Home Blog

Office 365 Remove a search for in-place eDiscovery and hold after mailbox deleted


You place the mailbox on hold, but delete the mailbox. The search cannot be removed while there is a hold. So..you need to remove the hold. You can do this with a remote powershell session and this command:

Set-MailboxSearch -Name Searchname -InPlaceHoldEnabled: 0

Wait a minute, refresh the compliance page and the in-place hold should be = NO
Then you may delete the hold.

*Remote Powershell*
Open PS in administrative context
Run: Set-ExecutionPolicy RemoteSigned
Then Run:
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange-ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session

NOTE: When prompted for credentials, enter your Office 365 admin username/password or one that has admin rights for the tenant.

Store iPhone backups in the cloud or in DropBox (PC)


A client approached me to inquire about using cloud storage for, well, everything. They wanted their laptop to dock with a USB hard drive that was synced with DropBox (cloud storage). Since they have an iPhone, naturally they wanted to see about storing iPhone backups in the cloud.

My first thought was, your backups need to be Encrypted. After that, store them wherever you’d like! Of course, if you don’t wish to store them locally (Apple default save directory), then you can make one simple change to your system which will redirect where iTunes stores those backups. To make this happen, we use a Symbolic link – which is a type of Shortcut that tells the File System to look in another place for the folder iTunes is expecting to save your backup in. It’s completely transparent to iTunes.

For PC

iTunes backups are stored in “C:\Users\*USERNAME*\AppData\Roaming\Apple Computer\MobileSync\Backup”

To move this folder’s location:

  • Copy the folder to the new location (for example: the DropBox folder on your USB drive)
  • Either keep the original folder name of Backup or rename to something more descriptive. I like “iPhone Backups”
  • Go to the original folder location “C:\Users\*USERNAME*\AppData\Roaming\Apple Computer\MobileSync\”
  • Either delete the folder “Backup” or rename it “BackupOld” to keep it
  • Press Shift+Right Click and select the option to open a Command window here
  • Type the following command:

mklink /J "%APPDATA%\Apple Computer\MobileSync\Backup" and "<DropBox path>:\iPhone Backups"

  • Close Command prompt
  • Launch iTunes and see if it locates the backup

Note: Make sure you check your cloud storage for the backup as well. It may take a while to upload.


For Mac instructions, please use this excellent resource: https://support.imazing.com/hc/en-us/articles/203504123-Storing-your-iPhone-Backups-on-an-Alternate-Location

FileZilla cannot View Edit Excel documents remote document


This issue arises with FileZilla possibly due to lack of native support for the XLSX file extension. The fix is to manually map the associations for Excel in FileZilla (you may not need both, but I included xls for good measure):


  • In FileZilla goto Settings, then File Editing / File Type Associations
  • In the Custom filetype associations pane, enter in the following:
    • xls “C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE”
      xlsx “C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE”

Obviously you will need to use your own path for Office and the excel executable.

The same process would apply if you noticed trouble with the DOCX file extension or any other filetype you are trying to VIEW/EDIT from FileZilla.

Exchange Online Office 2016 Resource Room Calendar Powershell commands


This is a reference article for tweaking Exchange Online Resources (Meeting Rooms, Equipment, etc).

  • How to show Organizer Name and Subject meeting details on a Resource Calendar (Meeting Room).
    • Fire up a Remote Powershell session
    • First adjust the calendar default permissions:
      Set-MailboxFolderPermission -AccessRights LimitedDetails -Identity “<Room Name>:\calendar” -User default
    • Next set the variables you want to flow into the appointment:
      Set-CalendarProcessing -Identity “Room Name” -AddOrganizerToSubject $true -DeleteComments $false -DeleteSubject $false
    • NOTE: This only applies to new appointments. The old appointments had their details stripped on acceptance of the appointment. You may be able to force an update of those details if you send an update of the appointment to the Meeting room.
    • NOTE 2:
      Get-CalendarProcessing options
      Set-CalendarProcessing optionsInfo for this how to came from: emtunc.org

*Remote Powershell*
Open PS in administrative context
Run: Set-ExecutionPolicy RemoteSigned
Then Run:
$LiveCred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange-ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic -AllowRedirection
Import-PSSession $Session

NOTE: When prompted for credentials, enter your Office 365 admin username/password or one that has admin rights for the tenant.


**Close your PS Session**
Remove-PSSession $Session

Setup new Office 365 mailbox user Active Directory DirSync without Exchange Server On-Prem


Before Server 2008R2, it used to be a pain to edit exchange mail attributes for users without using an exchange server in your environment. ADSI-edit and PowerShell were two tools you could use, but thankfully that has changed since 2012 provides easy access to the Advanced attributes right from the Properties of the user in Active Directory (AD). This how-to assumes you have no on-prem exchange servers anymore and you have DirSync setup properly with all your email users in Office 365.

Quick instructions for setting up a new Office 365 mailbox user in AD:

  • Create the User (in AD)
  • Right-click and go to Properties.
    On the General Tab: Make sure the user’s email address is correct
    On the Account Tab: Make sure the User Logon Name is the first part of their email address (for example first initial +last name). Then make sure the domain is correct. You want the domain to be their email address domain, not that of the local AD domain name if they are different. Then make sure User Logon Name for Pre Windows 2000 is the same as the other logon name, or as close to it as you can be while being unique within the organization.
  • Set the Email Address Properties
  • Click on Attribute Editor tab. Click on Filter and make sure you can see all attributes, not just those with values.
  • Look for these properties and update the values accordingly:
    proxyAddresses: SMTP:primary.email@domain for this user – SMTP needs to be in capitals. This is also where you would enter in any email aliases, just make sure they start with lowercase smtp:
    targetAddress: SMTP:first_part_of_email@tennantname.onmicrosoft.com
    NOTE: Both addresses need to be unique (within your directory). Attribute Editor will let you enter the same for both, but if you do then the user won’t properly replicate to Office 365 when DirSync runs.
  • After that you can wait for another sync to run, or…you can do what I do and force one.
    From the server containing DirSync, open up PowerShell and type “Import-Module DirSync” and enter. Then run Start-ADSyncSyncCycle. The DirSync status window in Office 365 Admin will tell you if it’s synced since you ran the command…shouldn’t take more than a minute.
    NOTE: This does a full sync and will capture all changes. This makes sense for most environments, but if you’re concerned it may not be appropriate for yours, please consult the following document: https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnectsync-feature-scheduler/
  • Don’t forget to License the User for Exchange Online in Office 365. Their mailbox should be created soon after you do so and you’re all set.

Other Attributes:

Configure Email Service SMTP on Fortinet FortiGate with Office 365


The three ways you can accomplish this are SMTP Client Submission, Direct Send and SMTP Relay.

The first option requres a mailbox username and password. This option should be considered first because it is the most secure. You authenticate as that user and send email as them. Some obvious caveats: You will need access to a mailbox on Office 365 and when the account password changes you will need to update it on the firewall. Direct Send and SMTP Relay don’t have those requirements.

So if you are choosing between Direct or Relay, you should know that Direct can only send to your own mailboxes. So if some of the mail from your device is going to email addresses other than your own domain’s (could be the case if you need to send reports or VPN authentication emails to people who do not have mailboxes in your org) then you’ll need to use Relay. Just so you know though, Relay requires a static IP.

For a handy chart and full instructions on all three setup variations, please refer to: https://technet.microsoft.com/en-us/library/Dn554323(v=EXCHG.150).aspx

SMTP Relay setup:

  • FortiGate setup:
    System–>Advanced–>Email Service. Turn it on.
    SMTP Server: Your MX Endpoint, example: contoso-com.mail.protection.outlook.com
    Port: 25
    Default Reply To: <any email address for one of your domains, working or dummy>
    Authentication: Off
    Security Mode: STARTTLS
  • Office 365 Connector:
    This is needed to accept email from your firewall. You’ll need the static IP of the firewall and the MX Endpoint.
    In Office 365, Open up Exchange Admin–>Click Mail Flow–>Connectors, create a new connector for mail sent from your organization’s server to Office 365.
    The connector setup will ask you to use one of two methods for verifying the email coming in. The most secure is to use your organization’s security certificate (which you should have installed on the firewall). You can also use the external IP address of the firewall.
  • Recommended setting:
    Domain SPF (TEXT) record: Add to your existing if you have one (multiple SPF records are not supported and will result in email delivery issues), or create one. Format like this: v=spf1 ip4:<Static IP Address> include:spf.protection.outlook.com ~all
    This will ensure your mail doesn’t get marked as SPAM.

To Test: Go to Log & Report–>Alert Email and setup a message to go when you log in and log out of the firewall. Then simply do that and within 5 minutes you should get an alert email

Office 365 Outlook 2016 hangs on Loading Profile


After an upgrade from an older version of outlook the first time Outlook 2016 was run it was hanging on “Loading Profile”, prompts for a password for the email account but you can’t type one in because the cursor keeps spinning.

The solution for me was to run Outlook 2016 as Administrator the first time, then after you get your profile setup it loads correctly under the current user thereafter.

Many others have reported this issue with Outlook 2016 and their solutions varied. So, if the above does not work for you then try some of these other solutions:

  • One person had a bad shortcut. Somehow their Outlook shortcut had been configured to run in Compatibility mode. Opening properties on the shortcut and unticking the box for running in compatibility mode fixed it for them
  • Someone with Windows 10 was able to right-click the link for Outlook and “Troubleshoot compatibility”. They said it was able to open after that.
  • One person cut off internet during the first Outlook startup and that worked (Outlook was reaching out for configuration settings but not finding them causing a loop state)
  • Another person was able to get it working after uninstalling .net framework. .Net can cause all kinds of weird program behavior so this isn’t surprising. But it’s also needed to run a lot of programs so..yea.. No word on whether they were able to add .net back on after running Outlook successfully.
  • Running Oulook in Safe Mode may work as a temporary solution.
  • Yet another solution proposed was turning off the Windows AERO theme.
  • Another solution was to disable Hardware Acceleration
  • You could try renaming the .OST file (if upgrading from older version, meaning you already had an ost present)
  • Recreating the Mail profile is usually a last ditch thing, but you could try that as well if it will let you…sometimes the dll hangs.

Test ports using Powershell


There is a good PowerShell (PS) cmdlet to replace ping called Test-NetConnection. You can use it natively from Server 2012r2 PS.
You can use this tool to test internet connectivity, Ping a remote host, perform a trace route, check if a host is listening on a certain port, etc. It has an alias of “tnc”

Example: Test-NetConnection domain.com -port 80

See link below for more examples


Use Test-NetConnection to Replace Ping

Force Dir Sync in Azure AD Connect


PowerShell –> Start-ADSyncSyncCycle

also can add -PolicyType Initial or Delta to the end of that command

MBM 307A Paper Folder separation issue


Sometimes when a jam is cleared, you need to pull up the top feeder rollers. They have a spring on one end which you can compress and then lift it up and out. If you’re not careful, you can misplace the paper separator..a small bracket-shaped piece which is loose under the middle feed roller. It has white plastic on one end and yellow kinda tacky strip on top…make sure the tacky strip is facing up and the plastic tab is properly seated in place.