GRANIKOS

Microsoft Teams bietet zahlreiche Möglichkeiten zur Konfiguration und Kontrolle der Sicherheits- und Complianceeinstellungen. Matt Soseman, Security Architekt bei Microsoft, hat zum Thema Security & Compliance in Microsoft Teams eine Youtube Playlist erstellt. Hier ist eine Übersicht der wichtigsten Videos: Security & Compliance in Microsoft Teams: Identity & Access Management How do I secure access to Microsoft Teams and ensure only authorized individuals can use the tool? Join us as we explore how Azure Active Directory Conditional Access and Identity Protection can provide a new level of security for Microsoft Teams. Security & Compliance in Microsoft Teams: Data Loss Prevention How do I enforce policy to ensure my users cannot share sensitive data in a Microsoft Teams private chat or channel conversation? Join us as we explore how Office 365 Data Loss Prevention can block users from sharing sensitive data in Microsoft Teams – and be alerted when a violation occurs! Security & Compliance in Microsoft Teams: Windows Information Protection How do I enforce policy to ensure my users cannot copy/paste or download sensitive data out of Microsoft Teams and into a non-approved application/website? Join ...

When you configure an Outlook profile to use Cached Mode the client software uses a special address book to resolve email addresses and other information. This address book is named Offline Address Book (OAB) and is built and provided by the Exchange Organisation hosting the mailbox. The client downloads OAB changes when Outlook starts and checks for further OAB changes in intervals.  OAB provides address resolver capabilities when there is no network connection to Exchange Server or a domain controller available. In addition to resolver capabilities, the OAB contains other important information, e.g., send-as permissions and information regarding public folders. For security reasons it might be necessary to disallow the download of the Offline Address Book by an Outlook Client. In this case, you control the download functionality with the Windows System Registry. You can disable the OAB download using the following registry key: Path: HKEY_CURRENT_USER\Software\Microsoft\Office\<version>\Outlook\Cached Mode Value type: REG_DWORD Value name: DownloadOAB Value: 0 to not download the OAB   Replace <version> with the appropriate Office version number. Version   Version number ...

On May 11th, the SharePoint Saturday Cologne took place at the new Microsoft Office in Cologne.  My session covered the migration of legacy public folders from Exchange Server 2010 to modern public folders hosted on-premises or Exchange Online. Additionally, I've talked about the pros and cons of a migration to Office 365 Groups and Microsoft Teams. The slide deck is available on SlideShare.     View and Download at Slideshare   Enjoy Exchange Server and do not forget about the end of support for Exchange Server 2010 on January 14th, 2010.      

Description This script connects either to Exchange Online or to a dedicated on-premises Exchange Server to export configured mailbox delegates and SMTP forwarding configurations. The SMTP forwarding configurations are gathered from inbox rules and from mailbox forwarding settings.   Requirements Exchange Server 2016 or newer Cretenials to logon to Exchange Online and Office 365 when querying EXO mailboxes Utilizes GlobalFunctions PowerShell Module --> http://bit.ly/GlobalFunctions   Examples # Example 1 # Connect to the on-premises Exchange Server mx01.varunagroup.de and export delegation and SMTP forwarding information .\Get-DelegatesAndForwardingRules.ps1 -ExchangeHost mx01.varunagroup.de # Example 2 # Connect to the on-premises Exchange Server mx01.varunagroup.de, export delegation and SMTP forwarding information and get verbose information on the objects worked on .\Get-DelegatesAndForwardingRules.ps1 -ExchangeHost mx01.varunagroup.de -Verbose # Example 3 # Connect to Exchange Online and export delegation and SMTP forwarding information .\Get-DelegatesAndForwardingRules.ps1 -ExchangeOnline   Version History 1.0, Initial community release   Links Download and follow at Github: https://github.com/Apoc70/Get-DelegatesAndForwardingRules Download and like at TechNet Gallery: https://gallery.technet.microsoft.com/Get-delegates-and-SMTP-9c42a270 Use GitHub Issues to leave comments, requests, end even bugs or issues.   Additional Credits The script is based on the O365-InvestigationTooling script DumpDelegatesandForwardingRules.ps1 by Brandon Koeller Find more Office 365 investigation tooling scripts at https://github.com/OfficeDev/O365-InvestigationTooling.   Follow Twitter @stensitzki LinkedIn Xing  

The Exchange PowerShell script (Set-ReceiveConnectorIpAddress) to add or remove remote IP address ranges to/from Exchange Server 2013+ receive connectors received an update. The script now checks if the required PowerShell modules are available before failing to load the modules. Get the most recent version at Github or TechNet Gallery https://github.com/Apoc70/Set-ReceiveConnectorIpAddress https://gallery.technet.microsoft.com/Add-or-Remove-Rremote-IP-e53e6f45   As always, enjoy Exchange Server On-Premises.    

On Saturday, May 11th, the SharePoint Saturday Cologne will take place at Microsoft Office. My session covers the migration of legacy public folders to modern public folders in the cloud. Migrating from legacy public folders to modern public folders in Exchange Online is an error-prone process. Especially for Exchange organizations using legacy public folders since the early days. Real world examples from the field will show you how to determine the right migration approach. Additional information will help you to avoid the most common errors when migrating to modern public folders to the cloud. But what about after migrating to the? There is more. Prepare for decommissioning Public Folders by moving content to Microsoft Teams.   Links SharePoint Saturday Cologne Website SPSCGN Agenda   See you in Cologne.

This post was originally published on April, 1st, 2019 on http://JustCantGetEnough.Granikos.eu Exchange Server 2019 is the most recent release of the successful email messaging solution, introduced by Microsoft in 1996. Since the early days of the product supported a single primary email address only. The primary email address is used as the sender address when a user composes a new email message and sends the message. A mailbox can have multiple email addresses to receive messages for, but only one so-called reply-address.  But the limitation is not valid anymore. A recent build of the Exchange Server 2019 Cumulative Update 1 released to VLSC contains a new feature called Multi-Reply Addresses.  This new feature is very helpful in scenarios where a single user sends email messages for multiple companies. Think of a business owner who is responsible for two or more companies. In the past, it was required to configure a mailbox account per primary email address used as a reply address. Such a configuration resulted not only on multiple inboxes but in multiple calendars and contact folders as well.  The new Multi-Reply Addresses feature of ...

Sometimes you might be interested in gathering a list of all computer from an Active Directory domain in preparation for migration. You can gather a list of all computer objects using the following command. # Fetch a sorted list of all computer objects Get-ADComputer -Filter * -Property * | Sort-Object Name   The wildcard used with the Property parameter fetches all available attributes for a computer object. Check the available attributes in the result set to identify the attributes you are interested in. # Example output for the first computer object gathered from Active Directory (Get-ADComputer -Filter * -Property * | Sort-Object Name)[0] AccountExpirationDate : accountExpires : 9223372036854775807 AccountLockoutTime : AccountNotDelegated : False AllowReversiblePasswordEncryption ...

A new Exchange Server Conference is coming to Europe.  The REAL Exchange Experience In recent years, the main topics of the major Microsoft conferences have changed more and more towards cloud topics. The simplicity of migrating from on-premises Exchange Server mailboxes to Exchange Online is emphasized at each event. Also, new options have been made available to establish a full hybrid setup with Exchange Online more easily. Topics covering the stable and secure operation of on-premises Exchange Server organizations have no room at these events. The REAL Exchange Experience wants to address the demand for topics related to the operation of Exchange Server in an on-premises IT infrastructure. The conference will be held as a 1-day conference in different cities in Europe. Read more about the conference and register for the conference newsletter here: https://www.granikos.eu/en/Events/TheREALExchangeExperience Enjoy Exchange Server 2019!  

Office 365 supports the upload of PST files to Azure storage for a direct import to mailboxes hosted in Exchange Online. The steps are described in detail in the online documentation at Microsoft Docs. Import CSV using an email address Workload,FilePath,Name,Mailbox,IsArchive,TargetRootFolder,SPFileContainer,SPManifestContainer,SPSiteUrl Exchange,,SALES.pst,TeamMailbox-Sales@varunagroup.de,FALSE,IMPORT,,,   But you might encounter the following error after starting the import job using the Security & Compliance dashboard. X-Psws-ErrorCode: 840001 X-Psws-Exception: Microsoft.Exchange.Configuration.Tasks.ManagementObjectAmbiguousException,The operation couldn't be performed because 'TeamMailbox-Sales@varunagroup.de' matches multiple entries. X-Psws-Warning: When an item can't be read from the source database or it can't be written to the destination database, it will be considered corrupted. By specifying a non-zero BadItemLimit, you are requesting Exchange not copy such items to the destination mailbox. At move completion, these corrupted items will not be available at the destination mailbox. X-Content-Type-Options: nosniff Before you were able to start the import job the job configuration, the CSV file, and the content of the PST file were analyzed successfully. There was no hint of multiple entries for the target mailbox. The detailed error message can be retrieved using the View log link. A clear text message is stated in the Status detail column, ...

In Legacy Public Folder World with Exchange Server 2010 it was pretty easy to find the parent path of email enabled public folder: (Get-MailPublicFolder MAILADRESS | Get-PublicFolder).ParentPath   Problem When you try the same approach with modern public folders using Exchange Server 2013+ EMS, you receive an error. Get-MailPublicFolder MSTeamsPF@varunagroup.de | Get-PublicFolder Cannot process argument transformation on parameter 'Identity'. Cannot convert the "varunagroup.de/Microsoft Exchange System Objects/MSTeamsPF" value of type "Microsoft.Exchange.Data.Directory.ADObjectId" to type "Microsoft.Exchange.Configuration.Tasks.PublicFolderIdParameter". + CategoryInfo : InvalidData: (MSTEamsPF:PSObject) [Get-PublicFolder], ParameterBindinmationException + FullyQualifiedErrorId : ParameterArgumentTransformationError,Get-PublicFolder + PSComputerName : P01.varunagroup.de   Solution You need to use the EntryId paramater of the Get-MailPublicFolder result. $pf = Get-MailPublicFolder MSTeamsPF@varunagroup.de Get-PublicFolder -Identity $pf.EntryId Name Parent Path ---- --------- MSTeamsPF \Modern Collaboration Get-PublicFolder does not take pipeline inputs.   Links Find parent path for email activated Public Folder   Enjoy modern public folders :-) 

When you install a Cumulative Update for Exchange Server 2016 you might receive the following informational message: MAPI over HTTP, the preferred Outlook desktop client connectivity with Exchange server, is currently not enabled. Consider enabling it using: Set-OrganizationConfig -MapiHttpEnabled $true For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms.exch.setupreadiness.WarnMapiHttpNotEnabl ed.aspx This modern protocol for Outlook has been introduced to Exchange Server with Exchange Server 2013 SP1. The protocol removes the dependency to the Windows Server RPC over HTTP component. The reduced complexity enhances the reliability of the client access protocoll. It's available for quite some time now.  You can enable MAPI over HTTP on the organization level using the following Exchange cmdlet: Set-OrganizationConfig -MapiHttpEnabled $true You can still controll the protocol setting at the user level by deactiviting MAPI of HTTP for certain users, if required: Set-CASMailbox -Identity [USER] -MapiHttpEnabled:$false If your IT infrastructue is still not ready for MAPI of HTTP, your IT components pretty outdated. It's time to move forward and to modernize the infrastructure.  NOTE Did you know that MAPI over HTTP connects to Exchange Server using TLS to encrypt the connection? Even though that the protocol name is "overHTTP" it literally uses HTTPS ...