How to bulk update user's manager from import CSV in O365?

Or, updating the bulk user's manager in O365 using CSV file

Steps/Prerequisites:

- Make sure you are corrected with O365 PowerShell session.

- Make sure you have exported Managers list in CSV format using the KB How to export user's managers in O365?

To update the user’s manager execute the below commands:

--------------------------------------------------------------------------------------------------------

$users = Import-Csv -Path "C:\manager.csv"

foreach($i in $users)

{

Set-User -Identity $i.UserprincipalName -Manager $i.Manager

}

---------------------------------------------------------------------------------------------------------

Note: Choose your correct file name and file path in the above-given command

Cheers, please write me back if you have any query or feedback.

How to export user's managers in O365?

Or, PowerShell command to export mailbox's managers in CSV format in O365

You can use the following command to export the user name along with the assigned manager details in .csv format.

------------------------------------------------------------------------------------------------

Get-user | select displayname, *manager* | Export-Csv -Path c:\managers.csv

-----------------------------------------------------------------------------------------------

Note: Please make sure you are connected to the O365 PowerShell session.

Cheers, please write me back if you have any query or feedback.

How to perform move request for an O365 mailbox?

Or, Performing move request for O365 based mailbox

Or, Moving mailbox to another datastore or database in online exchange O365

Or, How to change datastore or database of O365 mailbox?

Description: There are real situations where you face unexpected issues with some of the mailboxes, and observe unusual behavior while sending or receiving emails, using features of our email client, functionalities challenges, slowness etc… If you have already tried many the troubleshooting steps, and nothing has helped, its time for you to try the MoveRequest now to see if that helps.

This method will move your affected user’s mailbox from exiting to new datastore or database, and that helps in fixing such unusual problems if the problem is from the online exchange server side of Microsoft O365.

In my case, it has been one of the best approaches to handle such an issue.

Step-1: Logn to MS O365 Azure Powershell

Launch Microsoft Azure Active Directory – Windows PowerShell > run the following commands in sequence to login to your O365 tenant > Feed in your O365 admin credentials wherever prompted

-----------------------------------------------------------------------------------------------------------------------

1)      $LiveCred=Get-Credential

2)      $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirectio

3)      Import-PSSession $Session

-----------------------------------------------------------------------------------------------------------------------

Reference Screenshot:

Step-2: Run MoveRequest

Run the command given below for the selected user to initiate move request

-----------------------------------------------------------------------------------------------------------------------

New-MoveRequest admin@techiessphere.com

-----------------------------------------------------------------------------------------------------------------------

You can replace admin@techiesspehere in the above command, with the affected user’s email address of yours

Reference Screenshot:

Optional: Check the progress of MoveRequest

Run the following command to check the percentage completion of the MoveRequest

-----------------------------------------------------------------------------------------------------------------------

Get-MoveRequestStatistics -Identity admin@techiessphere.com

-----------------------------------------------------------------------------------------------------------------------

You can replace admin@techiesspehere in the above command, with the affected user’s email address of yours

Reference Screenshot:

Cheers, please write me back if you have any query or feedback.

How to bypass clutter for all users in O365?

Or, Disabling clutter for all users in O365

Or, Creating ‘Bypass Clutter’ transport rule in MS O365

Descriptions: If you are looking for disabling clutter function for all currently active mailboxes in your O365 domain just for one time, you can disable clutter by following the KB http://www.techiessphere.com/2016/06/command-to-disable-clutter-for-single.html

But, If you want this clutter function to be bypassed for all current as well as upcoming users, you should create a transport rule for this.

Solution/Steps: Creating ‘Bypass Clutter’ transport rule in MS O365

Login to O365 Admin Portal > Go to Mail Flow > Create a New Trasport Rule as per the reference details are given in below screenshot

IMP Notes:

1. Set the message header 'X-MS-Exchange-Organization-BypassClutter' to the value 'true'

2. You may or may not need an exception in this rule, so you can skip that option if not required

Cheers, Please write me back if you have any query or feedback...

PowerShell script to export disk usage report of multiple computers

Or, Disk usage report PowerShell script

Or, PowerShell script for disk usage report with .txt file input

Or, Export disk usage report to CSV for multiple windows computers

Descriptions: Disk usage report for storage optimization or to keep track of disk usage trends is one of the important routine task for every administrator. In this article, we would be exploring the PowerShell script to get disk usage report of multiple windows machines in to excel or CSV file.

In this article, we will prepare the scenario and logical environment, lastly we will run the PowerShell script to get the CSV report in desired folder location.

What has been covered in this script?

This script is designed for getting disk usage report of windows machines listed in ServersList.txt text file. It will keep only last 30 days report in the folder DiskUsageReports.

Prerequisites:

1. Administrative privilege to run the script

2. List of servers/computers name or IP in a text file

3. Basic knowledge of PowerShell commands

Prepare the environment – Get Ready

Create a root folder and three child folders like:

1. Root folder name: DiskUsage

2. Child folders name: DiskUsageReports, DiskUsageReportScript, and ServersList

A reference screenshot is given below:

Prepare a text file with Name ServersList.txt and place it in ServersList folder. This text file should contain the list of windows machines you wish to export disk usage report.

You can use name or IP as shown in below screenshot:

Finally, create the PowerShell script with following commands.

Simply copy and paste the given commands in PowerShell ISE windows and save it as .ps1 file under DiskUsageScript folder with name DiskUsageReport.ps1

===============================================================

$OldReports = (Get-Date).AddDays(-30)

Get-ChildItem D:\DiskUsage\DiskUsageReports\*.* | `

Where-Object { $_.LastWriteTime -le $OldReports} | `

Remove-Item -Recurse -Force -ErrorAction SilentlyContinue 

$LogDate = get-date -f yyyyMMddhhmm

$File = Get-Content -Path D:\DiskUsage\ServersList\ServersList.txt

$DiskReport = ForEach ($Servernames in ($File))

{Get-WmiObject win32_logicaldisk <#-Credential $RunAccount#> `

-ComputerName $Servernames -Filter "Drivetype=3" `

-ErrorAction SilentlyContinue

}

$DiskReport |

Select-Object @{Label = "Server Name";Expression = {$_.SystemName}},

@{Label = "Drive Letter";Expression = {$_.DeviceID}},

@{Label = "Total Capacity (GB)";Expression = {"{0:N1}" -f( $_.Size / 1gb)}},

@{Label = "Free Space (GB)";Expression = {"{0:N1}" -f( $_.Freespace / 1gb ) }},

@{Label = 'Free Space (%)'; Expression = {"{0:P0}" -f ($_.freespace/$_.size)}} |

Export-Csv -path "D:\DiskUsage\DiskUsageReports\DiskReport_$logDate.csv" –NoTypeInformation

=======================================================================

It should look like the below one:

Now you are done friends, just run the PowerShell script and get the report you need...

Steps: Run the prepared PowerShell Script

Right Click on the .ps1 script file and Click on Run with PowerShell

Now go to DiskUsageReport folder, you should have your CSV report ready there..

Cheers, Please write me back if you have any query or feedback.

PowerShell command to export AD uses created in last 7 days in to a CSV file

Or, Exporting AD users created in last 7 days to CSV file using PowerShell command

Or, Get AD users report created in last 7 days with the help of PowerShell

Descriptions:  If you are looking for exporting AD users created in last 7 days or any custom days in a CSV file/report, this article is for you my friend. In my case, I am going to export users created in last 7 days.

Steps:

Run Windows PowerShell as Administrator > run the commands mentioned below to get the CSV output/report

AD users created in last 7 days

Get-ADUser -Filter "Name -like '*'" -Properties Name, Title, Office, Created | where {$_.Created -gt $(Get-Date).AddDays("-7")} | select Name, Title, Office | Export-Csv D:\temp\ADReport.csv

Cheers, Please write me back if you have any query or feedback on this.

Exporting inactive AD users to CSV file using PowerShell command

Or, PowerShell command to export inactive AD uses in to a CSV file

Or, Get inactive AD users report with the help of PowerShell

Descriptions:  If you are looking for exporting inactive AD users in to a CSV file/report, this article is for you my friend. In my case, I am going to export users whoever are inactive since 30 days.

Steps:

Run Windows PowerShell as Administrator > run the commands mentioned below to get the CSV output/report

Inactive AD users since 30 days

Search-ADAccount -UsersOnly -AccountInactive -TimeSpan 30 | ?{$_.enabled -eq $True} | Get-ADUser -Properties Name, EmailAddress, Department, Description, lastLogonTimestamp | Select Name, EmailAddress, Department, Description,@{n='lastLogonTimestamp';e={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | Export-Csv D:\temp\funytest.csv

Cheers, Please write me back if you have any query or feedback on this.

Exporting AD users to CSV file using PowerShell command

Or, PowerShell command to export AD users in to a CSV file

Or, Get AD users report with all fields or selected fields with the help of PowerShell

Descriptions:  In this article, we are going to try some useful PowerShell commands to export AD users reports. You have choice to select many properties values, less properties values or all properties value as per your need.

Steps:

Run Windows PowerShell as Administrator > run the commands mentioned below to get the CSV output/report

AD user’s reports with some most commonly used fields

Get-ADUser -Filter '*' -Properties * | Select -Property EmailAddress,GivenName,Surname,DisplayName,Title,Department,Office,OfficePhone,MobilePhone,Fax,StreetAddress,City,State,PostalCode,Country | Export-CSV "D:\temp\ADusers.csv" -NoTypeInformation -Encoding UTF8

AD Users report with less fields

Get-ADUser -Filter '*' -Properties * | select -Property SamAccountName,DisplayName,EmailAddress | Export-CSV "D:\temp\ADusers2.csv" -NoTypeInformation -Encoding UTF8

AD users reports with all available fields

Get-ADUser -Filter '*' -Properties * | Export-CSV "D:\temp\ADusersAllFlds.csv" -NoTypeInformation -Encoding UTF8

The reference screenshot is given below to see how the commands should look like on PowerShell.

Cheers, Please write me back if you have any query or feedback on this.

Disable SMBv1 on multiple computers using PowerShell

Or, Easiest way to disable SMBv1 on multiple computers

Or, Disabling SMB V1 on multiple computers with windows PowerShell

Or, Steps for disabling SMB V1

Descriptions: Recently US-CERT has reported vulnerability with “Microsoft SMBv1”. US-CERT encourages users and administrators to review Microsoft Security Bulletin MS17-010 and apply the update. In this article, we will see how to disable SMB V1.0 from various operating systems.

Vulnerability Details: Microsoft has released a security update to address a vulnerability in implementations of Server Message Block 1.0 (SMBv1). Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.

What is SMB/SMB 1.0? SMB stands for “Server Message Block”. It is a legacy file and print sharing protocol. SMB 1.0 is a vulnerable and Microsoft has deprecated it. It has server as well as client components, so when you are thinking to disable the SMB 1.0 protocol, you should do it for both platforms (client and server).

Environment Details: You have multi-OS infrastructure and want to disable SMB 1.0 on all of them. In my case, I have following Operating Systems Windows Server 2012, Windows Server 2012 R2, Windows Server 2008, Windows Server 2008 R2, Windows 10, and Windows 7.

I have copied all the relevant computer name in a text file and want to disable SMB 1.0 on all servers/computers that are listed in this txt file.

I have segregated the PowerShell commands in two sections (Client Side SMB and Server Side SMB) with supported cmdlets. You can choose and run whichever is suitable for your environment.

Precaution: You should test and understand the commands in your test environment first and run in the production if satisfied with the result thereafter.

Steps: Disabling SMB V 1.0 on various operating systems.

Open Windows PowerShell ISE (Run as Administrator) > Prepare for the below PowerShell commands

The text version of above commands are given below:

=========================================================================

DISABLE SERVER SIDE SMB V1 PROTOCOL

=========================================================================

# Disable SMB V1 - Windows Server 2012 R2, Windows 10 and Windows 8.1

$ComputersList = Get-Content -Path "D:\temp\testservers.txt"

Invoke-Command -ComputerName $ComputersList {Remove-WindowsFeature FS-SMB1 -NoRestart}

# Disable SMB V1 - Windows 8 and Windows Server 2012

$ComputersList = Get-Content -Path "D:\temp\testservers.txt"

Invoke-Command -ComputerName $ComputersList {Set-SmbServerConfiguration -EnableSMB1Protocol $false}

# Disable SMB V1 - Windows Server 2008, Windows Server R2, Windows 7 and Windows Vista

$ComputersList = Get-Content -Path "D:\temp\testservers.txt"

Invoke-Command -ComputerName $ComputersList {Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force}

=========================================================================

DISABLE CLIENT SIDE SMB V1 PROTOCOL

=========================================================================

# Disable SMB V1 - Windows Server 2012 R2, Windows 10 and Windows 8.1

$ComputersList = Get-Content -Path "D:\temp\testservers.txt"

Invoke-Command -ComputerName $ComputersList {Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol -NoRestart}

# Disable SMB V1 - Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012

$ComputersList = Get-Content -Path "D:\temp\testservers.txt"

Invoke-Command -ComputerName $ComputersList {sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi}

Invoke-Command -ComputerName $ComputersList {sc.exe config mrxsmb10 start= disabled}

Updated: 25/03/2017

IMP Note: 
1. Please replace the computer list input path with the one you are having in your environment.
2. Please replace "Remove-WindowsFeature FS-SMB1 -NoRestart" with "Uninstall-WindowsFeature -Name 'FS-SMB1'" in case the first command failed.

IMP References: If you want to know more about SMB V 1.0 and related information, you must check below KBs.

https://www.samba.org/cifs/docs/what-is-smb.html

https://msdn.microsoft.com/en-us/library/windows/desktop/aa365236(v=vs.85).aspx

https://blogs.technet.microsoft.com/josebda/2012/06/06/windows-server-2012-which-version-of-the-smb-protocol-smb-1-0-smb-2-0-smb-2-1-or-smb-3-0-are-you-using-on-your-file-server/

https://blogs.technet.microsoft.com/josebda/2010/12/01/the-basics-of-smb-signing-covering-both-smb1-and-smb2/

https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/

Cheers, Please write me back if you have any query of feedback on this.

How to read or convert SIDs in Active Directory?

Or, Converting SID to readable Name/Object (Group or User).

Or, Converting User Name to SID or Converting Group Name to SID in Active Directory environment and Vice-versa.

Descriptions: Whenever it comes to managing Active Directory, every administrator are encountered with this situation someday to read the SIDs which are not in human readable format.

E.g. You were investigating the root cause of access rights breach and you thought to verify who all are having permission on some specific directories. You are able to read the name of some users which are appearing in human readable format but some of them are appearing in SID format. What to do???

Yes, you must convert the SID to human readable format to read it and this Article explains, how to do it.

Note: In Some cases, you might not get the result of SID to name conversion. That means, the SID can be a stale entry and the user associated with that SID is already deleted from AD.

Steps (Converting user name to SID):

Open Windows PowerShell as Administrator (run as Administrator).

Run the below command, Replace Techies_Sphere with user name you want.

$Name = “Techies_Sphere”

Now, run the command below, and you are done.

(New-Object System.Security.Principal.NTAccount($Name)).Translate([System.Security.Principal.SecurityIdentifier]).value

Now you have the SID (S-1-5-21-688589536-1868229280-2673097225-1108) details which is of User ID Techies_Sphere.

Steps (Converting SID to User Name):

Open Windows PowerShell as Administrator (run as Administrator).

Run the below command, replace ‘S-1-5-21-688589536-1868229280-2673097225-1108’ with the SID ID of yours.

$Name = “S-1-5-21-688589536-1868229280-2673097225-1108”

Now run the below command and you are done.

(New-Object System.Security.Principal.SecurityIdentifier($Name)).Translate([System.Security.Principal.NTAccount]).value

Now you have the User ID details(Techies_Sphere) which is of SID(S-1-5-21-688589536-1868229280-2673097225-1108).

Cheers, please write me back if you have any query or feedback on this...

How to add a custom field or attribute in user’s mailbox in Office365 server?

Or, Adding additional custom fields in email mailbox’s properties hosted on Office365 server.

Or, Office365 mailbox additional custom field in mailbox properties.

Or, Exporting custom attribute of all User mailboxes in Office365.

Or, Export all user’s mailbox list of Office365 server with custom attributes.

Descriptions: 

If you are an Office365 online exchange server administrator, you may have faced this query or may face in future. This situation typically arises when you have your AD domain completely separate and your email Office365 server domain is not integrated with your AD domain.

For example: Your AD domain may be yourcompanydomain.net and your Email domain of Office365 server is yourcompanydomain.com.

Scenario:

Your management team wants you to put Employee ID of every user for reference purpose as a unique identifier of AD accounts as well as for email accounts so that it can be easily tracked which user ID or email ID belongs to which users when performing reconciliation of AD or Email accounts to get them in sync (Ideally you should be having equal number of AD and Email accounts always except Service accounts and DLs).

There may be situation where you may have multiple users with same Display Name (login ID can be different), in this case it will be tough for you to identify who is the actual user you are targeting for any specific purpose. Now if you have had the employee ID written for all users somewhere in AD account’s and email account’s properties, it could have been easy to identify the actual users and map them accordingly.

Options available in AD and Office365(may be considered if suited best for your need):

AD (Active Directory): You have Description field where you can specify the Employee ID if all other relevant AD fields you are already using for some purpose.

Now when you want to export the AD users accounts with description fields and other required fields, you can read my another article “Exporting AD Users”.

Office365: You can go to mailbox properties and specify the custom attribute and values with Employee ID.

Now to export the all Email mailboxes with defined custom attributes in mailbox’s properties, you may use/run below command on Office365 PowerShell:

--------------------------------------------------------------------------------------------------------------------------

Get-Mailbox -Filter '(RecipientTypeDetails -eq "UserMailbox")' | Select RecipientTypeDetails,Name,Alias,CustomAttribute1 | Export-Csv -Path D:\CAT.csv

--------------------------------------------------------------------------------------------------------------------------

To know how to connect to Office365 PowerShell, please see my another article:

How to connect Office365 PowerShell?

You can refer below screenshot for more details in graphical view.

Now you have the CAT.CSV report with all mailboxes and custom attributes in your D:\ drive. Yes, off-course the Custom attributes will be having the employee IDs that you had already entered there in the user’s mailbox properties.

Cheers, Please write me back if you have any query or feedback..