AuthorJulian Rasmussen

Reset folder language to match Outlook Web Access language

So in the recent time i have been working with a customer to integrate Exchange Online mailboxes into a customer support application witch are using POP. The application throwed a error message:

02:47:34.513 Trc 21628 [MsgIn-2] <pop-client1> Mailbox account 'yourmailbox@domain.no'[https://outlook.office365.com/EWS/Exchange.asmx:443]: opening mail folder 'INBOX'
02:47:34.748 Std 21627 [MsgIn-2] <pop-client1> No INBOX Folder found on Corporate Email Server

This indicates that the software witch is polling emails need the inbox folder to be “Inbox” and not “innboks” (witch is Inbox in norwegian). So we need to change the default folders to match the language set in OWA.

  1. Logon to your account on outlook.office.com
  2. Head into to the Gear icon next to your profile picture in the top-right corner and in the bottom select: Your app settings-> Mail

3. Select General in the left pane and then click on: Region and timezone.

4. In language, set your language for OWA and check the checkbox witch also renames the default folders to match the selected language and hit the save button.

OneDrive for Business – Known Folder Sync fails

When activating Known Folder Sync in OD4B the sync never starts due to folders that cannot be synced.
These folders are Junction folders on the drive and needs to be deleted.

First do a dir in the users document folder and look for hidden files like this:
C:\Users\USER\Documents>dir /ah
Volume in drive C is Windows
Volume Serial Number is 903B-D31E

Directory of C:\Users\USER\Documents

18.04.2018 10.10 2 230 Default.rdp
26.09.2018 11.59 402 desktop.ini
26.09.2018 11.59 Intern video [C:\Users\USER\Videos]
26.09.2018 11.59 Min musikk [C:\Users\USER\Music]
26.09.2018 11.59 Mine bilder [C:\Users\USER\Pictures]
2 File(s) 2 632 bytes
3 Dir(s) 55 879 593 984 bytes free

Then delete the junctions like this:

C:\Users\ÙSER\Documents>rmdir “Intern video”
C:\Users\ÙSER\Documents>rmdir “Min musikk”
C:\Users\ÙSER\Documents>rmdir “Mine bilder”

Other files in conflict with the sync needs to be removed from the local machine before the cloud sync can start. Backup and move the files in case of future needs.

Happy OneDriving.

Nye sikkerhets tjenester i Microsoft 365 Business

Denne uken ble Microsoft 365 Business-lisensene oppgradert med en rekke nye sikkerhetstjenester som kan bidra til at ditt selskaps enheter og dokumenter blir håndtert på en forsvarlig og sikker måte. Funksjonene som fra og med denne uken er inkludert i Microsoft 365 Business er følgende:

  • Azure Information Protection P1
  • Azure Rights Management
  • Office 365 Advanced Threat Protection
  • Exchange Online Archiving for Exchange Online
  • Intune

Office 365 Advanced Threat Protection

Advanced Threat Protection (ATP) hjelper bedriften din mot sofistikerte og avanserte phishing og ransomware-angrep designet for å kompromittere ansattes eller kunders informasjon. Funksjoner inkludert:

  • Sofistikert skann av vedlegg ved bruk av Microsofts AI-drevne analyse for å oppdage og stoppe mistenkelige eposter.
  • Automatisk sjekk av URL/Web-linker i eposter for å analysere om de benyttes i et phishing- angrep. Hjelper alle ansatte med å stoppe tilgang mot utrygge nettsteder.

Exchange Online Archiving

Exchange Online Archiving-tjenesten muliggjør arkivering av e-poster. All epost blir arkivert ved denne tjenesten, også slettede elementer og sendte eposter. Bevaringsregler satt sentralt fra Exchange admin senteret, håndterer dataene dersom det er behov for å kjøre Litigation holds eller eDiscovery og er gjerne en funksjon som kreves for å møte samsvarskrav i større bedrifter.

Azure Information Protection (AIP)

Information Protection hjelper deg med å kontrollere tilganger til sensitiv informasjon i eposter eller dokumenter med ekstra kontroller som «Do not foward» eller «Do not copy». Du kan altså klassifisere sensitiv informasjon som «konfidensielt» og spesifisere hvordan klassifiseringen kan deles både innad i selskapet eller med eksterne. Azure Rights Management gir Azure Information Protection enterprise gradert kryptering enkelt etablert på dokumenter og eposter for å holde kontroll på klassifisert informasjon. Microsoft 365 Business innehar alle funksjoner som Azure Information Protection Plan 1 har.

Alle funksjoner av Intune

Ved å ta i bruk Intune med Microsoft 365 Business kan man fra nå av ta i bruk funksjoner som kan ta kontroll over MacOS enheter, iPhone og Android telefoner og avanserte enhets kontroll or Windows. Dette er tjenester som ikke har vært tilgjengelig i Microsoft 365 Admin grensesnittet. Funksjonene når man ved å aksessere Intune Admin senteret.

Keep private Teams private in Microsoft Teams

As of 23. of march 2018 all private teams will be searchable for all users.
Users can then apply for group membership.
If you have groups in your organization that you still want to keep completly private then the Office 365 unified group should be hidden from the Global Address List (GAL).

Run this Powershell command to hide it from GAL:

“Set-UnifiedGroup -Id “Groupname”-HiddenFromAddressListsEnabled $True”

RDP Scaling on high resolution screens

I have been running on a Surface book for the last couple of weeks and is very satisfied with the screen resolution on this machine. that said the operatingsystem is running on 175% zoom 🙂 but when using for example “Remote Desktop Connection Manager” to gain access to my servers i`m realy strugling since the resolution is set to 3000 x 2000. therefor i found this small hack to fix it.

  • uncheck this checkbox in compatibilities settings on the shortcut or exe-file

(PS: sorry for the norwegian screenshot:))

Add Azure AD user local Administrator group

Open CMD as administrator and run the command:
net localgroup administrators  AzureAD\UserName /add

Convert from user mailbox to shared mailbox

From time to time i run into a little problem with the Office 365 Admin Center when trying to convert user mailboxes into shared mailboxes.
when this occours i usualy just use Powershell to convert the mailbox into shared mailbox.

To do this you have to connect your Powershell to the Office 365 tenant and run a oneliner for converting the mailbox.

Here is how to connect to Office 365:
Import-Module MSOnline
$O365Cred = Get-Credential “adminuser@YOURTENANT.onmicrosoft.com”
$O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
Import-PSSession $O365Session
Connect-MsolService -Credential $O365Cred

When connected then use this single line to convert the mailbox:
Set-Mailbox “Your@mailbox.no” -Type shared

 

Detect and uninstall hotfixes

There seem to be a broken patch KB3159398 which was released this Tuesday, it breaks GPO processing which can cause a lot of headache!

Source: https://social.technet.microsoft.com/Forums/en-US/e2ebead9-b30d-4789-a151-5c7783dbbe34/patch-tuesday-kb3159398

I’ve made a script which lets you check if this hotfix is installed and also let’s you uninstall it. Replace the KBxxxxxxx with the KB number and run from elevated Powershell to see if it is installed. If you want the script to uninstall the hotfix silently, set $uninstall to $true.

$uninstall = $false # change to $true to uninstall hotfix
$hotfixID = ‘KBxxxxxxx’ #Hotfix KB-number to check, use ‘ quotation marks
Get-HotFix $hotfixID
if ($uninstall -eq $true)
{
Invoke-Command -ScriptBlock {wusa.exe /uninstall /KB:($hotfixID -replace ‘KB’,”) /quiet /norestart} #Uninstall quietly and does not prompt for reboot
}

 

Enable/disable Office 365 serviceplans

I was asked today how you can disable and enable individual features included in an Office 365 license (like Exchange Online, Yammer.. etc) from Powershell

Launch Powershell and log on to your tenant (connect-msolservice)

To see which features which is included in a license use the following code:

$lic = Get-MsolAccountSku | Out-GridView -OutputMode Single -Title “Select SKU to look up”
$lic.ServiceStatus

This will show a list of features and their status

Next, if you want to disable Exchange online for one specific user:

$skuid = Get-MsolAccountSku | Out-GridView -OutputMode Single -Title “Select SKU to edit”
$user = Get-MsolUser | ? {$_.isLicensed -EQ $true} | Out-GridView -title “Select user to modify” -OutputMode Single
$Disable_ExchangeOnine = New-MsolLicenseOptions -AccountSkuId $skuid.AccountSkuId -DisabledPlans “EXCHANGE_S_ENTERPRISE”
$Enable_ExchangeOnline = New-MsolLicenseOptions -AccountSkuId $skuid.AccountSkuId -DisabledPlans $null
Set-MsolUserLicense -UserPrincipalName $user.UserPrincipalName -LicenseOptions $Disable_ExchangeOnine

The sku must match the sku assigned to the user you want to change.

servicefeature

Then run this line in the same script to re-enable Exchange Online

Set-MsolUserLicense -UserPrincipalName $user.UserPrincipalName -LicenseOptions $Enable_ExchangeOnline

CMD line: add domain to local intranet zone

A quick way to add domains to a computers Local intranet zone is to run the following regs in cmd. No Admin rights needed.

REG ADD “HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\office.com ” /v https /t REG_DWORD /d 1 /f
REG ADD “HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoftonline.com ” /v https /t REG_DWORD /d 1 /f

© 2019 IdefixWiki

Theme by Anders NorénUp ↑