I had an interesting request from a customer the other day where they were synchronizing Active Directory into two disparate environments–Office 365 and another hosted Exchange environment. In their new Office 365 environment, they didn’t want any address proxies matching a particular pattern to be part of a user’s proxyAddress array–BUT–they also didn’t want to remove them from their on-premises accounts since they are being used by their other hosting environment as an application routing address.… [ Continue reading ]
There is perpetually a lot of angst around licensing users for Office 365 workloads. Most of my customers over the years have wanted to ease into deployment, only enabling certain services at a time. Of course, as an evergreen service, we are always adding features, leading to new service plans to disable as you discover them.… [ Continue reading ]
A few weeks ago, I saw something come up for a peer that needed a way to manage the maximum number of ActiveSync devices that a user had connected in Office 365. Using only native Exchange policies, we can’t do that (MDM solutions solve this problem by manning the Exchange ActiveSync quarantine). … [ Continue reading ]
I’ve run into this delightful scenario a few times–the network team generates CSRs and certificates for the environment, and since they want to do SSL termination on their network devices, complete the certificate process there. When you ask for an export of the certificate from, say, an F5, they will just give you the unsigned certificate–so that when you import it into your server, you end up with something unusable, since it has no private key.… [ Continue reading ]
Frequently, I am asked to make changes to a customer's environment. I'm a belt and suspenders kind of guy, so my backups have backups. At any rate, normally when I am performing changes in a tenant (or Exchange on-premises environment, for that matter), I make two sets of backups–one by piping a Get-cmdlet to Export-CSV (so I have a readable copy), and one by piping the same Get-cmdlet to Export-Clixml (so I have a way to set the nodes as parameters and import them back).… [ Continue reading ]
Another blog on customizing the PowerShell console? Really?
Yes. This is actually what I use on a day-to-day basis as a consultant managing many projects at once. I find that I’m usually running various PowerShell sessions concurrently and having to keep which one is which can be difficult without having to stop and check which server or Office 365 tenant I’m connect to, or what type of activity I’m performing.… [ Continue reading ]
If you’ve ever wanted to add columns for unlisted attributes to Active Directory Users and Computers, you’ve been out of luck without editing the displaySpecifiers manually.
Until I had enough of it.
How does it work? I’m so glad you asked. … [ Continue reading ]
Today, one of my consultant peers posed a problem to me: a customer wanted to import all PSTs into Office 365 archives, but in order to do that, had to disconnect them from the user’s default Outlook profile.
Fortunately, you can expose a number of methods and properties from the Outlook ComObject inside PowerShell, so this wasn’t terribly difficult (although, I’m still trying to figure out how to do this against all Outlook profiles configured).… [ Continue reading ]
This tool has been updated with new options. See https://www.undocumented-features.com/2017/10/19/update-to-wipe-exchange-online-mailbox-script/.
Periodically over the years, I’ve run into content problems trying to migrate data to Exchange Online using third-party migration tools–they somehow get stuck, don’t like something existing in the destination mailbox (or didn’t write it properly in the first place) and you need a clean mailbox to restart the process. … [ Continue reading ]
If your organization is like a lot of them out there, you have mailbox users without the email address policy applied. It’s a pretty common practice to work around name changes, users with similar names or middle initials, or one-off primary SMTP addresses.… [ Continue reading ]
From time to time, an issue that crops up during Exchange or Office 365 migrations is the dreaded “insufficient access rights:”
It’s commonly manifested like this (though I have seen it displayed other ways as well):
Warning: Unable to update Active Directory information for the source mailbox at the end of the move.… [ Continue reading ]
While troubleshooting a Password Hash Sync issue with a customer, I found myself needing to trigger a full password hash sync for various connectors. Password Hash Sync is a separate process from the AADSync process. It’s not a difficult process, but becomes time consuming (especially if you have a lot of connectors from which to choose).… [ Continue reading ]
When we talk about Office 365 services with our customers, a lot of the discussion revolves around the networking components. While we generally have a “good idea” of networking, we’re not experts in your technology and will frequently tell you to go talk to your vendors. … [ Continue reading ]
For most of our large enterprise, commercial, and government customers, an Exchange hybrid environment provides a validated and supported method for deploying, migrating, and managing both an on-premises Exchange organization as well as Office 365.
In some cases, though (such as migrating from a hosted platform or other 3rd-party products that don't have Active Directory integration), you may not need everything hybrid provides or may not have a need to support the infrastructure migrating mailboxes cross-premises. For that, I've created a tool to help accelerate configuring Exchange to set and manage attributes and enable-cmdlets (such as Enable-RemoteMailbox).… [ Continue reading ]
So your company just bought another company. Or you’re moving to Exchange Online. Or you registered a new domain. Any reason, really, that you could want an email address template added to all of your Email Address Policies.
Not so bad if you have one or two policies But what if you have 10? … [ Continue reading ]
Ever since the advent of DirSync, you’ve been able to add a picture’s binary content to the thumbnailPhoto attribute in AD and synchronize it to Office 365. This blob would be rendered as a photo next to the user’s name in Outlook, OWA, and Lync. … [ Continue reading ]
From time to time, we update the URLs and IP addresses that our services use. This happens as a normal course of business (deploying new services, adding new capacity in datacenters or regions). If your organization is trying to filter network traffic, you need to make sure you are allowing your users to these services. … [ Continue reading ]
*UPDATE* We have deprecated the Service Health Dashboard RSS Feed. For service health updates, you can go to https://portal.office.com/adminportal/home#/servicestatus.
Periodically, services in Office 365 may become affected by a number of things (network availability, regional network disruptions, upgrades to the service environment, etc).… [ Continue reading ]