blog.icewolf.ch

Let's talk about IT!
posts - 2247, comments - 295, trackbacks - 0

My Links

Archives

Post Categories

icewolf

January 2023 Blog Posts

PowerShell Module Microsoft.Online.SharePoint.PowerShell 16.0.23311.12000 released

Hi All, A few hours ago, Microsoft has released the Microsoft.Online.SharePoint.PowerShell 16.0.22615.12000 PowerShell Module Microsoft.Online.SharePoint.PowerShell 16.0.23311.12000 https://www.powershellgallery.com/packages/Microsoft.Online.SharePoint.PowerShell/16.0.23311.12000 Check the installed Version and what is available from the PowerShell Gallery Get-InstalledModule Microsoft.Online.SharePoint.PowerShell Find-Module Microsoft.Online.SharePoint.PowerShell Uninstall the old Version and install the new Version of the Module Uninstall-Module Microsoft.Online.SharePoint.PowerShell Install-Module Microsoft.Online.SharePoint.PowerShell Get-InstalledModule Microsoft.Online.SharePoint.PowerShell List the Commands of the Module Get-Command -Module Microsoft.Online.SharePoint.PowerShell Connect to Sharepoint Online Connect-SPOService -Url https://icewolfch-admin.sharepoint.com Get some Settings Get-SPOTenant | fl Regards Andres Bohren

posted @ Saturday, January 28, 2023 8:37 AM | Filed Under [ PowerShell ]

Exchange Online: Use Test-Message to verify your Transport- and DLP Rules

Hi All, In the Microsoft 365 Message Center https://admin.microsoft.com/#/MessageCenter there is an Announcement about Test-Message where you can test the Transport Rules and DLPRules. FIX: Exchange Transport rule (ETR) or Data Loss Prevention (DLP) rule is not working as expected https://techcommunity.microsoft.com/t5/security-compliance-and-identity/fix-exchange-transport-rule-etr-or-data-loss-prevention-dlp-rule/ba-p/3033869 Test-Message https://learn.microsoft.com/en-us/powershell/module/exchange/test-message?view=exchange-ps Test-Message -Sender m.muster@icewolf.ch -Recipients postmaster@icewolf.ch -SendReportTo a.bohren@icewolf.ch  -TransportRules -UnifiedDLPRules Let's have a look at my Transport Rules Get-TransportRule Now i get two Reports: "Transport Rule Tracing Report" and a "DLP Rules Tracing Report" Regards Andres

posted @ Thursday, January 26, 2023 11:39 AM | Filed Under [ Exchange ]

Analyze AzureAD SignIn Logs with PowerShell

Hi All, I recently had a case where i needed to access the AzureAD Signin Logs with PowerShell. I've started at the Azure AD Signin Logs and filtered by UPN https://aad.portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/SignIns Next step was Graph Explorer where i found the needed Permissions ############################################################################### # Graph Explorer ############################################################################### #Go to https://aka.ms/ge https://graph.microsoft.com/v1.0/auditLogs/signIns https://graph.microsoft.com/v1.0/auditLogs/signIns?&$filter=startsWith(userPrincipalName,'a.bohren@icewolf.ch') Let's connect with these Permissions (they need Admin Consent and i already have that) #Import-Module and Connect to Microsoft Graph Import-Module Microsoft.Graph.Reports Connect-MgGraph -Scope AuditLog.Read.All,Directory.Read.All By default you only get 1000 Rows #Get Signins $Signins  = Get-MgAuditLogSignIn $Signins.Count Let's check the Details of one Record #Show Details of one Record $Signins[0] | fl Do we have SignIns where RiskState is set? #List RiskState $Signins | where {$_.RiskState -ne "none"} By using a Filter...

posted @ Thursday, January 26, 2023 10:51 AM | Filed Under [ Security PowerShell Azure ]

MSIdentityTools PowerShell Module v2.0.36 released

Hi All, Microsoft has released another Version of theyr MSIdentityTools PowerShell Module to the Powershell Gallery. MSIdentityTools 2.0.36 https://www.powershellgallery.com/packages/MSIdentityTools/2.0.36 Check what Version of the Module is installed and what's available in the PowerShell Gallery Get-InstalledModule MSIdentityTools Find-Module MSIdentityTools Uninstall the old version of the PowerShell Module and install the newest one Uninstall-Module MSIdentityTools Install-Module MSIdentityTools Get-InstalledModule MSIdentityTools To see what commands are available use the following command Get-Command -Module MSIdentityTools To get the Signin URL you can use the following Command Get-MsIdAuthorityUri -TenantId icewolfch.onmicrosoft.com To get the OpenIDConnect Configuration you can use this Command Get-MsIdAuthorityUri -TenantId icewolfch.onmicrosoft.com | Get-MsIdOpenIdProviderConfiguration Regards Andres Bohren

posted @ Thursday, January 26, 2023 8:52 AM | Filed Under [ PowerShell ]

Microsoft 365 Whiteboard Admin PowerShell Module 1.10.0

Hi All, Just a few Hours ago, Microsoft has released a new Version of the WhiteboardAdmin PowerShell Module for Microsoft 365. Release Notes: Fixes Get-WhiteboardsForTenant repetitive auth prompt issue. Includes some improvements for help comments and verbose messages WhiteboardAdmin 1.10.0 https://www.powershellgallery.com/packages/WhiteboardAdmin/1.10.0 Let's check what Version is installed and what's available from the PowerShell Gallery Get-InstalledModule WhiteboardAdmin Find-Module WhiteboardAdmin Let's uninstall the old Module and install the current one Uninstall-Module WhiteboardAdmin Install-Module WhiteboardAdmin Get-InstalledModule WhiteboardAdmin List the Commands of the Module Get-Command -Module WhiteboardAdmin Get-WhiteboardSettings Get-WhiteboardsForTenant -Geography [Worldwide/Europe/Australia] Get-Whiteboard -UserId [AzureADObjectID] Regards Andres Bohren

posted @ Wednesday, January 25, 2023 11:49 AM | Filed Under [ Microsoft365 ]

New look for Office on the Web

Hi All, Did you notice, that there is a new Look in Office for the web? The new look of Office https://support.microsoft.com/en-us/office/the-new-look-of-office-a6cdf19a-b2bd-4be1-9515-d74a37aa59bf#ID0EBF=Web It applies to all Office on the Web Applications like PowerPoint, Excel and Word. Regards Andres Bohren

posted @ Tuesday, January 24, 2023 10:53 PM | Filed Under [ Office ]

Migrate MFA and SSPR Authentication Methods

Hi All, In January 2024, the legacy multifactor authentication and self-service password reset policies will be deprecated and you'll manage all authentication methods here in the authentication methods policy. Use this control to manage your migration from the legacy policies to the new unified policy. How to migrate MFA and SSPR policy settings to the Authentication methods policy for Azure AD (preview) https://learn.microsoft.com/en-us/azure/active-directory/authentication/how-to-authentication-methods-manage First review current Policies: MFA policy SSPR policy (if used) Authentication methods policy (if used) Enable "Allow use of Microsoft Authenticator OTP" Let's start the Migration Let's try to finish the Migration Apparently, we need to...

posted @ Tuesday, January 24, 2023 10:40 PM | Filed Under [ Security Microsoft365 ]

OnPrem Exchange Server Update Status visible in M365 Admin Center (Preview)

Hi All, The Exchange Server Update Dashboard in Microsoft 365 Admin Center was announced at MEC 2022 in September 2022. In my Tenant this is now available in Preview. As you can see all my OnPrem Exchange Servers are in a supported state And also the Exchange Server have the latest Cumulative Update and Security Update installed Hope this helps to keep your Hybrid Exchange Infrastructure up to date. Regards Andres Bohren

posted @ Friday, January 20, 2023 2:58 PM |

Exchange Online custom RBAC Role with App Authentication (OAuth2)

Hi All, I've already blogged about Exchange Online PowerShell V2 and Modern Auth with Application in AzureAD (Step-by-step) Azure AD Application Registration Permission: Office 365 Exchange Online > Exchange.ManageAsApp Add AAD App to Azure AD Role "Exchange Administrator" or "Exchange Recipient Administrator" In this Article it's about custom RBAC Roles and Application Authentication Azure AD Application Registration Permission: Office 365 Exchange Online > Exchange.ManageAsApp Create a Exchange Online Service Principal for the Azure AD App ...

posted @ Thursday, January 19, 2023 11:09 PM | Filed Under [ Exchange ]

Git for Windows 2.39.1

Hi All, There exists a Security vulnerability in Git and you should update to Git Version 2.39.1 Git Downloads https://git-scm.com/ Git security vulnerabilities announced https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/ Let's check the GIT Version before the Update git --version Now run the update Let's check the GIT version after the update git --version Regards Andres Bohren

posted @ Wednesday, January 18, 2023 8:06 PM | Filed Under [ Development ]

Azure PowerShell Module Az 9.3.0 released

Hi All, Somehow i missed, that the AZ PowerShell Module 9.3.0 has already been released a Week ago. Az 9.3.0 https://www.powershellgallery.com/packages/AZ/9.3.0 Azure PowerShell release notes https://learn.microsoft.com/en-us/powershell/azure/release-notes-azureps?view=azps-9.3.0 Show Installed AZ Module and what's available in the PowerShell Gallery Get-InstalledModule AZ Find-Module AZ To uninstall all the old Modules and install the new Modules i have written a PowerShell Script that is published at my GitHub Repo. #Run Script directly from GitHub $ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/Azure/Cleanup-AZModules.ps1" Invoke-Expression $($ScriptFromGitHub.Content) The AZ Module is just a Wrapper Module for all AZ* Modules Get-InstalledModule AZ* Regards Andres Bohren

posted @ Tuesday, January 17, 2023 10:49 PM | Filed Under [ PowerShell Azure ]

Reassign Sway from a permanently deleted User

Hi All, There is an update of the PowerShell to reassign from deleted Users. Requirements: You need to be Global Administrator You need the ID of the Sway to Transfer max 30 Days after the user has permanently deleted from Azure Active Directory Reassign Sways from a deleted user account - Admin Help https://support.microsoft.com/en-us/office/reassign-sways-from-a-deleted-user-account-admin-help-9580e618-3c3e-4d28-a6ef-74c00a997248 PowerShell Cmdlet for Reassigning Sways https://www.microsoft.com/en-us/download/details.aspx?id=56145 After you have downloadet the Zip you need to extract it. It contains four folders with DLL's Each DLL must be unblocked first Now you can import those Folders Import-Module C:\temp\SwayRecovery\SwayRecovery\Microsoft.Identity.Client Import-Module C:\temp\SwayRecovery\SwayRecovery\Newtonsoft.Json Import-Module C:\temp\SwayRecovery\SwayRecovery\microsoft.office.story.powershell.protocol Import-Module C:\temp\SwayRecovery\SwayRecovery\microsoft.office.story.powershell.changeownerclient List the Commands Get-Command -Module ...

posted @ Sunday, January 15, 2023 11:03 AM | Filed Under [ Microsoft365 ]

Microsoft.Graph PowerShell Module 1.20.0 released

Hi All, Just a few Days ago, Microsoft has released Microsoft.Graph PowerShell Module 1.20.0. Microsoft.Graph 1.20.0 https://www.powershellgallery.com/packages/Microsoft.Graph/1.20.0 Release Notes https://github.com/microsoftgraph/msgraph-sdk-powershell/releases Let's check the installed Version and what's available on the PowerShell Gallery Get-InstalledModule Microsoft.Graph Find-Module Microsoft.Graph To install the newest Version of the PowerShell Modules and also uninstalling the old Versions, you can use my GitHub Script. It takes a while until all Modules are installed. Wait until "Cleanup finished" is shown. #Run Script directly from GitHub $ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/Cleanup-GraphModules.ps1" Invoke-Expression $($ScriptFromGitHub.Content) To list the Modules you can use the following Command Get-Module Microsoft.Graph* -ListAvailable Regards Andres Bohren

posted @ Saturday, January 14, 2023 3:02 PM | Filed Under [ PowerShell ]

MSIdentityTools PowerShell Module v2.0.33 released

Hi All, Microsoft has released another Version of theyr MSIdentityTools PowerShell Module to the Powershell Gallery. MSIdentityTools 2.0.33 https://www.powershellgallery.com/packages/MSIdentityTools/2.0.33 Check what Version of the Module is installed and what's available in the PowerShell Gallery Get-InstalledModule MSIdentityTools Find-Module MSIdentityTools Uninstall the old version of the PowerShell Module and install the newest one Uninstall-Module MSIdentityTools Install-Module MSIdentityTools Get-InstalledModule MSIdentityTools To see what commands are available use the following command Get-Command -Module MSIdentityTools Regards Andres Bohren

posted @ Saturday, January 14, 2023 12:23 PM | Filed Under [ PowerShell ]

OnePlus 9 OxygenOS 13 and Android security patch 2022.11

Hi All, Yesterday i have received an update for my OnePlu 9 Android Smartphone. In includes an Upgrade from Android 12 to Android 13 and the Android 2022.11 Security Updates. OxygenOS 13 MP2 for the OnePlus 9/9 Pro https://community.oneplus.com/thread/1206823468113854467 After the Installation and Reboot it looks like this Regards Andres Bohren

posted @ Thursday, January 12, 2023 9:59 PM | Filed Under [ UM/Mobile ]

Exchange Online legacy TLS Endpoints for POP3 IMAP and SMTP

Hi All, New opt-in endpoint for POP3/IMAP4 clients that need legacy TLS https://techcommunity.microsoft.com/t5/exchange-team-blog/new-opt-in-endpoint-for-pop3-imap4-clients-that-need-legacy-tls/ba-p/3710395 Exchange Online ended support for TLS1.0 and TLS1.1 in October 2020. This year, we plan to disable these older TLS versions for POP3/IMAP4 clients to secure our customers and meet compliance requirements. However, we know that there is still significant usage of POP3/IMAP4 clients that don’t support TLS 1.2, so we’ve created an opt-in endpoint for these clients so they can use TLS1.0 and TLS1.1. This way, an organization is secured with TLS1.2 unless...

posted @ Tuesday, January 10, 2023 10:56 PM | Filed Under [ Security Exchange ]

January 2023 Exchange Server Security Updates

Hi All, Just a few hours Ago the January 2023 Exchange Server Security Updates have been released. Released: January 2023 Exchange Server Security Updates https://techcommunity.microsoft.com/t5/exchange-team-blog/released-january-2023-exchange-server-security-updates/ba-p/3711808 In my case i have downloaded the Security Update 5 for Exchange 2016 CU23 Security Update For Exchange Server 2016 CU23 SU5 (KB5022143) https://www.microsoft.com/en-us/download/details.aspx?id=104914 Then run the Security Update When you run the HealthChecker and it has found an update close and reopen Exchange Management Shell after the update. Exchange HealthChecker https://microsoft.github.io/CSS-Exchange/Diagnostics/HealthChecker/ .\HealthChecker.ps1 As you can see the "SerializedDataSigning" is not enabled Let's run the MonitorExchangeAuthCertificate - basically just checks if the Certificate is still valid or needs to be renewed. I've blogged how to do that. Renew Microsoft Exchange...

posted @ Tuesday, January 10, 2023 10:31 PM | Filed Under [ Exchange ]

ExchangeOnlineManagement 3.1.0 released as GA

Hi All, Just a few hours ago, Microsoft has released the ExchangeOnlineManagement PowerShell Module 3.1.0 as GA. ExchangeOnlineManagement 3.1.0 https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.1.0 What is new in this release: v3.1.0 :    1.  Support for providing an Access Token with Connect-ExchangeOnline.    2.  Bug fixes in Connect-ExchangeOnline and Get-ConnectionInformation.    3.  Bug fix in Connect-IPPSSession for connecting to Security and Compliance PowerShell using Certificate Thumbprint. Check what Version is installed and what's available from the PowerShell Gallery Get-InstalledModule ExchangeOnlineManagement Find-Module ExchangeOnlineManagement Uninstall the old Module and install the GA Module Uninstall-Module ExchangeOnlineManagement -Force Install-Module ExchangeOnlineManagement Get-InstalledModule ExchangeOnlineManagement Let's test it Connect-ExchangeOnline Get-ConnetionInformation Get-Mailbox -Identity <Mailbox> Works so far. I will use now this Version in my Daily work and we will see how...

posted @ Tuesday, January 10, 2023 8:05 AM | Filed Under [ Exchange PowerShell ]

PowerToys v0.66.0 released

Hi All, Just a few days ago, Microsoft has released the Version v0.66.0 of theyr PowerToys. As always, there are a plenty of news. PowerToys Release v0.66.0 https://github.com/microsoft/PowerToys/releases/ Highlights PowerToy utilities now ship with self-contained .NET 7, meaning it's not necessary to install .NET as part of the installer and it's easier to keep up to date. It's possible to pick which of the installed OCR languages is used by Text Extractor by selecting it in the right-click context menu. Added a setting to sort the order of the accented characters by usage frequency in...

posted @ Monday, January 9, 2023 12:30 PM | Filed Under [ Windows ]

Exchange Online Role Based Access Control (RBAC) for Applications

Hi All On December 01 Microsoft has announced in the Exchange Team Blog that they Support Role Based Access Control (RBAC) for Applications in Exchange Online. The most important Takeaways are: The Preview is now available to all customers in our worldwide multi-tenant environment, and we expect to reach general availability in H1 2023 This feature extends our current RBAC model and will replace the current Application Access Policy feature. Service Principals representing apps must be manually created in Exchange Online during the Preview, but this process will be...

posted @ Thursday, January 5, 2023 11:29 PM | Filed Under [ Exchange ]

DNS Certification Authority Authorization (CAA)

Hi All, Do you know the Certification Authority Authorization (CAA) DNS Records? With these Records you can control what CA can issue Certificates for your domain. DNS Certification Authority Authorization https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization CAA implementation mandatory for all certificate authorities by September 2017. RFC 8659 DNS Certification Authority Authorization (CAA) Resource Record https://www.rfc-editor.org/rfc/rfc8659 That Record means no CA is allowed to issue Certificates and Wildcard Certifcates for that Domain domain.tld.  IN  CAA  0 issue ";" domain.tld.  IN  CAA  0 issuewild ";" Only the specified CA can Issue Certificates and Wildcard Certifcates for that Domain domain.tld.  IN  CAA 0 issue "ca.domain.tld" domain.tld.  IN  CAA 0 issuewild "ca.domain.tld" To indicate that certificate authorities should report invalid certificate...

posted @ Wednesday, January 4, 2023 11:33 PM | Filed Under [ Security PowerShell ]

The year in review and Blogstatistic 2022

Hi All, Happy new Year to everybody! Thank's for reading my Blog and following me on Twitter and Linkedin. It's always good to review the past Year. In 2022 i did write 285 Blog Articles, that results in average 24 per Month. That's one more than last year and the highest ever archieved since i started this Blog back in 2007. In total i had over 120'000 Pageviews Over 100'000 Unique User from around the World Top 15 Blog Articles in 2022 ...

posted @ Sunday, January 1, 2023 11:52 AM | Filed Under [ Web ]

Powered by:
Powered By Subtext Powered By ASP.NET