This feature is an “oldie but goodie” that my customers are starting to ask questions about as they start looking into ways to automate their Office 365 deployments.… [ Continue reading ]
Configuration
Posts
Information
Splatbuilder Wrapper
This week, I was working on a project that spawned a lot of ideas for posts. The project involves creating a wrapper for a number of cmdlets and being able to pass any / all of the parameters to the actual cmdlet being performed. … [ Continue reading ]
Configuration
Update: OneDrive for Business Admin Tool
I was shocked to discover that I hadn’t updated the OneDrive for Business Admin Tool since January. Shocked that I hadn’t had any good ideas for it. Shocked, I tell you.… [ Continue reading ]
Configuration
Update: AAD Connect Advanced Permissions Tool
It’s Two-fer Friday. I don’t know if it was a thing, but it is now.
Based on received feedback, I have updated the AAD Connect Advanced Permissions tool to check for the Active Directory schema version in addition to the Exchange schema. … [ Continue reading ]
Configuration
Update: AAD Connect Network Test Tool
Just a quick note: I’ve updated the AAD Connect Network Test Tool to now query Windows Product Edition data to provide a little more system configuration prerequisite testing information, based on the OperatingSystemSKU data listed at https://docs.microsoft.com/en-us/windows/desktop/CIMWin32Prov/win32-operatingsystem.… [ Continue reading ]
Configuration
Fixing Office 365 Anonymous Group Write-back and External Delivery
Yes, Hell has frozen over. The cows have come home. The lady of size has sung.
I have come up with a “best case” solution for the Office 365 hybrid group write-back problem.… [ Continue reading ]
Configuration
Forwarding Address Import and Export
Four score and many moons ago, I was working on one of my first projects in Microsoft Consulting Services. This particular customer (a university) shared their Active Directory infrastructure with a hospital. During the course of their business, employees would frequently move between organizations. … [ Continue reading ]
Identity
Update to the Remove-ExchangeProxyAddresses script
Today, I received an email from a customer that one of the scripts I had in the gallery wasn’t working correctly. Yes, I know it’s hard to believe, but I made an update and didn’t regression test completely, and then something stopped working.… [ Continue reading ]
Configuration
Update to the AAD Connect Remove Proxy Addresses Script
This week, while working with one of my customers in a custom Office 365 deployment, I had the opportunity to revisit and update one of my scripts (Remove Proxy Addresses via AAD Connect). … [ Continue reading ]
Information
We’re moving!
After 4 glorious years of TechNet blogging, I am moving. The TN blog system is changing, and I’m striking out on my own.
My blog is all growed up. You can go see any of your favorite posts at the new site: https://www.undocumented-features.com.… [ Continue reading ]
Configuration
Creating Scoped DLP rules with Custom Sensitive Information Types
A few weeks ago, I put out a series of posts on creating and using custom sensitive information types (https://www.undocumented-features.com/tag/sensitive-information-types/). The blog, posts, however, focus on using the DLP configuration options available in the Security & Compliance Center.… [ Continue reading ]
Configuration
Looky, looky! Custom sensitive information types with even more customitivity!
So, of course, as soon as I finish up posting a few entries (here and here), we go and release a new UI to help you get it done on your own!… [ Continue reading ]
Configuration
Update to the AAD Connect Advanced Permissions Tool
Woo! A day of updates! I’ve made a few updates to this tool, so hopefully you’ll find them useful:
2018-08-12: A reader noticed that the UpdateAdminSDHolder switch didn’t work ask expected when specifying the ExchangeHybridWriteBack OU without the ExchangeHybridWriteBackOUs parameter. … [ Continue reading ]
Configuration
Searching for Sensitive Information Types
Over the course of your Office 365 administration duties, you may be called to locate data matching particular data patterns (such as matching a particular regular expression or a Sensitive Information Type), either for eDiscovery or data classification purposes. … [ Continue reading ]
Configuration
Sensitive Information Types–now with more sensitivity!
UPDATE: The TechNet Gallery link for this post has been updated.
So, this is an entry that has been long in the making. I have had several customers over the last few years give feedback about our Data Loss Prevention’s (DLP) matching requirements, mostly around how they require too much corroborating evidence (in the form of patterns or keywords) to meet their organization’s very restrictive policies.… [ Continue reading ]
Information
Creating a function or script with PowerShell Dynamic Parameters
This week, while contributing code to a collaborative project, I wanted to up my game. A lot of my tools over the years have used parameters and validation, but one of the more elusive things is creating parameters that have parameter validation criteria set at run-time. … [ Continue reading ]
Configuration
Update: AAD Connect Network Test Tool
Update (7/24): I updated this since the last revision, so if you downloaded it prior to 7/24/2018, get the newest version.
I began working with the product group on rolling in some of the network connectivity and testing checks available in the AAD Connect Network Test tool into the actual AAD Connect product. … [ Continue reading ]
Configuration
Update: AAD Connect Network Test Tool
I trotted out the trusty WireShark and Fiddler tools today and ran through the latest iteration of AAD Connect setup. In so doing, I’ve added a few endpoints to the test:
$CRL
http://ocsp.msocsp.com
$RequiredResources
adminwebservice-s1-co2.microsoftonline.com
$RequiredResourcesEndpoints
https://adminwebservice-s1-co2.microsoftonline.com/provisioningwebservice.svc
As always, the newest version is available at http://aka.ms/aadnetwork.… [ Continue reading ]
Information
Testing a variable with the value of zero
Tonight, while working on my previous script, I ran into an interesting problem when testing the presence of a value.
Consider this:
PS C:\> [int]$IntValue0 = 0
PS C:\> [int]$IntValue1 = 1
PS C:\> [string]$StringValue0 = "0"
PS C:\> [string]$StringValue1 = "1"
PS C:\> $IntValue0
0
PS C:\> $IntValue1
1
PS C:\> If ($IntValue0) { "exists" }
PS C:\> If ($IntValue1) { "exists" }
exists
PS C:\> if ($StringValue0) { "exists" }
exists
PS C:\> if ($StringValue1) { "exists" }
exists
PS C:\> if ($IntValue0 -eq $null) { "null" }
PS C:\> if ($IntValue0 -lt 1) {"less than 1" }
less than 1
PS C:\> $IntValue0.GetType()
IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True Int32 System.ValueType
My short lesson: when setting an integer value to 0, you can’t test for it using If ($Value), as that will return false. … [ Continue reading ]
Configuration
PowerShell Null Routing Function
This week, while troubleshooting a networking problem for a customer, I wanted to limit or block network connectivity to some remote endpoints from a test workstation. To accomplish this, I created a quick PowerShell function to null route the traffic (send it to an invalid/null next hop).… [ Continue reading ]