Office 365 Advice!

Today I was a guest on On The Air a live tech talk show put on by Spiceworks.  In the episode we talked about deploying Office 365 and played Servers and Sysadmins (a super fun IT version of the popular Dungeons and Dragons RPG).  If you haven’t already seen it, here’s the link to the episode.

13082542_814719664621_1599884150665550650_n

I wanted to also make sure to give some professional advice aside from the silliness on the show (but for real, I had a good time) so I have come up with some basic advice for getting started on your own.

Also, be sure to check out the EMS book by Kent Agerlund and Peter Daalmans.  It’s due to hit Amazon in May and will walk you through a full setup using both cloud and hybrid options.  I will post the link as soon as the book is available for purchase.

Preparing for Office 365 Migration:

Install

WinRM

https://www.microsoft.com/en-us/download/details.aspx?id=40855

 

Microsoft Online Services Sign-In Assistant for IT Professionals Beta

http://ref.ms/msolsignin/

 

Azure AD cmdlets

http://ref.ms/azureposh

 

Enable Script Execution (Admin PoSH)

Set-ExecutionPolicy -ExecutionPolicy Unrestricted

 

Get to know service descriptions – pick what’s best for your organization and understand what you’re signing up for – it would be better to sign up for too much than not enough service.

http://www.microsoft.com/en-us/download/details.aspx?id=13602

 

Office 365 Deployment Guide – advice on deployment models –these are my requirements – here’s the model that works best for me.

http://technet.microsoft.com/en-us/library/hh852466.aspx

Deployment Readiness Toolkit – environment prechecker

http://www.microsoft.com/en-us/download/default.aspx

Office 365 admin resource center

http://office.microsoft.com/en-us/support/office365-administrator-resource-center-FX103995410.aspx

Microsoft Online Services Diagnostics and Logging (MOSDAL) Support Toolkit – troubleshoot config issues

http://www.microsoft.com/en-us/download/details.aspx?id=626

Know your network or get to know your network admins – bring whiskey!

The slowest connection to Office 365 is going to be from your gateway to ISP and then ISP to Office 365 data center (if your ISP isn’t part of the Internet Backbone)

Think about how users will be accessing services like OWA/ActiveSync and also how much data do you have to migrate to the cloud (think Exchange S4B and SharePoint)

Get to know your organization’s QoS settings (this is where the whiskey comes in handy!)

Office 365 Community site

http://community.office365.com/en-us/forums/default.aspx

Learning PowerShell for Office 365:

Simply put, you’re going to use PowerShell for automation and management.

Many of the administrative tasks can be performed through the admin center UI, some tasks are difficult to do without PowerShell and some tasks can be performed only with PowerShell.

Get to know/use PowerShell ISE because the complexity of PowerShell is reduced in ISE basically, you don’t have to memorize every single command ISE is pretty smart.

Pro tip: ALWAYS run as admin

It is a good idea to have a test tenant with a few users so you can test your PowerShell scripts. Alternatively, you can use your production tenant with test users. In both scenarios, the test users most likely will have to be assigned Office 365 licenses, at least during script testing. Microsoft does not provide free test tenants or free test user licenses.

 

Real-World Challenges (that I have seen):

Not understanding licensing or really not being ready to push users to the cloud because your legacy AD needs some love.  Take some time to review for stale accounts and clean them up before you migrate – it will save some pain on the other side.

Qos for Skype for Business – packet loss can really impact voice meetings so make sure you’re aware of/reviewing your organization’s QoS.  Really this isn’t just a step for review for S4B, but this is one area that’s really not going to play nice if you aren’t prepared properly.

UPN – corp.amicasto.com vs. amicasto.com

Perficient has a really good blog post about the topic.

Not understanding the design/implementation of your legacy environment– if you want a seamless user experience, you need to understand how and why things are setup the way they are in your legacy environment.  From SharePoint layout and permissions to user vs equipment mailboxes in Exchange.  Some things you did in your legacy environment are now charged as per user license in your new environment.

Not testing – either with a test tenant or test users in production – you need to understand the impact of your changes!

Understand that in Exchange, some legacy features/resources won’t be available in the cloud.  So if a user connects to another mailbox or resource, it also needs to be available in the cloud.  We saw this with Public Folders and equipment mailboxes that were setup as user mailboxes.

Upgrade your 2012 R2 SP1 ConfigMgr environment to 1602 #LikeABoss

Yesterday I went from CM 2012 R2 SP1 CU whatever to CM 1602.

 

 

It’s a really simple process, but if you haven’t done any kind of CM site upgrades before, maybe you feel a bit overwhelmed.  To get started to need to do two things.  The first being verify you have a backup.  If you don’t know how to do this, check out Steve Thompsons blog.

Next, go to your VLSC and download the required media.  (Note: I was already running a fully patched version of SQL Server 2014, so I didn’t need to download that media, and I wont be covering it in this post.)

After the download completes and you’re certain you have a backup of your site, I’d make sure the server that hosts your site is fully patched so that pending reboots don’t break the upgrade.

 

When you’re back up and running, mount the ISO and launch splash.hta which will start the application to perform the upgrade.

You’ll be greeted with this page that defaults to the upgrade so you can leave it as-is.

And you’ll need to accept three sets of EULAs before you can continue.

Now, just like in your production version of 2012, you have prereqs to download.  If you’ve already done so, here’s where you would tell the wizard to grab them for the install.  I prefer to keep anything that’s not the OS on my E:\ drive.

And if you did specify a path to download (aka you didn’t download the prereqs beforehand), the app will then initiate the download as soon as you click next (and it’s really quick too!).

When the download completes you can add language support.  While you  can add languages after the fact, if you plan to add support for anything other than the default, do it now please :).

 

You’ll then configure service connection point and select (the only option) setup type.  If you choose not to connect the service now, you’ll have to do it after the fact.  So unless you have a really good reason not to, just connect now.

Next comes the prerequisite check for the upgrade.  You can ignore the warnings if you want, but you have to remediate all failures to be able to continue.  As you can see here, I needed to install USMT as well as remove Distribution Point role (the only role installed on that server – which is how I knew what to do 🙂 ) from the server that sat on the same cluster as my primary site.

You’ll click through a few more steps and then the upgrade starts.  You can watch what’s going on in the ConfigMgrSetup log on C:\ by opening it in CMTrace.

Go ahead and take a coffee break (I recommend this) because it will take a bit to complete.  When it’s done you can close the app.

Now comes the fun part – getting to 1602.  I, like an idiot had left the console open during the upgrade and saw in the setup log that the new console failed to install.  Even if I hadn’t seen it, I was blocked with an error message that told me I couldn’t connect to my site.  Before worrying about permissions, I decided to reinstall the console – if this happens to you, you can easily reinstall the console by navigating to your ISO and go to SMSSETUP\BIN\I386 and launch consolesetup.exe .

With the console open, go to Administration – Overview – Cloud Services – Updates and Servicing.  (As of today) You’ll see the upgrade for 1602.  Right click it and first run the prerequisite check and then finally right click again to install it.

Note:  You can choose to run against a non-production collection if you have such a thing 🙂 or you can go ahead straight to production.  Since I’m my own boss, I don’t have much of a reason to pick a collection to test against.

And when it’s finished you’ll need a new version of the console again.  This time, clicking Ok caused the console to upgrade without any manual work for me.

If you didn’t already have automatic client upgrades turned on, I really think you should.  I say this because I had it turned on and configured to what works for my environment as far as days to install the client.  It’s great because the new client package was already distributed for me and I can see that some of my endpoints already have the new client.  To turn it on, go to  Administration – Overview – Site Configuration – Sites and go to Heirarchy Settings (on the ribbon) and tick the box to allow the auto upgrade.

And finally you’ll want to check to make sure the client package has been distributed (and if it hasn’t you’ll need to do so) by going to  Software Library – Application Management – Packages.  While you’re in there, check on your boot images too by going to the Operating Systems node in Software Library – they get updated during the upgrade and therefore should be replaced on all your distribution points too.

Depending on the complexity of your environment or if you want to add or remove roles/features you’ll have more work to do.  Of course if you need help, you can always ping me on Twitter.

 

Finding ConfigMgr Current Branch in VLSC

Problem:  I need/want to upgrade my ConfigMgr environment from 2012 R2 SP1 – 1602 but I can’t find it in my VLSC.  Does this mean I’m not licensed for it?

Answer: No.  It’s just poorly named.

If you’re looking for ConfigMgr in your VLSC, it’s actually titled System Center Config Mgr Client Mgmt License (current branch).  Good lord that’s worse than spouting off which specific CU I have applied to my 2012 environment.

 

Click on the downloads tab to get to the software.

BTW, if you haven’t noticed it’s for 1511 release.  Currently the only way to get to 1602 is through servicing through current branch ConfigMgr implementation.  So whether you’re starting from scratch or from an older implementation, you have to use 1511 as your starting point.

Delete User Profile without rebuilding the PC

If you need to re-provision a PC and for some reason cant/wont rebuild the machine you can always do this:

Login to PC under an admin account…

  1. Open regedit and go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\
  2. Pick the profile you don’t want anymore and delete it.
  3. Then go to C:\Users and shift+delete their folder.

I’ve had a few cases where I’ve needed to reboot the machine in between those two steps.  Otherwise, when you’re finished deleting the keys and folders you can logoff the admin account.

 

Uninstall String for Autodesk Content Service 2016

Autodesk Content service (Especially 2016) isn’t playing nice in my environment.  If you’re in a BIM environment and you’re seeing a lot of strange things happen in Office (think ghost actions 🙂 ) I recommend uninstalling it.  You’ll see the same trends in Event Viewer as pictured below.

Event 7031 Service Control Manager

These 3 errors will appear together in the Applications node of Event Viewer

Event ID: 0 Autodesk Content Service

Event ID 1026 .NET Runtime

Event ID: 1000 Application Error

 

From admin prompt:

msiexec /x {A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F} /quiet

 

Back to basics – installing drivers HP Zbook 14

This isn’t a very technically deep post but the method is something that has been helpful for me dealing specifically with HP Zbook 14 laptops.  I have never had more trouble installing graphics drivers in my entire life than the two years I’ve worked with this model laptop.

Anyway, this post isn’t about much other than to say when you’re updating drivers and nothing seems to be working you can always force the install through device manager.

Just open Device Manager and navigate to Display node.  Right click the corresponding display adapter you want to update.  Pick Update Driver Software.

I have the AMD card disabled (too buggy in Windows 10) which is why it isn’t present – but this will work for both AMD and Intel.

Next pick Browse my computer for driver software

And finally, navigate to the extracted driver in the SWSETUP folder (or if you’ve manually downloaded and extracted it, navigate to there). And then complete the Wizard.

 

That’s it!  Super simple and saves a lot of headaches.

Enabling Wireless on the 6th gen NUC using Server 2016 TP4

This one is pretty straight forward.  Download the wireless driver for NUC from here.

In an admin PowerShell prompt type:

Import-Module ServerManager
Add-WindowsFeature -Name Wireless-Networking

You’ll be prompted that a restart is required which you can do from the same window by typing:
Restart-Computer

Then, when you’re back up and running you can install the driver.

Hacking the network driver for 6th gen NUC

Let’s say you buy a machine or have a machine that’s only supported for every OS on the planet except for the one you intend to use.  You can accept your fate – that you really don’t live with as much freedom as you want, or you can change your fate and hack drivers to get exactly what you want.  This post will show you how to do option 2 (which by the way is the correct option to pick).

Since everybody loves the NUC, we are going to hack the crap out of the 6th gen net driver to install the very unsupported Server OS.

What you need:

  • NUC net driver (I grabbed the Win10x64 one)
  • Windows 10 Driver Kit (scroll down, the actual download is about halfway down the page – and for what it’s worth, I installed it using all the default settings)
  • 7-zip (7-zip is king!)
It’s going to be really helpful to find the Device ID because you will need it for the specific driver you’re trying to hack.  The DeviceID for the network adapter on the 6th gen NUC is PCI\VEN_8086&DEV_1570&SUBSYS_20648086&REV_21 *but* you only need to match the first part – so in this case  PCI\VEN_8086&DEV_1570.  Using this info, I found the driver I wanted to hack was in the NDIS64 folder (specifically e1d64x64.inf) once I extracted the exe with 7-zip.  This is the only .inf with the matching hardware ID so I know for sure this is the file I need to edit and eventually import into my deployment workbench.Capture
To do the actual hacking, I copied the ID from this section: Capture1
and then pasted it into this one – it’s directly below where I got it from and literally the only other spot where something like this would belong – so if you’re new to this don’t be afraid!
Capture2

I kept it in the correct order as it was listed above

 

Once I did my copy paste magic, all I needed to do was save the file and then  move the NDIS64 folder away from where I extracted the LAN exe (my downloads folder) because it’s all that’s needed for the import when the time comes.
Now the driver is ready to be imported into your deployment workbench.  Since MDT doesn’t require driver signing, you’re good to go.
/NOTE: This same driver will work for Server 2016 – some of you will want to grab and edit in the NDIS65 folder but it’s just not necessary.

 

 

Query WMI for Serial Number

Certain people who sit next to me are really bad at updating inventory.  Yes, yes, I have ConfigMgr and I can run reports to get what I’m looking for.  But I’d like to take a moment to both blame said #lame co-worker and also show off a bit.  So, if you’re looking for the serial number for a computer on your network then here’s what you do:

In PowerShell:

gwmi -computername chn-353 -class win32_bios

ps

 

 

 

 

 

 

 

In cmd prompt:
wmic /user:acadmin /node:’ch-1095′ bios get serialnumber

cmd

Of course, this way requires you to enter a password, but still works just fine.

 

 

Exchange Powershell 1/18/2016

I was tasked with the old “give me a list of all the active users by office and their mailbox stats”. Easy enough, but I’m a bad admin (falling on the sword for those who came before me and also those who sit next to me – you’re welcome and you owe me a beer.), so I don’t really have all of this broken down by office OU. What I DO have is a distribution group for each office which reflects current staffers so here’s how I did it:

get-distributiongroupmember ‘fake list’ |get-mailboxstatistics |export-csv c:\fakestats.csv

 

You can actually do a lot with get-mailboxdistributiongroupmember.

For example, you can grab just their email address and mailbox size and send it to your csv (or show it on screen by dropping the |export-csv bit)

example:

get-distributiongroupmember ‘fake list |select primarysmtpaddress, totalitemsize |fl c:\fakestats1.xls

 

BUT totalitemsize always returns blank (which is why I just used the original csv to hand in as my work and called it a day.) However, if you know anything about me, it became a personal challenge to actually do it the “right way” or better documented way or whatever you want to call it for the next time somebody calls on me for such an annoying list of information.  So, in the spirit of stealing with pride, I found a nice script and modified it to match the fact that I want to return info on a distribution list.

get-distributiongroupmember ‘chicago staff’ | get-mailboxstatistics |add-member -membertype scriptproperty -name totalitemsizeinMB -Value {$this.totalitemsize.value.ToMB()} -passthru | format-table displayname,totalitem* |out-file c:\fun.xls