Last year, I had a project that involved migrating a large customer from Office 365 Dedicated to Office 365 GCC (multi-tenant). While Exchange hybrid moves were possible for the mailboxes, we were unable to perform the necessary hybrid migration configuration for Lync to migrate users. … [ Continue reading ]
So, I had an interesting need the other day when creating another script–I wanted to create a collection of object that were of the same type, but had different values for the properties. In this case, the objects happened to be registry keys and values that was going to report on, and (optionally) take a series of actions on. … [ Continue reading ]
Update: I’ve added several additional parts to this tool since it was originally released, including some debug logging, an Azure credential check to ensure that your identity is part of Global Admins, additional cloud endpoint checks, and a more thorough system inventory.… [ Continue reading ]
This week, I had an interesting issue to resolve–one of my customers previously hosting their architecture on-premises was utilizing geo-filtering services provided by their ISP. These geofiltering services were provided at the network layer, so filtered requests never reached the environment.… [ Continue reading ]
Two updates for the tool in a week? Yes! It is so!
At the behest of my good friend Darryl and one of his customer’s needs, I have updated the the AAD Connect Advanced Permissions tool with the following:
- Allow the underscore (“_”) character to be used in an OU name path
- Allow CN= to be used as part of the OU filter name path, since some organizations may want to try to scope permissions specifically to CN=Users.
While updating a script earlier this week, I wanted to spruce up my logging. However, I didn’t have a handy function to incorporate that would allow me to both write to the screen (in various colors for the type of log entry being generated) and to a log file at the same time. … [ Continue reading ]
On the recommendation of my good friend Darryl, I’ve added some things to my AAD Connect permissions tool:
- Better logging of errors. When running the tool for a large organization that had $ characters in its service account names, the tool would report successful but not leave any log files or indicators where things may have happened.