If Android won’t send to on-prem Exchange, try setting the LAN-local domain as the default domain in Organization Configuration, Hub Transport, Accepted Domains.
Android won't send to on-prem Exchange
article #954, updated 20 days ago
Office 365 Client and Network Support Tools
article #952, updated 20 days ago
We now have the Office 365 Support and Recovery Assistant for client software support, and also the Microsoft Office 365 Client Performance Analyzer Office 365 Client Performance Analyzer for network performance issues.
Choose source of Windows Updates in Labtech
article #951, updated 27 days ago
In an object, under Commands, SystemTools, and then WindowsUpdateSettings, one can set the source of Windows Updates.
Restrict access to Exchange/EOL to select list of devices
article #950, updated 29 days ago
Here is a way:
syncthing on CentOS 7 and multiple Fedora versions
article #948, updated 30 days ago
After scouting a rather large number of potential sources, this one is working extremely well; download the .repo file for your OS and put it with the rest, and you’re in with yum or dnf!
Microsoft online services: FQDN firewall openings
article #947, updated 32 days ago
Some firewalls have FQDN capability (e.g., Watchguards), which makes rule creation far easier for a behemoth like Microsoft Office 365 and all of its related services. The info here is condensed from here. I have omitted a very few items (e.g., port 25, and *.msn.com) for reasons which I hope are reasonably obvious.
Create one rule with these ports:
50000-59999, TCP and UDP
to the following list of locations, and it is done.
*.office365.com *.office.com *.office.net *.microsoftonline.com *.msocdn.com *.microsoft.com *.live.com *.onmicrosoft.com *.msedge.net *.aadrm.com *.azurerms.com *.virtualearth.net *.cloudapp.net *.visualstudio.com *.windowsazure.com *.cloudappsecurity.com *.microsoftonline-p.net *.microsoftonline-p.com *.msecnd.net *.azure.com *.msft.net *.outlook.com *.azurewebsites.net *.lync.com *.trafficmanager.net *.skype.com *.skypeforbusiness.com *.sharepoint.com *.sharepointonline.com spoprod-a.akamaihd.net *.aspnetcdn.com *.onenote.com *.onenote.net *.yammer.com *.yammerusercontent.com ajax.googleapis.com *.cloudfront.net *.edgesuite.net *.edgekey.net *.sway.com *.sway-cdn.com *.sway-extensions.com ms.tific.com *.apple.com auth.gfx.ms view.atdmt.com *.msecnd.net m.webtrends.com *.getmicrosoftkey.com
Copy an Exchange Online Mailbox to Another, in PowerShell
article #946, updated 35 days ago
This method copies an entire mailbox, including all folder structure.
First of all, if it has not been done before, we need to set up permissions for a primary EOL admin user, to be able to use Search-Mailbox. At this writing, it does not come by default to EOL administrators, and is not even available as a visible role in the EOL permissions console, until the below was done. Here is what was necessary, because a user cannot elevate itself:
- Give a second user the administrative role, using the EOL console
- Connect PowerShell to EOL by the second user
- Run the following using the PowerShell connection:
New-RoleGroup -Name "Exchange Mailbox Import Export" -Roles "Mailbox Import Export" -Members firstname.lastname@example.org -DisplayName "Exchange Mailbox Import Export"
- Next we need to give the same primary admin user, the “Discovery Management” role. For this we do go into the EOL console, under Permissions and Admin Roles, and add the primary admin to the “Discovery Management” role.
Now that permissions have been established, we can do the job:
- Close the above PowerShell instance entirely, because it is not using the proper user
- Start up a new one connected as the primary admin
- Run the below:
Search-Mailbox -Identity email@example.com -TargetMailbox firstname.lastname@example.org -TargetFolder "Copied from mailbox_to_be_copied"
If EOL is working well when you start this, it will run until complete, it may take quite a while though. It will make a copy of mailbox_to_be_copied underneath a folder it will create within destination_mailbox, called “Copied from mailbox_to_be_copied”.
And don’t forget to delete or revert the secondary admin afterwards!
Use -DeleteContent with Search-Mailbox in Exchange 2013
article #936, updated 36 days ago
Search-Mailbox is a great method in Exchange 2013/365 to do searches, moves, cleanups, etc., but in Exchange 2013 one does have to have special privileges to use -DeleteContent, and they are not built-in. Info is here:
Once you set up the permissions, you can delete all of the recoverable email (the emails deleted from Deleted Items still being held):
Search-Mailbox -Identity username -SearchDumpsterOnly -DeleteContent
To set up the permissions, do the below:
New-RoleGroup -Name "Exchange Mailbox Import Export" -Roles "Mailbox Import Export" -Members "<domain\groupname>" -DisplayName "Exchange Mailbox Import Export" -Description "This group will provide access to mailbox import and export cmdlets within entire Exchange Organization." New-RoleGroup -Name "Exchange Support Diagnostics" -Roles "Support Diagnostics" -Members "<domain\groupname>" -DisplayName "Exchange Support Diagnostics" -Description "This group will provide access to support diagnostics cmdlets within entire Exchange Organization."
Connect PowerShell to Exchange Online
article #931, updated 36 days ago
The whole canole at once:
Set-ExecutionPolicy -Force Unrestricted $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session
which breaks down as follows:
- First set your local machine to run scripts, if you haven’t already:
Set-ExecutionPolicy -Force Unrestricted
- Then set up your Exchange Online connection, it will create a popup to ask for administrative login — email address — and password, this is one single command line:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
- And then engage the connection for use:
Fairer distribution of site Internet bandwidth, via Watchguard
article #945, updated 42 days ago
What will help is a “Per IP Address” type traffic management policy, in Setup / Actions / Traffic Management in WSM, using zero for maximum, 256 for “Maximum instance” (this is the number of IP addresses according to the documentation), and most significantly a low “guaranteed bandwidth” calculated by a formula at or close to this:
(TotalInternetBandwidth ÷ TotalDHCPLeases) X 0.8
The static multiplier from 0.8 to 0.5 or even less depending on situation, but done properly it will keep everyone working.