How do you delete Office 365 account permenantly?

Well, there are situations you need to delete an Office 365 (MSOL) account permanently.

E.g., I need to create a new account with the same name but for a different user. Since there is a deleted MSOL account still exists, you can’t create the new user.

It is very easy. Open PowerShell and connect to AzureAD:

Connect-MSOLService -Credential (Get-Credential)

First you need to get the ObjectID of the deleted account. Here is how you do it.

Command: Get-MsolUser
-ReturnDeletedUsers -searchstring *UserUPN here* | fl UserPrincipleName,
Example: Get-MsolUser -ReturnDeletedUsers -searchstring | fl UserPrincipleName, ObjectID

Now note down the ObjectID from the above command and use it for next command. Then we need to purge the deleted account.

Command: Remove-MsolUser
-ObjectID *ObjectID here* -RemoveFromRecycleBin -Force
Example: Remove-MsolUser
-ObjectID c4d86044-bd23-7218-c226-e556a25a2dac -RemoveFromRecycleBin -Force

That’s it. You sent this specific MSOL account to Hell forever.

Now, do you want to “Purge” all deleted MSOL accounts? Get Nasty. Here is how you do it.

Get-MsolUser -ReturnDeletedUsers -All |
Remove-MsolUser -RemoveFromRecycleBin -Force

Exchange: Make new retention policy as default and Apply all mailboxes

After you created an Exchange Retention Policy either in Exchange Online or On-Prem Exchange, you have to make this new retention policy as Default, so new mailboxes will get this policy automatically.

To see the available retention policies, type


To change your Default Retention Policy for all users, run the following (Copy the retention policy name from the results of the above command):

Set-RetentionPolicy -Identity "Your Policy Name" -IsDefault:$true  

Now, we need to assign this policy to all existing mailboxes.

Get-Mailbox -ResultSize Unlimited | Set-Mailbox -RetentionPolicy "Your Policy Name"

That’s it. Enjoy!

How to open Shared Mailboxes in Outlook with its own mail profile?

This question has been asked many times and usually assumed it is not possible. It is possible to create a stand-alone Outlook mail profile for Office 365 / Exchange Online or even in On-Premises Exchange server. You don’t need to enable Shared Mailbox’s AD account or use Shared Mailbox’s AD account. All you need to verify is you have FULL access permissions to the Shared Mailbox.

Now, this is how it is done:

  1. Close Outlook if it is already open.
  2. Open Control Panel and Open Mail (Microsoft Outlook 2016)

  3. Click Show Profiles.. and Click Add… to create a new profile. Enter the appropriate name of the profile.
  4. In Add Account window, Enter the Name of the Shared Mailbox (well you can type anything here), then enter the Email Address of the Shared Mailbox.

    Note: You don’t need to type password at all here.

  5. Click Next

  1. When asked, enter YOUR CREDENTIALS. Since you have full access permission on the Shared Mailbox, profile should create it successfully.

That’s all. Don’t forget to change the default Outlook profile in Mail settings.


Outlook: How to delete emails after X number of days automatically?

This is client side solution of automatically deleting emails after X number of days.  We are going to use Outlook’s AutoArchive feature. Don’t worry AutoArchive feature can delete emails also. 

I would recommend create an Outlook rule to move the emails you want to delete after X number of days. Just to make sure this tip is for Outlook on Windows. 

Lets get to the instructions:

  • Open Outlook
  • Go to Files >> Options >> Advanced >> Auto Archive Settings
    1. Set Run AutoArchive every ___days to you liking. This means the emails will be deleted every X number of days automatically.
    2. Do you need to be prompted before AutoArchive Runs? Check the box for Prompt before AutoArchive runs
    3. Choose Permanently delete old itemsDo not click on Apply these settings to all folders now.
    4. Close OK.
  • Go and find the Outlook folder where the emails needs to be deleted. 
  • Right click on the folder and choose Properties, then open AutoArchive tab.
    • Select Archive this folder using these settings
    • Select Clean out items older than __ Weeks. If you want to delete the emails after 90 days, type 90 and select days. 
    • Select Permanently delete old items
    • Click OK

That’s all. You have done it. Wait for the AutoArchive to kick in and watch it delete the emails automatically.

Hope that helped you. Enjoy and Leave me a reply.  

PowerShell: Remembered Wireless Networks and it’s passwords

Hackers can run a script on your computer by any available methods (Malware, downloaded program, java script) to get your wireless password easily. That’s why you should not download any executable program from unknown and unreliable websites or a USB disk from parking lot. Once they have the wireless password, they can connect to the wireless network from parking lot or closed location around the property and get into the network.

This PowerShell script demonstrates how to grab the remembered wireless network names and it’s password in clear text on the running computer.

P.S. It is pretty dump to leave the output of the script on your computer for others to read.


    Script to get all remembered wireless networks and their
passwords on the running computer.

    This script display the wireless network name and its
password and also saves it in wireless-passwords.csv

$wprofiles = @()

(((netsh wlan show profiles) | out-string ).split(“`r`n”)).ForEach({
if ($_ -like “*All user profile*”)
$profiletextline = $_.Split(“:”)
$wprofiles += $profiletextline[1].trim()
“WirelessName`tPassword” | Out-File -FilePath .\Wireless-passwords.csv
$profilename = $_
(((netsh wlan show profile $profilename key=clear) | Out-String).Split(“`r`n”)).ForEach({
if ($_ -like “*Key content*”)
$passwordline = ($_.Split(“:”))[1].trim()
“$profilename`t$passwordline” | Out-File -FilePath .\Wireless-passwords.csv -Append
“$profilename = $passwordline”

# End of the Script


If you get this error (NS_ERROR_NET_INADEQUATE_SECURITY) when visting HTTPS site on Firefox, that means the web server has something wrong with SSL certificate (old ciphers, lower TLS version).

Here is how to fix your Firefox to access that page:

  1. Open Firefox and type about:config in the address bar
  2. Click on I accept the risk button
  3. Type http2 in search box
  4. Find network.http.spdy.enabled.http2 and double click to make it false (to disable http2).

Screen Shot 2018-10-21 at 10.08.40 PM

That’s all. You may need to close Firefox and reopen it.

Hope it helped you. 🙂


Exchange: Filter Distribution Groups by Alias with a Variable

If you ever search a mailbox or distribution group in Exchange using this command:


    $vAlias = “Sales”

    Get-DistributionGroup -Filter { Alias -eq $vAlias }

Aaaannnddd, It doesn’t work. But This works:


    Get-DistributionGroup -Filter { Alias -eq “Sales” }


Man, that’s frustrating. But there is a solution. Set the filter query like this:

    $vAlias = “Sales”

    Get-DistributionGroup -Filter “Alias -eq ‘$vAlias'”

Tadaaaa! It is freaking works now.

On-Prem Exchange: Conference Rooms are not processing Meeting Requests from Exchange Online

Say your conference room mailboxes are not processing meeting requests from Office 365 or from partner organization, and you want to process those meeting requests too, you come to right place.

Two ways you can accomplish that:


One of Two: On the Exchange Connector that receives emails from Office 365 or from different mail servers, Enable Externally secured (for example, with IPsec) in Security Tab of the connector properties.


Two of the Two: If you don’t like the above idea, you can enable ProcessExternalMeetingMessages setting on your conference room calendar processing settings. Whip out an Exchange Shell, the type this for every conference room.


Set-CalendarProcessing -Identity <Conference Room Name or Email Address> -ProcessExternalMeetingMessages:$true


In my case, I see Exchange 2016 OWA or ECP site will not open in Firefox or Chrome or Edge browsers. In Firefox I was getting this error:



The solution for Firefox:

Open Firefox, type about:config in address bar. Search for http2, find and disable Network.http.spdy.enabled.http2. Close and reopen Firefox.



Solution, If you have access to the server:

Download and run IIS Crypto tool on the Windows Server. Click on “Best Practices” button, which chooses the protocols and chiphers as below. Reboot your server.



Exchange: Distribution Group is rejecting emails from external email address

You set the distribution group to receive emails only from specific senders in the delivery management section of the DL properties. Now an email from external source sent to this DL and it fails with the NDR with the following error message:

#550 5.7.1 RESOLVER.RST.NotAuthorized; not authorized ##


Error message says it can not resolve the external email address. The solution is very simple.

Create an Exchange mail contact for the external email address that sends emails to the distribution group.

And, add the Exchange contact to the allowed senders list in delivery management section. That’s all.