Tag Archives: passwords

Retrieve user friendly list of users who have full access to a particular mailbox in Office365

We had a request to provide a list of users who have Full access to a mailbox in Office 365. The get-mailboxpermission is pretty straightforward, but the results show the Windows username as opposed to the descriptive name for the user. The following script should provide the information needed. Note that the first 3 lines connect to Microsoft Online (you will be prompted for username and password) – the last two are the magic ones. Replace “User name” with the users first and last name ie “Andy Helsby” in my case

$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session

$userlist = Get-Mailbox "user name" | Get-MailboxPermission | Where-Object { ($_.AccessRights -eq "Fullaccess") -and ($_.IsInherited -eq $false) -and -not ($_.User -like "*nt authorityself*") }
$userlist | foreach {get-mailbox $_.user}

If I can work it out, I’ll update the script later to provide a report for all mailboxes – in the meantime this works for 1 mailbox at a time.

Funnily enough, this report didn’t actually help the reason we were asked for the report – that was because the user had issues connecting to someone else’s mailbox. It turns out that the Microsoft Online password had been changed and outlook was using the cached credentials. By removing the stored passwords in the control panel, Outlook prompted for the password and everything started working.

Fixed: DigitalPersona fingerprint reader with roaming profiles not saving passwords

The new laptop has a fingerprint reader included and comes with DigitalPersona’s fingerprint software. At first glance, this looks like a useful piece of software but after trying to use it, I’ve found it very buggy and the support is non-existant.  DigitalPersona offer no support for the product and refer  you to the OEM partner, in my case Dell, who have nothing in their knowledge base about this product either.

My problem was to do with our roaming profile. After receiving the laptop last night I synched (or so I thought) to the domain, took the machine home and logged in. Windows7 decides that it can’t load my profile and uses the temporary saved copy – all well and good for now, my desktop background, images, shortcuts etc all exist.  However every time I go to add a new website in DigitalPersona, it seems to take the information but does not actually save it to the machine.  Suspecting roaming profiles, I created a local user, logged on as that user and registered my fingers. Note that if you do this, when you use the Windows Login Screen and your finger to login, the pc automatically logs you in without asking which user you want to use. I’m not sure how it determines which user to use, but in my case it used my local user (which was also the most recently created user).

After logging on as the local user I was then able to launch Internet Explorer (9), log into gmail, facebook and this blog and register my usernames and passwords and DigitalPersona kept the information. At this point I also used the option to download and install updates to the software – the most recent version that is now running on the pc is 5.30.252a. Note to get to the updates, click on the plus sign by central management and then the update tab appears.

I then logged off the machine and logged back as my domain account. Tried to use DigitalPersona and yet again the software refused to take my passwords.  I opened explorer up, browsed to %appdata% and sure enough – there was no DigitalPersona directory.  I then browsed to c:\users\localusername\appdata\local and checked out the DigitalPersona directory. This contains an OTS directory and then a _dp_ots_tmp and DPIconCache directory. The tmp directory was empty and the DPIconCache directory contained an icon for the sites I’d saved the password to. I copied the DigitalPersona directroy from the localusers\appdata\local directory to my own %appdata% directory and magically was able to start saving passwords in IE9.

Unfortunately I’ve yet to get the program to work with Firefox or Keepass – the program is unable to detect Firefox or Keepass having a login window.

If anyone has a better (preferably free) password manager that works with IE, Firefox, Chrome and Keepass (last is optional) then please let me know.

Fixed: “Server is busy or you’ve lost your internet connection” when changing a BPOS password

Last week I needed to reset a BPOS account password for a new user that I was setting up.  I logged into the BPOS control panel and reset the users password, copied the new one to the clipboard and then proceeded to try and login as the user through the web interface. The web interface took the new password and as expected it then prompted me to change the password as this was the first time of logging on as the user. However on entering a new password I got "server is busy or you’ve lost your internet connection". I obviously haven’t lost my internet connection and I am hoping that the Microsoft servers are not that busy. 

Attempting to login through the single sign on client gave me the following error message – ”Your password could not be changed due since we couldn’t connect to the service. Please check your network connection or contact your service administrator”.

I couldn’t find anything useful online for this issue so I logged a ticket with BPOS support. They came back with a powershell script (below) that fixed the issue and admitted that this is a known problem that sometimes occurs when a password is changed in the gui.

First the BPOS migration tool needs to be downloaded on a machine with powershell installed. Although the migration tools themselves are not required for this particular issue, it provides the extensions to powershell to allow you to manage BPOS. If you are managing BPOS users then you should have this installed already. If not, the migration tools can be downloaded from either  the 32bit migration tool (transporter tool) or the 64bit migration tool pages.

Once installed, from the migration tool powershell prompt, enter the following

    $tcred=Get-Credential
Note: In the Credential Popup Window, type in the Exchange Online Administrator account & password.
Once it is saved, type in the following command.  I’m not sure that this first step is needed as you are prompted for the credentials again when you enter the next line, but as Microsoft said it, it must be true Winking smile

The second command resets the user password –
    Set-MSOnlineUserPassword -identity emailalias@bposemaildomain.com –Password strongpasswordhere -ChangePasswordOnNextLogon $True

 

You will then be able to login as the user with the new password provided above. Note you will be prompted to change the password again, but this time the password change should be accepted.

When changing password on Twitter – update your plugins too

A while back I changed my twitter password – not realising how many other applications I would need to change…The first thing I had to do was go and change my tweetdeck installations which wasn’t too bad. However, this did mean changing it on three different machines.

This morning I posted a new blog post on IRL and realised that the post hadn’t made it to @helsbyhome on twitter. Checking in I realised I had to change my twitter plugins within wordpress too. These plugins haven’t been working for a couple of months now – oops!

For those of you are are interested, I’m using twitme and twitter updater with Tinyurl – any suggestions on alternatives or what do you use?