How to Fix Duplicate Exchange Guid Errors in Office 365

When you are migrating users to office 365 you can get a lot off issues. One of these issues is when you have duplication errors in your tenant. Duplicate Exchange online Guid Errors can can generate a lot of issues. Think about duplicate accounts or Mailusers are not removable.

When you see these issues you probably do not have a clue on what to do  but actually these issues are pretty easy to fix:

Fix Duplicate Exchange Guid Errors:

This fix contains a lot of powershelling to get the error hashes and data you need to perform the action to restore this. To perform these actions with ease i recommend you install the latest versions of Powershell before you continue and make sure you have the permissions needed to continue to Duplicate Exchange Guid Errors

(Get-MsolUser -UserPrincipalName affecteduser@domain.com).errors.errordetail.objecterrors.errorrecord| fl

Search in EXO PowerShell for the object that is using the mentioned EXchangeGUID or ArchiveGUID:

Get-Recipient -IncludeSoftDeletedRecipients ‘ExchangeGUID value’|ft RecipientType,PrimarySmtpAddress,*WhenSoftDeleted*

Once you found the object that is using this ExchangeGUID or ArchiveGUID, you have to purge it. When you purge it you have 2 options The softdeleted mailuser removal or Usermailbox removal.

1. If it is a softdeleted MailUser:

Remove-MailUser ‘ExchangeGUID value’ -PermanentlyDelete

2. If it is a softdeleted UserMailbox, run:

Remove-Mailbox ‘ExchangeGUID value’ -PermanentlyDelete

If this command fails due to mailbox being protected by hold, you have to disable the hold first(check if data backup is required):

Set-Mailbox user@domain.com -LitigationHoldEnabled $false -InactiveMailbox

If it turns to be an active mailuser/mailbox that is using this ExchangeGUID/ArchiveGUID, you need to evaluate the option to purge that user. Most of the time Purging is needed to continue with the actions.

Next step after purging.

After the faulty object has been purged from EXO, we need to fix the validation error by forcing the object provisioning:

Get-MsolUser -UserPrincipalName user@domain.com |fl *objectID*

Redo-MsolProvisionUser -ObjectId ‘paste the *objectID* value from above command’

Wait for 5 minutes and then run the next command, to confirm if your validation error is fixed:

(Get-MsolUser -UserPrincipalName user@domain.com).errors.errordetail.objecterrors.errorrecord| fl

Please follow and like us:
error

Office 365 Hybrid migration error: StalledDueToTarget_DiskLatency

The error that you get refers to : ‘StalledDueToTarget_DiskLatency’

StalledDueToTarget_DiskLatency

To be straight to the point this is an issue where you can do nothing about. Link
When you get the message StalledDuetoTarget_DiskLatency . This means that it has to do with the Exchange Online servers and not with the On-premises infrastructure, so there is nothing you can do locally.

In this case the only thing you can do is open a case with Microsoft. When you have done this ask them what can be the cause of this error from the target side (Office 365).

It would be a good idea to open a case with them mentioning the error (StalledDuetoTarget_DiskLatency) and ask them if they can perform a change that might improve the migration speed.

Click here to read other posts for more Exchange related posts.

Please follow and like us:
error

The Power of Enterprise Mobility Suite (EMS)

Microsoft Enterprise Mobility Suite (EMS) is set of tools including Microsoft Intune, Azure AD and Azure RMS to help you manage your mobile devices to control the mobilityof your users and customers. But where do you start?

Trying new technology is hard, particularly in Enterprise Mobility. Microsoft is the exception. With Enterprise Mobility Suite (EMS) you are up and running and trying mobility management in just a few minutes if you’re doing it right!

Enterprise Mobility Suite is a kind of group of mobility tools. As the name suggests Microsoft’s new and improved offering is a suite of often leading components, that come together.

“Where do I start with these tools?”

You’ll be set up in about 5 steps.

  1. Get a 30 day trial for Office 365(see below)
  2. Get a 30 day trial for EMS suite
  3. Synchronize an on-premises AD to Azure AD
  4. Configure mobile device authorities most of the time with a certificate
  5. Enroll a device
  6. And there you are

Microsoft has one place for user accounts: Active Directory.

One of the big benefits of EMS is that it doesn’t harm your identity strategy. You need Active Directory and with Enterprise Mobility Suite Microsoft safely extend your on-prem AD DS to the modern architecture  of Azure AD (you don’t need an on-prem AD as the solution is cloud stand-alone too).

The idea, of extending your on-prem AD to the internet, might sound daunting, but it really is a good idea. Because you are able to use your identities on lots of more places.

Office 365, Microsoft Intune and ANY apps you want can share your Azure AD. lots are built-in, out of the box (like Salesforce, Facebook, Box and Nomadesk)!

Manage Devices and Apps with Microsoft Intune

If identity is the fundamental of enterprise mobility management then device management is the first floor and application management is the second floor. Mobility management technology has evolved to deal with the newer challenges that mobility in today’s world faces.

You probably know of MDM – Mobile Device Management. MDM manages things like remote wipe, applying company policy I suppose an old school admin would see MDM as the Group Policy of the modern device world.

This type is the need to control what you need on a device. It’s an essential layer in today’s world. If you use Office 365 and or Azure, you want Microsoft Intune, no matter what device platform (Windows, iOS, Android).

Protecting Data with Azure Rights Management

Azure RMS will protect your data and only allow the people intended to have access to it under the right conditions. Protection has become much more important and easier to deliver.

Example: You install a Azure RMS Connector servers on-prem and your Exchange, SharePoint, and File Servers can be protected by Azure RMS. Besides that you can bring your own key and Azure will store your keys in a safe vault.

The Power of Tools

With the above you can do some amazing things. You can protect all your data on your OneDrive  and allow enrolled devices with MDM (Intune) to have access to the information where you have access to from any device.

In some situations EMS can help you out in the most worst case scenarios:

  • The user loses their device: You know that it protects the data at rest, even if you can’t remote wipe it.
  • If the user leaves the company: You can remove the apps and the data that the user was accessing and know they have no access to further data.
  • when the user sells their device without wiping it: You can block the devices access while leaving their access intact.

Quick Start trials

  1. Do you have an Office 365 trial? If not get one. If you do, make sure it’s still valid and then return to click Sign in.

Office 365 proberen

  1. Go get an Azure trial, or if you already have one you can just use that.
  2. Now go get a Microsoft EMS Trial, be sure to click the Sign in button and be signed in with your Office 365 trial. You can add EMS to your free Office365 Subscription.
Please follow and like us:
error

Setting up Shared mailboxes in Exchange online with Powershell

Often when you migrate users to Office365 you need to configure permissions for Shared Mailboxes. Bellow you find a small instruction on how to do this.

Connect to Exchange Online with Remote PowerShell

  1. Click Start
  2. Click Administrative Tools
  3. Right Click Windows PowerShell Modules and Run as administrator
  4. Set the Excution Policy on the local coputer
  5. Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
  6. Press “Y” for yes when/if prompted
  7. Specify remote credentials through a variable
  8. $cred=Get-Credential
  9. Enter your tenant admin account
  10. Enter password
  11. Set a session variable and connect to Exchange Online, enter command
  12. $s =New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $cred -Authentication Basic –AllowRedirection
  13. Import the session with the variable set in previous step.
  14. $importresults =Import-PSSession $s
mailboxes
mailboxes

Now you are connected to Exchange online with powershell.

Setup Shared Mailbox

The following section is copied from Microsoft. See this site for complete details. http://help.outlook.com/140/ee441202.aspx

After you create a shared mailboxes, you have to assign permissions to all users who require access to the shared mailbox. Users can’t sign in to the shared mailboxes. They have to sign in to their own mailbox and then open the shared mailbox to which they’ve been assigned permissions.

Here’s how to use PowerShell to create and configure a shared mailbox for the Corporate Printing Services department at Contoso Corporation.

Create a shared mailboxes To create the shared mailbox for Corporate Printing Services, run one of the following commands:

Office 365

New-Mailbox -Name “info” -Alias corpprint -PrimarySmtp info@yourdomain.com -Shared

Set-Mailbox info -ProhibitSendReceiveQuota 5GB -ProhibitSendQuota 4.75GB -IssueWarningQuota 4.5GB

 

Create a security group for the users who need access to the shared mailbox In the Exchange Control Panel, create a security group for the staff who need access to the shared mailbox for Corporate Printing Services.

  1. Select My Organization Exchange> Users & Groups > Distribution Groups > New.
  2. Specify a display name, alias, and e-mail address. In this example, we’ll use Info, Companygroup, and Info@yourdomain.com.
  3. Select the Make this group a security group check box.
  4. In the Ownership section, click Add to add an owner, if necessary.
  5. In the Membership section, click Add.
  6. In the Select Members page, select the users you want to add. When you are finished, click OK.
  7. On the New Group page, click Save.

Note After you create a security group, the membership is closed. When membership is closed, only group owners can add members to the security group, or owners have to approve requests to join the group. Additionally, only group owners can remove members from the security group.

 

Assign the security group the FullAccess permission to access the shared mailbox

To enable members of the Printing Services Staff security group to open the mailbox, read e-mail, and use the calendar, run the following command:

Add-MailboxPermission “info” -User Companygroup -AccessRights FullAccess

 

Assign the security group the SendAs permission to the shared mailbox

To enable members of the Printing Services Staff security group to send e-mail from the mailbox, run the following command:

Add-RecipientPermission “Info” -Trustee Companygroup -AccessRights SendAs

Note It may take up to 60 minutes until users can access a new shared mailbox or until a new security group member can access a shared mailbox

Please follow and like us:
error

My Onedrive for business can’t sync

My OneDrive for business can not synchronize with Office365. We know that an update to an document or folder can çreate an error in the sync. There are some problems with OneDrive where you are not authorized by your system administrator to solve this issue. If the problem is very harsh and you or the administrator want to resolve this issue you sometime need to create a call with the Office 365 support team.

Luckily there are plenty of things you can do with OneDrive Restore.

Actually, there are always a few things you already need to do and know before you sync using OneDrive for business.

Think of it as a URL that you enter when you search in your browser each / example is a folder, but if for example you have a file with the following name “a new way to sync Version 80/20 note.doc” this causes the same problems when you use the & sign the document will not synchronize and you get red crosses.

The complete list of characters that can not be used (in dutch only).

There is also a problem when a file is longer than 255 characters. This can happen when you have a file with only 10 characters, probably the file is in a folder within a folder, etc. for example “C: \ Users \ Documents \ private \folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\folder\note.docx”

Also, there is currently still a problem that your personal OneDrive exceeds 20,000 files. a smart temporary solution isto merge any files in a .zip file if you have for example a store with lots of files you used purely for backup, it is interesting to zip these files so that for example in 2000 become one file.

Please follow and like us:
error

Restore Office 365 Video Portal Hub

Office 365 changes al the time, I tried to see if I could Disable the Video Portal, to test what happens if you delete de Video Portals.

En my Tenant Admin for SharePoint settings I disabled the Video Portal:

Disable Office 365 Video Portal

I saw my Video app disappear from the App Launcher. Now it is time to delete the site collections.

So at this point I am a Tenant Admin, and I want to clean my Site Collections. The Video Portal creates a few SharePoint Site Collections and one of them is named Hub. This is the main Site Collection for the Video Portal where all your videos are shown.

So I Delete the Video Portal Hub Site Collection. and delete it from the Recycle bin.

Now it is time to recreate this Site Collection? I turned the Video Portal back on using the setting above. I hoped that it would recreate the Hub but that didnt help. Only the Video App in the launcher came back with a nice 404 Page Not Found

The Solution for this issue is to go to the url Bellow

Http://tenant.sharepoint.com/_layouts/15/videoredirect.aspx

This will recreate the hub Site Collection.

Please follow and like us:
error

How to check and set rights to your recently migrated content With Sharegate

In our last blog i showed you how you can migrate content between site collection. For my test  migrated some content from a users OneDrive to a Site collection of the department the user was in.

When i provided him with the information of the location of his content he notified me that he wasn’t able to see any of his content or documents.

So the first thing i thought ok probably the rights. But the thing was that the user created a subsite in his department where i had put his content. This means that the user is Site owner of that site. Then i realized we migrated his data from his OneDrive where only he had access to so i probably had to set the rights on the folders and content i had migrated.

Check permissions with the Sharegate Security and Management feature.

Go to Sharegate and select security. You will see the following options.

sec mngt1

Then select Check permissions.

sec mngt2

Select the group you want to check

*example
Owner
Publisher
Reader
Etc

Select your target Site, list or directory

sec mngt3

Press View to view the Permissions of that moment.

Set rights to a list or library within a Subsites

To set rights with the Sharegate security an management tool go to security and select add permissions.

sec mngt1

Again select the user or group which you would like to give permissions.

sec mngt5

Select the Role you want to give the user or Group

sec mngt4

Select the target where you want to give permissions

sec mngt3

In my case i selected both options

  • Cascade to children
  • Cascade to Content

I did this because i have one user who doesn’t have rights on his own migrated folder.

sec mngt6

Then press apply to set the permissions that’s it.

This feature i really dummy proof when you want to give easy permissions. Now you don’t have to got to the site, list or library to give permissions.

Source: Sharegate website

Please follow and like us:
error

Create an Office 365 Mailbox

Creating a mailbox in Office 365 involves signing into your Office 365 account. The following steps assume your organization has already signed up for Office 365 through the MicrosoftOffice 365 Fast Track enrollment website.

1) Sign in to your Office 365 portal at http://portal.microsoftonline.com.

Office 365 log in

Office 365 log in

2) Click Go to Users and Groups.

Office 365 - Users and Groups

Office 365 – Users and Groups

3) Click the + sign to add a new user.

Add New Users

Add New Users

4) Fill in the appropriate details for the user being added. See the following example then click on Additional Details.

Adding details for users

Adding details for users

5) Fill in the appropriate details for the user being added. See the following example and click Next.

Continuing to add details for users

Continuing to add details for users

6) Determine if the user will be an administrator. If yes, choose the administrator type. Here are some detail to assist with the correct selection.

Setting admin level access

Setting admin level access

  • Billing Administrator – Helps make purchases, manage Office 365 subscriptions, oversee support tickets and monitor service heath. This role will not be available if Office 365 was not purchased directly through Microsoft.
  • Global Administrator – Will give access to all administrative features. Note the individual that enrolls Office 365 for your organization will also be a global administrator.
  • Password Administrator – Applies to those individuals that will need to reset a password, manage service requests, and monitor service health. This is great for a Helpdesk or an organization’s Security Administrators.
  • Service Administrator – This role is great for managing service requests and monitoring service health. Also note, before this role can be assigned to a user, they much first have admin access to a service such as Exchange Online.
  • User Management Administrator – Another great option for help desk or security administrator access this role allows them to reset passwords, monitor service health, manage accounts, groups and requests. This role is unable manipulate other administrator accounts or create admins’ roles.

7) For this example we are creating a Global Administrator in the United States. An alternate email address must be specified, then click Next.

Creating a Global Administrator

Creating a Global Administrator

8) Choose the appropriate licenses the account will need. This link provides better insight into the many licensing options. For this example we will choose all the products available within the Enterprise plan. Click Next after making the selections.

Assigning appropriate licenses

Assigning appropriate licenses

9) Provide an email address to email up to five users the temporary password for this account. The password will also appear on the screen after clicking Create if sending the email is an option that will not be pursued.

Send Results in Email screen

Send Results in Email screen

10) Click Create another user if there are more to be created or click Finish if there are not.

Email Results and Create another user screen

Email Results and Create another user screen

Connect an Office 365 Mailbox to Microsoft Outlook (Outlook 2007 or 2010)

This next step assumes that your workstation already has the full Outlook 2007 or 2010 client installed on the PC.

1) Open your web browser.

2) Go to the following website https://login.microsoftonline.com.

3) Enter your credentials and click Sign In.

Office 365 Sign-in Screen

Office 365 Sign-in Screen

4) If this is the first time the user is signing into the account then the password must be changed. Fill in the appropriate information and click Save.

Update Password Screen

Update Password Screen

5) Once signed in choose Settings from the upper right-hand corner.

Settings

Settings

6) Next, choose Office 365 Settings.

Choose Office 365 settings

Choose Office 365 settings

7) If this is the first time that account is being signed into, all of the information about the account should be reviewed. This will be the information that was entered by the account administrator in Step 6 in the “Create a Mailbox” section. Once the information is verified, scroll down and click Save.

8) On the left-hand side of your screen click Software.

Install and manage software

Install and manage software

9) On the left-hand side of your screen click Desktop Setup. Please note, this document assumes that the full Outlook Client is already installed.

Select desktop setup

Select desktop setup

10) Click Setup.

Click set up

Click set up

11) After you click setup the automatic configuration will start however, when prompted, fill in the password for the account being configured.

12) A setup wizard will startup.

13) In this case we will only choose Microsoft Outlook and uncheck the rest. Click Continue.

Configure desktop applications and install updates

14) Next, Click Finish.

Click Finish to complete process

In this case the Wizard has determined that Manual Configuration will be required. In order to complete these processes, go to the section below which covers how to connect to the full Outlook 2013 Client. Also, if this wizard fails, please see the following troubleshooting document for additional information about the issue being seen.

Connect an Office 365 Mailbox to Microsoft Outlook 2013

This manual configuration can be used if the automatic configuration wizard determines your client requires a manual configuration for Outlook 2010 clients as well.

1) Open the Control Panel on the PC.

2) Double-click on the Mail applet in the Control Panel.

Mail appletMail applet

3) Choose Show Profiles.

Select Show Profiles

Select Show Profiles

4) Click the Add button.

Click the Add button

Click the Add button

5) Enter a profile name and Click OK.

Enter a profile name

Enter a profile name

6) Fill in the information for your Office 365 account. Please note, Internet access is required for this to work.

Add new account

Add new account

7) Once the account and password have been verified the screen will appear as shown below. Click Finish.

Click Finish

Click Finish

8) Open Outlook to start using your Office 365 account.

That’s all there is to it! You are now embarking on a journey to email in the cloud with Microsoft Office 365.

Please follow and like us:
error