https://evotec.xyz/de/categories/azure-ad/index.atom.xml2024-10-02T12:17:34.0000000ZEvotec Main Websitehttps://evotec.xyz/de/blog/upgrade-azure-active-directory-connect-fails-with-unexpected-error2024-10-02T12:17:34.0000000Z

Today, I made the decision to upgrade my test environment and update the version of Azure AD Connect to the latest one. The process is usually simple: download a new MSI, run it, click next a few times, enter the credentials for your Global Admin, and you’re finished. However, this time, I encountered an error.

https://evotec.xyz/de/blog/active-directory-health-check-using-microsoft-entra-connect-health-service2023-10-08T14:36:57.0000000Z

Active Directory (AD) is crucial in managing identities and resources within an organization. Ensuring its health is pivotal for the seamless operation of various services. Today, I decided to look at Microsoft Entra Connect Health (Azure AD Connect Health) service, which allows monitoring Azure AD Connect, ADFS, and Active Directory. This means that under a single umbrella, you can have an overview of three services health. But is it worth it?

https://evotec.xyz/de/blog/report-active-directory-accounts-that-are-synchronized-with-azure-ad2023-08-07T13:21:18.0000000Z

I was scrolling X (aka Twitter) today and saw this blog post, “PowerShell: Report On-Premises Active Directory Accounts that are Synchronized with Azure AD Connect” by Kevin Trent. I like reading blog posts as I tend to learn some new things and see how people tend to solve their problems.

https://evotec.xyz/de/blog/upload-and-download-files-from-azure-blob-storage-using-connection-string2023-01-18T19:13:24.0000000Z

They say there is a first time for everything. For me, it’s how to download and upload files to Azure Blog Storage using Connection String. Recently I was given Connection String, Container name and had to download some files from Azur Blog Storage. After some research and trying Connect-AzAccount, I found that the proper way to go is thru New-AzStorageContext.

https://evotec.xyz/de/blog/mentioning-users-in-notifications-using-psteams-powershell-module2022-01-16T19:08:52.0000000Z

Microsoft Teams over the last few years have grown into an excellent and flexible tool for both small and big companies. Having the ability to chat with users, store files or have all sorts of data in one place makes it easy and functional. Of course, it has its fair share of issues, but it’s getting better. One of the cool features of Microsoft Teams is being able to send notifications to Microsoft Teams Channels using WebHook Notifications. In the beginning, this feature was pretty limited, but after a few years, it got much better with support for Adaptive Cards, List Cards, Hero Cards, Thumbnail Cards, and Office 365 Connector Card.

https://evotec.xyz/de/blog/configuring-office-365-settings-using-powershell-the-non-supported-way2021-09-26T15:12:35.0000000Z

Office 365 is a huge beast. It has so many services that it’s hard to track all of them. It’s even harder if you want to manage Office 365 using PowerShell. Microsoft makes many different PowerShell modules available for you, such as AzureAD, AzureADPreview, ExchangeOnline, MicrosoftTeams, and recently, Microsoft.Graph. But even with so many different modules, there are still tasks that Microsoft won’t let you do from PowerShell. But it doesn’t mean that it’s not possible to do it. I’ve spent some time tracking how Microsoft does things while you click thru the interface and created an O365Essentials PowerShell module that can do it in an automated way.

https://evotec.xyz/de/blog/mailozaurr-new-mail-toolkit-smtp-imap-pop3-with-support-for-oauth-2-0-and-graphapi-for-powershell2020-08-04T10:31:02.0000000Z

Today, I’m introducing a new PowerShell module called Mailozaurr. It’s a module that aims to deliver functionality around Email for multiple use cases. I’ve started it since native SMTP cmdlet Send-MailMessage is obsolete, and I thought it would be good to write a replacement that adds more features over it as things around us are changing rapidly.

https://evotec.xyz/de/blog/azure-ad-removing-inactive-azure-ad-pass-through-agent2020-04-25T18:28:30.0000000Z

Recently I was switching Office 365 tenant from ADFS to Azure AD Pass-through authentication (PTA). It all went smoothly with one exception. After removing one of the Azure AD Connect servers and all applications from its Azure AD Connect interface still is showing said agent, just inactive.

https://evotec.xyz/de/blog/office-365-limiting-license-to-minimum-apps-required2020-04-07T17:30:02.0000000Z

Office 365 has a lot of options and applications to choose from. Enabling one E1, E3, or any other license gives the user a lot of features, including Exchange, SharePoint, and Teams. But what if you want to make sure that the user can access only Microsoft Teams? By default, you can do it manually during the assignment of the license. Simply choose only Apps you want to assign to a user.

https://evotec.xyz/de/blog/office-365-msexchhidefromaddresslists-does-not-synchronize-with-office-3652020-03-24T19:56:57.0000000Z

In my life I’ve deployed multiple Office 365 tenants connected with Active Directory and I’ve been synchronizing msExchHideFromAddressLists field from…

https://evotec.xyz/de/blog/azuread-enable-password-expiration-with-password-hash-synchronization2020-02-24T19:53:50.0000000Z

Azure AD Connect allows three ways to make sure the user password is the same in Active Directory and Office 365. Those are Password Hash Sync, Pass-Thru Authentication, and ADFS. While my preferred option to go with would be Pass-Thru Authentication, only Password Hash Synchronization is the easiest and least resource-intensive. It synchronizes user password to Office 365, and even if your Active Directory is down, you can still log in to Office 365. It’s perfect for small and even more significant companies that don’t have resources or can’t guarantee that their infrastructure will stay 100% time online so users can authenticate based on their Active Directory.

https://evotec.xyz/de/blog/how-to-find-different-server-types-in-active-directory-with-powershell2019-02-06T18:25:30.0000000Z

Working as a freelancer is a great thing if you can handle it. Each day, each week something new happens and a new problem shows up on my doorstep. It also means it’s almost never boring at your job and you get to play with new stuff. But there’s one drawback to this. You’re often thrown at the problem, told to fix it but often that’s about as much information as you get. It wasn’t very different today. I was told to switch Office 365 from ADFS to Password Synchronization. While reasons for this are not really important, the important question here is what is the name of AD Connect server that’s responsible for this configuration?

https://evotec.xyz/de/blog/azure-ad-connect-completed-export-errors-permission-issue2018-11-29T11:15:53.0000000Z

During synchronization of Active Directory with Office 365 via Azure AD Connect I was greeted with a list of accounts that have permission-issue. Error message by itself gives you a slight hint, but it doesn’t tell you exactly where to look.

https://evotec.xyz/de/blog/azure-ad-connect-synchronizing-mail-field-with-userprincipalname-in-azure2018-11-09T21:45:47.0000000Z

Azure AD Connect is an application responsible for synchronizing Active Directory with Azure AD allowing for a natural population of users, groups, and devices in Office 365. While for most companies standard setup is very easy and most of the time touch-free, there are companies which require greater customization. During installation of AD Connector, you choose what should be used for Azure AD Username from your AD. UserPrincipalName field is an obvious choice for this and also proposed by default for that purpose. This field is utilized further by your users to log in to your Exchange, SharePoint, Teams and so on.

https://evotec.xyz/de/blog/office-365-the-following-error-occurred-during-validation-in-agent-archive-parameterset-enforcement-agent2018-09-26T20:10:12.0000000Z

I just created 80 Azure AD users via PowerShell that I wanted to activate for email. Normally you can use Enable-Mailbox when…

https://evotec.xyz/de/blog/pswindocumentation-export-to-word-excel-sql-of-ad-aws-exchange-o365-exchange-o365-azure-ad2018-09-23T20:39:26.0000000Z

Today I’m pushing forward with PSWinDocumentation project. I’ve fixed some bugs but I also added a couple of new features. I did lie a bit in the first sentence because this time it’s not all me. I got help from Mateusz Niemczyk who is a certified AWS engineer working for Euvic with me on some projects. If you’ve not yet guessed where I got him involved from the introduction – yes we’re adding basic AWS data support to PSWinDocumentation. But that’s not all…

https://evotec.xyz/de/blog/collectguestlogs-exe-high-disk-usage-on-azure-vm2018-06-26T19:47:57.0000000Z

CollectGuestLogs.exe is one of Microsoft Tools that is installed with VM’s stored on Azure. While I’m sure it has many…

https://evotec.xyz/de/blog/office-365-onmicrosoft-com-address-missing-user-synchronized-active-directory2018-01-17T22:31:02.0000000Z

Onmicrosoft.com address is standard email address used by Office 365. While usually Clients tend to use their own domains onmicrosoft.com…

https://evotec.xyz/de/blog/azure-adconnect-export-failed-permission-issue-error2017-10-08T19:23:20.0000000Z

During our recent setup of Azure ADConnect for one of our Clients we’ve been getting permission-issue – Insufficient access rights…