January 2022 Blog Posts
Hi all,
I guess we all wrote Applications or Scripts that use AAD Applications and used ClientSecrets or Certificates to Authenticate. But what will happen when the Certificate or ClientSecret will expire? Simple - the Application won't work anymore, because the Authentication will fail.
So i searched for a way to check if the ClientSecret or Certificate will soon expire.
Let me show an Application that has multiple ClientSecrets and Certificates.
Here's the Overview of an AAD Application in the Azure AD Portal https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
There are two ClientSecrets
There are two Certificates
Make sure there is an Owner of the Application with an Emailaddress
All you need is...
Hi All,
In my M365 Tenant i use Direct Routing from Sunrise, a Telco Provider here in Switzerland.
I own a Numberrange with 10 Number +41 21 555 39 70-79.
If i call with my Mobilephone to a Number, that is not assignet to a User, Callflow or Autoattendant, i get an Anouncement from the Provider (Sunrise) that the Number is not active. This is because the Session Border Controller at the Provider receives a SIP 404 Not Found.
If i call the same number in my own Tenant, Teams is ringing and ringing. Now here comes the handling of unasigned numbers into the...
Hi All,
A customer recently could not remember the Password of the PFX File.
I was curious and searched for a PFX Password Recovery Tool.
I created a PFX with a Password
9 chars
uppercase chars
lowercase cars
numbersspecial caracter
Certificate Password Recovery Tool
https://7thzero.com/blog/certificate-password-recovery-tool
I startet the Tool on Friday 14 January 23:41:41
After about 9 Days there where tested 569'890'000 diffrent combinations. And we're still at 5 Characters.
Conclusion:
If you have a weak password or know parts of the Password - this might work for you in an acceptable time.
If it is a secure...
Hi All,
I am pretty sure, i did not read anything about this refresh of Explorer in Microsoft 365 Defender (Security Admin Center) ttps://security.microsoft.com/threatexplorer
It has also been renamed from "Threat Explorer" just to "Explorer".
What i absolutely love about this, is that the default now points to "All email" instead of "Malware" like before.
You sill have a lot of Filtering possibilities
And also the Chart view has diffrent Filtering options
A quick check in the Advanced Hunting shows, that here also were made some changes
After a Moment (15-30 Minutes) i was able to execute the Querys again.
Regards
Andres Bohren
Hi All,
Just a few days ago, Microsoft has released the MicrosoftTeams PowerShell Module v3.1.0 to the PSGallery.
Here are the Release notes
Time to uninstall the old Modules and get the new one. Unfortunately i had still code open, that's why 3.0.1-Preview couln't be uninstalled in the first place-
Get-Module MicrosoftTeams -ListAvailable
Uninstall-Module MicrosoftTeams
Uninstall-Module MicrosoftTeams
Uninstall-Module MicrosoftTeams
Now Install the MicrosoftTeams PowerShell Module from the PSGallery
Find-Module MicrosoftTeams
Install-Module MicrosoftTeams
Let's see how long it takes to load the Module. I am impressed, it's like half of the time than the previous modules, but still not as fast as te 2.x.x Versions.
Measure-Command -Expression {Import-Module MicrosoftTeams}
As you can see the...
Hi all,
On the last Microsoft Patchday, i've seen, that a new Azure File Sync Agent has been released. The Title is "Azure File Sync Agent v14.1 Release - November 2021 (KB5001873)" - but when you check the download Link it is from mid December.
When i check the Storage Sync Service in Azure Portal, i can see that i'm using the Agent Verion 13.0. The Download Link to the New Version also comes handy.
Azure File Sync Agent 14.1.0.0
https://www.microsoft.com/en-us/download/details.aspx?id=57159
I've installed the new Agent via Windows update. After a Reboot i can see that the new Version of Azure File Sync Agent is...
Hi All,
I have got me a OnePlus9 Smartphone in May 2021. So far Android Patches coming about all two Months. Last Android Patch was 2021-11-01 for that Phone.
Today i got a big update that also contained Android 12 and Android Patchlevel 2022.01
Regards
Andres Bohren
Hi Everybody,
In June 2020 i applied for the Data residency move to the newly created M365 Datacenter Location in Switzerland
Today i had the following Message in the M365 Message Center
Moving core data to new Microsoft 365 datacenter geos
https://docs.microsoft.com/en-us/microsoft-365/enterprise/moving-data-to-new-datacenter-geos?view=o365-worldwide
I've checked the Data location. As you can see the Exchange Data has been moved to Switzerland đ
Regards
Andres Bohren
Hi All,
A few weeks ago i had to upload a File to a SharePoint Site with a PowerShell Script.
In this Blog Article i explain how i did it.
All you need is
Azure AD Application
Sharepoint Permission
PnPPowerShell https://www.powershellgallery.com/packages/PnP.PowerShell/
Here is the File i want to upload and replace with my PowerShell Script (Documents/Project/Script/AADUsers.csv)
Azure AD Application
You need to create an Azure AD Application. Copy the Application ID, you will need that later for the PowerShell Script
The Application need to have a ClientSecret. Copy the ClientSecret, you will need that...
Hi All,
Did you ever wanted to have a List of all assigned Phone Numbers in Teams?
For CallQueues and Autoattendant you can find the List of ResourceAccounts in Teams Admin Center (TAC) under Voice > Resouce accounts
Sadly, the same does not apply for Users. Under "Phone Numbers" you will find only a List of Numbers if you're using Operator connect.
For the Users you have to go to Users > Manage users. But here are all Users not only the ones with Phone Numbers
Maybe you can use a Filter. Best fit would probably to query the voice routing policy - given you...
Hi All,
Did you know, that you can create a Microsoft List in M365 from an Excel?
I have created this Example Excel
From the Office 365 Portal in the Browser i open Lists
Here i create a "New List"
I select "From Excel"
The Excel File has to be on your OneDrive
If the Table is not yet properly formated you need to fix that
With the klick on the above "Open" the Excel File will loaded in Excel Online. You then Select the Data and "Format as Table". Then close Excel Online
Now your are able to fix some collumn Namens an check the Type
Give the List...
Hi All,
You might have stumbled over the Microsoft Anouncement of DNSSEC/DANE for Exchange Online.
In this Blog i would like to explain how it works in detail
Support of DANE and DNSSEC in Office 365 Exchange Online
https://techcommunity.microsoft.com/t5/exchange-team-blog/support-of-dane-and-dnssec-in-office-365-exchange-online/ba-p/1275494
Microsoft 365 roadmap
https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=dane
What is DANE?
DANE is the abbreviation for "DNS based Authentification of Named Entities".
It requires DNSSEC https://www.ietf.org/rfc/rfc4035.txt
Dane is defined in the RFC6698
The DNS-Based Authentication of Named Entities (DANE)
Transport Layer Security (TLS) Protocol: TLSA
https://datatracker.ietf.org/doc/html/rfc6698
Requires a TLSA DNS Record. In the RFC above there is this Statement:
TSLA Record ("TLSA" does not stand for anything; it is just the name of the RRtype)
Maybe that's true. I...
Hi all,
Microsoft has released a new version of Azure Active Directory Connect (AAD Connect). AAD Connect Health Component is now FIPS compliant.
Azure AD Connect: Version release history
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history
In the Microsoft 365 Admin Center you will see also the new Version https://admin.microsoft.com/Adminportal/Home#/dirsyncmanagement
Regards
Andres Bohren
Hi all,
Recently i was stumbled over a new expression called "BIMI"
What is BIMI?
Brand Indicators for Message Identification or BIMI (pronounced: Bih-mee) is an emerging email specification that
enables the use of brand-controlled logos within supporting email clients. BIM' leverages the work an organization
has put into deploying DMARC protection, by bringing brand logos to the customers inbox. For the brands logo to
be displayed. the email must pass DMARC authentication checks. ensuring that the organization's domain has not
been impersonated.
source: https://bimigroup.org/
The promise of BIMI is, that the Inbox shows your brand logo.
It's still an IETF Draft and...
Hi there,
Jabra has released the January 2022 Version of theyr Jabra Direct Software (Version 5.11.01302)
The details can be found in the release notes
https://www.jabraheadsets.ch/support/release-notes/release-note-jabra-direct
Regards
Andres Bohren
Hi everybody
I've just seen that a new version of Microsoft Azure Information Protection (AIP UL) Client was released.
Apart from a few updates, fixes, and enhancements the new Client will only support x64 Plattform.
Azure Information Protection unified labeling client - Version release history and support policy
https://docs.microsoft.com/en-us/azure/information-protection/rms-client/unifiedlabelingclient-version-release-history
Microsoft Azure Information Protection
https://www.microsoft.com/en-us/download/details.aspx?id=53018
Regards
Andres Bohren
Hi Everybody,
Instead of the delayed December Exchange Cumulative Updates, we've got Security Updates for Exchange 2013/2016/2019
Released: January 2022 Exchange Server Security Updates
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-january-2022-exchange-server-security-updates/ba-p/3050699
In my Blog Post i'm covering the Exchange 2016 CU22 Security update.
Â
Security Update For Exchange Server 2016 CU22 (KB5008631)
https://www.microsoft.com/en-us/download/details.aspx?id=103855
Please make shure you run the *.msp in an elevated CMD
Regards
Andres Bohren
Hallo all,
I've already blogged how to read the Active Directory Attribute "userAccountControl"
How to read the value of AD Attribute userAccountControl
https://blog.icewolf.ch/archive/2011/06/08/how-to-read-the-value-of-ad-attribute-useraccountcontrol.aspx
Today i came across some users that had the Property "PASSWD_NOTREQD" (Password not required) set.
For a regular user you just can add 512 (NORMAL_ACCOUNT) + 32 (PASSWD_NOTREQD) = 544
With the following Exchange Commandlet you can show the Attribute "userAccountControl", which also translates the value.
Get-User -Identity f.fischer | fl userAccountControl
You can also get the same with the Active Directory Module
Get-ADUser -Identity f.fischer -Properties userAccountControl | fl
To show all accounts, which have the Flag "PasswordNotRequired" use the following command.
Get-ADUser -Filter {PasswordNotRequired -eq $true}...
Hallo zusammen,
Ich habe am 1. Januar auf Twitter den Link auf das Blog von MVP Jaap Wesselius gesehen. Dort wurde beschrieben, dass Mails auf dem Exchange Server On Prem in der Transport Queue hÀngenbleiben und mal als Workaround das Malware Scanning deaktivieren soll.
THE FIP-FS SCAN PROCESS FAILED INITIALISATION. MAIL IS QUEUED ON EXCHANGE SERVERS.
https://jaapwesselius.com/2022/01/01/the-fip-fs-scan-process-failed-initialisation-mail-is-queued-on-exchange-servers/
CD $ExScripts
.\Disable-AntiMalwareScanning.ps1
Restart-Service MSExchangeTransport
Als ich daraufhin das Exchange Team Blog aufgesucht habe, war da noch keine Information zu lesen. Erst spÀter dann wurde folgender Artikel veröffentlicht
Email Stuck in Exchange On-premises Transport Queues
https://techcommunity.microsoft.com/t5/exchange-team-blog/email-stuck-in-exchange-on-premises-transport-queues/ba-p/3049447
Und dann gab es doch noch eine Meldung im M365 Admin Center
Bei mir zeigt der MX Eintrag...
Hallo zusammen,
Anfangs des Jahres ist jeweils ein guter Zeitpunkt um auf das alte Jahr zurĂŒckzuschauen. Im 2020 habe ich 278 Blog Artikel geschrieben, also durchschnittlich etwa 23 pro Monat - so viel wie wie noch nie.
Insgesamt hatte ich ĂŒber 130'000 Pageviews. Das sind rund etwa 500 pro Tag und ĂŒber 10'000 pro Monat.
Die Top 10 der Blogartikel 2021
Create Teams Auto Attendant and Call Queue with Powershell
Exchange Hybrid Mailflow und Centralized Mail Transport
Install security update 6.7 U3n on vCenter Server Appliance 6.7 (VCSA)
...