Home Blog Page 2

Setup new Office 365 mailbox user Active Directory DirSync without Exchange Server On-Prem


Before Server 2008R2, it used to be a pain to edit exchange mail attributes for users without using an exchange server in your environment. ADSI-edit and PowerShell were two tools you could use, but thankfully that has changed since 2012 provides easy access to the Advanced attributes right from the Properties of the user in Active Directory (AD). This how-to assumes you have no on-prem exchange servers anymore and you have DirSync setup properly with all your email users in Office 365.

Quick instructions for setting up a new Office 365 mailbox user in AD:

  • Create the User (in AD)
  • Right-click and go to Properties.
    On the General Tab: Make sure the user’s email address is correct
    On the Account Tab: Make sure the User Logon Name is the first part of their email address (for example first initial +last name). Then make sure the domain is correct. You want the domain to be their email address domain, not that of the local AD domain name if they are different. Then make sure User Logon Name for Pre Windows 2000 is the same as the other logon name, or as close to it as you can be while being unique within the organization.
  • Set the Email Address Properties
  • Click on Attribute Editor tab. Click on Filter and make sure you can see all attributes, not just those with values.
  • Look for these properties and update the values accordingly:
    proxyAddresses: SMTP:primary.email@domain for this user – SMTP needs to be in capitals. This is also where you would enter in any email aliases, just make sure they start with lowercase smtp:
    targetAddress: SMTP:first_part_of_email@tennantname.onmicrosoft.com
    NOTE: Both addresses need to be unique (within your directory). Attribute Editor will let you enter the same for both, but if you do then the user won’t properly replicate to Office 365 when DirSync runs.
  • After that you can wait for another sync to run, or…you can do what I do and force one.
    From the server containing DirSync, open up PowerShell and type “Import-Module DirSync” and enter. Then run Start-ADSyncSyncCycle. The DirSync status window in Office 365 Admin will tell you if it’s synced since you ran the command…shouldn’t take more than a minute.
    NOTE: This does a full sync and will capture all changes. This makes sense for most environments, but if you’re concerned it may not be appropriate for yours, please consult the following document: https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnectsync-feature-scheduler/
  • Don’t forget to License the User for Exchange Online in Office 365. Their mailbox should be created soon after you do so and you’re all set.

Other Attributes:

Configure Email Service SMTP on Fortinet FortiGate with Office 365


The three ways you can accomplish this are SMTP Client Submission, Direct Send and SMTP Relay.

The first option requres a mailbox username and password. This option should be considered first because it is the most secure. You authenticate as that user and send email as them. Some obvious caveats: You will need access to a mailbox on Office 365 and when the account password changes you will need to update it on the firewall. Direct Send and SMTP Relay don’t have those requirements.

So if you are choosing between Direct or Relay, you should know that Direct can only send to your own mailboxes. So if some of the mail from your device is going to email addresses other than your own domain’s (could be the case if you need to send reports or VPN authentication emails to people who do not have mailboxes in your org) then you’ll need to use Relay. Just so you know though, Relay requires a static IP.

For a handy chart and full instructions on all three setup variations, please refer to: https://technet.microsoft.com/en-us/library/Dn554323(v=EXCHG.150).aspx

SMTP Relay setup:

  • FortiGate setup:
    System–>Advanced–>Email Service. Turn it on.
    SMTP Server: Your MX Endpoint, example: contoso-com.mail.protection.outlook.com
    Port: 25
    Default Reply To: <any email address for one of your domains, working or dummy>
    Authentication: Off
    Security Mode: STARTTLS
  • Office 365 Connector:
    This is needed to accept email from your firewall. You’ll need the static IP of the firewall and the MX Endpoint.
    In Office 365, Open up Exchange Admin–>Click Mail Flow–>Connectors, create a new connector for mail sent from your organization’s server to Office 365.
    The connector setup will ask you to use one of two methods for verifying the email coming in. The most secure is to use your organization’s security certificate (which you should have installed on the firewall). You can also use the external IP address of the firewall.
  • Recommended setting:
    Domain SPF (TEXT) record: Add to your existing if you have one (multiple SPF records are not supported and will result in email delivery issues), or create one. Format like this: v=spf1 ip4:<Static IP Address> include:spf.protection.outlook.com ~all
    This will ensure your mail doesn’t get marked as SPAM.

To Test: Go to Log & Report–>Alert Email and setup a message to go when you log in and log out of the firewall. Then simply do that and within 5 minutes you should get an alert email

Office 365 Outlook 2016 hangs on Loading Profile


After an upgrade from an older version of outlook the first time Outlook 2016 was run it was hanging on “Loading Profile”, prompts for a password for the email account but you can’t type one in because the cursor keeps spinning.

The solution for me was to run Outlook 2016 as Administrator the first time, then after you get your profile setup it loads correctly under the current user thereafter.

Many others have reported this issue with Outlook 2016 and their solutions varied. So, if the above does not work for you then try some of these other solutions:

  • One person had a bad shortcut. Somehow their Outlook shortcut had been configured to run in Compatibility mode. Opening properties on the shortcut and unticking the box for running in compatibility mode fixed it for them
  • Someone with Windows 10 was able to right-click the link for Outlook and “Troubleshoot compatibility”. They said it was able to open after that.
  • One person cut off internet during the first Outlook startup and that worked (Outlook was reaching out for configuration settings but not finding them causing a loop state)
  • Another person was able to get it working after uninstalling .net framework. .Net can cause all kinds of weird program behavior so this isn’t surprising. But it’s also needed to run a lot of programs so..yea.. No word on whether they were able to add .net back on after running Outlook successfully.
  • Running Oulook in Safe Mode may work as a temporary solution.
  • Yet another solution proposed was turning off the Windows AERO theme.
  • Another solution was to disable Hardware Acceleration
  • You could try renaming the .OST file (if upgrading from older version, meaning you already had an ost present)
  • Recreating the Mail profile is usually a last ditch thing, but you could try that as well if it will let you…sometimes the dll hangs.

Test ports using Powershell


There is a good PowerShell (PS) cmdlet to replace ping called Test-NetConnection. You can use it natively from Server 2012r2 PS.
You can use this tool to test internet connectivity, Ping a remote host, perform a trace route, check if a host is listening on a certain port, etc. It has an alias of “tnc”

Example: Test-NetConnection domain.com -port 80

See link below for more examples


Use Test-NetConnection to Replace Ping

Force Dir Sync in Azure AD Connect


PowerShell –> Start-ADSyncSyncCycle

also can add -PolicyType Initial or Delta to the end of that command

MBM 307A Paper Folder separation issue


Sometimes when a jam is cleared, you need to pull up the top feeder rollers. They have a spring on one end which you can compress and then lift it up and out. If you’re not careful, you can misplace the paper separator..a small bracket-shaped piece which is loose under the middle feed roller. It has white plastic on one end and yellow kinda tacky strip on top…make sure the tacky strip is facing up and the plastic tab is properly seated in place.



Cisco USB Console Driver Windows 7


Newer switches ship with a USB interface for the console, but getting it running can be tricky. Here is some useful info:

  • Get the drivers: https://supportforums.cisco.com/sites/default/files/attachments/document/cisco_usbconsole_driver_3_1.zip
  • Install the drivers
  • Connect the USB cable and let it setup
  • Open up Device Manager –>Ports and you will see USB Serial Port on COM4. Right-Click it and Update Driver Software. Click Browse My Computer, then Let me Pick.
  • Select Cisco Serial
  • Open up your console program (Putty, etc) and set it to use COM4


Extend a hyper-v cluster shared volume – san volume without downtime


First decide whether you want to simply create a new Cluster Shared Volume or extend the old one. If you decide to create a new one and want to move VMs there you can using Storage Migration but there will be downtime!

Steps to extend existing CSV:

  • Login to SAN management, go to the lun or disk and increase its total volume
  • Open the Microsoft Failover Cluster Manager and check the CSV coordinator for the disk or LUN you expanded. (the coordinator is the disk owner for the cluster)
  • GUI Version:
    • Use Disk Management under STORAGE under the Server Manager. Rescan for disks and expand the disk or lun to the new capacity.
  • For Hyper-V or Windows Server Core, you can use DiskPart
  • DiskPart:
    • START–>CMD–>diskpart
    • rescan
    • list volume
    • select volume <vol # to extend>
    • extend
    • list volume to check the new volume size

Why are my Ansmann Rechargeable batteries going bad


I had some NiMH Ansmann AA batteries in a drawer for a while (2 years+) and when I went to charge them I noticed that about 20% of them were giving some kind of error on the charger (if they charged at all that is). I started charging and checking each one using a multimeter. Some were completely dead. The best ones were putting out 1.3+ Volts. Some were in the 1.1-1.2 range, which probably is still acceptable for some applications.

Given that I had not used these batteries hardly at all when they were brand new, I was confused that so many were bad and also wondered at the varying outputs of those which were still “good”. I remember reading up on the care/use of rechargeables when I first purchased the batteries, but I guess somewhere along the way I forgot what I learned.

Anyway, here are some basic guidelines for NiCd / NiMH batteries for those who are curious. I pulled this info from:

Best way to charge:
Avoid getting battery too hot on charge.
Do not leave battery in charger for more than a few days.
Subject to memory.

Charge method:
Constant current, trickle charge at 0.05C, fast charge preferred.
Slow charge  = 14h
Rapid charge = 3h
Fast charge   = 1h

Do not over-discharge on a heavy load; cell reversal causes short.
Avoid full discharges

How to prolong battery:
To prevent memory, discharge packs in regular use to 1V/cell every 1–3 months (mainly NiCd)

Store in cool place; NiCd stores for 5 years; prime before use

NiCd:  Do not dispose.
NiMH: May be disposed in low volume


Upon reviewing the above, I can see why my batteries no longer perform as advertised. Some were getting too hot on charge. Some were left in the charger for more than a few days. When I had them in my external camera flash they were probably getting over-discharged on a heavy load. That same flash may have also caused cell reversal because I stored some batteries under load inside the flash until they discharged. What’s also interesting to note is at this point none of the batteries (even those putting out the most juice) will power my external flash. I’m not sure if that’s due to a reduction in output because of their age, internal damage, or some damage to the flash itself but I had to buy some regular AAs to get my flash going again. Maybe I will buy a pack of 4 brand new rechargeables to compare to my old ones so I can determine the real reason my flash won’t fire…if so I will update this article.

Until then, good luck and don’t forget to be kind to your rechargeables.

Flush or reset DNS on a Mac OS X El Capitan or Yosemite


In order to flush or reset DNS on your mac computer running either OSX El Capitan or Yosemite, you’ll need to use the “Terminal” interface and a special command.

  • Open up the Terminal program by pressing Command+Space (or find it under Utilities)
  • For 10.11 and 10.10.4
    • Enter “sudo dscacheutil -flushcache;sudo killall -HUP -mDNSResponder;say flushed”
    • Press enter key and then key in your password when prompted
    • When you hear “flushed” from the speakers you know it’s completed…
  • For 10.10., 10.10.1, 10.10.2, 10.10.3
    • Enter “sudo discoveryutil mdnsflushcache”