I recently wrote about Microsoft’s new Powershell V2 Module and locating IMAP and POP enabled mailboxes using it. Now we’re going to get to disabling IMAP and POP to keep things secure! As of the date of this post (January, 2020) there are no new V2 modules to Set-CASMailbox, so we’ll have to use a V1 command. This will disable IMAP and POP across the tenant:
To get started, install the module from the Powershell gallery via
Install-Module -Name ExchangeOnlineManagement
Note only Powershell 5 is supported, with Powershell Core and 7 support coming… soon.
The commands have changed too. Get-Mailbox is still able to be run, but the new command is Get-EXOMailbox, which yields output more efficiently then its predecessor according to Microsoft, by changing what properties get shown and not including blank properties.
You can now connect via “Connect-ExchangeOnline” which creates an MFA-capable prompt. After you sign-in, you’re shown the new cmdlets!
I recently enabled Azure Active Directory (AD) Connect and wanted to turn this feature on. After doing some reading, I found a simple way to enable the AD Recycle Bin.
In the management console, go to Tools > Active Directory Administrative Center
Select Local Domain and in the Tasks Pane
Select Enable Recycle Bin.
NOTE: Be aware this feature cannot be disabled.
Click OK. Once enabled, wait for AD replication to complete as this is a change made on the configuration partition. This process may take a while should your organization have a large active directory infrastructure.
A very simple enablement of a process that could save you hours of restore time. Again, this process cannot be reversed once invoked.
Had an odd one today. An internal user with permissions to a Sharepoint site was getting the error “user not in directory”. Searching Google comes up with many different options and reasons for this error, but no concise cause / solution.
The user was able to login to Office365 webmail normally without any errors and was had a Sharepoint license for several weeks and hadn’t reset their password recently.
Eventually, I had the user un-invited and then re-invited and it worked!
I ran into this one yesterday. I was attempting to export a PST file with the findings of a compliance search within Office365. I couldn’t run it on my computer, nor the server where I was offloading the PST to. The error I got was simply “Make sure the export content hasn’t expired”.
Helpful. It obviously hadn’t expired.
Eventually I did the following: First, I started using Internet Explorer to do the export. Next, I found this Microsoft help doc that stated to add the following websites to the trusted or intranet zone in IE.
*.outlook.com, *.office365.com, *.sharepoint.com and *.onmicrosoft.com are added to the Local intranet zone trusted sites.
Voila! That did the job and my PST downloaded nicely.
I ran into an issue with a Powershell script I wrote recently, where I received this error:
The name must be unique per mailbox. There isn’t a default name available for a new request owned by mailbox xyz
Basically, a record is kept for completed mailbox move requests, and if you do too many for one mailbox, you get the above error. Don’t worry! Just run the following command in PS to clear away the completed request records, and you’ll then be able to run the import request!
Quick and easy tip today. A user left the company and to free up the license used on Office365 but keep the user’s mailbox, you can easily convert the mailbox to a shared mailbox, which you don’t get charged for on Office365.
Basically, go into Exchange Admin Center > Recipients > Choose the Mailbox you want to convert and on the right side, click “Convert to Shared Mailbox”