To purge deleted users you have to run the following syntax using Azure Powershell cmdlets:
List deleted users:
Purge deleted users:
Remove-MsolUser -UserPrincipalName email@example.com -RemoveFromRecycleBin
On the project where I’m working (staged migration to O365) the costumer asked me about secure authentication for ActiveSync devices (iPhone/iPAD) and computers (outlook 2010 SP2). I have implemented ADFS 3.0.
If you use Office 2010, the first time you configure Outlook it promt for credentials and it saves this on the Windows Credentials Manager. After, Outlook go to autenticate to Office 365 using Basic Authentication and is Office 365 who go after to ADFS.
With Outlook 2013/2016 Outlook use Windows Authentication. It´s a real SSO because doesn’t save your user credentials on any place and it is who goes to ADFS and not O365. It is using Modern Authentication.
Summarizing: Use Outlook 2013 or 2016 to have a real Single Sign On.
Note 1: Outlook 2013 by default uses Basic Auth, you need to activate Modern Auth.
Note 2: iOS built in email client uses Basic Auth. Install and use Outlook 2016 App.
If you want to configure specific services for a lot of computers you can do this with GPO.
In the GPMC go to Computer Configuration\Preferences\Control Panel Settings\Services. There you can configure all services that you want.
ALso, If you want to configure standard services, go to Computer Configuration\Policies\Windows Settings\Security Settings\System Services
It’s possible that you can’t connect to O365 thru powershell directy because a Proxy in the middle between Inet and your corporate network so it is necessary to indicate it if we want to establish a session against Office365.
To do that execute the following lines:
- $cred = Get-Credential
- $proxysettings = New-PSSessionOption -ProxyAccessType IEConfig
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic –AllowRedirection -SessionOption $proxysettings
- Import-PSSession $Session
To close session:
- Remove-PSSession $Session
A few days ago, someone deleted users in Azure with the following comand:
Get-MsolUser -UserPrincipalName SEPR0002@domain.com | remove-msoluser
Automatically, AD Connect has started to say that an object is phantom.
The problem has been fixed automatically 24 hours after.
Days ago a costumer reported that saw duplicated MACs in all hosts of a Hyper-V Failover cluster.
And Powershell showed that was true, in both teamings (Look on VM and MGMT) in every host we saw duplicated MAC.
The solution was force MAC Address in both teamings with a new MAC.
To do that, I went to Device Manager and I added 90-E2-BA-7B-DD-A7 and 98-BE-94-2B-92-C6 for my case in that host (Of course on the others Hyper-V hosts I did the same but with different MACs).
Remark that Hyper-V and SCVMM use different MAC Address scopes and doesn’t overlap.
I’m involved in a Staged Migration project from Exchange 2007 Sp3 to O365 and I found various problems uploading identites to O365.
My Scenario is:
Forest A with FFL and DFL 2003 with Resources Subdomain with Exchange 2007 SP3 and Users Subdomain where are all user accounts.
Forest B with FFL and DFL 2008 R2 where have a syncro of all users from Subdomain on Forest A.
After I configuring AD Connect and execute users syncronization to Office 365 I saw the following error:
Error: MigrationInvalidTargetAddressException: A valid primary email address firstname.lastname@example.org couldn’t be found on the target.
My problem was that not all user attributes were syncronized from Users subdomain in Forest A to Forest B.
Cheking all attributes I found that I needed the following attributes to syncro from Forest A to Forest B:
Once done, the problem disappeared automatically.
Here you can see all attributes that Exchange Online need from users, contacts and groups.