Creating Office 365 Mailboxes in a Hybrid Setup

In this article I will show you how to create Exchange Online mailboxes in a hybrid environment such that the maiboxes also show up on the on-premises Exchange server management console.

The most logical way of creating an Exchange Online mailbox (you’d think) is to let AD users DirSync across to 365, assign them licenses and be done with it. However doing it this way doesn’t create a link between Exchange Online and your On-Premises Exchange server which means you can’t do things like manage the user’s mailbox from EMC or┬ámigrate the mailbox between on-premises and Exchange Online.

Continue reading Creating Office 365 Mailboxes in a Hybrid Setup

Bulk Licensing Office 365 Users with PowerShell

Licensing Office 365 users manually can be a tedious task; especially if you are tasked with licensing hundreds or even thousands (think educational institutes that need to license user’s every semester or academic year).

I created a fairly basic script that will take a .CSV input and license your users according to your Office 365 environment and the licenses you have available.

Continue reading Bulk Licensing Office 365 Users with PowerShell

Downloading the Latest Malwarebytes Definitions File for Offline Use with PowerShell

Looking through my blog stats I saw that one of my old articles was still getting a lot of views – the one about downloading an offline copy of the Malwarebytes definitions file.

I decided to write a quick version 2 of the script so that it can now run natively in PowerShell without any third party tools (wget) – it’s also easier to understand and slightly more elegant only requiring four lines to do the job.

Continue reading Downloading the Latest Malwarebytes Definitions File for Offline Use with PowerShell

Remove Old ActiveSync Devices on Exchange Using PowerShell

This will be a quick how-to guide on removing old/stale ActiveSync devices from Microsoft Exchange.

Note 1: I have only run this on an on-premises Exchange 2007 server so I am not sure if it will work in 2010, 2013 or Office 365 but hopefully the script will come in handy anyway

Note 2: This is my first ever PowerShell script so I am sure there are better ways of doing this but it does the job!

Okay so if you want to run a report on old devices (I have defined old as no successful sync in the past 30 days but you can change this to whatever you want) before you go ahead and remove them, run the following command:

Get-Mailbox | ForEach {Get-ActiveSyncDeviceStatistics -Mailbox:$_.Identity} | where {$_.LastSuccessSync -lt ((Get-Date).AddDays(-30))}

To actually remove these devices (this command removes the relationship between the device and Exchange – it will NOT wipe the device) run this command:

# Assign the full identity string for each of the old devices to the $staleDevices variable - this identity string is required for the Remove-ActiveSyncDevice cmdlet
$staleDevices = Get-Mailbox | ForEach {Get-ActiveSyncDeviceStatistics -Mailbox:$_.Identity} | where {$_.LastSuccessSync -lt ((Get-Date).AddDays(-30))} | select -expand Identity
# Loop through the identities and pass them in to Remove-ActiveSyncDevice. The -confirm at the end forces the command to go through. Remove it if you want to manually confirm each removal
foreach ($device in $staleDevices) {Remove-ActiveSyncDevice -Identity $device -confirm:$false}

Setting Office 365 User Passwords to Never Expire

The default policy for Office 365 user accounts is to automatically expire their passwords after 90 days.

Some of our users experienced this today and the most annoying thing about it was that they were not warned beforehand about it. They were simply locked out their account until they changed it there and then; unlike the Windows OS counterpart which gives you a comfortable 15 day warning before forcing you to change your password.

Anyway, this article will tell you how to set the password expiry from 90 days to never.
Office 365 already enforces a strong password policy BUT I do not recommend you change this setting if your users often use public terminals or are prone to writing their passwords on sticky notes and keeping them under their keyboards :)

Continue reading Setting Office 365 User Passwords to Never Expire

Archiving a User’s Mailbox on Office 365

So an employee has left the company and you now need to archive the mailbox due to legal and/or company policies.
This article will give you a quick overview on how you can achieve this goal on an Office 365 mailbox while maintaining the integrity and security of your organisation’s 365 account.
Although not necessary, I recommend (as a pre-requisite) disabling account ‘sign-in’ capabilities and resetting the user account password.
This will prevent the user from logging in to the account and messing around with it whilst you are attempting to archive their mailbox.

Continue reading Archiving a User’s Mailbox on Office 365

Disable Remote PowerShell for Office365 Users

For one reason or another, you may want to disable remote PowerShell access for all the users in your organisation.
The main reason for doing so would be to prevent ‘reconnaissance’ type attacks whereby a user will try to gain information about your network/organisation/topology/system etc by simply running (in this case) PowerShell queries against your organisation.

Continue reading Disable Remote PowerShell for Office365 Users