Member: JosLieben | Microsoft Community Hub

Recent Discussions

Reporting on all object level permissions for all users in Teams, Sharepoint and Onedrive
For e.g. auditing, identifying misconfigurations or to get a 360 view of a specific user's full permissions I wrote a PowerShell module that will create a CSV, XLSX or HTML file for you with all unique permissions per user (or group if you omit -ExpandGroups) for a given site or team. You can find it as TeamPermissions in the PSGallery and/or at my blog for more info: https://www.lieben.nu/liebensraum/2024/08/microsoft-teams-permission-auditing/
Aug 15, 2024 Place Microsoft 365
microsoft teams
office 365
onedrive
powershell
sharepoint
182Views
0likes
0Comments
Re: Deallocate VM on user logoff
We use Azure Virtual Desktop using Azure AD Join (AAD) and Intune (Microsoft Endpoint Manager), so I base64 encoded your sample script and used it in a scheduled task that fires on signoff events. Here's the code for others who would like to use it: https://gitlab.com/Lieben/assortedFunctions/-/blob/master/set-AVDDeallocateOnLogoff.ps1 and a short post describing it: https://www.lieben.nu/liebensraum/2022/08/deallocate-azure-ad-joined-azure-virtual-desktop-vms-when-a-user-logs-off/
Aug 18, 2022 Place Azure Virtual Desktop
21KViews
0likes
0Comments
Automatic Right Sizing of Azure VDI's
https://www.lieben.nu/liebensraum/2022/05/automatic-modular-rightsizing-of-azure-vms-with-special-focus-on-azure-virtual-desktop/ Free PowerShell script, you can use it on-demand or on a scheduled basis 🙂 Read the linked blogpost for full instructions/guide.
May 16, 2022 Place Azure Virtual Desktop
Azure - windows virtual desktop
Cost Optimization
powershell
rightsizing
virtual machines
1.4KViews
0likes
0Comments
Full AzureAD application permissions overview
So you’d like to know which applications are living in your AzureAD? And you’d like to know which of those were added by your admins, and what permissions those applications have? And you’d also like to know which applications your users are consenting to, and what rights those applications have on your users? Look no further, I wrote a FREE Powershell script to export all of that to Excel for you! Application overview Apps an admin has consented to and the type of rights it needs Apps a user has consented to and the type of rights it needs Apps to user mapping, for an easy overview of which user has consented to which app More info at my blog: https://www.lieben.nu/liebensraum/2018/07/full-azuread-applications-permission-overview/
Jan 15, 2022 Place Microsoft Entra
Azure Active Directory (AAD)
3KViews
2likes
2Comments
Re: Full AzureAD application permissions overview
fixed (changed to https)
Aug 15, 2021 Place Microsoft Entra
2.2KViews
0likes
0Comments
Mapping legacy server shares in Intune on Windows 10 MDM
In a Windows 10 full MDM (AzureAD+Intune) scenario, you’ll move your email, app and file workloads to Office 365 (or alternatives).   In your pilot or hybrid phase, you may still need access to certain file shares on your servers, so here’s a simple PowerShell script you can deploy using Intune Device Configuration that maps your desired share. Deploy multiple times for multiple shares (or groups of users).   It will create a shortcut in a location you define, so the mapping is always user-driven, it will automatically suggest your user’s AzureAD login as username. You can of course customize the script to your liking if you did not change your local AD upn yet.   https://www.lieben.nu/liebensraum/2018/06/mapping-legacy-server-shares-in-your-windows-10-mdm-intune-pilot/  
Solved
Jun 27, 2021 Place Microsoft Intune
Intune
Mobile Device Management (MDM)
49KViews
3likes
9Comments
Re: Mapping legacy server shares in Intune on Windows 10 MDM
Probably a DNS issue, can you ping the server you're trying to map? Can you map it manually?
May 07, 2021 Place Microsoft Intune
27KViews
0likes
0Comments
Re: Unsupported but very useful way to use the hidden Azure API
Evan Bachert I would recommend using method 2 in this post instead, then you don't need DLL's / modules at all: https://www.lieben.nu/liebensraum/2020/04/calling-graph-and-other-apis-silently-for-an-mfa-enabled-account/
Feb 12, 2021 Place Azure
14KViews
0likes
0Comments
Onedrive for Business silent configuration and folder redirection through Intune MDM for Windows 10
UPDATE: superceded by https://www.lieben.nu/liebensraum/2019/06/ultimate-folder-redirection-for-onedrive-teams-and-sharepoint/ I’ve taken information from several sources and written a single “Do It All – Onedrive For Business configuration script” for the Windows 10 Modern Management (Intune MDM Azure AD Join) scenario. The script can be deployed through Intune to your Windows 10 MDM clients and will do the following silently: check latest O4B version and update to it detect O4B configuration, start auto config completely silent / invisible configuration with SSO optionally, redirect folders to Onedrive optionally, copy old content More here :) O4BClientAutoConfig + source code.
Jun 19, 2019 Place OneDrive
admin
OneDrive for Business
16KViews
4likes
3Comments
Re: Onedrive for Business silent configuration and folder redirection through Intune MDM for Windows 10
FYI: a hugely improved version of this script has superceded the above one :) https://www.lieben.nu/liebensraum/2019/06/ultimate-folder-redirection-for-onedrive-teams-and-sharepoint/
Jun 19, 2019 Place OneDrive
11KViews
0likes
0Comments
Re: Your message wasn't delivered because the recipient's email provider rejected it
DeepakRandhawa Could you state your sources?
Jun 13, 2019 Place Microsoft 365
292KViews
0likes
18Comments
The ULTIMATE #Onedrive #Teams #Sharepoint sync config and redirection solution
The ULTIMATE #Onedrive #Teams #Sharepoint sync config and redirection solution for #Intune : https://www.lieben.nu/liebensraum/2019/06/ultimate-folder-redirection-for-onedrive-teams-and-sharepoint/ Single PS script User does NOT have to be an Admin Per special folder configuration of redirection settings Extra (symlink) redirection for ANY folder (specific appdata subfolders anyone?) Automatically runs at logon and/or at specified intervals Can be unassigned (removing a user from the target group in Intune stops the script from running) Can redirect to subfolders, even nested Handles automatic creation of any folders Supports variables in paths Registers Environment Variables for the new locations if you configure it to Can hide target folders (appdata likes to hide)
Jun 13, 2019 Place Microsoft Intune
Intune
Mobile Device Management (MDM)
1KViews
1like
0Comments
Simple method to run logon / recurring scripts in Intune!
Happy to share my latest Intune script :) It does not use scheduled tasks and allows you set a recurring time for the script to rerun and/or just to run at every logon: https://www.lieben.nu/liebensraum/2019/06/simplify-logon-scripts-in-intune-without-schedules/ The advantage is that when you unassign the script from a user, no scheduled task remains that ignorantly keeps running the script :)
Jun 12, 2019 Place Microsoft Intune
Intune
Mobile Device Management (MDM)
96KViews
3likes
10Comments
Re: Documenting Intune Settings
As you also posted this issue on Github, I've replied there (cannot reproduce, works here)
Oct 14, 2018 Place Microsoft Intune
5.8KViews
0likes
0Comments
Re: Script to delete Shared With Me links
it should work for both, in addition you can also use eDiscovery as the thread mentions. That'd give you a list of URL's to retrieve.
Sep 28, 2018 Place OneDrive
1.6KViews
0likes
0Comments
Re: Script to delete Shared With Me links
here's an example script that gets that info for you: https://techcommunity.microsoft.com/t5/OneDrive-for-Business/How-do-I-get-a-list-of-all-O4B-files-shared-with-others-for-all/td-p/142674 Removing the links is not included there though, but it's a good starting point.
Sep 26, 2018 Place OneDrive
1.6KViews
1like
0Comments
Re: Documenting Intune Settings
update: current version works again :)
Jul 18, 2018 Place Microsoft Intune
6.1KViews
0likes
0Comments
Re: Two different domains in one Office 365 tenant
yes, that is how it works by design, it'll look like they are in the same tenant. You can add up to 900 domains.
Jul 01, 2018 Place Microsoft 365
103KViews
1like
4Comments
Re: Documenting Intune Settings
Thomas Kur wrote a nice script for that, I ran into it recently. https://github.com/ThomasKur/IntuneDocumentation/blob/master/DocumentIntune.ps1 Note: the current version is broken, but I added some fixes to my fork of it: https://github.com/jflieben/IntuneDocumentation/blob/master/DocumentIntune.ps1
Jun 26, 2018 Place Microsoft Intune
6.3KViews
2likes
5Comments
Re: Assigning Licences to Different Sub-Groups
Not natively, you'd need to abstract that layer through automation. Office 365 / Azure only has Group Based licensing, but this does not allow you to set a maximum on a group. Using, e.g., a scheduled Powershell script (as a runbook or locally) you could implement what you desire.
Jun 07, 2018 Place Microsoft 365
708Views
0likes
0Comments

User Profile

JosLieben

User Widgets

Recent Discussions

Reporting on all object level permissions for all users in Teams, Sharepoint and Onedrive

Re: Deallocate VM on user logoff

Automatic Right Sizing of Azure VDI's

Full AzureAD application permissions overview

Re: Full AzureAD application permissions overview

Mapping legacy server shares in Intune on Windows 10 MDM

Re: Mapping legacy server shares in Intune on Windows 10 MDM

Re: Unsupported but very useful way to use the hidden Azure API

Onedrive for Business silent configuration and folder redirection through Intune MDM for Windows 10

Re: Onedrive for Business silent configuration and folder redirection through Intune MDM for Windows 10

Re: Your message wasn't delivered because the recipient's email provider rejected it

The ULTIMATE #Onedrive #Teams #Sharepoint sync config and redirection solution

Simple method to run logon / recurring scripts in Intune!

Re: Documenting Intune Settings

Re: Script to delete Shared With Me links

Re: Script to delete Shared With Me links

Re: Documenting Intune Settings

Re: Two different domains in one Office 365 tenant

Re: Documenting Intune Settings

Re: Assigning Licences to Different Sub-Groups

Recent Blog Articles

Re: Proactively monitor ARM-based Windows Virtual Desktop with Azure Log Analytics and Azure Monitor

Re: How to use tagging effectively in Microsoft Defender for Endpoint (Part 1)

Re: MSIX – Using the Bulk Conversion Scripts

Re: Test security products the right way and find new protection features with MDATP evaluation lab

Re: Support Tip: How User Device Affinity works in Intune

Re: Support Tip: Enrolled Windows 10 devices not able to use the CP app to install available apps

Re: Update! An AI assistant that funnels critical information to you, before you ask