O-Xchange Notes from the Field!

Monday, September 30, 2013

Error moving mailbox from Office 365

In a hybrid environment, trying to move user from Cloud to Onprem and got this error

Cannot find a recipient that has mailbox GUID <many numbers>

Please reference this article for the solution:

Thursday, September 19, 2013

Remove role entry from a role--RBAC

​Remove role entry from a role--RBAC

For eg, to remove set-casmailbox role entry from mail recipient role, you can follow these steps:
scenario: user wants to remove set-casmailbox role entry  from mail recipient role associated to a rolegroup called airwatch which has org client access, recipient policies and mail recipient roles

1. step 1
New-ManagementRole -name "Airwatch-Mail-Recipient-No-CASMailbox" -Parent "Mail Recipients"

2. Step 2
Get-ManagementRoleEntry "Airwatch-Mail-Recipient-No-Casmailbox\*" | ?{$_.name -like "set-casmai
lbox"} | remove-managementroleentry -confirm:$false

3. Step 3
Add the new management role to existing role group. you can use the console to do this

Monday, September 9, 2013

Outlook web app is out of date

Issue: you try to login with office 365 homed mailbox, from the on-prem login url and you get the error " your OWA is out of date"

Resolution: Check the remote mailbox properties and ensure target address is set with the correct address. You can also use powershell to fix by typing

set-remotemailbox -id test -remoteroutingaddress test@o365test.onmicrosoft.com

the alias must be an onmicrosoft.com alias​

Assign specific role to a new security group

Issue/Task: Assign send-as permission to a set of junior admins

Follow the 4 steps below to set this up:
step 1: Create security group in AD
 
Step 2:Create New mgmt role
 
New-ManagementRole "Assign-SendAs" -Parent "Active Directory Permissions"
Note:you can remove the roles you don't want by using this command: remove-managementroleentry
 
step 3: create new role group
New-RoleGroup -Name 'Exch-Assign-SendAs'
 
step 4: Assign management role created in step 2 to the management role group created in step 3
 
Note: make sure to add the admins to the security group created in step 1 and test