Scripting

Removing Orphaned Mailbox Searches

An issue came up today for one of my customers–how to remove orphaned mailbox searches in Exchange Online.  Apparently, they have about 300 mailboxes in this state.  Oops.

So, in order to do this, you need to go through a handful of steps:

  1. Identify all of the Mailbox Searches. 
[ Continue reading ]
Configuration

Cloud UPNs for AAD Connect users with Alt-ID don’t update after domain verified in tenant

A few weeks ago, I ran into an issue with a customer.  Scenario:

  • Customer had configured alternate-id sign in with AAD Connect (the gist is that it flows on-premises mail to cloud UPN)
  • Synced identity to tenant
  • Tenant did not have any verified domains

As expected, without a matching verified domain in the tenant, UPN suffixes in the tenant were actually set as @tenant.onmicrosoft.com. [ Continue reading ]

Identity

Update to Create-LabUsers!

Sometimes, your mind just gets to thinking about stuff you could have done better.  Last night was one of those times.

I’d started building new lab environments for work, and decided to start pumping users into AD and syncing them to my test tenants. … [ Continue reading ]

Information

Check commmon records for a domain

One of my peers this week was looking for a script to help check global DNS resolution for particular records for both replication and geo-loadbalancing testing.

The record types and data he was looking for:

  • A
  • CNAME
  • MX
  • TXT (for SPF)
  • TXT (for DMARC)

This is what I came up with, so maybe it can help someone else.… [ Continue reading ]

Client

Adopting OneDrive for Business

OneDrive for Business is, from my perspective, one of the most under-utilized but benefit-rich parts of the Office 365 platform, allowing organizations (especially organizations that subscribe to the E3 or higher SKU) virtually unlimited storage, versioning, and recovery capability for their file-based storage.… [ Continue reading ]

Information

Update to Get-UserHoldPolicies — Now includes DelayHoldApplied

This is just a quick update–if you’ve been using my Get-UserHoldPolicies script to check out the holds applied to your mailboxes, I’ve updated it to include the DelayHoldApplied property.

A Delay Hold is applied whenever a hold is removed from a mailbox (as in, the mailbox is excluded from an inherited policy or manually removed from an explicitly included policy), and stays in effect for 30 days. … [ Continue reading ]

Information

Switch SharePoint Online Lists between Classic and Modern Experience

It’s been coming for a while.

Change is inevitable.

SharePoint Modern UI is here.

And, we’ve begun updating libraries and lists.

Per this link, https://techcommunity.microsoft.com/t5/SharePoint/Update-on-modern-list-tenant-opt-out-removal/td-p/469297, we changed the opt-out methods (from tenant-level to site-level).  One of the things that we noted is that you can use Enable-PnPFeature or Disable-PnPFeature to manage this. … [ Continue reading ]

Identity

Update to the Remove-ProxyAddresses Script

This update comes from a user–it’s a pretty simple one.

I posted the script Remove-ProxyAddresses back in 2017 after writing a blog post on the same topic.  In my script, I had covered Mailboxes, MailUsers, and Contacts.  I did not, however, include RemoteMailboxes, as my original thinking was “if you moved it there, you already got rid of the bad proxies.”

Which, didn’t turn out to be necessarily true (especially if you used my other way of removing proxy addresses via AAD Connect). … [ Continue reading ]

Identity

Update to PwnCheck script

This afternoon, while working with a colleague, I was alerted to a customer that appears to have the same 6-character password set for every user, which honestly, I feel like violates the very notion of a password.  They’re not currently in Office 365 (or even Active Directory), but the risk is the same:

Users tend to use the same passwords everywhere.… [ Continue reading ]

Configuration

DLP for Bitcoin Addresses

One of the up-and-coming combination phish-ransom attacks is to trick the mark into thinking that you’ve got access to their data, and then get them to send money to a Bitcoin address to protect them from data leakage.  You can create a DLP rule in the Office 365 Security & Compliance Center (or an Exchange Online transport rule) to try to combat this.… [ Continue reading ]

Scripting

Creating a Teams “New Channel” notification

One of my customers recently asked for a solution to checking a particular Microsoft Team multiple times a day for new channel additions.  In their organization, someone is responsible for creating a new channel every time new item for review is published, and then all of the communications, files, and data related to that item is stored in that particular time.… [ Continue reading ]