MessageOps Microsoft Online Blog

We developed this script for organizations that want to give their users more advanced warning of their mailbox quota being exceeded and provide a way to give more details on how to clean their Exchange Online mailbox. In addition to notifying the users, it can also send a summary email to the administrator so they know who is approaching the threshold.

There are a few important things to point out.

First are the warning levels. By default the levels are 75%,85%,and 95% of capacity. Each level has different warning message associated with it.

#Warning Levels, each level is percentage of quota used. Emails to users are customized based on level
$Level1 = 75
$Level2 = 85
$Level3 = 95

The next section you'll probably want to customize are the messages associated with each level and the body of the message. You could perhaps include a link which contains details on how to clean up their mailbox.

$body = $body + "To reduce the size of your mailbox, please following these instructions."

Finally, by default the script just outputs the results to the screen. If you want it to send mail, you'll need to uncomment out the commands that send the email. There are two places this script sends mail. First it sends mail to the individual user's whose mailboxes are over the limits. Second it sends a summary report to the admin. The recommendation would be to schedule this script to run nightly.

You can download a properly formatted version of the script here. As always if you have any questions, suggestions, or run into problems please email us at support@messageops.com.


#Exchange Online Mailbox Size Notification Script
#
#Notifies users when their mailbox is approaching the size limit
#
#By Chad Mosman, MessageOps, www.messageops.com
#

#Email address that the notification email will appear to be from
$mailFrom = "user@domain.com"

#If inbound mailflow is not enabled on your domain in Microsoft Online, change this value
#to your on-premise mail server which should forward to Microsoft Online
$smtpServer = "mail.global.frontbridge.com"

#Microsoft Online Service Account Username and Password
$powerUser = "admin@domain.microsoftonline.com"
$powerPass = "Password"

#If sending a final report to the admin enter the email address the final report should be sent to
$adminemail = "admin@domain.com"
#Enter the subject for the report sent to admin
$adminsubject = "Mailbox Quota Report"

#Warning Levels, each level is percentage of quota used. Emails to users are customized based on level
$Level1 = 75
$Level2 = 85
$Level3 = 95

$supportcollection=@()

$password = ConvertTo-SecureString $powerPass -AsPlainText -Force
$adminCredential = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $powerUser,$password

#Get all the enabled users
$enabledusers = get-msonlineuser -Credential $AdminCredential -Enabled -ResultSize 10000

#Get the mailbox size and item count for each user.

ForEach($user in $enabledUsers){
If ($user.mailboxsize -gt 0){
$mailbox = get-msonlineuser -identity $user.identity -Credential $AdminCredential -SourceDetail Full

$quota=$mailbox.UsedMailboxsize / $user.MailboxSize * 100
$quota = "{0:N0}" -f $quota
$quota = [int]$quota

$quotausersobj= "" | select Name,QuotaUsed
$quotausersobj.Name=$user.identity
$quotausersobj.QuotaUsed=$quota
$supportcollection += $quotausersobj

If ($quota -ge $Level1){

If ($quota -ge $Level3){
$subject = "IMMEDIATE ACTION REQUIRED: Your Mailbox has Exceeded the Quota Size"
$body = "Your mailbox is currently at",$quota,"% of the allowed quota. Failure to immediately reduce the size of your mailbox will result in the inability to send or receive mail."
}
ElseIf ($quota -ge $Level2){
$subject = "IMMEDIATE ACTION REQUIRED: Your Mailbox is about to Exceed the Quota Size"
$body = "Your mailbox is currently at",$quota,"% of the allowed quota. If you do not reduce the size of your mailbox now, you will not be able to send or receive mail."
}
Else{
$subject = "ACTION REQUIRED: Your Mailbox is Approaching the Quota Size"
$body = "Your mailbox is currently at",$quota,"% of the allowed quota. If you do not reduce the size of your mailbox soon, you may not be able to send or receive mail."
}

$body = $body + "To reduce the size of your mailbox, please following these instructions."

#Send notification to user. Comment out next 2 lines if testing.
#$smtp = new-object Net.Mail.SmtpClient($smtpServer)
#$smtp.Send($mailFrom, $user.Identity, $subject, $body)

#Write Results to console. Uncomment next 5 lines if testing.
write-host "Mail from: ", $mailfrom
write-host "Mail to: ", $user.Identity
write-host "Subject: ", $subject
write-host "Body: ", $body
write-host
}
}
}

#Send a report to the admin which lists the quotas used by all users

#Sort the list from highest quota usage to smallest
$supportCollection = $supportcollection | sort @{expression="QuotaUsed";Descending=$true}
$supportbody = "User Identity,Quota Used,Over Limit`n`n"

ForEach($user in $supportCollection){
If ($user.quotaused -ge $Level1){
$supportbody = $supportbody + $user.name + " , " + $user.quotaused + " , " + "Notification sent to User" + "`n`n"
}
Else{
$supportbody = $supportbody + $user.name + " , " + $user.quotaused + "`n`n"
}
}

#Send notification to Admins. Comment out next 2 lines if testing.
#$smtp = new-object Net.Mail.SmtpClient($smtpServer)
#$smtp.Send($mailFrom, $AdminEmail, $adminsubject, $supportbody)

#Write Results to console. Uncomment next line if testing.

$supportbody



In the Microsoft Exchange Online Support Forums the other day there was a question about how to determine if a user was using Active Sync. Since we didn’t know how to determine in bulk if users were using Active Sync, we decided to create a script which could get this information. After doing is little research, it was pretty easy to determine if a user had configured Active Sync. The more difficult part was determining when the last sync time was. If you log into OWA, and go into options you can see the last sync time. Unfortunately, we weren’t able to determine where this information was stored in the mailbox….if you know where the Last Sync Time and Device Details are stored in a mailbox, please let us know and we’ll update the script. With that in mind, the script below just outputs users who have configured ActiveSync at some point (if you need additional information you can open a support request). This script requires that you have the EWS Managed API, which can be downloaded here.

The best way to run the script is just to pipe the output a text file (script.ps1 > results.txt).

If you have any questions, suggestions, or need assistance, please email us at support@messageops.com .
You can download a properly formatted version of the script here.



#######################################################################################
#Active Sync Enabled Script
#
#By:Chad Mosman, MessageOps, www.messageops.com
#
#Determines if a user has connected an ActiveSync Device to their mailbox
#
#Modify with your Microsoft Online Admin Username
$powerUser = "user@domain.com"
#Modify with your Microsoft Online Admin Password
$powerPass = "Password"
#If you are in the APAC or EMEA Datacenters, comment out this value and uncomment out the correct value below

$uri=[system.URI] "https://red001.mail.microsoftonline.com/ews/exchange.asmx"

#APAC
#$uri=[system.URI] "https://red003.mail.apac.microsoftonline.com/ews/exchange.asmx"
#EMEA
#$uri=[system.URI] "https://red002.mail.emea.microsoftonline.com/ews/exchange.asmx"

#Modify this to point to the correct Webservices dll path
$dllpath = "C:\Microsoft.Exchange.WebServices.dll"

#Do not modify anything below this line
#######################################################################################

$password = ConvertTo-SecureString $powerPass -AsPlainText -Force

$adminCredential = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $powerUser,$password


[void][Reflection.Assembly]::LoadFile($dllpath)

$service = new-object Microsoft.Exchange.WebServices.Data.ExchangeService([Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2007_SP1)

$service.Url = $uri

$service.Credentials = New-Object System.Net.NetworkCredential($powerUser,$powerPass,"")

$colUsers = get-msonlineUser -Credential $admincredential -enabled -resultsize 10000

$colusers | ForEach-Object {
If (($.ProxyAddresses -ne "") -and ($.SubscriptionIDs -ne "")){
$mailboxname=$_.Identity

$folderid = new-object Microsoft.Exchange.WebServices.Data.FolderId([Microsoft.Exchange.WebServices.Data.WellKnownFolderName]::Root,$MailboxName)
$folderRoot = [Microsoft.Exchange.WebServices.Data.Folder]::Bind($service, $folderid)

$folderview = New-Object Microsoft.Exchange.WebServices.Data.FolderView(10000);

$foldercoll = $service.FindFolders($folderid,$folderview)

$foldercoll | foreach {

If (($.displayname -eq "ExchangeSyncData") -and ($.Childfoldercount -gt 0)){
$MailboxName + " ActiveSync Enabled"
}
}
}
}


In this entry we'll take a look at the manual migration process for getting content from your Public Folders to SharePoint Online. This process could be used if you had a small number of Public Folders to migrate. If you have a large number of Public Folders it would be recommended that you take a look at the tools available from Quest or MetaLogix.

1. Export the Public Folder(s) to a PST file or multiple PST files.



In this example we have top level Public Folder which contains subfolders called Calendar, Contacts, Mail and Post Items, and Tasks.

Lately we've been seeing a lot of questions around SMTP relay with Microsoft Online so we wanted to take a few minutes here to write down our thoughts.

First, here's a high level overview of what is required for an application to relay off Microsoft Online. (Click here for the official requirements from Microsoft)

1. The sending application must connect to the Microsoft Online relay servers on port 587.
2. The sending application must support TLS.
3. The sending application must authenticate with the Microsoft Online.

In working with our customers, we are finding that a lot of home grown applications and multifunction devices (fax, scan, printer), don't support TLS and some don't support connecting to a non-standard mail port.

If your applications do meet those criteria, there are a couple more things to keep in mind:

4. Your domain must be authoritative in Microsoft Online before you are allowed to relay.
5. The account you authenticate to the relay server with must be the same account as the from address on the messages you send through the relay.

Let's dig into these items a little more and describe what they mean and also show you how to configure a local IIS SMTP server to relay mail.

Recently a client of ours asked us for a way to determine which Microsoft Online Mailbox Servers their users were located on. We knew you could get the information through Outlook Web Access, but weren’t sure how to do it in bulk.



After some investigation, we developed this small utility to dump which Microsoft Online server and database each user is located on. While it’s not terribly useful by itself, it might be helpful if you want to map out where your users are, so if a server is down, you’ll be able to determine which of your users are impacted by the outage.

Running the application is simple; just point it to a .txt file containing your user’s login ID's. If you are in EMEA or APAC, you’ll also need to modify the AutodiscoverMailDB.exe.config and put in the correct AutoDiscover URL:

EMEA: https://autodiscover-red002.mail.emea.microsoftonline.com/autodiscover/autodiscover.xml
APAC : https://autodiscover-red003.mail.apac.microsoftonline.com/autodiscover/autodiscover.xml

We do have a favor to ask. If you run the utility in your environment, could you email us the list of servers that your users are on, and what region you are in (Americas, EMEA, or APAC). You can scrub out all the user information; we are just interested in the server names. You can send the information to info@messageops.com.

If you need an easy way to get all of your Microsoft Online user’s login ID's into a .txt file you can download this simple Powershell Script.

You can download the Autdiscover MailDB application here.

As always if you have any questions or run into problems, please let us know at info@messageops.com. Also if you have an idea for Microsoft Online script or application, please let us know. In almost all cases, we are able to develop these at no charge to you, and we'll make them available to the community once developed.

A customer of ours (thanks Kevin!) informed us of another way to send as a secondary alias the other day, so we thought we'd share. It's a little more difficult to setup, and might not work in all environment due to firewall restrictions, but it doesn't clutter up your GAL as the other method commonly used, described here:

http://blogs.technet.com/msonline/archive/2010/02/23/notes-from-the-field-support-for-multiple-aliases.aspx

So here's the scenario. Let's say you are an organization that does business as different names. The user Joe has aliases of joe@biz1.com and joe@biz2.com. Emails addressed to both addresses get delivered to the same mailbox. If the message comes into joe@biz1.com you want Joe to reply as joe@biz1.com. If the mail comes into joe@biz2.com, you want Joe to reply as Joe@biz2.com. It seems simple, but in Exchange you can only send as the primary SMTP address on the account.

This solution is to create a POP3 account in Outlook for the secondary alias. You then configure the account to never check the mailbox (so POP3 doesn't need to be enabled on the account), and it sends mail using the Microsoft SMTP server. It's important to note that one limitation of this method is that it will only work if you domain is Authoritative in Microsoft Online, as you can't use the SMTP relay servers until your domain is Authoritative.

First, you'll need to configure all the POP3 settings in Outlook. For more information see:

http://www.microsoft.com/online/help/en-us/helphowto/be25e53b-c841-45aa-8bc5-a035e466d543.htm



Second, you'll need to configure Outlook to not check the the POP3 account for mail. To do this click CTRL+ALT+S to bring up the Send / Receive Group settings, you can also get there by going to Tools->Send/Receive->Send/Receive Settings->Define Send/Receive Groups... Once there, click edit and then select the POP3 account and uncheck the box to receive mail items. This will prevent Outlook from checking the account.



Once everything is setup, you'll be able to choose which alias you want to send as when sending email.

Lately there have been a few discussions in the support forums asking about how to compare the number of items in the source mailbox to the number of items in the Microsoft Exchange Online mailbox following a migration. We decided to develop this quick script which you feed a list of users and it will compare the number of items in each folder of their Microsoft Online mailbox to the number of items in each folder in their local Exchange mailbox. If there is a difference between a folder, or if the folder doesn't exist on Microsoft Online, it will let you know. The output CSV file looks like:

Name,SourceItemCount,TargetItemCount
"richard@messageopsdemo.com-Folder 1",491,114
"richard@messageopsdemo.com-Folder 9",491,100
richard@messageopsdemo.com-Inbox,14888,3547
"richard@messageopsdemo.com-Sync Issues",0,"Not Found in Target Mailbox"
"richard@messageopsdemo.com-Sync Issues/Conflicts",0,"Not Found in Target Mailbox"
"richard@messageopsdemo.com-Sync Issues/Local Failures",0,"Not Found in Target Mailbox"
"richard@messageopsdemo.com-Sync Issues/Server Failures",0,"Not Found in Target Mailbox"
"user2@messageopsdemo.com-Sent Items/Test",1,"Not Found in Target Mailbox"

You can download the properly formatted version of the script here. If you have any questions or need assistance, please contact us at support@messageops.com.

##############################################################################
#Microsoft Online Mailbox Migration Validation Script
#
#Written By:Chad Mosman, MessageOps, www.messageops.com
#
#This script compares the number of items in the source mailbox to the
#number of items in corresponding target mailbox. If them the number of
#items is different, or if a source mailbox folder is not present in the
#target mailbox, the information is written to a .csv file. In the CSV file
#the user's email address is appended to the folder name, for example:
#
# user@domain.com-Inbox
#
#The following variables should be modified prior to running the script.
#
#The path to a file containing the users that have been migrated.
#You must have a header row named mail in the file. Then you'll just
#need one email address per line.
$userlist = "c:\migration\userlist.csv"

#The name of the source mailbox server
$Sourceserver ="Exchange.domain.local"

#The admin username for the source mailbox server
$SourceUser = "Domain\administrator"

#The admin password for the source mailbox server
$SourcePass = "Password"

#The name of the Microsoft Online Server
$targetserver = "red001.mail.microsoftonline.com"

#The admin username for Microsoft Online
$TargetUser = "admin@domain.microsoftonline.com"

#The admin password for Microsoft Online
$TargetPass = "Password"
##############################################################################


$sourcepassword = ConvertTo-SecureString $SourcePass -AsPlainText -Force
$sourcecred = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $SourceUser,$sourcepassword

$Targetpassword = ConvertTo-SecureString $TargetPass -AsPlainText -Force
$targetcred = New-Object -TypeName System.Management.Automation.PSCredential -argumentlist $TargetUser,$targetpassword

$foldercollection=@()

import-csv $userList | foreach {

$sourcembx = Get-XsHostedExchangeMailbox -SourceServer $sourceserver -sourceidentity $_.mail -sourceadmincredential $sourcecred -sourcedetail full

$targetmbx = Get-XsHostedExchangeMailbox -SourceServer $targetserver -sourceidentity $_.mail -sourceadmincredential $targetcred -sourcedetail full

$ID = $_.mail

$sourcembx.folders | ForEach-Object {
$Folderobj= "" | select Name,SourceItemCount,TargetItemCount
$Matched = 0
$SourceFolderName = $_.displayname
$SourceItemCount = $_.ItemCount
$targetmbx.folders | ForEach-Object{
if ($SourceFolderName -eq $_.displayname){
$Matched = 1
If ($SourceItemCount -ne $_.itemcount){
#Write-host $sourcefoldername , $sourceitemcount , $.displayname , $.itemcount
$Folderobj.Name = $ID + "-" + $sourcefoldername
$Folderobj.SourceItemCount=$sourceitemcount
$Folderobj.TargetItemCount=$_.itemCount
$foldercollection += $folderobj
}
}
}
If ($Matched -eq 0){
#Write-Host $Sourcefoldername , "not found in Target mailbox"
$Folderobj.Name = $ID + "-" + $sourcefoldername
$Folderobj.SourceItemCount=$sourceitemcount
$Folderobj.TargetItemCount="Not Found in Target Mailbox"
$foldercollection += $folderobj
}
}

}

$foldercollection | Export-Csv "MailboxCompare-$((Get-Date -uformat %Y%m%d%H%M%S).ToString()).csv" -NoTypeInformation



MessageOps has recently released a couple new applications for Microsoft Online that we want to tell you about.

First is the Exchange Online Mailbox Search. It allows you to search for keywords or phrases across all of the mailboxes in your Microsoft Exchange Online account. This allows administrators to perform basic E-discovery tasks against the live mailbox data in Microsoft Exchange Online. It also gives administrators the ability to delete messages from the mailboxes in the event that someone accidently or intentionally sends out confidential or inappropriate content.



It's currently in Beta and available as a free download from our site. We are looking to gather feedback from clients on the practicality and usefulness of such an application before adding more features.

The second new application is the Microsoft Online User Portal. It allows end users to perform common administrative tasks on their own, reducing the burden on administrators and the helpdesk. It currently supports 2 features: Group Management and Password Reset.

Group Management allows users to update the membership of Distribution Groups that they are the Manager of in the local Active Directory. These changes then get replicated to Microsoft Online via Directory Synchronization.



Password Reset allows users to reset their Microsoft Online Password without Administrator access. Password resets are a big administrative burden in Microsoft Online, and this simple web interface allows users to regain access to Microsoft Online if they forget their password.



The Microsoft Online User Portal is available free for MessageOps clients. We also sell the application to partners and clients that already have a partner. Contact us for more details at info@messageops.com.

Recently we've had a couple of clients want to migrate from other hosted Exchange offerings to Microsoft Exchange Online. The problem we were running into was their hosters didn't want to give us an export of their existing directory information (Names, Phone numbers, SMTP Addresses, etc), so we could import it into the client's local AD or directly into Microsoft Online. After going through the pain of manaully typing in the information once, populating Group membership, etc, we thought there has to be a better way. Sure enough it didn't take long to find one. It turns out that Outlook 2007 allows you to access some the attributes that are displayed in the GAL.

Using this access we created a PowerShell script you can use to export user information such as name, Primary SMTP address, phone numbers, etc, as well as group and contact information from any Exchange environment to CSV files. Once you have the information in CSV files it's easy to import into Active Directory or directly into Microsoft Online (user objects only). The script creates 4 csv files:

-User Objects.csv - Contains directory information for user objects
-Group Objects.csv - Contains directory information for group objects
-Contact Objects.csv - Contains directory information for contact objects
-Group Membership.csv - Contains information about group membership. The format of the file is the SMTP address of the group followed by the SMTP addresses of the group members. If importing information into your local AD you'll need another script to actually use this file. Contact us at support@messageops.com if you need a script to do this.

You can download a properly formatted version of the script here.

---


#Outlook Directory Export
#Written By Chad Mosman, MessageOps, www.MessageOps.com
#
#This script uses Outlook 2007 to export Directory Information from Exchange
#
#To run the script just log into your mailbox using Outlook 2007 and run the script
#
#If there are a large number of itmes in your Global Address List it is recommended
#that you temporarily disable the Programmatic Access security in Outlook. To do this:
#
# 1. From the Toos Menu select Trust Center
# 2. Click Programmatic Access
# 3. Choose Never Warn me about suspicious activity
#
#

$Outlook = New-Object -Comobject Outlook.Application
$Mapi = $Outlook.GetNamespace("MAPI")
$Gal = $Mapi.GetGlobalAddressList()

$usercollection=@()
$groupcollection=@()
$groupmembercollection=@()
$contactcollection=@()

ForEach ($Entry In $Gal.AddressEntries)
{
"Gathering Information on object " + $entry.name
#UserObjects
If ($entry.AddressEntryUserType -eq 0) {
$userobject = $entry.getExchangeUser() | select Name,Alias,FirstName,LastName,`
PrimarySMTPAddress, Address,Manager,AssistantName, BusinessTelephoneNumber, City, `
Comments,CompanyName,Department,Jobtitle, MobileTelephoneNumber,OfficeLocation, `
Postalcode, StateorProvince, StreetAddress
$usercollection += $userobject
}

#GroupObjects
ElseIf($entry.AddressEntryUserType -eq 1){
$groupobject = $entry.GetExchangeDistributionList() | select Name,Alias,PrimarySmtpAddress,Comments
$groupcollection += $groupobject

$groupobject = $entry.GetExchangeDistributionList()
$members = $groupobject.GetExchangeDistributionListMembers()

$membersobj= "" | select GroupSMTP,MembersSMTP
$smtpmembers =""
ForEach ($member in $members){

If ($member.AddressEntryUserType -eq 0) {
$membersmtp = $member.getExchangeUser() |select PrimarySmtpAddress
$smtpmembers += $membersmtp.PrimarySMTPAddress + ","
}
ElseIf($member.AddressEntryUserType -eq 1){
$membersmtp = $member.GetExchangeDistributionList() | select PrimarySmtpAddress
$smtpmembers += $membersmtp.PrimarySMTPAddress + ","
}
ElseIf($member.AddressEntryUserType -eq 5){
$membersmtp = $member.GetExchangeUser() | select PrimarySmtpAddress
$smtpmembers += $membersmtp.PrimarySMTPAddress + ","
}
}

If ($smtpmembers.length -gt 0){
$smtpmembers= $smtpmembers.substring(0,$smtpmembers.length-1)
$membersobj.GroupSMTP=$groupobject.PrimarySMTPAddress
$membersobj.MembersSMTP=$smtpmembers
$groupmembercollection += $membersobj
}

}

#ContactObjects
ElseIf($entry.AddressEntryUserType -eq 5){
$Contactobject = $entry.getExchangeUser() | select Name,Alias,FirstName,LastName,`
PrimarySMTPAddress, Address,Manager,AssistantName, BusinessTelephoneNumber, City, `
Comments,CompanyName,Department,Jobtitle, MobileTelephoneNumber,OfficeLocation, `
Postalcode, StateorProvince, StreetAddress
$contactcollection += $contactobject
}

}

$Usercollection | Export-Csv "User Objects.csv" -NoTypeInformation
$GroupCollection | Export-CSV "Group Objects.csv" -NoTypeInformation
$groupmembercollection | Export-CSV "Group Membership.csv" -NoTypeInformation
$ContactCollection | Export-CSV "Contact Objects.csv" -NoTypeInformation


---

As always, if you have any questions, run into problems, or need a customized version, please let us know and we'll be happy to help. Just email us at support@messageops.com.

If you are running the Microsoft Online Directory Synchronization, you maybe surprised to learn that if the Directory Sync agent is failing to run due to issues like an expired Microsoft Online Password used by Directory Sync, you won't be notified for up to 48 hours. A client of ours brought this to our attention (Thanks Eddie!) so we are looking at integrating this into our Exchange Online Monitoring application. Until then, we've written this vbscript which will alert you when the Directory Synchronization hasn't completed successfully in a configurable number of hours. The default value is 4 hours, but you can change it in the script.

You can download the script here.

Once downloaded you'll need to open the script and modify the values near the top. You then need to schedule the script run every hour or so. When you schedule the script to run you'll need to make sure the account it's running as has permissions to read the SQL database.

If you have any questions, run into probelms, or would like help implementing the script in your environment, please contact us at support@messageops.com.

It looks like Microsoft has increased the default mailbox size to 25 GB on a couple of our Microsoft Exchange Online accounts. I haven't seen an announcement from Microsoft on this yet, but looking at the Microsoft Online Administration Console for our accounts, you can see the new storage quota. I'm not sure if it has been like this for a while, but I just noticed it today. I'm also unsure if this has been rolled out to everyone. Below is what is shown in MOAC.

Most Microsoft Online customers probably don't know it's possible to track messages or generate email traffic reports for their organization. Lately in the Microsoft Online support forums there have been some discussions about these features, so we thought we'd take a look at what you can access through the Forefront admin.

To access these features, the first thing you'll need to do is open a Microsoft Online support ticket and request Reporting and Message Trace capabilities within Forefront for you admin account. If all goes well, support will get back to you with a password that you can use to login to the Forefront Admin. It's important to note that the level of access that Microsoft provides is very basic. You can generate reports and track messages...that's it. Still it's very useful and after it's setup it will probably save you from having to open tickets in the future for message tracking type issues.

Once you have your password you'll be able to log into https://admin.messaging.microsoft.com .

When you log in, you'll be on the Information tab. In the left column you'll see some basic statistics about mailflow into your environment. The middle of the screen has announcements, alerts, and configuration information. (Click on the image to enlarge)


The next tab is My Reports. You'll first need to create a new report with the criteria you desire. There are several options when creating reports including the ability to automatically email the report on a recurring basis. Once created you'll be able to view the report. A sample Email Traffic report is shown below.


The final tab is Tools. On the Tools tab, you'll be able to trace inbound and outbound messages. Simply enter the search criteria and you'll be able to see if the message(s) in question were sent or received.


You can then click on any of the messages found to display additional details.


As you can see it's a very basic level of access, but it still gives you some very useful features.

A somewhat common question that we get from our Clients is, "How can we backup our Exchange Online mailbox data"? In this post we'll show you one way using the Microsoft Online Migration Tools.

The first thing we'll demonstrate is how to export the mailbox data from an Exchange Online mailbox to a local file. Let's say we want to export the ExonlineTest@messageopsdemo.com mailbox to a local file. To do this you'll need to go to the migration command shell and run:

Get-XsHostedExchangeMailboxdata -sourceserver "red001.mail.microsoftonline.com"
-sourcelocation "https://red001.mail.microsoftonline.com/exchange" -sourceidentity
exonlineTest@messageopsdemo.com | export-transporterbinary -targetfilepath c:\export -targetfileprefix "exonlinetest"

(Note: the command above should be a single line)

After typing the above command it will ask you for your Microsoft Online admin credentials and proceed to export the mailbox to a .tbin file. So we now have the mail data locally, unfortunately it's in a .tbin file that you can't do much with. All you can do with it is reimport it into a Microsoft Exchange Online Mailbox. In this restore example, let's assume we have a backup from two months ago, and the user wants to recover a single message that they can't find. We'll restore the backup file to a mailbox called restore@messageopsdemo.com and then give the user access to the mail so they can try and track down their missing message. To do the restore we would need to run the following command, specifying the path to the backup file and the identity of the mailbox we want to restore the file to:

Import-TransporterBinary -Sourcefilename "C:\export\exonlinetest 2010-02-23T10_08_17.tbin" | Add-XsExchangeOnlineItem -identity restore@messageopsdemo.com

(Note: the command above should be a single line)

After typing the above command it will ask you for your Microsoft Online admin credentials and proceed to import the .tbin file into the restore mailbox. You could then grant the user rights to that mailbox and they could try and find their missing message.

This is a very basic example of a backup and restore using the Migration Tools. It would be easy to create a script which backs up all mailboxes on a routine basis. If you'd like assistance creating such a script, or have questions or comments about this post, please contact MessageOps at support@messageops.com and we'd be happy to assist.

On 2/2/2010 Microsoft released an updated version of the migration tools. One of the highlights of the release is the new information you can get with Get-MSOnlineUser command. Examples of the type of information you can now query are Activation Status, Allocated Mailbox Size, and Last Signed In Date. Unfortunately, it does not appear that you can query mailbox size or item count at the time of this writing.

The Get-MSOnlineUser command also supports the use of switches to control what users are returned. The switches correspond to the different views you have of users in the Administration Console. The available switches are:

-Administrators
-Disabled
-Enabled
-Identity
-InvalidLicense
-NeverSignedIn

So if you wanted to get a list of all the users with Admin rights in Microsoft Online, you could simply run:

get-msonlineuser -Administrators

To highlight some of the new features, we put together this little PowerShell script, which will dump information for all your enabled users to a CSV file. A common request that people have is they want to see the mailbox size of their Microsoft Online users, so we went ahead and included that information in the report by using the get-xshostedExchangeMailbox command.

The only thing you should have to modify before running the script is $owaserver variable, and you'll only have to do that if you are hosted on the EMEA or APAC servers. Also make sure you've installed the new version of the migration tools.

You can download a properly formatted version of the script here. If you have any questions, please contact us at support@messageops.com.


$AdminCredential = get-Credential

#Get all the enabled users
$enabledusers = get-msonlineuser -Credential $AdminCredential -Enabled -ResultSize 10000

$colusers=@()

#Go through the users one by one. This is to prevent a timeout issue if you try and do everything in one step.
Foreach($user in $enabledusers){

$colUsers += get-msonlineuser -identity $user.identity -Credential $AdminCredential -SourceDetail Full `
| Select-Object @{name='DisplayName';Expression={$_.displayname}}, `
@{name='Identity';Expression={$_.identity}}, `
@{name='MailboxSize';Expression={$_.mailboxsize}}, `
@{name='UsedMailboxSize';Expression={$_.usedmailboxsize}}, `
@{name='IsActive';Expression={$_.isactive}}, `
@{name='PasswordExpirationDate';Expression={$_.passwordexpirationdate}},`
@{name='LastSignedInDate';Expression={$_.lastsignedindate}},`
@{name='SubscriptionIDs';Expression={$_.subscriptionids}}, `
@{name='ProxyAddresses';Expression={$_.proxyaddresses}},`
@{name='CreatedDate';Expression={$_.createddate}},`
@{name='FirstName';Expression={$_.FirstName}}, `
@{name='Lastname';Expression={$_.LastName}}, `
@{name='Department';Expression={$_.department}}, `
@{name='JobTitle';Expression={$_.jobtitle}},`
@{name='StreetAddress';Expression={$_.streetaddress}},`
@{name='City';Expression={$_.city}},`
@{name='StateOrProvince';Expression={$_.stateorprovince}},`
@{name='ZipOrPostalCode';Expression={$_.ziporpostalcode}},`
@{name='CountryOrRegion';Expression={$_.countryorregion}},`
@{name='OfficeNumber';Expression={$_.officenumber}},`
@{name='OfficePhone';Expression={$_.officephone}}

}
$colusers | Export-Csv "UserReport-$((Get-Date -uformat %Y%m%d%H%M%S).ToString()).csv" -NoTypeInformation