This update comes from a user–it’s a pretty simple one.
I posted the script Remove-ProxyAddresses back in 2017 after writing a blog post on the same topic. In my script, I had covered Mailboxes, MailUsers, and Contacts. I did not, however, include RemoteMailboxes, as my original thinking was “if you moved it there, you already got rid of the bad proxies.”
Which, didn’t turn out to be necessarily true (especially if you used my other way of removing proxy addresses via AAD Connect). … [ Continue reading ]
This afternoon, while working with a colleague, I was alerted to a customer that appears to have the same 6-character password set for every user, which honestly, I feel like violates the very notion of a password. They’re not currently in Office 365 (or even Active Directory), but the risk is the same:
Users tend to use the same passwords everywhere.… [ Continue reading ]
I hadn’t touched this one in a while, but a recent request from a customer had me checking in on it. I tidied it up (no one likes people staring at their dirty laundry), and updated the scripting to be more efficient. … [ Continue reading ]
It’s been a while since I’ve updated this popular tool, and the need was brought to my attention by a peer who noticed an attribute being exported to on-premises AD (but failing):
As it turns out, the msDS-KeyCredentialLink is required for Windows Hello for Business Hybrid.… [ Continue reading ]
One of the issues that some of my larger customers have been dealing with is the lack of tooling and planning around moving legacy Exchange Online In-Place eDiscovery & Holds to the new(ish) Security & Compliance Center. Our direction has been to either let them age out or manually recreate them the Security & Compliance Center.… [ Continue reading ]
The other day, on one of the forums, I came across an issue that I also had with one of my customers a few years ago. In my customer’s instance, they had imported thousands of contacts into an externally trusted forest and deleted them in their primary forest (which then removed the objects from Office 365). … [ Continue reading ]
In part 1 of our adventure, we built an Azure AD lab to support configuring AAD Connect to work as a GalSync engine. In this post, we’ll finish up the configuration. As a reminder, this is the what the overall solution will look like:
And, as I mentioned in part 1:
Please don’t call Premier asking for support on this.… [ Continue reading ]
A few years ago, I worked with one of my close consultant peers to build a GALSync-style solution for a big state government that was going through a divestiture from a single BPOS-D (yes, I am old) and a single managed hosted Exchange environment to multiple O365 multi-tenant instances. … [ Continue reading ]
It’s that time of the year again! I’ve expanded upon an existing feature in the AAD Network Test Tool.
One of the prerequisites listed on the AAD Connect support page is to ensure the Turn on PowerShell Transcription GPO is set to Not Configured. … [ Continue reading ]
This feature is an “oldie but goodie” that my customers are starting to ask questions about as they start looking into ways to automate their Office 365 deployments.
Can I sync additional attributes to Office 365, and can I use them for Group-Based Licensing?… [ Continue reading ]
It’s Two-fer Friday. I don’t know if it was a thing, but it is now.
Based on received feedback, I have updated the AAD Connect Advanced Permissions tool to check for the Active Directory schema version in addition to the Exchange schema. … [ Continue reading ]
Yes, Hell has frozen over. The cows have come home. The lady of size has sung.
I have come up with a “best case” solution for the Office 365 hybrid group write-back problem.
For the long(er) background, you’ll probably want to go see this post.… [ Continue reading ]
Four score and many moons ago, I was working on one of my first projects in Microsoft Consulting Services. This particular customer (a university) shared their Active Directory infrastructure with a hospital. During the course of their business, employees would frequently move between organizations. … [ Continue reading ]
Today, I received an email from a customer that one of the scripts I had in the gallery wasn’t working correctly. Yes, I know it’s hard to believe, but I made an update and didn’t regression test completely, and then something stopped working.… [ Continue reading ]
This week, while working with one of my customers in a custom Office 365 deployment, I had the opportunity to revisit and update one of my scripts (Remove Proxy Addresses via AAD Connect). I had originally built that script for a large state government Office 365 migration from BPOS-D. … [ Continue reading ]
Woo! A day of updates! I’ve made a few updates to this tool, so hopefully you’ll find them useful:
2018-08-12: A reader noticed that the UpdateAdminSDHolder switch didn’t work ask expected when specifying the ExchangeHybridWriteBack OU without the ExchangeHybridWriteBackOUs parameter. I have found and updated that! … [ Continue reading ]
If you are utilizing external, guest, or B2B users in your Office 365 or Azure environments, you may need a way to determine which objects haven’t been logged in or used in a while. Azure AD doesn’t provide an easy way to view this information (really only having the refresh token time available). … [ Continue reading ]
So, today, I received an email from one of my esteemed colleagues asking how we could get B2B Azure AD tenant guests to show up in the Office 365 GAL. I thought, “Yeah, that should be something that’s possible. I mean, they have email addresses.”
In a rare turn of events, it actually is as easy as un-hiding them from the GAL.… [ Continue reading ]
Update: This tool has a new shortlink: http://aka.ms/aadnetwork
Since the tool passed the 500 download mark a few weeks ago, I’ve started getting more questions (internal and external) about a few of the tests and checks. So, I decided to update/refine them to hopefully provide better guidance.… [ Continue reading ]
Last week, I saw some internal discussion about trying to locate the source of a duplicate object error on-premises. While an advanced administrator will be able to figure it out by looking at the Connector Spaces for connected directories, it’s not necessarily obvious to a lot of people (especially if you’re not experienced with our identity management products).… [ Continue reading ]