I don’t consider myself a huge Queen or Freddie Mercury fan – I was unfortunately too young in the 80’s for that. But I do love their music! I don’t think there’s any other band that have more songs that I love than Queen, not even ABBA. And I love 80’s music in general. So when there was talks about a Freddie Mercury / Queen movie I loved the idea of it but I was always sceptical any actor would be able to do a good Freddie. And when Rami Malek, who is awesome in Mr. Robot, was cast I was even more sceptical. Then the movie came out with all kinds of great reviews. But it took me this long to actually take the time away from work and everything in life to go and see it.
And I liked it. I liked it a lot! I even liked Rami as Freddie, he obviously did a lot of research on the moves and Freddie’s style. And with the sunglasses it was actually a very good resemblance. And since I’m not that big a fan that I know all stories and band-moments it’s difficult to know how much of the movie is factually correct but since both Roger Taylor and Brian May were credited as producers (and yes I even spotted their cameos) I guess it can’t be too far off the truth. And I know they took a lot of liberties with the timeline so they could build up the Live Aid show as the movie’s crescendo and Freddie’s redemption, I’m all ok with that. I mean I love Braveheart even though it has more holes than Al Powell’s car at Christmas.
So what was my problem with it? Two words – “false” and “advertisement”.
In the press material for the movie and on the poster there is this image:
And that is indeed an iconic photograph of Freddie at Wembley. But it was taken at their concert in July 1986 – a concert I happen to think is one of the best concerts I’ve ever seen (even though I’ve only seen it on DVD), even including the concerts I’ve actually seen live this one takes the gold. But as I wrote – the movie’s crescendo and ending is the Live Aid concert in 1985, one year earlier. So this poster is for an event that happened after the movie’s ending and never appears in the film! That’s most definitely false advertisement.
But if you know me, if that is my only gripe with the movie, then it’s a pretty damn good movie 🙂
SCENARIO
When executing SharePoint Online scripts you need to be connected to your “admin” site or the script will just fail if you’re not.
PROBLEM
When writing a script you can’t assume that you’re already connected to your SPO tenant and unlike the “msolservice” connect call you need to specify your “admin” URL which can be quite long. But sometimes you’re already connected in the Powershell session.
SOLUTION
Writing this little thing in the start of your script will check if you’re connected to the admin site and if not will call the connect-sposervice command with the URL already set.
# First we reset the sitecheck to avoid having an old result
$sitecheck=""
# This is the address of your SPO admin site
$adminurl = "https://[your tenant name]-admin.sharepoint.com"
# Now we try to get the SPOSITE info for the admin site
Try { $sitecheck = get-sposite $adminurl }
# If we get this server exception for any reason, the service isn't available and we need to take action, in this case
# write it to the console and then connect to the SPO service.
Catch [Microsoft.SharePoint.Client.ServerException]
{
Write-Host -foreground Yellow "You are not connected!"
connect-sposervice $adminurl
}
Recently ran into an issue where a user in the on-prem AD had been deleted unintentionally and in the next sync his user went along with his mailbox.
Googling around I found a helpful article how to best go about restoring this. It’s basically about creating a new on-prem users and setting the new GUID on the recovered AzureAD user so AzureAD Connect can tie them together.
However, when trying to set the new “ImmutableID” with “set-msoluser” I got this error:Set-MsolUser : You must provide a required property: Parameter name: FederatedUser.SourceAnchor
Took alot of Googling to realise what was wrong! The issue here is that you can’t set a new ImmutableID on a user in a Federated domain! So the trick here was to change the user to an “onmicrosoft” user, change the ImmutableID and then changing it back to the federated domain!
# Checking the original ImmutableID
get-msoluser -UserPrincipalName [email protected] | select *immutableid*
# Changing it to a "onmicrosoft" UPN
set-MsolUserPrincipalName -UserPrincipalName [email protected] -NewUserPrincipalName [email protected]
# Setting a new Immutable ID from on-prem AD
set-MsolUser –UserPrincipalName [email protected] -ImmutableId "Z/-XGv2W4kWPM1mR/ddSdn!)"
# Check that the change was applied
get-msoluser -UserPrincipalName [email protected] | select *immutableid*
# Changing it back to the original UPN
set-MsolUserPrincipalName -UserPrincipalName [email protected] -NewUserPrincipalName [email protected]
# Checking that the UPN is now correct and the correct ImmutableID is applied
get-msoluser -UserPrincipalName [email protected] | select *immutableid*
Hope that saves someone some headache.
We’re having a major heatwave here in Sweden, so bad that even Pokemon Go are alerting me about it! I’ve heard it’s been the same a little all over the planet. And this reminds me of something that’s been on my mind ever since physics in college when we were discussing energy and how it can’t be created or destroyed, it can only be converted from one form to another. And this made me go around thinking how different things convert energy and it didn’t take too long to realise that so incredibly much of today’s society relies on stuff that converts energy to heat!
I mean, even if we disregard the entire greenhouse effect caused by gases, today’s society relies so much on things that create heat as a bi-product that we really can’t be too surprised when we get heatwaves like this. Nuclear power plants creates so much heat they need gazillion gallons of water to cool it, driving your car creates heat both in your car and the asphalt, using your computer creates heat, running your fridge and freezer creates heat, running the train creates heat, running your air conditioning unit to keep cool creates heat, most of the stuff we use today create heat – even your cellphone! And then there’s the fact that every single person is a walking radiator stuck at 37′ and now there are like 10 billion of us?
So yeah, I remember Trump’s tweet about how that cold day in Manhattan was proof there was no global warming – well this is most definitely proof that it’s a thing 🙂
Me and the wife celebrated 10 years a few months back. And one of the things I had planned was going to see Ed Sheeran in Stockholm since she likes his music and the timing was pretty good. So I made sure to be there when tickets went up for sale last year and got two tickets and last Saturday was the day of the concert. And the result was … we’re too old for this!!
First of all, entry was at 6:30. I made jokes “the guy probably isn’t gonna go on until 9!”. I was wrong – he went up about 8:40 so off by 20 minutes. So spending 2 hours listening to pre-show / opening stuff is “as intended” I guess? And whoever organised the event should have planned a bit better and planned for the roof to be open for the event as it’s July!! The temperature was about 35 degrees in there by the end of the night. And after the concert there was a traffic mayhem to get out of there because they had blocked off most streets which congested everything. So instead of the usual 20 minutes from MoS -> home it took us about 1 1/2 hours.
“Well, what about the show itself”? .. well I’m not a big fan of his, even though I enjoy some of his songs and lyrics. I compared it to going to the movies to see a romantic comedy – It’s wouldn’t be my first choice, but I’ll do it with the wife and I’m bound to get at least some enjoyment out of it! But this show was really different than what I expected. The guy even tried rapping a few times! And no sign of Supermarket Flowers either.
But my biggest issue was the volume. I know, I know, concerts are loud. But this was way well beyond “loud”. I already have tinnitus on my right ear thanks to me underestimating the volume at a Röyksopp / Moby concert back in 2002. So I made sure to buy earplugs before the concert to try to make sure that didn’t happen again. And my ear is still ringing!! I honestly don’t get where the enjoyment is when the music is so loud it hurts my ears even with earplugs !? Yes, you want to feel the bass in your chest but I get that from my home cinema that never gave me a ringing in my ear! It just makes no sense!! Even in between songs when he was talking it was so loud I couldn’t hear what he was saying half the time. And this is completely accepted and expected today!? I really don’t get it!!!
The one good thing I can say is I was impressed that he handled the stage alone in front of 50 000 people superbly and his way of creating musical loops with his pedals was quite funny and unexpected. And I liked it!
SCENARIO
You want to know how many users are using SMS for MFA or mobile app to change user behavior to drive adoption of the MFA app.
PROBLEM
By default when users enrol with MFA they click “Next” all the way and end up with SMS authentication, regardless of what information we provide them with. And the way Microsoft stores this information isn’t very friendly for us to see this easily.
SOLUTION
I wrote this to demonstrate to management that users indeed doesn’t read the e-mails sent out to them which detailed that they should use “Mobile app” verification and what actually happened was they just clicked “Next” all the way and ended up with SMS authentication. In our case we ended up with about 2% of users chosing the application!
$phoneappnotificationcount = 0
# Setting the counters
$PhoneAppOTPcount = 0
$OneWaySMScount = 0
$TwoWayVoiceMobilecount = 0
$nomfamethod = 0
# Getting all users
$allusers = Get-MsolUser -all
# Going through every user
foreach($induser in $allusers)
{
# Resetting the variables
$methodtype = ""
$strongauthmethods = ""
$upn = ""
$strongauthmethods = $induser | select -ExpandProperty strongauthenticationmethods
$upn = $induser.userprincipalname
# This check is if the user has even enrolled with MFA yet, otherwise we +1 to that counter.
if(!$strongauthmethods) { $nomfamethod++ }
# Going through all methods ...
foreach($method in $strongauthmethods)
{
# ... to find which is the default method.
if($method.IsDefault)
{
$methodtype = $method.MethodType
if($methodtype -eq "PhoneAppNotification") { $phoneappnotificationcount++ }
elseif($methodtype -eq "PhoneAppOTP") { $PhoneAppOTPcount++ }
elseif($methodtype -eq "OneWaySMS") { $OneWaySMScount++ }
elseif($methodtype -eq "TwoWayVoiceMobile") { $TwoWayVoiceMobilecount++ }
# If you want to get a complete list of what MFA method every user got, remove the hashtag below
# write-host "User $upn uses $methodtype as MFA method"
}
}
}
# Now printing out the result
write-host "Amount of users using MFA App Notification: $phoneappnotificationcount"
write-host "Amount of users using MFA App OTP Generator: $PhoneAppOTPcount"
write-host "Amount of users using SMS codes: $OneWaySMScount"
write-host "Amount of users using Phone call: $TwoWayVoiceMobilecount"
write-host "Amount of users with no MFA method: $nomfamethod"
This is going to be a wall of text. And 99% of the people I know aren’t even interested. But I’m writing this on behalf of every other SharePoint admin out there who are unfortunate enough to discover just how easy SharePoint is to break!
Little background: I’ve been working with SharePoint since about 2005. Not that long for some but long enough to know that after a few years of use a SharePoint farm has a few quirks in it and it’s a good idea to upgrade it. And you never upgrade an existing farm, you always start with a new fresh one and import all data! Now one of my jobs (!) is managing a 30k user corporate SharePoint – a business critical solution since all documentation are in there. And not only that, our entire BI solution is in there as well, complete with “PowerPivot” and “Reporting Services for SharePoint”… No pressure!
So now it was time to upgrade it from SP2013/SQL2014 to SP2016/SQL2016, including all BI solutions. We’ve gone through a “dev” environment, a “test” environment and even a “preprod” environment and everything went surprisingly well. There was ofcourse the usual glitches getting the BI features to work (and the S2S cert trust that is required for Excel with data source connection files now that Excel service moved out of SP to OOS!). But anyway, the preprod farm was so great that the plan was to take it into production. Our BI team didn’t see a big problem doing that in an afternoon on a weekday, whereas for me the biggest problem was the 1.5TB of data that needed to be shuffled and upgraded. And “even the best laid plans”, you know. I also knew that one of the biggest issue was network infrastructure which for a global company is so complex that the best way forward was to swap IP addresses of the servers so we wouldn’t have to change DNS or static IP routes anywhere, we’d just solve it at the load balancer level. So I managed to get a whole Saturday from the business to have SharePoint offline, but no more. After all, all documentation is in there!
That Saturday was last Saturday April 14th. I got up at 4am to start shuffling the data. By 7 that was done and I started upgrading the database with the normal “mount-spcontentdatabase”. Here was my first mistake (in hindsight). I had already written a script to do this, but that’ll come later. By 10 everything was loaded, upgraded and I proceeded to change IP addresses around and change it in the load balancer, then go through my long list of checks that normal user SP functionality works while our BI team were updating all of their things.
After lunch we had a “go/no-go” meeting and everything looked good. I also noticed at this point I had a case to create a new SharePoint site for a project, something I actually hadn’t tested since that’s not a “normal user SP functionality”. And that’s when the shit hit the fan! What I had missed thanks to my scripting was that one of the content databases had failed to upgraded and was now corrupt and when I wanted to create a new site it did it in that database since it was the “least used” and hence the error. “No problem, plan a) I’ll just delete this database”, right? Nope, SharePoint wouldn’t have it because the database wasn’t attached since it was corrupt. Yet I could see the sites in that database listed with get-spsite?
Tried a few things but couldn’t recover so I decided plan b) remove the web app and create a new and re-import/re-mount this corrupt DB, all other DB’s were already upgraded successfully so not a big operation. Well, SharePoint wouldn’t have that either – it couldn’t dismount this database because it was corrupt so I couldn’t remove the webapp! I was completely stuck with a broken web app that I couldn’t remove because of a content database that wasn’t mounted?!
So plan C) rename that webapp with the corrupt database and give it a nonsense URL so I could create a new web app with the proper URL. That seemed to work but when I tried importing a new backup of this content DB it didn’t import any of the site collections! .. digging around I could see that the sites in the broken webapp, with the new nonsense URL, still had the original URL! It couldn’t update them because… there was no content DB attached to them! I dug around in SharePoint Manager (which was designed for 2013 I know) but it kept crashing when I clicked any of the sites in the broken webapp.
So there I was with a broken web app with a corrupt contentdb with sites occupying the URL I needed to create our proper web app. Came to the conclusion that the config db was pretty much fucked at this point at now we’re at 2pm. Best option available to me at this point was calling Microsoft premiere support case with a severity A case. I’m pretty sure if I had gone for that they would have looked at it, made the same determination as me and said “since this is a farm not yet in production, I’d say the best way forward is to recreate the farm”. During that time our BI would be in SharePoint 2016 but the “big” web app in 2013 on separate IP addresses! God knows how the network would handle that and getting the engineers in India to change firewall routes in less than a week wasn’t that likely. Because rebuilding a new farm in production would take at least a week, right?…
After clearing it with my supervisor that this was indeed the best way to solve it NOW! All other options led to some unknown hellhole – going back was always a possibility no matter what.
I got a green light and Red Bull at about 3pm …
Basically I had done at least a weeks work in 7 hours and all in production environment!
The “Done!” mail got out at 9pm! Now I’m not one to brag, but any SharePoint admin must be impressed by that! Hell, even Scotty would be proud! I spent a few hours on Sunday cleaning up the mess and sorting out the BI issues (since this was a new farm there were a lot of BI configuration that was lost) but by Sunday 6pm everything was fully operational and I promptly went to be and slept like a baby. And one of the first things to hit me on Monday morning was “why is Managed Metadata empty” because yeah, in my haste I forgot that little thing ?
How was your weekend?
It’s been 10 years since me and my wife met. It’s been an unexpected ride that I’m incredibly happy I took a chance on!
Wind back the clock about 10 years and I was living very happily alone (but not lonely!) in my apartment in Visättra. My life was computer games (mostly WoW), movies, TV, F1 and my family in Nynäshamn. And the job at the lawfirm. Everything was great and I didn’t feel like I needed a girlfriend or live with some other person, I had way too many “special” habits to live with another person for long especially a girl. But I was still signed up to some dating sites and had the odd date or two. But then a mail dropped in through Parship from this chick who I just loved the way she wrote and expressed herself, she was funny, she was honest and open and the “straight to the point” kind of person I can really dig. So we set a date after work, hooked up and just walked around in Stockholm for a while, only stopping quickly to grab a coffee. Then I tried kissing her goodbye (DENIED!) and off she went. But I felt and knew this was something special so when I got home that night I ordered her flowers. Nice and romantic right? It was my way of saying “I don’t mind getting turned down for a kiss, I really dig you and I wanna meet again”. Little did I consider the fact that she works in “logistics”, which is a very male dominated area so when her male co-workers saw she got flowers the day after she’d been on a first date they jumped to conclusions! Anyway, a few days later she decided (without telling me!) to test how allergic I was to her cats by inviting me home to her place! Fortunately for me it wasn’t a big problem and after passing that test we went to see a terrible movie (“Jumper”) and made out a bit. And then we met a a few days a week but eventually I felt it was “do or die” and moved in with her after only 6 months. Yeah, I know, crazy but that’s how perfect this relationship felt. And 4 months after that we signed on for a house together. And 3 months after that we were pregnant. And the hits kept on coming!
It’s been a few lows here and there but as I see this has gone way better than I could have hoped for and I can just hope it keeps going that way because I’m having a blast!
Last weekend we had booked a room at the B&B at “Kastellet” at Vaxholm. That’s an old fortress on a very small island. It was used to fend off invaders in the archipelago but now it’s mostly a tourist site. But because of the extreme weather we had in Sweden last week there wasn’t anyone there during the weekend. At all! Not even the staff who had given us the code and put out the key for us for a room. So we had the entire place to ourselves! And it was absolutely amazing!!
So here’s hoping for another awesome 10,20, 30 or even 40 years!!
K mår bättre än bra
Yeah, I don’t know why but NASA has a special place in my heart. Maybe cause I’m a tech nerd, a scifi geek or just like to have my shit together, or maybe it’s some visionary part of me I don’t know I have but I just love it. In everything from fictional NASA in “Contact” to proper NASA in “From the Earth to the Moon” it’s an inspiration. That’s one of the reasons I made a point at going to Kennedy Space Centre when I was in Florida and one of the reasons that trip was an awesome success to me. And one of the reasons I didn’t have a problem opening up my wallet in the gift shop!
And yesterday I saw the movie/documentary “Mission Control” – about those 20-something engineers that made up the mission control team. I really recommend catching it on Netflix or renting it on bluray cause it’s awesome. One of the things that surprised me was the interview with one of the engineers who was there in the trench for a lot of the Apollo missions, even the moon landing, that said he regretted doing it because of the toll it took on his family! I mean, it’s one of the things I can only dream of doing so hearing that makes you wonder what really is important – making a mark in history or being with your family.
Another NASA “merchandise” I can recommend is the book “View From Above” by austronaut and “photographer in space” Terry Virts. You can get it from Amazon or something but it’s well worth it. Not only because of the awesome pictures that makes you feel tiny and insignificant but also because of the stories he has to tell.