All posts in Office 365

The pain in the a** that is special characters. Understanding what is and isnt supported when migrating to the Microsoft Cloud.

The pain in the a** that is special characters. Understanding what is and isnt supported when migrating to the Microsoft Cloud.

By Author on Leave a Comment
Related image

So in recent months, I have been working a number of large organisation that have issues with special characters that are affecting their migration to the Microsoft Cloud. Yes, I IDFix does an excellent job of correcting a lot of the issues. However, in recent time I have been rolled into customer sites to troubleshoot and report on special characters contained in Distribution Lists and Shared Mailboxes which cannot be migrated to Exchange Online.

What special characters are supported in Office 365?

So first of all, what is and is not supported. The below table gives an excellent break down what the character can be supported in UserNames, Password and Email Addresses.

Allowed In
Character NameCharacterUser NamePasswordEmail Address
Accent`NoYesNo
Ampersand&NoYesNo
Angle Brackets< >NoYesNo
ApostropheNoYesYes***
Asterisk*NoYesNo
At Symbol@NoYesNo
Backslash\NoYesNo
Braces[ ]NoYesNo
Brackets{ }NoYesNo
Circumflex^NoYesNo
Colon:NoYesNo
Comma,NoYesNo
Dollar Sign$NoYesNo
Equal Sign=NoYesNo
Exclamation Point!NoYesNo
HyphenYes*YesYes*
Number Sign#NoYesNo
Parentheses( )NoYesNo
Percent Symbol%NoYesNo
Period.Yes*YesYes*
Pipe|NoYesNo
Plus Sign+NoYesNo
Question Mark?NoYesNo
Quotation MarkNoYesNo
Semicolon:NoYesNo
Forward Slash/NoYesNo
Tilde~NoYesNo
Underscore_Yes**YesYes**
Uppercase Letters (A-Z)A-ZYesYesYes
Lowercase Letters (a-z)a-zYesYesYes
Numerals (0-9)0-9YesYesYes

In order to test for the special characters above I have created the following script



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
cls

 $array = @('~', '!', '#', '$', '%', '^', '&amp;', '(', ')', '-', '.+', '=', '}', '{', '\', '/', '|', ';', ',', ':', '&lt;', '>', '"')

 $samaccountarray = @('[', '\', '"', '|' , ',' , '/', ':', '&lt;', '>', '+', '=', ';', ']')

 foreach ($char in $array) {

 Write-Host "Please Wait... Detecting",$char," in samaccountname" -ForegroundColor Yellow

 $objects = Get-distributiongroup

 foreach ($object in $Objects)

 {

 try {

  if ($object.SamAccountName -like "*$char*") 

 {

 Write-Host "Special Character",$char,"detected in SamAccountName",$object.samaccountname -ForegroundColor Red

 

 }

 else

 {

 #Write-Host "Special Character",$char," not detected in " $object.UserPrincipalName

 }

 }

 catch

 {

 Write-Host "Great News!! we was unable to detect",$char,"in samaccountnames for all Distribution List" -ForegroundColor Green

 }

 }

 }
Get-SpecialCharacters (8 downloads)

If you are interested in understanding what IDFix does and what special characters are not supported, please see this link

https://docs.microsoft.com/en-gb/office365/enterprise/prepare-for-directory-synchronization?redirectSourcePath=%252fen-us%252farticle%252fPrepare-to-provision-users-through-directory-synchronization-to-Office-365-01920974-9e6f-4331-a370-13aea4e82b3e

Regards

The Author – Blogabout.Cloud

Configuring Outbound Delivery Routing from Office 365 to Mimecast

Configuring Outbound Delivery Routing from Office 365 to Mimecast

By Author on Leave a Comment

When working with customer environments it is very possible a 3rd party appliance maybe involved and for the purpose of this post I will be directly looking at Mimecast to see how its configured to work with Office 365.

Prerequsities

  • An Office 365 administrator logon with permission to create a send connector.
  • Your internal domains must already be registered with us.
  • A Mimecast administrator logon with at view permission to the Gateway | Accepted Email menu item.

Mimecast recommend that if you are switching MX records, this task must be completed 3 days before changing the MX record to point at Mimecast. The reason for this allows Mimecast to build your Auto Allow list, based on recipients your users send messages to.

This has a positive impact on inbound email delivery speed, because many senders will already be known and consequently not be subject to our greylisting security feature.

Updating the SPF Record for your Domain(s)

You must have an SPF record for the domain(s) registered with Office 365. When implementing Mimecast with Office 365, this record must be updated in the DNS zone for the relevant domain to include the following:

  • Remove: v=spf1 include:spf.protection.outlook.com –all
  • Replace with or add:  v=spf1 include:_netblocks.mimecast.com ~all

Important Note: If your outbound email is temporarily coexisting with Mimecast, you can leave the v=spf1 include:spf.protection.outlook.com –all SPF record. However, it must be removed once all your outbound email is routed through Mimecast.

Configuring Outbound Routing

Important Note: Mimecast has known issue with browsers that are not Internet Explorer and its recommend this process is completed using Internet Explorer only. All other browsers tested have issues.

Recommendation: Disable or remove any other Outbound Send Connectors. Failure to do this means your outbound email still uses these and isn’t routed through us.

Any send connectors used for other purposes (e.g archiving) may still be enabled. If in doubt, consult Mimecast Support.Any send connectors used for other purposes (login archiving) may login be enabled. If in doubt, consult Mimecast Support.

Adding the Office 365 Tenant Domain as an Internal Domain

Your Office 365 tenant domain must be added to the list of internal domains available in the Mimecast Administration Console. See the Configuring Internal Domain / Subdomains page for full details. This enables us to recognize certain auto response messages, where the sender address is not a normal internal domain. This is typically in the format @domain.onmicrosoft.com. Contact the Mimecast Support team if you have queries regarding this step.

Contact the Mimecast Support team if you have queries regarding this step.

Verifying Your Configuration

Once this step is complete, Office 365 must be added to your authorized outbounds as an umbrella account. View the Maintaining Authorized Outbound Addresses page for more information.

To verify that Office 365 is successfully routing email outbound via us:

  1. Log on to the Offic 365 Administration Console.
  2. Select Admin | Exchange
Exchange Admin Centre

Select Mail Flow | Connectors
Create a Connector

Mail Flow | Connectors

Select Office 365 – From Field
Select Partner organization – To Field

Mail Flow Scenari

Enter Name for Connector
Enter Description for Connector – Optional
Ensure “Turn it on” is ticked

Select “Only when email messages are sent to these domains”
Press the ( + )

Type the value * which will allow all outbound email to Mimecast

Press Next

Select “Route email through these smart hosts”
Press the ( + )

Now, depending on your location you will need to use the Smart Host address from the table

RegionOffice 365 Account Hostnames
Americaus-smtp-o365-outbound-1.mimecast.com
Americaus-smtp-o365-outbound-2.mimecast.com
Australiaau-smtp-o365-outbound-1.mimecast.com
Australiaau-smtp-o365-outbound-2.mimecast.com
Europe (Excluding Germany)eu-smtp-o365-outbound-1.mimecast.com
Europe (Excluding Germany)eu-smtp-o365-outbound-2.mimecast.com
Germanyde-smtp-o365-outbound-1.mimecast.com
Germanyde-smtp-o365-outbound-2.mimecast.com
Offshoreje-smtp-o365-outbound-1.mimecast-offshore.com
Offshoreje-smtp-o365-outbound-2.mimecast-offshore.com
South Africaza-smtp-o365-outbound-1.mimecast.co.za
South Africaza-smtp-o365-outbound-2.mimecast.co.zaM

As shown below

Smart Host for Mimecast

Press Next

Select “Always use Transport Layer Security (TLS) to secure this connection (recommended)”
Select “Issued by a trusted certificate authority (CA)


Before pressing next please ensure that you confirm all your configured settings
Press Next

Press the ( + ) this will allow you to validate the connector

Enter an external email to send the test email

Click Validate

If everything is ok and configured correctly you should see a success message

Press save !!! and your all done

Success!!!

Recommendation: Disable or remove any other Outbound Send Connectors, if this is not completed it may cause email to fail as it won’t be routed through Mimecast

But if doing the above seems a bit boring, there’s always PowerShell 🙂

new-outboundconnector -name ConnectorName -smarthosts SmartHostAddress1,SmartHostAddress2 -tlssettings certificatevalidation -recipientdomains * -routeallmessagesviaonpremises $false -connectortype Partner -usemxrecord $false -whatif

or download my script for all Mimecast regions

Set-O365MimecastConnector (13 downloads)

Add your Office 365 domain as an internal domain in Mimecast

The Office 365 domain(s) must be added to the list of internal domain available in the Mimecast Administration console, if this action is missed. Mimecast are unable to recognise auto response message where the send address maybe @domain.onmicrosoft.com. Mimecast have a section about this on their website, please follow the link below.
Configuring Internal Domain / Subdomains 

Verify your configuration

To verify that Office 365 is successfully routing email outbound via us:

  1. Log on to the Administration Console.
  2. Click on the Administration toolbar button.
  3. Select the Message Center | Accepted Messages menu item.

See the Message Center: Accepted Messages page for full details.

You should see messages from your organization’s internal users to external recipients. If you don’t see messages shortly after they’re sent, this indicates a configuration problem on your Office 365 send connector. Double check your configuration. Use the Office 365 Message Trace Tool in the Mail Flow | Message Trace menu of the Exchange Admin Center to help identify the issue.

Important Note: Once this step is complete, Office 365 must be added to your authorized outbounds as an umbrella account. View the Maintaining Authorized Outbound Addresses page for more information.

Regards
The Author – Blogabout.Cloud

Get Disabled Users who have an Exchange Mailbox with PowerShell

Get Disabled Users who have an Exchange Mailbox with PowerShell

By Author on Leave a Comment

If there’s one thing most IT department are not great at its removing Exchange Mailboxes for Disabled Users. So here’s a quick Powershell win to determine who within your Exchange organisation has a mailbox and a disabled AD account.

On-Premises Users



1
2
3
4
5
6
7
8
9
$Mailboxes = Get-Mailbox | where {$_.RecipientTypeDetails -eq 'UserMailbox'}

$Disabled = @()



Foreach ($Mailbox in $Mailboxes) {

    if((Get-ADUser -Identity $Mailbox.SamAccountName).Enabled -eq $False){

        $Disabled += Get-MailboxStatistics $Mailbox.SamAccountName | Select -Property DisplayName,TotalItemSize

    }    

}

$Disabled | Export-Csv -Path $env:userprofile\desktop\DisabledADUserwithMailbox.csv -NoTypeInformation

Cloud Users



1
2
3
4
5
6
7
8
9
10
11
Connect-MsolService

  

  $Mailboxes = Get-Mailbox | Where-Object {$_.RecipientTypeDetails -eq 'UserMailbox'}

  $Disabled = @()



  Foreach ($Mailbox in $Mailboxes) {

    if((Get-msolUser -userprincipalname $Mailbox.userprincipalname).Enabled -eq $False){

        $Disabled += Get-MailboxStatistics $Mailbox.userprincipalname | Select-Object -Property DisplayName,TotalItemSize

    }    

  }

  $Disabled | Export-Csv -Path $env:userprofile\desktop\DisabledAzureADUserwithMailbox.csv -NoTypeInformation

Regards

The Author – Blogabout.Cloud

Method invocation failed because [System.Management.Automation.PSObject] doesn’t contain a method named ‘op_Addition’.

Method invocation failed because [System.Management.Automation.PSObject] doesn’t contain a method named ‘op_Addition’.

By Author on Leave a Comment

While constructing a PowerShell script for gathering information about Distribution Lists within a customers environment, I ran into the following error

Method invocation failed because [System.Management.Automation.PSObject] doesn’t contain a method named ‘op_Addition’. 

ERROR!!!
1

This error was being generated by a missing array within my PowerShell code



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Call Distribution Lists

$dist = @(Get-DistributionGroup -resultsize unlimited)



# Start Transcript

Start-Transcript -Path $env:USERPROFILE\desktop\DLsandMember.txt



# Report on Distribution List

foreach ($dl in $dist)

{

  

  $count =@(Get-DistributionGroup $dl.samaccountname).count

  $report = New-Object -TypeName PSObject

  $report | Add-Member -MemberType NoteProperty -Name 'Group Name' -Value $dl.Name

  $report | Add-Member -MemberType NoteProperty -Name 'samAccountname' -Value $dl.samaccountname

  $report | Add-Member -MemberType NoteProperty -Name 'Group Type' -Value $dl.grouptype

  $report | Add-Member -MemberType NoteProperty -Name 'DN' -Value $dl.distinguishedName

  $report | Add-Member -MemberType NoteProperty -Name 'Manager' -Value $dl.managedby

  $report | Add-Member -MemberType NoteProperty -Name 'Member Depart Restriction' -Value $dl.memberdepartrestriction

  $report | Add-Member -MemberType NoteProperty -Name 'Member Join Restriction' -Value $dl.memberjoinrestriction

  $report | Add-Member -MemberType NoteProperty -Name 'PrimarySMTPAddress' -Value $dl.primarysmtpaddress

  $report | Add-Member -MemberType NoteProperty -Name 'EmailAddress' -Value $dl.emailaddresses

  $report | Add-Member -MemberType NoteProperty -Name 'GrantSendOnBehalfto' -Value $dl.GrantSendOnBehalfto

  $report | Add-Member -MemberType NoteProperty -Name 'EmailAddressPolicyEnabled' -Value $dl.EmailAddressPolicyEnabled

  $report | Add-Member -MemberType NoteProperty -Name 'Number of Members' -Value $count

  Write-Host ('INFO: {0} has {1} members' -f $dl.name, ($count))

 

  $reportoutput += $report

}



# Stop Transcript

Stop-Transcript

By adding the following lines to my above script I was able to successful export the required information into an Array and dump out to CSV.



1
2
# Array

$reportoutput=@()

Regards

The Author – Blogabout.Cloud

PowerShell – ForEach do action X or do Y

PowerShell – ForEach do action X or do Y

By Author on Leave a Comment

PowerShell is one of the greatest tools within any IT Professional toolkit, it enables you to do far more than any GUI available to you today. In my life as a Consultant for a Global Microsoft SI (System Integrator), I face challenges every day where PowerShell has come to the rescue. One of the best cmdlet I use in a lot of script is

ForEach which is the alias name of ForEach-Object

Imagine you need to modify an ExtensionAttribute for your entire organization or grant a permission to a subset of users, ask yourself this? How would I do this in a GUI? and the answer would be “with great difficulty or very time consuming”. This is Foreach-Object comes into play, in the below example I need to modify the PrimarySMTPAddress due to special characters being used

Get-DistributionGroup

In order to correct this, I will be using a source CSV file which contains SamAccountName for the identity of each DistributionList and the correct PrimarySMTPAddress.

Source CSV file

Now for the most important element, the powershell script which will be used to modify the PrimarySMTPAddress. The below script has been designed to achieve the required outcome but also includes the ability to;

  • Be ran using native PowerShell for On-Premises Exchange Servers (2007 through to 2019)
  • Be ran against Exchange Online

So as we can see the Foreach command is being used in the following;

  • For each $row within the $csv which is being imported try and get the distribution list using the column heading SamAccountName
    • If the Identity cannot be found the script will move to the catch
    • If the Identity can be found the script will set the distribution list using the column heading PrimarySMTPAddress
  • The catch is alert if there are any unsuccessful attempts at setting the PrimarySMTPAddress

Simples!!

 Clear-Host
 $file = "$env:USERPROFILE\OneDrive\Desktop\groups.csv"
 $csv = import-csv -Path $file
 region Exchange Module SnapIn
 # Exchange 2007
   #Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin;
   # Exchange 2010
   #Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010;
   # Exchange 2013/2016
   #Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn;
 endregion
 Transcript
 Start-Transcript -Path $env:USERPROFILE\OneDrive\Desktop\Get-DistributionGroup.txt
 Foreach ($row in $csv)
 {
   try {
     Get-DistributionGroup -Identity $row.SamAccountName | Set-DistributionGroup -PrimarySmtpAddress $row.PrimarySmtpAddress
     Write-Host 'INFO:' ($row.SamAccountName),'Primary SMTP Address has now been modified to',($row.PrimarySmtpAddress) -BackgroundColor Green
   }
   catch
   {
     Write-Host 'ERROR:' ($row.SamAccountName),'Primary SMTP Address has not been modified to',($row.PrimarySmtpAddress) -BackgroundColor Red
   }
 }
 Stop-Transcript
 Get-DistributionGroup
Image result for meerkat simples gif

I have included Start-Transcript as this will dump out all Write-Host entry whether they was successful or not.

Regards

The Author – Blogabout.Cloud

Goodbye OneNote 2016 from Office Portal

Goodbye OneNote 2016 from Office Portal

By Author on Leave a Comment
Image result for the end is near

Back in September 2018, Microsoft announced it would be removing OneNote from its Office installation and OneNote for Windows 10 will be the default going forward. Microsoft has now announced (12th Feb) that OneNote 2016 will be removed from the Office Portal for installation using Semi-Annual channel.

So all installations from this post forward will not include OneNote 2016 by default when a user on the Semi-Annual channel using Office 365 on Windows 10 from the Office Portal.

So what now?

OneNote is available to download from the following url it is important to note that Microsoft are no longer developing new features for OneNote 2016. If you want to take advantage of the latest that OneNote has to offer, Microsoft state you should consider switching to OneNote for Windows 10

Regards
The Author – Blogabout.Cloud

Big News: Microsoft Teams being rolled out with Office 365 ProPlus (CDN)

Big News: Microsoft Teams being rolled out with Office 365 ProPlus (CDN)

By Author on Leave a Comment

Finally, Microsoft Teams will be introduce into Office 365 ProPlus… Microsoft Teams will be introduced into the;

  • February Monthly Channel; the
  • March Semi-Annual Channel Targeted (SAC-T); and
  • July Semi-Annual Channel (SAC)

But will automatically install Teams when Office 365 ProPlus is installed on new PCs and Macs.

image

Now the million dollar question, how is it being introduced?

As a Consultant that has delivered and spoke about Office ProPlus for a number of years, I do have concerns about how it’s going to be introduced and here’s why.

Office 365 uses the (CDN) Content Delivery Network for providing updates to all the Office ProPlus products, is it not the case with Microsoft Teams.

The update mechanism is completely different as the client is delivered by good old MSI so this will bring a number of questions and challenges to start;

  • What version of Office am I running?
  • What version of Teams am I running?
  • Does Teams need updating?
  • I have this weird problem but my colleague doesnt, is it version related?
  • etc.. etc…

However, if they integrate Microsoft Teams into the CDN it is definitely the way forward and also allows the customer to exclude Teams in the configuration.xml (if this is a requirement). It is very early days and I am sure more information will be released in due case but until then I am looking forward to see what the future holds as Microsoft have stated
Teams will automatically be installed for users who already have Office 365 ProPlus in the future.” So if you’re not using Microsoft Teams today Microsoft are making damn sure its available to increase adoption.

The Author – Blogabout.Cloud

MS-200: Planning and Configuring a Messaging Platform – Study Guide

MS-200: Planning and Configuring a Messaging Platform – Study Guide

By Author on Leave a Comment

Planning on taking the MS-200 Exam but don’t know where to start with your studying? Well do not fear I am in the same boat and looking for the best way to study the required elements to pass MS-200. I have started building a list of all the elements which might be covered in the exam and will continue to update this page until all the things we need know are covered.

Image result for studying stress


If you have any suggestions, please leave a comment below.

Manage Modern Messaging Infrastructure (45-50%)

Manage Mail Flow Topology (35-40%)

Manage Recipient and Devices (15-20%)

Regards

The Author – Blogabout.Cloud

Office ProPlus ToolKit

Office ProPlus ToolKit

By Author on Leave a Comment

Installing Office 365 ProPlus can be a bit of a headache and also there are many different tricks/hacks which can be implemented to test out the latest channels.

The Office ProPlus ToolKit script is built with following options to help you test and deploy ProPlus in the most effective way. This script is built with the following menu options

1) Configure Monthly Channel –>
2) Configure Semi Annual (Targeted) Channel –>
3) Configure Semi Annual Channel –>
4) Configure Monthly (Targeted) Channel –>
5) Configure Insider (Unsupported) Channel –>
6) Check your Office 365 ProPlus Configuration –>

7) Download the Office Readiness Toolkit for Add-ins & VBS –>
8) Download Microsoft FixIT Removal Tool –>
9) Download Offscrub Files (Office 03,07,10, O15 & O16) –>
10) Download Office 2016/2019/ProPlus Group Policy Templates –>
11) Download Office Telemetry Requirements –>

15) Download Office Deployment Tool (Official) –>
16) Download Pre-Loaded Office 365 Configuration Files –>

20) Install Office 365 ProPlus –>
21) Install SQL Express –>
22) Install SQL Management Studio –>
23) Install Office Telemetry Dashboard –>

30) Build your own configuration.xml (config.office.com) –>
31) Install Office using your modified configuration.xml –>

This script has seen a number of updates recently which have been logged below

Download

Get-OfficeProPlusToolKit.ps1 (632 downloads)

Change Log

Version 1.1 – Features

  • Download Pro-Loaded Office 365 Configuration Files – This contains Office 365 ProPlus and Office 2019. This option supports menu 20 which calls the downloaded setup.exe and xml files.
  • Support for PowerShell Version 5 – This script using Version 5 to expand Zip archives which allows the script to call the contents. If Version 5 is not detected you will be prompted to extract the required files manually.

Reporting Issues

If you identity any issues within running the script please email theauthor@blogabout.cloud

Regards
The Author – Blogabout.Cloud

PowerShell – How to format your PowerShell output into a table using Format-Table

PowerShell – How to format your PowerShell output into a table using Format-Table

By Author on Leave a Comment

When working with PowerShell and using a (get-command | fl or format-list) you will receive a whole list of information which sometimes can be difficult to digest as shown below. In most cases normally you are only after one or two peices of key information

Get-SPOSite | Format-List

Using Format-List or LT you can specify the required information into something a bit more readable.

For example, I am currently working Get-SPOSite (SharePoint Online Sites) and I would like to know if any of the sites have sharing capabilities and site defined sharing capabilities. 

# Command
Get-SPOSite | Select-Object -Property URL,SharingCapability,SiteDefinedSharingCapability | ft
Get-SPOSite | Select-Object -Property URL,SharingCapability,SiteDefinedSharingCapability | ft

As you can see from the above image the output for the required fields is more readable to my needs. You can use this approach for many different scenarios and maybe within a technical script you are writing for a deployment or an action.


Regards

The Author – Blogabout.Cloud