Troubleshooting Windows Defender Advanced Threat Protection (WDATP) On-boarding

The blog describes some troubleshooting steps you can take if you have followed the process to on-board Windows 10 to WDATP (as described here), but the devices are not appearing in the Machine List on Windows Defender ATP portal

  1. From the Windows 10 device, verify the diagnostic data service is enabled and running

Open an elevated command prompt and run

sc qc diagtrack

In my case the service was running without errors read more

On-board Devices to Windows Defender Advanced Threat Protection (WDATP)

This blog describes steps required to on-board a device onto Windows Defender Advanced Threat Protection (WDATP), and how to verify the on-boarding was successfully.

On-boarding

  • Sign into the Windows Defender ATP Portal here
    1. You can sign up for a trial here
    2. If you get an error logging in, make sure that you’re using an ‘inPrivate’ or ‘incognito’ window in your browser
    3. read more

  • How to report on licensed Office 365 users with disabled Active Directory accounts

    There may be times where you need to do some housekeeping on your Office 365 licenses.  Users may have left, for example, had their active directory accounts disabled, but are still consuming a license in Office 365.  Here is a simple powershell one-line that will output a report to CSV.

    Connect powershell to Azure AD for your Office 365 subscription as described here and run the following read more

    How to update a Dynamic Distribution Group Recipient Filter

    During an Office 365 / Exchange Online migration, you may have a requirement to update the recipient filter of any dynamic distribution group.

    In my case, I needed to do this because the dynamic distribution group used filters to include only mailboxes. But mailboxes that are migrated to Office 365 become mail-enabled users in the on-premises directory. This can cause issues with certain members of a dynamic distribution group not receiving email messages. The issue is described here read more

    Azure AD Connect unable to sync built-in Administrator account

    In a recent project I came across a scenario where there was a requirement to synchronize the built-in Administrator account from the on-premise Active Directory into Azure AD.  Reason being was the built-in Administrator account was mailbox enabled, and there was a requirement to migrate the mailbox to Exchange Online (Office 365) read more

    Azure AD Connect fails – “The user name or password is incorrect” when adding a second Active Directory Forest

    I came across this issue recently and wanted to shared my experience

    Environment

    The organization has the following configuration

    1. Office 365 tenant
    2. Azure AD Connect configured and synchronizing Active Directory Forest A

    Requirement

    1. Synchronize Active Directory Forest B into the same Office 365 tenant

    As per the supported topologies for Azure AD Connect here this can be achieved using the same instance of Azure AD Connect.  No forest trust required, but some pre-req’s are required as outlined here including Firewall ports (listed here) , DNS Name resolution (using a Conditional Forwarder -see discussion here) and an account in Forest B with Enterprise Admins permissions. read more

    Office 365 Mailbox Migration Planning Script

    Every user mailbox in Exchange Online requires an Office 365 license to be assigned to the user.  Often when migrating from Exchange On-premises, there are more user mailboxes than actual users, and more importantly, more user mailboxes than Office 365 licenses.  In this scenario, a number of options can be considered including: read more

    How to enable, verify and test Litigation Hold in Office 365 – Step by Step

    How to enable, verify and test Litigation Hold in Office 365 – Step by Step

    In this blog post, I’ll demonstrate step by step how to enable, verify and test litigation hold in Office 365.  I’ll be focusing specifically on the Exchange Online workload.

    1.  Enabled Litigation Hold

    You can enable litigation hold for a mailbox by running the following command from the Exchange Online shell (note:  steps to connect PowerShell to Exchange Online can be found here) read more

    Troubleshooting the Office 365 Hybrid Configuration Wizard

    In this blog post I want to share some tips for identifying issues when running the Office 365 Hybrid Configuration Wizard (HCW), available here .

    Specifically,

    1. Where to find the Hybrid Configuration Wizard logs
    2. How to identify network related issues

    In my experience, network relates issues are the most common cause of HCW failures, and that is where this blog post will focus.   Most corporate networks have firewall and / or proxy restrictions in place.  There are very specific network requirements for connectivity to Office 365 as detailed here . read more

    Outlook client can’t connect to Exchange 2016 – continually prompts for login credentials

    Problem

    I came across this issue while working on an Exchange Hybrid deployment.  During the testing phase, I successfully migrated mailboxes from Exchange 2010 to Exchange Online.  However, when I migrated a mailbox from Exchange 2010 to Exchange 2016, my Outlook client could not connect to its mailbox and would continually prompt for login credentials read more