Tuesday, August 14, 2018

What can OneDrive, Synch and SharePoint File Libraries offer Business?


I do a lot of reading on the Microsoft tech boards and I find the information that Microsoft provides around OneDrive to be both confusing and lacking in detail. I wrote this post as a means of clearing up some of the confusion.  

So, here's my interpretation and opinions on what OneDrive and File Libraries in SharePoint (via a proper Office 365 E3 or E5 subscription) can offer;

The Sync Client isn't all that Important

SharePoint file libraries can replace all of your networked drive needs and these facilities have come a long way in the last few years.

In fact, for the most part, SharePoint has finally eclipsed the need for the OneDrive Sync client. 

There's a few minor exceptions to this rule.

  • You still can't easily "link" files, so if you have an excel file which updates its data from other excel files, it a real pain to add and install those connections -- and it's much easier if you have a local synced connection.
  • Saving files in Office applications, Word, Excel, PowerPoint etc now works very well with pure SharePoint  (finally... after the July 2018 updates). Unfortunately, the same ease of use does not apply with non-Microsoft products, such as NitroPDF, PhotoShop, or any of the other programs that use the old style windows dialog boxes. You'll need local sync if you plan to use these too.
  • If you're often travelling and will need to work in places without an internet connection, then you're going to need your file available locally. For that you'll need OneDrive Sync.
  • My personal favourite reason for using the OneDrive sync application is to sync only the corporate templates folders (and point your local Word's Workplace Templates folder to the synced folder)
If, on the other hand, all of your work is in Office and/or the web browser and if you're only working in places where there's an internet connection then you can safely forget OneDrive file sync.


It's All About SharePoint

Having your files stored in SharePoint will allow you to access them via any PC, Mac, tablet or phone anywhere in the world without the need for dedicated security infrastructure such as a VPN.

Having your files there will also ensure that they are version controlled. This means that you can restore old versions of them if you overwrite or delete them -- up to about 90 days.  If you need longer, you'll have to invest in backup solution like Veem, StorageCraft or Veritas.

Internal and External sharing and Security can be achieved by storing your files in different SharePoint "sites" or in separate File libraries in a single SharePoint site, depending on how you set things up.

Essentially SharePoint's file library replaces all of your old-style network drives.

The OneDrive Sync Application

The OneDrive Sync Application will allow you to synchronise data between SharePoint File libraries and your computer.  This is important if you need to access and modify files on the go without an internet connection.  It's also a useful thing if you want to do local backups. 

Changes made to local OneDrive files will sync to the relevant SharePoint sites and to all other synched versions of the site (ie: to other people's synched copies on their own computers).  Deletes are also synched meaning that if someone deletes their synched files their own computer, it will delete them off the network and off all other computers. 

This makes the OneDrive sync application a bit of a liability -- and increases the importance of locking users out of the system once they leave employment. 

You can still restore files but prevention is better than a cure.

Until very recently (late July 2018), you really needed to sync your files because saving directly from Word to SharePoint was ridiculously difficult.  It's now changed and it's very easy, so the need for local OneDrive sync is drastically reduced.

Saving to SharePoint in Excel - Finding libraries has never been easier.

In my opinion, it's recommended that you don't sync if you can help it as sync provides malware (and accidents) with an easier path to data on your server.

The OneDrive Folder 

Not to be confused with the similarly named sync application, the OneDrive folder is actually for personal storage. If you have a home account like hotmail or outlook.com, you'll already have a personal OneDrive that you can use. 

If you're in a business with an Office 365 account, you'll also have a business-personal OneDrive. In the business, this is like your home drive on a network.  Nobody else can see it and it's a great place to store things that you're working on but aren't ready to release yet,

You can randomly share things out to other people from your home drive, so you have more flexibility than the old home drive concept.  Depending upon your organisation's settings, you can also share files and folders outside of your business making the security on your personal OneDrive much more flexible than a SharePoint document library.

Of course, just because you can, it doesn't mean that you should. Don't be tempted to use your OneDrive in place of your main business folders. SharePoint is a much better bet. 


Wednesday, August 01, 2018

How to Get the Members of an Office 365 Group via PowerShell

If you have a few big groups, you'll probably be asked to provide a list of their members on occasion. Like Notes, if you don't have a CRM on the front of your system, it's hard to get a list of group members that includes anything apart from their name... unless of course, you use PowerShell.

Note: If you're copying and pasting from this blog entry, it's worth pasting into notepad so that you can rejoin any lines before pasting into PowerShell. I only give you one command at a time, so it should all be on one line.

The Procedure

Start PowerShell (in Administrator Mode) and connect to Office 365

Set-ExecutionPolicy RemoteSigned

(and press Y )

$UserCredential = Get-Credential

Enter your email address and password.

If you're using 2 Factor Authentication...

You'll need to open the Microsoft Exchange Online Powershell Module which should be on your desktop if you've followed the instructions (see this post).

Enter the following command (changing the email address to be your own)

Connect-EXOPSSession -UserPrincipalName myemail@mydomain.com -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Authentication Basic -AllowRedirection

then...

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

then

Import-PSSession $Session

I got a lot error text at this point (WARNING: Proxy creation has been skipped for the following command -- followed by a large list of yellow commands). I think you can get around this by entering a session instead of importing it but my PowerShell experience doesn't really stretch that far -- and the command works in any case, so there's no need. (yet).

Make a note of your group's email address: mygroupemail@mydomain.com
and the path to a CSV file where you want to save the output. C:\temp\MemberList.csv

You'll want to change both of those bits in the next command.

Get-DistributionGroupMember -Identity "mygroupemail@mydomain.com" | Export-csv C:\temp\MemberList.csv -NoTypeInformation

Cleaning up afterwards

Exit the session...
Exit-PSSession

and then remove it. 
Remove-PSSession $Session

and then exit the PowerShell window.
Exit 

Looking at the Output

The output of your command will be a CSV file that you can open in Excel. At first glance, it's probably not going to look very nice. It's got columns from A-DH but they're mostly empty. Here's how to clean it up, obviously the columns are subject to change whenever Microsoft feels like it but it's probably worth creating a Macro for. 

  • Remove Columns A-C
  • Keep Column D and E (Identity and Alias)
  • Remove Columns F-G
  • Keep Column H (City)
  • Remove Column I
  • Keep Column J-L (Company,  Country and Postcode)
  • Remove Columns M-AP
  • Keep Column AQ (First Name)
  • Remove Columns AR-AS
  • Keep Column AT (Last Name)
  • Remove Columns AU-BC
  • Keep Column BD (Phone)
  • Remove Columns BE-BF
  • Keep Column BG (Email)
  • Remove Columns BH-BL 
  • Keep Column BM (State)
  • Remove Column BN
  • Keep Column BO (Position Title)
  • Remove Columns BP-CX
  • Optionally keep Columns CY-CZ (Create and Modify Dates)
  • Remove Columns DA-DH

The result should be a usable spreadsheet. 

Tuesday, July 31, 2018

If you use Multi-Factor Authentication, you need another Module to connect PowerShell

Last week, following best practice guidelines, we switched to Multi-Factor Authentication. While it was a little painful at first, it's working well now for our admin team. I'm not sure if or when we'll push this out to our users. It might be too difficult for them.

(in fact, personally, I think that Google's token system might be far easier)


In any case, as it turns out, we can't login to PowerShell now that MFA is running.

A little searching provided the answer. We had to install an extension for PowerShell.  The process is already very well documented, so I won't go over here except to add one observation;


  • You must install it via Edge (or possibly IE) -- it won't install via Chrome. 

Updating Contact Information in Office 365 from CSV via PowerShell

Some time ago, we did an export of our Domino contacts into the Office 365 address book. It was mostly successful and we got the users and their email addresses but missed a lot of detail on the phone numbers, company names and fax numbers. 

At the time it didn't matter but recently we reached a point where we needed this information to be present. 

The process was much fiddlier than it should have been, so here's how we did it.

Exporting out of Domino

This was easy, literally a five minute job for about 5000+ contacts. Domino has menu options to export as CSV, so I won't go into detail here.

The end result is that you should have a CSV file that looks something like this;

ExternalEmailAddress,FirstName,LastName,Name,Title,Company,Phone,MobilePhone,Fax,StreetAddress,City,StateorProvince,PostalCode,CountryOrRegion
atano@clonewars.com,Ashoka,Tano,Ashoka Tano,,Cartoon Network,08 8988 9889,,,,,,,
ynotfar@dagpbah.com,Yoda,Not Far,Yoda Not Far,Jedi Master,Food of this Kind Ltd,,,,GPO Box 1234,Dagobah,,1556,Dagobah System
pkoon@jeditemple.com,Plo,Koon,Plo Koon,Jedi Master,Plo's Mask Emporium,03 5468 4889,0417 650 456,03 5406 8790,"Jedi Temple, Suite 66",Coruscant,COR,1234,Central Systems
spalpatine@dualidentities.com,Sheev,Palpatine,Sheev Palpatine,Chancellor,Always Two Limited,02 1264 5640,0442 548 987,02 8987 9802,"Red Suite, Level 4000",Coruscant,,,Central Systems

Ideally, you'll be able to paste that test data into notepad, save as CSV and have a working template but just in case you can't, it's essentially 14 fields;



  • ExternalEmailAddress
  • FirstName
  • LastName
  • Name
  • Title
  • Company
  • Phone
  • MobilePhone
  • Fax
  • StreetAddress
  • City
  • StateorProvince
  • PostalCode
  • CountryOrRegion



PowerShell

From here, you start PowerShell (in Administrator Mode) and connect to Office 365

Set-ExecutionPolicy RemoteSigned

$UserCredential = Get-Credential

You'll be prompted to sign in with an Office 365 ID that has global admin rights.

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection

Import-PSSession $Session

In this next step, we're presuming that your CSV file is saved as C:\temp\AllPeople.csv.  If you saved it elsewhere or under a different name, you'll need to update that line.

$Contacts = Import-CSV C:\temp\AllPeople.csv

The next section says which fields to import. We discovered that there were a lot of problems with this statement. 

  • If you include fields which aren't in your CSV, then no fields get imported. 
  • If ONE field breaks the rules (eg: a company with a length of over 64 characters, then that will eventually halt the processing of the entire input file). In our case, I used Excel to return Left(CompanyName, 62) where Len(CompanyName) > 62.  It fixed a big problem. 


$contacts | ForEach {Set-Contact $_.Name -StreetAddress $_.StreetAddress -City $_.City -StateorProvince $_.StateorProvince -PostalCode $_.PostalCode -Phone $_.Phone -MobilePhone $_.MobilePhone -Company $_.Company -Title $_.Title -Fax $_.Fax}

You should still expect quite a few errors when running this command as names which don't match perfectly from one system to another, particularly those with accent characters, will most likely fail.

As usual, you'll want to finish up with;

Remove-PSSession $Session
To clear any variables out 

and 
Exit
to close the Powershell window. 

You should be able to see the results in Office 365 immediately. 

Tuesday, May 01, 2018

How to Change the Domain of an Office 365 Group

It's not an unfamiliar scenario with all of the rebranding that's happening these days. Your Office365 group has the wrong mail domain and now you want to change it.

It's the kind of thing that you'd expect to be able to change via the admin portal. After all, there's a neat little domain selector box on the page.

Alas, that's not how Office 365 groups work.

You need PowerShell for that one.

PowerShell to the Rescue

PowerShell, the interface you have when you don't have an interface... 

Here's how to change the domain on your group.

Run PowerShell as an Administrator and type the following commands;


  1. Set-ExecutionPolicy RemoteSigned
  2. $UserCredential = Get-Credential
  3. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
  4. Set-UnifiedGroup -Identity "Group English Name" -PrimarySmtpAddress "GroupNewEmailAddress"

    Where Group English Name is the English Name of the Group (ie: not the email address
    and
    GroupNewEmailAddress is the new email address that you want the group to have
  5. Remove-PSSession $Session
  6. Exit


A Walkthrough

The commands that you are expected to type appear below in boldface;

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

PS C:\WINDOWS\system32> Set-ExecutionPolicy RemoteSigned

Execution Policy Change
The execution policy helps protect you from scripts that you do not trust. Changing the execution policy might expose you to the security risks described in the about_Execution_Policies help topic at https:/go.microsoft.com/fwlink/?LinkID=135170. Do you want to change the execution policy? [Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"): y

PS C:\WINDOWS\system32> $UserCredential = Get-Credential

cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
Credential

PS C:\WINDOWS\system32> $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection


PS C:\WINDOWS\system32> Import-PSSession $Session

WARNING: The names of some imported commands from the module 'tmp_vwnpqgxq.qak' include unapproved verbs that might make them less discoverable. To find the commands with unapproved verbs, run the Import-Module command again with the Verbose parameter. For a list of approved verbs, type Get-Verb.

ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Script     1.0        tmp_vwnpqgxq.qak                    {Add-AvailabilityAddressSpace, Add-DistributionGroupMember...


PS C:\WINDOWS\system32> Set-UnifiedGroup -Identity "All Staff" -PrimarySmtpAddress "AllStaff@newdomain.com"

PS C:\WINDOWS\system32> Remove-PSSession $Session

PS C:\WINDOWS\system32> Exit

Sunday, March 11, 2018

It's Easy to Send Attachments from SharePoint - Here's How.



Attaching files from SharePoint has gotten a little easier of late. I'm not quite sure when the changes happened but they're very welcome.  

The new functionality is available in the outlook client and outlook web access. It's available for most SharePoint groups right now, with SharePoint groups created via Yammer following at the end of May 2018.

Attachments in the Outlook Client

Use the following steps to attach a file via the Outlook client;

  1. Create a new Email
  2. On the Message Tab, click Attach,
  3. Below the list of recent documents, click Browse Web Locations
  4. When this expands to show a list, choose Group Files
  5. You should see your SharePoint libraries appear in a list.
There's a few reasons why you might not see all of your libraries. 
  • If this is the first time that you're using this feature, or if you're using a new installation of Outlook, it may take a while (up to 20 minutes) to fully populate the list of sites. You don't have to wait there with the list open, just come back in 20 minutes and try again.
  • If your SharePoint group was originally created from Yammer, it's not supported (yet). This is coming at the end of May 2018.
  • You may have too many groups to display. If so, you can expand the list by scrolling or by dragging the three dots at the very bottom of the menu option. 
Click on this to see a larger version.
Once you've selected your file, you'll be prompted to choose whether you want to attach it as a copy or share it as a OneDrive link. 


Bear in mind that the file will obey the security rules of the original SharePoint library, so if your library isn't available to outside parties, they won't be able to access the file.

Attachments in Outlook Web Access (OWA)

These days, I spend very little time in the outlook client (in fact, usually only when I'm troubleshooting for someone else). OWA is good enough to compete, and in many better, than the outlook client. 



Getting to cloud locations is much easier in OWA,

  1. In a new Email, click Attach
  2. Select Cloud Locations
  3. A large dialog box will appear showing you a number of different options. 
  4. Click on Group Files to see the SharePoint libraries.
  5. From there, you can click and browse your way to your attachment.



The OWA interface is quite slick but there's one significant omission for now...
While you can get to the default (Shared Documents) document library of any SharePoint site, I can't seem to find a way to get to any other libraries you've created.  

The feature is available in the outlook app however, so it's only a matter of time before it's implemented in the cloud. In the meantime, it's not a major issue because the full libraries are accessible via OneDrive in the Cloud and via SharePoint in the Cloud. 



Once you've selected a file in the outlook app, it's attached automatically as a link. This is essentially the same as choosing "Share as OneDrive Link" in the application. If your external party is unlikely to have access to the file (or if you want to protect your original file), you might want to send a copy instead.

To do this, simply click on the drop down arrow to the right of the attachment and choose "attach as a copy".



The Outlook App (iOS and Android*)

* All screen shots here are from Android... iOS may differ slightly. 

If you're using outlook on a mobile device, you have easy access to SharePoint libraries too.  You'll need to be using the official Microsoft apps though; OneDrive, SharePoint and Outlook (not the mail application that came with your phone).

Right now you can browse through your recent attachments in outlook but you don't have full access to SharePoint libraries directly from the mail app.  I'm sure that's coming soon. In the meantime, you still have full access via OneDrive. 

To access the full libraries on mobile devices;


  1. Open your OneDrive App
  2. Touch Sites (at the bottom of the screen)
  3. Choose your library
  4. Browse until you find your file.
  5. Open your file.
  6. Press the SHARE icon (it's the sideways triangle with balls).
  7. You have an option for outlook on the first share screen but if you choose this, it will paste a link to the live file in the outlook app.  This is fine if the person is an internal staff member or if they have access to that particular SharePoint library but if not...
  8. You should touch "Send Files'
  9. Then choose outlook on the next screen. This will give you an attachment. 



That's all there is to it. 





Thursday, January 04, 2018

Archiving Mailboxes in the Office 365 World

In the Domino world, we used to just change the access controls on NSFs and copy or replicate them directly from the server to a PC but since we've moved to Outlook, and specifically  to Office 365, getting those mail files from the cloud has been an increasingly difficult business. 

To be fair, this was difficult under IBM as well, once we moved into the Verse cloud. 

Your Current Procedures aren't Working

When I first started trying to get backups of files, I had a lot of people tell me how easy it was. I followed their advice -- and yes, it was easy.  After all, there's a menu option inside outlook that lets you export directly to a PST file.

It was too easy. I was suspicious though. Suspicious that a person with a 10 year occupation could have a mail file that was a mere 400 MB. I looked into it and sure enough, the outlook method only gives you a recent subset of your data.

If you've been backing up PSTs from the cloud using outlook, you're missing a lot of data. 


Does the Problem Need Solving?

Before I go into the details of how to solve this problem, it's worth mentioning that there is another workaround that might be more suitable. I'm talking about Shared Mailboxes.

In Office 365, you can convert a user's mailbox to a shared mailbox and allow other people to access it. The downside of this is that you no longer have a perfect legal representation of that mailbox as it was when the user left (as new users could potentially edit, delete and add to it).  The good news is that shared mailboxes don't consume office licences though unfortunately, you can't delete the original users from your active directory. They're still required to be present for the mailbox.

In our case,  we keep a copy of all mail files in PST format for our records - and we use shared mailboxes only when necessary to provide access when someone critical has left. Shared mailboxes of previous employees should generally be a fairly temporary thing. 


How to Archive to PST

The PST archiving process is a little convoluted but it's accurate as it gets the mail file information from eDiscovery. Once you have your PST, and you've tested it of course, you can delete the user (or convert the mailbox to a shared mailbox).

So, without further ado, here's the instructions via slideshare.

Tuesday, December 19, 2017

The Year in Review (2017)

It's just over 12 months since we made our first forays into the Office 365 space and I'm convinced that we made the right call at the right time.  Any earlier and it would have been wrong because SharePoint hadn't gained traction and OWA was undeveloped. Any later and we'd have lost our unique position.as innovators in this space. 

It hasn't all been smooth sailing and many of our legacy systems are still on IBM Domino. The approach to migration was rushed and flawed but I'm looking forward to 2018 when the dust settles and we can begin to move forward in a more orderly manner. 

All things considered though, I'm proud to have been part of the technological achievements of the year which included a complete revamp of the hardware and software in the office; including the replacement of all desktops with Microsoft Surfaces and Apple MacBooks, the replacement of our meeting room systems with Microsoft's Surface Hub technology, an office move, a rebranding, web site replacement, some major business milestones, server data centre migrations, change of file storage system and a move from Domino to SharePoint development.

There's a lot of insight that has come out of these changes which I'd like to share but that's next year. Right now, I want to focus on my perception the global office technology trends.

IBM Domino and Microsoft SharePoint

It's been an incredible year for both IBM and Microsoft. On the one hand, I was sad to be leaving the IBM Domino world after more than two decades.  I still use Notes on an almost daily basis - and that's not expected to end for a while yet - but over the past few months I've spent about 80% of my time on SharePoint and only 20% on Notes/Domino.

At the beginning of the year, it was clear that IBM Connections outranked Microsoft SharePoint as a collaboration platform in nearly every way. I'd noticed movement on the SharePoint front though and I knew that IBM's unchallenged time in that space was almost over.  IBM Connections still offers a lot of great features that I hope SharePoint will eventually acquire but the work that has been put into SharePoint over the last six months has put it firmly in the lead in the collaboration space.

IBM is prospering under Ginny Rometty's leadership which has improved drastically in the last twelve months but the welcome decision to extend the life of Domino indefinitely came far too late and well after the mixed-messages of "end of life".

This isn't the first time that IBM has mishandled communications in the Domino space and their marketing team really need to work on their messages. 

It's great to know that Domino will still be around and that it's made the transition to cloud services but IBM's future clearly lies within the services layer - and in particular, around Watson's AI services. 


Office 365 and the Web-Centric World

Microsoft Office 365 came of age this year and the company finally realised their dream of having a viable subscription-based service.  This guarantees funding for future versions of office while still engaging a service "lock-in", thanks to the file storage capabilities of SharePoint and OneDrive. At this point, Microsoft seems to be "out-googling" Google in the web services space.

A lot of this comes down to leadership. Had Steve Ballmer continued as CEO at Microsoft, the company would have remained "windows-centric" and posed much less of a threat. The vision of  Satya Nadella however is completely different and embraces the diversity of Operating Systems.

For me, this was most apparent when I was teaching SharePoint in a room full of people and the Mac users suddenly realised that the browser based systems levelled everything. The underlying system stops mattering when the OS is the browser.  This is something that Google demonstrated back in 2011 when they launched the first ChromeBooks.


I'm excited for the future of Office 365 and the continuing addition and upgrading of tools, such as the Wunderlist ported To-Do app, Microsoft Forms, SharePoint pages and the continually evolving "PowerApps". 


The Hardware Space

In the hardware space, the Windows SurfaceBooks have been fairly impressive although they've clearly had their share of quirks. In particular, Microsoft's port replicators misbehaves incredibly. The Surface Hubs are brilliant with their main fault being a complete lack of Apple support. We ended up having to attach an Apple TV to them because although other options exist, they were too complicated for our users. 

Samsung's S8 mobiles were a highlight this year and they more or less single-handedly restored faith in the Samsung brand. The Google mobiles sounded great but with the early signs  of stumbling in the Pixel 2, they obviously need a little work.  

The Decline of Apple

Much like IBM, the decline of Apple is often predicted but never actually happens. What happens instead is that they go through periods of innovation and exnovation. In case you're unfamiliar with the term;

"In commerce and management, exnovation, an opposite of innovation, can occur when products and processes that have been tested and confirmed to be best-in-class are standardized to ensure that they are not innovated further." -Wikipedia

This is exactly what IBM tried to do with Notes last year and it's what Apple has been doing with their products of late. The last couple of iPhones haven't been very revolutionary and the less said about the MacBooks, the better.


All in all, it's been an interesting year for office technology and I've learned a lot.  Hopefully next year will be a little less frantic and I'll be better positioned to explain how to make the best use of some of this technology. Stay Tuned and have a great end of year.

Tuesday, October 31, 2017

How to Duplicate the Mircrosoft Surface Hub's Screen on another Hub

So, you've got yourself a few Surface Hubs and now you're having a big meeting. Big enough to need to use both hubs together.

So... how do you do it?

The Problem

In our case, we have two meeting rooms, each with a Microsoft Surface hub on the wall.  The rooms have a removable partition which enables it to be opened up into a large board room. Unfortunately, when this happens, the meeting participants can't always see the "master screen". 

The ideal solution to this would be to have the display of the master screen duplicated on a "slave screen".  The diagram below illustrates this need.



Two Methods

There are two ways in which the screen can be duplicated.  Method 1 involves skype. It's fairly easy to set up and requires no cabling. Unfortunately, because of generally slow internet speeds, it doesn't cope with high motion slideshows -- and it certainly doesn't cope with video.

The other method involves cables.

In this post, I want to cover off both methods. I'll be referring to the hubs as the "source", which displays the images and the "target" which receives the images from the source.

The Skype Method

The skype method is really simple.

  1. Go to the target hub and turn off the volume. 
  2. You should also turn off the microphone (these first two steps are important because they prevent the microphone from going into a feedback loop -- ie: a squeal sound).
  3. On the source hub, invite the target to your skype meeting.
  4. On the target hub, join the meeting.
  5. On the source push "Present Screen" near the top of the screen. 
  6. On the target hub, maximise the screen.

You will now be able to present on the source hub and have it display on the target.  For extra points, you could optionally include a laptop and share the screen to both hubs from there.

Bear in mind that while this method works, it can be a little slow to change slides and it's terrible with animation and video.

The Cable Method

To use the cable method, you need to obtain a  DisplayPort to DisplayPort cable. The Microsoft specficiations suggest that 3 metres is the maximum length but you should be able to get it to about 5 meters without too much trouble if you use a quality cable.

In the diagram below, the red marks the things that need to be looked at if you're driving an 84" surface hub from a 55" one.  The purple indicates the things that would need to be changed if the target was another 55" hub.


The ports on the surface are confusing, to say the least as they're in reverse order on the 55" and 84" models.  They're also not labelled well at all, particularly not as a group of "input" or "output" ports. There's subtle arrows on the ports pointing into a box or out of a box. That's your indication of whether the port is an input or output one.  

Additionally, there's an important slide switch which is simply marked with an exclaimation mark in a trangle.  If you slide this to the left (looking from behind the surface screens), it "turns the onboard computer off"  -- except it doesn't. The onboard computer seems to function well enough regardless of how the switch is set. 

What the switch does do however is determine whether or not the surface will look at the input ports. This might be important if you were going to set up a permanent cable connection but only wanted it to be "active" sometimes.

Finally, on the target hub, you'll need to switch the input to Display Port. 

HDMI and VGA are options

While HDMI isn't supported as an output format, you can have HDMI as an input. That's good because HDMI cables can be longer and you can get them with built-in repeaters though I haven't tested one -- yet. 

You can also, apparently connect via VGA but since VGA doesn't carry sound, you'll want to connect the audio ports together too. I haven't tested this procedure. 

The official Microsoft documentation on this is here






Friday, October 27, 2017

Getting Started with SharePoint Lists


SharePoint lists are a great way to build quick "applications" and registers. 

If, like me, you've migrated from IBM Domino, and you were wondering where the Office 365 development functionality is, this is where it starts.  For everyone else, who has never heard of domino, don't worry, I'll explain what SharePoint lists are and why they're a great tool for you. 

What Are SharePoint Lists?

SharePoint lists are essentially a "cloud way" to store data that you want to share and search. You can put documents into lists but the best use of lists is to store and update "data".

Essentially, SharePoint lists are a kind of database. They're not incredibly powerful, like SQL server but they're usually going to be powerful enough to replace a lot of the things you might have in Microsoft Access.

One of the easiest ways to determine what applications are a good fit for SharePoint lists is to look at your spreadsheets.  Spreadsheets, like Excel are great for maths and finance but they're less suitable for simple lists -- especially if those lists need to be shared. If you're keeping track of things in excel but you're not doing maths or graphs, a list is probably a better fit.

What can I use them for? 

You can use SharePoint lists for almost anything but here's a few business ideas to get you started;


  • Inventories and Asset Registers; to track serial numbers, device allocations, IMEIs and even problems against devices.
  • Contracts; to store the actual contracts but also record information against them like start and end dates, terms and contacts.
  • Share Passwords; In most IT teams (and other business teams) there's a bunch of shared URLs, user names and passwords. Putting these into a central list makes it easier to search for them when you need them.
  • Keywords: Lists can be used to power other lists (I'll talk about that more in a future post).
  • Changes: If you're putting together a Change Management system, a list can be a good way to register a change and set a status on it.
  • Collection management; If you collect anything; books, dvds etc, Lists can be used to manage the collection. 

Building your own SharePoint List

Without further ado, here's a slideshow that walks you through the process of building a simple SharePoint list. I've ignored a lot of options and a lot of the opportunities for a slicker experience in order to keep this as simple as possible. 




Where to From Here?

This is just the tip of the iceberg when it comes to lists and there's a whole lot of other places we can go from here. In particular, we can "skin the list" to make it look nicer and we can built a mobile app using PowerApps (it's very easy), we can also add validation and security.

Tuesday, October 17, 2017

Fixing up those Pesky # Filenames for Importing into OneDrive and SharePoint


Once you're used to the new way of working, OneDrive and SharePoint are great file storage systems. The biggest problem is getting your files into them. Sure, it's usually just a case of drag and drop but the real problems are related to some tighter controls on the file names.

The worst offenders are the ampersand and the hashtag. In fact, it seems to be really common for people to name their files with a hashtag in financial circles. For example: "Invoice No #675853.pdf"

OneDrive and SharePoint will "spit the dummy" if you try to upload a file that breaks these rules.

Interface Problems

What's worse is that while the upload tools will happily report all of the errors, it doesn't give you a chance to correct them and it doesn't tell you exactly where in the path the offending file is.

What's more, you can't copy the log of errors to the clipboard and I haven't seen any signs of any other forms of logging - not that I've really looked that hard for them.

In any case, fixing these problems by hand is just a little too much, especially if you're migrating a large company with lots of files and folders.  The better solution is to prepare the files before you upload them.

OneDrive Check

I looked around for a solution to this problem as I was quite reluctant to try to roll my own. Eventually, after trying several other non-functional solutions, I found what seems to be the Microsoft supported solution.

It's a little PowerShell script called OneDrive-Check.  Since it was so difficult to find, I figured it was worth posting about to see if I could raise awareness for this little hero.


How to Use it

First of all, you need to download the ZIP file, which includes accepting an agreement. On the off-chance that the file is gone one day... and since it's a tiny text file called "OneDrive-Check.ps1", I'll include the actual contents at the end of this post... that way, you can easily recreate it if you need to.

Because there are a lot of people out there that don't seem to remember DOS, I'm going to give you the DOS/PowerShell commands for things like changing directories. I hope everyone else doesn't find this too patronising. ... oh and means to press the enter key.   :-)


  1. Click on the link, download the ZIP file and extract OneDrive-Check.ps1
  2. Copy that file to a useful place (eg: C:\temp\OneDrive-Check.ps1)
  3. Start Windows PowerShell (Click Start/Window and type Power, you'll find it). You might want to right-click on it and run as Administrator.
  4. Once PowerShell has loaded, go to the location where you saved your file
    (for example:  C: then CD C:\temp ).
  5. Type: Import-Module C:\temp\OneDrive-Check.ps1
    This should load the new module.
  6. Now go to where the files that you want in OneDrive are stored:
    (eg:  M: then CD M:\DATA )
    Remember that if you're changing into a folder with spaces in the name, you will probably want to enclose it in inverted commas;
    (eg: CD "M:\Data\Our Company Files" )
  7. To check what will happen, you can type
     OneDrive-Check -Folder "M:\Data\Our Company Files"
    (obviously substitute your folder name)
  8. To actually make the changes, you can type
    OneDrive-Check -Folder "M:\Data\Our Company Files" -Fix
  9. Best of luck. It's not perfect but it will significantly reduce your workload.
    (did I mention that it does sub-directories too?)
The main thing that doesn't seem to work (for obvious reasons) is that it doesn't resolve super-long file names.

Once the script has finished its work you can start dragging and dropping your folders into OneDrive or SharePoint document libraries.

And Now the "OneDrive-Check.ps1" File

So, just in case the OneDrive-Check.ps1 file disappears off the internet someday, here it is.  Bear in mind that in posting it on the internet, it's possible that some character changes might occur, so test it carefully before use.

(and a huge thank you to Andreas Molin, wherever he is. What a Hero!)


### Created by Andreas Molin
### Usage: Import-Module OneDrive-Check.ps1
### OneDrive-Check -Folder
### OneDrive-Check -Folder -Fix

function OneDrive-Check($Folder,[switch]$Fix){
    $Items = Get-ChildItem -Path $Folder -Recurse

    $UnsupportedChars = '[!&{}~#%]'

    foreach ($item in $items){
        filter Matches($UnsupportedChars){
        $item.Name | Select-String -AllMatches $UnsupportedChars |
        Select-Object -ExpandProperty Matches
        Select-Object -ExpandProperty Values
        }

        $newFileName = $item.Name
        Matches $UnsupportedChars | ForEach-Object {
            Write-Host "$($item.FullName) has the illegal character $($_.Value)" -ForegroundColor Red
            if ($_.Value -match "&") { $newFileName = ($newFileName -replace "&", "and") }
            if ($_.Value -match "{") { $newFileName = ($newFileName -replace "{", "(") }
            if ($_.Value -match "}") { $newFileName = ($newFileName -replace "}", ")") }
            if ($_.Value -match "~") { $newFileName = ($newFileName -replace "~", "-") }
            if ($_.Value -match "#") { $newFileName = ($newFileName -replace "#", "") }
            if ($_.Value -match "%") { $newFileName = ($newFileName -replace "%", "") }
            if ($_.Value -match "!") { $newFileName = ($newFileName -replace "!", "") }
         }
         if (($newFileName -ne $item.Name) -and ($Fix)){
            Rename-Item $item.FullName -NewName ($newFileName)
            Write-Host "$($item.Name) has been changed to $newFileName" -ForegroundColor Green
         }
    }
}

Thursday, October 05, 2017

SharePoint works if you start working the NEW way



It's been a long road from drive letters to SharePoint but I feel quite comfortable in this space now. It's all a matter of perspective -- and of course, resisting the urge to rebuild the old world in the new space. 

SharePoint works extremely well with files but there's a disturbing trend that I've seen amongst my users.  They use Sync to create a local replica of the entire of their SharePoint file libraries on their computers.

Apart from being extremely dangerous, this also introduces a lot of complications. One of the biggest complications is that many of the limitations that don't exist or are reduced in SharePoint, particularly folder structure (long path and file names) are still present in Windows 10. This means that if you sync a large SharePoint library you may find it difficult to save files in the lower levels on your PC.

When you think about it, syncing everything is just a way of trying to bring the old world into the new. A way to continue using "mapped drives".

I've found that working a new way, makes things so much easier but of course, it requires a bit of retraining.

A Training Presentation

Below is a presentation I made to help train people where I work on the new way to work with SharePoint files. I've deliberately kept it short and tried not to go off on tangents.  Feel free to use it and modify it for your audiences.

Link: https://www.slideshare.net/secret/AxiJKTViS54DpM

and here's an embedded version.



Tuesday, June 20, 2017

Thoughts on the Microsoft Surface Book 4

I've spent the last couple of months on Microsoft's Surface Book 4 (i7) and I've had enough time to form an opinion.

I generally hate laptops but I've found the Surface Book to be fast enough and easy enough to do the majority of my work on. The touchscreen is very responsive and I love being able to detach the tablet from the base - though admittedly, I rarely have a good business reason to do it.

We ordered around 45 of the devices all at once. One was DOA and another had batteries in the base that worked but dysfunctional batteries in the screen.  At around 4% failure it's probably still a reasonable return rate for hardware.

In terms of general use, the keyboard and trackpad are fine and the display is very clear. The processing power of the device is good and multi-touch on the trackpad and display are great too. The pen is currently a little useless and gimmicky but I've recently discovered that it works with the current version of Corel, so I may find a use for it yet.

Microsoft's Dock (Port Replicator)

While the Microsoft's dock for the surface book is amazingly simple to connect (it's magnetic and it sucks itself into the port when you wave it near the outlet), it's quite simply the words piece of functional technology I've seen in years. We've had nothing but trouble with them (on pretty much all of our surface devices).

Some of the problems undoubtedly relate to the difference in screen resolutions when using multiple monitors (the Surface's resolution of 3000 x 2000 is incredible). We've found that often when our people return from lunch that their external monitor, or the surface screen (or both) is blacked out. It's become such a problem that we've issued our people with a standard procedure for fixing most surface problems;

  1. Disconnect the Surface from the Dock
  2. Unplug the power from the doc
  3. Make sure that the Surface display activates (if it doesn't hold down the power for a few minutes then press power again once).
  4. Wait about 30 seconds
  5. Restore Power to the Surface Dock
  6. Wait another 10 seconds
  7. Reconnect the Surface Dock to the surface. 
This fixes most problems. 



The surface dock problems aren't confined to the screen either. I've had issues with the keyboard and the mouse losing power intermittently (seriously, the red light under the mouse goes out).

Even when the surface dock is working perfectly, the connections are a real pain and it's mind-boggling that they decided to include two display ports, instead of, for example, one display port and one HDMI port. It means that in almost every instance, we've had to get adapters for our monitors.

In Summary

The surface is an incredibly good laptop marred by the worst dock in history. Buy a surface  but consider getting a port replicator from somewhere else.  It probably won't connect as easily but there's a better chance of it working.


Honesty clause: I just decided that a review of the surface might be a useful thing. We got nothing for free and purchased all of the hardware as part of work. 

Monday, May 01, 2017

How to Split SharePoint Document Libraries to Simplify Synching

In my last post, I talked about how you need to split your SharePoint document libraries into smaller chunks in order to synch them. In this post, I'm going to assume that you made the same mistake that I made and put too many documents into the one document library.

In my case, I have an IT Team SharePoint site which holds all of our IT documents. It makes sense to keep all our IT documents together. For the most part, the site doesn't need to be synched anywhere because it's mostly a storage mechanism.  For example, our Finance and Invoices sub-folder is a place where we save invoices.  It's not a place where we go to edit them.

One area that I do need to be able to synch however is our projects and strategy area. Our projects are always needing updates and modern day IT strategy needs to be increasingly agile. It's always in a state of change.


Step 1: Add a New Document Library

The first step is to add a new document library. One of the great things about this is that you're still adding the document library to your existing SharePoint site. So I'll still get to keep my Projects and Strategy within the IT site.

Start by clicking the cog in the upper right corner of SharePoint and choose Add an App.

The app you want to add is called Document Library, so choose this, type a name for it, in this case Projects and Strategy and then click Create.

Step 2: Move the Files

Next, you need to navigate back to your existing documents and enter the existing Projects and Strategy folder. Click on the circle near the top to highlight all of the documents in this library. 


With all of the files and folders highlighted, click Copy To. You can't move files into different document libraries, you have to copy and delete instead. Given that SharePoint sometimes doesn't copy things correctly, this isn't such a bad choice. 

The Copy To command will present you with some choices on the right hand side which allows you to choose other SharePoint sites and libraries.  Navigate to the newly created library and choose copy

When the process is over, check that the files were correctly copied and then delete the folder out of the original area. Note that if you shared the files with anyone, you'll need to reshare them from the new location. 

Step 3: Make it Easier to Locate

If you're using Office 365 apps, your new library should already be fairly easy to locate but if you want to make it easier for casual browsers to find files via your SharePoint site, you'll want to add it to the menu.  

Click on the HOME menu on your SharePoint site and then scroll down to find recent activity. You should see your new library. Click on your library and copy the URL in the browser's address bar. This should be the most direct link to your library.

Next click EDIT at the bottom of the left hand side navigator menu.


This puts the navigator menu into edit mode. Move your mouse to an area between entries and you should see a plus (+) sign. Click on the plus to add a navigator entry. Don't worry if it ends up in the wrong place, you can drag it around later.

Paste the URL address that you copied as the address and type your document library's name (or a shortened version of it) as the display name.  Click OK to accept the changes.


Your new navigator link will be added.  You'll also find that if you click on the three dots on the menu, you can indent it. This is a good way to keep your document libraries together. Click Save to save the navigator arrangement.

Synching is now Possible

Now that your document library is smaller, you should find that you can Sync your new library. 




Monday, April 24, 2017

Using SharePoint with OneDrive as a File Server (for Ex-Domino Admins and Traditionalists)


Over the past few months, I've been looking at a whole range of options to do with file storage on the basis that Microsoft's OneDrive simply doesn't do what we need. The whole time of course, I've been unable to shake the feeling that Microsoft should be offering something that already covers this space. After all, file sharing is one of the major "tentpoles" in most Windows networks. 

As it turns out, SharePoint is the answer to this - and it works well if it's playing nicely with OneDrive. 

My initial investigation of SharePoint was flawed for a number of reasons. Firstly, it appears that I was looking at an "old version".  The "new" version has really only started to come out over the last few months but it's light years ahead of its predecessor.

The second reason that SharePoint was overlooked was because I really didn't have a great understanding of how (or why) it works. I was trying to compare it to IBM Domino and IBM Connections. There's a lot of similarities, particularly, with connections but they're vastly different beasts.

SharePoint Security differs from Domino Security

The security model of SharePoint is actually the opposite of Domino. In Domino, you start off with reasonably "open" access controls. For example, the server is open to "everyone in the company". From there, you restrict access to specific databases.  Within each of these databases, you further restrict access to views, forms, controls and documents; firstly via roles and then later via reader and editor fields.

SharePoint seems to be the opposite. Systems start out with a specific set of restrictions and then suddenly, even if you're halfway down the file structure tree, you might decide to share a particular folder and all sub-folders with someone who didn't previously have access. In fact, you can take it a step further an share with someone entirely outside of the company.

In SharePoint it is much, much easier to grant access to people however I'd venture to say that the security model it uses is by no means as "safe" as Domino.  

In Domino, if you wanted to suddenly revoke access for someone at a database level, you could simply remove them from the ACL.  In SharePoint, it's potentially a lot more complicated. As administrators, it's important to understand these differences because the SharePoint security model is also "mostly opposite" to the way the standard file server security works in Windows.

The Explorer Interface is Gone

If you talk to the Microsoft support team, they'll tell you how to map a drive from Windows file explorer to SharePoint. It works but in order to do it properly, you need to use Microsoft Internet Explorer ... not Edge ... nope, only the older technology will do.

I asked about the plans for edge but clearly there are no plans. It's not something that Microsoft wants to support. This was quite a shock to me after the amazing level of integration offered by IBM Connections.

I guess the important "take-away" from this is that Microsoft feels that the Windows File Explorer interface needs to "die".  Everything will be web from here on. 

Plan Ahead

In the old days, you created a file server by dumping all of your files into folders and sharing various bits out. It was a fairly forgiving process that enabled you to fiddle about with files until you got them right. SharePoint today is not quite so forgiving and moving things about will generally break links and muck up shared connections. You need to plan ahead.

Logical Ownership First

In the first instance, separate your files via logical ownership, which generally means "departments".  For example, most companies will have files in at least the following business areas;
  • Administration
  • Finance
  • Information Technology
  • Human Resources
  • Sales and Marketing
  • Strategy

Unless your company is a very small one (under about 30 employees), you'd be best off creating a SharePoint site for each of these major areas. This will make overall security a whole lot easier.

Smaller Chunks Second

The other thing to be aware of is that there seem to be some fairly serious limitations on the way that OneDrive syncs SharePoint data. In particular, there's an upper limit on both the number and the total size of the files that can be synched.

I'm not reiterating the limits in this post although I've seen them stated in several other places. There are two reasons for this;

1. They are subject to change
2. I've seen OneDrive behave poorly with much lower limits.

The file limitation would not normally be a problem except that OneDrive is currently incapable of doing a "partial synch".  It tries to synchronise the entire library and will dummy spit if it's too large.

For this reason, you need to add multiple document libraries to your SharePoint site.

Next Time....

I'll discuss this in my next post where I assume that like me, you've already uploaded a lot of files to SharePoint and now need to move them. Moving them is actually pretty easy and once it's done, they Sync problems are fixed. 

Tuesday, April 04, 2017

Migrating Mail from IBM Notes and Verse to Microsoft Outlook on Office 365 - Part 2

Last time on Real World Computing, I talked about migrating mail from IBM Notes and Verse to Microsoft Office 365. Now it's time for Part 2. 

Mail Routing

We did routing in two parts. Initially we had MX records for both IBM and Microsoft with Microsoft having the higher number (which means lower priority). After the cutover date we switched the priorities so that Microsoft Office 365 had the higher priority.

One of the cool things about Microsoft’s setup is that they give you two domains, one is your own and the other is an @mycompany.onmicrosoft.com one.

When we first saw this we thought it was a “bit wanky” but as it turned out, it was very useful indeed.we quickly discovered that we couldn't send mail to our internal colleagues on outlook from notes and that all of the agents in our Domino applications were only delivering internally.


Changing these to point to the onmicrosoft addresses fixed that problem. As far internal mail, we just added a mail rule to forward all new mail from our personal Domino and verse mailboxes to onmicrosoft.

Mail Migration

We tried a few things to get our old mail migrated. We had originally hoped that we could simply have a cutover date with a small amount of overlap but the reality is that other departments use mail quite differently from IT and they rely heavily on foldering and calendaring. They use search and archive very lightly - and it's not something that can be changed in the short term, regardless of how good the technology is.

We first tried putting their Verse mail into outlook and then copying and pasting mail between the mailboxes. This worked very well but we quickly discovered that there was a 90 day limit in terms of mail that Verse makes available to outlook.

The next phase involved taking an unencrypted ACL-free copy of users mail files and using conversion applications. We tried two and they both gave us a lot of trouble.

Stellar NSF to PST Converter

The first product we tried, Stellar NSF to PST Converter, had some very restrictive licensing. It was expensive and we could only run it on one PC. The trial version worked fairly well  but it was limited to only a very small amount of conversion.

The advertising claimed that it worked with Office 2016 but the reality was that we eventually had to run it with Office 2010.

Our initial attempts to get a NSF mail file converted to the 365 cloud took 24 hours for a single user with less than 3 months worth of mail. We complained about the software and after threatening to pursue the issue of a refund, the Stellar technical team worked with us on the problem for a couple of days.

Kernel Lotus Notes to Outlook Conversion

In the meantime, we bought another migration package; Kernel Lotus Notes to Outlook Conversion. This one had much better licensing and could be run on multiple machines at once. It worked out of the box and was able to do the same mail file in an hour.

We were ready to go with Kernel when suddenly the Stellar product started working. It processed our test file in 30 minutes. In the end, we used a mix of the products.

The conversion process produced a PST file which we were able to import into outlook. It was interesting to note that the folders and the calendar entries came over well and we had relatively few complaints from user about the conversion. Most of the complaints were actually outlook usability issues.

One thing that was a little problematic was that we had used an archiving and compliance solution, MailAbility. This software moved some of the older mail to external NSF archives and simply left links in the Notes mail client. Obviously those mails weren't “real” emails and couldn't be imported. We’ll convert the archives later and convert them to a “locked down” compliance-only shared mailbox.

Groups

The final big problem was groups. We currently need to retain the groups in both systems but duplicating them makes no sense. We've looked around for ways to easily synchronise the groups from Domino to Office 365 but apart from one-time migration or some really dangerous scripting, we've found nothing that will do the job.

The other important thing to realise is that Microsoft is redefining groups. There's a new group type called an "Office 365 Group" which everyone should probably be using.  Unfortunately, at the moment, it doesn't support people outside of the organisation...

...apparently that feature is coming "real soon" though.

In the meantime, groups are easily created via outlook or via the admin console or, as is apparently the preference (which doesn't currently support external parties), via Yammer.   As for getting contacts across, there's the solution I discussed back in January.

Saturday, April 01, 2017

Migrating Mail from IBM Notes and Verse to Microsoft Outlook on Office 365 - Part 1


It was always just a matter of time. Eventually we were going to have to make the jump from IBM to Microsoft. It's not that IBMs software isn't good. It's very good. It's simply that IBM is the Beta to Microsoft's VHS. Technically the IBM product line is far superior but on the surface, IBMs poor UI will never match the incredible pull of Microsoft's polished Office 365 offerings.

We're just finishing a mail migration from IBM Notes/Verse to Microsoft Outlook, which we did entirely in-house and I thought it would be worthwhile going over the method we used.

The Before Status

Prior to the migration, all of our users had the IBM Notes client on their desktops. We had three production servers and two test/dev servers. All of our user mailboxes were on the IBM Cloud and we had a split with some users on Verse and some on Notes.

We were also running an extensive extranet with a myriad of centrally controlled expansive security options. Our address books contain in excess of 22,000 groups.

Licensing 

Since we'd decided to use Office 365 for word, excel and powerpoint, the migration was technically already underway with the purchase of Office 365 licensing. It should have been a simple matter of extending the licensing but as we already had a number of 365 licenses, we had to establish the right options.

This meant finding a Microsoft business partner and buying new licenses since there was no upgrade path from Office 365 Pro Plus, which doesn't include outlook to 365 E3 which does. 

We later decided that E5 would have been a better choice but funding wasn't available until later and again, there was no easy upgrade option. That's an upgrade we’ll probably do on the one year anniversary instead.



Active Directory 

Our original plans were to migrate to Microsoft’s fully cloud based active directory service and retire our three AD servers. We might still do this but in the meantime, a decision was made to retain our on-prem AD.

This change had a significant impact as connecting the AD to Azure resulted in duplicate users which took some time to resolve. The solution ended up being to delete all our existing AD users and let them get recreated by the sync process.

Unfortunately deleting them required powershell, a tool we ended up getting a bit too familiar with. It also meant that their OneDrive data and yammer posts and profiles got trashed.



SPF

The next step was to get our users familiar with outlook. To do that, we needed to set up routing.

In setting up our office 365 environment, we had to claim our domain. You do this in the Office 365 admin  portal which is surprisingly full featured.You have to verify your DNS via txt record and you're encouraged to put in a mx record that includes a spf flag.

We hadn't been using SPF prior to this but as soon as the SPF record took hold, it didn't matter that we had dual routing (with mail primarily going to our IBM accounts and a secondary MX record pointing to Office 365).

Our old connection immediately became “untrusted” and we had to quickly modify the SPF record to include our existing servers.


Stay tuned... in part 2, I'll cover how we managed routing, mailbox migration, and groups.