Greetings! 👀 After a comment on my initial post asking for user email addresses in the output, I ended up getting a bit confused for 4 hours while trying to achieve the goal (it was a Friday night so several beers were involved) 🍻 !! When I started seeing the dreaded pages of red errors …
Active Directory – Export Groups and Members to a CSV file (with email addresses) Read More »
Cloud services have improved our lives and made our jobs easier – BUT they have also given hackers a worldwide platform of unlimited power with which to attack us… very sad but very true! 😲 😲 😲 😲 😲 😲 😲 😲 This makes it even more critical to secure our external-facing services as much …
Have you secured your IIS Web Server? Read More »
If you aren’t licensed for and using Conditional Access policies, please do not disable the security defaults feature just because something isn’t working (e.g. scan to email). Microsoft introduced the defaults for a very good reason – they realised that tenants without Azure AD Premium P1 licensing and correctly configured CA policies were wide open …
Please do NOT disable Security Defaults! Read More »
Hello and happy 2022! 🥳 I hope the year has started off as well as it possibly can for you (aside from the holiday ending a bit too early of course!)… 🍺😭 …right back to work! Now, is your Exchange environment safe!!?? Really? Is it? I love this utility called ‘SMTP Diag Tool’. It’s great …
Is your Hybrid Exchange Server SAFE or unknowingly EXPOSED? Read More »
Hey! I hope you are well.. 🤘 🙂 🤘. This script was a result of the following ponderings: How to monitor and manage the deletion of Blocked (Disabled) and Guest accounts in Azure AD. I have a Dynamic group for ‘Blocked (Disabled) users’, but members include valid Shared Mailbox accounts. What about Guest users… should …
Runbook: Sync Shared Mailbox accounts with an Azure AD Group Read More »
How often do you RDP to the AD Connect server to run a Delta Sync? Yes I know, quite often right? And that is only once you find out which server it is running on. Especially If you are in new environments a lot or someone moved it since last time… sheesh thanks for telling …
Remotely trigger delta AD Connect sync! Read More »
This script can be run after connecting to Exchange Online or on-premises environment. Replace “porkchops.com” with the suffix you want to remove 👍 Thanks to me mate Sailesh who loooves his porkchops!! 🤣🤣
Most customers have accepted at least one, if not multiple invitations from Microsoft partners to provide licensing or support services. What they often dont know is that by default this allows the partner to assign full administrative access to any of it’s staff, to perform tasks in the customers 365 / Azure tenant. It’s an …
How to restrict partner access to Azure and 365 Read More »
# EDIT # I have updated this script due to an issue where multiple mailboxes are matched due to similar names, this line below with $mailboxes variable piped to the Set command uses Display Name for Identity which may not be unique. Script is updated to loop through the mailboxes using UPN for the Set …
Exchange Online – set default Retention Policy if null Read More »
This script will connect to Exchange Online and enable litigation hold for all ‘enabled’ users (if it is currently disabled). Errors due to not having the appropriate license are ignored. Litigation hold can be enabled for users licensed with Business Premium, EOL Plan 2 or the Mailbox Archive add-on. You can schedule to run nightly …
Azure Runbook – enable Exchange Online Litigation Hold!! Read More »
