How to fix 550 5.7.520 Access denied, Your organization does not allow external forwarding.

If our organization controls two office365 tenants, at some point we may wish to enable forwarding of email from an address hosted in one of our tenants to an address hosted in another. When we enable the forward in O365 Exchange Admin, the end user may complain that every time they try to send a message to see if it is forwarded, they receive the following bounce back message:

Remote Server returned '550 5.7.520 Access denied, Your organization does not allow external forwarding. Please contact your administrator for further assistance. AS(7555)'

By default, Microsoft 365 Defender sets up an Anti-Spam outbound policy. And the policy default sets Automatic Forwarding to “Automatic: System Controlled.” Since we do not want to modify this default policy, instead we can create a policy (with a higher priority) that defines certain users or groups to allow forwarding.

  1. Go to www.office.com and log into the tenant which hosts the email address that we want to forward mail from. (do not log into the destination email address tenant)
  2. Open the Admin Center
  3. Next, click Show All (admin centers) and then click Security.

5. Next, in the Security / Microsoft 365 Defender Admin Center, under Email & Collaboration, click on Policies & rules.

6. Here, click on Threat Policies

7. Under Threat policies, click Anti-Spam.

8. Under the Default Anti-Spam outbound policy (Default) we will probably find Automatic Forwarding is set to Automatic – System-Controlled

9. Close the Default Policy and then at the top of the screen click the + Create Policy drop-down and choose Outbound

10. In the new Outbound policy, edit the description to something like “Custom Outbound Mail Forward“, and add the Users or Groups to the policy (whom you want to give the ability to forward.)

11. At the bottom of the new custom policy change Automatic Forwarding to: On – Forwarding is enabled

12. Save and close the new policy and that should do it. Try sending some test messages to see if the forward works correctly. We may need to change the new policy’s Priority to 0 if something still isn’t working. Also, don’t forget to double check the Automatic Forwarding on the mailbox itself.

New World – How to Find Parsley to Craft Exotic Herb Supplies

We may get a quest to Craft Exotic Herb Supplies from a Town Board quest or from an NPC. When looking for Exotic Herbs such as Parsley, the herbs will not have a different look than other herbs, instead they will be purple and labeled “Herbs” when harvesting. They look similar to Lavender IRL.

When harvesting the Parsley from Herbs, we have about a 1-in-10 chance of finding a Parsley. Often times, in addition to obtaining Parsley, we’ll also harvest Peppercorns, Hyssop and Cinnamon.

Where to Find Parsley in New World

So finding Parsley is easy enough if we know where to look and what it looks like. In this case, Parsley is found in the far South West of the map, in tropical Cutlass Keys. I found the most near BALMY VELDT and HAUNTED ISLE.

Getting there, expect to encounter Tropical Boars, and Crocodiles. I am level 33 at the moment and the enemies are up to level 35. Try to stick to the roads and if too many mobs are after you, it’s best to run and dodge!

I hope this guide helps you find Exotic Herbs in New World.

New World Briar Branches – what they look like and where to find them

New World Briar

When trying to complete the Windsward Hamlet Barkeep’s No Confidence Stew quest, we need to find Briar Branches.

You can find Briar Branches near rivers and lakes. They are brown thorny bushes with green leaves, and will display “Briar” when looking at them. I found them near a lake just South West of Windsward Hamlet.

New World – How to Find Sporebloom Fruit to craft Common Health Potion

So there is a quest named “Alchemists Needed” in WindsWard Hamlet. The mission is to Acquire Common Health Potion. In order to complete this mission, one of the ingredients for the potion is named Sporebloom Fruit. Searching resource maps online didn’t help so I basically ran around along all the rivers in the area and collected all types of plants. I was then able to craft the Common Health Potion. At this point I found that we can click on the Recipe ingredient titled:
Tier 2 Medicinal Reagents (PRIMARY)

Under this recipe item I finally found all of the ingredients that make up Sporebloom Fruit. 1. Click on the Common Health Potion 2. Click on the Tier 2 Medicinal Reagents (PRIMARY) 0/1 Sporebloom Fruit menu:

3. Now uncheck / clear the box that says Owned Items:

4. Hover your mouse over each ingredient. Now we can see what the (Primary) ingredient constitutes, and they are:

  • Sporebloom Fruit (Sporebloom Fungus)
  • Glowing Mushroom Cap (Any Fungi)
  • Gillflower Gills (Gillflower Fungus)
  • Platecap Flesh (Platecap Fungus)
  • Lifebloom Stem (Lifebloom Plant)

How to upload Office365 user Contact Information with Powershell and csv file

If you have employees who change phone extensions, names, departments, address, or titles a lot, HR or management may want to have this contact information data updated in Office365. Oftentimes these little changes can add up and we want to make a lot of changes in bulk with a single command. Instead of updating manually, we can make the changes to an Excel csv file and upload the changes all at once.

Ok in order to import/update the contact information for employees in the Office 365 tenant using a csv file and PowerShell, do the following:

Edit the attached CSV file with information that needs to be imported into O365. **Note: the UserPrincipleName and DisplayName columns are required.** FYI, screenshot below is how I exported the required data from O365 and copied the required columns into the attached file.

Export Users O365 Admin

Next, start a (hybrid) PowerShell session into your O365 tenant.

Run the following command, replacing the path in the script to the location of the .csv file on your computer.

Import-Csv "C:\Users\jcoltrin\Desktop\o365Users\contact_details_powershell_upload.csv" | foreach {Set-MsolUser -UserPrincipalName $_.UserPrincipalName -FirstName $_.FirstName -LastName $_.LastName -DisplayName $_.DisplayName -Title $_.Title -Department $_.Department -Office $_.Office -PhoneNumber $_.PhoneNumber -fax $_.fax -MobilePhone $_.MobilePhone -StreetAddress $_.StreetAddress -city $_.City -State $_.State -PostalCode $_.PostalCode -Country $_.Country

That’s it!

Solved – Microsoft Teams Start Recording Button Grayed Out

If your users report that the “Start Recording” button in Microsoft Teams is disabled and/or “greyed” out and/or “grayed out,” then perhaps recently the storage path for Teams to One Drive had changed, or there was a policy change or a tenant change occurred which caused the problem. Regardless, the following resolved the issue and fixed the grayed out problem for us. Special thanks to Ryu_Yosei for providing a solution here; below is the step-by-step.

For starters, this resolution’s time-to-fix is about 20 minutes. You’ll first want to start by opening a Microsoft Exchange Online Powershell Module as an Administrator, into the Tenant that is having the issue. If you’re unfamiliar with how to do this, follow the instructions in the first part of the procedure/guide here. One caveat, is that in order to import the required MicrosoftTeams module, we want to ensure that we start the Exchange Powershell session as an Administrator.

How to Run the Microsoft Exchange Online Powershell Module as Administrator

After installing the Hybrid Exchange Shell, we will probably have a desktop shortcut. Right-clicking on the shortcut doesn’t give us the usual “Run as an Administrator” option. Instead, we’ll want to first start a command ‘cmd’ prompt, run that as an administrator first, and then launch the Exchange Shell from within the command prompt.

  1. Click the Start Button and type cmd
  2. Right click on the Command Prompt app and choose Run as an Administrator

4. Next, inside the Administrator command prompt, issue the commands

cd c:\Users\Username\Desktop

5. Next start the Exchange module by running the command:

"Microsoft Exchange Online Powershell Module.appref-ms"
Start Exchange Powershell as Administrator

Now the Exchange Powershell session should open as an administrator and we can continue.

How to set Microsoft Teams Global Identity AllowCloudRecordingForCalls to $True

  1. Inside the Exchange Powershell session, we’ll authenticate to our tenant with our username (email address) and the following command:
Connect-EXOPSSession -UserPrincipalName [email protected]

You may be prompted to log into O365, and perform multi-factor authentication if necessary. Next, if we do not already have the Teams module installed, issue the commands:

Get-Module MicrosoftTeams
Install-Module MicrosoftTeams

We’ll see some information asking to allow to trust the repo, so type y for yes.

PS C:\Users\jcoltrin> Install-Module MicrosoftTeams

Untrusted repository
You are installing the modules from an untrusted repository. If you trust this repository, change its
InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from
'PSGallery'?
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "N"): y

Next we’ll want to connect to Microsoft Teams in our tenant with the command:

Connect-MicrosoftTeams

We’ll have the system return some information including our Account, Environment, Tenant, and TenantId. We can now check the status of our CsTeamsCallingPolicy with the command:

Get-CsTeamsCallingPolicy -Identity Global

In our case if we look at the entry for AllowCloudRecordingForCalls, we can see it is set to False:

Teams AllowCloudRecordingForCalls set to False

To change this to True, use the following command:

Set-CsTeamsCallingPolicy -Identity Global -AllowCloudRecordingForCalls $true

We can check to see if the command worked by issuing the previous command again:

Get-CsTeamsCallingPolicy -Identity Global

We can now see that AllowCloudRecordingForCalls is now set to True:

AllowCloudRecordingForCalls set to True

The setting should take place pretty much immediately across the tenant, however, users will still see the Start Recording button is disabled or grayed out until they completely Quit Teams and then restart the App again. To quit teams, in the bottom-right corner of the Windows primary desktop, down by the clock, expand the SysTray, right-click on the Teams icon and choose Quit.

How to Quit Microsoft Teams

Restart and/or Sign into Microsoft Teams again, start a test Call/Meeting with an associate, and check to see that Start Recording is now available and enabled.

Hopefully this guide helps restore your ability to record Teams calls. If something else worked for you, please leave a note in the comments below.

How to Sync a SharePoint Library to Windows File Explorer with OneDrive Files On-Demand

If your organization has been utilizing SharePoint’s “View in File Explorer” or “Open With Explorer” to map a drive to a SharePoint directory, you may have had problems opening SharePoint files in File Explorer, the connection between SharePoint and the File Explorer breaks, the Mapped Drive disconnects, or the connection is unreliable. Also, SharePoint can be a bit cumbersome when trying to work with files in the web-browser. The outdated SharePoint “View in File Explorer” feature was built with WebDav in the 90’s, and may use ActiveX controls, which is why it relies on Internet Explorer version 10 and/or 11 to run. You may recall we wrote about troubleshooting SharePoint’s “Open in File Explorer” here.

Microsoft’s preferred alternative to “View in File Explorer” is OneDrive Sync, and Files On Demand (FOD.) When we think of “Sync”, we probably think of the classic Windows “Offline Files” configured in the Control Panel’s Sync Center. However, OneDrive Sync is not the same as Offline Files.

OneDrive Sync utilizes the more modern technology, Files-on-Demand (FOD), which is configured in OneDrive Settings. Once configured, Files on Demand will only pull the index of all the files and folders in a SharePoint Library.

If desired, we can get the entire file/folder/data by right-clicking on the file or folder and choosing “Always keep on this device.” By default, if FOD is enabled, and we choose to Sync, we’ll only get an index of the SharePoint Library in the File Explorer (and we won’t sync the entire library and data contained there in.)

How to Enable Files On Demand and Sync a SharePoint Library

Before we Sync our SharePoint Library, make sure the OneDrive app is up to date and is running and logged in with the same credentials used to log into SharePoint online at www.office.com. Look for the blue or white cloud icon in the Systray (bottom right corner of your primary screen; near the clock,) then right-click, and click Settings.

OneDrive Settings

Next, in the Settings dialog box, near the bottom, place a check mark in the Files On-Demand / “Save space and download files as you use them” checkbox.

OneDrive Settings Files On-Demand

Next, open the Edge web browser and sign into www.office.com. Click on the SharePoint icon and then navigate to a Document Library that you would like to sync. Next, click the Sync button at the top of the Library:

OneDrive Sync

Normally we’ll see a couple pop-ups: Getting Ready to Sync, and You are Now Syncing:

Getting Ready to Sync dialog
OneDrive You are now syncing dialog

We’ll now have the SharePoint Library’s index built in our File Explorer with the files now having a status of either “Cloud Icon” or “Green Check Mark” next to each folder/file. As the Sync runs, we can check the Sync status by right-clicking on the OneDrive icon in the Systray.

If you attempt to sync a library that already has a shortcut pointing to that library from within the user’s OneDrive folder, you may get an error:

Sorry, we can’t sync this folder – You’ve already syncing a shortcut to a folder from this shared library.

OneDrive Sharpoint Sync Error

So what the error means is just that. Look in the user’s OneDrive folder in the file explorer and look for a folder/file that has a link icon (screenshot below). Special thanks to Hans Bender blog for pointing this out: https://hansbrender.com/2020/10/07/onedrive-for-business-add-to-onedrive-problems/

OneDrive Shortcut to Library

The icon will appear to have a link, so right-click on the folder that’s pointing to the Library you’re trying to Sync, and choose remove shortcut. Now we should be able to Sync the library.

If we want to have the file in SharePoint downloaded completely to our computer, right-click and choose “Always keep on this device.”

We probably do not want “Always keep on Device” for the entire Folder/Library, as it will eat up our entire hard drive.

Always keep on this device OneDrive Sync

If a file or folder is inadvertently kept on our device, we can right-click and instead choose “Free up space” on the file (greyed-out in the screenshot above.)

Take note in the screenshot above, the newly-synced Shared Library is not directly under OneDrive in the left navigation pane of the File Explorer, instead, it is listed separately below it and has a different “building” type icon.

So now we can use Word and Excel apps to browse our local computer for files that are synced with SharePoint without having to use the old “Open/View in File Explorer” method.

For example, if we want to open a SharePoint file inside Excel, we click the File menu > Open > Browse > Organization / Library > File.xlsx > Open

Open SharePoint Library Files in Excel

Once we have made our changes and click Save, we’ll see a green checkmark under the Status column inside the File Explorer.

Excel File SharePoint Sync Status

We hope that if you’ve experienced difficulty opening SharePoint files in the Windows 10 File explorer, this procedure and OneDrive Sync will provide a more stable and fluid means of browsing SharePoint files in the File Explorer.

How to set up an Auto Responder or Automatic Replies for an Alias in O365 Exchange

When you manage a large amount of Exchange mailboxes, inevitably someone will leave the organization, and you have to setup autoreplies with a message stating the user is no longer available by email. Common sense dictates we will setup a [email protected] mailbox and add the terminated users as alias’ to that mailbox, but not so fast. After a few days of testing and working with support, we’ve found that setting up a shared mailbox with autoreplies enabled with the terminated user’s unique email address/alias, provides the most consistent results.

We’re not going to go through the myriad of possible scenarios about what your org does with a mailbox after a user leaves. Instead, we’ll assume the mailbox is now deleted, and forwarding of mail bound for that mailbox is no longer necessary. To be on the safe side, ensure you back up the mailbox in some way before deleting the mail.

When testing auto replies, you may want to use the Exchange Message Tracker to see the messages come in and go out. To get there, go to O365 Admin > Exchange > Mail Flow > Message Trace.

A good thing to note here is that while performing a message trace, when sending test messages to the newly created shared mailbox with Automatic Replies enabled from within the same tenant or domain, auto reply messages may Drop with the following error:

Date/Time DropReason: [{LED=250 2.1.5 RESOLVER.OOF.ExtToInt; handled external OOF addressed to internal recipient};{MSG=};{FQDN=};{IP=};{LRT=}]

This Drop message is actually an intended action, and is not an error, as it is probably used to prevent a loop of autoreplies within the same tenant.

Getting back to our original issue, to generate autoreplies, we first tried to setup a “[email protected]” shared mailbox and add terminated user’s email addresses as aliases to the noreply box, but we got inconsistent results. Instead, we did the following.

How to Setup Automatic Replies for a Terminated User Mailbox

  • Create a shared mailbox with the terminated user’s email address. To do this go to 365 Admin Center > Groups > Shared mailboxes > Add a shared mailbox > Give the shared mailbox a name like “JDoe Term AutoReply” > Give the shared mailbox the (previously/actually used) email address of the terminated user. This does not use a mailbox license thereby freeing up a license. Alternatively, you can try simply converting the terminated user’s mailbox to a shared mailbox, but we had an inconsistent result doing this.
  • Next, simply click on the details of the shared mailbox, and under Automatic replies, click the Edit link:

Next place Checkmarks in both “Send automatic replies to senders inside this organization” and “Send automatic replies to senders outside this organization”

Add a reply blurb which can be something similar to the following:

The Representative you are trying to contact is no longer affiliated with this Corporation. You will be receiving communication with more information pertaining to the transition of the Representative on your account. If you have an urgent matter and would like to speak with someone, please call our Service Center at 800-555-5555 between the hours of 6am-5pm (PST).

Click “Save” at the bottom and you should be all set.

If you want to test, you can try sending an email from an account outside your organization. *Note – when we sent a test message from gmail, the autoreply ended up going into the gmail account’s spam folder.

If further errors are encountered, you may need to look at your spam/external forwarding policies in your mail filtering site at https://protection.office.com/antispam or reach out to MS Support.

Solved – cannot open www.office.com with Internet Explorer – SharePoint Online redirects to Edge

So recently Windows 10 has enabled a security feature that redirects certain websites like www.office.com to the Edge browser. If you need to get into a website using Internet Explorer, for now the workaround is to disable the Edge redirect setting inside the Edge browser settings.

If you use SharePoint online a lot you have probably found that Open in File Explorer is a convenient way to manage your SharePoint files and libraries in Windows 10. You’ve also probably found that in order to view the SharePoint files in the Windows 10 File Explorer, you first need to open Internet Explorer, then open the SharePoint library, find the link Return to Classic SharePoint in the bottom left corner of the SharePoint library page, and then click on the Open in File Explorer link inside Classic Mode. Details on how to troubleshoot opening SharePoint files in File Explorer can be found here. If you want an alternative way to browse SharePoint files in Windows 10 File Explorer using Edge, please go here.

If you want to know how to disable or remove the IE to Edge redirect, use the following instructions:

Start by opening the Edge browser.

In Edge, click on the ellipsis menu in the upper-right corner, and then click Settings. Or in the address bar at the top of Edge, type edge://settings/defaultbrowser and press Enter.

Edge Browser Settings

Next, inside the Edge Settings page, on the left side menu, click Default browser.

Change the setting “Let Internet Explorer open sites in Microsoft Edge” to Never.

Edge Default Browser Let Internet Explorer open sites in Microsoft Edge

That should do it!

Close the Settings Tab/Edge browser. Close and then open Internet Explorer browser. Go to www.office.com in IE and it should let you in.