Author: Adam Fowler

Sync Photos from Canon Camera to OneDrive for Business

Getting files from A to B is sometimes easy, sometimes not so easy. As I’m writing a blog post on this topic, guess which category this falls into?

I recently purchased a Canon EOS R10 camera, and it’s been quite a while since I’ve done anything beyond a smartphone device in this space. It’s actually for my wife, but I still get to play with it.

Anyway, the simple concept of ‘I take photos on a camera and want them in OneDrive for Business the easiest and most automated way possible’ seems like it shouldn’t be a complicated ask, but the answers I’ve found aren’t as straight forward as I was expecting.

At a basic level, the camera takes photos and saves them onto a removable SD card (in this case, a Micro SD in a standard SD card adapter). Here’s the options that I found and didn’t like:

  • Remove the SD Card from the camera, put it into a computer, and copy the files off. This is the old school way and although not a terrible option, it’s rather manual and requires the steps to take the photos off each time, with another device handy. From the computer it’s quite easy to sync the files using the OneDrive client, as the destination of the copied files could be an already syncing folder.
  • Plug in the camera via USB to a computer and copy the files off. About as tedious as the first option, you’re still opening a flap on the camera, and doing all the heavy lifting on a computer.
  • Use the Canon Camera Connect app to connect a mobile phone to the camera, and download all the images to then sync up to OneDrive for Business. I was leaning this way until realising that it didn’t support resume – so if the camera went flat, or you took more photos before deleting, it would sync all the photos again.
  • On the camera itself, connect to Wi-Fi and then use the service. This will sync each photo to Canon’s cloud service. Free, but it’s for up to 30 days storage and max 10GB, and then there’s no easy way to get the files from to OneDrive for business. It is designed as a file transfer gateway to services, but those services are quite limited; Google Photos, Google Drive, YouTube, Adobe Photoshop Lightroom,, and Flickr.| was paid, Flickr wasn’t listed as a supported app on Power Automate, and Adobe I don’t want to even look at the price. If I was in the Google or Adobe ecosystem for file storage already I’d probably be happy, but I’m not.
    I first thought – after some investigation that there’s no support on Google Drive to detect a file creation on their APIs, so I can’t trigger a sync using something like Power Automate to take files from Google Drive and put them in OneDrive for business – but I then found this from the community that was close to what I wanted: Copy files from Google Drive to Onedrive on a daily basis

Using that solution and cutting it back a bit to an 8 hour sync and just deleting all the files found, I’ve now got a clunky but working solution:

1. Camera auto uploads to

2. syncs to Google Drive (free tier) as they come in

3. Power Automate checks every 8 hours for new files in Google Drive, copies to OneDrive for Business, deletes Google Drive files (and for 30 days I’ll still have a backup in, plus the files on the SD card in the camera until I delete them)

4. Synology NAS on-premises syncs files from OneDrive for Business to local storage

5. Plex locally scans the OneDrive for Business backup path and indexes images to play anywhere via Plex

I don’t like how many moving parts the solution has, plus the camera’s upload speed isn’t great (also a mid-range camera built in 2022 only has Wi-Fi 4 standards from what I’m seeing on my Ubiquiti equipment which is a bit disappointing), but it is an automated solution end to end. Sometimes the camera may go flat doing it’s long sync, but thankfully it keeps a record of where it was up to and continues on power on.

My Facebook Account Was Hacked Part 2 – I got it back!

Part 1 here

Continuing on from the Part 1 story, not long after I saw this story from Linus Tech Tips – they’d been hacked and although that’s on YouTube and I just lost my personal Facebook account, they sound like the same issue. This is worth a watch to understand what’s going on, if you think because you’ve got 2FA set up, you’re completely safe:

I still don’t know exactly what happened, but my cookie being hijacked made sense based on what I saw on the access logs – the same browser cookie used for auth that I’d used many months before, but no new login attempt, no MFA hacks etc.

Facebook have the same issue as YouTube – there is no MFA challenge when you change something major about your account, like your display name. It would make sense to do so when major profile changes are made, but they don’t.

Beyond that, logging onto Facebook today I saw an alert about my other profile – which was my taken over one but the browser was still aware (the account wasn’t deleted, purely completely blocked/disabled by Facebook). I’d also note here that I didn’t receive any email or other alert,

I thought I’d log back onto the account out of intertest, and was presented with a different screen:

This sounded like I might be able to get the old account back – so going through the process was purely a SMS code to type in based on my saved phone number, asking me if the phone number/email addresses were correct, then kicking of a bot who’s also a doctor seeing what actions might have been done under my account:

Strangely, this bot who I don’t believe actually is a qualified doctor, came back to tell me nothing was changed on my account:

Ah, I must have always been Lily and not realised it… even though the downloaded logs showed that was the last change on my Facebook account. If this system can’t detect that, it’s already failed.

Those Extra security settings were purely to get notifications and emails if my account is ever logged on at a new device – not a terrible thing, but probably not going to save me at 1am.

I really don’t want my old profile now anyway, but it has let me easily delete the Facebook Page I had for ‘Adam Fowler IT’ so that’s now gone.

I was considering maybe reviving the old account, but I couldn’t even change the name back because I’d changed it in the last 60 days.

Also, there might be something historical I want to get from the account, and although I have everything downloaded, it’s a bit of a pain to go through so rather than deleting the account, I changed the account profile photo to ‘do not use’ and deactivated it.

Overall, I’m still very unimpressed over the entire process, and the above continues to prove how even one of the most valuable companies in the world still gets this stuff so wrong.

My Facebook Account Was Hacked!

And I couldn’t recover it.

A few weeks ago, I woke up to look at my phone, opened the Facebook app and saw someone else’s account flash up, which then changed to a message saying that my account had been de-activated due to breaking community standards. I first thought ‘this isn’t even my account’ but upon logging out and in, I soon came to the realization that it was actually my account.

This also affected Facebook Messenger, which I could no longer access. Others could see my account in chats, with it’s new name ‘Lily’ and profile picture (which on doing a reverse Google Image search, I found was a very popular fashion influencer – and not the potentially breaking community standards type).

Facebook had an option on signing in for me to request the decision to be reviewed. As it seemed like it was a pretty cut and dry case where someone had somehow accessed my account, I followed that process. The process sounds like a scam in itself but is an actual thing they do – first I had to take a photo of myself and upload it, then take a photo of some sort of ID and upload that too. After that, the automated Facebook system told me to wait for the results of that review.

Only an hour or so later I logged back in to check, and saw this message:

I’m going to conclude that their review process isn’t very thorough, or they’ve automated it and it’s come back in the negative for some reason. Although I don’t expect much of Facebook, I did expect to get my account back, but that was a dead end. I didn’t really care about my Facebook account too much – I was really just using it for Messenger, as well as Facebook Marketplace and some local news/events stuff. Creating a new account didn’t take long and got me back to where I needed to be.

I was still curious on what happened – I was using a unique email address and password for Facebook, and 2FA was configured; any time I’d log onto a new device I’d get an existing device to prompt via the Facebook app to authenticate. I used the ‘Download Your Information’ button above, which took several hours to be ready and give me some download links.

The 3 ZIP files Facebook provided contained quite a large amount of information – it’s interesting to see how much data they actually keep about your activities – too many to list, but some examples:

Advertisers using your activity or information” (list of thousands)

Your off-Facebook activity” (thousands again, example – Menulog feeds back searches, purchases etc)

“IP Address Activity”

That’s when I became ‘Lily’.

Interestingly, “Authorised Logins” shows no logins from this IP, but there is a record under “Session updated

Unsurprisingly the IP appears to be a VPN endpoint. I’m no cyber expert, but appears someone potentially obtained a cookie off me to gain access judging by the first 4 characters, as the logs show I first used it in April 2022.

The other biggest ‘loss’ I had from losing this account was any other service I used that I’d done the lazy thing of using my Facebook account to set up access, rather than creating an individual account. One I knew I’d done this with, I could luckily follow a reset password process using the email address I used for Facebook.

I also lost control of my Facebook page where articles from here were posted – there’s probably a way to take this over, but having a quick read it requires uploading your ID, and that didn’t go to well so far.

I still haven’t been able to exactly work out how access was obtained, or what was actually done with the account to breach community guidelines (maybe just impersonating someone famous was enough) despite having all these logs. I’ve gone through chats, page likes etc and could not see anything suspicious.

The biggest lessons learned I can pass on from this is – realise that you may lose your Facebook account at any time, and despite doing the right thing and being able to prove you are you, not be able to recover it. Also, don’t be lazy and use that account to access other services if the other service can let you create an account in another way (ideally email + password + another authentication factor). If you are concerned about what Facebook might be gathering for you, follow their instructions on how to download your data – it gets presented in a nice HTML front page to dig through.

Also – if you post on social media about your account being hacked, a bunch of bots will respond and recommend services to get your account back. Ignore these.

Update: Check out Part 2 where I get the account back.

Azure AD Cross-Tenant Synchronization is now in Public Preview

For a long time, the methods of having two Azure AD tenants aware of each other’s users needed to be managed in either a manual, or scripted way; accessing the data of another tenant or using their configured Apps would require each user to enrol to the other tenant and be given default guest permissions; or an admin at the destination tenant would need to set things up, send invites out, or do something else creative to make the user experience better.

I was on board Azure AD B2B in the early days; as a Microsoft MVP I had the privilege of speaking to a product manager for it that one time I went to Redmond, talking about my use case and seeing if I was ‘doing it right’. A combination of Azure AD B2B and Azure App Proxy I’d set up for guest accounts to get into an internally hosted web based application, and it worked quite well. I had my own script going through a many step process to send out an invite to the user, add the user to multiple groups and whatever other trickery I needed at the time.

Cross-tenant synchronization however, takes a lot of that pain away. You can set up a trust between two Azure AD tenants (which can be a one way sync) to allow users in Tenant A to be automatically created and managed in Tenant B as a guest user. This is great for organisations who have to frequently work with another org – and even though it’s early days for cross-tenant sync, there’s some rather good controls already. You aren’t limited to a single relationship either; I can’t see any documented limits.

Attribute Mapping allows you to configure extra rules around the attributes that get passed on, allowing you to manipulate, add or remove certain attributes (you might want to remove an employee number from employeeid, or add an extra attribute to define what tenant they were synced from; or do something that will in turn match a dynamic security group rule to automatically add your synced users to be allowed to access an application.

I’d often step through how to set this up in one of these articles, but the documentation is already detailed with step-by-step screenshots and clear instructions. It worked exactly as described when I set this up between two test tenants I have, and took about 15 minutes beginning to end, which included reading the documentation a few times to make sure I was following it correctly. It’s also possible to do via Graph API, but I did not try this method.

There’s even detailed sync logs, troubleshooting tips, and detailed reporting.

One question I’ve seen multiple people already ask is how does this relate to the Global Address List (GAL) and People Search – which the documentation claims this isn’t on by default, but easy to enable. In my testing however, the accounts showed up in the GAL with the little ‘blue person in front of world’ symbol with no extra configuration. They didn’t turn up instantly and I waited overnight, then they were there. People Search was the same. If you want to investigate this for yourself, check out the showInAddressList attribute. Other documentation also says guest objects aren’t in the GAL by default too:

and here’s the instructions on how to “Add guests to the global address list“.

As always, be aware that this is Public Preview so has less guarantees than a fully launched feature. If you have any feedback or want to see what others might be saying/asking, check out the official feedback for Azure Active Directory.

Edit 10/02/2023

Worth mentioning licensing.

As per What is a cross-tenant synchronization in Azure Active Directory? (preview) – Microsoft Entra | Microsoft Learn:

In the source tenant: Using this feature requires Azure AD Premium P1 licenses. Each user who is synchronized with cross-tenant synchronization must have a P1 license in their home/source tenant. To find the right license for your requirements, see Compare generally available features of Azure AD.

In the target tenant: Cross-tenant sync relies on the Azure AD External Identities billing model. To understand the external identities licensing model, see MAU billing model for Azure AD External Identities

The MAU billing section:

In your Azure AD tenant, guest user collaboration usage is billed based on the count of unique guest users with authentication activity within a calendar month. This model replaces the 1:5 ratio billing model, which allowed up to five guest users for each Azure AD Premium license in your tenant. When your tenant is linked to a subscription and you use External Identities features to collaborate with guest users, you’ll be automatically billed using the MAU-based billing model.

Your first 50,000 MAUs per month are free for both Premium P1 and Premium P2 features. To determine the total number of MAUs, we combine MAUs from all your tenants (both Azure AD and Azure AD B2C) that are linked to the same subscription.

The pricing tier that applies to your guest users is based on the highest pricing tier assigned to your Azure AD tenant. For more information, see Azure Active Directory External Identities Pricing.

Then from Pricing – Active Directory External Identities | Microsoft Azure:

Each synced user needs an Azure AD Premium P1 or P2 license in their home tenant.

Each tenant receiving synced users has the Azure AD External Identities billing model which used to be a 1:5 model, but is now 50k users free, the rest a small charge per active user.

Does a synced account count as an active user? Unsure, I would guess it’s a ‘probably not’ since there’s no active login for just existing as a guest in another tenant, but verify that for yourself with your licensing reseller.

Motorola MA1 Wireless Car Adapter For Android Auto™ Review

Do you have a car?
Does it have Android Auto?
Does it only support wired connections and not wireless?
Do you use an Android phone?
Do you like dongles?

If you answered ‘yes’ to all of those questions, then this is the product for you.

I’ve been using the MA1 for about two months. I’ll start with the “Before MA1 Time”:

My new car had Android Auto support, but only via USB plugged in via the middle console of the car. I had high hopes for using Android Auto, particularly for mapping as I’d be confident it’s better than any car’s build in GPS and map solution; but jumping in the car and having to plug the phone in every time is a pain. It might sound like a small pain, but it’s enough to not bother – getting the phone out my pocket, docking it in a phone holder and plugging the USB-C cable in is enough, but then there’s the 20-30 seconds it takes to detect and start actually working. I slowly did this less and less, until I’d only go through it when I had a new destination to go to and knew that before getting to the car.

This has a few negatives, partly the mixed experience in navigating the car’s entertainment system depending if I was plugged in or not, but also not having the benefits of Google Maps telling me where there were delays on each trip and suggesting alternate paths (which comes in handy driving to work where there’ll be an inevitable daily car crash somewhere, holding up traffic).

Enter the Motorola MA1 Wireless Car Adapter For Android Auto™. A small enough dongle designed to make a wired only Android Auto car, wireless. It does what it says on the box, and very simple to pair via Bluetooth and get started with. Once paired, there’s nothing to do – I get in the car, turn it on, and within 10 seconds Android Auto is up and running with my phone still in my pocket.

This means I can do things like quickly scroll to the address of work as I take off in my car and get those traffic benefits. Or, I can control my Podcast app and pick a different item to listen to (legally – my car blocks the touch screen when the car is moving, but allows dial/button controls which I can do at red light).

Answering and making calls was already fine by normal Bluetooth – it’s probably easier to look up contacts now but I’d normally use a Google voice command to call someone anyway. No real difference there.

The only negatives I can call out about this device are that the cable between USB port and dongle is a bit stiff and can’t be twisted – if inconvenient though, I’m sure a USB extension cable would work to get the dongle in a preferred location. The second is that because it’s now running via Bluetooth, I do have a rare occasional dropout and I think it’s actually when I drive in a certain physical location near a hospital; possibly something’s getting in the way of Bluetooth itself. It does take about 20ish seconds to recover, but will do so without having to do anything but wait.

I purchased mine via Telstra Plus Rewards with some points that were going to expire, but you can also buy via Amazon.

Worth checking out for those that answered ‘yes’ to all those questions at the start – it’s a lot cheaper than getting a new car with wireless Android Auto.