Following at some link to relevant articles regarding Microsoft Server 2012. Windows 2012 R2 Update Rollups http://social.technet.microsoft.com/wiki/contents/articles/23823.list-of-rollup-updates-for-windows-8-1-and-windows-server-2012-r2.aspx DHCP Policies in Windows Server 2012 http://blogs.technet.com/b/teamdhcp/archive/2012/08/22/granular-dhcp-server-administration-using-dhcp-policies-in-windows-server-2012.aspx Ensuring High Availability of DHCP using Windows Server 2012 DHCP Failover http://www.blogger.com/blogger.g?blogID=6182238178402557202#editor/target=post;postID=2649739028028900978 Bringing PowerShell to DHCP Server http://www.blogger.com/blogger.g?blogID=6182238178402557202#editor/target=post;postID=2649739028028900978 IP Address Management (IPAM) Overview http://technet.microsoft.com/library/hh831353.aspx Password Replication Policy http://technet.microsoft.com/en-us/library/cc730883(v=ws.10).aspx
Posts
Setup Onramp Login Requirements You need to add Office365.com as a trusted site in IE in order to be able to install the ActiveX control to run the tests You also need to log in to the Server and Office365 using credentials that have the same UPN. Note: When launching the Office 365 OnRamp wizard (either from the Admin page or directly thru a URL), it is a requirement that you use a Login ID that exists both as a Office365 and AD as a UPN. Example: Do not use the Original Tenant login for Office365, unless you have carefully created an identical account in AD that has the same UPN as the Office365 account. Instead, set up DirSync first, and then elevate one of the AD Accounts to an Office365 Global Administrator. Then use this account to log in to your Server and to log in to Portal.microsoftonline.com. When you then run the Setup wizard you will get meaningful results. The symptoms of an account that cannot log in to AD (don't assume that your current account is used), is
Office 365 - Change your default email domain After you set up your custom domain in Office 365 (like mycompany.ca, for example), you can change the default domain that appears for new email addresses when you Add users . To change the default domain: Go to your organization’s Office 365 profile: Go to Admin => Office 365 In the upper right, click your organization’s name Click Edit . Choose a new default domain from the list of domains, and then save your changes. http://office.microsoft.com/en-ca/office365-suite-help/change-your-default-domain-HA102818532.aspx
The default install of DIRSYNC will synchonize your entire AD with Office365. To my way of thinking, this is excessive and unnecessary. During the install, at the end of following running Configuration Wizard, you will be asked if you wish to "Synchronize now". Uncheck this box and then, after a reboot, follow the instructions below: Step 1: Create a shortcut to C:\Program Files\Windows Azure Active Directory Sync\SYNCBUS\Synchronization Service\UIShell\miiclient.exe (Synchronization Service Manager) Change the advanced properties to Run as Administrator . Launch this tool Step 2: After the install, Open Active Directory Users and Computers and search for all users starting with "MSOL_". You will see that there is a new account called "MSOL_6b06ffadffb5" or some such giberish. The number is different on every Server. Change the password on this account to something secure, that you can enter in the Service Manager Step 3: In Synchronization Servic
This entry demonstrates a successful implementation of DIRSYNC with Password Sync. Step 1: First, you need to install the DIRSYNC that was released on June21, 2013. If you are not sure which version that you are currently running, see http://aerobatgeek.blogspot.ca/2013/07/office365-dirsync-versions.html Note that in order to be successful, you will need to uninstall any previous version, and also be sure to reboot after the uninstall. Step 2: Install DIRSYNC, including Password Sync. I will leave details to other posts. Remember to Reboot after the install. Also, it is my advice to NOT select "Synchronize Now". You should set the scope first. For instructions on how to limit the scope of which accounts are Synced from AD, see post http://aerobatgeek.blogspot.ca/2013/07/office365-dirsync-how-to-set-partition.html Step3: Once the scope has been selected (in my case a single OU), then you can trigger a manual DIRSYNC. On the DIRSYNC Server, launch Powershell with elevate
Microsoft released a new version of DIRSYNC recently that now includes Password Sync. This does not replace ADFS for User Authentication (especially "Single Signon"), but does provide "same signon". The big issue that I found was how to determine what version of DIRSYNC that I had installed, and how to determine if a new download was required. It turns out that this is not so easy. To be honest, as much as I admire Microsoft for how thoroughly they have documented Office365, they are painful in their inconsistency on some things. Normally I would assume that at the very least that the install of any version would have a version number in "Programs and Features". I installed what was the current version on June 2, (this was released Jan 30,2013) and this is what is displayed: Note that the Size and Version are blank. (Cheeses guys). Anyway, now that I have downloaded and installed the version available today ( or more accurately as of June 21,2013)
I had an interesting session with the Office365 technical Support team and learned a few new commands today. The first this to remember is that there are 3 possible system scenarios for running Powershell command: A system with DIRSYNCinstalled An On-Premise Exchange management System Any other computer with Neither of the able installed. The goal here is to run PowerShell with the necessary privileges and Snapins to be able to perform the tasks. At one point, the Support Technician wanted me to run "Get-Mailbox" and also "Start-OnlineCoexistenceSync". GET-MAILBOX The Get-Mailbox commandlet sounds easy, but remember that this is for Office365, not the on-premise Exchange. To run this commandlet, we were able to perform the task on any PC. (It does not need to be in the domain of the Dirsync server.) Type to following commands: PS C:\Windows\system32> Set-ExecutionPolicy unrestricted PS C:\Windows\system32> $cred = Get-Credential PS C:\Windows\system32> $
Scenario: We are running a hosting environment of Windows 2012 Hyper-V, with Virtual Servers running Windows 2008 R2. In this environment, we also are running Exchange 2007. If you examine the status of a VM in the Hyper-V manager, you may notice that the Integration Services is running in a "degraded" state and is not fully functional. Example: it does not show the IP address of the VM. Hyper-V Manager on a Windows 2012 showing the Networking status of a VM which has the original version of Integration Services in a Windows 2008 R2 Server, out of the box. Note that the version of Integration Services that comes in Windows 2008 R1 is reported as version 6.1. Hyper-V 2012 would have you install version 6.2. Well, I elected to install the newer version by simply clicking the menu to select to install the new version from the mounted disk. The Problem: A reboot was required to complete the Integration Services upgrade. After the reboot, Exchange would not mo
To display devices when you click Show hidden devices : Click Start , point to All Programs , point to Accessories , and then click Command Prompt . At a command prompt, type the following command , and then press ENTER: set devmgr_show_nonpresent_devices=1 Type the following command a command prompt, and then press ENTER: start devmgmt.msc Troubleshoot the devices and drivers in Device Manager. NOTE : Click Show hidden devices on the View menu in Device Managers before you can see devices that are not connected to the computer.