Like most folks, I hate errors.
As a scripter, I hate seeing blood on the screen–to me, it means failure that I didn’t anticipate. When you’re trying to put tools out there for other folks to use, nothing toasts your peer’s or customer’s confidence like a tool that doesn’t fix itself or errors out without explanation.… [ Continue reading ]
Update: I’ve added a shortlink for this tool: http://aka.ms/createlabusers.
In testing out some of my other tools over the last few weeks, I’ve found it necessary to create a some test users. A lot of test users. … [ Continue reading ]
A little over a year and a half ago, I started working on a tool for a really large Office 365 / BPOS-Dedicated migration to Office 365 Government Community Cloud. As part of that migration, I wrote this tool: Migrating EOP Settings Between Tenants. … [ Continue reading ]
Last week, I saw some internal discussion about trying to locate the source of a duplicate object error on-premises. While an advanced administrator will be able to figure it out by looking at the Connector Spaces for connected directories, it’s not necessarily obvious to a lot of people (especially if you’re not experienced with our identity management products).… [ Continue reading ]
Since the dawn of time (or at least, since the dawn of the Epoch), people have been inadvertently deleting stuff. As is attributed to Uncle Ben, “with great power comes great responsibility,” and so it is true with the system administrator. … [ Continue reading ]
Yesterday, I was asked if I had developed any testing tools for the Dynamics CRM suite availability—but, never having had to do much with them, I didn’t have anything available. I just built a quick tool today, and it covers all of the endpoints listed at https://support.microsoft.com/en-us/help/2655102/internet-accessible-urls-required-for-connectivity-to-microsoft-dynami… [ Continue reading ]
In my previous post, I discussed using the new Attack Simulator for crafting phishing campaigns against your users. If you haven’t tried it out yet, I’d heartily recommend it. It’s more fun than a barrel of monkeys.… [ Continue reading ]
This evening, I found myself needing to configure Skype for Business clients to prompt the user for the audio device when joining. The registry key to control this behavior, AllowOverridingDeviceAtJoinTime, has existed for quite some time:
For Communicator, the setting was located at HKCU:\Software\Microsoft\Communicator. … [ Continue reading ]
Over the last few weeks, we’ve released some great new features for Office 365 Advanced Threat Protection users. The Attack Simulator has three core components, each of which I’ll cover in a series:
- Spear Phishing (Credential Harvest)
- Brute Force Password (Dictionary Attack)
- Password Spray Attack
For this post, I want to focus on the Spear Phishing campaign.… [ Continue reading ]
Over the last couple of days, I’ve updated a few tools that I have published on the gallery. Here’s the run-down:
AAD Connect Network and Name Resolution Test
I’ve been busy with this tool a lot lately, both adding tests and tweaking the way things are done. … [ Continue reading ]
A few users reported bugs with logging that I have updated. There was also an unreported bug when searching the XML generated by Get-ADSyncServerConfiguration for the connector’s AD user, which I have also resolved.
You can get the updated tool at https://gallery.technet.microsoft.com/AD-Advanced-Permissions-49723f74… [ Continue reading ]
Update: We now have some public documentation available for this as well, so be sure to check there, too! https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-deployment-plans
Imagine this scenario: You’ve been running Active Directory Federation Services (AD FS) since before it was cool, and you’re tired of maintaining that highly available infrastructure (at least 4 servers) and the whole federation thing and its myriad of quirks and drawbacks and headaches (such as alt-id (which is still supported in Pass-through authentication with some caveats, listed below), claims rules, certificates, and the fun of trying to change UPN suffixes from one federated UPN to another).… [ Continue reading ]
A few months ago, I debuted a new tool for AAD Connect deployment (read about it here: AAD Connect Network and Name Resolution Test or download it here: https://gallery.technet.microsoft.com/Azure-AD-Connect-Network-150c20a3) which allows you to test a number of conditions to make sure your server and environment are suitable for deploying AAD Connect.… [ Continue reading ]