MVP - Most Valuable Professional
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange Server, Microsoft 365, Azure, and Cloud Security.

Logo Azure ADAzure AD Pass-through authentication (PTA) recommends that you run at least three authentication agents to provide high availability for authentication. 

When you download and install the PTA agent, registering the PTA agent to Azure AD might fail. This happens most of the time when the network connectivity to Azure AD requires the use of a proxy server. In such a network setup you normally encounter configuration errors only, if the proxy server is misconfigured or the Internet Explorer zone configuration is missing required entries for trusted sites.

When you encounter an error during installation and registration of the dedicated PTA agent I recommend to separate these two steps. You need the credentials of an Azure AD account that is a member of the Global Administrator management group.

  1. Download the most current release of the PTA agent: https://aka.ms/getauthagent
  2. Copy the downloaded file to the server that will serve as a PTA agent
  3. Open an administrative command prompt and install the PTA agent software in silent mode without registering the agent:
AADConnectAuthAgentSetup.exe REGISTERCONNECTOR="false" /q
  1. Open an administrative PowerShell session, navigate to the default installation location and register the PTA agent manually
# navigate to the default installation location
cd "C:\Program Files\Microsoft Azure AD Connect Authentication Agent"

# enter the global admin credentials
$cred = Get-Credential

# register the PTA agent using the RegisterConnector.ps1 script
# multiline example
.\RegisterConnector.ps1 `
-ModulePath "C:\Program Files\Microsoft Azure AD Connect Authentication Agent\Modules\" `
-ModuleName "PassthroughAuthPSModule" `
-AuthenticationMode Credentials ` 
-UserCredentials $cred `
-Feature PassthroughAuthentication

# single line example
.\RegisterConnector.ps1 -ModulePath "C:\Program Files\Microsoft Azure AD Connect Authentication Agent\Modules\" -ModuleName "PassthroughAuthPSModule" -AuthenticationMode Credentials -UserCredentials $cred -Feature PassthroughAuthentication

 

The Azure AD Pass-through agent Quickstart documentation has an example for automating the installation of the PTA agent as part of a server provisioning process. The current example references the wrong PowerShell module named AppProxyPSModule. The most recent release of the PTA agent does not contain a PowerShell module by that name. Use the PowerShell module PassthroughAuthPSModule, as shown in the PowerShell example shown above.

 

Links

 

Enjoy Azure AD!

 

 

Read More »

Exchange Server 2010Exchange Server 2013Exchange Server 2016Exchange Server 2019Description

This script reads Exchange Organization data and creates a single Microsoft Word document. A later version will support exporting to an Html file.

The script requires an Exchange Management Shell for Exchange Server 2016 or newer. Older EMS versions are not tested.

A locally installed version of Word is required, as plain Html export is not available, yet.

The default file name is 'Exchange-Org-Report [TIMESTAMP].docx'. 

Most of the script requires only Exchange admin read-only access for the Exchange organization. Querying address list information requires a membership in the RBAC role "Address Lists".

The script queries hardware information from the Exchange server systems and requires local administrator access to the computer systems.

 

NOTE
The script is currently under development in version 0.91 and available as a pre-release.
You are welcome to contribute to the PowerShell script development.

 

Examples

# Example 1
# Create a Word report for the local Exchange Organization using 
# the default values defined on the parameters section of the PowerShell script.

.\Get-ExchangeOrganizationReport.ps1 -ViewEntireForest:$true

# Example 2
# Create a Microsoft Word report for the local Exchange Organization with 
# a verbose output to the current PowerShell session.

.\Get-ExchangeOrganizationReport.ps1 -Verbose

 

Version History

  • 0.9. Initial community release
  • 0.91, Information about processor cores, memory, and page file size added

Links

 

Additional Credits

The script is based on the ADDS_Inventory.ps1 PowerScript by Carl Webster: https://github.com/CarlWebster/ActiveDirectory

Follow

Read More »

Exchange Server 2013Exchange Server 2016Exchange Server 2019Description

This script gathers a list of enabled users for a selected Exchange Server client protocol. The list of users is sent by email as HTML text in the email body or as an attached CSV file. You can select to gather data for a single protocol or for all protocols.

Available protocols are:

  • POP
  • IMAP
  • ActiveSync

 

Requirements

  • Windows Server 2012 R2 or newer
  • Exchange 2016+ Management Shell
  • GlobalFunctions module (found here)

 

Examples

# Find users having all protocols enabled, create a CSV file per protocol and send an email with CSV attachments

.\Get-EnabledProtocolReport.ps1 -SendMail -MailFrom automation@varunagroup.de -MailTo report@varunagroup.de -MailServer relay.varunagroup.de -Protocol ALL


# Find users having all protocols enabled, create a CSV file per protocol

.\Get-EnabledProtocolReport.ps1 -Protocol ALL -ExportCsv

 

Version History

  • 1.0, Initial community release

 

Links

 

Follow Me

Read More »

Microsoft Ignite 2019 Logo

Learn - Connect - Explore

This year's Microsoft Ignite Conference takes place on November 4 - 8 at the Orange County Convention Center (OCCC), Orlando, Florida.

Choose from over 1,000 Breakout and Theater Sessions to learn about new technologies and methods, or talk directly to Microsoft professionals and MVPs about your technical challenges. Select the sessions and hands-on experiences that are most interesting for you based on the Microsoft Learning Paths to suit your job role.

You will find me directly in the Modern Workplace & Modern Life in the exhibition area. Just stop by to learn more about the possibilities of modern and secure collaboration using Microsoft Teams, Mobile Productivity, and more

Feel free to contact me via email to arrange an appointment at Ignite 2019: thomas@mcsmemail.de.

 

Links

 

See you in Orlando!

 

 

Read More »
Last updated: 2020-01-24

 

Exchange Server 2007Exchange Server 2010Exchange Server 2013Exchange Server 2016Exchange Server 2019Description

 

This script creates an HTML report showing the following information about an Exchange 2019, 2016, 2013, 2010, and, to a lesser extent, 2007 and 2003 environment.

The report shows the following:

  •  As summary
    • Total number of servers per Exchange Server version
    • Total number of mailboxes per On-Premises Exchange Server version, Office 365, and Exchange Organisation
    • Total number of Exchange Server functional roles
       
  • Per Active Directory Site
    • Total number of mailboxes
    • Internal, External, and CAS Array names
    • Exchange Server computers
      • Product version
      • Service Pack, Update Rollup, and/or Cumulative Update
      • Number of preferred and maximum active databases
      • Functional Roles
      • Operating System with Service Pack
         
  • Per Database Availability Group
    • Total number of member servers
    • List of member servers
    • DAG databases
      • Number of mailboxes and average mailbox size
      • Number of archive mailboxes and average archive mailbox size
      • Database size
      • Database whitespace
      • Disk space available for database and log file volume
      • Last full backup timestamp
      • Circular logging enabled
      • Mailbox server hosting an active copy
      • List of mailbox servers hosting database copies
         
  • Per Database (Non-DAG, pre-DAG Exchange Server)
    • Storage group and database name
    • Server name hosting the database
    • Number of mailboxes and average mailbox size
    • Number of archive mailboxes and average archive mailbox size
    • Database size
    • Database whitespace
    • Disk space available for database and log file volume
    • Last full backup timestamp
    • Circular logging enabled
       

The script uses a separate CSS file for styling the HTML output.

 

Examples

# Example 1
# Generate an HTML report and send the result as HTML email with attachment 
# to the specified recipient using a dedicated smart host

.\Get-ExchangeEnvironmentReport.ps1 -HTMReport ExchangeEnvironment.html -SendMail `
-ViewEntireForet $true -MailFrom roaster@mcsmemail.de -MailTo grillmaster@mcsmemail.de -MailServer relay.mcsmemail.de

 

Example Screenshot

Example report Exchange Environment Report

 

Version History

  • 2.0, Initial community release
  • 2.1, Table header label updated for a more consistent labeling
  • 2.2, Bug fixes and enhancements
    • CCS fixes for Html header tags (issue #5)
    • New script parameter ShowDriveNames added to optionally show drive names for EDB/LOG file paths in database table (issue #4)
    • Exchange organization name added to report header

 

Links

 

Additional Credits

Additional credits go to Steve Goodman for the original Exchange Environment Report V1.x scripts.

 

Follow

 

Read More »