Office 365

OneDrive for Business “We couldn’t sync this library…”

I recently changed my password and needed to sign back into one drive. When doing so I encountered the following error message:  “We couldn’t sync this library. This library can no longer be synced using this application.”

I didn’t care much for the statement that in order to sync I needed to use the latest OneDrive application. I will upgrade later, but for now I needed to gain access to my file and sync.

To resolve the following steps were taken:

– Exit the One Drive for Business Application

– In the run box (WinKey R), type regedit

– Once in the registry, navigate down to HKEY_Current_User\Software\Microsoft\Common\Groove\

– Locate the key Disablemysitesync

– Update to registry key – ..\Groove\Disablemysitesync from 1 to 0.

– Start the one drive for business application
You should be able to click “Sync Now” and your up and syncing again

 

New Phishing Scam Using Microsoft Office 365

*** Attention Required ***

It seems that the bad guys are at it once again with an attempt to collect information by phishing credentials from those of us using Office 365 for corporate emails.  The characteristics of this particular attack the hackers intention is to deceive Office 365 users into providing their login credentials”.

The user sees a fake Office 365 login page, which requests their credentials. Once the Office 365 usernames and passwords have been compromised, the hackers can:

  • Send emails to other users in the victim’s address book, asking them for anything, sending fake invoices, sending more phishing emails, etc.
  • Access the user’s OneDrive account, to download files, install more malware, infect files with malware, etc.
  • Access the users SharePoint account, to download files, install more malware, etc.
  • Steal company intellectual property or other customer information such as customer SSNs, credit card numbers, email addresses, etc.

One of the characteristic of this recent attack is an email being sent with an embedded image which resembles an Microsoft Office Word document containing a link back to a site with a fake Office 365 logon page.  In addition to this the site URL ends in php?userid= syntax.

I have provided the following YouTube video to illustrate the interaction of the fake Office 365 logon page.

Link: https://youtu.be/wHxkzxGF4JY

 

Advice:

It’s an important part of your responsibility to be cautious when accessing emails even from known senders to ensure its legitimate by reviewing the email to ensure that its legitimate.

If in doubt do not open the email and reach out to the sender to ensure they sent you the email.  If you self-determine an email to be suspicious immediately report incidents as soon as they happen.

 

Here are a few guidelines below that could be followed.  Please review:

 

Check the sender.

Sometimes, cybercriminals and hackers will fake (or “spoof”) the sender of an email. If the “from” address doesn’t match the alleged sender of the email, or if it doesn’t make sense in the context of the email, something may be suspicious.

Check for (in)sanity.

Many typical phishing emails are mass-produced by hackers using templates or generic messages. While sophisticated attacks may use more convincing fake emails, scammers looking to hit as many different inboxes as possible may send out large numbers of mismatched and badly written emails. If the email’s content is nonsensical or doesn’t match the subject, something may be suspicious.

Check the salutation.

Many business and commercial emails from legitimate organizations will be addressed to you by name. If an email claims to come from an organization you know but has a generic salutation, something may be suspicious.

Check the links.

A large number of phishing emails try to get victims to click on links to malicious websites in order to steal data or download malware. Always verify that link addresses are spelled correctly, and hover your mouse over a link to check its true destination. Beware of shortened links like http://bit.ly, http://goog.le, and http://tinyurl.com. If an email links to a suspicious website, something may be suspicious.

Don’t let them scare you.

Cyber criminals may use threats or a false sense of urgency to trick you into acting without thinking. If an email threatens you with consequences for not doing something immediately, something may be suspicious.

Don’t open suspicious attachments.

Some phishing emails try to get you to open an attached file. These attachments often contain malware that will infect your device; if you open them, you could be giving hackers access to your data or control of your device. If you get an unexpected or suspicious attachment in an email, something may be suspicious.

Don’t believe names and logos alone.

With the rise in spear phishing, cybercriminals may include real names, logos, and other information in their emails to more convincingly impersonate an individual or group that you trust. Just because an email contains a name or logo you recognize doesn’t mean that it’s trustworthy. If an email misuses logos or names, or contains made-up names, something may be suspicious.

If you still aren’t sure, verify!

If you think a message could be legitimate, but you aren’t sure, try verifying it. Contact the alleged sender separately (e.g., by phone) to ask about the message. If you received an email instructing you to check your account settings or perform some similar action, go to your account page separately to check for notices or settings.

 

 

How to Remove Users From the Office 365 Deleted Users

And… its time to purge those 365 deleted users. Although we can wait for the retention policy to do it for us. I wanted to do this “now”.

I had wrote the following steps in the past and thought I would share here.

[Press Start]

To delete the account for one or more users

Sign in to Office 365 with your work or school account.

Go to the Office 365 admin center.

Go to Users > Active Users.

Choose the names of the users that you want to delete, and then select DELETE Delete.

In the confirmation box, select Yes.

Done!

[Pause]

Well, not so fast. The deleted users is not fully gone yet. It takes 30 days after you have deleted the user for it to purge from Office 365. However there is a way to do this faster

[Press Start]

Connect to Exchange Online using the Windows Azure Powershell module.

To connect you enter the following cmdlet’s:

  1. Store your credetials (this is stored in memory): $msolcred = get-credential
  2. Connection to Office 365: connect-msolservice -credential $msolcred

Once connected you can issue the following command to list deleted users:

get-msoluser –returndeletedusers -maxresults 100

To remove a deleted user permanently:

remove-msoluser –userprincipalname UID@UPN.com -RemoveFromRecyclebin

If you had multiple users, the following cmdlet would work to remove all deleted users recycle bin:

get-msoluser –returndeletedusers -maxresults 100 | remove-msoluser -removefromrecyclebin -force

That’s it… Your done. Good Luck

Original Post of mine can be found here

Quick How To Share a Document with OneDrive for Business


You can share file(s): Documents and such with Onedrive for Business

1.      In the file list, right-click a document, or select a document and then select Share.

2.      Select Get a link.

3.      Choose who to share with, and if they can view or edit the file.

4.      To share with people inside your organization, choose:

5.      View link – account required – people inside your organization can view, copy, or download the document.

6.      Edit link – account required – people inside your organization can edit, copy, or download the document.

7.      To share with people outside your organization, choose:

8.      View link – no sign-in required – people outside your organization can view, copy, and download the document.

9.      Edit link – no sign-in required – people outside your organization can edit, copy, and download the document.

10.  For external links, select SET EXPIRATION, and choose when you want the link to expire.

11.  Click Copy and paste the link in an email or post it.

Note: Links created that don’t require a sign-in can be opened by anyone, so make sure the content can be shared publicly. Consult your Corporate Information Security Policy and IT if needed.

Note: Sharing of folders is not possible at this time.

Exchange Remote PowerShell Broken in Windows 10 Anniversary Update

So you updated to Windows 10 Anniversary and now have found yourself unable to connect to a remote PowerShell sessions. I noticed this in my management of Exchange Online in Office 365 after upgrading to Windows 10 version 1607 aka Anniversary Edition.

In my attempts to connect, as I have done in the past: http://jermsmit.com/azure-active-directory-module-for-windows-powershell-how-to-connect/ I encountered a error message:

 

Later comparing this with my down-level installs of Windows 10 and Server 2012 R2 this issue does not exist. So what changed?

It seems that the version of PowerShell which was updated may have something to do with this issue. This is when I attempted to run PowerShell in a down-level mode.

This is done by issuing the following command in an elevated command prompt (Run As Administrator): PowerShell.exe -Version 2.0

From this point we can now connect without issue.

Hope this helps