Category: mcm
-
MFA and End User Impacts
This article will look at the various different MFA settings found in Azure AD (which controls MFA for Office 365 and other SaaS services) and how those decisions impact users. There is lots on the internet on enabling MFA, and lots on what that looks like for the user – but nothing I could see…
-
Managing Office 365 Groups With Remote PowerShell
Announced during Microsoft Ignite 2015, there are now PowerShell administration cmdlets available for the administration of the Groups feature in Office 365. The cmdlets are all based around “UnifedGroups”, for example Get-UnifiedGroups. Create a Group Use New-UnifiedGroup to do this. An example would be New-UnifiedGroup -DisplayName “Sales” -Alias sales –EmailAddress sales@contoso.com The use of the…
-
Speaking at TechEd Europe 2014
I’m please to announce that Microsoft have asked me to speak on “Everything You Need To Know About SMTP Transport for Office 365” at TechEd Europe 2014 in Barcelona. Its going to be a busy few weeks as I go from there to the MVP Summit in Redmond, WA straight from that event. My session…
-
Getting Exchange Message Sizing Raw Data
On the internet there are a number of resources for collecting the raw data needed to size Exchange Server deployments. These include: http://blogs.technet.com/b/neiljohn/archive/2011/08/09/user-profile-analysis-for-exchange-server-2010.aspx (Neil Johnson – User Profile Analysis for Exchange Server 2010 ) http://gallery.technet.microsoft.com/scriptcenter/bb94b422-eb9e-4c53-a454-f7da6ddfb5d6 (“mjolinor” – the primary source of the script used here) This blog outlines my process for collecting the data needed…
-
Configuring Exchange On-Premises to Use Azure Rights Management
This article is the fifth in a series of posts looking at Microsoft’s new Rights Management product set. In an earlier previous post we looked at turning on the feature in Office 365 and in this post we will look at enabling on-premises Exchange Servers to use this cloud based RMS server. This means your…
-
Updating Exchange 2013 Anti-Malware Agent From A Non-Internet Connected Server
In Forefront Protection for Exchange (now discontinued) for Exchange 2010 it was possible to run the script at http://support.microsoft.com/kb/2292741 to download the signatures and scan engines when the server did not have a direct connection to the download site at forefrontdl.microsoft.com. To achieve the same with Exchange 2013 and the built-in anti-malware transport agent you…
-
Exchange DLP Rules in Exchange Management Shell
This one took a while to work out, so noting it down here! If you want to create a transport rule for a DLP policy that has one data classification (i.e. data type to look for such as ‘Credit Card Number’) then that is easy in PowerShell and an example would be as below. New-TransportRule…
-
Enabling and Configuring AADRM in Exchange Online
This article is the fourth in a series of posts looking at Microsoft’s new Rights Management product set. In the previous post we looked at turning on the feature in Office 365 and in this post we will look at how to manage the service in the cloud. In this series of articles we will…
-
Managing Azure Active Directory Rights Management
This article is the third in a series of posts looking at Microsoft’s new Rights Management product set. In the previous post we looked at turning on the feature in Office 365 and in this post we will look at how to manage the service in the cloud. In this series of articles we will…
-
The New Rights Management Service
This blog is the start of a series of articles I will write over the next few months on how to ensure that your data is encrypted and secured to only the people you want to access it, and only for the level of rights you want to give them. The technology that we will…
-
The Exchange Server Header Firewall
The below Header Firewall video was recorded as “pre-reading” for the Exchange 2010 MCM program. The website that originally hosted this video is no longer available, so I am reposting the video that I recorded here:
-
Moving Exchange Online Protection Junk Mail to the Junk Email Folder
If you use Exchange Online Protection (EOP) to filter your email in the cloud and to remove spam and malware before onward delivery to you, and if you use Exchange 2007 or later on-premises, then you need to configure Exchange to move detected spam to the Junk Email folder in Outlook. By default EOP detects…
-
Removing Edge Subscription When Exchange 2013 Installed
Exchange 2013 does not have an Edge role (at the time of writing – Aug 2013). It is possible to use Exchange 2010 SP3 and install the Edge role should you need one. There is a problem though when it comes to removing the Edge Subscription between an organization that contains Exchange 2013 servers and…
-
Journal Alternative Mailbox and No Inbox Rules
In the event of your journal mailbox going offline, any journal reports destined for these mailboxes will queue. After two days (though this time is the expiry time for messages in your Exchange organization, so may be different) the message will expire and an NDR sent to the sender of the journal report. The problem…
-
Removing Old Exchange 2013/2016 Log Files
Update: 18th Sept 2014. An updated version of this script has been written by Thomas Stensitzki and can be downloaded from http://www.sf-tools.net/Messaging/tabid/55/EntryId/213/Updated-script-to-purge-Exchange-and-IIS-log-files.aspx. This updated version works on systems that have not used the default installation paths and it reads them automatically from the server. The below still works for users with default installation paths. Exchange 2013…
-
IPv6 Routed LAN with Windows
This blog is written to note down the steps needed to configure IPv6 on the whole of your LAN using Windows Server 2008 R2 as the router, but without installing RRAS. It also uses Hurricane Electric’s IPv6 tunnel broker service to provide the IPv6 connectivity via an IPv4 tunnel as my internet provider (Virgin Media…
-
Creating a Simple Exchange Server Transport Agent
This blog post follows a session that I delivered at the MEC 2012 conference in Orlando. If you attended the conference the slides are available on http://mymec.mecisback.com for the rest of 2012. Part of the transport agents session was writing a new transport agent, and the example agent was to do add a form of…
-
Create Shadow Redundancy Cross Forest in Exchange 2010
Send connector cross forest shadow redundancy New-SendConnector ToTailspin -AddressSpaces SMTP:tailspin.com -SmartHosts mail.tailspin.com -ProtocolLoggingLevel verbose -DNSRoutingEnabled $False -SmartHostAuthMechanism ExternalAuthoritativeGet-SendConnector ToTailspin | Add-ADPermission -user “MS Exchange\Externally Secured Servers” -ExtendedRights ms-Exch-SMTP-Send-XShadow Receive connector cross forest shadow redundancy New-ReceiveConnector FromFabrikam -RemoteIPRanges 192.168.100.1 -Bindings 0.0.0.0:25 -ProtocolLoggingLevel verbose -Banner “220 Tailspin XShadow SMTP Server” -AuthMechanism ExternalAuthoritative Get-ReceiveConnector FromFabrikam | Add-ADPermission…
-
Creating GeoDNS with Amazon Route 53 DNS
UPDATE: 13 Aug 2014 – Amazon Route 53 now does native GeoDNS within the product – see Amazon Route 53 GeoDNS Routing Policy A new feature to Exchange 2013 is supported use of a single namespace for your global email infrastructure. For example mail.contoso.com rather than different ones for each region such as uk-mail.contoso.com; usa-mail.contoso.com…
-
How To Speed Up Exchange Server Transport Logging
In Exchange 2010 SP1 and later any writing to the transport log files for activity logging (not the transaction logging on the mail.que database) is cached in RAM and written to disk every five minutes. In a lab environment you might be impacted by this as you might have sent an email and want to…
-
Highly Available Geo Redundancy with Outbound Send Connectors in Exchange 2003 and Later
This is something I’ve been meaning to write down for a while. I wrote an answer for this question to LinkedIn about a week ago and I’ve just emailed a MCM Exchange consultant with this – so here we go… If you configure a Send Connector (Exchange 2007 and 2010) or Exchange 2003 SMTP Connector…