Tag: PowerShell

Office 365 user names with ADSync have the OnMicrosoft.com Domain

So I have been working on a Exchange 2016/Office 365 Hybrid solution. Part of the setup is to install and configure ADSync which depending on the day of the week it could either be a Office 365 or Azure Utility. I have honestly installed this tool several times, and it is never in the same place every time I need to download it.

Once ADSync is installed, It will sync your Local AD Users to Office 365/Azure AD. Depending on how you configure the Sync, it could synchronize the whole AD Forrest, an OU (or Multiple OUs), or a Group. In my case I selected 1 of our OUs.

Within 30 minutes all of my users in that OU were sync’d with Office 365/Azure AD. However all of my users had a @company.OnMicrosoft.com user name. Normally this would not be a problem, however I am sure this would be confusing to some users. I also noticed that the usernames were also not consistent either.  Some of them looked like this:

[email protected]

or

[email protected]

After scouring the internet I found nothing on how to fix this for my users. I was just about to open a ticket with Office 365 Support when I found a Technet Article that talked about how the usernames are generated when using ADSync.

To Paraphrase the article, the username in Office 365 is set by the user’s Alias set in Exchange. Which led me to believe that we really have some inconsistent naming going on at my office but that is for another day.

The Article also covered how to change the user names. This let me to believe that I could use this same method for changing the domain name as well, and it worked!

Here is what you will need to do

Connect to Office 365:

Connect-MsolService

Then use this command:

Set-MsolUserPrincipalName -UserPrincipalName [email protected] -NewUserPrincipalName [email protected]

If you don’t get an error message then you should be able to click the refresh button in Office 365 for the user account and you will see the new name.

The Woes of being a SysAdmin…..

So last night I was called into our Data Center due to an outage. Once everything came back up we noticed an issue with our Exchange Archive Server which lives at that Data Center. From outlook we were not able to access our In-Place Archives, however we could do it from OWA (Weird Right?)

This morning I looked into the issue further and when I tried to open the Exchange Management Shell on that server I got this message 3 times.

New-PSSession : [ServerName.domain.local] Connecting to remote server ServerName.Domain.local failed with the following error
message : [ClientAccessServer=ServerName,BackEndServer=ServerName.Domain.local,RequestId=2de56d73-34a8-46a9-9bdd-5c023e960cb5,
TimeStamp=8/6/2018 3:14:08 PM] [FailureCategory=Cafe-SendFailure]  For more information, see the
about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI “$connectionUri” -ConfigurationName Microsoft.Excha …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme….RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed

So I tried to google this error message and let me tell you, if you try, good luck. There was literally no information about it. I then ended up googling this part of the message:

FailureCategory=Cafe-SendFailure

This let me to a Microsoft Answers thread which guided me to look at another blog which then said to check the SSL Binding on both the Website and Exchange Back end in IIS on the host. I discovered the the Exchange Back end did not have a binding for port 444. So I pointed it to the proper certificate and after and IIS reset it worked like magic.

How to install PowerCLI

Recently VMware has changed the way you install PowerCLI from being the standard MSI installer that we have all been used to for years, to downloading and installing it from the PowerShell Repository.

Here is the process for installing PowerCLI:

Open PowerShell by running it as an Administrator

Once PowerShell loads up you will want to change the Execution Policy to Remote Signed

Set-ExecutionPolicy RemoteSigned

Once that is done you can install PowerCLI by running this command:

Install-Module -Name VMware.PowerCLI -Scope CurrentUser

You will then be prompted at least twice to give your consent to download and install from an untrusted repository.

Unable to import Infoblox 7 OVA into vSphere 6.5

The other day I was tasked with deploying a Infoblox OVA in our Lab environment. I was under the impression that this was going to be a simple task however I found out from my Coworkers that about 3 people had already tired to deploy it an all had failed. After spending WAY too much time on this task I eventually figured it out. Here are the steps I took to get this working in my lab.

First I started out by just trying to install the .OVA the normal way using the Deploy OVF Template Wizard hoping that my colleagues were just having permissions issues. Then I was greeted with this  screen below.

I then thought maybe something was wrong with the .OVA so I researched how to convert a .OVA to a .OVF and manually import it that way. It turns out all you need to use is use a product called 7zip and use it to extract the files from inside the .OVA.

Once you go into the new directory you just created you will see that the .OVA is made up of 3 files

I then tried to import those files and got the same result. Yay for consistency!!!

I then did some more reading and found that the issue may have been caused by a checksum error of the .ovf file so I found a PowerShell command that will tell me what the checksum of the .ovf file was

$(Get-FileHash .vmname.ovf -Algorithm SHA1 | Select -ExpandProperty Hash).ToLower()

You then take the value that Powershell kicks back and put it into the vmname.MF file. You can open this file with any text editor. You should take care when pasting the checksum hash value into the .MF file that you only use lower case letters.

After that was all done I tried to import the .OVF which means you have to include all 3 files. I still had the same result. Then I reread the error message and found that the .MF file was referencing a file that did not exist is the .OVA.

nios-7.3.17-358620-2017-07-14-00-21-09-160G-1410-xen.ovf

So I went back into the .MF file and deleted the value that was not needed and tried the import again.
This time I was met with a different message

Issues detected with selected template. Details: – 17:3:SECTION_RESTRICTION: Section Product Section (Information about the installed software) not allowed on envelope.

After banging my head against my desk and cursing out by boss for a while I went back to the Google to find out what this error message means. 
It turns out that this is in fact a know issue with Infoblox and they are planning on fixing it in version 8.2. However to get past this they recommend connecting directly to the virtual host and deploying it that way. You can read more about it on this blog that I found while searching for a fix.
So I connected directly to my virtual host and attempted to deploy it from there when I get this message
The host is currently being managed by the vCenter Server with IP Address xx.xx.xx.xx. Changes to this host during the session may not be reflected in the vSphere Client sessions currently viewing the vCenter Server.

I then discovered I would need to disconnect my ESXi host from vCenter to make this work. Fortunately I discovered that by connecting to my ESXi Host using SSH I could stop the services necessary for communication with vCenter.

So I connected to the host via SSH and ran the following commands
/etc/init.d/vpxa stop
/etc/init.d/hostd restart

I attempted to deploy it again and it was successful. I then ran /etc/init.d/vpxa start to set everything back to normal, did a few refreshes in vCenter and we were good to go. 

I hope this helps someone out there with the same issue. 

Exchange 2016 – Powershell Virtual Directory not working

So one of the projects that I have been working on lately is to setup a Mobile Device Management (MDM) solution for my company. One of the requirement to get email to Sync for the mobile devices was to connect the MDM server to our internal Exchange 2016 server using PowerShell.

One of the issues that I had been running into for a few days was that the MDM was not able to authenticate to our Exchange Server. I went through everything I could think of to fix this issue and to get it working (Check Firewall ports, SSL Certificates, User Permissions) but nothing was working. Then I remembered back to an post I did on here before about Active Sync and how I had to use a PowerShell command to recreate the Virtual Directory with the correct URL at the time of creation otherwise it will cause PowerShell to fail when you try to connect to it externally.

Well the funny thing about this whole situation is that during my troubleshooting I had to remove the PowerShell virtual directory in order to recreate it. Well… It turns out when you remove the PowerShell directory it also disconnects your PowerShell session to the Exchange server. Now fortunately I have a second Exchange server on the same Domain so I was able to run the command to create a new PowerShell Virtual Directory on that server and after turning off the Require SSL check box I was able to connect to the server again. Also my connection to the MDM Server was working as well!!!

Here is the command s that I should have used to create the PowerShell Virtual Directory.

To Remove the PowerShell Virtual Directory:

Remove-PowerShellVirtualDirectory “Powershell (Default Web Site)”

To Create the New Virtual Directory:

New-PowerShellVirtualDirectory -Name Powershell -RequireSSL:$False



To Reset IIS

IISRESET /noforce