Month: August 2012

Managing EXO365 Mailboxes – User Removal versus License Removal

Posted on Updated on

For Exchange Online 365 Messaging administrators, you may find that when an Exchange license is removed for an online user, the users mailbox is no longer available.  This is due to the user loosing their Messaging license and is by design.  There is also another scenario where a user is deleted, either in on-premises Active Directory with DirSync synchronizing this delete, which in turn removes the users mailbox.

Note – Mailboxes are maintained within Exchange Online 365 for 30 days before being purged, so if you are in one of these scenarios, the following will help explain how you can mange this:

Removed Users

Whether through On-premise deletion disablement or moved out of scope (DirSync Filtering), ECP mailbox deletion, Remove-Mailbox or Office 365 Portal.

  • These will be soft deleted and show up in ECPs Deleted Users as well as Office 365s Deleted Users UI and should be recovered through O365 Deleted Users UI
  • See http://onlinehelp.microsoft.com/en-us/office365-enterprises/hh534386.aspx for more details
    •  Note that if the user deletion originated on-premise through DirSync then recovery must originate there as well.

 License Removal

Managed through Office 365 Portal or O365/MSO PowerShell

  • This results in a “disconnected mailbox” this state is not viewable in any UIs the user looks like a standard User or MailUser.
  • Re-assigning the License will “reconnect” the mailbox automatically within 30 days, with the following caveats.
    • Up until late July or early August 2012, any unlicensed Shared/Resource/Room mailboxes would not be automatically re-connected upon re-licensing.
      • This has been remedied by blocking the disablement of these mailbox types on license removal so now when you remove a license for these “free” mailboxes the mailbox remains intact.
  • If an online user’s MailboxGUIDId does not match the online mailboxes GUID then automatic reconnection will not happen.
    • This was a bug, most typically exposed post v1 (BPOS) to v2 (Office 365) migration but other cases could expose it as well, bug is fixed pending deployment.
      • This issue can be solved by clearing the mailboxGUID value for the on-premise user, forcing a DirSync update and then adding the Exchange license.  Once done, the MBX should reconnect.

Office 365 Directory Synchronization Resources

Posted on Updated on

For those Office 365 Directory Synchronization administrators, here is a listing of Administration, Configuration and usage articles, links, lists and locations to help you in this endeavor:

Resources

Lync Online Conferencing – Web Scheduler Available

Posted on

For those using Office 365 Lync Online Services, who need to schedule meetings but are not using Outlook 2007/2010 or 2011 for Mac, you can use the “Web Scheduling” services to get these meetings created.  Outlook is typically used, via the Lync 2010 Client Outlook Add-In, to create these Lync Online Conferences.  However for users using OWA and/or not using Outlook, you can use the Lync Online “Web Scheduler” to create these meetings.

Resource

Lync Online Web Scheduler:  https://sched.lync.com

 

Sample Web Scheduler – Create Meeting

BPOS & Powershell User Password Management

Posted on Updated on

  For BPOS administrators who like to use PowerShell, specifically for password management, you may have found that certain PowerShell commands work while others do not.  Specifically there are different parameters that can be used to check for whether a user has changed their Password since xx/xx/xxxx and perform certain tasks, such as setting the password and/or forcing the user to change their password at next logon.

For example, if you use the following command you will find that the PowerShell command states that the parameter -Password is missing and must be included in order to properly run:

Failure

  • Get-MSOnlineUser -Identity testuser@domain.com |Set-MSOnlineUserPassword -ChangePasswordOnNextLogon $true

However if you run the Set-MSOnlineUserPassword separately you CAN use the -ChangePasswordOnNextLogon without needing to use the -Password parameter, thereby not needing to change the password, but instead simply force the user to change the password the next time they login to BPOS Services:

Success

So if you simply need to force users to change their password at next logon, use the above PowerShell command against BPOS.  However if need to change the users password in addition to forcing a password change, the Get & Set commands can be used together to perform this task.  Just make sure you use the -Password parameter when performing this particular task.

Hope this helps!

…..Ryan

Preparing PCs for Use in Lync Online 365

Posted on

For admins who must update their client PCs with the Lync 2010 client, they have questions regarding how the existing BPOS Office Communications Online (OCO) registry settings will be managed and possibly cause connection problems with the Lync client.  Since BPOS manually configures Outlook, Communicator and other applications, Communicator is hard-coded to point to BPOS OCO for connectivity.

Managing IM Client Connection Settings

  1. Use the O365 Desktop Setup tool, which deletes these manually configured BPOS OCO registry entries and sets the client to use automatic configuration.
    1. This option assumes the Lync AutoDiscover DNS records are in place.
  2. Don’t use the O365 Desktop Setup tool, and edit these registry keys manually to point to the O365 Lync Online servers.
    1. You would point the internal and external server to sipdir.online.lync.com:443

Tired of Different Online Identities Following you Around?

Posted on

When using Office 365 and initially connect into Office 365 services, whether that is the Microsoft Online Portal, OWA, SharePoint, etc, that identity is cached within iexplorer.exe, across all instances of IE, across each of the tabs.  So if you attempt to login to Hotmail, for example, your Office 365 Identity will be presented, as it is cached, and will fail to open your Live services, such as Skydrive, Hotmail email, etc.

Internet Explorer has an “InPrivate” setting which gives you an additional session, but you may need more than two IE’s or Tabs using different Identities.  To use more multipleidentities you can use This article, which explains how you can use Firefox to set up infinite sessions using separate Identities.   You can now be logged into multiple online tenants simultaneously, while keeping each of the identities separate.  Note – Office 365 does support Firefox.

You can use the below information to create a .vbs file, and pin to Taskbar, Start Menu or Desktop and when run, will launch 3 separate versions of FireFox, each able to maintain their own session and identity:

Dim objShell
Set objShell = CreateObject("Wscript.Shell")
objShell.Exec """C:\Program Files (x86)\Mozilla Firefox\firefox.exe"" -no-remote -P ""Session1"""
objShell.Exec """C:\Program Files (x86)\Mozilla Firefox\firefox.exe"" -no-remote -P ""Session2"""
objShell.Exec """C:\Program Files (x86)\Mozilla Firefox\firefox.exe"" -no-remote -P ""Session3"""

Connecting into Office 365 through Outbound Internet Authenticating Proxy

Posted on Updated on

Working in Office 365 with PowerShell gives you the option to manage your Online Tenant in a variety of ways, such as the Microsoft Online Directory Services (MSODS), working with users and security groups and Exchange Online (EXO365) for mailboxes, contacts and distribution groups.  If you are using an Outbound Internet Proxy Server which requires authentication in order to access the internet, you can use the following approach within your PowerShell commands to properly authentication and establish your connect, to either MSODS or EXO365:

PowerShell Example

Set the proxyaccesstype and proxyauthentication to the new-pssession variable and then pass the parameter to the new-pssession for connecting to the tenant. This will configure your PowerShell connection to go through your Oubound Internet Proxy server and provide the needed authentication to access your Online Tenant.

As you can see in the first bullet point, the $proxyOption is pulling your Outbound Internet Proxy settings from your Internet Explorer configuration, citing Basic authentication to be used during the connect.  In order to use the above information, which are commands to connect into Exchange Online 365, you will need to connect via PowerShell to EXO365.  The connection strings are located here:  http://help.outlook.com/en-us/140/cc952755.aspx.  Note that this information showcases the steps needed to establish a connection, while the below is used to introduce additional parameters/variables, allowing you to work with an Outbound Internet Authenticating Proxy.

  • $LiveCred = Get-Credential [enter your GA credentials]
  • $proxyOption = New-PSSessionOption -ProxyAccessType IEConfig -ProxyAuthentication basic;
  • $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection -sessionOption $proxyoption;
  • Import-PSSession $Session

The -sessionOption parameter allows you to then bring in the earlier defined $proxyOption variable to connect to your Oubound Internet Proxy server and pass the needed authentication.  The rest of the commands are specific to connecting to the EXO365 PowerShell endpoint!

References

In order to use the above information, which are commands to connect into Exchange Online 365, you will first need to establish