blog.icewolf.ch

Let's talk about IT!
posts - 2247, comments - 295, trackbacks - 0

My Links

Archives

Post Categories

icewolf

PowerShell

Scripting - the new way
PowerShell Module Microsoft.Online.SharePoint.PowerShell 16.0.23311.12000 released

Hi All, A few hours ago, Microsoft has released the Microsoft.Online.SharePoint.PowerShell 16.0.22615.12000 PowerShell Module Microsoft.Online.SharePoint.PowerShell 16.0.23311.12000 https://www.powershellgallery.com/packages/Microsoft.Online.SharePoint.PowerShell/16.0.23311.12000 Check the installed Version and what is available from the PowerShell Gallery Get-InstalledModule Microsoft.Online.SharePoint.PowerShell Find-Module Microsoft.Online.SharePoint.PowerShell Uninstall the old Version and install the new Version of the Module Uninstall-Module Microsoft.Online.SharePoint.PowerShell Install-Module Microsoft.Online.SharePoint.PowerShell Get-InstalledModule Microsoft.Online.SharePoint.PowerShell List the Commands of the Module Get-Command -Module Microsoft.Online.SharePoint.PowerShell Connect to Sharepoint Online Connect-SPOService -Url https://icewolfch-admin.sharepoint.com Get some Settings Get-SPOTenant | fl Regards Andres Bohren

posted @ Saturday, January 28, 2023 8:37 AM | Filed Under [ PowerShell ]

Analyze AzureAD SignIn Logs with PowerShell

Hi All, I recently had a case where i needed to access the AzureAD Signin Logs with PowerShell. I've started at the Azure AD Signin Logs and filtered by UPN https://aad.portal.azure.com/#view/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/~/SignIns Next step was Graph Explorer where i found the needed Permissions ############################################################################### # Graph Explorer ############################################################################### #Go to https://aka.ms/ge https://graph.microsoft.com/v1.0/auditLogs/signIns https://graph.microsoft.com/v1.0/auditLogs/signIns?&$filter=startsWith(userPrincipalName,'a.bohren@icewolf.ch') Let's connect with these Permissions (they need Admin Consent and i already have that) #Import-Module and Connect to Microsoft Graph Import-Module Microsoft.Graph.Reports Connect-MgGraph -Scope AuditLog.Read.All,Directory.Read.All By default you only get 1000 Rows #Get Signins $Signins  = Get-MgAuditLogSignIn $Signins.Count Let's check the Details of one Record #Show Details of one Record $Signins[0] | fl Do we have SignIns where RiskState is set? #List RiskState $Signins | where {$_.RiskState -ne "none"} By using a Filter...

posted @ Thursday, January 26, 2023 10:51 AM | Filed Under [ Security PowerShell Azure ]

MSIdentityTools PowerShell Module v2.0.36 released

Hi All, Microsoft has released another Version of theyr MSIdentityTools PowerShell Module to the Powershell Gallery. MSIdentityTools 2.0.36 https://www.powershellgallery.com/packages/MSIdentityTools/2.0.36 Check what Version of the Module is installed and what's available in the PowerShell Gallery Get-InstalledModule MSIdentityTools Find-Module MSIdentityTools Uninstall the old version of the PowerShell Module and install the newest one Uninstall-Module MSIdentityTools Install-Module MSIdentityTools Get-InstalledModule MSIdentityTools To see what commands are available use the following command Get-Command -Module MSIdentityTools To get the Signin URL you can use the following Command Get-MsIdAuthorityUri -TenantId icewolfch.onmicrosoft.com To get the OpenIDConnect Configuration you can use this Command Get-MsIdAuthorityUri -TenantId icewolfch.onmicrosoft.com | Get-MsIdOpenIdProviderConfiguration Regards Andres Bohren

posted @ Thursday, January 26, 2023 8:52 AM | Filed Under [ PowerShell ]

Azure PowerShell Module Az 9.3.0 released

Hi All, Somehow i missed, that the AZ PowerShell Module 9.3.0 has already been released a Week ago. Az 9.3.0 https://www.powershellgallery.com/packages/AZ/9.3.0 Azure PowerShell release notes https://learn.microsoft.com/en-us/powershell/azure/release-notes-azureps?view=azps-9.3.0 Show Installed AZ Module and what's available in the PowerShell Gallery Get-InstalledModule AZ Find-Module AZ To uninstall all the old Modules and install the new Modules i have written a PowerShell Script that is published at my GitHub Repo. #Run Script directly from GitHub $ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/Azure/Cleanup-AZModules.ps1" Invoke-Expression $($ScriptFromGitHub.Content) The AZ Module is just a Wrapper Module for all AZ* Modules Get-InstalledModule AZ* Regards Andres Bohren

posted @ Tuesday, January 17, 2023 10:49 PM | Filed Under [ PowerShell Azure ]

Microsoft.Graph PowerShell Module 1.20.0 released

Hi All, Just a few Days ago, Microsoft has released Microsoft.Graph PowerShell Module 1.20.0. Microsoft.Graph 1.20.0 https://www.powershellgallery.com/packages/Microsoft.Graph/1.20.0 Release Notes https://github.com/microsoftgraph/msgraph-sdk-powershell/releases Let's check the installed Version and what's available on the PowerShell Gallery Get-InstalledModule Microsoft.Graph Find-Module Microsoft.Graph To install the newest Version of the PowerShell Modules and also uninstalling the old Versions, you can use my GitHub Script. It takes a while until all Modules are installed. Wait until "Cleanup finished" is shown. #Run Script directly from GitHub $ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/ExchangeOnline/GraphAPI/Cleanup-GraphModules.ps1" Invoke-Expression $($ScriptFromGitHub.Content) To list the Modules you can use the following Command Get-Module Microsoft.Graph* -ListAvailable Regards Andres Bohren

posted @ Saturday, January 14, 2023 3:02 PM | Filed Under [ PowerShell ]

MSIdentityTools PowerShell Module v2.0.33 released

Hi All, Microsoft has released another Version of theyr MSIdentityTools PowerShell Module to the Powershell Gallery. MSIdentityTools 2.0.33 https://www.powershellgallery.com/packages/MSIdentityTools/2.0.33 Check what Version of the Module is installed and what's available in the PowerShell Gallery Get-InstalledModule MSIdentityTools Find-Module MSIdentityTools Uninstall the old version of the PowerShell Module and install the newest one Uninstall-Module MSIdentityTools Install-Module MSIdentityTools Get-InstalledModule MSIdentityTools To see what commands are available use the following command Get-Command -Module MSIdentityTools Regards Andres Bohren

posted @ Saturday, January 14, 2023 12:23 PM | Filed Under [ PowerShell ]

ExchangeOnlineManagement 3.1.0 released as GA

Hi All, Just a few hours ago, Microsoft has released the ExchangeOnlineManagement PowerShell Module 3.1.0 as GA. ExchangeOnlineManagement 3.1.0 https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.1.0 What is new in this release: v3.1.0 :    1.  Support for providing an Access Token with Connect-ExchangeOnline.    2.  Bug fixes in Connect-ExchangeOnline and Get-ConnectionInformation.    3.  Bug fix in Connect-IPPSSession for connecting to Security and Compliance PowerShell using Certificate Thumbprint. Check what Version is installed and what's available from the PowerShell Gallery Get-InstalledModule ExchangeOnlineManagement Find-Module ExchangeOnlineManagement Uninstall the old Module and install the GA Module Uninstall-Module ExchangeOnlineManagement -Force Install-Module ExchangeOnlineManagement Get-InstalledModule ExchangeOnlineManagement Let's test it Connect-ExchangeOnline Get-ConnetionInformation Get-Mailbox -Identity <Mailbox> Works so far. I will use now this Version in my Daily work and we will see how...

posted @ Tuesday, January 10, 2023 8:05 AM | Filed Under [ Exchange PowerShell ]

DNS Certification Authority Authorization (CAA)

Hi All, Do you know the Certification Authority Authorization (CAA) DNS Records? With these Records you can control what CA can issue Certificates for your domain. DNS Certification Authority Authorization https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization CAA implementation mandatory for all certificate authorities by September 2017. RFC 8659 DNS Certification Authority Authorization (CAA) Resource Record https://www.rfc-editor.org/rfc/rfc8659 That Record means no CA is allowed to issue Certificates and Wildcard Certifcates for that Domain domain.tld.  IN  CAA  0 issue ";" domain.tld.  IN  CAA  0 issuewild ";" Only the specified CA can Issue Certificates and Wildcard Certifcates for that Domain domain.tld.  IN  CAA 0 issue "ca.domain.tld" domain.tld.  IN  CAA 0 issuewild "ca.domain.tld" To indicate that certificate authorities should report invalid certificate...

posted @ Wednesday, January 4, 2023 11:33 PM | Filed Under [ Security PowerShell ]

How to Fix "WorkHoursVersion1 is null" in Exchange Online

Hi All, I've performed a lot of Exchange Online Migrations this Year. After the Mailbox was migrated i did run a Post Migration Script to set some Setting on the Mailbox like: Set-MailboxRegionalConfiguration -Identity $UPN  -TimeZone "W. Europe Standard Time" -DateFormat "dd.MM.yyyy" -TimeFormat "HH:mm" -Language "de-CH" -ErrorAction Stop Set-MailboxCalendarConfiguration -Identity $UPN -WeekStartDay Monday -WorkDays Weekdays -WorkingHoursStartTime 08:00:00 -WorkingHoursEndTime 17:00:00 -WorkingHoursTimeZone "W. Europe Standard Time" -ShowWeekNumbers $True -ErrorAction Stop In some cases there where this Error: "WorkHoursVersion1 is null" While googling i found the Fix for that in my own Blog :) How to fix "WorkHoursVersion1 is NULL" https://blog.icewolf.ch/archive/2016/01/20/how-to-fix-workhoursversion1-is-null.aspx Sadly i don't have any Screenhot. This one is an old...

posted @ Friday, December 23, 2022 1:44 PM | Filed Under [ Exchange PowerShell ]

Exchange Online - Other ways of Testing IMAP OAuth2 Client Credential Flow

Hi All, I write this Blog Article in Addition to the Exchange Online POP and IMAP OAUTH 2.0 Client Credentials Flow https://blog.icewolf.ch/archive/2022/12/17/exchange-online-pop-and-imap-oauth-2-0-client-credentials.aspx I tried out other ways of testing First we need to get the Access Token ############################################################################### # Get Access Token with MSAL ############################################################################### Import-Module MSAL.PS $AppID = "3bf0cf36-87bf-47a9-927b-0ef9df7cf146" $TenantID = "icewolfch.onmicrosoft.com" $ClientSecret = ConvertTo-SecureString "YourClientSecret" -AsPlainText -Force $Scope = "https://outlook.office.com/.default" Clear-MsalTokenCache $Token = Get-MSALToken -ClientId $AppID -ClientSecret $ClientSecret -TenantId $TenantID -Scope $Scope $AccessToken = $Token.AccessToken You can decode your Access Token with https://jwt.ms/ Make sure you se the Roles POP.AccessAsApp or IMAP.AccessAsApp Or use the JWTDetails Module and the command Get-JWTDetails -token $AccessToken It is explained that you need to use Base64 Encoding with Username and...

posted @ Tuesday, December 20, 2022 11:45 PM | Filed Under [ Exchange PowerShell ]

Full PowerShell Archive

Powered by:
Powered By Subtext Powered By ASP.NET