Category Archives: Office 365

Search and Restore file from SharePoint Online using PowerShell

When having SharePoint Online, one can easily recover items from the Recycle Bin, but unfortunately, there is no search facility for the Recycle Bin from the web interface. We can use PowerShell to easily search for the item.

To be able to connect, we need to install the new module, Open a PowerShell window and use the below to install the module.

Install-Module -Name PnP.PowerShell

If you would have an older version already installed, you need to use the below command to remove the old module, and then install the module as above.

Uninstall-Module -Name SharePointPnPPowerShellOnline -AllVersions -Force

To connect with the SharePoint Online site, we need to use the following command which will ask us to allow the script to communicate along with the Multi-Function Authentication (MFA).

Connect-PnPOnline -Url "Enter the SharePoint URL here" -Interactive

To extract the specified SharePoint Online Recycle Bin, you need to use the following command to output to the screen. Change the RowLimit to set the maximum results.

Get-PnPRecycleBinItem -RowLimit 50 | Select Title, ItemType, Size, ItemState, DirName, DeletedByName, DeletedDate | Format-table -AutoSize

To export the results to a CSV, you need to add the Export-CSV at the end as below

Get-PnPRecycleBinItem -RowLimit 50 | Select Title, ItemType, Size, ItemState, DirName, DeletedByName, DeletedDate | Export-Csv "C:\Temp\RecycleBin.csv" -NoTypeInformation

To restore a specific file, you cannot just specify the name, as you need to get the item information. We need to use the following commands

$itemtorestore=Get-PnPRecycleBinItem | ? -Property Title -EQ "filename of the deleted file"
Restore-PnpRecycleBinItem -Identity $itemtorestore -Force

This will restore the file to its original location.

Swish

(25)

Fix: The term ‘Get-MsolUser’ is not recognized as the name of a cmdlet

When connecting to your Office 365 services, you might get the below error saying for any Msol cmdlet like new-msoluser, connect-msolservices and other.

The term 'Get-MsolUser' is not recognized as the name of a cmdlet

To fix this, download and install the Microsoft Online Services Sign-In Assistant for IT Professionals RTW which can be downloaded from this link.

After the installation you can check the installation of the assistant from your control panel. After that open a PowerShell window As Administrator and type.

Install-Module MSOnline -Force

Once done, enter the below

Connect-MsolService

Sign in with your global admin account and presto!

(6882)

How To: Save mail sent as Shared Mailbox in sent items Shared Mailbox

When you have a situation of a user having full access and send as access on a shared mailbox and the user sends an email send-as or on behalf of a Shared Mailbox, the sent item will be saved in the user’s mailbox and not in the Shared Mailbox.

To fix this, there is not option in the GUI so far so you would need to connect via Poweshell as the Global Admin. Note: If you are using Multi-Factor Authentication use the App Password to login instead of the password.

Open PowerShell as Administrator and type the following

$Cred = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $Cred -Authentication Basic -AllowRedirection

Import-PSSession $Session

set-mailbox "<mailboxemailaddress>" -MessageCopyForSentAsEnabled $True

set-mailbox "<mailboxemailaddress>" -MessageCopyForSendOnBehalfEnabled $True

This will still save a copy in the user’s mailbox but will also save it in the Shared Mailbox

(227)

Fix: 550 5.1.8 Access denied, bad outbound sender

I have been having problems with one particular user in Office 365 who could not send or receive emails and he was always getting the error that the email was not delivered due to the below error.

Your message couldn't be delivered because you weren't recognized as a valid sender. The most common reason for this is that your email address is suspected of sending spam and it's no longer allowed to send messages outside of your organization. Contact your email admin for assistance.

Diagnostic information for administrators:
Generating server: --------------.eurprd02.prod.outlook.com
Remote Server returned '550 5.1.8 Access denied, bad outbound sender'

The problem is that the email was being blocked by Microsoft due that 5000 emails have been sent by the mailbox. The problem is not that your mailbox was hacked, but that the email header was spoofed by someone. To check that the mailbox is being blocked, open the Exchange Admin Center in your Office 365 portal, click on Protection and on Action Center.

You will see the user listed there with an unblock. Do not unblock the user for now.

In the Protection screen, click on dkim and highlight your external domain. Click on Enable. You will get an error message that CNAME records required are not found.

 

Open your domain DNS management portal on your hosting company and add the following CNAME entries

Host name: selector1._domainkey.<domain>
Points to : selector1-<domainGUID>._domainkey.<initialDomain>
TTL: 3600

Host name: selector2._domainkey.<domain>
Points to : selector2-<domainGUID>._domainkey.<initialDomain>
TTL: 3600

Once your DNS records have propagated, click on the Enable button on the dkim section.

Once enabled you can go under the Action Center and unblock the user. The process may take up to 2 hours to be cleared.

This will protect you from email message header spoofing. On another note to know immediately if a user has been blocked, you need to setup a notification as below.

Under the Exchange Admin Center open the Protection/ Outbound Spam section. Double click on default. Click on Outbound Spam preferences and tick send a notification when a sender is blocked as below and enter the admin email address. Click Save.

 

(14331)

How To: Disable AD Autodiscover for Office 365 migration

When having a local setup of Exchange and you want to migrate to Office 365 while leaving the local Exchange in place, you will have problems with autodiscover still pointing users to the local Exchange setup. If you don’t do the below, Outlook will still try to connect to the old Exchange server.

To stop the Autodiscover, open ADSIEDIT.MSC from the Active Directory server and delete the below entry so that the local SCP entry is skipped.

Select the “Configuration” naming context
CN=Services\
CN=Microsoft Exchange\
CN=\
CN=Administrative Groups\
CN=Exchange Administrative Groups\
CN=Servers\
CN=\
CN=Protcols\
CN=Autodiscover\
And delete the CN= of class serviceConnectionPoint

Since Outlook uses SCP as well, you might want to run this registry update on the local machines.

(The version number varies depending on your Office application version)
– Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover
– Create new DWord ExcludeScpLookup
– Set the DWord as 1

After this, try to ping autodiscover.mydomain.com to ensure that it’s pointing to the Office 365

Update:

You can also do the following maybe it will help more. These should be created under the AutoDiscover Key

“ExcludeScpLookup”=dword:00000001
“ExcludeHttpsAutodiscoverDomain”=dword:00000001
“ExcludeHttpsRootDomain”=dword:00000001
“ExcludeSrvLookup”=dword:00000001
“ExcludeHttpRedirect”=dword:00000000
“ExcludeSrvRecord”=dword:00000001

(3590)

How to: Setup Import Export role in Office 365

I went to upload the PST files on a tenant to use the Office 365 Import service by uploading the PST files using the AzCopy.exe. After I was done, I started the import and after 60 minutes I get a failed error. I made some research and then restarted the import, but now I noticed a message saying “Please add Mailbox Import Export role for use running import and check back in 60 minutes“.

To do this,

– Login in Office 365 portal
– Click on Exchange
– Click on Permissions
– Click on Admin Roles
– Add a new role with Mailbox Import Export Role
– Add the user you are using to import as part of the group

Screenshot below

office365_importexportrole

(4170)

Fix: AzCopy.exe Could not finish the operation within specified timeout

When uploading files or PST files to Office 365 using AzCopy.exe, during the upload using Microsoft’s PST Import service you might have the frustrating error saying “The client could not finish the operation within specified timeout“. On the command prompt it will be seen as stuck on saying 0 files uploaded with a transfer speed of 0 KB/s. I literally spent hours trying to find out why my PST files do not upload to Office 365.

This can be fixed by lowering the concurrent operations with the import services. After looking at the option which is /NC option to either 2 or 1 depending on the internet connection upload speed. To be safe, in my case I have setup the NC as 1.

Here’s an example of how the command prompt will look like.

AzCopy.exe /source:\\My-Server\PST /dest:https://12345ab67cd89e0fg123h45.blob.core.windows.net/ingestiondata/Company/PST /destkey:jhdfasdfnasdnflasjkdfnjklsdanflasdfn/nfasdjkfnasdjklfnsjkladnfasjkldfnsdjklf== /S /V:d:\PST_Upload\upload.log /NC:1

(4579)

Fix: Office 365 This user’s on-premises mailbox has not been migrated to Exchange Online when using dirsync

“This user’s on-premises mailbox has not been migrated to Exchange Online. The Exchange Online mailbox will be available once migration is completed”

This only happens for users that have been synced using DirSync as they are mail enabled with on premises exchange. I do not however want to migrate mailboxes and would like to start a fresh.

To fix this, one should exclude the attribute ‘msExchMailboxGuid‘ on the Azure Active Directory Connect Tool (DirSync).

-Disable Synchronization from the Office 365 Portal
-Delete all synched users (marked as cloud now)
-Remove these mailboxes from the Office 365 Recycle Bin
-Edit the MIIS so the MSExchangeMailboxGUID does not sync
-Enable Sync again

(14000)