How to update a Dynamic Distribution Group Recipient Filter

During an Office 365 / Exchange Online migration, you may have a requirement to update the recipient filter of any dynamic distribution group.

In my case, I needed to do this because the dynamic distribution group used filters to include only mailboxes. But mailboxes that are migrated to Office 365 become mail-enabled users in the on-premises directory. This can cause issues with certain members of a dynamic distribution group not receiving email messages. The issue is described here read more

Unable to run Office 365 / Exchange Hybrid Wizard – “Content was blocked because it was not signed by a valid security certificate”

Unable to run Office 365 / Exchange Hybrid Wizard – “Content was blocked because it was not signed by a valid security certificate”

Problem

From the Exchange Admin Center you run the Hybrid configuration setup

Hybrid1

You are prompted to login to Office 365

Hybrid2

You enter your credentials

Hybrid3

And then receive this message / warning

Hybrid4

You are unable to complete the Hybrid configuration

Solution

You can resolve this issue by installing the certificate as follows: read more

Error creating a public folder migration batch when the “Folder to Mailbox Map” CSV file has more than 1000 rows

Problem Description

Trying to migrate public folders from Exchange 2007 to 2013 using the batch migration process detailed here

On step 5, when running the New-Migration cmdlet to create the migration batch as follows

New-MigrationBatch -Name PFMigration -SourcePublicFolderDatabase (Get-PublicFolderDatabase -Server SERVER01) -CSVData (Get-Content Public_Folder_to_mailbox_map.csv -Encoding Byte) -NotificationEmails user@domain.com -BadItemLimit $BadItemLimitCount    read more

Mailbox Management & SSO after Office 365 Hybrid Migration

So you are coming to the end of an Exchange Online Hybrid migration, and are considering decommissioning the on-premise Hybrid Exchange server.  Are there any considerations that need to be taken into account?

By the end of the mailbox migrations, you may have configured Azure AD Sync and made the on-premises Active Directory the source of authority. Therefore, going forward, you must perform any required changes on the objects in the on-premises Active Directory and not in Office 365, as most attributes on  are read only. read more

Can’t login to Office365 using Single Sign-On if UPN uses sub-domain

Scenario:

You have federated your domain with Office 365 to provide Single Sign-On for your users

Problem

Some or all of your users cannot sign into Office 365.  Users are presented with the following error:

SSO1

Looking closer at the description you see the following:

AADSTS50107: Requested federation realm object ‘http://subdomain.domain.com/adfs/services/trust/’ does not exist. read more

Azure AD Connect – How to verify password synchronization is working

If you have installed Azure AD Connect with Password Synchronization

  • (which you should even if you are using ADFS – see this blog for reason why)

ADConnectPasswordSync

And you have forced a Full Password Synchronization (e.g. by using a script as described here )

How do you verify if the Password Synchronization is working?

Open the application log in event viewer

  1.  Look for Event ID 656 “Password Change Request”

EventID656

2.  Look for Event ID 657 “Password Change Result: Success” read more

Azure AD Connect – PowerShell Script to trigger a full password sync

If you’re using the Azure AD Connect tool (or Azure AD Sync Service) to synchronize you’re on premise Active Directory with the Azure Active Directory, you can use this script from TechNet to trigger a full password synchronization

PasswordSynchronizationScript

You need to replace the following

  • fabrikam.com
  • aaddocteam.onmicrosoft.com – AAD

with the names of the connectors in your own environment.  This can be found in the Synchronization Service Manager (installed when you install Azure AD Connect) read more

MSExchange DAG Replication Bandwidth Script

I’m in the process of planning a migration from Exchange 2007 to 2013 for one of my multinational customers.  The solution will include multiple DAG’s split across datacentres in EMEA and North America.

A key component of the planning is estimating the bandwidth requirements between datacentres.  And to do this, I needed to collect the log file usage from the current Exchange 2007 environment. read more

How to migrate Resource (room) mailboxes to Office 365

This guide is based on an Exchange 2013 Hybrid environment and describes the steps required to migrate resources mailboxes (in this case Room mailboxes) from On-premise Exchange to Exchange Online (Office 365)

Step 1:          Connect to Exchange Online via Powershell

Open Windows PowerShell and run the following command: read more