Category: exchange
-
Exchange Web Services (EWS) and 501 Error
As is common with a lot that I write in this blog, it is based on noting down the answers to stuff I could not find online. For this issue, I did find something online by Michael Van “Hybrid”, but finding it was the challenge. So rather than detailing the issue and the reason (you…
-
Getting Exchange Message Sizing Raw Data
On the internet there are a number of resources for collecting the raw data needed to size Exchange Server deployments. These include: http://blogs.technet.com/b/neiljohn/archive/2011/08/09/user-profile-analysis-for-exchange-server-2010.aspx (Neil Johnson – User Profile Analysis for Exchange Server 2010 ) http://gallery.technet.microsoft.com/scriptcenter/bb94b422-eb9e-4c53-a454-f7da6ddfb5d6 (“mjolinor” – the primary source of the script used here) This blog outlines my process for collecting the data needed…
-
Using Microsoft Rights Management from Microsoft Office
This article is the second last in a series of posts looking at Microsoft’s new Rights Management product set. In an earlier previous post we looked at turning on the feature in Office 365 and in this post we will look at protecting documents and emails in Microsoft Office 2010 or later. This means your…
-
Configuring Exchange On-Premises to Use Azure Rights Management
This article is the fifth in a series of posts looking at Microsoft’s new Rights Management product set. In an earlier previous post we looked at turning on the feature in Office 365 and in this post we will look at enabling on-premises Exchange Servers to use this cloud based RMS server. This means your…
-
Is Your SenderID/SPF or DKIM Record Correctly Configured
With Microsoft having just announced that DKIM is coming to Office 365 soon (release notes here) and SenderID is already available, I thought this is a good time to write a blog on the use of DMARC to show if your records are correct. DMARC is a protocol that allows you to see the effect…
-
Updating Exchange 2013 Anti-Malware Agent From A Non-Internet Connected Server
In Forefront Protection for Exchange (now discontinued) for Exchange 2010 it was possible to run the script at http://support.microsoft.com/kb/2292741 to download the signatures and scan engines when the server did not have a direct connection to the download site at forefrontdl.microsoft.com. To achieve the same with Exchange 2013 and the built-in anti-malware transport agent you…
-
DLP Templates
At the Microsoft Exchange Conference 2014 in Austin, Texas I ran a session on DLP templates. This blog post was linked from the slides and contains the examples I used in the session. To download any of the samples click the links below: ContosoPharma.xml – the DLP data classification file to add the ability to detect…
-
Exchange DLP Rules in Exchange Management Shell
This one took a while to work out, so noting it down here! If you want to create a transport rule for a DLP policy that has one data classification (i.e. data type to look for such as ‘Credit Card Number’) then that is easy in PowerShell and an example would be as below. New-TransportRule…
-
An “Inexpensive” Exchange Lab In Azure
This blog post centres around two scripts that can be used to quickly provision an Exchange Server lab in Azure and then to remove it again. The reason why the blog post is titled “inexpensive” is that Azure charges compute hours even if the virtual machines are shut down. Therefore to make my Exchange lab…
-
Highly Available Office 365 to On-Premises Mail Routing
This article looks at how to configure mail flow from Office 365 (via Exchange Online Protection – EOP) to your On Premises organization to ensure that it is highly available and work in disaster recovery scenarios with no impact. It is based on exactly the same principle to that which I blogged about in 2012:…
-
Errors in Moving Exchange Archive Mailboxes to Office 365
I was trying to move an Archive mailbox to the Office 365 service from my demo environment the other day when I came across an error I thought I would note down here for completion. I could not find the error elsewhere on the internet An archive mailbox must be enabled before it can be…
-
Enabling and Configuring AADRM in Exchange Online
This article is the fourth in a series of posts looking at Microsoft’s new Rights Management product set. In the previous post we looked at turning on the feature in Office 365 and in this post we will look at how to manage the service in the cloud. In this series of articles we will…
-
Creating an Azure VPN with a Draytek Router
The Microsoft Azure cloud operating system can be connected to your network by way of a virtual private network or VPN. Azure lists some supported devices and provides configuration scripts for them, but does not include the Draytek range of devices. Draytek devices are common in the small business market and for techy home users.…
-
Configuring Trend OfficeScan for Exchange Server
There are lots of articles on configuring Trend OfficeScan on an Exchange Server. They should all be based on the definitive article at http://technet.microsoft.com/en-us/library/bb332342(v=exchg.141).aspx which covers the exclusions needed, but one thing I found typically missing from the configuration. If you use mount points to map the Exchange database disks to the server, then you…
-
The New Rights Management Service
This blog is the start of a series of articles I will write over the next few months on how to ensure that your data is encrypted and secured to only the people you want to access it, and only for the level of rights you want to give them. The technology that we will…
-
Message Classifications, Exchange Server, Exchange Online and Outlook
Message Classifications are a way to tag email with a property that describes the purpose of the email, for example “Internal Use Only” might be a classification to tell the recipient of the email that the message should not be forwarded. Classifications are configured by administrators and appear shortly after creation in Outlook Web App,…
-
Cannot Send Emails To Office 365 or Exchange Online Protection Using TLS
I have found this is a common issue. You set up an Exchange Online Hybrid or Exchange Online Protection (EOP) stand alone service and follow all the instructions for the creating of the connectors needed, only to find that your emails queue in your Exchange Server. If you turn on protocol logging you get this…
-
Rebuilding Search Catalogs on Exchange Server 2013
In Exchange 2010 there was a PowerShell script for rebuilding the search catalog. This is depreciated in Exchange 2013. TechNet contains instructions on copying the catalog from a working server in the DAG – but what about if the database is not a member of a DAG or all the catalog’s in the DAG are…
-
Whitelisting Salesforce Emails in Exchange Online Protection
In this article, Salesforce list three IP address ranges (by way of CIDR notation) where their emails can come from when you are a Salesforce.com user. To ensure these emails come to all users of your organization if you are using Exchange Online Protection (EOP) then you have to create a transport rule to attempt…
-
Outlook Archive Appears to be Duplicated
A client sent me the following screenshot today, and though redacted you can see that their Outlook mailbox has more than one Online Archive showing: This users mailbox was not the only one in the company, but you can see how the mailbox is showing three Online Archives and seemingly all for the same mailbox.…
-
What is X-Forefront-Antispam-Report-Untrusted?
When a message arrives in Exchange Online Protection (EOP) with an existing X-Forefront-Antispam-Report header, it is renamed to X-Forefront-Antispam-Report-Untrusted. If the message is then detected as spam and stored in the optional quarantine, upon release it will go back into EOP. Upon entering EOP the previously set X-Forefront-Antispam-Report header is renamed to X-Forefront-Antispam-Report-Untrusted.