Brian Reid – Microsoft MVP and Microsoft Certified Master
-
Adding Servers to ADFS 2.0 Farms – Subject Alternative Name Issues
When you add additional servers to an ADFS 2.0 farm and you have used a subject alternative name from your certificate to create the first server in the farm the additional servers will not be able to join the farm. If you have used the subject name on the certificate all works fine. You get the…
-
Mismatched Archive GUID for Moving Archive to Office 365
If you create an archive in Office 365 for a mailbox on-premise you might find that it does not work – the actual archive is not (as of time of writing) created correctly. What’s the way around it? The way around it is to create the archive on-premise and then move the archive to the…
-
Office 365 DirSync Schedule
The DirSync process sync’s every three hours by default, with a random number between 1 and 10 minutes is added to the SyncTimeInterval to provide an additional time buffer to this three hour period. This schedule can be changed by editing Microsoft.Online.DirSync.Scheduler.exe.Config in C:\Program Files\Microsoft Online Directory Sync. Change to read a different value for hours:minutes:seconds…
-
Lab Environment: Set All Users With Non-Expiring Passwords
Using Active Directory Module for Windows Powershell (part of Windows 2008 R2 Active Directory and downloadable for earlier versions of AD) use the following cmdlet to set all your user to have non-expiring passwords. Great for lab environments: Get-ADUser | Set-ADAccountControl –PasswordNeverExpires $True
-
Free/Busy Cross-Forest Working One Way Only
Or indeed, not working at all! I had the issue of it working one way only (On-Premise Exchange organization > Office 365) but the other way (cloud to on-premise) did not work at all. The answer is shown in this video http://www.microsoft.com/showcase/en/us/details/a16a9d39-416a-4b01-a88f-5ff511580424 This covers the reasons why Free/Busy (and the other federation features of MailTips,…
-
CRM Router and Exchange 2010
To configure the CRM Email Router with Exchange 2010 you need to do the following. Not all of these points are clearly documented on the internet. Create a mailbox (CRM_Router@domain.com) Set password never to expire Ensure that the mailbox is not hidden from the address list Login to above mailbox Enable impersonation with the following…
-
Publishing ADFS Through ISA or TMG Server
To enable single sign-on in Office 365 and a variety of other applications you need to provide a federated authentication system. Microsoft’s free server software for this is currently Active Directory Federation Server 2.0 (ADFS), which is downloaded from Microsoft’s website. ADFS is installed on a server within your organisation, and a trust (utilising trusted…
-
PowerShell Script To Update All UPN’s
This quick script will process all your user accounts in the domain and change the UPN for each of them to a new one, which you need to specify in the script in advance of running it. This script is useful for Office 365 Rich Coexistence (Hybrid) scenarios which require that the UPN (User Principal Name)…
-
Changing ADFS 2.0 Endpoint URL for Office 365
If you are configuring single sign-on for Office 365 then you will need a server running Active Directory Federation Services 2.0 (ADFS 2.0). When you install this you are asked for a URL that acts as an endpoint for the ADFS service, which if you are publishing that endpoint through a firewall such as TMG…
-
Delegate Approval for Meeting Requests Failing
If you require delegates to approval all room bookings in Exchange 2010 and you have the following two settings set to True then rooms will automatically be approved AllRequestOutOfPolicy: True AllRequestInPolicy: True To require that rooms are approved by the delegate regardless of when the room is booked set AllRequestOutOfPolicy to False. These settings require…
-
Exchange 2010 Update Rollups and Error 1603
You download and begin to install an Exchange Rollup Update only to find after waiting ages for it do the NGen stuff it fails, and on watching it closely you notice it fails on stopping services. In the event log you are pointed at a website with information on verbose logging for MSI installations. But…
-
.DLL Errors and Blackberry Enterprise Server
During a configuration of Blackberry Enterprise Server today I found that I was getting .DLL errors when trying to create a MAPI profile on the BES Server (v5.0.2) when running IEMSTest. Well it was not the usual stuff – it ended up being the alias that had been assigned to the BESAdmin account. The policy…
-
Career Factor: The reality show
Starting January 18th, check out Microsoft’s Career Factor, a real-time, online, interactive reality show. It will tell the stories of nine real individuals around the world, each working to improve their IT careers. During the next five months, each will be working toward a career goal with the help of Microsoft, its partners, and the…
-
Random Chinese Characters in Exchange 2010 SP1 Emails
I have been sent a few emails from a client that start like this: 格tml> 格ead> 猼tyle㰾!– .hmmessage P { margin:0px; padding:0px } body.hmmessage { font-size: 10pt; font-family:Tahoma } –>⼼style> ⼼head> 㰊body class=’hmmessage’> The HTML characters repeat throughout the message, but not on every message, though those sent from Hotmail are typically affected (but it…
-
MCM Exchange 2010 Video Previews
Updated 6th October 2013: With the removal of the MCM classes from Microsoft Learning’s provision of training and certification, I have posted this video content on my own blog at http://c7solutions.com/2013/10/the-exchange-server-header-firewall-mcm/ — Fame at last! Well not really, but here (http://blogs.technet.com/b/themasterblog/archive/2010/12/28/mcm-exchange-video-preview.aspx) is a video introducing the MCM Exchange class posted on the MCM Blog. The…
-
GoDaddy SSL Certificate Approval with TXT Records
I had a bit of an issue with Go Daddy yesterday in that they took 5 days to approve a Subject Alternative Name change to a certificate, and as the usual route of adding a file to a website was unavailable to me I decided to prove ownership of the domain by the addition of…
-
Unknown Error, Outlook 2003 and Exchange 2010
It’s a well documented issue with Outlook 2003 connecting to Exchange 2010 that means Outlook 2003 is not as responsive in Online mode as it was with legacy versions of Exchange Server (http://support.microsoft.com/kb/2009942). What is less well documented is an odd error message that can appear because of this interaction. Imagine the following scenario. User…
-
iPhone 4 and Exchange 2003/2010 ActiveSync Slow Performance
This is a well known problem now, and has been since the first releases of the iPhone 4 in July 2010. Later updates to iOS (4.1 and later) do not exhibit this problem, but if you are upgrading an Exchange 2003 organization to Exchange 2010 there comes a point where you switch over the endpoints…
-
Windows Search Across The Network
Windows 7 has Windows Search built in, but it will only index locations on the local PC or folders that you have made available offline. What about the rest of your network? An error you might see because of this is “This network location can’t be included because it is not indexed”. If the servers…
-
VirtualBox
We are presenting at Exchange Connection 2010 later this year, and I need to set up some demo machines. I need my demo to run Exchange 2010, which is a 64bit application and I do not have guaranteed internet access so I cannot run my demo’s via my lab machines in the UK. But I…
-
Restrictive Throttling Policies in Exchange 2010
Exchange Server 2010 has the ability to limit user and administrative actions. But in testing this feature in a lab I set the default policy (which by default affects everyone, including the Administrator account) to a policy that stopped me undoing the policy again! I ran Set-ThrottlingPolicy def* -PowerShellMaxConcurrency 1 -PowerShellMaxCmdletsTimePeriod 1000 -PowerShellMaxCmdlets 1 which…