Force a sync from Azure AD Connect to Office 365

AAD sync runs every 30 minutes, we are several situations where you cant wait 30 minutes for a change to sync across, you still want to force a sync. To do so, on the server which has AAD Connect installed and type the following to import the AAD Connect PowerShell module:

Import-Module ADSync

You check the current settings of the sync scheduler

Get-ADSyncScheduler

adsync01

To force a delta sync, you the following PowerShell command:

Start-ADSyncSyncCycle -PolicyType Delta

adsync02

If you want to force an initial (full) sync, use this command:

Start-ADSyncSyncCycle -PolicyType Initial

Create a Shared Mailbox in Exchange 2007

Create shared mailboxes in Exchange 2007  using powershell  as the EMC in Exchange 2007 doesnt allow you to create shared mailboxes like the new exchange 2010.

You can do this with the help of the new-mailbox cmdlet.

Below is an example of creating a shared mailbox called Info and then assigning the info security group full access to the shared mailbox.

New-Mailbox -Name:’info’ -OrganizationalUnit:’contoso.loal/OU/users OU’ -Database:’Mailbox Database’ -UserPrincipalName:’info@contoso.com’ -Shared

Exchange 2007 will now create a shared mailbox and also create a disabled active directory account.

Now to assign full access

Add-MailboxPermission Info -User:’info group’ -AccessRights:FullAccess

You can also convert a mailbox to shared one usin the set-mailbox cmdlet.

Set-Mailbox Info -Type:Shared

Once this is done, you are now able to manage the shared mailbox via Exchange Management console if you need to assign permissions for full access or send as permission. The following powershell command is used to assign send-as rights and read/write personal information.

Add-ADPermission info -User:’info Group’ -ExtendedRights:Send-As -AccessRights:ReadProperty, WriteProperty -Properties:’Personal Information’

Manage Exchange 2010 Calendar Permissions Using Powershell

You can add  Calendar Permissions Using Powershell for users using the following command:

if user2 needs to access user1’s calendar

Add-MailboxFolderPermission -identity “user1:\calendar” –user “user2” -AccessRights Reviewer

the same can be done to give permission to a security group

Add-MailboxFolderPermission -identity “user1:\calendar” –user “DomainName\securitygroup” -AccessRights Reviewer

Below is the list of access rights and explanation

None                                                   FolderVisible
Owner                                                CreateItems, ReadItems, CreateSubfolders, FolderOwner, FolderContact, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
PublishingEditor                       CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
Editor                                                 CreateItems, ReadItems, FolderVisible, EditOwnedItems, EditAllItems, DeleteOwnedItems, DeleteAllItems
PublishingAuthor                    CreateItems, ReadItems, CreateSubfolders, FolderVisible, EditOwnedItems, DeleteOwnedItems
Author                                              CreateItems, ReadItems, FolderVisible, EditOwnedItems, DeleteOwnedItems
NonEditingAuthor                   CreateItems, ReadItems, FolderVisible
Reviewer                                          ReadItems, FolderVisible
Contributor                                   CreateItems, FolderVisible