Just a quick note: I’ve updated the AAD Connect Network Test Tool to now query Windows Product Edition data to provide a little more system configuration prerequisite testing information, based on the OperatingSystemSKU data listed at https://docs.microsoft.com/en-us/windows/desktop/CIMWin32Prov/win32-operatingsystem.… [ Continue reading ]
Four score and many moons ago, I was working on one of my first projects in Microsoft Consulting Services. This particular customer (a university) shared their Active Directory infrastructure with a hospital. During the course of their business, employees would frequently move between organizations. … [ Continue reading ]
Today, I received an email from a customer that one of the scripts I had in the gallery wasn’t working correctly. Yes, I know it’s hard to believe, but I made an update and didn’t regression test completely, and then something stopped working.… [ Continue reading ]
This week, while working with one of my customers in a custom Office 365 deployment, I had the opportunity to revisit and update one of my scripts (Remove Proxy Addresses via AAD Connect). I had originally built that script for a large state government Office 365 migration from BPOS-D. … [ Continue reading ]
Woo! A day of updates! I’ve made a few updates to this tool, so hopefully you’ll find them useful:
2018-08-12: A reader noticed that the UpdateAdminSDHolder switch didn’t work ask expected when specifying the ExchangeHybridWriteBack OU without the ExchangeHybridWriteBackOUs parameter. I have found and updated that! … [ Continue reading ]
Update (7/24): I updated this since the last revision, so if you downloaded it prior to 7/24/2018, get the newest version.
I began working with the product group on rolling in some of the network connectivity and testing checks available in the AAD Connect Network Test tool into the actual AAD Connect product. … [ Continue reading ]
I trotted out the trusty WireShark and Fiddler tools today and ran through the latest iteration of AAD Connect setup. In so doing, I’ve added a few endpoints to the test:
Earlier today, I was notified that the Dynamics 365 network URLs page was updated, so I updated my Dynamics test tool.
But then, I thought, what else could I put in it?
Never one to leave well enough alone, I started tinkering. … [ Continue reading ]
Just when you thought it couldn’t get more awesome.
By popular request, I have added a few new features (and fixed an annoyance). First, the bug fix:
Yes, it’s true. If you ran the Create-LabUsers script with -Count 1 with the -InflateMailboxes parameter, you’d run into an issue because of how I calculated the $MaxRecipients value. … [ Continue reading ]
Update: This tool has a new shortlink: http://aka.ms/aadnetwork
Since the tool passed the 500 download mark a few weeks ago, I’ve started getting more questions (internal and external) about a few of the tests and checks. So, I decided to update/refine them to hopefully provide better guidance.… [ Continue reading ]
Update: I’ve added a shortlink for this tool: http://aka.ms/createlabusers.
Because you didn’t ask for it, I went ahead and added to it.
Well, that’s a lie. I actually had some really great ideas and feedback, so I’ve added a few new features that I wanted to draw attention to:
- Detect existing Exchange session – If you cancel the script to create mailboxes while it’s running, you previously needed to run a Remove-PSSession to close the open Exchange session.
While working with a customer last week, it came to my attention that the Get-UserHoldPolicies script I had put together to enumerate retention policies and eDiscovery cases that put a hold on content wasn’t displaying policies that were global. The types of policies I checked for were enumerated in a user’s InPlaceHolds mailbox property, but apparently, that field is populated only if a Security & Compliance retention policy explicitly specifies the mailbox.… [ Continue reading ]
A few users reported bugs with logging that I have updated. There was also an unreported bug when searching the XML generated by Get-ADSyncServerConfiguration for the connector’s AD user, which I have also resolved.
You can get the updated tool at https://gallery.technet.microsoft.com/AD-Advanced-Permissions-49723f74.… [ Continue reading ]
A few months ago, I debuted a new tool for AAD Connect deployment (read about it here: AAD Connect Network and Name Resolution Test or download it here: https://gallery.technet.microsoft.com/Azure-AD-Connect-Network-150c20a3) which allows you to test a number of conditions to make sure your server and environment are suitable for deploying AAD Connect.… [ Continue reading ]
Two updates for the tool in a week? Yes! It is so!
At the behest of my good friend Darryl and one of his customer’s needs, I have updated the the AAD Connect Advanced Permissions tool with the following:
- Allow the underscore (“_”) character to be used in an OU name path
- Allow CN= to be used as part of the OU filter name path, since some organizations may want to try to scope permissions specifically to CN=Users.
On the recommendation of my good friend Darryl, I’ve added some things to my AAD Connect permissions tool:
- Better logging of errors. When running the tool for a large organization that had $ characters in its service account names, the tool would report successful but not leave any log files or indicators where things may have happened.
I have updated the Office 365 Proxy PAC tool to allow selection of the US Department of Defense XML feed for proxy bypass configurations.
You can see previous updates for the tool:
And of course, the updated tool is available on the TechNet Gallery, with a couple of other bugfixes that some people reported (invalid characters/smart quotes appeared in some versions of the file, which have been corrected): https://gallery.technet.microsoft.com/Office-365-Proxy-Pac-60fb28f7 … [ Continue reading ]