Click-to-Run installation of Office 2013 / Proplus

Click to run is a best approach of office installation, it is a mainly introduced to reduce the installation time as well as the the time taken to download of the software.

Let us see the step by step process on how to setup of New office with click to run.

  • Download the Office deployment tool from Microsoft website.
  • Create a folder "Share" where you want to place the files and share this folder to every one.
  • Place the downloaded tool  into the above folder.
  • Double click on the tool and you will be asked to select a directory , now select the directory which you have created above.

  • Once you click on OK, you will see two files in the folder as below.

  • Now you need to edit the configuration.xml file, I will make this step more easier for you. You just open the configuration file in a note pad and remove every thing from it and place the below code.

  <Add SourcePath="\\server\share\" OfficeClientEdition="32" >
    <Product ID="O365ProPlusRetail">
      <Language ID="en-us" />
    <Product ID="VisioProRetail">
      <Language ID="en-us" />

   <Updates Enabled="TRUE" UpdatePath="\\server\share\" /> 

  <Display Level="Full" AcceptEULA="TRUE" />  

    <Logging Name="OfficeSetup.txt" Path="%temp%" />  

  <Property Name="AUTOACTIVATE" Value="1" />  


  • In-place of source path , provide your share path and same in place of update path.
  • Now click save and close the file.
Now your configuration part is completed, now you need to download the Office software using the above configuration file and setup file.

For doing that follow the below process:

  • Once the download is completed, command will end. Now you have Office pro plus software ready for Network installation.
You can perform the installation of Office Proplus easily on a client machine, you need to execute below command to perform this:

Once you run the above command on the client machine, the installation will start as shown below

 Done, you have a click-to-run setup ready for starting your installation.

For Easy Administration purpose: As we know it is very tuff to go to each user machine and execute the above command to start the installation, for making the Admin life easy you can use put the command in a batch file and using group policy push the batch file as a start up script on all your domain computers this will install the office product easily on the domain computers without IT Admin intervention.

Hope you feel it easier now. :-) 

                                                             Metadata cleanup on windows 2008/2012

Let us take windows 2003 and windows 2008 DC’s as an example, you have migrated from 2003 to windows 2008 and moved all the FSMO roles to windows 2008 server. Now you have started demote the Windows 2003 domain controller and you ran into issues.

Now you have decided to go with Force removal of windows 2003 and removed the ADDS forcefully. (using dcpromo /forceremoval). Is this finishes your job ??

No! this is where actual job starts, you have removed Windows 2003 DC, but its references will not be removed from Active Directory database on your New domain controller (Windows 2008 DC).

You need to undergo metadata cleanup to remove all the instances of old DC from Active Directory.

Step-by-Step procedure for Metadata cleanup

Please Note:  Before starting please make sure your account is in Enterprise Admins group

  • Open a command prompt, type ntdsutil and press enter.
  • At the above ntdsutil prompt type metadata cleanup and press enter.
  • Now at metadata cleanup prompt type connections and press enter.
  • Now at the Server Connections prompt, type connect to server
  • At the Server Connections prompt, type quit and Enter.
  • At the Metadata Cleanup prompt, type select operation target and press Enter.
  • At the Selected  Operations Target prompt, type list domains and press Enter. This list all the domains in the forest are listed with a number associated to each.

  • At the Select Operations Target prompt, type select domain 0, where number “0” is the failed domain controller, and press Enter.

  • At the Select Operations Target prompt, type list sites and press Enter. This list all the sites in the forest are listed with a number assigned to each.

  • At the Select Operations Target prompt, type select site 0, where number “0” is the site containing the 2003 domain controller, and press Enter.

  • At the Select Operations Target prompt, type list servers in site and press Enter.

  • At the Select Operations Target prompt, type select server 0, where number “0” is the 2003 domain controller, and press Enter.
  • At the Select Operations Target prompt, type quit and press Enter.
  • At the Metadata Cleanup prompt, type remove selected server and press Enter.
  • You will get a warning message. Click Yes to confirm removal of the server

  • Once completed Type quit, Press enter and Type Quit and press enter, until you reach back to root drive.

Done, you have now completed the meta data cleanup and removed all the traces of your old domain controller.

Message Encryption On Office365

                           Office 365 - How to configure Message Encryption

Let us see how to enable the Message encryption on Office 365, you just need to subscribe for Microsoft Azure Rights Management.

1. Enable IRM Licensing:

  • Go to Office365 Admin portal and Service setting to enable Right Management service. Once you activated the right management the RMS should be activated for you.

  • When connected to Office 365 tenant, we need to set the RMS Online Key sharing location. Based on where your tenant is located run the appropriate command.

North America: Set-IRMConfiguration -RMSOnlineKeySharingLocation

European Union: Set-IRMConfiguration -RMSOnlineKeySharingLocation

The Asia-Pacific Area: Set-IRMConfiguration -RMSOnlineKeySharingLocation

  • Next step is to import the Trusted publishing domain , for that enter the below command:

    import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”
  • You are almost completed, now just activate the internal IRM Licensing by running below command.

    Set-IRMConfiguration -InternalLicensingEnabled $True
  • Test the IRM configuration and see if it is working.

    Test-IRMConfiguration -RMSOnline
You Overall test result should say that it is Pass.

You are now 1 step away for configuring a rule for message encryption

 2. Create a Transport Rule for Message Encryption

Here i am going to explain you how to create a rule to encrypt the message if sent to outside the organization and subject line on the email contains Encrypted Message Key word.
  • Login to Office 365 Admin portal and go to Exchange Admin control panel. 
  • Go to Mail flow and create a new rule.
  • Type a name to the rule you are creating and click more options.
  • Now apply a condition for that drop down the "*Apply this rule of " now select The Subject and Body contains , then select The subject includes any of these words.
  • Now enter a key word Encrypted Message and hit + symbol and click ok.
  • Add new condition and select the recipient is located and is external\internal and then Outside the organisation.
  • Now come to the *Do the following  select Modify the Message security and Apply Office365 message encryption
  • Click save.
Testing :

Open a new email and put the key word "Encrypted Message" which have defined in the rule previously

Type what ever you want in the body and enter an external recipient and hit send. they should receive you message in an encrypted way. 

                                         Migration Error - Office365

Started the Cutover migration and every thing went well for a day, all of the sudden started receiving the below error when migrating the mailbox data to Office365.

Error: AutoDiscoverFailedConfigurationErrorException: AutoDiscover failed with a configuration error: The migration service failed to detect the migration endpoint using the Autodiscover service. Please enter the migration endpoint settings or go back to the first step and retry using the Autodiscover service. Consider using the Exchange Remote Connectivity Analyzer

We verified that Auto-Discovery is working fine. :-)
No Issues with RPC-Over-HTTP.
We tested with Microsoft remote connectivity analyzer tool and every thing is OK.

Auto Discovery test passed and RPC over HTTP test was passwed.

But where was the issue ? No clue !

How the objects are provisioned if the Auto Discovery is not working ? No answer ?

Solution: After going a call with Microsoft, creating the migration batch manually solved the issue. 

In this case auto-discovery test is getting success, but the not sure why it failing to connect the on-premise server for sometime.

So if you face this issue, you create the migration batch  manually rather than using Auto Discovery to get the settings.

Comment your experience

                            Create a Generic password for all the office365 users

If we go with a migration of 50 + or 100 + users, it would be difficult to distribute the password which were generated by office 365 directly during migration is a big head ace for the It departments.

So let us see a solution where we can set a unique password for all the office365 users and you can only achieve this using power shell

Before this you need to know how to connect to Office365 using PowerShell, my previous post speaks about this and below is the link for you.

Once you followed the steps mentioned in the above article, to connect to the Office365 using Powershell follow below instructions to set a generic\ Unique password for all the MSOnline users\O365 users.

  1. Once you connected your power shell to office 365, type the below command to see the list of MSonline users.
    Get-MSOLUser -All 
  2. Now type the below command to set the desired password for all the users
    Get-MsolUser -All | Set-MsolUserPassword -NewPassword E@syP@ss -ForceChangePassword $True >c:\Password.csv
The above command set the password as "E@syP@ss" for all the user account in your office365, and the attribute ForceChangePassword should be True, if you want to restrict users to change their password at next logon.

See how easy it is and provide your comment. 

How to connect to Office 365 using Power Shell

                                         Connect to Office365 using PowerShell

You want to perform administrative tasks of office365 using power shell ? then you are at the right place now.

First you need to know, how you need to prepare your power shell environment to connect to O365 and let us see how.

The below are certain pre-requisites you need to follow to get your environment ready


  • Make sure you are running Windows 7 or above.
  • Make sure you have .Net framework 3.51 feature installed.
  • Install all the missing important windows updates.
  • Install the Microsoft online Services Sign-In Assistance.
  • Install Microsoft Windows Azure Active Directory module , you can get this from the below link . Choose appropriate version.
Once you meet all the above prerequisites follow the below steps to connect to office365.

  1. Open Azure power shell, run as administrator.
  2. Type the below command to import the MSOnline module.
     Import-Module MSOnline
  3. Type the below command and it will prompt for your Office365 credentials. Enter the credentials once it is prompted and click Ok
    $O365Cred = Get-Credential
  4. Now type the below command to initiate a PSSesssion to your Office 365 tenant account
    $O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $O365Cred -Authentication Basic -AllowRedirection
  5. Now enter the below 2 command in the power shell.
Import-PSSession $O365Session -AllowClobber
Connect-MsolService –Credential $O365Cred

You are now ready and your power shell has established the connection to your Office365 tenant successfully.

Comment on your experience.
               Reset Built-In Admin Password on Azure Virtual Machine

We got to a scenario , where we forgot our Administrator password for Azure virtual machine and their is no other account to login now.

No Idea on how to proceed ! :-o 

Are we stumped ? No after some research we got to find a solution which made us to reset Azure VM Built-In Admin Password.

First Step is you need to have a power shell, with Windows Azure Power Shell Module installed.

Below Link shows how to Install Azure Power Shell modules

So get ready , once the power shell is installed follow the below steps:

  1. Open the Azure power shell , by running it as Administrator.
  2. Now type Get-Module Azure
  3. Then you need to connect to Azure account, so open Windows PowerShell ISE and run the following commands
    Set-ExecutionPolicy RemoteSigned
    Import-Module Azure
  4. Now type you username and password of Azure Administrator \ CO-administrator account.
  5. Type below command to get list of your Azure subscriptions if you have many.
    Get-AzureSubscription | Format-Table –Property SubscriptionName
  6. Run the following command by entering your subscription name.
    Select-AzureSubscription –Default $subscription
  7. Now you need to enter below command , to get a prompt for credentials to which you would like to reset the built-in administrator account of a virtual machine.
    $adminCredentials = Get-Credential -Message "Enter new Admin credentials"
  8. Last but now least, run the following snippet to get the account reset.
    (Get-AzureVM) |
    Where-Object -Property Status -EQ "ReadyRole" |
    Select-Object -Property Name, ServiceName |
    Out-GridView -Title "Select a VM …" -PassThru |
    ForEach-Object {
        $VM = Get-AzureVM -Name $_.Name -ServiceName $_.ServiceName
        If ($VM.VM.ProvisionGuestAgent) {
            Set-AzureVMAccessExtension -VM $VM `
                -UserName $adminCredentials.UserName `
                -Password $adminCredentials.GetNetworkCredential().Password `
                -ReferenceName "VMAccessAgent" |
            Restart-AzureVM -ServiceName $VM.ServiceName -Name $VM.Name
        } else {
            Write-Output "$($VM.Name): VM Agent Not Installed"
Done, try login to your Azure Virtual Machine now. 

Success ? Great .

Comment on your experience.

 Find the list of Mail Enabled Public Folders on Exchange 2003

Did you any time got a situation where you need to get the list of all the mail enabled public folders? I got it and I followed below active directory query provided information for me in an easier way:

  •    Open Active Directory users and computer snap in.
  •      Right click the Saved Query and click New Query.
  •           A Query dialogue box will appear, and give a name to it ex: Querying the mail enabled public folderlist.
  •          Now click on “Define Query”
  •       In find list , select “Exchange Recipients” and click the check mark “Mail Enabled Public Folders”

  •   Click ok twice and done you will get the list of all mail enabled folders.