Category: Office365

From home to business, from desktop to web and the devices in between, Office delivers the tools to get work done.

Outlook cache responsible for NDR – recipient not found – X500

We have all been there. At some point in our lives we needed to migrate a mailbox from one place to another. And although migration processes are normally pretty straightforward, the shizzle starts to hit the fan when the end-user gets involved.

Let me paint this picture for you:

Recently I was asked to migrate an Exchange 2007 mail-enabled Public Folder Folder to an Exchange 2013 shared mailbox. Nothing scary there. Just your run-of-the-mill PST migration.

After finishing the migration and adding the newly created shared mailbox to Outlook clients, users started to complain that when other users wanted to email them they would get an NDR saying: Email-address or user not found.

You probably guessed it: The cause being of course the Outlook Auto-completion cache.

Now I could have just emptied the cache of every last Outlook client and be on my happy way,  but instead I dug a little deeper and found this little gem of an article:

Mystery of adding X500’s – What an amazing thing to know…!!!

All credits go to the author of this article, because it made my life easier. In this article the cause of the NDR becomes evident. In it it is explained that in the Outlook cache the X500 address of the original Public Folder is retained. This address points to the Active Directory object of said Public Folder. To point Outlook in the right direction, we could just add the original X500 address to the new shared mailbox.

How this is to be done is pretty simple:

  • Open the NDR report received by any sender and copy the line with the X500 address:
    • 1-NDR
      • The original line is longer than above example, so make sure to copy the complete line!
    • Paste it in your favorite text-editor.
    • Remove the first part (IMCEAX-)
    • Replace all _ with /
    • Note the +20, +28 and so on in the line. Replace these with their corresponding punctuation marks.
      • +20 = space
      • +28 = (
      • +29 = )
      • +2E = .
    • The result being something like this (parts removed to protect myself):
      • /O=ORG/OU=EXCHANGE ADMINISTRATIVE GROUP (FYDIBO3294720)/CN=RECIPIENTS/CN=EMAIL ADDRESS92037239874@org.com
    • Now all you have to do is add this line as an X500 address to your shared mailbox.
      • 2 - addaddress

Enjoy this little bit of knowledge to ease your e-mail migration days!

Happy administering!

 

Install AADconnect

Today I will be installing AADconnect. With AADconnect you can sync your on-premise Active Directory objects with the ones in Azure Active Directory which is used by your Office 365 online tennant.

You will not be needing this if you have deployed or want to deploy ADFS,

How to install.

Make sure you have all the latest updates on the Windows machine that you want to install AADconnect on. Remember that this machine can be an Active Directory Domain Controller but it does not HAVE to be. You can also use a member server. As long as it is running at least Windows Server 2008 R2 you will be fine.

Prior to installing AADconnect, you have to install Powershell 3.0. To accomplish this, you need to install the Windows Management Framework 4.0 from here. In addition, WMF 4.0 needs Microsoft .NET Framework 4.5.  which can be obtained from the Microsoft Download Center.

Finally we need an account in your on-premise Active Directory of which the password never expires and that is a member of Domain Users, Domain Admins and Enterprise Admins. In this blogpost I will use SVC_AADconnect.

Allright so finally we can now install AADconnect. First download the installer from this site.

Copy the installer to the machine you are trying to install AADconnect on and run it (as administrator).

You will be treated with a welcome screen. Make sure you read and agree to the license terms and privacy notice.

1

I will be using the Express Settings. You should also choose this if you have only one Active Directory forest and don’t want to exclude certain oU’s.

2

First you need to enter the administrative account of your Office 365 Tennant (a global Administrator) and the password associated with it.

3

Next the installer needs to know which account you would like to use for connecting to your on-premise Active Directory. In my case this would be the newly created SVC_AADconnect account.

4

Make sure you are ready to begin synchronizing your on-premise Active Directory with the Azure AD of the Office 365 tennant, because when you leave the ‘Start synchronization process…’ tick on, it wil obviously start syncing immediately. It is also possible to untick it and start the sync process later on manually.

5

After the install is done, you can start the sync proces by running the appropriate Windows task.

6

To check if your sync is successful, you could make a shortcut to “C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe” and run it.

7

8

Once it says success, you can check in the Office 365 portal if everything is ok.

9

 

I hope that some of you benefited from this post.

 

Get all licensed users

Sometimes it can come in handy to have a list of all users with a license in Office 365. Unfortunately the admin gui does not provide such a query. So once again Powershell comes to our rescue.

Make sure you connect Powershell to your Office365 tennant first.

Get-MsolUser | where-object { $_.IsLicensed -eq "TRUE" } | Select-Object UserPrincipalName, DisplayName, Country, Department | Export-Csv c:\temp\users.csv

Change O365 username

Sometimes you may want to change the username of a synced user in Office365. Well normally in a synced environment this would not be possible:

Screen1

Luckily we have Powershell at our disposal. Just connect to your Office365 tennant and execute by running the following commands:

Connect-MsolService
Set-MsolUserPrincipalName -UserPrincipalName oldusername@domain.com -NewUserPrincipalName newuser@domain.com

 

© 2018 Zandink.org

Theme by Anders NorenUp ↑