With the rise of stay-at-home orders due to COVID-19 over the past several weeks, I’ve engaged with many customers who want to use Microsoft Teams to as part of their work-from-home tool set. Many of my customers have investments in both Microsoft Office 365 as well as Google G Suite or Google Apps (frequently with other third-party IdP, metadirectory, and federation services thrown in the mix), so it’s not always just as easy as “flipping a switch.”
Here’s the process that my fantastic coworker, Angel Aviles, and I worked out to help our customers get the most out of both platforms.
Note: This post has some new updates:
– Issue 6: Resolving blank subjects for Teams meetings received by G Suite
- Introduction
- Issue 1: Users are unable to share files in chat
- Issue 2: Calendar icon isn’t displayed for users
- Issue 3: How do I prevent users from accidentally using their new Office 365 mailbox?
- Issue 4: Teams messages are delivered to the Office 365 mailbox
- Issue 5: I’ve done all this, but my users are prompted to select a Time Zone when scheduling a Teams meeting
- Issue 6: G Suite Users Receive Meeting Invitations with Blank Subjects
- Issue 7: Meetings scheduled in Teams don’t show up on Organizer’s G Suite calendar
- Automation
Introduction
First, a little background on what it takes for a successful Microsoft Teams deployment.
- You must have an identity (duh). For most customers that are running both G Suite and Office 365, they’ll have one or more identity provisioning engines. The most common identity provisioning scenario is using Azure Active Directory Connect to synchronize identity to Office 365 and Google Cloud Directory Sync (formerly Google Apps Directory Sync) to synchronize identity to G Suite, though you can also use Azure Active Directory to provision G Suite users automatically (which is what I recommend for organizations that need to maintain both systems).
- You must have an Exchange Online Mailbox license enabled in order to see the calendaring option.
If you don’t have the Calendar option available, then you definitely don’t have an Exchange Online license assigned. The calendar option requires EWS-based access to a user’s mailbox (either in Exchange Online or through Exchange hybrid to an on-premises mailbox). This is important, as it goes to one of our troubleshooting steps later. There are other considerations when trying to get Teams calendaring to work with Exchange Hybrid and eDiscovery–we’ll save those for another post. - 1:1 Chat-based sharing requires a SharePoint Online license with OneDrive for Business provisioned. Behind the scenes, when you share a file via IM or peer-to-peer chat, the file is silently uploaded to OneDrive for Business and each recipient is granted sharing permission to it. Without a SharePoint Online license and OneDrive for Business provisioned, users will be unable to upload files.
Many organizations that use both service platforms choose to limit or restrict certain features in one platform–for example, enabling Google Drive but disabling OneDrive or enabling Exchange Online mail but disabling Gmail–to ensure that everyone uses the same tools. In the case of converged applications like Teams, however, we need to have things enabled at some level and use both technology and user education to help workers be efficient.
There’s the background–now, let’s move on to some common issues!
Many of my dual-platform customers have Office 365 for the Office ProPlus subscription feature–so, they only need identity synchronized to the cloud and an Office 365 ProPlus license assigned.
Files upload being unavailable in chat is likely due to one of two conditions:
- permissions on the User Profile Service
- user has not logged into OneDrive for Business
As previously stated, in order for 1:1 file sharing to work, users will need a SharePoint Online license provisioned and OneDrive for Business sites activated.The reason I draw attention to that activated part is that I’ve had many customers over the years enable SharePoint Online but disable automatic provisioning of OneDrive for Business sites by removing the permission from the User Profile Service. I’ll show you how to check and verify that it’s all working.
Resolution 1: Enable OneDrive for Business
You’ll need to go to the admin center (https://admin.microsoft.com), select an active user, and assign a SKU that has SharePoint Online. You’ll also need to ensure the SharePoint Online service plan is actually selected (for example,many of my customers that are only using Office 365 for Office 365 ProPlus or Planner or other services have specifically disabled this service plan). What am I talking about?
This:
But A-A-Ron, you say–
My users have licenses assigned but still aren’t able to chat! Read on, administrator!
Resolution 2: Ensure the permissions for the User Profile Service are correct
Many organizations that run both Office 365 and G Suite limit the services available in either platform. It gives both the users and administrators “one place” to check. When you have multiple ways of doing something, it can become challenging to troubleshoot. For organizations that have access to both Google Drive and OneDrive, it may make sense to prevent users from using one of them. Some organizations have chosen to do this by changing the permissions on the SharePoint User Profile Service, which is responsible for OneDrive for Business (or MySites, if you’re old like me).
You can check the permissions of the User Profile Service using these steps.
- Navigate to the Microsoft 365 admin center (https://admin.microsoft.com), expand Admin centers, and select SharePoint.
- Expand More features and select Open under User profiles.
- Select Manage User Permissions.
- Ensure Create Personal Site (required for personal storage, newsfeed, and followed content) is enabled and click OK. If this box is clear, users are unable to provision OneDrive sites.
Now that we’ve got that straightened out, let’s make sure the sites get created …
Resolution 3: Pre-provision OneDrive Sites
A user’s OneDrive for Business site isn’t provisioned until the user logs in the first time. If users aren’t normally storing their files in OneDrive or using Office 365 as their main productivity platform, they likely have not done this step. In the case that everything is configured correctly (either it already was or you just fixed it using the steps above), you should ensure that every user has a OneDrive site by pre-provisioning it yourself. That will remove the need for the user to log in and kick off the self-provisioning.
You can pre-provision sites for OneDrive users with the SharePoint Online Management Shell. You’ll need to know your tenant name (as in tenant.onmicrosoft.com) and have an administrative credential. You’ll also need the Microsoft Online Services Module, which you can install on Windows 10 using Install-Module MSOnline. You can use a script like the following to instantiate an OneDrive for Business site:
$TenantName = Read-Host "Enter your Office 365 Tenant name (onmicrosoft.com domain)"
$Credential = Get-Credential -Message "Enter Office 365 Global Admin Credential"
Connect-MsolService -Credential $Credential
$Tenant = "https://"+$tenantname.split(".")[0]+"-admin.sharepoint.com"
Connect-SPOService -Url $Tenant -Credential $Credential
$Users = Get-MsolUser -All | Select UserPrincipalName
Request-SPOPersonalSite -UserEmails $Users
If you are requesting the provisioning of a lot of sites, it may take a few hours. If sites haven’t provisioned in 24 hours, contact Office 365 support.
Issue 2: Calendar icon isn’t displayed for users
In the current “everyone work from home” climate, online meetings are critical to ensuring tasks things are running on schedule. Transitioning in-person meetings to remote meetings can be challenging enough already. Not having the calendar icon available to schedule a meeting makes it even more difficult.
Before we dive into the mechanics of this, I want to be clear: this will not be a 100% solution for everything. Google does support a cross-platform calendar interoperability, but it is not designed for users that exist in both platforms with the same identity.
I’m going to say this again for the people in the back: it is not designed for users that exist in both platforms with the same identity.
The reason for this is that interop specifically looks in a remote environment for users that don’t exist in your local environment. If you have a local mailbox and calendar for a user, there’s no reason to cross the interop connection.
What this means:
When a user is in Teams and wants to schedule a meeting with a G Suite user in the same domain, they will only see the invited user’s availability as it appears in the local Exchange Online calendar. They will not see availability for the invited user in G Suite, so meeting invitations will be sent ‘blind.’ You may want to look at a third-party solution such as SyncGene to keep the Office 365 calendar up-to-date if the G Suite calendar is primary.
Resolution: Provision a mailbox in Office 365
There are a lot of moving parts in this, so be sure you understand them all. The first step is to ….
Enable an Exchange Online License
This is a pretty easy step. Just enable the Exchange Online mailbox license for the user. A mailbox will be provisioned, and the users will soon see the calendar icon displayed in teams.
As you onboard users to both platforms, you will need to ensure that you continue to enable Exchange Online licenses for the new users.
Pro tip: Use Azure Group-based Licensing to automate the assignment of licenses to your users.
Troubleshooting
I know, I know–already with the questions.
What if enabling an Exchange Online license didn’t cause a mailbox to be provisioned? What if my synchronized users are still showing up as either Mail-Enabled Users or Mail-Enabled Contacts in the Exchange Admin Center?
This is likely because you previously had an Exchange on-premises environment deployed and the environment was not decommissioned correctly.
The TL;DR version of this is that:
- Exchange is deeply integrated with Active Directory. Exchange utilizes a number of attributes to describe the configuration of a mailbox (mailbox GUID, sever and database location, type of mailbox) as well as attributes that describe the user (proxy addresses, email address, forwarding address, and such).
- AAD Connect synchronizes those attributes to Office 365. It’s important for a number of reasons that a user only have one mailbox (either on-premises or online). Exchange Online is aware of those attributes and treats the synchronized users with on-premises mailbox attributes as “mail-enabled users” or “remote mailbox users”: it knows they have an on-premises mailbox based on the values of those attributes, so it won’t provision a mailbox in-cloud.
- If you just “turned off” your Exchange environment and left those attributes in place, you’ll be in position of Active Directory and Office 365 environments thinking you still have Exchange mailboxes and preventing you from enabling what would amount to a duplicate mailbox.
There are a few ways to deal with this, such as clearing the required attributes on-premises or using AAD Connect to set the values for you. Depending on what types of changes you want to make, you can go either of these routes.
Clearing the attributes manually
This is a pretty straightforward solution. You’ll clear the values for the following attributes:
- msExchMailboxGuid
- msExchRecipientTypeDetails
- msExchRecipientDisplayType
- homeMDB
To do this for an individual user:
Set-ADUser -Identity <username> -Clear msExchMailboxGuid,msExchRecipientTypeDetails,msExchRecipientDisplayType,homeMDBTo do it for multiple user (such as all users in a domain):
Get-ADUser -Filter * | Set-ADUser -Identity <username> -Clear msExchMailboxGuid,msExchRecipientTypeDetails,msExchRecipientDisplayType,homeMDBIn this scenario, AAD Connect will pick up the changes and sync them to Office 365. Bada bing, bada boom! You’ve got cloud mailboxes (once you assign licenses).
Clearing the attributes via AAD Connect
For those that are uncomfortable updating the attributes in their on-premises environment or don’t want to run scripts against their users–never fear! You can also accomplish this with an AAD Connect synchronization rule.
- Launch the AAD Connect Synchronization Rules wizard.
- From the drop-down, select Inbound.
- Click Create to begin creating an inbound synchronization rule, using the following as a template:
Name: Enter a name for the rule (required)
Description: Enter a description for the rule (not required, but recommend)
Connected System: Select the Active Directory forest where the users reside.
Connected System Object Type: user
Metaverse Object Type: person
Link Type: join
Precedence: Select a value lower than your lowest rule.
Tag: Leave blank
Enable Password Sync: leave unchecked
Disabled: leave unchecked - Click Next to advance to the Scoping filter page.
- You can implement a filter if you want to scope it to a single user to test it out. This is optional. Click Next when finished.
- On the Join rules page, leave it blank and click Next.
- Click Add transformation to add each of the following transformations:
FlowType Target Attribute Source Apply Once Merge Type Expression msExchArchiveGUID AuthoritativeNull (unchecked) Update Expression msExchMailboxGuid AuthoritativeNull (unchecked) Update Expression MsExchRecipientDisplayType AuthoritativeNull (unchecked) Update Expression msExchRecipientTypeDetails AuthoritativeNull (unchecked) Update 
- When you’ve finished adding all of the transformations, click Add.
In order for AAD Connect to apply this rule, you’ll need to either trigger an object to update to test or perform a Full Import task on the Active Directory Connector. To perform a full sync from PowerShell, run this command:
Start-ADSyncSyncCycle -PolicyType Initial
Issue 3: How do I prevent users from accidentally using their new Office 365 mailbox?
Ok,You’ve now got mailboxes, but how do you prevent people from using the wrong mailbox if your organization is currently using G Suite? This is also a relatively simple fix and can be done a few different ways.
For a single user:
Set-CasMailbox -Identity <test account> -UniversalOutlookEnabled $false -OutlookMobileEnabled $false -MacOutlookEnabled $false -EwsAllowOutlook $false -EwsAllowMacOutlook $false -EwsAllowEntourage $false -MAPIEnabled $false -OWAEnabled $false -ImapEnabled $false -PopEnabled $false -ActiveSyncEnabled $false
To bulk apply settings across your Office 365 tenant:
Get-Mailbox -ResultSize Unlimited | Set-CasMailbox -UniversalOutlookEnabled $false -OutlookMobileEnabled $false -MacOutlookEnabled $false -EwsAllowOutlook $false -EwsAllowMacOutlook $false -EwsAllowEntourage $false -MAPIEnabled $false -OWAEnabled $false -ImapEnabled $false -PopEnabled $false -ActiveSyncEnabled $false
Those approaches are good, but they lack the scalability of the enterprise solution. Instead, I’d recommend using Exchange Client Access Rules (or InTune Conditional Access) to limit access to the mailbox.
Warning: Do not lock yourself out of administering the tenant with Client Access Rules. Make sure you leave PowerShell enabled for at least your administrator account, should you need to change things. You can also skip to the end to learn about using Azure Automation to run scripts at a regular interval against your new mailboxes.
$TenantAdmin = Read-Host "Enter the address of the Office 365 Global Admin" New-ClientAccessRule -Name "Block Mailbox Access" -Action DenyAccess -AnyOfProtocols ExchangeActiveSync,ExchangeAdminCenter,IMAP,OfflineAddressBook,OutlookAnywhere,OutlookWebApp,POP3,REST,UniversalOutlook -Scope Users -Enabled $true -ExceptUsernameMatchesAnyOfPatterns $TenantAdmin
Issue 4: Teams messages are delivered to the Office 365 mailbox
Great. Now you’ve got a mailbox for every user in Office 365 AND you’ve blocked them from being able to access them. There’s only one problem: Teams (and other applications) are now delivering messages to the Office 365 mailbox instead of to the user’s corresponding G Suite mailbox.
You could try to configure a forwarding address on every mailox to send to G Suite, but the main problem is that you’re sharing the domain between Office 365 and G Suite, so the mail won’t go anywhere. Plus, you’d have to maintain that for EVERY mailbox, There has to be a better way.
Yes, there is. I wrote about it in one of my first blog posts.
But, I digress. In that original blog post, I talked about enabling two-way between Exchange Online and a non-Exchange platform. I’ve adapted it for use in this scenario.
Resolution: Configure Transport Rule-Scoped Connector to Relay Mail to G Suite
- First, we need to set all of the non-onmicrosoft.com domains to InternalRelay. Why? When an Exchange organization (online or on-premises) is marked Authoritative for a domain, it means that it is responsible for accepting and delivering mail for that organization. If that identity doesn’t exist in the Exchange system, it doesn’t exist period. In the event that you have users who do exist in G Suite but do not get provisioned into Office 365, you’ll want to make sure they can still receive Teams meeting invitations.
From Exchange Online PowerShell, run:Get-AcceptedDomain | ? {$_.DomainName -notlike "*onmicrosoft.com"} | Set-AcceptedDomain -DomainType InternalRelay - Next, we’re going to create a distribution list to hold the users you want excepted from this custom routing configuration. There may not be any currently, but it’s nice to have the framework in place in the event that you have users or groups of users that want to transition mail to Office 365.
From Exchange Online PowerShell, run:$ExceptionDG = (New-DistributionGroup -Name "Office 365 Users" -PrimarySmtpAddress ("Office365Users@"+((Get-AcceptedDomain)[0]).DomainName)).PrimarySmtpAddress - In Exchange parlance, a connector is a configuration object that is used to (wait for it) connect mail systems or mail transfer agents. Connectors are the plumbing used to join mail systems and to link a mail system to its next hop or route. In this case, we’ll be creating a connector whose next hop configuration is G Suite (or any other platform you might be hosting mail on).
From Exchange Online PowerShell, run:[array]$MxHosts = (Resolve-DnsName -Type MX (Read-Host "Enter domain name")).NameExchange New-OutboundConnector -Enabled:$true -ConnectorType 'Partner' -AllAcceptedDomains:$false -IsTransportRuleScoped:$true -Name 'Partner Connector to GSuite' -CloudServicesMailEnabled:$false -Comment 'TransportRule Scoped Connector for G Suite Mailoxes' -TlsSettings $null -TlsDomain $null -UseMXRecord:$false -RecipientDomains $null -SmartHosts $MxHosts
- Transport Rules are configuration objects that evaluate messages and take a predetermined action. For this configuration, we’re going to check messages as they pass through the system and redirect them to the connector that was created in the previous step if they are for one of the domains that exists in both Office 365 and G Suite. (with the exception of the members of the distribution group we created in step 2 above).
From Exchange Online PowerShell, run:New-TransportRule -SentToScope InOrganization -RouteMessageOutboundConnector 'Partner Connector to G Suite' -ExceptIfSentToMemberOf $ExceptionDG -Name 'G Suite Routing' -StopRuleProcessing:$false -Mode 'Enforce' -Comments 'Redirect in-org mail to G Suite except for members of a specific group' -RuleErrorAction 'Ignore' -SenderAddressLocation 'Header' -SetSCL '-1'
Issue 5: I’ve done all this, but my users are prompted to select a Time Zone when scheduling a Teams meeting
For any of your provisioned mailboxes, you may want to configure the Mailbox Regional Configuration settings to reduce the number of steps a user must perform when scheduling a meeting. The mailbox regional configuration is selected by the user the first time they log into Outlook Web App. Since you’ve blocked that for users, they’ll never have the opportunity to set it.
Resolution
You can configure it for a single user:
Set-MailboxRegionalConfiguration -identity <User> -Language <Language Code # or Culture Class> -TimeZone <Display Name of TimeZone>
For example, if you want to set the mailbox configuration for English language in the Eastern time zone:
Set-MailboxRegionalConfiguration -identity <User> -Language 1033 -TimeZone "Eastern Standard Time"
To bulk apply settings across your Office 365 tenant:
Get-Mailbox -ResultSize Unlimited | Set-MailboxRegionalConfiguration -Language <Language Code # or Culture Class> -TimeZone <DisplayName of TimeZone>
Language Values
The possible values for the Language parameter (based on the Microsoft Locale ID values table):
| Language (Locale) | Code |
|---|---|
| Arabic (Algeria) | 5121 |
| Arabic (Bahrain) | 15361 |
| Arabic (Egypt) | 3073 |
| Arabic (Iraq) | 2049 |
| Arabic (Jordan) | 11265 |
| Arabic (Kuwait) | 13313 |
| Arabic (Lebanon) | 12289 |
| Arabic (Libya) | 4097 |
| Arabic (Morocco) | 6145 |
| Arabic (Oman) | 8193 |
| Arabic (Qatar) | 16385 |
| Arabic (Saudi Arabia) | 1025 |
| Arabic (Syria) | 10241 |
| Arabic (Tunisia) | 7169 |
| Arabic (U.A.E.) | 14337 |
| Arabic (Yemen) | 9217 |
| Basque | 1069 |
| Bulgarian | 1026 |
| Catalan | 1027 |
| Chinese (Hong Kong S.A.R) | 3076 |
| Chinese (Macau S.A.R) | 5124 |
| Chinese (People’s Republic of China) | 2052 |
| Chinese (Singapore) | 4100 |
| Chinese (Taiwan) | 1028 |
| Croatian | 1050 |
| Czech | 1029 |
| Danish | 1030 |
| Dutch (Belgium) | 2067 |
| Dutch (Netherlands) | 1043 |
| English (Australia) | 3081 |
| English (Belize) | 10249 |
| English (Canada) | 4105 |
| English (Caribbean) | 9225 |
| English (Ireland) | 6153 |
| English (Jamaica) | 8201 |
| English (New Zealand) | 5129 |
| English (Republic of the Philippines) | 13321 |
| English (South Africa) | 7177 |
| English (Trinidad) | 11273 |
| English (United Kingdom) | 2057 |
| English (United States) | 1033 |
| English (Zimbabwe) | 12297 |
| Estonian | 1061 |
| Filipino (Philippines) | 1124 |
| Finnish | 1035 |
| French (Belgium) | 2060 |
| French (Canada) | 3084 |
| French (France) | 1036 |
| French (Luxembourg) | 5132 |
| French (Principality of Monaco) | 6156 |
| French (Switzerland) | 4108 |
| German (Austria) | 3079 |
| German (Germany) | 1031 |
| German (Liechtenstein) | 5127 |
| German (Luxembourg) | 4103 |
| German (Switzerland) | 2055 |
| Greek | 1032 |
| Hebrew | 1037 |
| Hindi | 1081 |
| Hungarian | 1038 |
| Icelandic | 1039 |
| Indonesian | 1057 |
| Italian (Italy) | 1040 |
| Italian (Switzerland) | 2064 |
| Japanese | 1041 |
| Kazakh | 1087 |
| Korean | 1042 |
| Latvian | 1062 |
| Lithuanian | 1063 |
| Malay | 1086 |
| Norwegian (Bokmål) | 1044 |
| Persian | 1065 |
| Polish | 1045 |
| Portuguese (Brazil) | 1046 |
| Portuguese (Portugal) | 2070 |
| Romanian | 1048 |
| Russian | 1049 |
| Serbian (Cyrillic) | 3098 |
| Serbian (Latin) | 2074 |
| Slovak | 1051 |
| Slovenian | 1060 |
| Spanish (Argentina) | 11274 |
| Spanish (Bolivia) | 16394 |
| Spanish (Chile) | 13322 |
| Spanish (Colombia) | 9226 |
| Spanish (Costa Rica) | 5130 |
| Spanish (Dominican Republic) | 7178 |
| Spanish (Ecuador) | 12298 |
| Spanish (El Salvador) | 17418 |
| Spanish (Guatemala) | 4106 |
| Spanish (Honduras) | 18442 |
| Spanish (Mexico) | 2058 |
| Spanish (Nicaragua) | 19466 |
| Spanish (Panama) | 6154 |
| Spanish (Paraguay) | 15370 |
| Spanish (Peru) | 10250 |
| Spanish (Puerto Rico) | 20490 |
| Spanish (International Sort) | 3082 |
| Spanish (Traditional Sort) | 1034 |
| Spanish (Uruguay) | 14346 |
| Spanish (Venezuela) | 8202 |
| Swedish (Finland) | 2077 |
| Swedish (Sweden) | 1053 |
| Thai | 1054 |
| Turkish | 1055 |
| Ukrainian | 1058 |
| Urdu | 1056 |
| Vietnamese | 1066 |
You can also use the corresponding culture value pairs, such as en-us.
Pro tip: If you’re setting the Language value to a non-English language, you can also use the -LocalizeDefaultFolderName switch parameter to update the names of the default folder (Inbox, Calendar, Sent Items, etc).
TimeZone values
The possible values for the TimeZones parameter can be retrieved using the following command from a PowerShell console:
$TimeZone = Get-ChildItem "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\Time zones" | foreach {Get-ItemProperty $_.PSPath}; $TimeZone | sort Display | Format-Table -Auto @{L="TimeZoneName";E={$_.PSChildname}},Display
Use the value in the TimeZone column in the Set-MailboxRegionalConfiguration -Timezone parameter.
| TimeZone | Display |
|---|---|
| UTC | (UTC) Coordinated Universal Time |
| GMT Standard Time | (UTC+00:00) Dublin, Edinburgh, Lisbon, London |
| Greenwich Standard Time | (UTC+00:00) Monrovia, Reykjavik |
| Sao Tome Standard Time | (UTC+00:00) Sao Tome |
| W. Europe Standard Time | (UTC+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna |
| Central Europe Standard Time | (UTC+01:00) Belgrade, Bratislava, Budapest, Ljubljana, Prague |
| Romance Standard Time | (UTC+01:00) Brussels, Copenhagen, Madrid, Paris |
| Morocco Standard Time | (UTC+01:00) Casablanca |
| Central European Standard Time | (UTC+01:00) Sarajevo, Skopje, Warsaw, Zagreb |
| W. Central Africa Standard Time | (UTC+01:00) West Central Africa |
| Jordan Standard Time | (UTC+02:00) Amman |
| GTB Standard Time | (UTC+02:00) Athens, Bucharest |
| Middle East Standard Time | (UTC+02:00) Beirut |
| Egypt Standard Time | (UTC+02:00) Cairo |
| E. Europe Standard Time | (UTC+02:00) Chisinau |
| Syria Standard Time | (UTC+02:00) Damascus |
| West Bank Standard Time | (UTC+02:00) Gaza, Hebron |
| South Africa Standard Time | (UTC+02:00) Harare, Pretoria |
| FLE Standard Time | (UTC+02:00) Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius |
| Israel Standard Time | (UTC+02:00) Jerusalem |
| Kaliningrad Standard Time | (UTC+02:00) Kaliningrad |
| Sudan Standard Time | (UTC+02:00) Khartoum |
| Libya Standard Time | (UTC+02:00) Tripoli |
| Namibia Standard Time | (UTC+02:00) Windhoek |
| Arabic Standard Time | (UTC+03:00) Baghdad |
| Turkey Standard Time | (UTC+03:00) Istanbul |
| Arab Standard Time | (UTC+03:00) Kuwait, Riyadh |
| Belarus Standard Time | (UTC+03:00) Minsk |
| Russian Standard Time | (UTC+03:00) Moscow, St. Petersburg |
| E. Africa Standard Time | (UTC+03:00) Nairobi |
| Iran Standard Time | (UTC+03:30) Tehran |
| Arabian Standard Time | (UTC+04:00) Abu Dhabi, Muscat |
| Astrakhan Standard Time | (UTC+04:00) Astrakhan, Ulyanovsk |
| Azerbaijan Standard Time | (UTC+04:00) Baku |
| Russia Time Zone 3 | (UTC+04:00) Izhevsk, Samara |
| Mauritius Standard Time | (UTC+04:00) Port Louis |
| Saratov Standard Time | (UTC+04:00) Saratov |
| Georgian Standard Time | (UTC+04:00) Tbilisi |
| Volgograd Standard Time | (UTC+04:00) Volgograd |
| Caucasus Standard Time | (UTC+04:00) Yerevan |
| Afghanistan Standard Time | (UTC+04:30) Kabul |
| West Asia Standard Time | (UTC+05:00) Ashgabat, Tashkent |
| Ekaterinburg Standard Time | (UTC+05:00) Ekaterinburg |
| Pakistan Standard Time | (UTC+05:00) Islamabad, Karachi |
| Qyzylorda Standard Time | (UTC+05:00) Qyzylorda |
| India Standard Time | (UTC+05:30) Chennai, Kolkata, Mumbai, New Delhi |
| Sri Lanka Standard Time | (UTC+05:30) Sri Jayawardenepura |
| Nepal Standard Time | (UTC+05:45) Kathmandu |
| Central Asia Standard Time | (UTC+06:00) Astana |
| Bangladesh Standard Time | (UTC+06:00) Dhaka |
| Omsk Standard Time | (UTC+06:00) Omsk |
| Myanmar Standard Time | (UTC+06:30) Yangon (Rangoon) |
| SE Asia Standard Time | (UTC+07:00) Bangkok, Hanoi, Jakarta |
| Altai Standard Time | (UTC+07:00) Barnaul, Gorno-Altaysk |
| W. Mongolia Standard Time | (UTC+07:00) Hovd |
| North Asia Standard Time | (UTC+07:00) Krasnoyarsk |
| N. Central Asia Standard Time | (UTC+07:00) Novosibirsk |
| Tomsk Standard Time | (UTC+07:00) Tomsk |
| China Standard Time | (UTC+08:00) Beijing, Chongqing, Hong Kong, Urumqi |
| North Asia East Standard Time | (UTC+08:00) Irkutsk |
| Singapore Standard Time | (UTC+08:00) Kuala Lumpur, Singapore |
| W. Australia Standard Time | (UTC+08:00) Perth |
| Taipei Standard Time | (UTC+08:00) Taipei |
| Ulaanbaatar Standard Time | (UTC+08:00) Ulaanbaatar |
| Aus Central W. Standard Time | (UTC+08:45) Eucla |
| Transbaikal Standard Time | (UTC+09:00) Chita |
| Tokyo Standard Time | (UTC+09:00) Osaka, Sapporo, Tokyo |
| North Korea Standard Time | (UTC+09:00) Pyongyang |
| Korea Standard Time | (UTC+09:00) Seoul |
| Yakutsk Standard Time | (UTC+09:00) Yakutsk |
| Cen. Australia Standard Time | (UTC+09:30) Adelaide |
| AUS Central Standard Time | (UTC+09:30) Darwin |
| E. Australia Standard Time | (UTC+10:00) Brisbane |
| AUS Eastern Standard Time | (UTC+10:00) Canberra, Melbourne, Sydney |
| West Pacific Standard Time | (UTC+10:00) Guam, Port Moresby |
| Tasmania Standard Time | (UTC+10:00) Hobart |
| Vladivostok Standard Time | (UTC+10:00) Vladivostok |
| Lord Howe Standard Time | (UTC+10:30) Lord Howe Island |
| Bougainville Standard Time | (UTC+11:00) Bougainville Island |
| Russia Time Zone 10 | (UTC+11:00) Chokurdakh |
| Magadan Standard Time | (UTC+11:00) Magadan |
| Norfolk Standard Time | (UTC+11:00) Norfolk Island |
| Sakhalin Standard Time | (UTC+11:00) Sakhalin |
| Central Pacific Standard Time | (UTC+11:00) Solomon Is., New Caledonia |
| Russia Time Zone 11 | (UTC+12:00) Anadyr, Petropavlovsk-Kamchatsky |
| New Zealand Standard Time | (UTC+12:00) Auckland, Wellington |
| UTC+12 | (UTC+12:00) Coordinated Universal Time+12 |
| Fiji Standard Time | (UTC+12:00) Fiji |
| Kamchatka Standard Time | (UTC+12:00) Petropavlovsk-Kamchatsky – Old |
| Chatham Islands Standard Time | (UTC+12:45) Chatham Islands |
| UTC+13 | (UTC+13:00) Coordinated Universal Time+13 |
| Tonga Standard Time | (UTC+13:00) Nuku’alofa |
| Samoa Standard Time | (UTC+13:00) Samoa |
| Line Islands Standard Time | (UTC+14:00) Kiritimati Island |
| Azores Standard Time | (UTC-01:00) Azores |
| Cape Verde Standard Time | (UTC-01:00) Cabo Verde Is. |
| UTC-02 | (UTC-02:00) Coordinated Universal Time-02 |
| Mid-Atlantic Standard Time | (UTC-02:00) Mid-Atlantic – Old |
| Tocantins Standard Time | (UTC-03:00) Araguaina |
| E. South America Standard Time | (UTC-03:00) Brasilia |
| SA Eastern Standard Time | (UTC-03:00) Cayenne, Fortaleza |
| Argentina Standard Time | (UTC-03:00) City of Buenos Aires |
| Greenland Standard Time | (UTC-03:00) Greenland |
| Montevideo Standard Time | (UTC-03:00) Montevideo |
| Magallanes Standard Time | (UTC-03:00) Punta Arenas |
| Saint Pierre Standard Time | (UTC-03:00) Saint Pierre and Miquelon |
| Bahia Standard Time | (UTC-03:00) Salvador |
| Newfoundland Standard Time | (UTC-03:30) Newfoundland |
| Paraguay Standard Time | (UTC-04:00) Asuncion |
| Atlantic Standard Time | (UTC-04:00) Atlantic Time (Canada) |
| Venezuela Standard Time | (UTC-04:00) Caracas |
| Central Brazilian Standard Time | (UTC-04:00) Cuiaba |
| SA Western Standard Time | (UTC-04:00) Georgetown, La Paz, Manaus, San Juan |
| Pacific SA Standard Time | (UTC-04:00) Santiago |
| SA Pacific Standard Time | (UTC-05:00) Bogota, Lima, Quito, Rio Branco |
| Eastern Standard Time (Mexico) | (UTC-05:00) Chetumal |
| Eastern Standard Time | (UTC-05:00) Eastern Time (US & Canada) |
| Haiti Standard Time | (UTC-05:00) Haiti |
| Cuba Standard Time | (UTC-05:00) Havana |
| US Eastern Standard Time | (UTC-05:00) Indiana (East) |
| Turks And Caicos Standard Time | (UTC-05:00) Turks and Caicos |
| Central America Standard Time | (UTC-06:00) Central America |
| Central Standard Time | (UTC-06:00) Central Time (US & Canada) |
| Easter Island Standard Time | (UTC-06:00) Easter Island |
| Central Standard Time (Mexico) | (UTC-06:00) Guadalajara, Mexico City, Monterrey |
| Canada Central Standard Time | (UTC-06:00) Saskatchewan |
| US Mountain Standard Time | (UTC-07:00) Arizona |
| Mountain Standard Time (Mexico) | (UTC-07:00) Chihuahua, La Paz, Mazatlan |
| Mountain Standard Time | (UTC-07:00) Mountain Time (US & Canada) |
| Pacific Standard Time (Mexico) | (UTC-08:00) Baja California |
| UTC-08 | (UTC-08:00) Coordinated Universal Time-08 |
| Pacific Standard Time | (UTC-08:00) Pacific Time (US & Canada) |
| Alaskan Standard Time | (UTC-09:00) Alaska |
| UTC-09 | (UTC-09:00) Coordinated Universal Time-09 |
| Marquesas Standard Time | (UTC-09:30) Marquesas Islands |
| Aleutian Standard Time | (UTC-10:00) Aleutian Islands |
| Hawaiian Standard Time | (UTC-10:00) Hawaii |
| UTC-11 | (UTC-11:00) Coordinated Universal Time-11 |
| Dateline Standard Time | (UTC-12:00) International Date Line West |
Issue 6: G Suite Users Receive Meeting Invitations with Blank Subjects
While working with one of my customers, an issue was raised that G Suite users were receiving meeting invitations generated by Teams with blank subject lines.
Resolution
You likely need to set the Transport Neutral Encapsulation Format (TNEF) option manually. To do so, connect to Exchange Online via PowerShell and run this:
Set-RemoteDomain -Identity Default -TNEFEnabled $false
That will update the TNEF setting for all remote domains (likely not an issue if you’re only using Office 365 for Teams meetings and collaboration features but have your mail routed to G Suite).
Issue 7: Meetings scheduled in Teams don’t show up on Organizer’s G Suite calendar
This one is a bit more tricky. When you are scheduling a meeting via Outlook, the invitees are sent an an invitation email. As the organizer, however, no email is ever generated–the meeting just “shows up” in your calendar. So, since no meeting email is sent to the organizer, there’s nothing in the transport pipeline that will get delivered to the G Suite external mailbox.
The easiest way to work around this is to use Outlook with the Teams Plug-In to schedule the meeting. Outlook can be configured with the local G Suite mailbox, but the Teams plug-in will connect to Exchange Online. Outlook will create the meeting in the “local” G Suite calendar and the Teams plug-in will handle the meeting invitation links for the rest of the users.
Automation
Some of these settings (like mailbox regional configuration and enabled protocols) are per-mailbox settings, which means you need to redo them on a regular bases as you onboard more mailboxes.
You can use Azure Automation to help with this. After assigning users licenses with Group-based Licensing as I recommend earlier in this post, you could use my Azure Automation blog post to help configure additional settings:
You’ll want to make sure you install the SharePoint Online and Exchange Online modules and tidy up your code for connecting to both of those and that you’ve created an automation credential. In this example, my Office 365 service credential object is called the very original Office365ServiceAccount-Credential. I’m going to be configuring all mailboxes with the English locale and the Eastern time zone.
Then, something like this as part of your script:
$Credential = Get-AutomationPSCredential -Name "Office365ServiceAccount-Credential" $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Credential -Authentication Basic -AllowRedirection Import-PSSession $Session -DisableNameChecking -Name ExSession Connect-SPOService -Url https://<tenant>-admin.sharepoint.com -Credential $Credential $Date = (Get-Date).AddDays(-2) $Users = (Get-Mailbox -Filter "WhenMailboxCreated -gt '$Date'").PrimarySmtpAddress # Update user settings Foreach ($User in $Users) { # Block access to mailbox Set-CasMailbox -UniversalOutlookEnabled $false -OutlookMobileEnabled $false -MacOutlookEnabled $false -EwsAllowOutlook $false -EwsAllowMacOutlook $false -EwsAllowEntourage $false -MAPIEnabled $false -OWAEnabled $false -ImapEnabled $false -PopEnabled $false -ActiveSyncEnabled $false # Update Exchange Regional Settings Set-MailboxRegionalConfiguration -Identity $User -Language 1033 -TimeZone "Eastern Standard Time" # PreProvision User OneDrive site Request-SPOPersonalSite -UserEmails $User }
Go forth.
