Scripting

Iterating hash values to a log file

While working on my last script, I was trying to figure out the best way to write the values stored in a hash table for the purposes of splatting out to a log file.

Consider:

$parameters = @{}
$parameters.Add("Parameter1","Value1")$parameters.Add("Parameter2","Value2")$parameters.Add("Parameter3","Value3")

$parameters = @{}; $parameters.Add("Parameter1","Value1"); $parameters.Add("Parameter2","Value2"); $parameters.Add("Parameter3","Value3")

I was using a modified version of my logging function, which is basically a wrapper for Add-Content with parameters for log detail/types, colors, and output display.… [ Continue reading ]

Configuration

Migrating from Exchange Online eDiscovery and In-Place Hold to the Security & Compliance Center

One of the issues that some of my larger customers have been dealing with is the lack of tooling and planning around moving legacy Exchange Online In-Place eDiscovery & Holds to the new(ish) Security & Compliance Center.  Our direction has been to either let them age out or manually recreate them the Security & Compliance Center.… [ Continue reading ]

Scripting

Checking for compromised email accounts

Yesterday, I participated in an escalation for a customer where one or more users had been successfully phished and had given up their credentials.  While we were walking through some remediation steps, we started a discussion about data exfiltration attempts.

Many moons ago, I put together a few scripts that can be used to check mailbox forwarding and transport rule forwarding configurations, specifically looking for actions that send mail (forward, redirect, bcc) to recipients outside of the domains verified in your tenant. … [ Continue reading ]

Configuration

Alerting on OneDrive Deleted Item Activity

I had a customer recently raise some questions about how to provide further enhancements and protections around their OneDrive for Business deployments.  Suppose this scenario exists:

  • Users are site collection administrators over their OneDrive for Business sites (default configuration)
  • Retention policies are configured, but may only be configured to provide a very minimal amount of data protection (such as 90 days from creation or last modification of data) due to organizational legal compliance
  • No retention policies are in effect for the target data (as all the data we’re concerned with is technically older than 90 day creation or last modified date)
  • Malicious or disgruntled user deletes OneDrive data
    • Deletes data in OneDrive
    • Empties recycle bin
    • Empties second stage recycle bin

At this point, for any data older than 90 days, it is lost.… [ Continue reading ]

Configuration

Migrate-EOPSettings now does ATP!

ATP! ATP!

At long last, I’ve made a first pass at updating the Migrate-EOPSettings script to now include settings for Advanced Threat Protection.  I’ve had several customers moving their instances from commercial EOP to Office 365 GCC, and while my Migrate EOP script would capture just about everything, it came to my attention that we still had configuration to do for ATP. … [ Continue reading ]

Configuration

SharePoint Online and OneDrive for Business Custom Sharing Controls

Today, we’re going to explore two relatively new sharing controls in SharePoint Online (and, by extension, OneDrive for Business).  The two options we’re going to look at are located inside the SharePoint Admin Center (https://<tenant>-admin.sharepoint.com) under Sharing:

Overview

To test both of these functions out (as well as how other users are affected), I’m going to work with 3 test users and two security groups.… [ Continue reading ]

Configuration

AAD Connect, a dedicated resource forest, a custom connector, and a bunch of transform rules: a GalSync story (Part 2)

In part 1 of our adventure, we built an Azure AD lab to support configuring AAD Connect to work as a GalSync engine. In this post, we’ll finish up the configuration.  As a reminder, this is the what the overall solution will look like:

And, as I mentioned in part 1:

Please don’t call Premier asking for support on this.[ Continue reading ]

Configuration

Thanks for playing!

I was so excited to see this notification in the TechNet Gallery today when I logged in:

Thanks to everyone for making this one of the most downloaded OneDrive tools in the Gallery! As a thanks for your support, feel free to download it as many times as you like!… [ Continue reading ]

Information

Determining your Office 365 Tenant Location

During a conversation with my peers, the discussion came up on how to determine what environment a tenant is located in (usually between Commercial and Government).  Typically, the easiest way to determine this is to look at your account SKUs.  For example, from PowerShell, the cmdlet Get-MsolAccountSku will return a list of SKUs available in your tenant.… [ Continue reading ]

Configuration

Adding OneDrive Locations to an Existing Retention Policy

Yesterday, while working with a customer, I was asked if there is a way to programmatically add OneDrive locations to an existing retention policy.  Say, for example, you have a blanket retention policy that covers all of your tenant at a base level (which is what I typically recommend to ensure you at least have either belt or suspenders), but then you have a second set of users that need a longer policy.… [ Continue reading ]