Jet Mariano

Author: jetnmariano

  • Ops Note — Picking the best vSAN host with one PowerCLI check

    Excerpt
    Quick, repeatable way to see CPU/RAM/vSAN headroom across hosts and choose where to place the next VM. Today it pointed us to vsan2.

    Intro
    Before cloning a new Windows VM, I ran a fast PowerCLI sweep across three vSAN hosts to compare free CPU, free memory, and vSAN free space. All three had identical vSAN capacity; vsan2 had the most free RAM, so that’s the landing spot.

    Straight line (what I did)
    • Pulled CPU and memory usage per host (MHz/MB) and calculated free.
    • Queried each host’s vSAN datastore(s) and summed free/total GB.
    • Printed a compact table to compare vsan1/2/3 at a glance.
    • Chose the host with the highest Mem_Free_GB (tie-break on vSAN free).

    Command (copy/paste)

    # Hosts to check (redacted)
$hosts = 'vsan1.example.local','vsan2.example.local','vsan3.example.local'

$report = foreach ($h in $hosts) {
  try {
    $vmh    = Get-VMHost -Name $h -ErrorAction Stop
    $cpuTot = $vmh.CpuTotalMhz;  $cpuUse = $vmh.CpuUsageMhz
    $memTot = $vmh.MemoryTotalMB; $memUse = $vmh.MemoryUsageMB

    $vsan      = $vmh | Get-Datastore | Where-Object { $_.Type -eq 'vsan' }
    $dsCapGB   = ($vsan | Measure-Object CapacityGB  -Sum).Sum
    $dsFreeGB  = ($vsan | Measure-Object FreeSpaceGB -Sum).Sum
    $dsFreePct = if ($dsCapGB) { [math]::Round(100*($dsFreeGB/$dsCapGB),2) } else { 0 }

    [pscustomobject]@{
      Host          = $vmh.Name
      CPU_Free_GHz  = [math]::Round(($cpuTot-$cpuUse)/1000,2)
      CPU_Total_GHz = [math]::Round($cpuTot/1000,2)
      CPU_Free_pct  = if ($cpuTot) { [math]::Round(100*(($cpuTot-$cpuUse)/$cpuTot),2) } else { 0 }
      Mem_Free_GB   = [math]::Round(($memTot-$memUse)/1024,2)
      Mem_Total_GB  = [math]::Round($memTot/1024,2)
      Mem_Free_pct  = if ($memTot) { [math]::Round(100*(($memTot-$memUse)/$memTot),2) } else { 0 }
      vSAN_Free_GB  = [math]::Round($dsFreeGB,2)
      vSAN_Total_GB = [math]::Round($dsCapGB,2)
      vSAN_Free_pct = $dsFreePct
    }
  } catch {
    [pscustomobject]@{ Host=$h; CPU_Free_GHz='n/a'; CPU_Total_GHz='n/a'; CPU_Free_pct='n/a';
      Mem_Free_GB='n/a'; Mem_Total_GB='n/a'; Mem_Free_pct='n/a';
      vSAN_Free_GB='n/a'; vSAN_Total_GB='n/a'; vSAN_Free_pct='n/a' }
  }
}

$report | Format-Table -AutoSize

# Optional: pick best host by RAM, then vSAN GB
$best = $report | Where-Object { $_.Mem_Free_GB -is [double] } |
        Sort-Object Mem_Free_GB, vSAN_Free_GB -Descending | Select-Object -First 1
"Suggested placement: $($best.Host) (Mem free: $($best.Mem_Free_GB) GB, vSAN free: $($best.vSAN_Free_GB) GB)"

    Result today
    • vsan2 showed the most free RAM, with CPU headroom similar across all three and identical vSAN free space.
    • Suggested placement: vsan2.

    Pocket I’m keeping
    • Check host headroom before every clone—30 seconds now saves hours later.
    • Prefer RAM headroom for Windows VDI/worker VMs; CPU is usually similar across nodes.
    • Keep a one-liner that prints the table and the suggested host.

    What I hear now
    Clone to vsan2, power up, then let DRS/vMotion rebalance after the build window. Repeat this check whenever adding workloads or after maintenance.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Marked in Time — “Preparing to Stand on Holy Ground”

    Reflections before reverence — a quiet stream “washes the edge” as the Saratoga Springs Utah Temple rises in the pool, a reminder to lay down our “shoes” and step onto holy ground.

    Excerpt
    Moses removed his shoes; I can remove my impurities. How I’m preparing my heart to meet God—at the temple and at home.

    Intro
    “Draw not nigh hither: put off thy shoes from off thy feet, for the place whereon thou standest is holy ground” (Exodus 3:5).
    Elder Ulisses Soares: “Taking off our worldly shoes is the beginning of stepping onto holy ground and being transformed in higher and holier ways.” — “Reverence for Sacred Things,” Apr 2025

    Straight line (what he’s saying)
    • Holy spaces (temples, homes, dedicated places) call for removing impurity before we approach.
    • The Lord’s pattern repeats: printing office “holy, undefiled”; temple “mine holy house”; Missouri temple where the pure in heart shall see God—holiness is both place and people.
    • Small, intentional acts (like forgiving in the parking lot) are today’s “shoe removal.”
    • We don’t make ourselves holy; we offer our will. Christ’s Atonement does the sanctifying.
    • Holiness is practical: reverence, clean hands/heart, focus, and meekness that lets the Spirit teach.

    Final reflection
    I arrive at holy ground with dust on my soul—hurry, annoyance, stray pride. God isn’t asking for theatrics; He’s asking for shoes—the little impurities I can actually take off.

    Pocket I’m keeping
    Pause before entry (temple or prayer): breathe, confess, forgive, then go in.
    Language fast: no sarcasm or sharp words on holy days.
    Clean gatekeeping: music, media, and thoughts that fit the space I’m entering.
    Offer the will: “Lord, here are my shoes today—take hurry, take resentment.”
    Home altar: make my living room reverent before I ask for revelation.

    What I hear now
    Saratoga Springs Temple at sunset, the waxing gibbous rising—before the doors or the camera, I’ll take off the day’s dust. Then let Him make the moment holy.

    Link to the talk
    Exodus 3:5 • Elder Ulisses Soares, “Reverence for Sacred Things” (Apr 2025) • Doctrine and Covenants 94:12; 95:16; 96:2; 97:15–16 • Moroni 10:32–33 (“Yea, come unto Christ… be perfected in him… sanctified in Christ… become holy, without spot.”)

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Marked In Time: “The Tugs and Pulls of the Word” – Neal A. Maxwell

    When the sky sings, even the moon waits its turn. Saratoga Springs Temple at dusk.

    Excerpt
    Many aren’t in transgression—they’re in diversion. The world tugs; disciples choose differently. My notes and how I’ll apply them this week.

    Intro
    Elder Neal A. Maxwell warns that diversion wastes “the days of [our] probation.” God’s plan isn’t pleasure—it’s happiness. The difference is discipleship.

    Straight line (what he’s saying)
    • The lures are old; the amplification is new—tech, media, hype.
    • Diversion builds “personalized prisons”: “of whom a man is overcome…”
    • Mortal honors are transient—“they have their reward.”
    • Remedies: Holy Ghost, family, worship/prayer/scripture, wise friends, Joseph-in-Egypt reflex (flee).
    • “Far country” is measured by fidelity, not miles—return is possible; resilience is covenant DNA.
    • God prizes who we become more than rank—our real résumé is ourselves.
    • See things as they really are/will be; give glory to God.

    Final reflection
    My risk isn’t rebellion; it’s drift—scrolls, refreshes, small hungers for applause. Diversion is bondage with nicer branding.

    Pocket I’m keeping
    • Access the Spirit first (scripture, prayer, sacrament), then apps.
    • Family first—real talk over parallel scrolling.
    • Choose friends/inputs that aim at Zion.
    • Flee fast; repent resiliently.
    • Measure worth by being (meek, patient, submissive), not spotlight.

    What I hear now
    Say “stand aside” to the world. Post the image, close the tab, sit with gratitude. The moon keeps rising; I don’t need every notification to matter. Souls > stars > stats.

    Link to the talk
    “The Tugs and Pulls of the World” — Neal A. Maxwell.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Marked in Time — “Consecrate Thy Performance” (Neal A. Maxwell)

    “Heart, soul, and mind.” When we offer all, He consecrates our performanc. Saratoga Springs Temple · waxing gibbous moon

    Excerpt
    Consecration isn’t giving things as much as yielding self. When heart, soul, and mind align with God, He consecrates our efforts for lasting good.

    Intro
    Elder Neal A. Maxwell teaches that ultimate consecration is our will swallowed up in the Father’s. Step by step, His grace is sufficient, and our performances are consecrated “for the lasting welfare of [our] souls.”

    Straight line (what he’s saying)
    • Consecration = yielding will to the Father—one stepping-stone at a time.
    • We often “keep back part” (skills, status, habits); partial surrender still diverts.
    • Worth is fixed; assignments change—He must increase, we decrease.
    • Good things can crowd out the first commandment; beware lesser gods.
    • Acknowledge His hand; avoid the “my power, my hand” trap.
    • Discipleship polishes us (rough stone rolling): contact, friction, meekness.
    • Surrendering the mind is victory; God teaches higher ways.
    • Jesus is the pattern—never lost focus; Gethsemane above all other miracles.

    Final reflection
    My hardest “part” isn’t money—it’s control. God wants a consecrated person more than a perfect portfolio. Yielded work beats impressive work.

    Pocket I’m keeping
    • Ask daily: “Lord, is it this?”—take the next small stone.
    • Worship before work; name His hand first.
    • Hold assignments lightly; hold Jesus tightly.
    • Trade applause for alignment.
    • Measure by love, patience, meekness.

    What I hear now
    I’ll hand Him today’s schedule, camera, and keyboard—and let Him aim them. Consecration is hourly trust; even detours can be consecrated.

    Link to the talk
    “Consecrate Thy Performance” — Neal A. Maxwell.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Marked in Time — “If Thou Endure Well” (Neal A. Maxwell)

    Saratoga Springs Utah Temple with a rising waxing gibbous moon.

    Excerpt
    None of us is immune from trial. Elder Neal A. Maxwell teaches that if we endure well, today’s struggles are shaped into tomorrow’s blessings. Here’s my mark-in-time takeaway and how I’m applying it.

    Intro
    I listened again to Elder Neal A. Maxwell’s devotional “If Thou Endure Well.” The sentence that stayed with me: None of us can or will be immune from the trials of life. However, if we learn to endure our struggles well, they will be turned into blessings in eternity. That’s both bracing and kind—God doesn’t waste pain when we place it in His hands.

    Straight line (what he’s saying)
    • Mortality guarantees opposition; surprise is optional.
    • Enduring well ≠ grim hanging-on; it’s faithful submission, patience, and continuing to choose light.
    • Timing is part of God’s tutoring—deliverance sometimes tarries so discipleship can deepen.
    • Gratitude and meekness change how trials shape us. They don’t shorten the storm, but they change the sailor.
    • The Lord consecrates affliction to our gain when we refuse cynicism and keep covenant routines (scripture, prayer, sacrament, service).

    Final reflection
    Enduring well is a decision repeated—quietly—over and over. It’s choosing not to narrate my trial as abandonment, but as apprenticeship. It’s trusting that God is doing more with my life than I can see from the shoreline.

    Pocket I’m keeping
    • Expect opposition; practice patience on purpose.
    • Pair prayers with small, durable acts (keep the next covenant, serve the next person, take the next right step).
    • Measure “progress” by faithfulness, not by ease.

    What I hear now
    Tonight’s images—reflections, a quiet bench, a waxing gibbous over the spire—feel like a lesson in waiting. I can’t rush the moon to its mark, but I can keep framing, steady my hands, and choose light again. If I endure well, God will finish the alignment.

    Link to the talk
    Full devotional: “If Thou Endure Well” — Neal A. Maxwell (BYU Speeches).

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Fixing “Sender not allowed” to an internal group (Exchange Online) — a quick forensic + runbook

    POST BODY

    When a partner emailed our all-hands list, they got an NDR:
    “the group only accepts messages from people in its organization or on its allowed senders list… sender not allowed.”

    We’d solved this once before and didn’t capture the steps. This time we did.

    Forensic summary (redacted)

    • group: all@[corp-redacted].com
    • external sender: firstname.lastname@[partner-redacted].com
    • symptom: NDR “sender not allowed”
    • root causes:
      1. the group required authenticated (internal) senders only, and
      2. the external wasn’t on the group’s allowed-senders list
    • gotcha we hit: New-MailContact failed with ProxyAddressExists — an existing MailUser already owned the external SMTP, so we reused it instead of creating a new contact

    Straight line (what fixed it)

    1. identify group by SMTP and check whether it’s a DL or a Microsoft 365 Group
    2. locate the external as an existing MailContact/MailUser (include soft-deleted objects)
    3. add that object to the group’s AcceptMessagesOnlyFromSendersOrMembers list
    4. allow the group to accept external senders (keeps the allow-list in effect)
    5. test and confirm with Message trace

    Reusable runbook (PowerShell, redacted)

    # 0) Connect
Connect-ExchangeOnline

# 1) Variables (edit these)
$GroupSmtp = "all@[corp-redacted].com"
$ExternalAddresses = @("firstname.lastname@[partner-redacted].com")

# 2) Resolve the group (works for DL or M365 Group)
$grp = Get-EXORecipient -Filter "PrimarySmtpAddress -eq '$GroupSmtp'"
$grp | fl Name,RecipientTypeDetails,PrimarySmtpAddress,Identity,ExternalDirectoryObjectId

# 3) Ensure each external exists as a recipient we can allow (MailContact/MailUser).
#    If already present (or soft-deleted), reuse it.
$recips = @()
foreach ($addr in $ExternalAddresses) {
  $r = Get-EXORecipient -ResultSize Unlimited -IncludeSoftDeletedRecipients `
       -Filter "PrimarySmtpAddress -eq '$addr'"
  if (-not $r) {
    try { New-MailContact -Name $addr -ExternalEmailAddress $addr | Out-Null
          $r = Get-EXORecipient -Filter "PrimarySmtpAddress -eq '$addr'" }
    catch { Write-Host "Contact already exists somewhere: $addr" }
  }
  $recips += $r
}
$recips | ft Name,RecipientTypeDetails,PrimarySmtpAddress -AutoSize

# 4) Add externals to allow-list AND allow external senders
if ($grp.RecipientTypeDetails -eq "GroupMailbox") {
  # Microsoft 365 Group (Unified Group)
  foreach ($r in $recips) {
    Set-UnifiedGroup -Identity $grp.ExternalDirectoryObjectId `
      -AcceptMessagesOnlyFromSendersOrMembers @{Add=$r.Identity}
  }
  Set-UnifiedGroup -Identity $grp.ExternalDirectoryObjectId -AllowExternalSenders:$true
  Get-UnifiedGroup -Identity $grp.ExternalDirectoryObjectId |
    fl DisplayName,PrimarySmtpAddress,AllowExternalSenders,AcceptMessagesOnlyFromSendersOrMembers
} else {
  # Distribution Group / Mail-enabled Security Group
  foreach ($r in $recips) {
    Set-DistributionGroup -Identity $grp.Identity `
      -AcceptMessagesOnlyFromSendersOrMembers @{Add=$r.Identity}
  }
  Set-DistributionGroup -Identity $grp.Identity -RequireSenderAuthenticationEnabled:$false
  Get-DistributionGroup -Identity $grp.Identity |
    fl DisplayName,PrimarySmtpAddress,RequireSenderAuthenticationEnabled,AcceptMessagesOnlyFromSendersOrMembers
}

# 5) Message trace (adjust window)
Get-MessageTrace -SenderAddress $ExternalAddresses[0] -RecipientAddress $GroupSmtp `
  -StartDate (Get-Date).AddHours(-2) -EndDate (Get-Date) |
  ft Received,Status,RecipientAddress,MessageId

    Common pitfalls we saw (and how we handled them)

    • ProxyAddressExists on New-MailContact → an existing MailUser/Contact already holds that SMTP; reuse it (or permanently remove the soft-deleted recipient first).
    • group can’t be found by display name → target by SMTP with Get-EXORecipient -Filter "PrimarySmtpAddress -eq '...'".
    • delivery still blocked after allow-list → the DL still required authenticated senders; set RequireSenderAuthenticationEnabled:$false (DL) or AllowExternalSenders:$true (M365 Group).

    Click-path (EAC, if you don’t want PowerShell)

    • Recipients → Contacts → add/find the partner’s contact
    • Recipients → Groups → open the group → Delivery management → “Accept messages from” → add the contact
    • For DLs: turn off “Require sender authentication”
    • For M365 Groups: enable “Allow external senders”

    Prevention / hygiene

    • keep an “Authorized External Senders — all” mail-enabled security group; allow that group on the DL/M365 Group, then just add/remove partner contacts over time
    • document the NDR verbatim and the message trace ID when you close an incident

    Redaction note

    All addresses and names are redacted. Replace with your real SMTPs when running the script.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Marked in Time — “Free to Choose” (Neal A. Maxwell)

    September 3, 2025 — after ~20 listens/reads since last night

    Manila Temple × Milky Way. Elder Neal A. Maxwell’s “Free to Choose” reminds me that joy needs both agency and daily submission—souls matter more than stars.

    Intro

    Elder Maxwell’s final BYU devotional (2004) feels like a compass: agency = joy + daily submissiveness. The line that keeps ringing: “Souls matter more than stars.” Freedom to choose is breathtaking—and sobering—because God honors our desires and won’t force us. That means peace is possible without compulsion, and accountability is real.

    Straight Line

    • Agency is God-given and personal. “I have given unto man his agency” (Moses 7:32). “Thou mayest choose for thyself” (Moses 3:17).
    • Agency is complete—consequence included. We can “live and move and do according to [our] own will” (Mosiah 2:21), but “whoso doeth iniquity, doeth it unto himself” (Hel. 14:30).
    • Opposition is required, not optional. We’re enticed “by the one or the other” (2 Nephi 2:16); no neutral exists.
    • Desires direct judgment. We receive “according to [our] desires” and “wills” (Alma 29:4). Educate desire = spiritual continuing ed.
    • Real risk: some are “not willing to enjoy that which they might have received” (D&C 88:32). Tragedy = turning down joy.
    • No decision is a decision. Delay discards the holy present; accountability stands “astride every path.”
    • Lucifer can tempt but not compel. God won’t force; the devil can’t force.
    • Patterns > moments. Repeated choices shape prayers, power, and promises kept.
    • Souls > stars. The cosmos is vast, but the gift to choose—and choose God—is vaster. Joy needs freedom and submissiveness.
    • God’s posture: “What could I have done more?” He gives the maximum reward and the minimum penalty justice allows.

    Final Reflection

    Agency isn’t adrenaline; it’s alignment. The Spirit clarifies; He doesn’t coerce. Maxwell hooks joy to two daily moves:

    1. Choose (don’t drift).
    2. Submit (trust the Father’s will), like the Savior did.

    That mix removes panic from decision-making. It reframes boundaries as worship, not deprivation. It also explains why I can feel peace while longing tugs—the peace marks my stance, not the absence of pressure.

    Pocket lines I’m keeping

    • No decision is a decision.
    • Educate your desires.
    • Souls matter more than stars.
    • He will not force us.

    What I hear now

    • Name the choice: I will use my freedom to choose covenant-keeping over compulsion.
    • Educate desire (micro-habits): one scripture paragraph; one honest prayer; one tiny act of service. Desires follow diet.
    • Boundary as submission: Not replying to triggering messages is choosing God now, not “avoiding.”
    • Presence over pressure: Wife is in town—people > stars (and > screens). Focus mode stays on; lock-screen previews stay minimal.
    • Work lens: In interviews, I’ll listen for agency patterns: signal → hypothesis → test → decision → ROI. Under heat, do they choose calmly and own consequences?
    • One-line prayer: Father, I choose Thy will in this hour; educate my desires and make my joy clean.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • “In Him All Things Hold Together” Elder Neal A Maxwell

    Syracuse Utah Temple at blue hour beneath a setting first-quarter moon. I lingered long; the nudge lingered longer. In Him, the night—and I—held together.

    Intro
    I lingered at the Syracuse Utah Temple until the first-quarter moon slid above the spire and the stars came on. The nudge I felt there was the longest I’ve ever carried from any temple—it stayed even while I was shooting. Elder Neal A. Maxwell’s cadence kept pacing me:

    In Christ all things hold together.” (Colossians 1:17)

    And he widened the frame of my night with this:

    I wish to talk about your unfinished journey. It is the journey of journeys… The trek awaits—whether one is rich or poor… married or single, a prodigal or an ever faithful. Compared to this journey, all other treks are but a brief walk in a mortal park or are merely time on a telestial treadmill.” —Elder Neal A. Maxwell

    The temple path made that “journey of journeys” feel less abstract and more immediate—boots on stone, heart in hand.

    The straight line
    Perishable skills expire; portable virtues don’t. The Lord is shaping “men and women of Christ”—meek, patient, full of love (Mosiah 3:19). When life frays, covenants are the stitching; Christ is the seam that actually holds me together.

    Final Reflection (Maxwell, in his own words)

    “These attributes are eternal and portable… Being portable, to the degree developed, they will go with us through the veil of death.”
    “Since He is risen from the grave, let us not be dead as to the things of the Spirit… In him all things hold together.”

    Standing beside the flower bed and the pale stone, I felt why: if I let Him order my heart, He will also order my steps.

    Another line the night underlined
    Elder Maxwell ties the sky to our discipleship:

    “At Christmastime we celebrate a special star… placed in its precise orbit long before it shone so precisely… ‘All things must come to pass in their time’ (D&C 64:32). His overseeing precision pertains not only to astrophysical orbits but to human orbits as well… our obligation to shine as lights within our own orbits.” —Elder Neal A. Maxwell (see Philippians 2:15)

    Insight: The moon over Syracuse wasn’t an accident; neither is where God has set me. If I stay in my covenant orbit—quiet, steady, on time—He’ll handle the timing and the alignment.

    What I hear now

    • Let Christ carry what’s flying apart. Pray first: “Hold this together in Thee.”
    • Choose portable over perishable. Practice a trait before a technique.
    • Shine in your current orbit. Steward the people and places already set around you; heaven runs on precision and timing.
    • Serve quietly. Authority of example > argument.
    • Take the yoke & learn (Matt. 11:29). Small obediences teach His large qualities.
    • Return, then refine. Revisit the same place (and person) until the light matches the message—the nudge at Syracuse taught me that.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Outlook Won’t Send, Can’t Search, or Stuck on “Updating”? A One-Page Fix (for Everyone)

    Outbox (1) and a red error banner—typical signs Outlook can’t send because the local data file (OST/PST) hit the size limit or the client is Working Offline.

    Intro

    When mail matters, guessing hurts. This is the quick way I fix the three big Outlook problems—won’t send, can’t search, won’t connect—with steps for employees and deeper checks for admins.

    The straight line

    Rule #1: Prove if it’s your Outlook, your profile, or the service—then act. Don’t change ten things; follow the flow.

    For employees (5 fixes you can do safely)

    1. Compare with Outlook on the web
      • Open your browser → sign in to outlook.office.com.
      • If web mail works, your account is fine; the issue is this device/Outlook app.
    2. Check the basics
      • Make sure Work Offline isn’t turned on.
      • Restart Outlook (fully exit from the tray), then restart the computer.
      • Trim the Outbox: very large attachments (>20–25 MB) can block the queue.
    3. Search not finding results?
      • Windows: Outlook → File → Options → Search → Indexing OptionsRebuild. Give it time.
      • Mac: System Settings → Siri & Spotlight → ensure Mail & Messages are allowed. If needed, add then remove your Outlook profile folder from Spotlight Privacy to force a re-index.
    4. Disable add-ins (quick test)
      • Windows: File → Options → Add-insCOM Add-ins → Go… → uncheck all (especially meeting/CRM add-ins).
      • Mac (New Outlook): Get Add-insMy add-ins → disable. Re-test.
    5. Free up mailbox space
      • Empty Deleted Items and Junk, clear Sync Issues folders, and archive old Sent Items. Low free space = slow Outlook.

    If mail works on the web but not in the app after these steps, it’s a profile or device issue—hand off to IT or continue with the admin flow below.

    For IT pros (targeted triage)

    1) Scope & signal

    • Service or client? If OWA works and multiple users in the site are fine, it’s local.
    • Status bar messages matter: “Trying to connect…”, “Updating this folder…”, “Need password”, “Limited connectivity”—write them down.

    2) Profile & connectivity

    • New profile (Windows): Control Panel → Mail (Microsoft Outlook)Show Profiles…Add → set Prompt for a profile and test.
    • Connection Status (Windows): Ctrl + right-click the Outlook tray icon → Connection Status; confirm Auth/Protocol and server round-trip.
    • Cached Exchange setting: File → Account Settings → Account → Change… → move the mail to keep offline slider down (e.g., 6–12 months) and retest.

    3) Search

    • Windows Search service running? Rebuild from Indexing Options and ensure Outlook is in the index list.
    • OST health: If search is corrupt or folders are out of sync, close Outlook, rename the OST, reopen to rebuild.

    4) Add-ins & startup

    • Safe mode test (Windows): Start Outlook while holding Ctrl (you’ll be asked to start in safe mode). If that works, remove add-ins (Teams/Zoom/CRM are usual suspects).
    • Reset the navigation pane (Windows): Run command box and reset the nav pane if views are corrupted (as an IT step).

    5) Credentials & auth

    • Windows Credential Manager: remove stale Office/Outlook creds; relaunch and re-auth.
    • Modern Auth prompts stuck? Close all Office apps; kill background “Office” processes; try again.

    6) Calendar & send issues

    • Delegate/Shared mailbox problems:** verify Full Access/Send As and re-map the mailbox.
    • Rules causing loops: export, disable all, re-test send/receive.
    • Stuck meetings: clear Outbox, switch to Online Mode briefly, send, switch back to Cached.

    7) Tools that save time

    • Microsoft Support and Recovery Assistant (SaRA): excellent for profile, activation, and connection repairs.
    • Message Trace (Exchange/Defender portals): confirm delivery path before blaming the client.

    8) When to rebuild or repair

    • New profile fixed it? Keep it and retire the old one.
    • Office repair (Quick Repair, then Online Repair) if multiple Office apps are unstable.

    60-second decision tree

    1. OWA works?
      • No → service/network issue; escalate.
      • Yes → client/device issue → continue.
    2. Safe mode works?
      • Yes → disable add-ins until stable.
      • No → new profile.
    3. Still failing after new profile?
      • Check Credentials, Cached slider, OST rebuild.
      • If send only fails for shared/delegate mailbox → permissions or transport rules.
    4. Search still blank?
      • Rebuild index (Windows), verify Spotlight (Mac), rebuild OST.

    Prevent the repeat (settings that help)

    • Mailbox hygiene: retention/archiving for Sent & large attachments.
    • Keep add-ins lean: only what the team truly uses.
    • Known-good profile image: for kiosk/reimaging scenarios.
    • Network indicators: if Wi-Fi is flaky, Outlook shows it first—fix the Wi-Fi.
    • One place for help: a short “How to open OWA + report exact error text + timestamp” guide pinned for staff.

    Final reflection — why this approach won’t go away

    • Clarity beats tinkering. OWA tells you if it’s the account or the app.
    • Profiles are perishable. Rebuilding is faster than endless registry spelunking.
    • Add-ins are the usual villains. Test in safe mode first.
    • Search takes time. Reindex once, then let it finish; don’t keep poking.
    • Document the path. The same steps teach juniors and calm frustrated users.

    For employees — Data file full? (PST/OST ~50 GB default)

    Symptoms: messages stuck in Outbox, sync never finishes, warnings about “data file reached maximum size.”

    Fix (Windows Outlook):

    1. Outlook → File → Info → Tools → Mailbox Cleanup
      • Empty Deleted Items / Junk.
      • View Mailbox Size → delete/archive biggest folders (Sent Items is usually #1).
    2. Search for big attachments: in the search bar choose Size → Huge (> 1 MB) or Very Large (> 5 MB) and delete/move.
    3. Data file compact: File → Account Settings → Account Settings → Data Files (tab) → select your account’s Outlook Data FileSettings → Compact Now.
    4. If you use Exchange/Business account: File → Account Settings → Account Settings → Change → slide “Mail to keep offline” down to 6–12 months, then restart Outlook (older mail stays available in OWA).

    If OWA sends fine but the app still can’t after this, hand it to IT (profile rebuild or archive needed).

    For IT pros — PST/OST limits & remediation

    • Default limit: modern Outlook uses ~50 GB per PST/OST (configurable via policy). Near the cap (there’s a warn threshold), send/receive fails and users see “data file has reached maximum size.”
    • Triage: confirm the user’s Data Files size (File → Account Settings → Account Settings → Data Files), and whether the profile caches shared mailboxes (common OST bloat).
    • Remediation options (prefer in this order):
      1. Mailbox hygiene / archiving: enable Online Archive (Exchange Online) and apply retention to move old items automatically.
      2. Reduce cache depth: set Mail to keep offline to 3–12 months; leave older mail online.
      3. Shared mailbox strategy: uncheck Download shared folders (Account Settings → More Settings → Advanced) for very large shared mailboxes, or add them as additional mailboxes without caching.
      4. Compact / rebuild OST: after cleanup, compact; if corruption suspected, close Outlook, rename the OST, relaunch to rebuild.
      5. Policy keys: you can raise the max size via policy/registry (also set the warn threshold) but Microsoft guidance is to favor Online Archive over very large OST/PST files.

    Tell-tale errors/messages: send stuck in Outbox, “Data file reached maximum size,” frequent sync loops; OWA sends normally.

    What I hear now

    • Start with service vs. client (OWA).
    • Safe mode, then add-ins.
    • If in doubt, new profile.
    • Index once, wait.
    • Be kind: Outlook issues feel personal to users—steady process helps them breathe.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • When a “Microsoft” alert hijacks your screen after a spoofed Facebook call

    Tech-support scam pop-up mimicking Microsoft Defender with a bogus support line 877-415-4519DO NOT CALL.

    Intro

    Tonight’s “video call” looked like it came from a friend. The moment you tapped Accept, your browser flipped full-screen: “Microsoft has shut down your internet. Do not turn off your computer. Call now.” That’s a classic tech-support scam—built to scare, not to help.

    ─────────────────────────────────────────

    What’s really happening

    • It’s only a web page (often opened by the call link) that abuses pop-ups, full-screen mode, and fake Windows/Defender art.
    • Microsoft/Apple/your ISP never lock your device through a browser or post a phone number to call.
    • If you call, they’ll try to remote in, install “fixers,” and charge you—or steal data.

    ─────────────────────────────────────────

    Do this immediately (quick exit)

    1. Do not call. Do not click.
    2. Kill the browser.
      • Windows: Ctrl+W (close tab). If stuck, Alt+F4 or open Task Manager (Ctrl+Shift+Esc) and End task on the browser.
      • Mac: +W (close tab). If stuck, Force Quit with ++Esc.
      • iPhone/iPad/Android: swipe up and force-close the browser app.
    3. Reopen safely (prevents the bad tab from restoring):
      • Windows/Mac: hold Shift while launching the browser to block session restore.
      • iPhone Safari: Settings ▸ Safari ▸ Clear History and Website Data.
      • Chrome mobile: Chrome ▸ ⋮ ▸ History ▸ Clear browsing data (Time range: All time).

    ─────────────────────────────────────────

    Clean up (2–5 minutes)

    • Run a scan. Windows: Windows Security ▸ Virus & threat protection ▸ Quick scan (then a Full scan later). Mac/mobile: update OS; run your trusted AV if installed.
    • Remove permission junk.
      • Browser Notifications/Permissions: Settings ▸ Privacy & security ▸ Site settings ▸ Notifications ▸ remove unknown sites.
      • Extensions/Add-ons: remove anything you don’t recognize.
    • Messenger/Facebook safety.
      • Tell your friend their account may be compromised.
      • Facebook ▸ Settings ▸ Password & security ▸ Where you’re logged in ▸ Log out of unknown sessions; Turn on two-factor.
    • If you entered info / installed software / called them:
      • Disconnect from the internet.
      • Uninstall any remote tools they had you add (AnyDesk, TeamViewer, Quick Assist sessions).
      • From a clean device, change passwords (email first).
      • Run Microsoft Defender Offline scan (Windows Security ▸ Scan options).
      • Contact your bank if you paid or shared card info.

    ─────────────────────────────────────────

    Prevent the next one

    • Treat surprise video calls as suspect. Decline and message the friend to confirm.
    • Lock calling down in Messenger: Settings ▸ Privacy ▸ Message delivery / Who can call you ▸ restrict to Friends.
    • Keep autosaving tabs off if you don’t need it.
    • Update OS and browsers; updates close the tricks these pages use.
    • Never let strangers remote into your device. Real companies don’t cold-call you for support.

    ─────────────────────────────────────────

    Final Reflection

    Scams run on panic. Breathe, quit the tab, then clean up. A browser page can’t “brick” your computer—but fear can make us hand over the keys.

    ─────────────────────────────────────────

    What I hear now

    • Close first, investigate second.
    • Call no numbers that pop up on a web page.
    • Verify with the friend; secure your accounts; turn on 2FA.
    • Slow is smooth, and smooth is fast.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • “Meeting The Challenges Today” Neal A. Maxwell

    Last light, first peace. Syracuse Utah Temple. 🌅

    “Meeting the Challenges of Today” — Elder Neal A. Maxwell

    Intro

    Driving to the Syracuse Temple, I queued up Elder Neal A. Maxwell’s 1978 devotional “Meeting the Challenges of Today.” One line kept burning: God’s foreknowledge and foreordination “underline how very long and how perfectly God has loved us and known us with our individual needs and capacities.” That changes how I face pushback—not with heat, but with holy steadiness.

    Listening loop: I’ve listened/read this message 30+ times since Thursday—car to Jordan River, then to Syracuse. Each pass peeled back another layer.

    Selected lines (to read slowly)

    • “In the months and years ahead, events will require of each member that he or she decide whether…to follow the First Presidency.”
    • “A new irreligion seeks to make itself the state religion…using preserved freedoms to shrink freedom.”
    • “Be principled but pleasant…perceptive without being pompous.”
    • “We were measured before and found equal to our tasks…God will not overprogram us.”

    Doctrine Note: Foreordination ≠ Predestination

    Foreordination is a conditional stewardship, not a guarantee. God can foresee outcomes without forcing them; agency remains intact.

    • David: God foresaw David’s fall but did not cause it. David chose Bathsheba; agency—and accountability—were David’s.
    • Martin Harris (116 pages): God foresaw the loss and prepared a remedy centuries earlier (see D&C 10; Words of Mormon).
    • Conclusion: God is never surprised; we are never compelled. Foreordination calls us to faithfulness, not fatalism.

    When minor defeats loom

    “There will also be times, happily, when a minor defeat seems probable, that others will step forward, having been rallied to righteousness by what we do.” — Elder Neal A. Maxwell

    How I’ve seen this: when I was knocked down at work, unexpected help appeared—quiet encouragements, timely messages, and small mercies that kept me moving. God’s compensating provisions are often people.

    Practice today: Who can I quietly rally by how I show up? Act first; announce later.

    My working understanding now

    • God doesn’t live inside my clock. He sees past–present–future at once.
    • Agency is real. He allowed me to choose Utah and walk hard roads; He wasn’t the cause of every sorrow, nor surprised by any of it.
    • Compensating provisions exist. He prepares remedies far ahead of my missteps.
    • **We are not foreordained to fail, but called to succeed—**and to become.

    Becoming, Not Just Describing

    Maxwell doesn’t invite us to argue; he invites us to become. Utah’s quiet—sometimes lonely—became the classroom where I finally studied harder, worshiped more steadily, and let the doctrine soak until it changed my reflexes.

    How I’ll practice becoming (small and daily):

    • Act > announce: do the next right thing before I say the next right thing.
    • Covenant rhythm: weekly temple worship, even when feelings lag.
    • Charity first: measure responses by love, not by likes or score-keeping.
    • Ask once, then release: honor others’ agency as God honors mine.

    Working creed: God foresees; I choose. If I stay on the covenant path, I’m not “stuck”—I’m becoming what my blessing already pointed to.

    Foreordination (Maxwell’s core teaching — extended excerpt)

    “Foreordination is like any other blessing—it is a conditional bestowal subject to our faithfulness… Prophecies foreshadow events without determining the outcomes… God foresaw the fall of David, but was not the cause of itGod foresaw, but did not cause, Martin Harris’s loss… and made plans to cope with that failure over fifteen hundred years before it was to occur.”

    Premortal memory (often called the “council in heaven”) — Joseph F. Smith:

    “In coming here, we forget all, that our agency might be free indeed… by the power of the Spirit… we often catch a spark from the awakened memories of the immortal soul, which lights up our whole being as with the glory of our former home.” (Gospel Doctrine, pp. 13–14)

    Why this belongs here: Foreordination honors agency; mortal forgetting protects it. The Spirit’s “spark” is what turns doctrine into direction—reminding me who I’m to become, not scripting how I’m forced to get there.

    When minor defeats loom (for this week’s online heat)

    “There will also be times, happily, when a minor defeat seems probable, that others will step forward, having been rallied to righteousness by what we do.”

    Application: in the FB pile-on, unexpected help appeared. God’s compensating provisions are often people. Charity begets courage in others.

    Tone to keep (even online):

    “Be principled but pleasantperceptive without being pompoushave integrity and not write checks with our tongues which our conduct cannot cash.”

    We cannot judge who will come (God’s sight ≠ our verdicts)

    “The Lord… said, ‘Cast the net on the right side’… If he knew beforehand the whereabouts of fishes in the Sea of Tiberias, should it offend us that he knows beforehand which mortals will come into the gospel net?

    Application: He knows who will soften, when, and how. My job is faith and kindness—not forecasting souls.

    A living (not retired) God

    “One dimension of worshipping a living God is to know that he is alive and seeing and acting. He is not a retired God… He is, at once, in all the dimensions of time—past, present, and future—while we labor within time’s limits.”

    Takeaway: He foresees without forcing, prepares without pampering, and lives to help—now.

    Final Reflection

    If God truly knew us and trusted us with these exact days, then opposition isn’t proof He abandoned us; it’s evidence He appointed us. Foreordination isn’t status—it’s stewardship; not a guarantee—but a charge to be faithful.

    What I hear now

    • Choose loyalty early; live it quietly.
    • Be firm without sharpness—principled but pleasant.
    • Treat foreordination as fuel for service, not status.
    • When weary, remember: we were measured before, and God won’t press more than we can bear.
    • Let pushback refine your discipleship, not redefine it.


    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • “I Love To See The Temple”

    Jordan River Utah Temple — filmed today around 3:15 pm on the way home from work. Summer birds, soft wind, and a steady spire through the trees… “a place of love and beauty.”

    Intro
    On the way home I pulled over where the Jordan River Temple rises above the trees and filmed a slow, quiet pass. The line kept looping: “a place of love and beauty.” With the temple in view, “I’ll prepare myself…” didn’t sound like childhood someday—it sounded like a choice for today.

    Song
    I Love to See the Temple — Janice Kapp Perry

    I love to see the temple;
    I’m going there someday
    to feel the Holy Spirit,
    to listen and to pray.
    For the temple is a house of God—
    a place of love and beauty.
    I’ll prepare myself while I am young;
    this is my sacred duty.

    I love to see the temple;
    I’ll go inside someday.
    I’ll covenant with my Father;
    I’ll promise to obey.
    For the temple is a holy place
    where we are sealed together.
    As a child of God, I’ve learned this truth:
    a family is forever.

    Final Reflection
    This children’s hymn grows up with us. “I’ll go inside someday. I’ll cov’nant with my Father; I’ll promise to obey.” The melody is simple; the promises are not. Preparation is worship. Obedience is love in motion. And “As a child of God, I’ve learned this truth: A fam’ly is forever” is more than a lyric—it’s a covenant Christ makes possible in His house.

    What I hear now

    • Prepare beats postpone. If it’s “my sacred duty,” act today.
    • Covenants quietly reorder life.I’ll promise to obey” changes calendars and priorities.
    • Keep the temple in frame. Let “a place of love and beauty” shape how I speak, serve, and schedule.
    • Family is the point. Live so “a fam’ly is forever” feels true at home, not just in song.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • “A Wonderful Flood of Light” (Elder Neal A. Maxwell)

    Draper Utah Temple, late-morning sunbeams after summer clouds—color in the garden, light on the steeple. A small, literal “flood of light.” 🌤️✨🌸

    Intro
    Some days we feel a homesick tug for “another place”—only a mist of memory, but real enough to re-center us. President Joseph F. Smith taught that through obedience we sometimes catch a spark from awakened memories of the immortal soul that lights our whole being. Elder Maxwell adds that most of us arrive in mortality as buds of possibility, meant to open under covenant light—not merely to admire truth, but to apply it.

    Final Reflection
    Think of yourself not only as you are, but as you can become. Our premortal traits still whisper here; environment matters, but eternal identity matters more. Light from the Restoration isn’t for display—it is for development: meekness, patience, mercy. Knowledge informs; obedience transforms. Keep placing today’s light on today’s altar until those buds of possibility unfold.

    What I hear now

    • Receive impressions before the morning mists burn off.
    • Lead with identity; let environment follow.
    • Nurture buds with small, exact obedience.
    • Move truth from admired → applied—light becoming life.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Called To Serve

    Called to serve.” Elder Mariano’s missionary tag resting on well-used scriptures—belief becoming deeds. 📖

    Intro

    I’ve been looping Elder Neal A. Maxwell’s “Called to Serve.” Two voices keep converging: King Benjamin’s charge, “If you believe all these things, see that ye do them” (Mosiah 4:10), and Elder Maxwell’s reminder that **deeds, not words—and becoming, not describing—**define discipleship. Mere assent without application is like hearing a lecture but skipping the lab. The audit is personal: Am I taking the field trip with the Savior, or just acing the lecture?

    Final Reflection

    “One mistake we can make… is to value knowledge apart from the other qualities to be developed in submissive discipleship… Being knowledgeable, by itself… is not enough… It’s like being briefed on a field trip but never taking the field trip.” And then the piercing question: “Are we steadily becoming what gospel doctrines are designed to help us become? Or are we… rich inheritors… but poor investors…?” —Elder Neal A. Maxwell, Called to Serve (BYU, Mar 27, 1994)

    Elder Maxwell won’t let truth stop at the ears. Doctrine is meant to develop us—into merciful, meek, patient disciples. King Benjamin removes the wiggle room: if we believe, we do (Mosiah 4:10). Knowledge informs; obedience transforms. The treasure we’ve inherited only yields a return when we invest it in daily, quiet, consecrated doing.

    Elder Maxwell says our “defining moments” rarely stand alone; they’re preceded by small, subtle preparatory moments and followed by many smaller moments shaped by them. His Okinawa story (age 18) shows how a single spared moment led to a lifetime pledge—and then came years of quiet confirmations: the Lord’s short, crisp promptings (often “more instructions than explanations”), the urgent nudge to “write the letter now,” and the painter’s metaphor—countless brushstrokes that outsiders may not value, but God is “in the details.” Put beside King Benjamin’s charge, the pattern is clear: belief ripens into decisive, timely doing. Knowledge informs; obedience transforms. Defining moments are built, one obedient brushstroke at a time.

    What I hear now

    • My past can shape me, but it will not script me.
    • Charity tells the truth and sets kind boundaries.
    • Don’t just know the gospel—become it.
    • Belief proves itself by doing (Mosiah 4:10).
    • Trade admiration for application—put today’s light on today’s altar.
    • Measure growth by Christlike traits formed, not facts recalled.
    • Keep taking the “field trips” of faith—show up, serve, endure cheerfully.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • His Image in Your Countenance

    Rain on the glass, light in the heart—‘Have you received His image in your countenance?

    Intro
    Yesterday after work, I was driving in the rain and decided to swing by the Taylorsville Utah Temple to photograph it through the windshield. The lyric asks, “Does the Light of Christ shine in your eyes?” Storms don’t decide that—presence does. The rain softened everything, but the temple remained steady, a quiet reminder of “a beauty from within.”

    His Image in Your Countenance (Janice Kapp Perry) — full song

    With no apparent beauty that man should Him desire,
    He was the promised Savior to purify with fire.
    The world despised His plainness, but those who followed Him
    Found love and light and purity—a beauty from within.

    Chorus
    Have you received His image in your countenance?
    Does the Light of Christ shine in your eyes?
    Will He know you when He comes again, for you shall be like Him?
    When He sees you, will the Father know His child?

    We seek for light and learning as followers of Christ,
    That all may see His goodness reflected in our lives.
    When we receive His fulness and lose desire for sin,
    We radiate His perfect love—a beauty from within.

    The ways of man may tempt us, and some will be deceived,
    Preferring worldly beauty, forgetting truth received.
    But whisperings of the Spirit remind us once again
    That lasting beauty, pure and clear, must come from deep within.

    Final Reflection
    Two lines won’t leave me: “Does the Light of Christ shine in your eyes?” and “We radiate His perfect love—a beauty from within.” The first is a question of identity; the second is a promise of overflow. Christ does not polish the surface—He converts the source. When His fulness displaces our old appetites, radiance stops being borrowed and starts being reflected. The world chases visibility; disciples seek visibility of Him. And like last night’s view, life can be rainy without being dim. If He is in frame, light still finds us—and then finds others through us.

    What I hear now

    • Holiness isn’t cosmetic; it’s conducted through a willing heart.
    • Eyes preach what lips can’t; let them carry peace.
    • Reflection over performance: light, not glare.
    • Repent quickly so the window stays clear.
    • Trade comparison for compassion; both can’t live in the same face.
    • Keep the Temple in frame when the week gets rainy.
    • Ask nightly: “Did someone feel His love in my countenance today?”

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • 5-Minute Fix: Why Your Windows PC Feels Slow (and what to try before calling IT)

    Top memory consumers at a glance—captured with PowerShell to diagnose a sluggish system.

    TL;DR: Check Task Manager → close the hog → restart apps/PC → free space → trim startup apps → update → quick scan. If it’s still slow, capture a screenshot and call IT.

    1) Is it one app or everything?

    • Press Ctrl+Shift+EscTask ManagerProcesses.
    • If CPU / Memory / Disk sits >90% for a minute, note the top app.
    • Right-click → End task (only on apps you opened). If speed returns, you found the culprit.

    2) Quick reset (fastest real fix)

    • Save work → Restart the PC (not Shut down). Restarts clear memory leaks and stuck updates.

    3) Free up space

    • Open File Explorer → This PC. If your C: drive has <10 GB free, Windows will crawl.
    • Settings → System → Storage → Storage Sense → Run cleanup now.
    • Empty Downloads and Recycle Bin if safe.

    4) Trim startup apps (the slow-boot killers)

    • Ctrl+Shift+Esc → Startup apps.
    • Set non-essentials to Disabled (music updaters, PDF helpers, “helper” launchers, etc.). Leave security/backup tools enabled.

    5) Browser bloat check

    • Close tabs you don’t need.
    • Disable heavy extensions (Edge/Chrome → … → Extensions).
    • Consider “Continue running background apps” Off (Chrome → System).

    6) Updates (do it once, then restart)

    • Settings → Windows Update → Check for updates.
    • Install → Restart outside your busiest hour.

    7) Quick malware scan

    • Windows Security → Virus & threat protection → Quick scan.

    8) Network ≠ computer

    • If only web/video is slow, run a quick speed test. If speed is normal but the PC lags, it’s local; if speed is bad on all devices, it’s the network.

    Optional: Simple PowerShell checks (for confident users)

    Open PowerShell as your normal user.

    Top memory users

    Get-Process | Sort-Object -Descending WorkingSet |
 Select-Object -First 10 Name,Id,@{n='RAM(MB)';e={[math]::Round($_.WorkingSet/1MB)}}

    Disk space by drive

    Get-PSDrive -PSProvider FileSystem |
 Select Name,@{n='Free(GB)';e={[math]::Round($_.Free/1GB,1)}},
        @{n='Used(GB)';e={[math]::Round(($_.Used)/1GB,1)}}

    List startup items (view only)

    Get-CimInstance Win32_StartupCommand | Select Name,Command,Location

    Tip: Disable startup apps in Task Manager, not via the registry.

    When to call IT (and what to send)

    If it’s still slow after these steps, send:

    • A screenshot of Task Manager → Processes (sorted by CPU and then Memory),
    • Your free disk space (C: drive),
    • What you were doing when it slowed down.

    That info turns a 30-minute back-and-forth into a 5-minute fix.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • The Quest

    Each step will leave its mark. “My footsteps are protected / By one who cares to see my life.”

    Intro
    “Though I am young, I know the way; the road lies marked before me.” Youth isn’t drift; it’s direction. And “I stand free to weave my life from my heart’s lovely pattern”—agency as craftsmanship. The quest isn’t loud or showy; it’s steady steps on a marked road, shaped with God.

    The Quest (full lyrics)
    Seminary Album, “The Quest,” 1977

    Though I am young, I know the way;
    the road lies marked before me.
    I can progress, rejoice, and grow—
    the sources given to me to know.

    That sweet, unchanging promise: the Quest.

    For I stand free to weave my life
    from my heart’s lovely pattern.
    I have a vague soft’s memory
    of what I was, yet cannot see—
    that helps me not to faulter.

    Often I stand alone,
    forsake the crowds around me;
    seek strength to live the truths I find,
    clothe modestly my flesh and mind—
    my spirit’s humble and refined.
    I can be pure because I see the joy
    that waits eternally.

    Each step I take will leave its mark,
    for each step leads me somewhere;
    and though the end is deemed to sight,
    the steps I take, if true and right,
    will bring me exaltation.

    I know I do not walk alone—
    my footsteps are protected
    by One who cares to see my life
    shine forth in beauty and love and light,
    exalted and perfected.

    Often I stand alone,
    forsake the crowds around me;
    seek strength to live the truth I find,
    clothe modestly my flesh and mind—
    my spirit’s humble and refined.
    I can be pure because I see the joy
    that waits eternally.

    This is my quest.
    This is my quest.

    Final Reflection
    “Each step I take will leave its mark… and though the end is deemed to sight, the steps I take, if true and right, will bring me exaltation.” Small, faithful steps compound. And “I know I do not walk alone—my footsteps are protected…” The hidden gem is how standards (modesty of flesh and mind, truth first, crowd second) are framed as joy: “I can be pure because I see the joy that waits eternally.”

    What I hear now
    • Agency is artistry: I’m weaving a life with God, not winging it.
    • Holiness is glad, not grim; joy powers obedience.
    • Standing apart is part of discipleship.
    • The Lord walks the road with me—protection, light, and finish.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Free to Choose

    Mount Timpanogos Utah Temple — double rainbow before the storm.

    Intro
    On the drive to my 7:30 pm proxy endowment, I played the Seminary song “Free to Choose” and felt the nudge to write. The song isn’t about doing whatever I want; it’s about turning agency toward the light—again and again. When it says:

    So I choose freedom,
    and there I learn to walk within the light…
    what leads me to free to choose again—
    and again…”

    that’s discipleship: choices that keep future choices open. And when it warns,

    “If I refuse… don’t be confused;
    …can slip and fall—
    got to stay free to choose,”

    it’s honest about missteps. Freedom shrinks when I’m captured by habits, pride, anger, or appetite; it grows when I repent and realign with Jesus Christ. That’s why the temple fits this song so well.

    Song: Free to Choose (Seminary album, 1987)

    I’m free to choose,
    to win or lose,
    no matter who
    comes and tries to turn my head around—
    and I’ll be fine.

    I’m in control;
    I’m free to choose,
    I’m free to choose.

    I’ve heard the news
    that I can choose
    the song I sing and what I want to say—
    what I got tied.

    I will set my goals,
    ’cause I’m free to choose.

    So I choose freedom,
    and there I learn to walk within the light.
    He said I’ll choose
    what leads me to free to choose again—
    and again—so when I choose,

    If I refuse,
    don’t be confused;
    just understand that I can cross the line,
    can slip and fall—
    got to stay free to choose.

    Choose what I will be;
    I am free to choose.

    So I choose freedom—
    I am free to choose.

    How the song teaches agency (my takeaway)
    “I will set my goals”—Agency is deliberate, not drift.
    “Walk within the light”—Freedom is not rebellion; it’s alignment.
    “Choose again—and again”—Agency is renewed daily on the covenant path.
    “If I refuse… can slip and fall”—Repentance restores freedom; sin constricts it.
    “Got to stay free to choose”—Guard the heart from anything that addicts, divides, or dulls the Spirit.

    Reinforced by Elder Neal A. Maxwell
    “[God] wants us to have joy. We cannot do that unless we are free to choose. But neither can we have that joy unless we are willing to be spiritually submissive day in, day out, and unless we exercise that grand and glorious freedom to choose in which people truly matter more than stars.”
    — Elder Neal A. Maxwell, “Free to Choose,” BYU Devotional, March 16, 2004

    “So, brothers and sisters, here we are in Eden, and Eden has become Babylon… Even if we leave Babylon, some of us endeavor to keep a second residence there… Babylon does not give exit permits gladly… No wonder Jesus’s marvelous invitation to leave Babylon’s slums and join Him in the stunning spiritual highlands goes largely unheeded.”
    — Elder Neal A. Maxwell, “A Wonderful Flood of Light,” BYU Devotional, March 26, 1989

    Final reflection
    Agency is God’s gift; joy is the fruit of using it His way. The world shouts for weekend commutes back to Babylon. The temple whispers, “Choose light again.” Tonight I choose freedom by choosing Christ—so I can keep choosing tomorrow.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • That’s You and That’s Me

    Two open hands—one giving, one receiving. Some needs are plain to see; others we carry quietly. That’s you and that’s me.

    Intro
    Some needs are easy to spot—a hand outstretched at a corner, a face weeping in public. Others ride quietly under the surface: worry that doesn’t show, loneliness with a practiced smile, a “load” carried where no one can see. This week I kept thinking about both kinds—the visible and the hidden—and how the Lord is the One who sees them all. The photo below is the obvious kind. But I’m learning to look for the quiet kind too, including in my own life. “No one makes it all alone… we all rely on help from Home.”

    That’s You and That’s Me — Seminary album Free to Choose (1987)

    Some reach out with their hands,
    Some reach out with their eyes,
    And most try hard not to let it show,
    But it’s a thin disguise.

    Some needs can be hidden;
    Some are plain to see.
    No one makes it all alone—
    We all rely on help from Home
    To get us back to where we want to be.

    And that’s you and that’s me,
    Living off His goodness
    And learning how to be.

    And that’s you and that’s me;
    I want to be ever you—like He’s ever you and me.

    Sometimes I can’t hide it;
    Sometimes I just want to cry:
    “I need someone to share my load,”
    When no one’s on my side.

    That’s when I remember:
    You have days like these.
    No one makes it alone—
    We all rely on help from Home
    To get us back to where we want to be.

    And that’s you and that’s me,
    Living off His goodness
    And learning how to be.
    That’s you and that’s me—
    I want to be ever you, like He’s ever you and me;
    And He gives so freely and shows us how to care.

    And that’s you and that’s me,
    Living off His goodness
    And learning how to be.

    Final reflection
    The song names what discipleship looks like in real time: noticing. Some needs are loud; some are quiet. Christ meets both, and He invites us to do the same—“living of His goodness and learning how to be.” Sometimes that means coins in a palm. Sometimes it’s a steady text, a prayer in someone’s name, a ride, a listening ear, or a temple visit offered for a friend. And when the load is ours, we remember we also “rely on help from Home.” Seen or unseen, He sees—and He sends us to see.

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

  • Secure Azure setup with Entra ID, Bastion, and private VM

    Scope

    Stand up a fresh Azure landing zone with a minimal but secure baseline: Entra ID (Azure AD) hardening, management structure, logging, networking, a Windows/Linux VM without public exposure, and safe access (Bastion + Entra sign-in).

    Placeholders to replace:
    TENANT_NAME · MG_ROOT · SUB_NAME · RG_CORE · RG_NET · RG_VM · LOCATION · VNET_NAME · SUBNET_APP · BASTION_SUBNET · VM_NAME · VM_SIZE · ADMIN_GROUP_OBJECTID

    0) Prereqs

    • Azure tenant & subscription created (via portal/Commerce).
    • Azure CLI logged in: az login az account set --subscription "SUB_NAME"
    • Optional SKUs: Entra ID P1/P2 for Conditional Access, PIM, Identity Protection.

    1) Entra ID (Tenant) Baseline

    • Create two break-glass cloud-only Global Admin accounts; long passwords; exclude from CA; store offline.
    • Turn on Security Defaultsor implement baseline Conditional Access:
      • Require MFA for admins.
      • Disable legacy/basic auth.
      • Require MFA for all users or at least privileged roles.
    • Enable SSPR, passwordless Authenticator (and FIDO2 keys if available).
    • Use PIM for role activation (P2).
    • Create AAD groups for RBAC (e.g., Azure-VM-Admins).

    (Portal-driven; no commands included to keep this redacted.)

    2) Management Structure & Tags

    • Create management group root and place the subscription under it.
    • Standardize tags (Owner, CostCenter, Env, DataClass).
    az account management-group create -n MG_ROOT
az account management-group subscription add --name MG_ROOT --subscription "SUB_NAME"

    3) Core Resource Groups & Logging

    az group create -n RG_CORE -l LOCATION
az group create -n RG_NET  -l LOCATION
az group create -n RG_VM   -l LOCATION

# Log Analytics workspace
az monitor log-analytics workspace create -g RG_CORE -n LAW-CORE -l LOCATION
LAW_ID=$(az monitor log-analytics workspace show -g RG_CORE -n LAW-CORE --query id -o tsv)

# Send Activity Logs to LAW
az monitor diagnostic-settings create \
  --name "activity-to-law" \
  --resource "/subscriptions/$(az account show --query id -o tsv)" \
  --workspace $LAW_ID \
  --logs '[{"categoryGroup":"allLogs","enabled":true}]'

    4) Guardrails with Azure Policy (minimal starter)

    # Require tags
az policy assignment create -g RG_CORE -n require-tags \
  --policy "Require a tag and its value on resources" \
  --params '{"tagName":{"value":"Owner"},"tagValue":{"value":"REDACTED"}}'

# Allowed locations
az policy assignment create -g RG_CORE -n allowed-locations \
  --policy "Allowed locations" \
  --params '{"listOfAllowedLocations":{"value":["LOCATION"]}}'

    Enable Microsoft Defender for Cloud and auto-provision agents (portal) to get JIT VM access recommendations and secure score.

    5) Networking (no public RDP/SSH)

    # VNet + subnets
az network vnet create -g RG_NET -n VNET_NAME -l LOCATION \
  --address-prefixes 10.10.0.0/16 \
  --subnet-name SUBNET_APP --subnet-prefix 10.10.10.0/24

# Dedicated Bastion subnet (must be exactly AzureBastionSubnet)
az network vnet subnet create -g RG_NET --vnet-name VNET_NAME \
  -n AzureBastionSubnet --address-prefixes 10.10.254.0/27

# NSG and rules (deny inbound by default; allow vnet)
az network nsg create -g RG_NET -n NSG-APP
az network nsg rule create -g RG_NET --nsg-name NSG-APP -n Allow-VNet \
  --priority 100 --access Allow --direction Inbound --protocol '*' \
  --source-address-prefixes VirtualNetwork --source-port-ranges '*' \
  --destination-address-prefixes VirtualNetwork --destination-port-ranges '*'

# Associate NSG to the app subnet
az network vnet subnet update -g RG_NET --vnet-name VNET_NAME -n SUBNET_APP \
  --network-security-group NSG-APP

    6) Bastion (safe console access)

    # Public IP for Bastion
az network public-ip create -g RG_NET -n pip-bastion -l LOCATION --sku Standard --zone 1 2 3

# Bastion host
az network bastion create -g RG_NET -n bas-VNET_NAME -l LOCATION \
  --public-ip-address pip-bastion --vnet-name VNET_NAME

    7) VM (managed identity, no public IP, Entra login)

    Windows example:

    # NIC (no public IP)
az network nic create -g RG_VM -n nic-VM_NAME \
  --vnet-name VNET_NAME --subnet SUBNET_APP

# VM
az vm create -g RG_VM -n VM_NAME \
  --image Win2022Datacenter --size VM_SIZE \
  --nics nic-VM_NAME --assign-identity \
  --admin-username "localadmin" --admin-password "GENERATE-STRONG-PASSWORD" \
  --enable-agent true --os-disk-size-gb 128

# Enable AAD login extension (Windows)
az vm extension set -g RG_VM -n AADLoginForWindows --publisher Microsoft.Azure.ActiveDirectory \
  --vm-name VM_NAME

# Grant Entra groups the VM login roles
VM_ID=$(az vm show -g RG_VM -n VM_NAME --query id -o tsv)
az role assignment create --assignee-object-id ADMIN_GROUP_OBJECTID \
  --role "Virtual Machine Administrator Login" --scope $VM_ID

    Linux example (SSH keys + AAD login):

    az vm create -g RG_VM -n VM_NAME \
  --image Ubuntu2204 --size VM_SIZE \
  --nics nic-VM_NAME --assign-identity \
  --authentication-type ssh --ssh-key-values ~/.ssh/id_rsa.pub

# Enable AAD SSH login (Linux)
az vm extension set -g RG_VM -n AADSSHLoginForLinux --publisher Microsoft.Azure.ActiveDirectory \
  --vm-name VM_NAME

# RBAC for login
az role assignment create --assignee-object-id ADMIN_GROUP_OBJECTID \
  --role "Virtual Machine Administrator Login" --scope $VM_ID

    Accessing the VM (no public IP):

    • Portal → Resource → ConnectBastion → Open session (RDP for Windows, SSH for Linux).
    • Optionally enable Just-In-Time in Defender for Cloud; keep NSG closed otherwise.

    8) Backup, Patching, and Keys

    # Recovery Services vault + VM backup
az backup vault create -g RG_CORE -n rsv-core -l LOCATION
az backup protection enable-for-vm -g RG_CORE -v rsv-core --vm VM_NAME --policy-name "DefaultPolicy"

# VM guest patching (Update Manager) – enable in portal for the RG/VM
    • Store secrets/keys in Azure Key Vault; use managed identity from the VM to fetch secrets.
    • Use Server-side encryption (SSE) with platform-managed keys (default) or customer-managed keys (CMK) via Key Vault if required.

    9) Monitoring (Guest + Platform)

    # Enable VM Insights / Diagnostics to LAW
az monitor diagnostic-settings create \
  --name "vm-to-law" \
  --resource $VM_ID --workspace $LAW_ID \
  --metrics '[{"category":"AllMetrics","enabled":true}]' \
  --logs '[{"categoryGroup":"allLogs","enabled":true}]'

    10) Cost Guardrails

    • Create a Budget in Cost Management with email alerts at 50/80/100%.
    • Consider Reservations and Auto-shutdown on dev/test VMs.

    11) Access Patterns to Prefer

    • Bastion or Private endpoints; avoid public RDP/SSH.
    • Entra sign-in to VMs with RBAC (Virtual Machine User/Administrator Login).
    • PIM + MFA for privileged roles.
    • JIT for any temporary inbound need.

    Minimal Tear-down (lab)

    # Danger: deletes resources
az group delete -n RG_VM  -y
az group delete -n RG_NET -y
az group delete -n RG_CORE -y

    Notes & Deviations

    • For domain-join scenarios, use Entra ID DS (managed domain) or a full AD DS in Azure; keep DCs on a separate subnet with restricted NSG.
    • For Intune/MDM of servers, consider Azure Arc + Defender for Endpoint.
    • Replace all placeholders and remove screenshots/IDs before publishing externally.

    For more info:
    Microsoft Entra ID overview/service description. Microsoft Learn
    • Connect to a VM using Azure Bastion (private IP). Microsoft Learn
    • Private Endpoint / Private Link overview & quickstart. Microsoft Learn+1

    © 2012–2025 Jet Mariano. All rights reserved.
    For usage terms, please see the Legal Disclaimer.

error: Content is protected !!