Category: IT Knowledge Base Articles (Page 4 of 11)

Adobe Signatures not deleting

November 9, 2025 /

Acrobat Fill & Sign “can’t delete signatures” — Field Notes

*See ticket 3964

Symptom

  • Fill & Sign shows old signature/initials.
  • The “X/–” delete button does nothing.

Root cause (practical)

  • Two separate stores:
    1. Digital ID/certificates (Windows/Mac keystores)
    2. Fill & Sign cache files in user profile
  • The UI delete often fails; manual file cleanup works reliably.

Fast fix (Windows)

  1. Close Acrobat/Reader.
  2. Delete Fill & Sign cache files:
    • %AppData%\Adobe\Acrobat\DC\Security\acrobat_fss_signature*
    • (Keep everything else; you’re only targeting files that start with acrobat_fss_signature)
  3. Reopen Acrobat; re-open the doc from “Recent”.

If the “Digital ID” keeps reappearing

  • Remove the certificate from Windows:
    • certmgr.msc → Personal → Certificates → delete the matching self-issued ID.
  • Then repeat the cache cleanup above.

Known pitfalls

  • Running as SYSTEM (RMM) makes $env:USERPROFILE/Desktop paths empty for the signed-in user; write to the real user Desktop (often OneDrive).
  • OneDrive Desktop redirection: path like C:\Users\XXX\OneDrive - XXX\Desktop.
  • Reader vs Pro paths differ. Use if exist guards in scripts.
  • Some orgs have multiple Acrobat profiles (e.g., DC vs 2020); the “DC” folder name is the common case.

Batch cleanup script (drops into .bat)

This kills Acrobat/Reader, deletes the Fill & Sign cache, and restarts Acrobat/Reader if present.

@echo off
echo Closing Adobe Acrobat...
taskkill /IM "Acrobat.exe" /F >nul 2>&1
taskkill /IM "AcroRd32.exe" /F >nul 2>&1

echo Deleting cached signature and initials files...
set "sigpath=%APPDATA%\Adobe\Acrobat\DC\Security"
if exist "%sigpath%\acrobat_fss_signature*" del /Q "%sigpath%\acrobat_fss_signature*"

echo Restarting Adobe Acrobat (if installed)...
if exist "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" start "" "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe"
if exist "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" start "" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"

echo "Done. Old Fill & Sign signatures/initials have been cleared."
pause

One-liner to create the .bat on a known Desktop (PowerShell)

Adjust the path for the user:

$bat = @'
@echo off
taskkill /IM "Acrobat.exe" /F >nul 2>&1
taskkill /IM "AcroRd32.exe" /F >nul 2>&1
set "sigpath=%APPDATA%\Adobe\Acrobat\DC\Security"
if exist "%sigpath%\acrobat_fss_signature*" del /Q "%sigpath%\acrobat_fss_signature*"
if exist "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" start "" "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe"
if exist "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" start "" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"
echo "Done. Old Fill & Sign signatures/initials have been cleared."
pause
'@
$path = 'C:\Users\XXX\OneDrive - XXX\Desktop\Clear_Adobe_Signatures.bat'
$bat | Set-Content -Path $path -Encoding ASCII

Pure PowerShell cleanup (silent, no .bat left behind)

Handy for RMM push:

# Kill Acrobat/Reader
Get-Process Acrobat, AcroRd32 -ErrorAction SilentlyContinue | Stop-Process -Force

# Delete Fill & Sign cache files
$sec = Join-Path $env:APPDATA 'Adobe\Acrobat\DC\Security'
if (Test-Path $sec) {
  Get-ChildItem $sec -Filter 'acrobat_fss_signature*' -ErrorAction SilentlyContinue | Remove-Item -Force -ErrorAction SilentlyContinue
}

# Relaunch if present (optional)
$pro   = 'C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe'
$read  = 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe'
if (Test-Path $pro)  { Start-Process $pro }
elseif (Test-Path $read) { Start-Process $read }

Verification

  • Acrobat → Tools → Fill & Sign: should show empty “Add signature / Add initials”.
  • Preferences → Signatures → Identities & Trusted Certificates → More…: no unwanted Digital ID listed.
  • If still present: confirm you cleaned the right user profile and that Acrobat was closed during deletion.

If escalation is needed

  • Schedule a long block with the device present and call Adobe Support.
  • Final resort: wipe/reload Windows (no guarantee; only consider after backup and user approval).

How to set up DKIM and SPF for DNS records in Google Workspace

November 9, 2025 /

How to set up DKIM and SPF for DNS records in Google Workspace

Raised from ticket #2059

If you are experiencing issues with your emails being marked as spam, setting up DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) records can help improve your email deliverability. Follow these steps to configure these records:

Setting Up DKIM

  1. Access the Google Admin Console: Sign in to your Google Admin console using your administrator account.
  2. Navigate to: Apps > Google Workspace > Gmail.
  3. Authenticate Email: Click on Authenticate email.
  4. Generate a DKIM Key:
    • Select your domain from the dropdown.
    • Click on Generate new record.
    • Choose your DKIM key settings:
      • DKIM key bit length: Choose 2048-bit for better security.
      • Prefix selector: Use the default ‘google’ if this is your first setup.
    • Click Generate.
  5. Add the DKIM Key to Your DNS Records:
    • Log in to your domain host’s DNS management console.
    • Add a new TXT record with the following details:
      • Host/Name: Enter the TXT record name provided (e.g., google._domainkey).
      • Value: Paste the TXT record value generated in the Admin console.
    • Save the changes.
  6. Activate DKIM Signing:
    • Return to the Google Admin console.
    • Select your domain in the Authenticate email section.
    • Click on Start authentication.
    • The status should update to Authenticating email with DKIM.

Note: DNS changes can take up to 48 hours to propagate.

Setting Up SPF

To set up SPF, you will need to add a TXT record to your DNS settings:

  1. Log in to your domain host’s DNS management console.
  2. Add a new TXT record with the following details:
    • Host/Name: @ (or your domain name)
    • Value: v=spf1 include:_spf.google.com ~all
  3. Save the changes.

By following these steps, you can enhance your email security and reduce the likelihood of your emails being marked as spam.

Onboarding Meeting Process / SOP Creation

November 9, 2025 /

When I have an on boarding meeting coming up, here’s the process I go through

Download a copy of all DNS records, both secure and unsecure

Create a duplicate SOP dock with their name in my Google Docs, so that when I arrive, I can open that and immediately begin typing

Update the bottom of the SOP dock with information that we specifically know we need from them like web host/register/email system

Open Atera and go to the install agent menu and grab the specific link for that customers download MSI

Open the customer welcome letter, pasted the link in the area marked as targeted Installer link

Modify the support welcome email with anything specific to them, then schedule the email to be delivered right in the middle of the meeting. You’re about to do so that it happens automatically while we’re talking.

If they have outbound IT, modify the exit IT letter and schedule that to go to them as well during the meeting.

This means that customers who have an outbound IT company or department will get the following emails

Customer support welcome letter

Exiting IT letter

SOP’s

Go to the appointment and do Q&A for all the SOP documents questions

Fill it in while I’m there in a way that is Customer presentable

Some items in the SOP document are specifically informative where I need to make sure they are informed of things like unwillingness to schedule my email, so it is during the on boarding meeting when I write into that document that they were informed of that piece below the area that says informed them of this piece. 

When I get back to the office, turn it into a PDF and email it to them with the note that it is easily changed at any time by just contacting us

Make sure to cc IT@Ultrex.com so that they can see the SOP’s are being changed as well

If there’s a complex enough list of items being taken care of for the customer in the initial six month window, I make a Microsoft planner page and put items in order so that we can visually show them what to expect for items being worked on.

SentinelOne force removal of issues

November 9, 2025 /

Updated Notes for the Ultrex Process:

Plug pen drive into computer, and copy the TEMP folder to the C drive- should contain this note doc, and two installer files (Exe and MSI)

Reboot the computer into safe mode (Hold Shift and click reboot- keep holding shift until you are presented with the troubleshooting steps- pick startup items, reboot into safe mode).

Once in Safe Mode, open a command prompt window and navigate to C:\Temp using

Cd..

Cd..

cd C:\Temp

Run the following command:

SentinelOneInstaller_windows_64bit_v25_1_3_334.exe -c -t eyJ1cmwiOiAiaHR0cHM6Ly91c2VhMS1jdzA0bWRyLnNlbnRpbmVsb25lLm5ldCIsICJzaXRlX2tleSI6ICI1YmZmNWU1NDI1YTJlZmJjIn0=

Wait until the cleaner process is finished

Reboot the computer when it says

——————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————–

Original Notes from S1 Admin Team:

The best way to proceed is by following these steps:

Download the latest SentinelOne installation package from the console and save it to C:\Temp

Get the site token for the relevant site from our S1 management portal

eyJ1cmwiOiAiaHR0cHM6Ly91c2VhMS1jdzA0bWRyLnNlbnRpbmVsb25lLm5ldCIsICJzaXRlX2tleSI6ICI1YmZmNWU1NDI1YTJlZmJjIn0=

Important note: The command will work even if the Site Token used is not the one on which the endpoint currently resides.

Replace XX.X.X.XXX with the installation package version you downloaded from the console

Replace with the token you copied in Step 2

Reboot the computer into safe mode (Hold Shift and click reboot- keep holding shift until you are presented with the troubleshooting steps- pick startup items, reboot into safe mode).

Once in Safe Mode, open a command prompt window and navigate to C:\Temp using

Cd..

Cd..

cd C:\Temp

Run the following command:

SentinelOneInstaller_windows_64bit_v25_1_3_334.exe -c -t eyJ1cmwiOiAiaHR0cHM6Ly91c2VhMS1jdzA0bWRyLnNlbnRpbmVsb25lLm5ldCIsICJzaXRlX2tleSI6ICI1YmZmNWU1NDI1YTJlZmJjIn0=

Wait until the cleaner process is finished

Reboot the computer when it says

Sales Meeting Prep Process

November 9, 2025 /

This article describes what I attempt to do before each sales appointment that gets booked for me with a customer. I don’t end up using all of this info, but it helps me to go in well informed, and ready to speak eloquently about their setup, as well as getting an idea of what to bill them.

Info I get:

Name of company

Name of contact

Email address of who I send bid to

What Rep brought the lead?

Website name

MX record of website (who hosts their email? Is it MS365, Google Workspace, Intermedia etc)

DNS Export of all current DNS records of their site. I get both of the last two from here: 

https://dnschecker.org/all-dns-records-of-domain.php

Going in knowing if they already have MS365/Google/Something else helps know what sort of workload they have impending, as well as what sorts of issues I can bring up that they likely have.

Next, I look at who’s hosting the website (usually gleaned from the DNS records as well, but if not clear, use:

https://www.whois.com/whois
Find out who is hosting any website

Either beforehand or while on site, things I need:

Total number of supported staff (Staff who use technology) (Rough price of 100$ per person per month)

Are there any servers? (Specifically computer that if it’s off no one can work, not just if there’s one with a windows server OS) (if any servers, price goes up by 200-400 per month per active local physical server)

Reasonable support window they’d like to see happen? (2-4 hours response time is our normal, if that wouldn’t work for them, can we bill so much to make it able to be done?)

PIA tax?  (If they’re a pain, price goes up)

Ready to replace network gear with unifi? (if willing to spend on the gear, price goes down)

If on MS365, is it GoDaddy federated? (no problem, just increase price)

at the apt, did they make the time for us, or forget and need to rush through it/didn’t have their full attention? (GIANT RED FLAG)

Willing to run Cybersecurity and/or cove? (If yes, price goes down)

How complex is the network and infrastructure? Flat LAN? 

Any older computers? Anything 8 gigs of ram or less increases price, if all current windows and 16+ gigs of ram, price goes down.

Once I have all this info, make a bid. Copy/paste the info from the booking to the contact info of the bid. Decide on a price. Email the customer and the sales rep. Let sales reps follow up. Put a copy of the bid in the customer/archive folder.

If they then like it, offer to send them a box-sign for them to sign on.

Once signed:

Email Deals@Ultrex.com, IT@Ultrex.com and Salesman the signed bid. Always mention billing hasn’t started yet for those that haven’t.

Once signed on, email the next letter in the onboarding docs folder- the post-contract signed letter- which asks them to book a time for us to do the onboarding meeting.

How to uninstall the Atera agent by Powershell Script

November 9, 2025 /

How to uninstall the Atera agent by Powershell Script 

https://support.atera.com/hc/en-us/articles/5849002658844-How-do-I-remove-the-Atera-Agent-after-my-trial-has-expired

Regarding your query, what I would recommend, after you rename the PC, make sure to reboot it.  

After that, I would recommend to run the following script using PowerShell ISE as admin, locally :  

https://support.atera.com/hc/en-us/articles/5849002658844-How-do-I-remove-the-Atera-Agent-after-my-trial-has-expired

Once the script is finished, reboot the device again. In order for the registry keys to be removed / updated, reboot would be needed.  

After this, I would recommend using the CMD installation method instead of .MSI in order to install Atera Agent and assign it to the right customer. 

Function Get-UninstallCodes ([string]$DisplayName) { 

‘HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall’, ‘HKLM:SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall’ | ForEach-Object { 

Get-ChildItem -Path $_ -ErrorAction SilentlyContinue | ForEach-Object { 

If ( $(Get-ItemProperty -Path $_.PSPath -Name ‘DisplayName’ -ErrorAction SilentlyContinue) -and ($(Get-ItemPropertyValue -Path $_.PSPath -Name ‘DisplayName’ -ErrorAction SilentlyContinue) -eq $DisplayName) ) { 

$str = (Get-ItemPropertyValue -Path $_.PSPath -Name ‘UninstallString’) 

$UninstallCodes.Add($str.Substring(($str.Length – 37),36)) | Out-Null 

Function Get-ProductKeys ([string]$ProductName) { 

Get-ChildItem -Path ‘HKCR:Installer\Products’ | ForEach-Object { 

If ( $(Get-ItemProperty -Path $_.PSPath -Name ‘ProductName’ -ErrorAction SilentlyContinue) -and ($(Get-ItemPropertyValue -Path $_.PSPath -Name ‘ProductName’ -ErrorAction SilentlyContinue) -eq $ProductName) ) { 

$ProductKeys.Add($_.PSPath.Substring(($_.PSPath.Length – 32))) | Out-Null 

Function Get-ServiceStatus ([string]$Name) { (Get-Service -Name $Name -ErrorAction SilentlyContinue).Status } 

Function Stop-RunningService ([string]$Name) { 

If ( $(Get-ServiceStatus -Name $Name) -eq “Running” ) { Write-Output “Stopping : ${Name} service” ; Stop-Service -Name $Name -Force } 

Function Remove-StoppedService ([string]$Name) { 

$s = (Get-ServiceStatus -Name $Name) 

If ( $s ) { 

If ( $s -eq “Stopped” ) { 

Write-Output “Deleting : ${Name} service” 

Start-Process “sc.exe” -ArgumentList “delete ${Name}” -Wait 

} Else { Write-Output “Not Found: ${Name} service” } 

Function Stop-RunningProcess ([string]$Name) { 

$p = (Get-Process -Name $_ -ErrorAction SilentlyContinue) 

If ( $p ) { Write-Output “Stopping : ${Name}.exe” ; $p | Stop-Process -Force } 

Else { Write-Output “Not Found: ${Name}.exe is not running”} 

Function Remove-Path ([string]$Path) { 

If ( Test-Path $Path ) { 

Write-Output “Deleting : ${Path}” 

Remove-Item $Path -Recurse -Force 

} Else { Write-Output “Not Found: ${Path}” } 

Function Get-AllExeFiles ([string]$Path) { 

If ( Test-Path $Path ) { 

Get-ChildItem -Path $Path -Filter *.exe -Recurse | ForEach-Object { $ExeFiles.Add($_.BaseName) | Out-Null } 

# Mount HKEY_CLASSES_ROOT registry hive 

New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT | Out-Null 

####### 

# START: Information gathering 

####### 

# Get MSI package codes from the uninstall key 

$UninstallCodes = New-Object System.Collections.ArrayList 

‘AteraAgent’, ‘Splashtop for RMM’, ‘Splashtop Streamer’ | ForEach-Object { Get-UninstallCodes -DisplayName $_ } 

# Get product keys from the list of installed products 

$ProductKeys = New-Object System.Collections.ArrayList 

‘AteraAgent’, ‘Splashtop for RMM’, ‘Splashtop Streamer’ | ForEach-Object { Get-ProductKeys -ProductName $_ } 

# Define all the directories we’ll need to cleanup at the end of this script 

$Directories = @( 

“${Env:ProgramFiles}\ATERA Networks”, 

“${Env:ProgramFiles(x86)}\ATERA Networks”, 

“${Env:ProgramFiles}\Splashtop\Splashtop Remote\Server”, 

“${Env:ProgramFiles(x86)}\Splashtop\Splashtop Remote\Server”, 

“${Env:ProgramFiles}\Splashtop\Splashtop Software Updater”, 

“${Env:ProgramFiles(x86)}\Splashtop\Splashtop Software Updater”, 

“${Env:ProgramData}\Splashtop\Splashtop Software Updater” 

# Get all possible relevant exe files so we can make sure they’re closed later on 

$ExeFiles = New-Object System.Collections.ArrayList 

“${Env:ProgramFiles}\ATERA Networks” | ForEach-Object { Get-AllExeFiles -Path $_ } 

# Define a list of services we need to stop and delete (if necessary) 

$ServiceList = @( 

‘AteraAgent’, 

‘SplashtopRemoteService’, 

‘SSUService’ 

# Define a list of registry keys we’ll delete 

$RegistryKeys = @( 

‘HKLM:SOFTWARE\ATERA Networks’, 

‘HKLM:SOFTWARE\Splashtop Inc.’, 

‘HKLM:SOFTWARE\WOW6432Node\Splashtop Inc.’ 

####### 

# END: Information gathering 

####### 

# Uninstall each MSI package code in $UninstallCodes 

$UninstallCodes | ForEach-Object { Write-Output “Uninstall: ${_}” ; Start-Process “msiexec.exe” -ArgumentList “/X{${_}} /qn” -Wait } 

# Stop services if they’re still running 

$ServiceList | ForEach-Object { Stop-RunningService -Name $_ } 

# Terminate all relevant processes that may still be running 

$ExeFiles.Add(‘reg’) | Out-Null 

$ExeFiles | ForEach-Object { Stop-RunningProcess $_ } 

# Delete services if they’re still present 

$ServiceList | ForEach-Object { Remove-StoppedService -Name $_ } 

# Delete products from MSI installer registry 

$ProductKeys | ForEach-Object { Remove-Path -Path “HKCR:Installer\Products\${_}” } 

# Unmount HKEY_CLASSES_ROOT registry hive 

Remove-PSDrive -Name HKCR 

# Delete registry keys 

$RegistryKeys | ForEach-Object { Remove-Path -Path $_ } 

# Delete remaining directories 

#Write-Host “Waiting for file locks to be freed” ; Start-Sleep -Seconds 4 

$Directories | ForEach-Object { Remove-Path -Path $_ } 

Human Google Interface

November 9, 2025 /

HGI – Human-Google Interface

This includes more than most people will use often, but

here’s my list for the next batch of Windows admins to

save and pass around:

sysdm.cpl System Properties (to rename computer and

join domain)

dssite.msc Active Directory sites and services

dsa.msc Active Directory users and computers

appwiz.cpl Add/Remove programs

compmgmt.msc Computer management

timedate.cpl Date/Time management

devmgmt.msc Device Manager

dhcpmgmt.msc DHCP Management

cleanmgr Disk Cleanup Utility

diskmgmt.msc Disk Management

desk.cpl Display Settings

dnsmgmt.msc DNS Server Management

eventvwr.msc Event Viewer

lusrmgr.msc Local user and groups manager

mmc.exe Microsoft Management Console

main.cpl Mouse settings

ncpa.cpl Network adapter settings

powercfg.cpl Power Configuration

intl.cpl Regional Settings

services.msc Services

fsmgmt.msc Shared Folder Management

firewall.cpl Windows Firewall

wf.msc Windows Firewall Advanced

compmgmt.msc

Control + Win + Shift + B to “restart” your GPU driver.

Crtl windows key + v you get clipboard with a gui

.cpl and .msc shortcuts.

Man my life changed with those lol.

appwiz.cpl – Add or Remove Programsncpa.cpl – Network Connections

secpol.msc – Local Security Policy

sysdm.cpl – System Properties

If you are looking at a folder in Windows Explorer, click

into the path box, type cmd and hit enter. Command

prompt opens in that folder.

(Also, it finds an unfixed bug where you can’t access the

path box until you go to another folder and come back)

NEVER SLEEP AGAIN – Keep machine awake, kill all power saving/sleep/hibernate

November 9, 2025 /

To keep a machine awake forever, turning off all power saving/sleep settings, just paste this into command line.

powercfg /change monitor-timeout-ac 0 & powercfg /change monitor-timeout-dc 0 & powercfg /change standby-timeout-ac 0 & powercfg /change standby-timeout-dc 0 & powercfg /change hibernate-timeout-ac 0 & powercfg /change hibernate-timeout-dc 0

Tested in powershell, doesn’t work

Tested/verified working on windows 11, both local command line, and atera remote command line. 

Or just download and run caffeine

OOBE Command

November 9, 2025 /

%WINDIR%\system32\sysprep\sysprep.exe

That’s what you run on a machine once it’s been prepped, software installed etc, to bring it back to oobe (so the next reboot can ask about account setup etc.

Specifically helpful if you prepped a machine, but had to upgrade from home to pro.

PowerShell and Command Power settings itemized

November 9, 2025 /


Command Prompt

1.    Open an elevated Command Prompt:

·      Search for “cmd” in the Start menu.

·      Right-click on “Command Prompt” and select “Run as Administrator”.

Disable hibernation:
powercfg.exe /hibernate off

Disable all sleep states (including standby):
powercfg -change -standby-timeout-ac 0

powercfg -change -standby-timeout-dc 0

PowerShell

2.    Open an elevated PowerShell window:

·      Search for “PowerShell” in the Start menu.

·      Right-click on “Windows PowerShell” and select “Run as Administrator”.

3.        Disable hibernation:
PowerShell
Powercfg -Hibernate Off

4.       

5.        Disable all sleep states (including standby):
PowerShell
Powercfg -Change -Standby-Timeout-AC 0

6.        Powercfg -Change -Standby-Timeout-DC 0

7.       

Key Points:

·      AC vs. DC: The “-ac” and “-dc” options in the powercfg command distinguish between when the computer is plugged in (AC power) and when it’s running on battery (DC power).

·      Permanent change: These commands will permanently disable sleep and hibernation until you re-enable them.

·      Elevated permissions: You need to run Command Prompt or PowerShell as an administrator for these commands to work.

To Re-Enable Sleep and Hibernation

·      To re-enable hibernation, use:

·      powercfg.exe /hibernate on (Command Prompt)

·      Powercfg -Hibernate On (PowerShell)

·      To set specific timeouts for sleep modes, use the powercfg command with the desired timeouts in seconds.

Let me know if you’d like help customizing your timeout settings!

« Older posts Newer posts »

© 2026 Ultrex Staff

Theme by Anders NorenUp ↑