Migrating a 2003 R2 Physical Server to Hyper-V 2012 R2 in 2018….

~ brandon

Here’s the details on how I was able to migrate a 2003 R2 server from physical to virtual.

I used Disk2VHD to convert the running physical machine to virtual hard drives. Note: Do not have it prep for the old Virtual Server software and do NOT have it convert to VHDX.  I used a temporary disk to copy the physical drives to during the conversion process. I then used a standalone Hyper-V server to mount the OS disk it had converted to VHD. Continue reading “Migrating a 2003 R2 Physical Server to Hyper-V 2012 R2 in 2018….”

Convert Server 2016 Standard to Datacenter

~ brandon

I needed to do this today because I had setup a pair of servers and it turns out they needed to be Datacenter edition instead of Standard edition. What used to mean you would need to rebuild, is really now just another command to run.

dism /online /Set-Edition:ServerDatacenter /ProductKey:CB7KF-BWN84-R7R2Y-793K2-8XDDG /AcceptEula

It took about 20 minutes or so but Before you tell me I posted my keys … sorry but it’s the KMS client key from Microsoft.

I found this command from ITechLounge.

Remove a single user’s permissions from all mailboxes in Office 365

~ brandon

Longest title in history?

A while back we were doing some troubleshooting and we added an administrator’s account to have read permissions on all of our mailboxes. Mailboxes permissions came up as a topic yesterday in a conversation I was having and I remembered I had meant to clean this up. I could have gone about this a bunch of different ways, but ultimately I wanted to create a script in case I ever needed it again. Continue reading “Remove a single user’s permissions from all mailboxes in Office 365”

Using mod_rewrite rules for subdomains to subfolders

~ brandon

A URL address bar with www

From the land of things that were harder than they needed to be. Seems like you need a deep dive in everything to be able to do anything sometimes.

So, on this domain I wanted to use a single host to handle a few subdomains. One for my blog (which you’re on now), and maybe a couple of others for web classes or anything else I may want to mess around with.

Easy enough to do with subdomains and different document root folders on a standard server. And the hosting service does provide different document root folders. I ended up with different FTP root folders for each subdomain which is not what I was looking for. I wanted to use one FTP account and then just upload to the location I wanted for the subdomain I was updating.  Continue reading “Using mod_rewrite rules for subdomains to subfolders”

Outlook 2016 – Stop Displaying Mailboxes for Other Users

~ brandon

As an admin occasionally you’ll give yourself permissions to a mailbox. And then you’ll remember Outlook conveniently auto-maps that mailbox for you. Easy fix.
Close Outlook. Open Powershell.

Add-MailboxPermission -Identity targetuser@foo -User youradmin@foo -AccessRights FullAccess -AutoMapping:$false

Open Outlook. Enjoy the emptiness of the side bar.

You can/should also (once the mailbox disappears from Outlook) remove the permissions completely.

Remove-MailboxPermission -Identity targetuser@foo -User youradmin@foo -AccessRights FullAccess -InheritanceType All

Delete an email from all mailboxes in O365

~ brandon

 

 

Shamelessly borrowed from:
Spiceworks

 

# Get login credentials 
$UserCredential = Get-Credential 
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid -Credential $UserCredential -Authentication Basic -AllowRedirection


Import-PSSession $Session -AllowClobber -DisableNameChecking $Host.UI.RawUI.WindowTitle = $UserCredential.UserName + " (Office 365 Security & Compliance Center):"
# search for the email in all mailboxes
New-ComplianceSearch -Name "Easy-To-Identify-Name" -ExchangeLocation all -ContentMatchQuery 'sent>=12/01/2017 AND sent<=12/30/2017 AND subject:"announcement" AND from:"username@domain.org"'
Start-ComplianceSearch -Identity "Easy-To-Identify-Name"

# wait a minute and view the results
Get-ComplianceSearch -Identity "Easy-To-Identify-Name"
Get-ComplianceSearch -Identity "Easy-To-Identify-Name" | Format-List

# delete the messages if the results look right
New-ComplianceSearchAction -SearchName "Easy-To-Identify-Name" -Purge -PurgeType SoftDelete

# check when it is completed
Get-ComplianceSearchAction -Identity "Easy-To-Identify-Name_Purge"

Change PFX to PEM on Windows

~ brandon

cmd

Install OpenSSL from here:

https://slproweb.com/products/Win32OpenSSL.html

Copy the PFX file to the directory you want the .pem files in. Open a command prompt as admin, change to the directory and run these commands:

To export the private key without a passphrase or password.

C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -nocerts -nodes -out serverkey.pem

To export the Certificate

C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -clcerts -nokeys -out servercert.pem

Restart whatever service (in this case it was Tenable Nessus).

Converting a Password to Secure String

~ brandon

Windows_PowerShell_icon

I forget this every time I reset my password…

(Get-Credential).Password | ConvertFrom-SecureString | Out-File "C:\Scripts\365SecureString.txt"

Using it:

$pass = cat "C:\Scripts\365securestring.txt" | convertto-securestring
$mycred_online = new-object -typename System.Management.Automation.PSCredential -argumentlist "UserAccount@contoso.com",$pass
$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist "UserAccount",$pass