Setting up Room Finder in Office 365 using Room list

Introduction to Room List

Setting up room finder in Office 365 using room list is required when you are migrating to Office 365 from a non-exchange platform or you are using Office 365 in your organization. Setting up Room finder in Office 365 using Room list feature is also available in on-premises exchange version as well. Based on your organization requirements, it could be possible that the users users may be used to of looking up conference rooms by checking all rooms available to them and then picking the room they want depending on which ones are available. In Office 365, they will be using Room Mailboxes to schedule meetings in conference rooms, auditorium, labs or other facilities.

By default, users cannot see all the rooms unless they pick them

Outlook client will show all the rooms and all conflicts, but to empower your users and let them see only the rooms that are available for the time when they’re looking at scheduling a meeting to improve user productivity requires you to setup Room Finder for Microsoft Office Outlook by leveraging Room List Distribution Groups.

What is Room Finding with Room Lists?

Room Finder simplifies the process of searching for an available room while setting up a meeting. Instead of adding all possible conference room to a meeting request and using the Scheduling Assistant to identify available rooms, meeting organizers can use Room Finder to show a room list, see suggested times, and choose an available room.

Setting up Room Finder in Office 365 using Room list

Setting up Room Finder in Office 365 using Room list

  • Create Room List Distribution Groups by running the following PowerShell cmdlet

C:\> New-DistributionGroup -Name “Conference Rooms” –PrimarySmtpAddress “ConfRooms@msexperttalk.com” –RoomList

Setting up Room Finder in Office 365 using Room list

  • Get a list of all room mailboxes in your organization by running the following PowerShell cmdlet

C:\> Get-Mailbox -RcipientTypeDetails RoomMailbox

Setting up Room Finder in Office 365 using Room list

  • To filter your room mailboxes based on office location, run the following PowerShell cmdlet

C:\> C:\> $HQConfRoom = Get-Mailbox -RecipientTypeDetails RoomMailbox -Filter {Office -eq ‘HQ’} | select -ExpandProperty Alias

Setting up Room Finder in Office 365 using Room list

  • Add existing Room Mailboxes to Room List Distribution Groups by running the following PowerShell cmdlet

C:\>  $HQConfRoom |

Add-DistributionGroupMember -Identity “Conference Rooms”

Setting up Room Finder in Office 365 using Room list

  • To get a list of distribution group members, run the following powershell cmdlet

C:\> Get-DistributionGroupMember -Identity “Conference Rooms” | ft Name, PrimarySMTPAddress, Office -AutoSize

Setting up Room Finder in Office 365 using Room list

Outlook will automatically detect Room List Distribution Groups and populates the Room Finder with room lists in outlook when an end user is setting up a meeting.

End user experience with Room Finding when Room Lists are Setup

Without room lists, end users are required to manually look for a list of available rooms and select a room based on availability. Room lists will empower end user and provide options to end user based on time selected. When a end user setup a meeting in outlook client, followings steps will be performed with Room lists being setup in the organization.

  • Open Outlook
  • Start a new meeting
  • Invite a few people to your new meeting
  • Pick a time
  • Click on room finding if it is not open already

Setting up Room Finder in Office 365 using Room list

  • In the drop down pick a room list that has conference rooms in it

Setting up Room Finder in Office 365 using Room list

  • Outlook will now search all the rooms in the room list for the time use has selected and present with suggested times for any rooms available. If a room is not available then it will not show up in the list
  • In Choose an Available room: pick the room you want and hit send to schedule a meeting

Please note that at the current release of Office 365, room lists are only visible with PowerShell. They do not show up in the EAC. You have to run the PowerShell commands listed above to see them and add members to them.

This should save your administrators and executive assistants time when planning and scheduling conference rooms in environments where there are abundant conference rooms and recurring meetings.

Whitelist Senders and domains in office 365 to bypass Spam filters

Introduction

Office 365 provides  number of tools to maximize the security to secure corporate information based on unique business and technical needs. When built-in Office 365 filters over qualify suspected SPAM, there are a few simple steps administrators can take to whitelist senders and domains in Office 365 to bypass spam filters. It can be a bad experience for end users when legitimate email is being quarantined or blocked as spam and landing in a quarantine folder.

It’s recommended that you being an admin should review your filters so that critical messages bypass the spam folder and reach their intended recipients

You can leverage a safe sender list or a custom transport rule to bypass spam filtering and prevent legitimate email messages from getting marked as junk. Marking a legitimate message incorrectly as spam by the spam filter is known as false positive.

Whitelist Senders and Domains in Office 365

To whitelist senders and domains in office 365 to bypass the spam filter requires you to perform the following steps.

Whitelist Senders and domains in office 365 to bypass Spam filters

  • Scroll down to the bottom and expand “Allow List

Whitelist Senders and domains in office 365 to bypass Spam filters

 

  • Click on “Edit” button to add the Allow Sender and Allow Domain list

Whitelist Senders and domains in office 365 to bypass Spam filters

  • Once the users email address is added, click on button to add the users to the safe sender list

Whitelist Senders and domains in office 365 to bypass Spam filters

Emails from safe sender list users will not be checked for spam filters and be delivered to recipients

  • Once the safe sender list of users is configured, next step is to configure the safe sender domain list.
  • Click on “Edit” button to add domains to allowed domain list

Whitelist Senders and domains in office 365 to bypass Spam filters Whitelist Senders and domains in office 365 to bypass Spam filters

  • Once the domains are added, emails from these domains will not be checked by spam filters and delivered to users

It’s important to understand that when you add a safe user or domain to the list, you must know the user or domain is legitimate and will not send you a spam email that can harm business operations. Mostly these lists are being configured for business partners or internal applications when sending an email leveraging another media to deliver the emails to mailboxes hosted on Office 365 or systems leveraging exchange online protection to scan the emails before those are being delivered to end user mailboxes.

Bulk Assigning Customized licenses in Office 365 using Powershell

Introduction

Bulk assigning customized licenses in office 365 using PowerShell is one of those rare asked that customer can ask you to do based on their business and technical requirements. I have been working with many enterprise customers and many of them come up with the same request to only assign the license for specific workloads in Office 365 as they do not prefer to assign the license of any workload for which they haven’t done the planning and implementation according to their business angod security requirements. I do support and highly recommend this approach and it’s a best practice to make your services highly secure and controlled. If you have a customer with few thousand licenses than it’s not feasible to assign them a license via office 365 GI and bulk assigning customized license in office 365 using PowerShell is the optimal method to achieve your goal.

This blog post is focused on customizing the E3 license to only assign Exchange online, Skype for Business, Azure Rights Management and Office ProPlus license to user population

Bulk Assigning Customized licenses in Office 365 using PowerShell

Bulk assigning customized licenses in Office 365 using PowerShell requires you to perform the following steps in PowerShell.

  • Login to a machine that has Windows Azure PowerShell module installed and launch the powershell console
  • Run the following cmdlet and enter your Office 365 Global Admin credentials in the prompt

$creds = Get-Credential

Bulk Assigning Customized licenses in Office 365 using Powershell

  • Enter the following cmdlet to connect to Office 365 PowerShell

Connect-MsolService -Credential $creds

Bulk Assigning Customized licenses in Office 365 using Powershell

  • Once you are connected with Microsoft Online Services, run the following cmdlet to get the AccountSkuId and SkuPartNumber

Get-MsolAccountSku |ft AccountSkuId,SkuPartNumber

Bulk Assigning Customized licenses in Office 365 using Powershell

  • Make a note of AccountSkuId and SkuPartNumber as we need these for our next step
  • Run the following cmdlet to get the status of your services provisioned. Use the SkuPartNumber that you received in previous cmdlet. As we are only working on E3 license, our SkuPartNumber is “EnterprisePack”

$ServicePlan = Get-MsolAccountSku | Where {$_.SkuPartNumber -eq “EnterprisePack”}

Bulk Assigning Customized licenses in Office 365 using Powershell

 

  • Run the following cmdlet to check the status of service provisioning

$ServicePlan.ServiceStatus

Bulk Assigning Customized licenses in Office 365 using Powershell

Ignore the status of PendingActivation for Intune_O365 as we are not leveraging Intune in our infrastructure.

All service plans that are available as part of your EnterprisePack will be returned that comes with E3 license. As you can see, we have received the following services as part of our E3 license

  • FLOW_O365_P2
  • POWERAPPS_O365_P2
  • TEAMS1
  • PROJECTWORKMANAGEMENT
  • SWAY
  • INTUNE_0365
  • YAMMER_ENTERPRISE
  • RMS_S_ENTERPRISE
  • OFFICESUBSCRIPTION
  • MCOSTANDARD
  • SHAREPOINTWAC
  • SHAREPOINTENTERPRISE
  • EXCHANGE_S_ENTERPRISE
  • Now we have all the services plans available as part of our E3 license, next step is to create a custom license SKU based on your requirements. In our current scenario, i was required to only allow Exchange, Azure Rights Management, Skype and Office ProPlus to end users. This is done by disabling the plans that we do not want to make available to end users. Run the following cmdlet to disable the undesired plans

$LicOptions = New-MsolLicenseOptions -AccountSkuId “365talk:ENTERPRISEPACK” -DisabledPlans FLOW_O365_P2,POWERAPPS_O365_P2,TEAMS1,PROJECTWORKMANAGEMENT,SWAY,YAMMER_ENTERPRISE,SHAREPOINTWAC,SHAREPOINTENTERPRISE

Bulk Assigning Customized licenses in Office 365 using Powershell

  • Once the license options are customized, you can proceed to apply the licenses to users

$AccountSkuId = “365talk:ENTERPRISEPACK”

$UsageLocation = “PK”

$Users = Import-Csv “C:\Temp\users.csv”$Users | ForEach-Object {
Set-MsolUser -UserPrincipalName $_.UserPrincipalName -UsageLocation $UsageLocation
Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -AddLicenses $AccountSkuId -LicenseOptions $LicOptions
}

Bulk Assigning Customized licenses in Office 365 using Powershell

  • Once the license is assigned, login to Office 365 and navigate to users > User active users and search for the user account to which you have assigned a custom license. You will see a customized E3 license with desired workloads is being assigned to the user with the usage location set to Pakistan

Bulk Assigning Customized licenses in Office 365 using Powershell

This script and the sample CSV file is being uploaded to TechNet Gallery. You can download the script and modified the workloads based on your need to bulk assign licenses users leveraging PowerShell.

 

Convert Office 365 Domain to Managed

Introduction

You are required to convert office 365 domain to managed when you have issues with federated domain or federation provider. We can leverage cloud based identities, synced identities or federated identities to authenticate in Office 365. This blog post is focused on converting the federated domain to managed in Office 365 when you have issues with your ADFS deployment or you are looking at taking off your federation with Office 365. Federated Identities also known as Single Sign on allows you to setup a token based authentication for your organization. If you have setup Single sign on with ADFS and ADFS infrastructure is being removed for any reason before Office 365 single sign on is turned off and ADFS is not restored then your users will not be able to login to Office 365 to access the services.

I have seen that companies setup Azure AD Connect to sync password hash with office 365 as backup to their single sign-on authentication but it doesn’t work until you convert the domain to managed in Office 365. The reason it does not work is because when a user enter his username in Office 365, Office 365 will redirect the user to ADFS login page due to the property being setup on domain name as “Federated Domain“. If you don’t have time or plan to restore ADFS services, you are required to convert office 365 domain to managed domain so users can login and access the workload.

Domain should be converted to Managed if SSO provider is not functional otherwise users will not be able to login to Office 365

Convert Office 365 Domain to Managed

To convert a federated domain to managed domain in office 365. You are required to perform the following steps.

  • Connect to Office 365 with powershell using global admin credentials. Run the following cmdlet to connect with Office 365. When the cmdlet prompts you for credentials, type your Office 365 Global admin credentials

Connect-MsolService

Convert Office 365 Domain to Managed

  • Convert your domain from a federated domain to a managed domain by running the cmdlet

Set-MsolDomainauthentication –Authentication Managed –DomainName “msexperttalk.com”

Convert Office 365 Domain to Managed

  • To verify that you have successfully converted the domain to managed, run the following cmdlet

Get-MsolDomain

This cmdlet will list all the domains in Office 365 and along with their authentication methods being setup.

Convert Office 365 Domain to Managed

 

Once you have converted the domain to federated, next step is to ensure that the users password has been synchronized from on-premises active directory to Office 365. To synchronize the on-premises user password hash to office 365. You need to enable password sync in Azure AD Connect and perform a full sync for the first time. For more information on Office 365 Single Sign on or Azure AD Connect deployment, please go to the following articles.

Exchange 2010 to Exchange 2016 Migration – Part 4

Exchange 2010 to Exchange 2016 Migration

Introduction

In this blog series of Exchange 2010 to Exchange 2016 migration, we have worked on Exchange 2010 to 2016 migration planning, installed Exchange 2016 server and in previous article of this blog series, we started to work on Exchange 2016 server post installation configuration. We configured the virtual directories, SSL certificate and renamed the default mailbox database. In this part of the series we will configure mail flow and web based traffic configuration to point to Exchange 2016 server and update the records accordingly.

Moving the mail flow and web based traffic from Exchange 2010 server to Exchange 2016 server requires a maintenance window and should be planned for after hours

Switch Mail Flow and HTTPS traffic to Exchange 2016 Server

Once you have performed the installation and initial configuration of Exchange 2016 server. The next step is to plan for advanced configuration of Exchange 2016 server that requires you to create new mailbox database, set up application relay connector etc.

I do no have any application relay configured on Exchange 2010 and we are not going to setup any receive connector on Exchange 2016 for application relay.

You can download a complete step by step guide for Exchange 2016 server installation from TechNet Gallery that talks about Exchange 2010 database move from one drive to another, creating/renaming a database, setting up connector etc.

Modify Send Connector to include Exchange 2016 Server

Once you setup the receive connector based on your needs for application relay, next step is to modify the existing send connector to add your Exchange 2016 server as authorized server to send external emails. To add Exchange 2016 server to outbound connector, perform the following steps.

  • Login to Exchange admin center and navigate to Mail Flow > Send Connector
  • Select the existing Connector and click on edit 
  • Click on Scoping and add Exchange 2016 server to the authorized list of outbound servers

Once the exchange 2016 server is added to the list, monitor the mail flow and send test emails from a mailbox hosted on Exchange 2016 mailbox to internet and verify the mail flow is working fine from Exchange 2016 server.

Update Internal DNS Records to Point to Exchange 2016 Server

Once the mail flow is tested and verified, next step is to update the internal DNS records to point to Exchange 2016 server. As of now, your current records will be pointing to your Exchange 2010 server. Update the records to point to Exchange 2016 server for web traffic and mail flow.

  • To update the records, login to DNS server and start the DNS snap-in
  • Select the Mail and Autodiscover record and click on modify

Exchange 2010 to Exchange 2016 Migration

  • Update the record to point to Exchange 2016 server

Exchange 2010 to Exchange 2016 Migration

Once records are updated, wait for DNS cached records to be expired before performing a testing. Once the DNS is updated on end user side, login to Exchange 2010 mailbox using the URL https://mail.domain.com/owa and verify the OWA redirection and mail flow. Once internal access is verified and everything is working fine as expected, update the external HTTPS publishing which in my case is being done via NAT rule configured on router. We’ve updated the NAT rule to send the traffic to Exchange 2016 server instead of Exchange 2010 server.

Conclusion

In part four of this blog series, we have performed reviewed the advanced configuration options required for Exchange 2016 server post-installation and move the mail flow and web based traffic to Exchange 2016 server. In part five of this series, we will complete the prepare a migration batch and start migrating the test mailboxes and production mailboxes to Exchange server 2016.

If you would like to read the other parts of this blog article series, please go to:

1 2 3 4 5 19