EXO – Exchange Online
Almost 10 years ago I ran into a customer deployment where they were unable to run some of the Exchange PowerShell commands. Funnily enough, this bubbled up the other week.
As a recap, tenants are created in a dehydrated state to minimise resouce consumption. That means they can not be customised things like Role Based Access Control (RBAC) assignments are read-only and can not be customised. Th… Read the rest “Tenant Hydration – Still A Thing”
You want to run the Exchange Hybrid Configuration Wizard (HCW) and after clicking the link to the HCW in the admin portal or manually browsing to the shortcut URL you are unable to either launch or install the HCW. Despite using Edge, the HCW application just does not install and/or launch. All you get is the initial prompt to open the file and nothing else.
For example, if we go to the shortcut … Read the rest “Unable To Install or Launch Exchange HCW”
It is possible to add a Domain Based Message Authentication Reporting and Conformance (DMARC) record for your onmicrosoft.com domain in M365.
Is that a good thing?
Well, your viewpoint may depend on your experiences with this domain. If you actually use the onmicrosoft.com domain to send email, then yes! Adding the DMARC record enables the DMARC alignment check to pass and the mail to be successfu… Read the rest “Enable DMARC For OnMicrosoft.com Domains”
A common issue when deploying Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MDO) with on-premises Exchange is making Exchange aware of the EOP spam filtering. This is because EOP uses slightly different logic to stamp the spam results etc. into the message. Exchange Server needs to be aware of this so that it can take action upon those settings.
There are a multitude of online tools that help diagnose issues with various mail services, but understanding what these tools actually check is valuable. One example is around manually checking published DomainKeys Identified Mail (DKIM) records. DKIM is described in RFC 4871. As an interesting piece of history DKIM went through a previous iteration "Domain-Based Email Authentication Using Pub… Read the rest “How to Use NsLookup To Check DKIM Record”
Note that there have been changes to Safe Links policy for Microsoft Defender for Office 365 (MDO).
Previously you could add URLs to the Safe Links policy to control how MDO would process the URLs. As part of this change the URL blocking is moving to the Tenant Allow Block List (TABL).
Below is a screenshot showing that a previously entered URL needs to be migrated to TABL.
&nb… Read the rest “Migrate Safe Links Block Settings to TABL”
Planning to deploy Office 365 and integrate with your on-premises Exchange infrastructure? Great! While running the Exchange Hybrid Configuration Wizard (HCW) will be one of the highlights it should be a boring and uneventful portion of the project. That will be true if all of the required planning, remediation and preparation was done. If not you’ll be finding out about those issues pretty so… Read the rest “Microsoft Teams Source IP Address Used Connecting to On-Premises Exchange”
When discussing network configuration for Office 365, there will be a series of issues and challenges that need to be addressed. Ideally this is all done in a proactive manner, with the final items addressed in the POC phase.
One of the cornerstone issues is around how access to and from Office 365 will be managed. This has to address end user access from workstations and publishing your on-premi… Read the rest “The Way Things Were–EOP IP Ranges October 2018”
Previously we looked at the Office 2010 client and how it used Autodiscover to detect Exchange Online (EXO) mailbox settings. Outlook 2010 is no longer supported, so it is worth updating these notes for a current build of Outlook.
As with the previous post, this is intended as a point in time reference as I personally find it handy as an ongoing reference. In the updated example below a fully patc… Read the rest “Office 365 Autodiscover Lookup Process–Revisited”
A recent discussion revolved around adding domains to Azure, and how that would manifest iteslf in Office 365 and Azure. This was a customer where one set of admins was focused on Azure and others on Office 365 and they did not interact much.
You will note that initially there are three domains shown in Exchange Online portal. One is a custom vanity domain - tailspintoys… Read the rest “Add Domain to Azure, What Is Its EXO Status?”