Local Administrator Password Solution (LAPS) is an Azure Feature that allows IT Administrators to secure and protect local administrator passwords. This includes automatic rotation of passwords as well as backing up the passwords to Azure Active Directory. The Dangers of Local Admin Access One of the most common mistakes that I see off the top... Continue Reading →
How to fix Azure AD Connect permission-issue error
Recently, I have come across this issue several times so thought I will document the fix and share with everyone. Issue We are trying to sync new users or update the changes using AD Connect but for some reason nothing is getting updated and there are no errors on O365 AD Connect page. Tried updating... Continue Reading →
Email Migration Issues
During a recent project involving the migration of emails from an on-premises Exchange server to Office 365, I utilized a third-party tool known as Avepoint. Throughout this process, I encountered several peculiar issues that required thorough investigation, despite their seemingly straightforward nature. Recognizing the potential value of sharing these experiences, I aim to provide insights... Continue Reading →
External User Sending to Distribution Group With External Domain Recipients
Issue: When an external user is sending an email to a distribution group which consists of both internal and external users. Emails to internal users get delivered but fails to be delivered to external members of the group. Sometimes the sender doesn't even get NDR as they might not have been enabled. You can always... Continue Reading →
Script To Get A List Of All Mailboxes Along with All its Email Aliases
Connect to Exchange Online $UserCredential = Get-Credential$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://outlook.office365.com/powershell-liveid/ -Authentication Basic -AllowRedirection:$true -Credential $UserCredentialImport-PSSession $Session -DisableNameChecking:$true -AllowClobber:$true | Out-Null Get all Exchange Online users $AllUsers = Get-Mailbox -ResultSize Unlimited Iterate through each user and retrieve email address aliases foreach ($User in $AllUsers) {$UserPrincipalName = $User.UserPrincipalName$PrimarySMTP = $User.PrimarySmtpAddress$EmailAliases = $User.EmailAddresses # Output... Continue Reading →
Email Spoofing
Email spoofing is a common technique used by cybercriminals to send fraudulent emails that appear to come from a trusted source. This practice can put individuals and organizations at risk of falling victim to phishing attacks, malware infections, and other types of cyber threats. To prevent email spoofing, several email authentication protocols such as SPF, DKIM, and DMARC have been developed. These protocols work by verifying the authenticity of the sending domain, checking the content of the email, and enforcing policy-based actions. By implementing these protocols, domain owners can protect their brand reputation, improve email deliverability, and provide a safer email experience for their users.
Script to list The Members of Nested Distribution Groups
Connect to Exchange Online PowerShell $UserCredential = Get-Credential$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirectionImport-PSSession $Session Get list of all distribution groups $groups = Get-DistributionGroup -ResultSize unlimited Loop through each group and get its members foreach ($group in $groups) {Write-Host "Group: $($group.Name)"$members = Get-DistributionGroupMember -Identity $group.Name -ResultSize unlimitedforeach ($member in $members)... Continue Reading →
Mailbox Calendars Permissions For All Users
Following power shell commands can be used to get a list of all Exchange user's mailbox calendar permissions. Output will list all users along with the users that have permission to their calendars and also permission level. $Mailboxes = (get-mailbox -database dbname) $Mailboxes | ForEach {Get-MailboxFolderPermission -Identity “$($_.alias):\Calendar” | Select User, Identity, AccessRights} You can... Continue Reading →
The ACE doesn’t exist on the object Mailbox Permissions
If you have recently upgraded from exchange 2013 or older to 2016/2019, you might experience the following when you try to remove mailbox permissions using exchange PowerShell. It will let you remove the permissions using exchange admin centre without any error sometimes but when you go back to check the permissions, you will notice that... Continue Reading →
Emails Being Rejected on O365: Bare Line Feed Characters
This usually happens when a 3rd party server is emailing you which includes characters which causes emails to be rejected. Microsoft used to remove these characters before, but they stopped doing so. As per Microsoft documentation, receive connector need to be adjusted to fix this but that applies to on-prem exchange only. I couldn’t find... Continue Reading →
Salman Tariq
SalmanTechBlogs 