Posts

Microsft Teams Homebrew - Get-TeamsEffectiveUserPolicy -Identity -Policy

-
There is an ever increasing number of policies that can apply to users in Microsoft Teams. There's also different ways to apply them. When queried outside of Teams Admin Center (TAC) its not immediately clear what has been assigned. Get-CsOnlineUser might return a blank - thats because its not assigned (Global).  Thats all well and good but it doesn't tell me if a policy has been assigned by group. To find this out you need to write a few more lines of powershell. I decide to wrap it up as a function and have this minimum viable product. No doubt it will need some tweaking as we go along, but for the moment, it seems to work. Call the function with one of the applicable policies and it will return [Global], [D] (direct) or [G] (group) with the policy name. It's straight forward enough - checks to see if there is a policy assignment. If so, it checks if theres a direct assignment, and if not, checks the ranking of the group assignments. Simple enough and makes for a simple f
Post a Comment
Read more

Missing in Action - 2021

-
So there goes 2021. So little has happened, yet so much has changed. I have a role at Microsoft which took up all my time in the second half of 2021. The first half of 2021 started as normal - Skype for Business 2015 work and a migration to Teams. Then came March and working at home. A bit of a dampner on the old enthusiasm as we'd just taken delivery of #20 Surface Hubs 2s and looking forward to configuring for Teams. (and no - I didn't get one to take home). So towards the end on 2021 I've been working on a bunch of scripts - most notably the office 365 Service Comms API retirement meant I had to update the Service Health scripts you can find it on github,  GitHub - JonathanChristie-BHIT/M365SH: M365 Service Health uses Microsoft Graph to display key information I've also added an IP monitor - to track when hostnames change IP address. Handy for demonstrating failure, or if you run in multiple instances against multiple DNS resolvers, then you can see Geo-DNS in actio
Post a Comment
Read more

Missing in Action - Microsoft Teams Meeting Join Notifications

-
 Mid-January we noticed that some meeting join notifications in Teams ('xxx has started the meeting') were no longer showing. I was running the public preview at the time so didn't think too much of it until a colleague noticed the same. Cache clearing and reverting to the 'normal' build followed but no joy. It seemed to be specific to older, recurring meetings (newly created meetings did not seem to suffer the same issue) A support ticket was raised with Microsoft and after some log collections, they have identified an internal issue and currently rolling out a fix to all tenants. This is expected to be completed by the end of Feb 2021.
Post a Comment
Read more

Office 365 Service Communications API Rogue...

-
 Another few hundred emails generated by the service health script as it monitors O365 service health using the API. Whats going on? It would seem theres a rogue server handing out data for the Office 365 Service Communications API. As well as doubling up (536 messages instead of 248) there seems to be some messages missing from the 'larger' dump, in particular: IT234239 - Microsoft Intune - False positive IT234538 - Microsoft Intune - False positive MO234433 - Microsoft 365 suite - False positive TM233796 - Microsoft Teams - Service restored TM234913 - Microsoft Teams - False positive FL234254 - Microsoft Power Automate - False positive It would seem that some testing may have gone wrong and theres some test or backup data creeping in. As well as the above incidents not being in the 'core' 248 which seem 'normal', the status also changes to have white spaces removed ie "Service Degredation" and "ServiceDegredation"
Post a Comment
Read more

Skype for Business Server Access Edge not starting after 15th Jan? Quovadis.........

-
 An interesting start to the week. On the 15th of January 2021, Quovadis/Digicert revoked an intermediate certificate without any apparent notification. As 'luck' would have it some patching happened shortly after and the server rebooted. The services would not come up. After some checking of new software deployments (security/management), validating patching, restoring VMs from backup it was discovered that changing the system clock back to the 14th Jan let the services start. With such a specific cut-off date/time and the service event logs (not always pointing in the right direction!) it pointed a finger at certificate revokcation. We knew the public certs weren't due to expire for 6 months and the dates on the intermediate and root cert were all fine. Some google-fu found that we were not alone AusCERT statement “QuoVadis Global SSL ICA G3” issue impacting multiple customers QuoVadis Intermediate Revoke Update | Jisc community Even though we double-checked the certifica
Post a Comment
Read more

Invoke-RestMethod vs Invoke-WebRequest example

-
 Sometimes I look at old code and think 'Why did I do that? Why not xxxxxx'. Lately that was when looking at Invoke-WebRequest and Invoke-RestMethod. I use both of these in the Service Health scripts when retrieving the access token for accessing the office 365 service health, messages etc. So the quick answer is, Invoke-WebRequest returns the status (ie 200 OK, 404 not found) while Invoke-RestMethod returns the content that Invoke-WebRequest does, and converts it to json (depending on API) So for example Invoke-RestMethod -Uri https://icanhazdadjoke.com -Headers @{accept="application/json"} | Select-Object -ExpandProperty joke returns a single line of the joke Invoke-WebRequest -Uri https://icanhazdadjoke.com -Headers @{accept="application/json"} | Select-Object -ExpandProperty content | ConvertFrom-Json | Select-Object -ExpandProperty joke The above command does the same, after expanding the content and converting.
Post a Comment
Read more

Missing Teams graphics: it could be cache or it could be......

-
Image
 A recent case of intermittent DNS responses caused a little head scratching recently. Masking the issue was a few office 365 outages. In the end it was identified as an issue with a DNS server returning only IPv6 addresses. Not useful on an IPv4 network. PowerShell to the rescue and resolve-dnsname checking every few minutes and creating log files. A separate script hoovers these up and displays them nicely formatted in HTML for wider consumption. Simple but handy if needed. https://github.com/JonathanChristie-BHIT/DNSChecker Using a mixture of internal and external DNS servers to check a few entries PowerShell snippet: [array]$DNSServers = @(     ('192.168.0.1', 'Internal'),     ('8.8.4.4', 'Google A'),     ('8.8.8.8', 'Google B'),     ('1.1.1.1', 'Cloudflare A'),     ('1.0.0.1', 'Cloudflare B'),     ('208.67.222.222', 'OpenDNS A'),     ('208.67.220.220', 'OpenDNS B') ) [ar
Post a Comment
Read more