Test Layout

Normally the only time you need to do a full synchronization of passwords with DirSync is after you install it. By default, when you complete the configuration wizard it performs a full synchronization of passwords. After that point passwords are synchronized only accounts are created or when the password is changed. One potential issue that can pop up is changed passwords on the Office 365 side. When passwords are synchronized to Office 365, it is still possible to change them in Office 365 for the user account. This is not recommended from a management perspective, but administrators make bad choices once in a while. When this happens the account is out of sync between on-premises and Office 365. To ensure that all passwords in Office 365 match their on-premises account, you can trigger the same type of full password synchronization that occurs after DirSync is installed. Perform the following steps: Open a Windows PowerShell prompt. Type Import-Module DirSync and press Enter. Type

Most of the time when we configure hybrid mode, the CAS servers have unrestricted access to the Internet. However, not all organizations allow this. I recently ran into a couple of proxy configuration issues when setting up hybrid mode for a client. The first errors we got were during the setup of hybrid mode creating the federation trust. However, we would have had ongoing issues because the CAS servers in the on-premises Exchange installation need to communicate with O365 servers to perform tasks such as free busy lookups. I had been assuming the CAS servers had direct Internet access but forgot to confirm with the client. When creating the federation trust initially we ran into the following: Unable to access the Federation Metadata document from the federation partner. Detailed information: "Unable to connect to the remote server." The good news is that error instantly makes you think network connectivity. This error is generated when the the CAS server cannot communicate

Normally when you install Dirsync (Windows Azure Active Directory Synchronization Service), you synchronize your entire AD forest. This is the default configuration that Dirsync uses. However, sometimes it's useful (or at least comforting) to synchronize only part of your organziation at a time. When you filter by organizational unit, there are no issues. You can select the specific OUs that you want synchronized an it will work. When you attempt to filter by domain, you will get the following error that is visible in Synchronization Service Manager: Step Type: Full Import (Stage Only) Partition: DC=deselectedSubdomain,DC=domain,DC=com Status: missing-partition-for-run-setup Despite the fact the Dirsync graphical interface is perfectly fine with deselecting a domain, the scripts created during the installation for performing synchronization are not. You can view the code for the steps and probably could edit that code, but that's a little risky for my tastes. Instead the sugges

Certificates are used to secure digital communication. The most common security measure is SSL/TLS which is used to protect communication with web sites and other services. The certificates used to secure communication have an algorithm that is used to create has values. SHA-1 was a commonly used hash algorithm. In November of 2013, Microsoft indicated that Windows would not accept certificates using SHA-1 as valid starting in 2017. Most certificates expire after 1-3 years providing ample time to update existing certificates during normal renewal processes. I just received a notification that Google Chrome will start marking web sites using certificates with SHA-1 as invalid starting in November 2014 if the expiry date of that certificate is after 2015. That is a much faster time frame. A review of our clients has revealed that only one certificate is using SHA-1 at this time. All of the others are using SHA-256 (one of the larger set of SHA-2 algorithms). For this one client, we need

Some screenshots and videos are showing up for Windows 9 Technical Preview. I'm not sure what else is in there, but the one I care about is the Start menu. It's back! Right from the time Windows 8 came out, it bothered me that they tried to use a tablet interface on desktop computers. According to articles, Windows 9 will change the interface depending on the type of device. So, tablets can retain the Start screen (which makes sense) and PCs can have the start menu. If this all turns out to be true for the release product I think I can finally get customers moving on the new OS instead of sticking with Windows 7. A YouTube video of the Windows 9 Start menu is below: Please note that the product name of Windows 9 is not yet confirmed.

Not sure whether a web site is down or you're having Internet issues? Check here: http://www.downforeveryoneorjustme.com/