Google API Bug: Google Groups Settings returning wrong value – You need to invite!!!

So.. This is wierd..

Apparently, If you try and set “whocaninvite” in groups settings via API to “NONE_CAN_INVITE”, the API returns the value as “ALL_MANAGERS_CAN_INVITE”.

If you set other settings say “ALL_MANAGERS_CAN_INVITE” or “ALL_MEMBERS_CAN_INVITE” it works fine and confirms by returning the same value back.

This is the same if you do via GAM tool or via their web portal to change a group settings

 

 

Above, if you select “Managers of the group” and save.. and then go back to the group, you will see the tick gone.

Apparently not affecting everyone.. Well it was and then they said they fixed it, and I said.. Nope.. So they have to open a new bug 72470856 for this one.

C’mon google.. you guys are the coders right? the developers?

Powershell Tip: FIM/MIM Explicit Disconnectors be gone… quickly!!!

Happy New Year!!! Hope everyone had a great 2017 and hopefully an even better 2018

If you know disconnectors then you definitely know how irritating the FIM/MIM GUI can be to convert a disconnector from explicit to normal or vice versa when you have potentially 10’s or 100’s of them… Joiner tab isn’t really friendly to select multiple disconnectors and “batch” convert them.

Thanks to Lithnet MIIS Powershell you can do the conversion of 100’s of them in 1 line and in couple of seconds

If you have a MA with 100’s of explicit disconnectors just run the following command (replacing the <MA NAME> with the ….. MA Name )

Done… Simples… You can ofcourse do the opposite as well if you wish i.e. Normal disconnectors -> Explicit Disconnectors.

MIM AD Sync Error: Unable to update the password – Another POV

So we sync AD users from cross-domain (not a single forest). So say from “DC=contoso,DC=com” to “DC=fabrikam,DC=com”. Not getting too much into it, we do some matching and rules extension to convert a few value to match the destination domain.

Have recently been seeing the following error when sync engine is trying to enable a disabled user in fabrikam domain.

cd-error

Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.

Although the password policy is the same between the two domains.

After a tip, for some reason after the user was synced but for some reason the password was not set. And when it was trying to enable the users, it didn’t have a password and failing the domain policy.

Fix: I got the list of users failing from MIM and set their password manually in the destination by using the following script

 

After this, the sync engine fixed the user up automatically.

Generic LDAP MA Error on Upgrade to AADConnect v1.1.649.0

Hey Guys

Another day – another bug #bugmaster (although a very small one)

If you use Azure AD Connect and manually upgrading to v1.1.649.0 and have a Generic LDAP MA in your configuration, after the upgrade you will get a “no-start-ma” error on Delta / Full Import or an “extension-dll-exception” on an export or when syncs start automatically after the upgrade.

Fix: Easy one – open the MA and click through each config page to refresh the MA manually.

Microsoft has acknowledged the bug and will fix it in the next release.

I am surprised as there aren’t that many MA extensions in AADConnect so how this was missed in their internal testing..

Powershell Tip: Send quick Email when a service goes down [Update: And bring it back up]

Yes we have SCOM monitoring and stuff, but if some testing or debugging is going on and do don’t want to do down the hassle of setting up alerts and just simply want to get notified when a service goes down, here is a simple script

 

It’s pretty self explanatory.

You can also send it to multiple recipients

 

Voila!! It will check every 10 seconds and if the service is in any other state apart from “Running”, it will send you an email and stop execution.

Update: And easy to bring it back up when it goes down. Run the following in PS as Admin. It will send a mail when service is down and bring it back up.