Latest Posts

Skype for Business Online PowerShell connections are blocked

No comments:

Issue: 

You as a Global Admin or Skype for business Admin or Teams Administrator cannot connect to Skype for Business PowerShell Module. The Error that appears is as follows:

New-PSSession : [admin0a.online.lync.com] Processing data from remote server admin0a.online.lync.com failed with the

following error message: Skype for Business Online PowerShell connections are blocked.

Cause

Microsoft has discontinued the Skype for Business Online PowerShell module and you cannot download the old powershell module anymore. If you have the module already installed on your machine and you try to connect to the service, you get the above mentioned error. 

Teams administrator were notified through Message center post (MC244740, dated March 16, 2021; MC250940, dated April 16 2021) about this change.

Solution

You can update the Microsoft Teams PowerShell on the machine and use it to connect the online service using PowerShell.

# Open PowerShell as an Administrator, and use update-module cmdlet. 

Update-Module MicrosoftTeams 

Once Updated, you can connect to Microsoft Teams using the Connect-MicrosoftTeams Cmdlet

Connect-MicrosoftTeams





Read More

Add members to Teams without Welcome Messages

No comments:





When you add someone to Teams, the recipients get a welcome message by Microsoft. In some situations, you might to suppress this default behavior by changing the setting at the Teams level.  

To DISABLE the welcome message, just use this parameter on the individual Teams or Unified Group " UnifiedGroupWelcomeMessageEnable"

You'd need to be connected to Exchange Online module via PowerShell for it to work.

Set-UnifiedGroup -Identity "Name of your Team or Group" -UnifiedGroupWelcomeMessageEnable:$false

Example - 

Set-UnifiedGroup -Identity "TEST Team1" -UnifiedGroupWelcomeMessageEnable:$false


If you want to restore the welcome email functionality, just set it to $True again.

Example: 

Set-UnifiedGroup -Identity "TEST Team1" -UnifiedGroupWelcomeMessageEnable:$true











Read More

ADFS Error 1297, Event ID 7000, Event ID 352 The Active Directory Federation Services service failed to start due to the following error: A privilege that the service requires to function properly does not exist in the service account configuration

No comments:

Issue

The Active Directory Federation Services service failed to start due to the following error and cannot be started with the following error -

Windows Could not start the Active Directory Federation Services on Local Computer. 

Error 1297: A privilege that the service requires to function properly does not exist in the service account configuration. You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration.





In the event viewer, this may accompany the Event ID 7000, Event ID 220 and Event ID 352.


Cause

This can be caused after installation of Security Patches or Windows Updates on the ADFS Server, change of  ADFS Service Account, changed permissions to the service account in the local computer or in the Active Directory, Changes to Group Policy etc.

Solution

Check if the ADFS Service account has Generate Security Audits Permission on the local Computer. 

  • On Run Type "Gpedit.msc" or launch Local Group Policies MMC Console.
  • Go to Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> User Rights Assignment.
  • From Right Pane, Select Generate security audits.


  • Add your ADFS Service Account here.


  • Exit Local Group Policies MMC Console.
  • Open Command Prompt "CMD" and type "GPUPDATE /FORCE"
  • Set the ADFS Service to Run as the ADFS Service Account.

















  • Restart ADFS Service





Happy Single Sign-On!
Read More

Common issues with PowerShell while installing modules like MSONLINE, AzureAD | PowerShell Install-Module:The term ‘Install-Module’ is not recognized

No comments:
You want to connect to Microsoft 365 tenant with PowerShell to do some bulk operations like assigning licenses to users in bulk, change user properties, or just a simple password reset. You are about to begin your magic by installing your first PowerShell module and face this error  - not a good start, Duh!

PowerShell Install-Module:The term ‘Install-Module’ is not recognized as the name of a cmdlet, function, script file,or operable program.

Check the spelling of the name, or if a path was included,verify that the path is correct and try again.
At line:1 char :1
+Install-module msonline



You try to force the Install-Module cmdlet with -Force switch but meet another error. 😔

Install-Module MSONLINE -Force




What's missing? Why can't you install the PowerShell module?

Most likely, at least one out of below four is missing on your computer - 
  1. PowerShell Version
  2. TLS 1.2
  3. NuGet Provider Package
  4. PSGallery Repository 
Lets see them one by one. 

1. PowerShell Version

To install the powershell modules using install-module cmdlet, you need to run PowerShell 5.1 or higher. 

You can check the current version by simply typing HOST in the PowerShell console:

Get-Host



If the above cmdlet returns version lower than 5.1, you must install Windows Management Framework 5.1

To solve this - you can download it from Microsoft site here


2. TLS 1.2

Without TLS 1.2, you can't successfully Install NuGet Package Provider which is a prerequisite for installing new PowerShell Modules on a system.

You can check if your PowerShell has support for TLS 1.2 by running:


If you don't see the 'TLS12' in the list, you can enable it for the current PowerShell Session or permanently.

Enable TLS 1.2 in current session only - 

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12


Enable TLS 1.2 permanently- 

# Open Powershell (As Admin)
# Run the following cmdlets to set .NET Framework strong cryptography registry keys:

# Set strong cryptography on 64 bit .Net Framework (version 4 and above)
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord

# Set strong cryptography on 32 bit .Net Framework (version 4 and above)
Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Value '1' -Type DWord

Exit

# Open PowerShell again and check the current available TLS versions

[Net.ServicePointManager]::SecurityProtocol

Bonus: 

How can you spot the issue is TLS without running these cmdlets?
By looking at the error, which reads - 

PackageManagement\Install-PackageProvider : No match was found for the specified search criteria for the provider ‘NuGet’. The package provider requires ‘PackageManagement’ and ‘Provider’ tags. Please
check if the specified package has the tags.

3. NuGet Package Provider

Install-PackageProvider cmdlet installs modules available the PowerShell Gallery with the PackageManagement tag. PackageManagement requires to download the NuGet package provider. 

You can check if NuGet is already available on your machine by running:

Get-PackageProvider


If NuGet package provider is not installed, install it by running below cmdlet in an elevated PowerShell window:

Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force

4. PSGallery Repository

If the error is due to incorrectly installed or not installed PSRepository, the error may look like:
The error can also look slightly different i.e.

PS C:\WINDOWS\system32> Install-Module -Name MSOnline
PackageManagement\Install-Package : No match was found for the specified search criteria and module name 'MSOnline'.
Try Get-PSRepository to see all available registered module repositories.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:1809 char:21
+ ...          $null = PackageManagement\Install-Package @PSBoundParameters
+                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Microsoft.Power....InstallPackage:InstallPackage) [Install-Package], Ex
   ception
    + FullyQualifiedErrorId : NoMatchFoundForCriteria,Microsoft.PowerShell.PackageManagement.Cmdlets.InstallPackage

To solve this Run the Get-PSRepository cmdlet to confirm the PSGallery PSRepository is installed on the system. 
The output should look like below: 

Get-PSRepository

If not, Restore the default repository by using the command

Register-PSRepository -Default

Bonus: 

How can you spot the issue is PSRepository without running these cmdlets?
By looking at the error, which reads - 

PackageManagement\Install-Package : No match was found for the specified search criteria and module name 'MSOnline'.

The problem is now solved! You can install PowerShell Modules now!

Install-Module MSONLINE -AllowClobber -Force


Enjoy!
Read More