A unique problem

At my CPLS, Auldhouse Computer Training, we have a huge blend of applications courses, and technical courses. With everything from Microsoft, Cisco, Citrix, VMWare, CompTIA, Pink Elephant, Linux and Unix, through to Office, Adobe Creative suite, the list goes on and on and on...

One problem that is faced by our Apps trainers, is teaching Outlook today, then tomorrow having to clean up the Outlook inboxes and rules etc. before the next course. This is a bit of a pain in the butt, and of course, it's not a useful use of time.  Honestly, some of the things that people from the work place send to each other, just because they are on a training course.... SHEESH!
 
Today, I whipped up a script that will take care of that, and I was really quite surprised at how simple it was.

The problem. Destroy and recreate all the mailboxes without destroying the AD User accounts, as they're used for many other NTFS permissions all over the show. If it wasn't for that, I'd just as happily delete the AD accounts, and import-csv to fix it. Easy. But alas, I need those SIDs to remain.

As a solution, I came up with the below.  Now, as with all problems, there are more than likely a million other ways, but this is fit for purpose and does the trick.

Essentially there are four steps:

1. Select all the users matching a criteria and disable their mailboxes
2. Clean the database to make sure the disabled boxes are now in the Disconnected Mailboxes container in Exchange
3. Wipe out all the disconnected mailboxes
4. Re-create the mailboxes, essentially doing the opposite of step 1

It looks a little like this:

get-user | where-object {$_.name -like "wlg*" } | disable-mailbox

clean-mailboxdatabase "Wellington Mailbox Database"

$(Get-MailboxStatistics -Database "Wellington Mailbox Database")|where{$_.disconnectreason -eq "disabled"} | foreach {remove-storemailbox -database $_.database -Identity $_.mailboxguid -mailboxstate disabled -Confirm:$false}

get-user | where-object {$_.name -like "wlg*"} | Enable-Mailbox

I am pretty tickled with this, as I am not an Exchange hound. I should add that this is all done on an older Exchange 2010 box. Why Exchange 2010? Just the way it is.....one day I'll get around to updating that. Then I could setup a nice wee template to stop the naughty words anyway!

Cheers,

Malc.

InTune and management of different phones

Hey there all,

So the past wee while has seen me tooling around with some cool things. I have been exploring my musings with InTune a whole lot more, and now I am the proud owner of a couple of different phones. One is an older Apple iPhone 4s, the other is a Samsung Galaxy 4.  iOS and Android! Me! A bona fide Windows Fan Boi.

What can I report?

Adding both the new guys to my InTune management was a piece of cake. Simply adding my domain's email account to the phones was a piece of cake.

After doing that, I started to mess around with the remote wipes, each was done and each of the phones was totally factory reset with little or no surprise.

Once I had that all nice and stabilised, it was time to get into the process of applying apps to each of the devices. This has perhaps been the bigger learning curve for now, and I am still having a play. I'll write more when I have this properly nailed down, but I have learnt that while all free apps in Google Play are free apps, it would appear to not be the same with the Apple Store. In fact, so far (admittedly without much deep investigation) the only app I have deployed was Age of Empire, a game!  AND in order to get the iOS device managed properly, I had to create and import some certificates into InTune to progress. Apparently, I also have to learn about wrapping some apps in App policies (.xml) in order to have them apply.

As for the 'droid, I now have all the necessary tools that I have for my world. Strava, FitBit, and Training Peaks are all loaded against my phone. Plus a few worky things too.

This little post is just a teaser for now, but I am thoroughly enjoying all that InTune can offer.  At this point though, I would add that my current feel is that anyone looking to refresh their phone fleet, with a mind to managing the devices through InTune MDM, I would lean towards Windows Phone and Android.

Cheers,

Malc.

A funny couple of things happened recently...

...and I thought that I'd share.  Mainly as I am just now teaching a Network+ course, and one of the topics in here is Security.  And in that, Social Engineering is seen as a risk, as is misdirection of information.

So here's me.

For the last year, I have been receiving email from a medical insurer in South Africa, for, well, me. Not me, me, but a guy there, born in a different month, 6 years before me. Yup, I know LOTS about him.  It's been kind of funny, but there is a very serious side to this misdirection of data. I have his bank details, the South African equivalent of his Social Security number. And I know his health history, and his wife’s.

Today, I wrote him a letter, and attached one of his health statements.  I hope that it reaches him, and that he takes action with his provider. But what's the lesson here? The lesson is, double check your details with any organisation that you have your financials with. Make sure that all those details are correct. I even did a double check of the handful I have today.  This was an innocent enough mistake on the face of it, but with the information that I have, it could have been a lot worse for this guy.

The second funny thing, was Gmail. So there is a lady in the US of A. She lost her job in RIDICULOUS circumstances and rather publically.  And I really felt for her, mainly because I have an innate sense of fairness. She writes rather well, and has a great sense of humour. I have been a Twitter follower of hers, since. We have never had email contact. We have never communicated outside of a few tweets on Twitter. Anyhow, I have her home number, and her personal email account, showing up in my Gmail phone concats. What the? I did a lookup on Google and some crazy Russian website showed me that it is in fact a US based number, down to state and town. The rest of the location I won't say.

Here the lesson is to make sure that whatever tools you're using on the internet, make sure they are locked to hide any private data. Check what services are sharing that information, and be very careful with the apps installed on your phone that say “We need access to your details here, and here.” And, where you can, avoid putting those private details online when registering on a website. It's amazing how much people are will to put online for some app or the other. With the current trend in fitness tracking that seems to be all the rage, through to online shopping, minimal is best. Hell, it might sound obvious, but pseudonyms can help a fair bit.

As a last one, PLEASE STOP using your email/password combo as the login/password combo on this that and every website! It's just plain silly.

Cheers,

Malc.

 

A re-boot of the blog

Been a while since I posted things, and I know that now it is time to really kick myself into gear.

This was an interesting week in the classroom..... the first 3 days were SQL 2014 query writing, and the last two days of the week was a Crystal Reports course. These two topics are so very close to each other, and yet with enough differences that you can really make a mess of things if you don't have your wits about you!

So anyway, what's been happening.  A whole lot, and I'll be turning this into a very regular posting from now on.
Here is the highlights package:

• Continuing running of the Wellington Windows Infrastructure and Azure Users Group
• Aquisition of a iPhone and Android for the furthering of my InTune learning
• Delivery of InTune user session to Singapore User Group
• Taking of, and learning SCCM
• Discovering new and exciting things in Azure and InTune
• Delivery of InTune session to CodeCamp Wellington

I'll fill in more details later, but in the next couple of weeks expect some writeups on the above, and new things to keep you interested.

Cheers,
Malc.