I was just approached by a colleague of mine having performance issues, while connecting to Exchange Online using the new EXO V2 module using app-only authentication.
The behavior lead into an overall elapsed timespan of over one minute, until the connection was finally established!
In the past months. I’ve seen a lot of tickets and question from developer, service owner and some IT pros in regards of OAuth, consent and permissions (delegated/application).
Especially 3rd party applications and their documentation is missing very often some details. Therefore, I’m writing this post.
I’m really excited about the fact that Microsoft fulfilled the ask for supporting Exchange Web Services (EWS) protocol in ApplicationAccessPolicy as announced here:
I know that this topic is really a topic with gets high attention.At the moment there is nothing available in Microsoft Graph, which would make it possible to manage objects in Exchange Online.
The few things, which exists, are more for end-user (e.g.: accessing their e-mails, calendar or tasks) and for auditing and reporting (e.g.: Security API). Nothing available for managing a mailbox permissions or attributes. Not even like simple CustomAttribute1-15.
Now Microsoft released a new Exchange Online PowerShell module: EXOv2.
It’s not perfect (yet!), but huge improvements and Microsoft is working hard to get the module improved.
On my transition to the new module, I was made aware of connectivity issues by some colleagues:
New-ExoPSSession : An error occurred while sending the request.. At C:\Program Files\WindowsPowerShell\Modules\ExchangeOnlineManagement\0.3582.0\ExchangeOnlineManagement.psm1:401 char:30…
Back in April I wrote a post on Practical 365 how you can create in Azure AD apps and make OAuth for authentication available to your Exchange on-premises environment without the need of having Hybrid Modern Authentication (HMA) enabled. If you’re interested, you can find the article here.
Since everything is shifting towards cloud, folks are looking more and more into possibilities and how cloud features can be incorporated into products.
One crucial topic is all around Authentication and Authorization. OAuth is the most used word in the past month,when I was approached by developers and they wanted to access somehow Exchange related data. I realized that many people having problems writing their code and usually we get blamed that we haven’t registered an application correctly in Azure AD.
Thus it’s on us to prove everything is okay and therefore I wrote a simple script for testing several scenarios in an easy way to make sure everything is configured correctly and you’re able to retrieve tokens.
There are often problems reported by users related to connectivity or you just setup your lab and want to know if you configured everything correct. But even when you double-checked and everything looks okay you might want to see what Autodiscover returns for a given user. Maybe not only for a given user, maybe just the result from one specific server or when you have larger environments from servers within a specific AD site.