Exchange Online supports dynamic distribution lists, a great way to address sets of recipients found by resolving a filter against the directory. In this example, we explore how to create a dynamic distribution list to address mailboxes marked as preferring a specific beverage. It might even be useful some day!
Exchange Online Protection (EOP) quarantines suspicious messages to stop spam, malware, and phishing email arriving into Exchange Online inboxes. Administrators can review quarantined messages. Reviewing messages can find some problems, like messages that shouldn’t have been stopped. But reviews take time, and sometimes other stuff gets in the way, which means that quarantined messages expire without anyone ever asking the question “why.”
Characterizing backup of Exchange Online mailboxes to PSTs as brain-dead might have been harsh, but it’s an accurate assessment of the worth of this idea. Plenty of cloud-based backup offerings exist that can process Exchange Online data more securely and at scale. If you want to backup Office 365, stay away from PSTs and use a different product, after asking some questions to ensure that the backups deliver the value you expect.
Exchange Online Protection monitors email traffic in and out of Office 365 tenants. When a mailbox exceeds limits, it might end up being restricted, such as in the case when the mailbox might be compromised. We tried to find out when Exchange Online Protection restricted mailboxes and what to do afterwards. Here’s what we discovered.
Many migration projects use Exchange Web Services (EWS) to move data to Exchange Online. EWS is using throttled to preserve resources. Here’s how to lift the restrictions for up to 90 days, all without going near a support call.
I’ve written many articles to explain how to use the Office 365 audit log to report different aspects of the platform. But taking action is much better than just reporting. In this post, we explain how to take a report generated from the Office 365 audit log and use it to drive some actions. In this case, removing the SendAs permission from people who aren’t using it.
Exchange Online mailboxes support SendAs, Send on Behalf Of, and FullAccess permissions. A previous script focused on the FullAccess permission. This version covers all three. It’s also a good example of how you need to pay attention to property sets when writing PowerShell code to use the new Exchange Online REST-based cmdlets.
In addition to mailbox permissions, Exchange Online supports folder-level delegated permissions. Users can create folder delegations through Outlook desktop. Like mailbox permissions, it’s a good idea for tenants to check folder-level delegations to ensure that people don’t keep permissions for longer than they should. We explain how to create a PowerShell script to generate such a report.
Exchange Online makes it easy to assign delegated permissions for user and shared mailboxes. But permissions assigned to people might not be still necessary, so it’s good to do a periodic check. In this post, we describe a script to scan for permissions on Exchange Online user and shared mailboxes and highlight non-standard permissions in a report generated as a CSV file.
Exchange Online enables mailbox auditing by default, which should mean that audit events get to the Office 365 audit log for all E3 and E5 mailboxes. Well, that’s what you might thing but that’s not what happens. Mailbox events for E5 mailboxes arrive just fine, but you must reenable E3 mailboxes for auditing before their events flow. It’s a bizarre situation.
Microsoft has released information about high-value Office 365 audit events and audit event retention policies. Both are part of a Microsoft 365 Advanced Audit offering. The MailItemsAccessed event is the first high-value audit event (we can expect more) and the retention policies are used to purge unneeded events from the Office 365 audit log.
Outlook Mobile now supports delegate access to Exchange Online mailboxes. By granting fuil access to a delegate, they can open and work with a mailbox, and send messages using the SendAS or SendOnBehalfOf permissions. The new feature underscores the advantage Outlook mobile enjoys over other mobile Office 365 email clients.
OWA now includes Files in its “module switcher”). The new module allows fast access to attachments stored in any folder in an Exchange Online mailbox. It’s a neat feature that will please many people simply because it makes finding often-elusive attachments just that bit easier.
Some Exchange Online mailboxes are quite small (2 GB for frontline users). Tenant administrators might want to monitor mailbox usage to make sure that quotas aren’t unexpectedly exhausted. This post explains how to use a PowerShell script to calculate the percentage of mailbox quota used and highlight the problem if a threshold is passed.
Microsoft has announced that basic authentication for multiple email connection protocols won’t be supported after October 13, 2020. You won’t be able to connect with EWS, EAS, IMAP4, POP3, or Remote PowerShell unless you use modern authentication. There’s just over a year to prepare, but there’s some work to be done.
Microsoft is now rolling out MyAnalytics access to Office 365 accounts with an Exchange Online license.The first sign that anyone gets is when they receive one of MyAnalytics’s well-intended messages to help them organize their work life smarter. Funnily enough, some people don’t like the idea of Office 365 analyzing and reporting their work habits, which is why you might need to disable MyAnalytics for some mailboxes.
Microsoft has confirmed that disconnected Exchange Online mailboxes are not included in the sources scanned by Office 365 content searches, thus clearing up some misunderstandings that might have existed in the field. The bottom line is that if you want to search mailboxes that don’t belong to accounts, you should use inactive mailboxes.
Exchange Online allows users to add personal retention tags to their maiboxes through OWA settings. Some organizations don’t like this, so they can deploy user role assignment policies to block the feature. It;s something that you could consider doing if you’re preparing to switchover to Office 365 retention policies to impose the same retention regime across multiple workloads.
Outlook mobile users now have shared mailbox support in both iOS and Android platforms. The work to upgrade the backend service is also progressing and is past 50% rollout. And dark mode is coming too. It’s available in beta today to Testflight users (only for iOS), and it’s also been enabled for some users who run the latest version of the clients.
The Outlook Places service is used by Outlook clients to present metadata about meeting locations to users. Currently, OWA is the only client that consumes the service. You can update location metadata with details to make it easier for users to select the right location for their meeting, including geocoordinates that can be used to display map directions to the location.
A question about how best to set auto-replies for Exchange Online shared mailboxes to respond to messages arriving during a public holiday gives another chance for PowerShell to show how useful it is. You could do the work with Flow, but PowerShell is more flexible and capable when dealing with multiple shared mailboxes.
Teams does a good job of storing compliance records in Exchange Online mailboxes so that the data is available for Office 365 eDiscovery. But the number of records can impact the mailbox quotas of frontline workers, especially if they send graphics in personal and group chats. Here’s some PowerShell to help discover how much mailbox quota is being absorbed by compliance records.
Removing Office 365 accounts is easily done through the Admin Center. You can also restore deleted accounts within 30 days, but what if you want to remove accounts in such a way that they can’t be restored? The answer is that it can be done using a two-stage process. And if the mailboxes belonging to those accounts are on hold, they are kept as inactive mailboxes.
Microsoft has announced that it will deploy the ability to add shared mailboxes to Outlook Mobile by the end of July. But if you want to see the feature early, you can join the Testflight program and install the beta version of Outlook mobile. Using Outlook for iOS with Testflight also forces the upgrade of your Office 365 tenant to the Microsoft Sync Technology.
Microsoft has announced that Outlook Mobile (iOS and Android) will include support for Exchange Online shared mailboxes “in the next several weeks,” which probably means early July 2019. The update comes as good news for many people who have been forced to use an IMAP4-based workaround to access shared mailboxes. Microsoft is also making some other changes to improve the Files view and calendar sync in Outlook mobile.
Microsoft has implemented a new synchronization mechanism in Outlook ProPlus to deal more efficiently with shared folders. The new approach increases the limit from 500 to 5,000 folders and is a more elegant and precise solution. Users who manage other peoples’ mailboxes will appreciate the change after they install build 11629.20196 or later.
Despite the age of the protocols, you can cheerfully connect a wide range of IMAP4 and POP3 clients to Exchange Online. If you do, you might need to consider how to handle calendar appointments, and if you want to use iCAL, you’ll need to make some adjustments with PowerShell.
Exchange Online supports inactive mailboxes as a way to keep mailbox data online after Office 365 accounts are removed. Inactive mailboxes are available as long as a hold exists on them. You can update mailbox properties to exclude all or some org-wide holds. If you exclude holds from a mailbox, you run the risk that Exchange will permanently remove the mailbox. If that’s what you want, all is well, but if it’s not, then you might not be so happy.
Microsoft announced a new migration experience from Google G Suite yesterday, which is nice. Under the covers, the venerable Mailbox Migration Service (MRS) does the work to extract mailbox data from Gmail using IMAP4 and moves it to Exchange Online. But after the move is done, there’s still lots of work to do to help users make the cultural change to their new mailbox in the cloud.
The Office 365 Admin Center offers the option to bulk-create user accounts. Loading up a CSV file with details and having it processed is simple enough, but the resulting accounts need some work before they are fit for purpose and ready for people to use. Here’s how the bulk creation process works and why we think it has some flaws.
Some backup vendors think that corruption can lead to data loss within Office 365. The possibility exists, but the page patching mechanism for databases incorporated into Exchange Online DAGs makes corruption a lot less likely, especially when mailboxes are protected by four database copies and Exchange applies many other techniques to ensure the consistency of the databases.
Microsoft has refreshed the Outlook Mobile architecture (now called “Microsoft Sync Technology”). They suggest that you run some PowerShell to report clients connecting via the old and new architectures. Their code works, but we think ours is better.
A question asks how to remove a bunch of emails from a shared mailbox. You can use OWA to do the job, especially with its Cleanup Mailbox option, but perhaps some administrative action is needed.
A new Exchange feature rolling out inside Office 365 allows meeting organizers to block people forwarding their meetings to all and sundry. The latest versions of OWA and Outlook 2016 click to run support the UI for the feature and blocks are built into Exchange Online and Exchange on-premises servers to stop blocked meetings sneaking through.
Like all mail-enabled objects, Office 365 Groups can have multiple proxy addresses. Microsoft has fixed a bug in the Set-UnifiedGroup cmdlet so that you can remove proxy addresses from groups, but take care before you do.
The Search-Mailbox cmdlet is very powerful when it comes to removing items from Exchange Online mailboxes, but it can’t deal with other Office 365 content.
A recent post by MVP Mark Vale describes how to use synchronization transformation rules in AADConnect to change the last name, first name format (for example, Smith, James) for display names to a more user-friendly first name last name format (our example becomes James Smith) for accounts as they synchronize to Azure Active Directory from an …
Microsoft issued a new wizard to delete Office 365 accounts last week. It has the normal quota of cute graphics and some glitches to boot, but the wizard gets the job done in terms of converting a user mailbox into a shared mailbox and reassigning access to their OneDrive for Business account.