PowerShell Mouse Jiggler

If you have a need to deploy a mouse jiggler (to keep your PC from falling asleep) but don’t have rights to install things on your PC, this is the solution for you!

This script can be run interactively (dot source the function and then run it) or by adding it to your PowerShell profile.… [ Continue reading ]

Locating accounts in Active Directory that are expired but still active

While working with a customer over the past few weeks implementing a new AAD Connect synchronization rule to disable expired accounts, we wanted to evaluate how many accounts might be selected by such a rule.

Checking hundreds, thousands, or even tens of thousands of accounts by hand doesn’t rank high on anyone’s list–fortunately, that’s what PowerShell was made for.… [ Continue reading ]

Blocking Screen capture

Earlier today, a customer asked me how to block screen capture on Windows 10/11 devices.  Turns out, there are a few things we can do in the box.

Here we go!

Disclaimer: This post discusses modifying the Windows Registry. Please make a backup before changing any settings.[ Continue reading ]

Automatically copy managers on email

Recently, I was working with someone who related an interesting requirement: for a certain group of users, add their managers to the Bcc field.

Here’s how you can do it:

  1. Depending on your Azure AD directory is populated, ensure that the users have a manager configured (either by editing the Manager field in your local Active Directory or by editing it in the Microsoft 365 admin center).
[ Continue reading ]

Requiring multifactor authentication for all Teams users not on trusted networks

This week, I’m exploring some of the basics of Conditional Access and using it with Microsoft Teams.

In the “legacy” world (the term we attach to most things that aren’t bleeding edge these days), we typically saw organizations build the high, high walls and dig the deep, deep moats (and occasionally fill them with alligators) to keep the bad guys out.… [ Continue reading ]

Export Credential Manager to PowerShell

If you ever find yourself in a sticky wicket and need to extract usernames and passwords from Credential Manager (usually because you forgot them), you can use this handy-dandy little function from PowerShell:

function ExportCredMan
{
    # Dump local passwords from credential manager
    [void][Windows.Security.Credentials.PasswordVault,
[ Continue reading ]