ExchangeNerd

Powered by Ed Buford and Coffee

Category: Office 365

Disabling the URL Preview in Office 365 email using PowerShell

You can quickly disable the Link Preview in Office 365 for a single user setting the LinkPreviewEnabled attribute to $false when you type: 

Get-MailboxMessageConfiguration –identity ebuford –LinkPreviewEnabled $false

You can also do this for All your users if you like by getting all the mailboxes and setting them at once:

get-mailbox | Set-MailboxMessageConfiguration -LinkPreviewEnabled $false

SBS 2011 Exchange Hybrid with Office 365

SBS 2011 Exchange Hybrid – don’t bother

The short answer is you can’t do it.

Ok that might not be enough for you so let me give you a longer answer which I hope will satisfy you and if doesn’t then good luck and God Speed!

So here’s what you’re going to hear: SBS 2010 has Exchanger 2010 on it and all you have to do is make sure it’s on SP3 and you can run the Hybrid Configuration Wizard. While this is true enough you can run the HCW you can’t however connect your Exchange server to another forest which is essentially what you’re doing when you Add the Exchange Forest.

hybrid

When you go to add that Exchange Forest you’re going to start to run into issues even though you were able to run the HCW.

Notice from this next screenshot you’re getting an error message complaining about the WinRM client and all that jazz but also notice you can’t change the domain… no matter what you do here you can’t… Which means you can’t log into Office 365 which means this will not work.

Hybrid1

I worked with a great engineer from Microsoft and between the two of us we put in way more time than we should have on this issue simply because the documentation isn’t out there that says you CAN’T do it… well here it comes. Sadly it’s not a lot of documentation but if there was enough documentation on this I would not be writing this post…

So here is the story:

You can’t add the Exchange forest because SBS 2011 won’t allow an Inter-Forest Trust

Hybrid2

Here is a link to the document SBS 1011 FAQ the screenshot above is from Page 4.
I hope this saves you the hours of time it cost me.

[Top]

Office 365 has wrong email address Part 2

In the post:  Office 365 has wrong email address Part 1 I covered the issue of not being able to set the Email Address of a user who is being managed by Active Directory On-Prem. If you  doesn’t have a Hybrid Exchange server to set email attributes you will need to do that manually.  If any of this confuses you please jump back to Part 1 and make sure you get

what’s happening.

There are a number of scenarios of what you’re going to see when you dig into the ProxyAddresses attribute of a user. You may see an X.500 record, you may see something like the UPN that you don’t want to have. For my test domain it would like like this highlighted address:

2015-04-05_08h59_29

You can see by the way it is being formatted the address is the users UPN (User Principle Name) as it includes the full domain suffix: Corp.ExchangeNerd.com
Now I really don’t want to get too deep into the UPN but if you find you need it to get going you can leave a comment and I’ll try to answer it for you.

Getting back to the issue at hand how to change Primary Email Address of the a bunch of users at one time.  Leaving behind UPN and Domain Suffixes I’m just going to Add Primary Email addresses and figure the rest out later. In order to do that for my users I built a CSV file that has two columns The SAM Account Name and the Email Address I want my users to have.  I called this file HerosProxyAddress.csv and placed it in a folder called source on the C:\ drive.  Here’s a screen shot of what my CSV file looks like,

2015-04-05_09h12_52

Using these two columns I am able to create a quick PowerShell script to add the email address of each of the users.

Import-module ActiveDirectory $Users = Import-Csv -Path "C:\source\HerosProxyAddress.csv" foreach ($User in $Users) { $ProxyAddress = "SMTP:" + $user.'EmailAddress' Set-ADUser -identity $User.'sAMAccountName' -Add @{ProxyAddresses = $ProxyAddress} }

Copy this code into Notepad and save it with a .ps1 extension.  I saved mine as ChangeProxyAddress.ps1

Now on the domain controller I opened PowerShell as the Administrator and navigate to the place where I saved my PowerShell script.  Then  type:  .\ChangeProxyAddress.ps1

Before you try this on a lot of users I’d encourage you to test this on a couple of test users to make certain it works correctly for you.

Once you change the user attributes in Active Directory you’ll need to go to your DirSync server and load the DirSync PowerShell module. Now run the Start-OnlineCoexistenceSync with the –FullSync to make sure you get the attributes pushed out to the Cloud.

There is a lot more to talk about on this topic and there are a couple other ways we could tackle this script and at least one more script to write to Solve adding one user at a time.
So be on the lookout for Part 3.

[Top]

Office 365 has wrong email address Part 1

Lately this has come up a couple of times and I haven’t had too much time to set down and figure it out so today I thought I’d take the time to document the issues and a way to fix it.

When you set up DirSync from Active Directory to Office 365 without a hybrid Exchange server you’re faced with a problem: How do you set the Email address of the users?

When you use DirSync you can’t set the Office 365 email address out in the Cloud because it is being managed from Active DIrectory. If you don’t have a Hybrid Exchange configuration you don’t have any place to set the Email Address so when you go to Office 365 the email address will look like this: ebuford@ExchangeNerd.OnMicrosoft.com
So the question is how do I get rid of the OnMicrosoft.com part of the email address.

In order to answer the question above we have to understand that the problem comes from Active Directory not Office 365.  Since we’re using DirSync to send the Active Directory Attributes to Office 365 we need to have the Primary SMTP address set in AD. To Set the Primary SMTP address for a user in AD you need to edit ProxyAddresses Atrribute for the user AND you need to make sure the Primary Email address has the prefix of SMTP:
Just like you see it below.

2015-04-04_20h45_58

Now you can go about manually adding this address to each user in Active Directory but if you have a lot of users you’ll probably start hating life pretty quickly. So in Part 2 we’ll look at some code to Automate this process.

[Top]

Office 365 PowerShell

So you’ve setup Office 365 in the Cloud – Let me be the first to congratulate you!
Kudos!   Now that that’s over you need to connect your workstation to it using PowerShell, so let’s get started.
You need to download and install a couple of files the first one is the Microsoft Online Services Sign-In Assistant for IT Professionals, download it here.

Once that is installed you need to install the Windows Azure AD Module. Go here and choose your OS (32 or 64 bit). Download and install the Module and you’re ready to get started.

Now all you have to do is connect your workstation to Office 365. Open PowerShell and type these commands:

Import-module MSOnline

This will import the Module you’ll need to make a connection to the Office 365

$Cred = Get-Credential

This will pop up a credentials box for you to put your Administrator UPN for Office 365 in.

Creds

Next create a new session based on your credentials:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $Cred -Authentication Basic –AllowRedirection

You’ll get a warning to tell you that you’re being redirected

Session

Now Import a new PSSession based on the session you just created in the cloud.

connect-msolservice -credential $cred

And finally connect to the MS Online Service:

connect-msolservice -credential $cred

So to see the commands available now type:

Get-Command -Module msonline

[Top]

Configuring an Onsite Relay for Office 365

Moving to the cloud comes with a lot of things no one ever thinks about.  One of those things is SMTP traffic from Printers, Network Monitors and Line of Business apps that have been sending mail straight to an Exchange server for the past decade (or longer). SO what do you do with that SMTP traffic to get it up to Office 365?

Well, the best and most reliable way to do this by setting up an IIS SMTP Relay. To do this from the Windows world your choice is to use an IIS 6 SMTP configuration.  A good server to do this from would be your DirSync Server.
Here’s what you need to know to do it:

First in Office 365 you’ll need to configure a connection to your On-Premise connection.  So log into your Office 365 Admin Portal and choose Exchange. From the list on the left choose Mail Flow and then choose Connectors from the options and create a new Inbound Connector:
Be certain to add the IP that your server purports to be an easy way to see that is http://www.whatismyip.com 

Make the connector an On-Premises connector and then add your Domain and make certain you set it to Opportunistic TLS.

O365Connector

Once you’ve created the connector you’ll need to setup IIS 6.

In Server Manager Add a new Feature. In the list check the box for SMTP. It will pop up a box with everything you need for SMTP.

SMTP_!!S

Once this installs go to the Administrative tools and Launch IIS 6.0 Manager.

IIS6

If you click on Domains you’ll see the domain will become the FQDN of the server itself. I recommend that you right click on this and change to an HostName.Domain.Onmicrosoft.com for good measures.  Now add a new REMOTE Domain by right clicking Domains and selecting New.  Now choose your new domain from the list and right click for Properties.

Check the box to allow Incoming mail to be relayed

And then click OK

RelayDomain

Now right click the SMTP Server name and choose properties from the list.  Click the Connection button and from there select the Radio button for Only the list below and add IP addresses for each device you want to relay email for.

Access

The Default IIS Outbound connection is Port 25 so you don’t have to do anything there.
It is best practice to use TLS as a connection so under the Delivery Tab choose Outbound Security make sure Anonymous Access and TLS are both selected

Outbound

After you make any changes to an SMTP Virtual server you need to stop and restart it.
Do this by right clicking the SMTP Virtual Server in the Navigation pane and choosing stop.
Once it’s stopped right click and start it.

Now test it you should be able to see mail going into and out of the Mailroot Queue:

MailRoot

[Top]

Office 365 Public Folder Migration

I was working in a Hybrid Exchange Deployment of Office 365 this past week and came across a few issues with the documentation from Microsoft so I thought I’d point out a couple of issues.

The first issue I ran into was locating the correct scripts to make it work. When you look at this documentation on Public Folder Migration you’ll be hard pressed to actually find a link that will help you download anything: http://technet.microsoft.com/en-us/library/jj983799(v=exchg.150).aspx

But all in all that document is what you MUST work out of to make this public folder migration work.

If you go out to the Download center and search for the Public Folder Migration Scripts you’ll find that the download is missing a couple of the scripts you need to make this work but download these anyway because you will need these anyway: http://www.microsoft.com/en-us/download/details.aspx?id=38407

You’ll also want to download these scripts because these include the ones missing from the above scripts link: http://www.microsoft.com/en-us/download/details.aspx?id=38408

As I worked through a couple other issues I had with the documentation I stumbled on a couple of other things – first this:
“PublicFolderDestination_78c0b207_5ad2_4fee_8cb9_f373175b3f99”
From the code below left me scratching my head – However in the end it does work even though I could not find out what boilerplate the code is form. 
Make certain when you run this you use the DomainName.OnMicrosoft.com and not just your DomainName.Com

New-AcceptedDomain -Name "PublicFolderDestination_78c0b207_5ad2_4fee_8cb9_f373175b3f99" -DomainName contoso.onmicrosoft.com -DomainType InternalRelay 

During the Start the Migration Request phase of the process I collected all the information and ran the request in Step 6 and started getting errors with this heading:
MapiExceptionNoAccess: Unable to make connection to the server. (hr=0x80070005, ec=-2147024891)
At first I started to despair and then while I stared it I realized the command

New-PublicFolderMigrationRequest -OutlookAnywhereHostName: $source_OutlookAnywhereExternalHostName -CSVData (Get-Content <folder_mapping.csv> -Encoding Byte) -RemoteCredential: $source_credential -RemoteMailboxLegacyDN: $source_remoteMailboxLegacyDN -RemoteMailboxServerLegacyDN: $source_remotePublicFolderServerLegacyDN -AuthenticationMethod Basic

While looking at this I began to realize the -AuthenticationMethod Basic was the cause and although the documentation didn’t give me a good clue it did hit me that the Auth was for Outlook Anywhere which was part of the collection of information to build the request. Since OA was NTLM not Basic I reran the request with NTLM at the end and it worked.

Once I got it kicked off I wanted to be able to see the percent complete when looking at the request so I ran this command to see that:

Get-PublicFolderMigrationRequest | Get-PublicFolderMigrationRequestStatistics -IncludeReport | FL Statusdetail,percentcomplete

The final thing I ran into was an error after I started the finalization  where the Status Detail was the StatusDetail was StalledDueToMailboxLock
StatusDetail    : StalledDueToMailboxLock
PercentComplete : 95

After some searching I came up with the solution of restarting the information store on the Legacy Exchange server. Once I did that shortly afterwards the Status moved to Completion and then finished.

One resource which helped me a considerable amount was the Microsoft Exchange 2013 Cookbook from  Michael Van Horenbeeck. Although it is not aimed at Office 365 I’ve used this to migrate Public Folders to Exchange 2013 servers and was able to glean enough from it to ease the pain of the unclear Microsoft Documentation.

[Top]