So you need a simple SMTP relay test for Office 365
Introduction

I have been doing a ton of Exchange migrations lately and setting up internal IIS relays to smarthost to Office 365. In this I have found many issues with firewalls and various settings IT managers like to do to keep email traffic limited. In this I have had to figure out ways to test SMTP from telnet to PowerShell and this one is my favorite so I thought I would share.

Steps (4 total)
1
Open PowerShell
Right Click on PowerShell and Run As Administrator

2
Store your Office 365 Mailbox Credentials
get-credential will prompt you for the Office 365 relay mailbox creds. you need to store this in a variable so you can call it as one bit in the next command line.

$relaycreds = get-credential

3
Use Send-MailMessage PowerShell Command
now we can use the creds above to send a test email message using the Send-MailMessage command. [email protected] to the same user #you just stored the relaycreds in step one. [email protected] to another email address you have under your control so you can see it relay.

Send-MailMessage –From [email protected] –To [email protected] –Subject “Test Email” –Body “Test SMTP Relay Service” -SmtpServer smtp.office365.com -Credential $relaycreds -UseSsl -Port 587

4
Test the SMTP Relay
use the same command with a few changes to test the SMTP relay now.Do this from the server with IIS6 SMTP relay on or change localhost to the FQDN of your choice.

Send-MailMessage –From [email protected] –To [email protected] –Subject “Test Email” –Body “Test SMTP Relay Service” -SmtpServer localhost -Port 25

Conclusion

So really simple way to send emails now and you can see also from this command the ability to email from a scheduled task attached to event triggers. This will help you monitor your windows servers for those specific events that you care about.

Good luck

Authenticate to Azure Account

Add-AzureAccount

Select Azure Subscription

$subscription = (Get-AzureSubscription).SubscriptionName | Out-GridView -Title "Select Azure Subscription" -PassThru
Select-AzureSubscription -SubscriptionName $subscription -Current

Select Azure Storage Account

$storageAccount = Get-AzureStorageAccount | Select Label,Location | Out-GridView -Title "Select Azure Storage Account" -PassThru
Set-AzureSubscription -SubscriptionName $subscription -CurrentStorageAccountName $storageAccount

Select Azure VM

$vm = Get-AzureVM | Select ServiceName | Out-GridView -Title "Select a VM Service Name ..." -PassThru
$vmname = $vm.ServiceName

Select Data Disk to resize

$disk = Get-AzureVM -ServiceName $vmname -Name $vmname | Get-AzureOSDisk | Out-GridView -Title "Select a data disk to resize" -PassThru
$diskName = $disk.DiskName

Stop and Deallocate VM prior to resizing data disk

Stop-AzureVM -ServiceName $vmname -Name $vmname -Force

Specify new Data Disk size – must be larger than current size

do {$size = Read-Host -Prompt "New size in GB"} until ( $size -gt $disk.LogicalDiskSizeInGB )

Resize Data Disk to Larger Size

Update-AzureDisk -Label "$diskName" -DiskName "$diskName" -ResizedSizeInGB $size

Start VM

Start-AzureVM -ServiceName $vmname -Name $vmname

A few days ago I was working on an Azure VM host and trying to repair the AD role on one particular server. After removing the AD and DNS roles the server became unresponsive due to what was now bad DNS entries on the NIC card. No console session to get in an reset this and so I went to asking my buddy Craig at MS about this. His advice was to change the size of the VM which would reset the NIC and get it back to DHCP. We tried this and it actually works!

Just wanted the community to be aware of this quick fix to a headache with Azure VM's

Seems like all I do lately is migrate users to Office 365. In that I have started getting very large numbers of users and it quickly became impractical for me to manually assign Office 365 licenses. In that regard I started looking around for some PowerShell scripts that would allow me to do this. After searching and searching it appears that most, if not all, of the examples on the web were for creating new users then assigning the licenses to them. I had already setup DirSync so the users were already populated on Office 365, so that method was not going to work.

So after much trial and error I have come up with a Script you can run against a email address list CSV dump that will assign the license for you in bulk. Some of the steps are well known, like connecting PowerShell remotely to Office 365, but the bit that had me stumped was now to set the license without actually creating the user first. Once I got around that I was home free.

Steps

Dump your user email list to a CSV text file and set the header for the one column to UserPrincipalName and put the users email address under it one line per user like the example below.

UserPrincipalName
[email protected]
[email protected]
etc…

• Install Microsoft Online Services Sign-In Assistant
• http://www.microsoft.com/en-us/download/details.aspx?id=41950
• Install Azure AD Module
• http://go.microsoft.com/fwlink/p/?linkid=236297
• Find the Azure AD PowerShell Icon and right click then Run As Administrator
• Go to your C:\ and create a folder called Scripts

Create a new text file and copy the following code into it, then save the file as licenses.ps1 and save it to the scripts folder.

Connect-MsolService
#CSV file picker module start
Function Get-FileName($initialDirectory)
{ 
 [System.Reflection.Assembly]::LoadWithPartialName(“System.windows.forms”) |
 Out-Null
  
 $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
 $OpenFileDialog.initialDirectory = $initialDirectory
 $OpenFileDialog.filter = “All files (*.*)| *.*”
 $OpenFileDialog.ShowDialog() | Out-Null
 $OpenFileDialog.filename
}

#CSV file picker module end

#Variable that holds CSV file location from file picker
$path = Get-FileName -initialDirectory “c:\”

#Window with list of available 365 licenses and their names
Get-MsolAccountSku | out-gridview

#Input window where you provide the license package’s name
$server = read-host ‘Provide licensename (AccountSkuId)’

#CSV import command and mailbox creation loop
import-csv $path | foreach {
Set-MsolUser -UserPrincipalName $_.UserPrincipalName -usagelocation “US”
Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -AddLicenses “$server”
}

#Result report on licenses assigned to imported users
import-csv $path | Get-MSOLUser | out-gridview

Jump back to the Azure PowerShell window and set the execution policy to unrestricted by running the following command in the PowerShell window

• Set-ExecutionPolicy Unrestricted
• Hit “Y” when prompted
• CD C:\scripts
• Run the script
• .\licenses.ps1

First prompt is for your Office 365 admin credentials. Use the [email protected] account that was created the first time you setup Office 365.

Second Prompt is for the location of the UserPrincipalName CSV file, just browse to where you saved it (c:\scripts) and select it then hit ok.

Third window will look up the sku of the licenses you purchased.
Type the SKU name EXACTLY as you see it with your account name :then the SKU

Then the script will run and assign the licenses to the users.

In conclusion I hope this helps you with your Office 365 migrations.

References:
http://www.codetwo.com/admins-blog/how-to-add-and-license-users-in-bulk-on-office-365/

Dealing with a rabbit hole issue that ened up being a Windows patch KB3002657 breaks NTLM.
https://www.pickysysadmin.ca/2015/03/11/kb3002657-breaks-everything/

Uninstalling the patch fixes the issue

Youtube Video

I have been answering questions on the forum and it came up that someone’s IPhone was not syncing some calendar items while other calendar events synced fine, with no real difference in how the appointments are created. After researching this I came across a tool that allows you to scan the problem mailbox or all the mailboxes on an exchange server and moving the corrupted items into a folder in the users Mailbox for remediation or deletion. After realizing this was a big part of Exchange administration I thought I would put together a How To so I would remember and others would have the benefit.

1. Download CalCheck from Microsoft
   http://www.microsoft.com/en-us/download/details.aspx?id=28786
   Get the 32 bit version the 64 bit is not really usable on all platforms.
2. Extract the Zip
   Find the download and extract the zip to a convenient location.
   Run the CalCheck.exe application and choose the correct Outlook Profile to run the Calendar scan against.
3. Check The Log Report
   Open up the folder you extracted with CalCheck.exe in it and find the log file named CalCheck.txt
   This will list all the calendar errors and specific references to why the errors will cause sync issues.
   Give this to your end user or boss as evidence of the core issues
4. Fix Errors
   CalCheck will not delete any errors but it will report and move those errors to a new folder it creates in the users Mailbox called, you guess it, CalCheck.
   You can force it to run the fix switch from the command line.
   Windows key + R to get the Run dialoge
   CMD
   CD to the folder with CalCheck
   C:\CalCheck_x86\CalCheck.exe -f
   Choose the Outlook profile you want to run against and let it go. It will then scan, overwrite the log, create a CalCheck folder in the users mailbox and move any errored items over to that folder for delete or fix.
   I also like to run this with the -r switch as it will create a report email and place it in the users inbox listing all the corruption for all to see.
   C:\CalCheck_x86\CalCheck.exe -f -r
   After the check is complete go back to the users Outlook and you will see a new CalCheck folder listed under the Mailbox.
   Locate items that are unwanted and delete them
   Recreate any appointments that have corruption and be sure to fill out all the info on the appointment form so as not to reintroduce the issue.
5. Admin: How To Scan Every Mailbox And Report Corruption
   You can also run this tool via command line and have it enumerate and scan all the mailboxes on the exchange server.
   You will need to run this from a profile that has administrator rights to all the mailboxes on the server.
6. Admin: Multi Mailbox Mode: Set User To Full Access
   Works in Exchange 2010 and higher
   Give Full Access Rights on the server to all Mailboxes to one user.
   Use PowerShell for this Changing OUName and UsersName to the correct admin user.
   Get-Mailbox -OrganizationalUnit “OUName” | Add-MailboxPermission -User “UsersName” -AccessRights FullAccess
7. Admin: Multi Mailbox Mode: Create Mailbox List Text File
   Change ServerName and Set the Path and File Name
   Get-Mailbox -Server “ServerName” | fl Name, LegacyExchangeDN | Out-File <path and file name> -width 200Copy the file to the machine you will run CalCheck on or put it on a share you can access.
8. Admin: Multi Mailbox Mode: Run CalCheck Against All Mailboxes
   Log on to the machine you have Outlook installed as the user you gave full access to in step 6.Create a new Outlook Profile and connect it to exchange for the full access user.
   Download CalCheck 32 bit from MS and install it
   http://www.microsoft.com/en-us/download/details.aspx?id=28786
   Extract the download to C:\CalCheck
   Copy the Mailbox list text file to the C:\CalCheck Directory
   Open a Command Prompt and CD C:\CalCheck Directory
   CalCheck -L C:\CalCheck\Mailboxlist.txt -F -R
   The CalCheck -F on the end users machine that is experiencing Calendar sync issues to the phones is the quickest way to get calendar sync issues resolved.
   Using the Admin Mode to keep that corruption at bay is the next layer to a happy end user experience.

Big shout out to NTG.co and all the great folks that work so hard to make this and Spiceworks great!

Hyper-V has matured into a robust and reliable HyperVisor and I have been using it reliably since the first iteration. With 2012 R2 the feature set makes it a no brainier when compared to ESX on purely cost basis.

Back to the original question regarding having a DC on the same box as the Hyper-V Hyper-visor and having it attached to the domain.

Two ways I can say I would set this up.

First way if I had access to only one Bare Metal box would be to leave the Hyper-V server off the domain and run it stand alone. This would remove the requirement of having the DC online before you login to the Hyper-V server and control functions.

Second way if I DID have access to another physical box would be to add a second domain controller as a second VM on a Second Hyper-V box. This way you almost always have a DC online to run creds against so you can attached the Hyper-V server to the domain.

Third way I have seen this setup is to have a completely separate domain for just the Hyper-V servers. I have only seen this in very large datacenter deployments so I don't really think this applies.

https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html?mkt_tok=3RkMMJWWfF9wsRokvK%2FAd%2B%2FhmjTEU5z17ewkXaG1hokz2EFye%2BLIHETpodcMTsRhPLHYDBceEJhqyQJxPr3NKNgN3tx5RhPmCg%3D%3D

On screen connect the Relay port and all communications on that port are already encrypted the only bit you need to encrypt is the web portal. In order to properly encrypt the web portal you also need to apply an SSL certificate then you should be able to work HTTPS.
What I would do at this moment is reinstall Screen Connect from scratch leaving all the default ports and test it to be sure you can get it working.

Once you are sure you have it working then go about changing the web portal port to 443 / HTTPS leaving the default relay port on 8041. I use this configuration on a few Screen Connect instances and it works well.

Also be sure this box does not have any other web services installed as that can interfere with your ports.

http://help.screenconnect.com/SSL_certificate_installation

http://help.screenconnect.com/Changing_default_ports

Actually your distribution groups are a great way to do this. On S4B just type the name of a distro group in Exchange online and it should populate those users and group for you by right clicking and add to favorites.
Sometimes I create a separate book just for departments etc.

This is me blatantly self-promoting!
Call DataGuys if you need any trade help or if you are just in need of a vacation, I am available to take the reins so you can relax!
www.dataguys.net

There I feel so much better now...

I also thought about the Outlook plugin allowing the end users to parse the archive, maybe you could export to PST and just writeup how to do it and have the minions perform your backup?

I am look at various opinions on how to best accomplish a large Sharepoint migration to Sharepoint online.
Let me know what you think?

What version of Exchange are you running?

Please note this feature has been discontinued in Exchange 2010 sp1 and newer
http://technet.microsoft.com/en-us/library/aa998911.aspx

Yep they pretty much did away with this as it was a feature that was never really used and was a big security hole... If you have Exchange 2007 it is available... This all runs on WebDAV as far as I can tell.

What is happening is the mapped drive is sitting idle for 15 min and then disconnecting to free up resources. DB applications such as yours get these errors because this connection is not persistent as g.jacobse has eluded to with the /persistent:yes command. This will keep the drive mapped but does not stop the idle timeout from occuring which will continue your error.

Do this on the machines in question: (also can be deployed via Group policy script)

Open CMD then right click and run as administrator

net config server /autodisconnect:-1

This will set the autodisconnect to never disconnect and you should not see this error any more.

Give it a try and report back your findings.

Download AD manager from Manage Engine and run the AD reports you seek.
Install this on one of your DC's
http://www.manageengine.com/products/ad-manager/download.html
Free to use for up to 100 users which I find is plenty for most.

Report back if you need more.