Out of SSPR Scope User Experience
Azure AD Self Service Password Reset (SSPR) has the ability to restrict which group of users are able to perform SSPR tasks. It is a slightly limited… Read the rest “Out of SSPR Scope User Experience”
Items related to messaging services with a focus on Exchange Online (EXO) and Exchange server (on-premises)
Azure AD Self Service Password Reset (SSPR) has the ability to restrict which group of users are able to perform SSPR tasks. It is a slightly limited… Read the rest “Out of SSPR Scope User Experience”
A common issue when deploying Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MDO) with on-premises Exchange is making Exchang… Read the rest “Configure On-Premises Exchange For EOP Spam Thresholds”
The November 8, 2022 and later Windows updates address a security bypass and elevation of privilege vulnerability with Authentication Negotiation by … Read the rest “Kerberos Issues November 2022”
There are a multitude of online tools that help diagnose issues with various mail services, but understanding what these tools actually check is valua… Read the rest “How to Use NsLookup To Check DKIM Record”
Extended Protection uses service binding and channel binding to help prevent an authentication relay attack. In an authentication relay attack, a clie… Read the rest “Exchange Server Extended Protection”
The May 2022 security update for Exchange Server 2013, 2016 and 2019 resolved CVE-2022-21978. A common issue is that admins are only doing part of th… Read the rest “Remediate Exchange Security CVE-2022-21978”
Note that there have been changes to Safe Links policy for Microsoft Defender for Office 365 (MDO).
Previously you could add URLs to the Safe Links pol… Read the rest “Migrate Safe Links Block Settings to TABL”
In the field, I’m seeing multiple customers that are struggling to implement the DownloadDomain feature. It does require a little prep work and it is … Read the rest “Implementing Exchange DownloadDomain Security”
When designing an upgrade strategy from an older version of Exchange to a newer one, a question that needs to be addressed is do we need to introduce … Read the rest “Exchange 2019 Point of No Return”
When delivering Office 365 Security Optimisation Assessments (SOA) to customers, one of the control items is the version of Azure AD Connect deployed a… Read the rest “Upgrade to Azure AD Connect 2.0”