In a previous life as a DNS admin I was responsible for mail delivery. Going through my old notes I found a few handy links.
Mail Header Analyzer
SPF Tools
https://dmarcian.com/spf-survey/PowerShell Snippets
These are a few common snippets I use somewhat regularly and always find myself looking for.
$initialPW = $null
$initialPW += -join ('abcdefghkmnrstuvwxyzABCDEFGHKLMNPRSTUVWXYZ23456789$%&*#'.ToCharArray() | Get-Random -Count 45)Start-Transcript -Path ($PSScriptRoot + "\" + ([io.fileinfo]$MyInvocation.MyCommand.Definition).BaseName + "_" + (get-date -f yyyy-MM-dd) + ".log") $mailSettings = @{
Subject = $Subject
From = $From
SmtpServer = $smtpRelay
Encoding = [text.encoding]::UTF8
To = $EmailAddress
Cc = $CopyAddress
Bcc = $BlindCopyAddress
Body = $Body
Priority = "High"
}
$mailSettings.Body = $mailSettings.Body.replace("%displayName%",$ADObject.displayName)
try {
Send-MailMessage @mailSettings -BodyAsHtml -ErrorAction Stop
} catch {
Write-Host "[ERROR] "+$_.Exception.Message
} $DN = $ADObject.distinguishedName
$Domain = $DN -Split "," | ? {$_ -like "DC=*"}
$Domain = $Domain -join "." -replace ("DC=", "")Calulating the Immutable ID
The Immutable ID is used to link an on-premise user object to an entra ID user object.
Sidenote, I should really move these snippets to Github
$UserObject = Get-ADUser "CN=User1,OU=Corp.Users,DC=itsrob,DC=local" -server dc1.itsrob.local
$UserObjectGuid = $UserObject.ObjectGUID
$UserObjectGuidBase64 = [System.Convert]::ToBase64String($UserObjectGuid.ToByteArray())
write-host
write-host $UserObjectGuidBase64
SAML Claims – Group Name
Currently, Microsoft does not support flowing a group name of a cloud group in their SAML claims. Interestingly, you can flow the name if the group is AD synchronized.
I get object IDs are immutable, however, sometimes it’s just better to flow a friendly name.
If this has impacted you as well, upvote the following: Group name instead of group id for SAML · Community (azure.com)
Following Logfiles via PowerShell
Back in my HPUX\Linux days I used to use tail -f on logfiles to monitor them as they grow. A friendly contact at Microsoft shared this trick with me.
Get-Content -Path "C:\scripts\test.txt" -WaitMicrosoft Admin Portals
I came across this handy website in my travels. It appears to be well maintained:
NoHello
For a while now, Microsoft has been making memorable URLs by shortening them via the “aka.ms” prefix, which I truly appreciate.
One of my favourites addresses a pet peeve of mine: people who ping me with a mere “hello”.
See more here: https://aka.ms/nohello
SAML Claim Padding Transform
Recently I needed to include a 10-digit padded employee number in a SAML claim.
It seems that padding is a missing function within SAML Claim Transforms.
I tried a few things, like joining 000000000 to the employee ID (say 12345) then returning the rightmost 10 characters (0000012345), RegEx expressions, etc, but nothing seemed to work as expected. I even opened a Microsoft ticket on this, and there isn’t a solution for padding in the transforms.
Please visit Add claim manipulation for padding · Community (azure.com) to upvote this.
Welcome
This is a site to keep IT discussions separate from my personal site. I spend most of my day in Microsoft Entra ID and many ancillary technologies.