Exchange Server hybrid “edition” myths and misunderstandings

28th of April, 2016 / Lucian Franghiu / 35 Comments

There’s a common misunderstanding that Exchange Server hybrid (whichever version you may be running) is needed to be kept on-premises forever if you have Azure AD Connect. AADC syncs on-premises Active Directory with Azure AD. When AADC and federated identity is enabled, MOST of the cloud attributes in Azure AD are READ ONLY. From that statement it’s been understood that hybrid is needed to be maintained to do all that Exchange Online remote management goodness. Wrong!

I hate to burst the bubble here, but, I’m going to burst the bubble.

Exchange Server Hybrid

Being a consultant, I’m going to do that frustrating thing and say those famous words: “it depends on the situation”. I love being ambiguous sometimes as it affords room for different options and ideas which is great for brainstorming and architecting.

Looking at Exchange Server hybrid functionality independently of thinking about the common tech phrase “hybrid”, what does Exchange Server hybrid do? Put simply, which isn’t very clear on TechNet or other publications, hybrid creates send and receive connectors between on-premises and Office 365 EXO. It’s now just a wizard / setup application that completes a few commands that can be achieved manually through powershell. It’s not even an Exchange Server role anymore.

Moving SharePoint Online workflow task metadata into the data warehouse using Nintex Flows and custom Web API

23rd of April, 2016 / John Yoon / No Comments

This post suggests the idea of automatic copying of SharePoint Online(SPO) workflow tasks’ metadata into the external data warehouse. In this scenario, workflow tasks are becoming a subject of another workflow that performs automatic copying of task’s data into the external database using a custom Web API endpoint as the interface to that database. Commonly, the requirement to move workflow tasks data elsewhere arises from limitations of SPO. In particular, SPO throttles requests for access to workflow data making it virtually impossible to create a meaningful workflow reporting system with large amounts of workflow tasks.… [Keep reading] “Moving SharePoint Online workflow task metadata into the data warehouse using Nintex Flows and custom Web API”

Using saved credentials securely in PowerShell scripts

21st of April, 2016 / David Lee / 30 Comments

One of the most common tasks out in the field is the need to run PowerShell scripts that require credentials to be saved in some form of another so that they can be fed into scripts to be executed autonomously. This is particularly common in cloud environments where the current user context in which the scripts are run (e.g. within a scheduled task) are insufficient or not appropriate for the remote execution. Office 365 management is a perfect example of this, where often a credential object must be passed in order to connect and execute the cmdlets.… [Keep reading] “Using saved credentials securely in PowerShell scripts”

Implementing Microsoft (Office365) Peering for ExpressRoute

21st of April, 2016 / Shane Fisher / 13 Comments

Notes from the Field

I have recently been involved with an implementation of Microsoft Peering for Expressroute with a large Australian customer and thought I would share the experience with you.

Firstly, and secondly, make sure that you read the specific guidance from Microsoft regarding prerequisites for Microsoft Peering. (See below)

Configure Microsoft peering for the circuit

Make sure that you have the following information before you proceed.

A /30 subnet for the primary link. This must be a valid public IPv4 prefix owned by you and registered in an RIR / IRR.

… [Keep reading]

Programmatically read email from an Exchange Sever Mailbox

19th of April, 2016 / Vibhu Kuchhal / 21 Comments

I can’t recall how many times I have come across a requirement to programmatically read emails from an Exchange Server mailbox and take some action based on the presence of new messages. The component reading the emails can read the mail content, parse its contents and transmit the data to other downstream systems. In this blog I’m going to take a look at one way we can do this.

Objective

In my scenario there was a requirement to develop a program to retrieve mails from an Exchange mailbox and, based on a specific criteria, send the email to multiple users based on an distribution list identifier.… [Keep reading] “Programmatically read email from an Exchange Sever Mailbox”

Consuming CSV files from an Exchange Mailbox via Exchange Web Services and FIM/MIM 2016 using the Granfeldt PowerShell MA

30th of March, 2016 / Darren Robinson / No Comments

This solution on first look is quite random. A management agent that consumes a flat file (comma separated file) isn’t ground breaking, but when the twist is that the CSV file is in an email in an Exchange Inbox, it’s quite a different scenario.

Background

My customer uses a Cloud Service for their recruitment processes. The cloud service does have a SOAP API that I could potentially develop a FIM/MIM solution for using the Microsoft Web Services Management Agent, however my customer does not have API access to their tenant, the vendor isn’t overly responsive and I need a solution in days not weeks.… [Keep reading] “Consuming CSV files from an Exchange Mailbox via Exchange Web Services and FIM/MIM 2016 using the Granfeldt PowerShell MA”

Managing SharePoint Online (SPO) User Profiles with FIM/MIM 2016 and the Granfeldt PowerShell MA

22nd of March, 2016 / Darren Robinson / 5 Comments

Forefront / Microsoft Identity Manager does not come with an out-of-the-box management agent for managing SharePoint Online.

Whilst the DirSync/AADConnect solution will allow you to synchronise attributes from your On Premise Active Directory to AzureAD, SharePoint only leverages a handful of them. It then has its own set of attributes that it leverages. Many are similarly named to the standard Azure AD attributes but with the SPS- prefix.

For example, here is a list of SPO attributes and a couple of references to associated Azure AD attributes;

UserProfile_GUID
SID
SPS-PhoneticFirstName
SPS-PhoneticLastName
SPS-PhoneticDisplayName
SPS-JobTitle
SPS-Department
AboutMe
PersonalSpace
PictureURL
UserName
QuickLinks
WebSite
PublicSiteRedirect
SPS-Dotted-line
SPS-Peers
SPS-Responsibility
SPS-SipAddress
SPS-MySiteUpgrade
SPS-ProxyAddresses
SPS-HireDate
SPS-DisplayOrder
SPS-ClaimID
SPS-ClaimProviderID
SPS-ClaimProviderType
SPS-SavedAccountName
SPS-SavedSID
SPS-ResourceSID
SPS-ResourceAccountName
SPS-ObjectExists
SPS-MasterAccountName
SPS-PersonalSiteCapabilities
SPS-UserPrincipalName
SPS-O15FirstRunExperience
SPS-PersonalSiteInstantiationState
SPS-PersonalSiteFirstCreationTime
SPS-PersonalSiteLastCreationTime
SPS-PersonalSiteNumberOfRetries
SPS-PersonalSiteFirstCreationError
SPS-DistinguishedName
SPS-SourceObjectDN
SPS-FeedIdentifier
SPS-Location
Certifications
SPS-Skills
SPS-PastProjects
SPS-School
SPS-Birthday
SPS-Interests
SPS-StatusNotes
SPS-HashTags
SPS-PictureTimestamp
SPS-PicturePlaceholderState
SPS-PrivacyPeople
SPS-PrivacyActivity
SPS-PictureExchangeSyncState
SPS-TimeZone
SPS-EmailOptin
OfficeGraphEnabled
SPS-UserType
SPS-HideFromAddressLists
SPS-RecipientTypeDetails
DelveFlags
msOnline-ObjectId
SPS-PointPublishingUrl
SPS-TenantInstanceId

My customer has AADConnect in place that is synchronising their On Premise AD to Office 365.… [Keep reading] “Managing SharePoint Online (SPO) User Profiles with FIM/MIM 2016 and the Granfeldt PowerShell MA”

Implement a SharePoint Timer job using Azure WebJob

15th of March, 2016 / mmasoodwordpress / 1 Comment

The SharePoint Timer service runs in background to do long running tasks. The Timer service does some important SharePoint clean up tasks in the background but can also be used to provide useful functional tasks. For instance, there may be a situation when you want to send newsletters to your users on regular basis or want to keep your customer up to date with some regular timed information.

I will be using SharePoint Timer Service to send an email to newly registered customers/users for this demo.… [Keep reading] “Implement a SharePoint Timer job using Azure WebJob”

AAD Connect: Custom AAD Attributes & Scheduler PowerShell

10th of March, 2016 / Michael Pearn / 3 Comments

Following on from the posts from my esteemed colleagues: Lucian and Josh, I thought I’d post my experiences working with the latest version (v1.1.110.0) specifically two areas:

Working with the AAD Connect Scheduler, that is now based in Powershell and whose configuration is now stored in AAD, using the ‘Set-ADSyncScheduler’ commands
Working with ‘extension Attributes’ using Directory Extensions feature of AAD Connect

Both of these features are new to the latest version of AAD Connect.… [Keep reading] “AAD Connect: Custom AAD Attributes & Scheduler PowerShell”

Exchange Server 2016 Hybrid upgrade considerations

7th of March, 2016 / Lucian Franghiu / 9 Comments

Exchange Server 2016, RTM as of October 2015, is still very much freshly baked having just come out of the oven from Redmond. Two recent projects that I’ve worked on have required me to consider deploying it as the “Hybrid” server (not an actual role- I’ll get to that later) for integration and coexistence with Office 365 Exchange Online.

With anything new there is a learning curve as to how the new product now works (not that dissimilar from previous versions of Exchange Server) and what will work with the existing environment to not compromise service.

There is an unwritten assumption that is made in our hybrid guidance that you have already properly deployed and completed the coexistence process with the current versions of Exchange in your on-premises environment.

– The Exchange Team