Add Send As permission to all users in Office 365

The following will show you how to grant SendAs permission to all recipients in Office 365 Exchange Online. This is for two recipient types, mail users and user mailboxes in the situation where you have directory synchronization turned on and an Exchange hybrid setup. First things first, connect to the Office 365 Exchange Online remote PowerShell: Import-module msonline $LiveCred=Get-Credential Connect-MsolService –Credential $LiveCred Run the following 3 commands to connect Windows PowerShell to the Office 365 exchange service: $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ –Credential $LiveCred -Authentication Basic –AllowRedirection Import-PSSession $Session (If you get an error with this cmdlet, run…

Office 365 email archiving activation error

We have an Exchange 2010 SP3 Hybrid setup with Office 365 and have directory synchronization turned on. We tried to enable email archiving for a migrated user in the cloud using the Exchange Control Panel. However received the following error: The following error occurred during validation in agent ‘Windows LiveId Agent’: ‘Unable to perform the save operation. ‘User_fecbfd8514′ is not within a valid server write scope.’ Click here for help… The proper way to enable archiving for a user, you need to do this from the on-premise side as shown in the screen shot below. Once you have enabled the…

Export Active Directory (AD) user accounts with specific email address and import as contacts to Office 365

I have a two Office 365 tenant accounts, with one on-premise Exchange organization. Currently two companies share the same on-premise Exchange organization. As part of moving mailboxes to the cloud, we are separating the companies by moving them to their own Office 365 tenant account. This brings us numerous problems and different functionality, with one major limitation is a split GAL. PowerShell can assist us. I need to get a list of all possible properties for the Get-Mailbox cmdlet. Get-Mailbox -identity user@domain.com.au | fl This will display all the possible fields that we can use to do a custom search….

Setting up secure encrypted VPN using Routing and Remote Access

The following guide will show you how to setup a secure VPN connection using encryption. You will need only Windows Server 2008 R2, with the Network Policy and Access role, including Routing and Remote Access and Network Policy Server. You will also need to allow the VPN port 1723 through your firewall as a NAT rule, pointing this to the Routing and Remote Access server. Routing and Remote Access server configuration: Click on the Security tab. Click Configure, add in the RADIUS server IP address. On the RADIUS server, add in a RADIUS client which points to the Routing and…

Exchange 2010 SP2 Client Access Outlook profile RPC endpoint changes

There are some fundamental changes after installation of Exchange 2010 SP2 Update Rollup 3 (RU3) or later. Description of Update Rollup 3 for Exchange Server 2010 Service Pack 2. Terms: RPC Client Access – The RPC Client Access service provides data access to any mailbox server through a single, common path of the Client Access server RPC endpoint – This relates to the Outlook profile RPC endpoint, the client access server in which Outlook connects to, see screenshot below. This hostname is internally resolvable only. History: In earlier versions of Exchange Server 2010, client connection requests were not redirected to…

Remove Active Directory Domain Controller Metadata – remove a domain controller using a script

Taken from here, this script is fantastic! You can run this from any domain member computer while logged in as a domain administrator. This script will clean up all metadata left over from a forced removal of a domain controller, e.g. DNS and Sites & Services information. I had a domain controller (DC) which needed to be rebuilt due to serious issues, as it was virtual, I disconnected the network, then simply formatted the OS drive and reinstalled Windows Server from scratch before connecting it back to the network. Meanwhile from another server, I ran the script below – worked…

Move/Transfer Active Directory FSMO roles using PowerShell

Rather than using the GUI, you can move the Active Directory (AD) from the command prompt using PowerShell in just a few seconds, rather than minutes. Import the Active Directory PowerShell module: Import-Module activedirectory Transfer all the FSMO roles at once, or one by one: Move-ADDirectoryServerOperationMasterRole -Identity "<DC_Name>" -OperationMasterRole PDCEmulator, RIDMaster, InfrastructureMaster, SchemaMaster, DomainNamingMaster There are five FSMO roles to transfer: PDCEmulator RIDMaster InfrastructureMaster SchemaMaster DomainNamingMaster To check which FSMO roles are on what domain controller, from the command prompt run netdom query /d:<domain> fsmo