MVP - Most Valuable Professional
rss

Just can't get enough of IT

This blog is about mostly anything in IT. But the primary focuses are Microsoft Technologies like Exchange, Office 365, Azure and Cloud Security.

Logo Azure ADAzure AD Pass-through authentication (PTA) recommends that you run at least three authentication agents to provide high availability for authentication. 

When you download and install the PTA agent, registering the PTA agent to Azure AD might fail. This happens most of the time when the network connectivity to Azure AD requires the use of a proxy server. In such a network setup you normally encounter configuration errors only, if the proxy server is misconfigured or the Internet Explorer zone configuration is missing required entries for trusted sites.

When you encounter an error during installation and registration of the dedicated PTA agent I recommend to separate these two steps. You need the credentials of an Azure AD account that is a member of the Global Administrator management group.

  1. Download the most current release of the PTA agent: https://aka.ms/getauthagent
  2. Copy the downloaded file to the server that will serve as a PTA agent
  3. Open an administrative command prompt and install the PTA agent software in silent mode without registering the agent:
AADConnectAuthAgentSetup.exe REGISTERCONNECTOR="false" /q
  1. Open an administrative PowerShell session, navigate to the default installation location and register the PTA agent manually
# navigate to the default installation location
cd "C:\Program Files\Microsoft Azure AD Connect Authentication Agent"

# enter the global admin credentials
$cred = Get-Credential

# register the PTA agent using the RegisterConnector.ps1 script
# multiline example
.\RegisterConnector.ps1 `
-ModulePath "C:\Program Files\Microsoft Azure AD Connect Authentication Agent\Modules\" `
-ModuleName "PassthroughAuthPSModule" `
-AuthenticationMode Credentials ` 
-UserCredentials $cred `
-Feature PassthroughAuthentication

# single line example
.\RegisterConnector.ps1 -ModulePath "C:\Program Files\Microsoft Azure AD Connect Authentication Agent\Modules\" -ModuleName "PassthroughAuthPSModule" -AuthenticationMode Credentials -UserCredentials $cred -Feature PassthroughAuthentication

 

The Azure AD Pass-through agent Quickstart documentation has an example for automating the installation of the PTA agent as part of a server provisioning process. The current example references the wrong PowerShell module named AppProxyPSModule. The most recent release of the PTA agent does not contain a PowerShell module by that name. Use the PowerShell module PassthroughAuthPSModule, as shown in the PowerShell example shown above.

 

Links

 

Enjoy Azure AD!

 

 

Read More »

On May 11th, the SharePoint Saturday Cologne took place at the new Microsoft Office in Cologne. 

My session covered the migration of legacy public folders from Exchange Server 2010 to modern public folders hosted on-premises or Exchange Online. Additionally, I've talked about the pros and cons of a migration to Office 365 Groups and Microsoft Teams.

The slide deck is available on SlideShare.

 

 

 

Enjoy Exchange Server and do not forget about the end of support for Exchange Server 2010 on January 14th, 2010.

 

 

 

Read More »

Exchange Server 2016Exchange Server 2013Description

This script connects either to Exchange Online or to a dedicated on-premises Exchange Server to export configured mailbox delegates and SMTP forwarding configurations.

The SMTP forwarding configurations are gathered from inbox rules and from mailbox forwarding settings.

 

Requirements

  • Exchange Server 2016 or newer
  • Cretenials to logon to Exchange Online and Office 365 when querying EXO mailboxes
  • Utilizes GlobalFunctions PowerShell Module --> http://bit.ly/GlobalFunctions

 

Examples

# Example 1
# Connect to the on-premises Exchange Server mx01.varunagroup.de and export delegation and SMTP forwarding information
 
.\Get-DelegatesAndForwardingRules.ps1 -ExchangeHost mx01.varunagroup.de

# Example 2
# Connect to the on-premises Exchange Server mx01.varunagroup.de, export delegation and SMTP forwarding information and get verbose information on the objects worked on

 .\Get-DelegatesAndForwardingRules.ps1 -ExchangeHost mx01.varunagroup.de -Verbose 

# Example 3
# Connect to Exchange Online and export delegation and SMTP forwarding information

 .\Get-DelegatesAndForwardingRules.ps1 -ExchangeOnline

 

Version History

  • 1.0, Initial community release

 

Links

Use GitHub Issues to leave comments, requests, end even bugs or issues.

 

Additional Credits

The script is based on the O365-InvestigationTooling script DumpDelegatesandForwardingRules.ps1 by Brandon Koeller
Find more Office 365 investigation tooling scripts at https://github.com/OfficeDev/O365-InvestigationTooling.

 

Follow

 

Read More »

SharePoint Saturday Cologne | 2019-05-11On Saturday, May 11th, the SharePoint Saturday Cologne will take place at Microsoft Office.

My session covers the migration of legacy public folders to modern public folders in the cloud.

Migrating from legacy public folders to modern public folders in Exchange Online is an error-prone process. Especially for Exchange organizations using legacy public folders since the early days. Real world examples from the field will show you how to determine the right migration approach. Additional information will help you to avoid the most common errors when migrating to modern public folders to the cloud. But what about after migrating to the? There is more. Prepare for decommissioning Public Folders by moving content to Microsoft Teams.

 

Links

 

See you in Cologne.

Read More »
On December 3, 2018
0 Comment
2187 Views

Office 365 supports the upload of PST files to Azure storage for a direct import to mailboxes hosted in Exchange Online. The steps are described in detail in the online documentation at Microsoft Docs.

Import CSV using an email address

Workload,FilePath,Name,Mailbox,IsArchive,TargetRootFolder,SPFileContainer,SPManifestContainer,SPSiteUrl
Exchange,,SALES.pst,TeamMailbox-Sales@varunagroup.de,FALSE,IMPORT,,,

 

But you might encounter the following error after starting the import job using the Security & Compliance dashboard.

X-Psws-ErrorCode: 840001
X-Psws-Exception: Microsoft.Exchange.Configuration.Tasks.ManagementObjectAmbiguousException,The operation couldn't be performed because 'TeamMailbox-Sales@varunagroup.de' matches multiple entries.
X-Psws-Warning: When an item can't be read from the source database or it can't be written to the destination database, it will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting Exchange not copy such items to the destination mailbox. At move completion, these corrupted items will not be available at the destination mailbox.
X-Content-Type-Options: nosniff

Before you were able to start the import job the job configuration, the CSV file, and the content of the PST file were analyzed successfully. There was no hint of multiple entries for the target mailbox.

Screenshot PST Import Job

The detailed error message can be retrieved using the View log link. A clear text message is stated in the Status detail column, but you need to expand the width of the column. 

The hint provided in the status detail column states that there are multiple identities for the primary email. At this point in time, I do not know, how this possible when the target account is synchronized with AAD Connect.

Solution

Use the target mailbox GUID instead of the target email address as the target address in the CSV configuration file.

Connect to Exchange Online Remote PowerShell session and query the mailbox GUID for the target mailbox(es).

# Query target mailbox GUID for a single mailbox
Get-Mailbox TeamMailbox-Sales@varunagroup.de] | FL Guid

Create a new import job referencing the same PST file already copied to the Azure storage.

Import CSV example using the mailbox GUID

Workload,FilePath,Name,Mailbox,IsArchive,TargetRootFolder,SPFileContainer,SPManifestContainer,SPSiteUrl
Exchange,,SALES.pst,e7b7c35f-929d-420e-99a5-3c9afc419281,FALSE,IMPORT,,,

 

The import job will now be executed as expected.

 

Links

 


Do you need assistance with your Exchange Server platform? You have questions about your Exchange Server organization and implementing a hybrid configuration with Office 365? You are interested in what Exchange Server 2019 has to offer for your company?

Contact me at thomas@mcsmemail.de
Follow at https://twitter.com/stensitzki

 

Read More »