Exchange – Add nested group recipients to parent resources

Nested Groups

Do you have nested groups within Exchange resources such as distribution groups, shared mailboxes, rooms or equipment?

If you have, you have come to the right place. I have created a script that extracts all nested group members of a resource, and add it directly to the resource instead.

The script works in both on-premise and Exchange Online.

Before you can run the script, you need to have access to the following:

  • Access to on-premise and/or Office 365 environment as a administrator.
  • Have the AzureAD and Active Directory PowerShell module installed.

Read More

SCCM – Cloud Management Gateway and Cloud Distribution Point

The cloud management gateway (CMG) provides a simple way to manage Configuration Manager clients on the internet. By deploying the CMG as a cloud service in Microsoft Azure, you can manage traditional clients that roam on the internet without additional infrastructure. You also don’t need to expose your on-premises infrastructure to the internet.

A cloud-based distribution point is a System Center Configuration Manager distribution point that is hosted in Microsoft Azure. The following information is intended to help you learn about configurations and limitations for using a cloud-based distribution point.

In this step-by-step guide, I will demonstrate how to configure and establish a Cloud Management Gateway (CMG) and Cloud Distribution Point (CDP) in SCCM and Azure.

In order to walk you through the entire process of setting up the Cloud Management Gateway and Cloud Distribution Point features, I am going to break this down into 6 parts.

  1. Overview
  2. Certificates
  3. Azure Service
  4. Cloud Management Gateway
  5. Cloud Distribution Point
  6. Log Files

Read More

PowerShell – Intune Local Administrator Password Solution (iLAPS)

iLAPS

If you have devices that is connected to an on-premise, you would certainly configure the Local Administrator Password Solution (LAPS), which allows unique password for each local administrator across the enterprise network.

Unfortunately this method only works when you have on-premise devices, but what about Azure AD Joined machines? – A short answer is “no”.

LAPS takes advantage of 2 attributes in the local Active Directory, these attributes are not available in Azure AD.

Therefor I have created a small application that mimic the same behavior for Azure AD devices, which I call “iLAPS” for Intune Local Administrator Password Solution.

Read More

Intune – The sync could not be initiated (0x82ac019e)

0x82ac019e

Recently I had a few users that couldn’t initiate a sync on their Windows device to Microsoft Intune.

The error was “The sync could not be initiated (0x82ac019e)“, luckily the solution is easy.

Read More

Azure AD – Access to BitLocker Recovery Keys

Azure Active Directory

Wonder how to give access to see bitlocker recovery keys in Azure AD? – Look no further!

I’m have been searching for a while after how to grant access to the Azure AD (AAD) BitLocker recovery keys by the “least privilege principle” (PoLP).

You need to have global administrator in order to follow this tutorial, if you are ready, let’s go!

Read More