Tag Archives: Exchange Online

New Azure AD PowerShell Module and Windows Server 2008 R2

A new version of the Azure Active Directory Module for PowerShell was released in mid September 2014.  You can find the link to it here…

http://aka.ms/aadposh

That’s great except if you are trying to install it on Windows Server 2008 R2.  If you read the link it looks like all you need is the version of .NET and PowerShell that comes with Windows 2008 R2 (3.51 and 2.0 respectively).

When you install the updated version of the AAD Module for PowerShell on a vanilla machine and launch it though you are greeted with this message…

AAD

That doesn’t look good!  I could never find any official support article but I found a couple of hints that it needed PowerShell 3.0.  So I installed Windows Management Framework 3.0 on my system and tested again and it worked.  You can download it here…

http://www.microsoft.com/en-us/download/details.aspx?id=34595

Note, if you are installing this on a production server, make sure you aren’t running any of the unsupported products listed under the System Requirements section.

Hope this helps!

Advertisements

Migrating Public Folders to Exchange 2013 / Exchange Online After Coexistence

If you are migrating from Exchange 2007/2010 to either Exchange 2013 or Exchange Online and your customer has Public Folders chances are you followed the following document from Microsoft for setting up coexistence with legacy Public Folders…

http://technet.microsoft.com/en-us/library/dn249373(v=exchg.150).aspx

Now you’ve completed moving mailboxes to Exchange 2013 (or Exchange Online) and you want to migrate Public Folders to the new system so you follow one of the following articles…

http://technet.microsoft.com/en-us/library/jj150486(v=exchg.150).aspx

http://technet.microsoft.com/en-us/library/jj983799(v=exchg.150).aspx

Life is good.  You run the command…

Set-Mailbox -Identity <Test User> -DefaultPublicFolderMailbox <Public Folder Mailbox Identity>

…against a test mailbox and successfully access Public Folders.  You think you are all set and run…

Get-Mailbox -PublicFolder | Set-Mailbox -PublicFolder -IsExcludedFromServingHierarchy $false

…but, then to your shock, nobody else can get to the recently migrate Public Folders.

The problem is caused by when you setup legacy coexistence.  As part of this process you ran the command…

Set-OrganizationConfig -PublicFoldersEnabled Remote -RemotePublicFolderMailboxes PFMailbox1

Your Exchange Organization still thinks it should direct Public Folder traffic to a remote Organization.  To fix this, run the following command…

Set-OrganizationConfig -PublicFoldersEnabled Local

It will take awhile to take effect but, once it does, you should see the DefaultPublicFolderMailbox automatically change for your mailboxes.  To check run the following command…

Get-Mailbox | FT Alias,DefaultPublicFolderMailbox

Office 365 PowerShell–The Two-Headed Monster

One of the best features in Office 365 is the ability to manage it via PowerShell.  However, currently there are two separate PowerShell interfaces into Office 365 depending on what you’re trying to do.  If you want to manage settings under the main Portal (think AD stuff) you connect via a PowerShell 1.0 interface requiring you to load tools on your local workstation.  If you want to manage things under Exchange Online you utilize PowerShell remoting which requires you to have nothing installed on your local system other than PowerShell 2.0.  Here’s the specifics for each method…

 

Portal PowerShell Administration

Prerequisites

  • Windows 7 or Windows Server 2008 R2
  • Windows PowerShell and the .NET Framework 3.5.1 enabled

Software to Install

  • Microsoft Online Services Sign-In Assistant – 32bit  64bit
  • Microsoft Online Services Module for PowerShell – 32bit  64bit

Connecting to the Microsoft Online Services Portal

  1. Click on Start > All Programs > Microsoft Online Services > Microsoft Online Services Module for PowerShell
  2. Run “Connect-MsolService”
  3. When prompted enter the credentials of an administrator account
  4. To get a list of all available commands run “Get-Command –Module MSOnline”

For a complete list of all commands and usage click on the following link…

http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh125002.aspx

 

Exchange Online PowerShell Administration

Prerequisites

  • Windows 7 or Windows Server 2008 R2 – No Additional Software Necessary
  • Windows XP SP3, Vista SP1, Server 2003 SP2, Server 2008 SP1 – See Below

Software to Install

Connecting to Exchange Online

  1. Click on Start > All Programs > Accessories > Windows PowerShell > Windows PowerShell
  2. The first time run “Set-ExecutionPolicy RemoteSigned”
  3. Run “$LiveCred = Get-Credential”
  4. When prompted enter the credentials of an administrator account
  5. Run “$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirection”
  6. Run “Import-PSSession $Session”
  7. To get a list of all commands run “Get-Command –Module tmp*”

For a complete list of all commands and usage click on the following link…

http://help.outlook.com/en-us/140/dd575549.aspx

Create Whitelists and Blacklists in FOPE

 

Creating a Whitelist

1. Click on the Administration tab

clip_image002

2. Click on the Policy Rules tab

clip_image004

3. Click New Policy Rule in the Tasks box on the right-hand side

clip_image006

4. Choose the appropriate Domain Scope. Set the Action to Allow. Enter the appropriate IP Addresses, Domains and/or Email Addresses you wish to whitelist. Items should be separated with a comma.

clip_image008

 

Creating a Blacklist

1. Click on the Administration tab

clip_image009

2. Click on the Policy Rules tab

clip_image010

3. Click New Policy Rule in the Tasks box on the right-hand side

clip_image006[1]

4. Choose the appropriate Domain Scope. Set the Action to Reject. Enter the appropriate IP Addresses, Domains and/or Email Addresses you wish to whitelist. Items should be separated with a comma.

clip_image012

Enabling Per-User Quarantines in Office 365

 

Enable Quarantining on Each Domain

 

1. Click on the Administration tab

clip_image002

2. Click on the Domains tab

clip_image004

3. Click on the Domain you wish to configure.

clip_image006

4. In the right-hand column click on Edit in the Quarantine box

clip_image008

5. Configure the settings as shown in the picture below and choose Save

clip_image010

6. Repeat the process for each Domain that you wish to setup

 

Create Quarantine for Each User

 

1. Click on the Administration tab

clip_image002[1]

2. Click on the Users tab

clip_image012

3. In the right-hand column click on Add User under Tasks

clip_image014

4. Type in the name of the user you wish to setup and click Save

clip_image015

5. Repeat this process for each User that you wish to setup

6. Note if you receive an error message stating that “The e-mail address already exists” when attempting to add a User and the User has administrator permissions in Office 365 follow the instructions at the link below.

http://support.microsoft.com/kb/2587698

 

Accessing User Quarantine

 

1. Log into Forefront Online Protection at https://quarantine.messaging.microsoft.com

a. Note: If you have trouble logging in, click on the Change Password link

clip_image017

b. Follow the link on the email you receive to reset your password

2. Once logged in you’ll see a window similar to this

clip_image019

3. Any message quarantined by the spam or virus filter will show up under “Junk E-mail”. Items quarantined by a Policy Rule

How to Login to Forefront Online Protection

 

Method 1

 

1. Browse to https://portal.microsoftonline.com and login with administrator credentials

2. Click on Manage under Exchange Online.

clip_image002[4]

3. This will open the Exchange Control Pane. Click on the Mail Control link on the left.

clip_image004[4]

4. Click on the “Configure IP safelisting…” link on the right.

clip_image006[4]

5. This will launch the Forefront Online Protection

 

Method 2

 

1. Browse to https://admin.messaging.microsoft.com and login with administrator credentials.

2. Note that while the administrator accounts are synchronized to FOPE the passwords are not the same. So, if you can’t login, click on the Change Password link.

clip_image008[4]

3. Follow the link on the email you receive to reset your password