WannaCry/WannaCrypt and other Ransomware

This past week has seen the widespread growth of the WannaCry ransomware attack, which was based on the EternalBlue SMB vulnerability.  We released security update MS17-010 on March 14, 2017 to address the vulnerability. Preliminary reports show at least 300,000 computers have been affected globally by this ransomware that encrypts files, requiring up to $600…

2

Disable Office 365 Groups Creation: Redux

Several months ago, I wrote a blog on Disabling Office 365 Groups.  It seems as though we couldn’t leave well enough alone.  Such is a price of progress. I got a new laptop a few weeks ago, and then found myself in the position of helping out a few colleagues this week.  One of the tasks…

8

Copy Get-History to Clipboard

I’ve been working on a little project, and the need to retrieve the last n number of commands I’ve executed in PowerShell has become a tedious task.  As you’re (hopefully) aware, Get-History is a great cmdlet to review exactly how you got to where you are.  You can then combine that with the Clip cmdlet…

4

AADConnect Undocumented Filters

From time to time, you may find that you need to selectively filter out users going to Office 365.  The easiest way to do it is with a scoping filter.  We do have some documents on setting the cloudFiltered attribute in the metaverse to True, but that requires creating new rules.  And, if you’re in…

1

Migrating Hybrid Public Folders to Office 365

So, tonight I started the last phase of one of my longest-running projects since joining Microsoft–an Exchange Online migration for a school district that I began nearly a year and a half ago.  40,000 mailboxes down and 13,000 public folders remaining. One of the things that we recommend for Hybrid Public Folders is that you…

1

AAD Connect Error CD-8235 Exporting to AD Connector

This afternoon, I ran into a customer with a very interesting configuration–a 300-user department with 15 domain controllers spread among 6 sites. Which, given our guidance in the past didn’t seem that out of line (redundant domain controllers at each site to process logons). What made it really interesting was that each site (including the…

3

Testing AD FS for Office 365 without Directory Synchronization

Let’s say you’re in one of the following scenarios: You need to set up AD FS for a shared hosting environment and won’t have any identities synchronized from the forest where AD FS will be deployed and want to verify that the AD FS infrastructure is working. You need to stage AD FS before you’re…

2

Troubleshooting Mailbox Migration Error “You can’t use the domain because it’s not an accepted domain for your organization.”

While migrating users via MRS between organizations (especially to Exchange Online), a pretty common error that I run across is: You can’t use the domain because it’s not an accepted domain for your organization. This error is generated because the MailUser object of the user you’re attempting to migrate has a proxy address attached to…

12

Removing Proxy Addresses from Exchange Recipients

I saw a request come through the other day for a method to remove unwanted proxy addresses for contacts.  I’d had some code sitting around from a project a few years back and decided to freshen it up, and maybe add some newer tricks. So, the original idea was to select a bunch of users…

4

PingProvisioningServiceEndPoint error when configuring AAD Connect

This afternoon, while configuring AAD Connect for a customer, I ran into a new error when I clicked Install at the end of the installation wizard: An error occurred executing Configure AAD Sync task: Unexpected exception thrown. Action: PingProvisioningServiceEndPoint, Exception: An error occurred. Error Code: 6. Error Description: Your credentials are not authorized to access…

2