AAD Connect Phone/Fax Mappings

Yesterday, while working with my colleague Michael Anderson, I needed to investigate where a particular on-premises value was being synced in AAD.  The result is this table:

AD Property Get-MsolUser Get-AzureADUser Get-User Get-CSOnlineUser
Friendly name ldapDisplayName
Telephone number telephoneNumber PhoneNumber TelephoneNumber Phone Phone
Pager pager Pager
Mobile mobile MobilePhone Fax MobilePhone
Fax facsimileTelephoneNumber Fax FacsimileTelephoneNumber Fax Fax
IP Phone ipPhone IPPhone
Home homePhone HomePhone HomePhone
{otherMobile} {AlternateMobilePhones}
{otherHomePhone} {OtherHomePhone}
{otherFacsimileTelphoneNumber} {OtherFax}
{otherTelephone} {OtherTelephone} {OtherTelephone}

It’s important to note that values displayed in braces { } are multivalued attributes, so if there’s something stored in one on-premises that you need or want to map to a a different attribute in Azure AD, you’ll need to either map it to another multivalued attribute or extract the value so you can write it to a single-valued string attribute. … [ Continue reading ]


Configure Teams to Co-exist with Google G Suite

With the rise of stay-at-home orders due to COVID-19 over the past several weeks, I’ve engaged with many customers who want to use Microsoft Teams to as part of their work-from-home tool set.  Many of my customers have investments in both Microsoft Office 365 as well as Google G Suite or Google Apps (frequently with other third-party IdP, metadirectory, and federation services thrown in the mix), so it’s not always just as easy as “flipping a switch.”… [ Continue reading ]


Flashback to what it took to do math in DOS batch files

While working on a script for an upcoming project, I wanted to test for the presence of various Office versions, including 32-bit and 64-bit components before initiating setup. Here’s one way I found:

SET CURRLOCATION32="C:\Program Files (x86)\MicrosoftOffice\root\Office16"
SET CURRLOCATION64="C:\Program Files\MicrosoftOffice\root\Office16"
SET PREV1LOCATION32="C:\Program Files (x86)\MicrosoftOffice\root\Office15"
SET PREV1LOCATION64="C:\Program Files\MicrosoftOffice\root\Office15"
SET PREV2LOCATION32="C:\Program Files (x86)\MicrosoftOffice\root\Office14"
SET PREV2LOCATION64="C:\Program Files\MicrosoftOffice\root\Office14"

REM Check for 64-bit versions
[ Continue reading ]

Export Credential Manager to PowerShell

If you ever find yourself in a sticky wicket and need to extract usernames and passwords from Credential Manager (usually because you forgot them), you can use this handy-dandy little function from PowerShell:

function ExportCredMan
    # Dump local passwords from credential manager
[ Continue reading ]

Apply Security & Compliance Center Retention Labels to Outlook Folders

I couldn’t really come up with a cool-sounding title for this post, so I just went with the basics of what it does.

Last week, I worked with a customer that wanted to deploy custom retention labels to custom folders inside a user’s mailbox–the idea being that they would create a custom folder structure such as this under a user’s Inbox:

\Inbox\Retention Schedule
\Inbox\Retention Schedule\2 Year (apply a 2-year retention label to everything in this folder)
\Inbox\Retention Schedule\4 Year (apply a 4-year retention label to everything in this folder)
\Inbox\Retention Schedule\7 Year (apply a 7-year retention label to everything in this folder)
\Inbox\Retention Schedule\Forever (apply a ‘Never delete’ retention label to everything in this folder)

Seems easy enough, right? … [ Continue reading ]


Exchange Online Protection (EOP) Best Practices and Recommendations

Yes. I said it.

Someone needed to put a line in the sand and today, that person is me.  I’m going to say these are some best practices.

But of course, your mileage may vary, depending on your type of organization (users at a local bank or city government will have different threats presented to them than an engineering firm with international customers, for example). … [ Continue reading ]