Importing Bulk Domains List into Office365 whitelist with CSV file

Do you need to import a bulk list of domains into office365 to create a whitelist or blacklist rule?

Ok this took me a while to figure out how to get it to work.

I’m sure there are other ways to accomplish this, however this was the first way that I could get working with a CSV file.

Overview:

  1. Create a new TR rule called “Accepted Domains” (or whatever you want to call it)
  2. Import the CSV file
  3. Inject the csv list into the new TR created in 1.

Why this way?

Well I tried many ways to process the csv first and then create a new TR and inject the csv list but I was unsuccessful. I got close, but no dice :(

However if we create a new rule (or have one already i.e. “whitelist”), we can then add additional domains to it.

  1. Import the CSV

$allowed = import-csv C:\scripts\domains.csv

  1. Create a new Transport Rule (if you do not have a “whitelist” rule already)

*note* this rule will add two domains “a.com ” and “b.com
which you will need to delete afterwards

For some reason this wont work unless there is two or more domains in the whitelist already!!! Don’t ask why, it will import but as one long string….

Skip this step if you already have a whitelist rule

new-transportrule -name “Accepted Domains” -senderdomainIs a.com, b.com -setscl -1

  1. Process the CSV file

$domains=Get-TransportRule “Accepted Domains” | select -ExpandProperty senderdomainis

foreach ($a in $allowed)

{

$domains += $a.domain

$domainstoadd = $domains | select -Unique

}

  1. Import the CSV list into the Transport Rule

Set-TransportRule “Accepted Domains” -SenderDomainIs $domainstoadd

  1. Delete a.com and b.com

Note that the column in the CSV file has a heading of “domain”.

Created with Microsoft OneNote for Mac.

Office365 and Winmail.dat – use Powershell to disable TNEF Message Formatting with Remote Domains

“Do some of your users report that e-mail recipients in external domains can’t open their messages that contain a Winmail.dat attachment? If so, the recipients in the external domain are probably using an e-mail client that doesn’t support the Transport Neutral Encapsulation Format (TNEF). Microsoft Outlook is one of the few e-mail clients that support TNEF-encoded messages, although some third-party utilities can help convert Winmail.dat attachments.”

Load Up Powershell and run the following:-

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirection Import-PSSession $Session Set-RemoteDomain Default -TNEFEnabled $false

Microsoft article is here:
http://help.outlook.com/140/gg263346.aspx

#Powershell #Office365

Office365 converting user to shared mailbox account

Open Power-shell Windows Azure AD Module

Run the connection command:

$LiveCred = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri “https://ps.outlook.com/powershell/” -Credential $LiveCred -Authentication Basic -AllowRedirection

Import-PSSession $Session

Connect-MsolService -Credential $LiveCred

Set the Mailbox Type

Set-Mailbox “mailbox” -Type “type”

You can use the following values for the Type parameter:

  • Regular
  • Room
  • Equipment
  • Shared

So in our case we are making a shared mailbox so the command will be

Set-Mailbox account -Type Shared

We then need to setup the Quota limits on the shared mailbox as they are limited to 10GB

Set-Mailbox account@domain -ProhibitSendQuota 9.98GB -ProhibitSendReceiveQuota 10GB -IssueWarningQuota 9.96GB

Done!

SCCM2012 Windows 8.1 OSD with DotNet3.5

Installing dotnet3.5 on windows 8.1 ….
Wow, this was an extremely long and difficult process for me to achieve, but in the end a simple solution was the answer – DISM!

One of our corp apps requires .NetFramework 3.5 (dotnet3) and as you know, windows 8 comes pre-loaded with dotnet4.

Overview:
We are going to use System Center (SCCM2012) server to deploy a windows 8.1 image (that was built using the build and capture process) and "update" it with dotnet3.5 using DISM on the OFFLINE image (wim) file.

Note: I tried countless times to use the WDS, OSD process to install dotnet3.5, i tried using powershell, creating package files, using the "roles and features", nothing worked. now there was one process i didnt try
here -
http://www.verboon.info/2013/12/configmgr-osd-enable-net-framework-3-5-on-windows-8-1/

and
here:
http://blogs.technet.com/b/deploymentguys/archive/2012/11/13/windows-8-automating-the-installation-of-net-framework-3-5-with-mdt.aspx

which basically involved copying the SXS source files to the local c drive – to me this seems counter intuitive, I *should* be able to use the source files on a network share, but reading many blogs; the consensus was that the way to do this was to copy the sxs locally and run a script install.

Even using the MDT "install roles and Features" didnt work:
I tried setting a Task Sequence Variable "WindowsSource" and pointed to \\sccmserver\Sources\win8_sxs_dir

No dice!
:(

The Process:
In any case, this is the following method i used to make it work for me. and at the end of the day, does what i need it to do.

Here we are assuming that, you have SCCM2012 r2 in a working environment, you know how to build and capture, deploy application etc etc.

1. I copied my Windows 8 image file (incase sometime borked up) and named it with -"dotnet"; this would ten be the image file that includes dotnet.

2. now using powershell or cmd prompt we are going to perform an offline install for the "roles and features" using DISM.
on the SCCM server:

Dism /Get-ImageInfo /ImageFile:"E:\Sources\Operating Systems\Images\Windows 8.1\Win8.1u1-x64-dotnet.wim"

//mount the image to a local folder (create a new folder if it doesnt exist e.g. c:\temp\win")

Dism /Mount-Image /ImageFile:"E:\Sources\Operating Systems\Images\Windows 8.1\Win8.1u1-x64-dotnet.wim" /index:2 /MountDir:C:\temp\win

// USE DISM to install-dotnet into the image

DISM /Image:C:\temp\win /Enable-Feature /FeatureName:NetFx3 /All /LimitAccess /Source:E:\Sources\win8_sxs

// Check the installation

DISM /Image:c:\temp\win /Get-Features /Format:Table

//Commit the changes

Dism /Commit-Image /MountDir:C:\temp\win

//I ran the check again, it showed "pending" but after deploying it worked so seems to be all good.

Screen Shot 2014-07-28 at 3.19.51 pm

//now unmount the image
Dism /Unmount-Image /MountDir:C:\temp\win /commit

3. Now we have a new Image file, we need to upload this into SCCM.

and distribute content to the DP.

4. I copied my previous Task Sequence, renamed it to include "dotnet"

Make sure you update your Image locations for the "apply data image 1" and "Apply Operating System".

Also update your OS image
Make sure you have 2-2 selected (for your OS partition – *note* this may depend on your image file and build process)

5. PXE boot and test the deployment
(*note* on my initial deployment I disabled installing applications and updates in the Task Sequence, in order to speed up the deployment and test that its working as required)


6. check ".NET Framework 3.5" is enabled

= SUCCESS!
(now head down to your local and turn down a glass or three…)

7. Now after i know this works, I deployed "scheduled updates" to the image file and once completed updated the DP.

8. In the Task Sequence I re-enabled "install updates" and "install applications" deployments.
9. Test deploying the Task Sequence again and make sure everything is working for workstation deployment

802.11x Authentication with Cisco WiFi Kit + AD

This was a good tutorial on howto set 802.11x authentication with Cisco Wireless Kit + AD

impelmented this within a few hours…

Tutorial: 802.1X Authentication via WiFi – Active Directory + Network Policy Server + Cisco WLAN + Group Policy

http://jackstromberg.com/2013/05/tutorial-802-1x-authentication-via-wifi-active-directory-network-policy-server-cisco-wlan-group-policy/

 

Yammer DSync and accidentally introducing the social workplace

With the slow introduction of office365 I thought I would get my hands wet with yammer and its DSync (Directory Sync) application.

Now unfortunately the Yammer DSync tool doesn't do password sync, unlike "Azure AD" DirSync which introduced password sync some time ago. before this users would have to mange their local AD user account to login to their computer and also a separate "office365" user account to access email = not cool! thankfully that was sorted many moons ago…

On the roadmap for Microsoft office365 and yammer is eventual integration/merge of the two distinct products as well as the single user account – utilising Azure AD

Some of the pluses of Yammer DSync was that it actually worked in syncing the on-premise AD user accounts with Yammer along with the users details, position title etc.  The issue for me was that once the new user account is setup in yammer it sends out emails to the new user to sign in.

whoops… i just introduced the org to yammer and the whole world of "Social Productivity" …

Some users though it was spam (delete!), some jumped in and tested the waters and some well … just dont want another system to manage….

in IT the only constant is change, however change is difficult, and changing the way people work is … a challenge

 

I really like the simplicity of yammer, and the potential it can bring to an orginsation to increase social collaboration and new ways to work.  The future of office 365 and yammer is exciting.

 

Sophos UTM workaround to access msdn.com videos (TechEd) in Safari OSX

Not sure if this also applies to non apple devices however with TechEd 2014 video being released on Channel 9 I found I was unable to stream the video in Safari on Apple OSX.

As a workaround solution I found the following to work with success after reading some hints on the astaro.org forums

Under Web Protection > Filtering Options > Exceptions

I added the following two rules to bypass the issue on the rule:- [Work around iPad/Iphone Byterange Bug]

^http://[A-Za-z0-9.-]+\.msdn\.com/
^http://[A-Za-z0-9.-]+\.ch9\.ms/

Screen Shot 2014-05-15 at 12.09.35 pm

Announcing the Corporate “App” store – using SCCM2012 Software Centre to manage and deploy applications

After a few months of kicking the tyres (in between BAU and other projects) I've finally come to the point to deploying SCCM2012 to replace SC2010essentials for Application Deployment and Management.

A neat feature of SCCM2012 is the Software Centre – which gives end users a portal for self service of application management (of approved applications)

 

How to Announce the "app Store" to your end users – 


Apple started it … Googles done it … even Microsoft has followed!

App_StoreGoogle_Play_Logo_2855-2images-2

 

 

now its available for you!
Introducing the (corporate) APP STOREScreen Shot 2014-01-28 at 9.57.40 am
 
What is it?

The Software Center is essentially a catalog which allows users to install available corporate approved applications.

 

How to Use it?

on the start button > search for: software centre 

Click on “Software Center” application to load up the catalog

softwarecenterapp

 

then select the application and click install

softwarecenter

 
enjoy…

 

 

System Administration is like a Theatre Production


14 January 2014                 31. Perception and Visibility                      
When done correctly, system administration is like good theater: The audience sees a wonderful show and never realizes how many months of planning were required to create the show or how much backstage work was happening during the performance. The majority of the work required for any performance is invisible to the audience.

All Excerpts From

Thomas A. Limoncelli;Christina J. Hogan;Strata R. Chalup. “The Practice of System and Network Administration, Second Edition.” Addison-Wesley Professional, 2002-01-02T00:00:00+00:00. iBooks. 
This material may be protected by copyright.

 

Such a great analogy being that I work at a performing arts venue.

Sent from my iPhone

Information Technology Professional