Categories
MFA Office 365

Configuring Multi Factor Authentication For Office 365

Given that Office 365 is a user service, the enabling of multi-factor authentication is very much as admin driven action – that is the administrators decide that the users should have it, or that it is is configured via Conditional Access when limiting the login for the user to certain applications and locations. For a […]

Categories
Azure Azure Information Protection cloud firewall Office 365 proxy SSL

SSL Inspection and Office 365

Lots of cloud endpoint URL’s break service flow if you enable SSL Inspection on the network devices between your client and the service. My most recent example of this Enterprise State Routing in Windows 10. Microsoft have a list of URLs for the endpoints to their service, where they are categorised as Default, Allow or […]

Categories
active directory Azure Active Directory Azure AD AzureAD EM+S enterprise mobility + security microsoft Office 365 password security

Improving Password Security In the Cloud and On-Premises

Passwords are well known to be generally insecure the way users create them. They don’t like “complex” passwords such as p9Y8Li!uk%al and so if they are forced to create a “complex” password due to a policy in say Active Directory, or because their password has expired and they need to generate a new one, they […]

Categories
aadrm Azure Information Protection certificates exchange exchange online IRM Office Office 365 rms SSL

Azure Information Protection and SSL Inspection

I came across this issue the other day, so thought I would add it to my blog. We were trying to get Azure Information Protection operating in a client, and all we could see when checking the download of the templates in File > Info inside an Office application was the following: The sequence of […]

Categories
exchange exchange online Exchange Server hybrid microsoft migration Office 365

Exchange Online Migration Batches–How Long Do They Exist For

When you create a migration batch in Exchange Online, the default setting for a migration is to start the batch immediately and complete manually. So how long can you leave this batch before you need to complete it? As you can see from the below screenshot, the migration batch here was created on Feb 19th, […]

Categories
exchange online Exchange Server hybrid Office 365 Public Folders retention retention policies

Office 365 Retention Policies and Hybrid Public Folders

If you create an Office 365 Retention Policy (in the Security and Compliance Center) that applies to all Exchange Online content then you might find that after the retention policy has been deployed (a day or so later usually) that the policy is in error and there is a message at the top of the […]

Categories
EOP exchange online Exchange Online Protection Exchange Server journal journaling Office 365 smtp

Journal Rule Testing In Exchange Online

I came across two interesting oddities in journaling in Exchange Online in the last few weeks that I noticed where not really mentioned anyway (or anywhere I could find that is). The first involces routing of journal reports and the second the selection of the journal target. The journal report, that is the message that […]

Categories
duplicate EOP exchange exchange online Exchange Online Protection Exchange Server mailbox MX Office 365

Duplicate Exchange Online and Exchange Server Mailboxes

With a hybrid Exchange Online deployment, where you have Exchange Server on-premises and Exchange Online configured in the cloud, and utilising AADConnect to synchronize the directories, you should never find that a synced user object is configured as both a mailbox in Exchange Online and a mailbox on-premises. When Active Directory is synced to Azure […]

Categories
add-in EOP exchange online Exchange Online Protection Office Office 365 Office 365 ProPlus phish phishing spam

Enable Report Message Add-In For Office 365

There is a new add-in available for Outlook and OWA in Office 365 that can simplify spam and phishing reporting to Microsoft for content in your mailbox. I recommend rolling this add-in out to everyone in your Office 365 tenant and for Office 365 consultants to add this as part of the default steps in […]

Categories
Advanced Threat Protection ATP dynamic delivery Office 365 Office 365 Advanced Threat Protection preview

Office 365 Advance Threat Protection Attachment Preview

It is now possible to preview attachments that Advanced Threat Protection (ATP) is currently in the process of checking. This was enabled on my tenant recently and so will come to all tenants soon. It was mentioned at Microsoft Ignite 2017. It looks like this. You get the email with the standard ATP attachment saying […]

Categories
acdc anycast cafe exchange online Exchange Server networking Office 365

Office 365 and ACDC

The best connectivity to Office 365 is achieved with local internet breakout and local DNS egress. This means things like each branch office should connect directly to the internet and not via the Head Office and then to the internet and that DNS lookups are done local as well. The reason for DNS lookups is […]

Categories
Authentication Azure Active Directory Azure AD Office Office 365 SSO

Azure AD SSO and Disabled Computer Accounts

When you set up Azure AD SSO, the Azure AD Connect application creates a computer account called AZUREADSSOACC. Do not disable this account, or SSO stops working. I’ve had a few clients in the past week disable this when generally disabling all the computer accounts that have not logged in for X days. Therefore if […]

Categories
Advanced Threat Protection ATP malware Office Office 365 Office 365 ProPlus Proof Of Concept Safe Attachments Safe Links

How To Run an Advanced Threat Protection Proof of Concept

I put the following post together as I was asked this question from Microsoft themselves! This post covers what you need to put in place, and how you can test some of it (as testing the blocking of malware involves sending malware first!) First, lets take a look at the Advanced Threat Protection steps for […]

Categories
exchange online Exchange Server Office 365 Public Folders

On-Premises Public Folders, Exchange Online, And Multiple Forests

Update: October 2018. Microsoft have added support to hide public folders in Exchange Online. Now rather than the below post from me, you can set a users mailbox to see public folders or not as required and then enable the global setting to turn on controlled access to public folders. For more see https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-support-for-controlled-connections-to-public-folders/ba-p/608591   […]

Categories
EOP exchange online Exchange Online Protection Exchange Server Office 365 security starttls TLS

Forcing Transport Level Secure Email With Exchange Online

In Exchange Online there are a few different options for forcing email to require an encrypted connection. These depend upon the level of licence you have, and some of them are user based (Office 365 Message Encryption for example), but there are two ways to force TLS (transport layer security) for the email between when […]