Update multiple SSL certificate site bindings in IIS in one go

If you have to deal with updating SSL certificates in IIS then you probably know how much of a pain it can be if you have lots of sites and bindings that all use the same certificate. I found a really simple PowerShell script that can go through and match the thumbprint of your old certificate on all bindings in IIS and replace them with the thumbprint of your new certificate! This is particularly useful if you have a wildcard multi-domain certificate that you can use on all sites regardless of hostname!

Open up a PowerShell window with administrative rights then enter the following commands. Obviously you will need to replace the thumbprint values below with yours.

The first one will set a variable for the old certificate

$OLDCertificateThumbprint = "123456789abcdefgh1a2b3c4d5e6f7g8h9a1a1a1"

The second will set a variable for the old certificate

$NEWCertificateThumbprint = "7a3b5a1g1a6a2j2a262a3343a333a5a64a4a4a4a"

The following will show bindings where the old certificate is in use

Get-WebBinding | Where-Object { $_.certificateHash -eq $OLDCertificateThumbprint} | Format-Table

This will select bindings where the old certificate is in use and switch it to the new certificate

Get-WebBinding | Where-Object { $_.certificateHash -eq $OLDCertificateThumbprint} | ForEach-Object {
Write-Host "Working on" $_
$_.RemoveSslCertificate()
$_.AddSslCertificate($NEWCertificateThumbprint, 'My')
}

Once the script above has completed you can use this to show bindings where the new certificate is in use

Get-WebBinding | Where-Object { $_.certificateHash -eq $NEWCertificateThumbprint}

Now that everything has been updated you can go into IIS to check it out.  Big thank you to the following people here and here for providing these solutions.

How to check Wi-Fi signal strength on Windows using command prompt (cmd)

On Windows 10 / 11 there are a number of ways to check the wi-fi signal strength but I find the most accurate and simple way is using command prompt.

  1. Open up a command prompt by clicking start, type cmd then click “Command Prompt”.
  2. Enter the following command and press “Enter”.
    netsh wlan show interfaces
  3. Check out the “Signal” value to determine the quality of your connection.

If the number is equal or higher than 80%, then the strength of the signal is good. Anything below 60% is pretty poor.

Office 365 Group not showing in Outlook (Exchange Hybrid Environment)

PROBLEM:-

I have an issue where a Microsoft 365 group has been created but will not appear in Outlook 2019 or Outlook on the web.

After a bit of digging, I found out that the following factors played a part in this.

  • Exchange is running in Hybrid environment
  • User had created the Group/Team from within MS Teams

Because we were running a hybrid environment and the user had created the Team/Group from within the MS Teams app it doesn’t do as good a job as it would if you created it via the web-based admin interface.

When the group is created from the MS Teams app it doesn’t set the exchange attribute –HiddenFromExchangeClientsEnabled:$false which means that by default the group will not appear in Outlook App or Outlook on the web.

If you create the group via the Microsoft 365 admin center it works fine.

SOLUTION:-

1. Open up Windows Powershell and connect to Exchange online using the following command. (Make sure you have Powershell 7 and the exchange EXO V2 module installed).

connect-ExchangeOnline -UserPrincipalName [email protected]

2. Set the groups visibility using the following command

Set-UnifiedGroup -Identity "Name of Your Group Here" -HiddenFromExchangeClientsEnabled:$false

Install the latest Windows PowerShell and Exchange Online Management EXO V2module

I often find that I’ll jump on to a server, PC or laptop and I’m trying to run commands in PowerShell that it doesn’t understand. Normally because it’s an old version of PowerShell, certain modules aren’t installed or I’m just bad at typing.

Here’s where to get the latest version of Windows PowerShell and EXO V2 that you will need if you’re working with Exchange Online.

PowerShell 7
https://aka.ms/PSWindows

Exchange Online Management
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/

At the time of writing the following command will get you the module…

Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.5

Check what modules are installed…

Get-InstalledModule
Fox Ranger 2.5L Water Jacket

Fox Ranger 2.5L Water Jacket Review

https://foxracing.co.uk/product/ranger-2.5l-water-jacket/27361.html

Features:-

  • Advanced weather protection for a wide range of weather conditions
  • Lightweight 10K/3K 2.5-layer, waterproof, breathable main body fabric
  • DWR finish sheds moisture, dirt, and debris
  • Two zippered front hand pockets
  • Draw cord, cinching at hem and elastic cuff, provides customized fit
  • Helmet-compatible hood fits over most helmets
  • Length (HPS): 29″, size large
MATERIALS
  • 100% polyester ripstop, 2.5-layer fabric
  • Weather rating: 10K waterproof, 3K breathability

Nice jacket, looks great but could be better…

I’ve had this jacket for about 11 months. I live in the UK and have used it through the winter so it’s seen PLENTY of rain! First off it’s a great looking jacket and I’ve worn it on and off the bike. It fits well and does keep the majority of the elements out. It does a good job in general and I wanted to love this jacket but there are a few little things that could be done better which is probably why I wouldn’t recommend it.

The hood… it’s big and can easily fit over your helmet… great, but it doesn’t have any bungee type cords to pull it snug around your neck / helmet / head so when you’re bombing down a trail in the wind and rain it acts like a sail then flies off the back of your head and starts to fill with rain. This also means that if you’re not wearing a helmet and put the hood up, it goes over your head and face and again blows open in the wind. If you don’t put the hood up and it’s raining or windy then it flaps about quite a bit and you cant make it fit snug around your neck.

The last thing I think is missing is some kind of ventilation (apart from the gaping neck hole!). Lot’s of modern jackets have ventilation of some description whether it be under the arms or the sides but this has none so can get a bit “boil in the bag” but I understand that this might be the case for most jackets of this type anyway.

Overall I like the aesthetics of the jacket but the hood lets it down.

Drivers for Digital Persona U.are.U 4500 Fingerprint Reader USB

Below you will find 2 zip files that can be used to get your Digital Persona U.are.U 4500 up and running. The first 4500_wbf_driver_5.0.0.5_rs3.zip is smaller in size and is just the basic drivers, probably all you need to get up and running on Windows 10. The second DP_UareU_WSDK223.zip I believe is the SDK kit and has all the drivers and full software.

 

MFA not working in Outlook 2019 – Exchange Online

Scenario:-

Microsoft 365 tenant, mainly using Exchange Online (Plan 1) licenses. I enabled MFA for a couple of users which works fine logging in to https://office.com

Users can access Outlook on the web without any problems and get notifications sent to the “Microsoft Authenticator” app to approve or SMS if they choose one of the other authentication options.

When it comes to Outlook 2019 they just repeatedly get asked for their email credentials in a standard type popup box as opposed to the newer MFA style popup that you see like when you login to https://office.com where it asks for email, then password, then MFA option.

I know this type of problems exists with older versions of Outlook 2013 and lower and there are workarounds for it but this is Office 2019!

Solution:-

After raising a support ticket with Microsoft and getting a call back pretty much straight away from a very knowledgeable “Support Ambassador” we managed to sort the problem. Turns out that if your tenant was created before 2017 (ours was 2014) then the default policies in place for the basic Azure type licenses that come with the lower tiered licenses like Exchange Online might not work very well when enabling MFA on a user account! Tenants created later than 2017 tend to work just fine.

Here’s what we did…

  1. Run PowerShell as admin
  2. Connect to Exchange Online (If user has MFA enabled) using the following steps:-
    $MFA = New-Object -ComObject InternetExplorer.Application -Property @{Navigate2="https://cmdletpswmodule.blob.core.windows.net/exopsmodule/Microsoft.Online.CSE.PSModule.Client.application"}

    The command above installs a module which then launches another PowerShell window.

  3. In the newly opened window enter the following:-
    Connect-EXOPSSession

    Enter your tenant administrator login information.

  4. Enter the following command:-
    Set-OrganizationConfig -OAuth2ClientProfileEnabled $true 

This pretty much enables the use of MFA now for your Exchange Online tenant. It can take a few hours for things to propagate and for Outlook 2019 to make use of this. If you need to speed this process up you can add the following registry key to the users computer. Make sure to close Outlook first.

  • HKEY_CURRENT_USER\Software\Microsoft\Exchange
  • On the Edit menu, point to New, and then click DWORD Value.
  • Type AlwaysUseMSOAuthForAutoDiscover, and then press Enter.
  • Right-click AlwaysUseMSOAuthForAutoDiscover, and then click Modify.
  • In the Value data box, type 1, and then click OK.
  • Exit Registry Editor.

Open Outlook and you should now get the MFA type prompt as you would expect. I think if you continue to have problems then it’s worth deleting the Outlook profile on the computer and starting again.

The following article may also be of use as it goes into a lot more detail about how to enable or disable modern authentication for Outlook in Exchange Online https://docs.microsoft.com/en-us/Exchange/clients-and-mobile-in-exchange-online/enable-or-disable-modern-authentication-in-exchange-online

One last thing… enabling modern authentication for Outlook in Exchange Online wont affect any of your other users who may not have MFA setup.

Hopefully this may help someone somewhere one day!