The hosting venue has changed to serve you better.
One of the up-and-coming combination phish-ransom attacks is to trick the mark into thinking that you’ve got access to their data, and then get them to send money to a Bitcoin address to protect them from data leakage. You can create a DLP rule in the Office 365 Security & Compliance Center (or an Exchange Online transport rule) to try to combat this.… [ Continue reading ]
Hey, all! One AAD tool update deserves another!
Every so often, I check in to make sure I’m keeping the AAD Connect Network Test Tool as fresh as I can. I’ve made a few changes to the way it works (hopefully which you all think is for the better). … [ Continue reading ]
I’ve been tinkering around a little with this, hoping to bring some better updates (so maybe you can see who is generating your data exports and go smack them around).
I’ve got a few updated fields added to the tool, so be sure to go check it out!… [ Continue reading ]
If you’ve ever struggled to find out who your current session is logged in as when you connected to Office 365, here’s a tidbit to shed some light on it:
(Get-PSSession |?{$_.ComputerName -like “*outlook.com”})[0].RunSpace.ConnectionInfo.Credential.UserName
You can also use RunSpace.OriginalConnectionInfo.Credential.UserName. … [ Continue reading ]
One of the lesser-known boundaries of Office 365’s Security & Compliance Center is that we only allow 2TB per day export volume. When we talk about exports, we’re talking about the idea of taking content that has been identified via a content search mechanism (content search, eDiscovery case search, etc) and then staged for download.… [ Continue reading ]
This morning, looking for an answer to something, I stumbled across a question that seemed easy enough to fix: Is it possible to export the GAL from Outlook if I don’t have access to a server?
Yes, yes it is. Since we have the Power of Grayskul–err, PowerShell, at our disposal, we can manipulate Outlook to return this data to us. … [ Continue reading ]
A new year, a new update for Get-UserHoldPolicies! Woo!
I stumbled across some additional information today regarding deciphering hold policies for mailboxes while troubleshooting another issue and decided to update my Get-UserHoldPolicies tool to reflect it.
The core pieces that I added:
You can see a few of the new options here. … [ Continue reading ]
If you’ve ever asked anyone how to do virtually anything, the answer is usually “It depends.” Just as there is no wrong way to eat a Reese’s Peanut Butter Cup and more than one way to skin a cat, so it frequently is with technological tasks. … [ Continue reading ]
Earlier this week, I had a request for assistance with delegating reporting features in Exchange Online to non-administrative users. This is a frequent topic of discussion when it comes to compliance and security officers validating that systems are not being misused by unauthorized persons.… [ Continue reading ]
Hi! It’s a day ending in “y,” which means it’s a good day to update a script!
Today, while on-site with a customer and running my AAD Connect Permissions script, I noticed that the logging output wasn’t as helpful as I wanted it to be.… [ Continue reading ]
Today, we’re going to explore two relatively new sharing controls in SharePoint Online (and, by extension, OneDrive for Business). The two options we’re going to look at are located inside the SharePoint Admin Center (https://<tenant>-admin.sharepoint.com) under Sharing:
To test both of these functions out (as well as how other users are affected), I’m going to work with 3 test users and two security groups.… [ Continue reading ]
Today, I got it in my head that I wanted to create a script that would accept CSV input. In so doing, I wanted to make sure the CSV passed some sort of validation so that I didn’t end flooding a screen with errors, because nobody likes that.… [ Continue reading ]
While working on my last mini-series, I utilized my Create-LabUsers tool to automate the creation of a few thousand objects. When I was synchronizing my AD users to another directory, I noticed that I didn’t have mailNickname populated and had to add a quick script to fill that value in. … [ Continue reading ]
During a conversation with my peers, the discussion came up on how to determine what environment a tenant is located in (usually between Commercial and Government). Typically, the easiest way to determine this is to look at your account SKUs. For example, from PowerShell, the cmdlet Get-MsolAccountSku will return a list of SKUs available in your tenant.… [ Continue reading ]
This week, I was working on a project that spawned a lot of ideas for posts. The project involves creating a wrapper for a number of cmdlets and being able to pass any / all of the parameters to the actual cmdlet being performed. … [ Continue reading ]
I was shocked to discover that I hadn’t updated the OneDrive for Business Admin Tool since January. Shocked that I hadn’t had any good ideas for it. Shocked, I tell you.
And then, a requirement presented itself for a tenant-to-tenant migration: how big are all of the OneDrive sites?… [ Continue reading ]
Just a quick note: I’ve updated the AAD Connect Network Test Tool to now query Windows Product Edition data to provide a little more system configuration prerequisite testing information, based on the OperatingSystemSKU data listed at https://docs.microsoft.com/en-us/windows/desktop/CIMWin32Prov/win32-operatingsystem.… [ Continue reading ]
After 4 glorious years of TechNet blogging, I am moving. The TN blog system is changing, and I’m striking out on my own.
My blog is all growed up. You can go see any of your favorite posts at the new site: https://www.undocumented-features.com.… [ Continue reading ]
A few weeks ago, I put out a series of posts on creating and using custom sensitive information types (https://www.undocumented-features.com/tag/sensitive-information-types/). The blog, posts, however, focus on using the DLP configuration options available in the Security & Compliance Center.
Rules created via the DLP wizard in the Security & Compliance Center have the benefit of being able to be applied globally across your organization and its content sources. … [ Continue reading ]
So, of course, as soon as I finish up posting a few entries (here and here), we go and release a new UI to help you get it done on your own!
You can do most of the effort of creating a data classification here, although if you want to use any of our built in functions (such as credit card Luhn check), you’ll need to export/modify/import, use the sensitive information type package that I created (referenced earlier) or use one of our native DLP classifications.… [ Continue reading ]