Windows Server 2016 Disable Right-Click Startbutton menu

Prerequisites:

In order to follow this guide you will need an Active Directory domain as well as a Server 2016 RDS server.

Scenario:

You have been tasked to setup a Remote Desktop Server for your Company and you have been ordered to lock it down to disable users accessing advanced features hidden under the context menu of the startbutton in Server 2016.

 

Step-by-step:

  1. Open Group Policy Management Console
    There are many ways to do this so use your favorite way.
  2. Create a new Policy
    Create a group policy in in the Organizational Unit where your Remote Desktop Server is stored.
  3. Edit the group policy and browse to the relevent section
    Browse to:
    Computer Configuration>Policies>Windows Settings>Security Settings>Software Restriction Policies
  4. When Software Restriction Policies is selected in the left hand side you should see a list as the following:
  5. Double-click Enforcement in the right pane.
  6. After “Apply software restriction policies to the following users” select “All users except local administrators” and click OK.
  7. Next double-click on the folder Additional Rules.
  8. Right-click in the rightpane and select New Path Rule…
  9. For the Path enter: %USERPROFILE%\AppData\Local\Microsoft\Windows\WinX\Group1
  10. Repeat step 8 and enter this name: %USERPROFILE%\AppData\Local\Microsoft\Windows\WinX\Group2
  11. Repeat step 8 again and enter the name: %USERPROFILE%\AppData\Local\Microsoft\Windows\WinX\Group3
  12. You should now have a total of 3 rules Disallowing access to those 3 folders, This will turn off the right-click function of the start-button.

You need to run gpupdate /force on the RDS Server and that’s it! If you have any questions or comments feel free to comment below!

Create User folders in Windows Server 2012 R2 and add them to Active Directory

Scenario:

You have setup a brand new Windows Server 2012 R2 Server and want to share a User folder in the network that will be entered into AD into every user. As we keep a high standard of user integrity we will want to take every necessary precaution to prevent users from accessing/viewing/deleting each others files.

 

Share Permissions:

This walk through takes for granted that this server is a part of an active directory environment.

      1. Create a folder named Users (this can be anywhere on the server but I will put it in D:\)
      2. Right-click on this folder and select Properties.
      3. Select the Sharing tab
      4. Click Advanced Sharing.
      5. Check “Share this folder”.
      6. Add a $ sign to the end of the Share name so it says Users$. (This makes this share invisible when browsing the network)
      7. Click on the Permissions button.
      8. Remove the Everyone group.
      9. Click Add, and add the following groups: Administrators, System, Authenticated Users.
      10. For each group (there should be three) give them full permissions (select allow under full control).
      11. Click OK.

 

NTFS Permissions:

      1. Select the tab Security.
      2. Select Advanced button.
      3. Select disable inhertiance.
      4. Click on “Convert inherited permissions into explicit permissions on this object” when the warning prompt pops up.
      5. Select Users and hit remove (Do this for both if you have two field with user permissions)

      6. Select Add and under Principal click “Select a principal” and in the search box type authenticated users and hit enter.

      7. At Applies To: Select: This folder only.
      8. For the permissions select allow for: Traverse folder / execute file, List folder/read data, Read attributes, Read extended attributes, Read permissions.
      9. Click OK.
      10. Now your Security tab should look like the image below.

 

File and Storage Services:

  1.  Go to Start > Server Manager and click on File and Storage Services in the left menu.
  2. Click on Shares and select the Users$ share you just created.
  3. Right click and select Properties.
  4. Click on Settings + and Select Enable access-based enumeration such as the picture below.
  5. Click OK.
  6. Close out the Server Manager window.

Active Directory:

On Your Domain Controller.

  1. Go to Start > Administrative tools > Active directory users and computers.
  2. Navigate to the User you want to add the User folder to.
  3. Right click and select properties on the user.
  4. Select the profile tab.
  5. Under the section Home folder: Select the Connect radio button.
  6. Select the letter U:\
  7. In the To: Text area type: \\YOURSERVER\Users$\%username%(if your server with the share’s name is joe it would be \\JOE\Users$\%username%)
  8. Click OK
  9. Close Active Directory Users and Computers.

If you now browse to the Users$ share folder on the server you created it on. You will notice a folder in it with the users username as the folder name. If you check the permissions for the folder the right permissions have automatically been applied. This technique will definitely save you lots of time as if you were doing it via old net use scripts. Congratulations you have successfully added a user folder share and added it to a user.

Please note that this can be done to multiple users at once, all you do is select all the users in active directory and add the user share to the users.

Feel free to post comments if things are unclear or so, it’s very easy to miss certain details when making a guide like this.

Azure Active Directory Connect: How to force sync after making changes in Active Directory.

Hi so this took me suprisingly a few hours to solve. The reason for that is because the Azure Active Directory Connect tool is a new tool that replaces the old Dir Sync tool used to sync AD to Office 365. So i am making a short post for myself and for you the user to refer too.

Basically these are the steps to force a sync.

  1. Logon to the server that is running your Azure Active Directory Connect software.
  2. Open Powershell as administrator.
  3. Run this command: Start-ADSyncSyncCycle -PolicyType Delta
  4. Also run this command if you’ve for example made changes to filtering and want a complete update of everything both up and down: Start-ADSyncSyncCycle -PolicyType Initial

THAT’S IT!

Now log on to your Office 365 Portal and check the Active Users page to see your changes being uploaded.

Migrate all mailboxes to Exchange Online with a cutover migration

Use the Migration page (also called the migration dashboard) in the Exchange Administration Center (EAC) or use the Exchange Management Shell (Shell) to migrate all the mailboxes and corresponding mailbox data from your on-premises Exchange organization to Exchange Online in a single migration batch over the course of a few days. This type of migration is called a cutover Exchange migration because all on-premises mailboxes are migrated in preparation for moving your entire organization to Microsoft Office 365 and Exchange Online. After mailboxes are migrated to Exchange Online, the corresponding user accounts are managed in Office 365.

To migrate only some of your on-premises mailboxes or to migrate more than 2,000 mailboxes, you need to perform a staged Exchange migration. You can only migrate Exchange 2003 and Exchange 2007 mailboxes using a staged migration. To migrate more than 2,000 mailboxes from an Exchange 2010 or Exchange 2013 organization, you have to implement an Exchange hybrid deployment. For more information about these types of migrations, see:

To learn about and compare other options to migrate mailboxes to Exchange Online, see Mailbox Migration to Exchange Online. Or use the Cloud Only option in the Exchange 2013 Server Deployment Assistant.

NoteNote:
Cutover migration is available in Office 365 for education, but it isn’t available for Microsoft Live@edu organizations.

Here’s what happens when you migrate mailboxes to Exchange Online using a cutover migration:

  • Exchange Online provisions new mailboxes in your Office 365 email organization. It creates an Exchange Online mailbox for each user account in your on-premises Exchange organization. On-premises distribution groups and contacts are also migrated to Exchange Online during a cutover migration.
  • After the new Exchange Online mailboxes are created, email messages, contacts, and calendar items from each on-premises Exchange mailbox are copied to the corresponding mailbox in Exchange Online. This process is called initial synchronization.
  • After the initial synchronization, the on-premises and Exchange Online Exchange mailboxes are synchronized every 24 hours, so that new email sent to on-premises mailboxes is copied to the corresponding Exchange Online mailboxes. This process is called incremental synchronization.
  • Exchange Online sends an email message to the administrator when the migration batch has completed initial synchronization. This message lists the number of mailboxes that were successfully migrated and how many couldn’t be migrated. The message also includes links to migration statistics and error reports that contain more detailed information.

When you’re ready, you can route email directly to the Exchange Online mailboxes and delete the cutover migration batch. Then you can decommission your on-premises Exchange organization if you want.

  • Estimated time to complete this task: 2-5 minutes to create a migration batch. After the migration batch is started, the duration of the migration will vary based on the number of mailboxes in the batch, the size of each mailbox, and your available network capacity. For information about other factors that affect how long it takes to migrate mailboxes to Exchange Online, see Migration Performance.
  • You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Migration” entry in the Recipients Permissions topic.
  • If you’ve activated and installed the Azure Active Directory Sync tool, you can’t run a cutover migration. If you’ve already installed the directory synchronization tool, but haven’t run the tool yet, you can deactivate directory synchronization in your Office 365 tenant and then run a cutover migration. For more information, see Manage directory synchronization.
  • For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard shortcuts in the Exchange admin center.
  • Add your on-premises Exchange organization as an accepted domain of your Office 365 organization.   The migration service uses the SMTP address of your on-premises mailboxes to create the Microsoft Online Services user ID and email address for the new Exchange Online mailboxes. Migration will fail if your Exchange domain isn’t an accepted domain or the primary domain of your Office 365 organization. For more information, see Add your domain to Office 365.
  • Configure Outlook Anywhere on your on-premises Exchange server.   The email migration service uses RPC over HTTP, or Outlook Anywhere, to connect to your on-premises Exchange server. For information about how to set up Outlook Anywhere for Exchange 2010, Exchange 2007, and Exchange 2003, see the following:
    ImportantImportant:
    Your Outlook Anywhere configuration must be configured with a certificate issued by a trusted certification authority (CA). It can’t be configured with a self-signed certificate. For more information, see How to Configure SSL for Outlook Anywhere.
  • Verify that you can connect to your Exchange organization using Outlook Anywhere.   Try one of these methods to test your connection settings:
    • Use Microsoft Outlook from outside your corporate network to connect to your on-premises Exchange mailbox.
    • Use the Microsoft Exchange Remote Connectivity Analyzer to test your connection settings. Use the Outlook Anywhere (RPC over HTTP) or Outlook Autodiscover tests.
    • Run the following Shell commands. 
      $Credentials = Get-Credential

      Test-MigrationServerAvailability -ExchangeOutlookAnywhere -Autodiscover -EmailAddress <email address for on-premises administrator> -Credentials $credentials
    • Successfully create a migration endpoint to the Exchange organization that hosts the mailboxes that you’re migrating. When you create the endpoint, select Outlook Anywhere as the endpoint type. For more information, see Create migration endpoints.
  • Assign an on-premises user account the necessary permissions to access mailboxes in your Exchange organization.   The on-premises user account that you use to connect to your on-premises Exchange organization (also called the migration administrator) must have the necessary permissions to access the on-premises mailboxes that you want to migrate to Exchange Online. This user account is used to create a migration endpoint to your on-premises organization.The following list shows the administrative privileges required to migrate mailboxes using a cutover migration. There are three possible options.
    • The migration administrator must be a member of the Domain Admins group in Active Directory in the on-premises organization.Or
    • The migration administrator must be assigned the FullAccess permission for each on-premises mailbox.Or
    • The migration administrator must be assigned the Receive As permission on the on-premises mailbox database that stores the user mailboxes.

    For more information about assigning Exchange permissions, see Assign permissions to migrate mailboxes to Exchange Online.

  • Disable Unified Messaging.   If the on-premises mailboxes you’re migrating are enabled for Unified Messaging (UM), you have to disable UM on the mailboxes before you migrate them. You can then enable UM on the mailboxes after the migration is complete.
  • Security Groups and Delegates   The email migration service cannot detect whether on-premises Active Directory groups are security groups or not, so it cannot provision any migrated groups as security groups in Office 365. If you want to have security groups in your Office 365 tenant, you must first provision an empty mail-enabled security group in your Office 365 tenant before starting the cutover migration. Additionally, this migration method only moves mailboxes, mail users, mail contacts, and mail-enabled groups. If any other Active Directory object, such as user that is not migrated to Office 365, is assigned as a manager or delegate to an object being migrated, they must be removed from the object prior to migration.

Return to top

A migration endpoint is a management object in Exchange Online that contains the connection settings for the on-premises server that hosts the mailboxes you’re migrating and the credentials for an on-premises user account that has the necessary administrative permissions to migrate mailboxes. For a cutover migration batch, you have to create an Outlook Anywhere migration endpoint. When you create a migration batch, the information in the migration endpoint is used to connect to the on-premises Exchange server. The migration endpoint also defines the number of mailboxes to migrate simultaneously.

For more information about creating an Outlook Anywhere migration endpoint, see Create migration endpoints.

TipTip:
Although you can create the first Outlook Anywhere migration endpoint when you create the migration batch for a cutover migration, we recommend that you create migration endpoints before you create a migration batch. When you create a migration endpoint, Exchange Online tests the connection to the on-premises Exchange server. The migration endpoint isn’t created unless Exchange Online can successfully connect to an on-premises server. This lets you troubleshoot and resolve connectivity issues before you create a migration batch. Otherwise, you have to cancel the migration batch and resolve any connectivity issues before you can create a migration batch.

Return to top

 

As previously stated, in a cutover migration, on-premises mailboxes are migrated to Exchange Online in a single migration batch. Therefore, you can create only a single migration batch for a cutover migration.

The following procedure will vary based on whether you or another administrator in your Exchange Online organization have created any migration endpoints. We recommend that you create a migration endpoint before you create a migration batch for a cutover Exchange migration.

  1. In the EAC, navigate to Recipients > Migration.
  2. Click New Add Icon and then click Migrate to Exchange Online.
  3. On the Select a migration type page, click Cutover migration, and then click Next.
  4. Depending on whether any Outlook Anywhere migration endpoints have been created for your Exchange Online organization, do one of the following:
    • No migration endpoints have been created: On the Enter on-premises account credentials page, type the following information, and then click Next.
      • Email address   Type the email address of any user in the on-premises Exchange organization that will be migrated using this endpoint. Exchange Online will test the connectivity to this user’s mailbox.
      • Account with privileges   Type the user name (using the domain\user name format) for an account that has the necessary administrative privileges in the on-premises organization that hosts the mailboxes that you’re migrating. Exchange Online will use the Autodiscover service and this account to detect the migration endpoint and to test the permissions assigned to this account by accessing the mailbox specified in the previous box.
      • Password of account with privileges   Type the password for the administrator account that you specified in the previous box.

      If the connection settings are successfully discovered, the fully qualified domain name (FQDN) of your on-premises Exchange server and RPC proxy server are displayed on the Confirm the migration endpoint page. Verify the settings and then clickNext. If the test connection to the source server isn’t successful, you’re prompted to manually specify the FQDN of your on-premises Exchange server and RPC proxy server. You have to successfully connect to the source server to continue.

      Exchange Online creates a new migration endpoint using the connection settings that were successfully discovered or that you provided manually. By default, this migration endpoint is configured to support 20 maximum concurrent migrations and 10 maximum incremental synchronizations.

      NoteNote:
      It’s recommended that you use a migration endpoint that’s created with connection settings that are automatically discovered rather than using settings that you provide manually because the Autodiscover service will be used to connect to each user mailbox in the migration batch. This is important if you have multiple on-premises Exchange servers. Otherwise, you may need to create different migration endpoints that correspond to each on-premises server.
    • One migration endpoint has been created: Exchange Online displays the connection settings from the selected migration endpoint on a read-only page. Verify the connection settings, and then click Next.
    • Two or more migration endpoints have been created: Under Select a migration endpoint, select a migration endpoint from the drop-down list, and then click Next. Exchange Online displays the connection settings from the selected migration endpoint on a read-only page. Verify the connection settings, and then click Next.
  5. On the Move configuration page, type the name of the migration batch, and then click Next. This name will be displayed in the list of migration batches on the Migration page after you create the migration batch. Batch names can’t contain spaces or special characters.
  6. On the Start the batch page, do the following:
    • Click Browse to send a copy of the migration reports to other users. By default, migration reports are sent to the administrator who creates the migration batch. You can also access the migration reports from the properties page of the migration batch.
    • Specify one of the following options to start the migration batch after it’s created:
      • Automatically start the batch   The migration batch is started as soon as you save the new migration batch. The batch is first marked with a status of Created. It’s changed to a status of Syncing after it’s been started.
      • Manually start the batch later   The migration batch is created but it’s not started. The status of the batch is set to Created. To start a migration batch, select it on the migration dashboard and then click Start Start Icon.
  7. Click New to create the migration batch.The new migration batch is displayed on the migration dashboard.

You can use the New-MigrationBatch cmdlet to create a migration batch for a cutover migration. You can create a migration batch and start it automatically by including the AutoStart parameter. Alternatively, you can create the migration batch and then manually start it afterwards by using the Start-MigrationBatch cmdlet.

This example creates and starts a migration batch. The example uses the New-MigrationEndpoint cmdlet to create an Outlook Anywhere migration endpoint, and then uses that endpoint to create the migration batch. The migration batch is automatically started with the AutoStart parameter.

The Get-Credential cmdlet is used to obtain the credentials for the on-premises administrator account, which are required to create the migration endpoint. When prompted for the user name, you can use either the email address or the domain\user name format for the administrator account.

$Credentials = Get-Credential

$MigrationEndpoint = New-MigrationEndpoint -ExchangeOutlookAnywhere -Name EXCH-SRV-01_Endpoint -Autodiscover -EmailAddress administrator@contoso.com -Credentials $Credentials

New-MigrationBatch -Name CutoverBatch -SourceEndpoint $MigrationEndpoint.Identity -AutoStart

This example creates a migration batch and uses the migration endpoint that was created in the previous example. Because the AutoStart parameter isn’t included, the migration batch has to be manually started on the migration dashboard or by using Start-MigrationBatch cmdlet. As previously stated, only one cutover migration batch can exist at a time.

New-MigrationBatch -Name CutoverBatch -SourceEndpoint EXCH-SRV-01_Endpoint

To verify that you’ve successfully created a migration batch for a cutover migration, do one of the following:

  • In the EAC, navigate to Recipients > Migration. Verify that the batch is displayed on the migration dashboard. If the migration batch was automatically started, the value displayed under Status is Syncing. If you configured the batch to be manually started, the value is Created.
  • In the Shell, run the following command to display information about the new migration batch. 
    Get-MigrationBatch

    To display detailed information about the migration batch, run the following command.

    Get-MigrationBatch | fl

Return to top

If you create a migration batch and configure it to be manually started, you can start it by using the EAC or the Shell.

ImportantImportant:
Migration batches with a status of Synced that have no administrator-initiated activity (for example, no administrator has stopped and restarted a migration batch or edited a migration batch) for the last 30 days will be stopped, and then deleted 30 days later if no further action is taken by the administrator. When in the stopped state, you can reset the 30 day interval by running the Start-MigrationBatch cmdlet.
  1. In the EAC, navigate to Recipients > Migration.
  2. On the migration dashboard, select the batch, and then click Start Start Icon.

Run the following Shell command to start a migration batch.

Start-MigrationBatch -Identity <identity>

 

If a migration batch is successfully started, its status on the migration dashboard is specified as Syncing. To verify that you’ve successfully started a migration batch, do one of the following:

  • In the EAC, navigate to Recipients > Migration. Verify that the migration batch was started.
  • In the Shell, run the following command to verify that the migration batch was started. 
    Get-MigrationBatch -Identity <identity> | fl Status

Return to top

Until you change your MX record, email sent to users is still routed to their on-premises Exchange mailboxes. After a mailbox is successfully migrated, the incremental synchronization process synchronizes the on-premises Exchange mailbox and Exchange Online mailbox once every 24 hours until you stop or delete the migration batch. This ensures that messages sent to on-premises mailboxes are copied to Exchange Online mailboxes until you configure your organization’s MX record to point to your Office 365 email organization. After you configure your organization’s MX record, all email is sent directly to the Exchange Online mailboxes. For information about configuring MX records, see Create DNS records for Office 365.

It can take from 24 to 72 hours for the updated MX record to be propagated. Wait at least 24 hours after you change the MX record and then verify that mail is being routed directly to Exchange Online mailboxes.

Return to top

After you change the MX record and verify that all email is being routed to Exchange Online mailboxes, you’re ready to delete the cutover migration batch. Verify the following before you delete the migration batch:

  • That mail is being sent directly to the Exchange Online mailboxes after you change your MX record to point to your Office 365 email organization.
  • That all users are using their Exchange Online mailboxes. After the batch is deleted, mail sent to mailboxes on the on-premises Exchange server will not be copied to the corresponding Exchange Online mailboxes.
  • That Exchange Online mailboxes have been synchronized at least once after mail began being sent directly to them. To do this, make sure that the value in the Last Synced Time box for the migration batch is more recent than the date and time when mail started being routed directly to Exchange Online mailboxes. This will help ensure that the most recent mail was migrated to Exchange Online mailboxes before mail was sent directly. After you delete the migration batch, on-premises and Exchange Online mailboxes will no longer be synchronized.

When you delete a cutover migration batch, the migration service cleans up any records related to the migration batch and deletes the migration batch. The batch is removed from the list of migration batches on the migration dashboard.

ImportantImportant:
Migration batches with a status of Synced that have no administrator-initiated activity (for example, no administrator has stopped and restarted a migration batch or edited a migration batch) for the last 90 days will be stopped, and then deleted 30 days later if no further action is taken by the administrator.
  1. In the EAC, navigate to Recipients > Migration.
  2. On the migration dashboard, select the batch, and then click Delete Delete icon.

Run the following Shell command to delete a migration batch.

Remove-MigrationBatch -Identity <identity>
  • In the EAC, navigate to Recipients > Migration. Verify that the migration batch is no longer listed on the migration dashboard.Or
  • Run the following command to verify that the migration batch has been deleted. 
    Get-MigrationBatch <identity>

    The command will either return the migration batch with a status of Removing or it will return an error stating that the migration batch couldn’t be found, verifying that the batch was deleted.

Return to top

  • Assign licenses to Office 365 users.   When you migrate a user’s mailbox to Exchange Online using a cutover migration, an Office 365 user account is created for the user. You have to activate this user account by assigning a license. If you don’t assign a license, the mailbox will be disabled when the grace period ends. To assign a license in the Office 365 admin center, see Assign or remove a license.
  • Create an Autodiscover DNS record.   After all on-premises mailboxes are migrated to Exchange Online, you can configure an Autodiscover DNS record for your Office 365 organization to enable users to easily connect to their new Exchange Online mailboxes with Microsoft Outlook and mobile clients. This new Autodiscover DNS record has to use the same namespace that you’re using for your Office 365 organization. For example, if your cloud-based namespace is cloud.contoso.com, the Autodiscover DNS record you need to create is autodiscover.cloud.contoso.com.Exchange Online uses a CNAME record to implement the Autodiscover service for Outlook and mobile clients. The Autodiscover CNAME record must contain the following information:
    • Alias   autodiscover
    • Target   autodiscover.outlook.com

    For more information, see Create DNS records for Office 365.

  • Implement a single sign-on solution.   After all mailboxes are migrated to the cloud, you can implement a single sign-on solution to enable users to use their on-premises Active Directory credentials (user name and password) to access their Office 365 mailboxes and existing on-premises resources. You implement a single sign-on solution by deploying Active Directory Federation Services 2.0 (AD FS 2.0). For more information, see Cutover Exchange Migration and Single Sign-on.
  • Decommission on-premises Exchange servers.   After you’ve verified that all email is being routed directly to the Exchange Online mailboxes, have completed the migration, and no longer need to maintain your on-premises email organization or don’t plan on implementing a single sign-on solution, you can uninstall Exchange from your servers and remove your on-premises Exchange organization.
    ImportantImportant:
    If you implement a single sign-on solution, we strongly recommend that you maintain at least one Exchange server so that you can access Exchange System Manager (Exchange 2003) or the Exchange Management Console/Exchange Management Shell (Exchange 2007, Exchange 2010, and Exchange 2013) to manage mail-related attributes on the on-premises mail-enabled users. For Exchange 2007 and Exchange 2010, the Exchange server that you maintain should have the Hub Transport, Client Access, and Mailbox server roles installed.

    For more information, see the following:

    CautionCaution:
    Decommissioning Exchange can have unintended consequences. Before decommissioning your on-premises Exchange organization, we recommend that you contact Microsoft Support.
  • Re-enable offline access for Outlook Web App.   Offline access in Outlook Web App lets users access their mailbox when they’re not connected to a network. If you migrate Exchange 2013 mailboxes to Exchange Online, users have to reset the offline access setting in their browser to use Outlook Web App offline. For more information about offline access in Outlook Web App, the browsers that support it, and how to turn it on, see Using Outlook Web App Offline.

Return to top

Here are some tips to optimize your cutover Exchange migration:

  • Change the DNS Time-to-Live (TTL) setting on your MX record.   Before you start to migrate mailboxes, change the DNS TTL setting on your current MX record to a shorter interval, such as 3600 seconds (one hour). Then, when you change your MX record to point to your Office 365 organization after all mailboxes are migrated, the updated MX record should propagate more quickly because of the shortened TTL interval.
  • Updating the WindowsEmailAddress attribute   The WindowsEmailAddress attribute is used as the primary key for the cutover migration and changing the WindowsEmailAddress attribute on the on-premises side during a cutover migration isn’t recommended. If the WindowsEmailAddress attribute needs to be changed, we recommend that you remove the target MigrationUser attribute, remove the target mailbox, group and contact, and then restart the migration batch.
  • Communicate with your users.   Let users know ahead of time that you’re migrating the content of their on-premises mailboxes to Exchange Online. Consider doing the following:
    • Asking users to delete old or unnecessary email messages from their Exchange mailboxes before migration. This helps reduce the amount of data that has to be migrated and can help reduce the overall migration time. Or, you can clean up their mailboxes yourself.
    • Suggesting that users back up their Inboxes.
    • Telling users when they can use their Office 365 user account to access the email that was migrated from their on-premises accounts. Don’t give users access to their Exchange Online mailboxes until you’re ready to switch your MX record to point to Office 365.

Return to top

Access your Business Contacts remotely: Use Synchronization in Business Contact Manager

If you use Outlook on a mobile device, or if you sign in to Office Outlook Web Access (OWA) to check your e-mail messages, you already know how useful it is to have easy access to your business and personal information when you are away from your computer. Now you can use your mobile phone, OWA, a Windows Live account, or SharePoint site to access your Business Contact Manager for Outlook Business Contacts the same way you would access your Outlook, Windows Live, or a SharePoint contacts.

This article describes how to set up and use synchronization to access your Business Contacts using the Internet, how to work with Business Contact records remotely, how to stop synchronizing, and the results of switching to a different database while synchronization is turned on.

For information about how to take all of your business data with you, see Work offline using Business Contact Manager.

What do you want to do?

Top of Page TOP OF PAGE

Why synchronize Business Contacts?

When you synchronize, or “mirror”, your Business Contact Manager for Outlook Business Contacts, you can access your Business Contacts remotely, along with your other Contact lists. As an example, if you were planning a sales trip to demonstrate a new product to your clients, and you needed to access your clients’ information over the Internet in the same way that you remotely access your other contacts, you could set up your Business Contacts for synchronization.

 NOTE    If you need to take all of your business data with you, not just your Business Contact information, seeWork offline using Business Contact Manager.

To set up remote access to your Business Contacts, simply choose the type of Outlook Contacts folder that you use with OWA or a mobile device when you are away from your office. The folders you can choose from in Outlook include your Outlook Contacts, Windows Live Contacts, or SharePoint Contacts, as well as any custom Contacts folder you might have created.

How synchronization works

Through the process of synchronization, your Business Contacts are copied to the Outlook Contacts folder that you select. Both types of records appear in the Contacts list that you use when you are out of the office. Business Contact records are marked with a “business person” icon Synced business contact icon. You can then access your Business Contact records over the Internet, the same way that you access your Outlook Contacts.

Synchronization updates the records in your Business Contact Manager database with any changes that you make to the synchronized records over the Internet, and updates your synchronized records with any changes that are made to the records in the database. All updates are made in the background and will not interfere with your work.

 NOTE   When you stop synchronizing your Business Contacts, they are automatically removed from your Outlook, SharePoint, Windows Live, or other synchronized Contact folder.

Top of Page TOP OF PAGE

Example: Sales trip

During a sales trip, you visit a client and learn that the purchasing manager, Nick Brigandi, has left the company, and a new purchasing manager, Andrea Dunker, has been hired. You want to delete Nick’s record from your Business Contacts, and create a new record for Andrea. You log in to OWA, click Nick’s record, and delete it. Next, you click New, enter information about Andrea, and then you save the new record.

In just a few minutes, the changes are copied up to Outlook on your office computer. Nick Brigandi is deleted from your Outlook Contacts folder and his record is moved to the Deleted Items folder in Business Contact Manager for Outlook. Andrea Dunker is added to your Outlook Contacts folder, but her record is an Outlook contact, not a Business Contact record. Only existing Business Contact records are synchronized; you can’t create new Business Contact records over the Internet.

After your trip, you can set up Andrea Dunker as a Business Contact, following the steps in Create Business Contact Manager records from Contact records later in this article.

If you decide that you need all of your business records while travelling, you can set up your database to be available on a laptop that you take with you. For information about how to take all of your business data with you, see Work offline using Business Contact Manager.

Top of Page TOP OF PAGE

Make your Business Contacts accessible on the Internet

To be able to work with your Business Contacts’ information wherever you are, you could move or copy your Business Contact records, one by one to the folder you use to access your contacts remotely, but then you would lose the data associated with the records in Business Contact Manager for Outlook, and the advantage of synchronization. Any time you changed a record, you would have to manually make the same change to the other copy of the record, whether it is on the database or in your copied records on the Internet.

Instead, you can add your Business Contacts to your Outlook Contacts folder, making them available to you on the Internet, when you use OWA, or a mobile device. With Business Contact Synchronization enabled, you can update a contact record in one place, and see the changes reflected in the other copy of the record, whether it’s on the database or on the Internet.

The Business Contact Synchronization feature copies your Business Contacts to your selected type of Contacts folder and leaves the original records in your Business Contact Manager database. The information in both copies of your Business Contact records is automatically synchronized whenever you make an update, no matter how you access the records.

  1. Click the File tab.

Keyboard shortcut    To open the Microsoft Outlook Backstage view, press ALT + F.

  1. Click the Business Contact Manager tab.

Keyboard shortcut    To open the Business Contact Manager Backstage view, press ALT + B.

  1. Click Synchronize, and then click Start Synchronizing Business Contacts.

Keyboard shortcut To open the Synchronize menu, press ALT + M

  1. In the Synchronization Settings dialog box, choose the type of Outlook Contacts folder to copy your Business Contacts to.

The options you can choose will vary, depending on the programs or Web application that you use to access data remotely. For information about how to choose a folder, see Choose a synchronization folder later in this article.

  1. If you want to file the Business Contacts in a specific category in your Outlook Contacts folder, leave the Category check box selected, and then click the category that you want. Otherwise, clear the check box.
  2. Click OK.

Your Business Contacts are copied to your selected Contacts folder and are automatically kept in sync between the two folders.

The Business Contact records display a “business person” icon Synced business contact icon to distinguish them from your Outlook contacts.

 NOTE    When you stop synchronizing your Business Contacts, they are automatically removed from your Outlook Contacts folder.

Top of Page TOP OF PAGE

Choose a synchronization folder

When you start the synchronization process, you’ll be prompted to choose a folder that will contain the copy of your Business Contact records. This is the folder that you already use to access your Contacts on your laptop or mobile device when you are away from your office.

 NOTE    If you use a mobile device, it must be configured to synchronize your Outlook Contacts.

Your choice of folders in the Synchronization Settings dialog box depends on the programs or Web application that you use to access data remotely, and your Outlook settings. Outlook Contact folders can include .pst files, .ost files, Windows Live Contacts, or SharePoint Contacts.

Following are the types of contact folders that can be used to synchronize Business Contacts:

Microsoft Exchange account    Click this option if you access your e-mail by using a Microsoft Exchange Server 2010 account. Your Business Contacts will be copied to the same folder that you use for your Outlook Contacts.

Outlook data file (.pst)    Click this option if you want to copy your Business Contacts to the same folder that you use to access your Outlook Contacts. You can use this option if you access your contacts on your mobile phone, or with Exchange, POP, or other Internet mail accounts.

Windows Live account    Click this option to synchronize your Business Contacts with Windows Live Contacts if you access your Windows Live Contacts on a remote computer or a mobile device.

SharePoint contact list Click this option if you use SharePoint, and have a contact list on the SharePoint site that you access. Your Business Contacts will be synchronized with your SharePoint contact list.

Other contacts folder Click this option if you’ve created another Outlook Contacts folder that you want to use for synchronizing your Business Contacts.
 NOTES 

  • You can synchronize to only one e-mail account, and one type of Contact folder at a time.
  • If you use a mobile device, it must be configured to synchronize your Contacts.

Top of Page TOP OF PAGE

Change your Business Contacts synchronization folder

You can synchronize your Business Contact records to only one folder at any time. However, you can change the folder whenever you need to, even if you are already synchronizing to a different folder. To change the folder, change your synchronization settings.

  1. Click the File tab.

Keyboard shortcut    To open the Microsoft Outlook Backstage view, press ALT + F.

  1. Click the Business Contact Manager tab.

Keyboard shortcut    To open the Business Contact Manager Backstage view, press ALT + B.

  1. Click Synchronize, and then do one of the following:
  • If you are currently synchronizing Business Contacts to a folder, click Change Settings.
  • If you are currently not synchronizing Business Contacts, click Start Synchronizing Business Contacts.
  1. In the Synchronization Settings dialog box, click a Contact folder.

For information about the available options, see Choose a synchronization folder earlier in this article.

  1. If you want to file the Business Contacts in a specific category in your Outlook Contacts folder, leave theCategory check box selected, and then click the category that you want. Otherwise, clear the check box.
  2. Click OK.

 NOTE    When you choose a different folder, all synchronized Business Contacts are removed from the previous folder.

Top of Page TOP OF PAGE

Stop synchronizing Business Contacts

  1. Click the File tab.

Keyboard shortcut    To open the Microsoft Outlook Backstage view, press ALT + F.

  1. Click the Business Contact Manager tab.

Keyboard shortcut    To open the Business Contact Manager Backstage view, press ALT + B.

  1. Click Synchronize, and then click Stop Synchronizing Business Contacts.

Keyboard shortcut    To open the Synchronize menu, press ALT + M

All of your synchronized Business Contact records are removed from the Contacts folder.

Top of Page TOP OF PAGE

Create Business Contact Manager records from Contact records

Only existing Business Contact-based records in the Business Contact Manager database are synchronized. When synchronization is enabled, any new contacts that you create in your synchronized contacts folder will appear only as Outlook Contacts, unless you also copy or move the contacts to Business Contact Manager for Outlook.

You can add the Contacts as any Account or Business Contact record type, including custom record types that you have created.

 NOTE    If you move an Outlook Contact to Business Contact Manager for Outlook as an Account record, you can no longer synchronize that record to use over the Internet.

  1. In the Navigation Pane, click the Contacts button.
  2. Click the Contact that you want to copy or move to Business Contact Manager for Outlook.
  3. On the Ribbon, in the Business group, click Create Record.
  4. Do one of the following to choose the type of record that you want to create:
  • Click Copy to Business Contact Manager, and then click the type of record.
  • Click Move to Business Contact Manager, and then click the type of record.

The record is automatically created. To see the record in Business Contact Manager for Outlook, in the Navigation Pane, under Business Contact Manager, click Contact Management.

Top of Page TOP OF PAGE

How does switching to a different database affect synchronization?

In Business Contact Manager for Outlook, you can work in only one database at any time.

If you need to switch to a different database, you can, even when Business Contact Synchronization is turned on. When you choose a new database, you will be asked how you want to handle the synchronized records from the database that you are leaving. Choose from the following options:

  • Keep in Outlook Contacts. Click this option to keep the previously-existing synchronized contacts in your Outlook Contacts folder. These contact records will remain in your Contacts folder, and will be marked with a business person icon. They won’t appear in your Business Contacts list in your new database unless you add them. The records remain unchanged in your previous database.

If you choose this option, you can later delete these synchronized contacts from your Outlook Contacts folder, with the process described in Remove synchronized Business Contacts that were imported from a different database later in this article.

  • Delete from Outlook Contacts. Click this option to delete the synchronized Business Contacts from the Outlook Contacts folder. The Business Contacts are left intact in your previous database.
  • Import to your current Business Contact Manager database. Click this option to add all of the previously-existing synchronized Business Contact records to your new database as Business Contacts. Changes made to the imported Business Contacts do not affect the records in the previous database.

 NOTE    If you choose to import, the synchronized Business Contacts are not deleted from your Outlook Contacts folder.

business contact synchronization dialog box

Synchronization is automatically turned on for your new database.

For information about how to switch databases, see Create or select a new Business Contact Manager database.

Top of Page TOP OF PAGE

Switch databases while synchronizing Business Contacts

  1. Click the File tab.

Keyboard shortcut    To open the Microsoft Outlook Backstage view, press ALT + F.

  1. Click the Business Contact Manager tab.

Keyboard shortcut    To open the Business Contact Manager Backstage view, press ALT + B.

  1. Click Manage Databases, and then click the database option that you want.

Keyboard shortcut    To open the Manage Databases menu, press ALT + D.

  1. Follow the steps in Create or select a new Business Contact Manager database to connect to a new database.
  2. If the Contact folder already contains synchronized Business Contacts from a different Business Contact Manager database, the Business Contact Synchronization dialog box opens. Click one of the following options:
  • Keep in Outlook Contacts
  • Delete from Outlook Contacts
  • Import to your current Business Contact Manager database
  1. Click OK.

Top of Page TOP OF PAGE

Remove synchronized Business Contacts that were imported from a different database

You might find that you have extraneous Business Contact records if you imported the Business Contacts from your previous database. Use the following procedure to remove the records.

  1. Click the File tab.

Keyboard shortcut    To open the Microsoft Outlook Backstage view, press ALT + F.

  1. Click the Business Contact Manager tab.

Keyboard shortcut    To open the Business Contact Manager Backstage view, press ALT + B.

  1. Click Synchronize, and then click Remove Contacts Deleted from Outlook.

Keyboard shortcut    To open the Synchronize menu, press ALT + M

The deleted contacts are removed from the database.

How to clear the AutoComplete list in Outlook 2010

Outlook 2010 introduced a change to the way the AutoComplete list (aka: nickname cache) is stored on the client.  The new Roaming AutoComplete list is now stored on the Exchange Server. A user’s recipient AutoComplete list is now available to any computer on which Outlook 2010 runs that is connected to the same Exchange account. Individual names can be easily removed from the list by using the new inline Delete function.  Just simply type the first few characters of the name you wish to delete and press the Delete key or click the X.

image

What this means for you is that your AutoComplete list is synchronized between platforms: OWA, Windows Mobile and Outlook will all share the same AutoComplete list.  While this sounds up front like a great enhancement there are some changes that you need to be aware of in case you need to clear this list.

First, there is no more NK2 file.  The actual file you are looking for is located is:

C:\Users\%username%\AppData\Local\Microsoft\Outlook\RoamCache\Stream_Autocomplete*.dat.

Deleting this file will not clear your AutoComplete list.  As soon as you start Outlook 2010 the file will reappear, along with any bad addresses.  So how does one clear the entire list?

Use one of the methods listed below to reset the Outlook nickname cache for Microsoft Outlook 2010.

Method 1

  1. With Outlook 2010 open, click File (BackStage), and then click Options.
  2. Click the Mail tab.
  3. Under Send Messages, click Empty Auto-Complete List.

Outlook will generate a new nickname cache.

Method 2

  1. Click Start, and then click Run.
  2. Start Outlook by using the /CleanAutoCompleteCache switch.
    For example: Outlook.exe /CleanAutoCompleteCache
    Note If Outlook is not installed in the default location, you will need to point to the path of Outlook.exe.

Outlook will generate a new nickname cache.

Reference KB287623 for more information…

Import iCal or Address Book items into Outlook

Do any of the following:

Import Apple iCal events and to-do items

Outlook can import events and to-do items from iCal. In Outlook, the to-do items appear as tasks.

  1. In iCal, on the File menu, point to Export, and then click Export.

    NOTE   Outlook can only import iCal events that are saved in the Export (.ics) format. Outlook can’t import events saved in the iCal Archive (.icbu) format.

  2. In the Save As box, type a name for the exported file.
  3. On the Where pop-up menu, select a location on your hard disk to save the file, and then click Export.
  4. In Outlook for Mac, at the bottom of the navigation pane, click Calendar  Calendar view button.
  5. In the Finder, locate the .ics file, and drag the .ics file to the Outlook Calendar grid or list.

Import Apple Address Book contacts

You can export contacts from the Apple Address Book as a vCard, and then drag the vCard file into Outlook to import your contacts.

TIP   As an alternative to importing contacts from the Apple Address Book, you can turn on Sync Services for your Outlook contacts. Turning on Sync Services syncs your Outlook contacts with the Apple Address Book, MobileMe, and other applications or devices that you set up in Apple iSync.

  1. In the Apple Address Book, select the contacts that you want to export, and then drag the selection to the desktop.

    The contacts are saved as a vCard file that contains all the contacts.

  2. In Outlook for Mac, at the bottom of the navigation pane, click Contacts  Contacts view button.
  3. Drag the vCard file from the desktop to the Contacts item list.

    NOTE   Contact groups in the Apple Address Book are converted to categories in Outlook.

See also

Add an Exchange account

Sync Outlook with iCal and Apple Mail on your Mac

Import information into Outlook

Export or manually archive Outlook items

DELL iDRAC7 Port Information

iDRAC7 Port Information
The following ports are required to remotely access iDRAC7 through firewalls. These are the default ports iDRAC7
listens to for connections. Optionally, you can modify most of the ports. To do this, see Configuring Services.
Table 4. Ports iDRAC7 Listens for Connections

Port Number Function
22* SSH
23* Telnet
80* HTTP
443* HTTPS
623 RMCP/RMCP+
5900* Virtual Console keyboard and mouse redirection, Virtual Media, Virtual Folders, and
Remote File Share
* Configurable port

The following table lists the ports that iDRAC7 uses as a client.
Table 5. Ports iDRAC7 Uses as Client
Port Number Function
25 SMTP
53 DNS
68 DHCP-assigned IP address
69 TFTP
162 SNMP trap
445 Common Internet File System (CIFS)
636 LDAP Over SSL (LDAPS)
2049 Network File System (NFS)
123 Network Time Protocol (NTP)
3269 LDAPS for global catalog (GC)

Make printers visible in the “Add a printer Dialogue box”

In windows Vista and Windows 7 when you add a network printer you get a dialogue box that looks like you should be able to select the printer from the list but the list says that there are no printers available. After much hunting I finally found some group policy settings that change how things are listed.

This how to shows where to go to change the settings

1.

Open Group Policy Management Console

There are many ways to do this so use your favorite way.
2.

Create a new Policy

Create a group policy in in the Organizational Unit where your computers are stored.
3.

Browse to the relevent section

So this is what you all are waiting for:

Computer Configuration>Policies>Administrative Templates>Printers> Add Printer wizard – Network Scan Page (managed network)

This GP setting allows you to determine how many of the following printer types show up.
Number of Directory Printers
Number of TCP/IP Printers
Number of Web Services Printers
Number of Bluetooth Printers
Number of shared Printers
4.

Other things to look at since you are here anyways

Some other settings that may be of interest to you as well are

Point and Print Restrictions (allows you to allow your users to add printers from set print servers without having a UAC prompt)

Printer Browsing (I am not sure if you need to configure this but I did just in case)

Conclusion

I hope this helps some one else figure out how to add information to the the “Add Printer Wizard” dialogue box

I wish I still had the references for how I figured this out. I think I got the hint somewhere in the Spiceworks Community but I am not sure where it was anymore.

Creating the Group Policy Central Store – Updated for Windows 8.1/2012R2

Central Store Extraordinaire

The Group Policy Central Store has two big benefits for every Windows Administrator. First, it allow you (plus anyone else with the GPMC) to have the latest Group Policy administrative templates available. Second, creating a central store will significantly reduce the amount of storage being used on your domain controllers! In this article, we are going to create/update our Group Policy Central Store. We will make the Windows 8.1/Server 2012R2, Office 2013, and a few other ADMX files available to our entire IT department.

To get an idea of how the Group Policy Central Store works, explore your Sysvol for a second. Open an explorer window and navigate to \\DOMAINNAME\sysvol\. Open up any subfolders until you are inside the policies folder. We are now looking the GUID of every Group Policy Object (GPO) in our domain.  Open up any policy and you should see a few subfolders. The most common are: ADM, Machine, and User.

Creating the Group Policy Central Store

By default, your ADM folder will contain five ADM files. Each client will also have a copy of these files. Every policy that you create will automatically include this ADM folder. Our domain has four domain controllers and 767 group policy objects. Each policy would have a 3.46 MB ADM folder in it. That means that our domain uses 10.4 GB of space to store ADM files! Imagine how much space is being wasted in your sysvol.

The great thing about creating the Group Policy Central Store is this will have zero impact on your client machines! Each client already has a local copy of any Administrative Template and the GPMC will simply use the Central Store to pull its available Administrative Templates.


Three Steps to Create the Group Policy Central Store

If you are just updating your Group Policy Central Store, skip to the download links below and replace any file that you are prompted to overwrite.

If you are creating your Central Store, browse back to your Policies folder within Sysvol and create a new folder named “PolicyDefinitions”.

Download the following ADMX templates to populate your Central Store. You will need the first download. The rest are optional.

Extract the files into your .\Policies\PolicyDefinitions Folder. The ADMX files should be put into the root of this folder. The language folder (ex: en-us) should also be in the root. All ADML files should be within the language folder.

Capture

Close any opened GPMC windows on your management machine. Open GPMC again and create a new policy. Navigate to Computer Configuration\Policies\Administrative Templates. Left click on Administrative Templates. In the center of the screen, you should now see: “Administrative Templates: Policy Definitions (ADMX files) retrieved from the Central Store”

Creating the Group Policy Central Store


Cleaning Up the ADM Remains

Your Group Policy Central Store is working and you are already getting the first huge benefit! Every management machine has the exact same set of ADMX files. The second benefit, mentioned above, is a much smaller SYSVOL.

To get your SYSVOL smaller, you will need to delete any ADM templates that you did not import yourself. Search your policies folder for any file with a .ADM extension. In Windows search, you can query “*.ADM” to retrieve all of the ADM files. When searching, you might also want an easy way to convert GPO GUIDs to GPO names. This PowerShell method will help.

Capture.1PNG

You can safely delete the 5 built-in ADM files. They are:

  • conf.adm
  • inetres.adm
  • system.adm
  • wmplayer.adm
  • wuau.adm

You might still have some ADM files left. You will want to get rid of these as well. First, decide if you still need some of the ADM file. For example, you might have Office 2003 ADM files in SYSVOL even though you are no longer using Office 2003. In my environment, I had Office 2007 ADM files within specific GPOs plus Office 2007 ADMX files in my Central Store. Deleting the Office 2007 ADM files straightened out that problem.

If you still have ADM files that do not have an ADMX equivalent, contact the software maker first. If they are unable to provide ADMX files, you can try to convert the ADM to an ADMX format. Microsoft has released a free ADM to ADMX convertor. It can be found on the Tools page.