redundancy management-module nonstop-switching
show redundancy
redundancy rapid-switchover 60
redundancy swtchover
show redundancy detail
Firmware-
boot set-default flash primary
write memory
boot standby
show redundancy (wait for sync
redundancy switchover
Check users email fields-
get-aduser -Filter * -Properties mail | select name,mail | Out-GridView
Command to copy-
Get-ADUser -LDAPFilter '(userPrincipalName=*)' ` -Properties userPrincipalName,mail | Select-Object * | ` ForEach-Object { Set-ADObject -Identity ` $_.DistinguishedName -Replace ` @{mail=$($_.userPrincipalName)} }
Here is how to set up Mimecast to work with Duo's Cloud SSO. The online instructions are confusing and inaccurate.
DUO SSO-
Deploy and configure DUO SSO if you haven't already.
https://duo.com/docs/sso
DUO Application-
In Duo, go to Applications, click Protect an Application, search for Generic, there will be two Generic Service Providers, select the one that says "2FA with SSO hosted by DUO".
Fill in the following-
Entity ID- us-api.mimecast.com.ACCOUNTCODE (Replace account code with your account code, it will be something like CUSA88U99)
Assertion Consumer Services ACS URL- https://us-api.mimecast.com/login/saml
Copy the metadata URL to notepad, you'll need it later.
Name (under settings)- Mimecast
Leave everything else alone, click save.
Mimecast-
Administration, Services, Applications, Authentication Profiles, Default Authentication Profile.
Check the box that says "Enforce SAML Authentication for Mimecast Personal Portal"
Provider- Other
Metadata URL- paste the Metadata URL you copied earlier. Click Import.
Click Save and Exit.
Repeat above if you want to enforce User Applications.
Repeat above in Administration, Services, Applications, Authentication Profiles, Account_Administrators_Authentication_Profile if you want to enforce it for admins.
1. DISM /Online /Cleanup-Image /RestoreHealth
2. Get-AppXPackage -AllUsers | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register “$($_.InstallLocation)\AppXManifest.xml”} --
3. Delete this folder for each user: C:\Users\username\AppData\Local\TileDataLayer
You get- "You cannot visit localhost right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later."
IF YOU'RE CERTAIN the page is safe, you can type thisisunsafe and you will be able to reach the site.
You want to keep a user's mailbox indefinitely, however, you do *not* want to keep their AD account (or you want it disabled). Converting it to a shared mailbox still anchors it to their AD account, so purging that deletes the mailbox.
- Delete or Disable the account in AD, or, move the account to an OU not synced by AD Sync
- Run an AD Sync.
- Ensure the account is gone in Office 365.
- In Office 365 Admin Center, open the Azure Active Directory Admin Center.
- Go into Users, Deleted Users, find the user in question, check the box and click "Restore User".
- Go into the user's cloud account and reapply the license.
- Once their mailbox is in Exchange Admin Center, convert the mailbox to a shared mailbox.
- Remove the license from their user account.
(Get-AuthConfig).CurrentCertificateThumbprint | Get-ExchangeCertificate | Format-List
New-ExchangeCertificate -KeySize 2048 -PrivateKeyExportable $true -SubjectName "cn=Microsoft Exchange Server Auth Certificate" -FriendlyName "Microsoft Exchange Server Auth Certificate" -DomainName @()
Set-AuthConfig -NewCertificateThumbprint <ThumbprintFromStep1> -NewCertificateEffectiveDate (Get-Date)
Set-AuthConfig -PublishCertificate
Set-AuthConfig -ClearPreviousCertificate
IISReset
