Search

AnotherUCBlog > Exchange, S4B, O365

Share my findings in the Microsoft unified communication world

Month

February 2016

O365 EXCHANGE – Powershell connexion to Exchange Online and Exchange On-Premise in the same console

Hello everybody,

Today I had to make a script to compare the Distribution group members between our on-premise environment and the cloud to bee sure that they all are consistent.

The problem I ran into was that the powershell command to get the group members (Get-DistributionGroup) is the same on local Exchange and Exchange Online, so I had to connect/disconnect from each one each time I parse a new Distribution Group, which is taking time and resources…

After some search, I found that in the command “Import-PSSession” use to connect the Exchange (cloud and on-prem) environment, you can use the parameter “prefix” which will be used to make the difference between the on-premise commands and cloud commands.

A bit difficult to explain, here is an example :

Here is how you will create the connection :

# Exchange Online connexion
$ExchangeOnlineSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential (Get-Credential) -Authentication Basic -AllowRedirection -ea stop
Import-PSSession $ExchangeOnlineSession -AllowClobber -Prefix “Cloud” -ea stop

# Exchange On-prem connexion
$LocalExchangSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri “http://$ExchangeServer/powershell/” -Credential (Get-Credential) -Authentication Kerberos -ea stop
Import-PSSession $LocalExchangSession -AllowClobber -Prefix “Local” -ea stop
Set-LocalAdServerSettings -ViewEntireForest $True -ea stop

Now if you want to get the list of mailboxes in the cloud, you have to type this :

Get-CloudMailbox

If you want to get the list of mailboxes in your local environment, just type this :

Get-LocalMailbox

Easy !!!

This, decrease my script time execution from 35 min to less than 5 minutes !

Enjoy 😉

Advertisements

O365 EXCHANGE – AutoArchive to pst and Online/in-Place archive

Hello everybody,

You maybe never pay attention of it but when you enable the online or in-place archive and assign a retention policy that move emails older than a certain date to a mailbox. The AutoArchive to pst feature of Outlook (at least 2010 version) disappear (You cannot turn it on but also cannot turn it off (graphically only)).

If this feature is still displayed even an archive is enabled on the account, check the following things :

  1. Ensure that you assign a retention policy that automatically move items to the archive
  2. Ensure that the retention policy has been applied by the MRM process. To verify, follow this :
    1. Open OWA with the intended account
    2. Click on the gear (up – right) and select options
    3. In the “mail” section, select “retention policies”
    4. You should get something like this :

RetentionPolicies

If it is empty then the MRM process did not yet apply the retention policy. you can force it by launching the powershell command “Start-ManagedFolderAssistant”.

Also ensure that you have “Default Archive” retention policy tag, if it is not the case, you need to correct your retention policy.

 

O365 – Assign permissions to access O365 Audit log report

Hello all,

Following the article on this new feature, you maybe now want to give access to someone to it and only to it.

This cannot be done via the permissions part of the compliance center, it is indeed in the Exchange Online RBAC permissions.

The cmdlet Search-UnifiedAuditLog is part of the Exchange Online cmdlets.

To give users ability to use that cmdlet you need to assign them the role “View-Only Audit Logs”. Then those users will have to go to “https://protection.office.com/” and they will be able to perform their search.

Have a good day 🙂

O365 – O365 Audit log report (License change report)

Hi all,

If I say that you can now audit and get reports of modifications done in O365 like licenses modification ! That would be great, isn’t it ? This is now the case, thanks to the feature called “O365 Audit log report”.

LicenseAudit

By default, this feature is turned off, to enable it, follow this steps :

  1. Log on the O365 portal
  2. On the left pane, click on Compliance
  3. The Compliance Center should open
  4. Go to Reports and in the part Auditing, click on “Office 365 audit log report”
  5. The “Audit log search” page appear and you can now turn on the feature by clicking on the “Start recording user and admin activities” button.

This should take around 2 hours to be effective.

Now to search for any modification done on licenses :

  1. Enter a start date and an end date
  2. If you want to trigger any modification done by an admin, fill the “User” field
  3. Launch the Search
  4. And here is the result : LicenseAudit
  5. You can now use the filter on the item column in order to check modification done on a particular user.

This audit and report feature can also be used for Exchange Online and Sharepoint reporting like modification done a document hosted in a personal Onedrive storage.

AuditExternalModification

The picture show modifications done on an excel file hosted in Onedrive, one modification has been done by an internal user and the other has been done by an external user.

You can audit the following solutions :

  • User activity in SharePoint Online and OneDrive for Business
  • User activity in Exchange Online (Exchange mailbox audit logging)
  • Admin activity in SharePoint Online
  • Admin activity in Azure Active Directory (the directory service for Office 365)
  • Admin activity in Exchange Online (Exchange admin audit logging)

Just to let you know :

  • You can search the Office 365 audit log for activities that were performed within the last 90 days.
  • It takes up to 15 minutes after an event occurs in SharePoint Online or OneDrive for Business for the corresponding audit log entry to be displayed. It takes up to 12 hours for events in Exchange Online and Azure Active Directory.

You can also perform your search using Powershell with the Search-UnifiedAuditLog cmdlet (https://technet.microsoft.com/library/mt238501(v=exchg.160).aspx)

You can get more information regarding this feature on this page https://support.office.com/en-us/article/Search-the-audit-log-in-the-Office-365-Protection-Center-0d4d0f35-390b-4518-800e-0c7ec95e946c?ui=en-US&rs=en-US&ad=US

En joy 🙂

O365 HYBRID – Auto archive to pst missing after migration

Hi all,

The Auto Archive feature of Outlook is a feature which create a pst file and move automatically items that are older than a number of days you configured into that pst file.

outlook_autoarchive

When migrating a user to Exchange online with the online archive enabled, the auto archive to pst feature of Outlook disappear from the Outlook options but the feature is still enabled and you cannot turn it off anymore.

Which means that no matter the user is having an online archive, the pst file will continue to grow…

In order to turn it off, you can do it via a modification in the registry : HKCU\Software\Microsoft\Office\<OutlookVersion>\Outlook\Preferences\DoAging

This value is set to 1 when auto archive is set up. To turn it off, just set it to 0. You can do it via GPO if you want.

Create a free website or blog at WordPress.com.

Up ↑