TechShizz | All posts tagged 'Security'

Take Ownership

Take ownership of folder + delete - Run all three commands

takeown /F D:\My Documents\OneNote Notebooks* /R /A

cacls D:\My Documents\OneNote Notebooks*.* /T /grant administrators:F

rmdir /S /Q D:\My Documents\OneNote Notebooks

Windows Credential Manager Shell Shortcut

In a locked down environment, the Windows Credential Manager might be unavailable. You can still access is by pasting this into the run command dialogue boxL

%windir%\explorer.exe shell:::{1206F5F1-0569-412C-8FEC-3204630DFB70}

Integrating Information Rights Management in Office 365 with SharePoint



To have the ability to enable IRM you need to have the "Design" permission. (This is included in Global Admin)


There is only one global settings required to enable IRM in SharePoint. From the SharePoint Admin panel we need to enable IRM.


O365 Admin > Admin > SharePoint > Settings



Information Rights Services



Once this has been enabled, in site settings from within a SharePoint site (from the library tab in a SharePoint site you can create an IRM policy for the site.

Information Rights Services Settings



This policy prevents un-supported documents from being uploaded. When tested see the error below.



This library does not accept files of the given type

Managing Office 365 Password Policies via PowerShell

Password Expiry Settings


Default expiration = 90 Days

Min & Max = 14 to 730 Days (2 weeks to 2 years)

Default Notification = 14 Days

Password expiring notification - 1 to 30 Days


PowerShell  Only


Password never expires

Remove strong password complexity requirements.


Resetting a user password:


Set-MsolUserPassword -UserprincipalName "" -newpassword "Welcome123!"


Setting password policy settings:


Set-Msolpasswordpolicy -domainname "" -validityperiod "60" -NotificationDays "20"


Set a password to never expire:


Set-Msoluser -userprincipalname "" -PasswordNeverExpires $true


If we wanted to set all users passwords to never expire:


Get-Msoluser | Set-Msoluser -PasswordNeverExpires $true


Remove for all:


Get-Msoluser | Set-Msoluser -PasswordNeverExpires $false


Remove Complexity requirements


Set-Msoluser -userprincipalname "" -StrongPasswordRequired $false


Enable Complexity requirements


Set-Msoluser -userprincipalname "" -StrongPasswordRequired $true

Integrating with Exchange

This enables IRM in Office 365 - It will allow the control of content in exchange via use of the menus as shown:


Set Permissions - Do Not Forward

It also allows us to create rights protection mail rules in Exchange online:

Apply Right Protecting to Messages






In order to enable IRM in Exchange online we need to do the following.


Open PowerShell as Admin and run the following commands in order.


Set-ExecutionPolicy RemoteSigned

$usercred = Get-Credential

$sessioninfo = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $usercred -Authentication Basic -AllowRedirection

Import-PSSession $sessioninfo

Set-IRMConfiguration -RMSOnlineKeySharingLocation ""

Import-RMSTrustedPublishingDomain -RMSOnline -Name "RMS Online"

Set-IRMConfiguration -InternalLicensingEnabled $true

Test-IRMConfiguration -RMSOnline

Test-IRMConfiguration -Sender $usercred.username

Remove-PSSession $sessioninfo