Author: Jim Smith (Page 1 of 11)

How to block Copilot inside of MS365 installed apps

February 16, 2026 /

If you paste this into admin powershell, it disables copilot inside of MS365 installed apps. Doesn’t change apps online, or the ability to use other AI’s, even copilot website, BUT it does block the copilot add on items in all installed office apps (Being used for PCA here shortly)

$regPath = “HKCU:\Software\Policies\Microsoft\office\16.0\common\officeai”
if (!(Test-Path $regPath)) { New-Item -Path $regPath -Force }
Set-ItemProperty -Path $regPath -Name “TurnOffCallout” -Value 1

$privacyPath = “HKCU:\Software\Policies\Microsoft\office\16.0\common\privacy”
if (!(Test-Path $privacyPath)) { New-Item -Path $privacyPath -Force }
Set-ItemProperty -Path $privacyPath -Name “disconnectedstate” -Value 2

Renaming Device with command prompt in Atera

January 27, 2026 /

If you want to rename a device in Atera without opening the device through cmd

click Manage dropdown

Click run as System command prompt

Type: wmic computersystem where name=”%COMPUTERNAME%” call rename name=”NEWCOMPUTERNAME”

Hit return

Type in the console shutdown /r /t 0

Hit return

Reload Atera after the computer has restarted the computer should be renamed

Fixing Blank “Save As” Dialog Window in Adobe Acrobat

January 8, 2026 /

Fixing Blank “Save As” Dialog Window in Adobe Acrobat

Issue

From ticket #5088 – When using Save As in Adobe Acrobat, the dialog box may appear blank, preventing you from saving the file as another name in another location. This issue can occur on both Windows and macOS.

Cause

Adobe Acrobat attempts to “display online storage options” during the save process. A preference setting can cause the dialog to render incorrectly.

References

https://helpx.adobe.com/acrobat/kb/blank-save-as-dialog-mac.html

Resolution

Disable the online storage option in Acrobat:

  1. Open Adobe Acrobat Preferences
    • Go to Edit > Preferences (Windows) or Adobe Acrobat > Preferences (macOS).
  2. Navigate to General Settings
    • In the left-hand menu, select General.
  3. Disable Online Storage Option
    • Locate:
      Show online storage when saving files
    • Toggle this OFF.
  4. Restart Acrobat
    • Close and reopen Adobe Acrobat to apply changes.

Alternate Workaround

If the issue persists or you need a quick alternative:

  • Use Microsoft Print to PDF (Windows) or Print to PDF (macOS):
    • From the print dialog, select the PDF printer option.
    • Save the file manually after printing.
  • Go to the location the file is saved in originally in File Explorer
    • Copy and paste the file from that location into the destination folder path

Export Public Folder Calendar Events to a Shared Calendar in Outlook Classic

December 16, 2025 /

Export Public Folder Calendar Events to a Shared Calendar in Outlook Classic

Overview

This guide explains how to export calendar events from a Public Folder in Outlook Classic (desktop app) and import them into a shared calendar using an .ics file.

Steps

  1. Open the Public Folder Calendar
    • Launch the Outlook Classic desktop app.
    • Navigate to the Public Folder calendar you want to export.
  2. Save the Calendar as an .ICS File
    • Go to File > Save Calendar.
    • Select the desired folder.
    • (Optional) Set a date range for the events you want to export.
    • Save the file in .ics format to your preferred location.
  3. Import Events into the Shared Calendar
    • Open the destination shared calendar in Outlook Classic.
    • Drag and drop the saved .ics file directly into the shared calendar.
    • All events from the Public Folder calendar will be imported.

Notes

  • Ensure you have the necessary permissions for both the Public Folder and the shared calendar.
  • Large calendars may take a few moments to process after import.

Resolving iPhone Sign-In Failures for Outlook & Teams After Tenant Migration

November 26, 2025 /

Resolving iPhone Sign-In Failures for Outlook & Teams After Tenant Migration

Purpose of This Article

  1. What this article aims to show you:
    This guide explains how to resolve an issue where an iPhone refuses to sign into Outlook or Microsoft Teams after a Microsoft 365 tenant-to-tenant migration, even after reinstalling apps or resetting passwords.
  2. When to use this information:
    Use this process any time a migrated user’s iPhone cannot authenticate to Outlook/Teams, especially when:
    • Credentials are correct but apps repeatedly fail to sign in
    • The old tenant’s identity is still cached on the device
    • Standard app reinstalls do not fix the issue
      This problem occurs because iOS stores stubborn Microsoft account caches that persist across reinstalls.

Step-by-Step Resolution Procedure

1. Use Microsoft Edge’s Hidden Reset Function (Most Effective Step)

This clears deeply embedded Microsoft account tokens that Outlook/Teams cannot remove themselves.

  1. Install Microsoft Edge from the App Store (temporary use only).
  2. Open Edge and in the URL bar enter: edge://signin-internals
  3. Tap RemoveAllAccounts.
  4. A red confirmation pop-up will appear—this is expected.
  5. Close Edge completely.
  6. Reinstall Outlook and Teams after completing all steps below.

Why this matters:
Edge exposes internal MSAL (Microsoft Authentication Library) caches that other Office apps cannot purge. Clearing this nearly always resolves post-migration authentication issues on iOS.

2. Remove Old Work Accounts from iOS System Settings

Even if the old work account isn’t showing in Outlook, iOS may still be storing it at the system level.

  1. Go to Settings → Mail → Accounts and delete any old work accounts.
  2. Also check under:
    • Settings → Passwords & Accounts (older iOS versions)
    • Settings → Apple ID → iCloud → Safari → temporarily disable Safari sync
  3. Go to Settings → Safari → Clear History and Website Data.

This flushes stored autofill credentials and account references that cause the sign-in loop.

3. Remove Old Accounts From Any Office App

If the user has Word/Excel/OneDrive installed, they may still hold the old tenant account.

  1. Open any Office app (Word, Excel, OneDrive, etc.).
  2. Tap the user’s profile icon (top left).
  3. Go to Settings → Storage Accounts.
  4. Swipe left on any old or incorrect accounts → Delete.

This removes the identity from Microsoft’s app-wide shared credential store.

4. Fully Reinstall the Apps After Clearing Credentials

Once the caches and accounts have been removed:

  1. Delete Outlook and Teams.
  2. Restart the iPhone (important reset of system caches).
  3. Reinstall the apps fresh from the App Store.
  4. Sign in with new tenant credentials.

At this point, authentication should succeed without referencing the old tenant.

Recap / Final Notes

This issue happens frequently after Microsoft 365 tenant migrations because iOS retains hidden Microsoft identity caches that aren’t cleared during normal reinstall procedures. Using Edge’s internal account purge, combined with removing accounts from iOS settings and Office app storage, ensures all legacy tenant tokens are removed.

Once all caches are cleared and the apps reinstalled, the user should be able to log into Outlook and Teams normally using their new tenant credentials.

If this process fails (rare), escalate internally before re-engaging Microsoft support—this procedure resolves the majority of cases.

Warranty Replacement Handling Procedure

November 25, 2025 /

Warranty Replacement Handling Procedure

Purpose of This Article

  1. What this article covers:
    This document outlines the full internal process for handling warranty replacements for client equipment purchased through Ultrex IT.
  2. When you should use this information:
    Use this procedure any time a client requests a hardware replacement and it appears the device may fall under Ultrex’s 1-year warranty window. These steps ensure financial accuracy, proper inventory handling, and consistent tracking across teams.

Warranty Replacement Process

1. Confirm Warranty Eligibility

Before taking any action:

  • Verify with leadership (typically [Name/Manager]) that the client is approved for a free warranty replacement.
  • Confirm:
    • The device was originally sold by Ultrex IT.
    • The purchase date is within 1 year.

No replacement should proceed without this confirmation.

2. Have Brandi Process the Replacement Sale

Once approved:

  • Contact Brandi to create a zero-cost sale for the replacement item.
  • This ensures:
    • Accurate billing records
    • Proper documentation in the billing spreadsheet
  • Do not manually remove or adjust inventory yourself yet.

3. Physically Perform the Replacement

  • Swap out the defective/failed item with the new, zero-cost replacement.
  • Collect the old device and return it to the office.

4. Tag the Returned Item

When bringing the old item back:

  • Tag or label it clearly as:
    “Bring-Back – Warranty Replacement – NON INVENTORY”
  • This ensures the item is not mistaken for active stock.

5. Test the Returned Item

Once tagged:

  • Evaluate whether the returned hardware:
    • Still functions
    • Has partial functionality
    • Can be used internally
    • Holds any salvage or resale value

Document basic findings if needed.

6. Get Approval for Final Inventory Handling

After testing:

  • Check back with leadership (same approval point as Step 1) with results of the test.
  • They will determine whether the unit should be:
    • Added back to usable internal inventory
    • Stored for parts
    • Recycled/disposed
    • Otherwise tracked as non-inventory equipment

Do not add anything back into inventory without confirmation.

Final Notes

Warranty replacements must follow this workflow to maintain proper billing, inventory accuracy, and accountability. Always secure approval before starting, ensure Brandi logs the zero-cost transaction, and tag returning hardware appropriately. Clear communication and documentation at each step prevent inventory errors and unexpected costs.

Thanks for following this process!

Allow/Whitelist Domains in Microsoft 365 Exchange Admin – Spam Filter rules locations

November 10, 2025 /

✅ Recommended Method: Create a Mail Flow Rule (Transport Rule)

This method allows you to define specific conditions under which emails from certain domains bypass spam filtering.​CloudInfra

Steps:

  1. Access the Exchange Admin Center:​CloudInfra+5Alitajran+5Microsoft Answers+5
  2. Create a New Rule:​LazyAdmin+8Microsoft Answers+8kjctech.net+8
  3. Define Rule Conditions:​
    • Name: Assign a descriptive name to the rule.​Microsoft Answers+5Microsoft Learn+5kjctech.net+5
    • Apply this rule if:
      • Select The sender > domain is > enter the domain you wish to allow.
      • Optionally, add conditions to enhance security, such as verifying that the sender passes SPF, DKIM, or DMARC checks.
  4. Set Actions:​Alitajran+2Microsoft Learn+2Microsoft Learn+2
    • Do the following:
      • Select Modify the message properties > set the spam confidence level (SCL) > choose Bypass spam filtering.
      • Optionally, add a custom header for tracking purposes.
  5. Finalize the Rule:​Microsoft Answers+1Microsoft Answers+1

This approach is preferred as it allows for granular control and can incorporate additional security checks to ensure the legitimacy of the sender. ​Active Directory Pro

⚠️ Alternative Method: Use the Tenant Allow/Block List

This method involves adding domains to the Tenant Allow/Block List to permit emails from those domains.​CloudInfra+2Microsoft Learn+2Microsoft Learn+2

Steps:

  1. Access the Microsoft 365 Defender Portal:​Microsoft Answers+4CloudInfra+4Alitajran+4
  2. Navigate to Tenant Allow/Block Lists:​Alitajran+4Microsoft Learn+4CloudInfra+4
  3. Add Domains to Allow List:​Active Directory Pro+5Alitajran+5LazyAdmin+5

Note: This method should be used cautiously, as it may bypass certain security checks, potentially allowing malicious emails if the allowed domain is compromised. ​CloudInfra

⚠️ Less Recommended Method: Modify Anti-Spam Policies

Adjusting anti-spam policies to allow specific domains is generally not advised, as it can bypass multiple layers of security.​

Steps:

  1. Access the Microsoft 365 Defender Portal:​
  2. Navigate to Anti-Spam Policies:​
    • Go to Email & collaboration > Policies & rules > Threat policies > Anti-spam.​
  3. Edit Inbound Policy:​Alitajran+3Microsoft Learn+3LazyAdmin+3

Caution: This method is less secure and should be used only when necessary, as it may allow spoofed emails to bypass spam filters. ​LazyAdmin

Summary:

Implementing these methods carefully will help ensure that legitimate emails from trusted domains are delivered without being marked as spam.

Data Migration Manual: Cloud Storage or Server to SharePoint

November 10, 2025 /

Data Migration Manual: Cloud Storage or Server to SharePoint

Purpose

This manual provides a step-by-step process for migrating data from Dropbox to SharePoint to ensure data integrity, security, and minimal downtime.

Pre-Migration Checklist

  1. Confirm Requirements
    • Client expectations and deliverables documented.
    • Folder structure and permissions reviewed.
  2. Gather Credentials
    • Admin access to Dropbox.
    • Admin access to SharePoint.
  3. Assess Data Volume
    • Calculate total storage size in Dropbox.
    • Check SharePoint storage capacity.
  4. Backup Data
    • Create a full backup of Dropbox files.
    • Store backup in a secure location.
  5. User Permissions Mapping
    • Document current permissions in Dropbox.
    • Plan corresponding permissions in SharePoint.
  6. Communication Plan
    • Draft and send initial notification to staff about upcoming migration, including:
      • Expected timeline.
      • Key changes to expect. 
      • Beginning outage time, and what to do (save local copies of files for during migration)
      • Who to contact for questions or concerns.
      • Schedule before the move even starts- when is the training to show them where their stuff is and how to access it?
      • Prepare training doc and video for staff training on how to access new locations and best practices. These compliment the scheduled in person training.
    • Schedule reminder emails for 1 week and 1 day before migration begins.
    • Send notification about outages during migration.

Migration Steps

Step 1: Prepare SharePoint Site

  1. Create a SharePoint document library.
  2. Define folder structures based on client requirements.
  3. Configure permission levels for each folder.
  4. Test folder access permissions with sample users.

Step 2: Export Data from Dropbox

  1. Use the Dropbox web interface or API to download data.
  2. Maintain folder structure and metadata during export.
  3. Confirm file size and count match original data.
  4. Label the exported data folder clearly (e.g., DropboxBackup_DATE).

Step 3: Upload Data to SharePoint

  1. Use the SharePoint Migration Tool, preferably from one of our high speed upload jumpbox locations
  2. Verify data upload status and error logs after each batch.

Step 4: Validate Data Integrity

  1. Compare Dropbox and SharePoint data size and count.
  2. Spot-check sample files to confirm readability.
  3. Test permissions for different user roles.

Step 5: Final Adjustments

  1. Reorganize folders based on any additional client requests.

Post-Migration Steps

  1. User Training
    • Provide SharePoint access guides (document and video)
    • Conduct training session for end-users.
  2. Monitor Usage
    • Review access logs for unusual activity.
    • Confirm users can access necessary files without errors.
    • Have scheduled stand-by time for urgent needs directly after rollout.
  3. Client Sign-Off
    • Request confirmation from the client that data is accessible and correct.
    • Document any issues resolved during migration.
  4. Post-Migration Communication
    • Send final email confirming migration completion.
    • Provide support contact details for troubleshooting. (this can be combined with training doc if doc is sent on day of rollout)

Troubleshooting Tips

  1. File Name Errors:
    • Rename files exceeding SharePoint’s 400-character limit.
    • Avoid special characters that SharePoint doesn’t support.
  2. Permission Conflicts:
    • Reapply permissions manually if needed.
  3. Missing Files:
    • Use backup files to recover any lost data.
    • Verify logs for skipped files and re-upload them.
    • Keep export of previous save as an offline time capsule for at least 3 months.
  4. Slow Uploads:
    • Use Koontz Jumpbox or gigabit upload location to do the download and upload. Do ONLY from within a VM created for this purpose only, and delete this VM 3 months after the deployment date.

Tools & Resources

  • Jim and Andrae have done the most of these. Connect with them if needed.
  • Training video of two different varieties are in the company youtube channel.
  • Training docs are in the documents folder. Feel free to compare with docs customized for customers in WWFARMS, MPP PIPPING, or ASPEN CREEK- each of those have had migrations done after this process was nailed down.

Defederate GoDaddy 365

November 10, 2025 /

From: https://docs.tminus365.com/configurations/godaddy/defederating-godaddy-365

Defederating GoDaddy 365

Last Updated: 7/2/2023 I updated this doc to include the new MSGraph cmdlets as MSOnline is being deprecated.

Unable to insert the picture
Migrate from Azure AD PowerShell to Microsoft Graph PowerShell.MicrosoftLearn
SUMMARY AND BACKGROUND

Customers can purchase a Microsoft 365 subscription direct with GoDaddy along with their primary domain. When this occurs, GoDaddy federates this domain and tenant, making it unable to transfer under the CSP program or Direct to Microsoft. Moving and defederating this account has been a major pain point and area of confusion which this blog post addresses.

In the solutions proposed in this guide you can perform the following:

Defederate the tenant without migrating

Never have to call GoDaddy

Keep user accounts vs deleting them

Have no downtime

High level-steps:

A. Prepare your End Users

B. Become a Tenant Admin in GoDaddy

C. Remove Federation with GoDaddy

D. Reset Users Passwords

E. Add a CSP Provider or Move Direct to Microsoft

F. Provision Licensing into the Account

G. Remove GoDaddy as Delegated Admin

H. Cancel GoDaddy Subscription

Prepare Your End Users

Defederating requires users to reset their passwords in order to be able to login to their account. You will need to have a password list to distribute to them or have them provide you passwords beforehand. You could just reset them all to a temporary password after federation and then they can change to whatever they want after.

Define a date and time in which you will be defederating. I recommend during non-business hours even though there is no downtime in mail flow with this solution. Provide end users with this information.

Since users may run into activation prompts within their office apps and outlook during the license transition, provide them documentation for how to sign back in after the license switch has taken place. For office apps they can simply go to File>Account>Sign Out>Sign In.

In outlook, users will be prompted to re-enter their new password after its changed:

Become a Tenant Admin in GoDaddy

When a user sets up a 365 account directly with GoDaddy, they set up the initial user as an “admin” user but this user is redirected to the GoDaddy portal when trying to access the admin tab when going to Office.com. For this reason, we need to gain access to the true Global Admin so that we can perform the necessary powershell scripts to defederate the tenant.

Login to Portal.Azure.com with the admin user that was set up when the account was first created and click on the 3 lines in the top left corner

Click on Azure Active Directory. Then click on Users when the new tabs open up

Here you should see a user label with admin@.onmicrosoft.com Ex:

Click on this user and reset their password. If you already have access to this user, you can disregard this step.

Once you have copied the temporary password, place it in a notepad and open an incognito window in the browser. In the browser, go to office.com and sign in with that username and temporary password. Establish a new password. With this completed, you now have a user that can run the necessary powershell commands in the future steps.

Remove Federation with GoDaddy

Be Aware Before you perform this step you want to make sure all users have the passwords you will be resetting as they will not be able to login without that new password.

We can use the following PowerShell cmdlets to defederate the tenant. Note that you need to run PowerShell as administrator.

CopyWrite-Host “Checking for MSGraph module…”

$Module = Get-Module -Name “Microsoft.Graph.Identity.DirectoryManagement” -ListAvailable

if ($Module -eq $null) {

    Write-Host "MSGraph module not found, installing MSGraph" 
    Install-Module -name Microsoft.Graph.Identity.DirectoryManagement 

}

Connect-MgGraph -Scopes “Directory.Read.All”,”Domain.Read.All”,”Domain.ReadWrite.All”,”Directory.AccessAsUser.All”

Enter the Admin credentials from “Become a tenant Admin in GoDaddy”

Get-MgDomain

See that the domain is “federated”#

Update-MgDomain -DomainId “” -Authentication Managed

An example of a DomainId is “tminus365.com”. This would be the domain that was listed as federated that you want to covert to managed. After this is complete you will get a new commandline. You can run Get-MgDomain again and see that your domain is now “managed”.

Please Note ALL domains in the tenant need to be in a managed state for this to work correctly even if one is no longer in use.

Supporting CMDLET docs:

Get Started: Get started with the Microsoft Graph PowerShell SDK | Microsoft Learn

Get Domain: Get-MgDomain (Microsoft.Graph.Identity.DirectoryManagement) | Microsoft Learn

Update Domain: Update-MgDomain (Microsoft.Graph.Identity.DirectoryManagement) | Microsoft Learn

Reset Users Password

You can do this manually one user at a time if there aren’t many users in the account or you could use a powershell script to bulk update everyone passwords form a CSV file. If you plan to do them manually, then you can simply login to office.com as the admin we derived from section B and now that the tenant is defederated, you will be able to click into the admin tile and access the Users section like you are familiar with. Otherwise, you can connect to Powershell as administrator and run the powershell script below:

Copy##########Connect to MsGraph##########

CopyWrite-Host “Checking for MSGraph module…”

$Module = Get-Module -Name “Microsoft.Graph.Users.Actionst” -ListAvailable

if ($Module -eq $null) {

    Write-Host "MSGraph module not found, installing MSGraph" 
    Install-Module -name Microsoft.Graph.Users.Actions 

}

Connect-MgGraph

Enter the Admin credentials from “Become a tenant Admin in GoDaddy”

####### Define CSV path of Users and Group ##################

$UserPath = Read-Host -Prompt “Enter File Path For CSV list of users”

Create CSV template with headers of Userprincipalname and Password#######

Import-Csv -Path $UserPath |%{Update-MgUserPassword -UserId $_.UserPrincipalName –NewPassword $_.Password}

Add a new Provider and Provision Licensing

Now that the tenant is defederated, you can add a CSP provider with their delegated admin link or go direct to Microsoft.

For CSP:

Paste the appropriate link in a browser and sign into the tenant with the Global Admin credentials if you are not already logged in. Accept the relationship. After the acceptance, reload the page and you will see a new CSP listed.

Order licensing for this customer. If you are not changing the subscription, then all you would need to do is provision the same amount of seats as you have today, remove them as delegated admin, and cancel with GoDaddy. There is no other action that would be required. License ownership would transfer and there will be no downtime for users.

If you are changing the subscriptions that are assigned to users (i.e. you are moving them from Business Standard to Business Premium as an example) you will need to perform the following steps:

Order the licensing from CSP

See the licensing provisioned in the 365 Tenant for this customer under Billing>Your Products

Go to Users>Active Users and bulk assign the new licensing from CSP and unassign the licensing from GoDadddy.

Remove GoDaddy as Delegated admin

Cancel the GoDaddy subscription in the GoDaddy admin portal.

For Microsoft Direct:

In the Microsoft Admin Portal, go to Billing>Purchase Services

Purchase the licensing you want to have for your users

Follow the same steps as CSP to Assign licenses to users if you have changed their subscription type. (i.e. Moving from Business Standard to Business Premium).

Remove GoDaddy as Delegated Admin and Cancel Subscription

Warning! If you do not follow the steps to remove GoDaddy as a delegated admin before you cancel with them, they will run a script to delete all users in the account and remove the primary domain. You need to ensure you remove them as delegated admin after the move and ensure that their admin user is deleted in the account BEFORE cancelling the subscription. This action is recoverable, but it causes you to have to perform more work and it does involve downtime. If you would like to never have any concerns of this issue with additional safeguards, you should look at a solution that migrates to a new tenant in addition to defederation.

In the 365 Admin Portal

Under Settings>Partner Relationships>Click on GoDaddy and remove their roles:

In GoDaddy, cancel the renewal:

Conclusion

From here, the subscription from GoDaddy will expire at end of term and that is all. You now have a tenant under CSP with all of the typical management functionality you are familiar with. Hope this provided some targeted guidance on defederating a GoDaddy tenant! Please share with the community!

« Older posts

© 2026 Ultrex Staff

Theme by Anders NorenUp ↑