Convert from user mailbox to shared mailbox


From time to time i run into a little problem with the Office 365 Admin Center when trying to convert user mailboxes into shared mailboxes.
when this occours i usualy just use Powershell to convert the mailbox into shared mailbox.

To do this you have to connect your Powershell to the Office 365 tenant and run a oneliner for converting the mailbox.

Here is how to connect to Office 365:
Import-Module MSOnline
$O365Cred = Get-Credential “adminuser@YOURTENANT.onmicrosoft.com”
$O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection
Import-PSSession $O365Session
Connect-MsolService -Credential $O365Cred

When connected then use this single line to convert the mailbox:
Set-Mailbox “Your@mailbox.no” -Type shared

 

Detect and uninstall hotfixes


There seem to be a broken patch KB3159398 which was released this Tuesday, it breaks GPO processing which can cause a lot of headache!

Source: https://social.technet.microsoft.com/Forums/en-US/e2ebead9-b30d-4789-a151-5c7783dbbe34/patch-tuesday-kb3159398

I’ve made a script which lets you check if this hotfix is installed and also let’s you uninstall it. Replace the KBxxxxxxx with the KB number and run from elevated Powershell to see if it is installed. If you want the script to uninstall the hotfix silently, set $uninstall to $true.

$uninstall = $false # change to $true to uninstall hotfix
$hotfixID = ‘KBxxxxxxx’ #Hotfix KB-number to check, use ‘ quotation marks
Get-HotFix $hotfixID
if ($uninstall -eq $true)
{
Invoke-Command -ScriptBlock {wusa.exe /uninstall /KB:($hotfixID -replace ‘KB’,”) /quiet /norestart} #Uninstall quietly and does not prompt for reboot
}

 

Enable/disable Office 365 serviceplans


I was asked today how you can disable and enable individual features included in an Office 365 license (like Exchange Online, Yammer.. etc) from Powershell

Launch Powershell and log on to your tenant (connect-msolservice)

To see which features which is included in a license use the following code:

$lic = Get-MsolAccountSku | Out-GridView -OutputMode Single -Title “Select SKU to look up”
$lic.ServiceStatus

This will show a list of features and their status

Next, if you want to disable Exchange online for one specific user:

$skuid = Get-MsolAccountSku | Out-GridView -OutputMode Single -Title “Select SKU to edit”
$user = Get-MsolUser | ? {$_.isLicensed -EQ $true} | Out-GridView -title “Select user to modify” -OutputMode Single
$Disable_ExchangeOnine = New-MsolLicenseOptions -AccountSkuId $skuid.AccountSkuId -DisabledPlans “EXCHANGE_S_ENTERPRISE”
$Enable_ExchangeOnline = New-MsolLicenseOptions -AccountSkuId $skuid.AccountSkuId -DisabledPlans $null
Set-MsolUserLicense -UserPrincipalName $user.UserPrincipalName -LicenseOptions $Disable_ExchangeOnine

The sku must match the sku assigned to the user you want to change.

servicefeature

Then run this line in the same script to re-enable Exchange Online

Set-MsolUserLicense -UserPrincipalName $user.UserPrincipalName -LicenseOptions $Enable_ExchangeOnline

CMD line: add domain to local intranet zone


A quick way to add domains to a computers Local intranet zone is to run the following regs in cmd. No Admin rights needed.

REG ADD “HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\office.com ” /v https /t REG_DWORD /d 1 /f
REG ADD “HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\microsoftonline.com ” /v https /t REG_DWORD /d 1 /f

Azure VPN – Change Local Site Public IP


If a Clients Local site public IP changes the VPN tunel betwen Azure and the Local Site will disconnect. To fix this do the following:

Connect to Azure using powershell and run the following command:

New-AzureRmLocalNetworkGateway -Name LocalSite -ResourceGroupName [ClientRG] -Location ‘northeurope’ -GatewayIpAddress ‘[Public wan IP 2.4.6.8]’ -AddressPrefix ‘[LAN IP Net 192.168.1.0/24’

 

(Change the RG and Public wan IP and the LAN IP Net to the correct settings)

Office 365 Add calendar permissions with powershell


To add permissions on a Exchange Object in Office 365 using PowerShell the cmdlet set-MailboxFolderPermission or add-MailboxFolderPermission can be used.

In this example we add editor permissions for user2 to user1’s calendar. This will enable user2 to edit, add or delete content of user1’s calendar.

set-MailboxFolderPermission -Identity user1@domain.no:\calendar -user user2@domain.no -AccessRights Editor

Note: kalender is the Norwegian Word for Calendar

To bulk add all users in a Tennant as Reviewer to user1@domain.no’s calendar run the following cmdlet.

$Users = Get-Mailbox | Select-Object -ExpandProperty userprincipalname
ForEach ($user in $Users )
{
Add-MailboxFolderPermission -Identity “user1@domain.no:\calendar” -User $User -AccessRights Reviewer
}

For full details of this cmdlet:
https://technet.microsoft.com/en-us/library/dd298062(v=exchg.160).aspx

And for my original Source:

Add Calendar Permissions in Office 365 via PowerShell