Skip Ribbon Commands
Skip to main content
Benoit s Corner

Benoit's corner

July 23
Lync 2013 – Push notification not working

While working on a recent Lync 2013 project, we faced an issue with the push notification which was not working as expected – some got the notifications, some not.

After reviewing all the configuration on Lync servers (front ends and edge) and found nothing, I found that the settings for Lync Online federated provided was set to Allow users to communicate only with people in their Contacts list and though ‘wait, the push service is an unknown people’ so let’s try by switching to Allow users to communicate with everyone using this provided.

image

Et voila, push notification starts working for everyone as expected.

July 14
Windows 8 – The latest updates from OneDrive (formerly called Skydrive) does not keep available offline sub content automatically

On Windows 8.1 client, the latest OneDrive updates has changed the heritance of the "’make available offline”.

Indeed, previously, all content I stored below my OneDrive Documents folder was automatically set as available offline because I set the parent folder (Documents) to do so.

Unfortunately since the last OneDrive update, thie heritance has been broken and you have to manually select one by one each new content to be kept available offline.

It seems this is not the only issue with the last updates.

July 04
Office 365 – External users can not access the site mailbox

While working on a project, I had to setup a SharePoint site on Office 365 with a Site mailbox enabled for this site.

So far, so good, this is a well known, simple and working procedure. Nothing tricky there Smile

BUT, here it comes the issue; this site is being shared and used by external users (thanks to the external sharing feature). Here too, there is nothing tricky and it is working fine BUT the issue comes with the Site Mailbox.

As you know, to be able to use (and so access) the site mailbox from the SharePoint site, you must be defined explicitly as a site member. This is off course the case for the external users. However, external users can not access the site mailbox because of the “Guest Access isn’t supported”

image

July 02
Renewed as MVP Office 365

I’m happy to announce that I have been renewed as MVP Office 365 for another year Smile

 

June 28
Office 365 / SharePoint Online – Behavior change for the New button in the quick action bar with content type management allowed

Recently, I discover a behavior change for the New button in the quick action bar for SharePoint Online library. Indeed, instead of having the new document option (with the list of available templates for this document library); I got the upload a file dialog box.

After investigating, I discovered this change appears when you enable the content type management feature on the document library settings; you don’t even have to change the content type available for the document library, just enable the management.

Off course, I thought (and still think Smile) this was not a normal behavior and opened a service request to the Office 365 support. And big surprise!!!, I got as answer this is the normal behavior. I asked for escalation to get the logical behavior after enabling the content type management – meaning get the New document option instead of the upload a file. Until the product group take a look and action, the only way to get it changed it to fill a request through the form (link provided at the end of this post) as this is not (yet?) considered as a bug.

Here are the what you get depending of the configuration

Content Type Management not enabled

Content Type Management enabled

image image

 

As reminder, the content type management feature is available through the library settings below the advanced settings options

image

If you are like me and think this is not a normal or logical behavior, please go to http://support.microsoft.com/common/survey.aspx?scid=sw;en-us;2222&3=Lite&5=Admin&15=10037FFE80644633&altStyle=MFE&renderOption=OverrideDefault&showpage=1&fr=1&nofrbrand=1&url=homePageLayout and fill the request.

June 26
Microsoft Azure – Azure Active Directory Device registration in preview

Another new coming feature on Azure Active Directory service: Device registration.

You may be already aware that with Windows Server 2012 R2, Windows 8 and ADFS 3.0, Microsoft has introduced a new feature to allow/simplify the BYOD – Bring Your Own Device – and access corporate resources (and corporate Windows App) WITHOUT being obliged to join the domain, called Workplace Join

Now, this feature is in preview on Azure too. The aim for this cloud device registration service is more to deliver a way for administrator to view the registered devices (and so the user associated with) than to provide a real cloud solution for this feature, as you still need to deploy ADFS 3.0 on your On Premises.

Prerequisites

You should have already configured directory synchronization with Azure Active Directory; for those who are already using Office 365 synchronized with your AD, this is already done. For the other, just follow the same configuration steps than for integrating AD with Office 365. NOTE the Directory Synchronization tool version used for this service MUST be 1.6862.0000

Enabling AADDR

image

  • Then click on your Azure Active Directory and go to the Configure section

image

  • Reach the Device Registration section to enable – if you already have different AAD features available (like multi factor authentication) you may have to  scroll down

image

  • Then you have to define how many personal device a user can join to the workplace and if you have multi factor authentication feature enabled, if this has to be used when joining the workplace

image

That’s it, you are ready for cloud Workplace join feature Smile

Next step is to implement the service discovery – off course; without this, there will be no way to use this feature.

To do so, you must create a DNS record which point to the Azure service – this is exactly the same requirement than for On Premises Workplace Join feature.

The DNS record is called enterpriseregistration on the domain used by your user (the part after the @) and must point to enterpriseregistration.windows.net

The final steps are to deploy and configure federation services 3.0 without the option Configure a federation server with Device Registration Service (DRS), as this deployed at the Azure level, on your environment and federate with Azure Active Directory.

This part is not covered by this post as there is already a lot of resources available to deploy/configure ADFS 3.0.

Using the Azure Active Directory Powershell module, run the command Enable-MSOnlineObjectManagement –ObjectTypes Device –TargetCredentials $AADCreds to enable the device object feature.

Tada, starting then your users can register their Windows 8 or iOS client (for iOS they must use https://enterpriseregisration.windows.net/enrollmentserver/otaprofile/<yourdomainname> URL).

View registered device

From the Azure Management portal, go to your Active Directory and from the Users tab, click on a user account

Below the Device tab, you will see the device(s) they have registered – NOTE you may have to use the drop down menu to switch to the Registered devices view

imageimage

June 23
Microsoft Azure – Use Azure Active Directory Application Proxy (AADAP)

In this post, I will cover implementation of a new feature on Microsoft Azure called Azure AD Application Proxy.

This mainly consist of the Web Application Proxy role introduced in Windows Server 2012 R2 but on Azure.

Currently in preview, this feature will be available to Azure Active Directory Premium – take a look here for details between Azure Active Directory free and Premium http://azure.microsoft.com/en-us/pricing/details/active-directory/

Idea behind this feature is to allow On Premises application to be published to internet without having to deploy a reverse proxy on your On Premises – in some way, this is the answer of Microsoft after they stopped selling ForeFront Threat Management Gateway (TMG) and ForeFront Unified Access Gateway (UAG).

That said, let’s start.

Enable Azure Active Directory Application Proxy

  • Connect to your Microsoft Azure administration portal and go to the Active Directory section
  • Select the domain on which you want to enable the AADAP

image_thumb

  • Then go to the Configure section

image_thumb4

  • You may already have other premium features for Azure Active Directory, so you may have to scroll the page to reach the section Application Proxy; then click Enabled and Save

image_thumb7

NOTE the Azure Active Directory Application Proxy connector requires to have Visual C++ 2012 redistributable package installed – available here www.microsoft.com/download/details.aspx?id=30679

image_thumb8image_thumb9 

image_thumb10image_thumb11

  • Then register the connector to your tenant using PowerShell. Open a PowerShell command prompt running as administrator and execute the following – when running the registration command you will be asked to enter your Azure credential (use an administrator organizational account, your Microsoft Account will not work)
    • Import-Module AppProxyPSModule
    • Register-AppProxyConnector

image_thumb12

NOTE if you are protecting internet access from your corporate network by blocking some port, you must allow outbound communication from the server you are installing the connector on the 9090, 10100, 10101 20200 and 20201 TCP communication ports. The first port is used during the registration process, the two next (10100 and 10101) are involved when a user request arrives and is managed by the connector while the last two are used to maintain communication between the connector and the Azure platform.

If you want to restrict access on this port to only Azure services, you need to add *.msappproxy.net as destination on your rule

If don’t allow this port, the registration will failed with the error

Register-AppProxyConnector: Could not connect to the registration service. Check your network connectivity.

CategoryInfo: ConnectionError: (:) [Register-AppProxyConnector], EndPointNotFoundException

FullyQualifiedErrorId: ConnectionFailed,Microsoft.ApplicationProxy.Connector.PSModule.RegisterCommand

image_thumb18

  • There is no notification to confirm the registration

Publish an internal application using AADAP

  • Once you have enabled AADAP and registered the connector you can publish internal application
  • While you are still connected to your Microsoft Azure administration portal within the Active Directory section (or the next time you will connect Smile), go to the Application tab and click the Add button at the bottom

image_thumb13

  • Then choose to publish an application that will be accessible from outside your network

image_thumb14

  • Follow the wizard, name your published application and define the INTERNAL URL to access the application

image_thumb15image_thumb16

The wizard has automatically pre populated the external URL which can not be changed. Keep this URL available as it will be required to update your public DNS entry to point your published application through Azure Application Proxy instead of your On Premises reverse proxy.

NOTE you can publish in HTTPS (the default setting) or HTTP just by hitting the related button

This is it, you have published your application through Microsoft Azure Active Directory Application Proxy.

image_thumb17

The last step is to update your DNS entry with the external URL defined when you have created the published application; you can get this URL by returning to the Application tab and selecting the published application AND (off course) update the settings on your firewall/router to point incoming HTTP and/or HTTPS traffic to the server hosting the Application Proxy Connector.

image_thumb1 

June 20
Microsoft Azure – A new administration portal available in preview

As part of the continuous improvement and evolution of the Microsoft Azure services, Microsoft is proposing a new administration and simplified administration portal for Azure in preview.

To use this incoming new portal, just go to https://portal.azure.com/

image 

NOTE not all Azure services are available through the preview portal. When not available, you will get a link to redirect you to the current portal

Off course, the current “classic” administration portal is still available with the URL https://manage.windowsazure.com

image 

June 19
Windows Phone – Synchronize your Wi-Fi connection settings between Windows Phone 8.1 and Windows 8.1

Recently I discovered a pretty nice new feature in Windows Phone 8.1 Developer preview – meaning this should be available to everyone when the GA for this update will be reached in about few weeks or months.

So, here is the situation: I’m running Windows 8.1 and Windows Phone 8.1 Dev Preview, both using my Microsoft account (to logon on my Windows client [workgroup mode]). I was on a customer site and configured the connection to their guest Wi-Fi, using a passphrase, on my Windows 8.1 client and keeping the Connect automatically setting enabled.

Few minutes later (don’t exactly the timeframe), the settings for this Wi-Fi connection has been synched to my Windows Phone which then automatically connects to the network.

imageimageimage

I’m not really if there anything special because there has been no announcement about this feature. I assume it may work also for public network, but off course in this case if there is any need to open the browser to fill a form and check a box to get connected you will have to do it on the mobile device.

i just find this pretty smart as it will help to configure connection to Wi-Fi network on the mobile device.

June 17
Exchange / Office 365 – You can select which folder to sync for offline use with OWA

With Exchange 2013, and so Exchange Online too, a new feature has been introduced with OWA (Outlook Web Access) called Offline Access – if you don’t how to use it, take a look at my post here http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=393

That said, this feature has been improved as now you can select WHICH folders to synchronize when you are using the offline access for OWA. This is great as until then (and this is still the default setting), only inbox, draft and calendar where synched.

To choose which folders (in addition of the default ones mentioned), you must (off course) have enabled to offline access.

Then, just hit the Gear on top right of the window (on the right side of your name) and click on Offline settings

image

Then click on the offline folders link shown and enable the selection by hitting the Choose folders to sync checkbox and finally click on the + sign to select the folder you want to keep offline.

imageimageimageimage

1 - 10Next

 ‭(Hidden)‬ Blog Tools

 Copyright

 About

Benoit is specialized on Microsoft infrastructure (Active Directory, Azure, ForeFront products, Hyper-V, Identity Management, System Center, Windows) and collaboration (BPOS, Exchange, Office 365, SharePoint) technologies.

He has been awarded as Microsoft Most Valuable Professional (MVP) since 2002 - on Windows, then SharePoint and finally Office 365. Ha has been recoginzed as Microsoft Community Contributor for his work on the Office 365 community in 2013 and 2014.

He has been involved in early stage of testing phase for many Microsoft products - from Windows to Office 365, including Exchange, SharePoint or Office client and WindowsUpdate.

He has participated as speaker or Ask The Expert (ATE) at many Microsoft or Quest events. He also participed in writing several books on SharePoint (2003 to 2010).

He is now working as Cloud Solution Architect for an australian based company, Kloud, in Sydney. After working at Capgemini Australia, Capgemini and Sogeti France, Microsoft France and Avanade France.

With more than 10 years of professional experience, he has a deep knowledge of the Microsoft market and his competitor.

​Privacy Information

This blog is using tracking code for analytics purpose.

No personal data are stored and maintained.

 Follow me on

 Share This

 Office365 Undercover by Arnaud ALCABEZ

Retrieving Data

 Certifications

Microsoft Certified Systems Administrator 
Microsoft Certified Systems Administrator - Messaging
Microsoft Certified Systems Engineer 
Microsoft Technology Specialist 
 Microsoft Certified IT Professional

 Translation Tool

Translate this page

 FaceBook Fan's Page

 Books I wrote

Le portail Microsoft SharePoint 
Microsoft Office SharePoint Portal Server 2003 et WSS au quotidien 
Microsoft Office SharePoint Server (MOSS) et Office 2007  
Microsoft Sharepoint 2010