Learning

Simple Tip for GitHub Copilot

September 20, 2024 by ClaytonT 2 Comments

If you have GitHub Copilot, you may or may not know about this little tip, but wanted to let you know just in case. It has saved me so much time and it can be applied to a lot of scenarios.

Here is the prompt, “Can you add the export to markdown capability from #file:Test-365ACCompanyName.ps1 to #file:Test-365ACStreetAddress.ps1”

And what this does is it adds the functionality of exporting to markdown to the new file the same I did in CompanyName, but adapts it to fit StreetAddress. Further more, it adds Help for it and creates the parameter for it(with ValidatePattern).

From this:

<#
.SYNOPSIS
    Tests whether users have a street address and generates a report.

.DESCRIPTION
    The Test-365ACStreetAddress function tests whether users have a street address and generates a report. 
    It takes a list of users as input and checks if each user has a street address. 
    The function generates a report that includes the user's display name and whether they have a street address.
    The report can be exported to an Excel file or an HTML file.

.PARAMETER Users
    Specifies the list of users to test. If not provided, it retrieves all users from the Microsoft Graph API.

.PARAMETER TenantID
    The ID of the tenant to connect to. Required if using app-only authentication.

.PARAMETER ClientID
    The ID of the client to use for app-only authentication. Required if using app-only authentication.

.PARAMETER CertificateThumbprint
    The thumbprint of the certificate to use for app-only authentication. Required if using app-only authentication.

.PARAMETER AccessToken
    The access token to use for authentication. Required if using app-only authentication.

.PARAMETER InteractiveLogin
    Specifies whether to use interactive login. If this switch is present, interactive login will be used. Otherwise, app-only authentication will be used.

.PARAMETER OutputExcelFilePath
    Specifies the file path to export the report as an Excel file. The file must have a .xlsx extension.

.PARAMETER OutputHtmlFilePath
    Specifies the file path to export the report as an HTML file. The file must have a .html extension.

.PARAMETER TestedProperty
    Specifies the name of the property being tested. Default value is 'Has Street Address'.

.EXAMPLE
    Test-365ACStreetAddress -Users $users -OutputExcelFilePath "C:\\Reports\\StreetAddressReport.xlsx"

    This example tests the specified list of users for street addresses and exports the report to an Excel file.

.EXAMPLE
    Test-365ACStreetAddress -OutputExcelFilePath "C:\\Reports\\StreetAddressReport.xlsx"

    This example retrieves all users from the Microsoft Graph API, tests them for street addresses, and exports the report to an Excel file.

#>

Function Test-365ACStreetAddress {
    [CmdletBinding()]
    param
    (
        [Parameter(ValueFromPipeline = $true)]
        [array]$Users = (Get-MgUser -All -Property DisplayName, StreetAddress | Select-Object DisplayName, StreetAddress),
        
        [Parameter(Mandatory = $false)]
        [string]$TenantID,
        
        [Parameter(Mandatory = $false)]
        [string]$ClientID,
        
        [Parameter(Mandatory = $false)]
        [string]$CertificateThumbprint,
        
        [Parameter(Mandatory = $false)]
        [string]$AccessToken,
        
        [Parameter(Mandatory = $false)]
        [switch]$InteractiveLogin,

        [ValidatePattern('\\.xlsx$')]
        [string]$OutputExcelFilePath,
        
        [ValidatePattern('\\.html$')]
        [string]$OutputHtmlFilePath,
        
        [string]$TestedProperty = 'Has Street Address'
    )
    BEGIN {
        if ($InteractiveLogin) {
            Write-PSFMessage "Using interactive login..." -Level Host
            Connect-MgGraph -Scopes "User.Read.All", "AuditLog.read.All"  -NoWelcome
        }
        else {
            Write-PSFMessage "Using app-only authentication..." -Level Host
            Connect-MgGraph -ClientId $ClientID -TenantId $TenantID -CertificateThumbprint $CertificateThumbprint -Scopes "User.Read.All", "AuditLog.Read.All"
        }
        
        $results = @()
    }
    PROCESS {
        foreach ($user in $Users) {
            $hasStreetAddress = [bool]($user.StreetAddress)
            $result = [PSCustomObject]@{
                'User Display Name' = $user.DisplayName
                $TestedProperty     = $hasStreetAddress
            }
            $results += $result
        }
    }
    END {
        $totalTests = $results.Count
        $passedTests = ($results | Where-Object { $_.$TestedProperty }).Count
        $failedTests = $totalTests - $passedTests
        if ($OutputExcelFilePath) {
            Export-365ACResultToExcel -Results $results -OutputExcelFilePath $OutputExcelFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
        }
        elseif ($OutputHtmlFilePath) {
            Export-365ACResultToHtml -Results $results -OutputHtmlFilePath $OutputHtmlFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
        }
        else {
            Write-Output $results
        }
    }
}

To this:

<#
.SYNOPSIS
    Tests whether users have a street address and generates a report.
.DESCRIPTION
    The Test-365ACStreetAddress function tests whether users have a street address and generates a report. 
    It takes a list of users as input and checks if each user has a street address. 
    The function generates a report that includes the user's display name and whether they have a street address.
    The report can be exported to an Excel file, an HTML file, or a Markdown file.
.PARAMETER Users
    Specifies the list of users to test. If not provided, it retrieves all users from the Microsoft Graph API.
.PARAMETER TenantID
    The ID of the tenant to connect to. Required if using app-only authentication.
.PARAMETER ClientID
    The ID of the client to use for app-only authentication. Required if using app-only authentication.
.PARAMETER CertificateThumbprint
    The thumbprint of the certificate to use for app-only authentication. Required if using app-only authentication.
.PARAMETER AccessToken
    The access token to use for authentication. Required if using app-only authentication.
.PARAMETER InteractiveLogin
    Specifies whether to use interactive login. If this switch is present, interactive login will be used. Otherwise, app-only authentication will be used.
.PARAMETER OutputExcelFilePath
    Specifies the file path to export the report as an Excel file. The file must have a .xlsx extension.
.PARAMETER OutputHtmlFilePath
    Specifies the file path to export the report as an HTML file. The file must have a .html extension.
.PARAMETER OutputMarkdownFilePath
    Specifies the file path to export the report as a Markdown file. The file must have a .md extension.
.PARAMETER TestedProperty
    Specifies the name of the property being tested. Default value is 'Has Street Address'.
.EXAMPLE
    Test-365ACStreetAddress -Users $users -OutputExcelFilePath "C:\\Reports\\StreetAddressReport.xlsx"
    This example tests the specified list of users for street addresses and exports the report to an Excel file.
.EXAMPLE
    Test-365ACStreetAddress -OutputExcelFilePath "C:\\Reports\\StreetAddressReport.xlsx"
    This example retrieves all users from the Microsoft Graph API, tests them for street addresses, and exports the report to an Excel file.
#>
Function Test-365ACStreetAddress {
[CmdletBinding()]
param
(
    [Parameter(ValueFromPipeline = $true)]
    [array]$Users = (Get-MgUser -All -Property DisplayName, StreetAddress | Select-Object DisplayName, StreetAddress),
    
    [Parameter(Mandatory = $false)]
    [string]$TenantID,
    
    [Parameter(Mandatory = $false)]
    [string]$ClientID,
    
    [Parameter(Mandatory = $false)]
    [string]$CertificateThumbprint,
    
    [Parameter(Mandatory = $false)]
    [string]$AccessToken,
    
    [Parameter(Mandatory = $false)]
    [switch]$InteractiveLogin,
    
    [ValidatePattern('\\.xlsx$')]
    [string]$OutputExcelFilePath,
    
    [ValidatePattern('\\.html$')]
    [string]$OutputHtmlFilePath,
    
    [ValidatePattern('\\.md$')]
    [string]$OutputMarkdownFilePath,
    
    [string]$TestedProperty = 'Has Street Address'
)
BEGIN {
    if ($InteractiveLogin) {
        Write-PSFMessage "Using interactive login..." -Level Host
        Connect-MgGraph -Scopes "User.Read.All", "AuditLog.read.All"  -NoWelcome
    }
    else {
        Write-PSFMessage "Using app-only authentication..." -Level Host
        Connect-MgGraph -ClientId $ClientID -TenantId $TenantID -CertificateThumbprint $CertificateThumbprint -Scopes "User.Read.All", "AuditLog.Read.All"
    }
    
    $results = @()
}
PROCESS {
    foreach ($user in $Users) {
        $hasStreetAddress = [bool]($user.StreetAddress)
        $result = [PSCustomObject]@{
            'User Display Name' = $user.DisplayName
            $TestedProperty     = $hasStreetAddress
        }
        $results += $result
    }
}
END {
    $totalTests = $results.Count
    $passedTests = ($results | Where-Object { $_.$TestedProperty }).Count
    $failedTests = $totalTests - $passedTests
    if ($OutputExcelFilePath) {
        Export-365ACResultToExcel -Results $results -OutputExcelFilePath $OutputExcelFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
        Write-PSFMessage "Excel report saved to $OutputExcelFilePath" -Level Host
    }
    elseif ($OutputHtmlFilePath) {
        Export-365ACResultToHtml -Results $results -OutputHtmlFilePath $OutputHtmlFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
        Write-PSFMessage "HTML report saved to $OutputHtmlFilePath" -Level Host
    }
    elseif ($OutputMarkdownFilePath) {
        Export-365ACResultToMarkdown -Results $results -OutputMarkdownFilePath $OutputMarkdownFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
        Write-PSFMessage "Markdown report saved to $OutputMarkdownFilePath" -Level Host
    }
    else {
        Write-PSFMessage -Level Output -Message ($results | Out-String)
    }
}
}

And here is the source Test-365ACCompanyName.ps1 code

<#
.SYNOPSIS
Tests if users have a company name property and generates test results.

.DESCRIPTION
The Test-365ACCompanyName function tests if users have a company name property and generates test results. It takes an array of users as input and checks if each user has a company name property. The test results are stored in an array of custom objects, which include the user's display name and the result of the test.

.PARAMETER Users
Specifies the array of users to test. Each user should have a DisplayName and CompanyName property.

.PARAMETER TenantID
The ID of the tenant to connect to. Required if using app-only authentication.

.PARAMETER ClientID
The ID of the client to use for app-only authentication. Required if using app-only authentication.

.PARAMETER CertificateThumbprint
The thumbprint of the certificate to use for app-only authentication. Required if using app-only authentication.

.PARAMETER AccessToken
The access token to use for authentication. Required if using app-only authentication.

.PARAMETER InteractiveLogin
Specifies whether to use interactive login. If this switch is present, interactive login will be used. Otherwise, app-only authentication will be used.

.PARAMETER OutputExcelFilePath
Specifies the path to the output Excel file. If provided, the test results will be exported to an Excel file.

.PARAMETER OutputHtmlFilePath
Specifies the path to the output HTML file. If provided, the test results will be exported to an HTML file.

.PARAMETER OutputMarkdownFilePath
Specifies the path to the output Markdown file. If provided, the test results will be exported to a Markdown file.

.PARAMETER TestedProperty
Specifies the name of the tested property. Default value is 'Has Company Name'.

.INPUTS
An array of users with DisplayName and CompanyName properties.

.OUTPUTS
If OutputExcelFilePath or OutputHtmlFilePath is not provided, the function outputs an array of custom objects with the user's display name and the result of the test.

.EXAMPLE
$users = Get-MgUser -All -Property DisplayName, CompanyName | Select-Object DisplayName, CompanyName
Test-365ACCompanyName -Users $users -OutputExcelFilePath 'C:\\TestResults.xlsx'
This example tests if the users have a company name property and exports the test results to an Excel file.
#>
Function Test-365ACCompanyName {
    [CmdletBinding()]
    param
    (
        [Parameter(ValueFromPipeline = $true)]
        [array]$Users = (Get-MgUser -All -Property DisplayName, CompanyName | Select-Object DisplayName, CompanyName),
        
        [Parameter(Mandatory = $false)]
        [string]$TenantID,
        
        [Parameter(Mandatory = $false)]
        [string]$ClientID,
        
        [Parameter(Mandatory = $false)]
        [string]$CertificateThumbprint,
        
        [Parameter(Mandatory = $false)]
        [string]$AccessToken,
        
        [Parameter(Mandatory = $false)]
        [switch]$InteractiveLogin,
        
        [ValidatePattern('\\.xlsx$')]
        [string]$OutputExcelFilePath,
        
        [ValidatePattern('\\.html$')]
        [string]$OutputHtmlFilePath,
        
        [ValidatePattern('\\.md$')]
        [string]$OutputMarkdownFilePath,
        
        [string]$TestedProperty = 'Has Company Name'
    )
    BEGIN {
        if ($InteractiveLogin) {
            Write-PSFMessage "Using interactive login..." -Level Host
            Connect-MgGraph -Scopes "User.Read.All", "AuditLog.read.All"  -NoWelcome
        }
        else {
            Write-PSFMessage "Using app-only authentication..." -Level Host
            Connect-MgGraph -ClientId $ClientID -TenantId $TenantID -CertificateThumbprint $CertificateThumbprint -Scopes "User.Read.All", "AuditLog.Read.All"
        }
        $results = @()
    }
    PROCESS {
        foreach ($user in $Users) {
            $hasCompanyName = [bool]($user.CompanyName)
            $result = [PSCustomObject]@{
                'User Display Name' = $user.DisplayName
                $TestedProperty     = $hasCompanyName
            }
            $results += $result
        }
    }
    END {
        $totalTests = $results.Count
        $passedTests = ($results | Where-Object { $_.$TestedProperty }).Count
        $failedTests = $totalTests - $passedTests
        if ($OutputExcelFilePath) {
            Export-365ACResultToExcel -Results $results -OutputExcelFilePath $OutputExcelFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
            Write-PSFMessage "Excel report saved to $OutputExcelFilePath" -Level Host
        }
        elseif ($OutputHtmlFilePath) {
            Export-365ACResultToHtml -Results $results -OutputHtmlFilePath $OutputHtmlFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
            Write-PSFMessage "HTML report saved to $OutputHtmlFilePath" -Level Host
        }
        elseif ($OutputMarkdownFilePath) {
            Export-365ACResultToMarkdown -Results $results -OutputMarkdownFilePath $OutputMarkdownFilePath -TotalTests $totalTests -PassedTests $passedTests -FailedTests $failedTests -TestedProperty $TestedProperty
            Write-PSFMessage "Markdown report saved to $OutputMarkdownFilePath" -Level Host
        }
        else {
            Write-PSFMessage -Level Output -Message ($results | Out-String)
        }
    }
}

And yes, it did write out the whole function again, I didn’t manipulate it at all, so after reviewing you can literally just copy it in, and not have to worry about forgetting a “(” or “{”. I know it’s not a huge lift, but you can also do “Can you also do this for #file:Test-365ACZipcode.ps1” and it will.

I’ve used this prompt syntax for other functions as well with great results. Have you used anything like this before?

You can see more uses of it at GitHub – 365AutomatedCheck

Why did I get this email?

March 25, 2024 by ClaytonT Leave a Comment

Here’s the scenario…

An executive forwards an email to your ticketing system and asks why they are receiving it. Then sends another from the day before. There is a Microsoft 365 distribution list(DL) in both emails, but not one they would be on. What do you do?

Check and see if there are any tickets for that DL, and you see there haven’t been any tickets for that DL or even that person. You then check the DL, and indeed see they are in it…. but how?

PowerShell to the rescue! Have you ever used “Search-UnifiedAuditLog” which is a cmdlet for Exchange Online PowerShell? It is a great for one off investigations in 365, but here we will use it to find any admin activity for that user in the past week. Full disclosure, I’ve used it a handful of times and had never really dug into which was a mistake on my part. Knowing more of what it can do now would have saved me so much time on other resolutions where I had gone through the 365 portal. Don’t be me, start using this now and create your own functions as well Purview to save you time and headaches. Enable it now, as it can’t be backdated.

# See if you have it enabled
Get-AdminAuditLogConfig | Format-List UnifiedAuditLogIngestionEnabled

# If not enabled, run this
Enable-OrganizationCustomization

# Enable Audit logs - this can take up to 60 mins
Set-AdminAuditLogConfig -UnifiedAuditLogIngestionEnabled $true

Hopefully you already have it enabled, or you enabled it right now and can wait for it to start ingesting the logs so when you do need it, it is available.

Back to our executive incident. How do we find out what happened. The quick way is to run:

# Check for all admin activity for named user
Search-UnifiedAuditLog -StartDate 2/1/2024 -EndDate 3/16/2024 -ObjectIds execuser@domain.com

And this is the way I originally did it to get the answer I needed. That’s it! Then you will see in “AuditData” which groups they were added/removed from and any operations that happened with the groups they are in. This broad search will show even more, but only mentioning parts related to this task. At the end of this post I’ll have a list of great resources on how to get granular on your searches.

Now you can see that another engineer accidentally added them(after confirming with engineer), and you can just remove them from the list. This is best case scenario, as if I hadn’t looked and just removed the executive without searching and asking the engineer, they could have been added by a compromised account seeing what kind of privileges they had.

There is a way clean up the audit data so it is easier to view, but that will be in a longer blog post coming soon. Again, I’ll have some links at the end to give you a head start. Honestly, this was only supposed to be a quick one liner post, that definitely grew, and I’ve spent more time than I would like to admit researching it. It has given me more ideas on how to use it and I’ll put together functions in a repository or possibly a module of most useful commands.

One function I’ll be creating is one to check to see if a user has changed their password recently, has multiple failed attempts, and/or if they have locked themself out. How nice would that be for you or your help desk if the function sees who submitted the ticket, runs the function then gives you that feedback? To go one step farther, if they aren’t blocked out, automatically send them the password reset portal to reset their password?

If you already use this, what scripts/functions have you created? I’d love to hear about them, and I can create a repository for us to keep them in one spot.

Useful Links:

Search-UnifiedAuditLog – Microsoft Learn Cmdlet
How it works – Services that support auditing
Detailed info – Detailed Microsoft Script

Hope this helps saving you from headaches and can’t wait to hear how you use it! Have a great day!

365AutomatedLab Update: Now Supports MacOS

October 23, 2023 by ClaytonT Leave a Comment

You read that write v0.1.4 now supports MacOs! As long as you are using PowerShell 7.x you are good to go. Also in v0.1.4, you are now able to export your users from your main tenant into a worksheet that is easily imported into your dev tenant. You will only have to add the licensing(Please let me know if you want me to default the developer licenses). I’ve cleaned up some of the documentation and help as well. I’m really excited about this release and can’t wait to add more features! Let me know what you would like to see next.

For easy installation:

Install-Module -Name 365AutomatedLab

As always any PR, Issue, or question is always welcome. Have a great day!

Detailed Changelog:
https://github.com/DevClate/365AutomatedLab/blob/main/CHANGELOG.md

GitHub:
https://github.com/DevClate/365AutomatedLab

PowerShell Gallery:
https://www.powershellgallery.com/packages/365Automatedlab/0.1.4

How ChatGPT saved our company $1500 in less than 15 minutes

September 15, 2023 by ClaytonT 1 Comment

Let me set the stage… previously we had a batch file in our startup script to add/remove network drives. It worked great and didn’t have any issues. We moved away from an on-site file server to a cloud solution with local cache. They created a new batch file for us which worked perfectly… until we started looking at integrating Intune computers. Luckily, early on we caught this, and realized we needed a PowerShell script instead of a batch script. We reached out to the vendor with knowing they had PowerShell experience and asked if they could recreate the script using PowerShell. They came back with a quote of $1,500.

I looked at the batch script again, and said there is no way it costs that much to convert an already working batch script to PowerShell. So what did I do? I opened up the 26 line batch script, skimmed over it, then copied it into ChatGPT, and told it to convert the script to PowerShell. It created a PowerShell function within the script and when I followed up with an additional prompt to see if a certain drive was still present to delete it, it created that as well. It was 98% done, I only had to fill in our company data and one part they had an additional parameter that wasn’t needed. All less than 15 minutes. For context, this was with ChatGPT with GPT-4 back in early May 2023, as it is even better now.

Is ChatGPT always this accurate? No, but when you search on Google, Stack Overflow, or any other site, is it always accurate? I like to think of ChatGPT, Azure OpenAI, etc as a smart intern where you trust, but verify the work before implementing. Always test in a development environment as some code take down infrastructure(Same with other sites/LLMs)

Now, not only did I save the company $1,500, I saved time from all the meetings, paperwork(Purchase Order and misc), and testing with the vendor which I used to work on other projects!

Hope you found this helpful and gets you thinking of using ChatGPT, Azure OpenAI, etc more, but please make sure you know what you are testing and/or are in a complete test environment. And if for some reason you take down something in production by accident, let someone know asap what you were doing, so that it can be quickly resolved if you aren’t sure how to fix it.

Read-Only Friday 365 Developer Program

July 14, 2023 by ClaytonT Leave a Comment

Want to have some fun with Office 365, but don’t want to mess up your production environment? Or what about being able to try out scripts and not having to brace yourself as you run them and hope they don’t clear out all your data? Now you can do whatever you want with the Microsoft 365 Dev Center.

That is right, up to 25 E5 licensed users at your disposal for 90 days and will be renewed as long as you are using it. They will even create 16 users for you, mail traffic, and more. This isn’t just for PowerShell, this all aspects of 365.

Awesome, right? Here are few examples:

You could copy up to 25 of your current users and import them into this Developer tenant and test scripts see exactly how it would work with your information. Think of those times where you test a script with fictional users and your script works perfect, but once you put it into production, your script fails because one username had a character that your test data didn’t have. Now your spending unnecessary time trying to figure out what went wrong when it worked perfectly in proof of concept.
You want to test new features or policies, but you don’t want to enable them in your production environment, as your not 100% sure how it will react to your environment. Configure this test environment how your current tenant is then enable those features or policies you want to test. Much safer to test in the dev environment, then do it in production and all of a sudden your users can’t access critical resources or anything at all!
Your boss wants you do a proof of concept on how to streamline the onboarding process and to make it as simple as possible for the organization. It is recommended that you use Sharepoint and Teams as the company already uses both and are familiar. Instead of using your production environment, you can do this all in the dev tenant without affecting anything in production. You can even invite key players in this project to login and test it with you. Now you don’t have to worry about a teams alert that you setup for when a new hire has been added to AD or Microsoft Entra ID spamming a your production channel because your script or flow errored.

These are just a few scenarios that the 365 Dev tenant can be useful, but there are so many more. I’m barely scratching the surface, and hope you sign up right away for this if you haven’t already. It is free, if you administer or develop 365, you need this.

I hope you found this helpful, and if you have any questions, I’d be glad to help out in anyway I can.

Read-Only Friday March 31, 2023

March 31, 2023 by ClaytonT Leave a Comment

It’s Read-Only Friday, and what better thing to do than read and help out the PowerShell, DevOps, and IT community by purchasing a book of 2 from the DevOps collective?!!

https://leanpub.com/u/devopscollective

https://leanpub.com/psconfbook3

If I’m missing others that donate to the DevOps, please let me know.