The following post contains the new features and updated features from July 2019. This post enables you to quickly glance at the Microsoft Teams Roadmap based on the latest information provided from Microsoft.
Do you find it hard to keep up to date with all the latest Office 365 Roadmap news? Would you like an easier way to keep you and maybe your colleagues informed?
Then look no further, with power of Microsoft Teams you can now post the Roadmap updates directly into a Microsoft Teams Channel. By using the super powers of Microsoft Flow we can now publish the Office 365 Roadmap cleanly into a Microsoft Teams Channel and heres how we can do it.
Launch http://flow.microsoft.com
Creating the Microsoft Flow for RSS to Microsoft Teams Channel
Select My Flows Create New Automated – from Blank
Give you Microsoft Flow a name and choose the RSS trigger for “When a feed item is published” then click create 🙂
You must be signed into Flow with an account that has Microsoft Teams access.
Browse for Microsoft Teams and select Post a message (V3) (preview). The Microsoft Teams element in Flow are relatively new and all in public preview.
You will now need to specify your Team, Channel, Message and Subject. As you can see from below I am using Feed summary as the message and Feed title as the subject.
At the next trigger you will receive a message like below into your specified Microsoft Teams Channel.
As a big advocate for Office ProPlus I am delighted to now see that Microsoft Teams now apart of the ProPlus deliver mechanism. However, just like any Microsoft product, it does have its caveats.
Microsoft Teams will only be included with NEW installations of Office 365 ProPlus dependent on the channel you are using. The below shows the schedule of the introduction but this is subject to change.
Update channel
Version
Date
Monthly Channel
Version 1902
March 4, 2019
Semi-Annual Channel (Targeted)
Version 1902
March 12, 2019
Semi-Annual Channel
Version 1902
July 9, 2019
Important Note:
Teams are also included with the following new installations: Office 365 Business, starting with Version 1901, which was released on January 31, 2019. Office 365 Business is the version of Office that is included with certain business plans, such as the Microsoft 365 Business plan and the Office 365 Business Premium plan.
Office for Mac, starting with Version 16.21, which was released on January 16, 2019. Office for Mac comes with any plan that includes Office 365 Business or Office 365 ProPlus. For more information, see Microsoft Teams installations on a Mac.
Now Microsoft Teams is apart of the Office Deployment tool it is now subject to all the controls we are common use to so we exclude Teams if we really to 🙂 but why would we do that.
What about existing deployments of Office 365 ProPlus?
At the time of this post, it is not possible to get Microsoft Teams if you have an existing deployment of Office 365 ProPlus. Microsoft has announced that in Version 1906 Microsoft Teams will be shipped to existing deployment running this version. The table below gives an indication of when we can expect the rollout of Teams but if you are using Monthly Channel (Targeted) you should be seeing Microsoft appearing approximately on 25th June 2019.
Update channel
Version
Date
Monthly Channel
Version 1906
July 9, 2019
Semi-Annual Channel (Targeted)
To be determined
September 10, 2019
Semi-Annual Channel
To be determined
January 2020
If you don’t want Teams to be added to existing installations of Office 365 ProPlus when you update to a new version, you can use Group Policy or the Office Deployment Tool to exclude the installation.
Always keep up to date.
Make sure you’re using the most current version of the Office Deployment tool available on the Microsoft Download Center.
Temporarily, the name and help text for this policy setting is available only in English. The name and help text will be available in the usual set of languages by June 14, 2019.
Updating Microsoft Teams !! It doesnt follow the normal ProPlus cycles.
Once Microsoft Teams is installed, it automatically updates approximately every two weeks with new features and quality updates. This doesn‘t follow the normal update cycle for Office 365 ProPlus as other applications receive updates depending on which channel they’re on.
Baseline policy: Require MFA for Service Management (Preview)
Baseline policy: End user protection (Preview)
This policy protects users by requiring multi-factor authentication
(MFA) during risky sign-in attempts to all applications. Users with
leaked credentials are blocked from signing in until a password reset.
Once the policy is enabled, users are required to register for MFA within 14 days of their first login attempt. The default method of MFA registration is the Microsoft Authenticator App.
This policy is either On or Off and you can also exclude users from receiving this policy
This policy blocks all sign-ins using legacy authentication protocols
that don’t support multi-factor authentication (such as IMAP, POP,
SMTP).
The policy does not block Exchange ActiveSync.
Office 2013 (without registry keys)
Office 2010
Thunderbird client
Legacy Skype for Business
Native Android mail client
This policy is either On or Off and you can also exclude users from receiving this policy. This policy is great as I have configured a custom built policy for just this but my policy also includes Exchange Active Sync.
Baseline policy: Require MFA for Service Management (Preview)
This policy requires users logging into services that rely on the
Azure Resource Manager API to perform multi-factor authentication (MFA).
Services requiring MFA include:
Azure Portal
Azure Command Line Interface (CLI)
Azure PowerShell Module
This policy is either On or Off and you can also exclude users from receiving this policy
Its great to see some more brilliant developments in Conditional Access and really excited to see these go live with customers.
While running the Exchange Hybrod Configuration Wizard I ran in the following issue;
HCW8078 – Migration Endpoint could not be created Microsoft.Exchange.Migration.MigrationServerConnectionFailedException The connection to the server ‘http://mail.domain.com’ could not be complete
This issue is a known issue to Microsoft and the resolution is the good old “Have you tried turning it off and on?”
The resolution was to Disable MRSProxyEnabled, this can be easily completed for all servers using;
This script will need to repeat this process for all your servers where MRSProxy is being used. Invoke-Command -ComputerName Server1 -ScriptBlock {iisreset /restart}
Once you have completed the below steps you will be able to successful rerun the Hybrid Configuration Wizard without any errors
So in recent months, I have been working a number of large organisation that have issues with special characters that are affecting their migration to the Microsoft Cloud. Yes, I IDFix does an excellent job of correcting a lot of the issues. However, in recent time I have been rolled into customer sites to troubleshoot and report on special characters contained in Distribution Lists and Shared Mailboxes which cannot be migrated to Exchange Online.
What special characters are supported in Office 365?
So first of all, what is and is not supported. The below table gives an excellent break down what the character can be supported in UserNames, Password and Email Addresses.
Allowed In
Character
Name
Character
User Name
Password
Email Address
Accent
`
No
Yes
No
Ampersand
&
No
Yes
No
Angle Brackets
< >
No
Yes
No
Apostrophe
’
No
Yes
Yes***
Asterisk
*
No
Yes
No
At Symbol
@
No
Yes
No
Backslash
\
No
Yes
No
Braces
[ ]
No
Yes
No
Brackets
{ }
No
Yes
No
Circumflex
^
No
Yes
No
Colon
:
No
Yes
No
Comma
,
No
Yes
No
Dollar Sign
$
No
Yes
No
Equal Sign
=
No
Yes
No
Exclamation Point
!
No
Yes
No
Hyphen
–
Yes*
Yes
Yes*
Number Sign
#
No
Yes
No
Parentheses
( )
No
Yes
No
Percent Symbol
%
No
Yes
No
Period
.
Yes*
Yes
Yes*
Pipe
|
No
Yes
No
Plus Sign
+
No
Yes
No
Question Mark
?
No
Yes
No
Quotation Mark
“
No
Yes
No
Semicolon
:
No
Yes
No
Forward Slash
/
No
Yes
No
Tilde
~
No
Yes
No
Underscore
_
Yes**
Yes
Yes**
Uppercase Letters (A-Z)
A-Z
Yes
Yes
Yes
Lowercase Letters (a-z)
a-z
Yes
Yes
Yes
Numerals (0-9)
0-9
Yes
Yes
Yes
In order to test for the special characters above I have created the following script
}
else
{
#Write-Host "Special Character",$char," not detected in " $object.UserPrincipalName
}
}
catch
{
Write-Host "Great News!! we was unable to detect",$char,"in samaccountnames for all Distribution List" -ForegroundColor Green
}
}
}
When working with customer environments it is very possible a 3rd party appliance maybe involved and for the purpose of this post I will be directly looking at Mimecast to see how its configured to work with Office 365.
Prerequsities
An Office 365 administrator logon with permission to create a send connector.
Your internal domains must already be registered with us.
A Mimecast administrator logon with at view permission to the Gateway | Accepted Email menu item.
Mimecast recommend that if you are switching MX records, this task must be completed 3 days before changing the MX record to point at Mimecast. The reason for this allows Mimecast to build your Auto Allow list, based on recipients your users send messages to.
This has a positive impact on inbound email delivery speed, because many senders will already be known and consequently not be subject to our greylisting security feature.
Updating the SPF Record for your Domain(s)
You must have an SPF record for the domain(s) registered with Office 365. When implementing Mimecast with Office 365, this record must be updated in the DNS zone for the relevant domain to include the following:
Replace with or add: v=spf1 include:_netblocks.mimecast.com ~all
Important Note: If your outbound email is temporarily coexisting with Mimecast, you can leave the v=spf1 include:spf.protection.outlook.com –all SPF record. However, it must be removed once all your outbound email is routed through Mimecast.
Configuring Outbound Routing
Important Note: Mimecast has known issue with browsers that are not Internet Explorer and its recommend this process is completed using Internet Explorer only. All other browsers tested have issues.
Recommendation: Disable or remove any other Outbound Send Connectors. Failure to do this means your outbound email still uses these and isn’t routed through us.
Any send connectors used for other purposes (e.g archiving) may still be enabled. If in doubt, consult Mimecast Support.Any send connectors used for other purposes (login archiving) may login be enabled. If in doubt, consult Mimecast Support.
Adding the Office 365 Tenant Domain as an Internal Domain
Your Office 365 tenant domain must be added to the list of internal domains available in the Mimecast Administration Console. See the Configuring Internal Domain / Subdomains page for full details. This enables us to recognize certain auto response messages, where the sender address is not a normal internal domain. This is typically in the format @domain.onmicrosoft.com. Contact the Mimecast Support team if you have queries regarding this step.
Once this step is complete, Office 365 must be added to your authorized outbounds as an umbrella account. View the Maintaining Authorized Outbound Addresses page for more information.
To verify that Office 365 is successfully routing email outbound via us:
Log on to the Offic 365 Administration Console.
Select Admin | Exchange
Exchange Admin Centre
Select Mail Flow | Connectors Create a Connector
Mail Flow | Connectors
Select Office 365 – From Field Select Partner organization – To Field
Mail Flow Scenari
Enter Name for Connector Enter Description for Connector – Optional Ensure “Turn it on” is ticked
Select “Only when email messages are sent to these domains” Press the ( + )
Type the value * which will allow all outbound email to Mimecast
Press Next
Select “Route email through these smart hosts” Press the ( + )
Now, depending on your location you will need to use the Smart Host address from the table
Region
Office 365 Account Hostnames
America
us-smtp-o365-outbound-1.mimecast.com
America
us-smtp-o365-outbound-2.mimecast.com
Australia
au-smtp-o365-outbound-1.mimecast.com
Australia
au-smtp-o365-outbound-2.mimecast.com
Europe (Excluding Germany)
eu-smtp-o365-outbound-1.mimecast.com
Europe (Excluding Germany)
eu-smtp-o365-outbound-2.mimecast.com
Germany
de-smtp-o365-outbound-1.mimecast.com
Germany
de-smtp-o365-outbound-2.mimecast.com
Offshore
je-smtp-o365-outbound-1.mimecast-offshore.com
Offshore
je-smtp-o365-outbound-2.mimecast-offshore.com
South Africa
za-smtp-o365-outbound-1.mimecast.co.za
South Africa
za-smtp-o365-outbound-2.mimecast.co.zaM
As shown below
Smart Host for Mimecast
Press Next
Select “Always use Transport Layer Security (TLS) to secure this connection (recommended)” Select “Issued by a trusted certificate authority (CA)
Before pressing next please ensure that you confirm all your configured settings Press Next
Press the ( + ) this will allow you to validate the connector
Enter an external email to send the test email
Click Validate
If everything is ok and configured correctly you should see a success message
Press save !!! and your all done
Success!!!
Recommendation: Disable or remove any other Outbound Send Connectors, if this is not completed it may cause email to fail as it won’t be routed through Mimecast
But if doing the above seems a bit boring, there’s always PowerShell 🙂
Add your Office 365 domain as an internal domain in Mimecast
The Office 365 domain(s) must be added to the list of internal domain available in the Mimecast Administration console, if this action is missed. Mimecast are unable to recognise auto response message where the send address maybe @domain.onmicrosoft.com. Mimecast have a section about this on their website, please follow the link below. Configuring Internal Domain / Subdomains
Verify your configuration
To verify that Office 365 is successfully routing email outbound via us:
Log on to the Administration Console.
Click on the Administrationtoolbar button.
Select the Message Center | Accepted Messages menu item.
You should see messages from your organization’s internal users to external recipients. If you don’t see messages shortly after they’re sent, this indicates a configuration problem on your Office 365 send connector. Double check your configuration. Use the Office 365 Message Trace Tool in the Mail Flow | Message Trace menu of the Exchange Admin Center to help identify the issue.
Important Note: Once this step is complete, Office 365 must be added to your authorized outbounds as an umbrella account. View the Maintaining Authorized Outbound Addresses page for more information.
If there’s one thing most IT department are not great at its removing Exchange Mailboxes for Disabled Users. So here’s a quick Powershell win to determine who within your Exchange organisation has a mailbox and a disabled AD account.
While constructing a PowerShell script for gathering information about Distribution Lists within a customers environment, I ran into the following error
Method invocation failed because [System.Management.Automation.PSObject] doesn’t contain a method named ‘op_Addition’.
ERROR!!!
1
This error was being generated by a missing array within my PowerShell code
PowerShell is one of the greatest tools within any IT Professional toolkit, it enables you to do far more than any GUI available to you today. In my life as a Consultant for a Global Microsoft SI (System Integrator), I face challenges every day where PowerShell has come to the rescue. One of the best cmdlet I use in a lot of script is
ForEach which is the alias name of ForEach-Object
Imagine you need to modify an ExtensionAttribute for your entire organization or grant a permission to a subset of users, ask yourself this? How would I do this in a GUI? and the answer would be “with great difficulty or very time consuming”. This is Foreach-Object comes into play, in the below example I need to modify the PrimarySMTPAddress due to special characters being used
Get-DistributionGroup
In order to correct this, I will be using a source CSV file which contains SamAccountName for the identity of each DistributionList and the correct PrimarySMTPAddress.
Source CSV file
Now for the most important element, the powershell script which will be used to modify the PrimarySMTPAddress. The below script has been designed to achieve the required outcome but also includes the ability to;
Be ran using native PowerShell for On-Premises Exchange Servers (2007 through to 2019)
Be ran against Exchange Online
So as we can see the Foreach command is being used in the following;
For each $row within the $csv which is being imported try and get the distribution list using the column heading SamAccountName
If the Identity cannot be found the script will move to the catch
If the Identity can be found the script will set the distribution list using the column heading PrimarySMTPAddress
The catch is alert if there are any unsuccessful attempts at setting the PrimarySMTPAddress
Simples!!
Clear-Host $file = "$env:USERPROFILE\OneDrive\Desktop\groups.csv" $csv = import-csv -Path $file region Exchange Module SnapIn # Exchange 2007 #Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin; # Exchange 2010 #Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010; # Exchange 2013/2016 #Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn; endregion Transcript Start-Transcript -Path $env:USERPROFILE\OneDrive\Desktop\Get-DistributionGroup.txt Foreach ($row in $csv) { try { Get-DistributionGroup -Identity $row.SamAccountName | Set-DistributionGroup -PrimarySmtpAddress $row.PrimarySmtpAddress Write-Host 'INFO:' ($row.SamAccountName),'Primary SMTP Address has now been modified to',($row.PrimarySmtpAddress) -BackgroundColor Green } catch { Write-Host 'ERROR:' ($row.SamAccountName),'Primary SMTP Address has not been modified to',($row.PrimarySmtpAddress) -BackgroundColor Red } } Stop-Transcript Get-DistributionGroup
I have included Start-Transcript as this will dump out all Write-Host entry whether they was successful or not.
![Method invocation failed because [System.Management.Automation.PSObject] doesn’t contain a method named ‘op_Addition’.](https://i0.wp.com/www.blogabout.cloud/wp-content/uploads/2019/04/2019-04-01_10-29-12.jpg?fit=960%2C356)
