Configuration

Sensitive Information Types–now with more sensitivity!

UPDATE: The TechNet Gallery link for this post has been updated.

So, this is an entry that has been long in the making.  I have had several customers over the last few years give feedback about our Data Loss Prevention’s (DLP) matching requirements, mostly around how they require too much corroborating evidence (in the form of patterns or keywords) to meet their organization’s very restrictive policies.… [ Continue reading ]

Configuration

Update: AAD Connect Network Test Tool

I trotted out the trusty WireShark and Fiddler tools today and ran through the latest iteration of AAD Connect setup.  In so doing, I’ve added a few endpoints to the test:

$CRL
http://ocsp.msocsp.com

$RequiredResources
adminwebservice-s1-co2.microsoftonline.com

$RequiredResourcesEndpoints
https://adminwebservice-s1-co2.microsoftonline.com/provisioningwebservice.svc

As always, the newest version is available at http://aka.ms/aadnetwork.… [ Continue reading ]

Information

Testing a variable with the value of zero

Tonight, while working on my previous script, I ran into an interesting problem when testing the presence of a value.

Consider this:

PS C:\> [int]$IntValue0 = 0
PS C:\> [int]$IntValue1 = 1
PS C:\> [string]$StringValue0 = "0"
PS C:\> [string]$StringValue1 = "1"
PS C:\> $IntValue0
0
PS C:\> $IntValue1
1
PS C:\> If ($IntValue0) { "exists" }
PS C:\> If ($IntValue1) { "exists" }
exists
PS C:\> if ($StringValue0) { "exists" }
exists
PS C:\> if ($StringValue1) { "exists" }
exists
PS C:\> if ($IntValue0 -eq $null) { "null" }
PS C:\> if ($IntValue0 -lt 1) {"less than 1" }
less than 1
PS C:\> $IntValue0.GetType()

IsPublic IsSerial Name BaseType
-------- -------- ---- --------
True True Int32 System.ValueType

My short lesson: when setting an integer value to 0, you can’t test for it using If ($Value), as that will return false. … [ Continue reading ]

Information

Report proxy addresses not in Accepted Domains

Like as the waves make towards the pebbled shore, so do our proxy addresses hasten to multiply.

At least, that’s how it seems.  As is the organizational ebb and flow, business objectives change, new business units are spun up, old projects are turned down, and you may need to add or remove proxy addresses in your Exchange environment to account for that. … [ Continue reading ]

Configuration

Update to Create-LabUsers tool

Update: I’ve added a shortlink for this tool: http://aka.ms/createlabusers.

Because you didn’t ask for it, I went ahead and added to it.

Well, that’s a lie.  I actually had some really great ideas and feedback, so I’ve added a few new features that I wanted to draw attention to:

  • Detect existing Exchange session – If you cancel the script to create mailboxes while it’s running, you previously needed to run a Remove-PSSession to close the open Exchange session. 
[ Continue reading ]
Personal

Random things with Get-Random

Today’s post is less about anything in particular than it is about jotting a few things down for personal reference.

I learned a couple of things over the last week while developing a tool. I’m sure I learned them once before, but as a person with finite storage and recall capacity, this tidbits were replaced by something I perceived to be of more timely import at the time (such as my kids’ birthday gifts, picking up a suit at the cleaners, a really great Detroit style pizza recipe I’ve finally put the finishing touches on, and how I’ve recently become a fan of grass-fed butter (well, technically butter made from milk produced by grass-fed cows, since you can’t really get butter to eat anything successfully)).… [ Continue reading ]

Information

Managing a corporate blog site with SharePoint Online and Office ProPlus

As I help organizations transition to think cloud-first, one of my goals is to help them get the most out of their Office 365 investment.  In this post, we’ll talk about tackling a corporate blog.

SharePoint Online comes with a number of out-of-the-box templates, and the one that most closely maps to the blog requirement is … wait for it … the blog site template.… [ Continue reading ]

Information

Update to the Get-UserHoldPolicies tool

While working with a customer last week, it came to my attention that the Get-UserHoldPolicies script I had put together to enumerate retention policies and eDiscovery cases that put a hold on content wasn’t displaying policies that were global.  The types of policies I checked for were enumerated in a user’s InPlaceHolds mailbox property, but apparently, that field is populated only if a Security & Compliance retention policy explicitly specifies the mailbox.… [ Continue reading ]

Configuration

ATP: Safe Attachments, Safe Links, and Anti-Phishing Policies or “All the policies you can shake a stick at”


With the advent of scammers, spammers, phishers, and other types of baddies, and the complementary rise in anti-malware, anti-spam, domain and sender verification techniques, we’re in a perpetual cat-and-mouse game.  I’ve had several customers over the past few weeks ask me about best practices for configuring some of the Advanced Threat Protection (ATP) features.… [ Continue reading ]