Category Archives: Office 365

Configure TLS relay on IIS for Exchange Online / Office 365

May 28, 2016 JosL 4 Comments

A while ago, you may have read that Microsoft will no longer allow relaying everything by default in Exchange Online when using normal authentication starting in ~~february~~ july 2017.

So I went about and set my SMTP relay in IIS to use a certificate instead, as the article explains. This resulted in a flood of bad mail drops with the following error:

Action: failed
Status: 5.7.57
Diagnostic-Code: smtp;530 5.7.57 SMTP; Client was not authenticated to send anonymous mail during MAIL FROM

After messing around with this for a while, I discovered the outbound port you have to use when connecting to smtp.office365.com to relay a message using anonymous TLS is port 25, NOT port 587 as we were using before to submit mail using a user account + password.

For those who want to configure a relay server on IIS to allow applications and devices that don’t support TLS, I’ll set out the steps to configure this properly: Continue reading Configure TLS relay on IIS for Exchange Online / Office 365 →

Automation, O365Migrator, Office 365, OneDrive for Business, Powershell, Sharepoint Online

O365Migrator v0.9 released!

May 24, 2016 JosL 22 Comments

Version 0.9 of O365Migrator is now available as a free download.

What was changed?

Differential transfer: upload only changed/new files. (does not process renames, moves and deletes yet!)
Subfolder targeting: upload to a specific subfolder instead of the root if specified
Better library name detection when admin and user have different language settings

You can find the new version here.

Office 365, Skype Online

Excluding Skype for Business from ADFS MFA

May 12, 2016 JosL 20 Comments

When you want to use Skype for Business Online, but are using an on premises ADFS implementation and require MFA for all logins, Skype for Business will fail to authenticate. It cannot handle the ADFS Multi-Factor challenge because MFA is not yet supported for Office 365 Online Skype for Business tenants.

To exempt Skype for Business from your ADFS RPT, use the following claims rule


$rp = Get-AdfsRelyingPartyTrust -name "Microsoft Office 365 Identity Platform"

Set-AdfsRelyingPartyTrust –TargetRelyingParty $rp –AdditionalAuthenticationRules 'NOT EXISTS([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent", Value =~ "(?i)skype"]) && NOT EXISTS([Type=="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent", Value =~ "(?i)ACOMO"]) && NOT EXISTS([Type=="http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-client-user-agent", Value =~ "(?i)lync"]) => issue(Type = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod", Value = "http://schemas.microsoft.com/claims/multipleauthn");'

*With thanks to the IT team at NHTV 😉

O365Migrator, Office 365, Sharepoint Online

O365Migrator v0.8 released!

May 11, 2016 JosL 22 Comments

Version 0.8 of O365Migrator is now available as a free download.

A frequently asked feature has been added to O365Migrator: in addition to migrating all your user’s homedirectories, O365Migrator can now also migrate entire fileservers (shares) to Sharepoint Online!

You can find the new version here.

Office 365

Getting the Webdav URL of an Office 365 Group

April 28, 2016 JosL 5 Comments

If you want to map a Sharepoint or Onedrive site to a drive, the required address to use in a net use command for the WebDav client (WebClient) can be found in the URL when you browse to it. This is not the case for Office 365 Groups, but the URL is fairly easy to find.

Make an office 365 group
Browse to the group’s files
Create a folder there
Enter the folder and note the current URL

Let’s say my group is called ‘OnedriveMapper’. If I’m at the root of the group’s files, the URL looks like this:

https://lieben.sharepoint.com/sites/onedrivemapper/_layouts/15/Group.aspx?GroupId=7010df87%2Da308%2D4904%2D975d%2Ddb1d0a0e5c1c&AppId=Files

However, if I enter my folder, the URL changes to this:

https://lieben.sharepoint.com/sites/onedrivemapper/_layouts/15/Group.aspx?GroupId=7010df87%2Da308%2D4904%2D975d%2Ddb1d0a0e5c1c&AppId=Files&id=%2Fsites%2Fonedrivemapper%2FGedeelde%20%20documenten%2Ftestfolder

So, it seems the default folder name in my tenant is ‘Gedeelde Documenten’, which is Dutch for Shared Documents. Putting the two together gives us the following final URL to map to:

https://lieben.sharepoint.com/sites/onedrivemapper/Gedeelde%20%20documenten

And yes, this works fine with Onedrivemapper 🙂

Liebensraum