Michael Obernberger mobernberger

## disable-account-linking.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mobernberger
                / disable-account-linking.md
            
            
              Created
              November 12, 2022 16:20
            
          
    Disable account linking for your tenant using the following steps:

Download this PowerShell script
Open an instance of the PowerShell script in admin mode
Run the following command first Set-ExecutionPolicy unrestricted
Run the PowerShell script
Follow the instructions the script prompts
The cmdlet will prompt you to sign in with your AAD account
Once signed in, it will disable account linking for your tenant


## disable-myanalytics.ps1
#Connect to Exchange Online Powershell before running this commands.

Get-Mailbox -ResultSize unlimited | Set-MyAnalyticsFeatureConfig -Feature all -IsEnabled $false -PrivacyMode opt-out

## Test-ProxyLogon-expanded.ps1
# Forked from the Original Microsoft script and added some more outputs and checks for aspx files - KBC 10.03.2021 / Michael Obernberger
#
#
# Checks for signs of exploit from CVE-2021-26855, 26858, 26857, and 27065.
#
# Examples
#
# Check the local Exchange server only and save the report:
# .\Test-ProxyLogon.ps1 -OutPath $home\desktop\logs
#

## export-ca-policies.ps1
#Install the DCToolbox Module
Install-Module DCToolbox

#Connect to MS Graph Endpoint with the module
Connect-DCMsGraphAsDelegated

#Export the policies to a Excel file
New-DCConditionalAccessPolicyDesignReport

## readme.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mobernberger
                / readme.md
            
            
              Last active
              September 1, 2020 08:19
            
              
                Configure Office 365 Message Encryption (OME)
              
          
Check if Azure RMS is enabled which is described here: https://docs.microsoft.com/en-us/azure/information-protection/activate-office365


Check if OME is enabled: https://docs.microsoft.com/en-us/microsoft-365/compliance/set-up-new-message-encryption-capabilities?view=o365-worldwide#verify-new-ome-configuration-in-exchange-online-powershell


Configure the branding for OME encrypted E-Mails: https://docs.microsoft.com/en-us/microsoft-365/compliance/add-your-organization-brand-to-encrypted-messages?view=o365-worldwide


Enable the Encrypt Button in Outlook on the web: https://docs.microsoft.com/en-us/microsoft-365/compliance/manage-office-365-message-encryption?view=o365-worldwide#manage-the-display-of-the-encrypt-button-in-outlook-on-the-web


## adfs-enable-o365-pw-change.ps1
#Start an administrative powershell on your ADFS server

$msolId = "urn:federation:MicrosoftOnline"
$rptName = "Microsoft Office 365 Identity Platform"
$rptRules = (Get-AdfsRelyingPartyTrust -Identifier $msolId).IssuanceTransformRules
$newRule =  '@RuleTemplate = "LdapClaims" @RuleName = "UPN Claim Rule" c1:[Type == "http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime"] => issue(store = "_PasswordExpiryStore", types = ("http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime","http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays","http://schemas.microsoft.com/ws/2012/01/passwordchangeurl"), query = "{0};", param = c1.Value);'
$rptRules = $rptRules + $newRule
Set-AdfsRelyingPartyTrust -TargetName $rptName -IssuanceTransformRules $rptRules

## adfs-enable-pw-change.ps1
#Start an administrative Powershell on your ADFS Server

Enable-AdfsEndpoint "/adfs/portal/updatepassword/"
Set-AdfsEndpoint "/adfs/portal/updatepassword/" -Proxy:$true

#This command restarts the ADFS service to enable the funcitionality (short ADFS interruption)
Restart-Service AdfsSrv -Force

## exo-message-size.ps1
#Connect to Exchange Online Powershell before running this commands.

#Get the actual value for all Mailbox Plans
Get-MailboxPlan | fl name,maxsendsize,maxreceivesize,isdefault

#Set the the max send and receive size to 50MB
Get-MailboxPlan | Set-MailboxPlan -MaxSendSize [On-Prem value in MB / e.g. 50MB] -MaxReceiveSize [On-Prem value in MB / e.g. 50MB]

#Set the max send and receive size 50MB for existing mailboxes
Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox')} | Set-Mailbox -MaxSendSize 50MB -MaxReceiveSize 50MB

## block-guest-for-specific-o365group.ps1
#Connect to Azure AD Powershell with the Preview Module: Install-Module AzureADPreview

#Search for specific group
$GroupID = get-unifiedgroup -Identity <Insert SMTP or Identity> | Select-Object -ExpandProperty ExternalDirectoryObjectId

#Check if there is already a specific group settings specified and delete it
$SettingID = Get-AzureADObjectSetting -TargetType Groups -TargetObjectID $GroupID | select-object -expandproperty ID
Remove-azureadobjectsetting -id $settingid -targettype Groups -TargetObjectID $GroupID

#Create a new setting with Guests disabled

## enable-exo-audit-log.ps1
#Connect to Exchange Online Powershell before running this commands.

$Mbx = Get-Mailbox -RecipientTypeDetails UserMailbox, SharedMailbox -ResultSize Unlimited | Select DistinguishedName, DisplayName
ForEach ($M in $Mbx) {
     Write-Host "Manually enabling mailbox auditing for" $M.DisplayName
     Set-Mailbox -Identity $M.DistinguishedName -AuditEnabled $True }
	#Connect to Exchange Online Powershell before running this commands.

	Get-Mailbox -ResultSize unlimited \| Set-MyAnalyticsFeatureConfig -Feature all -IsEnabled $false -PrivacyMode opt-out
	# Forked from the Original Microsoft script and added some more outputs and checks for aspx files - KBC 10.03.2021 / Michael Obernberger
	#
	#
	# Checks for signs of exploit from CVE-2021-26855, 26858, 26857, and 27065.
	#
	# Examples
	#
	# Check the local Exchange server only and save the report:
	# .\Test-ProxyLogon.ps1 -OutPath $home\desktop\logs
	#
	#Install the DCToolbox Module
	Install-Module DCToolbox

	#Connect to MS Graph Endpoint with the module
	Connect-DCMsGraphAsDelegated

	#Export the policies to a Excel file
	New-DCConditionalAccessPolicyDesignReport
	#Start an administrative powershell on your ADFS server

	$msolId = "urn:federation:MicrosoftOnline"
	$rptName = "Microsoft Office 365 Identity Platform"
	$rptRules = (Get-AdfsRelyingPartyTrust -Identifier $msolId).IssuanceTransformRules
	$newRule = '@RuleTemplate = "LdapClaims" @RuleName = "UPN Claim Rule" c1:[Type == "http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime"] => issue(store = "_PasswordExpiryStore", types = ("http://schemas.microsoft.com/ws/2012/01/passwordexpirationtime","http://schemas.microsoft.com/ws/2012/01/passwordexpirationdays","http://schemas.microsoft.com/ws/2012/01/passwordchangeurl"), query = "{0};", param = c1.Value);'
	$rptRules = $rptRules + $newRule
	Set-AdfsRelyingPartyTrust -TargetName $rptName -IssuanceTransformRules $rptRules
	#Start an administrative Powershell on your ADFS Server

	Enable-AdfsEndpoint "/adfs/portal/updatepassword/"
	Set-AdfsEndpoint "/adfs/portal/updatepassword/" -Proxy:$true

	#This command restarts the ADFS service to enable the funcitionality (short ADFS interruption)
	Restart-Service AdfsSrv -Force
	#Connect to Exchange Online Powershell before running this commands.

	#Get the actual value for all Mailbox Plans
	Get-MailboxPlan \| fl name,maxsendsize,maxreceivesize,isdefault

	#Set the the max send and receive size to 50MB
	Get-MailboxPlan \| Set-MailboxPlan -MaxSendSize [On-Prem value in MB / e.g. 50MB] -MaxReceiveSize [On-Prem value in MB / e.g. 50MB]

	#Set the max send and receive size 50MB for existing mailboxes
	Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq 'UserMailbox')} \| Set-Mailbox -MaxSendSize 50MB -MaxReceiveSize 50MB
	#Connect to Azure AD Powershell with the Preview Module: Install-Module AzureADPreview

	#Search for specific group
	$GroupID = get-unifiedgroup -Identity <Insert SMTP or Identity> \| Select-Object -ExpandProperty ExternalDirectoryObjectId

	#Check if there is already a specific group settings specified and delete it
	$SettingID = Get-AzureADObjectSetting -TargetType Groups -TargetObjectID $GroupID \| select-object -expandproperty ID
	Remove-azureadobjectsetting -id $settingid -targettype Groups -TargetObjectID $GroupID

	#Create a new setting with Guests disabled
	#Connect to Exchange Online Powershell before running this commands.

	$Mbx = Get-Mailbox -RecipientTypeDetails UserMailbox, SharedMailbox -ResultSize Unlimited \| Select DistinguishedName, DisplayName
	ForEach ($M in $Mbx) {
	Write-Host "Manually enabling mailbox auditing for" $M.DisplayName
	Set-Mailbox -Identity $M.DistinguishedName -AuditEnabled $True }