Wednesday, March 1, 2017

365 One Drive Business Setting up Synchronization

Create a separate One Drive “Cloud Administrator” account and assign a 365 license to the account.

From the file server open Http:// and log on using the Cloud Administrator account

Once logged on select One Drive as shown below:


Once it sets up your One Drive you can select “Your OneDrive is ready”


In the OneDrive Menu select Sync as shown below:


Click Allow this website to open an app:


It will pop up the following “Getting Ready to sync…” if nothing happens or if you get prompted that you need an app. Then it does not have the proper version already on the system you may have to click on “Get the latest version of OneDrive as:


You should then see the following to enter in your Cloud Admin account and sign in:


You will get prompted with a password logon for Office 365 which will require that same account Sign in.

Then you will see the following which we will redirect to the folder we want to sync by selecting “Change Location”


In this case I will go to the D:\ServerFolders\Company Share and select that folder. Now here is the interesting part it will not sync the “Company” Folder it will create it’s own subfolder.


It will then revert back to the “This is your OneDrive folder” screen to which you click “Next” as shown below:


Check Sync all files and folders and note the path it created and select Next as shown below:


Your OneDrive is now ready for you to open:


Now If you go to the local path you will see the following:


Anything in that OneDrive… folder will be automatically synchronized.

Note: the Green checkmark means the data is syncing to the cloud OneDrive

If you right click on the OneDrive cloud icon in the bottom right corner of you system you will see the following options including View Online:


After you select “View online” and enter in the credentials you will see the data is matching in both locations. Here is a populated example of what the OneDrive will look like:


Note: I would suggest you keep your files within subfolders of the OneDrive share to make permissions administration easier to maintain.

Note: You cannot have a directory called “Forms” in your OneDrive folder structure or it will not synchronize it. “Forms” directory is reserved for OneDrive configuration

Note: If you change the password of this account you will have to change it in the configuration to keep sync enabled. (see “Settings” 2 images above)

Caution: Local permissions and Cloud permissions are maintained separately in most cases. See blog on permissions here:

365 One Drive Business Share Permissions

Create a separate One Drive “Cloud Administrator” account and assign a 365 license to the account and setup the One Drive Share sync. Once that is done to edit cloud permissions:

From the file server open Http:// and log on using the “Cloud Administrator” account

Once logged on select One Drive as shown below:


It will open your One Drive Business share:


To change permissions, select the check box to the left of the file or folder as shown below:


Right Click and select Details as shown below:


You will notice on the right side the file details scroll down to “Sharing” as shown below:


That will expand to show you the file or folder permissions from there you can add people, stop sharing to that person, or revise read/write permissions as shown below:


CAUTION: These are One Drive share permissions ONLY this will not impact your share permissions internally on the file share those permissions should be modified as well.

Note: I would recommend using folders and not have files in the root directory of your synced folder. That will make permissions administration editing easier.

The users will then see the data on their 365 accounts by going to the “Shared with me” folder as shown below:


Veeam backup fails with “Virtual Disk is not a multiple of” error

Depending on what other backup, build, or restoration solutions you have in place you may see a “virtual disk is not a multiple of…” error when backing up with Veeam.

The error sounds quite ominous like a major disk issue on the host. The good news is it ends up it is a quick fix on the VM using the GUI interface.

Open up the VM settings and resize the virtual drive from the weird size such as 79.435346435 GB to 80GB and the same for the secondary or other disks for example 250.45346324GB to 251GB. Then access the VM and expanded the drives via the OS.

If it is already a “normal” drive size try going up another drive size for example 80GB to 81GB and expand the drive in the OS.

Then test the backup job.

Credit: Veeam KB article

Thunderbird to Office Migration

There are several tools out there to migrate your email from Thunderbird to PST that you can then import into Office. Many of them are pay per license. I would stay clear of the freeware version. One pay version that I am familiar with is:

It does a decent job of exporting/importing.

Note: In the case of my imports there was a lot of malware hidden in the old Thunderbird email that my Antivirus found and quarantined as it was exporting. So I would recommend you make sure your Antivirus is online and up to date.

Importing contacts however from Thunderbird can be time consuming due to the fact that Thunderbird and Office use different headers for the categories. Once I exported from Thunderbird to a CSV file I edit it with excel and changed the headers to match what Office is expecting. That avoids manually mapping during the import process. I was then able to cut and paste the header to all the exports and import them into Office seamlessly. Here is the header I used you can cut and paste into as the first line of you CSV. hopefully they work for you:

Note: You will be overwriting the first line of the csv with this so please make a backup copy first.

First Name,Last Name,Display Name,Nickname,E-mail Address,Secondary Email,Screen Name,Business Phone,Home Phone,Fax Number,Pager Number,Mobile Phone,Home Street,Home Street 2,Home City,Home State,Home Postal Code,Home Country,Business Street,Business Street 2,Business City,Business State,Business Postal Code,Business Country,Job Title,Department,Company,Web Page 1,Web Page 2,Birth Year,Birth Month,Birth Day,Custom 1,Custom 2,Custom 3,Custom 4,Notes

Caution: If the import is done incorrectly you can import a bunch of junk into your contact list so I would recommend importing “offline” to make sure it is all good before connecting online. Worse case you wipe that local email profile and start over.

“you break it you bought it…”

Office 365 Configuration XML made simple

Creating the configuration XML can be a time consuming and multiple test and fail process before your finally get what you want for that ONE deployment.

Luckily now there is a tool for that and it is located here:

This tool will create a complex XML file for you allowing you to select version, excluded programs, remove products, configuration manager support, custom options, update options, silent mode, EULA, logging and even includes templates and an installation toolkit.

Credit: Jason Powell

Macro Exploits–Trusted Locations what you need to know

Malicious macro exploits have been a security issue for Office since the day macros were introduced. There are lots of legitimate work flow macros, so you cannot by default disable all macros in all Office programs. In the past you could create trusted macro locations within your network or system to add a layer of protection and prevention from malicious macros running.

GPO- Configuration/Administrative Templates/Microsoft Office XXX 20XX/Application Settings/Security/Trust Center/Trusted Locations

The latest threat though, with the added use of cloud locations, makes that harder to control and disable external document macros. While there is now an option to “Block macros from running in Office files from the Internet” unless users save the “trusted” cloud documents to a local path, designated as trusted in the GPO or system, then it may block legitimate work macros as well. So you will need to plan accordingly and remind the users “what to” and “what not to” open and where.

Knowing the average user is likely to click first on an attachment and ask long after the damage is done. The latest and worst macro exploit now triggers the newest malware craze “ransomware” such as Cerber. These two have been recently combined into yet another form of malware to thrash your data and systems.

The latest spam and phishing emails with those malicious attachments are currently concentrating on Office 365 users due to the fact that they know they have the Office suite to open the attachment macros and trigger the malware. The ransomware depends on the user to open the exploiting Macros by having end users “Enable Editing” and “Enabling Content” in the attachment. Here is an example of what one looks like:


The Cerber ransomware has been around since around March, but the Office 365 and cloud based targeting only just begun recently. Victims once they trigger the macro and are infected will see a ransomware note and the malware will also read aloud a note stating that their files have been encrypted.

Cerber uses AES-256 encryption and the victims are asked to pay about $800 U.S. dollars' worth in Bitcoin. If you don’t have a recent backup your only recovery option may be to pay the ransom if critical data is encrypted. Of course there is no guarantee they will honor the payment agreement.

If you are not using additional safeguards outside of what is provided by Microsoft, you could be at risk. I recommend you implement the following to help prevent ransomware from infecting your system:

  • Spam filtering
  • Firewalls
  • DNS filtering (such as OpenDNS)
  • Content filtering
  • Antivirus/antimalware
  • Group Policies to manage trusted locations
  • Employee Policies that outline how to open external documents
  • Backups (potentially ones that are not constantly connected to the network)

Office 365 increased email filtering

With Office 365 there are many features you can enable to reduce additional spam and malware. Below are a few of the higher level settings that can compliment your existing email filtering. On your Office 365 Console open the “Exchange Admin Center” select “protection”, select “malware filter” and edit (pencil) your Default rule as shown below:


The rule above is a more severe setting that deletes the full email with known potential malware type extensions. You can however make it more end user admin friendly by using the other settings to strip the attachment instead and alert the reciever that is was removed.

Note: Don’t forget to hit “Save” in the bottom right hand corner

In the same “protection” section select “connection filter” and “enable safe list” to allow Office 365 known safe senders as shown below:


Note: Don’t forget to hit “Save” in the bottom right hand corner

In the same “protection” section select “spam filter” and updated your “allow list” with senders and domains to allow known safe senders as shown below:


Note: Don’t forget to hit “Save” in the bottom right hand corner

In the same “spam filter” select “international spam” and select every country and language you DO NOT want to receive email from. If you are a business in the midwest USA and have no international clients or vendors nor want any then lock it down to english and USA as shown below:


Note: Don’t forget to hit “Save” in the bottom right hand corner

In the same “outbound spam” select “outbound spam preferences”select send notificaton and put in an user or distribution group email address so you will know spam is going out ASAP as shown below:


Note: Don’t forget to hit “Save” in the bottom right hand corner

How to Relay Veeam Endpoint Protection email using GMX

Setup a free email account at and enable send and receive via external programs under Settings, Email, POP3 & IMAP as shown below:


Veeam Endpoint protection by default lets you email and authenticate to “yourself” so use your GMX account as shown below and then click “Test Message”:


Open up your inbox on GMX and confirm you received the email as shown below:


Now you need to setup a filtering rule to forward those emails to your work distribution group. Go to Settings, Folder, Filter Rules, and select “Forward e-mails to another email account” as shown below:


You then enter in the GMX email address as the “email from sender” you want to forward and “forward email to” address and click “Create Filter Rule” as shown below:


Once applied from Veeam Endpoint Protection initiate a test email and you can confirm the rules work.