Flaky, Chewy Brownies

This morning, I had a craving for brownies.  Like 1am craving.  What's a guy to do when this urge hits and the normal ingredients (a.k.a. "the box") aren't available?

Improvise.  And make the best damn brownies ever.

Ingredients

• 12 oz semi-sweet chocolate chips
• 1 stick unsalted butter
• 1/2C + 2 T solid coconut oil
• 1/2 tsp salt
• 4 eggs
• 2 tsp vanilla
• 2 1/2C powdered/confectioner's sugar
• 1 1/4C all-purpose flour
• 1 T water
• Baking spray (non-stick spray with flour)

Equipment

• Wire whisk
• Large mixing bowl
• Rubber spatula
• One 9"x11" or two 8"x6" glass baking dishes

Preparation

1. Pre-heat oven to 325 degrees F.
2. Grease with the baking spray.
3. In a medium Teflon saucepan, begin heating the chocolate chips, butter, and coconut oil, stirring occasionally.
4. In a large mixing bowl, beat all four eggs, vanilla, and water with a whisk. Fold in the powdered sugar and salt.
5. Remember to stir the chocolate chips.
6. Continue stirring the batter.  Add in the flour.
7. Remove the melted mixture from heat.
8. Stir the egg and flour mixture until it's as smooth as it can be, until your hand hurts, or for about 2 minutes.
9. Slowly add the melted chocolate chip mixture to the mixing bowl.
10. Stir some more until the mixture is smooth.
11. Pour the batter into the baking dish(es) and place them in the oven.
12. Set the timer for 25 minutes and grab a Disaronno.
13. At the 25 minute mark, stick a wooden toothpick, chopstick, or skewer in.  If it comes out super-gooey, add another two minutes.
14. Lather, rinse, repeat, but don't get any soap in the brownies, because that will suck.
15. When the wooden insertion tool comes out mostly clean (not all the way clean--it's kind of an art at this point), take the brownies out of the oven and set on a wire rack to cool.

Consummation

1. Once they've cooled so you can cut them, do so.
2. Pour a cold glass of milk.  Rum optional.

Copy attribute from one field to another with PowerShell

This week, while prepping two different customers for single-signon to Office 365, I ran into the same issue--the userPrincipalName attribute was correctly populated (username@domain.com), but the email address was blank.  So, to rectify this problem, I put together a script that reads the UPN attribute and then copies to the the mail attribute.

Leave me a comment if you find it useful!

# Populate "mail" attribute with UPN
Import-Module ActiveDirectory
Get-ADUser -LDAPFilter '(userPrincipalName=*)' `
-Properties userPrincipalName,mail | Select-Object * | `
ForEach-Object { Set-ADObject -Identity `
$_.DistinguishedName -Replace `
@{mail=$($_.userPrincipalName)} }
 
 

Managing via WinRM

What is WinRM?

WinRM, for those of you not in the know, is really the Microsoft answer to an age-old problem in the Windows world--remote command and task execution.  It's the Windows equivalent of the Unix rsh, a native implementation of the PsExec (albeit, with the added complexity that seeps into nearly all Microsoft technologes).  It's built on SOAP, so it's intended to be firewall-friendly.

The quick guide to enabling it:

On a server you wish to enable WinRM managment, open an elevated command or PowerShell prompt and run winrm quickconfig.  Answer "Yes" to create the listener and open the necessary ports in the Windows Firewall.

Once that's done, you may need to set the configuration to allow you to connect to it and issue remote commands.  You can do this by by opening an elevated command or PowerShell prompt and entering one of the following command examples:

Add a single trusted remote management host

winrm set winrm/config/client '@{TrustedHosts="server1"}'

Add multiple trusted remote management hosts

winrm set winrm/config/client '@{TrustedHosts="server1,server2"}'

Make every host trusted (not advised)

winrm set winrm/config/client '@{TrustedHosts="*"}'

Now What?

Let's say you want to execute a command against a WinRM host.  To do this, use the command winrs.

For example, to open a command prompt on server2, you would run:

winrs -r:server2 cmd

For a whole bunch of other stuff you can do with WinRM, please see the following (much more technical) articles:

http://blogs.technet.com/b/otto/archive/2007/02/09/sample-vista-ws-man-winrm-commands.aspx
http://blogs.dirteam.com/blogs/sanderberkouwer/archive/2008/02/23/remotely-managing-your-server-core-using-winrm-and-winrs.aspx
http://technet.microsoft.com/en-us/library/dd163506.aspx

Happy remoting!

Handy Office 365 PowerShell Cmdlets

Here are some handy Cmdlets that you may find useful when managing Office 365.

- Connect to the Microsoft Online Services interface for account management tasks.
import-module MSOnline
$cred = Get-Credential
Connect-MSOLService -credential $cred

- Connect to the Microsoft Exchange Online interface for Exchange-related tasks.
$cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic -AllowRedirection
Import-PSSession $Session

- Set Office 365 passwords for all accounts to P@ssword1 and clear Change Password Flag (not valid for ADFS customers)
Get-MsolUser | Set-MsolUser -NewPassword P@ssword1 -ForceChangePassword $False

- Set Office 365 passwords for all accounts to never expire (not valid for ADFS customers)
Get-MsolUser | Set-MsolUser -PasswordNeverExpires $True

- Set Time Zone to Eastern Time and Language to English (US) for all users
get-mailbox -Filter {RecipientTypeDetails -eq 'UserMailbox'} | Set-MailboxRegionalConfiguration -Language "en-US" -TimeZone "Eastern Standard Time" -DateFormat "M/d/yyyy" -TimeFormat "h:mm tt"

- Get a user's mailbox permissions on a selected mailbox
Get-MailboxPermission -Identity <mailbox@domain.com> | Where {_.User -like '*user*'}
Get-RecipeintPermission -Identity <mailbox@domain.com> | Where {_.Trustee -like '*user*'}

- Get a list of Directly-granted rights, excluding "SELF"
Get-Mailbox | Get-MailboxPermission | Where-Object { ($_.AccessRights -like '*full*') -and ($_.IsInherited -eq $false) -and -not ($_.User -like '*nt authority\self*') }
Get-Mailbox | Get-RecipientPermission | Where-Object { ($_.AccessRights -like '*send*') -and ($_.IsInherited -eq $false) -and -not ($_.User -like '*nt authority\self*') }

- Set Shared Mailbox quota at 4.5GB
Get-Mailbox -RecipientTypeDetails SharedMailbox | Set-Mailbox -ProhibitSendQuota 4500MB -ProhibitSendReceiveQuota 5000mb -IssueWarningQuota 4400mb

- Get Distribution Group Members
$Reports=@()
$Groups=Get-DistributionGroup
$Groups| foreach {
 $GroupName=$_.DisplayName
 $Report=Get-distributionGroupMember -identity $_.identity| select @{Name='Distribution Group'; Expression={[String]::join(";", $GroupName)}}, DisplayName, PrimarySmtpAddress
 $Reports=$Reports+$Report
 }
$Reports | Export-csv -NoType -Path .\"output.csv" -ErrorAction SilentlyContinue

- Add Alias Domain to All Mailboxes (not valid for ADFS customers)
$users = Get-Mailbox
$aliasdomain = newdomain.com
foreach ($a in $users) {$a.emailaddresses.Add("$($a.alias)@$aliasdomain")}
$users | %{Set-Mailbox $_.Identity -EmailAddresses $_.EmailAddresses}

- Set Usage Location to United States for All users
Get-MsolUser | Set-MsolUser -UsageLocation "US"

- Assign "Exchange Online Plan 1" License to All Users for organization TestOrg
Get-MsolUser | Set-MsolUserLicense -addlicenses "testorg:EXCHANGESTANDARD"

- Force Removal of deleted mailboxes from Recycle Bin
Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force

- Get All User Mailbox Sizes
Get-Mailbox -Resultsize Unlimited | Get-MailboxStatistics | Select-Object DisplayName,TotalItemSize

- Convert User mailbox to Room Mailbox
Set-Mailbox -Identity ConferenceRoom -Type Room
Set-MailboxFolderPermission -Identity ConferenceRoom:\Calendar -user Default -AccessRights Author
 Let me know if there are other tasks you might like to see demonstrated!

Cannot create Exchange Online Migration Endpoint with Exchange 2007 Server using only NTLM Authentication

I've been battling an issue for a few days now and finally stumbled upon a workable solution via PowerShell.

Scenario

Client has an existing Exchange 2007 deployment.  The OWA instance is configured to only use NTLM authentication.  ExRCA (http://www.testexchangeconnectivity.com) comes back clean, and I can proxy log in to any mailbox on the server.

When configuring the migration endpoint through the EAC, I would receive an error that the migration endpoint could not be discovered, even after entering the credentials, server, and RPC proxy server values manually.

Solution

The solution ended up with my old friend PowerShell.  You can create migration endpoints through it using the New-MigrationEndpoint cmdlet.  The key was forcing the authentication to NTLM.

New-MigrationEndpoint -ExchangeOutlookAnywhere -Name NewEndPointName -ExchangeServer EXCHSERVER.DOMAIN.local -RpcProxyServer OWA.DOMAIN.com -Credentials (get-credential onpremiseaccount@domain.com) -EmailAddress onpremiseaccount@domain.com -SkipVerification -Authentication NTLM

Error uninstalling Exchange Server 2003: One or more users currently use a mailbox store on this server.

So, you're transitioning your Exchange 2003 environment to an Office 365 environment and desparately want to drop kick your Exchange 2003 server out the door.  After migrating everyone's email, you open ESM, delete all of the mailboxes and start to uninstall Exchange.  But then, this frustrating message shows up:

The component "Microsoft Exchange Messaging and Collaboration Services" cannot be assigned the action "Remove" because:
- One or more users currently use a mailbox store on this server.  These users must be moved to a mailbox store on a different server or be mail disabled before uninstalling this server.

Thanks for leaving me the fun part of trying to guess who you think still has a mailbox.

Fortunately, there's an easy way to do this.

Let's say your server name is EXCH01.

1. Launch Active Directory Users and Computers.
2. In the navigation pane, right-click on your domain and select Find from the context menu.
3. In the Find Users, Contacts, and Groups window, click the Advanced tab.
4. Click the Field button, point to User, and then select Exchange Home Server.
5. Set the Condition field to Ends With.
6. Enter the Exchange mailbox server you're decommissioning in the Value field (in our example, EXCH01).
7. Click Add.
8. Click Find Now.
9. Once the list of users is displayed, you can right-click on the user, select Exchange Tasks, and then select Remove Exchange Attributes from the list of options.  Acknowledge the warning, and repeat for each user.
10. Restart Exchange setup.

Re-create BITS and Windows Update Services for Windows 7

So, you had a bit of nasty malware.  You're almost back to square one, but have now found yourself in the unfortunate position of having missing services--specifically the Background Intelligent Transfer Service and Windows Update services.

Never fear.  These, too, can be recreated in the event that your System Restore points are borked.  Copy/paste the commands into an elevated command prompt.

REM Recreate Windows Update / BITS Services for Windows 7
sc create BITS DisplayName= "Background Intelligent Transfer Service" binpath= "c:\windows\system32\svchost.exe -k netsvcs" Start= delayed-auto depend= EventSystem/RpcSs
sc create wuauserv DisplayName= "Windows Update" binpath= "c:\windows\system32\svchost.exe -k netsvcs" Start= delayed-auto depend= RpcSs

Bloody Queen Mary

This is a Bloody Mary (it's technically a Caesar because of the clam juice) that will make you famous.  Or at least, a legend in your own mind.

4 1/2 oz Clamato Juice (or a 2:1 mixure of tomato:clam juice)
1 1/2 oz your favorite gin
1 tsp celery salt
1/2 tsp black pepper
1/2 tsp Tabasco sauce
1/2 tsp Lea and Perrin's Worchestershire sauce
1 drop Beano's Horseradish sauce
Juice of 1/4 lime

Combine all ingredients and shake vigorously.  Pour into a Collins or highball glass, and garnish with a deli pickle spear (don't you dare use a dill), rind of the squeezed lime, and leafy celery heart, and a couple of queen olives.

Move Wireless Network Profiles Between Computers

Ran into an interesting customer issue regarding connecting to a wireless network.  For whatever reason, this laptop can't see the wireless network (though others in the office can).  This laptop can connect to other WiFi networks without issue.

My laptop, for example, was able to connect without issue.  Solution?  Either manually create the profile or export it from my laptop.

Since I'm all about finding new and interesting ways to do things, I'd thought I'd try the "Export/Import" route.

There's a little-known gem of a feature in netsh that allows for just this.

1. Open an elevated command prompt.
2. Type netsh wlan show profiles and press [ENTER].
   - The output should look something like this:
   
   C:\Windows\system32>netsh wlan show profile
   Profiles on interface Wireless Network Connection
   Group policy profiles (read only)
   ---------------------------------
      
   User profiles
   -------------
       All User Profile     : OPincGuest
       All User Profile     : antares
       All User Profile     : SparkDetroit
       All User Profile     : SecureConnect
       All User Profile     : cobo_free
       All User Profile     : Colonial 1
       All User Profile     : Team Perkis-guest
       All User Profile     : MongoNet [Working]
       All User Profile     : Inn Public
       All User Profile     : Android76
       All User Profile     : bww3
       All User Profile     : TGN
       All User Profile     : attwifi
       All User Profile     : aguilmettes-iPhone MyWi
       All User Profile     : HarborLink - Buffalo Wild Wings
       All User Profile     : milkyway
3. Find the profile you want to export.  In this example, we're going to export my home profile, "milkyway" to a folder on the thumb drive, F:\wirelessconfig.
4. Type netsh wlan export profile name="milkyway" folder="F:\wirelessconfig" key=clear and press [ENTER].
5. Take the USB stick to the target computer and plug it in.  Note the drive letter.
6. Open an elevated command prompt.
7. Type netsh wlan add profile filename="F:\wirelessconfig\Wireless Network Connection-milkyway.xml" and press [ENTER].

Office365 Migrations and the legacyExchangeDN

I ran across this problem for a customer and thought I would share my experience/resolution.

Migration Scenario:
- Customer runs Exchange 2003 environment and RPC/HTTP is non-functional for the migration
- Using 3rd-party tools to migrate accounts
- When an internal user replies to messages from another internal user prior to migration, the sender receives an NDR with the X400 address of the legacy Exchange system

Tools required:
- ADFind (joeware.net)
- Microsoft Online Services PowerShell Module
- Text editor

1.     Run ADFIND on the customer's server.  This is the syntax I used:
adfind -csv -h -b "" -f "objectClass=user" -nodn mail legacyexchangedn > userlist.csv

2.     Clean up the email addresses in the userlist.csv file (to make sure they match the Office 365 addresses).
3.     Connect to the Office 365 tenant using PowerShell.
4.     Run the following script:

$csv = import-csv .\userlist.csv -header Username
foreach ($line in $csv)
    {   
    $user=Get-Mailbox -Identity $line.Username
    $user.EmailAddresses+="X500:"+$line.legacyExchangeDN
    Set-Mailbox -Identity $line.Username -EmailAddresses $user.EmailAddresses
    }

Let me know if this helped you out by leaving a comment.

Cheers.