Code Snippets

Exchange Hybrid: Postfachduplikate

Exchange Hybrid: Postfachduplikate

#Exchange Online [PS] C:Windowssystem32> Get-Mailbox test01@test.com Name Alias Database ProhibitSendQuota ExternalDirectoryObjectId —- —– ——– —————– ————————- 32b2bd38-24a0-4ed1-9c5… test01 DEUP281DG201-db215 49.5 GB (53,150,2… 32b2bd38-24a0-4ed1-9c5e-007d4542d14c #Exchange On-Premises [PS] C:Windowssystem32>Get-Mailbox -Identity test01@test.com Name Alias ServerName ProhibitSendQuota —- —– ———- —————– Schramm Annika test01 exc8201 Unlimited

Exchange Hybrid: AD User Attribut Cleanup

Exchange Hybrid: AD User Attribut Cleanup

[PS] C:Windowssystem32> Get-User test01@test.com | fl Name, Displayname, *Recipient* Name : 32b2bd38-24a0-4ed1-9c5e-007d4542d14c DisplayName : test01 PreviousRecipientTypeDetails : UserMailbox RecipientType : MailUser RecipientTypeDetails : MailUser [PS] C:Windowssystem32> Get-User test01@test.com | Set-User -PermanentlyClearPreviousMailboxInfo [PS] C:Windowssystem32> Get-MailUser test01@test.com | Set-MailUser -RemoveDisabledArchive

Exchange CVE-2022-41040 – Mitigation Service

Exchange CVE-2022-41040 – Mitigation Service

### Check if Mitigation Service has been enabled for Organization [PS] C:\Program Files\Microsoft\Exchange Server\V15\scripts>Get-OrganizationConfig | select MitigationsEnabled MitigationsEnabled —————— True ### Check if Mitigation Service has been enabled for Exchange Nodes [PS] C:\Program Files\Microsoft\Exchange Server\V15\scripts>Get-ExchangeServer | select Name, Miti* Name MitigationsEnabled MitigationsApplied MitigationsBlocked —- —————— —————— —————— EX0401 True {M1.1, PING1} ### Check already applied...

Exchange CVE-2022-41040

Exchange CVE-2022-41040

PS C:\Users\kschweiger> Invoke-WebRequest https://mail.domain.com/autodiscover/autodiscover.json?@evil.com/powershell$Email=autodiscover/autodiscover.json%3f@evil.com  Invoke-WebRequest : Der Remoteserver hat einen Fehler zurückgegeben: (403) Unzulässig. In Zeile:1 Zeichen:1 + Invoke-WebRequest https://mail.domain.com/autodiscover/autodis … + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest], WebExc eption + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

Ansible Custom Facts Playbook

Ansible Custom Facts Playbook

– name: GATHER FACTS TESTING hosts: all gather_facts: no – name: GATHER Facts Windows setup: fact_path: C:\ProgramData\A8N\CustomFacts\A8N_CustomFacts01.ps1 gather_timeout: 15 gather_subset: – ‚!hardware‘ – ‚!network‘ – ‚!ohai‘ – ‚!facter‘ register: hosts_windows

Ansible Custom Facts Powershell Script

Ansible Custom Facts Powershell Script

### Get all Windows Roles & Services $winFeatures = Get-WindowsFeature -ErrorAction SilentlyContinue ### CHECK for installed WINDOWS ROLES $Services = @() if(($winFeatures | Where-Object{$_.Name -like "AD-Domain-Services"}).InstallState -eq "Installed"){$Services += "Domain Controller"} if(($winFeatures | Where-Object{$_.Name -like "AD-Certificate"}).InstallState -eq "Installed"){$Services += "Certificate Authority"} if(($winFeatures | Where-Object{$_.Name -like "DHCP"}).InstallState -eq "Installed"){$Services += "DHCP"} if(($winFeatures | Where-Object{$_.Name -like "Print-Services"}).InstallState...

Exchange Cloud Archive – User

Exchange Cloud Archive – User

[PS] C:\Windows\system32>Get-Mailbox benutzer01 | fl *Archive* ArchiveDatabase : ArchiveGuid : f5ebf781-7dbd-468b-9640-ad63098b3fa0 ArchiveName : {Archiv – Benutzer01} JournalArchiveAddress : ArchiveQuota : 20 GB (21,474,836,480 bytes) ArchiveWarningQuota : 18 GB (19,327,352,832 bytes) ArchiveDomain : O365Organisation.mail.onmicrosoft.com ArchiveStatus : Active ArchiveState : HostedProvisioned AutoExpandingArchiveEnabled : False DisabledArchiveDatabase : DisabledArchiveGuid : 00000000-0000-0000-0000-000000000000 ArchiveRelease :

Exchange-GetMSOLServicePrincipal

Exchange-GetMSOLServicePrincipal

PS C:Userskschweiger> Get-MsolServicePrincipal -AppPrincipalId 00000002-0000-0ff1-ce00-000000000000 | select -ExpandProperty ServicePrincipalNames https://autodiscover.schweigerstechblog.de https://exchange.schweigerstechblog.de 00000002-0000-0ff1-ce00-000000000000/exchange.schweigerstechblog.de 00000002-0000-0ff1-ce00-000000000000/autodiscover.schweigerstechblog.de 00000002-0000-0ff1-ce00-000000000000/schweigerstechblog.de

Exchange-SetAuthServerOAuth

Exchange-SetAuthServerOAuth

Get-AuthServer | where {$_.Name -like "EvoSts*"} | ft name,enabled Name Enabled —- ——- EvoSts – 467a7284-2sa1-468c-a793-978ad2f9fc49 True ### Enable evoSTS and OAuth Set-AuthServer -Identity "EvoSts – 467a7284-2sa1-468c-a793-978ad2f9fc49" -IsDefaultAuthorizationEndpoint $true Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

Exchange-GetVirtualDirectoriesOAuth

Exchange-GetVirtualDirectoriesOAuth

Get-MapiVirtualDirectory | FL server,*url*,*auth* Get-WebServicesVirtualDirectory | FL server,*url*,*oauth* Get-OABVirtualDirectory | FL server,*url*,*oauth* Get-AutoDiscoverVirtualDirectory | FL server,*oauth* ### EXAMPLE: Get-MapiVirtualDirectory | fl server,*url*,*auth* Server : EX1 InternalUrl : https://exchange.schweigerstechblog.de/mapi ExternalUrl : https://exchange.schweigerstechblog.de/mapi IISAuthenticationMethods : {Ntlm, OAuth, Negotiate} InternalAuthenticationMethods : {Ntlm, OAuth, Negotiate} ExternalAuthenticationMethods : {Ntlm, OAuth, Negotiate}