Friday, June 19, 2026

Block a spammer in your 365 Tenant

 You block a spammer in Defender in a 365 Tenant (as of June 2026, until MS changes their minds and moves it somewhere else)

In defender (security.microsoft.com)

-> Email & collaboration

-> Policies & Rules

->  Threat Policies

-> Tenant Allow/Block Lists

Click on "ADD"

    -> Select Block

In the "Add domains & Addresses" box put in the email address you want to block

Set the duration of the block

Click on "ADD"






Posted by at No comments:

Monday, June 15, 2026

User gets a new phone and needs to re-authenticate their Microsoft MFA

Find their user name in ENTRA 

Click on "Authentication Methods"

Click on "Require re-register multifactor authentication"

Have the user try and logon to a MS product.  It will prompt them to scan the QR code to re-register their MFA.



Posted by at No comments:

Monday, June 8, 2026

Teams error code 700003

 


Here's what worked for us

Opend a CMD prompt as administrator


Run the command

dsregcmd  /forcerecovery

Log back into Teams




Posted by at No comments:

Friday, May 22, 2026

Where do I find a users bitlocker key in 365 tenant?

Computer need a bitlocker recover?

Go to INTUNE

Select USERS

Search for the user in the list and select their name

Click on DEVICES 

Select the device assigned to the user that needs the key

Click on "BitLocker Keys"

Click on "SHOW RECOVERY KEY"

Click on the "eye" to show the "BitLocker recovery key"


You can send them the key now to unlock their machine


Posted by at No comments:

Thursday, May 21, 2026

Move data from onedrive to a sharepoint folder

 Have a situation where files are coming into a onedrive folder and they are wanted to be moved to a different folder in sharepoint.

Using PowerAutomate for this

In the source onedrive folder, "Create a flow"

Automate -> Power Automate -> Create a flow


You should see some flows appear that are common


Click on "See your flows" 

Then on the next screen that will come up, select "NEW FLOW" - Template


Look for "Move file from OneDrive for Business to Sharepoint and notify me


Make sure you are checkbox for the 3 items at the bottom and click on CONTINUE


You'll see this show up on your screen.



Click on "When a file is created"

In "Folder" section, click on the folder icon then select the folder that you want PowerAutomate to monitor.   In this example, we are looking at recordings


Click on "CREATE FILE"

In the "Site Address" put in the url for your sharepoint site.


If you have permissions to view the site
click on "FOLDER PATH" and the options should show up to where you can put it




Now click on SAVE

You can now TEST your script.  Click on TEST



Click on SAVE and TEST

Your system is now monitoring.  Drop a file into your onedrive and you should see it pretty quickly show up in the Sharepoint location

If everything is setup correctly, you should be good to go!  Powerautomate runs about every 5 minutes automatically.





Posted by at No comments:

Permission's deploying a template in 365

Trying to do something in Azure and getting a message like this...even though you might be a global admin?

The template deployment failed with error: 'Authorization failed for template resource of type 'Microsoft.Authorization/roleAssignments'. The client 'first.last@company.com' with object id does not have permission to perform action 'Microsoft.Authorization/roleAssignments/write' at scope '/subscriptions providers/Microsoft.Authorization/roleAssignments (Code: InvalidTemplateDeployment)

As of writing, here's a possible fix.

Log into entra.microsoft.com

Under "ENTRA ID" select "OVERVIEW"



Select "PROPERTIES

Scroll down to "Access Management for Azure resources" and set it to "YES".  Then wait for a period of time, 15-30 minutes for it to take effect.  Then try


At time of writing its suggested that you revert this setting back after you made the addition template.


Posted by at No comments:

Wednesday, May 20, 2026

Update 365 Tenant user information using powershell and csv file

This script I use to update employee job titles and managers.  It runs monthly for us to sync employee changes in their job titles and managers.  This detects if you try and add a manger that is 'below' the user's current status.  Meaning you can add yourself as a manger to yourself.  Nor could you add an employee that was your subordinate as a manger to yourself.

Create a file called UserUpdates.csv and put in the comma delimited data.

UserPrincipalName,ManagerUPN,JobTitle,Department,OfficeLocation
user1@company.com,manager1@company.com,Systems Administrator,IT,NYC
user2@company.com,manager2@company.com,Network Supervisor,ITOP,FLA

Create a new file called UpdateUser.ps1

Change the path in the script to reflect the path your csv file is located
$csvPath = "C:\updates\UserUpdates.csv"

run the script in powershell (as admin)  .\UpdateUser.ps1

the script will prompt you for a user with rights to make the changes, usually some administrator of the tenant.  Then it will run the script a line at a time.

At time of writing, the prompt that worked for me would look like this style below:  And I would select my admin user that had creds.  I found that sometimes it would give me a different looking one, and i would have to run the script again, because it would ask for creds every single time it ran a new line in the csv. 



# ###########################
# Cobbled together with CoPilot and ChatGTP
# Update the following items via a CSV
# - Manager  Job  Title  Department  Office Location
#
# Added circular hierarchy validation
# Uses Microsoft Graph PowerShell SDK
# #############################

# Install module if needed:
# Install-Module Microsoft.Graph -Scope CurrentUser

Import-Module Microsoft.Graph.Users

# Connect to Microsoft Graph
Connect-MgGraph -Scopes "User.ReadWrite.All","Directory.ReadWrite.All"

# UserPrincipalName,ManagerUPN,JobTitle,Department,OfficeLocation
# user1@company.com,manager@company.com,Systems Administrator,IT,NYC

$csvPath = "C:\updates\UserUpdates.csv"

# Import CSV
$users = Import-Csv -Path $csvPath

# ###########################
# Function: Detect/Prevent Circular Management Structure
# ###########################

function Test-ManagerCircularReference {

    param (
        [string]$UserId,
        [string]$ManagerId
    )

    # Prevent self-manager assignment
    if ($UserId -eq $ManagerId) {
        return $true
    }

    $currentManagerId = $ManagerId

    while ($currentManagerId) {

        # Detect circular hierarchy
        if ($currentManagerId -eq $UserId) {
            return $true
        }

        try {

            $manager = Get-MgUserManager `
                -UserId $currentManagerId `
                -ErrorAction Stop

            if ($manager.Id) {
                $currentManagerId = $manager.Id
            }
            else {
                $currentManagerId = $null
            }
        }
        catch {
            $currentManagerId = $null
        }
    }

    return $false
}

# ###########################
# Process the CSV file
# ###########################

foreach ($entry in $users) {

    $userUPN        = $entry.UserPrincipalName.Trim()
    $managerUPN     = $entry.ManagerUPN.Trim()
    $jobTitle       = $entry.JobTitle.Trim()
    $department     = $entry.Department.Trim()
    $officeLocation = $entry.OfficeLocation.Trim()

    Write-Host ""
    Write-Host "Processing: $userUPN" -ForegroundColor Cyan

    try {

        # ###########################
        # Get User
        # ###########################

        $user = Get-MgUser `
            -UserId $userUPN `
            -ErrorAction Stop

        # ###########################
        # Update User Properties
        # ###########################

        Update-MgUser `
            -UserId $user.Id `
            -JobTitle $jobTitle `
            -Department $department `
            -OfficeLocation $officeLocation

        Write-Host "SUCCESS: Updated user profile properties." `
            -ForegroundColor Green

        # ###########################
        # Update Manager (if provided)
        # ###########################

        if (![string]::IsNullOrWhiteSpace($managerUPN)) {

            $manager = Get-MgUser `
                -UserId $managerUPN `
                -ErrorAction Stop

            # Validate hierarchy
            $hasCircularReference = Test-ManagerCircularReference `
                -UserId $user.Id `
                -ManagerId $manager.Id

            if ($hasCircularReference) {

                Write-Host "SKIPPED: Circular hierarchy detected." `
                    -ForegroundColor Yellow
            }
            else {

                Set-MgUserManagerByRef `
                    -UserId $user.Id `
                    -BodyParameter @{
                        "@odata.id" = "https://graph.microsoft.com/v1.0/users/$($manager.Id)"
                    }

                Write-Host "SUCCESS: Updated manager." `
                    -ForegroundColor Green
            }
        }
        else {

            Write-Host "INFO: No manager specified." `
                -ForegroundColor DarkYellow
        }
    }

    catch {

        Write-Host "FAILED: $($_.Exception.Message)" `
            -ForegroundColor Red
    }
}

# Disconnect Graph Session
Disconnect-MgGraph

Write-Host ""
Write-Host "Processing complete." -ForegroundColor Cyan


Posted by at No comments:
Subscribe to: Posts (Atom)