How to uninstall PowerShell modules with dependencies within a script.

How to uninstall PowerShell modules with dependencies within a script.

PowerShell module can sometimes become a nightmare if there are dependencies on other modules. I have been recently looking at my AzureADPreview which had one dependency for;

– Microsoft365DSC module

If you run the standard uninstall-module -name AzureADPreview you will receive an error stating the module cannot be uninstalled due to the dependency of the other module as shown below;

If you run install-module AzureADPreview you are likely to receive a duplicate install of the same module which will potential cause issues later down the line.

So,

The following function has made this possible.

Function Uninstall-AllModules
{
[CmdletBinding(SupportsShouldProcess)]
param (
[Parameter(Mandatory = $true)]
[string]
$TargetModule,
[Parameter(Mandatory = $false)]
[string]
$Version,
[switch]
$Force
)

$AllModules = @()

‘Creating list of dependencies…’
$target = Find-Module $TargetModule
$target.Dependencies | ForEach-Object {
$AllModules += New-Object -TypeName psobject -Property @{ name = $_.name}
}
$AllModules += New-Object -TypeName psobject -Property @{ name = $TargetModule}

$cnt = 1;
foreach ($module in $AllModules)
{
Write-Host (“[$cnt] – ” + ‘Uninstalling {0} version’ -f $module.name);
$cnt++;
try
{
if ($PSCmdlet.ShouldProcess($module.name, ‘Uninstall’))
{
Uninstall-Module -Name $module.name -Force:$Force -ErrorAction Stop;
};
}
catch
{
Write-Host (“`t” + $_.Exception.Message)
}
}
}

## – Example using -WhatIf parameter:
Uninstall-AllModules -TargetModule AzureAD -Force

Regards,
The Author – Blogabout.Cloud

Understanding Azure Active Directory Connector soft matching

Understanding Azure Active Directory Connector soft matching

It is has become very common across most organizations that they set up an Office 365 tenancy or Azure tenancy without configuring integration with their own on-premises Active Directory or another scenario an organization has been brought by another company. The end-users are then given cloud-only accounts until such a time where they can be fully integrated. In going down this road it can potentially cause a number of issues that need to be resolved by either soft matching or hard matching the on-premises AD User with the Cloud Account.

How do I soft match?

Soft matching is driven by the SMTP Address of the user account and usually, the UPN matches the SMTP Address. So in the diagram below that, I have created you can see I have captured the two scenarios organizations move their on-premises identities to Azure Active Directory. What I have also done is put a deliberate mistake into the images, can you spot what it is?

So User D and Cloud D are the same users but the UPN is different, why have I done this? This is to explain the behavior that will happen if the account cannot be correct identified with its cloud account. User A to C will all synchronize successfully and correctly however, User D will not succesfully be synchronized as the UPN that doesn’t match Cloud D. While this isn’t a bad issue for this scenario but if you were actioning at scale, I hope you are ready for a host of complaints from users.

Its is important to ensure that the SMTP Addresses on-premises vs. the cloud but please be aware there are limitations like in any Microsoft product

SMTP matching limitations

The SMTP matching process has the following technical limitations:

  • SMTP matching can be run on user accounts that have a Microsoft Exchange Online email address. For mail-enabled groups and contacts, SMTP matching (Soft match) is supported based on proxy addresses. For detailed information, refer to the “Hard-match vs Soft-match” section of the following Microsoft Azure article: 

    Azure AD Connect: When you have an existent tenant

    Note This doesn’t mean the user must be licensed for Exchange Online. This means that a mailbox that has a primary email address must exist in Exchange Online for SMTP matching to work correctly.
  • SMTP matching can be used only one time for user accounts that were originally authored by using Office 365 management tools. After that, the Office 365 user account is bound to the on-premises user by an immutable identity value instead of a primary SMTP address.
  • The cloud user’s primary SMTP address can’t be updated during the SMTP matching process because the primary SMTP address is the value that is used to link the on-premises user to the cloud user.
  • SMTP addresses are considered unique values. Make sure that no two users have the same SMTP address. Otherwise, the sync will fail and you may receive an error message that resembles the following: Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:john@contoso.com;]. Correct or remove the duplicate values in your local directory.

Hard-match works in a simalar way but uses the ImmutableID of the user accounts. This is unique value that each account has, so to hard match the on-premises ImmutableID to the cloud account would mean that you modify every single Cloud account with the correct on-premises account value. I know this from experience as I had to do just that for one of my customers and created a powershell script to enable the change.

Regards
The Author – Blogabout.Cloud

Recommended Podcasts

There are a number of brilliant podcasts available, heres my recommendations.

GreyHatBeard Podcast

GreyHatBeard

This podcast has been running since X and is hosted by;
The Grey – Kevin McDonnell
The Hat – Alan Eardley
The Beard – Garry Trinder

In this podcast they look at the Microsoft 365 Stack. I know Alan personally as he was one of my selected speakers for a User Group at I hosted in the United Kingdom. He has since pushed on and spoken at Microsoft events earning himself MVP status in the process.

https://www.greyhatbeard.com/rss.xml

The Cloud Architects

This podcast has been running since 2017 and is hosted by;
Nicolas Blank – Twitter
Warren du Toit – Twitter
Chris Goosen – Twitter

Inspired by the UC Architects Podcast this trio has come together and delivered regular sessions. Check out their website over at https://thearchitects.cloud/

Microsoft Cloud IT Pro Podcast

This podcast has been running since 2017 and is hosted by;
Ben Stegink – Twitter
Scott Hoag – Twitter

Both Ben and Scott are heavy SharePoint gurus but they discuss all Microsoft 365 workloads in great detail and its a really easy listen. Check out their website at https://www.msclouditpropodcast.com/

Microsoft Cloud Show

This podcast has been running since 2013 and is hosted by;
Andrew Connell – Twitter
Chris Johnson – Twitter

This podcast is possible one of the longest-serving that I currently listen to and doesn’t show any signs of slowing down. I was lucky to meet Andrew, a few years back in Amsterdam when we were both speaking at Office 365 Engage Conference in Haarlem. Check out their website at https://www.microsoftcloudshow.com/

OOFHours Podcast

This podcast has been running since 2020 and is hosted by;
Michael Niehaus – Twitter

This is the one-stop for all things Windows Autopilot, Michael is Principal Program Manager at Microsoft in the Modern deployment team. If you have visited his blog, make sure you do http://www.oofhours.com and his podcast can be found here https://oofhours.libsyn.com/rss

UCStatus Podcast

This podcast has been running since 2020 and is hosted by;
Mark Vale – Twitter
Randy Chapman – Twitter
Shawn Harry – Twitter

These guys discuss all things Microsoft Teams and 2/3 are the founders of the Commsverse Conference. Check out their website at https://ucstatus.com/category/podcast/

Regards
The Author – Blogabout.Cloud

Using Endpoint Analytics (Preview) | Let’s see if we can Proactive remediate installed PowerShell Modules.

Using Endpoint Analytics (Preview) | Let’s see if we can Proactive remediate installed PowerShell Modules.

If you have followed my blog for some time now you will know how much I bang on about keeping your PowerShell modules up to date. Its been a while since I have looked at Microsoft Endpoint Manager and recently discovered Endpoint Analytics.

Which got me thinking about how I could automatically remediate out of date installed PowerShell modules.

Detection Script

As you can see from below, I have created a PowerShell which allows me to detect PowerShell modules that are not up to date. The detection scripts works on the basis of comparing the install version vs. cloud version available from the PowerShell Gallery. If matching versions are found it will move on to the next module installed until;

1. All PowerShell modules installed are matched to the Cloud Version.
or
2. A module is found where a latest version is available.

I am using an Array to pull Get-InstalledModules into Foreach Loop.

Remediation Script

The remediation script works in the same way as the detection script but if a new module is found. The script will remove the legacy version then install the latest version from the PowerShell Gallery.

So all this sound simple enough, lets put it to work.

So how does this look in Microsoft Endpoint Manager?

Browse to http://endpoint.microsoft.com

Select Reports from the left hand menu and select Endpoint Analytics as shown below.

Select Proactive Remediation

So as you can see already from the screen shot below, I have already create a script package to address my Windows 10 Virtual Machines with out of date PowerShell modules. It has identified 3 machines with issues and this issue has recurred 3 times. Which I would accept as I installed a number of old modules to demonstrate this process.

So how do we create our Script Package simple!! First of all you will need the scripts from my Github https://github.com/TheWatcherNode/Proactive-Remediation then follow this simple video.

Log Checking

All the PowerShell script are executed by the Intune Management Extension

– C:\ProgramData\Microsoft\IntuneManagementExtension\Logs

All scripts executed against the device are stored in the following location;

– C:\Windows\IMECache\HealthScripts

Negative side

As you may have 10s or 100s of modules installed I don’t believe Proactive Remediate is fully geared up my script currently. I need a bit more work to really make fully compliant in how Proactive Remediate works.

https://github.com/TheWatcherNode/blogaboutcloud/blob/master/Get-InstalledModulesUpdate.ps1

Conclusion

I was able to successful remediate my PowerShell modules but not 100% happy how it display back into the Endpoint Portal can see a lot of value in Proactive Remediation and I accept this area to grow when more and more Consultants start writing scripts to detect and remediate issues.

Regards
The Author – Blogabout.Cloud

Whats new in the Microsoft 365 Roadmap today? Ignite Edition 24/09/2020

Whats new in the Microsoft 365 Roadmap today? Ignite Edition 24/09/2020

Hello Readers,

As Microsoft geared up to Ignite the Roadmap went very quiet as it always do before the big announcements. Today we can see 47 new additions to the roadmap and 27 updates.

Additions : 47
Updates : 27

More Details At: www.roadmapwatch.com

New FeaturesCurrent Status
Outlook for Windows: support Immersive ReaderIn Development
Outlook for iOS: Text predictionsIn Development
Windows Virtual Desktop: Migration tool for non-ARM to ARM objectsIn Development
Yammer: New Live Events InsightsIn Development
Yammer: New Conversation InsightsIn Development
Yammer: New Community InsightsIn Development
PowerPoint: Live Captions and Subtitles in PowerPoint for GCC and GCC-HighIn Development
Outlook for Android: Text predictionsIn Development
Microsoft Teams: Organizational branding for line of business app catalogIn Development
SharePoint: Audience Targeting capability for Quick Links Web PartIn Development
Visio: Self-service purchase capabilities for VisioRolling Out
Microsoft Information Protection: Auto-classification with sensitivity labels in SPO, EXO, OneDrive for gov cloudsIn Development
Outlook: Outlook on the web – Suggested replies now available in Chinese (People’s Republic of China)In Development
Office 365: Cross-Tenant People Search (Limited Availability)In Development
Microsoft 365 admin center: New Microsoft 365 admin center multi-tenant management experiencesRolling Out
SharePoint: Organization Chart WebpartIn Development
Microsoft Search: Use, view, and manage your personal query historyIn Development
Microsoft Lists: ‘Quick Edit’ is becoming “Edit in grid view”Rolling Out
SharePoint: new create list experienceIn Development
Microsoft Search: Microsoft Graph connectors for Microsoft SearchIn Development
Microsoft Teams: View app permissions and grant admin consent in the Microsoft Teams admin centerIn Development
Yammer: Browse community files stored in SharePoint with SharePoint library structure and capabilities.In Development
Yammer: Select attachment uploads from SharePoint file pickerIn Development
Outlook for iOS: Play My Emails car modeIn Development
Outlook for iOS: Set Outlook as your default email app with iOS and iPadOS 14In Development
Yammer: New people experiencesIn Development
Microsoft 365 Compliance Center: Translate content during investigationIn Development
Microsoft 365 Compliance Center: Burnout and suicide detectionIn Development
Microsoft 365 Compliance Center: Conflict of interest templateIn Development
Microsoft 365 Compliance Center: Ability to ignore email signature or disclaimerIn Development
Outlook for iOS: See Outlook calendar details with watchOS 7In Development
Microsoft 365 Compliance Center: Insider risk management hand-offIn Development
Microsoft 365 Compliance Center: Policy health check and ability to pause policyIn Development
Microsoft 365 Compliance Center: Ability to set a retention period for a Communication Compliance policyIn Development
Word: Embed content in Word for WebIn Development
Microsoft Teams: PowerPoint File Sharing in GCC-High and DODIn Development
Microsoft Teams: PowerPoint File Sharing in GCCLaunched
Outlook for Android: Scan QR code to sign into your work or school accountIn Development
Outlook for iOS: Scan a QR code to sign into your work or school accountIn Development
Microsoft Edge v.87: ClickOnce deployment enabled by defaultIn Development
Yammer: Updated UX the Yammer tab for Microsoft TeamsIn Development
Yammer: Default to the New Yammer experience on webIn Development
Outlook for iOS: Support Scribble with iPadOS 14In Development
Outlook for Android: Start a Chat in Teams with email recipientsIn Development
Outlook for iOS: Start a Chat in Teams with email recipientsIn Development
Outlook for iOS: Play My Emails available in other countriesIn Development
Outlook for iOS: Play My Emails remindersIn Development
Updated FeaturesCurrent StatusUpdate Type
Microsoft Project: Custom fields at the Task levelRolling OutStatus
Outlook for iOS: Play My EmailsLaunchedStatus
Outlook for Android: inking on photosLaunchedStatus
Outlook for iOS: Keep notifications confidentialLaunchedStatus
Outlook for Android: Work personal contact separationLaunchedStatus
Outlook for Windows: Administrator notification of Outlook incidentsLaunchedStatus
Outlook for iOS: Report spam or phishingLaunchedStatus
Excel: Tasks in ExcelRolling OutStatus
Outlook for iOS: Drag and Drop files into OutlookIn DevelopmentDescription
Excel: Office Scripts for task and workflow automation in ExcelRolling OutStatus
Allow user to override locked file to deleteLaunchedStatus
Android On-Demand Chat TranslationRolling OutStatus
SharePoint: Updated Yammer Conversations web part for SharePointLaunchedStatus
Microsoft Edge v.87: Kiosk mode privacy features are now availableIn DevelopmentTitle
Yammer Communities now available in Teams Mobile appsLaunchedStatus
Microsoft Bookings web app available to GCC customersLaunchedStatus
Microsoft Teams – New experience for launching instant channel meetings for GCC customersLaunchedStatus
SharePoint lists and libraries – Fixed row height in Quick EditLaunchedStatus
Yammer: New reactions for postRolling OutStatus
AIP scanner for on-premises available for DoDLaunchedStatus
AIP Unified Labeling client for Windows available for Government clouds (DoD)LaunchedStatus
Microsoft Teams – New meeting lobby configuration setting available for PowerShell and Teams Admin CenterRolling OutStatus
Office 365 Advanced Threat Protection: Extended capabilities in Threat ExplorerRolling OutStatus, Description
Microsoft Teams: spotlight an individual video participant for all attendees in a Teams meetingRolling OutStatus
Microsoft Information Protection: Double Key Encryption for government cloudsIn DevelopmentTitle
Microsoft Search: New image verticalIn DevelopmentDescription
Outlook for iOS: Use your voice to initiate a phone or Teams callIn DevelopmentTitle

Regards
The Author – Blogabout.Cloud

Bye Bye Skype for Business Connector.

Bye Bye Skype for Business Connector.

As Microsoft starts to contine to wind down Skype for Business Online, there is no longer a need to install the seperate module using the .exe file for the Skype Connector. The module has been in beta release of the Microsoft Teams module which has now been published to general availability (GA).

Update your MicrosoftTeam module to version 1.1.6 and you will find the cmdlet “New-CSOnlineSession” available to use. To make life easier, check out my Get-InstalledModulesUpdate.ps1 from my GitHub. This PS1 file will look at all installed modules on your client machine and update according.

Here is the current versioning information for MicrosoftTeams module.

DateVersionUpdates
September 20201.1.6Skype for Business Online Connector integration
September 20201.1.5-previewSkype for Business Online Connector integration
July 20201.1.4Added group policy assignment cmdlets
June 20201.1.3-previewSkype for Business Online Connector integrationGet-Team optimizationsEnhanced reliability
June 20201.0.7Added Cmdlet preloading.Net Framework optimizations
April 20201.0.6Authenticode and assembly signingAdded Get-CsPolicyPackageAdded Get-CsUserPolicyPackageAdded Get-CsUserPolicyPackageRecommendationAdded Grant-CsUserPolicyPackageAdded New-CsBatchPolicyPackageAssignmentOperationAdded Set-TeamArchivedStateAdded Set-TeamPictureRemoved Get-TeamHelp
March 20201.0.5Added New-CsBatchPolicyAssignmentOperation
Feb 20201.0.4Get-Team optimizations

Regards
The Author – Blogabout.Cloud

Deploy Microsoft Defender ATP for your Android devices

Deploy Microsoft Defender ATP for your Android devices

Microsoft Defender ATP for Android now supports installation on both modes of enrolled devices – the legacy Device Administrator and Android Enterprise modes. However, only Work Profile enrolled devices are supported in Android Enterprise.

I would expect support for other Android Enterprise modes will be announced when they are launched.

Deploying Microsoft Defender ATP to your devices

Launch your Microsoft Endpoint Manager dashboard (http://endpoint.microsoft.com) then go to Apps, Android Apps and click the Add button.

Select Managed Google Play app and press Select

Search for Microsoft Defnder ATP Preview

Click Approve

Please Note

This app has access to:Photos/Media/Files
– read the contents of your USB storage
– modify or delete the contents of your USB storage

Storage
– read the contents of your USB storage
– modify or delete the content of your USB storage

Wifi connection information
– view WiFI connections

Other
– receive data from internet
– view network connections
– draw over other apps
– run at startup
– full network access
– prevent device from sleeping

Select Approve and Done

Select Sync

Microsoft Defender ATP Preview app will now be available and you will need to assign to your require devices.

Once the application is installed on your mobile, just run through the on-screen prompts.

Regards
The Author – Blogabout.Cloud

Whats new in the Microsoft 365 Roadmap? (11/09/2020)

Whats new in the Microsoft 365 Roadmap? (11/09/2020)

Additions : 4
Updates : 5

More Details At: www.roadmapwatch.com


New FeaturesCurrent Status
Microsoft compliance center: Records Management in Microsoft 365 available in Government cloudIn Development
Microsoft Lists: updated Yes/No column experiences – powered by SharePoint?In Development
Microsoft Teams: Manage your meeting options in-meetingIn Development
Microsoft Teams: End-of-meeting notificationsIn Development
Updated FeaturesCurrent StatusUpdate Type
Microsoft Teams: Channel info paneLaunchedStatus
Microsoft Teams – Dynamic viewIn DevelopmentDescription
Microsoft Teams: NDI for TeamsRolling OutStatus
Microsoft Forms: New Office 365 HeaderLaunchedStatus
Office 365 Advanced Threat Protection: Enabling export of security reportsRolling OutStatus

Regards
The Author – Blogabout.Cloud

Whats new in the Microsoft 365 Roadmap today? (10/09/2020)

Whats new in the Microsoft 365 Roadmap today? (10/09/2020)

Additions : 2
Updates : 8

More Details At: www.roadmapwatch.com


New FeaturesCurrent Status
Microsoft Forms: Progress Bar for multipage Forms and QuizzesRolling Out
Office 365 Advanced Threat Protection: Attack Simulation TrainingIn Development
Updated FeaturesCurrent StatusUpdate Type
Add to OneDriveRolling OutStatus
SharePoint lists & libraries – new rich-text editor (RTE) for text fieldsLaunchedStatus
SharePoint lists and libraries – Fixed row height in Quick EditRolling OutStatus
SharePoint lists and libraries – updated Quick Edit row selectionLaunchedStatus
Microsoft Lists – visual updates for Quick EditLaunchedStatus
SharePoint lists and libraries – Rename title columnLaunchedStatus
Security and Compliance Center: Advanced Audit available in GCC, GCC-High and DoDRolling OutStatus
Outlook for Windows: intelligent based translationsIn DevelopmentDescription

Regards
The Author – Blogabout.Cloud

Whats new in the Microsoft 365 Roadmap today? (09/09/2020)

Whats new in the Microsoft 365 Roadmap today? (09/09/2020)

Additions : 4
Updates : 8

More Details At: www.roadmapwatch.com


New FeaturesCurrent Status
Outlook for Windows: Text PredictionsIn Development
Microsoft Teams: Templates? for creation of a new TeamIn Development
Outlook for iOS: Sync contact sub folders as category labelsIn Development
Outlook for Windows: intelligent based translationsIn Development
Updated FeaturesCurrent StatusUpdate Type
Word: New Feature – Designer in Word for Word for the webRolling OutStatus
Exchange online: Client Access rules support for OAuth POP and IMAPLaunchedStatus
Microsoft Edge v.86: Group policy to enable Microsoft Edge UI to test sites in Internet Explorer modeRolling OutStatus
Microsoft Edge v.86: Remove HTML5 Application Cache APIRolling OutStatus
Microsoft Edge v.86: Automatic profile switching on Windows 7, 8, 8.1Rolling OutStatus
Microsoft Edge v.86: Table of Content for PDF DocumentsRolling OutStatus
Microsoft Edge v.86: Add custom image to the NTP, and control ability via GPORolling OutStatus
Microsoft Edge v.86: Secure DNS (DNS-over-HTTPS) SupportRolling OutStatus

Regards
The Author – Blogabout.Cloud