About Michel de Rooij

Michel de Rooij, with over 25 years of mixed consulting and automation experience with Exchange and related technologies, is a consultant for Rapid Circle. He assists organizations in their journey to and using Microsoft 365, primarily focusing on Exchange and associated technologies and automating processes using PowerShell or Graph. Michel's authorship of several Exchange books and role in the Office 365 for IT Pros author team are a testament to his knowledge. Besides writing for Practical365.com, he maintains a blog on eightwone.com with supporting scripts on GitHub. Michel has been a Microsoft MVP since 2013.

The UC Architects Podcast Ep47

Posted on February 3, 2015 by Michel de Rooij

Episode 47 of The UC Architects podcast is now available,which was recorded at the Norwegian Lync Day. This episode is hosted by Steve Goodman, who is joined by John A Cook and Ståle Hansen. Editing was done by Andrew Price.

Some of the topics discussed in this episode are:

Outlook for iOS and Android
Microsoft Ignite Session Catalog
Blocking Outlook App for iOS & Android
Planning and Migrating a Small Organization from Exchange 2003 to Exchange 2013
AWS Quick Start Reference Deployment – Exchange Server 2013
Considering an Exchange 2013 DAG without AAP?
Using a Microsoft Azure VM as a DAG witness server: Exchange 2013 Help
Securing Exchange and Lync 2013 with Multi-Factor Authentication
Exchange Server 2010 Reaches the End of Mainstream Support
Office for Android
Azure AD Improvements
Amazon Workmail
Setting up a multi-forest Azure AD Sync deployment
Office 365 Exchange Online Message Size Onboarding Limit Increased to 150mb
Drive Shipping and Network Based Data Import for Office 365
Skype for Business Video Interoperability Server (VIS)
Cumulative Update 10 for Lync Server 2013 released December 31, 2014
Fix for Google Chrome, stability
Lync 2013 Standard Automatic APP CU 10 December 2014
Lync SDN For Dummies – Part 2.1
Lync Admin Tools (free): make configuration, administrative and troubleshooting of Lync easier
Video calling between Skype and Lync is temporarily disabled
What’s New in Skype4B: SILK is default codec for P2P sessions Synchronize Lync Presence with Skype – Lync Exchange – UC Blog
Lync Dude: Simple Understanding of Lync Windows Fabric Failover
Lync and Skype video calling is coming to your Android and iOS Devices
Passive Auth for Lync 2013 Android mobile client
Events

More information on the podcast including references and a link to download the podcast here or you can subscribe to the podcasts using iTunes, Zune or use the RSS feed.

About
The UC Architects is a bi-weekly community podcast by people with a passion for Unified Communications; our main focus is on Exchange, Lync or related subjects.

Blocking Outlook App for iOS & Android

Posted on January 30, 2015 by Michel de Rooij

Yesterday, Microsoft announced the immediate availability the Outlook for iOS and Outlook for Android preview. These apps are the former app named Acompli, which was acquired by Microsoft in December, last year. It is unlikely that Microsoft will develop and support two similar apps, so one can assume the new Outlook app will replace the current OWA for iOS and OWA for Android (or just OWA for Devices) apps.

The app isn’t without a little controversy:

The app stores credentials in a cloud environment from Amazon Web Services for e-mail accounts that don’t support OAuth authorization.
The app makes use of a service sitting between the app and your mailbox. This service acts as a sort of proxy (hence it requires those credentials), fetching, (pre)processing and sending e-mail. In some way this is smart, as it makes the app less dependent on back-end peculiarities, using a uniform protocol to communicate with the proxy service.
The app does not distinguish between devices (device identities are assigned to your account, which makes sense since the app uses a service to retrieve and process your e-mail).
The app does not honor ActiveSync policies, like PIN requirements. While true, this app is not an ordinary Exchange ActiveSync client.

You can read more about this here and here.

In all fairness, when the app was still named Accompli, nobody cried foul. But the app is now rebranded Outlook and property of Microsoft, so it seems this made the app fair game. I hope Microsoft is working behind the scenes to make the new Outlook app enterprise-ready, and I’m sure it won’t be long before we see the app’s services move from AWS to Azure. The whole outrage in the media also seems a bit misplaced, as Connected Accounts in Exchange Online, which will retrieve e-mail from a POP or IMAP mailbox, will also store credentials ‘in the cloud’.

It is recommended to treat the app as a consumer app for now, and you may want to block the app in your organization. I have written on how to accomplish blocking or quarantining faulty iOS updates before. However, in those articles I used the reported OS version to block or quarantine devices. The Outlook app proxy service reports itself as “Outlook for iOS and Android” as device model when querying your mailbox, allowing us to use the DeviceModel parameter for matching.

The cmdlet to block or quarantine the new Outlook app in Exchange 2010, Exchange 2013 or Office 365, is:

New-ActiveSyncDeviceAccessRule –QueryString 'Outlook for iOS and Android' –Characteristic DeviceModel –AccessLevel Block

or, to quarantine:

New-ActiveSyncDeviceAccessRule –QueryString 'Outlook for iOS and Android' –Characteristic DeviceModel –AccessLevel Quarantine

For examples of alternative blocking methods using TMG or F5, check this article. If you need to specify the user agent string, use “Outlook-iOS-Android/1.0” (or partial matching on “Outlook-iOS-Android” to block future updates of the app as well).

As goes for all mobile devices in enterprise environments, as an organization it may be better to test and aprove devices and OS versions rather than to be confronted with mobile apps with possible faulty behavior after an update or which may violate corporate security policies.

Ignite 2015 Session Catalog is here!

Posted on January 29, 2015 by Michel de Rooij

A short heads-up as the session catalog for Microsoft Ignite has been published. So, if you are still undecided or already want to pick ‘must see’ sessions for your schedule, you can check the session catalog here.

The session catalog contains 275 sessions, covering products like Exchange (49), Office 365 (85) and Skype for Business (26). It will be the first major Microsoft event where details will emerge on the next version of Exchange, Exchange v.Next.

The Exchange team published a blog on the Exchange-related Ignite sessions here. The blog contains a nice video featuring Greg Taylor and Jeff Mealiffe talking about what to expect at Ignite.

Also, on Febuary 3rd, the team behind Ignite as well as several speakers will be available on Twitter to answer any questions you may have on Ignite. Use the hashtag #IgniteJam to participate, or follow @MS_Ignite for any updates.

More information on Ignite, pre-day sessions, the session catalog and the #IgniteJam in the original post on Channel 9 here.

End of Exchange 2010 Mainstream Support

Posted on January 14, 2015 by Michel de Rooij

With all the media attention for Windows 7 going out of mainstream support, one might forget today also marks the end of mainstream support for Exchange Server 2010.

Exchange 2010, which was released in October, 2009 (which seems centuries ago now), and which still has a very large installed base, is going into the extended support phase.

Depending on your support contract, this means Microsoft will no longer provide free support for this product. Patches for security issues will still be available, and owners of premier support contracts are eligible for non-security updates through extended hotfix support option.

Exchange Server 2010 will reach end-of-life on January 14th, 2020.

EighTwOne 2014 Stats

Posted on January 12, 2015 by Michel de Rooij

Oi! A tad late as I was enjoying a trip and celebrating New Year in the beautiful country of Brazil, but happy new year to all dear readers and followers.

The start of a new year gives opportunity to reflect on the past year which has been quite busy, apart from writing blog posts and creating and supporting scripts:

Re-awarded as an Exchange MVP.
Co-authoring Pro Exchange 2013 SP1 PowerShell Administration.
Co-hosting PowerShell Tips & Tricks for Exchange at IT/DEV Connections in Las Vegas.
Microsoft Exchange Conference in Austin.
MVP Summit 2014 in Seattle.
The ongoing UC Architects podcast.
Started writing for SearchExchange.

Looking at 2015, it will see the daylight of Ignite, the MOAME (Mother Of All Microsoft Events), and merger of events like MEC, LyncConf, TENA, SPC and MMS which will be held from May 4 – 8 in Chicago.

It promises to be an interesting year for Exchange On-Premises, with Microsoft’s cloud-first, mobile-first strategy, and Exchange Online / Office 365 as well. The next version of Exchange (’16’) it expected to be announced at Ignite, and it will become clear which features, new or currently available via Office 365, will make it to the next version of Exchange ‘on-premises’, and which ones will not. With the next version of Windows Server (’10’) expected end of 2015, it is very likely that Exchange ’16’ will require Windows Server 2012 R2 (or 2012) or Windows Server ’10’, adding support for Windows Management Framework 5 (PowerShell). Note that WMF5 might become available as an individual component, before the release of Windows Server ’10’. If things follow earlier OS/WMF dependencies for Exchange, the combination of Windows Server 2012 R2 with WMF5 is highly unlikely to become a supported combination for hosting Exchange.

There is also lots of development towards Azure, looking at the recent support for hosting your File-Share Witness on an Azure VM. This option, originally announced as a ‘possible feature’ in the works for CU2 back at TechEd North America 2013, introduces an interesting alternative for site fail-over scenarios.

Some stats of 2014:

Number of views: 315,635 (Total: 1,194,838)
Number of posts: 65 (total 475)
Busiest day: June 5th (1,609 views)
Top post: Exchange 2013 SP1 Transport Agent Fix

Apart from the Archives, Versions, Builds and Dates, Schema Versions and Toolkit pages, these were the Top Posts (yes, Exchange 2010 is still a strong lead through search engines):