tag:blogger.com,1999:blog-69889332024-02-28T13:14:49.241+01:00Cold cup of coffeeIT makes my coffee coldRikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.comBlogger147125tag:blogger.com,1999:blog-6988933.post-88192557330612311802018-05-10T02:51:00.001+02:002018-05-10T02:51:27.372+02:00Office 365 licensing (using PowerShell)Below are some very simple powershell code to handle licensing in Office 365:
# Powershell
# Requirement: Connected to msol-service
# Get your SKU, extract your AccountSkuId (tenantname:SKU)
Get-MsolAccountSku
# Remove license VISIOCLIENT for all users
$all = get-msoluser -all
$sku = "mytenant:VISIONCLIENT"
$all | Where-Object {($_.licenses).AccountSkuId -match $sku } | RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-83763060784561699062018-05-07T09:00:00.001+02:002018-05-07T09:36:34.169+02:00RSS feeds on websites ?
RSS feeds
RSS (Rich Site Summary) is a web feed that allows users to access update in a standardized way. It's a very common way of getting updates from multiple web pages into a reader to get updates. Most sites have a button for getting the feed URL.
Missing RSS button ?
Many sites do not have a RSS button but are still having a feed on their page. Two very common ways are the /feed and /rss RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-68203941946281166382018-03-13T10:24:00.001+01:002018-03-13T10:24:04.263+01:00Connect VPN using Azure MFA NPS extensionAzure MFA have a extension for Microsoft NPS (Network policy server) that can be used to connect on-premise Active Directory to Azure MFA for strong authentication. Today the team that I was working on investigated if this can be used WITHOUT synchronized (hybrid) identities and had a successful result.
The environment and setup
Cloud identities only (username@domain.com)
Local Active RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com2tag:blogger.com,1999:blog-6988933.post-19678829422851884822016-04-21T10:01:00.000+02:002016-06-15T10:09:48.576+02:00Facebook at Work provisioning using "built-in" Azure SCIMFacebook at Work (https://work.fb.com/) is the business variant of Facebook. This gives enterprises the possibility to own, manage and use Facebook in a Enterprise context. As Facebook at Work is born in the cloud it comes with modern API's for user manangement and also exists in the Microsoft Azure Marketplace (link).
When integrating Facebook at Work into Azure you get two pre-built options RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com4tag:blogger.com,1999:blog-6988933.post-15601362055267818312016-02-29T12:43:00.000+01:002016-02-29T12:43:23.311+01:00Office 365 Clutter stuffWhat is Clutter ?
Clutter is an email filtering option available to Office 365
customers. It is similar to an anti-spam filter as it moves less
important email (based on your reading habits) into a 'Clutter' folder
where they can be ignored or reviewed later. Most of the mail going
into the folder should be bulk mail (advertisements) and messages from
mailing lists.&RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-6337534768678387272016-02-16T09:56:00.000+01:002018-05-10T02:33:15.509+02:00Remove "orphaned" meetings in RoomMailboxesWhen users are leaving the company there should be a "phase out" routine to be followed with different IT tasks to be perfomed (below is just an example);
Log and revoke system access and permissions
Hand over data to manager and/or other owners
Delete all other data (mail, home folders, etc)
Cancel meetings (and/or transfer them to other responsible organizers)
However sometimes users that RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-17936544967241904192016-01-13T21:31:00.000+01:002016-01-13T21:33:57.909+01:00Find erroneous AD Connect sync object (cannot sync object)Today I was faced with an error in ADConnect. It couldn't sync one of the contact objects from on premise AD to Azure AD (Office 365). The error was on the AADConnect log:
Error in Connector operations
Status:completed-export-error
In error log (on the object)
Error: Object TypeMismatch
Connected data source error code: 0x8023134a
Detailed data source error:A object with same proxyaddress RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-90170010060322597512015-11-10T13:37:00.000+01:002015-11-10T13:37:01.938+01:00Office 365 - convert a deleted mailbox to a inactive mailboxIn Office 365 you can convert mailboxes for old employees to inactive mailboxes. This will preserver the mailbox in Office 365 (and can later be connected and/or searched with eDiscovery).
.
Put an active mailbox on LitigationHoldSet-Mailbox rikardst -LitigationHoldEnabled $true
Remove LitigationHoldSet-Mailbox rikardst -LitigationHoldEnabled $false
Convert a deleted mailbox to inactive (RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-43382758893647657302015-11-04T08:50:00.002+01:002015-11-04T08:50:57.150+01:00OneDrive for Business (web interface)Just a quick reminder for the old and new interface URL's:
OLD interface
https://domain-my.sharepoint.com/personal/user/_layouts/15/start.aspx
NEW interface
https://domain-my.sharepoint.com/personal/user/_layouts/15/onedrive.aspx
Remember that soon will the new OneDrive for Business sync client be available. Get in line for the preview: https://preview.onedrive.com/sync
RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-45890621102403164032015-08-20T08:56:00.000+02:002015-08-20T08:57:29.918+02:00Microsoft Edge browsers crashes directly after start [FIX]Today I had problems with my Microsoft EDGE browser (the new and cool browser in Windows 10). Directly after launch the application crashed:
Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge failed with error: The remote procedure call failed. See the Microsoft-Windows-TWinUI/Operational log for additional information.
Steps to solve:
Open a powershell with admin RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com18tag:blogger.com,1999:blog-6988933.post-67016498417187529032015-08-14T07:39:00.002+02:002015-08-14T07:40:37.986+02:00Remove a Office 365 User/Mailbox from all distribution listsRemove all groups on a user with Powershell;
# Get the correct mailbox
$mbx = ( Get-Mailbox UserPrincipalName )
# Process all DistributionGroups and if mailbox is member remove (with simple console output)
foreach ($group in Get-DistributionGroup -ResultSize unlimited) {
if ((Get-DistributionGroupMember $group.identity | select -Expand distinguishedname) -contains $mbx.DistinguishedName){
RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com1tag:blogger.com,1999:blog-6988933.post-30553917467498031952015-07-18T12:12:00.000+02:002015-07-18T12:13:05.267+02:00Windows 10 - Remove fingerprint dataToday I removed an old user account from my computer and added a new one (after moving my computer from AD domain to AD Azure join). After adding my Azure account to the computer I tried to add fingerprint to logon to the computer. However this was not possible due to an error:
Fingerprint already present on other user account
Steps to resolve (as the old account was deleted)
Stop "Windows RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com2tag:blogger.com,1999:blog-6988933.post-25553688836363087322015-06-28T02:27:00.000+02:002015-06-28T02:27:34.764+02:00Upload server to Azure (lessons learned)I have had a need to move a few servers to a new test/development environment shared for several people. Azure was the preferred location of the servers and below are a process for uploading an on premise server to Azure (and some notes to create a template for deployment of servers).
Important bullets
Azure is running Microsoft Hyper-V
Currently Azure supports fixed VHD (not vhdx or dynamicdiskRikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-8401608047344236612015-06-22T13:57:00.000+02:002015-06-22T13:57:48.289+02:00Simple script for reporting PF permissions (Exchange 2007)Get UPN Suffix for all users in Office 365 (Powershell);
# Simple script for reporting PF permissions (Exchange 2007)
$arFolderData2 = @()
$folders = get-publicfolder -recurse -resultsize unlimited
foreach ($folder in $folders)
{
$folderstats = get-publicfolderstatistics $folder.identity
$perm = get-publicfolderclientpermission $folder.identity
foreach ($owner in $perm)
{
$folder2 RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-56208903581752524472015-05-23T01:01:00.001+02:002015-06-16T21:25:00.163+02:00Azure AD Sync behind proxyTo be able to have Azure AD Sync (AADSync) behind a proxy it must allow unauthenticated proxying (i.e. no ID/PWD). If you can fulfill this then you need to do the following:
Configure the proxy server
Configure AADSync to use the proxy server
Configure the proxy server
Do configuring to allow traffic to Office 365 IP's and URL's.
Configure AADSync
If you have a static ID/PWD for the RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com1tag:blogger.com,1999:blog-6988933.post-24464762621574683112015-05-20T15:08:00.001+02:002015-05-20T15:08:29.047+02:00Create signing and encryption certificate that lasts 100 years in Windows 2012R2 serverCreate signing and encryption certificate that lasts 100 years in Windows 2012R2 server;
Set-ADFSProperties -CertificateDuration 36500 -AutoCertificateRollover $true
Update-AdfsCertificate -CertificateType Token-Decrypting -Urgent
Update-AdfsCertificate -CertificateType Token-Signing -Urgent
Set-ADFSProperties -AutoCertificateRollover $false
RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-17867869630584823482015-05-19T11:43:00.002+02:002015-05-19T11:45:15.154+02:00Publish Atlassian JIRA 6.2.4 to Internet using wildcard SSL certificate on TMG 2010Today I needed to publish Atlassian JIRA using a wildcard public CA SSL certificate. I couldn't find any good guides to this so I have written a few notes below on how I finished the task.
Technical environment
JIRA: 6.2.4 (installed on Windows) running tomcat webserver
TMG: 2010 (installed on Windows)
Tasks
Installed *.domain.com certificate on TMG server (using Certificate Console in RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-54786260423086195462015-05-07T08:10:00.000+02:002015-05-07T08:11:07.641+02:00Hide/Show Mail icon in Control Panel on Remote Desktop/Citrix for Office 365 ProPlusIn Remote Desktop and Citrix environments it's common to hide specific Control Panel applets or maybe only show a few using GPO's : User Configuration\Administrative Templates\Control Panel
Hide specified Control Panel items
Show only specified Control Panel items
When I deployed Office 365 ProPlus (with shared licensing) on the Remote Desktop server my Mail icons disappeared from users RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com1tag:blogger.com,1999:blog-6988933.post-12764446658411453292015-05-05T20:21:00.001+02:002015-05-05T20:21:46.847+02:00Get UPN Suffix for all users in Office 365 (Powershell)Get UPN Suffix for all users in Office 365 (Powershell);
# Connect Office 365
Connect-MsolService
# Get all users
$users = get-msoluser -all
# Create array
$upnlist=@()
foreach ($i in $users)
{
$s = $i.UserPrincipalName.tostring()
$upn = $S.substring($s.IndexOf("@"))
$upnlist+=$upn
}
# Output
$upnlist | Group-Object
RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-71879664396566975122015-04-24T13:18:00.001+02:002015-04-24T13:18:27.371+02:00Powershell script to verify if a process is running from correct pathSimple script to verify if a process is running from correct path;
# Variables
$Time = [system.DateTime]::Now
$processpath = 'C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe'
# Get running process with name sqlservr and filter based on correct path
$test = Get-Process sqlservr | ? { $_.Path -eq $processpath }
if ($test.HasExited -eq $False) {
# Replace spaces in path RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-23773898068851221582015-04-23T10:46:00.001+02:002015-04-23T10:46:48.308+02:00Change schedule on AADSync for Office 365By default the AADSync (link) runs every 3 hours on the AADSync server. This is defined by the scheduled task that is created during the installation.
To change the synchronization interval I did the following:
Add "SYSTEM" to AADSyncAdmins group
Create a new scheduled task (to be run as SYSTEM)
Trigger: Run it once (and set repeat to every 15 minutes and run indefinitely)
Action: "C:\RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-82882129597725901022015-04-21T09:29:00.002+02:002015-04-21T09:31:23.638+02:00Azure Automation workflow to set Exchange permissionsAzure Automation workflow to set Exchange permissions (Azure Automation compatible);
# Change log
# v1 Standard script 20.04.2015
# v2 Edited use of Automation credentials 21.04.2015
workflow MailboxPermissions {
# Fetch Automation credentials from RunBook Settings
$cred = Get-AutomationPSCredential -Name "ServiceAdmin"
# Use inlineScript to run a RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-72394327765541563032015-04-17T08:06:00.000+02:002015-04-17T08:06:47.056+02:00Quick script for finding empty directories and delete them (PSH)Delete empty directories using Powershell (v3 compatible);
# Folder to have as root
$SearchRoot = "D:\"
# Get all folders and filter out the empty ones
$EmptyFolders = Get-ChildItem -Path $SearchRoot -Directory -recurse | Where-Object {(Get-ChildItem -Path $_.FullName -Recurse) -eq $null}
# Delete folders
$EmptyFolders | Remove-Item
RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-52201799967490081542015-04-11T09:42:00.000+02:002015-04-11T09:42:27.020+02:00Inventory document libraries in Sharepoint 2007Inventory document libraries in Sharepoint 2007;
# Inventory documentlibraries in SPS 2007
function Get-DocInventory() {
[void][System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")
$farm = [Microsoft.SharePoint.Administration.SPFarm]::Local
foreach ($spService in $farm.Services) {
if (!($spService -is [Microsoft.SharePoint.Administration.SPWebService])) {RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0tag:blogger.com,1999:blog-6988933.post-25254858711580303192015-04-09T13:36:00.003+02:002015-04-09T13:36:55.599+02:00Upload files to SPOnline using Powershell (Win2008R2)Upload files to SPOnline using Powershell (Win2008R2):
#Specify tenant admin and site URL
#Requires Sharepoint license and access to site/doclib
$User = "user@tennant.onmicrosoft.com"
$password_clear_text = "MyPassword"
$SiteURL = "https://tennant.sharepoint.com/sites/projectX"
$Folder = "C:\FilesToUpload"
$DocLibName = "Shared Documents"
#Add references to SharePoint client assemblies and RikardStrandhttp://www.blogger.com/profile/07027571144158351041noreply@blogger.com0