November 2022 Blog Posts
Hi All,
Back in April 2022 Microsoft has anounced in theyr Exchange Team Blog, that they will change the Name Attribute of the Objects to the ExternalDirectoryObjectId (EDOID).
After some Feedback from Customers and the Community they stopped the Rollout for Reflection as you can read on the Blog post of Tony Redmond.
Exchange Online Plans Changes to Make Mailbox Identification More Effective
https://office365itpros.com/2022/04/21/exchange-online-distinguished-names/
Change in naming convention of user’s Name parameter
https://techcommunity.microsoft.com/t5/exchange-team-blog/change-in-naming-convention-of-user-s-name-parameter/ba-p/3284733/page/2#comments
Some of the Comments indicate that the since 1. November the Rollout has started again - even the Banner of the Article says it's stopped until 23. January 2023.
I've created a new Mailenabled...
Hi All,
Just a few Hours ago, a new Version of MSIdentity Tools has been released.
MSIdentityTools 2.0.26
https://www.powershellgallery.com/packages/MSIdentityTools/2.0.26
Uninstall the old version of the PowerShell Module and install the newest one
Get-InstalledModule MSIdentityTools
Find-Module MSIdentityTools
Uninstall-Module MSIdentityTools
Install-Module MSIdentityTools
Get-InstalledModule MSIdentityTools
To see what commands are available use the following command
Get-Command -Module MSIdentityTools
Regards
Andres Bohren
Hi All,
A few weeks ago, Microsoft has released a new Version of Microsoft Azure Active Directory Connect.
Azure AD Connect: Version release history
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history
Microsoft Azure Active Directory Connect 2.1.20.0
https://www.microsoft.com/en-us/download/details.aspx?id=47594
On the M365 Admin Center in the Health > Directory Sync Status you can find the new Version Number
https://admin.microsoft.com/#/dirsyncmanagement
Regards
Andres Bohren
Hi All,
In Microsoft Teams the Holidays have always been a bit Tricky.
You can create Holidays direct in Teams Admin Center under Voice > Holidays or during the Creation or Modification of a Autoattendant.
The Problem is that you create the Holidays and these are mostly set up to a specific Year. Next year you have to redo the Holidays and go through all Autoattendants to see if they are still linked.
I'll show you how to create and update the Microsoft Teams Holidays for Switzerland and keep them up do date.
I had considered diffrent approaches:
Create Holidays for each...
Hi All,
Some hours ago, Microsoft has released a new Version of the Microsoft.Online.SharePoint.PowerShell Module to the PowerShell Gallery.
Microsoft.Online.SharePoint.PowerShell 16.0.23109.12000
https://www.powershellgallery.com/packages/Microsoft.Online.SharePoint.PowerShell/16.0.23109.12000
Check what Module Version is installed and what's available from the PowerShell Gallery
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Find-Module Microsoft.Online.SharePoint.PowerShell
Uninstall the old Module and install the new Version
Uninstall-Module Microsoft.Online.SharePoint.PowerShell
Install-Module Microsoft.Online.SharePoint.PowerShell
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Regards
Andres Bohren
Hi All,
Since a few Days there is a new Setting in Azure AD User Settings "Tenant creation"
https://aad.portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/UserSettings
Per default this setting is set to "Yes". Means that a user with can create a new Azure AD Tenant.
"No" means that only users with "Global Administrator" or "Tenant Creator" Admin Role can create Azure AD Tenants.
I can't think much of a Szenario where this should be enabled. So setting this to "No" is a secure configuration.
You can have a look ath the Authorization Policy with the Graph Explorer
https://developer.microsoft.com/en-us/graph/graph-explorer
GET https://graph.microsoft.com/beta/policies/authorizationPolicy
You can view and change the Setting with PowerShell.
Connect-MgGraph -Scopes Policy.Read.All, Policy.ReadWrite.Authorization
Select-MgProfile -Name "beta"
Get-MgPolicyAuthorizationPolicy |...
Hi All,
In this Blog Post i explain how to Create and Depoly a PowerShell 7 Runbook for Azure Automation with the AZ PowerShell Module.
#Connect to Azure
Connect-AzAccount
#Get Automation Account
Get-AzAutomationAccount
I have two Azure Automation Accounts. In this Example, we use the second one.
###############################################################################
# Create Runbook
###############################################################################
$accountName = "icewolfautomation"
$rgName = "RG_DEV"
$location = "West Europe"
$RunbookName = "DemoPS7"
$scriptContent = @'
#Connect to Exchange with Managed Identity
$tenant = "icewolfch.onmicrosoft.com"
Connect-ExchangeOnline -ManagedIdentity -Organization $tenant
#Get Accepted Domain
Get-AcceptedDomain | Format-Table DomainName, DomainType
#Disconnect Exchange Online
Disconnect-ExchangeOnline -Confirm:$False
'@
Invoke-AzRestMethod -Method "PUT" -ResourceGroupName $rgName -ResourceProviderName "Microsoft.Automation" `
-ResourceType "automationAccounts" -Name "${AccountName}/runbooks/${RunbookName}" -ApiVersion "2017-05-15-preview" `
-Payload "{`"properties`":{`"runbookType`":`"PowerShell7`", `"logProgress`":false, `"logVerbose`":false, `"draft`":{}}, `"location`":`"${Location}`"}"
Invoke-AzRestMethod...
Hi All,
As you might already know, i am a big Fan of Azure Automation.
Recently i have used "Managed Identity with Exchange Online on Azure Automation".
Yesterday there was a Release of "Microsoft.Graph PowerShell Module 1.17.0" and the Question of how to update the PowerShell Modules on Azure Automate arises once again.
Basically i've covered that already in a Blog Post earlyer this Year "Update Modules on Azure Automation with AZ PowerShell".
But i think i have improved the Script a little bit. And finally i explain how to Manage the PowerShell 7 Modules on Azure Automate.
#Connect to Azure
Connect-AzAccount
#Get Automation Account
Get-AzAutomationAccount
#Get Modules
$accountName =...
Hi All,
Microsoft has released the AZ 9.1.1 PowerShell Module to the PowerShell Gallery just a few Hours ago.
Az 9.1.1
https://www.powershellgallery.com/packages/az/9.1.1
Show Installed AZ Module and what's available in the PowerShell Gallery
Get-InstalledModule AZ -AllVersions
Find-Module AZ
To uninstall all the old Modules and install the new Modules i have written a PowerShell Script that is published at my GitHub Repo.
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/Azure/Cleanup-AZModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
The AZ Module is just a Wrapper Module for all AZ* Modules
Get-Installed Module AZ*
Regards
Andres Bohren
Hi All,
A few hours ago, Microsoft has released a new Version of the Microsoft.Graph PowerShell Module.
Apparently it covers the latest API version and Help as well as some minor fixes.
Microsoft.Graph 1.17.0
https://www.powershellgallery.com/packages/Microsoft.Graph/1.17.0
1.17.0 Release Notes
https://github.com/microsoftgraph/msgraph-sdk-powershell/releases
Let's check the installed Version and what's available on the PowerShell Gallery
Get-InstalledModule Microsoft.Graph
Find-Module Microsoft.Graph
To install the newest Version of the PowerShell Modules and also uninstalling the old Versions, you can use my GitHub Script. It takes a while until all Modules are installed. Wait until "Cleanup finished" is shown.
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/Cleanup-GraphModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
To list the Modules you can use the following Command
Get-Module Microsoft.Graph* -ListAvailable
Let's check...
Hi All,
Basic Authentication has been mostly disabled. And Attackers now search for new ways to compromise M365 Accounts.
If you use Microsoft Authenticator Push Notifications - good for you. There is a thing called "MFA Fatique" that Attackers use to gain access. They send so many Push Requests until a user is annoyed and clicks on "Approve".
As anounced in the Article below, the MFA Number Matching will be enabled for all M365 Tenants starting end of February 2023. This will prevent these Attacks as the User needs to know the Number from the Request to Approve the MFA Signin.
Defend your users...
Hi All,
I have already blogged about the Exchange 2019 Recipient Managemen PowerShell that can Manage Echange Objects without an Exchange Server running.
Install and use Exchange 2019 CU12 Recipient Management PowerShell
https://blog.icewolf.ch/archive/2022/04/27/install-and-use-exchange-2019-cu12-recipient-management-powershell.aspx
For Identity and Access Management Systems (IAM) provisioning, management and deprovisioning based in the past on crating a Remote PowerShell to Exchange Server. How do you Address this with the new Recipient Management?
In Fact there are two Solutions:
You install the Recipient Management PSSnapIn on the IAM Server (Management Tools)
You create a Remote PowerShell to a Server that has the...
Hi All,
Today Microsoft has released a new Version of the MicrosoftTeams PowerShell Module to the PowerShell Gallery.
MicrosoftTeams 4.9.1
https://www.powershellgallery.com/packages/MicrosoftTeams/4.9.1
Check installed Module and what's available in the PowerShell Gallery
Get-InstalledModule MicrosoftTeams -AllVersions
Find-Module MicrosoftTeams
Uninstall the old Module and install the newest Module
Uninstall-Module MicrosoftTeams
Uninstall-Module MicrosoftTeams
Install-Module MicrosoftTeams
Testing
Connect-MicrosoftTeams
Get-Team
Get-CsOnlineUser -Identity a.bohren@icewolf.ch | fl *Ent*,*host*,*voice*, *line*
Regards
Andres Bohren
Hi All,
Today Microsoft has released the ExchangeOnlineManagement-Preview1 PowerShell Module.
ExchangeOnlineManagement 3.0.1-Preview1
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.0.1-Preview1
Whats new in this release:
v3.0.1-Preview1 :
1. Bug fixes in Connect-ExchangeOnline.
2. Bug fix in Connect-IPPSSession for connecting to Security and Compliance PowerShell using Certificate Thumbprint.
3. Mitigation for the known vulnerability in Newtonsoft.Json library. More details here: https://github.com/advisories/GHSA-5crp-9r3c-p9vr
Check what Version is installed and what's available from the PowerShell Gallery
Get-InstalledModule ExchangeOnlineManagement
Find-Module ExchangeOnlineManagement -AllowPrerelease
Uninstall the old Module and install the Preview Module
Uninstall-Module ExchangeOnlineManagement -Force
Install-Module ExchangeOnlineManagement -AllowPrerelease
Get-InstalledModule ExchangeOnlineManagement
Testing
Connect-ExchangeOnline
Get-Mailbox -Identity <Mailbox>
Here is the Code to Connect with a Certificate on the Local Cert Store.
What Permissions are needed can be found in the following Blog...
Hi All,
With the ExchangeOnlineManagement PowerShell Module 3.0.0, Microsoft has providet the Ability to use Managed Identity in Azure. Time to test that on my own.
ExchangeOnlineManagement 3.0.0
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.0.0
v3.0.0 :
1. General Availability of REST-backed cmdlets for Exchange Online which do not require WinRM Basic Authentication to be enabled.
2. General Availability of Certificate Based Authentication for Security and Compliance PowerShell cmdlets.
3. Support for System-Assigned and User-Assigned ManagedIdentities to connect to ExchangeOnline from Azure VMs, Azure Virtual Machine Scale Sets and Azure Functions.
I will use an Azure Automation Account. As i have already used that for Automation with Exchange. That Time with...
Hi All,
Over a Year ago i released my first PowerShell Module in the PowerShell Gallery Icewolf.EXO.SpamAnalyze. Now it was time for an Update.
Icewolf.EXO.SpamAnalyze 2.0.8
https://www.powershellgallery.com/packages/Icewolf.EXO.SpamAnalyze/2.0.8
Whats new in this release:
V2.0.8
- Requires now ExchangeOnlineManagement 3.0.0
- Addet TenantAllowBlockList checks
Check installed Version and what's available in the PowerShell Gallery
Get-InstalledModule Icewolf.EXO.Spamanalyze
Find-Module Icewolf.EXO.Spamanalyze
Uninstall the old Module and install the current one
Uninstall-Module Icewolf.EXO.Spamanalyze
Install-Module Icewolf.EXO.Spamanalyze
Get-InstalledModule Icewolf.EXO.Spamanalyze
There is only one Command you can use
Invoke-SpamAnalyze -SenderAddress andres.bohren@gmail.com -RecipientAddress a.bohren@icewolf.ch
And here is the complete Output
Here are the commands from the TenantAllowBlock List that have been addet
Get-TenantAllowBlockListItems -ListType Sender -Allow -Entry $SenderAddress
Get-TenantAllowBlockListItems -ListType Sender -Block -Entry $SenderAddress
Get-TenantAllowBlockListItems -ListType Sender -Allow -Entry $SenderDomain
Get-TenantAllowBlockListItems -ListType...
Hi All,
A few hours ago, Microsoft has released a new Version of the Microsoft.Graph PowerShell Module.
Apparently it covers the latest API version and a minor fix.
Microsoft.Graph 1.16.0
https://www.powershellgallery.com/packages/Microsoft.Graph/1.16.0
1.16.0 Release Notes
https://github.com/microsoftgraph/msgraph-sdk-powershell/releases
Let's check the installed Version and what's available on the PowerShell Gallery
Get-InstalledModule Microsoft.Graph
Find-Module Microsoft.Graph
To install the newest Version of the PowerShell Modules and also uninstalling the old Versions, you can use my GitHub Script. It takes a while until all Modules are installed. Wait until "Cleanup finished" is shown.
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/Cleanup-GraphModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
To list the Modules you can use the following Command
Get-Module Microsoft.Graph* -ListAvailable
Let's check how many Commandlets are...
Hi All,
A few Hours ago, a new Version of the PnP.PowerShell Module has been released.
PnP.PowerShell 1.12.0
https://www.powershellgallery.com/packages/pnp.powerShell/1.12.0
PnP.PowerShell Changelog
https://github.com/pnp/powershell/blob/dev/CHANGELOG.md
To check what version is installed and what's available from the PowerShell Gallery use the following Commands
Get-InstalledModule PnP.PowerShell
Find-Module PnP.PowerShell
Uninstall the old version of the PowerShell Module and install the new one
Uninstall-Module PnP.PowerShell
Install-Module PnP.PowerShell
Get-InstalledModule PnP.PowerShell
Now you can use the PowerShell Module.
Some example code below.
Connect-PnPOnline -Url "https://icewolfch.sharepoint.com/sites/DemoTemplate/" -Interactive
Get-PnPContext
Get-PnPFolder -Url "Freigegebene Dokumente/Project/Script"
Get-PnPFileVersion -Url "Freigegebene Dokumente/Project/Script/AADUsers.csv"
Regards
Andres Bohren
Hi All,
Yesterday Microsoft has released PowerShell 7.3.0
v7.3.0 Release of PowerShell
https://github.com/PowerShell/PowerShell/releases/tag/v7.3.0
What's New in PowerShell 7.3
https://learn.microsoft.com/en-us/powershell/scripting/whats-new/what-s-new-in-powershell-73?view=powershell-7.3
Regards
Andres Bohren
Hi All,
Yesterday on the Patch Thuesday, Microsoft has released Security Updates for Exchange 2013/2016/2019.
The November 2022 SUs contain fixes for the zero-day vulnerabilities reported publicly on September 29, 2022 (CVE-2022-41040 and CVE-2022-41082).
Released: November 2022 Exchange Server Security Updates
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-november-2022-exchange-server-security-updates/ba-p/3669045
Security Update For Exchange Server 2016 CU23 (KB5019758)
https://www.microsoft.com/en-us/download/details.aspx?id=104727
After the Reboot i've checked the Mitigations. The Mitigation is still active.
."C:\Program Files\Microsoft\Exchange Server\V15\scripts\Get-Mitigations.ps1"
It's best practices to run the HealthChecker Script after the Installation of a CU or Security Update
https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/
As i have installed it already, i just run it to update. The Message is a bit wrong. You can't just rerun the command, you have to...
HI All,
Microsoft has released another Version of theyr MSIdentityTools PowerShell Module to the Powershell Gallery.
MSIdentityTools 2.0.23
https://www.powershellgallery.com/packages/MSIdentityTools/2.0.23
Uninstall the old version of the PowerShell Module and install the newest one
Get-InstalledModule MSIdentityTools
Find-Module MSIdentityTools
Uninstall-Module MSIdentityTools
Install-Module MSIdentityTools
Get-InstalledModule MSIdentityTools
To see what commands are available use the following command
Get-Command -Module MSIdentityTools
Regards
Andres Bohren
Hi All,
A few days ago, Microsoft has released the Version v0.64.0 of the PowerToys.
PowerToys Release v0.64.0
https://github.com/microsoft/PowerToys/releases/
One new Tool is the "File Locksmith" that can tell you what Process is using a File and can kill that Process.
And it contains now an Editor for the Hosts File
Regards
Andres Bohren
Hi All,
A few days ago, Microsoft has released a new Version of Microsoft Azure Active Directory Connect.
Azure AD Connect: Version release history
https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history
There are two new Attributes, but only one is currently supported by AADConnect.
How to synchronize attributes for Lifecycle workflows
https://learn.microsoft.com/en-us/azure/active-directory/governance/how-to-lifecycle-workflow-sync-attributes
Microsoft Azure Active Directory Connect 2.1.19.0
https://www.microsoft.com/en-us/download/details.aspx?id=47594
On the M365 Admin Center in the Health > Directory Sync Status you can find the new Version Number
https://admin.microsoft.com/#/dirsyncmanagement
Regards
Andres Bohren
Hi All,
A few hours ago, Microsoft has released a new Version of the Microsoft.Graph PowerShell Module.
Apparently it covers the latest API version and a minor fix.
Microsoft.Graph 1.15.0
https://www.powershellgallery.com/packages/Microsoft.Graph/1.15.0
1.15.0 Release Notes
https://github.com/microsoftgraph/msgraph-sdk-powershell/releases
Let's check the installed Version and what's available on the PowerShell Gallery
Get-InstalledModule Microsoft.Graph
Find-Module Microsoft.Graph
To install the newest Version of the PowerShell Modules and also uninstalling the old Versions, you can use my GitHub Script. It takes a while until all Modules are installed. Wait until "Cleanup finished" is shown.
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/Cleanup-GraphModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
To list the Modules you can use the following Command
Get-Module Microsoft.Graph* -ListAvailable
Let's check how many Commandlets are...
Hi All,
Some days ago, Microsoft has released a new Version of the Microsoft.Online.SharePoint.PowerShell Module to the PowerShell Gallery.
Microsoft.Online.SharePoint.PowerShell 16.0.23019.12000
https://www.powershellgallery.com/packages/Microsoft.Online.SharePoint.PowerShell/16.0.23019.12000
Check what Module Version is installed and what's available from the PowerShell Gallery
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Find-Module Microsoft.Online.SharePoint.PowerShell
Uninstall the old Module and install the new Version
Uninstall-Module Microsoft.Online.SharePoint.PowerShell
Install-Module Microsoft.Online.SharePoint.PowerShell
Get-InstalledModule Microsoft.Online.SharePoint.PowerShell
Regards
Andres Bohren
Hi All,
Microsoft has released the AZ 9.1.0 PowerShell Module to the PowerShell Gallery this Morning.
Az 9.1.0
https://www.powershellgallery.com/packages/AZ/9.1.0
Show Installed AZ Module and what's available in the PowerShell Gallery
Get-InstalledModule AZ -AllVersions
Find-Module AZ
To uninstall all the old Modules and install the new Modules i have written a PowerShell Script that is published at my GitHub Repo.
#Run Script directly from GitHub
$ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/Azure/Cleanup-AZModules.ps1"
Invoke-Expression $($ScriptFromGitHub.Content)
The AZ Module is just a Wrapper Module for all AZ* Modules
Get-InstalledModule AZ*
Regards
Andres Bohren
Hi All,
Just a few Hours ago, Microsoft has released the MicrosoftTeams PowerShell Module 4.9.0 to the PowerShell Gallery.
MicrosoftTeams 4.9.0
https://www.powershellgallery.com/packages/MicrosoftTeams/4.9.0
Microsoft Teams PowerShell Release Notes
https://learn.microsoft.com/en-us/MicrosoftTeams/teams-powershell-release-notes
Check installed Module and what's available in the PowerShell Gallery
Get-InstalledModule MicrosoftTeams -AllVersions
Find-Module MicrosoftTeams
As i have two Modules installed i have to uninstall both and then install the current Version of the MicrosoftTeams PowerShell Module
Uninstall-Module MicrosoftTeams
Uninstall-Module MicrosoftTeams
Install-Module MicrosoftTeams
Testing
Connect-MicrosoftTeams
Get-Team
Get-CsOnlineUser -Identity a.bohren@icewolf.ch | fl *Ent*,*host*,*voice*, *line*
Regards
Andres