It’s literally been a year since I’ve updated it–mainly because we haven’t made any significant endpoint changes.
I did detect some CRL endpoint updates and a few other odds and ends for Worldwide Commercial and GCC Moderate, so I’ve updated the AAD Network Communications Test tool accordingly.… [ Continue reading ]
This past week, I’ve been heads down working on an application to take inbound data from one application that doesn’t have a webhook or API available and query a Dynamics 365 instance.
In order to query Dynamics 365 (or any Azure/Microsoft 365 service, to be honest) successfully, you’ll need to work with OAuth. … [ Continue reading ]
Yesterday, I needed to help configure a SharePoint Server 2019 User Profile service to import from local Active Directory using the native SharePoint Active Directory Import.
In order to perform Active Directory Import, the service account you specify must have Replicating Directory Changes permissions.… [ Continue reading ]
Yesterday, a peer brought an interesting problem to me:
His customer had been storing data in the on-premises msExchExtensionCustomAttribute properties for users and wanted to be able to use that data in Exchange Online for filtering and dynamic group membership.… [ Continue reading ]
Or at least, every last one that I know.
Over the years, I’ve amassed quite a collection of these. Yesterday, I was helping out a colleague determine what a particular value meant and referenced a spreadsheet that I’ve been maintaining for my own purposes.… [ Continue reading ]
This week, I’ve got a few updates for the AAD Network Communications Test!
- I’ve moved it to the PowerShell Gallery. You can now install it with PowerShellGet by using the command:
Install-Script -Name AADConnect-CommunicationsTest
- I’ve updated the GCC High and DOD endpoints to the best of my ability (I’m always looking for feedback on this, so if you have new endpoints, be sure to connect with me!)
… [ Continue reading ]
Last week, I began working with a customer that was experiencing what appeared to be a significant amount of updates to a certain group of objects in the local Active Directory. These objects were being imported from another forest as contacts, yet found themselves being updated very frequently by the local AAD Connect instance.… [ Continue reading ]
A new year, a new test!
While troubleshooting a few installation and update issues, I noticed that the endpoints list was a smidgen out of date, so I’ve updated that. For this update, I attached Fiddler (http://www.telerik.com/Fiddler… [ Continue reading ]
Just a quickie post this holiday week.
Many customers have had Exchange on-premises forever. Back in the olden days, we just had user mailboxes. Need a shared team mailbox? You get a user mailbox. Need a conference room mailbox? … [ Continue reading ]
I got caught up in doing this, and now it’s 3:45AM. C’est la vie! My loss of sleep is your threat analysis gain.
I’ve made several updates to the PwnCheck tool (used to query the HaveIBeenPwned.com… [ Continue reading ]
I couldn’t really come up with a cool-sounding title for this post, so I just went with the basics of what it does.
Last week, I worked with a customer that wanted to deploy custom retention labels to custom folders inside a user’s mailbox–the idea being that they would create a custom folder structure such as this under a user’s Inbox:
\Inbox\Retention Schedule\2 Year (apply a 2-year retention label to everything in this folder)
\Inbox\Retention Schedule\4 Year (apply a 4-year retention label to everything in this folder)
\Inbox\Retention Schedule\7 Year (apply a 7-year retention label to everything in this folder)
\Inbox\Retention Schedule\Forever (apply a ‘Never delete’ retention label to everything in this folder)
Seems easy enough, right? … [ Continue reading ]
A few weeks ago, I ran into an issue with a customer. Scenario:
- Customer had configured alternate-id sign in with AAD Connect (the gist is that it flows on-premises mail to cloud UPN)
- Synced identity to tenant
- Tenant did not have any verified domains
As expected, without a matching verified domain in the tenant, UPN suffixes in the tenant were actually set as @tenant.onmicrosoft.com. … [ Continue reading ]
Sometimes, your mind just gets to thinking about stuff you could have done better. Last night was one of those times.
I’d started building new lab environments for work, and decided to start pumping users into AD and syncing them to my test tenants. … [ Continue reading ]
Yes, these seems like a silly feature to add (since you can just do a single identity from the haveibeenpwned.com website, buuuuuuuttttttttttt…..), I wanted to showcase the script’s versatility while at a customer, so I added this one on the fly today.… [ Continue reading ]
As you may have figured out from the title, I’ve got a guest post today. Jorge Lopez is a Premier Field Engineer, and has spent a lot of time in the trenches with Windows, AD, and Azure AD, and currently works helping customers resolve hybrid identity issues. … [ Continue reading ]