If you’re working remote with just a laptop, or
a laptop and a small 2nd monitor, the desktop gets pretty cramped
for a sysadmin. One way to mitigate the pain is to use your OS’s virtual
desktops functionality.
Here’s links to guides for Windows, Ubuntu, and MacOS on how to get started with them for your OS. Using Windows as the example, you just press Win-Tab and click the plus sign at the top for New Desktop.
Then drag existing windows on to it, and now they’re on a separate screen. To quickly move between virtual desktops, you can use the CTRL-WIN-left/right arrows.
Once you get in a habit of using them, it’s great for keeping multiple small applications visible on a whole desktop, or multiple full screen apps on their own window that you don’t have to constantly minimize/maximize. You can use Win-Tab (or the Task View button next to the Cortana button on your taskbar) to mass organize things or rearrange, and your Taskbar will reflect what items are open on that particular Desktop.
Alerts and notifications will still appear, even if you’re on a different virtual desktop, and interacting with the notification will teleport you to the relevant desktop.
One gripe with the Windows Virtual desktops is that there’s no easy way to move between desktops without taking your hand off the mouse. You can use the buttons on the side of your mouse (if your mouse has them) to switch desktops if you have the buttons on the side. If your mouse software doesn’t support the windows key combos check out X-Button Mouse Control. Set the buttons to generic and tell X-BMC to change it to the virtual desktop switches.
In order to display an application on all virtual desktops, do Win+Tab, then Right click the Chrome window you want Show window on all desktops.
One thing to note is if you have an AWS Workspace desktop open inside of a virtual desktop, it’s best to have the workspaces desktop in the far-left/primary desktop.
When working remotely in RDP, and you have multiple monitors, and you remote into a machine with multiple monitors, when you open the Remote Desktop client, click the Show Options button then under the display tab, ‘select use all my monitors’ for the remote session.
A user complained that valid good email was being sent to the Junk email folder on outlook on the web. To get to the setting, click on the Gear Icon > View all outlook settings > Junk Email. Attempts to uncheck “Only trust email from addresses in my safe senders and domains list and safe mailing lists.” were unsuccessful and we cannot save the setting.
In the event our Ubuntu server has an incorrect time, a clock that is offset may prevent users from logging in, or for example, synchronizing databases. If OpenVPN is in use with 2FA and google authenticator, their login is dependent on the time of the server being correct . We want to ensure our end users can log into the server or OpenVPN successfully. Let’s start by viewing the clock on our server, and then synchronize the clock with an internet-based time service.
First issue the command:
date
If we compare this time with an accurate clock, such as a cell phone, we may see this time is no accurate. The date display in the above screenshot shows the Day, Date, Hours, Minutes, Seconds, TimeZone and Year.
Let’s check to see if our clock is set to be synchronized. Do this by issuing the command:
timedatectl status
Here we see that our “NTP synchronized: no” status indicates our Network Time Protocol synchronization is turned off.
In order to get our clock synchronized and change it to NTP synchronized: yes, we need to do the following.
Stop the ntp service
Sync the time using ntpd with the -g and -q switches (allows the time to be set without restriction)
Start the ntp service
We can do this by issuing the commands:
Sudo service ntp stop
Sudo ntpd -gq
This will produce something like the following output:
In this output we can see that our time was offset and adjusted by -49.77 seconds.
Next let’s start the ntp service again with the command:
Sudo service ntp start
Lastly we can confirm that our time is set correctly and that NTP synchronized: is now set to yes with the command:
timedatectl
That should do it! Try issuing the command date again and compare it to an accurate clock. Check to see that your OpenVPN users can log in. If they continue to have issues, check out the article on Troubleshooting OpenVPN
When
trying to install Microsoft Visio or Publisher with a Volume License MAK
license key alongside Office 365 Pro Plus, the Visio .iso installer may give
the error: “this version of O365 does not get along with the Installer, or you
cannot install 32bit with 64bit”. You may even have tried uninstalling the 32
bit version of Office, install the 64 bit version, only to receive the same
exact message. You may find installing 64 bit Visio Volume License with 64 bit
Office 2016 Pro Plus doesn’t work, nor does 32 bit with 32 bit, nor 64 bit with
32 bit. It can be frustrating.
The problem is that Microsoft has moved away from mixing the Volume License .iso installations (downloaded from the Volume Licensing website here: https://www.microsoft.com/Licensing/servicecenter/default.aspx ) – on the same computer with the “Click to Run” versions of Office you typically download from within Office 365 online. Instead, to get around the issue, you need to use the Office Deployment Tool. This will allow you build a build a package you’ll run from the command prompt to install for example, Visio or Publisher, on the same computer as Office 365 Pro Plus Click to Run. The configuration and setup is not all too difficult and we’ve documented the installation instructions below.
*NOTE: While I’ve found Visio .ISO/MAK can be happy with CTR, and although I have gotten it to work in a few instances, I wholeheartedly recommend to bite the bullet and use O365 Visio monthly licensing alongside the O365 Click-to-Run suite. It’s orders of magnitude easier to deploy Visio with O365 than to mix CTR with ISO’s/MAKs! It will save you worlds of frustration when someone moves to a new PC, or MAK licensing changes. Instead, go to Office365 licensing, purchase a Visio license, and assign it to a user. Any money saved by mixing MAK licensing with click to run, in my opinion is not worth the headache. That being said, a lot of the instructions below are relevant to a sysadmin’s job, and you should be familiar with how the deployment tools and office ‘configurator’ works, so read on.
The first thing we need to do is download the Office deployment tool from the following site:
Run the .exe you downloaded, accept the license terms, and extract the tool to a new folder you create named c:\admin\ODT
Click OK
Next, let’s switch gears and configure and run the online XML generator tool to build the XML file which we’ll need to configure the tool we just downloaded and extracted above.
At this website you can log into your office account (Recommended), or alternatively choose to continue without signing in:
In our example we’ll create the file by logging in first by clicking “Sign in.”
Once logged in, click on Customization > Device Configuration > +Create.
You’ll notice in the screenshot above we’ve already created a customization file which installs the 64 Bit version of Office Click to Run along with Visio 2016 Standard Volume license. We can download ImageFileNamethis configuration file again at a later date if we lose our .xml file.
In this example, we’ll create a customized file that pairs and combines installations of 32bit Office 365 Pro Plus with Visio Standard 2016 Volume License.
Click on the + Create button.
We first give the configuration a title, something like:
32-Office365CTR_and_Visio2016-32-VL_Key
Our configuration will be setup something similar to the following:
Take note that Office365 has different versions, and you click the “Learn More” link to decide which version to install or accept the default “Latest”. You might want to install the version that all of your other deployed Office365 versions are using. If you choose “Latest” you’ll most likely get a newer version of Office365 installed than everyone else. As a reference, I’ve copied one of the version tables below:
Also take a look at the primary language, and any other Office Suite apps you don’t want installed. It’s worth it to click through each heading to see what’s inside.
Next, we need to provide our Visio Standard 2016 volume license key. Do this by first logging into the Microsoft Volume Licensing Center here: https://www.microsoft.com/Licensing/servicecenter/default.aspx , find your product, your version, expand the license keys, and copy the license key into the Office Customization Tool under the heading Licensing and Activation > Product Key > Multiple Activation Key:
Finish by clicking Done in the upper right-hand corner.
Next, place a check next to the configuration file we’ve just created and click Download:
Once you’ve downloaded the .xml file, copy it into the c:\admin\ODT folder.
Open the command prompt on the computer onto which we’ll be installing Office 365 and Visio.
Change directory to c:\admin\ODT with the command:
cd c:\admin\ODT
Run the setup.exe tool from the command Prompt first with the /download switch, followed by the name of your .xml configuration file (use tab to auto-complete the long file name.) For example the filename would look like:
setup.exe /download configurationFileName.xml
The download will be “silent” – it will take about 10 minutes to download the installer to the c:\admin\ODT\Office folder.
Once the download completes, the cmd prompt will be waiting for input again. Next run the setup.exe, except this time, with the /configure switch (again, reference your .xml file.) The /configure switch will process and install your applications as demonstrated in the following screenshot. For example the command would look like the following:
setup.exe /configure ConfigurationFileName.xml
When it finishes both the click to run Office365 will be installed as well as the Visio Volume License MAK version.
We’re done! Now if we need to do another install on a different computer of our Office365+Visio, we can copy the deployment tool and the .xml file to the computer and run the command prompt installer again.
Thanks for all your support. Some of you may have noticed a little downtime. I invested a little professional expertise in the site and you should now see better performance and more site reliability and uptime. Special thanks to Gregory Morozov at upwork.com who quickly identified and resolved the following issues:
Convert PHP to php-fpm – for many reasons, but one is control over max php processes (I’ll use: service php7.2-fpm restart – if I need to restart php.)
Relaxed Wordfence triggers so users don’t get denied access
Dropped memory usage from 700+MB to 400MB
Fixed invalid Repos, other updates and maintenance.
We’ll monitor the site usage into the beginning of next week to see if we need to add more memory to the instance.
Say you have a Windows 7 or Windows 10 PC that has Sophos installed on it, but you cannot find the device in the management console in order to disable tamper protection. You want to uninstall Sophos because it is out of date or cannot communicate with the Sophos cloud. However, when you search for the device name in the console, it isn’t listed with the current computer name. The device was probably renamed several times. So how do you remove or uninstall Sophos without disabling tamper protection? My best advice is don’t try to uninstall the client without first disabling tamper protection.
In many instances, the Sophos client is out of date and cannot communicate with “Management Communication”. In the bottom-right corner of the Sophos client, you can click on “About”.
Here we can find the “Run Diagnostic Tool”. After running the tool you may find some errors such as the following: Last Communication – Failed with error ‘504 Gateway Time-out’ at 08:40:48 Jun 28, 2019 (UTC-07:00)
Reading the knowledge base articles about this and attempting to restart MCS Client services etc didn’t work for me. Instead, we need to find the identifier for the device so that we can get to the device page and obtain the Tamper Protection Password. To do this, on the computer with the bad installation of Sophos, open the File Explorer and go to:
C:\programdata\sophos\management communication system\endpoint\persist\
Inside this directory we will want to open the file named EndpointIdentity.txt
Copy the string of letters and numbers into your clipboard.
Next, log into your Sophos Cloud Console at https://cloud.sophos.com/manage/login then go to Overview > Devices. Click on any existing device and you’ll be directed to the page of that identity. At the top of the page, replace the identity string of the device you copied from the EndpointIdentity.txt file into the URL of the sample device, then hit Enter.
You should now be directed to the page with the correct device identity and password to disable Tamper Protection.
*If this article helped you please click on an ad to help pay for hosting and new content. 🙂
So for the past 12 months or so I’ve tried my hand had trading options on Robinhood and TD Ameritrade, and I want to pass on what I’ve learned so perhaps someone new to options can get a head start. *Disclaimer: I’m in no way endorsing or advocating trading options. What you do with your money and your trades has no association with the information presented here. By reading this information you’re agreeing that you hold harmless and no liability to myself, my employer or this website. If that scares you, please click here. In all my trades, I’ve only made a little bit of money with a total amount of trade money equaling under $1000. *update 1/30/21* I’ve now made more than a little money 🙂 Starting in April of last year I funded $2500 into my TD Ameritrade account. Using the principles I have below, AND A LOT OF LUCK, my account has grown to around $17k. This was done with a combination of stocks and options purchases. This may not happen to you, and I’m not saying it will, this post is merely for advice and informational purposes. As you can see, I didn’t become a millionaire in a month. If that’s what you want, head on over to wallstreetbets with your 50k to blow. But I did earn enough for a pretty nice used car or family vacation…
Before you get started, it’s important to know that trading options are essentially gambling; it’s almost pure speculation on whether or not the market or stock will go up or down and your bets will pan out. I say almost because there are traders out there who make a consistent living doing options trading. This article is not for those who already know the in’s and out’s of options trading or are looking for information about advanced options trading strategies (spreads etc). But back to gambling… if you have a tendency to let emotions get control of you if you win or lose, or if you’ll hurt yourself or your family because one of your trades goes the wrong way, then stay out of options trading. I won’t go into all the other investment vehicles you can use to safeguard your money for retirement, and at a bare minimum, don’t even think of trading options if you don’t first have an emergency fund of several thousand dollars.
I work for a brokerage, and I’m in no way endorsing trading of options as a retirement vehicle. If you trade options, you may lose everything you have in your bank in one week if you’re not careful. Trading options can be stressful and painful when things don’t go your way. You really do have to watch your puts and calls pretty much every minute of the day while your trades are active. But on the flip side, if you are frugal and learn as much as you can, trading options can be a nice way to generate money quickly without too much physical work. Options trading really is just for “play” money; I advocate putting 99% of your money into a Roth IRA or 401K.
Now onto the eighteen things I’ve learned trading options. I, myself, read my list EVERY TIME I’M ABOUT TO PUT IN AN OPTIONS ORDER. I’ve probably canceled a dozen trades after I’ve read my own list just because I’ve let emotions get hold of me and this list brings me back to reality. This list isn’t necessarily in order of importance.
Limit your losses (always) – Decide how much your bottom limit is and stick to it. If I ever let another option expire worthlessly, I’m worthless. It’s my money. Always keep enough in the brokerage account to at least place a couple more orders. When you have to add money to your brokerage account from savings to keep trading, you’re losing.
Don’t buy options for smaller companies, stocks, or obscure ETFs based on hunches or charts. Smaller stocks sometimes don’t have the volumes and there will be no one around to buy your Out-of-the-Money option if the market is heading the wrong direction. They often have fewer price points and options in the option chains.
If you win (your option hits its price target), you’ll probably be up a good amount, so sell when the trend is favorable. You’ll never know what will happen in the next few hours or days. DISCIPLINE! Some news might hit, the president will tweet about China, or a scandal could erupt, and everything goes down or vice-versa.
You’ll never time the sale of an In-the-money option exactly at the peak price of the day so it’s ok to sell after it’s coming down from the intra-day high. Better to make some money on the drop from the high than to wait for it to get back to the peak.
It’s ok to sell for a $5, $10, or $20 profit if you’re In The Money and not feeling it and the trend changes or news hits.
The whole reason you’re doing this is to make money whether or not the market is Rising or Falling. Don’t get emotional about what you want to happen to the market or company. Only go by the numbers and make money off of the trend, whether it’s a Call or a Put.
Don’t let an option ride overnight especially if your option is expiring soon. After-market trading is a good way to lose a lot of money real quick once the market opens. You need your sleep and you don’t like to wake up early. This is not set in stone because you could be betting on a piece of big after-hours news or earnings. Also, if you have more money, you can purchase more expensive options that expire in a few months, which is absolutely better than buying a weekly that expires in a few days. This takes the ease off of after-hours fluctuations.
Sometimes stocks are so beaten up, some more bad news just clears the way for a rally because there isn’t any reason to punish the stock further.
Same with good news, a stock could be so bid-up that more good news essentially causes a ceiling and there is no reason for it to go up more because it is already so priced for perfection so it goes down.
In a bad market, bulls want red openings and bears want green openings. In a bad market, bulls will buy low right? And in a bad market bears will fade a gap (short).
Keep a good positive mindset and just keep hitting singles for $20, $30, $50, whatever, and keep the loser mentality away.
It sucks you can only do 4 same-day trades in 5 days (with Robinhood,) but don’t allow that fact make you ride an option longer than its value. Theta will steal your money anyway so stick to day trades with options. If you have a long-term bet then buy the actual stock, or buy an expensive option that expires in a few months/year.
Implied Volatility (IV) – when looking to buy an option, look at the Implied Volatility. If it is something high like 91%, then you can probably expect to see the value of your options (most likely) swing/drop 91% during the term of your option. Options are not the best vehicle during earnings. It’s best to sell and make any profit you can before earnings come out. I YOLO bought $375 worth of SBUX options on Thursday with IV of 91% which expired the next day (Friday.) The option made almost no money on Thursday, then favorable earnings came out that Thurs night. The stock jumped up a little in after-hours trading then went back down again. The next morning it dropped like a rock 91 %. I got out that morning and lost $300. Then later that day, like not even 2 hours later, the stock went back up to its previous close. See the chart below. I could have just held on through the IV and not lost as much, but it takes real guts to hold in that situation, which you don’t want to go through, believe me. Again, holding options through earnings is very risky unless it’s something like MSFT which beat it’s projected earnings by a lot and IV was low. Place your bet either prior to or after the earnings and then watch the market reaction. Because this option was expiring the same day, theta was going to quickly eat into its value even if I held during the rise after the sharp drop. IV I’m not entirely sure about, so comment if you know more about this below.
No “options guru tweet” nor r/wallstreetbets post will give you a winning trade every time. Trust your own instincts, gather as much information and news as you can, and find out what works for you, not someone else.
In general it’s better to buy “natural” monthly options with non-weekly strike dates. For some reason, the weeklies don’t tend to do as well.
In general, it’s better to buy an option with an expiration a few months out. Yes the option you’re buying on a Tuesday has better “YOLO” returns if it expires on Friday, but just the same, you have a bigger chance of losing everything very quickly. At least with an option a few months out, you can hold through a few dips without too much consequence, and then if a big pop occurs you can capitalize on it. Again, discipline. If you get a pop on an option, even if it expires in say, 2 months, cash out and bank the money. I’ve never regretted taking a big earnings pop and banking it. More often than not, the next couple days/weeks, the stock returns to it’s previous trend. The point is, you don’t know what the stock will do. Take your gains and get out. Then sit with your cash in your account, smile, take a breath, do your research again, and wait for the next opportunity.
TD Ameritrade is my broker of choice now, and although I’ve got a little money in Robinhood, it’s practices lately are forcing me to close my Robinhood account. FYI, you don’t have to sell your securities in Robinhood in order to put them in a different brokerage, you can transfer. There is a $75 fee associated with the transfer, so it may or may not make more sense to sell your securities and just pull the money out or the transfer may make more sense if there are tax ramifications.
Aside from Options, now that I have more cash in my account, I’ve done pretty well with “lots” of stocks. By “lots” I mean purchasing lower priced stocks in quantities of 100 shares. That way if the price goes up 1 point, I know I’ve made $100 on that stock that day. Just because they are shares, doesn’t mean I have to hold on to them for a longer period of time. There are better tax advantages when you hold on to a stock for at least one year, but I use the same principles above and sell and bank stock gains the same as I do options.
That’s it for now! I hope some of the information was valuable, and I wish you an exciting and profitable foray into the world of trading options.
Recently a client complained that an Office 365 account had sent out spam messages to a number of clients. Later, the suspect account which had been sending spam could no longer send or receive email. However upon first glance at the mailbox, sent messages were sitting in the sent items folder, and messages sent to the account in question were not receiving bounce-back failures, but the messages sent to the affected account were not in the inbox. After we changed the password to the account, and enabled 2FA on the account we could still not send and receive mail. Below are the steps used to resolve this particular issue. In short, a malicious inbox rule had been created and outbound messages had been blocked by Microsoft.
Log into the tenant’s Admin console with an Administrative account, and change the password of the affected account.
Log into the affected account as the user using the new password.
Click on the Gear icon and then under Your app settings, click Mail.
4. One in the Mail app Settings, go to Mail > Automatic Processing > Inbox and Sweep rules.
Here we can see a malicious rule had been created to mark all inbound mail as Read and move the message to the “RSS Subscriptions” folder:
5. Uncheck and turn off any malicious or invalid rules.
Also check for any new forwarding rules in Mail > Accounts > Forwarding:
6. When we look in our “RSS Subscriptions” folder we find some messages from Microsoft indicating the account has been blocked from sending mail because the account was flagged as sending spam:
Your message couldn't be delivered because you weren't recognized as a valid sender. The most common reason for this is that your email address is suspected of sending spam and it's no longer allowed to send messages outside of your organization. Contact your email admin for assistance.
Remote Server returned '550 5.1.8 Access denied, bad outbound sender. For more information please go to http://go.microsoft.com/fwlink/?LinkId=875724. S(9333) [DM5PR10MB1914.namprd10.prod.outlook.com]'
7. To resolve this issue, we’ll need to go into the Action Center. Log into the Admin console > Admin Centers > Exchange > Protection > Action Center
8. In the Action center, we’ll find an issue flagged regarding our hacked user account. Take action on the issue and after a while due to permission propagation, it may take up to 2 hours for the account to be re-enabled for sending mail again.
9. It might be a good idea to contact Microsoft Support if you continue to experience problems with a user account sending spam. Changing the password should prevent malicious access. Most like the account had been phished or the computer the user has was compromised by a virus/malware or spyware. It’s recommended that the account have two-factor authentication or multi-factor authentication enabled to prevent the account from being hacked again.
tag: outlook cannot send or receive email but sent mail is in sent items folder
When trying to setup and authenticate to an AWS Instance running OpenVPN, a user could not complete a new connection to OpenVPN after entering the initial un/pwd. They receive the error: Permission denied. This is after successfully setting up the OpenVPN client on Windows 10 and scanning an Authenticator code using Google Authenticator App on a Samsung S8 Active Android mobile phone running Android 8.0.0 ‘lollipop’. Ultimately the reason the user could not authenticate was their mobile phone’s time was off by about 3 minutes. Continue below to find additional information on how to troubleshoot this and other authentication issues with OpenVPN.
When troubleshooting OpenVPN login errors it’s a good idea to first try some of the following:
Unlock a Disabled or Locked account on OpenVPN Admin console
To check for the events related to a user lockout, first log into the Admin web console > Status > Log Reports. Here you will find the errors related to bad authentication and eventually an account lockout.
The errors you may find could be the following:
Google Authenticator Code is incorrect.
LOCKOUT: user temporarily locked out due to multiple authentication failures.
To unlock a user account (if using local authentication), Login to the Admin Web Console, Go to “General” under Authentication and change Authentication to “PAM”, Save Settings > Update Running Server > “Local” > Save Settings> Update Running Server.
This procedure should unlock disabled or locked user accounts on OpenVPN.
Reset A User Account on OpenVPN
To reset a user’s OpenVPN account:
Log in to the admin web console, click on User Permissions.
Find the username, place a checkmark in the Delete column, then Apply > Save. Next, re-create the account. Scroll to the bottom of the list, type the new user name: Eg. jcoltrin Save > update server
Go back find the username again in the list and hit Show:
Enter in the Local Password: (S3cr3tP@ssw0rd!) Save > Update
Check OpenVPN for Valid Concurrent License
In the admin web console, under the Configuration menu, click License. Check to ensure that your concurrent users have not reached or exceeded the limits of your licenses (under At a glance,) or that your licenses have not expired.
Use SSH to check the logs of the OpenVPN server and get the specific errors for an individual’s login problems.
After logging into the server using Putty/SSH, you can change directory to the scripts directory:
cd
/usr/local/openvpn_as/scripts/
and then issue the command ./authcli –user <username> –pass S3cr3tP@ssw0rd
./authcli --user jcoltrin --pass S3cr3tP@ssw0rd
This will produce something similar to the following information:
Result:
API METHOD: authenticate
AUTH_RETURN
status : COM_FAULT
reason : An error occurred while connecting: 13: Permission denied. (twisted.internet.error.ConnectError)
user : jcoltrin
Addtionally you can find more messages related to authentication failures in /var/log. You’ll find these messages in the latest log files:
openvpnas.log
openvpnas.log.1
Use your favorite editor (vi) to search through the logs
vi openvpnas.log
use the command / and then the username to search for that term and hit “n” to go to the next instance of your term, for example:
/jcoltrin > n > n
and then :q to quit.
Here are some typical error messages for my authentication errors:
2019-02-26
14:20:08-0800 [-] WEB OUT: '2019-02-26 14:20:08-0800
[UDSProxyQueryProtocol,client] Web login failed
(twisted.cred.error.UnauthorizedLogin)'
2019-02-26 14:21:30-0800 [-] WEB OUT: "2019-02-26 14:21:30-0800 [UDSProxyQueryProtocol,client] Web login authentication failed: {'status': 1, 'client_reason': 'LOCKOUT: user temporarily locked out due to multiple authentication failures', 'reason': 'LOCKOUT: user temporarily locked out due to multiple authentication failures', 'user': 'jcoltrin'}"
Make sure the phone with Google Authenticator has the correct time and set the phone to sync it’s clock with the network/carrier
As mentioned at the beginning of this article, what the original login issue came down to was the Android phone, on which the Google Authenticator was running, had it’s time off by about 3 minutes. To set and change the correct time on an Android Galaxy S8 Active, first, go to Settings > General Management > Date and Time > Set/Turn on Automatic Date and Time.
I’m not sure why the value for this phone had it’s time set to not have automatic sync with the network/carrier. This may have been due to a recent android update because I found this setting off on a couple phones in the office. Ensure the time on your server is accurate as well by issuing the bash/ssh command:
date
Your result should look like the following:
openvpnas@openvpnas2:/var/log$ date
Thu Feb 28 14:46:57 PST 2019
After having created a Resource Room in the Office365 Admin console (with an Enterprise E1 license,) you may find that meetings which are created in Outlook and which are sent, are not automatically processing and sending verification confirmations back to the person that created the event. Nor will new events populate the event in the new room’s Outlook calendar. In this case, there are a few things we can check to ensure the room behaves as intended.
First, after creating the room, ensure that you, as an admin, are set as an owner of the room. Under O365 > Admin Center > Rooms and Resources > place a checkmark next to the room in question. Ensure that Allow repeating meetings and Automatic Processing is On. Then, click on Edit Exchange Settings:
2. In this example, we don’t use booking delegates. In the Exchange Settings for the new resource room, make sure Booking requests are accepted automatically.
3. Edit the booking options, contact information, email address, and mailtip settings to your preferences and then click on Mailbox Delegation. Here, add yourself under Full Access so that we can go on to our next step.
4. Next, log into your own OWA admin Outlook online inbox. In Outlook, click your profile photo in the upper right corner and click “Open another mailbox.” Type the address of the room and open the webmail for the room.
5. Here you may see some emails of previous attempts to book events like the following with the error “Your calendar couldn’t be checked to see whether this event conflicts with other events.“:
6. This error lets us know that automatic processing is not working even though we have it set to “On” in our first step. Had the processing worked correctly, we wouldn’t even see this event email in the mailbox of the room in question.
7. In the upper right corner, click the Gear icon, then under Your app settings, click Calendar.
8. In the calendar resource scheduling settings, ensure that under the scheduling options, “Automatically process event invitations and cancellations” is checked, and then click Save.
9. In theory, these settings should be enough to get the calendar to auto process and verify, however, your results may vary. Test by creating a meeting event in outlook with the new room. When you send the meeting, you should receive a verification email in your inbox in less than a minute. If you don’t receive the verification, check the inbox of the calendar again. You’ll probably find more emails with the “Your calendar couldn’t be checked…” errors.
10. Time to open PowerShell and connect to your O365 Exchange. If you’ve enabled MFA (two-factor authentication) use the guide on how to connect to Exchange with Hybrid/Modern Authentication here. If you don’t use Modern 2FA authentication, use the following commands:
12. It’s helpful to first get a list of all calendar processing objects of a room that already works correctly to refer to when editing your new room’s permissions. If you don’t already have a room that you can reference, below is a list of my room that is not behaving normally:
13. Notice that ProcessExternalMeetingMessages is set to False. Let’s change this to True with the following command:
14. After making this and a few other changes displayed in the following screenshot, go ahead and try creating another test meeting and see if the autoprocessing behaves as it should. If you’re still having trouble, try referring to the screenshot below as an example, and use the “Set-CalendarProcessing” command to edit the values.
15. Once you successfully receive verifications and the calendar populates with events as it should, you may want to set the calendar to display the owner of the event and details of the event (rather than the event is listed in the calendar as only “Busy”.) To do so, follow the instructions I wrote in my article here.