External Sharing in SharePoint and OneDrive is changing: What You Need to Know

on
In an ongoing effort to create a more secure environment by default, Microsoft is introducing an important security update that will affect how external users access content shared through SharePoint and OneDrive. Starting July 1, 2025, any links shared with external users before your organization enabled Microsoft Entra B2B integration will no longer work. This change applies to all organizations that have already enabled or will enable SharePoint and OneDrive integration with Microsoft Entra B2B (Most organizations I have looked into so far). External users trying to use old links will see an error message saying the organization has updated its guest access settings. To regain access, the content must be reshared. Highlights of how the change affects organizations who have enabled B2B: All external sharing will require guest registration. External users must be added as guests in your Microsoft Entra directory. Access will be managed through Microsoft Entra B2B Invitation Manager. T...

A thing about DHCPUtil -EmulateClient

on
I was trying to troubleshoot a Lync phone registry issue for a client of mine, and I ran into an issue I haven't seen before.

As I do not have access to every LAN to every customer at all times, I often get the customer to run certain commands and have them read me the output. When troubleshooting the registration of a CS-Commonareadevice, one of these commands are "DHCPUtil -Emulateclient". I send them instructions on how to map to the Lync server, set their path correct, and run the command from dos.

Usually, I've only been concerned whether the result is a failure, or success. Preferably have the client read out loud the bottom lines of the output. It would look something like this, and I'll say: Read me the result, and what ever information below "result".:


If the result is "success", and everything else seems valid, I will then move on to run the test-csphonebootstrap command, and try to understand the underlying issue.

This is what the test-csphonebootstrap had to tell me:


If you look closely at the TargetURI, it is missing something. It should contain the FQDN of the webservice providing the RootCertChain. So I told the customer his DHCP was all wrong, and asked him to fix it. He's reply was: "No, it's not". And he provided a screenshot of the settings/options showing everything was in order (Or at least it looked like it was in order)

Time to inspect that DHCP ACK packet in-depth. Or at least scroll up a line or two. And try to figure out what was happening.

This is what I saw with my own eyes:
Success, and the correct provisioning url as shown in the first screen shot. But as I scrolled up, I saw something interesting:


Taking a closer look at the option 43 as the client read it, it revealed the values were read in the wrong order.
I do not know why the result came out "Success" or why the output seemingly gave the correct provisioning URL. But I do know the phones didn't register and the test cmdlet gave me an error, and cleaning up the DHCP (removing settings, and reapplying them as described in this post) fixed the error.

Lessons learned:
- Don't always accept "Success" as a definite answer when troubleshooting. Sometimes you still need to take a closer look at things. The -Emulateclient obviously only look for the values in DHCP, and it doesn't do a syntax check. Nice knowing? It took me a couple of rounds before I really realized what was wrong.
- And from now on, I will have to ask the customer for the entire output not just the result.