Author Archives: Michael Miklis

Docker Linux

Creating a Raspbian Docker base-image

During some testing with docker, I wanted to create my own base image rather than using pre-build images. I did that to get a better understanding of the technology behind docker.

Read More
Docker Programming

RPi-Monitor Docker container

I’ve been using RPI-Monitor from RPi-Experiences several years on all my Raspberry Pis. I think it is a great Web-UI to get a quick view of the overall system state of your Raspberry Pi:

On my way to put most of my Linux / RPi services into individual docker containers, I came across my RPi-Monitor installation. There were several images available on Docker Hub but they had either no DOCKERFILE published or they did not use the values and metrics from the actual docker host.

Read More
Docker Smart Home

ha-bridge in Docker container on a Raspberry Pi

During Christmas holidays I spent some time to work with Docker and migrate all my smart home components and services into separate Docker containers. During that process, I decided to use a Raspberry PI 3 as my Docker host.

To connect my smart home system with Amazon Alex I use habridge from bwssystems. Unfortunately, there was no official Docker Image on Docker Hub. Therefore I created a Dockerfile and created a new Github Repository and a Docker Hub Repository:

https://github.com/michaelmiklis/docker-rpi-habridge
https://hub.docker.com/r/michaelmiklis/rpi-habridge

The Dockerfile is based on the great work from tsgoff: https://github.com/tsgoff/docker-alexa-ha-bridge

Most of my Docker containers are based on the resin.io base-images. These guys are doing a great job in maintaining their images.

Read More
Bechtle-Blog Office 365 PowerShell

Update: Assign Office 365 licenses based on Active Directory groups (version 1.1)

Several months ago, I published a PowerShell script to assign Office 365 licenses to user accounts based on their on-premises Active Directory group memberships (original post). I received a lot of great feedback for that script and added some bugfixes and support for multiple assigned licenses. Multiple assigned licenses will occur if your users are using multiple Office 365 services, like Intunes and Office 365 E3, or maybe Windows E3 for instance.

Like all my new coding project you’ll also find the PowerShell script on GitHub:
https://github.com/michaelmiklis/Set-MSOLLicenseToADGroupMembers.ps1

You just need to modify the on the end to match your environment (username, password, group names, e.g.):

######################################################################
## (C) 2017 Michael Miklis (michaelmiklis.de)
##
##
## Filename:      Set-MSOLLicenseToADGroupMembers.ps1
##
## Version:       1.1
##
## Release:       Final
##
## Requirements:  -none-
##
## Description:   Assign Office 365 Licenses based on Active Directory
##                Groups.
##
## This script is provided 'AS-IS'.  The author does not provide
## any guarantee or warranty, stated or implied.  Use at your own
## risk. You are free to reproduce, copy & modify the code, but
## please give the author credit.
##
####################################################################
Set-PSDebug -Strict
Set-StrictMode -Version latest
  
 
function Set-MSOLLicenseToADGroupMembers {
    <#
    .SYNOPSIS
    Assigns Office 365 Licenses to Members of AD-Group
  
    .DESCRIPTION
    The Set-MSOLLicenseToADGroupMembers CMDlet gets all users from a
    specified AD-Group and assigns a specified Office 365 License to
    the corresponding Office 365 identities
  
    .PARAMETER GroupName
    Name of the Active Group
  
    .PARAMETER License
    Name of the License
 
    .PARAMETER UsageLocation
    Name of the Location
  
    .EXAMPLE
    Set-MSOLLicenseToADGroupMembers -GroupName "Office365_E3" -License "contoso:ENTERPRISEPACK"
 
    #>
      
    param (
        [parameter(Mandatory=$true)]
        [ValidateNotNullOrEmpty()]$GroupName,
        [parameter(Mandatory=$true)]
        [ValidateNotNullOrEmpty()]$License,
        [parameter(Mandatory=$true)]
        [ValidateNotNullOrEmpty()]$LicenseName,
        [parameter(Mandatory=$false)]
        [ValidateNotNullOrEmpty()]$UsageLocation="DE"
    )
 
    foreach ($User in (Get-ADGroupMember -Identity $GroupName)) {
    $User = Get-ADUser -Identity $User -Properties UserPrincipalName
    $MsOlUser =  Get-MsolUser -UserPrincipalName $User.UserPrincipalName -ErrorAction SilentlyContinue 
 
    $UserLicensePresent = $false

    if ($MsOlUser -ne $null) {
        Write-Host ("Found Office 365 User: " + $MsOlUser.UserPrincipalName)
            Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation
 
        if ($MSOlUser.IsLicensed -eq $false) {
            Write-Host ("User not licensed - assigning license: " + $LicenseName)

            Set-MSOLUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $LicenseName
            Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -LicenseOptions $License
        }
        else {
            foreach ($UserLicense in $MSOLUser.Licenses)
            {
                if ($UserLicense.AccountSkuId -eq $LicenseName)
                {
                    $UserLicensePresent = $true
                    break
                }
            }


            if ($UserLicensePresent -eq $false) {
                Write-Host ("User licensed, but not with correct license - assigning license: " + $LicenseName)

                Set-MSOLUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $LicenseName
                Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -LicenseOptions $License
            }
            else {
                Write-Host ("User has already a correct license assigned: " + $LicenseName)
            }
        }
    }
    }
 
}
 
Import-Module MSOnline
 
$Username = "xxxxx"
$Password = "xxxxx"
 
# Convert the plain text password to a secure string
$SecurePassword=ConvertTo-SecureString –String $Password –AsPlainText –force
$Credential=New-object System.Management.Automation.PSCredential $Username,$SecurePassword
 
# Create new Office 365 license options
$LicenseOfficeProPlus = New-MsolLicenseOptions -AccountSkuId "SUBSCRIPTION_NAME:OFFICESUBSCRIPTION"
$LicenseE3withoutExchange = New-MsolLicenseOptions -AccountSkuId "SUBSCRIPTION_NAME:ENTERPRISEPACK" -DisabledPlans "EXCHANGE_S_ENTERPRISE"
 
# Connect to Microsoft Office 365 tenant
Connect-MsolService -Credential $credential
 
# Assign licenses based on Active Directory group membership
Set-MSOLLicenseToADGroupMembers -GroupName "O365_PROPLUS" -License $LicenseOfficeProPlus -LicenseName "SUBSCRIPTION_NAME:OFFICESUBSCRIPTION" -UsageLocation "DE"
Set-MSOLLicenseToADGroupMembers -GroupName "O365_E3" -License $LicenseE3withoutExchange -LicenseName "SUBSCRIPTION_NAME:ENTERPRISEPACK" -UsageLocation "DE"
Read More
PowerShell Windows

Safely change the Administrator Password

In one of my current projects, the customer wants to change the password of the Active Directory built-in Administrator account. This account was used several years for setting up tasks, running services and all kinds of things. To ensure that all major business applications will not be affected by that change, we needed to identify all processes and persons using the Administrator account and create separate service accounts for these applications.

Read More
NetAtmo Programming

Netatmo Weather Station Shell Script

I got a lot of feedback for my blog post Read NetAtmo weather station data via Script and Export NetAtmo weather station data to CSV / Excel. A lot of people seem to be interested by using the data from thier Netatmo weather station.

Bernd G. – one of my blog readers, extended my scripts and build a complete Linux shell wrapper around it. That makes it much easier and adds more flexibility to the scripts. Bernd allowed me to post his script on my blog to share it.

Read More
PowerShell Programming Windows

Change DNS settings on multiple Windows Servers and Workstations

During several Active Directory migration projects I needed to change the DNS server IP addresses on several computers if the DNS service was installed on the Active Directory Domain Controller. Therefore I wrote a little PowerShell script to connect to remote computer and change the DNS server IP address in the network connection via WMI to the onces specified in the script.

This makes changing the IP address of a DNS server much easier because all Windows systems based on Windows Server 2008 / Vista or newer can be edited by using this PowerShell script.

Read More
Bechtle-Blog PowerShell Windows

Using Windows certificate store in Mozilla Firefox

Lots of companies are using Mozilla Firefox in their corporate environment. Firefox came up with a great new feature in the latest version – it will support Windows enterprise trusted root certificates! No more need for adding certificates to Firefox separately using the keytool:

Just use the Windows Active Directory Group Policies to deploy your certificates – most of you already do this for use with Microsoft Internet Explorer and other software. To enable this great new feature Firefox introduced a new configuration parameter named security.enterprise_roots.enabled this needs to be set to true in the about:config page:

Read More
Bechtle-Blog Office 365 PowerShell

Assign Office 365 licenses based on Active Directory groups

Updated version available: https://www.michaelmiklis.de/update-assign-office-365-licenses-based-on-active-directory-groups-version-1-1/

I’ve done several Microsoft Office 365 projects with together with some of our customers. In most implementations, I was asked if there’s a way to assign Office 365 licenses (a.k.a. plans) to users based on their Active Directory group memberships.

Most companies have built their entire permission model on Microsoft Active Directory. With Active Directory Federation Services (ADFS) Microsoft offers a powerful and great tool for synchronizing user and group account from the customer’s on-premise environment into the Office 365 cloud.

Unfortunately, there is no built-in technique to automatically assign licenses. Therefore I wrote a small PowerShell script to complete this task.

Read More
Programming Synology

Edit Synology Photo Station Album Permissions via Script

I’m using Synology Photo Station for storing all my pictures and share access to all family members. Being an IT-Guy I’m very concerned about security and especially the access rights to all albums. Unfortunately, Synology marks a new album always as public. Instructing my family to set the correct album permissions didn’t work because they’re normal users and they don’t want to do any settings for albums. They just want to access and upload their photos.

Synology Photo Station Permissions

At this point, I decided to have a look on the Postgres SQL Database that is being used

Read More
1 2 3 5