Outlook 2016 – Stop Displaying Mailboxes for Other Users

As an admin occasionally you’ll give yourself permissions to a mailbox. And then you’ll remember Outlook conveniently auto-maps that mailbox for you. Easy fix.

Close Outlook. Open Powershell.
Add-MailboxPermission -Identity targetuser@foo -User youradmin@foo -AccessRights FullAccess -AutoMapping:$false

Open Outlook. Enjoy the emptiness of the side bar.

You can/should also (once the mailbox disappears from Outlook) remove the permissions completely.

Remove-MailboxPermission -Identity targetuser@foo -User youradmin@foo -AccessRights FullAccess -InheritanceType All


Delete an email from all mailboxes in O365



Shamelessly borrowed from:


# Get login credentials 
$UserCredential = Get-Credential 
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.compliance.protection.outlook.com/powershell-liveid -Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $Session -AllowClobber -DisableNameChecking $Host.UI.RawUI.WindowTitle = $UserCredential.UserName + ” (Office 365 Security & Compliance Center)”

# search for the email in all mailboxes
New-ComplianceSearch -Name “Easy-To-Identify-Name” -ExchangeLocation all -ContentMatchQuery ‘sent>=12/01/2017 AND sent<=12/30/2017 AND subject:”announcement” AND from:”username@domain.org”‘
Start-ComplianceSearch -Identity “Easy-To-Identify-Name”

# wait a minute and view the results
Get-ComplianceSearch -Identity “Easy-To-Identify-Name”
Get-ComplianceSearch -Identity “Easy-To-Identify-Name” | Format-List

# delete the messages if the results look right
New-ComplianceSearchAction -SearchName “Easy-To-Identify-Name” -Purge -PurgeType SoftDelete

# check when it is completed
Get-ComplianceSearchAction -Identity “Easy-To-Identify-Name_Purge”

Change PFX to PEM on Windows


Install OpenSSL from here:


Copy the PFX file to the directory you want the .pem files in. Open a command prompt as admin, change to the directory and run these commands:

To export the private key without a passphrase or password.

C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -nocerts -nodes -out serverkey.pem

To export the Certificate

C:\OpenSSL-Win32\bin\openssl pkcs12 -in adams14wildcard.pfx -clcerts -nokeys -out servercert.pem

Restart whatever service (in this case it was Tenable Nessus).

Converting a Password to Secure String


I forget this every time I reset my password…

(Get-Credential).Password | ConvertFrom-SecureString | Out-File “C:\Scripts\365SecureString.txt”

Using it:

$pass = cat “C:\Scripts\365securestring.txt” | convertto-securestring
$mycred_online = new-object -typename System.Management.Automation.PSCredential -argumentlist “UserAccount@contoso.com”,$pass
$mycred = new-object -typename System.Management.Automation.PSCredential -argumentlist “UserAccount”,$pass


CentOS – Job for network.service failed

Ugh. Ok, so something I came across today that I figured might help someone else out in the future. I’m setting up a new CentOS 7 box and while I was doing that I kept having intermittent network connectivity issues.  For some reason I decided NetworkManager needed to get out of my way… so I went about the process of disabling all that nonsense and went back to doing network config the way I know how. I set a reservation in DHCP (temporary), and set ifcfg-eth0 as a static IP along with all the other relevant pieces to get the interface manually configured.

Problem was I couldn’t get the network to come up. Here was my first issue:

Naturally I follow directions and ran “systemctl status network.service -l” and was greeted with:


Relevant bits highlighted. Now I’m pretty sure nothing is using that address since I got it from DHCP … so a bit of Googling led me to this link. The explanation here is that when ifup-eth runs it does an arping to determine if anything is using that address, and if anything replies then it exists the script. The offending section is this: Continue reading

Monitoring Windows DHCP Scopes with Nagios

Nagios_logo_blackOn your DHCP Server

You need this VB Script in the scripts directory of NSClient++ on the DHCP Server:

Change the .doc extension to .vbs or hit the link to Nagios exchange below for the original file.

Now in nsc.ini — Enable NRPEListener.dll and CheckExternalScripts.dll
Also in nsc.ini add the following in the External Scripts Section:

check_dhcp_scope=cscript.exe //T:30 //NoLogo scripts\check_dhcp_scope.vbs

Restart the NSClient++ on the DHCP server.
Continue reading