Azure AD Connect did not Install or Service gets stopped after installation

So I encountered this issue, while installing Azure AD connect yesterday and been noticing this for another customer environment for a while.

You get the following error when you try to install Azure AD Connect.

Similarly so.metimes you notice that Azure AdSync Service is stopped and when you try to start it it gives the same error

Tried removing and reinstalling AAdConnect few times even rebooted server but no luck.

Resolution

Normally in such case Group policy is the culprit.

You may have the same issue for "Default Domain Policy" or other group policy that applies to regular member server.

• Find “Log on as a service” group policy setting is found under Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment.
• Add "Azure AD connect" account or service account that you may defined during Azue AD Connect deployment to the list of allowed accounts.
• Run "gpupdate /force" from the Command Prompt to update Group Policy instantly.
• Relaunch the setup again and you should be good to go.

For any questions please write or comment so I can answer accordingly.

Full Access Revoking Issues in Outlook after Exchange 2010 Migration to 2016

So few days back, I started working on Exchange Migration, everything went quite smooth and i have to give access back to Organization's Admins. There were plenty of mailboxes appearing in Administrator's Outlook which was obviously result of granting Full Access. However strange thing was they still remain in outlook client if their access is removed from exchange Server. If you click on mailbox you will get following:

I tried removing Full Access permissions from GUI and EMS itself but still doesn't help. Last option obviously was to recreate Outlook profile thinking it could be local outlook issue but that didn't help and once i re-add outlook profile everything comes as it is.

I searched Added user attributes from ADUC console's Attribute editor and i came to know that name was listed in MsExchDelegateListLink and somehow was not getting removed after removing Full Access permissions. Once that was removed object entries were removed from outlook.

To remove the object, just need to open ADUC, make sure Advanced Features is marked, now open the user's account that is showing in user's mailbox (as in following screenshot), open Attribute Editor tab form Properties and locate MsExchDelegateListLink, just edit and remove name from here.

Please feel free to write back/ comment if you've any questions.

Adding Multiple Exchange Proxy addresses from Powershell

Applies to:

You must be running minimum Exchange 2010 sp1

Requirement:

Our requirement is to add multiple exchange email addresses for a user with different domains.Obviously best approach is to define Email Address Policy and then Email addresses would be updated if option "Automatically update email addresses based on the email address policy applied to this recipient" is checked. But there are organization which do not check this check so we need to think out of the box to get job done.

One cool approach is to use Scripts. In this post I'll discuss how to actually update email addresses using script.

Procedure:

We need two atribute Name and ProxyAddresses, first we need to create CSV in following format like:

We need to save this on Exchange server on a particular location, once done we need to run following script as Administrator in exchange Management Shell.

===========================================

 Import-Csv C:\aliases.csv | ForEach-Object{

  $name = $_.Name

  $proxyaddresses = $_.ProxyAddresses -split ';'

  Set-Mailbox -Identity $name -EmailAddresses @{add= $proxyaddresses}

}

=============================================

Once executed successfully, it will update email aliases accordingly.

Please feel free to provide your feedback.

Lync 2013 Management Shell black screen issue

Lync server 2013 management shell often shows black screen when you launch it from Lync Front End server.

I am assuming that this is a Windows Server 2012 R2 ‘bug’ as I have never seen it before on win2k12 or 2k8R2 environments.

This usually comes and often drives fresh techs crazy although its resolution is pretty simple.

Resolution

if you open Lync Server Management Shell properties and check the target you will find this

C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe -noexit -command "cd $env:UserProfile; Import-Module 'C:\Program Files\Common Files\Microsoft Lync Server 2013\Modules\Lync\Lync.psd1'

which is clearly missing the double quote (") at the end, just add double quote and restart the shell it will work like a charm.

Exchange Queues stuck in Retry status on Exchange server 2010

Today i encountered strange issue when queues on our Exchange Hub Transport server changes their status from Ready to Retry mode. This will impact outbound email sending issues and end user will keep Help desk guys busy on phone that their emails are not getting sent outbound.

Configuration that we are assuming in this article is multiple servers in CAS arrays.

Instant Fix

To resolve this issue best practice would be to right click item in your queue and select Retry again while check your event viewer and monitoring logs for any errors.

To resolve this more efficiently, just open your CAS server NLB manager on one of the CAS server in the array and delete host of second server from there. Meanwhile monitor Queue status on the server, you'll notice that it will change its status from Retry to Ready mode, If you notice change in status just re-add that node again and restart Microsoft Exchange Transport Service.This will resolve the problem. However if queue on second node changes its status to retry mode, perform same steps for second server too.

NOTE: Please make sure not to delete same CAS host form the NLB Manager instance sitting on the same server.

Any recommendations/comments are welcomed.

How to retrieve deleted emails from Outlook Client

End users often contact system administrators that they need access to some emails if they have accidentally deleted some email. In this article i will explain how they can recover a deleted item from their side prior to contacting Help-desk.

When a mail item is deleted using delete key or the click right mouse button approach), it’s considered a soft-delete and soft delete simply moves the item(s) to the deleted items folder. You can also shift-delete which means they are permanently deleted from the deleted items folder and moved to Recover deleted items folder which is found on outlook client for outlook 2007,2010 and 2013 clients. Retention window of these items is 30 days in the Recover deleted items folder.

Recovering items form user Mailbox

Lets move with an example, lets delete a test email:

Now lets permanently delete this email from Deleted items folder on Outlook client as well

Now permanently deleting this item has moved it to Recoverable Items Folder, to access the folder Navigate to Folder >> Recover Deleted Items folder on Outlook clients or by by right-clicking on the Deleted Items folder and selecting “Recover Deleted items” option in OWA.

clicking on message button will release the item to Delete Items folder on the outlook client and clicking cross will purge this item or in simple words delete item from end user perspective and you will not be able to recover that item anymore.