Identity

Update to the Remove-ProxyAddresses Script

Rate this post

This update comes from a user–it’s a pretty simple one.

I posted the script Remove-ProxyAddresses back in 2017 after writing a blog post on the same topic.  In my script, I had covered Mailboxes, MailUsers, and Contacts.  I did not, however, include RemoteMailboxes, as my original thinking was “if you moved it there, you already got rid of the bad proxies.”

Which, didn’t turn out to be necessarily true (especially if you used my other way of removing proxy addresses via AAD Connect). … [ Continue reading ]

Identity

Update to PwnCheck script

Update to PwnCheck script
5 (100%) 4 vote[s]

This afternoon, while working with a colleague, I was alerted to a customer that appears to have the same 6-character password set for every user, which honestly, I feel like violates the very notion of a password. … [ Continue reading ]

Configuration

DLP for Bitcoin Addresses

DLP for Bitcoin Addresses
5 (100%) 4 vote[s]

One of the up-and-coming combination phish-ransom attacks is to trick the mark into thinking that you’ve got access to their data, and then get them to send money to a Bitcoin address to protect them from data leakage. … [ Continue reading ]

Scripting

Bulk Converting Office 365 Groups to Teams

Bulk Converting Office 365 Groups to Teams
5 (100%) 3 vote[s]

This week, while working with one of my peers, a request came in to bulk convert all Office 365 groups to Microsoft Teams.  In the Teams UI, you’re only presented the choice to upgrade groups you own, one at a time, to Teams.… [ Continue reading ]

Scripting

Creating a Teams “New Channel” notification

Creating a Teams “New Channel” notification
4 (80%) 1 vote[s]

One of my customers recently asked for a solution to checking a particular Microsoft Team multiple times a day for new channel additions.  In their organization, someone is responsible for creating a new channel every time new item for review is published, and then all of the communications, files, and data related to that item is stored in that particular time.… [ Continue reading ]

Information

Update to Get-SCCDataExport

Update to Get-SCCDataExport
5 (100%) 1 vote[s]

I’ve been tinkering around a little with this, hoping to bring some better updates (so maybe you can see who is generating your data exports and go smack them around).

I’ve got a few updated fields added to the tool, so be sure to go check it out!… [ Continue reading ]

Information

WhoAmI for Office 365

WhoAmI for Office 365
4.3 (85%) 4 vote[s]

If you’ve ever struggled to find out who your current session is logged in as when you connected to Office 365, here’s a tidbit to shed some light on it:

(Get-PSSession |?{$_.ComputerName -like “*outlook.com”})[0].RunSpace.ConnectionInfo.Credential.UserName

You can also use RunSpace.… [ Continue reading ]

Information

Calculating your Daily Export for the Security & Compliance Center

Calculating your Daily Export for the Security & Compliance Center
4.7 (93.33%) 3 vote[s]

One of the lesser-known boundaries of Office 365’s Security & Compliance Center is that we only allow 2TB per day export volume.  When we talk about exports, we’re talking about the idea of taking content that has been identified via a content search mechanism (content search, eDiscovery case search, etc) and then staged for download.… [ Continue reading ]