Showing posts with label Office 365 Tips. Show all posts
Showing posts with label Office 365 Tips. Show all posts

How to Export Message Tracking logs from Office 365

Posted by Unknown on 07:40
12

     How to Export Message Tracking logs from Office 365


Moved your exchange organization to cloud ? it's good news :-) . You received most of your On-premise Maintenance & Staff cost for your Exchange server.

What about message tracking logs ? what if we need to trace a email or to submit a log report in any Audit. No worries in general Exchange online will store Message Tracking logs for 30 days, so if you want to keep your Message Tracking Logs for a long time , then you need to download regularly and keep them safely on any storage for future use:

The below steps will guide you to export the Message tracking logs from Exchange online to a CSV file.
  • Open Windows Azure PowerShell.

  • Now you need to connect to your Office 365 tenant to perform export, you can follow the below link to know how to connect to office 365 tenant.
  • .    Once the session got established please use the below command to export the Message tracking logs to a CSV file.

    Get-MessageTrace -StartDate "10/15/2014 00:00:00" -EndDate "10/31/2014 00:00:00" | Select MessageID,Received,*Address,*IP,Subject,Status,Size | Export-Csv 20130915.csv –NoTypeInformation

     Please Note: 
  1.      Logs will be saved in the directory from which you are executing the export command. 
  2.      Date's in above command should be selected based on your preferred days between which you want the logs.



Posted in , , ,

Outlook clients are still pointing to On-premise Exchange server - Office 365

Posted by Unknown on 13:34
33
    Office 365 Migration  - Internal Outlook clients are pointing to On-premise exchange server

The migration was completed successfully, all the MX and auto-discover records are set to office 365 in our DNS portal, We tested that the Outlook clients are connecting from outside the organization are able to auto-discover the mailbox settings and able to connect to their Office365 mailbox.

Now the problem started, when the on-premise users are trying configure their outlook client, it is routing to their On-premise exchange server.

What to do ? just two steps to go , to make sure your on-premise clients connect to their Office 365 mailbox.


  1. Create a CName record for Auto Discover in your internal DNS pointing to the office 365 auto discovery server created in your Public DNS portal.
                                                         Or
    From outside your on-premise network ping autodiscover.yourdomain.com ( Note: Yourdomain.com should be replaced with your organization namespace), note down the IP address it is pointing , then come back to your local DNS and create a A record pointing to the IP which you noted down. (autodiscover.yourdomain.com should point to the IP which was resolved during ping operation from outside network).
  2. Once one of the above record is created in your network, try to ping from your internal network and check if it is pointing to Outlook.com autodiscover server.
  3. Now you need to make your AutoDiscoverServiceInternalURI to null on your CAS server, use below command to make it null.

    Set-ClientAccessServer –Identity “your CAS servername” –AutoDiscoverServiceInternalUri $NULL
Noe go back and try creating the outlook profile again , now it should discover the Office365 mailbox server settings with out any issues.

Posted in , , ,

How to create users , Groups , Contacts after implementing Azure Active Directory Sync to Office365

Posted by Unknown on 10:28
11
                       Azure Active Directory Sync - Creation of new objects

Hey... Directory sync was implemented to Office 365 and you see everything is synced to your Office 365 tenant.

Now , you got a doubt whats next, how to manage and create the objects ? No worry its simple. :-)

Do it in your Active Directory and it will sync to your Office 365 tenant.


  • New User : If you want to create a new mailbox for your new employee, the first create a user account for the new employee in your active directory, it will get synced to your office 365 and once it is synced you can assign Mailbox license to this user and a new mailbox will get provisioned in Exchange Admin Center for this new user.


  • New Contact: Now you want to create a new contact in for mail contact purpose, no problem create a new SMTP contact in active Directory and it will sync to your contact list in Exchange Admin center.


  • New Group : Now be little careful in understanding this, their are 2 groups, Security group and Distribution group.
    Security Group: Security groups are for assigning permissions and these are not mail enabled. So you can create a security group in AD and it will be synced to your Office365.
    Distribution Group: If you don't have a exchange server in your On-premise and you want to create a distribution group in you AD and would like to sync it to office 365 their are few additional attributes you need to create for the Distribution group to make sure the group will sync to office 365.
    Please follow below article what to be consider to create a distribution group in AD and get that synced to Office365
    http://prakash-nimmala.blogspot.in/2014/10/distribution-groups-are-not-syncing.html

Posted in , , ,

Distribution Groups are not syncing with Azure Active Directory Sync tool - Office 365

Posted by Unknown on 10:15
13
                                     Office 365 - Distribution groups are not Syncing

Recently we have a Office 365 migration, where we implemented directory synchronization where we noticed that Distribution Groups created with in Active Directory are not syncing to office 365.

Finally we got a solution, if we create a distribution group with in the Exchange all the required attributes like Proxy Address, Display name , Mail etc are getting populated in the Distribution group object, however we don't want to use exchange because we are going to decommission the exchange server in future. The distribution group  created in Active Directory with out the involvement of exchange Or organization which don't have exchange servers will not populate these attributes in newly created distribution group.

So what are the attributes we need to look for ? Let us see below :

Name, DisplayName, ProxyAddress, Mail.

Yes , make sure the distribution group have following attributes , then your Distribution group will sync to Office 365 with out any issues, Let us see about these attributes and how to modify the Distribution group.

ProxyAddress: This attribute need to have to be in the format SMTP:newgroup@testdomain.com
DisplayName: This attribute should contain the name what you want to be appear.
Name: This is like an alias, so please take the first of of your email address before @ sign. ex: newgroup
Mail: This is the email address that you want to assign to the new group newgroup@testdomain.com

You can use the ADSIedit or also you can use the Attribute editor within the property of Distribution group for this purpose.

Have a good day , hope this save your time of further research.

Posted in , , ,

How to set an Office 365 user passwordto Never expire

Posted by Unknown on 09:49
0
                                  Office 365 User Password - Never Expire
This applies to Office 365 Enterprise or Office 365 Midsize organization.

 Let us see how can we set a office365 user account password to never expire, Firstly we need to connect to our office 365 Tenant account:
  1. Open Azure power shell, run as administrator.
  2. Type the below command to import the MSOnline module.
     Import-Module MSOnline
  3. Type the below command and it will prompt for your Office365 credentials. Enter the credentials once it is prompted and click Ok
    $O365Cred = Get-Credential
  4. Now type the below command to initiate a PSSesssion to your Office 365 tenant account
    $O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
  5. Now enter the below 2 command in the power shell.
Import-PSSession $O365Session -AllowClobber
Connect-MsolService –Credential $O365Cred

Now you can follow below commands based on your scenario,

 To set the password of one user to never expire, run the following cmdlet by using the UPN or the user ID of the user:

 Set-MsolUser -UserPrincipalName <user ID> -PasswordNeverExpires $true

 To set the passwords to never expire for all the users in an organization, run the following cmdlet:

 Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true

 To see whether a single user’s password is set to never expire, run the following cmdlet by using the user principal name (UPN) (for example, april@contoso.onmicrosoft.com) or the user ID of the user you want to check:

 Get-MSOLUser -UserPrincipalName <user ID> | Select PasswordNeverExpires

 To see the "Password never expires" setting for all users, run the following cmdlet:

 Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires

Posted in , , ,

Install Office365 Pro Plus\Office2013 using Click-to-Run installation

Posted by Unknown on 12:48
1

                  Click-to-Run installation of Office 2013 / Proplus


Click to run is a best approach of office installation, it is a mainly introduced to reduce the installation time as well as the the time taken to download of the software.

Let us see the step by step process on how to setup of New office with click to run.

  • Download the Office deployment tool from Microsoft website.
    http://www.microsoft.com/en-in/download/details.aspx?id=36778
  • Create a folder "Share" where you want to place the files and share this folder to every one.
  • Place the downloaded tool  into the above folder.
  • Double click on the tool and you will be asked to select a directory , now select the directory which you have created above.





  • Once you click on OK, you will see two files in the folder as below.

  • Now you need to edit the configuration.xml file, I will make this step more easier for you. You just open the configuration file in a note pad and remove every thing from it and place the below code.
<Configuration>

  <Add SourcePath="\\server\share\" OfficeClientEdition="32" >
    <Product ID="O365ProPlusRetail">
      <Language ID="en-us" />
    </Product>
    <Product ID="VisioProRetail">
      <Language ID="en-us" />
    </Product>
  </Add> 

   <Updates Enabled="TRUE" UpdatePath="\\server\share\" /> 

  <Display Level="Full" AcceptEULA="TRUE" />  

    <Logging Name="OfficeSetup.txt" Path="%temp%" />  

  <Property Name="AUTOACTIVATE" Value="1" />  

</Configuration>

  • In-place of source path , provide your share path and same in place of update path.
  • Now click save and close the file.
Now your configuration part is completed, now you need to download the Office software using the above configuration file and setup file.

For doing that follow the below process:



  • Once the download is completed, command will end. Now you have Office pro plus software ready for Network installation.
You can perform the installation of Office Proplus easily on a client machine, you need to execute below command to perform this:


Once you run the above command on the client machine, the installation will start as shown below


 Done, you have a click-to-run setup ready for starting your installation.

For Easy Administration purpose: As we know it is very tuff to go to each user machine and execute the above command to start the installation, for making the Admin life easy you can use put the command in a batch file and using group policy push the batch file as a start up script on all your domain computers this will install the office product easily on the domain computers without IT Admin intervention.

Hope you feel it easier now. :-) 

Posted in , , ,

Message Encryption On Office365

Posted by Unknown on 02:37
0
                           Office 365 - How to configure Message Encryption

Let us see how to enable the Message encryption on Office 365, you just need to subscribe for Microsoft Azure Rights Management.

1. Enable IRM Licensing:

  • Go to Office365 Admin portal and Service setting to enable Right Management service. Once you activated the right management the RMS should be activated for you.


  • When connected to Office 365 tenant, we need to set the RMS Online Key sharing location. Based on where your tenant is located run the appropriate command.

North America: Set-IRMConfiguration -RMSOnlineKeySharingLocation
https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc

European Union: Set-IRMConfiguration -RMSOnlineKeySharingLocation
https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc

The Asia-Pacific Area: Set-IRMConfiguration -RMSOnlineKeySharingLocation
https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc

  • Next step is to import the Trusted publishing domain , for that enter the below command:

    import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”
  • You are almost completed, now just activate the internal IRM Licensing by running below command.

    Set-IRMConfiguration -InternalLicensingEnabled $True
  • Test the IRM configuration and see if it is working.

    Test-IRMConfiguration -RMSOnline
You Overall test result should say that it is Pass.

You are now 1 step away for configuring a rule for message encryption

 2. Create a Transport Rule for Message Encryption

Here i am going to explain you how to create a rule to encrypt the message if sent to outside the organization and subject line on the email contains Encrypted Message Key word.
  • Login to Office 365 Admin portal and go to Exchange Admin control panel. 
  • Go to Mail flow and create a new rule.
  • Type a name to the rule you are creating and click more options.
  • Now apply a condition for that drop down the "*Apply this rule of " now select The Subject and Body contains , then select The subject includes any of these words.
  • Now enter a key word Encrypted Message and hit + symbol and click ok.
  • Add new condition and select the recipient is located and is external\internal and then Outside the organisation.
  • Now come to the *Do the following  select Modify the Message security and Apply Office365 message encryption
  • Click save.
Testing :

Open a new email and put the key word "Encrypted Message" which have defined in the rule previously

Type what ever you want in the body and enter an external recipient and hit send. they should receive you message in an encrypted way. 

Posted in , , ,

The migration service failed to detect the migration endpoint using the Autodiscover service - Office 365

Posted by Unknown on 11:40
3

                                         Migration Error - Office365


Started the Cutover migration and every thing went well for a day, all of the sudden started receiving the below error when migrating the mailbox data to Office365.

 Error: AutoDiscoverFailedConfigurationErrorException: AutoDiscover failed with a configuration error: The migration service failed to detect the migration endpoint using the Autodiscover service. Please enter the migration endpoint settings or go back to the first step and retry using the Autodiscover service. Consider using the Exchange Remote Connectivity Analyzer

 We verified that Auto-Discovery is working fine. :-)
No Issues with RPC-Over-HTTP.
We tested with Microsoft remote connectivity analyzer tool and every thing is OK.

 Auto Discovery test passed and RPC over HTTP test was passwed.

 But where was the issue ? No clue !

 How the objects are provisioned if the Auto Discovery is not working ? No answer ?

 Solution: After going a call with Microsoft, creating the migration batch manually solved the issue. 

 In this case auto-discovery test is getting success, but the not sure why it failing to connect the on-premise server for sometime.

 So if you face this issue, you create the migration batch  manually rather than using Auto Discovery to get the settings.

Comment your experience

Posted in , , ,

How to create a Generic password for all the office365 users

Posted by Unknown on 11:29
0
                            Create a Generic password for all the office365 users
If we go with a migration of 50 + or 100 + users, it would be difficult to distribute the password which were generated by office 365 directly during migration is a big head ace for the It departments.

So let us see a solution where we can set a unique password for all the office365 users and you can only achieve this using power shell

Before this you need to know how to connect to Office365 using PowerShell, my previous post speaks about this and below is the link for you.

http://prakash-nimmala.blogspot.in/2014/09/how-to-connect-to-office-365-using.html

Once you followed the steps mentioned in the above article, to connect to the Office365 using Powershell follow below instructions to set a generic\ Unique password for all the MSOnline users\O365 users.


  1. Once you connected your power shell to office 365, type the below command to see the list of MSonline users.
    Get-MSOLUser -All 
  2. Now type the below command to set the desired password for all the users
    Get-MsolUser -All | Set-MsolUserPassword -NewPassword E@syP@ss -ForceChangePassword $True >c:\Password.csv
The above command set the password as "E@syP@ss" for all the user account in your office365, and the attribute ForceChangePassword should be True, if you want to restrict users to change their password at next logon.

See how easy it is and provide your comment. 

Posted in , , ,

How to connect to Office 365 using Power Shell

Posted by Unknown on 11:15
1
                                         Connect to Office365 using PowerShell

You want to perform administrative tasks of office365 using power shell ? then you are at the right place now.

First you need to know, how you need to prepare your power shell environment to connect to O365 and let us see how.

The below are certain pre-requisites you need to follow to get your environment ready

Prerequisites:


  • Make sure you are running Windows 7 or above.
  • Make sure you have .Net framework 3.51 feature installed.
  • Install all the missing important windows updates.
  • Install the Microsoft online Services Sign-In Assistance.
  • Install Microsoft Windows Azure Active Directory module , you can get this from the below link . Choose appropriate version.
    http://technet.microsoft.com/en-in/library/jj151815.aspx
Once you meet all the above prerequisites follow the below steps to connect to office365.

  1. Open Azure power shell, run as administrator.
  2. Type the below command to import the MSOnline module.
     Import-Module MSOnline
  3. Type the below command and it will prompt for your Office365 credentials. Enter the credentials once it is prompted and click Ok
    $O365Cred = Get-Credential
  4. Now type the below command to initiate a PSSesssion to your Office 365 tenant account
    $O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
  5. Now enter the below 2 command in the power shell.
Import-PSSession $O365Session -AllowClobber
Connect-MsolService –Credential $O365Cred

You are now ready and your power shell has established the connection to your Office365 tenant successfully.

Comment on your experience.

Posted in , , ,

Configure an SMTP relay for Office 365

Posted by Unknown on 09:49
12
                           How can we Configure an internal SMTP Relay for Office 365 ???

Now we have a question in front of us, Ho! How can we Configure an internal SMTP relay for Office 365 ???

The Answer should start from why you need to configure an SMTP relay ? Let us come to the point, now a days most of the SMB customers are moving out their email environment to office365, but still their are many applications/devices which needs to send emails to users/admins etc.

I can give you an example on these scenario that, you might have scanners\copier where you need to send the scan document to respective or a particular email ID and their might be any backup application which needs to report the Job completion or job failed/warnings to the backup administrator through Auto configured email settings.

If you have a local/on-premise Exchange you can do this by configure internal email connector and asking the Application/Device to send the emails using on-premise exchange. But coming to cloud its completely different.

Every thing over the Cloud will go in a secured way, it wont directly accept the emails\request, Here it is time to introduce a SMTP relay server in your on-premise environment and instructing the "Application\Email enabled devices(Scanners) to send emails to internal SMTP Relay server where it will pass on the received emails to Office 365 servers in a secured way.
SMTP relay for Office 365
SMTP relay for Office 365
Step 1: Configure SMTP Server
Install the SMTP and all its dependency roles and features through  Server Manager.

SMTP and all its dependency roles


Step 2: Get the Office 365 SMTP Server Settings from Outlook Web App
  • Access the Outlook Web App, go to Settings, then click Options\See All Options.
  • In the left navigation pane, click Account, click My Account and in the Account Information area, click Settings for SMTP access.



  • Note down the SMTP settings.

Step 3: Configure the On-premise SMTP Relay:

  • Open IIS 6.0 Manager,  right click and  select the properties of Default SMTP Virtual Server.
  • Click the Access tab and then click on Relay.
  • In the Select which computers may relay through this virtual server area, click Only the list below, and then enter the IP addresses of the on-premises LOB devices and application servers that will relay through the SMTP server.
  • Now go to the Access tab, click Authentication, make sure that the Anonymous access check box is selected and then click OK.
  • Now click on the Delivery tab, click Advanced, and then, under Smart host, enter the fully qualified domain name (FQDN) of the SMTP server which we obtain in Step 2.
  • On the Delivery tab, click Outbound Connections. 
  • In the TCP Port box, type 587, and then click OK.
  • On the Delivery tab, click Outbound Security, and then follow these steps:
    > Click Basic Authentication.
    > In the User name box, type the user name of the Office 365 user account that you want to use for sending emails from LOB devices.
    > In the Password box, type the password of the Office 365 user which you have provided in above step.   
    > Select the TLS encryption check box, and then click OK.


    Now settings on Relay server properties are completed, comeback and expand Default SMTP Virtual Server, you will see Domains on left side navigation, right-click Domains > New > Domain and add the domain hosted in Office365.

    Example: Testwindow.com (or) *.com (or) *.Testwindows.com etc and many more based on your requirement.





 Now your SMTP Relay setup is ready and you can test this configuration by sending a test email to office365 user using Telnet.

I can explain it in next blog post,  how to use Telnet command to test email to Office365 using On-premise SMTP Relay.



Posted in , , , , , , ,

Subscribe to: Posts (Atom)

Total Pageviews

Popular Posts

Prakash Nimmala. Powered by Blogger.

Contact Form

Name

Email *

Message *