Remove GPO installed software from machine

Posted on by Andy

Here a simple step to remove GPO instaled software from your machine and make it reapply the GPO:

  • Remove software from Control Panel -> Software
  • Find and the clear the software UID from
    HKLM\Software\Microsoft\Windows\Current Version\Group Policy\AppMgmt
  • OR delete HKLM\Software\Microsoft\Windows\Current Version\Group Policy completely
  • open terminal/cmd as administrator and execute
    gpupdate /force
  • and last, reboot the desktop

After a reboot the GPO should have been (re)applied and the software been installed.

Add exceptions for Avira Antivirus for Mac

Posted on by Andy
  1. Open terminal
  2. Open /Applications/Avira.app/Contents/config/avguard.conf with your default editor (e.g. vim, nano…)
  3. Add a new line: ExcludePath /my/path/to/exclude

Never alter any other line than ExcludePattern and ExcludePath. Remember that you need to restart your computer before the changes will take affect!

SSLVPN not working in FortiOS 6

Posted on by Andy

After upgrading from FortiOS 5 to FortiOS 6, the access for SSLVPN users stopped working. Local users still worked but LDAP users could not authenticate user LDAPS or STARTTLS. When trying to login to the webportal the message “Permission denied” was displayed and in the firewall VPN events was following error: “sslvpn_login_unknown_user”.

Well, apparently Fortinet changed the minimum SSL protocol version used while authenticating to the AD to TLSv1.2. Unfortunately the AD server used could not use it and TLSv1 was the maximum available. The fix is quite simple:

Open the terminal in the webUI (top right >_ icon) and use following commands:

# config user ldap
# show
# edit "My LDAP server name got from show command"
# set ssl-min-proto-version TLSv1
# end

That’s it. SSLVPN was working normally afterwards. You could also use other protocol versions as SSLv2, SSLv3, TLSv1, TLSv1-1 and TLSv1-2