Tuesday, November 11, 2014

Lync vNext - Official Info

From the link below:


In the first half of 2015, the next version of Lync will become Skype for Business with a new client experience, new server release and updates to the service in Office 365.  We believe that Skype for Business will again transform the way people communicate by giving organizations reach to hundreds of millions of Skype users outside the walls of their business.


The whole story here: http://blogs.office.com/2014/11/11/introducing-skype-business/

Friday, October 24, 2014

TreeUndelete


A long time ago I wrote a script that restored a whole tree of objects, basically it restored an OU and all objects that belonged to that OU. The first time I showed it was in a session at Microsoft TechDays in �rebro 2010. After that, it served me well over the years, even though it didn�t have error handling and other good stuff. But since I was the only one using it and knew how the script worked � it was ok J

This year I presented at a conference in �re and showed the script once again. Since people liked it, I wanted to post it somewhere but didn�t feel comfortable since it lacked a lot of features. Getting the time to fix it was hard but my colleague and friend Simon W�hlin (who has forgotten more about Powershell than I know today) did re-write it and has now published it.

If you want to see a cool script, check it out here: http://blog.simonw.se/restore-ou-tree-from-ad-recycle-bin-with-powershell/
 

Monday, October 20, 2014

AD ACL Scanner

  • A tool completly written in PowerShell.
  • A tool with GUI used to create reports of access control lists in Active Directory .

  • https://adaclscan.codeplex.com/



    Features

    It has the following features:
    • View HTML reports of ACLs and save it to disk.
    • Export ACLs on Active Directory objects in a CSV format.
    • Connect and browse you default domain, schema , configuration or a naming context defined by distinguishedname.
    • Browse naming context by clicking you way around, either by OU�s or all types of objects.
    • Report only explicitly assigned ACLs.
    • Report on OUs , OUs and Container Objects or all object types.
    • Filter ACLs for a specific access type.. Where does �Deny� permission exists?
    • Filter ACLs for a specific identity. Where does "Domain\Client Admins" have explicit access? Or use wildcards like "jdoe".
    • Filter ACLs for permission on specific object. Where are permissions set on computer objects?
    • Skip default permissions (defaultSecurityDescriptor) in report. Makes it easier to find custom permissions.
    • Report owner of object.
    • Compare previous results with the current configuration and see the differences by color scheme (Green=matching permissions, Yellow= new permissions, Red= missing permissions).
    • Report when permissions were modified
    • Can use AD replication metadata when comparing.
    • Can convert a previously created CSV file to a HTML report.
    • Effective rights, select a security principal and match it agains the permissions in AD.
    • Color coded permissions based on criticality when using effective rights scan.
    • List you domains and select one from the list.
    • Get the size of the security descriptor (bytes).
    • Rerporting on disabled inheritance .
    • Get all inherited permissions in report.

    System requirements

    • Powershell 2.0 or above
    • PowerShell using a single-threaded apartment
    Last edited Oct 12 at 9:16 PM by robing, version 13

    Thursday, October 2, 2014

    Attributes synchronized to Azure AD

    http://msdn.microsoft.com/en-us/library/azure/dn764938.aspx

    From above link:

    --snip--
    With Azure AD Sync, you can remove individual attributes from being synchronized.
    Some services might not behave as expected when certain attributes are removed. The affected attributes are listed with their Active Directory LDAP name in the Install the AADSync Service.
    There are also some attributes that might be listed with a different name in other interfaces. For example, the attribute l from Active Directory is tracked as city in Azure AD.
    --snip--

    Follow the link on top to see the full article, it is very useful.

    Wednesday, October 1, 2014

    MVP Award

    Awarded MVP for the 17th year!


    Dear Jimmy Andersson,

    Congratulations! We are pleased to present you with the 2014 Microsoft� MVP Award!


     

    Friday, September 26, 2014

    Comparison of Microsoft's sync tools to the cloud.

    Below are a comparison (copy/pasted from the source) of the different Sync tools from Microsoft. It was updated on September 5, 2014. To be absolutely updated go to http://msdn.microsoft.com/en-us/library/azure/dn798669.aspx since things will change over time.

    On-Premises to Cloud Synchronization

     
    Feature Azure Active Directory Synchronization Tool (DirSync) Azure Active Directory Synchronization Services (AAD Sync) Forefront Identity Manager 2010 R2 (FIM)
    Connect to single on-premises AD forestXXX
    Connect to multiple on-premises AD forests
    XX
    Connect to single on-premises LDAP directory (no AD at all)
    CSX
    Connect to multiple on-premises LDAP directories
    CSX
    Connect to on-premises AD and on-premises LDAP directories
    CSX
    Connect to custom systems (i.e. SQL, Oracle, MySQL, etc.).
    CSX
    Synchronize customer defined attributes (directory extensions)CSCS

    Cloud to On-Premises Synchronization

    Feature Azure Active Directory Synchronization Tool (DirSync) Azure Active Directory Synchronization Services (AAD Sync) Forefront Identity Manager 2010 R2 (FIM)
    Write-back of devicesXCS
    Attribute write back (for Exchange hybrid deployment )XXX
    Write-back of users, groups objectsCSCS
    Write-back of passwords (from SSPR and password change)CSCS
    Write-back of customer defined attributes (directory extensions)CSCS

    Authentication Feature Support

    Feature Azure Active Directory Synchronization Tool (DirSync) Azure Active Directory Synchronization Services (AAD Sync) Forefront Identity Manager 2010 R2 (FIM)
    Password Hash Sync for single on-premises AD forestXCS
    Password Hash Sync for multiple on-premises AD forests
    CS
    Federation (SSO)XXX

    Set-up and Installation

    Feature Azure Active Directory Synchronization Tool (DirSync) Azure Active Directory Synchronization Services (AAD Sync) Forefront Identity Manager 2010 R2 (FIM)
    Supports installation on a Domain ControllerXX
    Supports installation using SQL ExpressXX
    Step-up from DirSync to AADSync


    Localization Windows Server languages)XCS
    Support for Windows Server 2008 and Windows Server 2008 R2XXX
    Support for Windows Server 2012 and Windows Server 2012 R2XX

    Filtering and Configuration

    Feature Azure Active Directory Synchronization Tool (DirSync) Azure Active Directory Synchronization Services (AAD Sync) Forefront Identity Manager 2010 R2 (FIM)
    Filter on Domains and Organizational UnitsXXX
    Filter on attribute values on objectsXXX
    Allow minimal set of attributes to be synchronized "MinSync"
    X
    Allow different service templates to be applied for attribute flows
    X
    Allow removing attributes from flowing from AD to AAD
    X
    Allow advanced customization for attribute flows
    XX

    Thursday, August 21, 2014

    Powershell -DomainMode and -ForestMode

    When you use PowerShell to install a new forest. The values for -DomainMode and -ForestMode are the following:

         -- Windows Server 2003: 2 or Win2003
         -- Windows Server 2008: 3 or Win2008
         -- Windows Server 2008 R2: 4 or Win2008R2
         -- Windows Server 2012: 5 or Win2012
         -- Windows Server 2012 R2: 6 or Win2012R2

    You can use the numeric value or you can write it in text as shown above.

    Friday, August 8, 2014

    Azure IaaS Cost Estimator Tool


    Until now, when evaluating datacenter compute resources and estimating costs in the cloud has been a challenge. Typically we�re looking at a physical or virtual machine configuration such as CPU size, memory, disk space and so on. However, there are other resources that are more difficult to estimate such as bandwidth usage, storage transactions, and estimated future capacity.

    Imagine having 50, 100, or more servers. Performing estimates for 100�s of servers would not only be time consuming, it would be difficult because we�re only looking at a snapshot in time. We know over the course of a day or week a server�s consumption model of resources will change. We may end up missing critical information that could end up in underestimating the cost of a VM or service in the cloud. Underestimating resources could lead to unexpected charges. Not an ideal situation when we�re looking to either reduce costs or migrate resources to the cloud.


    You will find the tool and more information here: http://blogs.technet.com/b/cbernier/archive/2014/08/05/microsoft-azure-iaas-cost-estimator-tool.aspx

    Tuesday, August 5, 2014

    Azure AD Connect

    Microsoft created the Azure AD Connect to help you easily connect your on-premises Windows Server Active Directory to your tenant in Azure Active Directory with only 4 clicks!

    To learn more visit our documentation at http://technet.microsoft.com/en-us/library/dn776280.aspx and the Active Directory Team Blog at http://blogs.technet.com/b/ad/archive/2014/08/04/connecting-ad-and-azure-ad-only-4-clicks-with-azure-ad-connect.aspx.

    Thursday, June 26, 2014

    Difference between changing a password and reset a password

    In all my years working with security there is a common misunderstanding about change a password and reset a password. The latter is also one of the big security issues in most companies - but they don't realize it...

    Sanjay Tandon (Founder and CEO of Paramount Defenses Inc. And former MS blue badge) has written a great article about it. If you are working with AD and security, you should read this article, and the other ones he has published as well...

    You find it here: http://www.active-directory-security.com/2014/06/Active-Directory-Account-Password-Security-101-For-Regulatory-Compliance-Auditors-The-Difference-Between-Change-Password-and-Reset-Password.html

    Tuesday, June 24, 2014

    Azure AD Premium - 90 day trial!!

    http://blogs.technet.com/b/ad/archive/2014/06/24/news-free-90-day-trials-of-azure-active-directory-premium-now-with-2035-saas-app.aspx

    From the above site:

    Just a quick note today.  I'm happy to let you know that we've just turned on free trials of Azure Active Directory Premium. Now you can get a free 90 day trial of Azure AD Premium for up to 100 users.
    ....
    And I've got one other bit of cool news to share.  As of last weekend, Azure AD is now pre-integrated with 2035 SAAS Applications.  The team has been kicking it over the past several month, adding on average 120 new apps a week!


    Start to learn!

    Wednesday, June 18, 2014

    Saturday, May 3, 2014

    If you use Visio and PowerPoint and need Azure Symbols/Icon Set

    Hi,

    I use Visio and PowerPoint on a regular basis, there is a package with icons and symbols available on the MS Download site that contains Azure related Technologies that you can use.

    You'll find it here: http://www.microsoft.com/en-us/download/confirmation.aspx?id=41937



    Wednesday, April 9, 2014

    Latest Win 8.1 Update - the information you need

    I've been searching about details about the latest Win 8.1 update. And the best reference I've found is here:

     http://blogs.technet.com/b/askpfeplat/archive/2014/04/07/exploring-windows-8-1-update-start-screen-desktop-and-other-enhancements.aspx

    It is great information and a "one-stop-shop" since it has links to further information.

    Tuesday, March 11, 2014

    Software-Defined Networking with Windows Server and System Center Jump Start

    Is your infrastructure outgrowing your current networking strategy? Want to simplify the process for managing your datacenter? Software-defined networking (SDN) can streamline datacenter implementation through self-service provisioning, take the complexity out of network management, and help increase security with fully isolated environments. Intrigued? Bring specific questions, and get answers from the team who built this popular solution!

    More information: http://www.microsoftvirtualacademy.com/liveevents/software-defined-networking-with-windows-server-and-system-center-jump-start#?fbid=pIqPeldRtsY

    Wednesday, March 5, 2014

    Windows Azure now allows to set fixed IP-addresses for virtual machines



    Untill recently IP-addresses of Azure virtual machines were not static/fixed. A VM which had been shutdown (for example to reduce costs, think test/dev scenario�s) could receive a different IP-address at boot than orginally assigned at creation. This leads to all kinds of issues. A new Powershell for Azure version solves this issue.


    Read more here:

    http://up2v.nl/2014/03/05/windows-azure-now-allows-to-set-fixed-ip-addresses-for-virtual-machines/

    Twenty-five years chasing the dream of enterprise social networking.

    A very interesting read, made me think...

    http://thoughtsofanidlemind.com/2014/03/04/twenty-five-years-chasing-the-dream-of-enterprise-social-networking/

    Tuesday, February 25, 2014

    Tuesday, February 18, 2014

    Making Pre-school Playdates in Sweden (or just in my weird neighborhood)

    I have to admit I�ve never had a pre-school age kid in the US, so most of what I understand of the culture over there I have learned second-hand from friends and family. But my current experience with a now 4-year-old Little Swede means learning to make playdates in Sweden, and man it is a jungle out there!

    Things were tricky from the get go. I can�t say it is the Swedish parents of the kids at Little Swede�s pre-school, because most of the kids there are �mutts� like mine (half Swede, half something else), but the parents at this pre-school just don�t talk to each other. Now I am shy, and appreciate the Swedish attitude of �don�t feel obliged to talk to anyone as it�s not necessary and often uncomfortable� most of the time because I am naturally shy and totally an INFJ on the Myers Briggs scale (which might explain why I like it here so damn much). But even I think saying �hi� to people who you have something in common with like �hey our kids go to the same school� is a nice touch and not a social burden.

    But fine. The parents maybe mutter out a little hello, if forced. Some insist on staring at the ground and pretending that they just didn�t hear you. And thus I was pretty terrified of how we would breech the whole �Hey my kid wants to play with your kid, can we make a play date?� subject. I mean Little Swede plays with the neighbors, but he LOVES his classmates and asks about them CON-STANT-LY (as 4 year olds are incredibly gifted at doing).

    So I agonized over ways to approach some of these �stare at the ground, whatever you do don�t make eye contact� kind of parents. Put a letter in the cubbyhole with our contact information? Try to catch them in person at drop-off/pick-up? Arrange a telephone contact list by pinning a note on the back of the door? Which would be the least antagonistic way to make sure Little Swede could hang out with some friends?

    Thankfully before I had to make a decision I received a text message. Apparently that is how you make play dates in Sweden. One of the �stare at the ground� parents was too busy to say hello, but sent a text message implying that her 4 year old was badgering her equally about the need for a playdate, and might we possibly want to come over one day.

    Apparently, the tactic she pursued was tracking us down on Gula Sidorna and then sending us a text message. Good to know for the future (although I am willing to shake things up a bit).


    I really hope my pre-school is just a bit quirky in this department! How did your kids get Swedish playdates?

    Tuesday, February 11, 2014

    Multi-Factor Authentication for Office 365

    MS is adding Multi-Factor Authentication for Office 365 to Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This will allow organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.

    Read more:
    http://blogs.office.com/2014/02/10/multi-factor-authentication-for-office-365/

    HP to begin charging for firmware updates and service packs for servers

    HP server customers are about to get an unwelcome surprise when they need to update firmware or apply a service pack. Effective later this month, those downloads, which often fix critical bugs, will require either a current warranty or an extended support agreement.

    http://www.techinvestornews.com/HP/HP-Enterprise/hp-to-begin-charging-for-firmware-updates-and-service-packs-for-servers#.UvsaodKx654.facebook

    HP tar betalt f�r firmware-uppdateringar

    L�s mer h�r:

    http://www.idg.se/2.1085/1.546432

    Chicken pox, vaccines and getting sick in Sweden

    This winter has meant the chicken pox for our little Swedamerican family, and let me tell you, it has been an adventure.

    In the US, the chicken pox vaccine is on the list of required vaccines to start school. In Sweden, it is not. (Thanks, Reinfeldt!)

    My own thoughts about the chicken pox previously have been thus: It�s not a big deal. I had it. My brother had it. We all lived to tell about it. There are worse things in life � even if I had a pretty terrible case of it as a teenager.

    We decided not to push for our kids to get the vaccine, unless they didn�t get the pox by the time they hit double digits.

    The Swede, on the other hand, got the vaccine, as no one could remember if he had gotten the pox when he was a kid. We just had to pay out of pocket to get it done, it was not hard.

    Anyways, Little Swede came down with the pox on New Years Eve. Sadly, we did not notice until New Year�s Day. Perhaps this makes us negligent. Let�s just say I noticed two pox right before he went to bed, had a quick flash of �I hope that is not�.� and then the next day he was covered.

    Poor thing.

    But having now gotten thru one 4 year old and one 1 year old with chicken pox in the course of a month, let me just say that I think the chicken pox vaccine is awesome. If I had to do it again I would be banging down the door of my BVC to get that shot faster.

    Yes, maybe young kids do have it easier, but it was still really bloody awful. Little Swede was up watching Go Diego Go marathons at 4 am because it was the only thing that kept him from crying. I walked baby Swede around the house in the carrier for hours on end, all night long, because it was the only way he would sleep.

    Also, since very few American kids still get the chicken pox, there is very little Internet crap about what actually happens when you do get the chicken pox. There is, for example, this moment on day 2-3 when you think �Oh, this is not going to be so bad� before all hell breaks loose. And then there aren�t like 576 photographs of what it looks like when it is done --- �wait until they scab over� they say, but it took quite a long time for them ALL to scab over, like 10 days.


    At the end of the whole thing, Little Swede seems to have made it thru with only one scar on his face, and baby Swede seems to have made it thru in one piece. The Swede and I seem to have made it thru a week without more than an hour sleep in a row. And we are all, yes, maybe the stronger for it. But, a vaccine against all of that would have been nice, too.

    Friday, February 7, 2014

    Sweden 2014

    It�s 2014 and I�m trying to get back on my feet, back to this blog, get my shit back together � all kinds of getting back.

    Right now I have big plans for this little abandoned blog.

    I am still surviving in Sweden, sometimes barely.

    I am still grateful for your emails � even if they are just to correct my sad excuse for spelling and grammar. Of which I do appreciate, and I do intend to correct, when I have a few free minutes. Which I seriously, seriously hope will be sometime soon.

    Because the last few months have been crazy. All kinds of crazy. Good crazy, bad crazy and just plain insane in the membrane.

    And yet here we are in February. Another round of Melodifestival. A sad excuse for Valentine�s Day. My favorite shopping week of the year, Book Rea (a countrywide book sale). Rain, drizzle and grey day �is spring EVER going to get here� February.


    Hope to see you around these parts. I have a lot of blog entries in my head. Hope to type them soon.