Adam Cushing Blog: 2025

Wednesday, June 11, 2025

MSGraph- Disable EntraID (AAD) sync and revert users to cloud.

Install-Module Microsoft.Graph.Identity.DirectoryManagement -Scope AllUsers -Force

Import-Module Microsoft.Graph.Identity.DirectoryManagement

Connect-MgGraph -Scopes "Organization.ReadWrite.All", "Directory.ReadWrite.All"

$orgId = (Get-MgOrganization).Id

Update-MgOrganization -OrganizationId $orgId -OnPremisesSyncEnabled:$false

(Get-MgOrganization).OnPremisesSyncEnabled

# Should return: False

MSGraph- Force Password Change at Next Login / Revoke Token (Log them out)

To force user to change at next login and log them out.

Install-Module Microsoft.Graph.Users -Scope AllUsers -Force
Install-Module Microsoft.Graph.Users.Actions -Scope AllUsers -Force

Import-Module Microsoft.Graph.Users

Import-Module Microsoft.Graph.Users.Actions

Connect-MgGraph -Scopes "User.ReadWrite.All", "Directory.AccessAsUser.All"

$email = "user@domain.com"

# Force password change at next login
Update-MgUser -UserId $email -PasswordProfile @{ ForceChangePasswordNextSignIn = $true }

# Confirm it's flagged
Get-MgUser -UserId $email -Property PasswordProfile | Select-Object UserPrincipalName, @{Name="ForceChange";Expression={$_.PasswordProfile.ForceChangePasswordNextSignIn}}

# Revoke sign-in sessions (log them out of everything)
Revoke-MgUserSignInSession -UserId $email

Tuesday, April 15, 2025

Cool Remote Access "VPN" Tool

https://tailscale.com/

Friday, March 21, 2025

Unable to connect to Office 365 / Exchange online, or Entra ID - Microsoft.Online.Administration.Automation.MicrosoftOnlineException was thrown.

Forget all of the former connection to 365. Microsoft broke it as of ... 3/2025.

You'll get-powershell 'Microsoft.Online.Administration.Automation.MicrosoftOnlineException' was thrown.

For Entra ID, you need to upgrade to the latest version. That's it.

For powershell, you need to install the latest Exchange online management -

Find-Module ExchangeOnlineManagement -AllVersions

If you already have it installed, remove it so you can install the latest version -

Remove-Module ExchangeOnlineManagement
Uninstall-Module ExchangeOnlineManagement -AllVersions -Force

Install the latest version, click "Y" for Yes, NOT "A" for all.

Install-Module ExchangeOnlineManagement -RequiredVersion 3.7.2 -Scope AllUsers

Now Import the module -

Import-Module ExchangeOnlineManagement -RequiredVersion 3.7.2

Now you can connect to Exchange Online -

Connect-ExchangeOnline

That's it!

Friday, February 21, 2025

How to install Windows 11 on a PC that doesn't support it (No TPM)

When you get to the Windows 11 setup screen, press Shift + F10 to open Command Prompt.
Type regedit and press Enter.
Navigate to:
```
HKEY_LOCAL_MACHINE\SYSTEM\Setup
```
Right-click Setup, select New > Key, and name it LabConfig.
Inside LabConfig, right-click and create the following DWORDs:
- BypassTPMCheck → Set value to 1
- BypassSecureBootCheck → Set value to 1
- BypassRAMCheck → Set value to 1 (if needed)
Close Registry Editor, then exit Command Prompt and continue installation.