Messages send to a distribution group visible in Exchange Online’s Get-MessageTrace as failed – not really failed.

So I noticed today that some messages are getting failed status, I was particulary interested in one message that for sure was a legit one – same as the distribution group it supposed to be delivered to.

FailedMessage

Well..ok, so what happened to it then, I used Get-MessageTraceDetails to check it.

Continue reading “Messages send to a distribution group visible in Exchange Online’s Get-MessageTrace as failed – not really failed.”

Advertisements

Exhange Online and “Cannot process argument transformation on parameter…” RBAC error.

So today I was trying to create some RBAC roles for our IT support. All I wanted to do is to create a new RBAC role and then add some cmdlets that were missing there – it was about message tracking.

Apart from that thing I find seriously messed up is a fact that role group “Message Tracking” does not contain “Get-MessageTrace” cmdlet.

WTFMS

Whole story happens in Exchange Online so I tried to create am empty roleand add two needed cmdlets to it – I was not able to do it, as Exchange Online prevents from creating such empty roles – you need to specify a parent.

However, if a parent role does not contain a cmdlet you are interested in you are not able to add it.

Well, sweet… so I created a role based on a parent which contained a lot of others cmdlet and tried to remove entries using “where”, like this:

Get-ManagementRoleEntry “SupportTeam” | ? {$_.name -notmatch “get-messaget”}| Remove-ManagementRoleEntry

Simply – I wanted to leave only cmdlets responsible for message trace.

Here is the place I got error from the subject:

errorrbac.jpg

So I started to read about it, and apparently Remove-ManagementRoleEntry is not accepting pipeline in o365…

https://blogs.technet.microsoft.com/rmilne/2015/02/05/remove-multiple-management-role-entries-in-office-365/

So you either need to prepare lines for each role entry in excel (for isntance using “concatenate”), or create a script, or use ready solution presented in the above blog.

 

X500 addresses – where is the beef?

x500aliens

Here is a great site that explains why x500 is needed and when it is used in on-prem and hybrid scenarios:

https://eightwone.com/2013/08/12/legacyexchangedn-attribute-myth/

Also, here is a little bit related subject about how to marry together a local AD account and already created o365 mailbox:

http://techgenix.com/match-office-365-mailbox-new-premises-user-hybrid-deployment/

Good article about history of x500:

https://www.experts-exchange.com/articles/9650/NDRs-and-the-legacyExchangeDN.html

And some good article about x400 history:

http://techgenix.com/x400-addresses-exchange-2010-part1/

Sneaky tricky management scopes in Exchange Online.

If you’ve been creating scopes in Exchange Online in, for instance, following way…:

$Group = Get-DistributionGroup -Identity “RoomImpersonationGroup”
New-ManagementScope “Room Mailboxes Impersonation” -RecipientRestrictionFilter “MemberOfGroup -eq ‘$($Group.DistinguishedName)'”

…so using a DistinguishedName attribute – you might experience a moment when this solution stops to work.

itisatrap

Continue reading “Sneaky tricky management scopes in Exchange Online.”

Exchange – two ways to create new role assignments.

Forgotten this recently and got caught spending some time investigating.

Boys and girls, remember one thing – if you create role assignments like this:

New-ManagementRoleAssignment -Name "ASSIGNMENT NAME" -Role "ApplicationImpersonation" -CustomRecipientWriteScope "IMPERSONATION USERS" -SecurityGroup "IMPERSONATION ADMINS"

where “IMPERSONATION ADMINS” is your a security group created by you – this role assignment will NOT be visible in your “admin roles” area in Exchange Console:

adminrolesarea

Instead, you need firstly create a Role Group and assign role to it, for instance

New-RoleGroup -Name "ROLE GROUP IMPERSONATION ADMINS"

New-ManagementRoleAssignment -Name "ASSIGNMENT NAME" -Role "ApplicationImpersonation" -CustomRecipientWriteScope "IMPERSONATION USERS" -SecurityGroup "ROLE GROUP IMPERSONATION ADMINS"

Only assigning a role to a role group allows it to appear in the admin roles area.

Remember about that!

remember

 

Outlook and huge OST file growing like crazy till reaching 50GB.

It has been few days since I was working on one case – OST file of one user was growing till 50GB at exponential speed despite mailbox had 5GB.

Case was really weird, what I did I added all of the shared mailboxes as additional accounts so I was able to turn off caching and put this particular mailbox in Online mode and recreated the profile – that didn’t help.

Well, I noticed that there were some sync issues (not much) – so I moved the mailbox to another database as move might omit some corrupted messages leaving user mailbox in healthy status in the target database – that didn’t help either.

So I took a completely separate computer, asked user to logged in there and enabled the cache mode – after weekend we had same issue.

I was like:

Brb_gonna_hang_myself

Continue reading “Outlook and huge OST file growing like crazy till reaching 50GB.”

[Exchange Online] Remove cancelled Outlook meetings using PowerShell and EWS!

Essay_Start

Actually it is 23:13 CEST, but still!

Some time ago I have published a script to remove cancelled calendar meetings from Exchange OnPremise (I have tested that on Exchange 2010).You can find this script here:

https://paweljarosz.wordpress.com/2016/05/04/remove-cancelled-meetings-using-powershell-and-ews/

I am currently at the end of the migration to Exchange Online from Exchange 2010 environment. Few days ago I had a call telling me that seems that the cancelled meetings are not being removed from room calendars as they supposed to be.

Yup, I forgot to rewrite the script…

TimeToPanic

Continue reading “[Exchange Online] Remove cancelled Outlook meetings using PowerShell and EWS!”