DirSync Report

Azure Active Directory Sync (DirSync) seems so simple on the surface doesn’t it?  “Next, Next, Finish”, right?  Ha!  If you’ve ever had to revisit your DirSync server to troubleshoot or make a configuration change, you know there can be more than meets the eye.  A lot of useful information happens to be scattered across various registry keys, SQL tables and XML files.  If you’re not familiar with the FIM Management Console, and these other locations it might be hard to see what’s going on.

Here’s a free script that aims to help by creating a dashboard highlighting useful DirSync configurations.  See the image below for a sample output.  Before you run it you should be aware of the limitations listed in the “known issues” area of the script.

Oct 2014 Update: Fellow MVP, Michael Van Horenbeeck has written an update to this script for use with the new Azure AD Sync Tool.  Please be sure to check it out here: http://vanhybrid.com/2014/10/26/azure-ad-sync-tool-html-report/

DirSync Report


You can Review the script below or download it and try it for yourself!

<#
Description:
This script gathers DirSync information from various locations and reports to the screen.

November 5 2013
Mike Crowley
http://mikecrowley.us

Known Issues:
1) All commands, including SQL queries run as the local user.  This may cause issues on locked-down SQL deployments.
2) For remote SQL installations, the SQL PowerShell module must be installed on the dirsync server.
    (http://technet.microsoft.com/en-us/library/hh231683.aspx)
3) The Azure Service account field is actually just the last account to use the Sign In Assistant.
    There are multiple entries at that registry location.  We're just taking the last one.
4) Assumes Dirsync version 6385.0012 or later.

#>

#Console Prep
cls
Write-Host "Please wait..." -F Yellow
ipmo SQLps

#Check for SQL Module
if ((gmo sqlps) -eq $null) {
    write-host "The SQL PowerShell Module Is Not loaded.  Please install and try again" -F Red
    write-host "http://technet.microsoft.com/en-us/library/hh231683.aspx" -F Red
    Write-Host "Quitting..." -F Red; sleep 5; Break
    }

#Get Dirsync Registry Info
$DirsyncVersion = (gp 'hklm:SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Online Directory Sync').DisplayVersion
$DirsyncPath = (gp 'hklm:SOFTWARE\Microsoft\MSOLCoExistence').InstallPath
$FullSyncNeededBit = (gp 'hklm:SOFTWARE\Microsoft\MSOLCoExistence').FullSyncNeeded
$FullSyncNeeded = "No"
If ((gp 'hklm:SOFTWARE\Microsoft\MSOLCoExistence').FullSyncNeeded -eq '1') {$FullSyncNeeded = "Yes"}

#Get SQL Info
$SQLServer = (gp 'HKLM:SYSTEM\CurrentControlSet\services\FIMSynchronizationService\Parameters').Server
if ($SQLServer.Length -eq '0') {$SQLServer = $env:computername}
$SQLInstance = (gp 'HKLM:SYSTEM\CurrentControlSet\services\FIMSynchronizationService\Parameters').SQLInstance
$MSOLInstance = ($SQLServer + "\" + $SQLInstance)
$SQLVersion = Invoke-Sqlcmd -ServerInstance $MSOLInstance -Query "SELECT SERVERPROPERTY('productversion'), SERVERPROPERTY ('productlevel'), SERVERPROPERTY ('edition')"

#Get Password Sync Status
[xml]$ADMAxml = Invoke-Sqlcmd -ServerInstance $MSOLInstance -Query "SELECT [ma_id] ,[ma_name] ,[private_configuration_xml] FROM [FIMSynchronizationService].[dbo].[mms_management_agent]" | ? {$_.ma_name -eq 'Active Directory Connector'} | select -Expand private_configuration_xml
$PasswordSyncBit = (Select-Xml -XML $ADMAxml -XPath "/adma-configuration/password-hash-sync-config/enabled" | select -expand node).'#text'
$PasswordSyncStatus = "Disabled"
If ($PasswordSyncBit -eq '1') {$PasswordSyncStatus = "Enabled"}

#Get Account Info
$ServiceAccountGuess = (((gci 'hkcu:Software\Microsoft\MSOIdentityCRL\UserExtendedProperties' | select PSChildName)[-1]).PSChildName -split ':')[-1]
$ADServiceAccountUser = $ADMAxml.'adma-configuration'.'forest-login-user'
$ADServiceAccountDomain = $ADMAxml.'adma-configuration'.'forest-login-domain'
$ADServiceAccount = $ADServiceAccountDomain + "\" + $ADServiceAccountUser

#Get DirSync Database Info
$SQLDirSyncInfo = Invoke-Sqlcmd -ServerInstance $MSOLInstance -Query "SELECT DB_NAME(database_id) AS DatabaseName, Name AS Logical_Name, Physical_Name, (size*8)/1024 SizeMB FROM sys.master_files WHERE DB_NAME(database_id) = 'FIMSynchronizationService'"
$DirSyncDB = $SQLDirSyncInfo | ? {$_.Logical_Name -eq 'FIMSynchronizationService'}
$DirSyncLog = $SQLDirSyncInfo | ? {$_.Logical_Name -eq 'FIMSynchronizationService_log'}

#Get connector space info (optional)
$ADMA = Invoke-Sqlcmd -ServerInstance $MSOLInstance -Query "SELECT [ma_id] ,[ma_name] FROM [FIMSynchronizationService].[dbo].[mms_management_agent] WHERE ma_name = 'Active Directory Connector'"
$AzureMA = Invoke-Sqlcmd -ServerInstance $MSOLInstance -Query "SELECT [ma_id] ,[ma_name] FROM [FIMSynchronizationService].[dbo].[mms_management_agent] WHERE ma_name = 'Windows Azure Active Directory Connector'"
$UsersFromBothMAs = Invoke-Sqlcmd -ServerInstance $MSOLInstance -Query "SELECT [ma_id] ,[rdn] FROM [FIMSynchronizationService].[dbo].[mms_connectorspace] WHERE object_type = 'user'"
$AzureUsers = $UsersFromBothMAs | ? {$_.ma_id -eq $AzureMA.ma_id}
$ADUsers = $UsersFromBothMAs | ? {$_.ma_id -eq $ADMA.ma_id}

#Get DirSync Run History
$SyncHistory = Invoke-Sqlcmd -ServerInstance $MSOLInstance -Query "SELECT [step_result] ,[end_date] ,[stage_no_change] ,[stage_add] ,[stage_update] ,[stage_rename] ,[stage_delete] ,[stage_deleteadd] ,[stage_failure] FROM [FIMSynchronizationService].[dbo].[mms_step_history]" | sort end_date -Descending

#GetDirSync interval (3 hours is default)
$SyncTimeInterval = (Select-Xml -Path ($DirsyncPath + "Microsoft.Online.DirSync.Scheduler.exe.config") -XPath "configuration/appSettings/add" | select -expand Node).value

#Generate Output
cls

Write-Host "Report Info" -F DarkGray
Write-Host "Date: " -F Cyan -NoNewline ; Write-Host (Get-Date) -F DarkCyan
Write-Host "Server: " -F Cyan -NoNewline ; Write-Host  $env:computername -F DarkCyan
Write-Host

Write-Host "Account Info" -F DarkGray
Write-Host "Active Directory Service Account: " -F Cyan -NoNewline ; Write-Host $ADServiceAccount -F DarkCyan
Write-Host "Azure Service Account Guess: " -F Cyan -NoNewline ; Write-Host $ServiceAccountGuess -F DarkCyan
Write-Host

Write-Host "DirSync Info" -F DarkGray
Write-Host "Version: " -F Cyan -NoNewline ; Write-Host $DirsyncVersion -F DarkCyan
Write-Host "Path: " -F Cyan -NoNewline ; Write-Host $DirsyncPath -F DarkCyan
Write-Host "Password Sync Status: " -F Cyan -NoNewline ; Write-Host $PasswordSyncStatus -F DarkCyan
Write-Host "Sync Interval (H:M:S): " -F Cyan -NoNewline ; Write-Host $SyncTimeInterval -F DarkCyan
Write-Host "Full Sync Needed? " -F Cyan -NoNewline ; Write-Host $FullSyncNeeded -F DarkCyan
Write-Host

Write-Host "User Info" -F DarkGray
Write-Host "Users in AD connector space: " -F Cyan -NoNewline ; Write-Host $ADUsers.count -F DarkCyan
Write-Host "Users in Azure connector space: " -F Cyan -NoNewline ; Write-Host $AzureUsers.count -F DarkCyan
Write-Host "Total Users: " -F Cyan -NoNewline ; Write-Host $UsersFromBothMAs.count -F DarkCyan
Write-Host

Write-Host "SQL Info " -F DarkGray
Write-Host "Version: " -F Cyan -NoNewline ; Write-host $SQLVersion.Column1 $SQLVersion.Column2 $SQLVersion.Column3 -F DarkCyan
Write-Host "Instance: " -F Cyan -NoNewline ; Write-Host  $MSOLInstance -F DarkCyan
Write-Host "Database Location: " -F Cyan -NoNewline ; Write-Host $DirSyncDB.Physical_Name -F DarkCyan
Write-Host "Database Size: " -F Cyan -NoNewline ; Write-Host $DirSyncDB.SizeMB "MB" -F DarkCyan
Write-Host "Database Log Size: " -F Cyan -NoNewline ; Write-Host $DirSyncLog.SizeMB "MB" -F DarkCyan
Write-Host

Write-Host "Most Recent Sync Activity" -F DarkGray
Write-Host "(For more detail, launch:" $DirsyncPath`SYNCBUS\Synchronization Service\UIShell\miisclient.exe")" -F DarkGray
Write-Host "  " ($SyncHistory[0].end_date).ToLocalTime() -F DarkCyan -NoNewline ; Write-Host " --" $SyncHistory[0].step_result -F Gray
Write-Host "  " ($SyncHistory[1].end_date).ToLocalTime() -F DarkCyan -NoNewline ; Write-Host " --" $SyncHistory[1].step_result -F Gray
Write-Host "  " ($SyncHistory[2].end_date).ToLocalTime() -F DarkCyan -NoNewline ; Write-Host " --" $SyncHistory[2].step_result -F Gray
Write-Host

Converting SMTP Proxy Addresses to Lowercase

Update: Be aware, this script has not been tested with SIP, X400 or other address types. I am working on an update to validate these scenarios, but in the meantime, proceed at your own risk with these address types.

I recently encountered a question in an online forum where someone asked for a script to convert all of their user’s email addresses to lower case values.  While this doesn’t affect the message delivery, it can have an impact on aesthetics when the address is displayed in an external recipient’s email client.  An Exchange Email Address Policy can do this to some degree, but I wanted to see how it could be done with PowerShell.

The challenge with a script like this is twofold:

  1. Email addresses (proxy addresses) are a multi-valued attribute, which can be tricky to work with.
  2. PowerShell is generally not case-sensitive, and therefore when we try to rename Mr. Gallalee’s email address in the screenshot below, we can see that it does not work:

WARNING: The command completed successfully but no settings of 'demolab.local/Users/Rob Gallalee' have been modified.

After a little bit of inspiration from a script written by Michael B Smith, I came up with the below:


$MailboxList = Get-Mailbox  -ResultSize unlimited

$MailboxList | % {

$LoweredList = @()
$RenamedList = @()

foreach ($Address in $_.EmailAddresses){
if ($Address.prefixstring -eq "SMTP"){
$RenamedList += $Address.smtpaddress + "TempRename"
$LoweredList += $Address.smtpaddress.ToLower()
}
}
Set-mailbox $_ -emailaddresses $RenamedList -EmailAddressPolicyEnabled $false
Set-mailbox $_ -emailaddresses $LoweredList

#Without this line the "Reply To" Address could be lost on recipients with more than one proxy address:
Set-mailbox $_ -PrimarySmtpAddress $_.PrimarySmtpAddress
}

This script works as follows:

  1. Puts all mailboxes into the $MailboxList variable.  If you don’t want all mailboxes,  edit the Get-Mailbox cmdlet as you see fit.
  2. Filters out X400 and other non-SMTP addresses.
  3. Creates an array called $RenamedList which stores each proxy address with “TempRename” appended to it (e.g. Rgallalee@demolab.localTempRename).
  4. Creates another array ($LoweredList) and use the “ToLower” method on each proxy address.
  5. Sets the proxy address for the user to the value of $RenamedList and then to $LoweredList.
    1. This is how we get around the case case insensitivity – name it to something else and then name it back.
  6. Step 4 and 5 don’t preserve the “Primary” / “Reply-To” address, so we set it back manually with the last line.

Note: This script turns off the email address policy for each user.

As always, feedback is welcome.

EDIT Dec 2018:
This is a similar approach, but for mailboxes migrated to Office 365. In this case, only the Primary SMTP addresses are targeted.

It may also be faster than the above, due to the fact we’re only operating against mailboxes that have uppercase (vs all of them).

Set-ADServerSettings -ViewEntireForest:$true

$TargetObjects = Get-RemoteMailbox -ResultSize Unlimited | Where {$_.PrimarySmtpAddress.ToLower() -cne $_.PrimarySmtpAddress}

Write-Host $TargetObjects.count "Remote mailboxes have one or more uppercase characters." -ForegroundColor Cyan

#Backup First
Function Get-FileFriendlyDate {Get-Date -format ddMMMyyyy_HHmm.s}
$DesktopPath = ([Environment]::GetFolderPath("Desktop") + '\')
$LogPath = ($DesktopPath + (Get-FileFriendlyDate) + "-UppercaseBackup.xml")

$TargetObjects | select DistinguishedName, PrimarySMTPAddress, EmailAddresses | Export-Clixml $LogPath
Write-Host "A backup XML has been placed here:" $LogPath -ForegroundColor Cyan
Write-Host

$Counter = $TargetObjects.Count

foreach ($RemoteMailbox in $TargetObjects) {

    Write-Host "Setting: " -ForegroundColor DarkCyan -NoNewline
    Write-Host $RemoteMailbox.PrimarySmtpAddress -ForegroundColor Cyan
    Write-Host "Remaining: " -ForegroundColor DarkCyan -NoNewline
    Write-Host $Counter -ForegroundColor Cyan

    Set-RemoteMailbox $RemoteMailbox.Identity -PrimarySmtpAddress ("TMP-Rename-" + $RemoteMailbox.PrimarySmtpAddress) -EmailAddressPolicyEnabled $false
    Set-RemoteMailbox $RemoteMailbox.Identity -EmailAddresses @{remove = $RemoteMailbox.PrimarySmtpAddress}

    Set-RemoteMailbox $RemoteMailbox.Identity -PrimarySmtpAddress $RemoteMailbox.PrimarySmtpAddress.ToLower()
    Set-RemoteMailbox $RemoteMailbox.Identity -EmailAddresses @{remove = ("TMP-Rename-" + $RemoteMailbox.PrimarySmtpAddress)}

    $Counter --
}

Write-Host
Write-Host "Done." -ForegroundColor DarkCyan

#End

 

Combining PowerShell Cmdlet Results

In my last post I used used New-Object to create an desirable output when the “Get-Mailbox” cmdlet didn’t meet my needs.  If your eyes glazed over trying to read the script, let me make it a bit simpler by focusing on a straight forward example.

Say you need to create a list of user’s mailbox size with their email address.  This sounds like a simple request, but what you’d soon find is that mailbox sizes are returned with the Get-MailboxStatistics cmdlet and the email address is not.  For that, you need to use another cmdlet, such as Get-Mailbox.

With the New-Object cmdlet, we are able to make a custom output that contains data from essentially wherever we want.

See this example:

$MyObject = New-Object PSObject -Property @{
EmailAddress = $null
MailboxSize = $null
}

In this example, I have created a new object with 2 fields, and saved it as the $MyObject variable.

For now, we’ve set the data to null, as shown below:

$MyObject

The next step is to populate each of those fields.  We can write to them one at a time with lines like this:

$MyObject.EmailAddress = (Get-Mailbox mcrowley).PrimarySmtpAddress
$MyObject.MailboxSize = (Get-MailboxStatistics mcrowley).TotalItemSize

Note: The variable we want to populate is on the left, with what we want to put in it on the right.

To confirm our results, we can simply type the variable name at the prompt:

$MyObject with data

Pretty cool, huh?

Ok, so now about that list.  My example only shows the data for mcrowley, and you probably need more than just 1 item in your report, right?

For this, you need to use the foreach loop.  You can read more about foreach here, but the actual code for our list is as follows:

(I am actually going to skip the $null attribute step here)

$UserList = Get-mailbox -Resultsize unlimited
$MasterList = @()
foreach ($User in $UserList) {
$MyObject = New-Object PSObject -Property @{
EmailAddress = (Get-Mailbox $User).PrimarySmtpAddress
MailboxSize = (Get-MailboxStatistics $User).TotalItemSize
}
$MasterList += $MyObject
}
$MasterList

$MasterList with data

Finally, if you wanted to make this run faster, we really don’t need to run “get-mailbox” twice.  For better results, replace the line:

EmailAddress = (Get-Mailbox $User).PrimarySmtpAddress

With this one:

EmailAddress = $User.PrimarySmtpAddress

Dealing with PST Files

Chances are, if you read my site, you also read the Exchange team blog.  This means you’ve seen the PST Capture Tool!  I’ve had a chance to work with this tool for a little while now and have found it to be a delight!PST File

“PSTs are bad M’kay?“

This is a line we’ve all recited a time or two (ok maybe not exactly that line), but do we even know why?  Are we just parrots, or do we actually have a reason for condemning this hugely prolific file format?

Let’s start by acknowledging that PST files aren’t all bad.  M’kay?  If you run Outlook at home, or if you use IMAP/POP-based accounts (Gmail, Hotmail, etc) at work, using a PST file can actually be a good idea.  While it is possible to direct internet mail to the Exchange mailbox, this would create several problems:

    • Wasting expensive Exchange disk space
    • Potential violation of company policies
    • Internet mail is now subject to corporate retention (and discovery!) policies
    • Makes moving to a job more painful
    • etc.

AutoArchive Group Policy Settings

I’d even go so far as to say you might want to use PST files for archiving corporate email!  If you run a small shop – or a big one that isn’t subject to any retention policies.  A group policy configuring AutoArchive (and a note to your users) might be a good way to implement spring cleaning in your Exchange data stores.

See, PST files actually can serve a purpose!

Then there is the other side of the coin:

In most situations, PST files represent unmanaged storage of email.  For someone who is charged with administering an email environment, this means we aren’t able to do our job.  If users begin to rely on something that we aren’t taking care of; what happens when it breaks?  We’ve all had the uncomfortable task of telling someone we can’t get their data back at least once in our careers.  It doesn’t make for fun times.

More important than our comfort; many organizations are subject to regulations which require them to turn email data over to the courts upon request.  A judge wont want to hear your sob story about how PST files aren’t searchable, and how you’re going to have to look across the whole network by hand to find that email thread.

I recently completed an Exchange 2010 deployment for a government organization that was subject to such legislation.  Once we activated the Personal Archive for their users, they decided to put the kibosh on PST files.  To enforce this, we laid out a three phased approach:

  1. Prevent the users from making new PST files
  2. Prevent the users from adding content to existing PST files
  3. Use the abovementioned PST Capture Tool to import PSTs as necessary

The first two steps were quite simple to accomplish.  Outlook reads a registry value called PSTDisableGrow (REG_DWORD).  We deployed a GPO to implement this as follows:

Outlook 2003 HKCU\Software\Microsoft\Office\11.0\Outlook\PST\
Outlook 2007 HKCU\Software\Microsoft\Office\12.0\Outlook\PST\
Outlook 2010 HKCU\Software\Microsoft\Office\14.0\Outlook\PST\

Set PSTDisableGrow to “1” (without the quotes).  This will allow users to mount PST files in Outlook, but it will not allow any new content to be placed within.  Don’t worry about overkill here.  I used a single GPO for all 3 settings.  Outlook version X doesn’t care about extra registry settings in Outlook Y’s key.

PSTDisableGrow has some siblings; read more about DisablePST, DisableCrossAccountCopy and DisableCopyToFileSystem here.

That’s all for now, have a great week!

EDIT: Be sure to also check out this relevant blog post by the Microsoft Exchange product group: Deep Sixing PST Files

Office 365: Past, Present and Future – a Planet Technologies Webcast

Office 365: Past, Present and Future – a Planet Technologies Webcast

Planet Technologies is hosting a free webcast in which we will be providing some tips, insights and updates on Office 365 and Exchange Online.

If you’re interested in attending, or would like to read the agenda, please see the registration page below.

 

REGISTER NOW

 

 

About Planet Technologies

Planet Technologies, a leading Microsoft partner with multiple gold competencies, is recognized world-wide  as a leading expert in the integration and customization of Microsoft technologies, architecture, security and  management consulting. Planet’s clients include some of the largest public sector and  commercial  organizations  in the world.

Learn more at www.go-planet.com

Office 365 DirSync (x64) Installation Walkthrough

EDIT: This article seems to be popular, however readers should note it is from 2011!  Check out the updated article here:

Upgrading DirSync to the Latest Version

—————-

As Microsoft has already stated, the new 64-bit version of DirSync.exe is not installed or configured differently than its 32-bit predecessor.  However, as a tinkerer, I wanted to verify this and have a look under the hood anyway!

Below are some screenshots of my experiences and insights along the way:

Before you start: Read and follow the instructions!  In this article, I assume you’re at the point where you’re actually ready to install this product.

1. First I installed the .Net Framework prerequisites as well as my favorite MMC snap-ins onto a new Windows 2008 R2 server. You can do this using the following two lines in PowerShell Import-Module ServerManagerAdd-WindowsFeature NET-Framework,RSAT-ADDS -Restart
2. Then I ran dirsync.exe (downloaded from the portal.microsoftonline.com site).a. NOTE: Microsoft didn’t bother to change the installer’s executable name (dirsync.exe). This may be confusing if you plan to download and store both x86 and x64 versions. DirSync Install Screenshots
3. A few clicks of the “Next” button… DirSync Install Screenshots
a. NOTE: We install to the “Program Files” directory. If this were a x86 application we’d be using “\Program Files (x86)” DirSync Install Screenshots
b. NOTE: This screen may take 5-10 minutes. It’s installing a few things in the background:i. SQL 2008 R2 Expressii. Forefront Identity Manager 2010 (FIM)iii. Configuration of the FIM Management Agents (MAs) DirSync Install Screenshots
DirSync Install Screenshots
4. Once the background tasks have completed, you’re able to run the Configuration Wizard. This is where you will need to have your Office 365 tenant prepared and credentials identified, etc. DirSync Install Screenshots
5. Next… Directory Synchronization Configuration Wizard Screenshots
6. You should have created this account earlier. Whatever you put in here will be stored within FIM, and if you ever change the credentials, you’ll need to re-run this setup wizard. Directory Synchronization Configuration Wizard Screenshots
a. Or for the expert user: Dive into FIM directly Directory Synchronization FIM Management Agent
7. Here you need to supply your forest’s Enterprise Admin credentials. This username is not saved anywhere, and is only needed once to set permissions for these new objects:a.
Yourdomain\MSOL_AD_Syncb.
Yourdomain\MSOL_AD_Sync_RichCoexistence
Directory Synchronization Configuration Wizard Screenshots
8. Selecting this box enables some extra features required for a “hybrid deployment” / “rich coexistence”, and by doing so you’ll allow FIM to update attributes IN YOUR Active Directory. If this box is not checked, FIM will read-only. Directory Synchronization Configuration Wizard Screenshots
9. Next.. Directory Synchronization Configuration Wizard Screenshots
10. If you’re ready, you can run the initial full synchronization now. Otherwise, you can run it manually at any time.a. Once configured, DirSync runs every 3 hours. clip_image027
11. If you promise to be careful, you can poke around in the FIM configuration. Smilea. Note the “hidden” client UIb. If you get an error when opening the FIM console, log out and then back in. Your account was added to some groups that are not yet part of your login ticket.c. Clicking the Management Agents tab shows both sides of your configuration. “TargetWebService” is responsible for all of the Office 365 configurations and the “SourceAD” management agent contains your Active Directory connector information (double-click them to open).NOTE: Changing the DirSync configuration directly within FIM is unsupported by Microsoft. They would prefer you rerun the previously mentioned Configuration Wizard if you need to make any changes. C:\Program Files\Microsoft Online Directory Sync\SYNCBUS\Synchronization Service\UIShell\miisclient.exeUnable to connect to the Synchronization ServiceDirectory Synchronization FIM Management Agents
12. Finally, be sure to run Microsoft Update again. You’ll notice that SQL 2008 R2 does not have SP1. Download Service Pack 1 for Microsoft® SQL Server® 2008 R2

A New Version Of Office 365’s Directory Synchronization Tool Has Arrived!

Most medium and large organizations using Microsoft’s Office 365 service will also be using “DirSync” to provision and manage user identities. Until now, DirSync has been based on ILM 2007 FP1, which is a functional, but older application, with no x64 support. This means when installing DirSync onto a server, you had to go out of your way to deploy the Windows Server 2008 operating system since the Server 2008 R2 OS is x64 only.

ILM was replaced by Forefront Identity Manager (FIM) 2010, which uses the x64 CPU architecture and as therefore Windows Server 2008 R2 as well.

imageToday (finally), Microsoft announced DirSync can now be downloaded for use with the 64-bit architecture.  This is great news for new Office 365 customers – no more legacy software needed.  However, this does raise a question for existing DirSync users: How do we migrate?

You should check out the announcement for details, but essentially, you reformat and rebuild.  Wait!  Before you start muttering nasty things about Microsoft – the new installation of DirSync will find all of the identities currently in Office 365 and match them up with the appropriate Active Directory accounts in your environment.  There is no downtime for the users.

Exchange Connections Slide Decks

Thanks to all who attended my sessions at Exchange Connections in Las Vegas this week!

As promised, I have uploaded the slides. You can download them here:

 

If you’re looking for slides from other presenters, you can find them here:

 

Speaking at Exchange Connections: November 2nd & 3rd in Las Vegas, Nevada

DevConnectionsWould you like an excuse to get out of the office for a few days?  When is the last time you learned something new?  Or how would you like an opportunity to share fresh ideas on the technology you’re passionate for?

Or heck, maybe it’s just been a while since you’ve been to Vegas?  Winking smile

Join me and other Microsoft enthusiasts at the DEVCONNECTIONS conference this fall!  This semiannual event covers many tracks from Visual Studio to Exchange Server to Microsoft’s hot new cloud products: Azure and Office 365.

In addition to attending some great sessions, I will also be presenting on two topics:

Exchange Online: Administration
Be careful not to fool yourself; Exchange Online (part of Office 365) offloads infrastructure management, but as an administrator, you are still responsible for the administration of your user mailboxes, Internet mail flow, message tracking and more! This session introduces you to the various administrative interfaces of Exchange Online, Forefront, RBAC, provisioning and other operational topics.
Exchange Online: Understanding Archiving and Compliance
Thinking of moving to Office 365? Whether you are aiming for a period of coexistence or a complete migration, your archival and compliance requirements are not going away! In this session we examine the features and functionality that Microsoft provides around retention, archiving, and search.

 

Sign up here, and use the SPKR discount code to save $50.

And if that’s not incentive enough, I’ll close by reminding you that Halloween in Las Vegas should prove to be very interesting…

Microsoft Office 365: A “Tales From The Trenches” Roundtable Webcast

Register for the 7/27/11 Webcast!

The long awaited release of Microsoft Office 365 has arrived. Now what? As nice as it would be to flip a switch and perform your migration, we all know the process is a bit more involved. So, how do you get there from here?

Join Planet and Microsoft experts who’ve been in the trenches participating in thousands of migrations to O365 to date. In this one hour interactive roundtable, they’ll share insights into:

  • Lessons learned from the early Beta adopters regarding the biggest challenges and hurdles to deployment
  • The critical need to address the underlying health of your Active Directory PRIOR to migration, and specific steps for cleaning up your environment
  • Security issues and features
  • Realistic migration timeline expectations
  • A head-to-head analysis of O365 and the competition

There is no cost to participate but space is limited so register today!

REGISTER NOW

 

About Planet Technologies

Planet Technologies is recognized world-wide as a leading expert in the integration and customization of Microsoft technologies, architecture, security and management consulting.  We offer Microsoft based solutions around business intelligence, CRM, collaboration and messaging, cloud services, desktop deployment, SharePoint solutions, unified communications, virtualization and more. Visit us a www.go-planet.com

Cloud-Based BES Services With BPOS / Office 365

blackberry_logoTwo big pieces of news hits the Blackberry administrators and users today:

 

  1. Microsoft’s Hosted Exchange (BPOS / Office 365) will offer free Blackberry licenses (provided you’re already paying for your mailbox)
  2. RIM will soon offer a cloud-based BES service

Read more here:

http://community.office365.com/enus/office365/b/microsoft_office_365_blog/archive/2011/03/16/office-365-and-blackberry.aspx

Stevieg.org: Office 365 – What does it mean for Exchange?

Over the last few days you’ve likely seen a lot of hubbub on Office 365, Microsoft’s next generation of online services. 

Steve Goodman writes a blog over at www.stevieg.org, and earlier today he published an insightful post titled “Office 365 – What does it mean for Exchange”.  In it he provides commentary on multiple aspects of Office 365, from the impact it has on Live@EDU to the Exchange Admin’s job security.

Check it out here:

http://www.stevieg.org/2010/10/office-365-what-does-it-mean-for-exchange