Categories
commerce microsoft Microsoft 365 Office 365 powerbi project visio windows 365

Turn Off Self-Service Purchases in Microsoft 365

Microsoft 365 has a route for users to buy their own products rather than products purchased and licenced by the company. This blog outlines how to turn this off. Install the MSCommerce PowerShell module with Install-Module MSCommerce Connect to the MSCommerce endpoint with Connect-MSCommerce and login with the administrator account List all the products you […]

Categories
app password ATP Authentication Azure Azure Active Directory Azure AD Azure Information Protection AzureAD conditional access EM+S email enterprise mobility + security management mcm mcsm MFA microsoft modern authentication multi-factor auth Multi-Factor Authentication sspr

MFA and End User Impacts

This article will look at the various different MFA settings found in Azure AD (which controls MFA for Office 365 and other SaaS services) and how those decisions impact users. There is lots on the internet on enabling MFA, and lots on what that looks like for the user – but nothing I could see […]

Categories
AADConnect AADSync active directory Azure Active Directory Azure AD compliance conditional access device download enterprise mobility + security exchange online microsoft Office 365 OneDrive OneDrive For Business sharepoint

Read Only And Document Download Restrictions in SharePoint Online

Both SharePoint Online (including OneDrive for Business) and Exchange Online allow a read only mode to be implemented based on certain user or device or network conditions. For these settings in Exchange Online see my other post at https://c7solutions.com/2018/12/read-only-and-attachment-download-restrictions-in-exchange-online. When this is enabled documents can be viewed in the browser only and not downloaded. So […]

Categories
active directory Azure Active Directory Azure AD AzureAD EM+S enterprise mobility + security microsoft Office 365 password security

Improving Password Security In the Cloud and On-Premises

Passwords are well known to be generally insecure the way users create them. They don’t like “complex” passwords such as p9Y8Li!uk%al and so if they are forced to create a “complex” password due to a policy in say Active Directory, or because their password has expired and they need to generate a new one, they […]

Categories
AADConnect AADSync Azure Active Directory Azure AD AzureAD conditional access microsoft modern authentication SSO

Azure AD Single Sign-On Basic Auth Popup

When configuring Azure AD SSO as part of Pass-Through Authentication (PTA) or with Password Hash Authentication (PHA) you need now (since March 2018) to only configure a single URL in the Intranet Zone in Windows. That URL is https://autologon.microsoftazuread-sso.com and this can be rolled out as a registry preference via Group Policy. Before March 2018 […]

Categories
exchange exchange online Exchange Server hybrid microsoft migration Office 365

Exchange Online Migration Batches–How Long Do They Exist For

When you create a migration batch in Exchange Online, the default setting for a migration is to start the batch immediately and complete manually. So how long can you leave this batch before you need to complete it? As you can see from the below screenshot, the migration batch here was created on Feb 19th, […]

Categories
aadrm active directory certificates cloud compliance dirsync exchange exchange online https hybrid journal journaling mcm mcsm microsoft Office 365 Outlook pki policy rms smarthost transport unified messaging voicemail

The New Rights Management Service

This blog is the start of a series of articles I will write over the next few months on how to ensure that your data is encrypted and secured to only the people you want to access it, and only for the level of rights you want to give them. The technology that we will […]

Categories
2010 exchange exchange online mcm mcsm microsoft Office 365 transport

The Exchange Server Header Firewall

The below Header Firewall video was recorded as “pre-reading” for the Exchange 2010 MCM program. The website that originally hosted this video is no longer available, so I am reposting the video that I recorded here:

Categories
2007 2008 R2 2010 active directory certificates exchange exchange online microsoft networking Office 365 organization relationships owa rms server administrator

Installing and Configuring AD RMS and Exchange Server

Earlier this week at the Microsoft Exchange Conference (MEC 2012) I led a session titled Configuring Rights Management Server for Office 365 and Exchange On-Premises [E14.314]. This blog shows three videos covering installation, configuration and integration of RMS with Exchange 2010 and Office 365. For Exchange 2013, the steps are mostly identical. Installing AD RMS […]

Categories
2013 cloud exchange GeoDNS https load balancer mcm microsoft MX networking owa smtp transport

Creating GeoDNS with Amazon Route 53 DNS

UPDATE: 13 Aug 2014 – Amazon Route 53 now does native GeoDNS within the product – see Amazon Route 53 GeoDNS Routing Policy A new feature to Exchange 2013 is supported use of a single namespace for your global email infrastructure. For example mail.contoso.com rather than different ones for each region such as uk-mail.contoso.com; usa-mail.contoso.com […]

Categories
2007 2010 2013 exchange mcm microsoft transport

How To Speed Up Exchange Server Transport Logging

In Exchange 2010 SP1 and later any writing to the transport log files for activity logging (not the transaction logging on the mail.que database) is cached in RAM and written to disk every five minutes. In a lab environment you might be impacted by this as you might have sent an email and want to […]

Categories
2003 2007 2010 cloud DNS domain door exchange exchange online load balancer loadbalancer mcm microsoft MX Office 365 smarthost

Highly Available Geo Redundancy with Outbound Send Connectors in Exchange 2003 and Later

This is something I’ve been meaning to write down for a while. I wrote an answer for this question to LinkedIn about a week ago and I’ve just emailed a MCM Exchange consultant with this – so here we go… If you configure a Send Connector (Exchange 2007 and 2010) or Exchange 2003 SMTP Connector […]

Categories
2010 2013 64 bit active directory ADFS ADFS 2.0 certificates exchange exchange online https isa mcm microsoft Office 365 pki tmg

Publishing ADFS Through ISA or TMG Server

To enable single sign-on in Office 365 and a variety of other applications you need to provide a federated authentication system. Microsoft’s free server software for this is currently Active Directory Federation Server 2.0 (ADFS), which is downloaded from Microsoft’s website. ADFS is installed on a server within your organisation, and a trust (utilising trusted […]

Categories
2007 certificates exchange iis microsoft pkcs powershell web

Creating Subject Alternative Name Certificates with Microsoft Certificate Server

A new feature in digital certificates is the Subject Alternative Name property. This allows you to have a certificate for more than one URI (i.e. www.c7solutions.com and www.c7solutions.co.uk) in the same certificate. It also means that in web servers such as IIS you can bind this certificate to the site and use up only one […]