How to Update Office 365 Groups Primary Email Address

How to Update Office 365 Groups Primary

 Email Address

How to Update the primary SMTP address of Office 365 Groups.

To do this, we must use PowerShell as it is not possible to change the email address of such group using the EAC.

First, we connect to Exchange Online PowerShell, and then we need to use the *-UnifiedGroup cmdlet.

To retrieve the list of groups that need to be updated, we use the following code:

Get-UnifiedGroup -ResultSize Unlimited | Where {$_.PrimarySmtpAddress -like "*tenantname.onmicrosoft.com"}

To update the primary SMTP address of an Office 365 Group, we use the Set-UnifiedGroup cmdlet with the PrimarySmtpAddress parameter:

Set-UnifiedGroup “Test Group” -PrimarySmtpAddress “test.group@nunomota.pt”

 

For E.g.

1.  Run the below command to add required SMTP address as an alias.

Set-UnifiedGroup -Identity "X" -EmailAddresses: @{Add ="Y"}

here X is the Display Name of Office 365 group and Y is the required Email ID.

Set-UnifiedGroup -Identity Test o365Group" -EmailAddresses: @{Add ="test.o365group@abcd.com"}

2. Promote alias as a primary SMTP address,

Set-UnifiedGroup -Identity "Test O365Group" -PrimarySmtpAddress "test.o365group@abcd.com"

3. If not required, you can remove first ID using below command.

Set-UnifiedGroup -Identity "Test o365Group" -EmailAddresses: @{Remove="test.o365group@abcd.onmicrosoft.com"}

PowerShell Code: Find Users with Email Address From a Specific Domain

Searching Email addresses with a specific domain name suffix Using PowerShell | Office 365 

Find Users with Email Address From a Specific Domain

Get-Mailbox -ResultSize Unlimited | Where-Object {($_.EmailAddresses -like "*@YourDomain.Com*")}

Command may take long to run as it will run on your Tenant completely. 

Use | Export-CSV Command to extract the output to the CSV File. 

How to use mailbox audit logs in Office 365

Summary

In Microsoft Office 365, you can run mailbox audit logs to determine when a mailbox was updated unexpectedly or whether items are missing from a mailbox. You may have to do this, for example, if items are moved or if they're deleted unexpectedly or incorrectly.

For the vNext environment, please note that mailbox audit logs are not enabled by default and need to be turned on for a user before beginning a search

How to run and check mailbox audit logs

Mailbox audit logging lets users obtain information about actions that are performed by non-owners and administrators. Mailbox audit logging is available to members of the Audit Reporting Mailbox self-service group only by using Windows Remote PowerShell.

Step 1: Run the script

To run the script, follow these steps:

1. Start Notepad, and then copy the following code into the file. The code uses the search-mailboxAuditLog command that is part of Microsoft Exchange Server.

Copy Below: 

param ([PARAMETER(Mandatory=$TRUE,ValueFromPipeline=$FALSE)]

[string]$Mailbox,

[PARAMETER(Mandatory=$TRUE,ValueFromPipeline=$FALSE)]

[string]$StartDate,

[PARAMETER(Mandatory=$TRUE,ValueFromPipeline=$FALSE)]

[string]$EndDate,

[PARAMETER(Mandatory=$FALSE,ValueFromPipeline=$FALSE)]

[string]$Subject,

[PARAMETER(Mandatory=$False,ValueFromPipeline=$FALSE)]

[switch]$IncludeFolderBind,

[PARAMETER(Mandatory=$False,ValueFromPipeline=$FALSE)]

[switch]$ReturnObject)

BEGIN {

  [string[]]$LogParameters = @('Operation', 'LogonUserDisplayName', 'LastAccessed', 'DestFolderPathName', 'FolderPathName', 'ClientInfoString', 'ClientIPAddress', 'ClientMachineName', 'ClientProcessName', 'ClientVersion', 'LogonType', 'MailboxResolvedOwnerName', 'OperationResult')

  }

  END {

    if ($ReturnObject)

    {return $SearchResults}

    elseif ($SearchResults.count -gt 0)

    {

    $Date = get-date -Format yyMMdd_HHmmss

    $OutFileName = "AuditLogResults$Date.csv"

    write-host

    write-host -fore green "Posting results to file: $OutfileName"

    $SearchResults | export-csv $OutFileName -notypeinformation -encoding UTF8

    }

    }

    PROCESS

    {

    write-host -fore green 'Searching Mailbox Audit Logs...'

    $SearchResults = @(search-mailboxAuditLog $Mailbox -StartDate $StartDate -EndDate $EndDate -LogonTypes Owner, Admin, Delegate -ShowDetails -resultsize 50000)

    write-host -fore green '$($SearchREsults.Count) Total entries Found'

    if (-not $IncludeFolderBind)

    {

    write-host -fore green 'Removing FolderBind operations.'

    $SearchResults = @($SearchResults | ? {$_.Operation -notlike 'FolderBind'})

    write-host -fore green 'Filtered to $($SearchREsults.Count) Entries'

    }

    $SearchResults = @($SearchResults | select ($LogParameters + @{Name='Subject';e={if (($_.SourceItems.Count -eq 0) -or ($_.SourceItems.Count -eq $null)){$_.ItemSubject} else {($_.SourceItems[0].SourceItemSubject).TrimStart(' ')}}},

    @{Name='CrossMailboxOp';e={if (@('SendAs','Create','Update') -contains $_.Operation) {'N/A'} else {$_.CrossMailboxOperation}}}))

    $LogParameters = @('Subject') + $LogParameters + @('CrossMailboxOp')

    If ($Subject -ne '' -and $Subject -ne $null)

    {

    write-host -fore green 'Searching for Subject: $Subject'

    $SearchResults = @($SearchResults | ? {$_.Subject -match $Subject -or $_.Subject -eq $Subject})

    write-host -fore green 'Filtered to $($SearchREsults.Count) Entries'

    }

    $SearchResults = @($SearchResults | select $LogParameters)

    }

1. On the File menu, click Save As.

2. In the Save as type box, click All File.

3. In the File name box, type Run-MailboxAuditLogSearcher.ps1, and then click Save.

4. Start Windows PowerShell, and then connect to Windows Remote PowerShell.

5. Locate the directory in which you saved the script, and then run the script.

 Note

• If you run the script without parameters, you will be prompted for the following default parameters:
  • Mailbox
  • StartDate
  • EndDate
• To search for entries from the current day, add one day to the end-date value in the prompt window. For example, if the current date is 3/14/2017, and you want to include the current day in your search, enter 4/15/2017  as the end date.

Remote Server returned '550 5.7.520 Access denied, Your organization does not allow external forwarding

Delivery has failed to these recipients or groups:

Your message wasn't delivered because the recipient's email provider rejected it.

Remote Server returned '550 5.7.520 Access denied, Your organization does not allow external forwarding. Please contact your administrator for further assistance. AS(7555)

If you have received above error recently in an NDR, Check below settings and make changes as suggested to start the mail flow as usual. 

What caused it: Oct 2020: MC221119: Office 365 ATP External email forwarding controls and policy change

Above Policy Changes your Rules for automatic external forwarding in your Outbound Spam Filter Policy.

Which is by default set to AUTOMATIC - That blocks automatic external forwarding

• Automatic: Automatic external forwarding is blocked. Internal automatic forwarding of messages will continue to work. This is the default setting.

• On: Automatic external forwarding is allowed and not restricted.
• Off: Automatic external forwarding is disabled and will result in a non-delivery report (also known as an NDR or bounce message) to the sender.

In order to fix this issue, change your Policy from AUTOMATIC to ON. 

Changing policy setting to ON will allow Automatic External Forwarding that is been set on your Email Addresses inside your O365 Tenant.