GRANIKOS

The PowerShell script Set-UserPictures now supports uploading resized user pictures to Exchange On-Premises and Exchange Online. Read more about the new functionality here: https://www.granikos.eu/en/justcantgetenough/PostId/307/add-resized-user-photos-automatically Download the updated script here: Github: https://github.com/Apoc70/Set-UserPictures TechNet: https://gallery.technet.microsoft.com/Bulk-resize-and-adding-of-1e74d85e Enjoy!    

Problem: When you try to connect to SharePoint Online using PowerShell you receive an Access Denied error as follows: PS C:\> Connect-SPOService -Url https://tenant-admin.sharepoint.com -credential $credential Connect-SPOService : Cannot contact web site 'https://tenant-admin.sharepoint.com/' or the web site does not support SharePoint Online credentials. The response status code is 'Unauthorized'. The response headers are 'X-SharePointHealthScore=0, SPRequestGuid=310ce59d-002b-3000-ef1a-70e5fe7eaf72, request-id=310ce59d-002b-3000-ef1a-70e5fe7eaf72, X-MSDAVEXT_Error=917656; Acces s+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the +web+site+and+select+the+option+to+login+automatically., Solution Connecto to the SPO Service without the previously entered credentials ($credential) and enable the LegacyAuthProtocolsEnabled attribute. Set-SPOTenant -LegacyAuthProtocolsEnabled $True   Enjoy SharePoint Online.    

Problem After configuring Access Services you cannot deploy Access custom web apps from Access 2013 - an error with a Correlation ID occurs.   Reason As if it´s not inconvenient enough to configure the SharePoint Access Services Requirements (e.g. AppStore with DNS), the SQL Server Configuration can be the cause, too. In the SharePoint Site Content overview you can see the faulty deployed App and in it`s details the following error: The database server is temporarily unavailable. Details: The sp_configure value 'contained database authentication' must be set to 1 in order to alter a contained database. You may need to use RECONFIGURE to set the value_in_use. ALTER DATABASE statement failed.   Solution You need to enable the SQL Server 2012 Feature Contained Database Authentication if you receive this error. You can do this in the Management Studio via this T-SQL statement: SP_CONFIGURE 'contained database authentication', 1; GO RECONFIGURE; GO   Enjoy SharePoint!  

Last updated: 2017-02-08 NoSpamProxy Azure Edition is the cloud based email security gateway of the successful NoSpamProxy family of products by Net at Work. The Azure edition of NoSpamProxy can easiliy be deployed using the Microsoft Azure Marketplace. NoSpamProxy Azure easily connects an Office 365 tenant and offers an easy way to provide centralized email encryption and decryption with PGP and/or S/MIME for mailboxes hosted in Exchange Online. Additionally, NoSpamProxy Azure provides compliant anti-spam handling, an anti-malware component, and a large file portal. The edition currently available in Microsoft Azure installs a NoSpamProxy single-server deployment. A single-server deployment combines the NoSpamProxy intranet role and the gateway role on a single server. The NoSpamProxy Azure Edition is provided as BYOL (Bring Your Own License) deployment. In addition to the recurring fees for the Microsoft Azure VM you are required to buy a NoSpamProxy license. If you already own a NoSpamProxy Version 11 license, the license can be used for the NoSpamProxy Azure Edition as well. Content DeploymentOptions Notes Deployment Links   Deployment Options Due to the nature of a cloud service NoSpamProxy Azure can be operated in different scenarios in ...

This is a translated blog post of the original post in German, which can be read here. Different technologies are used to verify the validity of email senders. Each technolgy by itself represents only one component of an holistic solution. It is currently recommended to implemtent all three technologies. The technologies are: SPF - Sender Policy Framework The SPF resource record of a DNS zone defines which servers (host names or IP addresses) are allowed to send emails on behalf of the domain. Each sender domain must have it's own SPF resource record.   DKIM - Domain Keys Identified Mail DKIM pursues the same objective as SPF. With DKIM parts of an email message are enrypted using a provivate key. The public key is published as a DNS resource record. In the most cases the key pair ist generated by the mail servers, as these encrpyt the message anyway.   DMARC - Domain-based Message Authentication, Reporting & Conformance DMARC is placed on top of SPF and DKIM. DMARC executes a so called alignment for SPF and DKIM. An alignment defines a ...

This is a map of the current datacenter footprint of Exchange Online, as presented during Microsoft Igite 2017 in Orlando. There is a difference between Exchange Online datacenters hosting mailboxes and front door endpoint datacenters. Front door endpoints are public peering locations providing client connections with higher reliability and lower latency.  

You are interested in OneDrive and OneDrive for Business? You want to know how you can integrate the OneDrive technology into your IT infrastructure securely?  Here is the list of OneDrive related sessions at Microsoft Ignite 2017 Monday THR1022: Bring your sales team together: Office 365 Groups, Teams & Microsoft Dynamics 365 in the real world  THR2039: Explore the mobile options for OneDrive for Business and SharePoint files BRK2181: Accelerate productivity with search and discovery in SharePoint and Office 365  BRK3382: Securing, governing, and protecting your Office 365 investments POD2005: Todd Klindt's SharePoint Podcast Tuesday POD2010: 2 Guys and SharePoint Ignite live stream POD1000: Microsoft Cloud Show - live episode THR2084: Figuring out Office 365 external sharing in 20 minutes BRK2229: Security you can trust, control you can count on with SharePoint and OneDrive BRK2310: Speed and scale: Accenture’s Windows 10 journey  POD2011: First Ring Daily  BRK1015: Office + Everyday AI  BRK2184: Accelerate your digital transformation with SharePoint and OneDrive  THR1066: Fostering a successful remote worker culture  THR1023: Can I get a side of OneDrive for Business with my SharePoint?  BRK1013: Collaboration in Microsoft ...

It's going to be an interesting week next week at Microsoft Ignite in Orlando, FL. There will be a lot announcements about Microsoft Technologies to come.  The conference is the best opportunity to learn about new technologies and to extend your IT professional network. If you want to talk about OneDrive for Business, Exchange On-Premises and Exchange Online solutions, or how you can move to cloud service contact me by email or Twitter to schedule a meeting. Email: thomas@mcsmemail.de Twitter: https://twitter.com/stensitzki See you in Orlando.    

Starting September 11th 2017 Microsoft Teams supports guest access for external users.  Guest access for Microsoft Teams uses a separate guest license type that must be activated in the services & add-ons section of the Office 365 Admin portal.    Office 365 Admin portal notification: When we make this change, the ‘Pick the license you want to configure’ setting in ‘Settings > Services and Add-ins > Microsoft Teams’, will now have an option for ‘Guest’ with a default value of “off” for the ‘Turn Microsoft Teams on or off for your entire organization’ setting. When you've not activated guest licenses, external user receive an odd error when trying to access your shared team. Link Expand your collaboration with guest access in Microsoft Teams   Enjoy Office 365!      

The PowerShell script to purge Exchange Server and IIS log files has been updated to version 2.1. The function Copy-LogFiles has been slightly rewritten and there has been a change in the cmdlet parameters. When using ArchiveMode CopyAndZip or CopyZipAndDelete all copied log files in the EXCHANGESERVER\LOGS folder are added to a compressed archive. The script creates a separate archive for IIS and Exchange logs.  Code updated function Copy-LogFiles { [CmdletBinding()] param( [string]$SourceServer, [string]$SourcePath, $FilesToMove, [string]$ArchivePrefix = '' ) if($SourceServer -ne '') { # path per SERVER for zipped archives $ServerRepositoryPath = Join-Path -Path $RepositoryRootPath -ChildPath $SourceServer # subfolder used as target for copying source folders and files $ServerRepositoryLogsPath = Join-Path -Path $ServerRepositoryPath -ChildPath $LogSubfolderName $ServerRepositoryPath = Join-Path -Path $RepositoryRootPath -ChildPath $SourceServer if(!(Test-Path -Path $ServerRepositoryPath)) { # Create new target directory for server, if does not exist $null = New-Item -Path ...

Description This script converts Word compatible documents to a selected format utilizing the Word SaveAs function. Each file is converted by a single dedicated Word COM instance. The script converts either all documents in a single folder of a matching an include filter or a single file. Currently supported target document types: Default --> Word 2016 PDF XPS HTML The conversion is handled by Word itself, utilizing the SaveAs method. The Word.Document.SaveAs method supports the following wdFormat values: Name Value Description wdFormatDocument 0 Microsoft Office Word 97 - 2003 binary file format. wdFormatDocument97 0 Microsoft Word 97 document format. wdFormatTemplate 1 Word template format. wdFormatTemplate97 1 Word 97 template format. wdFormatText 2 Microsoft Windows text format. wdFormatTextLineBreaks ...

When you run software solutions that make use of TLS secured communication channels the applications need to have access to the certificate's private key. The private key is part of the certificate stored in the local certificate store of the computer. In most cases the software solution creates a new self-signed certificate and configures access rights appropriately. When establishing TLS communication channels to external partners, the use of a public SSL/TLS certificate is a must have requirement. The following step-by-step instructions describe how to assign Read permisson for the Email Security Solution Gateway NoSpamProxy. In this case the solution does not utilize a classic service account, but a so-called virtual service account. Virtual service accounts provide a much better access security when executing Windows services. Step-by-Step Instructions Step 1 Open the local computers certificate store using the MMC Snap-Ins.   Step 2 Select the certificate to use and open the context menu (right click). Select Manage Private Keys to manage the private key permissions.   Step 3 Click Add and add the required service accounts. In this case the virtual service accounts are part of the local computer entity. Select the local computer and not the Active Directory domain ...

Last updated: 2017-08-20   The SMTP Simulator project has been started due to a specific demand during a customer project. We needed a solution to test native transport of Exchange Server 2013 and third party addons to Exchange in an isolated lab envrionment having no internet access at all. While it is pretty easy to send test emails using PowerShell, we wanted to create an automated service which is capable of: replies to incoming emails has configured internal and external SMTP domains creates random local email addresses sends emails depending on a schedule to simulate user behaviour fixed number of emails per timeframe random number of emails per timeframe send misformed emails adds attachments to outgoing emails documents  archives / password protected archives EICAR files simple testing of POP3/IMAP4 remote connections  runs as a Windows service has a nice web interface for simplified administration access to SMTP send/receice logs The SMTP Simulator can be used with any Message Transfer Agents (MTA), not only with Exchange. Besides testing the ...

The GlobalFunctions PowerShell module has been updated to support writing of log messages to the PowerShell output pipeline. When writing to the PowerShell output pipeline, the severity level is not written to the pipeline. In most cases you will use this option for debugging purposes. Example # Import module first Import-Module -Name GlobalFunctions # Create an instance of the logger $ScriptDir = Split-Path -Path $script:MyInvocation.MyCommand.Path $ScriptName = $MyInvocation.MyCommand.Name $logger = New-Logger -ScriptRoot $ScriptDir -ScriptName $ScriptName -LogFileRetention 14 # Write an informational message to the log file only $logger.Write('Some informational message') # Write an informational message to the log file only $logger.Write('Some message to log and console',0,$true) # Write a warning level message to log file and the message only to PowerShell output pipeline $logger.Write('Some warning message',2,$true) Note Remember to add the severity level when writing to console.   Read more about the GlobalFunctions module here. You can get the source code here: Import from PowerShellGallery: https://www.powershellgallery.com/packages/GlobalFunctions Download and follow at Github: https://github.com/Apoc70/GlobalFunctions Download and like at TechNet Gallery: https://gallery.technet.microsoft.com/Centralized-logging-64e20f97

When you run the following cmdlet to prepare Active Directory for the installation of an Exchange Server Cumulative Update (in this case CU17) you might encounter a System.UnauthorizedAccessException.  D:\tmp\Cu17>setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms Microsoft Exchange Server 2013 Cumulative Update 17 Unattended Setup Unhandled Exception: System.UnauthorizedAccessException: Access to the path 'C:\ Windows\Temp\ExchangeSetup\ExSetup.exe' is denied. at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.File.SetAttributes(String path, FileAttributes fileAttributes) at Microsoft.Exchange.Setup.CommonBase.SetupHelper.DeleteDirectory(String pat h) at Microsoft.Exchange.Bootstrapper.Setup.BootstrapperBase.CopySetupBootstrapp erFiles() at Microsoft.Exchange.Bootstrapper.Setup.Setup.Run() at Microsoft.Exchange.Bootstrapper.Setup.BootstrapperBase.MainCore[T](String[ ] args) at Microsoft.Exchange.Bootstrapper.Setup.Setup.Main(String[] args)   There is a simple reason for the the System.UnauthorizedAccessException: .NET Framework Optimization Service  The required .NET Framework 4.6.2 had been installed just minutes before executing setup.exe. Preparation of the Active Directory schema ran without any issues. But when the /PrepareSchema call finished, the temporary folder in C:\Windows\Temp\ExchangeSetup could not be fully cleaned up, as mscorsvw.exe had an open file handle on ExSetup.exe. Additionally, when you run Setup.exe and the folder C:\Windows\Temp\ExchangeSetup exists, the setup will not try to copy required installation files. Regardless if the folder files exists in the folder or not. Solution End both mscorsw.exe processes or wait until both process ...