Since being thrust into using GSuite / Google Workspace, I found the GAM tool on Github incredibly valuable.
We recently have a spear-phishing attack sent to a number of users in finance pretending to be the CFO. I was able to test and then remove all the emails from users mailboxes by using the following command:
gam all users delete threads query from:[xyz]@gmail.com doit
I encountered this one recently. Google doesn’t make it simple (or clear) how to allow external people to send emails to a Google Group (which most people use as the equivalent of a distribution list / Office365 group).
In Google Admin, navigate to the Google Group and check off “Allow” (a checkmark) where Publish Posts and External intersect (seen below with the number 1 in red)
That’s it! External users will now be able to email the group.
Recently, I was trying to perform an audit search on an Office365 organization and found auditing wasn’t enabled. When I tried to do it straight from the audit screen, I encountered this error:
I went straight to PowerShell and ran Get-AdminAuditLogConfig | FL Unified* and it was not enabled.
To resolve this, I ran Enable-OrganizationCustomization
And then I ran the Powershell command Set-AdminAuditLogConfig – UnifiedAuditLogIngestionEnabled $true
And that did it!
It’s been a while and there is plenty of reasons for that, but namely… I got a new job!
Anywho, here is a good one I encountered when trying to update an ESXI host.
Could not find a trusted signer: certificate is not yet valid
Failed to setup patcher for upgrade
I hadn’t used this host in a hot minute and one thing I know is that SSL Certs are time/date-based. I took a look at the date and time in ESXI and lo and behold found an incorrect date.
After setting the correct date, I re-ran the command and the ESXI update completed successfully. I also set the server to use NTP so this doesn’t pop up again.
The long-requested ability to send emails from an alias in Office 365 has been finally released!
When you use an alias to send an email, the From and Reply to field for the recipient will appear to be the alias meaning the recipient will only see the alias and not your primary email address.
To make this happen, simply login to your Office365 tenant via Powershell and run the following command:
Set-OrganizationConfig -SendFromAliasEnabled $trueThat’s it! Within a few minutes it should begin working.
To send from the alias, make sure you are showing the From field by clicking Options > From, shown below
Voila!