All posts by JosL

Exchange 2007, Exchange 2010, Exchange 2013, Powershell

Quick overview of all unique email domains in use under a certain OU

June 13, 2016 JosL Leave a comment

We wanted an overview of which domains our users were using in a certain country (Netherlands in this case). So, a simple Powershell snippet that counts all unique domains it encounters in the ProxyAddresses field of all users under a certain OU.

Note that if you have set contacts / forwarders, some domains that appear may not actually be accepted domains in your exchange organization.


#Author: Jos Lieben (OGD)
#Date: 13-06-2016
#Script help: www.liebensraum.nl
#Purpose: retrieve all unique domains in use under a specific OU and count them
#Requirements:
#active directory PS module
########

ipmo activedirectory

$users = get-aduser -Filter * -Properties * -SearchBase "OU=Netherlands,OU=Countries,DC=lieben,DC=nu" -SearchScope SubTree

$domains = @{}
foreach($user in $users){

$emails = $user.ProxyAddresses
foreach($email in $emails){
$domain = $email.Split("@")[1]
if($domain){
$domains[$domain] += 1
}
}

}

Write-Output $domains

Office 365, OneDrive for Business, Powershell, Sharepoint Online

O365AntiCryptoLocker, restores the previous version of your files in Sharepoint Online or Onedrive for Business

June 8, 2016 JosL 14 Comments

Note: O365Undo is also free and can probably help you fix your crytolocker problem more precisely as it is the next version of O365AntiCryptoLocker

At OGD we sometimes have to deal with users that got infected with CryptoLockers and have both automated and controlled systems in place to prevent damage or restore data to any fileshares. An infection on Sharepoint Online or Onedrive has not yet happened, but eventually it of course will and I like to fix things before they break.

As Sharepoint Online and Onedrive for Business natively use versioning on files, you basically have no real risk of losing data to Cryptolockers, your RPO (Restore Point Objective) is 0. However, restoring the previous versions of files is quite a lot of work if done manually, so your RTO (Restore Time Objective) could be weeks or more.

Unless of course, you use Powershell. I’ve written a script that will restore the most current previous version of any file in a given Document Library.

Download: O365AntiCryptoLocker

Example usage for a Onedrive site:

.\O365AntiCryptoLocker.ps1 -siteURL&nbsp;"https://o365mig-my.sharepoint.com/personal/test1_o365mig_onmicrosoft_com" -login "mylogin" -password "mypassword" -libraryTitle "Documents"

Or for a Sharepoint Online Site:

.\O365AntiCryptoLocker.ps1 -siteURL&nbsp;"https://o365mig.sharepoint.com/site1"&nbsp;-login "mylogin" -password "mypassword" -libraryTitle "Documents"

You’ll need the Sharepoint Client Components installed, and you’ll have to have sufficient permissions on the library and its files.

Exchange 2007, Exchange 2010, Exchange 2013, Powershell

Exporting shared mailbox permissions to a CSV

June 8, 2016 JosL 5 Comments

A demonstration of one way to get shared mailbox permissions exported to a CSV file. We needed both users, groups and users in groups (so, a recursive search). Only Shared mailboxes had to be included, we could identity these by a simple rule:

the first portion of the primary email address does not contain a dot

See line 126 and 127 for this rule if you need a different method.

Edit: make sure you replace CED\ with your own domain! Sorry bout that…

This export excludes Deny permissions and looks for users in groups up to 2 levels deep. Credits to Piotrek for his Get-ADNestedGroupMember function.

Script source: Continue reading Exporting shared mailbox permissions to a CSV →

OneDriveMapper

OnedriveMapper v2.33 released!

June 2, 2016 JosL Leave a comment

Version 2.33 of OneDriveMapper has been released.

added the Email field as an alternative source of the user’s login ID when domain joined
fixed backwards support for older Powershell versions where PSDrive would not return the full drive path
A lot of code refactoring

Get the new version here

Exchange Online

Snippet to build a TLS connector in Exchange Online for a list of domains

May 30, 2016 JosL 6 Comments

Some organisations, in particular German ones, require encryption between your Exchange Online mail servers and their mail servers. This can be enforced by adding their domains to an outbound TLS connector in Office 365.

In my case, this had to be enforced (the default is oppertunistic). If you get a long list, you’ll want to script this with the following snippet. Remember to make sure the first line of your CSV has the header/colum name ‘domain’ 🙂


#Author: Jos Lieben
#Help: www.lieben.nu
$UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session -AllowClobber -DisableNameChecking

$connector = Read-Host &quot;Type the name you wish to give this connector&quot;
$csv = Read-Host &quot;Type the path to the file with TLS domains&quot;

$domains = Import-CSV -LiteralPath $csv

$newDomains = @()
foreach($domain in $domains){
$ND = [String]$domain.domain
$ND = $ND.Trim()
$newDomains += $ND
}

try{
New-OutboundConnector -Name $connector -recipientdomains $newDomains -ConnectorType &quot;Partner&quot; -TlsSettings &quot;CertificateValidation&quot; -ErrorAction Stop
}catch{
Write-Error &quot;Failed to modify outbound connector $connector $($Error[0])&quot;
}

Liebensraum