Because I’ve been asked too many times and keep having to look up the commands, I’m just going to throw them here for reference. If your ADFS farm, federated with Office 365, goes down for some reason and is no longer reachable, the Microsoft way of unfederating your Office 365 logon domain won’t work, as the set-msoladfscontext command won’t be able to reach your ADFS machine.
Simply setting the domain’s authentication mode from Federated to Managed will also do the trick and allow your users to login with their synced passwords:
At first, the only way to do this was through the UI, but now we can enable the Unified Audit Log with the following Powershell command in the Exchange Online Remote Shell:
O365Undo is a great script you can use to roll back actions of your user(s) in Office 365. Most likely, actions your user wasn’t aware of but were actually done by a CryptoLocker or by RansomWare.
These nasty virusses can cause havoc on your mapped or synced Sharepoint Online or Onedrive for Business libraries in the form of file level encryption or file name obfuscation.
For all my customers I always enable this free feature, it is pretty much the only way you can have a RPO of 0 when you need to undo changes / deletes or restore data, and gives you a very nice and compliant audit log of everything your users and admins do in your environment.
In addition, it allows me to help you automatically reverse nasty CryptoLocker actions like mass file and folder renames and restore previous versions in bulk.