A simple way for your users to manage distribution list membership with hybrid Office 365 environments with Active Directory on-premises, Azure AD Connect synced to Azure AD and Exchange Online.
With Exchange on-premises, users may be used to managing Distribution Lists (DLs), using Outlook to open the DL and edit the group membership that they are the owners of. However, once you move to Exchange Online, these can no longer be managed using Outlook, since the DL is synced from your on-premises AD, and cannot be edited in Azure AD. So, the DL has to be managed in your on-premises AD. Your help desk can do this with Exchange Admin tools, however, it is not very convenient for users to have to call the help desk every time that they want to edit DL membership.
Both mailbox creation and deletion failure scenarios heavily involve verifying the current recipient type values across all directories – especially in a directory synchronised environment. For example; if a user is listed on-prem as a remote mailbox with a cloud archive, then you should expect EXO to have a primary and an archive mailbox for this user. If it doesn’t, then troubleshoot for a synchronisation failure somewhere between on-prem and EXO.
The three attributes you will be dealing with are the following, and there are many possible values for each:
RemoteRecipientType (in PowerShell)
Note: You should only see the above value populated if the customer has a directory sync’d environment, and they either migrated a mailbox to the cloud or if they used new-remotemailbox to provision a cloud mailbox.
During a recent Office365 migration, one of the questions that arose was what would happen to Outlook Autocomplete entries (also known as the Nickname cache) when migrating users from on-premise Exchange, to Office365. Many users rely on this list, and a common complaint when this goes missing is ‘my contacts have disappeared’. In fact users just often don’t use contacts because it requires manual steps to save someone’s details, they just rely on the fact that once they have emailed a user, Outlook remembers the name and they just have to start typing it and Outlook completes the address for them.
The answer, as with many things in IT, is ‘it depends’. Largely it depends on the Outlook client version.
Outlook 2010 and later store the autocomplete list in a hidden folder in the user’s mailbox. The great thing about this is that when setting up a new PC if the user opens the same mailbox then the list will be there already as soon as the mailbox is opened. So when migrated to Office365, this hidden folder is migrated along with the user’s email. When they login to their mailbox through Outlook, it should be available.
Also note that Outlook Web App uses its own auto complete list, this is not the same as the one used by Outlook.
One final thing to note, is that if users autocomplete list is lost or accidentally deleted, one way of repopulating it is to draft an email with all of the users contacts in, and save it (but do NOT send!). This adds all of the addresses to the cache.
See ‘Information about the Outlook AutoComplete list’
How to fix issues synchronising and displaying emails in secondary or shared mailboxes in Exchange Online.
When migrating from Exchange on-premise to Office 365, users can experience issues displaying emails in secondary or shared mailboxes. When their mailboxes were hosted on-premise, users didn’t have this problem, since the Exchange servers were nearer to the users and Outlook could operate in online mode without experiencing the cached mode limitations.
Microsoft recommends 3 potential fixes for this issue:
Delete folders to reduce the folder count. This is often not possible since data needs to be retained, or needs to be separated into folders. Or there may just be so many additional mailboxes that it is not practical to have less than 500 folders across all of them.
Turn off cached mode for shared folders as below. However. since you Exchange servers are now in the cloud, whilst changing this setting will show all of the emails, not only will you be unable to access the emails when offline, but performance will be heavily dependent on network conditions. Frequently this will cause performance problems with Outlook; whilst these shared mailboxes were hosted on an on-premise Exchange server, moving them to the internet can make it too slow to access them in Online mode.
The solution is, therefore, the third recommendation by Microsoft. We recommend that clients skip the first 2 workarounds, and implement this from the start for any power email users who access a number of shared mailboxes. Unfortunately, this will require manual configuration by the end user, so a combination of automapping and manual configuration may be a good compromise.
Disable automapping for each secondary mailbox as per 2646504 – ‘How to remove automapping for a shared mailbox in Office 365’.
Add the account as a secondary account into Outlook via the Add New Account dialog box in Outlook. Simply add the email address of the account, as long as you have full access then it will allow you to add the profile.
Note that when diagnosing this issue it is very useful to use the Get-MailboxFolderStatistics cmdlet, which you can use to calculate if the user is near or over the 500 folder limit across all of their mailboxes.
We had an interesting Skype migration, where we needed to migrate 10,000 numbers from BT to Microsoft Phone System for Skype for Business.
With BT you have to port the entire block in one go, so we had no way of porting numbers in batches as users migrated over to Skype for Business. So, we needed a way for users to continue to be able to receive calls as they migrated onto S4B, but whilst the numbers were still with BT. Since calls were still coming into an old PBX, the initial thought was to program the PBX to forward numbers as and when users were migrated. However, since we were migrating about 100 users a day, this would basically be a full time job to program all the forwarders on the PBX, and would also be very prone to error, since the old PBX had to be programmed via a terminal application with no scripting support.
However, we realised that users were already used to forwarding their own numbers to their mobile phones, so they can forward their own calls in this way using their desk phone (a feature of the old PBX). What we therefore did was allocate 10,000 temporary local numbers in Skype for Business, and then ask each user to forward on their old desk phone to their temporary number as they get migrated. Once this is done, users receive all their calls on their old number using S4B (either client or Polycom desk phone), and can make outbound calls (which doesn’t show their number anyway). This made the whole migration process a lot easier, and placed the onus on the user to set up a simple call forward, less prone to error and easy for them to correct if they make a mistake.
The final job will be one off number port, at which point we will map all the ported numbers to the users using a PowerShell script, and job done!
PowerShell won’t update help, or let you connect to online repositories, without configuring it to work with your corporate web proxy servers. Unfortunately it does not use the system settings, so you have to do this manually.
If you try and use an online command such as update-help, you will get an error like this:
PS C:\WINDOWS\system32> update-help
update-help : Failed to update Help for the module(s) 'ActiveDirectory, AppBackgroundTask, AppLocker, AppvClient,
Appx, AssignedAccess, BestPractices, BitLocker, BitsTransfer, BranchCache, CimCmdlets, ClusterAwareUpdating, ….Unable to
connect to Help content. The server on which Help content is stored might not be available. Verify that the server is
available, or wait until the server is back online, and then try the command again.
At line:1 char:1
+ CategoryInfo : InvalidOperation: (:) [Update-Help], Exception
+ FullyQualifiedErrorId : UnableToConnect,Microsoft.PowerShell.Commands.UpdateHelpCommand
To fix this, you need to configure your proxy settings in your PowerShell profile as follows (note that this requires local administrator rights):
Open an administrator-level PowerShell command prompt
Run the following command to register the PSGallery Repository
Register-PSRepository -Default -Verbose
Then you will be able to edit your profile:
Note: it will prompt you to create this if it does not exist. Then add the following lines, modifying as you see fit for your environment:
This is a workaround in order to migrate mailboxes to Office 365 which have special characters.
You may run into an issue migrating from on premise Exchange to Office 365, where some accounts fail due to illegal characters in email addresses or UPNs. Having spoken to Microsoft about this, the official line is that no special characters are supported, therefore you should remove them if at all possible. However, we found during a large migration that in some cases they can be retained.
Note that the Microsoft article linked below does not mention UPNs, however we found that special characters in UPNs will cause users and shared mailbox migrations to fail.
The result of our testing was as follows:
Distribution Lists don’t require any changes and will still work
User accounts and shared mailboxes need any illegal characters removing from UPN, mail and primary SMTP address in proxyaddresses attribute, but these can be added back in as SMTP aliases, and should then be retained once the account is migrated.
Note: I would suggest that special characters are simply removed, rather than replaced with anything else. There are different types of characters, so removing them works for anything. It is not required to change the Display Name in the GAL, only the email address and whilst that is what people will see if they reply to an email, and they will still receive emails on the old address. This will be very difficult to manage if we have different rules for different areas of the business, different characters etc.
You can follow the process below to make changes to affected accounts in your on premise Active Directory before they can be migrated. To be clear, the process is as follows (for users and shared mailboxes):
Remove any special characters from UPN, mail, and primary SMTP address
Add back the primary SMTP address as an alias (if still required)
All other aliases and attributes can remain as-is, including display name.
Display name: R&D Team Mailbox – leave as-is
UPN: Change R&DTeamMailbox to RDTeamMailbox
Change Primary SMTP: From R&DTeamMailbox.com to RDTeamMailbox@domain.com (remove &)
Add back the primary address as an alias: R&DTeamMailbox.com
The Lenovo Miix 720 is Lenovo’s latest attempt at creating a business class hybrid device in the mould of the Microsoft Surface Pro 4. Lenovo gets a lot of things right with this version, however there are some nagging issues which you may need to consider before rolling these out in your business, or even buying one for home.
This review is written primarily from the perspective of a business implementation, since that is the target audience for these machines, however many points would equally apply to the home user.
The units we tested came with a Core i5-7200U CPU, 8GB of RAM, and a 256GB NVMe SSD. Al units come with a 12.0″QHD+ 2880×1920 screen with Gorilla Glass, which is perfectly adequate. The CPU is a dual core Kaby Lake chip, and combined with the RAM and speedy SSD, performance was generally excellent. We suspect this configuration may the sweet spot for many organisations, offering a good balance of cost and performance.
The spec tops out at an i7-7500U with 16GB of RAM, however from the service manual it appears that the RAM is not upgradable, i.e. it is soldered to the motherboard.
For those into numbers, the SSD is a Samsung MZVLV256, unfortunately CyrstalDiskMark did not detect the disk so we were unable to test the performance.
The unit itself is very similar to the Surface Pro 4 in terms of size and weight. However the screen is slightly smaller (12″ vs 12.3″ on the SP4) due to a wider bezel, which is a little disappointing. The screen is also a fingerprint magnet, and even after using a screen wipe it still had smudges all over it, so much so that someone walking past commented on it even after I had just cleaned it. This is only really apparent when the screen is off however, using in docked mode. It should be noted that any laptop with a very high DPI display will have issues if you want to use the built in display with an external monitor that is not also very high res, you will encounter issues with display scaling. The problem is that different displays will require different scaling settings to appear a comfortable size, however Windows (or to be precise, some applications) do not handle this well. This can result in strange effects, such as:
– Connecting the device to e.g. an HD screen after booting it up when not docked, will result in blurry text in many applications, including Office.
– If you booted up when docked, and then undock the device, some applications will appear tiny. For example the IE11 will be so small as to be unusable. Chrome or Edge are fine.
The solution is to log off and on again whenever docking or undocking, and also using only the external display when docked, otherwise you will have mixed scaling settings and one of the screens will look blurry in some applications.
The kickstand uses Lenovo’s intricate watch band hinge similar to the Yoga 900 and 910, however it only has a hinge present on each side unlike those other models. It works well enough, however it is quite easy to push the device down and the hinge slides backwards. In fact on a smooth table it can slide down to near horizontal when slightly dropped on the table, or when prodded. So it doesn’t provide as much resistance as you might like, certainly less than the SP4 which is more solid.
The great thing about Lenovo machines it that the Hardware Maintenance Manuals (HMM) are freely available. The HMM for the Miix 720 (https://download.lenovo.com/consumer/mobiles_pub/miix720-12ikb_hmm_201611.pdf) lists all of the parts which are replaceable, and how to disassemble the device. That Lenovo can achieve this level of reparability in the device the same form factor as the Surface Pro 4 is quite an achievement, and refreshing change from machines that are getting to be neigh on impossible to attempt to upgrade or repair yourself (or indeed, at all – I am looking at you Surface Laptop!).
The Lenovo has a good selection of ports, with 2 x USB A and 1 USB Type-C. The included power supply provides power over USB-C, which makes for a neat docking solution if using something like the Lenovo USB-C dock, since only a single able is needed for power, video, data and network. However because there is only one USB-C port, this does present a small problem at home or on the move, since if you want to use a USB-C dongle (e.g. to connect HDMI when working from home) then you cannot charge the device at the same time. The Lenovo USB-C travel hub
The keyboard is as good as can be expected from a unit like this. The typing experience is fine, however the right shift key is tiny, a single key wide as opposed to about 2.5 keys wide on most keyboards. This makes touch typing very annoying if you are used to using the right shift key with your little finger, you will hit the wrong key every time and end up doing cursor up instead of shift. This is incredibly irritating and I don’t know why Lenovo decided to change the standard keyboard layout. There are many users commenting on this design in the forum https://forums.lenovo.com/t5/Lenovo-Yoga-Series-Notebooks/Lenovo-Yoga-710-how-to-remap-reassign-Right-Shift-and-PgUp-keys/td-p/3353608 however it is possible to use Keytweak to change the up arrow to function as shift instead.
The keyboard is also backlit with two levels of brightness, and enabled via the usual FN + Space combination, this is nice in a low light environment.
The other benefit of a device like this, is that if a user spills a drink on the keyboard, instead of writing off the whole machine, you simply swap out the keyboard. So this should balance the potential number of increased breakages due to fragility in other areas compared to a normal clamshell laptop.
3 Styli (from bottom to top): Surface Pro 4, Lenovo Active Pen, Lenovo Active Pen 2
The Lenovo 720 comes with the newer Lenovo Active Pen 2, at least in most countries. Some people are reporting on the forum that they have received them with the Active Pen 1, which has no button on the top or Bluetooth functionality, so you should check with your Lenovo rep depending on which country you are in.
Otherwise the Active Pen 2 feels like a nice upgrade from the previous model. In addition to the single AAAA battery that the previous model took, this stylus unscrews in the middle and 2 more tiny watch batteries (319 SR527SW) go in the other end. Somewhat fiddly to replace but they should last a good amount of time. These power the Bluetooth functionality and the button on the top, in fact the button still works even if the pen is in half.
Button batteries for Bluetooth and the top button.
The new stylus is longer than the previous generation, and the additional button at the top is very useful as a PowerPoint remote, functionality it supports out of the box, and it can also be configured to open any app you like. OneNote is the obvious candidate as that is often used for taking hand written notes. The 2 buttons on the bottom are also larger and easier to use, by default the top one is for right click, the bottom one for erase, although this is also configurable. There is a Wacom Pen application for some of the more advanced settings which are not present in the default Windows 10 control panel settings. It is also worth noting that both of these work find in the LTSB version of Windows 10 Enterprise.
The new stylus also supports Wacom’s new Active ES standard, with Windows Ink support and supports up to 4,096 pressure levels compared to 1024 on the Surface Pro 4, so this should be a good tablet for drawing. It does not however support tilt
It is completely spherical as you can see from the photos. This means it rolls exceptionally well, which means it is more likely to get lost by rolling off a table or desk. This issue is largely caused by the fact that Lenovo dropped the pen clip from the pen, in fact if you look at the product pages e.g. at http://www3.lenovo.com/gb/en/laptops/ideapad/miix-series/Lenovo-MIIX-720-12IKB/p/88IPMX70799 you can clearly see the clip on the pen, as per the image below. Some users even reported buying a pen with the clip, however our Lenovo rep said that it was dropped due to quality control issues. There is no pen loop, just an awful plastic dongle which goes into a USB port (and feels like it will break it). This sticks out so much you would not want to put it into a bag with it attached. So with no clip, and no decent pen storage, these things are going to get lost like nobody’s business.
Where’s the pen clip?
Performance is generally very good. Running the Excel benchmark from http://exceltrader.net/984/benchmark_et-xls-an-excel-benchmark-for-traders/, the 720 performed better than the previous generation Surface Pro 4 and Miix 510, which you would expect from the new Intel chips. Whilst the fan spins up under load, performance was generally good across the board. Below are the test results from a few devices which we had to hand.
Model Fujitsu P702 (i3 2nd gen) Lenovo X240 (i5 4th gen) Microsoft Surface Pro 4 (i5 6th gen) Lenovo Miix 510 (i5 6th gen) Lenovo Miix 720 (i5 7th gen)
CPU i3-2370M i5-4300U i5-6300U i5-6200U i5-7200U
RAM 4GB 8GB 8GB 8GB 8GB
Average 17.25 49.76 71.15 72.99 77.27
– USB-C port, plus 2 normal USB 3.0 Type-A
– Light, yet sturdy
– Improved pen
– Noisy fan, hot
– That pen will get lost. A lot.
– Keyboard has a tiny shift key making typing annoying
What Lenovo have managed to create is a hybrid laptop/tablet, almost identical to the Surface Pro 4, however with more up to date connectivity with USB-C, mil-spec tested, and serviceable parts. That is certainly an engineering achievement. However there are comprises with a smaller screen, poor cooling, noisy fan, and a stylus with a mysterious missing clip. Performance is good however, and all in this would make a decent choice for enabling more flexible working within a business, and it is recommended as long as you don’t mind having a large stock of spare pens. Hopefully in the next iteration Lenovo can iron out some of the issues with this generation, they are certainly close to a perfect business hybrid but not quite there yet. I hope that the next version will have a slightly larger screen with less bezel, a better pen with storage, will be silent, and have sorted out the shift key size. Then I’m sold.