Tag Archives: PowerShell

Exchange Online PowerShell multi factor authentication (MFA)

It’s a good thing to enable multi-factor authentication (MFA) for Office 365 administrators. For web based management portals this is not a problem, just enter your username and password, wait for the text message to arrive, enter it in the additional dialog box and you’re in.

For PowerShell this has been more difficult, but MFA for PowerShell is available as well for some time now. When you login to the Exchange Admin Center and select hybrid in the navigation pane you can configure a hybrid environment (first option) or install and configure the Exchange Online PowerShell MFA module.

Click on the second configure button, and in the pop-up box that appears click Open to start the installation of the PowerShell module:

image

Continue reading Exchange Online PowerShell multi factor authentication (MFA)

Resolve-DnsName PowerShell command

Every now and then you find these small little things that turn out to be very useful. The Resolve-DnsName cmdlet in PowerShell is such a brilliant thing, and it is a nice replacement for NSLOOKUP. Since it is a PowerShell cmdlet you can easily use it in scripts. It looks like this command was introduced in Windows Server 2012 R2, but I found out only a couple of days ago.

As an Exchange consultant I can use the Resolve-DnsName for retrieving my MX records, or my DMARC record:

image

Using the Get-Help Resolve-DnsName command you can get more information, if you need some examples on how to use it you can use the -Examples option, or the -Detailed and -Full options.

image

Very useful for an Exchange admin, and it can be used in PowerShell scripts.

Rename filenames containing strange characters with PowerShell

Recently I had a computer with tons of file on it which I had to backup and upload to OneDrive for Business (OdfB). For some unknown reason there were lots of file that had the HTML representation of a space character in it (%20), there were also filenames containing a # character.

Needless to say, the OdfB client didn’t like it, and kept complaining about not being able to upload files, it wanted to try again and again…. Renaming these files (in hundreds of directories) was not something I fancied, but this is great for PowerShell to figure out.

To find all files that contained the %20 in it I used the following command:

Dir -Recurse | Where-Object {$_.Name -like "*%20*" }

image

Now it’s just a matter of renaming the “%20” with another character, for example an underscore character “_”, like this:

Dir -Recurse | Where-Object {$_.Name -like "*%20*" } | Rename-Item -NewName { $_.Name -replace "%20","_" }

Et voila, all “%20” characters are now removed from the filenames, and ready to be uploaded to OneDrive for Business

image

Upgrade Azure Active Directory Synchronization to AADConnect

The Microsoft Directory Synchronization has been available in a variety of versions and names:

  • DirSync (the original).
  • Azure Active Directory Sync (AADSync).
  • Azure Active Directory Connect (AADConnect).

Each version of the tool had a number of releases, for the original DirSync for example there were 14 different releases as can be seen here. Similar information for AADSync (5 releases) can be found here, and for AADConnect (12 releases) you can find it here.

In my test environment (Exchange hybrid) I’m currently running AADSync 1.0.491.413. Since the current (as of March 2016) version is AADConnect 1.1.110.0 it’s time to upgrade J

When upgrading from a previous version there are two options:

  • In-place upgrade – this is the recommended way if the upgrade time takes less than three hours.
  • Parallel upgrade – This is the recommended way if the upgrade time takes more than three hours.

Why three hours? The Directory Synchronization runs every three hours. It is also estimated that if you have more than 50,000 objects to synchronize, the upgrade will take more than 3 hours.

Continue reading Upgrade Azure Active Directory Synchronization to AADConnect

The requested HTTP URL was not available

While trying to setup Remote PowerShell to an Exchange 2013 Server I ran into a couple of issues. The most obvious was that the Exchange server only accepts SSL request, so you have to specify ‘https’ in the ConnectionUri, so I used these commands:

$Credential = Get-Credential administrator@posh.local
$Session = New-PSSession –ConfigurationName Microsoft.Exchange –ConnectionUri https://webmail.posh-workshop.com/PowerShell -Authentication Basic -Credential $Credential -AllowRedirection
Import-PSSession $Session

The following error was returned:
New-PSSession : [webmail.posh-workshop.com] Connecting to remote server webmail.posh-workshop.com failed with the following error message : The WinRM client sent a request to an HTTP server and got a response saying the requested HTTP URL was not available. This is usually returned by a HTTP server that does not support the WS-Management protocol. For mor e information, see the about_Remote_Troubleshooting Help topic.

image

When checking the PowerShell virtual directory using the Get-PowerShellVirtualDirectory | fl command I got the following response:

image

When you want to use Remote PowerShell from a non domain member (or via the Internet) you have to use Basic Authentication (as specified in my request), you also have to set Basic Authentication on the Virtual Directory as well, like this:

Get-PowerShellVirtualDirectory –Server MAIL01 | Set-PowerShellVirtualDirectory –BasicAuthentication:$TRUE

Once changed Remote PowerShell works as expected.