Cisco AnyConnect error “The VPN client agent IPsec engine encountered an error.”
Cisco (AnyConnect) Wednesday, 14 October 2020 by paul

AnyConnect IPSEC error

Issue with the Cisco AnyConnect VPN network client. It displayed the error message “The VPN client agent IPsec engine encountered an error.” after authentication and failed to connect. The issue only occurred from specific ISP internet connects (Sky).


The error was due to the VPN split tunnel containing too many routes (1000+). Reducing the number of routes (<200) allowed the connection. Not sure why this only affected specific ISP internet connections.

Disable PowerApps Feedback Prompt
Office 365 (PowerApps) Friday, 18 September 2020 by paul

After using a PowerApp it displays a prompt for Feedback to Microsoft. This may not be something you want you users to see but it can be disabled by running the following PowerShell script. Note that PowerShell needs to be run as administrator to install the modules (if not already installed).

# Disable PowerApps Feedback prompts

# Install required PowerApps PowerShell modules
Install-Module -Name Microsoft.PowerApps.Administration.PowerShell 
Install-Module -Name Microsoft.PowerApps.PowerShell -AllowClobber 

# Connect to tenant as global admin

# Display current tenant settings

# Set SurveyFeedback to disabled
$settings = @{ disableSurveyFeedback = $true } 
Set-TenantSettings $settings 

# Check settings have changed

Now your users should no longer be prompted for Feedback to Microsoft when using PowerApps. 


Remove old accounts from shared mailbox delegation
Office 365 (Exchange Online) Thursday, 10 September 2020 by paul

When an Office 365 user account is deleted it is removed but any delegated access to shared mailboxes remains.

The script below will check all shared mailbox permissions and remove any that are for users who have been deleted.

# Remove deleted users shared mailbox access / permissions

# Connect to Exchange Online PowerShell
if ($Session.state -eq 'Broken' -or !$Session) { 
	write-host "Connecting to Exchange Online Powershell.."
	$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential (Get-Credential) -Authentication Basic -AllowRedirection
	Import-PSSession $Session -AllowClobber

# Get list of all shared mailboxes
$mailboxes =  get-mailbox -Resultsize unlimited | where {$_.RecipientTypeDetails -eq "SharedMailbox"}

# Check each shared mailbox delegate access
foreach($mailbox in $mailboxes) {
	# get list of users delegated full access
	$access = Get-MailboxPermission -Identity $mailbox.UserPrincipalName
	foreach ($permission in $access) {
		# Check user has \ character which deleted usernames have
		If( $permission.User -like "*\*" -and $permission.User -notlike "NT AUTHORITY*") {
			# display the deleted users
			$permission | ft
			# remove the permission
			Remove-MailboxPermission -Identity $mailbox.UserPrincipalName -User $permission.User -AccessRights FullAccess -Confirm:$false
	# get list of users delegated sendas access
	$access = Get-RecipientPermission -Identity $mailbox.UserPrincipalName -AccessRights SendAs
	foreach ($permission in $access) {
		# Check user has \ character which deleted usernames have
		If( $permission.Trustee -like "*\*" -and $permission.Trustee -notlike "NT AUTHORITY*") {
			# display the deleted user
			$permission | ft
			# remove the permission
			Remove-RecipientPermission -Identity $mailbox.UserPrincipalName -Trustee $permission.Trustee -AccessRights SendAs -Confirm:$false

Try running it first with the Remove-MailboxPermission/Remove-RecipientPermission lines commented out to ensure only deleted users are displayed. Then uncomment those commands and then run it again.

Purging a specific email from Exchange Online
Office 365 (Exchnage) Monday, 24 August 2020 by paul

To delete a specific email which has been sent in error you can search for it then use the search to purge the emails from Exchange Online mailboxes in your tenant.

1. Log into the Compliance Admin portal ( and create a new content search.

2. Run the following powershell commands to delete the search returned previously.

# Purge an emails from everyones mailbox sent in error

# Connect to powershell 
    [Parameter(Position=0, Mandatory=$true, ValueFromPipeline=$true)] 
    [string] $searchname

if ($Session.state -eq 'Broken' -or !$Session) { 
	write-host "Connecting to Exchange Online Powershell.."
	$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential (Get-Credential) -Authentication Basic -AllowRedirection
	Import-PSSession $Session -Allowclobber
# Connect to Sec & Comp PS

# Delete using command
New-ComplianceSearchAction -SearchName $searchname -Purge -PurgeType HardDelete

# Get Status of actions

3. There may be a delay before the search action is complete but running the Get-ComplianceSearchAction command a few times should show when it is complete.

Now the emails returned by the search will be removed from the mailboxes where they were stored. This does not remove them from mailboxes which are not in your tenant.

Disable Visio and Project Self-Service purchasing in Office 365
Office 365 (Licensing) Tuesday, 18 August 2020 by paul

Microsoft has expanded their self-service offering from Power Platform licenses to also allow users to purchase Viso and Project licenses themselves. This can become very messy for companies trying to track their Office 365 expenditure and licensing. Fortunately it can be disabled using the following PowerShell

# Install the PowerShell module using the command
install-module MsCommerce

# Connect to Commerce endpoint. Log in with GA

# List policy allow self-service purchase
Get-MSCommercePolicy -PolicyId AllowSelfServicePurchase | fl

# List current plans allowing  self-service purchase  
Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase

# Set policy to disabled for any that are enabled
Get-MSCommerceProductPolicies -PolicyId AllowSelfServicePurchase | ? {$_.PolicyValue -eq "Enabled" } | ForEach {Update-MSCommerceProductPolicy -PolicyId AllowSelfServicePurchase -ProductId $_.ProductId -Enabled $False }

More info is available in Tony Redmond's excellent article on Petri -

Page 1 of 84 (423 Articles) << 1 2 3 4 5  Next >>