Read Only And Document Download Restrictions in SharePoint Online

Both SharePoint Online (including OneDrive for Business) and Exchange Online allow a read only mode to be implemented based on certain user or device or network conditions. For these settings in Exchange Online see my other post at https://c7solutions.com/2018/12/read-only-and-attachment-download-restrictions-in-exchange-online. When this is enabled documents can be viewed in the browser only and not downloaded. So… Continue reading Read Only And Document Download Restrictions in SharePoint Online

Token2 Hardware OAuth Tokens and Azure AD Access

This blog post walks through the process of logging into Azure AD resources (Office 365, other SaaS applications registered in Azure AD and on-premises applications that utilise Azure AD App Proxy). First step is to order your desired hardware. For this article we are looking at the devices manufactured by Token2 (www.token2.com). These include credit… Continue reading Token2 Hardware OAuth Tokens and Azure AD Access

Improving Password Security In the Cloud and On-Premises

Passwords are well known to be generally insecure the way users create them. They don’t like “complex” passwords such as p9Y8Li!uk%al and so if they are forced to create a “complex” password due to a policy in say Active Directory, or because their password has expired and they need to generate a new one, they… Continue reading Improving Password Security In the Cloud and On-Premises

Exchange Server Object ID Error With Windows Server 2016 Domain Controllers

Saw this error the other day: When you open Exchange Control Panel and view the Mailbox Delegation tab of any user account you get the following: The object <name> has been corrupted, and it’s in an inconsistent state. The following validation errors happened: The access control entry defines the ObjectType ‘9b026da6-0d3c-465c-8bee-5199d7165cba’ that can’t be resolved..… Continue reading Exchange Server Object ID Error With Windows Server 2016 Domain Controllers

420 4.2.0 RESOLVER.ADR.Ambiguous; ambiguous address

This error can turn up in Exchange Server when Exchange Server is trying to resolve the object that it should deliver a message to. Exchange queries Active Directory and expect that if the object exists in the directory, that the object exists only once. If the object exists more than once, this is the error… Continue reading 420 4.2.0 RESOLVER.ADR.Ambiguous; ambiguous address

Administrators, AADConnect and AdminSDHolder Issues (or why are some accounts having permission-issue)

[Scripts updated 5th October 2017 to support updates for Exchange Hybrid Writeback. If you ran earlier versions of these scripts you will need to run them again] AdminSDHolder is something I come across a lot, but find a lot of admins are unaware of it. In brief it is any user that is a member… Continue reading Administrators, AADConnect and AdminSDHolder Issues (or why are some accounts having permission-issue)

AADConnect Password Reset Date Sync Issues

Got this error the other day at a client and found nothing listed on Internet search for it, which of course means only I have this issue! But even so, lets get to see what it means and how to fix it. The error turned up in the AADConnect tool and it reported sync-generic-failure on… Continue reading AADConnect Password Reset Date Sync Issues

Qualifications in Exchange Signatures

In a recent project I was working with iQ.Suite from GBS and specifically the component of this software that add signatures to emails. The client are an international organization with users in different geographies and we needed to accommodate the users qualifications in their email signature. The problem with this is that in Germany qualifications… Continue reading Qualifications in Exchange Signatures

Configuring Sync and Writeback Permissions in Active Directory for Azure Active Directory Sync

[Last updated 11th November 2019 – added support for Exchange Server automapping support, which was announced during Microsoft Ignite 2019 and will be supported in the first half of calendar year 2020. This is supported by adding writeback for msExchDelegateListBL and msExchDelegateListLink attributes. The below Exchange Hybrid writeback script has been updated to support these… Continue reading Configuring Sync and Writeback Permissions in Active Directory for Azure Active Directory Sync

Enabling Microsoft Rights Management in SharePoint Online

This article is the fifth in a series of posts looking at Microsoft’s new Rights Management product set. In an earlier previous post we looked at turning on the feature in Office 365 and in this post we will look at protecting documents in SharePoint. This means your cloud users and will have their data… Continue reading Enabling Microsoft Rights Management in SharePoint Online

Using Microsoft Rights Management from Microsoft Office

This article is the second last in a series of posts looking at Microsoft’s new Rights Management product set. In an earlier previous post we looked at turning on the feature in Office 365 and in this post we will look at protecting documents and emails in Microsoft Office 2010 or later. This means your… Continue reading Using Microsoft Rights Management from Microsoft Office

Creating Microsoft Rights Management Templates and Policies

This article is the sixth in a series of posts looking at Microsoft’s new Rights Management product set. In the previous post we looked at turning on the feature in Office 365 and in a later post we will see how to integrate this into your on-premises servers. In this post we will look at… Continue reading Creating Microsoft Rights Management Templates and Policies

The New Rights Management Service

This blog is the start of a series of articles I will write over the next few months on how to ensure that your data is encrypted and secured to only the people you want to access it, and only for the level of rights you want to give them. The technology that we will… Continue reading The New Rights Management Service

Moving Exchange Online Protection Junk Mail to the Junk Email Folder

If you use Exchange Online Protection (EOP) to filter your email in the cloud and to remove spam and malware before onward delivery to you, and if you use Exchange 2007 or later on-premises, then you need to configure Exchange to move detected spam to the Junk Email folder in Outlook. By default EOP detects… Continue reading Moving Exchange Online Protection Junk Mail to the Junk Email Folder

Installing and Configuring AD RMS and Exchange Server

Earlier this week at the Microsoft Exchange Conference (MEC 2012) I led a session titled Configuring Rights Management Server for Office 365 and Exchange On-Premises [E14.314]. This blog shows three videos covering installation, configuration and integration of RMS with Exchange 2010 and Office 365. For Exchange 2013, the steps are mostly identical. Installing AD RMS… Continue reading Installing and Configuring AD RMS and Exchange Server

Starting Exchange When You Have Active Directory Issues

I had a call the other day from a company who had Exchange issues. One investigation it turned out they had a very suspect Active Directory and no-one would admit to what they had actually done to get it in such a state! One server (DC1) would not talk to the other DC’s (Kerberos issues… Continue reading Starting Exchange When You Have Active Directory Issues