Wednesday, June 28, 2017
  • Home
  •             

BCC a HTML email with Exchange 2013 does not work

March 8th, 2017 by Jabez Gan [MVP]

 

Today there is an issue at a customer’s environment.

Background:

Exchange 2013 CU10

Problem:

There is a transport rule that will do a BCC emails to another SMTP address. All emails work, except if the email is sent by an iPhone in HTML format.

Solution:

N/A for now.
If you have faced any such issue, feel free to leave your comments below!

Posted in Exchange Server | Comments Off on BCC a HTML email with Exchange 2013 does not work

Set your alarm: Microsoft’s ’12 days of deals’ starts really early Monday

December 3rd, 2016 by Jabez Gan [MVP]

Microsoft is once again serving up a new holiday deal each day in its online and brick-and-mortar stores, starting Monday, December 5 at 12 a.m. PT, or 3 a.m. ET.

It’s hard to say what the best post-Black Friday sale on tech products is, but Microsoft is reprising its “12 days of deals” sale and it once again looks promising.

It officially kicks off on Monday, December 5 at 12 a.m. PT, which is really Sunday night to folks on the west coast and early Monday morning for folks on the east coast (3 a.m. ET). For those in the middle of the country, well, you can take your pick between late night or early morning.

Like last year, each day for 12 days we’ll see a new sale on select items. Here’s the full list of deals, according to Microsoft’s sale preview page:

  • Day 1 (December 5): Save up to $1,000 on select Intel PCs, with prices starting at $199.
  • Day 2 (December 6): $199 for a Lenovo IdeaPad 110 laptop ($100 savings).
  • Day 3 (December 7): Save up to 50 percent on select Xbox One games, now $19.99.
  • Day 4 (December 8): Save $250 on the Surface Pro 4 with Intel Core M3 and 128GB SSD (now $649), plus a free sleeve.
  • Day 5 (December 9): Save up to 70 percent on select Windows tablets, with prices starting at $49.
  • Day 6 (December 10): Save up to $250 on the Windows Premium Collection PCs.
  • Day 7 (December 11): Buy select Xbox controllers and get a $25 Microsoft Store gift code.
  • Day 8 (December 12): Save $50 and get two free games with select Xbox One consoles, plus discounts on Xbox accessories and games.
  • Day 9 (December 13): Get a $100 Microsoft Store gift code when you buy the HTC Vive or Oculus Rift VR headsets.
  • Day 10 (December 14): Save up to $1,000 on select Intel-powered gaming PCs.
  • Day 11 (December 15): Save up to 40 percent on select Dell PCs, with prices starting at $199.
  • Day 12 (December 16): Save up to $200 on select Surface Pro 4 models, plus get a free Type Cover (up to $359 value).

Source: Cnet

Posted in Microsoft, MS News | Comments Off on Set your alarm: Microsoft’s ’12 days of deals’ starts really early Monday

Updating Exchange Service Pack, throws an error “Cannot find a recipient update service responsible for domain ‘dc=sample,dc=domain,dc=com'”

February 15th, 2015 by Jabez Gan [MVP]

Problem:

When updating Exchange Service Pack, it throws a few error:

Cannot find the recipient update service responsible for domain ‘dc=sample,dc=domain,dc=com’. new and existing users may not be properly Exchange-enabled.”

The Windows Firewall service must be started before Setup can continue.

 

Analysis:

You checked the Exchange log (ExchangeSetup.log). It showed:

Error ONE:

[2/16/2015 1:11:59 AM] [1] [ERROR] Unexpected Error
[2/16/2015 1:11:59 AM] [1] [ERROR] The operation could not be performed because object ‘exchserver01’ could not be found on domain controller ‘adserver01.domain.com’.
[2/16/2015 1:11:59 AM] [1] Ending processing.
[2/16/2015 1:11:59 AM] [1] [ERROR] The Windows Firewall service must be started before Setup can continue.

You verify from the Domain Controller adserver01.domain.com that the Exchange server object is there. You also verify that the Exchange Server is able to communicate with the adserver01.domain.com

 

Error TWO:

Cannot find the recipient update service responsible for domain ‘dc=sample,dc=domain,dc=com’. new and existing users may not be properly Exchange-enabled.”

You will need to remove the RUS manually. Most likely Exchange 2003 wasn’t decomm-ed properly (if you are no longer using Exchange 2003).

Solution:

Error ONE:

Ignore the error “[2/16/2015 1:11:59 AM] [1] [ERROR] The operation could not be performed because object ‘exchserver01’ could not be found on domain controller ‘adserver01.domain.com’.”

Just proceed with starting the Windows Firewall service and rerun the update of Service Pack.

 

Error TWO:

Remove the RUS (If you no longer have any Exchange 2003 server in your environment).

You will not be able to delete the Recipient Update Service (Enterprise Configuration) by using Exchange 2003 or Exchange 2000 System Manager. Perform the following steps to delete theRecipient Update Service (Enterprise Configuration) by using ADSI Edit (AdsiEdit.msc):

  1. Open ADSI Edit, expand Configuration, expand CN=Configuration,CN=<domain>, expandCN=Services, expand CN=Microsoft Exchange, expand CN=<Exchange organization name>, expand CN=Address Lists Container, and then select CN=Recipient Update Services.
  2. In the result pane, right-click Recipient Update Service (Enterprise Configuration), clickDelete, and then click Yes to confirm the deletion.

Posted in Exchange Server | Comments Off on Updating Exchange Service Pack, throws an error “Cannot find a recipient update service responsible for domain ‘dc=sample,dc=domain,dc=com'”

Office 365 Dirsync: Batch update of AD users, and password sync not working?

January 23rd, 2015 by Jabez Gan [MVP]

Background:

Office 365 with Dirsync setup.

Problem:

After a batch update of users in AD, and assignment of license in Office 365, these users are not able to login to Office 365.

However, if create a single user in AD and assign license in Office 365, the user is able to login to Office 365.

Solution:

Do a force password sync

Note: You must have Directory Sync tool version 6438.0003 or greater installed in order to perform the process below.

To trigger a full password sync, perform the following steps:

  1. Open PowerShell, and then type Import-Module DirSync
  2. Type Set-FullPasswordSync, and then press Enter
  3. Load Services.msc
  4. Restart the Forefront Identity Manager Synchronization Service Service.

Posted in Office365 | Comments Off on Office 365 Dirsync: Batch update of AD users, and password sync not working?

Azure AD Connect: One simple, fast, lightweight tool to connect Active Directory and Azure Active Directory

December 17th, 2014 by Jabez Gan [MVP]

Back in August I posted a blog announcing the beta release of Azure AD Connect. Since then we have received a lot of feedback and made improvements in AAD Connect and AAD Sync, including multi forest support and password write back.

The biggest thing we’ve learned from you, our customers and partners, is that rather than a bunch of different tools (DirSync, AAD Connect, AAD Sync, ADFS, etc.) you want one simple, integrated tool for connecting your existing Windows Server Active Directory with Azure Active Directory. You’ll be happy to know that we’ve acted on your feedback!

Today we’re releasing a public preview of the “new” Azure AD Connect (you can download it here).

Azure AD Connect is “new” because it is now one integrated tool that includes all the advances of AAD Sync and the features from the beta release of Azure AD Connect into simple, fast & lightweight solution. Azure AD Connect has everything you need to connect your Windows Server AD(s) and Azure AD with only 4 clicks.

Now you can get started using Azure AD in under an hour, no new hardware required!

With this preview you can choose Express Settings or Custom settings just like before, only now you get the latest sync engine and capabilities.

Add one or many Active Directory forests to your connection.

And configure sync options Exchange Hybrid sync, password write back and alternate ID attribute

There are few things I want to let you know about the preview:

  • Because it’s our first combined wizard and it is in Preview status, we are not supporting production deployments for this release. Our next release will be production supported.
  • Our goal is to bring 100% of the previous DirSync functionality into Azure AD Connect. Before we GA Azure AD Connect we will bring all Dirsync functionality in.
  • We’ve received a lot of great feedback from you and have incorporated most it. But that doesn’t mean we’re done. Please keep the feedback coming!

Our goal is to GA Azure AD Connect with additional sync options, seamless migration from Dirsync, and production support in the next 90 days.

Please note there will no longer be separate releases of Azure AD Sync and Azure AD Connect. And we have no future releases of DirSync planned. Azure AD Connect is now your one stop shop for sync, sign on and all combinations of hybrid connections.

Source: Technet Blog

Posted in Office365, Windows Azure | Comments Off on Azure AD Connect: One simple, fast, lightweight tool to connect Active Directory and Azure Active Directory

Exchange Management Console shows mailbox is migrating/migrated from one DB to another DB

October 9th, 2014 by Jabez Gan [MVP]

Scenario:

In an Exchange Hybrid environment (using Office 365).

Problem:

In Exchange Management Console (EMC), under Move Request, there is some mailbox being moved. This action was not done by the local IT administrators. The mailbox affected are mailboxes already migrated to Office 365.

Solution/Explanation:

Run a Get-MoveRequest and if you see something like below, you are actually seeing the database being moved from Exchange Online DB to another Exchange Online DB. This is part of Exchange Online DB maintenance. There is no impact to users.

ExchangeGuid               : 404b747c-d942-4ecc-ba61-9459c234a8d3

SourceDatabase             : APCPR04DG020-db001

TargetDatabase             : APCPR04DG011-db170

SourceArchiveDatabase      :

TargetArchiveDatabase      :

Flags                      : IntraOrg, Pull, MoveOnlyPrimaryMailbox

Posted in Office365 | Comments Off on Exchange Management Console shows mailbox is migrating/migrated from one DB to another DB

Auto Assign Office 365 License based on domain name

October 2nd, 2014 by Jabez Gan [MVP]

Problem: Customer has a few email domain names and are slowly migrating to Office 365. The customer wants to auto assign license for certain domains using PowerShell.

Step 1:

Set the Office 365 tenant password in a TXT file.

The PowerShell Script:

#Modify below YOURPASSWORD to your Office 365 password
$password = “YOURPASSWORD
$password | ConvertFrom-SecureString | Set-Content c:\o365\password.txt

Step 2:

Search based on the valid domains and add license for users that have not been licensed.

The powershell script:

#Valid Domains.
#Modify below domainA.com and domainB.com to your own domain that you want to auto assign license.
$validDomains =”*@domainA.com”,”*@domainB.com

$MsolAdmUser = “admin@USERTENANTNAME.onmicrosoft.com
$pwd = Get-Content c:\o365\credmsol.txt | ConvertTo-SecureString
$cred = New-Object System.Management.Automation.PSCredential $MsolAdmUser, $pwd

# CONNECT TO 365
Import-Module MSOnline
Connect-MsolService -Credential $cred

$temp = (get-msoluser -all) | select userprincipalname

foreach ($a in $validDomains){

foreach ($b in $temp){

$validUser = ($b) | where {$b.userprincipalname -like $a}

If ($validUser –eq $null){

} else{

set-msoluser -userprincipalname $validUser.userprincipalname -usagelocation “MY”

set-msoluserlicense -userprincipalname $validUser.userprincipalname -addlicenses “userTenantName:STANDARDWOFFPACK

$validUser = $null

}

}

}

 

To get the “userTenantName:STANDARDWOFFPACK“, you will need to run get-msolaccountsku.

 

The above is a script that I quickly developed. Apologies if it isn’t neat as of now 🙂

Posted in Office365 | Comments Off on Auto Assign Office 365 License based on domain name

Office 365 – Unable to remove verified Domain name

June 25th, 2014 by Jabez Gan [MVP]

Problem:

When you are trying to delete a verified domain name in Office 365, an error pops up saying that some users or Office365 services are still attached to the domain.

Root Cause:

Just like what the error said, some of the Office 365 services or users are still attached/assigned to the domain name that you are trying to remove.

Solution:

Things to check:

  1. Ensure that no users are associated with the domain that you are trying to delete. You can verify this by going into Users And Groups, and Edit a user. Ensure that the domain you are trying to delete, eg, abc.com, is not listed there.
  2. Ensure that no security groups/distribution groups have the accounts attached to abc.com. Security groups/distribution groups can be access by logging into Office 365, click on Users And Groups, and click on Security Groups.
  3. If you have just deleted the users, or changed the domain for each individual users, you will need to wait for a while (1 min?) as it will need to sync the changes to the different Office365 service settings.
  4. If the accounts are uploaded to Dirsync, you will need to stop the Dirsync synchronization to change the accounts to a Cloud Only account. Then, you will need to do step 1-3 above to delete the Security groups; and/or manually modify the e-mail addresses fields in Office 365, Exchange Online.

Posted in Office365 | Comments Off on Office 365 – Unable to remove verified Domain name

“Insufficient Permission” shown in DirSync’s MIISClient.exe

June 24th, 2014 by Jabez Gan [MVP]

Lately, I had an issue with Office 365’s MIISClient.exe

Problem:

MIISClient.exe shows that a bunch of user accounts failed to sync with the error “Insufficient Permission”.

Solution:

Certain permissions needed by MSOL Service Account went missing (for whatever reason!). All we had to do is to recheck back the permissions.

Step 1: Run the Azure Active Directory Sync tool Configuration Wizard

Make sure that the latest version of the Directory Sync tool is installed and that you run the Azure Active Directory Sync tool Configuration Wizard. When you run the wizard, one screen prompts you to enable rich coexistence. Complete the wizard, and then start directory synchronization.

Alternatively, you can run the Enable-MSOnlineRichCoexistence cmdlet after the Directory Sync tool is installed to enable the write-back feature. This cmdlet must be run by using enterprise credentials or should be run by the enterprise admin.

Step 2: Confirm MSOL_AD_Sync_RichCoexistence permissions

If step 1 doesn’t resolve the issue, check that the MSOL_AD_Sync user belongs to the MSOL_AD_Sync_RichCoexistence group and that the group has Allow permissions to the user who is experiencing the issue, where write-back is not working for the following attributes:

  • msExchSafeSendersHash
  • msExchBlockedSendersHash
  • msExchSafeRecipientHash
  • msExchArchiveStatus
  • msExchUCVoiceMailSettings
  • ProxyAddresses

To do this, follow these steps:

  1. In Active Directory, make sure that the MSOL_AD_Sync_RichCoexistence group exists and that the MSOL_AD_Sync user is a member of the group.
  2. In the on-premises environment, use Active Directory Users and Computers to open the user properties for the user who is experiencing the issue.
  3. On the Security tab, click Advanced.

    Note
    You must enable advanced features to complete step 3.
  4. Make sure that the MSOL_AD_Sync_RichCoexistence group is listed. If it’s not listed, add the group, and then make sure that the group is granted Allow permissions to write to the attributes that are listed previously.

Note Step 2 may be required if the object does not inherit permissions from the parent. This issue may be resolved by making sure that the object inherits permissions from the parent object.

 

Source: Microsoft KB 2406830

Hope this helps! 🙂

Posted in Office365 | Comments Off on “Insufficient Permission” shown in DirSync’s MIISClient.exe

Enable Legal Hold by using PowerShell

June 23rd, 2014 by Jabez Gan [MVP]

Statement:

You have purchased some Office 365 E3 plans and have assigned the Office 365 E3 licenses to the users.

You would like to activate Legal Hold for these users in bulk, using PowerShell.

Script to Activate:

  1. # First you need to be connected to the Exchange PowerShell.
  2. $pagesize = 100# The number of mailboxes per loop
  3. $inc = 0# Start increment value
  4. # Continue until all mailboxes are litigation hold enabled
  5. do {
  6.     Write-Output “Getting mailboxes”
  7.     # Get UserMailboxes that does not have litigation hold enabled
  8.     $mailboxes = GetMailbox Filter {LitigationHoldEnabled -eq $false -andRecipientTypeDetails -eq “UserMailbox”} ResultSize $pagesize WarningAction SilentlyContinue
  9.     if($mailboxes) { Write-Output (“Current mailbox count: {0}” -f ($inc += $mailboxes.Count))}
  10.     # Enable litigation hold
  11.     $mailboxes | SetMailbox LitigationHoldEnabled $true WarningAction SilentlyContinue
  12. } while($mailboxes);

Source: Goodworkaround.com

Posted in Office365 | Comments Off on Enable Legal Hold by using PowerShell

Free/busy not working in Hybrid

June 16th, 2014 by Jabez Gan [MVP]

In a Hybrid deployment, lately I had experienced that:

1. On-premise users can see cloud users’ free/busy

2. Cloud users cant see on-premise users free/busy

 

Note: the below may not solve your problem, but it should lead you to the right way to brute force your way to solve the problem lol

Resolution:

1. Try out the Hybrid Free/Busy Troubleshooting Tool.

2. Check out: User can’t view free/busy information for a remote user in a hybrid deployment of on-premises Exchange Server and Exchange Online in Office 365

3. Did an IISRESET as recommended: http://jesperstahle.azurewebsites.net/?p=242

4. Update/Refresh the Federation Metadata. See this blog for more information.

  •  Connect to Exchange Online in PoweShell
  • Execute:
  • Get-FederationTrust | Set-FederationTrust -RefreshMetadata

5. Execute the free/busy test from Microsoft Remote Analyzer

6. Ensure that in all Exchange Servers (including the inactive ones located in the DR sites), the Get-WebServicesVirtualDirectory has the correct ExternalURL: https://mail.contoso.com/ews/exchange.asmx (and is routable from the internet)

Get-WebServicesVirtualDirectory -Identity “ServerName\EWS (Default Web Site)”

 

Leave a comment if it’s still not working. No promise that I can help you fix, but I’ll try 🙂

Posted in Office365 | Comments Off on Free/busy not working in Hybrid

Bing with video background?

May 24th, 2014 by Jabez Gan [MVP]

Bing is famous for having a different background picture whenever someone browses to Bing. However today onwards, when browsing to Bing using a HTML5 supported browser, it will show a video in the background.

What do you think? Waste of bandwidth?

Source: Bing Blog at http://www.bing.com/community/site_blogs/b/search/archive/2011/09/23/something-new-on-the-homepage.aspx?form=pgbar1

Final Fantasy XIV: Realm Reborn

Posted in Microsoft | Comments Off on Bing with video background?

Office365 – Dirsync not synchronizing fully

April 19th, 2014 by Jabez Gan [MVP]

Background:

Directory sync is located in the internal network and is behind a TMG proxy. TMG Proxy has been configured to allow Directory Sync to access HTTPS of the internet.

Problem:

With Directory Sync installed, the synchronization fails from time to time after a few hours of sync (we have >10,000 objects to be synced to the cloud).

Root Cause:

Directory sync should have direct connection to the internet. It is known to create issues if it is behind a TMG Proxy.

Posted in Office365 | Comments Off on Office365 – Dirsync not synchronizing fully

PowerShell to create Distribution Group in Exchange 2010/Office365

April 14th, 2014 by Jabez Gan [MVP]

When setting up Office365/Exchange 2010, it is very common to assist the customer to create distribution groups.

 

This is my way to script it to speed up the creation of the distribution groups:.

1. Create a CSV file for each distribution group. For my case, I have _AllStaff.CSV created. See below link for the sample of the file.

_AllStaff

 

2. Use Powershell and run the following:

$name=”AllStaff”

(The above should be the filename of your CSV file).

 

New-DistributionGroup -Name “_All Staff” -alias $name -primarysmtpaddress $name@abc.com -memberdepartrestriction closed

(Modify the bold items to the right Distribution Group name and domain name)

 

Import-csv “D:\$name.csv” | foreach {add-distributiongroupmember -identity $name@abc.com -member $_.EmailAddress}

(Point the location to the CSV file, and also specify the correct distribution group name)

 

What’s your way in creating the distribution group?

Новости и Обзоры Онлайн Игр

Posted in Office365 | Comments Off on PowerShell to create Distribution Group in Exchange 2010/Office365

Want to use MS Exchange without burning your company’s pocket? Try Microsoft Online

January 23rd, 2014 by Jabez Gan [MVP]

Microsoft Online Services launched in Malaysia for quite a while. This means that Malaysia companies can finally use Exchange Online, Sharepoint Online, Live Meeting and Office Communicator hosted on Microsoft’s data center.

Before we talk further, it’s always about the cost which entices the readers/bosses. Let me do a quick $$ breakdown:

(Sorry – the following will be in Ringgit Malaysia.)

SME (50 users)

– Decent System Administrator: RM3000 (monthly), or RM36,000 (yearly)
– Server hardware (with server redundancy, with license for 50 users): Rm15,000 (one time)
Total: RM51,000

For Microsoft Online Services (with Exchange, OCS, Live Meeting and Sharepoint)

– Rm33/user/month x 50 users x 12 months = Total: RM19,800

As you can see, Microsoft Online is a cheaper alternative to maintain your own IT infrastructure.

This is just a rough estimation.

What do you think?

For more information about Microsoft Online Services, you can click on this link.

Note: This calculation is very subjective and may not reflect everybody’s opinion.

Posted in Microsoft | Comments Off on Want to use MS Exchange without burning your company’s pocket? Try Microsoft Online

« Previous Entries