blog.icewolf.ch

Let's talk about IT!
posts - 2078, comments - 295, trackbacks - 0

My Links

Archives

Post Categories

icewolf

Saturday, June 25, 2022

Microsoft Teams Voicemail Settings for Users and Admins

Hi All,

There are some News in Microsoft Teams regarding Voicemail.

In Teams Admin Center you can set the Call answering Rules


That's also possible with the get/set-CsOnlineVoicemailUserSettings

Get-CsOnlineVoicemailUserSettings -Identity a.bohren@icewolf.ch


The User can control these Settings in the Teams Client under Settings > Calls


If the user clicks on "Voicemail" another Screen appears with some settings


There is a new Website, where the user can control these Settings.
By the way do you spot the diffrence of the Language for Greeting in Teams Client. It's diffrent than in TAG or the Voicemail Settings below.



An Admin can find these Settings in the Teams Admin Center (TAC) under Users > Voicemail


Or use PowerShell

Get-CsOnlineVoicemailUserSettings -Identity a.bohren@icewolf.ch



If someone leaves you a voicemail you will be notified by email with an attached mp3



Regards
Andres Bohren


posted @ Saturday, June 25, 2022 2:14 PM | Filed Under [ PowerShell MicrosoftTeams ]

Thursday, June 23, 2022

PowerShell v7.2.5 released

Hi All,

A few days ago, Microsoft has Released PowerShell v7.2.5

Download

PowerShell 7 Release Notes




I always activate "Enable PowerShell remoting"






Get-Host



Regards
Andres Bohren


posted @ Thursday, June 23, 2022 9:12 PM | Filed Under [ PowerShell ]

Microsoft.Graph PowerShell Module 1.10.0 released

Hi All,

A few hours ago, Microsoft has released a new Version of the Microsoft.Graph PowerShell Modules.



Check the installed Version and what's on the PowerShell Gallery

Get-InstalledModule Microsoft.Graph
Find-Module Microsoft.Graph


But remember, it's not one Module, it is a collection of Modules

Get-InstalledModule Microsoft.Graph*


I've published a PowerShell Script on my GitHub Account that uninstalls the old Modules and installs the newest one


You can run that directly in PowerShell with the Code below

#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/CleanupGraphModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)




Check if everything worked

Get-InstalledModule Microsoft.Graph*



Regards
Andres Bohren


posted @ Thursday, June 23, 2022 9:03 AM | Filed Under [ PowerShell Microsoft365 ]

WhiteboardAdmin 1.9.0 PowerShell Module released

Hi all,

A few Hours ago the PowerShell Module for the M365 Whiteboard has been released.
I guess it fixes some errors, as WhiteboardAdmin 1.8.0 was released only two weeks ago.
But i could not find any Release notes or so.

WhiteboardAdmin 1.9.0

Get-InstalledModule WhiteboardAdmin
Find-Module WhiteboardAdmin
Uninstall-Module WhiteboardAdmin
Install-Module WhiteboardAdmin



Get-Command -Module WhiteboardAdmin



Regards
Andres Bohren


posted @ Thursday, June 23, 2022 8:18 AM | Filed Under [ Microsoft365 ]

Exchange Cumulative Update Error Expired Certificate

Good Morning,

I've had a customer that encountered the Error below during Exchange 2016 CU23 installation.

Error:
The following error was generated when "$error.Clear();
Install-ExchangeCertificate -services IIS -DomainController $RoleDomainController
if ($RoleIsDatacenter -ne $true -And $RoleIsPartnerHosted -ne $true)
{
Install-AuthCertificate -DomainController $RoleDomainController
}
" was run: "System.Security.Cryptography.CryptographicException: The certificate is expired.
at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)
at Microsoft.Exchange.Management.SystemConfigurationTasks.InstallExchangeCertificate.InternalProcessRecord()
at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__91_1()
at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)".



It was obvious that a Certificate had expired.

We've recreated a new CSR with FQDN and Hostname and installed the Certificate on the Server. Still the Setup failed at the exact same point.

The Solution was to delete the expired Certificate from the Local Machine Certificate Store and start the Setup again.



After that, the Setup finished successful.
Check the Exchange Certificate after the Installation

Get-ExchangeCertificate
Enable-ExchangeCertificate -Thumbprint <Thumbprint> -Services IIS,POP,IMAP,SMTP

Regards
Andres Bohren


posted @ Thursday, June 23, 2022 7:40 AM | Filed Under [ Exchange ]

Tuesday, June 21, 2022

PowerToys Release v0.59.1

Hi All,

A few days ago a new Version of PowerToys has been released that fixes some Problems

Release v0.59.1





Regards
Andres Bohren


posted @ Tuesday, June 21, 2022 7:23 AM | Filed Under [ Windows ]

Monday, June 20, 2022

MSCommerce PowerShell Module 1.8 released and some new SelfServicePurchase Products

Hi All,

A few days ago the MSCommerce 1.8 PowerShell Module in the PowerShell Gallery has been released.

PowerShell Gallery MSCommerce

Use AllowSelfServicePurchase for the MSCommerce PowerShell module

Check for installed version of the Module
Get-InstalledModule MSCommerce

Check what's available in PowerShell Gallery
Find-Module MSCommerce

Uninstall old Version and install new Version of the Module
Uninstall-Module MSCommerce
Install-Module MSCommerce


Connect to M365 and view the Details

Import-Module -Name MSCommerce
Connect-MSCommerce
Get-MSCommercePolicy -PolicyId AllowSelfServicePurchase
Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase


Disable Self Service Purchase

Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0HVZG -Enabled $False
Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0LH3N -Enabled $False
Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0LHWP -Enabled $False
Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId CFQ7TTC0LH05 -Enabled $False


Now it looks the way i want

Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase



Regards
Andres Bohren


posted @ Monday, June 20, 2022 9:12 AM | Filed Under [ Microsoft365 ]

Thursday, June 9, 2022

WhiteboardAdmin 1.8.0 PowerShell Module released

Hi All,

Yesterday the PowerShell Module WhiteboardAdmin has been released in Version 1.8.0.


To install use the commandlets below. Remember the PowerShell has to be startet "As Administrator" to uninstall/install PowerShell Modules.

Get-InstalledModule WhiteboardAdmin
Find-Module WhiteboardAdmin
Uninstall-Module WhiteboardAdmin
Install-Module WhiteboardAdmin


To get the Whiteboards of a user you must use TenantAdmin Credentials

Get-Whiteboard -UserId <ObjectIDofUser>
Get-Whiteboard -UserId 6db8cdd5-8e93-462d-9907-994406c07f60


That's what the Result looks like



Regards
Andres Bohren


posted @ Thursday, June 9, 2022 7:36 AM | Filed Under [ PowerShell Microsoft365 ]

Wednesday, June 8, 2022

PowerToys v0.59.0 released

Hi All,

Yesterday the Version 0.59.0 of PowerToys has been released

Release Notes






Regards
Andres Bohren


posted @ Wednesday, June 8, 2022 11:38 AM | Filed Under [ Windows ]

Monday, June 6, 2022

Calendar Availability (Free/Busy) Requests with Microsoft Graph

Hi All,

I recently had a customer that wanted to write an Application to read the Availability (Free/Busy) from the Calendars of theyr users.Here is how you can do that with Microsoft Graph.

First you need an Application in Azure Active Directory with an AppID / ClientID


Then you need to be able to Authenticate. I usually use a Certificate for that purpose.


As for the Permissions, the Application needs the following:

App needs Application Permissions:
- Calendars.Read (Only for the Mailbox where you make the Requests from - Limit with ApplicationAccessPolicy)
- Schedule.Read.All


Now we need to Limit the Calendars.Read to the Mailbox where the Availability Requests (aka Free/Busy) requests are made from.

New-ApplicationAccessPolicy -AccessRight RestrictAccess -AppId b1fe3302-d057-4fe3-84ac-c507ecdb6d0d -PolicyScopeGroupId PostmasterGraphRestriction@icewolf.ch -Description "Restrict this app to members of this Group"
Get-ApplicationAccessPolicy | Where-Object {$_.AppId -eq "b1fe3302-d057-4fe3-84ac-c507ecdb6d0d"}


Now we can test it

Test-ApplicationAccessPolicy -AppId b1fe3302-d057-4fe3-84ac-c507ecdb6d0d -Identity postmaster@icewolf.ch
Test-ApplicationAccessPolicy -AppId b1fe3302-d057-4fe3-84ac-c507ecdb6d0d -Identity max.muster@icewolf.ch



I've tested it with the Example from the Docs Site


Only got an Error and could not figure it out. Write me if you found a Solution that works.

Connect-MgGraph -AppId $AppID -CertificateThumbprint $Thumbprint -TenantId $TenantId
Import-Module Microsoft.Graph.Users.Actions

$params = @{
    Schedules = @(
        "m.muster@icewolf.ch"       
    )
    StartTime = @{
        DateTime = "2022-05-09T06:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    EndTime = @{
        DateTime = "2022-05-09T15:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    AvailabilityViewInterval = 60
}
$jsonArray = $Params | ConvertTo-Json -Depth 4

$UserId = "postmaster@icewolf.ch"
Get-MgUserDefaultCalendarSchedule -UserId $userId -BodyParameter $Params



All right, i've created two Appointments in the Calendar of max.muster@icewolf.ch. The second one is private.


The Calendar Permissions for "Default" are "AvailabilityOnly"

Get-MailboxFolderPermission -Identity max.muster@icewolf.ch:\Kalender


So let's try it with a pure Graph Call.

#Variables
$AppID = "b1fe3302-d057-4fe3-84ac-c507ecdb6d0d"
$Thumbprint = '4F1C474F862679EC35650824F73903041E1E5742'
$TenantId = "icewolfch.onmicrosoft.com"
$Certificate = Get-Item "Cert:\CurrentUser\My\$Thumbprint"

#Get AccessToken with MSAL Certificate Auth
Import-Module MSAL.PS
Clear-MsalTokenCache
$RedirectUri = "https://login.microsoftonline.com/common/oauth2/nativeclient"
$Token = Get-MsalToken -ClientId $AppID -TenantId $TenantID -RedirectUri $RedirectUri -ClientCertificate $Certificate
$AccessToken = $Token.AccessToken

#Get Availability (aka Free/Busy)
$From = "postmaster@icewolf.ch"
$URI = "https://graph.microsoft.com/v1.0/users/$From/calendar/getSchedule"
$ContentType = "application/json"
$Headers = @{"Authorization" = "Bearer "+ $AccessToken}

$Body = @{
    Schedules = @(
        "max.muster@icewolf.ch"       
    )
    StartTime = @{
        DateTime = "2022-06-06T06:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    EndTime = @{
        DateTime = "2022-06-12T19:00:00"
        TimeZone = "W. Europe Standard Time"
    }
    AvailabilityViewInterval = 60
}
$jsonBody = $Body | ConvertTo-Json -Depth 4

$result = Invoke-RestMethod -Method "POST" -Uri $uri -Headers $Headers -ContentType $ContentType -Body $JsonBody
$Result.value.scheduleItems



If we change the Permission to Reviewer

Set-MailboxFolderPermission -Identity max.muster@icewolf.ch:\Kalender -User Default -AccessRights Reviewer

We can now even see the Subject and some more Details. But not for the Item with the Private Flag. We see only that he is not available then.

$result = Invoke-RestMethod -Method "POST" -Uri $uri -Headers $Headers -ContentType $ContentType -Body $JsonBody
$Result.value.scheduleItems




Summary:
This is an easy way to read the Calendar of your Organization Mailbox Users.
It respects the MAPI Permissions set to a Calendar.
You can add your ServiceAccount as a dedicated Permission Entry on the Calendar

Add-MailboxFolderPermission -Identity max.muster@icewolf.ch:\Kalender -User postmaster@icewolf.ch -AccessRights Reviewer


Regards
Andres Bohren


posted @ Monday, June 6, 2022 8:47 AM | Filed Under [ Exchange PowerShell ]

Powered by:
Powered By Subtext Powered By ASP.NET