Recently I wanted to updated an old function, which I use in my daily work for Privilege Identity Management. Initially I just wanted to move over from using AzureADPreview to Microsoft Graph PowerShell SDK, but sometimes you just do more.
However, this was a good learning curve for me and I thought sharing would be helpful.
Continue readingWhen you are using Publisher verification, you might know the challenges I’m writing today about. Especially with 3rd party vendors. However, I never expected that it’s like that even the functionality is GA for quite a while.
What I mean by that is the fact that Microsoft introducing this feature, recommends this as best practises and starting with September 30, 2022 makes this as a default setting, but don’t get their own apps verified:
Over the last weeks, I had to perform more than usual message traces in Exchange Online. For more details how to run such traces, Tony recently updated his article:
Exchange Online Message Traces are Different to On-Premises Searches (practical365.com)
However, the details you want to look at are not really formatted in a readable format.
Continue readingMaybe you are aware that you can scope application registered in Azure AD and configured with OAuth 2.0 application permissions. It is well documented here Limiting application permissions to specific Exchange Online mailboxes – Microsoft Graph | Microsoft Docs and finally also Exchange Web Services (EWS) is supported.
However, I think it is important to perform regular checks in your tenant whether policies exists or not.
Continue readingI strongly believe that many of you already run into this scenario:
“Hey, can you help me and grant access to all my folders in my mailbox to this one person?”
When it starts like this, in most cases this user has folders, where the total number is for sure more than 2 digits.
Continue readingThis is something, which cannot be stressed enough:
When you flag e-mails or calendar items as private, it will not ensure privacy!
You might argue that you have not granted “Delegate can see my private items”, but this is ONLY honored by certain clients and in certain conditions.
Continue readingI just came across this and I was really puzzled as I never thought something like this would happen:
What do you expect, if you use a feature, which states that you could block specific senders?
Right, you feed the system and messages from these senders will never made it to protected recipient.
Well, let me tell you that the feature Tenant Allow/Block List (TABL) of Microsoft Defender for Office 365 (MDO)is exactly doing this:
Promising that you can block senders, but actually deliver messages to mailboxes depending on your anti-spam policy settings.
Continue readingI recently came across something you might also run into at this time of the year or when a company wide announcement needs to be made via e-mail and the sender is in Exchange Online:
A person sent some season’s greetings, which results into being blocked by EXO as a limit was reached (you can find more about these limits here). My first thought was something like sending e.g.: 10.000 messages per day or too many recipients, but it turned out to be something different.
Continue readingI was just approached by a colleague of mine having performance issues, while connecting to Exchange Online using the new EXO V2 module using app-only authentication.
The behavior lead into an overall elapsed timespan of over one minute, until the connection was finally established!
Continue readingI’m dealing with these issues already for a long time. But meanwhile, after a couple of support cases, the fog seems to lifting.
When you don’t have the following setup, you can stop reading:
For the others, feel free continue reading. It might open your eyes for some issues your facing.
Continue reading
The clueless guy 