Office 365 ADFS策略设置工具

ADFS全称为Active Directory Federation Services,即活动目录联合服务,我们主要用来做账号登录认证。

为了方便对其策略进行配置,写了下面的脚本,必须在ADFS主服务器运行。

#------------------------------------------------------------------------------
#
# Copyright  2012 Microsoft Corporation.  All rights reserved.
#
# THIS CODE AND ANY ASSOCIATED INFORMATION ARE PROVIDED “AS IS” WITHOUT
# WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT
# LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS
# FOR A PARTICULAR PURPOSE. THE ENTIRE RISK OF USE, INABILITY TO USE, OR 
# RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.
#
#------------------------------------------------------------------------------
#
# PowerShell Source Code
#
# NAME:
#    Office 365 - Client Access Policy Builder.ps1
#
# VERSION:
#    1.0
#
#------------------------------------------------------------------------------

#----------------------------------------------
#region Import Assemblies
#----------------------------------------------
[void][Reflection.Assembly]::Load("System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
[void][Reflection.Assembly]::Load("System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
[void][Reflection.Assembly]::Load("System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
[void][Reflection.Assembly]::Load("mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
[void][Reflection.Assembly]::Load("System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
[void][Reflection.Assembly]::Load("System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
[void][Reflection.Assembly]::Load("System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
#endregion Import Assemblies

#Define a Param block to use custom parameters in the project
#Param ($CustomParameter)

function Main {
	Param ([String]$Commandline)
	#Note: This function starts the application
	#Note: $Commandline contains the complete argument string passed to the packager
	#Note: $Args contains the parsed arguments passed to the packager (Type: System.Array) 
	#Note: To get the script directory in the Packager use: Split-Path $hostinvocation.MyCommand.path
	#Note: To get the console output in the Packager (Windows Mode) use: $ConsoleOutput (Type: System.Collections.ArrayList)
	#TODO: Initialize and add Function calls to forms

	if((Call-MainForm_pff) -eq "OK")
	{

	}

	$global:ExitCode = 0 #Set the exit code for the Packager
}

#region Call-MainForm_pff
function Call-MainForm_pff
{
	#----------------------------------------------
	#region Import the Assemblies
	#----------------------------------------------
	[void][reflection.assembly]::Load("System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
	[void][reflection.assembly]::Load("System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
	[void][reflection.assembly]::Load("System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
	[void][reflection.assembly]::Load("mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
	[void][reflection.assembly]::Load("System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
	[void][reflection.assembly]::Load("System.Xml, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089")
	[void][reflection.assembly]::Load("System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a")
	#endregion Import Assemblies

	#----------------------------------------------
	#region Generated Form Objects
	#----------------------------------------------
	[System.Windows.Forms.Application]::EnableVisualStyles()
	$MainForm = New-Object System.Windows.Forms.Form
	$buttonBuild = New-Object System.Windows.Forms.Button
	$buttonHelp = New-Object System.Windows.Forms.Button
	$labelNotify = New-Object System.Windows.Forms.Label
	$groupboxStep2 = New-Object System.Windows.Forms.GroupBox
	$labelGroups = New-Object System.Windows.Forms.Label
	$textboxGroups = New-Object System.Windows.Forms.TextBox
	$groupboxIPSelection = New-Object System.Windows.Forms.GroupBox
	$labelIPExplanation = New-Object System.Windows.Forms.Label
	$labelRangeEndNotify = New-Object System.Windows.Forms.Label
	$labelRangeBeginNotify = New-Object System.Windows.Forms.Label
	$labelIPNotify = New-Object System.Windows.Forms.Label
	$labelRangeHyphen = New-Object System.Windows.Forms.Label
	$label9 = New-Object System.Windows.Forms.Label
	$label8 = New-Object System.Windows.Forms.Label
	$label7 = New-Object System.Windows.Forms.Label
	$label6 = New-Object System.Windows.Forms.Label
	$label5 = New-Object System.Windows.Forms.Label
	$label4 = New-Object System.Windows.Forms.Label
	$label3 = New-Object System.Windows.Forms.Label
	$label2 = New-Object System.Windows.Forms.Label
	$label1 = New-Object System.Windows.Forms.Label
	$RangeOct8 = New-Object System.Windows.Forms.TextBox
	$RangeOct7 = New-Object System.Windows.Forms.TextBox
	$RangeOct6 = New-Object System.Windows.Forms.TextBox
	$RangeOct5 = New-Object System.Windows.Forms.TextBox
	$RangeOct4 = New-Object System.Windows.Forms.TextBox
	$RangeOct3 = New-Object System.Windows.Forms.TextBox
	$RangeOct2 = New-Object System.Windows.Forms.TextBox
	$RangeOct1 = New-Object System.Windows.Forms.TextBox
	$IPOct4 = New-Object System.Windows.Forms.TextBox
	$IPOct3 = New-Object System.Windows.Forms.TextBox
	$IPOct2 = New-Object System.Windows.Forms.TextBox
	$IPOct1 = New-Object System.Windows.Forms.TextBox
	$radiobuttonIPRange = New-Object System.Windows.Forms.RadioButton
	$radiobuttonSingleIP = New-Object System.Windows.Forms.RadioButton
	$radiobuttonBlockOnlyOutlook = New-Object System.Windows.Forms.RadioButton
	$labelChooseOneOfTheExampl = New-Object System.Windows.Forms.Label
	$radiobuttonBlockExceptEAS = New-Object System.Windows.Forms.RadioButton
	$radiobuttonBlockExceptBrowser = New-Object System.Windows.Forms.RadioButton
	$radiobuttonBlockAll = New-Object System.Windows.Forms.RadioButton
	$radiobuttonBlockGroups = New-Object System.Windows.Forms.RadioButton
	$groupboxStep1 = New-Object System.Windows.Forms.GroupBox
	$labelClaimTypesNotify = New-Object System.Windows.Forms.Label
	$labelAfterTheUpdateRollup = New-Object System.Windows.Forms.Label
	$buttonCreateClaimTypeRules = New-Object System.Windows.Forms.Button
	$InitialFormWindowState = New-Object System.Windows.Forms.FormWindowState
	#endregion Generated Form Objects

	#----------------------------------------------
	# User Generated Script
	#----------------------------------------------

	$OnLoadFormEvent={
		#Set vars
		$Global:ErrorActionPreference = "SilentlyContinue"
		$Global:IPisValid = $false
		$Global:RangeBeginIsValid = $false
		$Global:RangeEndIsValid = $false
		$Global:IP = "1000.1000.1000.1000"
		$Global:RangeBeginIP = "1000.1000.1000.1000"
		$Global:RangeEndIP = "1000.1000.1000.1000"
		$StopHere = $false
	$Global:ClaimRuleLanguage = @"
@RuleName = "Permit Access to All Users"
 => issue(Type = "http://schemas.microsoft.com/authorization/claims/permit", Value = "true");
@RuleName = "Block all external access to Office 365"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"customer-provided public ip address regex"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
"@

		#Initialize UI
		$radiobuttonBlockAll.Checked = $true
		$radiobuttonSingleIP.Checked = $true
		$RangeOct1.Enabled = $false
		$RangeOct2.Enabled = $false
		$RangeOct3.Enabled = $false
		$RangeOct4.Enabled = $false
		$RangeOct5.Enabled = $false
		$RangeOct6.Enabled = $false
		$RangeOct7.Enabled = $false
		$RangeOct8.Enabled = $false
		$IPOct1.Enabled = $true
		$IPOct2.Enabled = $true
		$IPOct3.Enabled = $true
		$IPOct4.Enabled = $true
		$groupboxStep2.Enabled = $false
		$labelNotify.Visible = $false
		$labelGroups.Visible = $false
		$textboxGroups.Visible = $false
		$buttonBuild.Enabled = $false

		#Check to make sure this is an AD FS 2.0 server
		$IsADFS = Get-Service ADFSSRV
		If (!$IsADFS)
		{
			$StopHere = $true
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " The AD FS 2.0 Windows service was not found on this machine. "
			$groupboxStep1.Enabled = $false
			$groupboxStep2.Enabled = $false
			$buttonBuild.Enabled = $false
		}

		#Check to make sure the AD FS 2.0 Windows service is running
		If (($IsADFS.Status -ne "Running") -and (!$StopHere))
		{
			$StopHere = $true
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " AD FS 2.0 is not running. "
			$groupboxStep1.Enabled = $false
			$groupboxStep2.Enabled = $false
			$buttonBuild.Enabled = $false
		}

		#Check if the AD FS 2.0 MMC is open
		$ADFSMMC = Get-Process | Where {(($_.MainWindowTitle -eq "AD FS 2.0") -and ($_.Name -eq "mmc"))}

		If (($ADFSMMC.GetType().Name -eq "Process") -and (!$StopHere))
		{
			$StopHere = $true
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " Please close the AD FS 2.0 MMC console. "
			$groupboxStep1.Enabled = $false
			$groupboxStep2.Enabled = $false
			$buttonBuild.Enabled = $false
		}

		#Add the AD FS 2.0 PSH snap-in
		#check for Vista, 7, or 8
		$OSVersion = [System.Environment]::OSVersion.Version

		If (($OSVersion.Major -eq 6) -and ($OSVersion.Minor -eq 2))
		{
		       #this is win8 and AD FS 2.1 is a server role
		       #import the AD FS 2.1 module
		       Import-Module ADFS -ErrorAction SilentlyContinue
			   
			   	If ((!((Get-Module ADFS).Name)) -and (!$StopHere))
				{
					$StopHere = $true
					$labelNotify.Visible = $true
					$labelNotify.ForeColor = "Red"
					$labelNotify.Text = " AD FS 2.0 PowerShell failed to load. "
					$groupboxStep1.Enabled = $false
					$groupboxStep2.Enabled = $false
					$buttonBuild.Enabled = $false
				}
		}
		Else
		{
		       #this is win vista or 7 and AD FS 2.0 is an installed product
		       #add the AD FS 2.0 snap-in
		       Add-PsSnapin Microsoft.Adfs.Powershell -ErrorAction SilentlyContinue
			   
			   	If ((!((Get-PSSnapin Microsoft.Adfs.Powershell).Name)) -and (!$StopHere))
				{
					$StopHere = $true
					$labelNotify.Visible = $true
					$labelNotify.ForeColor = "Red"
					$labelNotify.Text = " AD FS 2.0 PowerShell failed to load. "
					$groupboxStep1.Enabled = $false
					$groupboxStep2.Enabled = $false
					$buttonBuild.Enabled = $false
				}
		}
	}

	function Validate-IsIP ([string] $IP)
	{
		$IsIP = $IP -match "\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"

		If (!$IsIP)
		{
			$buttonBuild.Enabled = $false
		}

		Return $IsIP
	}

	function IPTextChanged ()
	{
		#Combine texboxes into single string IP
		$Global:IP = $IPOct1.Text+"."+$IPOct2.Text+"."+$IPOct3.Text+"."+$IPOct4.Text
		#Call function to validate if this is a valid IP address
		$Global:IPIsValid = Validate-IsIP($Global:IP)

		#Change UI if this IP is valid or invalid
		If ($Global:IPIsValid)
		{
			$labelIPNotify.Visible = $false
			$buttonBuild.Enabled = $true
			$labelNotify.Visible = $false
		}
		Else
		{
			$labelIPNotify.Visible = $true
			$labelIPNotify.ForeColor = "Red"
			$labelIPNotify.Text = " Invalid "
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " Please enter a valid IP address "
		}
	}

	function RangeBeginTextChanged ()
	{
		#Combine texboxes into single string IP
		$Global:RangeBeginIP = $RangeOct1.Text+"."+$RangeOct2.Text+"."+$RangeOct3.Text+"."+$RangeOct4.Text
		#Call function to validate if this is a valid IP address
		$Global:RangeBeginIsValid = Validate-IsIP($Global:RangeBeginIP)

		#Change UI if this IP is valid or invalid
		If ($Global:RangeBeginIsValid)
		{
			$labelRangeBeginNotify.Visible = $false
		}
		Else
		{
			$labelRangeBeginNotify.Visible = $true
			$labelRangeBeginNotify.ForeColor = "Red"
			$labelRangeBeginNotify.Text = " Invalid "
		}

		#Change UI if the beginning and the end of the range are both valid
		If (($Global:RangeBeginIsValid) -and ($Global:RangeEndIsValid))
		{
			$buttonBuild.Enabled = $true
			$labelNotify.Visible = $false
		}
		Else
		{
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " Please enter a valid IP address "
		}
	}

	function RangeEndTextChanged ()
	{
		#Combine texboxes into single string IP
		$Global:RangeEndIP = $RangeOct5.Text+"."+$RangeOct6.Text+"."+$RangeOct7.Text+"."+$RangeOct8.Text
		#Call function to validate if this is a valid IP address
		$Global:RangeEndIsValid = Validate-IsIP($Global:RangeEndIP)

		#Change UI if this IP is valid or invalid
		If ($Global:RangeEndIsValid)
		{
			$labelRangeEndNotify.Visible = $false
		}
		Else
		{
			$labelRangeEndNotify.Visible = $true
			$labelRangeEndNotify.ForeColor = "Red"
			$labelRangeEndNotify.Text = " Invalid "
		}

		#Change UI if the beginning and the end of the range are both valid
		If (($Global:RangeBeginIsValid) -and ($Global:RangeEndIsValid))
		{
			$buttonBuild.Enabled = $true
			$labelNotify.Visible = $false
		}
		Else
		{
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " Please enter a valid IP address "
		}
	}

	function BuildIPRegEx ([string] $IPType, [string] $IP, [string] $EndRangeIP)
	{
		If ($IPType -eq "Single")
		{
			$IPArray = $IP.Split(".")
			$RegEx = "\b"+$IPArray[0]+"\."+$IPArray[1]+"\."+$IPArray[2]+"\."+$IPArray[3]+"\b"
		}
		ElseIf ($IPType -eq "Range")
		{
			$RangeIPBeginArray = $IP.Split(".")
			$RangeIPEndArray = $EndRangeIP.Split(".")
			$RegEx = "\b"+$RangeIPBeginArray[0]+"\."+$RangeIPBeginArray[1]+"\."+$RangeIPBeginArray[2]+"\."+$RangeIPBeginArray[3]+"\b"
			$Iterations = ([int]$RangeIPEndArray[3] - [int]$RangeIPBeginArray[3])

			For ($i=1; $i -le $Iterations; $i++)
			{
				$NewEnding = ([int]$RangeIPBeginArray[3] + $i)
				$RegEx = $RegEx + "|\b"+$RangeIPEndArray[0]+"\."+$RangeIPEndArray[1]+"\."+$RangeIPEndArray[2]+"\."+$NewEnding+"\b"
			}
		}
		Else
		{
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " Invalid IP type selected. "
		}

		Return $RegEx
	}

	function ConvertGroupsToSIDs ([string] $GroupString)
	{
		If ($GroupString -match ",")
		{
			$GroupArray = $GroupString.Split(",")
			$Iterations = ($GroupArray.Count -1)
			$FirstGroup = (New-Object system.security.principal.NtAccount($GroupArray[0].Trim())).translate([system.security.principal.securityidentifier])

			If (!$?)
			{
				$FirstGroup = "FAIL"
			}

			$ConvertedGroups = "\b"+$FirstGroup+"\b"

			For ($i=1; $i -le $Iterations; $i++)
			{
				$CurrentGroup = (New-Object system.security.principal.NtAccount($GroupArray[$i].Trim())).translate([system.security.principal.securityidentifier])

				If (!$?)
				{
					$CurrentGroup = "FAIL"
				}

				$ConvertedGroups = $ConvertedGroups+"|\b"+$CurrentGroup+"\b"
			}
		}
		Else
		{
			$GroupString = $GroupString.Trim()
			$ConvertedGroups = (New-Object system.security.principal.NtAccount($GroupString)).translate([system.security.principal.securityidentifier])

			If (!$?)
			{
				$ConvertedGroups = "FAIL"
			}

			$ConvertedGroups = "\b"+$ConvertedGroups+"\b"
		}

		Return $ConvertedGroups
	}

	#region Control Helper Functions
	function Load-ListBox 
	{
	<#
		.SYNOPSIS
			This functions helps you load items into a ListBox.

		.DESCRIPTION
			Use this function to dynamically load items into the ListBox control.

		.PARAMETER  ListBox
			The ListBox control you want to add items to.

		.PARAMETER  Items
			The object or objects you wish to load into the ListBox‘s Items collection.

		.PARAMETER  DisplayMember
			Indicates the property to display for the items in this control.

		.PARAMETER  Append
			Adds the item(s) to the ListBox without clearing the Items collection.

		.EXAMPLE
			Load-ListBox $ListBox1 "Red", "White", "Blue"

		.EXAMPLE
			Load-ListBox $listBox1 "Red" -Append
			Load-ListBox $listBox1 "White" -Append
			Load-ListBox $listBox1 "Blue" -Append

		.EXAMPLE
			Load-ListBox $listBox1 (Get-Process) "ProcessName"
	#>
		Param (
			[Parameter(Mandatory=$true)]
			[System.Windows.Forms.ListBox]$listBox,
			[Parameter(Mandatory=$true)]
			$Items,
		    [Parameter(Mandatory=$false)]
			[string]$DisplayMember,
			[switch]$Append
		)

		if(-not $Append)
		{
			$listBox.Items.Clear()
		}

		if($Items -is [Array])
		{
			$listBox.Items.AddRange($Items)
		}
		else
		{
			$listBox.Items.Add($Items)
		}

		$listBox.DisplayMember = $DisplayMember
	}#endregion

	$buttonCreateClaimTypeRules_Click={
		$buttonCreateClaimTypeRules.Enabled = $false

		#Get the original set of AD CP trust rules to file
		$RulesFile = "$env:TEMP\ADCP_Rules.txt"
		(Get-ADFSClaimsProviderTrust -Name "Active Directory").AcceptanceTransformRules | Out-File $RulesFile

		#Pull the rules into an array
		$OriginalADCPTrustRules = Get-Content $RulesFile

		#Loop through the array looking for any matches for existing Client Access Policy claim types
		foreach ($Line in $OriginalADCPTrustRules)
		{
			If (($Line -match "x-ms-forwarded-client-ip") -or ($Line -match "x-ms-client-application") -or ($Line -match "x-ms-client-user-agent") -or ($Line -match "x-ms-proxy") -or ($Line -match "x-ms-endpoint-absolute-path"))
			{
				$RulesAlreadyExist = $true
			}
		}

		#If the rules do not exist, create them. Else, do nothing.
		If (!($RulesAlreadyExist))
		{
	$ClaimRuleLanguage = @"
@RuleName = "Pass through: x-ms-forwarded-client-ip"
c:[type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip"]    => issue(claim = c);
"@
	$ClaimRuleLanguage | Out-File $RulesFile -Append		

	$ClaimRuleLanguage = @"
@RuleName = "Pass through: x-ms-client-application"
c:[type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application"]    => issue(claim = c);
"@
	$ClaimRuleLanguage | Out-File $RulesFile -Append

	$ClaimRuleLanguage = @"
@RuleName = "Pass through: x-ms-client-user-agent"
c:[type == "p://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent"]    => issue(claim = c);
"@
	$ClaimRuleLanguage | Out-File $RulesFile -Append

	$ClaimRuleLanguage = @"
@RuleName = "Pass through: x-ms-proxy"
c:[type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]    => issue(claim = c);
"@
	$ClaimRuleLanguage | Out-File $RulesFile -Append

	$ClaimRuleLanguage = @"
@RuleName = "Pass through: x-ms-endpoint-absolute-path"
c:[type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path"]    => issue(claim = c);
"@
	$ClaimRuleLanguage | Out-File $RulesFile -Append

			#Set the AD CP Trust with the new rule set
			Set-ADFSClaimsProviderTrust -TargetName "Active Directory" -AcceptanceTransformRulesFile $RulesFile

			If (!$?)
			{
				$labelClaimTypesNotify.Visible = $true
				$labelClaimTypesNotify.ForeColor = "Red"
				$labelClaimTypesNotify.Text = " Could not write to ‘Active Directory‘ CP Trust. "
			}

			Remove-Item $RulesFile
		}
		Else
		{
			$labelClaimTypesNotify.Visible = $true
			$labelClaimTypesNotify.ForeColor = "Red"
			$labelClaimTypesNotify.Text = " Existing rules detected. No action taken. "
		}

		$groupboxStep1.Enabled = $false
		$groupboxStep2.Enabled = $true
		$labelNotify.Visible = $true
		$labelNotify.Text = " Please enter a valid IP address "
		$labelNotify.ForeColor = "Red"
	}

	$radiobuttonBlockAll_CheckedChanged={
		If ($radiobuttonBlockAll.Checked)
		{
	$Global:ClaimRuleLanguage = @"
@RuleName = "Permit Access to All Users"
 => issue(Type = "http://schemas.microsoft.com/authorization/claims/permit", Value = "true");
@RuleName = "Block all external access to Office 365"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
"@
		}
	}

	$radiobuttonBlockExceptEAS_CheckedChanged={
		If ($radiobuttonBlockExceptEAS.Checked)
		{
	$Global:ClaimRuleLanguage = @"
@RuleName = "Permit Access to All Users"
 => issue(Type = "http://schemas.microsoft.com/authorization/claims/permit", Value = "true");
@RuleName = "Block all external access to Office 365 except Exchange ActiveSync"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application",
Value=="Microsoft.Exchange.ActiveSync"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
"@
		}

	}

	$radiobuttonBlockExceptBrowser_CheckedChanged={
		If ($radiobuttonBlockExceptBrowser.Checked)
		{
	$Global:ClaimRuleLanguage = @"
@RuleName = "Permit Access to All Users"
 => issue(Type = "http://schemas.microsoft.com/authorization/claims/permit", Value = "true");
@RuleName = "Block all external access to Office 365 except browser-based applications"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path", Value == "/adfs/ls/"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
"@
		}

	}

	$radiobuttonBlockGroups_CheckedChanged={
		If ($radiobuttonBlockGroups.Checked)
		{
			$labelGroups.Visible = $true
			$textboxGroups.Visible = $true
			$GroupString = $textboxGroups.Text

	$Global:ClaimRuleLanguage = @"
@RuleName = "Permit Access to All Users"
 => issue(Type = "http://schemas.microsoft.com/authorization/claims/permit", Value = "true");
@RuleName = "Block all external access to Office 365 for designated Active Directory groups"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
exists([Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", Value =~ "GroupPlaceholder"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
"@
		}
		Else
		{
			$labelGroups.Visible = $false
			$textboxGroups.Visible = $false
		}

	}

	$radiobuttonBlockOnlyOutlook_CheckedChanged={
		If ($radiobuttonBlockOnlyOutlook.Checked)
		{
	$Global:ClaimRuleLanguage = @"
@RuleName = "Permit Access to All Users"
 => issue(Type = "http://schemas.microsoft.com/authorization/claims/permit", Value = "true");
@RuleName = "Block only external Outlook Clients - Exchange AutoDiscover"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application",
Value=="Microsoft.Exchange.Autodiscover"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path", Value == "/adfs/services/trust/2005/usernamemixed"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
@RuleName = "Block only external Outlook Clients - Exchange OAB"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application",
Value=="Microsoft.Exchange.OfflineAddressBook"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path", Value == "/adfs/services/trust/2005/usernamemixed"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
@RuleName = "Block only external Outlook Clients - Exchange RPC"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application",
Value=="Microsoft.Exchange.RPC"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path", Value == "/adfs/services/trust/2005/usernamemixed"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
@RuleName = "Block only external Outlook Clients - Exchange Web Services"
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-application",
Value=="Microsoft.Exchange.WebServices"]) &&
NOT exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-forwarded-client-ip",
Value=~"IPPlaceholder"]) &&
exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-endpoint-absolute-path", Value == "/adfs/services/trust/2005/usernamemixed"])
=> issue(Type = "http://schemas.microsoft.com/authorization/claims/deny", Value = "true");
"@
		}

	}

	$radiobuttonSingleIP_CheckedChanged={
		If ($radiobuttonSingleIP.Checked)
		{
			#Enable/Disable textboxes for IP entry
			$RangeOct1.Enabled = $false
			$RangeOct2.Enabled = $false
			$RangeOct3.Enabled = $false
			$RangeOct4.Enabled = $false
			$RangeOct5.Enabled = $false
			$RangeOct6.Enabled = $false
			$RangeOct7.Enabled = $false
			$RangeOct8.Enabled = $false
			$IPOct1.Enabled = $true
			$IPOct2.Enabled = $true
			$IPOct3.Enabled = $true
			$IPOct4.Enabled = $true

			#Clear error notifications
			$labelNotify.Visible = $false
			$labelRangeBeginNotify.Visible = $false
			$labelRangeEndNotify.Visible = $false
			$labelIPNotify.Visible = $false

			IPTextChanged
		}

	}

	$radiobuttonIPRange_CheckedChanged={
		If ($radiobuttonIPRange.Checked)
		{
			#Enable/Disable texboxes for IP entry
			$IPOct1.Enabled = $false
			$IPOct2.Enabled = $false
			$IPOct3.Enabled = $false
			$IPOct4.Enabled = $false
			$RangeOct1.Enabled = $true
			$RangeOct2.Enabled = $true
			$RangeOct3.Enabled = $true
			$RangeOct4.Enabled = $true
			$RangeOct5.Enabled = $false
			$RangeOct6.Enabled = $false
			$RangeOct7.Enabled = $false
			$RangeOct8.Enabled = $true

			#Clear error notifications
			$labelNotify.Visible = $false
			$labelRangeBeginNotify.Visible = $false
			$labelRangeEndNotify.Visible = $false
			$labelIPNotify.Visible = $false

			RangeBeginTextChanged
			RangeEndTextChanged
		}
	}

	$buttonHelp_Click={
		$buttonHelp.Enabled = $false
		Start-Process -FilePath "$Env:ProgramFiles\Internet Explorer\iexplore.exe" -ArgumentList "http://technet.microsoft.com/en-us/library/hh526961(v=ws.10).aspx"
		$buttonHelp.Enabled = $true
		If (!$?)
		{
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " Internet Explorer failed to load Help "
		}
	}

	$buttonBuild_Click={
		$buttonBuild.Text = "Working..."
		$buttonBuild.Enabled = $false
		$StopHere = $false

		If ($radiobuttonBlockGroups.Checked)
		{
			$labelGroups.Visible = $true
			$textboxGroups.Visible = $true
			$GroupString = $textboxGroups.Text

			$ConvertedGroups = ConvertGroupsToSIDs $GroupString

			If ($ConvertedGroups -match "FAIL")
			{
				$StopHere = $true
				$labelNotify.Visible = $true
				$labelNotify.ForeColor = "Red"
				$labelNotify.Text = " Group to SID translation failed. Check group names. "
			}
		}

		If (!$StopHere)
		{
			If ($radiobuttonSingleIP.Checked)
			{
				$RegEx = BuildIPRegEx "Single" $Global:IP "foo"
			}
			ElseIf ($radiobuttonIPRange.Checked)
			{
				$RegEx = BuildIPRegEx "Range" $Global:RangeBeginIP $Global:RangeEndIP
			}
			Else
			{
				$labelNotify.Visible = $true
				$labelNotify.ForeColor = "Red"
				$labelNotify.Text = " Invalid IP button selection. "
			}

			$RuleToWrite = $Global:ClaimRuleLanguage.Replace("IPPlaceholder", $RegEx)
			$RuleToWrite = $RuleToWrite.Replace("GroupPlaceholder",$ConvertedGroups)

			Set-AdfsRelyingPartyTrust -TargetName "Microsoft Office 365 Identity Platform" -IssuanceAuthorizationRules $RuleToWrite

			If (!$?)
			{
				$labelNotify.Visible = $true
				$labelNotify.ForeColor = "Red"
				$labelNotify.Text = " Could not write to ‘Microsoft Office 365 Identity Platform‘ RP Trust. "
			}
			Else
			{
				$labelNotify.Visible = $true
				$labelNotify.ForeColor = "Green"
				$labelNotify.Text = " Success! Please verify the rule(s). Click Help for more information. "
			}
		}

		$buttonBuild.Text = "Build"
		$buttonBuild.Enabled = $true

	}

	$IPOct1_TextChanged={
		IPTextChanged
	}

	$IPOct2_TextChanged={
		IPTextChanged
	}

	$IPOct3_TextChanged={
		IPTextChanged
	}

	$IPOct4_TextChanged={
		IPTextChanged
	}

	$RangeOct1_TextChanged={
		RangeBeginTextChanged
		$RangeOct5.Text = $RangeOct1.Text
	}

	$RangeOct2_TextChanged={
		RangeBeginTextChanged
		$RangeOct6.Text = $RangeOct2.Text
	}

	$RangeOct3_TextChanged={
		RangeBeginTextChanged
		$RangeOct7.Text = $RangeOct3.Text
	}

	$RangeOct4_TextChanged={
		RangeBeginTextChanged
	}

	$RangeOct5_TextChanged={
		RangeEndTextChanged
	}

	$RangeOct6_TextChanged={
		RangeEndTextChanged
	}

	$RangeOct7_TextChanged={
		RangeEndTextChanged
	}

	$RangeOct8_TextChanged={
		#Combine texboxes into single string IP
		$Global:RangeEndIP = $RangeOct5.Text+"."+$RangeOct6.Text+"."+$RangeOct7.Text+"."+$RangeOct8.Text
		#Call function to validate if this is a valid IP address
		$Global:RangeEndIsValid = Validate-IsIP($Global:RangeEndIP)

		#Change UI if this IP is valid or invalid
		If (($Global:RangeEndIsValid) -and ([int]$RangeOct8.Text -gt [int]$RangeOct4.Text))
		{
			$labelRangeEndNotify.Visible = $false
		}
		Else
		{
			$labelRangeEndNotify.Visible = $true
			$labelRangeEndNotify.ForeColor = "Red"
			$labelRangeEndNotify.Text = " Invalid "
		}

		#Change UI if the beginning and the end of the range are both valid
		If (($Global:RangeBeginIsValid) -and ($Global:RangeEndIsValid) -and ([int]$RangeOct8.Text -gt [int]$RangeOct4.Text))
		{
			$buttonBuild.Enabled = $true
			$labelNotify.Visible = $false
		}
		Else
		{
			$labelNotify.Visible = $true
			$labelNotify.ForeColor = "Red"
			$labelNotify.Text = " Please enter a valid IP address "
		}
	}

	$textboxGroups_TextChanged={
		$GroupString = $textboxGroups.Text

	}
		# --End User Generated Script--
	#----------------------------------------------
	#region Generated Events
	#----------------------------------------------

	$Form_StateCorrection_Load=
	{
		#Correct the initial state of the form to prevent the .Net maximized form issue
		$MainForm.WindowState = $InitialFormWindowState
	}

	$Form_StoreValues_Closing=
	{
		#Store the control values
		$script:MainForm_textboxGroups = $textboxGroups.Text
		$script:MainForm_RangeOct8 = $RangeOct8.Text
		$script:MainForm_RangeOct7 = $RangeOct7.Text
		$script:MainForm_RangeOct6 = $RangeOct6.Text
		$script:MainForm_RangeOct5 = $RangeOct5.Text
		$script:MainForm_RangeOct4 = $RangeOct4.Text
		$script:MainForm_RangeOct3 = $RangeOct3.Text
		$script:MainForm_RangeOct2 = $RangeOct2.Text
		$script:MainForm_RangeOct1 = $RangeOct1.Text
		$script:MainForm_IPOct4 = $IPOct4.Text
		$script:MainForm_IPOct3 = $IPOct3.Text
		$script:MainForm_IPOct2 = $IPOct2.Text
		$script:MainForm_IPOct1 = $IPOct1.Text
		$script:MainForm_radiobuttonIPRange = $radiobuttonIPRange.Checked
		$script:MainForm_radiobuttonSingleIP = $radiobuttonSingleIP.Checked
		$script:MainForm_radiobuttonBlockOnlyOutlook = $radiobuttonBlockOnlyOutlook.Checked
		$script:MainForm_radiobuttonBlockExceptEAS = $radiobuttonBlockExceptEAS.Checked
		$script:MainForm_radiobuttonBlockExceptBrowser = $radiobuttonBlockExceptBrowser.Checked
		$script:MainForm_radiobuttonBlockAll = $radiobuttonBlockAll.Checked
		$script:MainForm_radiobuttonBlockGroups = $radiobuttonBlockGroups.Checked
	}

	$Form_Cleanup_FormClosed=
	{
		#Remove all event handlers from the controls
		try
		{
			$buttonBuild.remove_Click($buttonBuild_Click)
			$buttonHelp.remove_Click($buttonHelp_Click)
			$textboxGroups.remove_TextChanged($textboxGroups_TextChanged)
			$RangeOct8.remove_TextChanged($RangeOct8_TextChanged)
			$RangeOct7.remove_TextChanged($RangeOct7_TextChanged)
			$RangeOct6.remove_TextChanged($RangeOct6_TextChanged)
			$RangeOct5.remove_TextChanged($RangeOct5_TextChanged)
			$RangeOct4.remove_TextChanged($RangeOct4_TextChanged)
			$RangeOct3.remove_TextChanged($RangeOct3_TextChanged)
			$RangeOct2.remove_TextChanged($RangeOct2_TextChanged)
			$RangeOct1.remove_TextChanged($RangeOct1_TextChanged)
			$IPOct4.remove_TextChanged($IPOct4_TextChanged)
			$IPOct3.remove_TextChanged($IPOct3_TextChanged)
			$IPOct2.remove_TextChanged($IPOct2_TextChanged)
			$IPOct1.remove_TextChanged($IPOct1_TextChanged)
			$radiobuttonIPRange.remove_CheckedChanged($radiobuttonIPRange_CheckedChanged)
			$radiobuttonSingleIP.remove_CheckedChanged($radiobuttonSingleIP_CheckedChanged)
			$radiobuttonBlockOnlyOutlook.remove_CheckedChanged($radiobuttonBlockOnlyOutlook_CheckedChanged)
			$radiobuttonBlockExceptEAS.remove_CheckedChanged($radiobuttonBlockExceptEAS_CheckedChanged)
			$radiobuttonBlockExceptBrowser.remove_CheckedChanged($radiobuttonBlockExceptBrowser_CheckedChanged)
			$radiobuttonBlockAll.remove_CheckedChanged($radiobuttonBlockAll_CheckedChanged)
			$radiobuttonBlockGroups.remove_CheckedChanged($radiobuttonBlockGroups_CheckedChanged)
			$buttonCreateClaimTypeRules.remove_Click($buttonCreateClaimTypeRules_Click)
			$MainForm.remove_Load($OnLoadFormEvent)
			$MainForm.remove_Load($Form_StateCorrection_Load)
			$MainForm.remove_Closing($Form_StoreValues_Closing)
			$MainForm.remove_FormClosed($Form_Cleanup_FormClosed)
		}
		catch [Exception]
		{ }
	}
	#endregion Generated Events

	#----------------------------------------------
	#region Generated Form Code
	#----------------------------------------------
	#
	# MainForm
	#
	$MainForm.Controls.Add($buttonBuild)
	$MainForm.Controls.Add($buttonHelp)
	$MainForm.Controls.Add($labelNotify)
	$MainForm.Controls.Add($groupboxStep2)
	$MainForm.Controls.Add($groupboxStep1)
	$MainForm.ClientSize = ‘536, 604‘
	$MainForm.FormBorderStyle = ‘Fixed3D‘
	#region Binary Data
	$MainForm.Icon = [System.Convert]::FromBase64String(‘AAABAAEAHh4AAAEAGABoCwAAFgAAACgAAAAeAAAAPAAAAAEAGAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAD//////////v7+///+/v7+/v79/fz+/f3+/v7+/v3+/v3+/v7+/v79/f3+/v7+/v7////+
/v7////////////////////////////////////////+/v7///8AAP////////////3+/vn7+uvt
7uLj5eLj5eLj5OLi5eLh5OLg5uHg5ePg5O7r5/b29f7+/v//////////////////////////////
//////////////////7+/gAA///////////////+ttH3Qoj0Q4juQ4ntQ4rsRYvrRojrSIbqSILp
S4Dogp7a2dja+Pj4/////v77/Pr1+Pbx+Pbx+PXx+PXx+Pbx+PXx9/Xx+fn5////////AAD/////
/////v7///+VvfcAX/4AZ/8AZv8AZ/4Aaf8Aaf4AY/4AXv4AW/0WYPSjtNby8vH+/v3W2+2UpOKQ
od2RpN6PqduOrd2NrdyOr9yYrdve3d7Y2Njk5OQAAP////////7//////5i+9gBh/yV08Wyc7Hur
9nys+Hys93ys+Hyo9wdi+gdh+JKt2PHy79Tc+AI++gBF/wBH/gBK/gBN/QBQ/ABT/ABW/B178MzH
y4eHh8HBwQAA////////////////l772AGf/Sonn397g///7///+///+///+///9I3b7BGj5k67X
9/Tufpv4AD3+F1T2M2X4N2r8OGn8Omv8KF/7Ak39HnLv0c3Qt7e22NjYAAD////////+//////+X
v/UAbv9IjOna3OP8/Pz//////v////////4hePsDbfqTsNj29O99ofkAPf9rht/t6eT///r///z/
//u3xPYGTP0eb+7Z1Nj///7///8AAP///////////////5nC9AB3/0qP6tvd5Pz8/P//////////
/////iJ3+wJr+pGw2Pbz74Gp+QBF/22K3+vp5/7+/v///////7bE+QZL/h5p79nV1/v6+v///wAA
///////////+////nMX1AH7/SpPq3d7l/Pz8////////////////I3b7AWf7ka7Z9vTvhbD5AE7/
bo3g6+ro/v7+////////tcP5BUr+G2Pw2tbX+vr6////AAD//////////v////6eyvQAhv9Ll+ra
3OH49/X7+vj6+fj6+fj//vtIi/kBYfqUsN338++HtvkAVPuGouj08/P+/fz8/Pv///qzwfUFSv0b
W/HZ19b6+vr///8AAP///////////////6HM8wCP/zaS752236zC5qzC5qnB5cPO3+jm5OHo9EmK
96C76/z59Ym7+FmT9OXp8f779szU7MDI4sXK34WZ6ARL/BpS9NrY2Pr6+f///wAA////////////
///+rdL1AJf8BJD7E435FIr5E4b4EYL5IoXyrsHW6ebi3ej14ev4/f780+b56vH5///4jK/zImz4
H2X0IF/0FFH2AEj8HVDz7Onj/f38////AAD////////////////2+v1SrfYOmvgQl/kKkfsGifsA
gvsAevwKe/fB0+n7+vf+/v7+/v7+/v7///2cw/gVbvsDYvwAWfwATvwAQ/sFQPmptvD9/Pb/////
//8AAP////7+/v////7+/v///v//+/X1+fHz+fPz+fLz+fLy+fHy+PHy+e7z+f39/P7+/v////7/
//v9/fH2+u/z9/Dy9u/y9u/x9+/x9/379v7/+/3+/f////7+/gAA///+/////v7////88PH05ebv
5ebt5Obt5Obu5ebt5eXs4+Tr4ePq4OXt9/f3/v7+///////++f397PH34eTq293k2tzj29zj3d3j
6+nk9fX2/v7+////////AAD+//////7///2p0vZFqvc8p/Y8p/U8p/U8pfU9pvQ+pvQ/qPIzpfKe
y+r8+Pb+/v7+/v7+//73+/yIufc7hvI5ge86fe87eO47cu17l9vi4Nz7+/v////+/v4AAP//////
/unx+iSo+gGi/QCn/wCq/wCq/gCl/gCh/gCa/wCS/Wm99PDy9Pz6+Pb08/n5+f37+/j39ebv+TSK
+gBl/QBb/wBT/wBM/Q1U+NjWz/j4+P///////wAA///+////2Or6Frj+Abv9O731b873b9H7b9H6
b876bMr6kdP59/r4+fv5qtXzq83m+vf0i8r4stLm7uzq7fT6w9r5xNn3lbj1E2X8BVr82NXP+Pj3
////////AAD+///////Y7PsWy/0Fz/yg1uv//Pb///////7///////7///7//v2r3PcQmfiZw+P7
9vN6yvoQovW0zd/49vT///7///7N4PscdvwEZf3Y0874+Pf///////8AAP///////9ju+hrZ/g3c
/prX6v/5+P////////////////7////+/Qqw+gOa+p3E5Pv283vO+gCj/nm76Pbz8f///////8nh
/BqB/QRv/dnTz/j49////////wAA////////2PD7JeD9GOH+mtjq/vn4////////////////////
///+ALn9Baf7nsfl/Pf0gtX6AKz/fL7o8+/s+vn3/fr3xt73Goz8Anj92NTO+Pj3////////AAD/
///////Z7/st5P4j5/2c2ev++Pj//////////////////////v4AxvwFs/yey+X89/aJ2foAtP5b
seewxN6wxuGvyOCJuuQTk/oBgv7Y1M74+Pf///////8AAP///////9fx+kDq/Sns/Z7a6/759///
///////////////////+/QDO/QW9+5/O5/v39Zfg+QC//AC5/wCw/wCr/wCk/wCe/wCa/wCN/t7Z
1Pn5+P///////wAA////////1/H7U+79J+/+ndrq/fj2/v7+/v7+/v7+/v7+/v7+//z8AdL9BcX7
n8/m+PX14PT7bdf5V9H6Vc37Ucr6TcX6TMH7TLz6S7X79PHu/Pz8/////v7+AAD////////W8Pth
8fwn8f6g1OT66OX67ev67ez57Ov57Ov67ev66+oC1f4Fyvue0ef29fX////1+/3v+fzw+P3v+P3u
+P3v+P3u+P3v+P3+/v7+/v7///////8AAP///////9bw+2ry/STz/i7h+Dnh+Trk+Tjj+Tjj+Tbh
+DXe+CrY+Q3d/wbL/KDU6vn39////////v///v////////////////////////////////7+/v//
/wAA////////1fD6dPD8M/L+NfX9Nvb9M/X+LPX9J/L9Je39I+n9F+P9Dtv+Js/6xOPx/fz8////
////////////////////////////////////////////////AAD///////7l9vu67vq37/y28Pux
8Pup7/ud7/uP7fyG6/yF6fuA5vt94vm86fj9+/v+/v7+/v7/////////////////////////////
//////////////////8AAP/+//7+/v///v///v///v///v///v///v///v///v///v///v///v//
/f///v7+/v7+/v///////////////////////////////////////////////////wAA/v/+//7/
////////////////////////////////////////////////////////////////////////////
////////////////////////////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=‘)
	#endregion
	$MainForm.Name = "MainForm"
	$MainForm.StartPosition = ‘CenterScreen‘
	$MainForm.Text = "Office 365 - Client Access Policy Builder"
	$MainForm.add_Load($OnLoadFormEvent)
	#
	# buttonBuild
	#
	$buttonBuild.Location = ‘476, 572‘
	$buttonBuild.Name = "buttonBuild"
	$buttonBuild.Size = ‘50, 23‘
	$buttonBuild.TabIndex = 23
	$buttonBuild.Text = "Build"
	$buttonBuild.UseVisualStyleBackColor = $True
	$buttonBuild.add_Click($buttonBuild_Click)
	#
	# buttonHelp
	#
	$buttonHelp.Location = ‘420, 572‘
	$buttonHelp.Name = "buttonHelp"
	$buttonHelp.Size = ‘50, 23‘
	$buttonHelp.TabIndex = 24
	$buttonHelp.Text = "Help"
	$buttonHelp.UseVisualStyleBackColor = $True
	$buttonHelp.add_Click($buttonHelp_Click)
	#
	# labelNotify
	#
	$labelNotify.Location = ‘13, 572‘
	$labelNotify.Name = "labelNotify"
	$labelNotify.Size = ‘372, 23‘
	$labelNotify.TabIndex = 25
	#
	# groupboxStep2
	#
	$groupboxStep2.Controls.Add($labelGroups)
	$groupboxStep2.Controls.Add($textboxGroups)
	$groupboxStep2.Controls.Add($groupboxIPSelection)
	$groupboxStep2.Controls.Add($radiobuttonBlockOnlyOutlook)
	$groupboxStep2.Controls.Add($labelChooseOneOfTheExampl)
	$groupboxStep2.Controls.Add($radiobuttonBlockExceptEAS)
	$groupboxStep2.Controls.Add($radiobuttonBlockExceptBrowser)
	$groupboxStep2.Controls.Add($radiobuttonBlockAll)
	$groupboxStep2.Controls.Add($radiobuttonBlockGroups)
	$groupboxStep2.Location = ‘13, 133‘
	$groupboxStep2.Name = "groupboxStep2"
	$groupboxStep2.Size = ‘513, 431‘
	$groupboxStep2.TabIndex = 9
	$groupboxStep2.TabStop = $False
	$groupboxStep2.Text = "Step 2"
	#
	# labelGroups
	#
	$labelGroups.Location = ‘37, 187‘
	$labelGroups.Name = "labelGroups"
	$labelGroups.Size = ‘161, 23‘
	$labelGroups.TabIndex = 12
	$labelGroups.Text = "Separate groups with commas:"
	#
	# textboxGroups
	#
	$textboxGroups.Location = ‘220, 184‘
	$textboxGroups.Name = "textboxGroups"
	$textboxGroups.Size = ‘159, 20‘
	$textboxGroups.TabIndex = 11
	$textboxGroups.Text = "domain\group1, domain\group2"
	$textboxGroups.add_TextChanged($textboxGroups_TextChanged)
	#
	# groupboxIPSelection
	#
	$groupboxIPSelection.Controls.Add($labelIPExplanation)
	$groupboxIPSelection.Controls.Add($labelRangeEndNotify)
	$groupboxIPSelection.Controls.Add($labelRangeBeginNotify)
	$groupboxIPSelection.Controls.Add($labelIPNotify)
	$groupboxIPSelection.Controls.Add($labelRangeHyphen)
	$groupboxIPSelection.Controls.Add($label9)
	$groupboxIPSelection.Controls.Add($label8)
	$groupboxIPSelection.Controls.Add($label7)
	$groupboxIPSelection.Controls.Add($label6)
	$groupboxIPSelection.Controls.Add($label5)
	$groupboxIPSelection.Controls.Add($label4)
	$groupboxIPSelection.Controls.Add($label3)
	$groupboxIPSelection.Controls.Add($label2)
	$groupboxIPSelection.Controls.Add($label1)
	$groupboxIPSelection.Controls.Add($RangeOct8)
	$groupboxIPSelection.Controls.Add($RangeOct7)
	$groupboxIPSelection.Controls.Add($RangeOct6)
	$groupboxIPSelection.Controls.Add($RangeOct5)
	$groupboxIPSelection.Controls.Add($RangeOct4)
	$groupboxIPSelection.Controls.Add($RangeOct3)
	$groupboxIPSelection.Controls.Add($RangeOct2)
	$groupboxIPSelection.Controls.Add($RangeOct1)
	$groupboxIPSelection.Controls.Add($IPOct4)
	$groupboxIPSelection.Controls.Add($IPOct3)
	$groupboxIPSelection.Controls.Add($IPOct2)
	$groupboxIPSelection.Controls.Add($IPOct1)
	$groupboxIPSelection.Controls.Add($radiobuttonIPRange)
	$groupboxIPSelection.Controls.Add($radiobuttonSingleIP)
	$groupboxIPSelection.Location = ‘7, 241‘
	$groupboxIPSelection.Name = "groupboxIPSelection"
	$groupboxIPSelection.Size = ‘496, 183‘
	$groupboxIPSelection.TabIndex = 10
	$groupboxIPSelection.TabStop = $False
	$groupboxIPSelection.Text = "IP Selection"
	#
	# labelIPExplanation
	#
	$labelIPExplanation.Location = ‘7, 115‘
	$labelIPExplanation.Name = "labelIPExplanation"
	$labelIPExplanation.Size = ‘483, 65‘
	$labelIPExplanation.TabIndex = 27
	$labelIPExplanation.Text = "The x-ms-forwarded-client-ip claim is populated from an HTTP header that is currently set only by Exchange Online, which populates the header when passing the authentication request to AD FS. The value of the claim may be a single IPV4 address or a IPV4 address range. Currently, this tool allows only a range in the last octet of the IPV4 address. For more information, click Help."
	#
	# labelRangeEndNotify
	#
	$labelRangeEndNotify.Location = ‘379, 83‘
	$labelRangeEndNotify.Name = "labelRangeEndNotify"
	$labelRangeEndNotify.Size = ‘111, 23‘
	$labelRangeEndNotify.TabIndex = 26
	#
	# labelRangeBeginNotify
	#
	$labelRangeBeginNotify.Location = ‘391, 58‘
	$labelRangeBeginNotify.Name = "labelRangeBeginNotify"
	$labelRangeBeginNotify.Size = ‘99, 23‘
	$labelRangeBeginNotify.TabIndex = 25
	#
	# labelIPNotify
	#
	$labelIPNotify.Location = ‘378, 25‘
	$labelIPNotify.Name = "labelIPNotify"
	$labelIPNotify.Size = ‘111, 23‘
	$labelIPNotify.TabIndex = 24
	#
	# labelRangeHyphen
	#
	$labelRangeHyphen.Font = "Microsoft Sans Serif, 14pt"
	$labelRangeHyphen.Location = ‘378, 50‘
	$labelRangeHyphen.Name = "labelRangeHyphen"
	$labelRangeHyphen.Size = ‘47, 23‘
	$labelRangeHyphen.TabIndex = 23
	$labelRangeHyphen.Text = "-"
	#
	# label9
	#
	$label9.Location = ‘323, 80‘
	$label9.Name = "label9"
	$label9.Size = ‘10, 23‘
	$label9.TabIndex = 22
	$label9.Text = "."
	#
	# label8
	#
	$label8.Location = ‘213, 80‘
	$label8.Name = "label8"
	$label8.Size = ‘10, 23‘
	$label8.TabIndex = 21
	$label8.Text = "."
	#
	# label7
	#
	$label7.Location = ‘324, 55‘
	$label7.Name = "label7"
	$label7.Size = ‘10, 23‘
	$label7.TabIndex = 20
	$label7.Text = "."
	#
	# label6
	#
	$label6.Location = ‘269, 55‘
	$label6.Name = "label6"
	$label6.Size = ‘10, 23‘
	$label6.TabIndex = 19
	$label6.Text = "."
	#
	# label5
	#
	$label5.Location = ‘268, 80‘
	$label5.Name = "label5"
	$label5.Size = ‘10, 23‘
	$label5.TabIndex = 18
	$label5.Text = "."
	#
	# label4
	#
	$label4.Location = ‘214, 55‘
	$label4.Name = "label4"
	$label4.Size = ‘10, 23‘
	$label4.TabIndex = 17
	$label4.Text = "."
	#
	# label3
	#
	$label3.Location = ‘323, 22‘
	$label3.Name = "label3"
	$label3.Size = ‘10, 23‘
	$label3.TabIndex = 16
	$label3.Text = "."
	#
	# label2
	#
	$label2.Location = ‘268, 22‘
	$label2.Name = "label2"
	$label2.Size = ‘10, 23‘
	$label2.TabIndex = 15
	$label2.Text = "."
	#
	# label1
	#
	$label1.Location = ‘214, 22‘
	$label1.Name = "label1"
	$label1.Size = ‘10, 23‘
	$label1.TabIndex = 14
	$label1.Text = "."
	#
	# RangeOct8
	#
	$RangeOct8.Location = ‘339, 80‘
	$RangeOct8.Name = "RangeOct8"
	$RangeOct8.Size = ‘33, 20‘
	$RangeOct8.TabIndex = 13
	$RangeOct8.add_TextChanged($RangeOct8_TextChanged)
	#
	# RangeOct7
	#
	$RangeOct7.Location = ‘284, 80‘
	$RangeOct7.Name = "RangeOct7"
	$RangeOct7.Size = ‘33, 20‘
	$RangeOct7.TabIndex = 12
	$RangeOct7.add_TextChanged($RangeOct7_TextChanged)
	#
	# RangeOct6
	#
	$RangeOct6.Location = ‘229, 80‘
	$RangeOct6.Name = "RangeOct6"
	$RangeOct6.Size = ‘33, 20‘
	$RangeOct6.TabIndex = 11
	$RangeOct6.add_TextChanged($RangeOct6_TextChanged)
	#
	# RangeOct5
	#
	$RangeOct5.Location = ‘175, 80‘
	$RangeOct5.Name = "RangeOct5"
	$RangeOct5.Size = ‘33, 20‘
	$RangeOct5.TabIndex = 10
	$RangeOct5.add_TextChanged($RangeOct5_TextChanged)
	#
	# RangeOct4
	#
	$RangeOct4.Location = ‘339, 54‘
	$RangeOct4.Name = "RangeOct4"
	$RangeOct4.Size = ‘33, 20‘
	$RangeOct4.TabIndex = 9
	$RangeOct4.add_TextChanged($RangeOct4_TextChanged)
	#
	# RangeOct3
	#
	$RangeOct3.Location = ‘284, 55‘
	$RangeOct3.Name = "RangeOct3"
	$RangeOct3.Size = ‘33, 20‘
	$RangeOct3.TabIndex = 8
	$RangeOct3.add_TextChanged($RangeOct3_TextChanged)
	#
	# RangeOct2
	#
	$RangeOct2.Location = ‘229, 55‘
	$RangeOct2.Name = "RangeOct2"
	$RangeOct2.Size = ‘33, 20‘
	$RangeOct2.TabIndex = 7
	$RangeOct2.add_TextChanged($RangeOct2_TextChanged)
	#
	# RangeOct1
	#
	$RangeOct1.Location = ‘175, 55‘
	$RangeOct1.Name = "RangeOct1"
	$RangeOct1.Size = ‘33, 20‘
	$RangeOct1.TabIndex = 6
	$RangeOct1.add_TextChanged($RangeOct1_TextChanged)
	#
	# IPOct4
	#
	$IPOct4.Location = ‘339, 23‘
	$IPOct4.Name = "IPOct4"
	$IPOct4.Size = ‘33, 20‘
	$IPOct4.TabIndex = 5
	$IPOct4.add_TextChanged($IPOct4_TextChanged)
	#
	# IPOct3
	#
	$IPOct3.Location = ‘284, 22‘
	$IPOct3.Name = "IPOct3"
	$IPOct3.Size = ‘33, 20‘
	$IPOct3.TabIndex = 4
	$IPOct3.add_TextChanged($IPOct3_TextChanged)
	#
	# IPOct2
	#
	$IPOct2.Location = ‘229, 22‘
	$IPOct2.Name = "IPOct2"
	$IPOct2.Size = ‘33, 20‘
	$IPOct2.TabIndex = 3
	$IPOct2.add_TextChanged($IPOct2_TextChanged)
	#
	# IPOct1
	#
	$IPOct1.Location = ‘175, 22‘
	$IPOct1.Name = "IPOct1"
	$IPOct1.Size = ‘33, 20‘
	$IPOct1.TabIndex = 2
	$IPOct1.add_TextChanged($IPOct1_TextChanged)
	#
	# radiobuttonIPRange
	#
	$radiobuttonIPRange.Location = ‘7, 51‘
	$radiobuttonIPRange.Name = "radiobuttonIPRange"
	$radiobuttonIPRange.Size = ‘160, 24‘
	$radiobuttonIPRange.TabIndex = 1
	$radiobuttonIPRange.TabStop = $True
	$radiobuttonIPRange.Text = "External IP address range"
	$radiobuttonIPRange.UseVisualStyleBackColor = $True
	$radiobuttonIPRange.add_CheckedChanged($radiobuttonIPRange_CheckedChanged)
	#
	# radiobuttonSingleIP
	#
	$radiobuttonSingleIP.Location = ‘7, 20‘
	$radiobuttonSingleIP.Name = "radiobuttonSingleIP"
	$radiobuttonSingleIP.Size = ‘160, 24‘
	$radiobuttonSingleIP.TabIndex = 0
	$radiobuttonSingleIP.TabStop = $True
	$radiobuttonSingleIP.Text = "Single external IP address"
	$radiobuttonSingleIP.UseVisualStyleBackColor = $True
	$radiobuttonSingleIP.add_CheckedChanged($radiobuttonSingleIP_CheckedChanged)
	#
	# radiobuttonBlockOnlyOutlook
	#
	$radiobuttonBlockOnlyOutlook.Location = ‘7, 210‘
	$radiobuttonBlockOnlyOutlook.Name = "radiobuttonBlockOnlyOutlook"
	$radiobuttonBlockOnlyOutlook.Size = ‘489, 24‘
	$radiobuttonBlockOnlyOutlook.TabIndex = 9
	$radiobuttonBlockOnlyOutlook.TabStop = $True
	$radiobuttonBlockOnlyOutlook.Text = "Block only external Outlook clients"
	$radiobuttonBlockOnlyOutlook.UseVisualStyleBackColor = $True
	$radiobuttonBlockOnlyOutlook.add_CheckedChanged($radiobuttonBlockOnlyOutlook_CheckedChanged)
	#
	# labelChooseOneOfTheExampl
	#
	$labelChooseOneOfTheExampl.Location = ‘7, 20‘
	$labelChooseOneOfTheExampl.Name = "labelChooseOneOfTheExampl"
	$labelChooseOneOfTheExampl.Size = ‘497, 44‘
	$labelChooseOneOfTheExampl.TabIndex = 8
	$labelChooseOneOfTheExampl.Text = "Choose one of the example scenarios below to configure the claim rules on the Microsoft Office 365 Identity Platform relying party trust that best meets the needs of your organization, enter an external IP address or external IP address range, and click the Build button."
	#
	# radiobuttonBlockExceptEAS
	#
	$radiobuttonBlockExceptEAS.Location = ‘7, 97‘
	$radiobuttonBlockExceptEAS.Name = "radiobuttonBlockExceptEAS"
	$radiobuttonBlockExceptEAS.Size = ‘489, 33‘
	$radiobuttonBlockExceptEAS.TabIndex = 5
	$radiobuttonBlockExceptEAS.TabStop = $True
	$radiobuttonBlockExceptEAS.Text = "Block all external access to Office 365, except Exchange ActiveSync"
	$radiobuttonBlockExceptEAS.UseVisualStyleBackColor = $True
	$radiobuttonBlockExceptEAS.add_CheckedChanged($radiobuttonBlockExceptEAS_CheckedChanged)
	#
	# radiobuttonBlockExceptBrowser
	#
	$radiobuttonBlockExceptBrowser.Location = ‘7, 127‘
	$radiobuttonBlockExceptBrowser.Name = "radiobuttonBlockExceptBrowser"
	$radiobuttonBlockExceptBrowser.Size = ‘489, 35‘
	$radiobuttonBlockExceptBrowser.TabIndex = 6
	$radiobuttonBlockExceptBrowser.TabStop = $True
	$radiobuttonBlockExceptBrowser.Text = "Block all external access to Office 365, except for browser-based applications such as Outlook Web Access or SharePoint Online"
	$radiobuttonBlockExceptBrowser.UseVisualStyleBackColor = $True
	$radiobuttonBlockExceptBrowser.add_CheckedChanged($radiobuttonBlockExceptBrowser_CheckedChanged)
	#
	# radiobuttonBlockAll
	#
	$radiobuttonBlockAll.Location = ‘7, 67‘
	$radiobuttonBlockAll.Name = "radiobuttonBlockAll"
	$radiobuttonBlockAll.Size = ‘489, 24‘
	$radiobuttonBlockAll.TabIndex = 4
	$radiobuttonBlockAll.TabStop = $True
	$radiobuttonBlockAll.Text = "Block all external access to Office 365"
	$radiobuttonBlockAll.UseVisualStyleBackColor = $True
	$radiobuttonBlockAll.add_CheckedChanged($radiobuttonBlockAll_CheckedChanged)
	#
	# radiobuttonBlockGroups
	#
	$radiobuttonBlockGroups.Location = ‘7, 158‘
	$radiobuttonBlockGroups.Name = "radiobuttonBlockGroups"
	$radiobuttonBlockGroups.Size = ‘489, 35‘
	$radiobuttonBlockGroups.TabIndex = 7
	$radiobuttonBlockGroups.TabStop = $True
	$radiobuttonBlockGroups.Text = "Block all external access to Office 365 for members of designated Active Directory groups"
	$radiobuttonBlockGroups.UseVisualStyleBackColor = $True
	$radiobuttonBlockGroups.add_CheckedChanged($radiobuttonBlockGroups_CheckedChanged)
	#
	# groupboxStep1
	#
	$groupboxStep1.Controls.Add($labelClaimTypesNotify)
	$groupboxStep1.Controls.Add($labelAfterTheUpdateRollup)
	$groupboxStep1.Controls.Add($buttonCreateClaimTypeRules)
	$groupboxStep1.Location = ‘13, 13‘
	$groupboxStep1.Name = "groupboxStep1"
	$groupboxStep1.Size = ‘510, 114‘
	$groupboxStep1.TabIndex = 8
	$groupboxStep1.TabStop = $False
	$groupboxStep1.Text = "Step 1"
	#
	# labelClaimTypesNotify
	#
	$labelClaimTypesNotify.Location = ‘181, 81‘
	$labelClaimTypesNotify.Name = "labelClaimTypesNotify"
	$labelClaimTypesNotify.Size = ‘315, 23‘
	$labelClaimTypesNotify.TabIndex = 2
	#
	# labelAfterTheUpdateRollup
	#
	$labelAfterTheUpdateRollup.Location = ‘6, 16‘
	$labelAfterTheUpdateRollup.Name = "labelAfterTheUpdateRollup"
	$labelAfterTheUpdateRollup.Size = ‘497, 58‘
	$labelAfterTheUpdateRollup.TabIndex = 1
	$labelAfterTheUpdateRollup.Text = "After the Update Rollup 1 for Active Directory Federation Services (AD FS) 2.0 package has been installed on all federation servers and federation server proxies, and the AD FS Windows service has been restarted, use the following button to add a set of claim rules that make the new claim types available to the policy engine."
	#
	# buttonCreateClaimTypeRules
	#
	$buttonCreateClaimTypeRules.Location = ‘6, 81‘
	$buttonCreateClaimTypeRules.Name = "buttonCreateClaimTypeRules"
	$buttonCreateClaimTypeRules.Size = ‘168, 23‘
	$buttonCreateClaimTypeRules.TabIndex = 0
	$buttonCreateClaimTypeRules.Text = "Create Rules for Claim Types"
	$buttonCreateClaimTypeRules.UseVisualStyleBackColor = $True
	$buttonCreateClaimTypeRules.add_Click($buttonCreateClaimTypeRules_Click)
	#endregion Generated Form Code

	#----------------------------------------------

	#Save the initial state of the form
	$InitialFormWindowState = $MainForm.WindowState
	#Init the OnLoad event to correct the initial state of the form
	$MainForm.add_Load($Form_StateCorrection_Load)
	#Clean up the control events
	$MainForm.add_FormClosed($Form_Cleanup_FormClosed)
	#Store the control values when form is closing
	$MainForm.add_Closing($Form_StoreValues_Closing)
	#Show the Form
	return $MainForm.ShowDialog()

}
#endregion

#region Call-Global_ps1
	#--------------------------------------------
	# Declare Global Variables and Functions here
	#--------------------------------------------

	#Sample function that provides the location of the script
	function Get-ScriptDirectory
	{ 
		if($hostinvocation -ne $null)
		{
			Split-Path $hostinvocation.MyCommand.path
		}
		else
		{
			Split-Path $script:MyInvocation.MyCommand.Path
		}
	}

	#Sample variable that provides the location of the script
	[string]$ScriptDirectory = Get-ScriptDirectory

#endregion

#Start the application
Main ($CommandLine)

运行效果如下,由于是测试环境,没有安装ADFS服务,所以无法正常使用:

时间: 2024-10-19 13:49:48

Office 365 ADFS策略设置工具的相关文章

如何在 Office 365 环境中设置联机 Exchange 邮箱大小和限制

简介 本文介绍如何使用 Exchange 联机 PowerShell Microsoft Office 365 环境中设置联机 Exchange 邮箱大小和限制. 过程 若要设置为联机 Exchange 邮箱的邮箱大小限制,请使用下列方法之一. 为单个用户设置的邮箱大小限制 通过使用 PowerShell 远程连接到 Exchange 联机.有关如何执行此操作的信息,请转到下面的 Microsoft 网站︰ 连接到 Exchange 使用远程 PowerShell 联机 运行以下 PowerSh

Exchange 2013CU17和office 365混合部署-设置属性筛选(三)

上一篇我们已经安装完成AAD Connect,这篇我们来设置属性筛选.一般来说,我们使用默认配置就可以,AAD Connect会将配置的林中所有域内的所有对象都同步到Azure AD中.这样使用Exchange Online和Skype for Business等Office 365的用户就可以使用完整的全局地址列表.使用默认配置时,用户就会获得的体验与使用Exchange或Lync的本地实现相同的感受.如果我们使用筛选功能就可以控制本地目录中的哪些对象应该出现在 Azure Active Di

Office 365 切换语言设置

The steps of changing the language: Click “Setting                         ”>”Office 365 Setting”>”Language”, Then choose your language and save. Outlook Language Setting: Click “Setting ”>”Options>”Settings”>” regional”, Then choose your l

使用Azure上的Azure AD服务管理Office 365账户(无缝打通Azure和Office 365)

Office 365的各个组件运行在Azure AD服务至上,但是在Office 365上面,对账户底层的访问,操作权限有限,整合Azure服务.Office 365.企业内部系统看上去会很困难. 通过这一篇我们,我们可以发现在Azure上面直接调用Office 365的目录服务,无需开发就可以达到Azure上面的应用,都可以访问并使用Office 365账户,只需要将Office 365 和本地做ADFS联盟服务,这样就将Azure上.企业内.和Office 365上所有的应用全部打通了,都基

Office 365课程讲义 (五)

RMS 服务:基于文件的内容进行保护和定义,需要部署RMS服务器 O365中支持基于Azure的AD RMS服务 激活RMS服务 在SharePoint 和Exchange 中激活IRM服务,在终端的Office 软件中使用"限制访问"功能 排错工具:Office 365 Support     and Recovery Assistant tool(https://diagnostics.outlook.com/#/) 网络环境状态:Microsoft Message      An

Office 365实现多人在线编辑同一个文档(中)

我编辑下这个Excel录入一些数据,如下 我点击文件保存,可以选择直接保存到OneDrive也可以选择保存到本地计算机上,这里我选择保存到OneDrive里 输入文件名称点击保存 如果要保存到本地计算机位置,请点击"这台电脑" 保存好以后,可以在网页版中登录自己的Office 365账号点击OneDrive查看到 看到了刚才保存的Source.xlsx文件 除了这种保存文档的方式上传以外还可以采用配置本地OneDrive客户端的方式,在开始菜单点击Microsoft OneDrive

Office 365 - SharePoint 2013 Online之应用程序开发工具

1.新建一个网站集,模板选择开发人员模板,如下图: 2.确定以后,需要稍等一会儿; 3.点击网站内容,添加app,如下图: 4.进入SharePoint Store,选择Napa,如下图: 5.选择ADD IT,如下图: 6.可能需要登录,如果没有微软账号,可以注册一个,如下图: 7.点击继续,如下图: 8.Return to site,如下图: 9.点击信任他,如下图: 10.稍等片刻,就添加成功了,如下图: 11.点击进入Napa,可以在这里创建app,如下图: 总 结 试用了一下Napa,

Office 365 E3开发版的Power BI Free 许可设置

因为注册过了Office 365 E3开发版MSDN,之前一致拥有一个测试用的Power BI Pro许可(整个域仅送了1个Pro许可证).很多时候需要做测试的时候,只能来回在账号之间做启用和取消来更替试用这个Pro,显得弥足珍贵. 但是今天却发现,在管理的订阅市场里面有个这个东西存在. 然后进入查看,Free许可居然还有购买,有效期一个月~ 字面上看着似乎有点 鸡肋,增加了操作.但是考虑到账单是0,于是就买着玩玩,后面也给现有账户添加之后,顺利登录Power BI Web. 但是故事并没有到此

微软发布了一系列网络安全新功能(关于Windows和Office 365)

微软在旧金山召开的大规模RSA安全会议中发布了一系列新的网络安全功能,Windows和Office 365的新功能旨在帮助企业实现网络安全. 在Windows前端增加了使用Windows Hello的本地Active Directory功能,并允许Windows 10系统登录.微软还推出了新的工具,通过向企业提供将组织策略迁移到云托管的工具来帮助他们更好的使用移动设备来管理产品.(InfoWorld:你需要正确设置Windows 10组策略.新的操作系统:终极Windows 10 Survivo