Friday, October 04, 2013

Automatic Site Coverage in Active Directory Domain Services - John Policelli's Blog

We have a number of locations without a domain controller.  For these locations we just grouped their IP addresses into the same site as the Hub site and pointed their local DNS to that Hub Site.

After doing some more research this is clearly not best practice for either AD or DFSR.  The following article gives an excellent workflow of how a DC works out whether to act for a site.  In order for this calculation to work you should have the sites without DC's added with their IP ranges and IP Site connectors setup with relevant weighting metrics to specify which is the preferred AD site to use for logins.

Automatic Site Coverage in Active Directory Domain Services - John Policelli's Blog:

Sunday, September 29, 2013

Ahsay OBS getting stuck on reindexing

Our backup store filled up whilst a backup was running.  Its since been enlarged, however OBS kept getting stuck either on an XML error, or running extremely slowly.

The artlicle below show how do delete the index.bdb files from the backup server and then use the OBS Server admin web management page to rebuild (File Validate) the index.  It seemed to work for us.

Ahsay Discussion Forum :: View topic - Issue when upgrading AhsayOBS to version 5.5.3.x:

Thursday, September 26, 2013

Windows Server 2012: Does ReFS replace NTFS? When should I use it? -

Having a lot of problems with DFSR between 2008R2 and 2012 windows machines, I was migrating to new Windows 2012 servers and tripped over this new files system type called ReFS which replaces NTFS.

The article link at the end of this post gives an excellent summary of all of its advantages and issues and like most MS new products it doesn't seem quite complete yet - such as lacking data de-duplication and not being able to run it on your system boot drive.

It looks like it is suitable for DFSR as it "Preserves & Enforces ACL's" but needs further testing...Ive found other articles which suggest just using ReFS for Archiving Big Data - but why would Microsoft build a new file system just for archiving ?  ReFS support was included in Windows 8.1 betas but seems to have been pulled for the 8.1 release and is rumored to ship with Windows 9

Note:  to see what features a drive supports run fsutil fsinfo volumeinfo

Volume Name : Files
Volume Serial Number : 0x523a488d
Max Component Length : 255
File System Name : ReFS
Is ReadWrite
Supports Case-sensitive filenames
Preserves Case of filenames
Supports Unicode in filenames
Preserves & Enforces ACL's
Supports Sparse files
Supports Reparse Points
Supports Open By FileID
Supports USN Journal

Windows Server 2012: Does ReFS replace NTFS? When should I use it? - Ask Premier Field Engineering (PFE) Platforms - Site Home - TechNet Blogs: "Hard Links "

Sunday, September 22, 2013

JDiskReport for Mac gives TreeSize Pro for PC similar functionality

For the PC I really like Jam Softwares TreeSize Pro which gives a report on how the hard drives are being used for space.

I have converted from PC to a MacBook and am a bit lost with Finder.  My hard disk is nearly full and I found the following program to show me where the disk has gone. JDiskReport Downloads | JGoodies:

'via Blog this'

Sunday, August 11, 2013

Sharepoint prompting credentials for Explorer mapped drives

I have lived with the sharepoint explorer link prompting for many years, but found the solution below.  Oh joy.....

Windows 7 | The SharePoint Project: "1.   Click Start, type REGEDIT in the Start Search box, and then press ENTER.

2.   Locate and then click the following registry subkey:


make sire the sites you add start with http://  ie http://your sharepoint site.
Other blogs say you have to put the entries in twice.

Then goto services and restart the web client service.

Hey presto - it works.... (or at least should... and did for me)

Wednesday, May 29, 2013

Mimecast outbound connector on new Office 365 portal

Microsoft have changed their interface for Office 365 admin and the Mimecast details have not been updated

Firstly logon to the Office 365 EAC by typing in where XXXX is your OWA pod number for Office 365.

Click on mailflow and then Connectors from the mid top menu.

  • Add a new Outbound connector and give it a name
  • Tick Connector type Partner
  • Use Opportunistic TLS
  • Click on Route mail through smart hosts
  • Enter the smart hosts according to the Mimecast MTA documentation here
  • Leave the scope unchecked 
  • Add the outbound domains you want tho apply to this connector
That should be it for outbound....Test an external email straight away to check all is well.

For more info see

Tuesday, May 28, 2013

office 365 - Exchange admin path

Microsoft have hidden the Exchange admin tasks from the main admin screen which is bizarre.  You can find it again by adding /ecp to the end of your outlook owa path as below.  Replace xxxx with your OWA pod number.

Wednesday, March 20, 2013

Sharepoint 2010 Hide “All Site Content”

Not blogged for a while..., however back to SharePoint and I wanted to hide the All Site Content shortcuts for read only users.  This keeps things tidy rather than securing areas.

This link is a very concise note on how to hide the "All Site Content" shortcut

Also to hide the Search bar - update the Master Page v4.Master and add the style below in red.

….class="s4-search s4-rp " style="display:none"

Friday, January 04, 2013

Set Up an Office 365 Shared Mailbox

Microsoft have a training video on the right way to setup an office 365 mailbox here

Altnerate reference here: Set Up a Shared Mailbox

Outlook folder Automapping

If you assign permissions to a an exchange user or folder using Powershell to a folder you can define if that Folder should be automatically displayed (or auto-mapped) when Outlook next starts.  . If a user is granted Full Access permissions to another user's mailbox or to a shared mailbox, Outlook, through Autodiscover, automatically loads all mailboxes to which the user has full access. This parameter accepts $true or $false values.


Add-MailboxPermission -Identity JeroenC -User 'Mark Steele' -AccessRights FullAccess -InheritanceType All -AutoMapping $false
Source article

Office 365 script for giving (or recinding) send-as permissions

$mailbox = get-mailbox $mailboxname
#Give user full mailbox rights
Add-MailboxPermission -Identity $mailbox -User $user -AccessRights 'FullAccess'
#Give user send-as rights to mailbox
Add-ADPermission -Identity $mailbox.DisplayName -User $user -ExtendedRights 'Send-as'

$mailbox = get-mailbox $mailboxname
#Remove user full mailbox rights
Remove-MailboxPermission -Identity $mailbox -User $user -AccessRights 'FullAccess'
#Remove user send-as rights to mailbox
Remove-ADPermission -Identity $mailbox.DistinguishedName -User $user -ExtendedRights 'Send-as'

Article source here 

Office 365 mailbox and folder permissions (with powershell)

The number of e-mail folder and mailbox permissions possible with Office 365 can be very confusing...  Below are some powershell tips on how to display the permissions followed by some tips on how to add permissions.

Viewing permissions

Using a Powershell linked session (see this post for more info) you can retrieve the permissions set at one of the following three possible hierarchical levels:

a)  Mailbox level
  b) Mailbox Top of Information Store level
    c) A Mailbox Folder level

The above hierarchical levels are hereditary by default, however can be overridden by a specific permission set at a lower level or by using a variant of the switch -InheritanceType (None | All | Descendents | SelfAndChildren | Children )

For level (a - Mailbox) use the PS > get-mailbox | get-mailboxpermission
(add | fl at the end of the command to get a formatted output)
To filter for a particular user  
PS > get-mailboxPermission -Identity | fl

For level (b - Mailbox Top Level) use the PS > get-mailbox | get-mailboxFolderPermission

To filter for a particular user  
PS > get-mailboxFolderPermission -Identity | fl

For level (c - Mailbox Folder Level) add :<\foldername> to the end of the indentity
PS > get-mailboxFolderPermission -Identity\inbox | fl

Setting permissions - in powershell

a) Adding a Top folder level permission on a mailbox for a user "mysec"
PS > Add-MailboxPermission "" -User "mysec" -AccessRights ReadPermission

b) Adding a Top folder level permission on a mailbox for a user "mysec"
PS > Add-MailboxfolderPermission "" -User "mysec" -AccessRights Reviewer

c) Adding a folder level permission on a mailbox for a user "mysec"
PS > Add-MailboxfolderPermission "\inbox" -User "mysec" -AccessRights PublishingEditor

Setting permissions - in Outlook

You can set permission for a users mailbox Top Level Folder (b) or Specific Level Folder (c) from a connected Outlook client.

(b) right click on the account name and choose Folder Permissions 

(c) right click on the folder name and choose Properties.  Then click on Permissions and set them there.