Connecting to Lync Online


Issue when connecting to Lync Online you may receive one of the the following errors

“The ‘New-CsOnlineSession’ command was found in the module ‘LyncOnlineConnector’, but
the module could not be loaded. For more information, run ‘Import-Module LyncOnlineConnector’.”

and

“Unable to discover PowerShell endpoing URI
At C:\Program Files\Common Files\Microsoft Lync Server
2013\Modules\LyncOnlineConnector\LyncOnlineConnectorStartup.psm1”

 

Lets deal with the first one,:

First ensure you have downloaded and installed the Powershell Module for Lync Online

Next, and this is the weird part set the powershell execution policy to “unrestricted”, is seems there is an issue with the modules loading, we were able to discover this by comparing a powershell session for one system that worked and other that did not. (if you are security conscious you may want to set this back when you are done)
The specific command is set-ExecutionPolicy unrestricted

For the last error ensure you have configured your Lyncdiscover records in your External DNS, this is needed for powershell to detect and connect to your online Lync environment, if you are in a hybrid configuration you may be pointing this to on-prem Lync and not Lync online. you can find your specific configuration by clicking on your domain in the office 365 admin center.

Finally the syntax to connect to your Lync Online is:esco over anything in particular let

$LiveCred = Get-Credential
$LyncSession = New-CsOnlineSession -Credential $livecred
Import-PSSession $LyncSession

Advertisements

Unable to open Local Windows Backup Snap-in.


A fatal error occured during a Windows Server Backup Snap-in (wbadmin.msc) operation. Error details: the Windows Server Backup service has stopped. Close wbadmin.msc and then restart it

Background:

  • I had installed the beta version of Microsoft online backup
  • I had backed up locally to a USB drive that has since failed
  • Backups were scheduled locally and to the online backup service.
  • When I removed the online beta backup software (Now Azure) and my failed drive, I was no longer able to manage windows backup from the GUI.

This is the error I received in the event log.

Event ID 1000
Source Application Error

Faulting application name: wbengine.exe, version: 6.2.9200.16384, time stamp: 0x50108cb6
Faulting module name: wbengine.exe, version: 6.2.9200.16384, time stamp: 0x50108cb6
Exception code: 0xc0000005
Fault offset: 0x000000000012623a
Faulting process id: 0x2678
Faulting application start time: 0x01ce64c42da7256f
Faulting application path: C:\Windows\system32\wbengine.exe
Faulting module path: C:\Windows\system32\wbengine.exe
Report Id: 6c2d3105-d0b7-11e2-9415-c86000003091
Faulting package full name:
Faulting package-relative application ID:

Cause:

I had backups placed on a failed drive, this was causing the backup software to crash when it tried to enumerate them. (Not that the error or events point to that at all!)

Resolution:

I ran the following PowerShell cmtlets and re-setup my backups (Caution this will remove all record of any backup have taken place!!)

    1. Get-WBPolicy | Remove-WBPolicy
    2. Remove-WBBackupSet
    3. Remove-WBCatalog
    4. get-Service *wb* | Start-Service
    5. Restart Windows Server Backup

Sweet! may backup works again!

Note: I was also able to re-download the Azure Backup agent and that is now working like a charm as well.

Creating Custom DLP Classification Rules and Policy


When at first I was looking into this the TechNet documentation was extensive and yet not as specific as I would prefer, so here is the quick and dirty DLP classification!

Creating and importing custom Classifications

  1. First you need to create your custom policy XML (Example Below)
  2. Save as XML Unicode file type (C:\MyNewPolicy.xml)
  3. Open the XML in internet explorer if its formatted correctly you will see the XML.
  4. Then import with Powershell
    New-ClassificationRuleCollection –FileData ([Byte[]]$(Get-Content -path C:\MyNewPolicy.xml -Encoding byte -ReadCount 0))
  5. Once its imported you should be able to create a new DLP policy using the EAC

Creating a custom DLP Rule

  1. Login to EAC (i.e https://mail.domain.com/ecp)
  2. Click Compliance Management, data loss prevention
  3. Click the Plusimage , then New custom policy
    image
  4. Name your policy and Choose your mode (I like to test with Policy tags), and click Save
    image
  5. Select the policy and click the image edit your new policy
  6. Select Rules from the left
  7. Click the imageto Create a new rule
  8. On the Apply this rule if field choose The message contains Sensitive information..
  9. Click *Select sensitive information types….. (if applicable)
  10. Click the imageto choose from the list,
  11. You should now see your new classification (from the example below it would be Secure Product Codes\ DLP by Exchangemasters.info)

image

Useful Tools

Example of a Rule Classification XML

 <?xml version=”1.0″ encoding=”utf-16″?>

 <RulePackage xmlns=”http://schemas.microsoft.com/office/2011/mce”&gt;

 <RulePack id=”b4b4c60e-2ff7-47b2-a672-86e36cf608be”>

  <Version major=”1″ minor=”0″ build=”0″ revision=”0″/>

  <Publisher id=”7ea13c35-0e58-472a-b864-5f2e717edec6″/>

  <Details defaultLangCode=”en-us”>

  <LocalizedDetails langcode=”en-us”>

  <PublisherName>DLP by Exchangemasters.info</PublisherName>

  <Name>Secure Product Codes</Name>

  <Description>Secure Products</Description>

  </LocalizedDetails>

  </Details>

  </RulePack>

  <Rules>

  <!– Product Code –>

  <Entity id=”acc59528-ff01-433e-aeee-13ca8aaee159″ patternsProximity=”300″ recommendedConfidence=”75″>

 <Pattern confidenceLevel=”75″>

  <IdMatch idRef=”Regex_Product_Code” />

  <Match idRef=”Code” />

  </Pattern>

  </Entity>

  <Regex id=”Regex_Product_Code”>[A-Z]{3}[0-9]{9}

  </Regex>

  <Keyword id=”Code”>

  <Group matchStyle=”word”>

  <Term>Code</Term>

  </Group>

  </Keyword>

  <LocalizedStrings>

  <Resource idRef=”acc59528-ff01-433e-aeee-13ca8aaee159″>

  <Name default=”true” langcode=”en-us”>

  Product Code

  </Name>

  <Description default=”true” langcode=”en-us”>

 A custom classification for detecting product codes that have 3 uppercase letters and 9 numbers

 </Description>

 </Resource>

</LocalizedStrings>

</Rules>

</RulePackage>

Exchange 2010 Powershell Lab Tools


Recently a good friend of mine pointed out some great tools that Mike Pfeiffer posted and I have to say they are pretty awesome and I would recommend checking them out.

Populating Exchange Labs with Mailboxes using PowerShell

Provision Exchange Mailboxes from CSV using PowerShell Advanced Functions

Generating Test Email Data for Exchange Labs with PowerShell

Microsoft Exchange Conference


9/24 Starts the first day of the Microsoft Exchange Conference (MEC).

For those that don’t yet know, this awesome event has been MIA for 10 years, we are excited to say it’s back!

This is a great time to see what’s new in Exchange, meet product group, MCMs, MVPs and other exchange enthusiasts.

All of our authors will be there, you can find us in whiteboard sessions, the Dell/Quest booth, and of course “in the halls” of MEC.

Stop by the booth and visit, or say hi if you see one of us in the halls!

Can’t run Tracking Log Explorer : Access Denied


 

Issue: User is a standard user (not a domain admin) and his RBAC permissions allow him to do message tracking but he is not not an Organization Admin.

  • Running with Exchange PowerShell (get-messagetrackinglog): works
  • Running with ECP: works
  • Running with Tracking Log Explorer : Broken

“Failed to connect to the Microsoft Exchange Transport Log Search service on computer “Exchange_Servername”. Verify that a valid computer name was used and the Microsoft Exchange Transport Log Search service is started on the target computer.” The error message is: Access is denied.”

image

Reason: EXTra.exe is what is used to run Tracking Log Explorer and it doesn’t use remote PowerShell therefore your permissions are based on  your AD login permissions not RBAC.

Solutions:

    1. Add the users to the “Exchange View-Only Administrators” (2007) or “Public Folder Management” (2010 Green Field) AD Group to be able to use the GUI.
    2. Use Exchange PowerShell or ECP to pull the tracking logs.

Thanks to Andrew and Ron for Figuring this out!

Note: Walkthrough on setting up ECP\ EMS Message tracking access