Showing posts with label Microsoft Office 365. Show all posts
Showing posts with label Microsoft Office 365. Show all posts

Thursday, March 1, 2018

G Suite Calendar Interop: share free/busy data between G Suite and Office 365!

Google has recently released a new version of Calendar Interop which includes the much-anticipated support for Office 365. In light of this--as well as the old version being deprecated--we have run into a few clients that found the available instructions a bit hard to follow.

That's where Interlockit.com comes in to save the day! We're getting straight into the technical details in this post, so put on your geek face and pour yourself a fresh coffee before jumping in.

Prerequisites!


  • Access to a G Suite Super Admin account.
  • Access to an Office 365 Global Admin account.
  • One spare G Suite license to use as a role account.
  • You will need to know how to connect to Exchange Online Powershell and run simple powershell commands.
  • Users must not have matching accounts in both G Suite and Office 365; both systems will prioritize internal users and ignore Calendar Interop if an internal user is found during lookup.

Create role account


In order to facilitate sharing of calendar information between your G Suite and Office 365 tenant, a role account must exist on each side.

On G Suite


  • Sign into your Google Admin Console and go to the Users section.
  • Configure a new regular user account (no admin privileges) with an email address of your choosing. I recommend “interop@yourgsuitedomain.com”.
  • It is recommended this account be used exclusively for calendar interop.
  • Go ahead and set a permanent password right away and keep it ins a safe place. We will need to log in to this account to complete steps later in this guide.

*tip: leave the Admin Console open until you have completed this guide, as you will need it in following steps.


On Office 365

  • Configure a new mail-enabled user (no additional privileges) using the New-MailUser cmdlet in Exchange Online Powershell. Example:

    New-MailUser -Name "Calendar Interop" -ExternalEmailAddress interop@externaldomain.com -MicrosoftOnlineServicesID interop@your365domain.com -Password (ConvertTo-SecureString -String ‘yourpassword' -AsPlainText -Force)

  • The name can be anything, so be descriptive.
  • This email address must not exist in Office 365 as a user or contact. The role account shouldn’t need to receive mail, so it doesn’t really matter what address you use here.
  • This email address must use an accepted domain in Office 365. This address will not accept mail, but behaves like the user ID for the role account on your tenant.
  • Set any password you like. It must be within ‘single-quotes’.
  • It is recommended this account be used exclusively for calendar interop.

*tip: leave Powershell open until you have completed this guide, as you will need it in following steps.

Create an Office 365 availability configuration


In order to give our Office 365 role account the ability to feed free/busy data to G Suite, we must create a new availability configuration and assign it to the role account using the New-AvailabilityConfig cmdlet in Exchange Online Powershell:

New-AvailabilityConfig -OrgWideAccount “Calendar Interop”

Make sure you use the same name in quotes used when first setting up the Office 365 role account.

Configure the G Suite admin console

  • Sign into your Google Admin Console and navigate to Apps > G Suite > Calendar
  • Scroll down and expand the “Calendar Interop Management” section.



Add the availability address space in Office 365

  • From your G Suite admin account, open Google’s Credential Generation Tool. Check the box, and click “Generate new credentials”


  • When prompted, sign in with the G Suite role account you created earlier. It will ask for permission to access calendar data. Click “Allow”.

  • Click “Download”, and save the credentials.dat file somewhere safe--you will not be able to retrieve this file again in the future without breaking the setup, requiring you to repeat all the steps in this section.


  • Click “Choose File” and select the credentials.dat file you downloaded in an earlier step.
  • Select “Exchange 2013 or newer, including Office 365”
  • Enter the user ID of the Office 365 role account, in this example we are using “interop@your365domain.com
  • Enter your G Suite domain in the field asking which address space you wish to add to exchange. In this example we are using “yourgsuitedomain.com”.
  • Click “Show Exchange Setup”.
  • You will be presented with the following page:

  • Copy-paste the above section of green text into Exchange Online Powershell. You may need to hit “Enter” once each command completes, until all the commands have been run.

Create contacts for your G Suite users in Office 365


In order for Office 365 to display the free/busy data for a G Suite user, that user must be represented as a contact in the Office 365 system:


You’re all set!

Now you can create a test event in a G Suite user account and an Office 365 user account respectively, to test that each are able to see the free/busy indicator of the other.

*tip: it may take a few hours for the Exchange Online settings in Office 365 to propagate, so if your initial tests don’t work, wait a few hours and try again before taking troubleshooting measures.

Google provides a Troubleshooting tool but it is limited in functionality. If you get lost, give me a shout over at Interlockit.com and we'll get you sorted in no time! Now, don't you feel like you deserve another coffee?


Friday, March 3, 2017

A solid cloud CRM

Sales are one of, if not the most important part of any business. They're what make your business tick, so you may be wondering; how many opportunities are slipping through the cracks? What is my sales team doing everyday? How much money will we make this month? Am I doing everything I can to grow my revenue? These are all perfectly valid and important questions that need answers. However, it's imperative to understand that it's ultimately the tools that we use which define our efficiency and productivity for an optimized sales cycle - much like a dull ax versus a sharp ax when chopping lumber.

We are in an age where manual tasks need to be automated to save us time and precious resources. Google's G Suite is an excellent example of a tool that not only improves business IT systems, but permanently removes the need for costly maintenance, frequent upgrades, and hefty equipment. G Suite is what one could call a 'smart' IT system. A tool that's simple to use, and now with machine intelligence, learns user computing patterns to optimize a business for growth. We rave about G Suite because it's the most solid business solution out there. What about a CRM solution at a similar caliber? Enter Copper.


It's a cloud CRM that your team will actually use. It will give them the insights they need to sell more. It will give them a repeatable sales process they can easily follow, and best of all, it will give you full visibility to coach them to success. It's the cloud CRM that was built for automation, enabling users to focus on making the sale.

A competitive product like Salesforce.com was launched in 1999, long before the majority of sales activities revolved around email and web based marketing. It's an expensive product designed for a different time when phone calls and other traditional sales methods were dominant.

Since the majority of your sales team's interactions happen over email today, wouldn't it be great if your CRM was designed to link up with everything in your inbox and save you oodles of time doing data entry of new contacts or copying email content into tasks? This is how Copper is different from the competition. It was designed from the beginning to run on top of G Suite and your email inbox. It provides integration so deep that it feels like just another module of G Suite. It was built when email and web marketing were already dominant sales processes.

Copper runs on Google's own exceptional cloud computing platform for high performance, security, and reliability. It's intuitive like most Google products so businesses can be up and running in no time even with no assistance. Built for the G Suite ecosystem—from Gmail and Calendar to Contacts and Drive, it provides users the unified experience across the tools they use everyday. For instance, sales teams can interact with their customers from within Gmail and Google Hangouts while they work on customer proposals and sales forecasts with Google Docs and Drive. It helps users identify, track, and optimize sales contacts and opportunities. Users can easily manage entire sales pipelines with automated systems that eliminate data entry, allowing them to focus on closing more deals. Among all the amazing things Copper is capable of here's a quick rundown of the basics:

Drive Sales
Forget about data entry and lost emails. Track emails from within, automate and assign tasks, track team activity, and use multiple sales pipelines and VoIP calling. Copper now integrates with RingCentral.

Get Visibility
Get Pipeline reports, lead and sales dashboards, forecast management, and get full visibility on activities and opportunity tracking.

Take Action
Set sales goals, create a competitive environment with leaderboards, help your teams prioritize their day with custom dashboards and much more.

The immediate gain from a CRM is an increased ROI. With Copper, users also reap the benefits of enhanced customer acquisition and retention, sales automation, and a repository of all customer information. It works perfectly from small to medium sized businesses to larger companies like Udacity and Peugeot. It's a scalable solution that helps get the job done simply and beautifully.

Have a feeling your team could be more productive? Click here to try Copper for FREE! Contact us today to learn more about Copper and G Suite for your business.

Thursday, October 6, 2016

New names & new tricks!

With business demands growing and companies looking to boost productivity, it's equally important for tech tools to evolve and keep up the pace. The digitization of businesses in particular makes it necessary for modern tools to reinvent/improve upon their predecessors. We hear our customers with different requirements calling for more refined products to be offered. So far, Google has delivered and maintains it's superiority over other 'cloud' platforms with its frequent updates.

Google Apps is the backbone of millions of companies across the globe. The cloud apps are not standalone apps, but rather a complete suite of intelligent applications that work harmoniously to provide users with an exceptionally fluid and seamless collaborative experience. Not only does Google continue to improve usability and features, but they've gone so far as to update the name of their applications to better reflect their mission; for technology to live up to its promise for us at work and help us cut through the noise so we can work together and focus on what matters. Just last week Google introduced 'G Suite' (formerly known as Google Apps for Work).

Google Apps is now G Suite Basic
Google Apps Unlimited is now G Suite Business


Since Google frequently introduces new features to their already robust applications, they've introduced yet another great element, and this time to Google Drive; Team Drives.  

In 2012, Google Drive launched to bring all of your work to all of your devices. Today, Drive sits on more than one billion smartphones and as businesses embrace it, a new key need has emerged: teams. We all know that teams need to move fast, be scaleable, and regroup. In order to keep up, Team Drives redefine this model, shifting the focus from individual users to teams. For example, content ownership and sharing can now be managed at the team level, and new roles give more granular control over team content. As the G Suite Updates blog states, "Team Drives help streamline teamwork from end-to-end, from onboarding a new team member (add her to the team and she instantly has access to all of the work in one place) to offboarding a departing team member (remove him from the team and all of his work stays right in place), and everything in-between". Team Drives will be exclusive to G Suite Business users and will begin rolling out to customers through the Early Adoption Program

Although these are incremental updates, they have a profound impact on the way we conduct business in teams. If you're looking for an exceptional suite of business productivity apps, unlimited cloud storage, e-discovery, archiving, Team Drives and much much more, G Suite Business is your solution. Get in touch with us today to assist your ascendance to the tech Cloud. Our G Suite deployment specialists are ready to lead and assist your implementation. 

Friday, March 4, 2016

Hybrid Cloud - Not a permanent solution


InterlockIT - We're a pro-cloud company and proud of being part of a disruptive way to providing cheaper, more convenient, and simpler business solutions that work.

Many cloud prospects over-complicate the process of divorcing their on-premises system by wanting to implement a hybrid cloud architecture as a long-term solution. A hybrid cloud is a combination of private cloud combined with the use of public cloud services where one or several touch points exist between the environments. The purpose of this setup is to conjoin services from a variety of cloud models to create an automated and easy to manage IT infrastructure.

As a cloud strategy company, we can confidently say that hybrid systems are not a permanent solution. CTOs rush to adopt cloud technologies for a number of reasons such as lower costs, increased agility, mobility, and so on, but many fail to understand that embracing a hybrid system is a journey with a final destination - the cloud. It shouldn't be a never-ending journey and for good reason! Each organization's cloud migration is different depending on the company size and infrastructure. Larger companies that rely more heavily on legacy systems may run a hybrid cloud system for a longer period of time than smaller companies that are comfortable moving more quickly. To understand why hybrid systems work better as temporary solutions it's important to recognize a few major misconceptions. Amazon Web Services outlines some of these myths in their post.

A common assumption companies make about hybrid systems is the ease of moving applications between their on-premises and cloud architectures. It's crucial to understand that cloud and on-premises infrastructure are not equally capable. Simply put, companies move to the cloud for features that enable them to have true elasticity, security, fixed costs, and improvement updates. On-premise systems and private clouds don't have this versatility and therefore cannot be permanently unified with the public cloud without drawbacks. Companies that do adopt a hybrid cloud system are often presented with technical, business, and management challenges such as the need for hybrid clouds to have good API compatibility and solid network connectivity. Gartner Inc, a leading technology adviser, polled that 95% of private clouds had encountered problems.

Although a hybrid cloud architecture allows for a "mix and match" approach, there is still the issue of cost. Most companies that have a smaller budget usually can't afford a rollout of a hybrid cloud solution. The initial cost of servers on the private end of the scale is a substantial one, and the needs of smaller businesses can typically be well catered to by cloud providers like Google or Microsoft.

Hybrid/private clouds increase the chances of security issues versus public clouds. Maintaining and ensuring that your public cloud provider and private cloud are in compliance isn't a walk in the park. This includes the means of coordination between the two because hybrid systems allow for information to be transported across a network that can be subject to third-party tapping. Additionally, a hybrid cloud operator won't have a comparable budget to spend monitoring their security that public cloud providers like Google and Microsoft have. It's an unnecessary risk that many companies are unfortunately oblivious to.

It can be tempting to prolong the use of a hybrid solution when your company is so accustomed to legacy applications, but you'll often get much better performance from the public cloud element if you find a solution from a specialist provider like InterlockIT. Be sure to contact us to learn more about cloud migration and what we can do to make your IT infrastructure work efficiently and cost-effectively for you.

Thursday, August 27, 2015

How to upgrade Microsoft Azure free trial to a paid subscription

For some reason, it's hard to find instructions on how to convert an Azure free trial into a paid account. If you don't complete this step and your trial expires services like Network Gateways will get deleted.

Here's how to upgrade your free Microsoft Azure trial to a paid subscription.
  1. Log into the admin account that originally set up the free trial.
  2. Click the 'Account' tab along the top.
  3. Under 'subscriptions' you should see Free Trial. Click the yellow bar where it says 'click here to upgrade now.'
  4. Click the 'Yes' button, put in a subscription name and click 'upgrade now.'


That's it! Your Azure account will now automatically convert to a paid subscription without any further interference.

Monday, July 20, 2015

Migration is worth it! - Windows Server 2003 no longer supported

Early last year Microsoft announced that it was ending support for Windows Server 2003 but would continue to provide extended support for some additional time. We addressed this in an older post and pointed to an alternative solution, Google Apps.


Here is some breaking news if your business is still running on Microsoft Windows Server 2003:

Last week, Microsoft announced its discontinuation of extended support for Windows Server 2003. So what does this mean? It means Microsoft will no longer provide fixes, updates, or technical assistance. This also means no more security updates, leaving physical and virtual instances vulnerable to any and all new security threats, which have been increasingly damaging.

Businesses that are still running Server 2003 face a number of vital considerations. It’s been over a decade since its release and the computing world has changed drastically since. Although the Windows Server 2003 platform worked well in its time, it’s now become a liability and a limitation for organizations still relying on it. Waiting to upgrade is both expensive and risky as you’re now susceptible to security threats and paying hefty fees to maintain old hardware. It's now time to leave the obsolete server and update your business' infrastructure.


Leaving Windows Server 2003 is an opportunity for change. So where do you go? Windows Server 2012 R2, Microsoft Azure, and Office 365 are all concrete solutions with great benefits, including improved performance, reduced maintenance requirements, increased agility and speed of response to business. Microsoft recommends collaborating with a partner to help execute a successful migration strategy. We have, not one, but two Microsoft Silver Competencies and are here to help you!

Alternatively you could step into the Google infrastructure and perhaps find that it's better suited for your specific business needs.

You now know that you are at the end of your Windows Server 2003's life cycle, contact us today to pave your way to a successful and permanent migration to the cloud! Migration is worth it!

Thursday, June 11, 2015

Microsoft Cloud touches down in Canada!

Last week, Microsoft made a game-changing announcement: Microsoft will be opening two Canadian data centres that will offer Office 365, Azure, and Dynamics CRM services.

Our team here at Interlock IT has been leading Office 365 implementations since 2010 and has noticed a dramatic increase in interest from our clients in moving infrastructure to the Microsoft Cloud.

There are some compelling reasons to switch your email or Exchange Server to the cloud; whether you want the latest and greatest updates, Microsoft's subscription-based licensing models, or are trying to reduce costly infrastructure overhead. There is also the incentive of exclusive services and capabilities only available through the cloud, like Yammer, an enterprise social networking service, Delve. machine learning and artificial intelligence which helps you discover what's most relevant and important to you, and Office 365 Video, an intranet-style website portal to post and view videos in your organization. It is a mobile-first, cloud-first age in which Microsoft's cloud-centric roadmap for its flagship products will pave the way for you to stay ahead of the competition. This is the platform you want to be on.

However before this great announcement, the fact that infrastructure and data would be based outside of Canada and potentially subject to foreign laws and regulations such as the PATRIOT Act would sometimes dismiss consideration of the cloud for many of our clients. To have data located outside of Canadian borders is violation of some company's policies and therefore a sticking point. This has been a cloud deterrent for many, until now.

Some key points to note:
  • General availability of Azure is anticipated in early 2016, followed by Office 365 and Dynamics CRM Online in late 2016.
  • The data centers are to be located in the Greater Toronto Area and Quebec City (specific locations have not been announced for security reasons.)
  • Microsoft will address data residency considerations (you can specify that your data will only reside in Canada.)
Can existing Office 365 tenants be transferred into the Canadian data centers? Will the pricing model be proportionate? Will performance be as robust? Will updates be released on the same schedule? All these questions come to mind and we anticipate answers in the coming months. Microsoft is finally ready to plant its flag on Canada's growing cloud industry as it hopes businesses will invest more in its ideas than its hardware and we begin to see a new dawn of cloud computing within our borders.

Monday, June 1, 2015

Collaboration at its finest! Office 365 Groups and how it compares to Shared Mailboxes, Distribution Lists, and Site Mailboxes

It's often been said that being social is, as a species, our most defining characteristic. We work and play in groups so we can talk, listen, collaborate, interact, and ultimately accomplish something.

These days, collaborating with colleagues can be a real challenge. You have various conversations happening all the time, a multitude of files stored in various places, and countless meetings to co-ordinate and keep track of. People need to be able to get together quickly in order to organize into a team and get stuff done. Members of a group know and trust each other, converse, and share reports and files.


The new groups in Office 365 can make this all a breeze. Groups not only allow you to collaborate but also extensively increase productivity and efficiency. So what is a group? A group is a shared work space for email conversations, files, calendar events, and more where group members can conveniently collaborate and find the important stuff in a sea of noise. Groups enable your company to work like a regular old offline network by simplifying the collaboration process and by connecting you to the people, information, and tools you need.

Creating a group or joining one that already exists is very easy, but keep in mind that groups are public by default, so while you can connect right away without waiting for permission, anybody else in your organization can as well. (You can also set up private groups, but this is a one-time only option; once you've selected a group's visibility, it can't be changed.) Each group features an inbox to keep everyone in the loop on all the latest discussions, as well as a dedicated calendar and document repository. Once you've subscribed to a group you can take part in any of its discussions from your own Office 365 inbox.


When there is a need to meet, group calendars make it a seamless process. Any group member can create or update events to keep the team involved, even if a group manager isn't available. To track group events, just add them to your personal calendar or display the group calendar next to your own.




Because collaboration usually involves working on content, file sharing is essential. One click is all it takes to upload files to OneDrive for Business and grant group members permissions to use them. You can edit or co-author from Outlook web app using Office online. As you work, the side-by-side conversation lets you discuss the changes without leaving the context of your inbox or document. When you're finished, groups automatically makes the latest version available to every member. You can even take your team with you on the road since groups are mobile- and touch-friendly so you can stay on top of conversations, events, and content from any device.


Microsoft offers a range of email collaboration tools including distribution lists, site mailboxes, and shared mailboxes. Each of these options has a different purpose, user experience, and feature set. It can be a little overwhelming to decide which tool is right for you, so here is a brief outline to help you decide which is appropriate for your business.
  • Group: A shared workspace that works across all applications in Office 365. This includes a shared inbox, calendar, and OneDrive for Business site for storing files. Users can create, find, and join Groups right from their email or calendar. New and existing users with an Exchange Online or Office 365 subscription can use Groups.
  • Shared mailbox: A mailbox for select users to read and send email messages and share a common calendar. Shared mailboxes can serve as a generic email address (such as info@companyname.com or sales@companyname.com) that customers can use to inquire about your company. When the 'Send As' permission is enabled on the shared mailbox, email sent from the mailbox will use the generic address (sales@companyname.com).
  • Distribution list: A distribution list is used distribute email messages to two or more people at the same time. Distribution lists are also known as mail-enabled distribution groups. A variant of the distribution group, called the dynamic distribution group, is a mail-enabled Active Directory group object used to send email to a large and evolving group of recipients. The exact recipients are determined by filters and conditions that you specify, such as all members of a particular region or full-time employees.
  • Site mailbox: A site mailbox includes SharePoint Online site membership (owners and members) and shared storage through an Exchange mailbox for email messages. A site mailbox brings Exchange email and SharePoint documents together. It serves as a central filing cabinet for the project, providing a place to file project email and documents that can be accessed and edited only by site members. In addition, site mailboxes can have a specified lifecycle and are optimized to be used for projects that have set start and end dates.
These tools are designed to help teams collaborate effortlessly, however groups can be used to replace shared mailboxes or SharePoint sites in some instances. Site mailboxes have project documents that are stored on a SharePoint Online site and team members send and receive project related email via the site mailbox. Shared mailboxes are used by users who delegate working on behalf of a virtual identity (e.g. support@companyname.com) and respond to email as that shared mailbox identity. Finally, Groups are generally used by users who want a collaboration workspace for their group messages, files, and calendar that is integrated with the Office 365 services that they already use. 

Office 365 groups is part of the first phase of Microsoft's plan to integrate Enterprise social features across platforms, including Yammer, Lync (Skype for Business), SharePoint, and Exchange Online. Office 365 Groups is the tool to use if your organization does not need a full-fledged social network experience. Groups makes more sense because it's a great alternative to public folders and distribution groups which are normally the go-to tools used for collaboration and collective productivity.

Monday, February 23, 2015

Automated updates: Making work easier



Why should you choose cloud-based solutions over on-premises systems?

Not too long ago you had to run commands in PowerShell to convert an existing regular mailbox to a shared mailbox in the Office 365 Exchange admin console. This was necessary to migrate data into a shared mailbox, since it's currently not possible to migrate directly into a shared mailbox. The process was a little tedious, boring, and required some valuable time, especially if you have little to no experience with PowerShell.


First, you'd connect to Office 365 from an elevated PowerShell console...
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
Then, convert the mailbox and set size quota. Note that shared and resource mailbox sizes increased from 5GB to 10GB in Q4 2013 and increased from 10GB to 50GB in Q4 2014.
Get-Mailbox -identity engineering@domainname.com | set-mailbox -type “Shared” Set-Mailbox engineering@domainname.com -ProhibitSendReceiveQuota 50GB -ProhibitSendQuota 49.75GB -IssueWarningQuota 49.5GB
Assign permissions to specific group to access shared mailbox…
Add-MailboxPermission engineering@domainname.com -User "Engineering Group" AccessRights FullAccess
Finally, remove the Office 365 license. Shared and resource mailboxes do not require a license in Office 365. To remove an Office 365 license from shared mailbox to prevent from being charged for usage, perform the following commands…
Connect-MsolService
$MSOLSKU = (Get-MSOLUser -UserPrincipalName engineering@domainname.com).Licenses[0].AccountSkuId
Set-MsolUserLicense -UserPrincipalName engineering@domainname.com -RemoveLicenses $MSOLSKU
This was the procedure to convert a regular mailbox into a shared mailbox. Now, thanks to automated updates through the cloud, you can have this process completed in a few clicks.

Login to your Office 365 account through the Office portal, and navigate to the Exchange Admin Centre. Once you are logged into your dashboard, click on the Recipients button in the menu on the left. You should now see a list of user mailboxes. Highlight the user mailbox you would like to convert to or from a shared mailbox and click on the convert button as shown in the screenshot below. (You should receive a prompt stating, "Are you sure you want to convert this regular mailbox into shared mailbox?" Click Yes.)

You can also convert a shared mailbox to a regular user mailbox following the same kind of steps. You would go into the shared menu at the top of your recipient list screen and "convert to regular mailbox".

There are many benefits of using a cloud-based solution, one of which is vitally important if you want to save yourself the hassle of setting up your own Exchange server and infrastructure, managing and maintaining desktop Office software, and installing patches and updates every month. The cloud allows you to be free of these restrictions and updates automatically as the example shown above in automating mailbox conversion. Microsoft takes care of all the dirty work so you don't have to. It's like having an IT department that maintains your cloud systems and continues to improve for your efficiency and ease.

On-premises systems will have you waiting and configuring things manually and more frequently. You must consider that implementing the same capabilities as cloud-based solutions requires servers, network infrastructure, IT personnel to install, manage, and update it all (not to mention you still have to buy the software). 

These are just a couple compelling reasons to switch your on-premise system to a cloud-based one. You can now see that cloud-computing is a highly attractive and intelligent proposition if you are looking to make the most of technology today at lower costs and lower risks.

If your current IT provider is still recommending on-premise server solutions, you're not getting good advice! Get in touch with our team at Interlock IT and we'll help make your work easier and more efficient.

Monday, December 1, 2014

Fixing conflicts and errors with Active Directory synchronization to Office 365 and Azure

Sometimes user accounts (or objects) that have been deleted and then recreated on your Active Directory will become out of sync with Office 365 meaning changes to passwords and other attributes won't sync properly. Another cause is a change in the configuration of your Azure Active Director Sync utility, such as changing the SourceAnchor attribute.

DirSync is more common in the Office 365 user base because its replacement, Azure Active Directory Sync was recently released in September of 2014. For a comparison of the two tools visit Microsoft's Directory Integration Tools page.

If you have objects out of sync or conflicting you might receive an error message email every few hours when the AAD Sync utility is run.


You should also see the errors in the Event Viewer and Application Logs on the Windows Server running the utility.

In some cases, the Microsoft's own Office 365 IdFix tool can't find the problem, and thus can't fix it.

By reviewing the contents of userdetails.csv output by the PowerShell command:
get-msoluser | export-csv userdetails.csv
we were able to see that the ImmutableID was set incorrectly due to a prior sync configuration or that the on-premises Object ID shown in the error message above was already connected to another user.

Somewhere along the line, Microsoft removed the ability change or clear the ImmutableID attribute without first disabling Directory Sync for the organization so most internet postings we found while looking for a solution are no longer valid. Some postings showed that back in 2012 you could set the ImmutableID from PowerShell. Today you can only clear it to null if Directory Sync is deactivated.

Deleting (setting to null) the ImmutableID attribute on Office 365/Azure Active Directory solved the sync problem for us. You can no longer change it to match but the directory sync utility will re-populate it for you. Here's how to do it.

Start by disabling the Azure AD Sync Scheduler task in Task Scheduler on the Windows Server that runs AAD Sync:


Next Deactivate Directory Sync on your Office 365 Admin console:



In our experience, it actually takes a couple of hours during business weekdays and about 10 minutes on a Saturday night to deactivate, but it could theoretically take up to 72 hours to complete.

Copy the commands below into a new text file and save it as eraseimmutableid.ps1, change the $upn value accordingly and run it:
set-executionpolicy RemoteSigned
Import-Module MSOnline
Connect-MsolService
$upn = "sampleuser@domain.com
$oid = (Get-MsolUser -UserPrincipalName $upn).ObjectID
Write-Output "Before:"
Get-MsolUser -UserPrincipalName $upn | select userprincipalname,ImmutableID,ObjectID
Write-Output "`n`nAfter:"
set-msolUser -ObjectID $oid -immutableID "$null"
Get-MsolUser -UserPrincipalName $upn | select userprincipalname,ImmutableID,ObjectID
Now re-enable the sync service in Task Scheduler and run it manually.

If you still see errors keep looking at the results of userdetails.csv mentioned above. Search for the email addresses and Object IDs shown in the error message email.

Feel free to reach out to InterlockIT.com for assistance with your Office 365 Directory Synchronization configuration and fine tuning.

Thursday, November 20, 2014

Interlock IT earns two Microsoft Silver Competencies!

Cloud Computing is entering its second second stage of hypergrowth in enterprises. Forrester estimates the public services cloud market will grow to $191 billion by 2020, a huge leap from "just" $58 billion in 2013.

Businesses of all sizes are looking to roll out fully cloud-enabled productivity suites with a minimum of disruption to their business. We've seen a huge uptick in demand for cloud-based systems that remove the stress of administering your own email system or file server and let you focus on the things that matter—like finding new clients or executing on projects.
Early in his career as Microsoft's new CEO, Satya Nadella knew that the way forward both for Microsoft and other businesses was "mobile first, cloud first." Shouldn't your business be able to work from anywhere in the world, on any device, at any time?

Office 365 plans start at $5.10 per user per month and for $12.90 per month the desktop versions of the Office suite are included. At that price managing on-premises email servers or paying for hosted Exchange no longer makes sense.


As a Microsoft Partner with Silver-level Competencies in both Small and Midmarket Cloud Solutions and Cloud Productivity, the team at Interlock IT is well-positioned to help you move from your antiquated email system that doesn't work at the pace of modern business.

Friday, April 11, 2014

The Heartbleed bug and why a secure password matters even more now

In early April 2014, a huge vulnerability was uncovered in a cryptographic software library used by an estimated two-thirds of web servers currently in use around the world. This vulnerability allows an attacker to request data from the memory of any server that uses OpenSSL and potentially read unencrypted passwords, confidential or sensitive information, e-mails, or anything else the server happens to return.

According to Ars Technica:
The leak is the digital equivalent of a grab bag that hackers can blindly reach into over and over simply by sending a series of commands to vulnerable servers. The returned contents could include something as banal as a time stamp, or it could return far more valuable assets such as authentication credentials or even the private key at the heart of a website's entire cryptographic certificate.
Just how bad is this bug? Mark Loman, a malware and security researcher at SurfRight, tested a few public servers after hearing early reports of this bug and noticed that plain text usernames and passwords were being returned to him by Yahoo Mail, one of the world's most widely-used webmail services. Further investigation showed that Flickr, Tumblr, and a number of other Yahoo properties were vulnerable, potentially exposing millions of users to account compromises.

Mark posted a pair of screenshots to Twitter that show account credentials in plain text (see below). Mark courteously obscured the usernames and passwords affected, but it's not hard to imagine other people being somewhat less polite.


Tell me the truth, doctor, how bad is it?

On a scale of 1 to 10, the general consensus is 11. Remember, the servers involved have potentially been leaking their private security keys which means anyone can 'fake' being them, and you'd have no way of knowing for sure.

What does this mean for me?

If you're a systems administrator who controls a number of servers, it means lots of work to get everything patched and authenticating properly again.

One option is to start using a password manager. So many web servers use OpenSSL that it's likely some service you've encountered at some point will be compromised. Limit the attack vectors to your accounts by using unique passwords, and even if someone gains access to that forgotten account you set up once, they won't get access to that important account that you use every day.

Also use two-factor authentication wherever you can. Two-factor authentication protects you even in the event that someone does manage to get your password by requiring a second, randomly-generated "token" that expires every 45 seconds or so to allow you to access your account.

Thankfully, if you use Google Apps or Microsoft Office 365 you're safe. Microsoft doesn't use OpenSSL and instead relies on its own encryption mechanism and Google Apps/Gmail has been using forward secrecy since November 2011. Google is patching other services affected by the Heartbleed bug, but it never hurts to change your password regularly.

Wednesday, July 27, 2011

Office 365 vs Google Apps

We're implementing both Office 365 and Google Apps for customers and are often asked how do they compare?

A lot depends ultimately on your comfort level with change. Microsoft Office 365 has little impact on your current processes and usage of Outlook and nicely takes away the hassles of managing your own servers. However, if you're working on multiple platforms such as Linux and Mac then those users will have to live without features available only to the Windows based users.

Set aside trying to compare Microsoft Office Word, Excel versus Google Docs, Spreadsheets as they coexist very happily. Your power users will still want the advanced features of Excel and Word but users may find everything they need in Google Docs and organically adapt to its simplicity and collaboration tools that avoid the version nightmare often created by file attachments.
  • From a long term cost, simplicity, and reliability standpoint Google Apps wins.
  • From the minimizing the costs of change standpoint Microsoft Office 365 wins.
  • For Mobile devices Office 365 handles email, calendar, and contacts well across most platforms but Google Apps takes it a step further and provides simple document sharing and even document editing on iPads and Android devices.
  • From a rapid innovation, no upgrades/patches to manage, and easy to use collaboration standpoint Google Apps wins.
The Microsoft Cloud Office 365 solution depends heavily on client installed software such as Outlook and Lync for the full experience. Lync for example is ~65 Mb in size and provides the instant messaging, video, audio, and phone calls but doesn't work on the Mac or Linux platform. Google Apps provides a web browser based solution for this that works on most platforms and even mobile devices.

Office 365 is still an excellent step forward and ideal for eliminating some of the costs of managing servers.

As a solution provider focused exclusively on Cloud products we can discuss the pros and cons of each platform relative to your specific needs. We can provide a lengthy detailed document on the differences that can only come from the experience we have implementing both products, but what's most important is which product best aligns to your current needs and long term business goals.

Contact us at Interlockit.com and we'll help you succeed with business technology in the Cloud.

Thursday, January 6, 2011

New Year's Predictions and Milestones Achieved

Interlockit.com has now migrated over 2000 users to Google Apps!

The majority of our larger customers have migrated from Microsoft Exchange Server 2003 but we've also helped organizations of all sizes move away from traditional ISP hosted POP3/IMAP email accounts with Easyhosting.com, Bellhosting.ca, Telushosting.com, Godaddy.com, Networksolutions.com, and even from Hosted Microsoft Exchange at Sherweb.com.

One customer install really highlights an advantage of going all web browser based.  They had attempted to use a Hosted Microsoft Exchange Server solution for their employees spread around the world and in some countries where internet data lines are unreliable.  Going web browser based with Google Apps dramatically improved their ability to communicate and collaborate in real time across the company.  In particular they can finally communicate electronically with their employees in the Democratic Republic of Congo via Google Apps.

We're seing an increase in inquiries for Microsoft Online Services/BPOS deployments also.  Ultimately we deploy what the customer chooses but certainly discuss the pro's and con's of each option.  The head to head competition between Google and Microsoft is great for our customers in the end.

Our number one prediction for 2011 is that the pace of adoption of Cloud Computing solutions like Google Apps and Microsoft BPOS/Office 365 will continue to accelerate; and, as an early adopter that focuses exclusively on Cloud Solutions, Interlockit.com will continue to both save our customers money over the long term but also provide them with a better way of running their business.

Interlockit.com - Moving Businesses to the Cloud