Powershell Migration Series | Setting bulk forwarding using powershell

Powershell Migration Series

Setting bulk forwarding using powershell

Whilst doing my migration, i want to set up the mailbox so that i can forward any new massages to O365 from the local exchange, after i have done the bulk of mail migration. In order to do this, we utilise the .onmicrosoft.com address space that O365 can provide each email user.

The plan is simple, forward mail from local exchange @contoso.com to O365 @contoso.onmicrosoft.com

Once you have created the contacts, the next step is Setting bulk forwarding using powershell

1) Create another CSV, this time in the following format,

DisplayName,MailAddress

DisplayName = the username in exchange, e.g. “Joe Bloggs”
Mail Address = Forwarding address @contoso.onmicrosoft.com address

Save it as “ForwardingAddresses.csv”

2) Run the following which creates the bulk forwarding using powershell

Import-Csv c:\scripts\ForwardingAddresses.csv | Foreach-Object{Get-Mailbox $_.DisplayName | Set-Mailbox -ForwardingAddress $_.MailAddress}

Now for me, i needed it to deliver to both the exchange mailbox and to forward to the O365 mailbox, if you need it to deliver to the mailbox AND forward, add the below switch to the end of the above before the last curley bracket }

-DeliverToMailboxAndForward $true

Final script i ran:

Import-Csv c:\ws\ForwardingAddresses.csv | Foreach-Object{Get-Mailbox $_.DisplayName | Set-Mailbox -ForwardingAddress $_.MailAddress -DeliverToMailboxAndForward $true}

Setting bulk forwarding using powershell

Powershell Migration Series | Creating bulk contacts with powershell

Powershell Migration Series

Creating bulk contacts with powershell

Whilst doing my migration, i want to set up the mailbox so that i can foward any new massages to O365 from the local exchange, after i have done the bulk of mail migration. In order to do this, we utilise the .onmicrosoft.com address space that O365 can provide each email user.

The plan is simple, forward mail from local exchange @contoso.com to O365 @contoso.onmicrosoft.com

To do so, on the local exchange there is two steps,

1) create CSV with the following format and your contact data:

Firstname,LastName,ExternalEmailAddress

Save as external_users.csv

2) Run the following which creates the bulk contacts with powershell

Import-Csv “C:\scripts\external_users.csv” | ForEach {New-MailContact -Name $_.Name -Firstname $_.FirstName -LastName $_.LastName -ExternalEmailAddress $_.ExternalEmailAddress -OrganizationalUnit “DOMAIN.local/MyBusiness/Users/SBSUsers/Contacts”}

replace: “DOMAIN.local/MyBusiness/Users/SBSUsers/Contacts” with the OU you wish the contacts to be created in.

Creating bulk contacts with powershell

You then need to set up the forwarding within exchange, now you have already done the contacts using powershell, why not set forwarding with powershell also?

Printer fix script – Quickly clear print queues and restart print spooler

printer fix script

Printers are the bain of any helpdesk engineer, or actually any one in IT in general!

Here is a quick printer fix script to help:

Whilst basic, (restart spooler and clear all print queues) it does in our office, at least, clear 99% of printer issues.

Copy and paste the below to a batch file (file extension .bat) and click away:

::Printer Fix Script @cannotdisplay.com
net stop spooler
pause
del /S /F “C:\Windows\System32\spool\PRINTERS\*”
del /S /F “C:\Windows\System32\spool\SERVERS\*”
net start spooler
pause
::end

It will prompt you several times to make sure you wish to delete queues and then pause at the end to show you how it went,
Any alterations or suggestions comment below!

BGP vulnerable? – is the web as we know it at risk?

The BGP (protocol) has been on my mind the last few weeks.

It boggles my mind how fragile the web is that we all operate on, more specifically that we rely on BGP TCP/IP to maintain connections between two or more autonomous system routers.
BGP is simply put, is the Internet’s greatest weakness.

OK, so what is BGP?

According to he RFC (last pub 2006)

The primary function of a BGP speaking system is to exchange network
reachability information with other BGP systems.

GP-4 provides a set of mechanisms for supporting Classless Inter-
Domain Routing (CIDR) [RFC1518, RFC1519]. These mechanisms include
support for advertising a set of destinations as an IP prefix and
eliminating the concept of network “class” within BGP. BGP-4 also
introduces mechanisms that allow aggregation of routes, including
aggregation of AS paths.

Attacking it?

Acording to Sean Convery (cisco) from his blackhat talk in 2003 below is how you shoudld go about it (kindof, we will go into more detail later):
Reset a single BGP session to control a block of IP’s and corrupt other BGP routers. The easiest way to do this would be to gain lawful access to a BGP backbone, e.g. become an engineer for a site, or befriend someone who has access.
BGP Vulnerable

OK, so?

Well from all my readings and research, it seems like this is where the bottom foundational layer of trust the WHOLE internet lies. Without the BGP, there is no CIDR, without CIDR there is no IP’s, without IP’s there is no DNS, without DNS there is no websites, without websites many services simply die and cue end of the world scenarios.

Why was this on my mind? Well i’ve been curious about it before, but recently i have been thinking about the unseen weaknesses in CryptoCurrencies. If the internet breaks, or a government decides to hard fork/cut access and limit it, then crypto as we know it is valueless. It simply looses ALL value.
Crypto other than a few projects all works from HTTP, ip, tor, IPFS etc.. which relies on IP addressing. When the very foundation of these protocols is in question, then the whole behemoth is in danger. BGP simply is the biggest threat to modern crypto economies.

tl;dr: An old protocol (BGP) run by potentially vulnerable companies, could break the internet by issuing bad or malicious commands.

Further reading:
BGP RFC
on wired
Cisco press
techopedia
Network computing.com

Install multiple programs with Chocolatey

Ever had the need to install multiple programs on a new or existing PC?

We have all been there; a brand new PC out the box, a relative who needs some software installed, a re-install of windows on your own PC.
So how do we go about collating all our software, is there a nice quick way to re-install everything and get us up to date quickly. Well today we are going to go over the basics of how to install multiple programs using Chocolatey.

What is Chocolatey?

From its own site:

Chocolatey is a package manager for Windows (like apt-get or yum but for Windows). It was designed to be a decentralized framework for quickly installing applications and tools that you need.

How can I install chocolatey?

Very easily. Chocolatey is built for windows and use through Powershell, so as long as you have been updating windows, you should be able to install it seamlessly.
Either head over to the chocolatey install page, or use my favorite method of install – using Powershell itself:

iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))

install multiple programs with chocolatey

How to create a multiple install script:

Simply now open powershell and with your new chocolatey powers run the choco install script as follows:
choco install notepadplusplus googlechrome atom 7zip

You can find the full list of programs supported from either running a choco search in powershell, or by visiting the package repository here: https://chocolatey.org/packages

Hope this is of some help. If you are not wanting to install multiple programs, don’t want to mess with powershell as mentioned in previous posts, perhaps Ninite will be better suited for you.

What is Ransomware & how do i stop it?

Ransomware is upon us, but what is this thing, and how can i protect myself or my business from it?

So the definition and description according to Wikipedia is the below:

Ransomware is a type of malicious software that blocks access to the victim’s data or threatens to publish or delete it until a ransom is paid. Any action is possible once device or system is infected and there is no guarantee that paying the ransom will return access or not delete the data.

So how to i prevent and stop Ransomware?

Patch,
Secure,
Backup

>Patch

Patching it often the most overlooked defense in anyone’s arsenal. Patching is as simple as making sure that your windows updates are current and installed, and also checking over other software that you use on a regular basis for updates. Things to keep a keen eye out for, and PDF viewer (Adobe Acrobat, Foxit, Reader DC), Adobe Flash, M$ Office, Web browsers.

>Secure

Securing your PC from Ransomware is as easy as installing a known, tried and trusted AntiVirus software.
Other steps to look into include, adding a firewall to your network, or tighten your current routers firewall settings. Adding Malware protection, using a VPN, locking down user permissions, and a whole lot more.

>Backup

The key to recovering from an infection is a good backup strategy. Backing up is the single most useful thing you can do to prevent falling victim to a ransomware attack. With a good offline backup – or at least a backup to another PC, cloud or server location – the whole process of being infected is alot less of an issue.

There you have it, a very short and simple overview of ransomware in 2017 – if you want to know more on any of the three above steps, feel free to get in contact, or leave me a comment below.

Purge deleted users from Office 365 (O365)

On occasion you may have to force a deletion of a user, or perhaps a user has been deleted but you need to assign that old email address to someone else.

This is when you need to purge deleted users from Office365.

To do so you need to open up powershell and connect to your office 365 tennancy – you can use connect-msolservice to do so,

Next check which deleted users are currently in the recycle bin:

Get-MsolUser -ReturnDeletedUsers

If there is only one, or you wish to remove all users that have been listed:

-ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force

If you only want to delete and purge a single user from the Recycle bin – you can use the below:

-ReturnDeletedUsers |Remove-MsolUser -UserPrincipalName “[user’s email address]” -RemoveFromRecycleBin -Force

Sorted, you can now re-use the smtp address or recreate the user. for other ways to Purge deleted users see future posts.

Change a computer name remotely – [SOLVED] Using CMD and psexec

There are multiple reasons you may wish to change a computer name remotely – here is one method:

I’m going to be using psexec to do this, if you don’t have it already, this great wee remote command tool is provided free from the SysInternalsSuite – or can be obtained on its own here.

Open a command prompt from whichever folder psexec.exe is in.

The command we are going to be using to change the computer name is the below wmic command:

WMIC computersystem where caption='currentname' rename newname

Put together with psexec it will looks something like this:

psexec \\PC_NAME_OR_IP -u "USERNAME HERE" -p "PASSWORD" WMIC computersystem where caption='CURRENT_NAME' rename NEW_NAME

Exchange usernames and pc names as appropriate.

There is a couple of great sites with all the psexec switches, ss64 is my favorite.
Now you can change a computer name remotely

Acronis error 1603 [SOLVED]

So I have been installing alot of Acronis Agents recently, and three times i have come across Acronis error 1603.

Whilst there is lots of different info out there to try to resolve this issue, i have found one that has worked every time in multiple different environments. Lets get straight to it:

To solve Acronis error 1603:

Simply run the cleanup tool. It can be found here:

http://dl.acronis.com/u/support/abr_cleanup_h.exe

And run it from administrative CMD using the following command:
abr_cleanup_h.exe --clean

Hope it helps, if it does, let me know!

Change the username in O365 when syncing with onsite active directory

When creating a new user in Office365 with a hybrid or active directory syn’d setup it is quite common for Office365 to append the .onmicrosoft.com domain to any new address you set up.

This unfortunately cannot be changed by means of GUI, you need to change the username in O365 using powershell.

To change the username in Office 365: 

1. Make sure you have the WAAD module
2. Run PowerShell
3. Type “Connect-MsolService” –> ENTER. Enter your admin credentials for Office 365 –> OK
4. Use the below command to update the primary email address used to log in exchanging parts in bold;

"Set-MsolUserPrincipalName -UserPrincipalName current_email@****.onmicrosoft.com –NewUserPrincipalName new_email@domain"  

Nice and easy 🙂