Author Archives: TechCognizance

How to recover data from a Deleted or Inactive mailbox in Exchange Online

The default mailbox retention in Microsoft 365 is 30 days, we can recover deleted/Inactive user’s mailbox to a new user or to a temporary user.

Please note that if you remove license form a user, mailbox will also be removed, once we reassign the license, mailbox will reconnect automatically.

To list all the deleted mailboxes

Get-Mailbox -SoftDeletedMailbox | select DisplayName, PrimarySmtpAddress, WhenSoftDeleted, RecipientTypeDetails, GUID, CustomAttribute6, DistinguishedName

#You can export this list in CSV.
Get-Mailbox -SoftDeletedMailbox | select DisplayName, PrimarySmtpAddress, WhenSoftDeleted, RecipientTypeDetails, GUID, CustomAttribute6, DistinguishedName | Export-Csv C:\Temp\Deletedmailboxes.csv -NoTypeInformation 

#In the output file we can find the mailbox information we want to recover.

We can also find just one mailbox from deleted mailboxes.

Get-Mailbox -SoftDeletedMailbox -Filter {name -like "*Mailbox Name*"} | fl Guid, DistinguishedName

Note down the mailbox GUID from above command and run below commands to restore the mailbox.

#Get details of inactive mailbox
$InactiveMailbox = Get-Mailbox -SoftDeletedMailbox -Identity 532f8e25-b435-4a17-b253-9097632680a1
#Run restore command
New-MailboxRestoreRequest -Name UserName-Restore -SourceMailbox $InactiveMailbox.DistinguishedName -TargetMailbox <DN of TargetMailbox> -TargetRootFolder Restore -AllowLegacyDNMismatch

Now, you can trace the restore using below command

#To get all the restore request.
Get-MailboxRestoreRequest  | Get-MailboxRestoreRequestStatistics

#To get just one restore request.
Get-MailboxRestoreRequestStatistics -Identity RestoreRequest

MFA Details of Microsoft 365 Admin Accounts

Protecting your Admin accounts in Microsoft 365 is a vital need, we should have MFA enabled for all Admin accounts in M365. Also, it is recommended that at least all privileged users use Microsoft Authenticator App for MFA.

We can have users added to multiple role groups and it is sometime hard to identify who is not complying with these policies.

Below script is available on TechNet to list users from all Role Groups, their MFA details and password age.

Restore Items from OneDrive Recycle Bin using Powershell

There are situation when you need to restore large amount of data form OneDrive Recycle bin using PowerShell.

We can using SharePoint PnP PowerShell module for this.

Import the module

Install-Module -Name "PnP.PowerShell" -Force

Now for example you want to Restore OneDrive Recycle Bin of

Connect user’s OneDrive using below command, you need to provide end users credentials when requested.

Connect-PnPOnline  -Url -Interactive

Now you can get recycle bin items of the user, if there are so many items, you can specify the limit

Get-PnPRecycleBinItem -FirstStage
Get-PnPRecycleBinItem -SecondStage

If you want to restore just one item, you can specify ID of that Item.

You can also restore all Items in one go.

Get-PnPRecycleBinItem | Restore-PnPRecycleBinItem -Force

We can use filter also, use below command to restore items deleted in last 5 days, where item name contains “Project Related”

$restoreDate = (Get-Date).AddDays(-5)
Get-PnPRecycleBinItem -Firststage | where {($_.DeletedDate -gt $restoreDate) -and ($_.Title  -Like ‘*ProjectRelated*’)} | Restore-PnpRecycleBinItem -Force

Get list of users created in AD within last few days

Using PowerShell we can get list of users created during a particular time frame, like in last 1 day, 30 days, etc. This may be helpful in AD audit or to track any security breach.

First, create a variable and store the date you want to go back.

Make sure you run the PowerShell as Admin, if you don’t you may get blank values for WhenCreated

$When = (Get-Date).AddDays(-30) # You can change number of days here as per your requirement. 
Get-ADUser -Filter {WhenCreated -ge $when}

#IF you want to list particular properties, you can use below command.
Get-ADUser -Filter {WhenCreated -ge $when} -Properties * | FT Name, UserPrincipalName, WhenCreated

We can also get group membership of these users in same command output.

Get-ADUser -Filter {whenCreated -ge $when} -Properties * | select UserPrincipalname, SamAccountName, Enabled, whenCreated, @{n="GroupMembership"; e={$_.MemberOf | foreach {(Get-ADGroup $_).Name}}}

Export this list to CSV file.

Get-ADUser -Filter {whenCreated -ge $when} -Properties * | select UserPrincipalname, SamAccountName, Enabled, whenCreated, @{n="GroupMembership"; e={$_.MemberOf | foreach {(Get-ADGroup $_).Name}}} | Export-CSV C:\Temp\ADUsersWhenCreated.csv -notype

Maximize Teams meeting shared content

When you are in a Teams meeting and someone is sharing content from their screen. In the new Teams meeting experience Teams meeting window open in a separate window and chat in a separate window and the sharing window size is really small.

We can turn off “New Teams meeting experience” but then we will have one single window for meeting and chat. though, we will have “Full Screen” option and can see large window when someone is sharing screen.

To turn off New Teams meeting experience go to Settings->General->Application -> Uncheck “Turn on new meeting experience”. This option is not available in new Teams versions.

Though, we can increase the sharing Teams window size in new meeting experience also.

To use Full Screen in sharing window.

Click on the “More Actions” (Three dots at the top of Teams Window) -> Click on “Full Screen”

Go to more actions again and click on Focus.

If the Window size is still small, you can also Zoom in the shared window.

Just press Ctrl key on keyboard + (rotate mouse wheel up) to increase Zoom in or rotate mouse wheel down to zoom out.

Zoom inCtrl+= or Ctrl+(rotate mouse wheel up)Command+= or Command+(rotate mouse wheel up)
Zoom outCtrl+- or Ctrl+(rotate mouse wheel down)Command+- or Command+(rotate mouse wheel down)
Reset zoomCtrl+0Command+0

How to Copy Other User’s OneDrive Data to your OneDrive

There are situations when we need to copy one user’s OneDrive data to another user’s OneDrive. For example a user leaving company and his manager wants all the project related files from his OneDrive. By default when we remove user’s license OneDrive data is preserved for 30 days which can be increased. If we want to preserve files longer than this, we can either enable retention hold on OneDrive or copy data to another user’s OneDrive.

We can follow below process to Copy OneDrive data.

  • Grant permissions on user’s OneDrive to his manager How to grant permissions ?
  • Generate OneDrive link and provide the link to user
    • Login Microsoft Admin portal
    • Select the user for which you want to save the data
    • Go to OneDrive Tab and click on “Create link to access file”
  • Now user’s manager can copy the data
    • Copy the link and provide to end user to access files of the user leaving
    • Open the link on user’s manager computer and select the folders you want to copy to his OneDrive
  • Click on “Copy To” and the Manager will option to copy to his OneDrive.
  • Select “Your OneDrive”. You will have option to Copy to existing folders or you can create a new folder also.
  • Depending on the size of data, you will start seeing files and folders in your OneDrive.

How to grant a user permission to access another user’s oneDrive

When an employee leaves your organization, the management wants to access their data to review it and give it a new employee or want to backup the data.

Once you remove the license and delete the user, you will have 30 days by default (can be increased from OneDrive admin center) to access user’s OneDrive data, after 30 days the data will be deleted.

We can allows other users to access OneDrive data using below methods.

Option 1 – Using user’s OneDrive link from M365 Admin center

In the admin center, go to the Users > Active users page.
Select a user.
In the right pane, select OneDrive. Under Get access to files, select Create link to files.

Click on this link and you will get redirected to the user’s OneDrive in your browser window.

Replace OneDrive with mngsiteadmin, so the link will become line below.

Add the new user in the permissions list and click Ok. don’t remove any permissions from here.

The new user will have permissions to the OneDrive

Option 2 – Using SharePoint Admin Center.

  • Login SharePoint Admin Center
  • On the left hand pane open the “more features”
  • Under User Profiles, select Open.
  • Under People, select Manage User Profiles.
  • Enter the user’s name and click Find.
  • Right-click on the user’s name and select Manage Site Collection Owners.
  • Add a secondary admin in the “Site Collection Administrators” and Click OK

Update Room and Equipment Mailboxes features using the Resource Schema

When creating room mailboxes, it is good to show features of room mailbox to end users for easy identification.

By default in GAL description will only show “Room” which may not be sufficient to identify capabilities of Room while booking.

For example, we can update details like TVScreen, whiteboard, Smartboard with room.

Using resouce schema we can update all features of a room mailbox.

#To check current resource config

We can add resource schema using below commands.

Set-ResourceConfig -ResourcePropertySchema @{add="Room/WithTVScreen"}
Set-ResourceConfig -ResourcePropertySchema @{add="Room/Whiteboards"}

Adding resource config value will not update any mailbox, but we will have to set these configs on room mailboxes.

If a item is not there in resource config, you can’t add that item on room mailbox.

Also, only a alphanumeric value is allowed and space is not allowed.

Set-Mailbox R_BoardRoom -ResourceCustom   @{add= "WithTVScreen"}
Set-Mailbox R_PinkRoom -ResourceCustom  @{add= "WithTVScreen", "Whiteboards"}
Set-Mailbox R_SmartRoom -ResourceCustom  @{add= "WithTVScreen", "Whiteboards", "VideoConf" }

Once you update and download the GAL, you will see below results.

« Older Entries