Creating and Configuring Resource Mailboxes

  1. Create and Configure a Resource in Office 365 Admin

  2. Create and Configure a Resource in Exchange Online Admin

  3. Create a Resource with PowerShell

Create and Configure a Resource in Office 365 Admin

  1. Open your browser and navigate to http://portal.office.com
  2. Enter the account associated with your Office 365 tenant

2017-06-18_18-42-16

3. Navigate to the Admin Center by clicking the Waffle and Admin

image

4. Expand out Resources and click on Rooms & equipment

image

5. Click on + Add to add a new resource

6. Leave it set to type Room and then fill out the rest of the information: Name, Email, Capacity, Location and a Phone Number

7. Click Add at the bottom

8. You should now have a new resources added to your list.

9. Set the scheduling options by clicking Set scheduling options

10. This will show the room details you can configure around accepting requests for this resource.

11. You can either click save or Cancel.

You now have a new room added to your Office 365 tenant that is available for users to book when creating a meeting in Outlook.

Create and Configure a Resource in Exchange Online Admin

1. In the Office 365 Admin Center, expand out Admin Centers and click on Exchange

2. This will take you into the Exchange Online Admin Center. From here, click on resources under the recipients heading.

3. Here you can see the resources created earlier. To add another resource, click + and then click Equipment mailbox

4. This will popup a dialog box where you can enter the Equipment Name and E-mail address. Fill out the two text boxes and click Save. If you have multiple domains in your tenant, you can also select the FQDN for your mailbox.

5. You now have your new equipment resource created. Let’s edit this resource by double clicking on it.

6. Double click on the resource, it brings up all the additional information you saw when working with a resource in the Office 365 Admin Centre.

7. Click on booking delegates, this is where you can disable auto acceptance of requests and specify a delegate the must manually approve or deny resource requests.

8. Click on booking options next. Here is where we see those options that were available to us in the Office 365 Admin Center around configuring what is allowed or not allowed when booking a resource.

9. Uncheck Allow repeating meetings and click Save

10. Now, if any meeting requests come in that are recurring meetings to book this resource, they will be automatically denied.

Create a Resource with PowerShell

1. Log into a Windows machine with PowerShell installed

2. Open a PowerShell Console

3. Establish a new Exchange Online remote PowerShell session by running:

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange `
-ConnectionUri https://outlook.office365.com/powershell-liveid/ `
-Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session 

4. Get what’s available. You can review existing resources by running the following PowerShell.

Get-Mailbox | Where {$_.ResourceType -eq "Room" -or $_.ResourceType -eq "Equipment"} 

5. Your window should like the one below:

6. Now, to create a new resource. Run

New-Mailbox -Name "PowerShell Room" -Room

This will create a new Room resource that will immediately show up when looking at the Office 365 Admin Centre or the Exchange Online Admin Centre. However, unlike the two mailboxes before, the Auto accept meeting requests will be Off.

7. Now that we have our new mailbox, run the following PowerShell again.

Get-Mailbox | Where {$_.ResourceType -eq "Room" -or $_.ResourceType -eq "Equipment"} 

You should see all three resource mailboxes now.  Let’s configure the one we just created.

8. First, let’s turn on Auto Accept with this PowerShell cmdlet

Set-CalendarProcessing -Identity "PowerShell Room" -AutomateProcessing AutoAccept 

9. Next, let’s configure a setting you can only set in PowerShell

Set-CalendarProcessing -EnforceSchedulingHorizon $false

If this is set to false, as long as a recurring meeting is scheduled to start on or before the window specified in the settings, the meeting request will be accepted rather than denied.

Search/Identify blocked file types in SharePoint

In SharePoint 2016 On-Prem, Microsoft has reduced the number of blocked file types from previous versions of SharePoint. It is totally different than the SharePoint 2010 / 2013. In SharePoint 2013, there are 105 default file types that are blocked by default but in SharePoint 2016, this number goes all the way down to 6. Interestingly, there is no blocked file type in SharePoint Online.

Self-Note:

Block type references:

Small Script to find all blocked file types:

$path = "C:\DRIVERS";
$extensitons = @("*.ade","*.adp","*.asa","*.ashx","*.asmx","*.asp","*.bas","*.bat","*.cdx","*.cer",`
                "*.chm","*.class","*.cmd","*.cnt","*.com","*.config","*.cpl","*.crt","*.csh","*.der",`
                "*.dll","*.exe","*.fxp","*.gadget","*.grp","*.hlp","*.hpj","*.hta","*.htr","*.htw","*.ida",`
                "*.idc","*.idq","*.ins","*.isp","*.its","*.jse","*.json","*.ksh","*.lnk","*.mad","*.maf","*.mag",`
                "*.mam","*.maq","*.mar","*.mas","*.mat","*.mau","*.mav","*.maw","*.mcf","*.mda","*.mdb",`
                "*.mde","*.mdt","*.mdw","*.mdz","*.ms-one-stub","*.msc","*.msh","*.msh1","*.msh1xml",`
                "*.msh2","*.msh2xml","*.mshxml","*.msi","*.msp","*.mst","*.ops","*.pcd","*.pif","*.pl",`
                "*.prf","*.prg","*.printer","*.ps1","*.ps1xml","*.ps2","*.ps2xml","*.psc1","*.psc2","*.pst",`
                "*.reg","*.rem","*.scf","*.scr","*.sct","*.shb","*.shs","*.shtm","*.shtml","*.soap",`
                "*.stm","*.svc","*.url","*.vb","*.vbe","*.vbs","*.vsix","*.ws","*.wsc","*.wsf","*.wsh","*.xamlx");

Get-Childitem -r -path $path\* -include $extensitons | %{$_.fullname}

#Optionally push results to a text file
#Get-Childitem -r -path $path\* -include $extensions | %{$_.fullname} > C:\File_Extensions.txt

image

“Replicating Directory Permissions” to the User Profile Synchronisation account

Self Note:

To create SharePoint managed service accounts see – https://consultantpoint.wordpress.com/2017/06/07/sharepoint-server-service-accounts-populating-in-active-directory/

Steps to add “Replicating Directory Permissions” to the User Profile Synchronisation account

1> Open “Active Directory Users and Computers”.  Right click on the domain name in the management console and select “Delegate Control…”

image

image

2.> On the “Delegation Control Wizard” click “Next” > On the “Users or Groups” screen used to delegate control.  Click “Add” and add your User Profile Sync account.  Click “Next”.

image

3.> On the “Tasks to Delegate” screen select the option “Create a custom task to delegate” > “Next”.

image

4.> On the “Active Directory Object Type” screen accept the default settings and click “Next”.

image

5.> On the “Permissions” screen check the box to allow “Replicate Directory Changes” and Click “Next”.  The last screen is for review and select “Finish”

To verify that this account got the right settings, run the following script:

import-module ActiveDirectory

# Functions to check AD Accounts has permissions  - I need to change Tobias Lekman's script to work for my environments - this is based on his script
function Check-ADUserPermission(
    [System.DirectoryServices.DirectoryEntry]$entry,
    [string]$user,
    [string]$permission)
{
    $dse = [ADSI]"LDAP://Rootdse"
    $ext = [ADSI]("LDAP://CN=Extended-Rights," + $dse.ConfigurationNamingContext)
	$domain =$env:USERDOMAIN

    $right = $ext.psbase.Children |
        ? { $_.DisplayName -eq $permission }

    if($right -ne $null)
    {
		$mvar = $entry.psbase.ObjectSecurity.Access;
		$objUser = New-Object System.Security.Principal.NTAccount($domain, $user)
        $perms = $entry.psbase.ObjectSecurity.Access |
            ? { $_.IdentityReference.Value.ToLower() -eq $env:USERDOMAIN.ToLower() + "\" + $user.ToLower() } |
            ? { $_.ObjectType -eq [GUID]$right.RightsGuid.Value }

        return ($perms -ne $null)
    }
    else
    {
        Write-Warning "Permission '$permission' not found."
        return $false
    }
}

# Functions to check AD Accounts has Replicating Directory Changes permissions  - based Tobias Lekman's script  http://lekman.codeplex.com/releases/view/65930
function Check-ReplicateChanges([string]$userName)
{
	$replicationPermissionName = "Replicating Directory Changes"
	$dse = [ADSI]"LDAP://Rootdse"
    $entries = @(
        [ADSI]("LDAP://" + $dse.defaultNamingContext),
        [ADSI]("LDAP://" + $dse.configurationNamingContext));
    Write-Host -ForegroundColor Blue " User '$userName': "
    foreach($entry in $entries)
    {
        $result = Check-ADUserPermission $entry $userName $replicationPermissionName
        if($result)
        {
            Write-Host "   has '$replicationPermissionName' permissions on '$($entry.distinguishedName)'" `
                -ForegroundColor Green
        }
        else
        {
            Write-Host "   does NOT have '$replicationPermissionName' permissions on '$($entry.distinguishedName)'" `
                -ForegroundColor Red
			# check if the user is a domain admin
			$user = New-Object System.Security.Principal.WindowsIdentity($userName)
			$WindowsPrincipal = New-Object System.Security.Principal.WindowsPrincipal($User)
			if($WindowsPrincipal.IsInRole("Administrators"))
			{   Write-Host "   is a Domain Administrator" -ForegroundColor Green }
			else
			{
				Write-Host "   add 'replication permissions' or a work around (less secure) is to add the User Profile Sync account as a local admin " -ForegroundColor Red
				Write-Host "   see http://blog.sharepointsite.co.uk/2012/11/powershell-to-create-user-accounts-for.html for instructions to setup accounts and replication" -ForegroundColor Red
			} 			

        }
    }
}

cls 

Check-ReplicateChanges("SP_ProfileSync")

image

The required path is working just fine, so I am not going to bother much about the rest of the path.

Adding site to Local Intranet sites zone via GPO

 

  1. Open GPMC in your Domain Controller. Create a GPO or use an existing GPO linked to the OU which contains all users.
  2. Under User Configuration, expand Polices > Windows settings >Internet Explorer Maintenance >Security
  3. Double click Security Zones and Content Ratings, then chose Import the current security zones and privacy settings.
  4. Click Continue, then click Modify Settings.
  5. In the Internet Properties windows chose Security tab, then click Local intranet, click Sites to add sites you want.

Fleanser – improves our productivity in migrating file shares to SharePoint Online

HuonIT excels in File Share migration projects with the introduction of custom developed cleansing and mirroring tool. Internally named Fleanser v1.0.

Our tool replaces part of the functionality provided by ShareGate solutions in migrating file share to SharePoint online environment.

Fleanser runs, various analytic operations in file paths to cleanse and shorten them intelligently when required. It also generates various analytic reports during cleanse process to back track on action applied against each file/folder members.

We tested our first version of this tool (functional edition) today for a client and we immediately saw the value we could add to our customers.

Proud to be a creator of this tool. We have already planned to add more functionalities to this tool in the subsequent releases.

Untitled-3

Office 365/SharePoint Online – OneDrive File Migration

Currently I am in the process of migrating a file share to SharePoint online libraries. One of the pre-check that I need to run before synchronizing the files is to make sure that these files/folders don’t have illegal characters defined by SharePoint online requirement.

The script below

function Check-IllegalCharacters ($Path, [switch]$Fix, [switch]$Verbose) { Write-Host Checking files in $Path, please wait... #Get all files and folders under the path specified $items = Get-ChildItem -Path $Path -Recurse foreach ($item in $items) { #Check if the item is a file or a folder if ($item.PSIsContainer) { $type = "Folder" } else { $type = "File" } #Report item has been found if verbose mode is selected if ($Verbose) { Write-Host Found a $type called $item.FullName } #Check if item name is 128 characters or more in length if ($item.Name.Length -gt 127) { Write-Host $type $item.Name is 128 characters or over and will need to be truncated -ForegroundColor Red } else { $illegalChars = '[&{}~#%]' filter Matches($illegalChars) { $item.Name | Select-String -AllMatches $illegalChars | Select-Object -ExpandProperty Matches Select-Object -ExpandProperty Values } #Replace illegal characters with legal characters where found $newFileName = $item.Name Matches $illegalChars | ForEach-Object { Write-Host $type $item.FullName has the illegal character $_.Value -ForegroundColor Red #These characters may be used on the file system but not SharePoint if ($_.Value -match "&") { $newFileName = ($newFileName -replace "&", "and") } if ($_.Value -match "{") { $newFileName = ($newFileName -replace "{", "(") } if ($_.Value -match "}") { $newFileName = ($newFileName -replace "}", ")") } if ($_.Value -match "~") { $newFileName = ($newFileName -replace "~", "-") } if ($_.Value -match "#") { $newFileName = ($newFileName -replace "#", "") } if ($_.Value -match "%") { $newFileName = ($newFileName -replace "%", "") } } #Check for start, end and double periods if ($newFileName.StartsWith(".")) { Write-Host $type $item.FullName starts with a period -ForegroundColor red } while ($newFileName.StartsWith(".")) { $newFileName = $newFileName.TrimStart(".") } if ($newFileName.EndsWith(".")) { Write-Host $type $item.FullName ends with a period -ForegroundColor Red } while ($newFileName.EndsWith(".")) { $newFileName = $newFileName.TrimEnd(".") } if ($newFileName.Contains("..")) { Write-Host $type $item.FullName contains double periods -ForegroundColor red } while ($newFileName.Contains("..")) { $newFileName = $newFileName.Replace("..", ".") } #Fix file and folder names if found and the Fix switch is specified if (($newFileName -ne $item.Name) -and ($Fix)) { Rename-Item $item.FullName -NewName ($newFileName) Write-Host $type $item.Name has been changed to $newFileName -ForegroundColor Blue } } } } $ErrorActionPreference="SilentlyContinue" Stop-Transcript | out-null $ErrorActionPreference = "Continue" Start-Transcript -path C:\LogFileLocation\IllegalCharsFound.txt -append # DO YOUR EXECUTION COMMAND HERE Check-IllegalCharacters -Path "D:\Egnyte\MCM" Stop-Transcript

The Bad News

The free version of SharePoint that was offered with SharePoint 2007, 2010 and 2013 is called “Foundation” is gone and will no longer be offered with SharePoint 2016

PowerShell Upload File to Style Library & Sub-Path Location

function UploadFile2StyleLibraryLocation($WebUrl, [String] $SourceFilePath, [String] $StyleLibrarySubPath) { # Open web $web = Get-SPWeb $WebUrl $file = Get-Item $SourceFilePath write-host "Started Uploading File..." $file.FullName # Open file $fileStream = ([System.IO.FileInfo] (Get-Item $file.FullName)).OpenRead() # Open Style Library $folder = $web.getfolder("Style Library") # Check whether the file is already exists? $File2Replace = $web.GetFile($folder.Url + $StyleLibrarySubPath + $file.Name) if($File2Replace.Exists -eq $true){ $File2Replace.CheckOut() } # Add the file $spFile = $folder.Files.Add($folder.Url + $StyleLibrarySubPath + $file.Name, [System.IO.Stream]$fileStream, $true) # Check in $spFile.CheckIn("Checkin by deploy script 1.7.0") # Finally publish the file $spFile.Publish("Published by deploy script 1.7.0") $MessageFilePath = $WebUrl + "/" + $folder.Url + $StyleLibrarySubPath + $file.Name $MessageFileName = $file.Name write-host $MessageFilePath write-host "Successfully uploaded file $MessageFileName" $fileStream.Close(); $web.Dispose() }

 

Usage:

UploadFile2StyleLibraryLocation -WebUrl "http://win12sp13"` -SourceFilePath "C:\mywork\pwcs-customer\Phase2Development-V1_7_0\Readify.Pwcs.Deployment\V1.7.0\_package\Deploy\Content\promotion.js"` -StyleLibrarySubPath "/Readify/ClientTemplates/"

Disable Mobile View on all SPWeb

Param([string]$WebUrl) if($WebUrl -eq ""){ write-host "Please input `$WebUrl` parameter value." -ForegroundColor Red; exit -1 } [System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint") > $null $WebApp = Get-SPWebApplication $WebUrl foreach($site in $WebApp.Sites){ foreach($web in $site.AllWebs){ $WUrl = $web.Url; Write-Host "Disabling mobile view on web - $WUrl..." -ForegroundColor Gray -NoNewline Disable-SPFeature -identity "d95c97f3-e528-4da2-ae9f-32b3535fbb59" -URL $WUrl -Force -Confirm:$false -ErrorAction SilentlyContinue write-host "done." -ForegroundColor Green } } Write-Host "End of exection" -BackgroundColor Green -ForegroundColor White