Yesterday, I needed to help configure a SharePoint Server 2019 User Profile service to import from local Active Directory using the native SharePoint Active Directory Import.
In order to perform Active Directory Import, the service account you specify must have Replicating Directory Changes permissions.… [ Continue reading ]
Yesterday, a peer brought an interesting problem to me:
His customer had been storing data in the on-premises msExchExtensionCustomAttribute properties for users and wanted to be able to use that data in Exchange Online for filtering and dynamic group membership.… [ Continue reading ]
Today, I was asked about manually disabling the Skype of Business Outlook plug-in for a customer where users have both Skype and Teams clients and are configured in Islands mode.
This is what I came up with. … [ Continue reading ]
Today, while working with my esteemed colleague Stephen Jones, we were discussing a need for some of our customers to auto-answer Teams with a video call. This has a lot of practical scenarios, such as judicial, hospital, and corrections facilities.… [ Continue reading ]
This week, I’ve got a few updates for the AAD Network Communications Test!
- I’ve moved it to the PowerShell Gallery. You can now install it with PowerShellGet by using the command:
Install-Script -Name AADConnect-CommunicationsTest
- I’ve updated the GCC High and DOD endpoints to the best of my ability (I’m always looking for feedback on this, so if you have new endpoints, be sure to connect with me!)
… [ Continue reading ]
This week, I needed to figure out how to use a group Managed Service Account for an on-premises data gateway cluster. Our documentation says you can do it, but the traditional methods for using a gMSA (i.e.,… [ Continue reading ]
Last week, I began working with a customer that was experiencing what appeared to be a significant amount of updates to a certain group of objects in the local Active Directory. These objects were being imported from another forest as contacts, yet found themselves being updated very frequently by the local AAD Connect instance.… [ Continue reading ]
With the rise of stay-at-home orders due to COVID-19 over the past several weeks, I’ve engaged with many customers who want to use Microsoft Teams to as part of their work-from-home tool set. Many of my customers have investments in both Microsoft Office 365 as well as Google G Suite or Google Apps (frequently with other third-party IdP, metadirectory, and federation services thrown in the mix), so it’s not always just as easy as “flipping a switch.”… [ Continue reading ]
I was installing a new SharePoint Server 2019 farm and after applying all updates and configuring the SharePoint Products Wizard, I restarted my servers a final time and logged on, only to find that I couldn’t access the SharePoint Products Wizard anymore.… [ Continue reading ]
While working on a script for an upcoming project, I wanted to test for the presence of various Office versions, including 32-bit and 64-bit components before initiating setup. Here’s one way I found:
SET CURRLOCATION32="C:\Program Files (x86)\MicrosoftOffice\root\Office16"
SET CURRLOCATION64="C:\Program Files\MicrosoftOffice\root\Office16"
SET PREV1LOCATION32="C:\Program Files (x86)\MicrosoftOffice\root\Office15"
SET PREV1LOCATION64="C:\Program Files\MicrosoftOffice\root\Office15"
SET PREV2LOCATION32="C:\Program Files (x86)\MicrosoftOffice\root\Office14"
SET PREV2LOCATION64="C:\Program Files\MicrosoftOffice\root\Office14"
REM Check for 64-bit versions
IF EXIST ""%CURRLOCATION64%\MANIFEST.XML""
… [ Continue reading ]
A new year, a new test!
While troubleshooting a few installation and update issues, I noticed that the endpoints list was a smidgen out of date, so I’ve updated that. For this update, I attached Fiddler (http://www.telerik.com/Fiddler… [ Continue reading ]
This afternoon, while working on my upcoming book for the MS-300 exam, I was attempting to sign into SharePoint Online via PowerShell and encountered this moderately cryptic message:
Cannot contact web site 'https://tenant-admin.sharepoint.com/' or the web site does not support SharePoint Online
… [ Continue reading ]
My colleague Andreas asked today for some help troubleshooting an issue he’d run into with the Create-LabUsers script failing while using the InflateMailboxes parameter.
The problem ended up being three-fold:
- I had some pre-populated user names that had spaces in them
- I hadn’t trimmed the spaces out when constructing the SMTP address (although I had for the UPN)
- I didn’t test for a valid RFC sender address when constructing the mail
So, all of those things together conspired to generate errors whenever some of those user names were hit. … [ Continue reading ]
I couldn’t really come up with a cool-sounding title for this post, so I just went with the basics of what it does.
Last week, I worked with a customer that wanted to deploy custom retention labels to custom folders inside a user’s mailbox–the idea being that they would create a custom folder structure such as this under a user’s Inbox:
\Inbox\Retention Schedule\2 Year (apply a 2-year retention label to everything in this folder)
\Inbox\Retention Schedule\4 Year (apply a 4-year retention label to everything in this folder)
\Inbox\Retention Schedule\7 Year (apply a 7-year retention label to everything in this folder)
\Inbox\Retention Schedule\Forever (apply a ‘Never delete’ retention label to everything in this folder)
Seems easy enough, right? … [ Continue reading ]
Yes. I said it.
Someone needed to put a line in the sand and today, that person is me. I’m going to say these are some best practices.
But of course, your mileage may vary, depending on your type of organization (users at a local bank or city government will have different threats presented to them than an engineering firm with international customers, for example). … [ Continue reading ]
Here’s a fun one … Disabling Teams auto-startup. Imagine this scenario:
- You haven’t trained your service desk on how to answer/troubleshoot/manage Teams help desk calls
- You’ve configured restrictions on who can create Teams
- You’ve deployed the new Office ProPlus update with Teams integrated.
… [ Continue reading ]
Based on some user feedback, I’ve made the following modifications to the OneDrive for Business Admin Tool:
- Fixed a reference to the original function name for FolderToDelete
- Added verbiage referencing the -Confirm parameter when using FolderToDelete parameter
- Tidied up code indentations to make it more readable
I’ve got some additional feedback that I will incorporate as well (once I figure out how to do it).… [ Continue reading ]
A few weeks ago, I ran into an issue with a customer. Scenario:
- Customer had configured alternate-id sign in with AAD Connect (the gist is that it flows on-premises mail to cloud UPN)
- Synced identity to tenant
- Tenant did not have any verified domains
As expected, without a matching verified domain in the tenant, UPN suffixes in the tenant were actually set as @tenant.onmicrosoft.com. … [ Continue reading ]
OneDrive for Business is, from my perspective, one of the most under-utilized but benefit-rich parts of the Office 365 platform, allowing organizations (especially organizations that subscribe to the E3 or higher SKU) virtually unlimited storage, versioning, and recovery capability for their file-based storage.… [ Continue reading ]
As you may have figured out from the title, I’ve got a guest post today. Jorge Lopez is a Premier Field Engineer, and has spent a lot of time in the trenches with Windows, AD, and Azure AD, and currently works helping customers resolve hybrid identity issues. … [ Continue reading ]