Update to the Set-UPNWithMailAddress Script

I hadn’t touched this one in a while, but a recent request from a customer had me checking in on it.  I tidied it up (no one likes people staring at their dirty laundry), and updated the scripting to be more efficient.  One of the things I noticed about it is that I had run…


DLP for Bitcoin Addresses

One of the up-and-coming combination phish-ransom attacks is to trick the mark into thinking that you’ve got access to their data, and then get them to send money to a Bitcoin address to protect them from data leakage.  You can create a DLP rule in the Office 365 Security & Compliance Center (or an Exchange…


Bulk Converting Office 365 Groups to Teams

This week, while working with one of my peers, a request came in to bulk convert all Office 365 groups to Microsoft Teams.  In the Teams UI, you’re only presented the choice to upgrade groups you own, one at a time, to Teams. Anything UI can do, scripting does better.  Scripting does everything better than UI….


Creating a Teams “New Channel” notification

One of my customers recently asked for a solution to checking a particular Microsoft Team multiple times a day for new channel additions.  In their organization, someone is responsible for creating a new channel every time new item for review is published, and then all of the communications, files, and data related to that item…


Hashmaker, Hashmaker, Make Me A Hash

While contemplating methods to determine whether a file had changed or been updated, I thought that an MD5 check would be a pretty simple way to figure out if something was different. But what if I wanted to check bunches of stuff on the fly? Or download a file from a website and store it…


Update to the AAD Network Testing Tool

Hey, all!  One AAD tool update deserves another! Every so often, I check in to make sure I’m keeping the AAD Connect Network Test Tool as fresh as I can.  I’ve made a few changes to the way it works (hopefully which you all think is for the better).  One of the changes that I…


Update to the AAD Connect Advanced Permissions tool

It’s been a while since I’ve updated this popular tool, and the need was brought to my attention by a peer who noticed an attribute being exported to on-premises AD (but failing): As it turns out, the msDS-KeyCredentialLink is required for Windows Hello for Business Hybrid. I’ve updated the permissions tool to handle the msDS-KeyCredentialLink…


Update to Get-SCCDataExport

I’ve been tinkering around a little with this, hoping to bring some better updates (so maybe you can see who is generating your data exports and go smack them around). I’ve got a few updated fields added to the tool, so be sure to go check it out! Since the object is exported to the…


WhoAmI for Office 365

If you’ve ever struggled to find out who your current session is logged in as when you connected to Office 365, here’s a tidbit to shed some light on it: (Get-PSSession |?{$_.ComputerName -like “*outlook.com”})[0].RunSpace.ConnectionInfo.Credential.UserName You can also use RunSpace.OriginalConnectionInfo.Credential.UserName.  The SDK says ConnectionInfo vs OriginalConnectionInfo: ConnectionInfo – Connection information for remote Runspaces, null for local Runspaces OriginalConnectionInfo – ConnectionInfo…


Calculating your Daily Export for the Security & Compliance Center

One of the lesser-known boundaries of Office 365’s Security & Compliance Center is that we only allow 2TB per day export volume.  When we talk about exports, we’re talking about the idea of taking content that has been identified via a content search mechanism (content search, eDiscovery case search, etc) and then staged for download. After the…