With all the joy and happiness the holidays tend to bring (just hear me out), the computing world lost two notable figures this month, both of which have had quite an impact on technology…
Continue reading “December 2019: Two Notable Losses in Computing History”TIL: Fail to Wire
Always interesting poking around Reddit to read how others deal with their daily battles. Today I came across this article On Reddit that mentioned something I’ve never heard of before: Fail to Wire.
Continue reading “TIL: Fail to Wire”Microsoft Ignite 2019 – Conference Recap and Tips
Last week I had the pleasure of attending the Microsoft Ignite conference in Orlando, FL. This conference is HUGE – 30K+ people huge, and encompasses nearly everything Microsoft, especially Azure and Office/Microsoft 365. People travel from all over the world to attend, and that alone may be a reason to join in as well; the networking opportunities are huge.
Continue reading “Microsoft Ignite 2019 – Conference Recap and Tips”Conferences and Travel – Life Hacks Part 1
Ok, so not all of these may be earth-shattering, and may be more-or-less common knowledge, but I figured for any youngins out there travelling to their first conference, whether it’s a tech conference like Microsoft Ignite, AWS Invent or something else, to help keep things organized. I’ve been to MANY conferences over the years, and feel like after 2 decades, I more or less have my act together in this ONE AREA 😉
Note that while I mention some apps and services below, I don’t necessarily endorse any of these products or brands, nor am I paid by any of these companies. This article is all my personal experience and opinion, and some links are just simple examples I found doing quick searches.
Anyway, onto the tips; buckle in because this is a long one…
Office365: Teams Mode is configurable per-user
Today I learned (thanks to Reddit) that although my Office365 tenant is still set to “islands” mode, the setting is actually applied per-user with each user actually defaulted to tenant global setting). You can enable any individual user for Teams-only mode, and even then, the setting can be reverted if need be, so it’s not permanent like most people tend to think.
It seems that amongst the settings, each one simply varies of the amount of work “Skype” will do, with “Teams-only” being the only one that truly switches things over to Teams. Even with both Skype and Teams installed, with the Tenant/User in “Islands” mode, calls get routed to Skype by default, including the mobile apps. You need to use Teams-Only mode to have Teams actually accept calls.
I also found some really interesting notification rules in the mobile app I don’t think I’ve seen before (Quiet Time and Quiet Days), and in addition, Teams -FINALLY- has a secondary ringer option so you can actually hear calls when you have a usb receiver or headset plugged in. (This may not be true for mac users yet, at least according to a couple other Reddit posts I’ve seen recently.)
Anyhow, it seems good things continue to come for Teams, and I can only imagine the onslaught of new features that’ll be announced at Ignite, I just hope they all work!
OneDrive Known Folder Move: Your IT Administrator has set a policy that prevents changes to known folders. Please remove this policy and try again.
Nothing makes my blood boil like nearing the finish line on a freshly re-imaged computer, only to come to a OneDrive KFM roadblock.
Continue reading “OneDrive Known Folder Move: Your IT Administrator has set a policy that prevents changes to known folders. Please remove this policy and try again.”Windows 10 Media Creation Tool Errors Out
Figured I would share this tip, as it’s so simple (and really shouldn’t happen), but it does and drives me nuts every time.
The Windows 10 Media Creation Tool downloads a Windows 10 install, and let’s you create an ISO or bootable USB stick to install Windows 10 into a computer. I don’t generally use it much in an IT realm as we use the corporate installer tools, however when working on a home computer or re-gearing an old laptop for home use for someone, I use this to quickly get Windows 10 installed.
As always, there’s a catch. I pop in a USB stick, open the tool, select “Create installation media”, and it will show the E drive or whatever drive my USB stick is. Great! Hit go and it spends some time downloading Windows 10 and starts working on creating the stick.
Then it fails.
Ok maybe it was a fluke…do it all again, wait another 15 minutes, it fails again. ARRG! It usually comes up with some cryptic error that sounds like a media/disk error, in addition the USB stick usually now is corrupted and you have to re-format the stick. What is going on with this??
Turns out the answer is an easy one, and really, it shouldn’t even happen. Once you click “Create Installation media” – it brings up a screen with your USB drive showing, for example E:\. For all intents and purposes it looks like its already good to go. Thing is…you haven’t PICKED that drive yet! Even though it looks like that’s where it’s pointing to, and yes it seems to access the stick, you have to actually click on the drive letter before clicking Next.
Gets me every time!
Powershell – Getting Group Membership in Office365
As I’m trying to clean up some accounts, I found that it’s -not easy- to simply get a list of all the groups a user is a member of in powershell, at least not like the one that displays in the admin portal. In doing some hunting (admittedly, not a lot of hunting) I came across this site that has just about what I was looking for, but I will warn you that the one-liners provided are not efficient – they have to populate the members of all groups, therefore if you have a LARGE directory, these may take a very long time to run, and be data-intensive. If you’re an SMB or SME with only a couple hundred users, they should be OK.
The problem was, it didn’t work! It looked good, but the variable it stored the results in was empty. After a quick review I realized the problem; the $mailbox.Alias at the end of the scripts should have been $mailbox.Name, since the alias will never match the name shown in the group membership. Once I changed that, it worked as it should:
$Office365GroupsMember = Get-UnifiedGroup | where { (Get-UnifiedGroupLinks $_.Alias -LinkType Members | foreach {$_.name}) -contains $mailbox.Name}However…this only works for “Office365” Groups, and not all Office365 group types, that may include groups sync’ed from Active Directory/DirSync, like distribution lists and so on. I took the one-liner from that site, and modified it slightly to use “get-msolgroup” rather than get-unifiedgroup, which worked as it should.
$UserEmail= "someperson@somecompany.com"
$Mailbox = Get-Mailbox | Where {$_.PrimarySmtpAddress -eq $UserEmail}
Get-msolGroup | where { (Get-msolGroupmember -GroupObjectId $_.objectid | foreach {$_.displayname}) -contains $mailbox.name}From there you can pipe the output of that command into others, like remove-msolgroupmembership (although it needs the member objectid which is odd), or store it in a variable. Keep in mind you may want to filter group types as well, as I’m not sure you can remove a user from an Office365 group that was added/created as part of a Teams teams.
Last but not least, see these commands to do simliar roles for Active Directory:
get-adprincipalgroupmembership
remove-adprincipalgroupmembership
I figured this might help someone out, and kudos to the other page for having a one-liner that worked as the basis for this!
OneDrive Known Folder Move – Hurdles Galore
One thing is readily apparent when it comes to implementing “known folder move”, a new(ish) feature of Microsoft OneDrive.
Known folder move is sort of a start in terms of replacing roaming profiles on Office365. Turning it on redirects your Desktop, Documents, and other “library” folders into OneDrive, so your important files are backed up in OneDrive regardless if you store them in other popular places in Windows. You can read more about Known Folder Move here: https://docs.microsoft.com/en-us/onedrive/redirect-known-folders.
Since it uses OneDrive which is based on Sharepoint, it has all the various limitations of both platforms, especially when it comes to naming and file types. For example, you cant create a folder called “Forms” on OneDrive, and certain file types and characters aren’t allowed either. Another interesting tidbit I found, is that if you already had folders like “Documents” or “Desktop” in OneDrive, I believe it creates “Desktop2” or “Documents2”. Not good for consistency!
One “unsupported” file type is OneNote files. I’m not sure what black magic is going on behind the scenes when it comes to OneNote and OneDrive/Sharepoint, but as an IT admin, the best I can say is “it’s weird”. OneNote notebooks and sections appear as “files”, but it’s obvious there’s more to the eye there and they’re likely being stored as blobs or objects. This is why you can’t “move” a local OneNote notebook to OneDrive or Sharepoint; you have to create a new Notebook at your destination, and copy your sections from the old to the new one at a time.
This also means if you have or had OneNote files on your desktop or Documents folders, its basically going to stop you from enabling KFM. In fact I’ve found a LOT of things stop KFM from being enabled, such as:
-
-
- OneNote files
- Unsupported characters in file names
- Group Policies that lock down ability to redirect personal libraries, as well as policies that actually redirect Desktop/Documents to other places
- The weather
- Looking at it wrong
-
I ran into an interesting issue with a couple users. Previously these users’ documents folders were redirected to a network share, ala “home drive”. Before I enabled KFM, I redirected their Documents folder back to the local profile. I then checked for any OneNote files, and transferred anything important to new notebooks on OneDrive. Lastly for consistency sake, I rename any existing “Desktop” or “Documents” folders on OneDrive so they’ll be available for the real Desktop and Documents folders.
Yet, KFM didn’t work, and listed a OneNote file as the reason. I clicked on the warning that supposedly takes me to the offending file, but it only took me to the recycle bin, but the file in question wasn’t there! I tried checking other places, even “emptying” the recycle bin, but KFM insisted it existed, and kept pointing at the recycle bin.
Finally I decided maybe the GUI wasn’t giving me the whole picture, and dropped to a Powershell prompt and cd’d into the $Recycle.Bin folder (it may be hidden, but you can still change into it). Sure enough not only where there all sorts of orphaned files in there, but lots of OneNote files.
(Note: To change into the $Recycle.Bin file in Powershell, the folder name has to be in single quotes. So cd ‘$Recycle.bin’. If you don’t use the quotes, Powershell won’t find the folder.)
I found a couple articles discussing this behavior:
Microsoft KB (old)
ForensicFocus.com
After manually cleaning out the recycle bin, KFM finally enabled. While I like the concept, KFM seems to be more temperamental than a 2 year old.
Have you run into any other gotchas with Known Folder Move? If so leave a comment below!
Making changes to DFS Namespaces in Windows Server
One thing I always seem to dread and battle is making changes to DFS Namespaces and shares. In addition, I also seem to struggle with the simple concept of reboot or even restarting a service, but that’s a topic for another day. (Or is it?)
In this case I was doing some minor file server cleanup at the end of a day, and moving data around. Part of this process was to delete a couple DFS namespaces and re-create them pointing to the new locations.
I ran into issues deleting the namespaces where the DFS console reports that the share must be manually removed. I believe this may have been caused by the shares/files being open by existing users (in this case its just templates and small files that aren’t mission critical.) Even though it reports this, I do see the DFS namespace gone from Active Directory (confirmed via ADSIEdit), the registry entries gone from the DFS key in the registry, yet on the server, when I try to delete the share from the folder I’m trying to move, it errors with “The share must be removed from Distributed File System before it can be deleted”.
Naturally I go down the path of doing some googling, and looking at blog posts talking about how to verify your DFS target was removed from active directory, from the file server registry, etc. This is all good practice anyway as it does verify things are cleaned up after a dirty removal of a namespace, but in my situation, the error still happened and I couldn’t un-share the old folder.
Simple answer: Reboot. In my case, after going down the AD and registry rabbit holes, I was able to restart the server service and let it restart any dependency services, and in doing so, it let me remove the share, re-share the new location, and create a new DFS namespace. I’d be willing to bet simply rebooting the server itself would have worked as well, but as we all know that’s not always an option when the workaholics are still plugging away at 7pm and I’m literally moving 15 files.
So definitely not a bad idea to check registry entries and AD objects when making DFS namespace changes, but start with a simple reboot, and get to go home 30 minutes sooner 🙂