Information

Report proxy addresses not in Accepted Domains

Like as the waves make towards the pebbled shore, so do our proxy addresses hasten to multiply.

At least, that’s how it seems.  As is the organizational ebb and flow, business objectives change, new business units are spun up, old projects are turned down, and you may need to add or remove proxy addresses in your Exchange environment to account for that. … [ Continue reading ]

Information

Managing a corporate blog site with SharePoint Online and Office ProPlus

As I help organizations transition to think cloud-first, one of my goals is to help them get the most out of their Office 365 investment.  In this post, we’ll talk about tackling a corporate blog.

SharePoint Online comes with a number of out-of-the-box templates, and the one that most closely maps to the blog requirement is … wait for it … the blog site template.… [ Continue reading ]

Configuration

ATP: Safe Attachments, Safe Links, and Anti-Phishing Policies or “All the policies you can shake a stick at”


With the advent of scammers, spammers, phishers, and other types of baddies, and the complementary rise in anti-malware, anti-spam, domain and sender verification techniques, we’re in a perpetual cat-and-mouse game.  I’ve had several customers over the past few weeks ask me about best practices for configuring some of the Advanced Threat Protection (ATP) features.… [ Continue reading ]

Configuration

Connecting Splunk to Office 365 – Part 2: Microsoft Office 365 Reporting Add-On for Splunk

In Part 1 of this blog series, I went through the setup of the Splunk Add-On for Microsoft Cloud Services, which you can use to extract, query, and analyze data provided by the Office 365 Management Activity API.  In this particular post, we’re going to explore the Microsoft Office 365 Reporting Add-On for Splunk, which you can use to review message trace data from Office 365.… [ Continue reading ]

Configuration

Update to the AAD Connect Network and Name Resolution Test Tool

A few months ago, I debuted a new tool for AAD Connect deployment (read about it here: AAD Connect Network and Name Resolution Test or download it here: https://gallery.technet.microsoft.com/Azure-AD-Connect-Network-150c20a3) which allows you to test a number of conditions to make sure your server and environment are suitable for deploying AAD Connect.… [ Continue reading ]

Information

Creating and Managing Security and Compliance Filters in the Real World [Part 2]

Picking up where I left off on part 1 of this post, I wanted go into what it would take to refine some roles for managing eDiscovery for larger organizations.

In this scenario, we’re going to:

  • Remove users from any existing eDiscovery roles or groups
  • Create a security group to hold users that will perform eDiscovery searches
  • Create a custom role group that has the appropriate eDiscovery roles and add the security group as a member
  • Verify

If you didn’t read the previous blog post on this topic, I’d encourage you to go back and do so, since I’m going to continue using the same users and compliance filters.… [ Continue reading ]

Information

Office 365 Administration Inside Out

Hey! It’s finally here! After months of hard work (almost a year from when we started until a copy at my doorstep), we’ve finally made it to the finish line!  Also, pay no mind to my poor cuticles!

You can read the press release here: https://blogs.msdn.microsoft.com/microsoft_press/2017/11/27/new-book-microsoft-office-365-administration-inside-out-includes-current-book-service-2nd-edition

Or jump straight to Amazon and order it: http://aka.ms/o365adminio

While you’re at it, be sure to check out the blogs of the other authors, filled with all sorts of goodies:

Darryl Kegg, https://aka.ms/dkeggblog

Lou Mandich, http://blogs.technet.com/b/loum/

Ed Fisher, https://blogs.technet.microsoft.com/edfisher/[ Continue reading ]

Configuration

Block direct delivery to @onmicrosoft.com addresses in a hybrid environment

UPDATE: [11/20/2018] I had an error in the transport rule configuration in the last example, as well as a note that a TR would NDR external traffic.  I have this post accordingly.

We’re all familiar with how Office 365 tenants work–when you spin up a new Office 365 tenant, you get a managed domain (tenant.onmicrosoft.com). … [ Continue reading ]

Information

Office 365 Administration Inside Out

I meant to post this earlier, but I wanted to let everyone know that I’ve had the great honor of being able to write a book with some of the titans of Microsoft Consulting Services.  The book has all new content for Office 365 based on our experience in the field, and even features current service release updates. … [ Continue reading ]

Configuration

Sign an exported certificate from an F5

I’ve run into this delightful scenario a few times–the network team generates CSRs and certificates for the environment, and since they want to do SSL termination on their network devices, complete the certificate process there.  When you ask for an export of the certificate from, say, an F5, they will just give you the unsigned certificate–so that when you import it into your server, you end up with something unusable, since it has no private key.… [ Continue reading ]