


Project: Setup Windows 7 Kiosk
The goal of this project is a simple Windows 7 Kiosk installation with nothing else as the newest version of internet explorer installed. A user should not be allowed to do something than can malfunction the system or even elevating the user privileges. I want to show you in this post which GroupPolicies I’ve used and what configurations I made to set up this type of installation.
First I want to commit my principles for working with ActiveDirectory and Group Policies:
- If not needed a GroupPolicy shouldn't contain any registry keys.
- Group Policies instructions are much easier to read.
- Only AMDX templates are allowed, this means no AMD templates or anything else.
- AMDX won't in contrast to AMD templates becopied to the client, they stay in the SYSVOL Policy Definition folder on the domain controller.
- The Group Policy objects should be reusable.
- Configuring the minimum.

Manage access rights to the Office365 portal
In addition to my last script showing how to manage the user licenses in Office365 I’ve written a new script for assign, remove or replace the access rights in the office365 portal.
The script has the same structure as the license management script, feel free as always to copy and alter this script or asking me questions about it.

Kinaj 20 - Holy Moly (Mixtapes)

Find dead SharePoint ActiveDirectory Groups
The are three ways to handle access rights in SharePoint.
- Using ActiveDirectory Groups
- Using SharePoint Groups
- Using both of them
I personally recommend to use the first suggestion. Managing the access rights in one system is much easier to administrate, no switching or log off for administration work.
In our SharePoint installation I create for each securable resource and rights type a ActiveDirectory group and assign them organization groups.
A huge disadvantage of this strategy is that after a period of adding ActiveDirectory groups it’s hard to know which of those groups are really required.

Add View Folder link to search results page in SharePoint
In the default document search results in the SharePoint search center it is only possible to open the documents. It is not possible to navigate to the documents location.

Handling user password change and expiration issues with Office365 and ADFS – Part 2
This is part two of my experience in handling the password change office365 architecture issue.
Last time I’ve built a simple script to notificate the users about the status of their passwords. In the mean time we (me and another employ of the “vbl Informatik”) built a simple website for the office365 users to change their password.

Kinaj 19 - I don’t know (Rock, Alternative)

Backup Public GitHub Gists
To manage my code snippets I’m using GitHubGist connected with Gistbox.
Sadly none of this services providing a backup nor a download function for the gist files. That’s why I came upwith the idea to download them with PowerShell script.
For first my script only can download public gists, because I don’t know how to implement an authentication, luckily each of my gists is public. I recommend you to do the same, it’s the idea of OpenSource.
So here’s the script:

Office365 ADFS Chrome Login fails
Today I experienced an exotic behaviour, a client couldn’t access his Office365 page due he wasn’t able to login on the ADFS authentication prompt.
After googling and binging (just kidding, NERD) I found a simple solution.