Contact Info
info@euclidnet.com | 404.593.0083 | QuickSupport

Welcome to Euclid Networks’ Tech-Tips Blog : Please navigate using the categories on the right sidebar.

Microsoft Outlook crashes with 0xc0000005 errors due to Office 365 Patch, how to resolve

July 15, 2020by Euclid Networks in Atlanta, E-Mail, How-To, Microsoft Office, Office 365, Outlook 2013/2016/2019, Windows 10

We’ve seen on over a dozen machines today, Microsoft Outlook (Office 365 continual update version) crashes, with 0xc0000005 errors logged in the event log.

The full text of this error is below.

Faulting application name: OUTLOOK.EXE, version: 16.0.13001.20266, time stamp: 0x5ef262ee
Faulting module name: mso98win32client.dll, version: 0.0.0.0, time stamp: 0x5ef2aa2d
Exception code: 0xc0000005
Fault offset: 0x000474b2
Faulting process id: 0x4cf0
Faulting application start time: 0x01d65ac9b0e13874
Faulting application path: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
Faulting module path: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso98win32client.dll
Report Id: 908e152f-636f-4f5a-9717-48a5576b3ccd
Faulting package full name: 
Faulting package-relative application ID:

Microsoft had acknowledged this crash and documented a resulting fix on Twitter, and on the Office 365 Support portal :

Title: Users experiencing Outlook connection issues and crashes

User Impact: Users may experience crashes or may be unable to access Exchange Online via Outlook.

More info: Our analysis indicates that Outlook on the web and mobile clients are unaffected. Users may be able to leverage those protocols as an alternative means to access email and service features while we remediate this problem.

Current status: Our initial review of the available data indicates that recently deployed updates are the likely source of the problem. We're performing an analysis of all recent service updates to isolate the underlying cause of the problem and to determine the most expedient means to restore service.

Scope of impact: This issue may potentially affect any of your users attempting to use Outlook.

The immediate fix for this is to roll back Microsoft Office versions, which can be done by opening a command line as Administrator and typing : cd "\Program Files\Common Files\microsoft shared\ClickToRun"

officec2rclient.exe /update user updatetoversion=16.0.12527.20880

After rolling back versions, Outlook should open and function as normal!

If you’re in need of a proactive, IT Support company in the Atlanta area, don’t hesitate to contact us today!

Using a Synology NAS as a Backup DNS Server for Active Directory

June 14, 2020by Euclid Networks in Atlanta, How-To, Networking, Windows 10, Windows 7, Windows Server

As we onboard any new IT support partner, one of our security and network assessment tasks is to validate a client’s server and disaster recovery environment.

As part of this assessment, we often find a customer will have a single point of failure with their active directory environment – most small businesses don’t have the resources to afford multiple servers, and often times previous systems administrators will have not had the foresight to follow best practices regarding building server resiliency.

One example of a point of failure with a single-server environment that we see all too often is DNS. In many cases, the Primary Domain Controller (PDC) will serve as the sole internal DNS provider. Meaning, if a power outage occurs, or if a PDC goes down for any reason, the entire office will “lose” internet connectivity – often a costly outage until technical help can arrive!

Many of these clients do, however, have secondary “server”-like devices – NAS units, Linux machines, et cetera. While using these as a “backup” DNS provider is not a best practice, we aim to provide the best tech support we can while utilizing resources a client already has in place – thus saving them money!

In the following, we outline steps to convert a Synology NAS device into a backup DNS server for an Active Directory (Windows Server 2019) environment.

1. Install DNS Package on Synology NAS – straightforward, by opening Package Manager.

2. Set up a “Slave Zone” – Within Synology’s DNS manager, create a slave zone, set domain type to Forward Lookup Zone, and enter your PDC’s DNS information.

3. Set up DNS Resolution and forwarding on the NAS – In the below, we have enabled the resolution service, and also forwarders. In our lab, we actually do have a backup local DNS server (192.168.1.8 here), but also forward on DNS requests to Google (8.8.8.8/8.8.6.6) to allow for internet connectivity during PDC downtime.

4. Configure DNS Forwarding on PDC – On your server, open DNS, select your AD’s forward lookup zone, open properties.

4.1 Under Zone Transfers, ensure Allow Zone Transfers is enabled, to servers listed in the DNS Tab.
4.2 Under Notify – Ensure the same setting is enabled.
4.3 Add your Slave Name Server to the list of configured name servers. Important – ensure your server validates, with a green check once its FQDN is added.

5. Verify DNS records and Zone Transfer has completed On the Synology DNS Manager, under ‘Zones’, select ‘Edit’ and open ‘Resource Record’ you should find propagated records.

Optional but recommended – repeat steps 2-5 for the Reverse Lookup Zone (EG, 1.168.192.in-addr.arpa) and _msdcs.yourlocal.domain. You *do* have a reverse lookup zone configured, don’t you? =)

6. Add your New DNS Server to DHCP – Don’t forget to configure your DHCP leases to include your new backup DNS server!

7. Test out DNS resolution – Finally, test your new server to ensure it’s resolving external domain names correctly, and test a failure of your PDC by taking it offline. Success!

If this writeup has been helpful to you, please share your comments below. And as always, if you’re looking for proactive managed IT service in Atlanta, Euclid is here to help!

Scam Mail & E-Mails – License Scheme Targeting Corporation and LLC Owners

December 12, 2019by Euclid Networks in Uncategorized

Many of Euclid Networks’ clients approach us, regularly asking for feedback on the validity of e-mails and mails they have received. Most typically, scammers have targeted a business owner, or senior partner – and are attempting to gain access to the company’s computer network.

In some cases, the attack is not targeted directly at the servers or network itself – but rather the employees themselves in an attempt to bypass all security measures that have been put into place. These attempts often appeal to authority – either by impersonating senior members of staff – or by appearing as credible communications from outside vendors or service providers.

The most recent attempt we’ve seen along these lines is a scam being run in states nationwide, where a sender impersonates a state’s department of revenue / licensing office – example below.

The above document shows a scam being run in Hawaii, but in Atlanta, Fulton County, and Georgia as well, similar schemes have been set up.

On the document we were asked about, an entity calling itself “C.P.F.S , 4279 Roswell Rd. NE – #208-339, Atlanta, GA 30342” requested payment on a “2020 – Annual Registration Instruction Form” for Georgia LLCs.

How to Spot Misleading Communications

The key indicator that a solicitation is not a valid request can be found in the fine print. By law, the soliciting company (the company that sends out these mailings) must include some variation of the following disclaimers:“SOLICITING COMPANY is not a government agency and does not represent a government agency.”

“SOLICITING COMPANY is not a government agency and does not have a contract with any government agency to provide this service.”

“SOLICITING COMPANY is not a government agency and is not affiliated with the Secretary of State or any other government agency.”

In this case, it’s relatively easy to spot – but in other cases, where businesses and their IT systems have been targeted by more malicious actors, the consequences can be more dire! Having a trusted technology partner on your side can help prevent targeted attacks – and when your business comes under attack, you’ll have someone in your corner to help fight back.

If you have been a victim of a mailing like the one we highlighted today, we strongly encourage you to report these misleading solicitations to the Secretary of State or Attorney General of the state where your business is registered. Many of these offices have been cracking down on those entities sending out fraudulent mailings, enforcing heavy fines and even taking legal action.

Also contact the Secretary of State or Attorney General if you have remitted payment in response to a solicitation that you suspect was fraudulent. You may be able to have your money refunded.

For more information and to contact the Georgia Secretary of State, you can visit :

https://sos.ga.gov/index.php/corporations/kemp_warns_businesses_about_scam_mail

Subdomain and Domain forwarding not working properly with GoDaddy and Sonicwall Firewall

November 22, 2019by Euclid Networks in Atlanta, Hardware & Drivers Issues, How-To, Networking, Windows 10

Godaddy ​Domain and Subdomain Forwarding times out without forwarding, unexpectedly, when using a Sonicwall Firewall.

Domain Forwarding is typically used to redirect a user to a different website when they type in a URL in a browser. In this case, the forwarding will time out – with either a browser 404 error – or a CONNECTION_TIMED_OUT message. DNS resolution will work properly – subdomain.domain.com for example will return the correct A record, pointing to Godaddy’s IP addresses.

The domain redirect may work sporadically on some phones or computers where traffic is not directly passing through a Sonicwall firewall.

The reason for the failed domain forwarding is that by default the Sonicwall enables TCP Packet Sequence Randomization which causes Godaddy’s Domain Forwarding service to break. When doing packet analysis in Wireshark, we saw TCP ACK connections out of sequence and dropped connections.

To fix this issue:

  1. Login into the IP address of the Sonicwall firewall.
  2. Go to http://{firewall.ip.address}/diag.html – You will get a warning about Advanced Settings
  3. Click on Internal Settings.
  4. Untick the box: “Enable TCP sequence number randomization”
  5. Scroll up and click Accept.
  6. Click Close.
  7. Reboot the firewall.

Verify you can now access a Domain forwarded address.  Note that servers behind the firewall will be slightly more vulnerable to host identification by disabling this TCP Sequence Randomization. But in this case, it would be a fairly targetted attack, so the overall risk is low.

Page 2 of 7123...Last