Tag Archive: Office365

Microsoft / Office365 Impersonation Bug

We use an off the shelf product at work which can send e-mails. The e-mails come from the currently logged in user and the way this is achieved is by using Exchange Web Services. The code probably looks something along the lines of;

ExchangeService service = new ExchangeService();
service.Credentials = new WebCredentials("impersonationusername@domain.com", "password", "");
service.UseDefaultCredentials = false;
service.AutodiscoverUrl(from, new AutodiscoverRedirectionUrlValidationCallback(RedirectionUrlValidationCallback));
service.ImpersonatedUserId = new ImpersonatedUserId(ConnectingIdType.PrincipalName, "sender");
EmailMessage email = new EmailMessage(service);
email.Subject = "subject";

Our e-mail provider is Office365 and recently some users have been unable to send e-mails from this product. We followed the usual troubleshooting process and were pretty convinced we had ruled out everything at our end. On top of this we used the Microsoft Remote Connectivity Analyzer (https://testconnectivity.microsoft.com) which was giving the same result;

ExchangeImpersonation SOAP header must not exist for this type of OAuth token

We haven’t made any changes to the mailboxes recently and they were previously working so it must be an issue Microsoft’s end. We logged a ticket and a week of back and forth later we have a solution (via powershell);

1. Set-ExecutionPolicy RemoteSigned
2. $UserCredential = Get-Credential
3. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
4. Import-PSSession $Session
5. New-MoveRequest -Identity "impersonationusername@domain.com"

You can check the status of the execution of this command by:
Get-MoveRequest -Identity "impersonationusername@domain.com"

Microsoft were unable to provide a real reason for this other- but said something along the lines of; “something has become corrupt and moving the impersonation mailbox to a different database causes some form of rebuild”.

I hope this works for you too!

Tools to run an IT Company

Inspired by https://www.bluegg.co.uk/writing/tools-to-run-a-design-agency, I felt it would be interesting to collate a list of the tools (i.e. hardware, software, services, etc.) that we use to run our business. I hope this will provide a good opportunity to share our feedback, review some of the tools, and address any gaps.

I’m starting with a simple list, but hope to follow up with some notes around each of the tools.



  • Ubiquiti (UBNT) – UniFi Series
    • UniFi Switch 48 (USW48)
    • UniFi Security Gateway Pro (USG)
    • UniFi AP AC (UAP)

I have been fairly impressed with all the UniFi equipment. We do run the beta controller so encounter occasional issues . We chose to deploy the EdgeRouter for clients as they’re easier to manage without the complications of the controller.


  • 1U Custom Built SuperMicro Server (running ESX 6.5.0update1)
  • Synology Rackstation (Fileserver, SFTP and DVR)

I have built half a dozen SuperMicro ESX servers over the last X years and they’ve all fared really well, providing excellent value for money. We can afford to have 2 servers (hot/cold spare) for far cheaper than an Enterprise HP/DELL equivalent (providing us a quicker turnaround in the event of failure). The biggest problem is sourcing the parts in the UK.

Similarly, I have been using Synology NAS solutions for many years and have always been impressed. We use the unit to provide in-house storage/archiving, remote backup for clients, SFTP access and as a DVR for our Hikvision IP Cameras – the only drawback being that you do have to purchase additional Surveillance Station licenses.


  • HP Elitebooks 8440p/8470p with Solid State Disks (SSD)
  • Hp Probooks 640 G1 with Solid State Disks (SSD) *Updated 06/06/18- these are the latest model which are compatible with the docking stations we have. Next time we move forward with the laptops we will have to upgrade the docking stations too*
  • HP docking stations
  • Dual Acer v226hql 21.5″ monitors.

We normally pay around £100 for the laptops and £70ish for the monitors. We have a stash of 128gb SSDs which are plenty big enough. These laptops are far from “latest generation” but are built to last and perform surprisingly well (we do some fairly serious multi-tasking). So, for under £250/user, we have a pretty impressive setup.

Tablets / Android Devices:

  • Nexus 7 (for Android development/testing)
  • Clover Flex, Mobile, Mini and Station

Our Java/Android development is currently focused on the Clover till / ePOS, hence the Clover device. These are quite hard to get hold of (having to order from the US and use a special service to forward them to the UK). The Nexus tablets have the same screen size and resolution as the Clover Mobile / Mini so provide a great platform for testing/development at a fraction of the cost!

Digital Signage:

A great bit of free software I would highly recommend. We have upgraded to the Donor’s Edition and use it each and every day. Our office screens use Microsoft SQL Server Reporting Services (SSRS) to display dashboard with key metrics and essential data to run our business.


  • Xerox Phaser 6121MFP-S
  • Xerox WorkCentre 6515N *Updated 06/06/18- the added active directory integration and duplex printing/scanning are nice touches. Let’s hope it lasts as long as the last one!*

We don’t print a lot, but when we need it, this colour laser works great. The scan to e-mail with the automatic document feeder is a life saver.

The printer has lasted for longer than I can remember, and I’ve only had to top up the toners once! I will be looking to replace it with the Xerox WorkCentre 6515N when it runs out of toner next.


  • HikVision (multiple domes and bullets)
  • Yale Wireless Smart Alarm

The HikVision cameras are very reasonably priced and provide a great resolution/quality. As mentioned above, our Synology fileserver doubles up as a DVR.

The Yale Smart Alarm is ideal; each member of staff has a unique PIN to allow audit and there is no subscription/monthly fee.


  • Cisco 7906
  • Cisco / Linksys SPA942

We pick these up from eBay for between £5 – £15 per unit. The 7906 has proved rock solid for years, but we are starting to need the additional lines and conferencing facility provided by the Linksys SPA942. Read on for information about our VOIP provider.


  • Flukso (Energy Monitoring)

I’m still looking for something better (capable of recording more channels) but until then, this device is the best fit for our needs, where we are able to graph the usage of up to 3 channels). You can read a bit more about my home Flukso setup in an earlier blog entry; https://tickett.wordpress.com/2013/10/25/solar-kwh-meters-new-fuse-box-flukso/


Email/Sharepoint/Onedrive/Instant Messaging:

  • Office 365 – £45.60/user/year

We use Skype for instant messaging and Exchange for our individual and shared mailboxes, as well as Onedrive and Sharepoint for information and document storage.

Microsoft support is pretty terrible but, for the price, it’s a great service.

Version Control:

  • VisualSVN (subversion) – FOC
  • GitLab Community Edition (hosted on-premise) *Updated 06/06/18- Our dev team have now moved to Git. I hope to share some of the best practices/processes and customisations we have built in due course*
  • RedGate SQL Source Control – £59/user/year

If we were to set this up today, I suspect we would use Git over SVN, but we have our history and a number of integrations with other systems in place so will need a few good reasons before we jump ship.

RedGate SQL Source Control is a great tool to add SVN integration directly into Microsoft SQL Server Management Studio (SSMS).


  • Xero – £316.80/year

I honestly don’t know how we coped before Xero. At the end of the financial year two weeks were set aside for paperwork (and this was before we had any staff/payroll to take care of). Invoices would go unpaid for 6-months without being noticed and VAT returns were a nightmare.

We now have live bank feeds into Xero and can tell real-time who owes us what, as well as having a clear picture of where money is going to/coming from, and VAT returns are simply a click of a button. Worth every penny!


  • Solarwinds WebHelpDesk – £86/user/year
  • Tickett Helpdesk *Updated 06/06/18- We have now built our own in-house helpdesk software which we hope to market sometime in the future*

We have been using WebHelpDesk since before Solarwinds took over and whilst it remains a handy tool. It has it’s limitations and becomes increasingly costs over time. A bit part of the decision was based on the Microsoft SQL Server back-end, allowing us to easily pull data on our dashboard and reports.

Project Management:

  • Trialling Trello – FOC
  • Trialling Freedcamp – FOC
  • Tickett Helpdesk *Updated 06/06/18- We have built project managements features/tools into our own in-house helpdesk software (which we hope to market sometime in the future)*


  • Timetastic – £6/user/year

Does what it says on the tin. We did trial Charlie HR, but the free service doesn’t include a holiday calendar (which in my eyes is essential).

Web hosting:

  • Amazon Web Services (AWS) – Roughly £600/year

We currently use S3 and EC2 with a single T2.Medium instance running Windows Server 2016 / SQL Server 2016. We use this to provide several in-house services as well as a number of client applications.


  • Cloudflare – FOC

A great tool, never had any issues – and it’s free!


  • XLN – £620.88/year
  • Virgin Media Business 350/15 – £600/year *Updated 06/06/18*

We were previously using Claranet, but XLN offered a good introductory rate at our new premises- never really had any issues. We have a block of 5 static IPs included in the price.

Password Storage:

  • Password Safe – FOC
  • Tickett Password Manager *Updated 06/06/18- we have now built our own in-house password manager which we hope to market in the future*

We are actively looking for a new web based tool which will provide a better audit trail but not break the bank.


  • Tel2 – £180/year

We subscribe to the Cloud 10 plan which includes 2 local numbers, 5 sip trunks for simultaneous calls, 1100 minutes (including a large number of overseas) and unlimited extensions (as well as the usual voicemail, diversion, conferencing, hunt groups, etc).

We normally use an additional £5 outside of our plan for mobile/premium rate calls.

A great service, easily configured on our Cisco/Linksys handsets.

Windows (Web) Application Development:

  • Visual Studio 2017 Community Edition – FOC
  • Android Development Studio – FOC

We have recently moved to VS2017 Community Edition and have only found a few smaller missing features from the Pro/Ultimate edition (i.e. intellitrace, code maps and references). Time will tell whether we move back to the paid for edition.

We are newer to Android/Java development. Android Studio seems to be a bit of a resource-hog/drain and getting virtual machines/emulators working seems incredibly temperamental – time will tell with this one.


  • RedGate SQL Monitor – £185/server/year
  • NetXMS – FOC

We chose NetXMS as it allows Microsoft SQL Server to be used as the database back-end, which means we can easily pull data onto our dashboard and reports.

Remote Assistance:

  • ScreenConnect – £315/year (at current exchange rate… actual fee is $420/year)

After looking at GotoMeeting, Webex, JoinMe and several others, we chose ScreenConnect (I think it mainly came down to pricing when used with multiple users). The only feature it seems to lack is a telephone conferencing facility.

Cost Summary

I have only quoted ongoing costs/license fees, not purchase prices or one-off fees. To recap, for ten users – we’re roughly looking at;

£ 456.00 – Office 365 – £45.60/user/year
£ 590.00 – RedGate SQL Source Control – £59/user/year
£ 316.80 – Xero – £316.80/year
£ 860.00 – Solarwinds WebHelpDesk – £86/user/year
£ 60.00 – Timetastic – £6/user/year
£ 600.00 – Amazon Web Services (AWS) – Roughly £600/year
£ 620.88 – XLN – £620.88/year
£ 600.00 – Virgin Media Business – £600/year
£ 180.00 – Tel2 – £180/year
£ 185.00 – RedGate SQL Monitor – £185/server/year
£ 315.00 – ScreenConnect – £315/year (at current exchange rate… actual fee is $420/year)
£3,923.68 – Total

I suspect I have missed a few too, but I will aim to update with more comments around the products/services/costs, etc.

Office 365 Hosted Sharepoint

Hopefully a quick post…

My company is currently in the process of trying to document everything that’s currently stored in our heads. Initially we were using our helpdesk/ticketing software but decided, in some instances we would like to give our clients access to the documentation which relates to their organisation.

I use mediawiki for some other information sharing, but from what i’ve read, it isn’t really meant for this type of “role” driven access control and trying to use it in that way will ultimately end in failure. I don’t like “documents” (microsoft word etc) so really wanted to stick with a “wiki” style solution. I recall using Sharepoint on client sites historically and remember it handling this scenario pretty well- as we already have an Office 365 subscription it seemed a sensible avenue to explore.

Initial research had me concerned about the ability to share outside of our organisation (needing to purchase a license for every account that should be able to login)- but subsequently it turns out you can either;

-Create users without actually assigning licenses
-Grant access to anyone using their e-mail address (it will need to be linked to a microsoft account, but there is no charge and many already are)

So we have set our creating the Sharepoint sites and it’s coming together really well, but one thing was bothering me… When we login we are presented with a list of “sites”;

Screen Shot 2014-08-29 at 19.54.57

-“New Public Site”: http://tickett-public.sharepoint.com
-“Public Site”: http://tickett.sharepoint.com
-“Team Site”: http://tickett.sharepoint.com/TeamSite

If you clicked either of the first two links, hopefully you were redirected to http://tickett.net? But this wasn’t easy and I was pretty confused why I had two public URLs/sites and how could I edit them!

The “New Pubic Site” looked like;


And the “Public Site” like;


A bit of googling and I found a reasonable explanation of why I have two sites… Microsoft went through an upgrade at some point in time and to avoid breaking Sharepoint sites they kept all of the old ones and created new ones to site alongside.

As I already have a website I decided I don’t really need either of these so ideally would just like to redirect visitors to my existing site for now.

After a lot of poking around I somehow managed to get to the “New Public Site” in “edit mode” and add a little javascript to redirect visitors to our existing stie;


After adding the code I was successfully redirected when I visited the site but anyone not logged in was not. So… armed with a handful of questions I decided it was time to raise a support ticket. Very quickly the phone ran and a technician was on the case;

#1- How do I edit the “New Public Site”

It didn’t take many minutes before I was informed that simply adding /_layouts/viewlsts.aspx after to the URL would take me to the “admin area” where I could manage the site. Easy… but surely there must be an easier way than typing the URL?

If you refer back to my earlier screenshot you’ll notice a “manage” link. Clicking this allows you to modify the links to the “New Public Site”, “Public Site” and “TeamSite”. Adding the suffix to the URL made sense so now when I login clicking on the site will take me to “edit mode” rather than “view”;

Screen Shot 2014-08-29 at 20.00.03

Well done Microsoft :)

#2- Why is the redirect only working for me?

Once #1 was solved and I was back in to “edit mode” the Microsoft engineer was very quick to pickup on the fact that my change was in draft;

Screen Shot 2014-08-29 at 20.04.04


Clicking the … (three dots / ellipsis) displays a menu, clicking the … (three dots / ellipsis) brings out another menu which gives the “Publish a Major Version” option and upon clicking this my change was live and everyone hitting the site was now getting redirected.

Well done Microsoft :)

#3- How do I edit the “Public Site”

So far Microsoft had done pretty well, but really struggled with this one. We have still yet to find a way to edit the site via a web interface.

Eventually, they suggested trying Sharepoint Designer. I’ve not used this before, but since installing have found it to be a pretty good alternative to the web UI. Unfortunately when I tried to open the site I got stuck at the login stage- it appears that Sharepoint Designer doesn’t support federated login (my Office365 logins are authenticated using my on-premise ADFS server). Doh!

But… there was hope… we “shared” the site through the web interface with my personal @gmail address (which is linked to a microsoft account) and I was successfully able to login to Sharepoint Designer- nearly there!

Next problem… the sites doesn’t appear to exist;

Screen Shot 2014-08-29 at 20.29.42


Determination and a lot more poking around eventually took us to a link on the front page “Edit site home page”;

Screen Shot 2014-08-29 at 20.53.53

Which threw yet another error, “This page does not contain any regions that you have permission to edit.”. But navigating back a few steps to “Website -> Web Pages” I was able to right click, open with, notepad;

Screen Shot 2014-08-29 at 20.55.47

And add in my script;

Screen Shot 2014-08-29 at 20.57.22 1

So far, so good.

Despite it being a little bit “trial and error”, with Microsoft’s help, we did get there in the end, and very soon after I first raised the support ticket- good job!

I recently dropped my web hosting provider in favour of hosting my site at home (I already have the server infrastructure, and now I have a fairly reliable 80/20 internet service). However, I was not yet ready to host my own nameserver / DNS. So I went hunting for a free service. It took some time but eventually I found http://www.geoscaling.com

I got my A records, CNAME records and MX record configured with ease but couldn’t quite figure out the SRV records (I was trying to enter the port into the ttl/priority boxes, which looked ok in the records table but didn’t seem to function properly). I was able to check using NSLOOKUP.

Open a command prompt and type

set type=all

You should then see an answer as below:

If the SRV record isn’t configured correctly you will see a message: Non-existent domain as above.

Here is a screenshot of how you correctly enter the SRV record in the geoscaling web interface:

b797b185 c953 4bca a5aa 76b572ebbe17

fd7920c2 8599 4bf7 9d87 aa007925b548

872d86ce c5db 441d 9c22 e006e0ab498a

Office 365

I was previously using 4Smartphone to provide my hosted exchange server but read an article about Microsoft’s oferring: Microsoft Office 365, so thought i best take a look!

I have been trialling the product for just under a month and have decided to purchase a license! In short- Office365 encompasses a lot more than just hosted exchange (lync/ocs, sharepoint etc) and the cost is less than 4Smartphone (£4/month vs. $11.95/month).

The mailbox migration was really straightforward: I simply exported a .pst file using Outlook 2010 (connected to 4Smartphone) then imported the same .pst file in Outlook 2010 whilst connected to Office365.

Lync (what used to be OCS) seems to work well and allows federation with other companies, hosted or otherwise.

Give it a try!


%d bloggers like this: