Microsoft Office

With Office 365 being available at the end of this month (28 June 2011), I have been looking at the impact it may have on an on-premises Active Directory and the issues that must be resolved in order for it to fully integrate with Office 365.

Single Label Domains:

Singles Label Domains (SLD’s) are not supported (e.g. or are, markparris. is not). Anyone with an SLD will have to migrate to a new forest to utilise Office 365.  See Microsoft Online Services compatibility with single-label domains, with disjoint namespaces, and with discontiguous namespaces

Forest Functional Level:

As far as I can ascertain the minimum supported Forest Functional Level should be Windows Server 2003 FFL (Level 2).  Even though DirSync and AD-FS support alternative FFL’s, the Microsoft Office 365 Beta Deployment Guide for Enterprises states this FFL level is required for Exchange 2010 SP1 hybrid mode coexistence and this is the lowest common denominator that Exchange 2010 SP1, DirSync and AD-FS all support.  If you don’t want to run Exchange 2010 SP1 in hybrid mode coexistence, then a lower FFL may be suitable. 

Email me at

Active Directory Schema:

If the organisation has a requirement for deploying Exchange hybrid mode coexistence, then the Exchange Server 2010 SP1 Schema will need to be deployed. In a global environment, that perhaps still has 32bit domain controllers with an NTDS.DIT greater than 4GB, then this schema extension may require some thought and planning, due to the additional load it may place on your DC’s.

Summary of Exchange Online Simple Coexistence and Exchange Hybrid Mode Coexistence Capabilities

Email me at

Number of Forests:

Office 365 will initially only support single sign on from a single forest. This may change moving forward, but if it does not then a forest rationalisation project may need to instigated. This could be a huge piece of work.

Domain Name:

To utilise AD-FS and single sign-on, the forest name or more specifically the UPN of the forest must be Internet routable. See: This could be a huge piece of work.

Active Directory Recycle Bin

If the Active Directory Recycle Bin has been enabled then this may impact your total object count quota for Directory Synchronization (in the beta this was 10000 objects). If the Active Directory Recycle Bin has not been enabled, this may be a factor in waiting before enabling it as it is an irreversible action.

Active Directory Cleanup:

Remove duplicate proxyAddress and userPrincipalName attributes.

Update blank and invalid userPrincipalName attributes with a valid userPrincipalName.

Ensure the attributes meet the requirements and remove invalid or questionable characters as detailed:


Maximum number of characters: 20

Invalid Active Directory characters: !#\$%\^&\{\}\\{`~"",\\/\[\]:@<>\+=;\?\* If a user has an invalid sAMAccountName but a valid userPrincipalName, the user account is created in Office 365.

If both the sAMAccountName and userPrincipalName are invalid, the on-premises Active Directory userPrincipalName must be updated.


Maximum number of characters: 64

Questionable characters: ?@\+

sn (surname) Maximum number of characters: 64

Questionable characters: ?@\+


Maximum number of characters: 256

Questionable characters: \?@\+


Maximum number of characters: 256

Invalid characters: [! #$ %&*+ / = ? ^ ` { }]

Duplicate values: The mail attribute cannot contain any duplicate values.

mailNickname Maximum number of characters: 64

Invalid characters: ""\\\[\]:><;


Maximum number of characters: 256

Invalid characters: \)\(;><\]\[\\,

userPrincipalName Maximum number of characters for username: 64

Maximum number of characters for domain name: 256

Invalid characters: }{ # ‗ $ % ~* + ) ( > < ! / \ = ? `

& character: Automatically changed to underscore

^ character: The value is automatically removed.

(_) character: This remains the same.

Duplicate proxies will be emailed as an error before any notification errors.

Additional requirements for a valid userPrincipalName:

@ character is required in each userPrincipalName value.

@ character cannot be first character in each userPrincipalName value.

Username cannot end with a period (.) an ampersand (&) a space ( ), or at sign (@)

Username cannot have a space ( ).

Routable domains must be used (.local or .internal cannot be used)

Unicode is converted to underscore characters.

userPrincipalName may not contain any duplicate values in the forest.


Mail-enabled character check: All mail-enabled groups must follow the pattern of *@*.

Contacts Mail-enabled character check: All mail-enabled contacts must follow the pattern of *@*.


Populate the following Username attributes:

First Name

Last Name

Display Name

For optimal use of the Global Address List (GAL), populate the following GAL attributes:

Job Title



Office Phone

Mobile Phone

Fax Number

Street Address


State or Province

Zip or Postal Code

Country or Region

Note:  This page will be regularly updated as my experience with Office 365 grows.


If you have a spare ream of paper, Microsoft have released another interesting read for Office 2010 – The IT Professionals deployment planning guide for Office 2010, it’s 394 pages long and it is packed with information on how to plan a deployment of Office 2010.

The guide caters for fresh installations of Office 2010 as well as migrations from earlier releases of the product. Integration with other Microsoft products such as AD-RMS are discussed too.



Microsoft have released a guide for configuring and applying Group Policy in Microsoft Office 2010.

The guide states that " it provides a guide is the IT administrator who plans to use Group Policy to configure and enforce settings for Microsoft Office 2010 applications."  In addition to providing an insight into Group Policy for Office 2010, the guide also provides an insight into how Group Policy functions and is applied at a Windows level.

Group Policy for Office 2010

I have had a quick read through the guide and it makes interesting reading.

Are you looking to plan, pilot or deploy Windows and Office?

The Microsoft Springboard team from Redmond will be in the UK en route to TechEd Europe (Berlin) on Monday 1st November, they will be delivering a five hour workshop on:

Office 2010 IT investments.

Key deployment strategies for Windows 7 and the Microsoft Desktop Optimization Pack.

Opportunities for training and certification in these key products.

Why Windows 7 has received rave reviews from IT organisations and is setting records as the fastest selling operating system in history.

Tools, tips and tricks you need now to jumpstart the successful deployment and management of your Windows desktop environment today.

If you are interested in attending, then register today for the workshop and the opportunity to come and network with members of the US based Windows and Office Product Teams, as well as local Microsoft Technology Evangelists.

BlackBerry via their website last week announced that the BlackBerry Desktop Manager should support 32Bit Outlook 2010 by August 2010, but it will not support 64Bit Outlook 2010 until sometime in 2011.

The article states that:

“Currently, BlackBerry Desktop Manager 5.0.1 does not support Microsoft Outlook 2010 64-bit version for mailbox connectivity and synchronization of organizer data such as Calendar, Contacts, Tasks, and Memos. The next release of the BlackBerry Desktop Manager provides support for Microsoft Outlook 2010 32-bit version only. This release is targeted for August 2010. Support for Microsoft Outlook 2010 64-bit version will be available in 2011.”

The information is hidden away in this article: KB17149 – Support for Microsoft Outlook 2010 64-bit version

So if you are fed up of seeing the error message “No Available Message Stores”, the update to resolve this issue should be just over the horizon.


** UPDATE ** RIM have resolved this issue in the latest release of the BlackBerry Desktop Software.

Microsoft have publically released the Facebook and Windows Live Outlook Connectors, to complement the LinkedIn and MySpace connectors that were made available previously

Outlook Social Connectors enable you to link your social networking profiles into an aggregated view, which for me is a huge time saver and reduces my need to visit the actual site as frequently as I may have otherwise done.

To install the connectors, Outlook 2010 requires an update (KB983403) so the connectors can be installed.


The KB983493 update can be installed via Windows Update or from the links below.

Update for Outlook Social Connector (KB983403)

32Bit Edition (osc-kb983403-fullfile-x64-en-us.exe)

64Bit Edition (osc-kb983403-fullfile-x86-en-us.exe)

Microsoft Outlook Social Connector Provider for Facebook

32Bit Edition (OSCFB-x86-en-us.exe)

64Bit Edition (OSCFB-x64-en-us.exe)

Microsoft Outlook Social Connector Provider for Windows Live Messenger

32Bit Edition (OSCWL-x64-en-us.exe)

64Bit Edition (OSCWL-x64-en-us.exe)

Microsoft Outlook Social Connector Provider for LinkedIn

32Bit Edition (LinkedInOutlookConnector.exe)

64Bit Edition

Microsoft Outlook Social Connector Provider for MySpace

32Bit Edition  (MySpaceForOutlook.exe)

64Bit Edition


Installation is easy with a license agreement and an Install dialogue.


Once Outlook is opened then you are asked to present your credentials.


Each account is then validated


and if you are successful then a confirmation dialogue is displayed.


Once installed Outlook 2010 presents a similar view.


Office 2010 has been available since April this year and Microsoft has made available a series of updates to improve the Office 2010 experience.

The updates whilst all grouped under “Office 2010 Cumulative Update for June 2010 KB 2259686“, they are in fact a series of invidual updates targeted at specific products that are part of the Office 2010 family.

Quick Links

Product Knowledge Base article number
FilterPack 2.0

Summary Detail

Product Knowledge Base article number Issue that this hotfix package fixes 
Project   When you use the Visual Reports feature in Project 2010, you receive an error message that states that you do not have access to the .mdb file.Some Visual Basic for Applications (VBA) methods such as FileOpen, FileOpenEx, and OutlineIndent, do not raise error messages when they should.

You copy formatted cells from an Excel workbook and then paste them into the Task Name column in Project 2010. When you click to select the Match Destination Formatting option from the Paste Options list, Project 2010 may crash.

Note If you use the option button directly, this issue does not occur.

You insert many tasks into a project that is connected to a server. When you save, close, and then reopen the project, all null (empty) tasks in the file are moved.

When you print or preview a project that has a dependency to a task and that task ends up as the last task on the page, the link line goes off the left side of the page

When you print or preview a project that has a dependency to a task and that task ends up as the last task on the page, the link line goes off the left side of the page toward infinity.

When you click Replace All, Project 2010 crashes. For example, Project 2010 crashes when you click Replace All to replace TaskName to TaskName2.

If a subproject task on the timeline is deleted from the subproject, the timeline data becomes corrupted, and tasks cannot be added to the Timeline view.

When you save a project as an XML file, the values that are in that XML file do not have a period as the XML decimal symbol. Instead, the values have a decimal symbol that is determined by the regional settings. For example, the values are the cost values. 

Access  Consider the following scenario in Microsoft Access 2010.You use a BeforeChange event or an AfterInsert event to update data. In a subform, you select a record and then create a new record in Connected mode. Then, you edit the form data. In this scenario, when you select the subform, the form data is committed and the event causes an update that displays the wrong subform data. 
FilterPack 2.0   Article is currently not posted
Publisher  Consider the following scenario:You create a merged publication in Microsoft Publisher 2010.
You close the merged publication.
You change the data source of the merged publication.
You reopen the merged publication.
You print or publish the merged publication.

In this scenario, Publisher 2010 crashes.

You use a non-English version of Publisher 2010. When you click Share in the Share with Template Community section, you are always directed to the English logon page.

Word  When you print from Word 2010 by using the scaling function of the print driver, you receive the following warning message:The margins of section 1 are set outside the printable area of the page. Do you want to continue?

After you click Yes, the scaling is incorrect and some text is cut when the document is printed. This problem occurs when the document size differs from the default paper size.

Excel Consider the following scenario:You have form controls in an Excel 2010 document.
You adjust the scale of the document.
You print the document.

In this scenario, the form controls are printed by using the actual size of the controls.

As per normal Microsoft Policy: Only apply hotfix packages to systems that are experiencing the specific problems documented.