I decided that I needed to post this on my blog as there are many issues out there in the Security and Compliance Center that remain to be fixed despite the obvious fact that they are broken. If you are new to the Security and Compliance Center, start with the links at the bottom in the ‘Further Reading’ section. Otherwise, keep on reading.
For the past year or so, even before I formally started ton congeal my material for my new Security and Compliance Center PowerShell book, I was running into all kinds of issues and problems. First, Get-Help was broken for sometime in I believe late 2018 and early 2019, which has since resolved itself. However, I still have little things that bother me (wrong switch on a main cmdlet, get-help missing examples, no Microsoft Docs for some cmdlets and so on.). So this blog article provides a laundry list of the items I have found and if you see this list, please comment if you have other recent issues to see if we can highlight as many as possible. For those who do comment with further issues, thank you in advance. Now, for the list and details of all the items I have discovered to date:
Public Folders. Yes. Even in 2019 we are still talking about Public Folders. Whether this is so we can remove them, fix them or sync them to Office 365, they are still around. For the last option, syncing Public Folders to Office 365, first you may think ‘Why?’, but come to the conclusion that you have no alternative and need to move them. If you are planning to move them to the cloud, knowing your data sources for syncing as well as remote access of the Public Folders for mailboxes already moved to Office 365, can be important. This means checking your replicas. If your replicas are off, syncing Public Folders may miss information and those users in Office 365 may not see some folders.
How to Check Replicas?
Public Folder replicas are almost a thing of the past. Once support for Exchange 2010 is gone and companies finally move off, we never have to worry about Public Folder Replication again. This is because Exchange 2013 introduced Modern Public Folders where HA or ‘replica’ copying was provided by Database Availability Groups. Thus a Pubic Folder, stored in a mailbox, which was store in a mailbox database that had multiple copies was now protected by the DAG replication. For this exercise, we don’t have that to look to and must examine what replicas were configured manually for each Public Folder in the environment. Here are some quick one-liners to see these replicas:
Wanted to share an interesting find while using PowerShell in Exchange 2019. The cmdlet is ‘Get-OrganizationConfig’ and I Was looking over some information from a summary report I had exported for a client and noticed an interesting field called ‘OrganizationSummary’. So I did a little digging.
Get-OrganizationConfig | Ft OrganizationSummary
We see this information about the Exchange environment:
Recently Microsoft has made some changes where you are required to run a few extra commands prior to upgrading your Exchange 2016 servers to the latest Cumulative Update (CU) 14. The change relates to permissions needed for Exchange and the first change was made in CU12 for Exchange 2016 – KB4490059. A further change was introduced in Exchange 2016 CU13 – June 2019 Quarterly Updates article.. In the article, the wording is a bit unclear as to what steps we need to take (see bolded words):
In order to apply these changes, a directory admin will need to run the cumulative update setup program we are releasing today with the /PrepareAD parameter. When multiple Exchange versions co-exist in a single Active Directory forest, the cumulative update matching the latest version of Exchange deployed should be used. Setup will automatically run /PrepareDomain in the domain where /PrepareAD is executed. Environments with multiple domains in the forest will need to run the cumulative update setup program using the /PrepareDomain parameter in all domains in the forest. These steps will update the rights granted to Exchange Servers in the Active Directory to meet the new permissions scope. More information on /PrepareAD and /PrepareDomain is available at this link.
UPDATED – Amazon and Barnes and Noble added the title
For those of you who have read my blog over the past few years, you may have noticed that a lot of my posts concern PowerShell. Those who have read my books on Exchange 2016 and Exchange Online also know that I dabble in PowerShell quite a bit. So it should not come as a surprise that I wrote a third book title concerning PowerShell and this time with a laser focus on the Security and Compliance Center (SCC). Now some may ask why? Why the SCC? The answer for me is simple, this is where the investments are for Microsoft with concerns to Office 365 and overall protection. The SCC convers features like Compliance, DLP, Mail Flow, Information Barriers and more. This book takes the PowerShell route to show you that you can indeed manage most (not all) of the SCC with PowerShell. So for the adventurous, or those looking to do more in your Office 365 tenant and SCC, this book is ideal. So, pick up a copy today and start learning!
As of now, the book is available in multiple places:
Amazon – Paperback
Barnes and Noble – NOOK
My website – PracticalPowerShell.com
Soon it will be available as a paperback once proofs are approved from my Print on Demand (POD) vendor. For those who get a copy, thank you for your support!
First, let me address why I haven’t written a blog post in a while. As of now I am still deep into producing quite a few Practical PowerShell books. I am the solo author on three books that I am aiming to get out by end of December. There is also a fourth book I am also working on, with a co-author (I am the co-author actually..), for April of next year. These books tend to take up gobs of my time. In the meantime, I am still producing my PowerShell Tips of the week to help those with PowerShell. So I was feeling a bit guilty about the time I was spending on those efforts and decided to put out a blog post today for my readers.
Built-In scripts for Exchange Servers are a topic I don’t usually cover as they have been around for quite some time with little to no change between versions. However, I was reviewing the content of some built-in scripts this week when I ran into some interesting observations on two of the scripts. One script should have worked in Exchange 2019 and one, to be honest, should not exist in Exchange 2019 anymore. So, I figured I could share my findings and see if anyone else had run into this and if not, then explain why these are an issue.
Yes, I know, too many updates. However, I want these scripts to be as useful as possible. So. Here is another update on TWO of my Exchange Prerequisite installation scripts:
Exchange 2016 – Version 1.17
Exchange 2019 – Version 1.11
Leave feedback if you like them! and if not… add something to the Q&A or post a comment here. Thanks again!