OneDrive sharing replaces traditional attachments in OWA

Using the Office 365 Outlook Web App, you can attach files directly from your OneDrive as Links.


Adding a file automatically takes you to your OneDrive folder.


But what if the file is still on your computer and NOT on your OneDrive… No problem, just click “Computer”


After you select the file, it gives you the option to upload it to your OneDrive and Share a link.


It looks like an attachment from here….2015-02-05_20-41-35

You can also decide if the recipients can modify the document in real time or view only


When the recipient gets the message, it’s a link to OneDrive. In this example, I mailed it to my (hotmail) account.


But what if you sent it a non-Microsoft system, such as Gmail? The user will actually get two messages, and the second one looks like this.


Clicking on the “sign in” word in blue takes you to this page where the user needs to create a Microsoft Account, or logon as one they have.


Now you can send those really big PowerPoint files as links rather than attachments. Typically, companies set limits on how big your messages can be. I typically see message size limits set anywhere between 10 megabyte and 35 megabyte. OneDrive is built into Office 365 and is a subset of SharePoint Online. Oh, and it’s awesome !!


Office 365 Advantages (not found in your typical ads)

I am going to outline some advantages available to current Exchange users that migrate to Office 365.

  • If you have Exchange on premise, it is fairly easy to setup a hybrid environment. This means you can have some users with mailboxes on premise and some mailboxes in Office 365 and your end uses experience seamless communication.
  • Users in the cloud see the same address book as users on premise.
  • Users logon to Office 365 using their email address as their logon name and the SAME password as they do on premise.
  • Hybrid configuration allows mail flow between on premise and cloud users to be seen as internal (SCL = -1) if you understand that.
  • Hybrid allows free/busy lookups between on premise and Office 365 to work when creating a meeting.
  • When mailboxes are moved to the cloud, the Outlook client re-configures itself using the autodiscover service and the same profile is used. This means the Outlook OST file does not need to be rebuilt.
  • Mailbox moves can be ramped up to 99% and held there. When you, the admin clicks “finish migration”, the mailbox move is completed within 10 mins or less and the Outlook client is prompted to restart. This allows you control over when the mailbox is migrated. Very important for those “high touch” end users.
  • Phones experience the same automatic reconfiguration as the Outlook client.

Other advantages in going to Office 365 with the E3 or E4 licenses.

  • 50 GB mailboxes with Unlimited Archive mailboxes.
  • An extremely fast installation of Office 2013 (Word, Excel, Powerpoint, etc) that is branded Office 365. We call this a click to run install.
  • Up to 5 installations per user of this version of Office. The license is tied to the user’s Office 365 credentials, so the end user can install Office at home, and when they are no longer with the company, their license expires. No more handing out CDs with the product key written on it with a sharpie (Hoping their kids won’t get a hold of it.)
  • OneDrive with UNLIMITED storage; OneDrive is built into Windows 8.1 and Windows 10
  • Continuous updates to Office 365 online portal (you may know this as OWA) allowing you to take advantage of the latest features without any effort from you, the administrator.
  • High Availability that would cost way more if you tried to implement on premise.
  • The administrator will never have to worry about backups again.
  • End to end encryption is available without having to install an additional appliance such as ZixGateway or Entrust appliance.
  • Ability to keep all mail with “in place hold” feature for a desired duration (such as 7 years), including deleted mail which does NOT affect the 50 GB mailbox quota.
  • The ability to link URLs (Web addresses) that point to large files stored in your OneDrive rather than using traditional attachments. Can’t attach that 100 megabyte powerpoint or visio document? No problem with OneDrive linking.

I haven’t touched on ALL the advantages, but hopefully this will give you some technical insight to the advantages of migrating to Office 365. In future posts, I will go deeper into these advantages.


Low Disk Space Alert Script

If backups should fail, or there is a mail storm…
How can I get alerted when the Exchange database transaction log disk is almost full?
It’s not a good day when the database dismounts because the TL disk fills up.
The info below is a script that will email you an alert when the TL disk gets under 10%

When a logical drive gets to 10% free (DiskSpaceThreshold) or 400MB left (LowDiskSpaceMinimum), the system log has an event ID 2013 generated.
These are defaults built into the OS.
If you want to change either of these settings, you have to create the registry key.

I assume you don’t have an enterprise program such as SCOM that monitors events… well then this powershell script is for you.
I created a task in task scheduler. I called it “LowDiskSpaceEventID2013”. I manually ran it to make sure it works properly, hence the last run time. (I had it send email to me while testing)

We probably want to change who it runs as, like a service account….

If I click on “Edit”, it has these properties

I put the script in the D:\WorkingFiles folder, the script is called SendMail.ps1. See the attached file.
The powershell script that can email someone internally.
If I point the server to itself when sending out, I get this error

The whole script looks like this

#SMTP server name
$smtpServer = "ex02.domain.local"
#Creating a Mail object
$msg = new-object Net.Mail.MailMessage
#Creating SMTP server object
$smtp = new-object Net.Mail.SmtpClient($smtpserver)
#Email structure
$msg.From = ""
$msg.ReplyTo = ""
$msg.subject = "Low Disk Space on EX01"
$msg.body = "Event ID 2013 has been generated on EX01. Disk space is below 10% or 400MB"
#$msg.IsBodyHTML = $true
#$msg.body = get-content .moves.htm
#Sending email

I exported the task to an xml file.
Then I imported this task on the other exchange servers.
I copied the script and modified it for each server

The email message looks like this:

Testing Open Relay / Allowed Relay using PowerShell

In my previous post, I posted a script which emails me move reports from office 365. A subset of that script emails using a non-authenticated connection.  This code allows you to test an open relay too… In many ways much easier than using Telnet. So here is that code again. 

     #SMTP server name
      $smtpServer = ""
     #Creating a Mail object
      $msg = new-object Net.Mail.MailMessage
     #Creating SMTP server object
      $smtp = new-object Net.Mail.SmtpClient($smtpServer)
     #Email structure 
      $msg.From = ""
      $msg.ReplyTo = ""
      $msg.subject = "subject"
      $msg.IsBodyHTML = $false
      $msg.body = "Hello world, testing relay"
     #Sending email 

Office 365 Move Report

I have been doing a lot of Office 365 lately and I’ve been getting very “tired” of checking the status of mailbox moves at night. I get on the pc, check the status of the moves, then go back to the family. Yea, right…. I check the moves, go to youtube, and 40 mins later my wife asks “Have I lost you again to the box?”

I have to first connect to the cloud with the three magical commands in powershell.

 $O365Cred = Get-Credential
 $O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $O365Cred -Authentication Basic -AllowRedirection
 Import-PSSession $O365Session

The script emails me a progress report of mailbox moves every 10 mins. It needs to “relay out”, so I make sure I’m either pointing to the exchange server (or another server) that allows me to do this.

The “how many times it emails me” can be changed by modifying the do-while loop parameter. Currently the loop is set to 5 times. {while ($i -le 6)}
The “how often it emails me” can be changed by modifying the Start-Sleep parameter, which is set to 600 seconds {Start-Sleep -s 600}
Change the smtp server from   $smtpServer = “”   to the server that will relay for you. Change the From and To addresses to your liking, and you are all set.

I was able to check my email account and see updates from my phone.

Here is the script:

$i = 1
 do {
#Get Statistics on move requests, sort by percent complete
$Moves= Get-MoveRequest | Get-MoveRequestStatistics | select-object Alias, TotalInProgressDuration,PercentComplete| sort-object PercentComplete
$Moves  |ConvertTo-Html |out-file Moves.htm
#So i know what's happening, I have it write to the screen that it's sending mail
Write-Host "Sending Email"
     #SMTP server name
      $smtpServer = ""
     #Creating a Mail object
      $msg = new-object Net.Mail.MailMessage
     #Creating SMTP server object
      $smtp = new-object Net.Mail.SmtpClient($smtpServer)
     #Email structure 
      $msg.From = ""
      $msg.ReplyTo = ""
      $msg.subject = "MoveReport"
      $msg.IsBodyHTML = $true
      $msg.body = get-content .\moves.htm
     #Sending email 

#Pause for 600 seconds (10 mins) 
Start-Sleep -s 600
 while ($i -le 6)

DirSync generates 10,000 email alerts

While DirSync is a nice canned version of FIM, I have found it can run in a wild loop. By Default the DirSync tool runs every 3 hours. If there are any errors, it generates an email to the technical contact’s email within the tenant configuration.

I was able to make it generate about 2 or 3 email conflict reports per second. That equates to 10,000+ emails in an hour.What caused this? Having an active directory forest with multiple domains. To understand let’s say there are two bob jones. One with a default UPN of and, and let’s say for clarity these are also represented by the names chicago\bjones and madison\bjones, as in domain\samaccountname. Technically there is no conflict. The UPNs are unique across the forest and the samaccountnames are unique within each respective domain.

Using a powershell command I can set the UPN suffix to for both accounts. It should be noted that the ADUC utility will prevent conflicts from occurring, thus allow changing the first one to, but then prevent the second one from being changed to

After there became two UPNs, DirSync found itself in a loop. When it generates a sync report to the technical contact on the office 365 tenant, it did so at a rate of 2 to 3 per second. This would not stop until I made one account different, such as

I changed it to make every account the same as their email. What I didn’t expect what that bob jones in chicago, his logon account might have been chicago\bjones, but his configured email was The administrator ran into a conflict while creating the email account in the Exchange management console (EMC) and unchecked “Use Policy” and gave bob in chicago a non standard email address.

Lessons learned: Set the UPN prefix to the prefix the the default email address, and then set the suffix to

Besides, I have run into places where you may logon as bj9874 and your email is I would think you really want everyone logging in using their email address on office 365 portal, rather then their userid.

It’s worth noting that the prefix of the upn is, by default, is the same as the samaccount name when you setup the account in ADUC or EMC.


SPF ending “all” word explained

While creating a SPF record on Microsoft’s wizard, I noticed this question

Does {your email domain} send e-mail from any IP addresses that are not identified in the above sections?

There are several radio button options.

  • Yes; mail may legitimately originate from IP addresses not identified above.
  • No; this domain sends mail only from the IP addresses identified above.
  • Neutral; this domain makes no statement about whether mail may legitimately originate from IP addresses not identified above.
  • Discouraged; mail may legitimately originate from IP addresses not identified above, however, use of such IP addresses is discouraged and may not be permitted in the future.

At the end of the spf record there is the word “all”, for example my spf record is this:

v=spf1 ~all

See the ~all at the end?

There are other options, each corresponding to the options above.

Yes is +all

No is  -all

Neutral is ?all

Discouraged is ~all