HCW8078 – Migration Endpoint could not be created

HCW8078 – Migration Endpoint could not be created

Quicktips: Notes from the field

While running the Exchange Hybrod Configuration Wizard I ran in the following issue;

HCW8078 – Migration Endpoint could not be created
Microsoft.Exchange.Migration.MigrationServerConnectionFailedException
The connection to the server ‘http://mail.domain.com’ could not be complete

This issue is a known issue to Microsoft and the resolution is the good old “Have you tried turning it off and on?”

The It Crowd Chris Odowd GIF - Find & Share on GIPHY

The resolution was to Disable MRSProxyEnabled, this can be easily completed for all servers using;

Get-WebServiceVirtualDirectory | Set-WebServiceVirtualDirectory -MRSProxyEnabled $False

Get-WebServiceVirtualDirectory | Set-WebServiceVirtualDirectory -MRSProxyEnabled $True

This script will need to repeat this process for all your servers where MRSProxy is being used.
Invoke-Command -ComputerName Server1 -ScriptBlock {iisreset /restart}

Once you have completed the below steps you will be able to successful rerun the Hybrid Configuration Wizard without any errors

Regards
The Author – Blogabout.Cloud

Exchange Online: You can’t use the domain because it’s not an accepted domain for your organization

Exchange Online: You can’t use the domain because it’s not an accepted domain for your organization

One of the gotchas you may encounter when migrating mailboxes to Exchange Online is none registered Accepted Domains in Exchange Online. For example you may encounter the below error;

ERROR: Migration Permanent Exception: You can’t use the domain because it’s not an accepted domain for your organization –> You can’t use the domain because it’s not an accepted domain for your organization.

This maybe due to an email alias on a particular mailbox or all your organisation mailboxes due to an Email Address Policy. When migration to Exchange Online on you need to register all your accepted domains and remove any that may cause you the above issue.

In my case, I had domain.com registered with EXO but not extension.domain.com, as the alias was a legacy address you could be removed from the mailbox either using the Exchange Management Console or my favourite utility PowerShell.

Please ensure that Azure Active Directory has synchronize this change to your mailbox

Set-Mailbox <identity> -EmailAddresses @{remove=”<E-mail address>”}

Regards

The Author – Blogabout.Cloud


Configuring Data Loss Prevention for Microsoft Teams

Configuring Data Loss Prevention for Microsoft Teams

Data Loss Prevention has now been included into Microsoft but being a Skype for Business consultant have you ever configured DLP? Probably not.

So this post will look how it is configured from Start to Finish so let’s start with the standard prerequisites;

  • Office 365 Global Administrator Account

Launch Microsoft 365 Admin Center –> Select Security from under Admin Center

Admin Center

Click “More resources” and Open for Office 365 Security and Compliance Center

Click Data Loss Prevention –> Click Policy –> Click Create a policy

Data Loss Prevention

For the purpose of this post I will be creating a policy for covering UK National Insurance Numbers / Passport Numbers. DLP has a list of generic policies or you can configure a custom policy

Select –> Privacy –> Select UK Personally Identifiable Information (PII) Data –> Click Next

Polices

Click Next

Create Policy

At this stage you can select if you want to configure this policy for Exchange email, Microsoft Teams chat and channel messages, OneDrive and SharePoint Documents or specify a subset of services.

Select your required option –> Select Next

Microsoft Teams or All

Example of specifying a subset of services, at this stage you can also Include/Excludes Groups, Accounts and Sites.

Select options

Select Find content that contains

For this post, I am looking for PII data that is being shared outside my organisation.

Select Next

Configure Policy

Using the default options here but you can configure option to send incident report to a Distribution List or individuals.
Select Next

Configure Policy

Select “I’d like to test it out first” or Yes, turn it on right away. This is depending if your organisation is ready for the big switch on. The tenant being used in this post is a test tenant will small amount of users.

Press Next

Configure policy

Review your configured settings –> Select Create

Review

Testing – DLP for Micorsoft Teams

So like with all things Microsoft, we have to wait for replication to take place before we can really start testing DLP. Please dont expect your change to work straight away as its needs to work its way through the big Microsoft cloud.

Email Notification that NINO Number has been shared using Microsoft Teams
Warning Message to the User that sent the NINO Number
Email Notification that NINO Number detected in Exchange

So its safe to say DLP is now working within my tenant.

Regards

The Author – Blogabout.Cloud

Import Exchange PowerShell Module into your PowerShell ISE console

Import Exchange PowerShell Module into your PowerShell ISE console

When working with Exchange there may be a requirement to create a PowerShell script using PowerShell ISE. Even if you run ISE on a Exchange Server you are unable to get the Exchange cmdlet in ISE, so the workaround for this is to use the following command;

  • If you are trying to add the Exchange cmdlets to your client machine you will need to Install the Exchange Management Tools from the Exchange installation media

The command to import the Exchange modules is different for each version – please use the appropriate command below:

Exchange 2007

2007 Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin; 

Exchange 2010

2010 Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010; 

Exchange 2013, 2016, 2019

2013-2019 Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn; 

Regards
The Author – Blogabout.Cloud


Notes from the Field: KB298200 – The update is not applicable to your computer

Notes from the Field: KB298200 – The update is not applicable to your computer

Hello Reader,

In this “Notes from the Field” post we will look at a common Skype for Business error which you may encounter when installing a Skype for Business Front End for the first time.

As you can see from the image below we have encountered an error during the the deployment wizard when installing a Skype for Business Front End for the first time on a newly built Windows 2012 R2 Server.

After downloading KB298200 and attempting to install the required Windows Update the following error occurs;

In order to resolve this issue effectively we need to download the latest Skype for Business Server Cumulative Update. This error was resolved in Skype for Business Server cumulative update Janaury 2018. A good point of reference for all Skype for Business Server CU, head over to https://blogs.technet.microsoft.com/uclobby/2015/06/22/skype-for-business-2015-cumulative-update-list/ 

First of all, you will need to stop all Skype for Business Service and this can be done easily using the following PowerShell cmdlet:

Stop-CSWindowsService

Launch the Skype for Business Update Installer and click ‘Install Updates’

Once the installation has been completed you will be able to complete the deployment wizard process with a successful outcome.

Please Note: You will need to re-run the Skype for Business Update Installer to patch the rest of the Skype for Business services.

Regards

Author – Blogabout.Cloud