Office365 – Powershell proxy.pac generator

First draft of a script used to generate a proxy.pac file that excludes all adresses that are used by Office 365.
Microsoft provides a list in JSON format. For further details check:
https://techcommunity.microsoft.com/t5/Office-365-Blog/Announcing-Office-365-endpoint-categories-and-Office-365-IP/ba-p/177638

Powershell – Remote Management of Windows Systems

This article should held to initially configure your windows clients to be managed remotely by powershell. There are some configurations needed so that the clients can be accessed remotely.

  • Configuration of the firewall
  • Configuration of the WinRM service

It can be configured either by GPO (group policy) or remotely by using WMI and a script.

When configured properly, you can access the clients with powershell:

 


Configure Remote Access

GPO Settings

You need to make the following changes in the clients GPO settings.

Enabling von WinRM

Policies > Administrative Templates > Windows Components > Windows Remote Management (WinRM) > WinRM Service

  • Server 2008 R2 and later: Open the Allow Remote Server management through WinRM policy setting.
  • Server 2008 and earlier: Open the Allow automatic configuration of listeners policy setting.
  • Set the Policy to Enabled.
  • Set the IPv4 and IPv6 filters to * unless you need something specific there (check out the help on the right).

Firewall Configuration

Configure the firewall settings so that WinRM remote access is allowed.

  • Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile
    inbound port exceptions policy setting.
    5985:TCP:*:enabled:WSMan

WinRM Service Autostart

  • Policies > Windows Settings > Security Settings > System Services
    Windows Remote Management (WS-Management) service.
    Autostart

Execute Scripts and Commands on Remote System

Word – Auto Fill Fields with data from active directory

I had a request recently from a customer to create a new solution, that allows to automatically fill document content in word with information about the current user from active directory.
So let’s say you open the standardized letter of your company, then you push a button in the toolbar and some fields in the document will automatically be filled out for you. I.e. address, phone number, etc.

We created a simple word macro to get the job done. Here’s a step by step guide.
This is a demo for the macro, if you like to pull more information from active directory you have to make customisations.

Creating the macro

First off, we want a macro that is able to pull the user information from active directory. We want the macro to be available for execution every time you open any word document.
So we put the macro in a document (dotm) and save it in the startup folder of word.

  • First, create a new empty word document.
 
  • In the options, check the folder that is defined as your startup folder.
  • In my word 2016 this is: file / options / advanced / file locations
  • Im my case it is set to u:\templates\startup
 
  • Close the dialogs again and save your empty document in the startup folder as “Word Macro-Enabled Template (*.dotm)”
  • Save it as: ldap_macro.dotm
 
  • Now it is time to actually insert the macro in the ldap_macro.dotm template
  • Press Alt+F11 to open the VBA editor
  • Underneath the ldap_macro document, double click “ThisDocument”
  • Paste the code (below)
  • Close the VBA Code Editor
  • Save the document and close Word. The macro will now always be available when we open any word document

Creating button to execute the macro

Now let us create a button in the quick access toolbar to be able to execute the macro.

  • Open up word with a blank document
  • Rightclick the ribbon and select “Customize Quick Access Toolbar”
  • Choose “Macro”
  • Select the ldap_macro from the list and click “Add”
  • You can also customize the icon if you like
  • Select “OK”
  • The macro now appears in word in the quick access toolbar

Testing the macro

Now we create a word template that contains a custom field. The value of the field will be pulled from active directory by our macro.

  • Open up word with a blank document
  • Open the File Menu
  • Underneath “Properties” select “Advanced Properties”
  • Add a property with the name “LDAPMacro_Username”
  • Click “Add” and then “Ok”
  • Create a test letter with your sender address
  • Mark / select your first name, like shown in the picture
  • Then select “Quick parts” / “field”
  • Under Categories select “Document Information”
  • Then select “DocProperty”
  • Choose “LDAPMacro_Username”
  • At this point you could save the document as a letter template for your company. But we will test the macro now
  • If you start the macro by clicking the icon in the quick access toolbar, the surname field should be filled out with the information of you user account from active directory

 

Setting the outlook default signature on client computers

Setting the default signature in outlook for all of your users is a straight forward process but can also be challenging, depending on what you actually want to achieve.

  • end-user should not be able to change the signature on his / her own
    There is one possibility to use the group policy in order to configure the reply- and new message signature. This is the easy way.
    It will prevent the users from changing those settings afterwards though. The fields will be grayed out in the outlook client.
  • end-user should be able to make adjustments
    This is the tricky part. There might be scenarios where you just want to provide an initial signature / default settings on the clients and allow the users to change.
    Then you cannot use the group policy but need to set the signature in the mapi profile. Therefore the usage of the extended mapi interface is required. We created a utility (exe) to set the reply and new message signature name in outlook. Check it out here