Category Archives: PowerShell

Single Sign on (SSO) with Chrome & Firefox and ADFS 4.0

This is how to enable SSO with browsers other than IE and Edge using ADFS 4.0. This is done by adding the browser user agents to the ADFS config.

First, confirm the current config:

Get-AdfsProperties | select -ExpandProperty wiasupporteduseragents

MSIE 6.0
MSIE 7.0
MSIE 8.0
MSIE 9.0
MSIE 10.0
Windows Rights Management Client

Now we add Chrome, Firefox, and any other Mozilla compatible browser:

Set-AdfsProperties -WIASupportedUserAgents ((Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents) + "Mozilla/5.0")

Check the result:

MSIE 6.0
MSIE 7.0
MSIE 8.0
MSIE 9.0
MSIE 10.0
Windows Rights Management Client

Now, restart ADFS:

net stop adfssrv
net start adfssrv

Note that you could also add individual browsers instead of Mozilla/5.0 in case you wanted some browsers supported and not others. For example you might use Firefox for Global Admin users connecting to Office 365, so they can be signed into the Windows with one account, and use an Admin account to login to Office 365 using Firefox. So you could use something like this:

Set-AdfsProperties -WIASupportedUserAgents ((Get-ADFSProperties | Select -ExpandProperty WIASupportedUserAgents) + "Chrome" + "Firefox")

Test using Chrome or Firefox, and you should find that SSO is working properly.

Note that Firefox also requires some client side configuration. Type in about:config and add the address of your ADFS server (e.g. to network.automatic-ntlm-auth.trusted-uris.



If you have any issues or want to remove this, you can reset the list to the default as follows:

Set-ADFSProperties -WIASupportedUserAgents @("MSAuthHost/1.0/In-Domain", "MSIE 6.0", "MSIE 7.0", "MSIE 8.0", "MSIE 9.0", "MSIE 10.0", "Trident/7.0", "MSIPC", "Windows Rights Management Client", "MS_WorkFoldersClient","=~Windows\s*NT.*Edge")

Configuring PowerShell to work behind a proxy server

How to connect PowerShell to the internet with authenticated proxy servers. PowerShell won’t update help, or let you connect to online repositories, without configuring it to work with your corporate web proxy proxies. Whilst it will use system Internet settings, which will work for unauthenticaed proxies, you will have do some changes manually if your proxy requires authentication.

If you try and use an online command such as update-help, you will get an error like this:

PS C:\WINDOWS\system32> update-help
update-help : Failed to update Help for the module(s) 'ActiveDirectory, AppBackgroundTask, AppLocker, AppvClient,
Appx, AssignedAccess, BestPractices, BitLocker, BitsTransfer, BranchCache, CimCmdlets, ClusterAwareUpdating, ….Unable to
connect to Help content. The server on which Help content is stored might not be available. Verify that the server is
available, or wait until the server is back online, and then try the command again.

At line:1 char:1
+ update-help
+ ~~~~~~~~~~~
+ CategoryInfo          : InvalidOperation: (:) [Update-Help], Exception
+ FullyQualifiedErrorId : UnableToConnect,Microsoft.PowerShell.Commands.UpdateHelpCommand

To fix this, you need to configure your proxy settings in your PowerShell profile as follows (note that this requires local administrator rights):

  • Open an administrator-level PowerShell command prompt
  • Run the following command to register the PSGallery Repository
  • Edit your profile:
notepad $PROFILE

Note: it will prompt you to create this if it does not exist. Then add the following lines, modifying as you see fit for your environment:

[]::defaultwebproxy = new-object'http://proxyname:port')

[]::defaultwebproxy.credentials = [System.Net.CredentialCache]::DefaultNetworkCredentials

[]::defaultwebproxy.BypassProxyOnLocal = $true

Restart PowerShell. Note that you will need to have scripts enabled in order to load the profile.

Now, you can run update-help again and it should have no issues.

You can also now connect to Office365 using PowerShell, see

Connecting to Office 365 using PowerShell

A brief set of instructions to connect to Office 365 online services using PowerShell, including Azure AD, Exchange Online, and Skype for Business Online.

Note: If you are behind a proxy server, you will need to follow this in order for this to work:

1. Install the 64-bit version of the Microsoft Online Services Sign-in Assistant: Microsoft Online Services Sign-in Assistant for IT Professionals RTW.
2. Install the Microsoft Azure Active Directory Module for Windows PowerShell with these steps:
○ Open an administrator-level PowerShell command prompt
○ Run the command:

Install-Module MSOnline

Get your credentials and connect:

$creds = Get-Credential
Connect-MsolService -Credential $creds
Get-MsolDomain (to confirm if you are connected to the right tenant)

Note: If your account is 2FA enabled, just use the command: Connect-MsolService and then enter your credentials and 2FA authentication.

I would also highly recommend changing the window title, especially if you connect to multiple tenants. This reduces the chances of making a change on the wrong tenant!

$host.ui.RawUI.WindowTitle = "CustomerX: Production"

If you also want to manage Skype Online:

Download and install the Skype for Business Online Connector module.

To connect to Skype Online:

Import-Module SkypeOnlineConnector
$SkypeSession = New-CsOnlineSession -Credential $creds
Import-PSSession $SkypeSession
Get-CsExternalUserCommunicationPolicy (to test)

To connect to Exchange Online:

$ExchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $creds -Authentication Basic -AllowRedirection
Import-PSSession $ExchangeSession
get-mailbox (to test and verify which tenant you are connected to Skype)
Get-Organizationconfig (useful)

If you need to use your proxy with remote PSSessions, connect as follows:

$proxyOptions = New-PSSessionOption -ProxyAccessType IEConfig
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $creds -Authentication Basic -AllowRedirection -SessionOption $proxyOptions
Import-PSSession $Session

Note: If you have MFA enabled you need to install the old Exchange PowerShell module, see here:

To connect to the Security& Compliance center:

$creds = get-credential
$SccSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $creds -Authentication "Basic" -AllowRedirection
Import-PSSession $SccSession -Prefix cc

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $creds -Authentication Basic –AllowRedirection
Import-PSSession $Session
Get-RetentionCompliancePolicy (to test)

See and for more information.


Script to stop your screen going blank or PC going to sleep

If you have a PC or laptop at work with settings or policies set to turn the screen off, lock the PC, or go to sleep, you may wish to prevent this from time to time. For example you may need to run a display in an office or shop window, or avoid embarrassment during presentations. On a standalone PC you can easily change the power settings to prevent your PC from going to sleep, but this is not ideal because you have to remember to switch it back again.

In a corporate environment you will likely have group policies enforcing these settings that you are unable to change. Having special GPOs applying to groups of machines is one solution, however this will often be time consuming and complicated to setup in a corporate network with security and change control.

PowerPoint does a good job of preventing the screen or PC from turning off during full screen presentation mode, however you may need to run a browser or other application.

As a side note, Presentation View has been around since Windows Vista days, but it is still present even in the latest Windows 10 build, but unfortunately does not work if you have group policies enforcing your settings. This is a shame as it is very easy to use (Right click on the Start menu, Mobility Centre, Turn on presentation view).

Fortunately, there is another easy way of doing this this that work in Windows 10 and earlier versions back to Windows 7 (you may need to alter the script slightly for earlier versions of Powershell). So here is a way of doing it using a simple script:

Create a new text file in a folder called e.g. keep-alive, and call it keep-alive.ps1.

clear host
# Script to keep the PC alive, will prevent screen lock and sleep.
# Works by pressing Print Screen every 60 minutes, side effect is that a screenshot will overwrite the clipboard contents
# Change the color of error and warning text
# Valid colours: Black, DarkBlue, DarkGreen, DarkCyan, DarkRed, DarkMagenta, DarkYellow, Gray, DarkGray, Blue, Green, Cyan, Red, Magenta, Yellow, White
# To see all colours:
# [enum]::GetValues([System.ConsoleColor]) | Foreach-Object {Write-Host $_ -ForegroundColor $_}

$opt = (Get-Host).PrivateData
$opt.WarningBackgroundColor = "DarkCyan"
$opt.WarningForegroundColor = "white"

write-warning "Your PC will not go to sleep whilst this window is open..."
Do {

Start-Sleep -Seconds 60

} While ($true)

Now create a new file in the same directory called keep-alive.bat and add the following:

powershell.exe -ExecutionPolicy Bypass -File .\keep-alive.ps1

Note that this will work on PCs that have Powershell scripts disabled, since it overrides this setting.

You should now have a folder like this:


Run the .bat file and your PC will stay alive whilst the window is open.