Darryl Mitchell

Lead Engineer @ NeoCloud working in cloud-based messaging and datacenter design/implementation

5.7.700-749 Access denied, tenant has exceeded threshold

tl;dr if you're getting this error, it's an automated threshold that Microsoft Support has to reset or expire over time check your message trace logs for signs of abuse and go ahead and call support I'm currently working on an ~800 user hybrid Exchange deployment and due to some issues with the existing 2010 environment decided to deploy an Exchange 2016 server to handle hybrid duties. Becauuse the customer is switching from Mimecast inbound/outbound to EOP/ATP I decided to route all messages ...
Read post

WinRM error 0x80338012 in Windows 10

Working on getting MFA working with my PowerShell connect script for Office 365 I ran into an issue where a WinRM command wasn't working on my machine. Apparently I had never set it up before, so the command: winrm get winrm/config/client/auth was not working. I was getting an error: WSManFault Message = The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for t...
Read post

PowerShell Profile Syncing

I switch devices a lot - laptops, desktops, management VMs, etc. - and generally whatever device I'm on I'm using PowerShell extensively. I predominantly used Mac/Linux from 2006-2017 and got used to certain tools - openssl, dig, whois, etc. - that I need in a shell, and Windows doesn't have those tools (even if it has some native "equivalents", like Resolve-DnsName). Ironically, I made the switch back to Windows specifically because at the time my most used PowerShell module, MsOnline, wasn't...
Read post

Using Microsoft Intune to push non-Windows Store apps

Mobile Device Management is quickly becoming a viable alternative to Group Policy in today's cloud-first world. What used to require a domain-joined machine with group policy can now be achieved with an MDM-enrolled machine and configuration or compliance policies. Several things have made this possible: Microsoft overhauled Intune last year to make it part of the native Azure interface, recent Windows 10 builds shipped with an MDM agent built in, and Azure Active Directory join is taking the p...
Read post

Working with Azure Network Security groups

By default when you deploy an Azure VM a Network Security Group (NSG) is created with a set of default rules that allow vNet and Internet traffic and allow RDP from any source. This is fine for throwaway VMs and immediate access for you to get things setup, but it's not ideal for long-term production use. In most of my customer use cases we're using Azure as a hybrid datacenter solution, so site-to-site connectivity is established. This makes it easy to narrow allowed traffic down to a specific...
Read post

Server 2003 to Azure

I was tasked recently with migrating an entire datacenter off of VMware and on to Azure, and their production servers were predominantly Server 2003. Yes, seriously. There is no documented process for migrating Server 2003 to Azure because Microsoft doesn't support running Server 2003 in Azure. But, I was able to find some small tips here and there, and after many months (!) of testing I was able to come up with a relatively foolproof process for getting Server 2003 VMs out to Azure. These are ...
Read post

Simplenote Export

Simplenote provides an easy export, but the exported file names are actually a Simplenote object identifier of some kind. Not super useful. The exported note has the note name stored as the first line in the file. You can use a simple PowerShell one-liner to recover your filenames. Download .zip from Simplenote Extract to directory cd to directory in PowerShell and run the following command: ls | % {$names = (Get-Content $_.name -First 1)+".txt"; foreach ($name in $names) {Renam e-Item $_.Na...
Read post