Critical problem with Litigation Hold detected in OWA – Exchange Server 2013 and Exchange Online (Office 365)

P5_400x225_Exchange-Online-Plan-1
Recently, a very important critical problem has been detected in the behaviour of litigation hold in Exchange Server 2013 and Exchange Online.

When a mailbox is enabled for litigation and holds a delegate of the mailbox is able to use OWA to permanently delete folders (and their items) from the mailbox, without them being preserved correctly by the litigation hold.

The issue impacts Exchange Online and all supported versions of Exchange Server 2013 on-premises. The bug does not exist when mailboxes are accessed via Outlook or other clients, only when accessed via OWA

Microsoft has released KB2996477 which also describes the issue:

This problem occurs when a user uses OWA to delete or move a folder from a delegated mailbox that is on hold to another mailbox if that mailbox is also open in OWA but is not on hold. The items are preserved according to the hold settings of the delegate’s own mailbox, not the settings of the delegated mailbox. The delegate can move or delete individual items inside a folder, and the items are preserved as expected.

Non-delegated scenarios, in which one user is the sole owner of a mailbox, are not affected by this issue. This problem also does not occur in the Outlook client.

There are 2 known solutions:

1. Put a hold on all users who are participating in delegated scenarios.

2. Disable OWA for users who have delegated access to their mailbox.

First, it’s worth verifying whether any mailboxes in your organization are enabled for litigation hold.

[PS] C:\>Get-Mailbox | where LitigationHoldEnabled

Name                      Alias                ServerName       ProhibitSendQuota
----                      -----                ----------       -----------------
Aurel Proorocu            aurel.proorocu       exch2013         Unlimited
IT Support                it.support           exch2013         Unlimited

If disabling OWA is a practical solution for your organization this can easily be performed, for example:

[PS] C:\>Get-Mailbox | where LitigationHoldEnabled | Set-CASMailbox -OWAEnabled:$false

Of course, if the mailboxes are under investigation it may not be wise to tip off the mailbox owner by disabling OWA. In that case enabling litigation hold for the other users with access to the mailbox would be the better approach.

Gmail – How to drag and drop attachments to your desktop

Gmail makes it easy to drag and drop attachments to your desktop or any other location.
This feature works with all supported browsers, but it is recommended to use Google Chrome. It works on both Mac & Microsoft operating systems.

You just have to click on the attachment, and then drag and drop it wherever you want and release the mouse (for large files, you may see a progress dialog).

blob1

Google emails go to Junk folder on Office 365

It seems that Microsoft and Google continue to tease each other…

As I discovered recently, if you share a file from Google Drive with someone that uses Office 365, the notification email will go directly into the Junk folder.

office365

Solution(s): 
– adding the respective domain on the Office 365 whitelist (ex. @domain-that-is-hosted-on-google-apps.com) 
– creating a contact on your Outlook Online with the senders address (ex. user@domain-that-is-hosted-on-google-apps.com) 

How to change the language of the GSA / Google Search Appliance

There are a few easy ways to change the language of the GSA:

1. If you are working with a remote client, and you don’t want to change the main language of the GSA, you can just open an “incognito window”, log on the GSA Server, and add:

&hl=en

or 

?hl=en

to the end of the URL. Example: 

http://gsa.admin.com/….&hl=en

2. For permanent language change, just change the language of your Internet Explorer.

 

 

 

How to import photos in Active Directory

AD
There is a minor schema modification required in order to enable the use of photos in AD. The change is to change the thumbnailPhoto attribute to make it replicate to the Global Catalog. If you do not have Exchange 2010 Service Pack 1 (SP1) installed (which automatically makes this Schema change), you do need to follow these steps: 

    • If you haven’t registered the Schema MMC snap-in on the server you want to make this change on, go ahead and do so using the following command: Regsvr32 schmmgmt.dll
    • Open an MMC console (Start/Run/MMC) and add the Schema snap-in.
    • In the Active Directory Schema snap-in, expand the Attributes node, and then locate the thumbnailPhoto attribute.
    • In the Properties page, select Replicate this attribute to the Global Catalog, and click OK.

Then you are ready to import photos into AD. This is done with a Powershell command, for example:

Import-RecipientDataProperty -Identity "Aurel Proorocu" -Picture -FileData ([Byte[]]$(Get-Content -Path "C:\pictures\AurelProorocu.jpg" -Encoding Byte -ReadCount 0))

The recommended thumbnail photo size is 96×96 pixels, and by default, the maximum size of photo that can be imported with the Import-RecipientDataProperty command is 10-KB. There are also options to force inclusion of the photo in the offline address book, see the ‘links for more information’ below on how to make those and other advanced changes related to AD photos.

Add created date and last modified time in a cell in Excel

If you want to add the last save time and/or creation date in Excel cells follow this steps (via VBA scripts):

date

1. Hold ALT + F11 keys, that will open the Microsoft Visual Basic for Applications window:

2. Click Insert > Module, and paste the following macro in the Module Window:

Sub Workbook_Open()
Range(“A1”).Value = Format(ThisWorkbook.BuiltinDocumentProperties(“Creation Date”), “short date”)
Range(“B1”).Value = Format(ThisWorkbook.BuiltinDocumentProperties(“Last Save Time”), “short date”)
End Sub

3. Press F5 key to run the macro.

Then it inserts the created date in Cell A1, and inserts the last modified date in Cell B1.
(you can modify the cells by simply editing the script and replacing A1,B1 with the desired cells)

Enjoy !

Sharepoint sends mail that goes in spam folder | Outlook 2010 / 2013 | Exchange 2010

exchange

A few days ago I received a request from a reader of my blog:

I am a SharePoint Developer and not familiar with exchange server.  I will really appreciate if you can please help me on this:

Issue is that we are sending an email from our custom application in SharePoint to “ALLUsers” group which contains all the employees of the organization. This email is send via SharePoint using SPUtility.SendEmail method. Now, not all the times but some times emails goes to Junk E-mail folder. 
 
We have discussed this with IT and they said they have already added the IP address of our SharePoint Server into “whitelist”. After much discussion, they have send us following code to add it in our email:
 
objMessage.Configuration.Fields.Item(“http://schemas.microsoft.com/cdo/configuration/smtpauthenticate“) = cdoBasic objMessage.Configuration.Fields.Item(“http://schemas.microsoft.com/cdo/configuration/sendusername“) = “abc@dom.com” objMessage.Configuration.Fields.Item(“http://schemas.microsoft.com/cdo/configuration/sendpassword“) = “password_of_abc@dom.com
 
I am not sure that this will work. Also, what else we can do? we are running “Exchange Server 2010 SP2 with Rollup #5”
Solution:

#1. If the Exchange Server spam filter also filters the local relay then:

Probably they only white-listed the ip but that doesn’t make Exchange to also skip the anti-spam policy.
We are talking about a e-mail addresses that is on a server and when you try to send emails to addresses from the same server they go into junk.

To do that, they have to give this command in power-shell:

set-mailbox nameof.mailbox -AntispamBypassEnabled $true

get-mailbox nameof.mailbox | fl *spam*,*SCL*
AntispamBypassEnabled  : True
*replace nameofmailbox with the name of the account configured

#2 If the Exchange Server does not filter local relay for spam: 

You are sending a internal e-mail from a address to a list and it goes to spam but the exchange does not filter local relay.
Then you need to add a safe senders list via a GPO for everyone for Outlook. Because the problem is Outlook has it’s own mechanism for anti-spam.
( For testing before you do that: add this address to safe senders on one computer with Outlook and then send the mass message and see if it still goes to spam –> it should not ).
Tutorial how to make a GPO for this can be found here.

If you have problems / questions / ideas please you can comment here or contact me

Enjoy !

How to boot in safe mode Windows 8 ( The easiest way )

One of the first problems that a Windows 8 user has is….
“How can I boot in Safe Mode… the classic F8 is not working….” 

The easiest way is: 

1. Press Windows Button and write msconfig, and Enter
1
2. Go to Boot Tab, and select Safe Boot:

*Other info:
Minimal is the normal safe mode.
Alternate Shell is a safe mode with command prompt console
Network is a safe mode with network

4

3. Restart

3

4. After reboot you will be in safe mode. Do your work ^_^

5. After you finished you have to go back to msconfig ( step 2 ) and un-check safe mode, and then restart:

*If you do not do this step after reboot you will be again in safe mode !
4
Enjoy !