SCIM Developer: Validate your Azure AD SCIM endpoint using SCIM Validator Tool

If you’re a SCIM developer then this is intended for you. In this we will see how you can use the Azure AD SCIM Validator to validate that your provisioning server is compatible with the Azure SCIM client.

To get started, make sure you have,

• Valid Azure Subscription
• SCIM endpoint

Step 1: Let’s validate the SCIM Endpoint.

a. Let’s navigate to https://scimvalidator.microsoft.com/

b. Select one of the three options:

Step 2: Let’s configure the testing method

Step 3: Let’s validate your SCIM endpoint.

a. Select Test Schema to begin the test.
b. Review the results with a summary of passed and failed tests.
c. Select the show details tab and review and fix issues.
d. Continue to test your schema until all tests pass.

Now you learnt how you can utilize the tool and validate further. Good job!!

Note:
– For more detailed step-by-step information, please refer the documentation.
– In case if you created any Azure resources part of your testing & no longer needed, then make sue to delete them.

Microsoft Graph Developer – Microsoft Search API’s schema change deprecation

If you’re using Microsoft Graph API’s Search API to search for information then this information is for you. Say using Search API in M365, in email messages, it return messages ranked by relevance, and render a dedicated search experience. The search applies to the body and attachments of messages in the signed-in user’s own mailbox.  Please note that the search API schema has changed in the beta version with some properties in a search request and response renamed or removed.

• In the beta version, properties used in a search request and response have been renamed or removed. In most cases, the original properties are being deprecated and replaced by the current properties, as listed in the document.
• What’s for Graph API developers? So moving forward, start updating any existing apps to use current property and type names, and to get current property names in the response.
• Important date: For backward compatibility, the original properties and types are accessible and functional until December 31, 2020, after which they will be removed.

You may get warning if you use VS 2017 to develop Outlook office addin…

If you are using Visual Studio 2017 to develop your on send add-in, you may get a validation warning like the following: “This is an invalid xsi:type ‘http://schemas.microsoft.com/office/mailappversionoverrides/1.1:Events’.”

To work around this, you’ll need a newer version of the MailAppVersionOverridesV1_1.xsd which has been provided as a GitHub gist in a blog about this warning.

Hope this helps.

Office 365 Developer: Build add-ins for Microsoft Outlook

In this video you will see Petra provides a brief overview of the Outlook add-in platform and its capabilities. The add-in platform helps developers create native Outlook solutions, so users can get more done within Outlook.

In short you can,
– Learn what makes up an add-in
– Get a high-level look at how to build one
– Learn about the features the platform has recently released
– Also know what’s coming in the future.

https://channel9.msdn.com/Events/Connect/2017/T194/player

Happy coding!!

Exchange Server –March 2018 quarterly updates released

The March quarterly release updates for Exchange Server are now available on the download center. We documented the detailed info @ EHLO blog – https://blogs.technet.microsoft.com/exchange/2018/03/20/released-march-2018-quarterly-exchange-updates/

Hope this helps.

Exchange Server 2007, 2010: How to query user mailboxes, its permissions using Exchange PowerShell?

In Exchange Server 2007/2010, you can use Exchange PowerShell cmdlets (especially using Get-Mailbox, Get-MailboxPermission, Get-ADPermission, Get-MailboxFolderPermission) to get a verity of info. I played with couple of the below in different scenarios and want to share the same with you – so that you can give a shot and make use of.

Scenario # 1: How to query permissions on a mailbox (testuser1)?
> Get-MailboxPermission test1

Scenario #2: How to query permissions of all the mailboxes on a particular server?
> Get-Mailbox –Server “ServerName” | Get-MailboxPermission

Scenario #3: How to query permissions of all the mailboxes?
> Get-Mailbox | Get-MailboxPermission
Note: This will get the list of all permissions (including SELF permissions and inherited permissions)

Scenario # 4: How to query permissions of all the mailboxes (filter out SELF and inherited permissions)?
> Get-Mailbox | Get-MailboxPermission | where {$_.user.tostring() -ne "NT AUTHORITYSELF" -and $_.IsInherited -eq $false}

Scenario #5: How to query mailbox permissions and Security permissions (only enumerate permissions that are not Inherited)?
> Get-Mailbox | Get-MailboxPermission | where {$_.IsInherited -eq $False}
Note: The above query will get you the “explicitly assigned permissions”

Scenario #6: How to query the explicitly assigned permissions (filter out SELF permissions)?
> Get-Mailbox | Get-MailboxPermission | where { ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITYSELF”) }

Scenario #7: How to query list of all mailboxes with Send-As permission assigned on them?
> Get-Mailbox | Get-ADPermission | where {($_.ExtendedRights -like “*Send-As*”)} | FT –Wrap
Note: This will get the list of mailboxes with Send-As permission assigned. Also you can notice that it shows Send-As permissions assigned to SELF on all mailboxes also.

Scenario #8: How to query list of all mailboxes with Send-As permission assigned on them (filter out SELF and inherited permissions as similar to Scenario #4)?
> Get-Mailbox | Get-ADPermission | where {($_.ExtendedRights -like “*Send-As*”) -and ($_.IsInherited -eq $false) -and -not ($_.User -like “NT AUTHORITYSELF”)} | FT –Wrap

Scenario #9: How to query the permissions of shared calendar in Exchange 2010?
> Get-MailboxFolderPermission –identity “mailboxaccount*:Calendar”
Note: If you just try Get-MailboxFolderPermission with identity with mailboxaccount won’t get you the above.

Scenario #10: How to query the users rights to a specific users mailbox?
> Get-MailboxPermission –identity “username” | fl user, accessrights

Scenario #11: How to query the permissions for every users mailbox?
> Get-MailboxPermission –identity * | fl user, identity, accessrights

Note:

+ Exporting the data:
At anypoint of time, if you want to export the above results to a CSV file, then you can use “Export-csv”. Say, let we try with one of the above scenario – try with scenario # 2:
> Get-Mailbox | Get-MailboxPermission | Export-csv C:permissions.csv

+ Automation using .Net Framework:
If you want to like to add Exchange management capabilities to your Microsoft .NET Framework–based applications then you can try the above by referring the following: http://msdn.microsoft.com/en-us/library/bb332449(v=exchg.80).aspx and http://msdn.microsoft.com/en-us/library/ff326159(v=exchg.140).aspx.

Happy PowerShelling and automation…!!

Monitoring Event Sink # 31: Why Exchange Explorer doesn’t work ?

One of my customer reported that in one of his machine, the exchange explorer (available part of Exchange SDK) stop responding. But the same work in his rest of the machines. During the research, we found the following known issues (stop responding, doesn’t display etc) with exchange explorer:

Cannot set member server schema scope using Exchange Explorer

On a computer where Microsoft Internet Explorer 6 is installed, the schema scope for a non-MAPI folder can only be set on the first server connected to the domain. The schema scope for non-MAPI folders cannot be changed for other servers that are members of that domain. Attempting to edit the schema-collection-ref or base schema fields can cause the Exchange Explorer to stop responding.

Exchange Explorer may stop responding when viewing a folder on a different server

When using the Exchange Explorer on a computer with Internet Explorer 6 installed, selecting a folder that is located on a different server in the domain may cause the Exchange Explorer to stop responding.

Exchange Explorer obtains the code page from the machine configuration

When using the Exchange Explorer on a computer running the US-English version of Microsoft Windows® server operating systems, the Exchange Explorer displays information using the code page setting of the machine. If the user has chosen a different locale for display, for example Japanese (JPN), the Exchange Explorer may incorrectly display characters from the user-specified locale as “??”.

Exchange Explorer does not display all property namespaces

Exchange Explorer does not display schema properties in the http://schemas.microsoft.com/mapi/ Namespace.

Hope this helps.

AD article: Managing multiple Active Directory schemas

Each Active Directory forest has its own schema, which defines the objects and attributes that the directory service uses to store data.

When organizations have multiple Active Directory forests, IT administrators have to manage multiple Active Directory schemas; ensuring consistency between schemas is vital when managing multiple forests.

In the April issue of TechNet Magazine, John Policelli guides you through a streamlined process to manage multiple Active Directory schemas.

Read the full article online now.

Sending email using CDO & remote SMTP Server

Assume that the computer on which this example will run has neither a SMTP service nor Microsoft Outlook® Express installed. In this case, you need to send the message through some SMTP service on the network and must configure the Message object completely.

Further assume that the SMTP service through which you intend to send messages requires that you authenticate yourself using basic (clear-text) authentication. An instance of the Configuration Component Object Model (COM) class is created and the configuration fields in the object are set with values such as the required SMTP server name, port, authentication, and user name and password.

Each field is in the http://schemas.microsoft.com/cdo/configuration/ namespace. As you know the http://schemas.microsoft.com/cdo/configuration/ namespace defines the majority of fields used to set configurations for various CDO objects. These configuration fields are set using an implementation of the IConfiguration.Fields collection.

Many CDO objects use information stored in an associated Configuration object to define configuration settings. One example is the Message object, where you use its associated Configuration object to set fields such as sendusing. This field defines whether to send the message using the local SMTP service drop directory (if the local machine has the SMTP service installed), an SMTP service directly over the network. If sending over the network, you set smtpserver to specify the IP address or DNS name of the machine hosting the SMTP service, and optionally, smtpserverport to specify a port value. If credentials are required for connecting to an SMTP service, you can specify them by setting the sendusername and sendpassword.

A similar set of fields exists for posting messages using either a local NNTP service pickup directory, or over the network After the Configuration object has been populated with relevant configuration information, the object reference is set on a Message object. The Message object uses the configuration information to send the message. Here as stated below the fully qualified field names are used to clarify the process. However, there are string constants (as type library modules) in the type library for each of these field names.

I have enclosed the SMTP configuration parameters for your reference:

   1:  Flds(“http://schemas.microsoft.com/cdo/configuration/smtpserver”) = “sample.smtp.com”

   2:  Flds(“http://schemas.microsoft.com/cdo/configuration/smtpserverport”) = 25

   3:  Flds(“http://schemas.microsoft.com/cdo/configuration/sendusing”) = cdoSendUsingPort

   4:  ‘CdoSendUsing enum value =  2

   5:  Flds(“http://schemas.microsoft.com/cdo/configuration/smtpaccountname”) = “My Name”

   6:  Flds(“http://schemas.microsoft.com/cdo/configuration/sendemailaddress”) = “”“MySelf”” <myself@example.com>”

   7:  Flds(“http://schemas.microsoft.com/cdo/configuration/senduserreplyemailaddress”) = “”“Another”” <another@example.com>”

   8:  Flds(“http://schemas.microsoft.com/cdo/configuration/smtpauthenticate”) = cdoBasic

   9:  Flds(“http://schemas.microsoft.com/cdo/configuration/sendusername”) = “domainusername”

  10:  Flds(“http://schemas.microsoft.com/cdo/configuration/sendpassword”) = “password”

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

How to access a particular mailbox using Microsoft Exchange web services ?

In this article, we will see how we can access a particular mailbox using Microsoft Exchange web services ?

The DistinguishedFolderId element identifies Microsoft Exchange Server 2007 folders that can be referenced by name. The DistinguishedFolderId class has an optional Mailbox property on it that allows you to indicate which mailbox you are accessing.

   1:  <DistinguishedFolderId Id="" ChangeKey="">

   2:     <Mailbox/>

   3:  </DistinguishedFolderId>

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

Note: A DistinguishedFolderId resolves to a FolderId. The schema that describes this element is located in the EWS virtual directory of the computer that is running Microsoft Exchange Server 2007 that has the Client Access server role installed.