UN_SONARR_0_URL=http://10.0.40.130:8989 - UN_SONARR_0_API_KEY=${UNPACKERR_SONARR_API_KEY} - UN_RADARR_0_URL=http://10.0.40.130:7878 - UN_RADARR_0_API_KEY=${UNPACKERR_RADARR_API_KEY} - UN_DIR_MODE=0777 - UN_FILE_MODE=0666 volumes: - /mnt/media/downloads:/downloads user: \u0026#34;1001:100\u0026#34; restart: unless-stopped ","date":"2 November 2025","externalUrl":null,"permalink":"/homelab/docker/arrstack/","section":"","summary":"","title":"Arr HomeLab Stack","type":"homelab"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/automation/","section":"Tags","summary":"","title":"Automation","type":"tags"},{"content":" Overview # Beszel is a sleek, self-hosted monitoring dashboard for Docker environments.\nIt’s a drop-in replacement for complex stacks like Prometheus + Grafana, offering clean metrics, live CPU/memory graphs, and simple multi-host monitoring — all from one container.\nI use it to keep an eye on my entire homelab Docker environment, including:\nArr Stack (Prowlarr, Sonarr, Radarr, etc.) Watchtower (auto-updates) Homarr (dashboard) RustDesk (remote control) And anything else running on my hosts. Features # 📊 Real-time metrics for CPU, RAM, and disk. 🧠 Multi-node support (install Beszel agent on each host). 📈 Built-in time-series graphs — no Grafana needed. ⚙️ Docker native — runs anywhere, minimal configuration. 🔐 Lightweight \u0026amp; privacy-first — all data stays local. Docker Compose Configuration # services: beszel: image: \u0026#39;henrygd/beszel\u0026#39; container_name: \u0026#39;beszel\u0026#39; restart: unless-stopped ports: - \u0026#39;8090:8090\u0026#39; volumes: - ./beszel_data:/beszel_data ","date":"2 November 2025","externalUrl":null,"permalink":"/homelab/docker/bezsel/","section":"","summary":"","title":"Bezsel Server Monitoring","type":"homelab"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/cluster/","section":"Tags","summary":"","title":"Cluster","type":"tags"},{"content":" Disable the Account and Validate Compromise # Disable the account in question, change password and revoke sessions. Verify account compromise. Check sign-in logs to validate odd behavior. Validate that user account has not registered an application. Usually there may be tools that were registered by the attacker that are related to data recovery. Check Audit log for compromised account. Perform an email message trace for sent emails. The compromised accounts mailbox may also have rules created to hide the attacker. Disable Account in Question # Navigate to https://entra.microsoft.com/ Expand Users \u0026gt; All Users and search for the account in question. Disable Account: Revoke Sessions: Verify Account Compromise # Navigate to https://entra.microsoft.com/ Expand Users \u0026gt; All Users and search for the account in question. Open that account and open Sign-in logs Set Date to as long as possible. Depending on licensing they may only have 7 days of logging. You can also download the log once it is loaded. Be sure to also pull the non-interactive sign-ins as well and download for reporting. Navigate to Audit logs and view/download audit logs for any changes that may have been performed. Verify No Applications Have Been Registered # Within the panel of the suspect account, click on Applications and validate there are no suspicious applications that were added within the timeframe that the account was compromised. Keep in mind that legitimate applications are used for malicious purposes (such as data recovery tools). 2. If there is a suspicious application, navigate to Applications \u0026gt; Enterprise Applications on the left pane. ![[Pasted image 20251030081914.png]] 3. Log everything you can with screenshots such as: 1. Users and Groups it’s assigned to 2. Permissions that the application has 3. Sign-in logs 4. Audit logs\nOnce documented, you may continue with the following: Remove all users assigned to the application Revoke all permissions granted to the application Revoke refresh tokens for all users Cleaning up Malicious Application # Within the permissions page of the application you can select Review Permissions It will pop out a pane and you can select the following: “This application is malicious and I’m compromised”.\nThis will give you 3 PowerShell scripts to run to perform the 3 tasks we mentioned above. Once documented and the customer is ready to, you may remove the application from the Enterprise Applications screen. You may want to leave it there for the customer to reference the logs at a later date if they involve more investigation techniques.\nDiagnose Email Compromise of Suspect Account # If the customer has the licensing, they can utilize tools in the https://security.microsoft.com/ to review suspicious emails, as well as mass deleting emails from mailboxes. Remediate Email Using Microsoft Defender XDR # Remediate malicious email that was delivered in Office 365 | Microsoft Learn\nRemediate Email Using PowerShell # If the customer does not have Microsoft Defender, you can use the following instructions to remediate the malicious email for mailboxes within the tenant. Search for and delete email messages in your organization | Microsoft Learn Preventative Actions # Implement MFA on all user accounts. Setup Conditional Access Policies (Entra P1+ License Required) Require MFA for all users Block access from other countries Block Unapproved Device Types Disable Persistent Browser Session Require App Protection Policy (If using Intune) Block legacy authentication (Don’t enable if customer is using SMTP Authentication) Require MFA to Join to Entra (If using Intune) Harden Tenant Settings Harden User Settings # Harden Group Settings # Require Admin Consent for registering applications. # This can be set up so a group of admins will receive an email when a user attempts to register an application to the tenant.\nNavigate to Entra \u0026gt; Applications \u0026gt; Enterprise Applications \u0026gt; Consent and Permissions Most Restrictive: Change to force administrator approval for all applications Set up users who will be able to approve and deny consent requests. ","date":"2 November 2025","externalUrl":null,"permalink":"/knowledge/microsoft-365/security/compromised-account/","section":"Knowledges","summary":"","title":"Compromised M365 Account","type":"knowledge"},{"content":" Creating a Windows Server 2025 Hyper-V Cluster # This guide walks through configuring a highly available Hyper-V cluster on Windows Server 2025 using shared iSCSI storage.\nStep 1 — Install the Hyper-V Role (on Domain-Joined Servers) # Ensure both servers are joined to your Active Directory domain before proceeding.\nServer 1 Configuration # Install the Failover Clustering feature. Configure shared storage via iSCSI Initiator. Bring disks online on Server 1 and create new volumes with appropriate drive letters. Create an External vSwitch in Hyper-V Manager for VM traffic. Server 2 Configuration # Install the Failover Clustering feature. Connect to the shared storage via iSCSI Initiator. The disks will appear offline — leave them that way. Create an External vSwitch with the exact same name as on Server 1. Step 2 — Validate the Cluster Before Creation # On Server 1, open Failover Cluster Manager. Under Management, select Validate Configuration. Add all intended cluster nodes. Choose Run All Tests → Next. Review the report and resolve any warnings or errors. Skipping validation may void Microsoft support. Step 3 — Create the Cluster # In Failover Cluster Manager, select Create Cluster. Add all node names. Name the cluster (e.g., 2025Cluster). Assign a Cluster IP Address on the production network. (Optional) Keep “Add all eligible storage to the cluster” checked. Any attached LUNs will be added as Cluster Disks, with one chosen for quorum. Click Next and wait for the cluster to be created and load in Failover Cluster Manager. Step 4 — Validate Cluster Creation # Storage Validation # Confirm disks under Storage \u0026gt; Disks. Network Validation # Identify and rename cluster networks as needed: Heartbeat Network → uncheck “Allow clients to connect through this network”. Storage Network → select “Do not allow cluster communication on this network”. Production Network → enable both “Allow cluster network communication” and “Allow clients to connect through this network.” Step 5 — Configure Cluster Shared Volumes (CSV) # Go to Storage \u0026gt; Disks. For any disk marked Available Storage, right-click → Add to Clustered Shared Volumes. Confirm disks now appear under Cluster Shared Volumes. Step 6 — Adjust Hyper-V Storage Paths (Server 1) # Open Hyper-V Manager → Hyper-V Settings. Under Virtual Hard Disks, click Browse: Navigate to /ClusterStorage/Volume1/ Create folder VHDX Save path as /ClusterStorage/Volume1/VHDX Under Virtual Machines, click Browse: Navigate to /ClusterStorage/Volume1/ Create folder VMConfigFiles Save path as /ClusterStorage/Volume1/VMConfigFiles Apply and save changes. Step 7 — Mirror Storage Settings on Server 2 # In Hyper-V Manager, right-click → Connect to Server → select the second node. Open Hyper-V Settings. Update default paths for: Virtual Hard Disks → /ClusterStorage/Volume1/VHDX Virtual Machines → /ClusterStorage/Volume1/VMConfigFiles Repeat these steps for all nodes. Step 8 — Create a Clustered Virtual Machine # In Failover Cluster Manager, right-click Roles → New Virtual Machine. Select the target node for creation. Complete the wizard. The VM will now appear under Roles — fully managed by the cluster. Success! # You’ve successfully configured a Windows Server 2025 Hyper-V Cluster with shared iSCSI storage and failover protection.\nTip: Regularly run Validate Cluster and back up your cluster configuration XML for quick recovery.\n","date":"2 November 2025","externalUrl":null,"permalink":"/knowledge/on-premises/hyper-v/setup-hyper-v-cluster/","section":"Knowledges","summary":"","title":"Create A Hyper-V Cluster","type":"knowledge"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/categories/docker/","section":"Categories","summary":"","title":"Docker","type":"categories"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/docker/","section":"Tags","summary":"","title":"Docker","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/docker-compose/","section":"Tags","summary":"","title":"Docker-Compose","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/email/","section":"Tags","summary":"","title":"Email","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/entra/","section":"Tags","summary":"","title":"Entra","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/categories/exchange-online/","section":"Categories","summary":"","title":"Exchange Online","type":"categories"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/categories/exchange-server/","section":"Categories","summary":"","title":"Exchange Server","type":"categories"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/exchange-server/","section":"Tags","summary":"","title":"Exchange Server","type":"tags"},{"content":" Situation # We encountered an unrecoverable issue where the secondary server (HOSTEX-DR) had the databases mounted but became irrecoverable. As a result, the databases could not be mounted on the primary server (BHM-ITOPS-EX16).\nTo resolve this, we had to:\nStop the Database Availability Group (DAG) and remove the DAG members. Remove the database copies from the secondary server (HOSTEX-DR). Once the copies were deleted, the databases successfully began mounting on the primary server (BHM-ITOPS-EX16).\nSteps for Data Center Recovery # 1. Stop the DAG on the Secondary Site # Use the following command to stop the DAG on the secondary site, which may not be responsive due to failures:\nStop-DatabaseAvailabilityGroup -Identity Host-DAG -ActiveDirectorySite DR-Site You may encounter cluster operation errors. In this case, proceed to stop the DAG on individual servers.\n2. Stop the DAG on Specific Mailbox Servers # Run the following command to stop the DAG on the both servers:\nStop-DatabaseAvailabilityGroup -Identity Host-DAG -MailboxServer HOSTEX-DR Stop-DatabaseAvailabilityGroup -Identity Host-DAG -MailboxServer BHM-ITOPS-EX16\nIf errors persist, use the `-ConfigurationOnly` flag to stop the DAG: ```powershell Stop-DatabaseAvailabilityGroup -Identity Host-DAG -MailboxServer HOSTEX-DR -ConfigurationOnly Stop-DatabaseAvailabilityGroup -Identity Host-DAG -MailboxServer BHM-ITOPS-EX16 -ConfigurationOnly\n## 3. Check Mailbox Database Copy Status Use the following command to check the status of the database copies across the DAG: ```powershell Get-MailboxDatabaseCopyStatus * 4. Stop the Cluster Service # On the affected node, stop the cluster service to ensure that the failed node is no longer part of the cluster:\nnet stop clussvc 5. Clear Cluster Node # To remove the failed node from the cluster:\nClear-ClusterNode 6. Remove Database Copies from the Failed Server # For each mailbox database that is on the failed server, remove the copy using the following command:\nRemove-MailboxDatabaseCopy -Identity \u0026lt;DatabaseName\u0026gt;\\\u0026lt;ServerName\u0026gt; For example:\nRemove-MailboxDatabaseCopy -Identity BarronMachineFAB\\HOSTEX-DR 7. Remove the Failed Server from the DAG # After all database copies are removed, remove the server from the DAG configuration:\nRemove-DatabaseAvailabilityGroupServer -Identity Host-DAG -MailboxServer \u0026#34;HOSTEX-DR\u0026#34; -ConfigurationOnly 8. Check Database Mount Status # Verify that databases on the active node are mounted correctly:\nGet-MailboxDatabaseCopyStatus * 9. Remove the DAG # Once the failed node has been removed and all databases are successfully mounted on the active node, remove the DAG:\nRemove-DatabaseAvailabilityGroup -Identity Host-DAG ","date":"2 November 2025","externalUrl":null,"permalink":"/knowledge/on-premises/exchange-server/exchange-2-node-dag-recovery/","section":"Knowledges","summary":"","title":"Exchange Server 2-Node DAG Recovery","type":"knowledge"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/exchangeonline/","section":"Tags","summary":"","title":"ExchangeOnline","type":"tags"},{"content":" Overview # Homarr is a modern, self-hosted dashboard that gives you a clean and interactive homepage for your homelab or media server setup.\nIt’s similar in spirit to Heimdall or Organizr, but with a more polished UI, widget support, and an active community.\nIn my setup, Homarr serves as the home portal for all my Docker-based services — Arr Stack, RustDesk, Watchtower, Jellyfin, etc.\nEverything I manage day-to-day starts here.\nFeatures I Use # 🧩 App Tiles: Quick launch buttons for everything in my lab. 📊 Dynamic Widgets: Display real-time info from qBittorrent, Sonarr, Radarr, etc. 🔐 Auth Support: Integrates with Authelia or simple login. 🧱 Fully Dockerized: Runs in a single lightweight container. 🧠 Persistent Config: Stores settings in a local volume — no database needed. Docker Compose Configuration # services: homarr: container_name: homarr image: ghcr.io/homarr-labs/homarr:latest restart: unless-stopped volumes: - /var/run/docker.sock:/var/run/docker.sock # Optional, only if you want docker integration - ./homarr/appdata:/appdata environment: - SECRET_ENCRYPTION_KEY=whateveryouwant ports: - \u0026#39;7575:7575\u0026#39; ","date":"2 November 2025","externalUrl":null,"permalink":"/homelab/docker/homarr/","section":"","summary":"","title":"Homarr Dashboard","type":"homelab"},{"content":"Incoming emails from a specific domain are being sent to the Microsoft 365 quarantine or the user’s junk folders. This domain block is occurring across all Microsoft 365 tenants. It can be very frustrating if you send emails to customers whose mail is hosted on Microsoft 365, only for those messages to end up marked as spam. This situation negatively affects every business. In this article, you will learn how to fix the domain block in Microsoft 365 because of its reputation.\nFind message in Quarantine or Message Trace # Sign in to Exchange admin center and find the message using the Message Trace or Quarantine page. In this example, we will open the message from the Quarantine page.\nClick on the message, and the details appear. It shows that the message was blocked because of the detection technology Domain reputation.\nThe DMARC, DKIM, SPF, and Composite authentication checks for the sender domain all appear as Pass.\nLooking more into the details clearly shows that everything is correctly configured for the sender domain, and the message should not be blocked by Microsoft.\nSo, what is the solution to this problem, and how do we fix the domain from being blocked in Microsoft 365?\nSubmit message to Microsoft for review # You must first submit the message to Microsoft for review by following the steps below:\nClick on the three dots (…). Click Submit for review. Ensure the email network message ID appears. Ensure that the recipient who had the issue appears. Select I’ve confirmed it’s clean. Click Next. Click Submit. Go to the Report Submissons page. Select the reported message. Verify that the results show No threats found. Copy the Submission ID. Open a support request in the Microsoft 365 admin center and add the copied submission ID to it. Ensure you direct the engineer to forward this support request to the Microsoft Defender team so they can see what is going wrong. The Microsoft Defender team will remove the domain from Microsoft’s block list. That’s it!\nConclusion # You learned how to fix a domain reputation block in Microsoft 365. It is important to know that domains can be blocked, and not only IP addresses, by the Microsoft Defender team. In fact, the blocking is mostly done by their AI system.\nSubmit the message to Microsoft for review, so they will analyze it and provide a result. However, this process does not automatically remove the domain from the block list. As a result, you must open a support request for the Microsoft team to manually remove the domain from the block list.\n[!NOTE] All credits for this article goes to Ali Tajran. I recently had this issue and ran through this exact process, but this incident happened so long ago that I am unable to grab the proper screenshots.\n","date":"2 November 2025","externalUrl":null,"permalink":"/knowledge/microsoft-365/exchange/domain-reputation-block/","section":"Knowledges","summary":"","title":"How To Fix Domain Reputation Being Blocked","type":"knowledge"},{"content":" Microsoft 365 User Offboarding Checklist # This guide outlines a complete process for properly offboarding a user in a hybrid Microsoft 365 environment (with on-premises Active Directory synced via Microsoft Entra Connect).\nStep 1. Disable the User # Disable the user in on-premises Active Directory (AD) and confirm the change syncs to Microsoft Entra ID, ensuring the account is also locked in the cloud.\nTip: Some organizations move disabled users to a non-synced OU, which is incorrect. You must keep the disabled user in a synced OU so that their cloud account also becomes blocked.\nStep 2. Reset the User’s Password # Reset the password in on-premises AD. This new password will automatically sync to Microsoft 365 through Microsoft Entra Connect.\nStep 3. Reassign Email Aliases # Transfer any email alias addresses to another mailbox if they need to be reused. If they’re no longer required, you can either retain or remove them as needed.\nStep 4. Remove the User from All Groups # In Active Directory, remove the user from all on-premises security and distribution groups.\nAlso verify that the user is removed from any Microsoft 365 groups in the cloud.\nStep 5. Sign Out of All Sessions # Force the user to sign out of all sessions across both on-premises and Microsoft 365 environments.\nYou can use PowerShell to sign users out of Microsoft 365 sessions:\nSee: Force sign-out users in Microsoft 365 with PowerShell.\nStep 6. Convert the Mailbox to a Shared Mailbox # If you’re using an Exchange Hybrid setup, convert the mailbox using the Exchange Management Shell (on-premises).\nAfter the next sync cycle, the change will replicate to Microsoft 365.\nOnce confirmed, you can safely remove the license.\nNote: If the mailbox size exceeds 50 GB, you may still convert it, but you’ll need to retain a license.\nConsider assigning an Exchange Online Plan 2 license to maintain mailbox access for larger shared mailboxes—it’s affordable and ensures continuity.\nStep 7. Remove Delegated Access # Remove any mailbox delegations unless specific users still require access. This prevents unauthorized deletion or modification of mailbox data.\nStep 8. Hide the Mailbox from the Global Address List (GAL) # Hide the user’s mailbox from the Global Address List to prevent others from attempting to email them once they’ve left the organization.\nStep 9. Configure Email Forwarding (Optional) # If forwarding is needed (e.g., to a new external address):\nEnable external forwarding in Microsoft 365 for the appropriate admin-controlled group. Set up forwarding in the Microsoft 365 Admin Center for easy visibility and management. Test by sending a message and verifying it forwards correctly. Security Note: External forwarding is disabled by default for protection—only enable it when necessary.\nStep 10. Export the Mailbox to a PST # If you plan to discontinue forwarding and remove the license later, export the mailbox to a PST file for archival.\nStore the file securely for future reference or legal needs.\nStep 11. Remove the License # Once the mailbox has been converted to shared (and is under 50 GB), or if the user account is no longer needed, remove the license to free up your Microsoft 365 subscription.\nStep 12. Delete the User Account # Finally, delete the user from on-premises Active Directory.\nMicrosoft Entra Connect will sync this change, removing the corresponding cloud account automatically.\nTo restore a deleted user, see Restore deleted Microsoft 365 Hybrid user.\n✅ Conclusion # You’ve completed the offboarding process for a hybrid Microsoft 365 user.\nAlthough these steps may vary by organization, maintaining an up-to-date checklist helps ensure consistency and compliance. Once your checklist is stable, consider automating it with PowerShell to save time.\nRelated Reading:\nPermanently delete users from Microsoft 365 » How to Download All User OneDrive Files » ","date":"2 November 2025","externalUrl":null,"permalink":"/knowledge/microsoft-365/entra/decommission-user-properly/","section":"Knowledges","summary":"","title":"How To Properly Decomission User","type":"knowledge"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/knowledge/","section":"Knowledges","summary":"","title":"Knowledges","type":"knowledge"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/categories/microsoft-entra/","section":"Categories","summary":"","title":"Microsoft Entra","type":"categories"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/microsoft-entra/","section":"Tags","summary":"","title":"Microsoft Entra","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/categories/microsoft365/","section":"Categories","summary":"","title":"Microsoft365","type":"categories"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/microsoft365/","section":"Tags","summary":"","title":"Microsoft365","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/networking/","section":"Tags","summary":"","title":"Networking","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/on-premises/","section":"Tags","summary":"","title":"On-Premises","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/passwords/","section":"Tags","summary":"","title":"Passwords","type":"tags"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/remotedesktop/","section":"Tags","summary":"","title":"RemoteDesktop","type":"tags"},{"content":" Overview # RustDesk is an open-source remote desktop alternative to TeamViewer or AnyDesk — with a key difference:\nyou can self-host your own relay and rendezvous servers, giving you full control over your connections, privacy, and performance.\nIn my homelab, I run RustDesk as a pair of Docker containers:\nhbbs – the signal (rendezvous) server that helps clients find each other. hbbr – the relay server that forwards encrypted traffic when direct peer-to-peer connections aren’t possible. Why Host Your Own # 🧠 No external dependencies — You own your relay; no third-party servers. 🔒 Encrypted connections — TLS with your own key pair. 🚀 LAN-level speed for local devices. 🧩 Integrates easily with Docker Compose, Traefik, or Nginx Proxy Manager. Docker Compose Setup # services: hbbs: container_name: hbbs image: rustdesk/rustdesk-server:latest command: hbbs volumes: - ./data:/root network_mode: \u0026#34;host\u0026#34; depends_on: - hbbr restart: unless-stopped hbbr: container_name: hbbr image: rustdesk/rustdesk-server:latest command: hbbr volumes: - ./data:/root network_mode: \u0026#34;host\u0026#34; restart: unless-stopped ","date":"2 November 2025","externalUrl":null,"permalink":"/homelab/docker/rustdesk/","section":"","summary":"","title":"RustDesk Compose File","type":"homelab"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/updates/","section":"Tags","summary":"","title":"Updates","type":"tags"},{"content":" 🛠️ What is Vaultwarden? # Vaultwarden is an open-source, lightweight implementation of the Bitwarden server API, written in Rust.\nIt lets you self-host your own password manager that’s fully compatible with the official Bitwarden clients (web, desktop, mobile, and browser extensions).\n⚙️ Key Features # 💾 Self-hosted — full control of your data 🔐 End-to-end encryption (same as Bitwarden) 🧑‍💻 Compatible with official Bitwarden apps 🧩 Supports organizations, collections, and 2FA 🪶 Lightweight — runs efficiently on a small VPS, Docker container, or NAS 🚀 Why Use Vaultwarden? # Vaultwarden gives you Bitwarden-level security without the cost or dependency on Bitwarden’s cloud service.\nIt’s perfect for individuals, families, or small teams who want secure password management with full ownership.\nDocker Compose File # version: \u0026#39;3\u0026#39; services: vaultwarden: restart: always container_name: vaultwarden image: vaultwarden/server:latest volumes: - ./vaultwarden/:/data/ ports: - 8062:80 environment: - SMTP_HOST=10.0.10.100 - SMTP_FROM=noreply@example.com - SMTP_FROM_NAME=VaultWarden - SMTP_SECURITY=off - SMTP_PORT=25 - SMTP_TIMEOUT=30 - LOGIN_RATELIMIT_MAX_BURST=10 - LOGIN_RATELIMIT_SECONDS=60 - DOMAIN=https://vault.corr.cloud - INVITATION_ORG_NAME=CorrVault - INVITATIONS_ALLOWED=true - ADMIN_TOKEN=generateyourown #create your own here... - SIGNUPS_ALLOWED=false - SIGNUPS_DOMAINS_WHITELIST=exmpale.com #only allows the domain specified - SIGNUPS_VERIFY=true - SIGNUPS_VERIFY_RESEND_TIME=3600 - SIGNUPS_VERIFY_RESEND_LIMIT=6 - EMERGENCY_ACCESS_ALLOWED=true - SENDS_ALLOWED=true - WEB_VAULT_ENABLED=true ","date":"2 November 2025","externalUrl":null,"permalink":"/homelab/docker/vaultwarden/","section":"","summary":"","title":"VaultWarden (Password Manager)","type":"homelab"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/virtualization/","section":"Tags","summary":"","title":"Virtualization","type":"tags"},{"content":" What Watchtower Does # Watchtower automatically pulls newer images for your running containers and restarts them with the updated image.\nIn plain terms: it keeps your stack (Sonarr, Radarr, qBittorrent, etc.) up to date without you manually docker pull + docker compose up -d every time.\nThis is especially nice in a homelab where:\nYou don’t want to babysit containers. You still want security/bugfix updates applied. You don’t mind a brief restart when something updates. You can run Watchtower in “just tell me” mode or “actually update things” mode. Below is the auto-update version.\nEnvironment Variables / Secrets You May Want # WATCHTOWER_NOTIFICATIONS\nExample: email, shoutrrr, etc. If you don’t care about notifications, you can leave this out. WATCHTOWER_CLEANUP=true\nAfter updating, prune old images so you don’t fill the disk. WATCHTOWER_SCHEDULE\nCron-style string so it doesn’t constantly hammer Docker Hub. Example below runs daily at 4am. These go in environment:.\nDocker Compose Service for Watchtower # version: \u0026#39;3.8\u0026#39; services: watchtower: image: containrrr/watchtower:latest container_name: watchtower2 restart: always environment: WATCHTOWER_SCHEDULE: \u0026#34;0 0 0 * * *\u0026#34; TZ: America/Chicago WATCHTOWER_RUN_ONCE: \u0026#39;false\u0026#39; WATCHTOWER_MONITOR_ONLY: \u0026#39;false\u0026#39; WATCHTOWER_CLEANUP: \u0026#39;true\u0026#39; WATCHTOWER_NOTIFICATIONS: email WATCHTOWER_NOTIFICATION_EMAIL_FROM: noreply@corr.cloud WATCHTOWER_NOTIFICATION_EMAIL_TO: kolton@corr.cloud # you have to use a network alias here, if you use your own certificate WATCHTOWER_NOTIFICATION_EMAIL_SERVER: mail.corr.cloud WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT: 25 WATCHTOWER_NOTIFICATION_EMAIL_DELAY: 2 volumes: - /var/run/docker.sock:/var/run/docker.sock ","date":"2 November 2025","externalUrl":null,"permalink":"/homelab/docker/watchtower/","section":"","summary":"","title":"Watchtower (Auto-Update Docker Containers)","type":"homelab"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/categories/windows-server/","section":"Categories","summary":"","title":"Windows Server","type":"categories"},{"content":"","date":"2 November 2025","externalUrl":null,"permalink":"/tags/windows-server/","section":"Tags","summary":"","title":"Windows Server","type":"tags"},{"content":" Create Mail Flow Rule # Login to: https://admin.exchange.microsoft.com/ Navigate to Mail Flow \u0026gt; Rules Create a New Rule like the following; Copy this text into the “Specify Disclaimer Text”. You may change the verbiage of the caution message if necessary. \u0026lt;table border=0 cellspacing=0 cellpadding=0 align=left width=`\u0026#34;100%`\u0026#34;\u0026gt; \u0026lt;tr\u0026gt; \u0026lt;td style=\u0026#39;background:#bba555;padding:5.25pt 5.5pt 5.25pt 1.5pt\u0026#39;\u0026gt;\u0026lt;/td\u0026gt; \u0026lt;td width=`\u0026#34;100%`\u0026#34; style=\u0026#39;width:100.0%;background:#ffe599;padding:5.25pt 3.75pt 5.25pt 11.25pt; word-wrap:break-word\u0026#39; cellpadding=`\u0026#34;7px 5px 7px 15px`\u0026#34; color=`\u0026#34;#212121`\u0026#34;\u0026gt; \u0026lt;div\u0026gt; \u0026lt;p\u0026gt;\u0026lt;span style=\u0026#39;font-size:11pt;font-family:Arial,sans-serif;color: #212121\u0026#39;\u0026gt; \u0026lt;b\u0026gt;CAUTION:\u0026lt;/b\u0026gt; This email originated from outside the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. \u0026lt;/span\u0026gt;\u0026lt;/p\u0026gt; \u0026lt;/div\u0026gt; \u0026lt;/td\u0026gt; \u0026lt;/tr\u0026gt; \u0026lt;/table\u0026gt; Enforce the rule under settings, then enable the rule. Test by sending an email from external to internal. It should look like this. ","date":"1 November 2025","externalUrl":null,"permalink":"/knowledge/microsoft-365/exchange/external-banner/","section":"Knowledges","summary":"","title":"Create External Email Banner","type":"knowledge"},{"content":"","date":"1 November 2025","externalUrl":null,"permalink":"/tags/exchange-online/","section":"Tags","summary":"","title":"Exchange Online","type":"tags"},{"content":"","externalUrl":null,"permalink":"/authors/","section":"Authors","summary":"","title":"Authors","type":"authors"},{"content":"","externalUrl":null,"permalink":"/series/","section":"Series","summary":"","title":"Series","type":"series"}]