Add Management Scopes to only allow access to those types of Mailboxes

New-ManagementScope -Name "Shared Mailbox Management" -RecipientRestrictionFilter {RecipientTypeDetails -eq "SharedMailbox"}
New-ManagementScope -Name "Room Mailbox Management" -RecipientRestrictionFilter {RecipientTypeDetails -eq "RoomMailbox"}

Add Role groups for those ManagementScopes

New-RoleGroup -Name "Shared Mailbox Admins" -Roles "Mail Recipients" -CustomRecipientWriteScope "Shared Mailbox Management"
New-RoleGroup -Name "Room Mailbox Admins" -Roles "Mail Recipients" -CustomRecipientWriteScope "Room Mailbox Management"

Add the Users to the Roles in 365 

Add-RoleGroupMember "Shared Mailbox Admins" -Member Test.User
Add-RoleGroupMember "Room Mailbox Admins" -Member Test.User

After this , the user can then go to Exchange admin center ( and login , they will see a list of users , but they will only be able to change delegation for SharedMailbox and Rooms

GD Star Rating
GD Star Rating

Issue I found with someone trying to manage their 365 tenancy inhouse with no IT knowledge 

  1. 365 Tenancy set up in the wrong country ( Apparently according to our CSP Partner who got someone from Microsoft on a call with the customer, this is actually against Microsoft’s Terms of Service? ) , but also means we can’t procure new licenses or arrange support via our CSP.
  2. Multiple ( Breakglass ) non named generic admin accounts e.g. [email protected] and [email protected] with Global Admin privileges without 2fa and not sure about the strength of the passwords.
  3. Assigned ( Breakglass ) non named Global admin users a Mailbox license to use for SMTP send email from Scanners
  4. Assigned multiple named Users ( Non IT ) in the organization Global Admin
  5. Did not know about Shared Mailboxes so created user mailboxes and purchased licenses for all their shared email accounts and shared the email and passwords around so users could add these to their outlook ( Using add account method ) 
  6. Old Users Mailboxes left on with Licenses indefinitely to make sure they still had access to Mailbox email ( Instead of converting to Shared and removing licenses)
  7. Contractors were setup as a b2b guest user via their third party email and a normal Azure Ad user  and had licenses assigned to both 
  8. Assigned users duplicates of License ( Exchange Online Plan P1 License on top of Office 365 Business Standard ) – When they tried to remove the Exchange Online Plan P1 License after we  pointed out , they didn’t enable the Exchange Online Plan P1 product on  Office 365 Business Standard license so email )
  9. Groups have been duplicated to the following ( Same group name different emails)  One Distribution Group , One 365 Group , One 365 Group with Teams Enabled
  10. No Two Factor Authentication
GD Star Rating
GD Star Rating

The virtual machine ” is using processor-specific features not supported on physical computer ”. To allow for migration of this virtual machine to physical computers with different processors, modify the virtual machine settings to limit the processor features used by the virtual machine.


Go to C:\Windows\System32\vmms.exe on the host and make sure its the same version ( Properties and details ) as the other hosts

If not then do Windows updates on the hosts which should update it

GD Star Rating
GD Star Rating
  1. Disconnect all computers and servers from the Internet ( to stop hack and stop encrypting ) 
  2. Find the Source of the Hack ( Sometimes this can be as easy as finding the server and PC that started Encryption )
  3. Restore Servers from a backup to a point in time before the hack and rebuild and compromised workstations
  4. Check customer passwords on or haveibeenpwned 


  1. MFA , MFA , MFA
  2. Windows and Software and Hardware Updates everywhere ( Reduce attack vector ) 
  3. Install a good antivirus like SentinelOne to stop future hacks
  4. Make sure your Router has things like IPS and Web Filtering
  5. Make sure you have a good spam filter in front 
  6. Run report on AD Security 
  8. Randomize Local Administrator passwords with a tool like Local Administrator Password Solution (LAPS) to prevent lateral movement using local accounts with shared passwords
  9. User Phish Testing
GD Star Rating
GD Star Rating

Javascript to highlight today’s opening times or a notice about a public holidau


<h3>Opening Hours</h3>
<div style="  font-size: 1em; font-family:NB; ">
  <tr style="border: 1px solid #dddddd;">
   <td style="padding:10px;"><div id="monday"><div id="tuesday"><div id="wednesday">Monday to Wednesday:</div></td>
    <td><div id="mondaytime"><div id="tuesdaytime"><div id="wednesdaytime">10:00am - 9:00pm</div></td>
  <tr style="border: 1px solid #dddddd;">

    <td style="padding:10px;"><div id="thursday">Thursday:</div></td>
    <td><div id="thursdaytime">10:00am - 9:30pm</div></td>
  <tr style="border: 1px solid #dddddd;">

    <td style="padding:10px;"><div id="friday">Friday:</div></td>
    <td><div id="fridaytime">10:00am - 10:00pm</div></td>
  <tr style="border: 1px solid #dddddd;">

    <td style="padding:10px;"><div id="saturday">Saturday:</div></td>
    <td><div id="saturdaytime">9:00am - 10:00pm</div></td>
  <tr style="border: 1px solid #dddddd;">

    <td style="padding:10px;"><div id="sunday">Sunday:</div></td>
    <td><div id="sundaytime">10:00am - 9:30pm</div></td>

<div id="goodfriday"><div id="xmas">The store is closed on Good Friday and Christmas Day</div></div></br>
<div id="anzac">We are open on Anzac Day from 12pm</div>
<script type="text/javascript">
// Work out Good Friday
 var d = new Date();
 var currentYear = d.getFullYear();
  var a = Math.floor(currentYear % 19);
  var b = Math.floor(currentYear / 100);
  var c = Math.floor(currentYear % 100);
  var d = Math.floor(b / 4);
  var e = Math.floor(b % 4);
  var f = Math.floor((b + 8) / 25);
  var g = Math.floor((b - f + 1) / 3);
  var h = Math.floor((19 * a + b - d - g + 15) % 30);
  var i = Math.floor(c / 4);
  var k = Math.floor(c % 4);
  var l = Math.floor((32 + 2 * e + 2 * i - h - k) % 7);
  var m = Math.floor((a + 11 * h + 22 * l) / 451);
  var n = Math.floor((h + l - 7 * m + 114) / 31);
  var p = Math.floor(((h + l - 7 * m + 114) % 31) -1);
  var eastermonth = n.toString();
  var goodfridaydate = p.toString();
  var goodfriday = goodfridaydate + eastermonth ;
  //Work out todays dates  
  var currentmonth = new Date().getMonth();
  var currentday = new Date().getDate();
  var currentmonths = currentmonth.toString();
  var currentdays = currentday.toString();
  var currentdaymonth = currentdays + currentmonths ;
  var publicholiday

if (currentdaymonth == goodfriday)  document.getElementById("goodfriday").className = 'today'; publicholiday = "Yes";
if (currentdaymonth == "2511")  document.getElementById("xmas").className = 'today'; publicholiday = "Yes";
if (currentdaymonth == "253")  document.getElementById("anzac").className = 'today'; publicholiday = "Yes";

if( typeof variable === 'undefined' || variable === null ){
// Make the current day bold if not holiday
var d = new Date();
var days = 'sunday,monday,tuesday,wednesday,thursday,friday,saturday'.split(',');
            document.getElementById( days[new Date().getDay()] ).className = 'today';
            document.getElementById( days[new Date().getDay()] + 'time').className = 'today';


.today {
  text-transform: uppercase; 

GD Star Rating
GD Star Rating

SQL Agent

Give the user the right role e.g. SQLAgentOperatorRole to msdb (

SSISDB ( Intergration Services Catalog ) 

GD Star Rating
GD Star Rating

Having a the ZVM configured with only 2 CPU processors, no hot add for CPU or Mem and only 4GB of memory is not good when this server is crucial in recovering Client sites. 

Using the Evacuate Host and Populate Host in this location is mainly only used for Production sites NOT recovery Sites. 

Going to the Setup tab of the ZVM page bottom of the left menu, going to the elipsis at the right of any HOST provides you a list of options, the option “Change VM Recovery VRA” allows you to manually balance the VMs across all Hosts but needs to be checked before the machines are in Failover test or real failover. Here is where you can seperate a client so they are across all of the hosts.


GD Star Rating
GD Star Rating

Users can’t send email ( Stay in outbox ) 

On Send and Recieve , Email error “Not Implemented”

Outlook Error: “Not Implemented.” -

Cannot change profile settings , freezes when I click Email acconts

Looks like you need to search the current user registry for OLMAPI32.DLL

e.g. HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

C:\\Program Files\\Microsoft Office 15\\Root\\Office15\\OLMAPI32.DLL

and replace with 

C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\OLMAPI32.DLL


GD Star Rating
GD Star Rating