Monday, December 29, 2014

Quick Tour and Review of Office 365 - Garage Series Video !!!

Office 365 has evolved much more in this year 2014 and as a year end wrap up spend some time and watch this latest Garage series video where Jeremy Chapman, Director Office 365 is joined by Office 365 General Manager, Julia White and provides some great insight on Office 365 and  give a lightning tour and review of the latest Office 365 innovations.


Access the video here: Quick Tour and Review of Office 365

Friday, December 19, 2014

Datacenter changes for Office 365 an Heads Up!

Microsoft team is now building new DataCenters for Office 365 across the globe for better performance and expand the service. Once these new DataCentres are setup in a specific region Microsoft team will start to notify tenants that will participate in the move to the new DataCenters in advance with set of vital instructions to follow during the activity, Since this is a DataCenter move during the cut over phase there will be some impact to the Office 365 services.


To know more on this topic Microsoft Office 365 team has published the below TechNet post recently explaining the background of this process and what to expect during this activity in detail.

Below is the extract from the post explaining things in a nutshell.



Review the FAQ section in the post to get your queries clarified.

Since user services are impacted review the Before your datacenter move, During your datacenter move and After your datacenter move articles clearly and send user communication on time and set exceptions to the end users to avoid support calls to your support teams. Also contact Microsoft support to get things clarified if you have any queries un answered with the available resources and utilize the trial if you wish to check things in the new region before the move. Finally, if you really want to stay as is and stop the move contact Microsoft support and update them timely as explained in the post.


Friday, December 12, 2014

Azure AD News - Year End Wrap up !!!

Microsoft team is consistently enhancing Microsoft Azure platform rapidly with rich set of features making it robust and the most prominent cloud platform in the IT Market. To add more to this Microsoft team made some significant announcements recently before concluding this year for Azure AD.


More information on this topic is covered in the below referenced Active Directly Team Blog post and its a must one to review to stay updated with new Azure features which eventually benefit Organizations to plan for some good moves in the next year.


This blog begins with the great news from Microsoft Team that over 4 million organizations are using Azure AD and it has completed 1 TRILLIONTH authentication.

Below is the extract from the blog post to know things covered inside in a nutshell.

  • Generally available (GA) as of today:
  • Password write-back in Azure AD Sync: Users can now change their passwords in the cloud and have the change flow all the way back to your on-premises AD.
  • The Azure AD App Proxy: This proxy makes it easy to give your employees secure access to on-premises applications like SharePoint and Exchange/OWA from the cloud without having to muck around with your DMZ.

And in public preview:

Question based security gates for use in password resets

Admins can add their own password SSO based SaaS apps to Azure AD

And probably the most exciting news of all - Administrative Units (AUs). AU's are like OUs modernized for the cloud. They let you sub-divide your Azure Active Directory, enabling the separation of administrative duties and policy creation across a large company.

Finally we are making Azure AD Premium available for direct online purchase, using a credit card, in the Office 365 admin portal (you do not need to be an existing Office 365 customer to buy).

Access the Blog post here : Wrapping up the year with a boat load of Azure AD news!

*Additionally review the below awesome blog post from Perficient on Azure enhancements.

Access here: 10 Best Microsoft Azure Features For 2015

*One more excellent Blog post on the topic below

Access here: Microsoft Azure Review of 2014

MAPI/HTTP Support now available for Outlook 2010 Client

Microsoft team recently released the new Hotfix that enables MAPI / HTTP support for Outlook 2010 client, earlier this year Microsoft promised that this will be added to Outlook 2010 client and now this feature is made available and there is no much Official announcement on this topic and soon we can expect this to happen with real time updates.


More information on this topic is already available in the below EHLO Blog post and as stated inside, Office 365 customers are not required to do any server side changes and all they need is to have the supported client to connect to the service to get this feature to work provided this feature is enabled for the tenant from Microsoft end which is already in process as the roll-out begin by this May 2014.

Outlook Connectivity with MAPI over HTTP

Execute the below cmdlet to validate whether this feature is enabled or not if it shows as True then you are all set to install the hotfix by requesting it as guideline in the knowledge base article and proceed with the next steps.





Download the Hotfix here: Hotfix KB2899591 for Outlook 2010 December 9, 2014 (Outlook-x-none.msp)


Update: Hotfix pulled back due to installation issue

Stay tuned for more updates...

Thursday, December 11, 2014

Office 365 Identity Management New MVA Course

Identity Management is critical with any Environment and when it comes to Office 365 its one step ahead than traditional management and Microsoft team is constantly doing more innovations under this area and this is evident from the recent enhancements like new AAD Sync Tool release, DirSync Password Sync as a backup for ADFS etc. and much more yet to come in the Road-map.


Understanding Identity management is vital for every Administrator and to add to the list of resources available for learning more on this part, now Microsoft team recently released a new Microsoft Virtual Academy Course titled Office 365 Identity Management presented by Microsoft Experts in this area.

This now adds more value to Microsoft Office 365 Learning Experience wherein  now we have real-time training sessions from experts available under one roof in MVA website to know more and do more with Office 365.

Access the course here: Office 365 Identity Management 

Review my Office 365 section in the blog to access few more resources available on the Identity management topic for better understanding and  deep dive experience.

Tuesday, December 09, 2014

Take a Tour to Azure Data Center

Microsoft has built an excellent unimaginable Data Center for Azure, and this visual tour takes you to the journey to visit the environment virtually and a good one to experience.



Begin your Tour here: Tour to Azure Data Center

Access the below link to see the  Azure Services availability by region



Azure Services by region

Video calling between Skype and Lync available now !!!

I am writing this post a bit late, Today got the opportunity to share this great news through this post, the long awaited Video calling feature between Skype and Lync now available adding more value to Skype-Lync integration, there are few limitation exist but still this is great feature in first place and through this once again  Microsoft proved that they are keeping their promise for customers.


More information is available in the Official Office blog post below.

Video calling between Skype and Lync available now

Additionally refer the Redmond Magazine post below to know more.

Microsoft Enables Lync-to-Skype Video Calling

Update:

Video calling between Skype and Lync is temporarily disabled - Jan 2015

Update:

Skype & Lync Video Calling is working again with new Skype Build

Exchange Server Updates now Available !!!

Microsoft team released the updates for Exchange Server 2013, 2010, and 2007.  These updates were delayed earlier and now available publicly.


Below are the list updates released and now available in Microsoft download center.

Exchange Server 2013 Cumulative Update 7
UM Language Packs for Cumulative Update 7
Exchange Server 2010 SP3 Update Rollup 8
Exchange Server 2007 SP3 Update Rollup 15

Also new security updates are released for Exchange Server 2013

Access the EHLO Blog post to know more :  Exchange releases: December 2014

As usual test this in your Lab Environment and proceed with your production roll-out.

Update: Microsoft pulls Exchange 2010 SP3 RU8 due to MAPI RPC bug affecting Outlook client connectivity. EHLO blog post is updated with this new notification. Microsoft recommend to revert to RU7 if already installed this update and hold new installations till the new fixed build gets published.


Update: Microsoft reissued RU8 V2 on 12/12 fixing the bug identified with V1 and now available for download under the same location.

Success with Enterprise Mobility Webcast Series

Microsoft team is launching the new webcast series from today Dec 9 2014 one event every month through March 2015 to know more on the latest innovations with Microsoft Enterprise Mobility and its benefits get ready to block your calendars.


Event Schedule:

December Webcast

Date: December 9 | Time: 10:30am - 11:30am PST

How do I make e-mail and Office secure on mobile devices?

Featuring: Brad Anderson (Corp. VP) and Kirk Koenigsbauer (Corp. VP, Office 365)
Moderated by: Stacy Crook, Research Director, IDC

January Webcast

Date: January 13 | Time: 10:30am - 11:30am PST


Do I really need an integrated approach for mobility instead of compiling point solutions?


Featuring: Brad Anderson (Corp. VP) and Michael Wallent (Dir. of Program Mgmt., Intune/SCCM)
Moderated by: Stacy Crook, Research Director, IDC

February Webcast

Date: February 3 | Time: 10:30am - 11:30am PST


How do I know when I’m under attack – and then what do I do?


Featuring: Brad Anderson (Corp. VP) and Alex Simons (Dir. of Program Mgmt., Active Directory)
Moderated by: Christian Kane, Mobile Analyst, Forrester Research

March Webcast

Date: March 3 | Time: 10:30am - 11:30am PST


How do I protect my data wherever it goes?


Featuring: Brad Anderson (Corp. VP) and Alex Simons (Dir. of Program Mgmt., Active Directory)
Moderated by: Christian Kane, Mobile Analyst, Forrester Research

Access here to know more and RegisterSuccess with Enterprise Mobility

Wednesday, December 03, 2014

Thursday, November 27, 2014

Integrate Lync with Your Avaya Environment - Webinar

Get ready to attend the next upcoming webinar from Perficient,Inc. on Integrating Microsoft Lync with Avaya to take your end yours Telephony experience to the next level if you use both of these products within your Organization.


This session is scheduled for Wednesday, December 3, 2014,1:00 p.m. CT and presented by Keenan Crockett MCM, a senior solutions architect and Lync team lead, and Jason Sloan MCM, a lead technical consultant, will be covering a variety of topics, including:
  •     How to plan for audio conferencing
  •     Click-to-call functionality
  •     Lync softphone/hard phone options
  •     Simultaneous ringing endpoints
  •     Importance of voicemail
  •     High-level understanding of Lync call admission control planning

Review this Official Blog post from Perficient to know more : Upcoming Webinar: Integrate Lync with Your Avaya Environment

Identity Management Is Easy in Office 365

Today spent some time in watching Teched Europe 2014 videos and came across various excellent recorded sessions and each are best at explaining each important aspect of the Microsoft Technology. As usual I started with Office 365 Sessions and found the Identity Management Session by Paul Andrew Technical product manager from Office 365 team is really an awesome session explaining the current Identity Models available with Office 365, the session is bundled with rich information on Identity Management covering all aspects of each Model in detail and provides viewers with adequate knowledge to choose the best one for their requirement.



I am writing this post today to share this to learning to readers and refer them to view this must watch video session available on demand from Channel 9 and get to know more on Identity Management with Office 365.


 Access the session here: Identity Management Is Easy in Office 365

Sunday, November 23, 2014

New Update for Yammer Sign-in !!!

I am writing this post with reference to the latest announcement made by Microsoft team on new Yammer Sign-in feature which allows users to access Yammer with their Office 365 credentials and to work across Office 365 applications with ease. This is a great milestone on the Office 365 roadmap for Yammer



Many Organizations adopted Yammer and started to use this as their Official Enterprise Social networking medium and this new feature adds more benefit for customers to access yammer with a single Login with their Office 365 Credentials and switch between Yammer and other O365 Applications at ease.

Microsoft team updated that Office 365 sign-in for Yammer will follow a phased release schedule between December 2014 and March 2015.

Below are the two key requirements for this feature to work,

  • Yammer Enterprise is activated in a network’s Office 365 Admin Center
  • Yammer single sign-on (SSO) is not enabled.

Yammer SSO is still enabled by most of the Organizations, where the relaying party trust setup between Yammer and ADFS making the SSO to work smoothly, but still we have dependency on Token Sign-in cert renewal and regular federation metadata updates with Yammer Service, failing on this part affects Yammer Login and also when you are enabled for this SSO model this new feature will not work because when we go for this new Sign-in mode we are now dependent on the same Office 365 Sign-in credentials\Identity and not a separate identity as with SSO for Yammer.  For normal Organizations who does not have complex requirements this new feature is a good option to make a switch, for Large Enterprises with Complex requirements Yammer SSO is recommended.

Access this Office Blog post her : Use your Office 365 credentials to sign in to Yammer

Review this Office Online Post to know more: Office 365 sign-in for Yammer

Participate in the YamJam to know more on this with live updates.

Thursday, November 20, 2014

Get Ready to Upgrade your SHA-1 Certificates!!!

Believe most of you are aware that SHA-1 SSL certificates are going to be discontinued by Microsoft after 2016. As we all know that SHA-1 is the commonly used certificate and most of the websites out there in the Internet are using this Cert and also this is the common Certificate that is used inside most of the Organizations.


I am writing this post today to refer and remind you up on this critical update to begin your Cert upgrades to supported SHA-2 SSL certificates proactively and point you to the vital resources well written and available in the community by Technical Experts and vendors for better understanding on the topic.

MVP Jeff Guillet has recently written an Excellent blog post in WindowsITPro explaining in-depth information on Microsoft's decision to discontinue SHA-1 SSL certs and potential impacts that will arise if we continue to use this and how long you have time to get the certs upgraded, the behavior that you will experience over time and references to other Critical resources and tools that can help you to get things moved on.


Review here: Is Your Organization Using SHA-1 SSL Certificates?

As you read in the above article Google is taking the lead to notify users when they use SHA-1 Certs beginning with Chrome 39 starting this November 2014 and below Symantec article is well written to explain this in detail showing us the future experience with every upcoming version of Chrome till Q1 2015.


Review here: Google’s SHA-1 Deprecation Plan for Chrome

Below Online Tool from DigiCert is quite good to Identify the affected Certs in your domain at ease and begin your update


Access here: DigiCert® SHA-1 Sunset Tool

Above resources are well enough to get the required information on the topic and you can still look out for more in the external community for further reading. Hope soon we all get the certs updated to avoid any last minute hassles affecting end user experience.

Wednesday, November 19, 2014

Office 365 Security - New MVA Courses now Available

Microsoft team is doing great in terms of providing excellent product and technical training in the recent years and Microsoft Virtual Academy Courses are on the top priority in the available resources list, which provides more insight on each product to the core with excellent walk-through training sessions and labs, to add further to the list Courses available for Office 365 and to provide more insight on the latest Microsoft Security enhancements with Office 365, three new Courses launched recently and now made available in Microsoft Virtual Academy website.


Office 365 Security & Compliance: Exchange Online Protection

Topics covered: 

01 | Introduction to EOP

02 | EOP Architecture

03 | How Does EOP Handle Spam?

04 | Exchange Transport Rules

05 | Reporting & Message Trace

06 | Mail-Flow & Connectors

07 | Data Privacy

Next Steps | Recommended Resource


Encryption in Office 365

Topics Covered:

01 | ​Introduction to Encryption in Office 365

02 | Information Rights Management

03 | Office 365 Message Encryption

04 | S/MIME


Data Loss Prevention in Office 365

Topics Covered:

01 | Introduction to Data Loss Prevention in Office 365

02 | End User Experience

03 | DLP Policy Management Fundamentals

04 | Under the Hood: Sensitive Content Detection

05 | DLP Reporting and Customization

Recommended Resources & Next Steps

Access the Office Blogs post to know more : Microsoft Virtual Academy courses—Office 365 security

*Also these videos are Available in Channel 9 for download on demand.


Deployment guide for SharePoint 2013 E-Book

Microsoft team recently released deployment guide for SharePoint 2013, its now available for free download from Microsoft download center.

This book provides deployment instructions for SharePoint 2013. The audiences for this book include application specialists, line-of-business application specialists, and IT administrators who are ready to deploy SharePoint 2013.


Download here:  Deployment guide for SharePoint 2013

Thursday, November 13, 2014

Exchange Server CUs and RUs are delayed !!!

I am writing this post a bit late and I believe everyone is aware about the latest update from Microsoft team that Cumulative updates for Exchange Server 2013 and Roll-Up updates for Exchange Server 2010 and 2007 scheduled for this November are delayed until December 2014.


Review here for complete update : November Exchange Releases delayed until December 

This is a good move from Microsoft where they proactively identified the issue and delayed the CU/RU release and saved valuable time of most of the customers before they identify and come up with this as before and I hope the final release will be a standard bug free one. Keeping my fingers crossed...

Update: 

Microsoft team released the Updates this December, review my below related post.

Exchange Server Updates now Available !!!

Tuesday, November 11, 2014

Clutter Reaches GA !!!

Microsoft team made another significant announcement today, the most awaited feature on Microsoft Road-map for Office 365 powered by the new Office Graph, "Clutter" roll out started for all the O365 business customers.


Read the complete announcement with a video demo on this great feature through the below Office blog post.

De-clutter your inbox in Office 365

See how clutter works below,

Use Clutter to sort low priority messages in Outlook

Get to know how to administer clutter feature as an Admin

De-Cluttering everyone’s inbox

Additionally, read the below excellent write ups from Tony Redmond MVP for more insight on this topic.

Clutter arrives to impose order on Office 365 mailboxes

FAQ: Answers to common Office 365 Clutter questions

Lync becomes Skype for Business !!!

Microsoft never stops innovation and today they made a significant announcement on next version of Lync, Microsoft re-branded next version of Lync as "Skype for Business" which is quite catchy, as per the announcement we can expect the product release in first half of 2015.



Here is the extract from the announcement:

In the first half of 2015, the next version of Lync will become Skype for Business with a new client experience, new server release, and updates to the service in Office 365. We believe that Skype for Business will again transform the way people communicate by giving organizations reach to hundreds of millions of Skype users outside the walls of their business.

This is really a great news and I am happy to share this to you along with other community members and I am all set to welcome the next version of Lync Server aka Skype for business

Review the Official Blog here: Introducing Skype for Business

Read the below ZDNet post for more updates.

Access here: Microsoft rebrands Lync as 'Skype for Business'; readies 2015 releases

I will continue to update this post once I get more information on this topic, stay tuned...

Wednesday, November 05, 2014

Getting started with PowerShell 4.0 - Jeffrey Hicks

PowerShell Guru Jeffrey Hicks MVP recently wrote a whitepaper for PowerShell Newbies to begin with PowerShell 4.0 basics and its available for free download from Veeam.com and this is a must one to have handy for every IT Pro who wants to learn and work with PowerShell.



Additionally, You can register yourself to the new E-Learning Course from Jeff though WindowsITPro scheduled for Wednesday, November 12th and try to Enroll by today and SAVE 15%

Register here: Getting Started with PowerShell 4.0

*Refer my PowerShell Section in the blog  to access all other related resources available for further Learning. Happy Scripting...

Friday, October 31, 2014

Yet another new iOS issue with Exchange ActiveSync !!!

Recently we had iOS 8.X released to the market and all new Apple devices are now getting updated with this version and unlike iOS7 which had only limited impact to Exchange ActiveSync, now this new version is causing a wave of issues similar to iOS6.


Meeting invites are again affected by this new issue and raising an critical alarm in the environment and I believe its now affecting major part of the customers and mostly with Exchange Online. And my users are also among the affected ones and we were unable to provide a proper fix to them at the moment, because the workaround provided to address this issue is fine at one instance, but it may not be suitable for all the customers and mainly very large Enterprise customers.

Microsoft team and Apple are now aware on this issue and started to update customers with their current update and we may get a fix soon. Microsoft stated that soon this new issue will be updated to their Knowledge base article.

Current issues with Microsoft Exchange ActiveSync and third-party devices 

More information is well documented and available in the below Office 365 Community forum post and you can watch out this discussion for further more updates.

Access here :  Your meeting was found to be out of date and has been automatically updated

*Add-on Read: iOS 8 ActiveSync problem causes out-of-date meetings - Tony Redmond's Exchange Unwashed Blog  

Update:

Microsoft team finally acknowledged this issue and published the below Knowledge base article with the root cause and workaround.

Review here:  Known calendaring issues with iOS 8.x devices

Stay tuned for more updates...

Thursday, October 30, 2014

Office 365 Performance Management

Office 365 Performance Management is a crucial topic, every Consultant and Administrator who work with Office 365 should have strong insight and possess good knowledge on this topic.




Microsoft team published an excellent write-up regarding the new resources available to know more on this topic addressing the key requirement for a successful Office 365 deployment and Administration.


Access the below Office Blog post to know more.

Review here: Tune and optimize performance of your Office 365 connection

The Key resources as referenced in the blog post includes,

Network Planning and Performance Tuning - TechNet



Access here: Network planning and performance tuning for Office 365

Office 365 Performance Management - Microsoft Virtual Academy Course 





 Topics Covered

  • Office 365 Performance Management Course Introduction
  • Office 365 Datacenters and Network
  • Planning for Office 365 Internet Capacity – Exchange Online
  • Planning for Office 365 Internet Capacity – Lync Online
  • Planning for Office 365 Internet Capacity – SharePoint Online
  • The Baselining Model for Internet Capacity Planning
  • Best Practices & Real Customer Projects Planning Internet Capacity
  • Planning for Office 365 Firewalls Whitelisting
  • Performance Troubleshooting Process and Tools Used
  • Performance Troubleshooting Tests
  • Troubleshooting SharePoint Online Customizations

Access the recorded course here: Office 365 Performance Management

Review the below Excellent Blog post from Paul Collinge MSFT to Optimise Network Performance for Office 365

Top 10 Tips for Optimising & Troubleshooting your Office 365 Network Connectivity 

Update:

Access the latest Blog post from Paul Collinge MSFT on Office 365 Connectivity Guidance

Key topics covered,
  • Optimized connectivity to Microsoft’s global network
  • Localized network egress as close to the user as possible
  • Unhindered access to the endpoints required
  • Local DNS resolution

Update:

Take a look at the below Microsoft Ignite session to know how to Troubleshoot Office 365 Network performance


Access here: Overcome network performance blockers for Office 365 Deployments

Also I have covered various vital contents under my Office 365 section.

Stay tuned for more updates...

Exchange Server 2013 Management Pack Update released !!!

Microsoft team released a new update to the Exchange Server 2013 Management Pack to address key customer feedback about getting additional information into System Center Operations Manager to allow users to better understand the health and performance of the Exchange environment.



Review the Official Blog post below to know more on the update and download the latest version for better environment monitoring.

Access here: Exchange Server 2013 Management Pack Update

Wednesday, October 29, 2014

Disable Support for SSL 3.0 to Avoid POODLE Attack !!!

Believe everyone is aware about the latest POODLE (Padding Oracle on Downgraded Legacy Encryption) vulnerability that affects clients that are using SSL 3.0, this is considered bit more dangerous that Heartbleed bug that raised the alarm recently and most of the Organizations already started to disable SSL 3.0 support on their clients and applications. And today Microsoft team published an update to this issue in terms of Office 365 to notify customers with the newly available workaround to disable SSL3.0 support from IE Browser clients that connect to the service along with the deadline.


Extract from the Official Post: 

Starting on December 1, 2014, Office 365 will begin disabling support for SSL 3.0. This means that from December 1, 2014, all client/browser combinations will need to utilize TLS 1.0 or higher to connect to Office 365 services without issues. This may require certain client/browser combinations to be updated.

Although analysis of connections to Microsoft online services shows very few customers still use SSL 3.0, we are providing customers with advance notice of this change so they can update their impacted clients prior to us disabling SSL 3.0

A new Fix it was released today to disable SSL 3.0 support from IE browser and also we have reference to the updated Security advisory article "Microsoft Security Advisory 3009008" that outlines more on this vulnerability and steps to utilize GPO settings to get this change implemented Organization wide.

Review the Official Blog post here: Protecting you against the SSL 3.0 vulnerability

Also refer the latest ZDNet post covering some more discussion on the topic and also it explains how other browser clients are responding to this vulnerability

Google has said that it will remove SSL 3.0 support from all their client products over the next few months. The next version of Firefox (due November 25) will disable SSL 3.0 completely. In the meantime, Mozilla has created an SSL Version Control add-on to allow users to disable the feature.

Review here : Microsoft releases anti-POODLE Fix It

*Microsoft team is discontinuing the support for SSL 3.0 with Azure Storage by February 2015.

Microsoft Disabling SSL 3.0 in Azure Storage Next Month

Tuesday, October 28, 2014

Built-in Mobile device management now Available for Office 365 !!!

As a great innovation today Microsoft team made an Official announcement in TechEd Europe 2014 event that soon Office 365 customers will have Built-in Mobile device management features included within the service



As stated in the Official Announcement  these features are set to roll out in the first quarter of 2015. Microsoft team recommends customer to use Windows Intune for advanced Mobile Device management features, Also suggests to have both in place for better experience based on customer's requirement .

Review the Official Announcement here: Introducing built-in mobile device management for Office 365

Directly access the Garage Series demo here: Announcing mobile device management for Office 365

*Additionally, Check out my earlier post to know how to use Microsoft Enterprise Mobility Suite with Office 365

Access here: Mobile Device Management for Office 365

* A great add-on read on this topic is available below from eweek magazine.

Microsoft Enterprise Mobility Suite Cozies Up to Office

Mobile Device Management for Office 365

In today's IT world Mobility plays a major role and with the advent of BYOD now we see people use mobile devices to access corporate data from any corner of the world and Organizations that provide this feature to their users are relaying on strong Mobile Device Management system. Microsoft team recently released their Enterprise Mobility Suite that address this MDM need for the customers and also entered the market as a strong competitor among  the existing solution and established itself as a leading  MDM solution adopted world wide.


Office 365 customers are now worldwide and as with every other customer Mobility plays a vital part for all these customers and this becomes quite crucial as their data is available in Microsoft Cloud, with the availability of EMS we can integrate it with Office 365 and create a strong MDM solution.

To get to know how to use Enterprise Mobility Suite (EMS) with Office 365 and its benefits,  Microsoft team provided us with the Microsoft Virtual Academy Course covering all aspects on this topic


Course Topics

  • Expanding Office 365 with Enterprise Mobility Suite: (01) Course Introduction
  • Expanding Office 365 with Enterprise Mobility Suite: (02) Get More Information About Your Users
  • Expanding Office 365 with Enterprise Mobility Suite: (03) Make Your Users Safer
  • Expanding Office 365 with Enterprise Mobility Suite: (04) Ease Your Management Overhead
  • Expanding Office 365 with Enterprise Mobility Suite: (05) Get More Information About Cloud Apps
  • Expanding Office 365 with Enterprise Mobility Suite: (06) Get Control of Cloud Apps
  • Expanding Office 365 with Enterprise Mobility Suite: (07) Protect Your Customers Files Wherever They Are
  • Expanding Office 365 with Enterprise Mobility Suite: (08) Give Your Users A Reason To Be Managed

Access the complete course here: Expanding Office 365 with Enterprise Mobility Suite

TechEd Europe 2014 has begun...

TechEd Europe 2014 has now begun and we have various sessions between all these days 28-31 OCT 2014. TechEd opening Keynote is presented by Microsoft's Jason Zander, Corporate Vice President, Microsoft Azure and Joe Belfiore, Corporate Vice President of PC, Tablet and Phone, Operating Systems Group, various significant enhancements and new innovations are being announced now.



You can watch the Live streaming here: LiveTechEd Europe 2014

Follow the Official Twitter account for live updates : @teched_europe

*Take a look at the new announcements made to Office 365 in terms of Security and Compliance in today's event.

Review here:  Office 365—Our latest innovations in security and compliance

*Check out more on today's announcements from the below WindowsITPro post

Microsoft Launches TechEd Europe with Wave of Announcements - Paul Thurrot 

*TechED Europe 2014 videos are now getting posted in Channel9.

Access here : TechEd Europe 2014 Videos

*You can utilize the below script provided by MVP Peter Schmidt to download the videos and slides at one go.

Access the Script here: Download All Videos and Slides from TechEd 2014 Europe

We can expect more great things in the next upcoming days. stay tuned...

Monday, October 27, 2014

Unlimited OneDrive Storage is coming to all Office 365 Subscribers !!!

Today is a great day for Office 365 Customers as Microsoft team now made an announcement that now all Office 365 customers will get unlimited OneDrive storage at no additional cost and they started their roll-out from today and soon all Office 365 customers will have this benefit.


Review this Official "The OneDrive Blog" post for more details: OneDrive delivers unlimited cloud storage to Office 365 subscribers

Also recently we had an another update for OneDrive, where we can Upload file size up to 10 GB and 1 TB of Storage space but now we have this unlimited storage, this all shows that Microsoft is now making the move to make Cloud a better place for storage and also enhance Office 365 adoption.

Tuesday, October 21, 2014

Recover Deleted Mailbox in Office 365

Recovering deleted mailboxes are not new for us as Exchange Admins but this becomes quite tedious when we are managing an Exchange Hybrid Environment with Federated Identity.



Recovering mailbox in a traditional On premises Environment or a fully hosted Exchange Online Environment are straight forward with few easy steps. Refer the below articles to know this in detail.

Exchange On premises : Connect or restore a deleted mailbox

Exchange Online : Delete or Restore User Mailboxes in Exchange Online

This blog post is written to cover few important and complex mailbox recovery scenario with Office 365 and we begin with recovering deleted mailbox in cloud in a Exchange Hybrid deployment with federated identity.

Exchange hybrid deployment with Federated Identity, this involves both ADFS and Directory synchronization. In this setup, AD account associated On premises is a key component, unlike the above scenarios, if this object is deleted its impossible for us to set things as before. We can still recover the mailbox contents alone in Cloud though the On premises AD account is deleted as the associated Office 365 account still remains in deleted users for 30 days and the mailbox will be available in soft deleted mailboxes for the next 30 days. Even if the Object in Office 365 is deleted post 30 days retention, we still have possible ways to get the mailbox recovered to a new cloud only mailbox from Removed mailboxes which I will explain in the later part of this article.

To clarify my above statement lets do some quick discussion on this topic, In a DirSync environment objects are Synchronized from On premises to cloud and the Source of Authority is On premises for managing the objects and when we enable Federated Identity the Identity management is moved to On premises via ADFS and provides a true SSO experience for users when accessing Office 365.

On the Technical background every AD object is unique with an Object GUID we call this as an Source Anchor and the same is synchronized to Cloud and gets set as the Immutable ID for the associated MSOL object in Office 365, this is the binding parameter that ensures that these two identities are tied up to each other to achieve a true SSO.

When you are using DirSync, Objects are Synchronized from On premises to Azure and the changes that are enforced on these objects are synchronized periodically, The default interval is 3 hrs. and still you can customize this to your needs and also force DirSync on demand. With this being said, when an Object is removed from On premises the same is removed in Azure and if we want to restore the deleted object by chance and wanted to set things as before, then we need to restore the deleted object only from On premises AD and then perform some tweaks on the recovered object and Sync it back to Azure.

Example of a DirSync object in Admin portal


More information on the above said point is updated in this Microsoft knowledge base article with the workaround which is the key for this article.

Review here: How to troubleshoot deleted user accounts in Office 365

Refer Resolution 3: Recover a user account that was deleted because the on-premises user object was deleted from the on-premises Active Directory schema Section.

Following the steps outlined is an straight forward process where we can recover the deleted object from AD Recycle bin if we have Windows Server 2008 R2 and Later Functional levels and if we don't have AD Recycle bin or your Functional level is below the required criteria then we can utilize the AdRestore tool to perform the recovery of the deleted AD object from Tombstone. Authoritative Restore is also an option but this is not recommended.

In addition to the above methods, we have one more reliable method of recovering the object from tombstone using LDP.exe as I don't have AD recycle bin available in my environment I am utilizing this method to recover the object and this is method is not shown in the knowledge base article.

Instructions to use LDP.exe and performing the recovery is already covered excellently in this below article

Restore Deleted Objects in Active Directory Database Using Tombstone Reanimation (LDP.EXE) 



In addition to the above recovery steps, we do have one important note to consider, when you expand the deleted item container it will list only few objects based on the Maxpagesize settings in the environment and to over come this you can perform a search on the Tool using the below filter and then follow the recovery process.

During the search use the Filter “(samAccountName=?)” Where ? Refers to the deleted account samaccountName which will normally be the alias of the account.



Search options are explained in detail here: http://support2.microsoft.com/kb/284928/en-us


As stated in the knowledge base article once the object is recovered from Tombstone it will be made available as a stripped object without any vital attributes set on the object and the most important part is it will be recovered with the same Object GUID as before which is required for us to rebind this object to the MSOL object.

Once the object is recovered we need to re-add the User Principal Name and the necessary Attributes to the AD account and re-enable it for exchange as before and then execute the DirSync, once this is done this recovered object will get in sync with the Cloud object available in the deleted users list and that will get enabled and moved to Active users with the Mailbox intact as before.


*One more important tweak you need to make is to set the On premises Remote Mailbox object Exchange GUID matching the Exchange Online Mailbox GUID, this is done to make the Hybrid mailbox moves possible as this is mandate for the accounts to be in sync when we move mailboxes from Cloud to On premises.

Detailed behavior is explained in this Community Post : Exchange Hybrid Deployment – Moving Cloud-Based Mailboxes to the On-Premises Organization

Once everything is set we can access the Mailbox as before with our On premises credentials and experience the true SSO.

This completes the recovery process for our scenario.

*As stated earlier in the blog post it is still possible for us to recover the mailbox without restoring the AD object On premises this is done to recover the mailbox contents and it will not assist us in bringing the original setup back as with the above formal process and this is still a good solution if we just want to get the mailbox contents from the deleted mailbox.

Recovering soft deleted Mailbox directly in cloud

Navigate to Exchange Admin center and click on (…) and select deleted mailboxes and it will list the soft deleted mailboxes with the deleted date.

Now click on the mailbox that you want to restore and select Restore button and when you do this you will be prompted to enter the details, ensure that you fill in the Display Name and choose the logon name suffix as "@tenantname.onmicrosoft.com" update the password and finish the recovery process.


Once this is done the Mailbox is recovered in cloud and you can access the mailbox by granting yourself Full Access to it and export the mailbox contents to a PST.

Also you can recover the mailbox from Soft deleted mailboxes using Undo-SoftDeletedMailbox cmdlet and then follow the PST process.


We can follow the above process as long as the mailbox is available under soft deleted mailboxes which is 30 days from the date of deletion.

*If you have enabled Litigation hold or In Place hold on the mailbox before deletion the contents are preserved as the mailbox will be moved to Inactive Mailboxes.

Review here: Manage inactive mailboxes in Exchange Online

Recovery Method with a New AD object

*We still have option to recover the mailbox post this 30 days retention date from Removed mailboxes which will occur once the MSOL object is deleted and the associated mailbox is moved from Soft deleted mailboxes to hard deleted mailboxes  ( Removed / Orphan Mailboxes).

We can check for this mailbox using Get-RemovedMailbox Cmd let in Exchange Online and make a note of the GUID and reconnect it to a new Cloud only account as shown in the below blog post and recover the contents.

Review here: Recovering a deleted mailbox in Microsoft Office 365


Once the AD object On premises is deleted you can delete the corresponding MSOL object in Office 365 permanently with the -RemovefromRecyclebin cmdlet and once this is done the Mailbox is hard deleted and moved to Removed mailboxes and then you can very well follow the above process and bring it back to life with a new Cloud only account as a first step.




*Once the mailbox is mapped to the new cloud only account it behaves like a mailbox provisioned fully in cloud that will not contain an ImmutableID which is the key for our recovery.

*Add the necessary SMTP address of your federated domain and make it primary if its not set correct.

 *Next, we will create a new AD object and the set the object as before with the necessary attributes and Primary SMTP (We can create a Remote Mailbox object On premises). Now we can force Dirsync or wait for the DirSync schedule run. We are all good now to utilize the SMTP matching feature (Soft Match) to bind the On Premises AD object to the MSOL object which sets the new AD object's Object GUID as the immutable ID in MSOL and then the mailbox is functional as before with SSO.



Review the SMTP Matching knowledge base here: http://support2.microsoft.com/kb/2641663

*If you get any NDR for the old emails you can utilize the below knowledge base article and re-construct the X500 address and add it to the account On premises which will DirSync to cloud and make things work as before.

Review here: http://support2.microsoft.com/kb/2807779/en-us

This completes this recovery method.

Note:

This method is also a reliable method but not a recommended method by Microsoft, Also unfortunately this is not working in my Hybrid deployment with DirSync where the Mailbox is getting moved to soft deleted mailboxes instead of Removed mailboxes even though I force fully remove the MSOL object from Office 365.

This same behavior is experienced by Microsoft team and found this works well for fully hosted scenario and not for Hybrid deployment with DirSync and still I am awaiting for a possible solution and update here soon.

Update: 

After working with Microsoft team we identified the workaround, where this could possible be a Sync issue between MSODS and Exchange Online which is not moving the mailbox from soft deleted mailboxes to hard deleted ( Removed Mailboxes) once MSOL object is removed.

To fix this we recovered the mailbox available under soft deleted mailboxes using Undo-SoftDeletedMailbox cmdlet , which recovered the mailbox with the note to assign the License before the grace period expires which will remove the mailbox if not done.

We waited for the grace period to expire and then the mailbox was successfully moved to the hard deleted mailboxes and available under Removed Mailboxes.

Once this is done we are all set to follow the instructions provided above under "Recovery Method with a New AD object " method for successful recovery.

Finally,

You can additionally prevent accidental deletions in Azure when using Dirsync by following the instructions provided in the below Blog post.

DirSync: How To Avoid Syncing Accidental Deletes To The Cloud Directory

Believe this post is quite useful for readers to recover mailboxes in a Hybrid environment with federated identity and also other possible mailbox recovery scenarios with Office 365.

Update:

Microsoft team is making some significant changes to the Mailbox recovery with Office 365 by discontinuing method of recovering the mailbox using hard delete option, since this impacts other service related access with Office 365 and suggests us with a new supported method to be followed henceforth via the below EHLO Blog post.

Background:

Why Is This a Benefit?

Previously, if you could not recover both the user and the mailbox, you would have to perform an unsupported process of hard-deleting a mailbox. This process was unreliable and sometimes caused a ripple effect on other services such as SharePoint and Lync. If the process failed, you were left with very limited options, and ultimately had to call support.


Below are the steps stated in the article for recovery

What Do I Need To Do To Take Advantage of This New Option?

All you need to do is create a new user with a mailbox and merge the data. The way you create the user with a new mailbox will depend on if you use DirSync or the Microsoft Online Portal to create users.

1. Create the user and Mailbox.

Using DirSync:

Create the user and remote mailbox from the on-premises Exchange management tools.
Force a directory synchronization.


Not Using DirSync:

Log into http://portal.office.com.

Create and license the user.

2. Run the cmdlet to merge the accounts. This is done from PowerShell connected to Exchange Online.

A) Connect PowerShell to Exchange Online. To do this, see http://technet.microsoft.com/en-us/library/jj984289(v=exchg.150).aspx

B) Run the following Command and retrieve the GUID for the soft-deleted mailbox that you want to restore: Get-Mailbox -SoftDeletedMailbox

C) Run a cmdlet similar to the following to restore the mailbox: New-MailboxRestoreRequest -SourceMailbox <GUID from Step 2B> -TargetMailbox <GUID from Step 1>

NOTE 1:  If the mailbox source and/or target is an archive, use the following switches (-SourceIsArchive and/or -TargetIsArchive)

NOTE 2: The value in Step 2C calls for the account GUIDs, but they can take other values such as an SMTP address or a UPN. The reason we recommend using GUIDs is to reduce the chances that there will be any confusion or conflict between the source and destination.

Access the complete post here to know more: A better way to recover a mailbox

Update:

Microsoft team recently published a new guidance article on this topic below,

Common mailbox recovery scenarios for hybrid environments

Update:

Microsoft Exchange Online Team recently announced the availability of new Mailbox Recovery Troubleshooter that would guide you to the best possible Recovery option , when restoring a deleted user mailbox in EXO.

Access the Troubleshooter here: https://aka.ms/MailboxRecovery

Official Blog post here: Introducing the Mailbox Recovery Troubleshooter

Update:

Access the latest Blog posts on this topic in an Exchange Hybrid environment.

Recover soft-deleted mailboxes in an Exchange Hybrid scenario

How to restore an inactive mailbox for a federated user in an Exchange Hybrid deployment

As an add-on read review the detailed guidance from Microsoft to know how to remove a former employee from Office 365

Stay tuned for latest updates...