A Consultants Perspective

Get and Assess Exchange Online configuration settings using powershell

Get and Assess Exchange Online configuration settings using powershell

This post will represent the first in a review of some of my original work assessing exchange online environments for my customers. Instead of blasting the whole script at you (like i did last time), i will be taking smaller chunks and explaining the 'why' and 'how' of each section in seperate posts. Connecting securely to exchange online via powershell has evolved a lot over the past decade. With the latest exchange online powershell module and the demise of Basic Authentication comes REST API connections. The biggest advantage to this (in my opinion) is more exposure to the session and ... Read More

The New Microsoft 365 Expert tests should not be taken lightly…

The New Microsoft 365 Expert tests should not be taken lightly…

 The New Microsoft 365 Expert tests should not be taken lightly...   Let me start by saying that I am a MCSE NT, 2000, 2003, 2008 and most recently a 365 Enterprise Administrator Expert.  I have taken a total of 20 Microsoft tests in my 25-year career including many electives.  My first test, believe it or not, was Understanding Windows 98 in 1998.    After the first few tests I got into a groove of studying and passing became a process.  As time went on, the answers to about 80% of the questions were available as more and more people took the tests.  The process almost became easy; If you study the ... Read More

O365 – Get Exchange Online and Azure Active Directory Configuration using Powershell

O365 – Get Exchange Online and Azure Active Directory Configuration using Powershell

The last post in this series, covered how many years we've been around gobbledygoop, and how 'expenses' over those 'years', force some of us to do more gobbledygoop. Well, I wont bore you with any of that until next post. Rest assured, let's just get on with why we are here. Here (I said it again) we explore how to get configuration data from Exchange Online and Azure Active Directory. This will cover tenant configurations and not delve too deep into policies and the policy engine as they deserve their own space. Pull Exchange Online Configuration using Powershell This Exchange ... Read More

Active Directory and Exchange Configuration Discovery using Powershell

Active Directory and Exchange Configuration Discovery using Powershell

Over the years I have assessed and analyzed many environments. Along the way I have run across many methods and tools for getting a configuration 'snapshot' while performing a discovery of a Microsoft environment. They all make calls to the Microsoft ‘management layer’ using different methods like, installing agents or direct access via WMI or code. They pull configuration data and provide some pretty cool canned reports around the data they gather. These tools can be expensive for 'integrators' as most of these products use ‘site’ licensing, forcing many of us to find other ways to quickly take a snapshot ... Read More

Prevent domain users from querying Elevated Groups

Prevent domain users from querying Elevated Groups

One of our customers that had recently suffered a brutal cyber attack tasked us with a method to protect elevated groups from being queried for membership by their domain users. I said, “That’s very specific.” My customer just looked at me and began to describe their situation. In a nutshell, the attacker had delivered a payload to one of their users via email. With this payload, the attacker was able to execute commands and install software on the infected computer. As a “Domain User” the attacker was able to query the “Domain Admins” group for its members. This information was ... Read More

Azure AD Connect – write ms-DS-Consistency-Guid using Synchronization rules Editor

Azure AD Connect – write ms-DS-Consistency-Guid using Synchronization rules Editor

One of my customers came to me the other day with a problem on an Azure AD Connect server that was not syncing any newly created objects. When I asked them about the last time they updated AD Connect, I was not surprised to hear that they hadn’t added it to their update schedule (Ill take some blame for this. They are, my customer, after all..). The next question I asked was “what source anchor are you using?”. Eventually they came back to me with the ‘ms-DS-Consistency-Guid’. “That’s interesting,” I said. “Can you check and see if your new users ... Read More

Datarift LLC 2020 Cloud Solutions
Phoenix, Arizona