blog.icewolf.ch

Let's talk about IT!
posts - 2080, comments - 295, trackbacks - 0

My Links

Archives

Post Categories

icewolf

January 2022 Blog Posts

PowerShell Script to check for AAD Apps with expiring ClientSecrets and Certificates

Hi all, I guess we all wrote Applications or Scripts that use AAD Applications and used ClientSecrets or Certificates to Authenticate. But what will happen when the Certificate or ClientSecret will expire? Simple - the Application won't work anymore, because the Authentication will fail. So i searched for a way to check if the ClientSecret or Certificate will soon expire. Let me show an Application that has multiple ClientSecrets and Certificates. Here's the Overview of an AAD Application in the Azure AD Portal https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps There are two ClientSecrets There are two Certificates Make sure there is an Owner of the Application with an Emailaddress All you need is...

posted @ Friday, January 28, 2022 11:52 AM | Filed Under [ PowerShell Azure ]

Microsoft Teams routing calls to unassigned Numbers

Hi All, In my M365 Tenant i use Direct Routing from Sunrise, a Telco Provider here in Switzerland. I own a Numberrange with 10 Number +41 21 555 39 70-79. If i call with my Mobilephone to a Number, that is not assignet to a User, Callflow or Autoattendant, i get an Anouncement from the Provider (Sunrise) that the Number is not active. This is because the Session Border Controller at the Provider receives a SIP 404 Not Found. If i call the same number in my own Tenant, Teams is ringing and ringing. Now here comes the handling of unasigned numbers into the...

posted @ Friday, January 28, 2022 7:53 AM | Filed Under [ PowerShell MicrosoftTeams ]

PFX Certificate Password Recovery Tool (Brute Force)

Hi All, A customer recently could not remember the Password of the PFX File. I was curious and searched for a PFX Password Recovery Tool. I created a PFX with a Password 9 chars uppercase chars lowercase cars numbersspecial caracter Certificate Password Recovery Tool https://7thzero.com/blog/certificate-password-recovery-tool I startet the Tool on Friday 14 January 23:41:41 After about 9 Days there where tested 569'890'000 diffrent combinations. And we're still at 5 Characters. Conclusion: If you have a weak password or know parts of the Password - this might work for you in an acceptable time. If it is a secure...

posted @ Tuesday, January 25, 2022 11:18 PM | Filed Under [ Security ]

Threat Explorer in Microsoft 365 Defender got a refresh

Hi All, I am pretty sure, i did not read anything about this refresh of Explorer in Microsoft 365 Defender (Security Admin Center) ttps://security.microsoft.com/threatexplorer It has also been renamed from "Threat Explorer" just to "Explorer". What i absolutely love about this, is that the default now points to "All email" instead of "Malware" like before. You sill have a lot of Filtering possibilities And also the Chart view has diffrent Filtering options A quick check in the Advanced Hunting shows, that here also were made some changes After a Moment (15-30 Minutes) i was able to execute the Querys again. Regards Andres Bohren

posted @ Tuesday, January 25, 2022 9:05 PM | Filed Under [ Security Microsoft365 ]

MicrosoftTeams PowerShell Module 3.1.0 released

Hi All, Just a few days ago, Microsoft has released the MicrosoftTeams PowerShell Module v3.1.0 to the PSGallery. Here are the Release notes Time to uninstall the old Modules and get the new one. Unfortunately i had still code open, that's why 3.0.1-Preview couln't be uninstalled in the first place- Get-Module MicrosoftTeams -ListAvailable Uninstall-Module MicrosoftTeams Uninstall-Module MicrosoftTeams Uninstall-Module MicrosoftTeams Now Install the MicrosoftTeams PowerShell Module from the PSGallery Find-Module MicrosoftTeams Install-Module MicrosoftTeams Let's see how long it takes to load the Module. I am impressed, it's like half of the time than the previous modules, but still not as fast as te 2.x.x Versions. Measure-Command -Expression {Import-Module MicrosoftTeams} As you can see the...

posted @ Tuesday, January 25, 2022 8:43 PM | Filed Under [ PowerShell MicrosoftTeams ]

Azure File Sync Agent 14.1 has been released

Hi all, On the last Microsoft Patchday, i've seen, that a new Azure File Sync Agent has been released. The Title is "Azure File Sync Agent v14.1 Release - November 2021 (KB5001873)" - but when you check the download Link it is from mid December. When i check the Storage Sync Service in Azure Portal, i can see that i'm using the Agent Verion 13.0. The Download Link to the New Version also comes handy. Azure File Sync Agent 14.1.0.0 https://www.microsoft.com/en-us/download/details.aspx?id=57159 I've installed the new Agent via Windows update. After a Reboot i can see that the new Version of Azure File Sync Agent is...

posted @ Tuesday, January 25, 2022 7:35 AM | Filed Under [ Azure ]

Android 12 and Android Security Patch 2022.01 released for OnePlus 9

Hi All, I have got me a OnePlus9 Smartphone in May 2021. So far Android Patches coming about all two Months. Last Android Patch was 2021-11-01 for that Phone. Today i got a big update that also contained Android 12 and Android Patchlevel 2022.01 Regards Andres Bohren

posted @ Tuesday, January 25, 2022 1:42 AM | Filed Under [ UM/Mobile ]

Your datacenter move for Exchange is complete

Hi Everybody, In June 2020 i applied for the Data residency move to the newly created M365 Datacenter Location in Switzerland Today i had the following Message in the M365 Message Center Moving core data to new Microsoft 365 datacenter geos https://docs.microsoft.com/en-us/microsoft-365/enterprise/moving-data-to-new-datacenter-geos?view=o365-worldwide I've checked the Data location. As you can see the Exchange Data has been moved to Switzerland 😍 Regards Andres Bohren

posted @ Monday, January 24, 2022 8:50 PM | Filed Under [ Exchange Microsoft365 ]

Upload file to SharePoint Online with PnP.PowerShell

Hi All, A few weeks ago i had to upload a File to a SharePoint Site with a PowerShell Script. In this Blog Article i explain how i did it. All you need is Azure AD Application Sharepoint Permission PnPPowerShell https://www.powershellgallery.com/packages/PnP.PowerShell/ Here is the File i want to upload and replace with my PowerShell Script (Documents/Project/Script/AADUsers.csv) Azure AD Application You need to create an Azure AD Application. Copy the Application ID, you will need that later for the PowerShell Script The Application need to have a ClientSecret. Copy the ClientSecret, you will need that...

posted @ Sunday, January 23, 2022 2:35 PM | Filed Under [ Microsoft365 ]

Microsoft Teams Export assigned Phonenumbers to CSV

Hi All, Did you ever wanted to have a List of all assigned Phone Numbers in Teams? For CallQueues and Autoattendant you can find the List of ResourceAccounts in Teams Admin Center (TAC) under Voice > Resouce accounts Sadly, the same does not apply for Users. Under "Phone Numbers" you will find only a List of Numbers if you're using Operator connect. For the Users you have to go to Users > Manage users. But here are all Users not only the ones with Phone Numbers Maybe you can use a Filter. Best fit would probably to query the voice routing policy - given you...

posted @ Sunday, January 23, 2022 9:53 AM | Filed Under [ MicrosoftTeams ]

M365 Import List from Excel File

Hi All, Did you know, that you can create a Microsoft List in M365 from an Excel? I have created this Example Excel From the Office 365 Portal in the Browser i open Lists Here i create a "New List" I select "From Excel" The Excel File has to be on your OneDrive If the Table is not yet properly formated you need to fix that With the klick on the above "Open" the Excel File will loaded in Excel Online. You then Select the Data and "Format as Table". Then close Excel Online Now your are able to fix some collumn Namens an check the Type Give the List...

posted @ Saturday, January 22, 2022 8:34 PM | Filed Under [ Microsoft365 ]

DANE - DNS based Authentification of Named Entities

Hi All, You might have stumbled over the Microsoft Anouncement of DNSSEC/DANE for Exchange Online. In this Blog i would like to explain how it works in detail Support of DANE and DNSSEC in Office 365 Exchange Online https://techcommunity.microsoft.com/t5/exchange-team-blog/support-of-dane-and-dnssec-in-office-365-exchange-online/ba-p/1275494 Microsoft 365 roadmap https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=&searchterms=dane What is DANE? DANE is the abbreviation for "DNS based Authentification of Named Entities". It requires DNSSEC https://www.ietf.org/rfc/rfc4035.txt Dane is defined in the RFC6698 The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA https://datatracker.ietf.org/doc/html/rfc6698 Requires a TLSA DNS Record. In the RFC above there is this Statement: TSLA Record ("TLSA" does not stand for anything; it is just the name of the RRtype) Maybe that's true. I...

posted @ Friday, January 21, 2022 11:38 AM | Filed Under [ Exchange ]

Azure Active Directory Connect 2.0.91.0 released

Hi all, Microsoft has released a new version of Azure Active Directory Connect (AAD Connect). AAD Connect Health Component is now FIPS compliant. Azure AD Connect: Version release history https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history In the Microsoft 365 Admin Center you will see also the new Version https://admin.microsoft.com/Adminportal/Home#/dirsyncmanagement Regards Andres Bohren

posted @ Friday, January 21, 2022 10:07 AM | Filed Under [ Microsoft365 Azure ]

How does Brand Indicators for Message Identification (BIMI) work?

Hi all, Recently i was stumbled over a new expression called "BIMI" What is BIMI? Brand Indicators for Message Identification or BIMI (pronounced: Bih-mee) is an emerging email specification that enables the use of brand-controlled logos within supporting email clients. BIM' leverages the work an organization has put into deploying DMARC protection, by bringing brand logos to the customers inbox. For the brands logo to be displayed. the email must pass DMARC authentication checks. ensuring that the organization's domain has not been impersonated. source: https://bimigroup.org/ The promise of BIMI is, that the Inbox shows your brand logo. It's still an IETF Draft and...

posted @ Thursday, January 20, 2022 3:29 PM | Filed Under [ Exchange ]

Jabra Direct Update (January 2022)

Hi there, Jabra has released the January 2022 Version of theyr Jabra Direct Software (Version 5.11.01302) The details can be found in the release notes https://www.jabraheadsets.ch/support/release-notes/release-note-jabra-direct Regards Andres Bohren

posted @ Wednesday, January 19, 2022 9:50 PM | Filed Under [ UM/Mobile ]

Azure Information Protection Unified Labeling (AIP UL) 2.13.49

Hi everybody I've just seen that a new version of Microsoft Azure Information Protection (AIP UL) Client was released. Apart from a few updates, fixes, and enhancements the new Client will only support x64 Plattform. Azure Information Protection unified labeling client - Version release history and support policy https://docs.microsoft.com/en-us/azure/information-protection/rms-client/unifiedlabelingclient-version-release-history Microsoft Azure Information Protection https://www.microsoft.com/en-us/download/details.aspx?id=53018 Regards Andres Bohren

posted @ Thursday, January 13, 2022 2:35 PM | Filed Under [ Microsoft365 Azure ]

Exchange Security Updates January 2022

Hi Everybody, Instead of the delayed December Exchange Cumulative Updates, we've got Security Updates for Exchange 2013/2016/2019 Released: January 2022 Exchange Server Security Updates https://techcommunity.microsoft.com/t5/exchange-team-blog/released-january-2022-exchange-server-security-updates/ba-p/3050699 In my Blog Post i'm covering the Exchange 2016 CU22 Security update.   Security Update For Exchange Server 2016 CU22 (KB5008631) https://www.microsoft.com/en-us/download/details.aspx?id=103855 Please make shure you run the *.msp in an elevated CMD Regards Andres Bohren

posted @ Wednesday, January 12, 2022 12:11 AM | Filed Under [ Exchange ]

Understand and Remove PASSWD_NOTREQD Flag from userAccountControl

Hallo all, I've already blogged how to read the Active Directory Attribute "userAccountControl" How to read the value of AD Attribute userAccountControl https://blog.icewolf.ch/archive/2011/06/08/how-to-read-the-value-of-ad-attribute-useraccountcontrol.aspx Today i came across some users that had the Property "PASSWD_NOTREQD" (Password not required) set. For a regular user you just can add 512 (NORMAL_ACCOUNT) + 32 (PASSWD_NOTREQD) = 544 With the following Exchange Commandlet you can show the Attribute "userAccountControl", which also translates the value. Get-User -Identity f.fischer | fl userAccountControl You can also get the same with the Active Directory Module Get-ADUser -Identity f.fischer -Properties userAccountControl | fl To show all accounts, which have the Flag "PasswordNotRequired" use the following command. Get-ADUser -Filter {PasswordNotRequired -eq $true}...

posted @ Thursday, January 6, 2022 9:53 PM | Filed Under [ Windows ]

Exchange Y2K22 Bug in Malware Engine

Hallo zusammen, Ich habe am 1. Januar auf Twitter den Link auf das Blog von MVP Jaap Wesselius gesehen. Dort wurde beschrieben, dass Mails auf dem Exchange Server On Prem in der Transport Queue hÀngenbleiben und mal als Workaround das Malware Scanning deaktivieren soll. THE FIP-FS SCAN PROCESS FAILED INITIALISATION. MAIL IS QUEUED ON EXCHANGE SERVERS. https://jaapwesselius.com/2022/01/01/the-fip-fs-scan-process-failed-initialisation-mail-is-queued-on-exchange-servers/ CD $ExScripts .\Disable-AntiMalwareScanning.ps1 Restart-Service MSExchangeTransport Als ich daraufhin das Exchange Team Blog aufgesucht habe, war da noch keine Information zu lesen. Erst spÀter dann wurde folgender Artikel veröffentlicht Email Stuck in Exchange On-premises Transport Queues https://techcommunity.microsoft.com/t5/exchange-team-blog/email-stuck-in-exchange-on-premises-transport-queues/ba-p/3049447 Und dann gab es doch noch eine Meldung im M365 Admin Center Bei mir zeigt der MX Eintrag...

posted @ Thursday, January 6, 2022 9:06 PM |

JahresrĂŒckblick und Blogstatistik 2021

Hallo zusammen, Anfangs des Jahres ist jeweils ein guter Zeitpunkt um auf das alte Jahr zurĂŒckzuschauen. Im 2020 habe ich 278 Blog Artikel geschrieben, also durchschnittlich etwa 23 pro Monat - so viel wie wie noch nie. Insgesamt hatte ich ĂŒber 130'000 Pageviews. Das sind rund etwa 500 pro Tag und ĂŒber 10'000 pro Monat. Die Top 10 der Blogartikel 2021 Create Teams Auto Attendant and Call Queue with Powershell Exchange Hybrid Mailflow und Centralized Mail Transport Install security update 6.7 U3n on vCenter Server Appliance 6.7 (VCSA) ...

posted @ Tuesday, January 4, 2022 7:22 PM | Filed Under [ Web ]

Powered by:
Powered By Subtext Powered By ASP.NET