Powershell to disable Office 365 user who leaves
paul | Thursday, 18 July 2019 | Office365 | Powershell

The script below can be ran against an Office 365 synced user to disable their access immediately before ADconnect removes them when their onprem AD account is disabled.

# Disable Leaver
# Pass AD account username

param (
    [string]$user1 = $( Read-Host "Input user email address" )

Write-host "Looking up user "$user1" in AD..."
$user = Get-ADUser -Filter {EmailAddress -eq $user1} -ErrorAction SilentlyContinue -property mail,enabled
if($user -ne $Null) {
	Write-host "User $user1 found - "$user.DistinguishedName
else {
	Write-host "User $user1 not found. Aborting script." -foregroundcolor red
If($user.Enabled -eq 1) {
	Write-host "Disabling AD user $user1."
	Disable-ADAccount -Identity $user.UserPrincipalName
else {
	Write-host "AD User $user1 already disabled."
Write-host "Remove from Office 365 licensing AD group."
Remove-ADGroupMember -Identity "Licensing_Office365" -Members $user.DistinguishedName -ErrorAction SilentlyContinue -Confirm:$false

$test=Get-MsolDomain -ErrorAction SilentlyContinue
	Write-Host "Already connected to MSOL" -foregroundcolor green
	Write-Host "Not connected to MSOL. Connecting..." -foregroundcolor red

{ $var = Get-AzureADTenantDetail } 
catch [Microsoft.Open.Azure.AD.CommonLibrary.AadNeedAuthenticationException] {
	Write-Host "Not connected to AzureAD. Connecting..." -foregroundcolor red
	Connect-AzureAD -credential $cred

Write-Host "Getting mailbox for "$user1
{ $mailbox = Get-Mailbox -identity $user1 } 
catch  {
	Write-Host "Not connected to Exchange Online. Connecting..." -foregroundcolor red
	$LiveCred = Get-Credential
	$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
	Import-PSSession $Session
	$mailbox = Get-Mailbox -identity $user1

# Disable mailbox and set litigation hold
Write-Host "Disable mailbox and set litigation hold"
Set-Mailbox $user1 -AccountDisabled $true -LitigationHoldEnabled $true

# Set Out of Office
Write-Host "Setting Out of Office"
Set-MailboxAutoReplyConfiguration -identity $user1 -AutoReplyState Enabled -InternalMessage "Out of Office. Please contact manager with any queries." -ExternalMessage "Out of Office. Please contact manager with any queries."

# Revoke tokens
Write-Host "Revoking AzureAD tokens"
Get-AzureADUser -Searchstring $user1 | Revoke-AzureADUserAllRefreshToken

# Block access
Write-Host "Blocking Office 365 User"
Set-MsolUser -UserPrincipalName $user1 -BlockCredential $true 

# Disable Activesync etc
Write-Host "Disabling Mailbox features"
Set-CasMailbox -Identity $user1 -ActiveSyncEnabled $false -ImapEnabled $false -OWAEnabled $false -MAPIEnabled $false -PopEnabled $false -OWAforDevicesEnabled $false

Write-Host "Successfully completed script." -foregroundcolor green


Adding users to an AD group using Powershell
paul | Thursday, 18 July 2019 | Powershell | AD

Adding users to an Active Directory group from an Active Directory OU using Powershell.

# Add users from an AD OU into an AD Group with email domain
Get-ADUser -SearchBase ‘OU=Users,DC=contoso,DC=local’ -Filter 'mail -like "*@contoso.com"' | ForEach-Object {Add-ADGroupMember -Identity ‘AD Group Name’ -Members $_ }

# List number of users in AD OU with email domain
Get-ADUser -SearchBase ‘OU=Users,DC=contoso,DC=local’ -Filter 'mail -like "*@contoso.com"' | measure-object

# List number of user in AD Group
Get-ADGroupMember "AD Group Name" | measure-object


PRTG Remote Probe Npcap issues
paul | Wednesday, 17 July 2019 | PRTG | Npcap

Recent versions of PRTG Network Monitor have started including the Npcap driver for packet capture. This driver is causing issues when installed onto machine with 4G connections - disabling their 4G connection until the loopback adapter is disable or uninstalled.

Paessler support have recommended removing the driver and will modify their remote probe installs in future releases of PRTG.

The batch file below will silently uninstall the Npcap drivers.


Rem Remove Npcap

IF EXIST "c:\Program Files\Npcap\uninstall.exe" goto USTART
IF EXIST "c:\Program Files\WinPcap\uninstall.exe" goto USTART

net stop prtgprobeservice

IF NOT EXIST "c:\Program Files\Npcap\uninstall.exe" goto NONPCAP
"c:\Program Files\Npcap\uninstall.exe" /S

IF NOT EXIST "c:\Program Files\WinPcap\uninstall.exe" goto NOWINPCAP
"c:\Program Files\WinPcap\uninstall.exe" /S

Ping -n 30

net start prtgprobeservice


SEP Manager 14.2 RU1 Authentication errors after upgrade
paul | Friday, 24 May 2019 | SEP | SEP

After upgrading the Symantec Endpoint Protection Management server to 14.2 RU1 the server may stop authenticating with Active Directory servers. This is due to "improved" LDAP support.

To fix the AD server must be specified using the FQDN rather than just the domain name or IP address.

This is a known issue. Further information at:  https://support.symantec.com/en_US/article.TECH251819.html

eDiscovery Export Tool does not start
paul | Monday, 15 April 2019 | Office365 | eDiscovery

If after downloading the "Microsoft Office 365 eDiscovery Export Tool" and starting it you receive an error message "Cannot Start Application".

This may be due to downloading the tool using Chrome or another similar browser. The Tool must be downloaded using Microsoft Internet Explorer. It will then run ok.

Page 1 of 72 (360 Articles) << 1 2 3 4 5  Next >>