21 June 2017

Connect to Exchange Online with MFA enabled

Been searching a little while before I got this thru my skull.

I had enabled MFA for my account over at Exchange Online and tried to connect to the remote PowerShell. Immediately my screen turned red.
New-PSSession : [outlook.office365.com] Connecting to remote server outlook.office365.com 
failed with the following error message : [ClientAccessServer=VI1PR0101CA0080,
BackEndServer=am5pr10m 
b0595.eurprd10.prod.outlook.com RequestId=d3099d49-9287-419a-b22f-91e1bf7b888d,
TimeStamp=6/21/2017 10:43:42 AM] Access Denied For more information, see the 
about_Remote_Troubleshooting Help topic.

The access denied error is what triggered me to search for the MFA solution, because in the Office Portal I could log in just fine.

After some searching on the web I came across this:
https://technet.microsoft.com/library/mt775114.aspx
This just recently became available (for as far as I know), prior MFA had to be disabled for the Organisation Management account. Which is a terrible idea of course.

After installing the Exchange Online Remote PowerShell Module you get a new icon in your start menu.
After starting the new PowerShell module you're greated by this:
As you can see there's a new way to connect to Exchange Online with MFA enabled on your command.
The Connect-EXOPSSession is the new way, and a new commandlet not available in any of the installed modules the PowerShell Module directory.
I tried to find what module is explicitly loaded but was unsuccessful.
I think it downloads the module directly from the cloud, right after starting the module a black screen is briefly displayed and then the PowerShell window is shown.

Change Hyper-V Network Category from Public to Private with Powershell

This is one of those things that you can do multiple ways.
In my case however the normal routine of changing the network category type from Public to Private didn't work because my machine is domain joined.

When trying to create a HomeGroup you get this on a domain joined machine:
So PowerShell saves the day once again.
First see what adapters you have and what their current category is:
Get-NetConnectionProfile            
            
            
Name             : domain.lan            
InterfaceAlias   : vEthernet (External LAN Virtual Switch)            
InterfaceIndex   : 22            
NetworkCategory  : DomainAuthenticated            
IPv4Connectivity : Internet            
IPv6Connectivity : Internet            
            
Name             : Unidentified network            
InterfaceAlias   : vEthernet (Internal Virtual Switch)            
InterfaceIndex   : 8            
NetworkCategory  : Public            
IPv4Connectivity : NoTraffic            
IPv6Connectivity : NoTraffic

Then set the adapter to category private:
Set-NetConnectionProfile -InterfaceIndex 8 -NetworkCategory Private

Check the settings:
Get-NetConnectionProfile            
            
            
Name             : domain.lan            
InterfaceAlias   : vEthernet (External LAN Virtual Switch)            
InterfaceIndex   : 22            
NetworkCategory  : DomainAuthenticated            
IPv4Connectivity : Internet            
IPv6Connectivity : Internet            
            
Name             : Unidentified network            
InterfaceAlias   : vEthernet (Internal Virtual Switch)            
InterfaceIndex   : 8            
NetworkCategory  : Private            
IPv4Connectivity : NoTraffic            
IPv6Connectivity : NoTraffic

19 June 2017

Remote PowerShell login Office365, SkypeForBusiness Online, SharePoint Online, Exchange Online, Security and how to disconnect


Remote PowerShell login Office 365 all modules

Requisites login into Office 365 Skype for Business Online are:

· Running OS must be 64bit

· Microsoft .NET Framework 4.5.x

· PowerShell Version 3.0 or higher
(if you need to install Version 3.0+, download and install Windows Management Framework 4.0: https://www.microsoft.com/en-us/download/details.aspx?id=40855)

You need to install the modules that are required for Office 365, SharePoint Online, and Skype for Business Online:
Microsoft Online Service Sign-in Assistant for IT Professionals RTW
Windows Azure Active Directory Module for Windows PowerShell (64-bit version)

Download the Windows PowerShell module for Skype for Business Online
https://www.microsoft.com/en-us/download/details.aspx?id=39366
After installation copy the SkypeOnline and the LyncOnline module folders found in:
C:\Program Files\Common Files\Skype for Business Online\Modules
to:
C:\Windows\System32\WindowsPowerShell\v1.0\Modules
This is because when running Import-Module SkypeOnline the modules can not be found.
By copying them to the default module directory for PowerShell they can be found and load right up.

MicrosoftOnlineLogin

Set-ExecutionPolicy RemoteSigned

$credential = Get-Credential
Connect-MsolService -Credential $credential

SkypeForBusiness

Import-Module SkypeOnlineConnector
$SfBoSession = New-CsOnlineSession -Credential $credential
Import-PSSession $SfBoSession

SharePoint

Import-Module Microsoft.Online.SharePoint.PowerShell -DisableNameChecking
Connect-SPOService -Url https://domainhost-admin.sharepoint.com -credential $credential

Exchange

$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://outlook.office365.com/powershell-liveid/" -Credential $credential -Authentication "Basic" -AllowRedirection
Import-PSSession $exchangeSession -DisableNameChecking

Security

$ccSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid/ -Credential $credential -Authentication Basic -AllowRedirection
Import-PSSession $ccSession -Prefix cc

Logout

Remove-PSSession $sfboSession
Remove-PSSession $exchangeSession
Remove-PSSession $ccSession
Disconnect-SPOService
There is no disconnect or remove session option for MSOL, just close the PowerShell window.

12 June 2017

Free Azure documentation

After searching for some info on office365 i came across this page:
https://docs.microsoft.com/en-us/azure/#pivot=services

On this page all of Azure's services are displayed categorized by service type.
By clicking one of the subject for instance Storage and the choosing Backup you're presented a page where you can browse in a technet kind of way.
But it also display's a button "Download pdf"

In the pdf is everything that's on the webpage, so you can read it offline. Nice.
I created a list with the most interesting services (for myself that is) for quick downloading:

compute

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/cloud-services.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/service-fabric.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/batch.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/app-service.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/virtual-machine-scale-sets.pdf

containers

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/batch.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/app-service.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/service-fabric.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/container-registry.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/container-service.pdf

enterprise integration

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/biztalk-services.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/data-factory.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/sql-server-stretch-database.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/storsimple.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/api-management.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/service-bus.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/logic-apps.pdf

monitoring + management

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/azure-resource-manager.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/resource-health.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/advisor.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/billing.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/monitoring-and-diagnostics.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/scheduler.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/site-recovery.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/backup.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/automation.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/log-analytics.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/application-insights.pdf

networking

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/dns.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/network-watcher.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/expressroute.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/traffic-manager.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/cdn.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/vpn-gateway.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/application-gateway.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/load-balancer.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/virtual-network.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/networking.pdf

security + identity

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/multi-factor-authentication.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/active-directory-domain-services.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/active-directory.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/key-vault.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/security.pdf

storage

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/site-recovery.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/backup.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/storsimple.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/data-lake-store.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/storage.pdf

web + mobile

https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/notification-hubs.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/mobile-engagement.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/search.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/media-services.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/cdn.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/logic-apps.pdf
https://opbuildstorageprod.blob.core.windows.net/output-pdf-files/en-us/Azure.azure-documents/live/app-service-api.pdf


24 May 2017

Skype for Business 2015 Frontend Service won't start - Don't disable TLS 1.0 Event ID: 32192 & 32179

Finally figured it out.
Our Skype for Business 2015 Server Front-End service wouldn't start, it kept displaying "Starting".
The event-viewer kept filling up with:
Event ID: 32192

Closing routing group service due to an error.

Calling ReportFault on routing group {3C86EE90-FB81-5FC0-9B41-2C787B4ACC20} with FaultType 2 and ReasonCode 3. Error code: 0x00000000(ERROR_SUCCESS)
Cause: This may indicate a problem with the routing group. Please examine the server event logs and traces to identify the cause.
Resolution:
Run the commandlet Get-CsPoolFabricState -RoutingGroup [ROUTING GROUP] and make sure quorum is achieved. If the Pool is running and the Front-End is just started, this is normal for some time. If the error persists while the Front-End is running, restart the server.

And:
Event ID: 32179

Request to sync data from backup store for routing group {353B9BC5-A12D-578B-BAD5-F7F8BD5E02FC} was throttled due to pending requests.
Cause: This can happen when a Pool is re-started, and should go away automatically.

Turns out TLS 1.0 was disabled but this would be effective after the first reboot.
So when we rebooted for the latest WSUS updates it got activated and thereby killing the RTCSRV.exe service.

You can find the key here:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0|Server
REG_DWORD - Enabled
Value: ffffffff (decimal: 4294967295)

The disabled value is:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0|Server
REG_DWORD - Enabled
Value: 0(decimal: 0)

23 May 2017

Start Menu locations - Or add a simple Start Menu yourself without 3rd party tools

I keep forgetting the path to the Start Menu:
"C:\Program Data\Microsoft\Windows\Start Menu\Programs"

This is the same for Windows 7 up to Windows 10, and for Server 2012 to Server 2016.

But, wouldn't it be nice to have some sort of start menu without installing some malware/spyware infested tool? Then this quick fix is for you:

  • Display "Hidden items" on your C: Drive.
  • Open File Explorer and browse to your C: Drive. 
  • On the View tab, check the "Hidden items" checkbox.
  • Add a New Toolbar on your Taskbar.
  • Right-click on a blank area of your Taskbar and select Toolbars > New Toolbars.
  • Browse to the Start Menu\Programs folder.
  • In the New Toolbar dialog box, browse to the "C:\Program Data\Microsoft\Windows\Start Menu\Programs" folder. 
  • Click the "Select Folder" button.
  • Click the "Select Folder" button to add the new Toolbar to your Taskbar.

Here's what it looks like:

19 May 2017

Find all the KB's for Wannacry with PowerShell

I know this stuff is all over the place, but still could come in handy:

Check to see if the necessary Microsoft KB's are installed on your computer or server to protect you from "Wannacry":

#Current list of all the hotfixes from https://technet.microsoft.com/en-us/library/security/ms17-010.aspx            
$hotfixes = "KB3205409", "KB3210720", "KB3210721", "KB3212646", "KB3213986", "KB4012212", "KB4012213", "KB4012214", "KB4012215", "KB4012216", "KB4012217", "KB4012218", "KB4012220", "KB4012598", "KB4012606", "KB4013198", "KB4013389", "KB4013429", "KB4015217", "KB4015438", "KB4015546", "KB4015547", "KB4015548", "KB4015549", "KB4015550", "KB4015551", "KB4015552", "KB4015553", "KB4015554", "KB4016635", "KB4019213", "KB4019214", "KB4019215", "KB4019216", "KB4019263", "KB4019264", "KB4019472", "KB4015221", "KB4019474", "KB4015219", "KB4019473"            
             
#Check the computer it's run on if any of the listed hotfixes are present            
$hotfix = Get-HotFix -ComputerName $env:computername | Where-Object {$hotfixes -contains $_.HotfixID} | Select-Object -property "HotFixID"            
             
#Confirms whether hotfix is found or not            
if (Get-HotFix | Where-Object {$hotfixes -contains $_.HotfixID})            
{            
"Found HotFix: " + $hotfix.HotFixID            
} else {            
"Didn't Find HotFix"            
}            

If you are running Windows 10 Creator Update (Winver: 1703) you are good to go, as this build is not affected by Wannacry.