Token Resistance I ran into an interesting scenario yesterday during a tenant migration where users from tenant A were successfully migrated to Tenant B, but their accounts remained logged into Teams - even changing the user account names to their onmicrosoft.com domain and removing their Teams license wouldn't force them to log out… talk about … Continue reading Force Teams to Sign Out
I've done some work recently with Azure AD Privileged Identity Management, and I wanted to find a way to streamline the request process for an administrator who needs to run some PowerShell scripts or commands so that the whole request/approval process can be simplified and streamlined. Enabling Privileged Identity Management Note that if you … Continue reading PowerShell: Manage Privileged Roles (PIM)
Here's another handy script in my migration toolbelt - one of my very frequent tasks during different types of migration projects is to configure forwarding on mailboxes. Often times you might be forwarding in one direction for the duration of the backend migration, and then after cutover, you might need to remove that forwarding and … Continue reading PowerShell: Bulk Forwarding Script
With the recent MFA outages (twice in the last two weeks), the question has come up in conversation several times - what do we do when MFA is down, and when our users can't log in? As you might expect, there are several approaches you can take that allow you to maintain the balance between … Continue reading Mitigating Azure MFA Outages
Security & Compliance - eDiscovery for the win I recently ran into a situation where I needed to export all the Sent Items from a number of mailboxes within a very specific date range - we needed to export these items so that they could be ingested into a journaling mailbox later. Since you can't … Continue reading Export Sent Items using eDiscovery
I had to recently do some eDiscovery work in the Security and Compliance Center (I'll post about that next, there was some cool PowerShell in there too 🙂 ), and as I often do, I turn to PowerShell to automate the process - or at least make it easier for me to do more things … Continue reading PowerShell: Connect to the Security & Compliance Center
I was working on a project where we were both upgrading ADFS and migrating it from Azure to AWS - it was way more difficult than it should have been, and ADFS sure did not play nicely on AWS. Maybe it's gotten better now, but it was overall quite the headache - the WAP servers … Continue reading PowerShell: Reset WAP Configuration
One of the things that I love to do when I'm writing scripts is write them in such a way that you can run them over and over again without breaking - for instance, if I have a script to add a bunch of users to a group (something I'm doing all the time during … Continue reading Compare Group Membership
Something I run into quite frequently on projects is the need (or desire) to control the rollout of OneDrive - I've had to come up with creative ways to block OneDrive access multiple times over the years. However, this time around, we don't want to block access to OneDrive completely - we just want to … Continue reading Prevent users from creating OneDrive sites
One of the things I love about my job is working with really smart people, and my good buddy Chris Rockwell is no exception! We were working on a project together and needed to come up with a way to blacklist outgoing email in order to keep up with Canadian Anti-Spam Legislation (CASL) compliance. Basically, … Continue reading CASL Blacklist – Transport Rule Management
Master & CmdR 