Disable PowerApps Feedback Prompt
Office 365 (PowerApps) Friday, 18 September 2020 by paul

After using a PowerApp it displays a prompt for Feedback to Microsoft. This may not be something you want you users to see but it can be disabled by running the following PowerShell script. Note that PowerShell needs to be run as administrator to install the modules (if not already installed).

# Disable PowerApps Feedback prompts

# Install required PowerApps PowerShell modules
Install-Module -Name Microsoft.PowerApps.Administration.PowerShell 
Install-Module -Name Microsoft.PowerApps.PowerShell -AllowClobber 

# Connect to tenant as global admin
Add-PowerAppsAccount

# Display current tenant settings
Get-TenantSettings

# Set SurveyFeedback to disabled
$settings = @{ disableSurveyFeedback = $true } 
Set-TenantSettings $settings 

# Check settings have changed
Get-TenantSettings

Now your users should no longer be prompted for Feedback to Microsoft when using PowerApps. 

 

Remove old accounts from shared mailbox delegation
Office 365 (Exchange Online) Thursday, 10 September 2020 by paul

When an Office 365 user account is deleted it is removed but any delegated access to shared mailboxes remains.

The script below will check all shared mailbox permissions and remove any that are for users who have been deleted.

# Remove deleted users shared mailbox access / permissions

# Connect to Exchange Online PowerShell
if ($Session.state -eq 'Broken' -or !$Session) { 
	write-host "Connecting to Exchange Online Powershell.."
	$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential (Get-Credential) -Authentication Basic -AllowRedirection
	Import-PSSession $Session -AllowClobber
}

# Get list of all shared mailboxes
$mailboxes =  get-mailbox -Resultsize unlimited | where {$_.RecipientTypeDetails -eq "SharedMailbox"}

# Check each shared mailbox delegate access
foreach($mailbox in $mailboxes) {
	# get list of users delegated full access
	$access = Get-MailboxPermission -Identity $mailbox.UserPrincipalName
	foreach ($permission in $access) {
		# Check user has \ character which deleted usernames have
		If( $permission.User -like "*\*" -and $permission.User -notlike "NT AUTHORITY*") {
			# display the deleted users
			$permission | ft
			# remove the permission
			Remove-MailboxPermission -Identity $mailbox.UserPrincipalName -User $permission.User -AccessRights FullAccess -Confirm:$false
		}
	}
	# get list of users delegated sendas access
	$access = Get-RecipientPermission -Identity $mailbox.UserPrincipalName -AccessRights SendAs
	foreach ($permission in $access) {
		# Check user has \ character which deleted usernames have
		If( $permission.Trustee -like "*\*" -and $permission.Trustee -notlike "NT AUTHORITY*") {
			# display the deleted user
			$permission | ft
			# remove the permission
			Remove-RecipientPermission -Identity $mailbox.UserPrincipalName -Trustee $permission.Trustee -AccessRights SendAs -Confirm:$false
		}
	}
}

Try running it first with the Remove-MailboxPermission/Remove-RecipientPermission lines commented out to ensure only deleted users are displayed. Then uncomment those commands and then run it again.

Purging a specific email from Exchange Online
Office 365 (Exchnage) Monday, 24 August 2020 by paul

To delete a specific email which has been sent in error you can search for it then use the search to purge the emails from Exchange Online mailboxes in your tenant.

1. Log into the Compliance Admin portal (https://compliance.microsoft.com/contentsearch) and create a new content search.

2. Run the following powershell commands to delete the search returned previously.

# Purge an emails from everyones mailbox sent in error

# Connect to powershell 
Param( 
    [Parameter(Position=0, Mandatory=$true, ValueFromPipeline=$true)] 
    [string] $searchname
) 

if ($Session.state -eq 'Broken' -or !$Session) { 
	write-host "Connecting to Exchange Online Powershell.."
	$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.protection.outlook.com/powershell-liveid/ -Credential (Get-Credential) -Authentication Basic -AllowRedirection
	Import-PSSession $Session -Allowclobber
}
# Connect to Sec & Comp PS
Connect-IPPSSession

# Delete using command
New-ComplianceSearchAction -SearchName $searchname -Purge -PurgeType HardDelete

# Get Status of actions
Get-ComplianceSearchAction

3. There may be a delay before the search action is complete but running the Get-ComplianceSearchAction command a few times should show when it is complete.

Now the emails returned by the search will be removed from the mailboxes where they were stored. This does not remove them from mailboxes which are not in your tenant.

Disable Visio and Project Self-Service purchasing in Office 365
Office 365 (Licensing) Tuesday, 18 August 2020 by paul

Microsoft has expanded their self-service offering from Power Platform licenses to also allow users to purchase Viso and Project licenses themselves. This can become very messy for companies trying to track their Office 365 expenditure and licensing. Fortunately it can be disabled using the following PowerShell

# Install the PowerShell module using the command
install-module MsCommerce

# Connect to Commerce endpoint. Log in with GA
Connect-MsCommerce

# List policy allow self-service purchase
Get-MSCommercePolicy -PolicyId AllowSelfServicePurchase | fl

# List current plans allowing  self-service purchase  
Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase

# Set policy to disabled for any that are enabled
Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase | ? {$_.PolicyValue -eq "Enabled" } | ForEach {Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $_.ProductId -Enabled $False }

More info is available in Tony Redmond's excellent article on Petri - https://petri.com/microsoft-expands-self-service-license-purchasing-to-visio-project?_hsmi=93447999&_hsenc=p2ANqtz--CT8FawwP2Rf-DbrazPLt6KLQrT5y_93cPp_-o0gdLTLfImIjdqU5D58iFbXdpeR4wJWB3Mx4uOkagz_NLM3sRz0eD71bKXOY18xR2ESKHcooDUa0

Windows Update date and time error
Windows (Windows Update) Monday, 10 August 2020 by paul

When using Windows Update the following error is displayed: "We couldn't install updates because there's a problem with the date and time information on your device. Make sure your date, time, and time zone settings are correct and we'll try again later."

Checking machine time and date settings shows no issues.

The machines are configured to get their updates from an internal Windows Update server. Connecting to the WSUS Console does not work either and gives a SSL error.

Checking the WSUS site in IIS Admin show the SSL Certificate bound to the site has expired.

Renew the certificate and restart the IIS site.

Now the machines connect and windows update as normal.

Page 1 of 84 (422 Articles) << 1 2 3 4 5  Next >>