Tired of dealing with password resets

Issue Description


==============


Password Expiration Policy


 


 


Issue Resolution


==============


  1. Click Start > Search for Windows PowerShell > Right click ‘Run as administrator’.
  2. To establish connection, Open Windows Powershell (Run as administrator) then enter the Global Admin credential (Email address format) after running below script

 


$cred = Get-Credential


 


Set-ExecutionPolicy Unrestricted


 


$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection


 


Import-PSSession $Session


 


 


  1. Then we need to make sure we have Microsoft Online Module for Powershell already installed, in case if we don’t please download it from below source :

 


64 bit module version – http://go.microsoft.com/fwlink/p/?linkid=236297


                It may ask us to install the Microsoft Online Services Sign-In Assistant from below link : http://www.microsoft.com/en-us/download/details.aspx?id=39267


 


Then run the below commands and when asked enter the Global Administrator credentials again


 


Import-Module MSOnline


 


Connect-Msolservice


 


 


  1. To set the password policy to never expire, we may run the below commands
    1. For Individual user :-

Set-MsolUser –UserPrincipalName user@lmitc.com -PasswordNeverExpires $True


  1.  
    1. For All Users in the Organisation :-

Get-MsolUser | Set-MsolUser –PasswordNeverExpires $True



  1. To verify if password is set to never expire run the following command.

Get-MsolUser –UserPrincipalName user@lmitc.com | fl


See the below variable in the command shell ( PasswordNeverExpires :True )



 


  1. To set the password expiration to some number of days at domain level :
    Set-MsolPasswordPolicy -DomainName domain.com -NotificationDays 15 -ValidityPeriod 180

 


Note : Once we create a new user, we will have to set the password policy for that user again, as it is not possible to inherit that policy to the new user, so we will need to run the above commands again.


 

What does a fake voicemail virus email get you?

Well, for one example, here’s what Windows Defender Offline (http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline) found from a scan of an infected machine. Fortunately the user powered down the computer immediately after realizing he had been had.


Rogue:Win32/Winwebsec
Trojan
file:D:\ProgramData\hDa3n3aV\serv.bat
file:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\Antivirus Security Pro support.url
file:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\Antivirus Security Pro.url
folders:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro\

TrojanDownloader:Win32/Kuluoz.D
containerfile:D:\Users\–username-removed–\Downloads\VoiceMail_Seattle_(206)4581802.zip
file:D:\Users\–username-removed–\AppData\Local\dqegmcmb.exe
file:d:\users\–username-removed–\AppData\Roaming\Microsoft\Windows\Recent\VoiceMail_Seattle_(206)4581802.lnk
file:d:\users\–username-removed–\Downloads\VoiceMail_Seattle_(206)4581802.zip->VoiceMail_Seattle_(206)4581802.exe
regkey:HKCU@S-1-5-21-3504191443-3983057376-3714753911-2621\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\ojphvgtg
runkey:HKCU@S-1-5-21-3504191443-3983057376-3714753911-2621\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\ojphvgtg


A tip for you. After running the cleanup removal in Windows Defender Offline, reboot the machine with network disconnected to a Microsoft ERD Commander disc and use the registry editor and Windows Explorer to check the work of the cleanup tool and ensure everything is out of there. Then reboot and run Norton Power Eraser (https://security.symantec.com/nbrt/npe.aspx) for a final cleanup (has to be online for the Norton tool to work).

Need to pull data from your Exchange 2007 – 2013 logs?

Here’s how using PowerShell in the Exchange Management Shell:


get-messagetrackinglog -EventID “RECEIVE” -Start “10/22/2013 10:30:00 AM” -End “10/22/2013 4:00:00 PM” -ResultSize Unlimited |fl >c:\trackinglog.txt


By the way, the “-ResultSize Unlimited” will get you the full results to your text file and not truncate it.

Poor performance when you enable RemoteFX in Hyper-V on a Windows Server 2012-based computer that uses AMD processors

Working with Hyper-V on Windows Server 2012? Check out this KB article if you have AMD proc’s in your server(s) for a hotfix:


http://support.microsoft.com/kb/2770440/en-us?sd=rss&spid=16526


 

Windows 8 Mail requires 3rd party SSL certificate for Exchange

If you have a Windows 8 Mail client that won’t connect to an Exchange account, check to see if you have a self-assigned SSL certificate installed on your Exchange Server. A “3rd party” certificate (GeoTrust, Thawte, VeriSign, Go Daddy for example) will take care of your problem. You can confirm if this is in fact the case by running the Microsoft Remote Connectivity Analyzer, testing Exchange ActiveSync (https://www.testexchangeconnectivity.com/).

No PSSBS Meeting for November, 2012

For those who are not members of the PSSBS Yahoo Group, or in case you haven’t seen the announcement in our PSSBS Yahoo Group, there is NO NOVEMBER MEETING. I am in Las Colinas, Texas at an MVP “Deep Dive” in Server 2012 Essentials and Multipoint. We will be meeting in December, with a presentation by CRU-DataPort.

Install Exchange 2010 in two (2) steps

At SMB Nation 2012 in Las Vegas, I have been asked multiple times for the URL to the TechNet Article that has the simple steps to install Exchange Server 2010 on a member server in a Windows Server 2012 Essentials network. You can find it at http://technet.microsoft.com/en-us/library/aa997281.aspx.


Steps below from the comments at the bottom of the TechNet page:


How to install Exchange 2010 in two steps!
The following comments are from Michael Smith, Exchange MVP, and posted here with his permission. – Steve


In general, I ignore the wizards when installing Exchange. It’s literally easier (IMHO) to install from the command line. And it takes only two steps.

1. In an elevated cmd prompt, install the Exchange prerequisites and reboot:
sc.exe config NetTcpPortSharing start= auto
REM cd into the ‘Scripts’ directory in the Exchange installation folder/media
cd /d c:\Ex2010SP2\Scripts
ServerManagerCmd.exe -ip Exchange-Typical.xml -Restart

 
(You’ll get a warning about ServerManagerCmd being old-fashioned. Ignore it.)

2. After the reboot, in an elevated cmd prompt, install Exchange:
setup /r:mb,ca,ht /on:”First Organization”

That’s it.


How do you use this with Windows Server Essentials 2012?


1. Purchase Windows Server 2012 Standard (Volume Licensing is your best bet in order to get the required Essentials keys for installation).
2. Install as parent Hyper-V OS. Windows Server 2012 provides 1+2 licensing. (http://download.microsoft.com/documents/uk/SMB/products/windows-server/WS2012_Licensing-Pricing_Customer_FAQ.pdf)
3. Install Windows Server 2012 Essentials (Download the trial available at http://www.microsoft.com/click/services/Redirect2.ashx?CR_CC=200142594 to get the bits) as your first child virtual machine. You will need an Essentials key for this at install. You are exercising your downgrade rights of Windows Server 2012 Standard in this process.
4.

Exchange 2007 updates week of 10/7/2012 – Exchange down on reboot.

Small Business Server 2008 (Exchange 2007) updates from this past week’s patch Tuesday are causing an interaction that is causing Microsoft Exchange System Attendant and Microsoft Exchange Information Store to not fire up. Hearing that two reboots may get you there. You can also fire them up manually in the Services MMC.


If you see the Microsoft Exchange System Attendant “starting,” then you’ll need to kill the mad.exe process from the Task Manager in order to get the services to start.


Looking for Server 2003 and XP files you can remove / delete from the C drive?

If you have aging Windows XP and Windows Server 2003 machines that have filled up their C: drives, here’s a Microsoft KB with documented safe files you can remove:


KB 956324 – How to reclaim disk space on Windows XP and Windows Server 2003-based computers.


http://support.microsoft.com/kb/956324


To cut to the chase on which Windows Update files you can delete (there are other directions in the KB as well, but these are what most server admins will be looking for) are below (taken from the KB as of 9/4/2012):


Delete Windows update files


Warning If you delete the folder for each update, the corresponding Windows update cannot be uninstalled. Consider the effect that this will have on the computer before you delete the Windows update files.

To delete Windows update files, follow these steps:


  1. Delete only those %Windir%/$NtUninstallKB number$ folders that were created more than a month ago as backup files for Windows updates. Do not delete those that were created within the last 30 days.
  2. To delete the download cache for Windows updates, delete all the folders in the %Windir%\SoftwareDistribution\download folder that were created more than 10 days ago.
  3. Delete the following log files in the %Windir% folder:
    • kb*.log
    • setup*.log
    • setup*.old
    • setuplog.txt
    • winnt32.log
    • set*.tmp

Delete Windows XP service pack files


Warning If you delete the backup folders for each Windows XP service pack, you will be unable to uninstall Windows XP service packs.

If you delete the folder for the installation files and the cache for the Windows XP service pack, you will be unable to restore corrupted Windows XP service pack files or to install additional Windows XP features that are not installed by default. You may want to keep a copy of these files in another location. For more information about how to keep a copy of these files, click the following article number to view the article in the Microsoft Knowledge Base:


271484 Files and folders are added to your system after service pack is installed

Consider the effect that this will have on your computer before you delete these files.

To delete Windows XP service pack files, follow these steps:


  1. Delete the %Windir%\$NtServicePackUninstall$ folder to delete the backup folders for the Windows XP service packs.
  2. Delete the %Windir%\ServicePackFiles folder to delete installation files and cache folders for the Windows XP service packs.

Windows 8 for Microsoft Partner Action Pack Subscribers

I checked today with the Microsoft Action Pack Regional Service Center for the Unites States on what the availability of Windows 8 will be for US Partners who have current Action Pack subscriptions. We will be getting usage rights for 10 licenses of Windows 8 Professional. Available August 20, 2012.


Also check out release dates here on the Windows Team Blog (thanks to Brandon LeBlanc):


http://windowsteamblog.com/windows/b/bloggingwindows/archive/2012/08/01/windows-8-has-reached-the-rtm-milestone.aspx


People will be able get Windows 8 starting on October 26th either by upgrading for $39.99 or on a new PC or device. And if you buy an eligible Windows 7 PC today, you will be able to purchase an upgrade to Windows 8 Pro for $14.99 (U.S.) through the Windows Upgrade Offer.


However, we have a number of programs that provides various audiences early access to the Windows 8 RTM code to help prepare for Windows 8 as it enters the marketplace this fall:


  • August 15th: Developers will be able to download the final version of Windows 8 via your MSDN subscriptions.
  • August 15th: IT professionals testing Windows 8 in organizations will be able to access the final version of Windows 8 through your TechNet subscriptions.
  • August 16th: Customers with existing Microsoft Software Assurance for Windows will be able to download Windows 8 Enterprise edition through the Volume License Service Center (VLSC), allowing you to test, pilot and begin adopting Windows 8 Enterprise within your organization.
  • August 16th: Microsoft Partner Network members will have access to Windows 8.
  • August 20th: Microsoft Action Pack Providers (MAPS) receive access to Windows 8.
  • September 1st: Volume License customers without Software Assurance will be able to purchase Windows 8 through Microsoft Volume License Resellers.

Please note: if a program you are in is not mentioned, please be patient as dates for Windows 8 RTM code availability for other programs will be communicated when the information becomes available.