Sending M365 mail from your all-in-one scanner/printer

Precursor

Imagine the following : you recently migrated your mail platform from the “classic” POP/IMAP mailbox setup towards Microsoft 356’s mail solution.

If you’ve done the M365 setup correctly and migrated everything towards your new cloud environment (see tons of previous posts 😉) you’ll soon run into some issues when trying to send an e-mail from your super-cool all-in-one printer/scanner/copy/fax machine, which is hooked up to the network and ready to send scanned documents in your (domain) name.

One of these issues being that you receive a NDR from your recipient relating to something like “Error 550 5.7.1 The user or domain that you are sending to (or from) has a policy that prohibited the mail that you sent” or anything basically that falls back to “we don’t trust this e-mail, because you smell of spam/phishing/malconfigured SMTP/…

Your printer – in this example – still has port 25 and (for instance) uit.telenet.be as outgoing mail server (yes, I’m Belgian – hence the .be TLD on my site)

(PS : don’t want to read this entire story ? CTRL-F your way to “How do I set this thing up ?”)

Behind the scenes

What happened behind the scenes before and after your migration, concerning mail flow ?

Before your migration,

you used to have and old-school mail provider that allowed a lot.
Your recipients didn’t care much or already added your scanned mails with PDF’s in them in their white allow-list.
Maybe your mails got through, maybe they didn’t.

Your outgoing mail provider (let’s say it’s Telenet nv for the sake of the already mentioned example above) doesn’t really care what you send over their mail server, as long as you send it from an IP address on their network.

(a small note : at the time of this writing Telenet no longer accepts anonymous port 25; they need authentication through an @telenet.be address and use port 587 with TLS encryption)
(another small sidenote : Proximus still allows anonymous port 25 at this time *cough*)

Whatever the case, it would allow senders to send any mail they want from any e-mail address they want, as long as they use their own internet provider’s mail address.

After migrating to M365,

Microsoft kind of enforces you to add certain DNS records, before 100% completing the setup wizard of their Online Exchange offer.
✅ green ticks tick my own boxes as well, so as an OCD-enjoying IT guy, I can’t not complete this wizard :p

One of these records you have to create is an SPF record, which partly regulates the mail flow for your domain by defining. (more on the SPF record on [this page])
Microsoft is also kind enough to allow you to send over their own SMTP servers (good guy MS !!!) and provides certain regulations in order to be able to do so.

Server/Smart Host: smtp.office365.com
Port: 587
TLS/Start TLS: Enabled
Username/Email address and password: pretty obvi what this is….

In a perfect world, you’d be able to just enter these settings in your super-duper all-in-one printer and you’d be good to go. 👌

HOWEVER…

On the dreaded day of June 30, 2023 Microsoft disabled out-of-the-box support for a tiny little protocol we know as TLS.
Specifically, they disabled support for TLS 1.0 and 1.1 (fear not).
A lot of these printers use this “older” protocol and – as you might already guess – this complicates the entire sending-of-mail process.

Never fear, though !

Microsoft built in a backdoor/workaround in their own security enforcement and still allows you to send mails like you would in “days of olden”.

 

How do I set this thing up ?

We’ll take this random internet screenshot from the mail settings tab in an OKI printer as an example :

Following all instructions you find on the internet, this would be the way to go.
And it is.

Using these settings in 2024 will result in a “cannot send mail” error on the printer.

Did you misconfigure something on this printer ?
NO.

Here’s what you need to change on the Microsoft side :

  • Through https://admin.microsoft.com browse your Users > Active Users and click the mail enabled user for your all-in-one device (Yes, you need to have a mail-enabled user for this)
  • On the screen that appears on the right, go to the “Mail” tab and click “Manage email apps
  • By default “Authenticated SMTP” is not active.
    Activate it and press “save changes
  • That’s not where it stops, though.
    Microsoft, sneaky as they are, still disable SMTP AUTH on a more global level.
    So just activating the above, will result in the same sending error on your device.
    sooooo, let’s go to https://admin.exchange.microsoft.com for part 2 of the config.
  • On the Exchange Online admin center go to Settings (in the left) column and pick “Mail Flow” (not to be confused the the “Mail Flow” fold-out menu in the left column).
  • One thing that needs to be de-activated is the “Turn off SMTP AUTH protocol for your organization“. (the tick needs to be unticked – super confusing option – double negatives and all)
    Depending on the type of device, you may or may not need to opt-in the tick “Turn on use of legacy TLS clients“.
    Even though Micro$oft disabled TLS 1.0 and 1.1, they still allow older TLS versions to communicate with the SMTP AUTH endpoint “smtp.office365.com”.
  • Press “Save”, give it a couple of hours tops and BAM, send at will with your Brother MFC something something, your mail enabled camera system, CRM software, …

I’ll leave the “plus addressing” tick for you to Google. It’s a cool feature, with little use-case.
Still cool though.

Peace out.
Happy mailing !

DKIM simplified and how it works (but not for beginners)

Lifting shrouds from IT-related mysteries is what we do here.

DKIM… yet another mys(t)ery to so many, but actually not that much rocket science as it seems.
Let me explain : 

Simplified as an acronym, DKIM stands for “Domain Keys Identified Mail” and is nothing more than “just another TXT record” in your DNS.
In a previous post, you could read up about SPF records and how they can diminish the amount of spam being sent FROM your domain name. DKIM takes this to a next step.
It’s the implementation of DKIM that will require some extra feedback from me, though.

Extremely simplified

Woodpecker.co explains DKIM as following :

“Take Game of Thrones to get the bigger picture of DKIM. Ned Stark is sending a raven with a message to king Robert. Everyone could take a piece of paper, write a message and sign it Ned Stark. But there’s a way to authenticate the message – the seal. Now, everyone knows that Ned’s seal is a direwolf (that’s the public key). But only Ned has the original seal and can set it on his messages (that’s the private key).”

Quite the analogy, if you’ve seen GoT (and no spoilers, even !)

 

What happens when using DKIM ?

The entire concept is based on encryption of a specific value that uses a public and a private key, that are generated in pairs and therefore cannot exist apart from each other.

The public value is stored (obviously) in a public location where all e-mail servers and clients can access it : the DNS server that holds your domain name (OVH, Skynet, Godaddy, Combell, …)

The private value is sent in an encrypted way over internet and can be verified through means of that private key, to check if it used the original correct signature.
It’s comparable to how an MD5 checksum works

(with the exception that at the time of this writing, DKIM can not yet be broken and it’s possible to “fake” an MD5 lol)
Image courtesy of postmarkapp.com

This hidden signature is then verified by the mail server, through which you send your signed mail, as well as all other mail servers where this message passes (in its original form).

Because…. the signature is added to the mail headers and is completely independant from how SPF records work, a proxy’ing mail server that just passes on your message, retains headers.
Theoretically, your mail could fail on an SPF, but could be perfectly valid on a DKIM basis !

 

Fool-proof ?

Is this method a fool-proof way of confirming ALL mails from your domain are safe now ?

A simple answer : NO.

DKIM is kind of the reverse of SPF, whereas SPF tells the receiving mail server what mail NOT to trust.
DKIM tells the receiving mail server that this specific mail, sent from this specific source is – in fact – OK to receive. DKIM does not guarantee that mails from your domain name, sent from a source other than the one defined in the key verification, are in fact safe, because the key in the verified mail message only counts for the specified source.

“Should I not bother to use DKIM, then ?”

You should still try to implement DKIM wherever possible, as all methods of securing your mail flow and getting spam/phishing mails out of this digital world, are most welcome.

 

What does DKIM look like & “comment ça marche” ?

Enough with the theory; let me explain how (and when) this works.

First of all, your own mail server, through which YOU send outgoing mail, has to have support for DKIM key generation.
Most ISPs (I think we can say “all ISPs”) will not use DKIM, as this would mean having to sign every friggin mail message that the millions of their customers send out on a daily basis.
All mail software would first have to talk on an encrypted basis to a public SMTP server to stuff that signed key in the mail header of their own mail message.
Seeing as most ISPs allow sending over their mailservers, without any authentication whatsoever, except for sending from their IP address range, this can ony mean : a big no-no.

Onward.

If your mail server supports DKIM (we’ll be using Microsoft 365 as an example), we can go ahead and create a DKIM.

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/email-authentication-dkim-configure?view=o365-worldwide  explains in heavy detail how to create a DKIM pair on a M365 mail-based subscription (Exchange Online in short).
Go ahead and read the article.
The come back here, for a small moment of enlightenment.

All caught up?
Good.

The original private key is never shown and is only known to your very own mailserver.
You get to see – usually in the form of a next-next-next wizard – the entries you have to add as a CNAME record in your own DNS server that hosts the domain name from which you’re sending mail.

As cryptography goes, the mailserver recieves your request to send a mail to somebody.
Next, it adds a specific unique mail header to your outgoing mail, based on its own private key, in combination with the key known to the public (and thus shown in your DNS records, for others to reverse verify)

Before showing the layout of the DKIM record, let me show you what a signed mail header looks like.
If you’ve been following my instructions, you’ve already seen a DKIM record on the Microsoft website mentioned above, by the way :p

DKIM-Signature: v=1; a=rsa-sha256; d=example.net; s=newyork;
c=relaxed/simple; q=dns/txt; t=1117574938; x=1118006938;
h=from:to:subject:date:keywords:keywords;
bh=MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=;
b=dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSbav+yuU4zGeeruD00lszZVoG4ZHRNiYzR

Analysis time :

  • Every DKIM signed mail starts with “DKIM-Signature:”
  • The obvious part “v=1” defines the versioning (duh). Ironically at the time of writing, the version will always be “1”
  • “a” defines the signing algorithm, usually RSA-SHA or RSA-SHA256
  • “d” stands for the domain name of the sender
  • “s” is short for “selector” which can be found in the corresponding DNS record (in this case) newyork._domainkey.example.net 
  • “c” is the abbreviation for “canonicalization algorithm”. A tricky one to explain, but I’ll try my best.
    You can see it contains 2 values. They represent header/body and define the (dis)allowing of slight header changes in mail forwarding.
    “Relaxed” allows a certain change in the header (for instance when forwarding a mail).
    “Simple” just tells the receiving mail server, that no change in the mail header part is allowed for it to still be a trusted DKIM key.
  • “q” is for “query” and tells the receiving end how to perform the DKIM check.
    The q-part is optional. At the time of writing, the only valid entry here is “DNS/TXT”, which defines that a DNS lookup needs to be done, looking into a certain TXT field.
  • “t” is the timestamp
  • “x” falls together with the timestamp and stands for “expiration”, in case you have a fast-rotating key-pair in your DKIM setup and want to assure the receiving end of a higher security level.
  • h” lists the signed header fields …
  • …while “bh” is the hash for the body part of the mail
  • “b” is the actual signature data.

Should you totally want to geek out more on the RFC for DKIM, you can get your groove on at https://dkim.org/specs/rfc4871-dkimbase.html

 

The DNS record(s)

Why did I keep this part for last ?
You could see in the above example, that the RFC leaves space for a different way of reading your DKIM record.
For now, we don’t have a different technology other than DNS to exchange DKIM data, but if DKIM were to be upgrading, so to speak, the possibilities would not be limited to DNS.

 

The actual public key would look like this :

NAME : 
nameofyourselector._domainkey.example.net

TYPE : 
TXT

CONTENTS OF RECORD : 
v=DKIM1; k=rsa; p=KLJHLHkjhkhkluhiukhjiulYUHKJUIYUYNJKHLKHIOUHJhjkhkjhklhjkh

The content of this record will be provided by your mail server, when you go through the DKIM generating process

 

A different approach is the use of a CNAME record instead of a TXT record, where your key is stored elsewhere.
Depending on the suggestion your mail server gives you, you’ll implement one or the other.

Your CNAME record could look like this :

NAME : 
nameofyourselector._domainkey.example.net

TYPE : 
CNAME

CONTENTS OF RECORD : 
heresmykey.something.anotherdomain.com

 

There we have it.
Theory and samples.

If you have any questions, don’t hesitate to contact me by mail, postal pigeon, smoke signal, …

Zuper out

 

Handy websites concerning this subject :

  • https://mxtoolbox.com/
  • https://easydmarc.com/tools/dkim-record-generator

 

Getting the most out of your Beat Saber copy

We’re (still) playing Beat Saber !

…and that’s because of the addictiveness of the game (the release of natural dopamines helps a great deal too :p)
To keep everything spicy while playing, there’s a ton of things you can do to improve your gameplay experience.

In this post I’ll be discussing fun upgrades for the PC version of Beat Saber, in case you’re still playing the “vanilla” version. (I’ll post something on upgrading your Oculus version as well in an other post).
If you’re already using mods, you might see an other perspective and/or learn some new things. Or you could even teach me some new stuff, posting your comments below.

Convenient table of contents :

 

Modder lover

First thing’s first.
Making life easier is what it’s all about.

Mod Assistant

After installing Beat Saber, you can surf to the Mod Assistant Github page and click on the “Download Here” link on the page to get the latest release. Modassistant also auto-updates, as a lovely built-in quality-of-life feature, by the way.

Follow the installation instructions on the Github page, after which you’ll be presented with a screen similar to this :

Modassistant screen 1

Click accept and then click on the Options button on your left.
Click the “Activate OneClick Installations

…and make sure all three options are activated. You might be welcomed with a security popup from your computer depending on your Windows security settings.

Afterwards, click on the “Mods” button and install all of the default selected mods, by confirming the “Install or Update” button in the bottom right of the Mods window. They will be your absolute basic list of required mods.

  • Always make sure that you boot up and shut down Beat Saber at least once, after installing the mods through Modassistant.
(Warning, should you be unlucky and get an ‘unsupported version’ notification, there’s ways around that. More on that in a later post on downgrading Beat Saber to a compatible version)

Now… on to the list of mods.

 

Custom Songs

Loading more than the default songs into Beat Saber, is where the fun part of the customizing starts. Who doesn’t want to rock out to some superhappy anime theme or headbang to the latest Rammstein song ?
Didn’t find anything that tickled your fancy in those 65000+ songs ?
Why not create your own song in popular tools such as Chromapper or MediocreMapper ?
Although creating your own songs is something for an other post…

It’s optional, but I still strongly recommend creating accounts on Bsaber.com and Beatsaver.com

The sites mentioned above use the same database in the background, but Bsaber (aka Beast Saber) has a good search engine and lists specially created song playlists. It’s also used as a helper tool for adding custom songs on the standalone version of Beat Saber on the Oculus Quest).
Beatsaver on the other hand, allows you – as a content creator – to upload your manually created  (the “manual” part is an important factor) Beat Saber maps.

In the chapter above this one, I let you activate OneClick installations.
This is where that option shines, as ModAssistant allows you to add songs to your game in  – you’ll never guess it – one click.

OneClick in stall
Example from https://bsaber.com/?s=military+storm

Clicking the little cloud icon opens ModAssistant’s installer tool (after maybe a security popup from your browser)

Installed !

Et voila, your song has been added to the list of custom songs within Beat Saber and is now playable in a separate menu tab :

Custom songs

Have fun !

 

Competitive spirit

Competition is one of the things that keep me going.
Beat Saber’s built-in scoring system has a neat feature where you can see your Steam friends and their resp. scores.
However, when you’ll start adding custom songs (see above), there’s no way Beat Saber can save its scores for these songs as they’re not part of the “official” songlist.

ScoreSaber

The tool you’re going to need here is the ever-so-popular “Scoresaber“, which basically is a global ranking system for custom songs.

Log into scoresaber.com with your Steam credentials in order to link the SC account to your personal Steam account, so you can start playing in the “big league”.

Modassistant (above) has Scoresaber as a built-in mod for you to activate, so that your Beat Saber will automatically upload scores to the global ranking database and you can get competitive with your friends or get an understanding on where you place in the world and country rankings.

Your personal page will look something like this, after a couple of ranked songs :

Score saber scores by Zupertails
Sample scoresaber page. Yes, I’m not a pro :p, don’t judge me.

(For a more up-to-date view, check the link to my profile here.)

Scoresaber also has an great API, documented on https://docs.scoresaber.com/ (you’re welcome – this specific URL is badly documented everywhere), so that (for instance) you could create your own bot on discord or create your own personal ranking system among friends, if you’re a little tech-savvy.

For a more detailed explanation on how the PP (Performance Points) system in Scoresaber works, see https://bsaber.com/indepth-guide/
Mostly, just focus on your accuracy and keep in mind that the main idea is to have fun.

 

More competition !

The term “sniping” in Beat Saber refers to specifically targeting somebody’s score on his or hers best performed songs.
In order to get better at Beat Saber and increasing your score/rank, sniping is actually a pretty efficient way of working yourself upwards in terms of skill.

One of the mods you’ll need here is “Playlistmanager” from Modassistant, if you want to save yourself some trouble in manually seeking songs.

Here’s how it works :

  • Surf to https://ss-details.herokuapp.com/sniper (there are similar tools/websites)
  • This specific site requires you to add 2 players. The sniper (usually you) and the sniped (the player that is some ranks above you on Scoresaber is a safe an typical choice)
  • Click “Create snipe playlist” after fiddling with the options and an A.I. will generate a playlist of songs for you to beat your target’s score at. A file with extension .bplist will be generated and downloaded.
  • Now open Modassistant and go to the Options tab, where you will click on “Install playlist”, where you will select the recently downloaded .bplist file.
    This will start downloading and installing all songs required for you to snipe your target.
  • Your new playlist will appear at the top in this menu (screenshot)

Have fun improving your skill in this competitive way !

 

Increasing your PeePee (you heard me…)

An other efficient way of improving your Beat Saber skills is to have another A.I. analyze your Scoresaber profile (see where the Scoresaber part is getting more and more important ?)

The lovely URL you’ll have to visit here : https://scoresaber.balibalo.xyz/peepee

You’ll also need Playlistmanager as in the post above.

Entering your personal Scoresaber URL will have the site instantly starting the analysis.

My Peepee
This is my Peepee

Give it a couple of seconds and you’ll be presented with a screen that offers you 2 downloadable playlists.

Not played : after analysis of your current scores, the A.I. presents you with songs that seem good training levels and (mostly) will be completable in days or weeks, considering your skill level.

To improve : the A.I. gives you a list of songs that it thinks you can improve, based on your current scoring profile.

Both playlists have a little “Playlist” button that allows you to either download a .bplist file or install it instantly through the OneClick button.

Have fun getting even better !

 

Customize EVERYTHING

Been playing Beat Saber for weeks or even months and you’re starting to get tired of the same “dull” look of your sabers ?

Does the amount of particles flying around on the screen bother you or can your PC not handle all the stuff on screen ?

Check out a variety of mods such as Saber Tailor, Custom Platforms, Particle Overdrive, Tweaks55 and whatnot.

Modassistant offers tons of extra plugins to improve or upgrade your Beat Saber experience in tons of ways possible.
I’m not gonna go over all the possible mods, as that’s something that others have done before me, but just be aware that the options are almost limitless.

An example website where you can get custom sabers :

https://www.fandomspot.com/best-beat-saber-custom-sabers/

 

Trippin ballz (aka Noodle and Mapping extensions)

Some Beat Saber levels have (either optional or obligatory) extra functionality built in that graphically increase your experience

I have a quick and dirty unedited version of the song “Somewhere out there” that show the wonders of mapping extensions.
I’m also holding some custom sabers to give you an idea.

You’ll sometimes bump into songs that have a greyed out Play button as they might require one of these extensions (it will be explained which one(s) you are missing, by a small question mark next to to the song preview window)

Check out the following list of drool-worthy levels :

Top 8 Best Beat Saber Visually Stunning Custom Songs W/LINKS

Enjoy !

 

Stay fit (YUR)

The main reason I bought my VR kit is to get back in shape.
I used to play Dance Dance Revolution “back in the days” to build up some stamina.

Then, life happened and I slowly grew out of it.

YUR logo

Being competitive in spirit, I needed something extra to get me in shape, apart from Scoresaber.
That’s where “YUR” kickedstarted me.

YUR is a free piece of software that installs on your Apple/Android device and gaming computer and brings fitness to a gaming level.
It has the ability to sync 2-ways with Google Fit and Apple Health and has an overlay in VR games that track your movement progress and calculates your burnt calories.

I got introduced to YUR in another rhythm game : Synth Riders.
This has a built-in YUR watch that – by the flick of your wrist – shows you the calory meter like a real smartwatch.

Give it a try, if fitness and health stats get you going !

 

Extra’s

There’s a couple of cool mods out there that are still worth trying  :

Beat Together : https://github.com/BeatTogether/BeatTogether holds the download for a Beat Saber plugin that allows multiplayer for custom songs (installation instructions on the site). A real fun feature I only got to know waaaay after I started playing B.S.

Enhanced Stream Chat : included in Modassistant, this plugin shows you your Twitch live chat on-screen while playing. Fun for quick interaction.
Also check out LIV’s streamerkit as a great alternative

Counters+ : want to see live how good you’re doing in Beat Saber apart from a simple ranking system ? Counters+ show you in full detail what you’re doing in terms of accuracy and hit percentage.

 

That’s (not) all folks !

Zuper out (for now)

 

O365 product training

Good news

Microsoft just recently sent me one of their spammy messages that I usually overlook.
Instead, this time, it was a bringer of good tidings. Finally, Microsoft will force-feed you or your users with documentation, tips and tricks on how to use your Office 365 products and get the most out of it.  There has been a built-in training centre for admins as well as regular users in the portal.microsoftonline.com landing page for a while now, but – speaking out of personal experience – not a lot of end-users visit this page.

Kindly read the message below, that contains the interesting part of the original mail :

The mail :

We’re pleased to announce that starting on November 29, 2018, all users of Microsoft 365 and Office 365 will receive helpful product training and tips for services in their subscriptions via email. This feature has administrative controls to enable and disable.

[How does this affect me?]
After this change takes place, email communications will be enabled-by-default for your organization’s users, allowing us to provide product training and tips aimed at helping them increase their productivity and to maximize their utilization of the products and services they use most. End users will only receive emails regarding services that they have been enabled for, and you can control whether or not your users receive these communications in the End User Communication tab in your Office 365 admin center. Your users also have the ability to opt-out of receiving these emails on an individual basis by accessing the Security and Privacy pane of their My Account Portal.

This feature will be on-by-default for all Office 365 and Microsoft 365 organizations on November 29, 2018.

If you wish to disable this service for your users, you can do so between now and November 29, 2018 and your settings will be honored.

[What do I need to do to prepare for this change?]
If you prefer your users receive product training and tips that are all tailored to the services in their subscription, then there’s nothing you need to do to prepare for this change.

If you do not want us to send product training and tips to your end users, please follow these steps to disable:

  1. Log into the Office 365 admin center
  2. Click on Services & Add-ins
  3. Click on End User Communication
  4. Flip toggle to “Off”

 

 

Sharepoint (online) for beginners (2)

Preparation (again) is everything

Should you eventually still be interested in Sharepoint Online after reading all the horror-stories and getting yourself mentally up to the task of making this key decision, prepare yourself for a lot more decisions 😉

If you’re a Belgian SME, you can probably skip most of this thought process. If you’re a somewhat larger company or an SME according to American standards, you’re in for a treat if you love planning things.
Consider the following tasks, depending on the size of you IT implementor and the size of the Sharepoint customer :

  • Plan hub sites 
    In short, hubs connect your libraries and sites into one easy-to read-and-manage central entity with its own look and feel.
    The example picture (for a larger company) shows a specific hub (in green) for the HR department, where all department libraries are centralized.
    The general idea behind this is to create a seperate hub for (e.g.) Finance, Marketing, Sales, …It’s common practice for smaller companies to put everything in one hub (with maybe the IT documentation in a separate one)
  • Managing your Search and Discovery result sets.
    You can take feature this as far as you want. Managing search results in a Sharepoint environment and administring keywords can either be something you completely let live a life of its own OR you can fully manage your keywords, result templates OR anything in between.
  • Actually creating the site and developing graphical layout, customizing content.
  • Will you be sharing your documents externally to users not in your organization ?
  • Mentioned before in the previous post : plan the physical content of the Sharepoint site.
    What will you be showing your users ? Will your SP environment become a complete file archive of all your documents or will you just be using the platform’s collaboration function on a project-basis ?

I won’t go as far as explaining everything in detail, seeing Microsoft has done this for me already.
You can find a very extensive planning overview on https://docs.microsoft.com/nl-be/sharepoint/introduction

As mentioned before, small enterprises are likely to use 1/10th of Sharepoint and might require a very limited amount of planning, to the point where it even comes down to replicating the original folder structure of a to-be-decomissioned on-premise server.
Sounds like a mouth-full, but practically speaking this is nothing more than a copy-paste action (albeit a tad more technical in the background)

On a note of keeping things simple and understandable, I’ll provide examples for an imaginary small company that starts using Sharepoint for the first time, so we can skip the whole larger planning phase and go straight to using Sharepoint Online (SPO).

 

Situation sketch

Remember our straw-producing company in an earlier example ?
They’ve gotten inspired by the entire Office 365 thing after experiencing the fun technical advantages of their mail and decided to move their data to ‘the cloud‘ as well.

Being the Belgian SME that they are, Shortstraw LLC has data hanging all over the place, spread among various computers, USB disks, cell phones and tablets.

They started out without a centralized server and are now ready to move to Sharepoint as a data storage platform. (or at least, that’s what they told you   *dramatic music*)

Questions, questions, questions …

You, as IT partner for Shortstraw, can now start a limited amount of planning and meet up with CEO and CFO Oliver and Annie.
There’s a certain amount of practical questions you will need answers to, before even starting your move to SPO.

  • Total amount of data in GB/TB ?
    This M$ page will tell you more about these limits.
  • Do they want all data synchronized on their computer(s) as local files ?
  • Who REALLY shot JFK ?
  • Will they be sharing files through SPO (especially to external sources) ?
  • What files will you split up into a personal Onedrive for Business account and a Sharepoint library?
  • How fast is the internet on-premise ?
  • Free disk space and operating system on the machine(s) that holds the data.
    In case you’re wondering : Windows 10’s native Onedrive has support since halfway 2018 for so-called ‘streaming files’, which downloads your files on-the-go when you open it from Onedrive. Windows 8/7/… all need an actual physical copy on the disk when synchronising.

 

Setting it up. Getting started. Doing your thing.

The right tools for the job.

When starting a migration to Sharepoint Online, a couple of tools come to mind. There are a few nifty pieces of software that can do the job quite well.

I’ll be discussing the last three, as they are free of charge (not counting the actual license cost of your O365 subscription obviously) and have little to no learning curve.

For the ease of this example, I’ll just assume we have some structurally placed files and folders on an on-premise file server/NAS/other easily accessible location for a Windows computer.

More prep !

Nothing ever comes easy (except for your mom – obligatory mom joke, couldn’t resist). More prep work is required before we can move our files to SPO.

A small theoretical explanation (practical examples will follow, don’t worry) :

First of all we’re going to want to create the location(s) where we want to store the files online. This is usually done by creating one or more document libraries. Simplified, you could compare them to shared folders on a file server.
Best practices tell us to set your initial user rights (more on this later) on a library basis, if necessary.
In a more extreme manner, you could even create Sharepoint subsites or Site Collections.

Secondly, you’re going to need to create security groups to apply to your libraries, where we’ll be removing the default security settings, in order to set specific rights to specific libraries.
This can either be done in Azure AD or straight from Sharepoint.

My n°1 suggestion is to keep the admin user as an owner of your libraries – or at least as power user – as we’ll be needing a specific user account for the automated migration process anyway.
If you’re into manual labor, you can have your users perform their own migration, but this is ill-advised.

My three free tools

Before you start to panic, I promise I’ll get more into detail about every method mentioned. The examples below will just give you a sneak peek on the easy of use.

Sharepoint out-of-the-box upload/drag-and-drop

Quite straightforward.
You either choose ‘Upload’ in the menu above your library or just drag and drop your file to where the library is located on-screen.

Screenshot of the open Upload menu in a document library.

OneDrive synchronisation

Same approach, different method.
You select the ‘synchronize’ button above the library, whereas you’ll get a verification from OneDrive to see if you really want to start a synchronization between your computer and this specific library.

Sychronizing will require a significant amount of disk space if you’re not working on Windows 10 (W10 uses the aforementioned file streaming method)

Microsoft Sharepoint Migration Tool

This tool automates the uploading (and pre-analysis) for your data towards the Microsoft Cloud.
Preferably, use the migration tool, when all your local data is stored somewhat centralized. This tool is best run from the (Windows) server itself where the data is held, for speed reasons, among others.

Microsoft SPMT has a very easy and intuitive look and feel, but will require you to create the libraries before starting the migration process.
Also make sure you have sufficient disk space, as this tool creates a temp folder as large as the entirety of the data to be transferred. (temp folder can be selected in the migration options)

SharePoint Migration Tool

That’s all folks.

Prepare for a hands-on moment in the next Sharepoint post  !

Sharepoint (online) for beginners (1)

What the flip ?

Introducing “Sharepoint” is always a tricky one.

Microsoft simply puts it down as an “Online Collaboration Platform”, which is actually one of the most simple ways of explaining the whole thing.
Sharepoint can be used as a sort of online organized file dump, but that would be something like using only the glove compartment of a Ferrari.

It’s often compared to a mixture of “Google Drive”, “Huddle” and a WYSIWYG website editor like WordPress, where you can manage all of your corporate content (to a certain limit), create intranet webpages, automate business processes through workflows, build custom apps etc.

I’ll mainly be talking about Sharepoint Online (SPO) , from hereon. Know that there exists an on-premise version as well, that had its root somewhere between the year 2003 and 2007, but still exists on current-gen Windows servers.

 

Is Sharepoint the right product for you ?

As with all products, it’s best to perform a study on why you would need it and if it’s the best solution for you, before you actually buy it. There’s a very big change SPO might not be exactly what you need and there’s that other chance, you’ve struck gold and it fits your needs perfectly.

A 30 day demo can be obtained through various means, of which the classic Microsoft demo environment is the most popular one : https://products.office.com/nl-be/try
If in doubt –> always demo it first.

Consider the following questions before usage :

  • Do your employees work remotely?
  • Do your employees often move from one client location or meeting to another?
  • Do your employees need access to various devices so they can do their jobs?
  • How are your employees currently accessing the content that they need?
  • Do you have customer-facing requirements, like a place to share information, an online catalogue, an online Request for Information form, or an online Request for Quote form that your customers need to fill out?
  • Do you share documents with your customers often?
  • Are you using USBs to transport and work on presentations, requests for information, or marketing collateral?
  • Does your staff ever complain that they wish there was an easier way to access your content?

You might have guessed, from the commercial way these questions have been formed (thank you, proserveit.com) , that Sharepoint will be a fitting answer for all of them.

 

I’ll also gladly push away some common misconceptions surrounding Sharepoint and its use, since potential users will start Googling and will eventually find articles that scare them away from this online platform.

Sharepoint is just a place to store your files

NO!
It’s a friggin’ collaboration platform. You’ll be able to work on project-based or group-based items, follow up your colleagues, create automated tasks, …

The IT department will be in charge of setting up our environment and maintaining it

NO!
Maybe the IT department will need to explain the very concept of Sharepoint and set up the initial workspace environment a bit, but you as a user will be very able to create your own project pages, invite colleagues, change the look and feel of your SP workplace and much more.

You can’t customize Sharepoint. It will look like any other SP environment

NO!
Sharepoint (Online as well as the on-premise version) has a relatively easy way of customizing every page and/or creating templates based on your company colors or personal preferences. Not only the page theme, but also the way your libraries are shown and much more can be fully customized.

SP is not user-friendly

NO!
C’mon, really ? You’ve worked with Microsoft products before, right?
Can you really say Microsoft’s end-user products are not user-friendly ? And be honest !
If you can actually find a software package by M$ that you find to be user-unfriendly, try to find an alternative and tell yourself again how great that alternative works out for you, will you ?
As with all new software, you might have to learn the basics, but even creating a new Sharepoint project or page just feels like typing a Word document or creating a flyer in Publisher.

 

 

I’m pumped! Let’s do this!

Before you get all over-hyped, there’s a few things to take into consideration before moving your data to the cloud and de-comissioning your old server(s).
Doing so, will avert potential headache afterwards, for either the IT implementor as for the users that will actually be … using … Sharepoint.
The baseline here is : “Don’t do a full copy-paste”

Just in case, we might need this document…

Take a breather and think about how much data you’d like to move over to SPO.
Do you really want to bring over all those old archived files, that you will never ever be looking into?
There’s no real harm in actually copying them over to SPO, but wouldn’t you rather work in a clean and clutter-free environment than be surrounded by piles of old paperwork ?

 

New document (1)(1)(2)-final_by_john.docx

The various options for versioning
Various options for versioning

For the love of God/Allah/Vishnu/The Flying Spaghetti Monster/…
Having a document like this is bad enough practice as it is, but don’t bring this over to your new Sharepoint environment.
Judging by this filename, there have been tons of new versions of this document created over time, while keeping the original ones around for … I don’t know … archiving ?

Sharepoint has built-in versioning, that can be customized to your heart’s content : approval options, type of numbering, amount of copies to keep, …

You’ll only end up using more storage than you actually need as well as creating a chaotic and unstructured work environment.

Next to all that, the above filename situation might be created by multiple users trying to access the same file and saving it as their own version.
Again in Sharepoint, you can actually co-author a document or even set a certain lock notification on the document for obligatory check-out of the document before editing it.

No more excuses 😉

 

Don’t think “Files and Folders” anymore

If you know how a database structure works, you’ll have better insight in why and how you shouldn’t be using the classic files and folders layout anymore, because Sharepoint, when you simplify it, is just one giant database.
Don’t feel bad if you don’t know what the internal workings of a database server are. I’ll gladly explain the Sharepoint way of thinking, so that you get the most out of your new structural storage.

First of all, keep in mind that Sharepoint is a collaboration platform. The essential part here is that one word : “collaboration“.
Obviously there’s still a need for rights and structural placement of folders, but the main idea is the working-together part.

You can create cross-functional groups, completely separate from your existing classic company structure where you now have a CEO > Management Group > Employees rights piramid.
Consider the people who own the file content, as opposed to the ones that get to “use” it and base yourself on “projects” instead of folders. Create Sharepoint pages per project, for instance.

Try to add as much logical keywords to your documents instead of categorizing in one single folder. Remember those many times you thought about that one file that was good for folder A , folder B and even folder C, and you had to make the decision of putting it at least somewhere?
Well, Sharepoint uses sort of a labeling system called Enterprise Keywords, where the actual location of your file matters less than the correct label(s) you attach to it.
Just make sure that the users who need this file, have access to the file, folder or library it’s in and you’re good to go. The Sharepoint search function will do all the work for you.
Not even to mention the awesomess of the program called “Delve“, that digs deeper in projects, files, statistics etc.

 

Planning your libraries

The Internet, Jen !In Sharepoint everything is divided into lists and libraries. Remember my database reference above ? Well, a list or library is nothing more than a database table.
As with all database systems, there’s a certain limit to what you can do. In this case, the often discussed 5000-items limit in a Sharepoint library is to be taken with a grain of salt.

You might have heard from the above mentioned item limit.
The number of items in a Sharepoint library should not exceed 5000 according to Microsoft advice. So, what happens if you get you 5001st item in a library ? Does the internet explode ?

Let me elaborate on this.

First off, the Sharepoint definition of an item is either a folder or a file, meaning that if you have 200 subfolders that contain 1 file in total, you have 201 items.

This whole limit thing has to do with the indexing speed for the software that runs in the background.
In order to quickly find your data, your server environment needs to read and analyze your data first, after which this analyzer-process writes something like a table of contents.
This table of contents is then used for search actions, because a ToC reads faster than actually having to scan your documents on-the-fly.

Microsoft has set a pretty round number on this, so it is easily remembered.

Should you go over the limit of 5000, the automatic indexing process simply becomes not-so-automatic and will take around 24 hours, depending on the process timing by Microsoft, which is something you yourself cannot change.
There’s actually another limit : 20000 items. Here, the indexing starts to go wrong and may start reporting faulty results or missing files.

What I’m saying is : “DON’T PANIC ; don’t limit yourself to the 5000 items barrier if indexing within 24 hours is good enough”

 

Onward !

Hopefully, I didn’t scare you too much here on the whole Sharepoint thing.
If you’re still planning to move your data to Microsoft’s cloud environment, keep reading on the entire process of migrating and what tools to use best in a next post.

Peace out!

Public Contact Folder in an Office 365 environment

Get global

Imagine coming from an obscure mail system in which you got a couple of public folders, such as a Public Address Book (not to be confused with the GAL – Global Address List) or some public Agenda.
Basically, this could also be a non-obscure system, as even the most generic or widely-used mail systems provide this functionality.

Having heard so much about Office 365, you decide to take the leap towards the cloud and start migrating all you mailboxes, only to find no default out-of-the-box public folder.

Fear not, as the functionality is still there. Even though it was rumored Microsoft was going to stop support for public folders in an Exchange environment. User pressure caused M$ to re-evaluate their choice, thus public folders are here to stay (at least for 3 years minimum).
This also applies to Exchange Server 2016, by the way.

 

Howstuffworks.com

I’m going to assume you follow the necessary steps to set up a working O365 environment

In the admin menu

  1. Open the Admin > Exchange menu in your O365 admin page
  2. Once inside the Exchange Control Panel, select ‘Public Folders’ in the leftmost menu or on the dashboard.
  3. A new menu will appear, where you are to select “Public Folder Mailbox” in the topmenu.
    For some reason yet unknown to me, you have to create a public folder mailbox first before you can actually create a public folder.
    One would expect this to have all of this process automated…
    Oh well, best go with the flow.
  4. Click the little “Plus” icon and fill out the necessary info.
  5. Once this is done, you get to create the actual shared folder in that same top menu, by selecting *insert drum roll* “Public Folders”.
    Click the little “Plus” icon in order to start creating your first Public Folder and name it as such.
  6. Click save and *BOOM* your folder has been created.
    Now you should be assigning user rights to this folder, as you’re not going to be admin’in this folder yourself as global admin for this O365 tenant.
    Ideally leave the administration of public folders for contacts, agenda’s etc. to the end-customer as this is a specific task for a specific kind of manager.
    If you’re reading this as the IT guy/girl for a small company, you’re probably screwed and get to do this task yourself.
    Click the newly created folder once so that the focus is on its name and next click on “Manage” in the right column.
  7. You can choose who you want to allow specific rights to this folder, by clicking the necessary rights ticks or selecting prefab permission levels in the dropdown menu.
    Press “Save” when done.

 

 

Actually creating contacts

  1.  Start by opening Outlook as a user that has owner rights (or sufficient rights to create folders) to your public folder and go to “Folder View” (that’s the three little dots in the bottom of your left column, in case you don’t have a 4K screen)
  2. Next, open the new public folder by expanding “All public folders” until you’ve reached your root folder (which should just be one click, normally)
  3. Right click the root folder and select “New folder”, after which you give it an appropriate name and select “This folder contains Contact Items”
    As you see, other options are available, such as a public agenda etc.
  4. We’ve already set the rights for admin, but as an owner, you can easily set other user’s rights afterwards through Outlook, instead of having to run over to your Exchange Control Panel as the global admin user.
    In any case, you can right click your newly created folder, that will now have a Contact icon and select “Properties”
    …where you can tick the option  “Show this folder as an e-mail address book”, so that Outlook (and you mobile as well as webmail) will be able to display this list for you to search through.
    Confirm with OK.
  5. Clicking the “To” button in your Outlook, will now let you select your newly created address book.
    Everybody happy !
  6. Now either import your PST file from the previous public contact list or start typing.
    Good luck !

 

 

 


Many thanks to Peter from Kalmstrom.com for providing the necessary ‘missing links’ in my to-do list. I also shamelessly took the imagery from his website, as my own O365 30-day demo was expired ;).
In my defense, it looks like the Pakistani Rimza.com domain in the example is possibly not Peter’s domain either :p

Onenote 2016 spontanously gives up its screenshot function

It’s a hot summer’s day and you’re working in your favourite Microsoft Office packet.
When suddenly … you want to take a screenshot in Microsoft OneNote, using the classic keyboard shortcut you’ve always used in the past couple of years :

  • WINDOWS + SHIFT + S

You wait. And wait.
And nothing happens.

It appears Microsoft has suddenly forgotten how to make a screenshot.

I’ve read in the meanwhile that this sudden loss of functionality has to do with the same keyboard shortcut also working in Windows 10 without the use of OneNote.
Nevertheless, my PC is dumb AF and hadn’t gotten the specific Fall Creator’s update yet (yes, I’m running behind…)

Cut the crap, Zupertails. How do I solve this ?

A little bit of Google here and there quickly leads me to a solution –>

First of all, Microsoft uses a non-ascii way of looking at your keys.
As a reference, they have a comparison table for this :

https://msdn.microsoft.com/en-us/library/windows/desktop/dd375731(v=vs.85).aspx

Memorize it (or bookmark the link ^_^)

Next, you’ll be needing to access your registry –>

  1. Open RegEdit.exe
  2. Go to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\OneNote\Options\Other\  (number may vary depending on your version of Office)
  3. Add a new DWORD with the name “ScreenClippingShortcutKey” with the Hexadecimal value “53”
  4. Note: You can use any character code you want. In this case, “53” is the ‘S’ key
  5. Restart your computer (because this specific registry entry is read on booting)
  6. You can now use Win+Shift+S again to take a screen clipping and let OneNote do its thing again

 

And there you have it.
Problem solved.
And there was much rejoicing.

If by now you still happen to live under a rock and haven’t heard of OneNote (which exists since Office 2007), I suggest you take a good look at it (and at yourself in the mirror) on https://products.office.com/en-us/onenote/digital-note-taking-app

Feel free to use OneNote as it’s *drumrolls* COMPLETELY FREE