Presentation and code for Experts Live 2018

Today I had the honour to speak at Experts Live NL about deploying Microsoft’s cloud PBX. Experts Live is always a fun gig and the interaction between al nerds in the venue (during and after the sessions) are always something that really gives energy 🙂

I promised I would upload my slides and PowerShell code for this session, so here is a quick blogpost to let you know you can find them on GitHub.

For those of you that were at the venue, thanks for coming. For those of you that weren’t: see you next year! 😉

Microsoft Authenticator to support account backup & recovery

Good news for everyone who, like me, uses the Microsoft Authenticator app for all his (or hers) multifactor authentication needs: a much requested feature will soon be available!

Microsoft announced that they will soon start rolling out the account backup and recovery functionality for their authenticator app. This way, when you switch devices, you won’t need reconfigure all your account credentials on the new device.

The Microsoft Authenticator app beta for iOS already supports this feature, so I went ahead and configured the backup functionality.

 

The backup is encrypted with your personal Microsoft-account and then stored to iCloud. Because building the foundations using iCloud storage simplified the development process, Microsoft is starting the roll-out on iOS devices the next few weeks. After that, the function will become available in the Android-app too.

More information, and a form to sign up for the beta-release of the Authenticator app for iOS, can be found here.

Saving MS Forms responses to SharePoint

Last Friday I had the privilege to speek at a Dutch Meetup on Office 365 adoption. This really was a nice experience, as it was a small group of people sharing the love for Office 365 and just talking about what makes the platform so fun to work with but also what the pain points are.

I did my talk about the way we used Microsoft Forms and PowerBI to organise our company skiing trip. In stead of sending out calendar items in Outlook and afterwards ask everyone to email their details like contact information and diet wishes, we decided to use Microsoft Forms to do this inventory. Forms is one of the lesser known components in Office 365, but you can do some real magic with it. We created a form to collect responses from colleagues about whether they would be joining us on the trip. Using the  branching feature, you can ‘guide’ people through the form. When people select the option that they will be joining, they will be asked about what they would like to eat. If they select the option they won’t be joining, they will be asked about their reasons why, so we can see if we need to adjust something to have more people joining us on the next trip.

 

The forms render great on both regular and mobile devices, so you can just send out the link to you colleagues or even have a QR-code generated that you can display around your office so people can access the form from there.

As the creator of the form, you can view the results from the dashboard, or download as an Excel-file. If you want more insights however, you might want to add some extra functionality. For example, I like to have insight in why people won’t be joining, mapped out against their function. Do people that do mostly remote work tend to join less often? Of course, PowerBI is the right tool for the job. But, because the results can only be downloaded as an Excel-file, setting this up can be cumbersome. After each response, you would have to re-download the file to import the new results in PowerBI.

After some testing, we decided to go with a more robust solution: storing the results in a SharePoint list, so we can dynamically get the data from that list. After creating both the form and the list, we set up a task in Microsoft Flow to add new responses to this list.

Flow is one of my favourite tools in Office 365, because it gives you the ability to interconnect almost everything with easy ‘what you see is what you get’ logic. A flow consists of a trigger (something that starts the flow) and one or more actions. These actions can contain ‘dynamic content’; content that is determined based on the earlier trigger or actions. For example, when creating a flow from a Microsoft Form, you can use the content supplied in the form in the following actions. In simple written logic, our flow contains a trigger (the fact that a new response was submitted to our form), a first action (get the details of this response) and a second action (insert these details into a SharePoint list).

So, how does this look like inside Flow? When creating a flow, we first have to define the trigger. In this case, we use the ‘MS Flow’ connector and define the trigger as a new response to our form.

Here, the Form ID is the name we gave our form when creating it.

So, after the trigger we need to define an action. We need to use the dynamic content with responses from our form to insert into the SharePoin list, but the dynamic content from this trigger only includes the response id, the unique id of the responses for this entry. Therefore, we can’t use this to insert into the list, but we are able to use this response id to fetch the additional details of the response.

Using this action, we get the response details for each of the submitted responses. The next step is to import the responses into our SharePoint list.

When setting to action to be ‘create item’ in the SharePoint connector, we submit our site address en select the list we would like to create the item in. Flow then reads the list en populates the action with all columns in the list. We can the place the dynamic content from the form to fill out the columns.

The result is a SharePoint list that will dynamically update when responses are submitted. In the flow interface, we can watch the results come in!

So, from here on you can do almost anything you like with the data. We used PowerBI to aggregate the data from the list to create a visual dashboard. Of course, you can choose to display this dashboard in the Microsoft Teams you use within your organisation, for example.

There you have it: all the data you need, in a nice format, automatically updating dashboards, and you didn’t even need to hire a developer to get them!

New in OneDrive: File Restore

A few days ago, Microsoft announced a new feature for the Office 365 Suite, specifically within OneDrive: the ability to restore files as a user.

When you navigate to your OneDrive page and click the settings-icon, you can select ‘Restore OneDrive’.

After that, it’s pretty straightforward. There is a great instruction on the OneDrive blog, so I won’t be going into detail here 🙂

The feature is currently rolling out across all tenants and should be globally available by mid-februari.

Analyzing hybrid migration logs using PowerShell

While I’m currently working on migrating a customer from an on-prem Exchange environment to Exchange Online, in ran in to some problems with a few mailboxes.

In this case, there were three mailboxes that would fail the first (staging) sync from on-prem to ExO, due to the infamous ‘bad item limit reached’ error. So, I increased the bad item limit for these mailboxes and resubmitted the move request. After some time, the migration failed again, with the same error. The number of bad items had increased to above the limit I had set before. So, time to do some further digging. First, i’ll do a selection on the move requests to see which requests actually did fail.

I get the move requests that have a status of ‘failed’, get the statistics for those requests and load them to the variable $statistics.

Let’s see what the current amount of ‘bad items’ is for these mailboxes

An example from the output for one of the three mailboxes (please note that part of the displayname is hidden in this picture):

As you can see, I previously set the bad item limit to 700, but the migration currently encountered 788 bad items and therefore failed. I always do expect some bad items to occur during these migrations, but this sure is a lot. Where do all these errors come from? To find out, we have to take a look at the actual migration report.

Because I was looking at the third failed mailbox in my list of failed mailboxes, I’ll request the statistics for this mailbox, including the migration report.

This returns a huge wall of text, including all the errors that were encountered moving the messages. One of the last lines is the last failure recorded in the move request.

Of course, you can export this report to a text a file to go through the items to find the root cause. Personally, I find it easier to export the report to an XML-file, so I can use PowerShell to do some further digging.

With this cmdlet, I take the statistics for the given user, including the report, and export it to the given file. Next, I can import this XML-file to an object in PowerShell.

I now have the $report variable, which holds the XML-file with the migration report. I can now navigate through this report as I could with any other XML object within PowerShell. The ‘LastFailure’ entry I mentioned earlier, for example, is in fact an entry in the XML.

So, can we extract some actual info from these bad items from the report? We can. The encountered failures are located in the actual report, in the failures section.

Again, I obfuscated the folder name in this screenshot. This is just a part of the output from the above command, all encountered errors will be listed in the output.

So, let’s see if we can find some common denominator in these errors. I’d like to see all errors, but just a few properties for each error.

Because there is no index number for the entries, I add one manually. That way, I can always look up a specific error by referencing the number. As arrays start to count at zero, I do the same for my index number. For each error in the file, I then select the given index number, the timestamp, failuretype and the error message. At the end, I increase the index number with one, so the next error will have a correct index.

For the mailbox in our  example, this gives the following output:

So there you have it: it seems the mailbox has some items that probably have access rights mapped to an non-existing user. Of course, we can check this from the Exchange Management Shell. In this case, some of the errors referenced items in a subfolder of the ‘verwijderde items’ folder, which is Dutch for ‘Deleted Items’. So, i’ll get the folder permissions for this folder.

And indeed it does show a lot of non-existing, previously deleted, users.

So in this case, I can resolve the issue by removing the legacy permissions and restarting the job. You can also decide, after reviewing the report, to restart the job with the ‘BadItemLimit’ paramater increased to a number high enough the not cause the move request to fail, because these errors indicate that although the permissions will not be migrated, the items itself will be copied to Exchange Online so no data will be lost.

In conclusion, you can see why I prefer to review the errors in an Exchange hybrid migration using the export-clixml cmdlet. It is a much more convenient way to navigate around all errors and get a complete view of the issues.

Teams guest access: user experience

Recently, a long awaited feature in MS Teams was released: access for guests from outside your tenant. But how does this work? I took it for a test drive 🙂

I started off by logging in to MS Teams on my 365dude.nl tenant.

From here, I tried adding my business account as a guest to the team. Unfortunately, that account was not recognized, so I can’t add it to the team.

I decided to go to the Azure AD control panel, to add the account from there.

 

 

After doing so, I receive an email on my business account to welcome me as a guest to the tenant.

After completing the invite, I am able to invite my business account to my tenant as a guest from within the Teams application. For example. I can @-mention the account just like I would with internal users.

When I start the Teams app and login using my business  account, I see both tenants and can switch between the two.

After switching, I can use the tenant just like I would as a normal user, for example be viewing contact information or replying to messages.

As a final test, a few days later I decided to add someone who was not previously known as a guest in my tenant. This time, probably due to an update of the Teams application, I could just type the e-mail address and add the guest that way. No need to revert back to the Azure AD portal!

So there you go. Adding guests to your MS Team to improve collaboration is easy as that! If you feel the need to make de display names of your guests a little more appealing, you can do so by simply editing the guest user object in the Azure AD Portal.

Update to the 365Tools PowerShell Module

Earlier this week, I decided to add a new function to the 365Tools PowerShell module.

This Get-MSOLIPRanges function prompts you to select one or more Office 365 Products, and then provides you with the IP Ranges used by this product, so you can whitelist these addresses in your firewall if you need to do so.

It started off as a quick write-up, but thanks to the help of Robert (Twitter) the code was cleaned up and is ready for you to use.

You can find the 365Tools module on the PowerShell gallery, so you can simply install it by running Install-Module 365Tools. The entire code for the module can be found on GitHub.

 

Dupsug Basics – Part Deux

Op 19 september 2017 organiseert de Dutch Powershell User Group weer een ‘DuPSUG Basics’ event. Op 22 maart vorig jaar was de eerste keer dat er zo’n dag georganiseerd werd. Deze zeer goed bezochte editie smaakte waarschijnlijk naar meer, want er wordt nog regelmatig gevraagd wanneer de tweede editie gehouden wordt. Op Prinsjesdag, dus!

In totaal zijn er op deze dag 7 sessies van zeven verschillende sprekers (waaronder twee MVP’s) over uiteenlopende onderwerpen, zoals SQL en Office 365. Ikzelf zal de sessie ‘Powershell for Office 365 Administrators’ verzorgen. Het volledige tijdschema is als volgt:

Tijdstip Spreker Onderwerp
9:00 Welkom.
9:15 – 10:30 Mark van de Waarsenburg Powershell basis.
10:30 – 10:40 Koffie
10:40 – 11:25 Erik Heeres Powershell Remoting.
11:30 – 12:15 Jaap Brasser [MVP] Manage your infrastructure with PowerShell.
12:15 – 13:15 Lunch
13:15 – 14:00 Robert Prust Improving your scripts.
14:00 – 14:45 Sander Stad DBAtools – PowerShell and SQL Server Working Together.
14:45 – 15:00 koffie
15:20 – 16:05 Ralph Eckhard Powershell for Office 365 Administrators.
16:10 – 16:45 Jeff Wouters [MVP] Tips and tricks.

Meer info, of (gratis!) kaarten bestellen? Ga naar http://dupsug.com/2017/07/14/dupsug-presents-dupsug-basics-part-deux/. Wees snel, want er zijn niet veel kaarten meer beschikbaar!