So you need a simple SMTP relay test for Office 365
Introduction

I have been doing a ton of Exchange migrations lately and setting up internal IIS relays to smarthost to Office 365. In this I have found many issues with firewalls and various settings IT managers like to do to keep email traffic limited. In this I have had to figure out ways to test SMTP from telnet to PowerShell and this one is my favorite so I thought I would share.

Steps (4 total)
1
Open PowerShell
Right Click on PowerShell and Run As Administrator

2
Store your Office 365 Mailbox Credentials
get-credential will prompt you for the Office 365 relay mailbox creds. you need to store this in a variable so you can call it as one bit in the next command line.

$relaycreds = get-credential

3
Use Send-MailMessage PowerShell Command
now we can use the creds above to send a test email message using the Send-MailMessage command. [email protected] to the same user #you just stored the relaycreds in step one. [email protected] to another email address you have under your control so you can see it relay.

Send-MailMessage –From [email protected] –To [email protected] –Subject “Test Email” –Body “Test SMTP Relay Service” -SmtpServer smtp.office365.com -Credential $relaycreds -UseSsl -Port 587

4
Test the SMTP Relay
use the same command with a few changes to test the SMTP relay now.Do this from the server with IIS6 SMTP relay on or change localhost to the FQDN of your choice.

Send-MailMessage –From [email protected] –To [email protected] –Subject “Test Email” –Body “Test SMTP Relay Service” -SmtpServer localhost -Port 25

Conclusion

So really simple way to send emails now and you can see also from this command the ability to email from a scheduled task attached to event triggers. This will help you monitor your windows servers for those specific events that you care about.

Good luck

Authenticate to Azure Account

Add-AzureAccount

Select Azure Subscription

$subscription = (Get-AzureSubscription).SubscriptionName | Out-GridView -Title "Select Azure Subscription" -PassThru
Select-AzureSubscription -SubscriptionName $subscription -Current

Select Azure Storage Account

$storageAccount = Get-AzureStorageAccount | Select Label,Location | Out-GridView -Title "Select Azure Storage Account" -PassThru
Set-AzureSubscription -SubscriptionName $subscription -CurrentStorageAccountName $storageAccount

Select Azure VM

$vm = Get-AzureVM | Select ServiceName | Out-GridView -Title "Select a VM Service Name ..." -PassThru
$vmname = $vm.ServiceName

Select Data Disk to resize

$disk = Get-AzureVM -ServiceName $vmname -Name $vmname | Get-AzureOSDisk | Out-GridView -Title "Select a data disk to resize" -PassThru
$diskName = $disk.DiskName

Stop and Deallocate VM prior to resizing data disk

Stop-AzureVM -ServiceName $vmname -Name $vmname -Force

Specify new Data Disk size – must be larger than current size

do {$size = Read-Host -Prompt "New size in GB"} until ( $size -gt $disk.LogicalDiskSizeInGB )

Resize Data Disk to Larger Size

Update-AzureDisk -Label "$diskName" -DiskName "$diskName" -ResizedSizeInGB $size

Start VM

Start-AzureVM -ServiceName $vmname -Name $vmname

A few days ago I was working on an Azure VM host and trying to repair the AD role on one particular server. After removing the AD and DNS roles the server became unresponsive due to what was now bad DNS entries on the NIC card. No console session to get in an reset this and so I went to asking my buddy Craig at MS about this. His advice was to change the size of the VM which would reset the NIC and get it back to DHCP. We tried this and it actually works!

Just wanted the community to be aware of this quick fix to a headache with Azure VM's

Seems like all I do lately is migrate users to Office 365. In that I have started getting very large numbers of users and it quickly became impractical for me to manually assign Office 365 licenses. In that regard I started looking around for some PowerShell scripts that would allow me to do this. After searching and searching it appears that most, if not all, of the examples on the web were for creating new users then assigning the licenses to them. I had already setup DirSync so the users were already populated on Office 365, so that method was not going to work.

So after much trial and error I have come up with a Script you can run against a email address list CSV dump that will assign the license for you in bulk. Some of the steps are well known, like connecting PowerShell remotely to Office 365, but the bit that had me stumped was now to set the license without actually creating the user first. Once I got around that I was home free.

Steps

Dump your user email list to a CSV text file and set the header for the one column to UserPrincipalName and put the users email address under it one line per user like the example below.

UserPrincipalName
[email protected]
[email protected]
etc…

• Install Microsoft Online Services Sign-In Assistant
• http://www.microsoft.com/en-us/download/details.aspx?id=41950
• Install Azure AD Module
• http://go.microsoft.com/fwlink/p/?linkid=236297
• Find the Azure AD PowerShell Icon and right click then Run As Administrator
• Go to your C:\ and create a folder called Scripts

Create a new text file and copy the following code into it, then save the file as licenses.ps1 and save it to the scripts folder.

Connect-MsolService
#CSV file picker module start
Function Get-FileName($initialDirectory)
{ 
 [System.Reflection.Assembly]::LoadWithPartialName(“System.windows.forms”) |
 Out-Null
  
 $OpenFileDialog = New-Object System.Windows.Forms.OpenFileDialog
 $OpenFileDialog.initialDirectory = $initialDirectory
 $OpenFileDialog.filter = “All files (*.*)| *.*”
 $OpenFileDialog.ShowDialog() | Out-Null
 $OpenFileDialog.filename
}

#CSV file picker module end

#Variable that holds CSV file location from file picker
$path = Get-FileName -initialDirectory “c:\”

#Window with list of available 365 licenses and their names
Get-MsolAccountSku | out-gridview

#Input window where you provide the license package’s name
$server = read-host ‘Provide licensename (AccountSkuId)’

#CSV import command and mailbox creation loop
import-csv $path | foreach {
Set-MsolUser -UserPrincipalName $_.UserPrincipalName -usagelocation “US”
Set-MsolUserLicense -UserPrincipalName $_.UserPrincipalName -AddLicenses “$server”
}

#Result report on licenses assigned to imported users
import-csv $path | Get-MSOLUser | out-gridview

Jump back to the Azure PowerShell window and set the execution policy to unrestricted by running the following command in the PowerShell window

• Set-ExecutionPolicy Unrestricted
• Hit “Y” when prompted
• CD C:\scripts
• Run the script
• .\licenses.ps1

First prompt is for your Office 365 admin credentials. Use the [email protected] account that was created the first time you setup Office 365.

Second Prompt is for the location of the UserPrincipalName CSV file, just browse to where you saved it (c:\scripts) and select it then hit ok.

Third window will look up the sku of the licenses you purchased.
Type the SKU name EXACTLY as you see it with your account name :then the SKU

Then the script will run and assign the licenses to the users.

In conclusion I hope this helps you with your Office 365 migrations.

References:
http://www.codetwo.com/admins-blog/how-to-add-and-license-users-in-bulk-on-office-365/

Dealing with a rabbit hole issue that ened up being a Windows patch KB3002657 breaks NTLM.
https://www.pickysysadmin.ca/2015/03/11/kb3002657-breaks-everything/

Uninstalling the patch fixes the issue

Youtube Video

I have been answering questions on the forum and it came up that someone’s IPhone was not syncing some calendar items while other calendar events synced fine, with no real difference in how the appointments are created. After researching this I came across a tool that allows you to scan the problem mailbox or all the mailboxes on an exchange server and moving the corrupted items into a folder in the users Mailbox for remediation or deletion. After realizing this was a big part of Exchange administration I thought I would put together a How To so I would remember and others would have the benefit.

1. Download CalCheck from Microsoft
   http://www.microsoft.com/en-us/download/details.aspx?id=28786
   Get the 32 bit version the 64 bit is not really usable on all platforms.
2. Extract the Zip
   Find the download and extract the zip to a convenient location.
   Run the CalCheck.exe application and choose the correct Outlook Profile to run the Calendar scan against.
3. Check The Log Report
   Open up the folder you extracted with CalCheck.exe in it and find the log file named CalCheck.txt
   This will list all the calendar errors and specific references to why the errors will cause sync issues.
   Give this to your end user or boss as evidence of the core issues
4. Fix Errors
   CalCheck will not delete any errors but it will report and move those errors to a new folder it creates in the users Mailbox called, you guess it, CalCheck.
   You can force it to run the fix switch from the command line.
   Windows key + R to get the Run dialoge
   CMD
   CD to the folder with CalCheck
   C:\CalCheck_x86\CalCheck.exe -f
   Choose the Outlook profile you want to run against and let it go. It will then scan, overwrite the log, create a CalCheck folder in the users mailbox and move any errored items over to that folder for delete or fix.
   I also like to run this with the -r switch as it will create a report email and place it in the users inbox listing all the corruption for all to see.
   C:\CalCheck_x86\CalCheck.exe -f -r
   After the check is complete go back to the users Outlook and you will see a new CalCheck folder listed under the Mailbox.
   Locate items that are unwanted and delete them
   Recreate any appointments that have corruption and be sure to fill out all the info on the appointment form so as not to reintroduce the issue.
5. Admin: How To Scan Every Mailbox And Report Corruption
   You can also run this tool via command line and have it enumerate and scan all the mailboxes on the exchange server.
   You will need to run this from a profile that has administrator rights to all the mailboxes on the server.
6. Admin: Multi Mailbox Mode: Set User To Full Access
   Works in Exchange 2010 and higher
   Give Full Access Rights on the server to all Mailboxes to one user.
   Use PowerShell for this Changing OUName and UsersName to the correct admin user.
   Get-Mailbox -OrganizationalUnit “OUName” | Add-MailboxPermission -User “UsersName” -AccessRights FullAccess
7. Admin: Multi Mailbox Mode: Create Mailbox List Text File
   Change ServerName and Set the Path and File Name
   Get-Mailbox -Server “ServerName” | fl Name, LegacyExchangeDN | Out-File <path and file name> -width 200Copy the file to the machine you will run CalCheck on or put it on a share you can access.
8. Admin: Multi Mailbox Mode: Run CalCheck Against All Mailboxes
   Log on to the machine you have Outlook installed as the user you gave full access to in step 6.Create a new Outlook Profile and connect it to exchange for the full access user.
   Download CalCheck 32 bit from MS and install it
   http://www.microsoft.com/en-us/download/details.aspx?id=28786
   Extract the download to C:\CalCheck
   Copy the Mailbox list text file to the C:\CalCheck Directory
   Open a Command Prompt and CD C:\CalCheck Directory
   CalCheck -L C:\CalCheck\Mailboxlist.txt -F -R
   The CalCheck -F on the end users machine that is experiencing Calendar sync issues to the phones is the quickest way to get calendar sync issues resolved.
   Using the Admin Mode to keep that corruption at bay is the next layer to a happy end user experience.

Big shout out to NTG.co and all the great folks that work so hard to make this and Spiceworks great!

Hyper-V has matured into a robust and reliable HyperVisor and I have been using it reliably since the first iteration. With 2012 R2 the feature set makes it a no brainier when compared to ESX on purely cost basis.

Back to the original question regarding having a DC on the same box as the Hyper-V Hyper-visor and having it attached to the domain.

Two ways I can say I would set this up.

First way if I had access to only one Bare Metal box would be to leave the Hyper-V server off the domain and run it stand alone. This would remove the requirement of having the DC online before you login to the Hyper-V server and control functions.

Second way if I DID have access to another physical box would be to add a second domain controller as a second VM on a Second Hyper-V box. This way you almost always have a DC online to run creds against so you can attached the Hyper-V server to the domain.

Third way I have seen this setup is to have a completely separate domain for just the Hyper-V servers. I have only seen this in very large datacenter deployments so I don't really think this applies.

https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html?mkt_tok=3RkMMJWWfF9wsRokvK%2FAd%2B%2FhmjTEU5z17ewkXaG1hokz2EFye%2BLIHETpodcMTsRhPLHYDBceEJhqyQJxPr3NKNgN3tx5RhPmCg%3D%3D

Check out the new OneDrive client for both Windows and Mac OSX!

https://preview.onedrive.com/sync/setup.html

Kiss those pesky limitations goodbye!

Actually your distribution groups are a great way to do this. On S4B just type the name of a distro group in Exchange online and it should populate those users and group for you by right clicking and add to favorites.
Sometimes I create a separate book just for departments etc.

#Allow Remote Scripts To Run
Set-ExecutionPolicy RemoteSigned

#Store Office 365 Global Admin Creds and connect to MS online
$credential = Get-Credential
Import-Module MsOnline
Connect-MsolService -Credential $credential

#Verify Active Directory Sync Has Been Disabled - Money Command will not run with it on
$IsDirSyncEnabled = (Get-MsolCompanyInformation).DirectorySynchronizationEnabled
If($IsDirSyncEnabled -eq $false) {Write-Host "Office 365 Active Directory Sync Disabled - Good to go!"} else {Write-Host "Please disable Active Directory Sync and Wait" Exit}
Start-Sleep -Seconds 5

#If you want to dump your existing AD to text file for reference uncomment the next line
#ldifde -f C:\export.txt -r "(Userprincipalname=*)" -l "objectGuid, userPrincipalName"

do{

Query the local AD and get all the users output to grid for selection

$ADGuidUser = Get-ADUser -Filter * | Select Name,ObjectGUID | Sort-Object Name | Out-GridView -Title "Select Local AD User To Get Immutable ID for" -PassThru
#Convert the GUID to the Immutable ID format
$UserimmutableID = [System.Convert]::ToBase64String($ADGuidUser.ObjectGUID.tobytearray())

Query the existing users on Office 365 and output to grid for selection

$OnlineUser = Get-MsolUser | Select UserPrincipalName,DisplayName,ProxyAddresses,ImmutableID | Sort-Object DisplayName | Out-GridView -Title "Select The Office 365 Online User To HardLink The AD User To" -PassThru

#Uncommend the ###Careful### out of the following command to purge all the deleted users from the users recycle bin on Office 365
#This will only query for users that are unlicensed so it will skip users with mailboxes but still use at your own risk
###Careful### Get-MsolUser -ReturnDeletedUsers | Where-Object {$_.isLicensed -NE "false"} | Remove-MsolUser -RemoveFromRecycleBin -Force

Money command that sets the office 365 user you picked with the OnPrem AD ImmutableID

Set-MSOLuser -UserPrincipalName $OnlineUser.UserPrincipalName -ImmutableID $UserimmutableID

#Verify ImmutableID has been updated
$Office365UserQuery = Get-MsolUser -UserPrincipalName $OnlineUser.UserPrincipalName | Select DisplayName,ImmutableId
Write-Host "Do the ID's Match? if not something is wrong"
Write-Host "AD Immutable ID Used" $UserimmutableID
Write-Host "Office365 UserLinked" $Office365UserQuery.ImmutableId

Ask To Repeat The Script

$Repeat = read-host "Do you want to choose another user? Y or N"
}
while ($Repeat -eq "Y")

#List Users and ImmutableId
Get-MsolUser | Select DisplayName,ImmutableID | Sort-Object DisplayName | Out-GridView -Title "Office 365 User List With Immutableid Showing"

#Close your PS Office 365 Connection
Get-PSSession | Remove-PSSession

I hope you did a backup before sysprep...

Restore from backup
Power on VHD on Hyper-V 2012 and update the integration drivers
Shutdown the VHD
Copy the VHD to your Storage Blob Using How-To
http://community.spiceworks.com/how_to/120949-migrate-hyper-v-vms-to-azure-with-os-disks-bigger-than-128gb-using-powershell

When I was running Screen Connect on Linux it would fail on occasion like this and I would just download the Tar file and reinstall over the top and it would usually get it going again.
https://www.screenconnect.com/Download

Post the script as you have it now

I usually use AD modify for this.. much easier and has a rollback feature in case you mess something up.
http://admodify.codeplex.com/

Let me know if that works for you if not then I will look over the script and test it on a clean AD for you.

This write up is what I point people to when they have these questions (*the one my MS rep from SW said is gospel)
http://www.microsoft.com/OEM/en/licensing/sblicensing/Pages/downgrade_rights.aspx#fbid=D7zcRxMWVLN

DC's will only slow you down if you have many calls for tokens. unless you have some LOB - SSO sitution the lowest tier I would go is A1.

My 2 cents

good luck

My Dad, A long time IT Administrator for mainframes would tell me over and over your only as good as your last viable backup. I am religious about backups and copy's of data, especially with big moves like this.

And I second the notion that most if not any of your users do not fully understand what is going to happen. Add on top that almost all are convinced of the "Clouds" ability to retain your data indefinitely. And you have a recipe for disaster.

And you look like the hero too when / if they need that data.

So get a nice external USB 3.0 HDD and dump the data there and save it.