Troubleshooting

Mailbox Delivery Settings

From time to time, I run into environments where things are configured in “non-standard” ways.  Granted, we don’t have a lot of specificity or documentation around some attribute configurations because the default configuration has been tested by the people who created the software and works in almost every conceivable situation. … [ Continue reading ]

Scripting

PowerShell Random Password Generator

On a project earlier this year, I had to create random passwords for user accounts as part of a provisioning tool.  Perpetually trying to find the fastest way to do something, I came up with a one-liner that you can use to create a random text string from the following ASCII printable characters:

!”#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_abcdefghijklmnopqrstuvwxyz{|}~0123456789

To create the passwords, I use this bit of magic:

PS> $Password = ([char[]]([char]33..[char]95) + ([char[]]([char]97..[char]126)) + 0..9 | sort {Get-Random})[0..8] -join ''
PS> $Password
Z-=$fNgb!
[ Continue reading ]
Configuration

Create a Transport Rule to Reject a Message When Both Domain Conditions Are Met

Today, I saw a question come up as to how to block a message when it’s sent to two different classes of users at the same time.  Let’s say you want to be able to send to John@domain1.com, Bob@domain2.com, and Jane@domain3.com (list 1) or to Mark@domain4.com, Sue@domain5.com, and Mary@domain6.com (list 2), but any time those users from both list 1 AND list 2 appear in the To/CC of the *same* email message, you want it to be blocked. … [ Continue reading ]

Scripting

ActiveSync Device and User Report for Office 365 D, MT, and Exchange 2010+

Today, I had a customer ask me for an ActiveSync device report.  Normally, this is a somewhat simple task (Get-Mailbox | Get-ActiveSyncDevice), but in a large environment with hundreds of domains representing different agencies or business units, that is kind of an unwieldy report to run (as well as including a lot of data for out-of-scope users).… [ Continue reading ]

Migrating

Fix those IMCEAEX NDRs

I had a customer migrate some mailboxes a few weeks ago, and they’re now just getting some NDRs.  Here’s a sample NDR:

imceaex-1

To fix this, you can take the NDR that you receive, copy/paste it into this function, and then take the resultant decoded x500 address and add it back to the proxyAddress array for the recipient.… [ Continue reading ]

Identity

Use AADConnect to add a Proxy Address

* UPDATE* After doing this originally, I decided to take a different route and write it back to the on-premises AD, so that way, the objects are synchronous.  This post now reflects the updated content.

A few weeks ago, I had an issue where I needed to remove a proxy address from the proxyAddresses array of a user being synchronized to Office 365. … [ Continue reading ]

Scripting

Testing for bad SMTP Addresses

While working on my latest project,  I encountered a significant number of objects with malformed SMTP addresses.  These appeared to have been objects that had been somehow manually modified over the years by directly writing to the proxyAddresses attribute in Active Directory, bypassing an API that would check for correctly-formatted addresses.… [ Continue reading ]

Identity

How to Merge Duplicate Mail-Enabled User and Contact Objects

One of the first steps in preparing for an Office 365 migration is running a tool we provide called IDFix.  The goal of this tool is to help minimize identity issues when migrating to the cloud.  Most identity issues come down to two issues:

  • Invalid characters in key attributes
  • User objects with duplicate values in indexed attributes (duplicate objects)

The first issue is pretty easy to deal with–IDFix will identify objects with offending characters and the attributes where they exist, and will even make some recommendations. … [ Continue reading ]

Configuration

Creating a Pinpoint DNS Zone

I saw an interesting question floating around a discussion alias earlier today–how to return different IP addresses for the same hostname from different DNS servers for users that are in different regions (for example, have DNS servers on the east coast return “1.2.3.4” for my.domain.com and DNS servers on the west coast return “5.6.7.8” for same name–the trick being that domain.com is an internal Active Directory DNS zone). … [ Continue reading ]