Posts

Get All AIP encrypted files - SharePoint Online

Ravikaran Patel -
One of the recent project merger and acquisition.  Technology - M365 tenant to Tenant migration Areas of consolidation 1. Mailboxes  2. SharePoint online data 3. OneDrive for Business data 4. Teams data migration 5. Security and Compliance Migration  Area of concern from security and compliance side was the encrypted files within EXO, SPO, Teams, ODB. Issue with encrypted data migration - end users will not be able to access the documents once the Source tenant is decommissioned.   Solution available -  Ask end users to unencrypt the data before migration  Alternet Solution - 1. Decrypt the files, mails using eDiscovery - This will give us output in PST format will is available for offline access, but the data in source will still be encrypted.  Decryption in eDiscovery - Microsoft Purview (compliance) | Microsoft Docs   2. Use Get-AIPfileLabel and Get-AIPFileLabel but in order to use this you must be aware of all the files paths.  Challenges -  1. We do not want end user intervention
5 comments
Read more

Error - QuarantinedAttributeValueMustBeUnique

Ravikaran Patel -
Case History. 1. Client already had users created in office 365 2. Client wanted to setup SSO for office 365 users Approach for requirement fullfilment   1. Deployed and configured Azure AD connect      95% users were synced and soft match was successfully done  5% users were getting error - QuarantinedAttributeValueMustBeUnique  (to view the sync issues -  https://aad.portal.azure.com/#blade/Microsoft_Azure_ADHybridHealth/AadHealthMenuBlade/SyncErros )  When we checked 2 users were found under Active users  1. one in Cloud (this was created earlier/ already existed ) with active licenses and Mailbox 2. one unlicensed synced with AD Solution - 1. Delete the unwanted user in Azure or AD as per this document.  https://blogs.msdn.microsoft.com/hkong/2017/03/23/how-to-fix-attributevaluemustbeunique-error-message-when-trying-to-sync-an-object-from-on-premises-active-directory-to-office-365/   but  If we delete the user in Azure we will loose
Post a Comment
Read more

Error - AttributeValueMustBeUnique in Azure AD connect sync

Ravikaran Patel -
My customer had already created accounts in office 365 and managing them in Azure, however due to some changes in business they wanted to sync AD with Azure to sync Password and Manage Identity form AD. Solution - Deploy Azure AD connect on ADDC, and post that it will do a Soft Match. However there were error with some users, their identities did not sync and their status still reflected as Azure AD. Error -  Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [ProxyAddresses SMTP:user@domain.com;].  Correct or remove the duplicate values in your local directory.  Please refer to http://support.microsoft.com/kb/2647098 for more information on identifying objects with duplicate attribute values. Tracking Id: b8367c95-ae67-46e1-xxxx-xxxxxxxxxx ExtraErrorDetails: [{"Key":"ObjectId","Value":["cd088468-bb6a-4
3 comments
Read more

Analyze Office 365 Message headers

Ravikaran Patel -
Image
How to get the message headers? From outlook. i. Double click on the mail “This will open the mail in new window” ii. Go to File option in the tool bar. iii. File > Info > Properties In the new pop up window copy all the contents available under “Internet Header” option. From OWA a. Open the mail b. Click on dropdown option available under “reply all” option c. Under the dropdown options select “Message Properties”. Once you have the message headers, open search “EXRCA” on Internet or open https://testconnectivity.microsoft.com/ Once you are the Microsoft remote connectivity site is opened select the option “Message Analyzer” Paste the copied/saved header under “Insert the message header you would like to analyze” and click on analyze. You will see the results in the below order. ·          Summary will give the overview of the mail like o    Subject o    From , To , …etc ·         
Post a Comment
Read more

Powershell For o365.

Ravikaran Patel -
Powershell For o365. http://m.virtualizationadmin.com/articles-tutorials/application-virtualization-articles/deep-dive-office-365-powershell-cmdlets-part-8.html
Post a Comment
Read more

Restore data for a deleted office 365 user

Ravikaran Patel -
Image
We need to create a New user and assign it a Exchange online licenses and let the mailbox be provisioned. Once the Mailbox is created for the new user, proceed further. Connect PowerShell to Exchange Online using below command: $LiveCred = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri  https://outlook.office365.com/powershell-liveid/  -Credential $UserCredential -Authentication Basic –AllowRedirection Import-PSSession $Session Then checked the old (deleted) user in Soft Delete Get-Mailbox –SoftDeletedMailbox  (check for the deleted user) Get-mailbox –SoftDeletedMailbox –Identity “Name of the mailbox” | fl *guid* Copy the GUID (not Exchange GUID) in a notepad (1) Get-mailbox –Identity “Email address of the new user” | fl *guid* Copy the GUID (2) Following command will copy the old mailbox’s email to the new mailbox. New-MailboxRestoreRequest -SourceMailbox "GUID (1)" -TargetMailbox "GUID (2)" -Tar
Post a Comment
Read more

Advance Threat protection - Safe Attachment

Ravikaran Patel -
Image
While Showcasing the ATP features to a client in a POC i noticed the following. ATP - Safe Attachment rule is set as Replace - Block bad attachment and continue to deliver the mail. However the Mail is not delivered it is deleted completely. Solution  Go to Exchange Admin Center > Protection > Malware Filter By default the Malware Policy is set to delete the entire mail if something is found as malware in the mail or attachment. Edit your Default policy. 1. Change the Default Setting to - Delete attachment and use default alert text or Custom Alert "depending on your requirement. In my case i had kept as default alert text. 2. You can also customize the Notification too.  3. You can also set the settings so that it will notifies the sender and sender for the undelivered of the Mail. 4. A notification about the same can be sent to the Admins too, you can use default or costume alert type too. (This will send a intimation to the adm
Post a Comment
Read more

How to block employee access to Office 365 data

Ravikaran Patel -
Image
"What do I do to protect data when an employee leaves the organization?" and "How do I block a former employees access to Office 365 after they leave?" IMPORTANT:  The steps in this article are for Office 365 Business Essentials, Office 365 Business Premium and Office 365 Enterprise. A quick overview of the of the process looks like this: Block employee access to Office 365 data. (Optional) Get access to the data of the former employee. (Optional) Send the former employee's email to another employee. Delete the former employee's user account. IMPORTANT:  You need to be a member of the Office 365 global admin role to perform the steps in this topic. Make sure the user that performs these steps has the right permissions to complete these steps. Block employee access to Office 365 data The first thing you'll want to do is block the former employee from logging in and accessing Office 365 data. There are a few steps you
Post a Comment
Read more