How to test Office 365 SMTP server using PowerShell

Office 365 supports SMTP relay for authenticated accounts using TLS encryption.

Testing SMTP access is traditionally done using Telnet, but that’s not always an option when using Office 365 due to the authentication requirement.

Fortunately it’s easy to use PowerShell to accomplish the same thing.


How to test SMTP server using PowerShell:

Capture and store the Office 365 credentials for the account you intend to use for SMTP auth:

$msolcred = get-credential | save the credential of from address

Use the stored credentials to send a test message from user@domain.com to user@example.com, over port 587 (Encrypted w/ SSL):

Send-MailMessage –From user@domain.com –To user@example.com –Subject “Test Email” –Body “Test SMTP Relay Service” -SmtpServer smtp.office365.com -Credential $msolcred -UseSsl -Port 587

Error opening Word, Excel, PowerPoint files or email attachments in Office 2010

If you find that you are not able to open an Word 2010, Excel 2010, or PowerPoint 2010 file from the Internet or in some cases Outlook,  and you get an error message, performing the following steps will resolve the issue:

Office 2010 may report the file as being corrupt. The exact Errors may include:

Word: Word Experienced an error trying to open the file.:

Excel: The file is corrupted and cannot be opened.

PowerPoint: PowerPoint found a problem with content in file. PowerPoint can attempt to repair the presentation.

The following steps will set component security settings back to the defaults.

Open Control Panel

Open Administrative Tools

Open Component Services and expand the tree under Console Root to Computers > My Computer.

Right-click on My Computer and select Properties.

 repair_office1

Select the Default Properties tab and set the following values:

Default Authentication Level: Connect

Default Impersonation Level: Identify.

repair_office2

 

Preload Office 2013 on new computers for distribution to end users

This is a technique you can use to preload the Office 2013 installation media on a system, bypassing the need to download the installation files during activation.

You will require a qualified Microsoft Partner account in order to download the media from the following link:

http://www.microsoft.com/OEM/en/installation/downloads/Pages/office-single-image-v15-opk.aspx

  • Download the disk image appropriate for your language.
  • Extract the disk image using a utility like 7zip to a folder.
  • Copy the Office 2013 Single image source folder to local PC. (Folder contains installation data and batch files for prep)
  • Uninstall the already installed Office 2013 installer  from Programs and Features (if it already exists).
  • Run as administrator the script oemsetup.en-us inside the single image source folder, this preps the system to use the local source for Office 2013 instead of downloading.
  • Open the Microsoft Office app following script completion, and select Buy online.
  • Purchase the office software using a Microsoft account affiliated with the client or user.
  • Go through the purchase process until you have confirmed, and are presented with a product key. Make sure to document what key will be assigned to each user  if preparing multiple systems.
  • Copy the Product Key to your clipboard and go back to the Office installer and now select Activate.
  • Enter the Product Key you copied.
  • Select the Redeem Online button.
  • Sign in with the same Microsoft Account used to purchase the software.
  • Select the region and language.
  • Once the key has been associated with your account you will be taken to a web page that displays all keys tied to the account.
  • Minimize the browser window and go back to the Office installer.
  • Select Activate, on the enter product key screen select the option to “sign in with an active account instead”.
  • Sign in with the Microsoft account.
  • Once signed in, you should be presented with the ‘Choose your product window’.
  • The most recent purchase is a the bottom of this list,  select it and Continue.
  • Office Click-to-run will now complete the install using the local installation source instead of downloading the software. 

This is especially helpful when dealing with multiple systems at a site with poor download speed.

Word or Excel File Opens Slowly When Double Clicked

I recently experienced a strange issue with a client where office documents from Word and Excel (.doc and .xls) would open very slowly when double clicked.  If you first opened the respective application and then selected the document from the open menu, it would open almost instantly.  After exhaustive research, I found the issue was related to the Dynamic Data Exchange (DDE) settings for those applications.  More on DDE can be found here.

The corrective action was to modify the “Application used to perform this action” string in the DDE settings.  Here it is step-by-step:

  1. Open folder options from within the control panel.
  2. Select the tab for file types.
  3. From the list, select the document extension you are having trouble with (.doc or .xls)
  4. Click the advanced button
  5. Append the string “%1” including the quotes to the end of the existing “Application used to perform this action” string.  If the existing string ends with a “/dde” remove that.
  6. Click OK and try again.

 

A required installation file SKU011.CAB could not be found.

I recently came across a PC that prompted me for the SKU011.CAB file everytime I ran an Office application.  The verions of Office it listed was Office Professional 2003 so I popped in my Office 2003 Pro CD and tried to use that to replace the file.  I was unable to find SKU011.CAB on the CD and after checking the CD Key in use discovered that Office 2003 Pro Enterprise was the actual version installed.  Not having an Enterprise CD, I thought I was stuck.

Then I found the Local Installation Source Tool from Microsoft and was saved.  I downloaded the tool and used the “Delete and disable LIS” option to remove the local installation source and after the next attempt to start and Office App I was off and running.

You can get the tool here:
http://www.microsoft.com/downloads/details.aspx?familyid=10fa7aa3-695b-42c3-9045-b812ba0fed3e&displaylang=en

 

How to change product key on Office 2003

Regedit

Find

HKLM/Software/Microsoft/Office/11.0/Registration/<only-32-bit-ID>

-Change the value of key “ProductID” to “OldProductID”
-Delete the key DigitalProductId

Now start one of the office apps – it should ask you to re-enter the key, then activate normally.

Implementing RPC over HTTPS in a single Exchange Server 2003 environment

Sources: http://www.outlookexchange.com/articles/HenrikWalther/RPC_over_HTTP.asp
http://www.msexchange.org/tutorials/Implementing-RPC-over-HTTPS-single-Exchange-Server-2003-environment.html
http://blogs.techrepublic.com.com/networking/?p=292

In order to make use of all Exchange’s collaborative tools, Outlook must communicate with the Exchange server via the remote procedure call protocol (RPC). It’s not a good idea to open these ports to the Internet due to RPC’s rich history of exploitable vulnerabilities. RPC over HTTPS allows RPC traffic to be tunnelled inside secured HTTP packets. This enables roaming users to enjoy full Outlook/Exchange functionality without having to open any additional firewall ports or dial a VPN connection.

The following steps are necessary to implement RPC over HTTPS in a single Exchange Server environment:

– Configure an Exchange Server 2003 back-end server as an RPC proxy server.
– Configure the RPC virtual directory for Basic authentication and SSL
– Configure the RPC proxy server to use specified ports for RPC over HTTP
– Set the NT Directory Services (NTDS) port on all global catalog servers that act as Exchange Server 2003 back-end servers
– Create a Microsoft Office Outlook 2003 Profile for your users to use with RPC over HTTPS
– Test the connection

Requirements in order to get RPC over HTTP working:

Client(s)
Windows XP with Service Pack 2.
Outlook 2003 installed, previous Outlook versions won’t work.

Server:
The exchange server needs to be running Windows 2003 and Exchange 2003.

It’s not a requirement running Exchange in a Front-End/Back-End topology as many believe, actually you could get by running everything from a single server. But depending on your environment, Microsoft recommends you make use of a Front-End/Back-End scenario, and if possible placed behind an ISA 2000 server.

You will also need to have a Microsoft Certificate Authority (CA) installed , this should be used to issue the respective certificates needed in order to have SSL/443 working properly. You could as well go the easy way and get the certificate from a certificate provider like Verisign or Thawte.

Configuration Steps:

1)  Install the RPC over HTTP Proxy component on Windows Server 2003
– Click Start | Settings | Control Panel
– Double-click Add/Remove Programs
– Click Add/Remove Windows Components
– Double-click Networking Services
– Put a checkmark in RPC over HTTP Proxy
– Click Next | Ok | Finish

2) Configure the RPC virtual directory for Basic authentication and SSL

Installing the RPC proxy will create two new virtual directories under your Default Web Site. We need to modify these slightly in order to allow proper authentication and encryption of RPC over HTTP connections.

– Open up the IIS Manager.
– Navigate to Web Sites | Default Web Site.
– Right click on the RPC directory and select Properties from the drop-down menu.
– Select the Directory Security tab.
– Click on the Edit button within ‘Authentication and access control’.
– Make sure that the option ‘Enable anonymous access’ is deselected.
– Check ‘Integrated Windows authentication’ and ‘Basic authentication’ and click on OK. You may be prompted with a warning dialogue; click on Yes and ignore this as it does not apply while using SSL.
– Click the Select button next to Default Domain and select the domain from the list.
– Click the Select button next to Realm and select the domain from the list.
– Click OK.
– Click on the Edit button within ‘Secure communications’.
– Check ‘Require secure channel (SSL)’ and ‘Require 128-bit encryption’ and click on OK.
– Click on OK to apply the changes.
Repeat these steps for the RPCWithCert directory.


3) Configure the RPC proxy server to use specified ports for RPC over HTTP

Now we need to edit some values in the registry editor, so start it up and navigate to the following registry key:

HKEY_LOCAL_MACHINESoftwareMicrosoftRpcRpcProxy

The ValidPorts key will likely already include an entry for ports 100-5000; we need to add a few more. Below is an example; you will need to change the hostnames and domains to match your own environment. This should be entered as a single line with no spaces after the semicolons.

ISLMAIN:100-5000;ISLMAIN:6001-6002;ISLMAIN.ISLLLC.local:6001-6002;ISLMAIN:6004;ISLMAIN.ISLLLC.local:6004

4) Set the NT Directory Services (NTDS) port on all Global Catalog Servers that act as Exchange Server 2003 back-end Servers

There are two ways to do this:A) Tell the Exchange server to act as a target for the RPC proxy:
Open up Exchange System Manager, browse to your target server, right-click, and select Properties.
Just above the General tab you will find the RPC-HTTP tab. Select this tab and ensure that the option ‘RPC-HTTP back-end server’ is checked.
Click on OK to exit.  You will be prompted to restart the server.

B) Use Regedit to navigate to the following key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNTDSParameters

– Then click Edit in the menu > New then click Multi-String Value
– Name it NSPI interface protocol sequences
– Right-click the NSPI interface protocol sequences multi-string value, and then click Modify
– Type ncacn_http:6004 in the value box
– Now restart the Global Catalog Server.

5) Create a Microsoft Office Outlook 2003 Profile for your users to use with RPC over HTTPS

– Open the Control Panel | Double-click Mail
– Click Show Profiles
– Click Add…
– Give the profile a name and click Ok
– Click Next and set bullet in Microsoft Exchange Server
– Now you should type in yourExchange server FQDN (ex.  exchange.domainname.local)
-Set a checkmark in Use Cached Exchange Mode, type in your username, but don’t hit Check Name yet, instead click More Settings…
– Click the Connection tab
– Set a checkmark in Connect to my Exchange mailbox using HTTP
-Now open up the ‘Exchange Proxy Settings’ and use the options below.

Use this URL to connect to my proxy server for Exchange:
https://mail.domainname.com

-Check ‘Connect using SSL only’.
-Check ‘Mutually authenticate the session when connection with SSL’.
‘Principal name for proxy server:’ msstd:mail.domainname.com
-If you want to use RPC over HTTPS even while on the internal network, then check ‘On fast networks, connect using HTTP first, then connect using TCP/IP
-Make sure ‘On slow networks, connect using HTTP first, then connect using TCP/IP’ is checked.
-For the ‘Proxy authentication settings’ we can use either NTLM or Basic authentication. I prefer NTLM as it doesn’t constantly prompt for a username and password to be entered.

Apply the changes and you’re ready to start testing. Don’t forget to forward port 443 to the Exchange Server on your external firewall.

6) Test the connection

After enabling the RPC Proxy settings, your Outlook connection to the Exchange Server should be established successfully. The question is now: How to determine that it is an RPC over HTTPS connection?

The answer is simple. Right click the Outlook icon in the taskbar while you are holding the CTRL Key. The Context menu opens and now you have the option to see the Exchange Server Connection Status. Here you can see if your connected, and if yes what connection type is used.

Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats

Older Microsoft Office application to open, view and print newer office document formats, ie docx, or xlsx – link

2007 Microsoft Office Add-in: Microsoft Save as PDF or XPS

http://www.microsoft.com/downloads/details.aspx?FamilyId=4D951911-3E7E-4AE6-B059-A2E79ED87041&displaylang=en