Update: This tool has a new shortlink: http://aka.ms/aadnetwork
Since the tool passed the 500 download mark a few weeks ago, I’ve started getting more questions (internal and external) about a few of the tests and checks. So, I decided to update/refine them to hopefully provide better guidance.… [ Continue reading ]
Like as the waves make towards the pebbled shore, so do our proxy addresses hasten to multiply.
At least, that’s how it seems. As is the organizational ebb and flow, business objectives change, new business units are spun up, old projects are turned down, and you may need to add or remove proxy addresses in your Exchange environment to account for that. … [ Continue reading ]
Today, while I was testing out some transport rules, I wanted to send a bunch of test messages to make sure they were firing correctly. I wanted to create some custom messages and be able to automate them, and I wanted to use an outside relay service that requires SMTP authentication.… [ Continue reading ]
As I help organizations transition to think cloud-first, one of my goals is to help them get the most out of their Office 365 investment. In this post, we’ll talk about tackling a corporate blog.
SharePoint Online comes with a number of out-of-the-box templates, and the one that most closely maps to the blog requirement is … wait for it … the blog site template.… [ Continue reading ]
While working with a customer last week, it came to my attention that the Get-UserHoldPolicies script I had put together to enumerate retention policies and eDiscovery cases that put a hold on content wasn’t displaying policies that were global. … [ Continue reading ]
With the advent of scammers, spammers, phishers, and other types of baddies, and the complementary rise in anti-malware, anti-spam, domain and sender verification techniques, we’re in a perpetual cat-and-mouse game. I’ve had several customers over the past few weeks ask me about best practices for configuring some of the Advanced Threat Protection (ATP) features.… [ Continue reading ]
In Part 1 of this blog series, I went through the setup of the Splunk Add-On for Microsoft Cloud Services, which you can use to extract, query, and analyze data provided by the Office 365 Management Activity API. In this particular post, we’re going to explore the Microsoft Office 365 Reporting Add-On for Splunk, which you can use to review message trace data from Office 365.… [ Continue reading ]
I’ve had a number of customers ask me about configuring their monitoring systems to Office 365. So, rather than repeating the same information and re-issuing the same links (most of which contain outdated information), I’m going to put together a series on how to connect a few systems to Office 365. … [ Continue reading ]
Since the dawn of time (or at least, since the dawn of the Epoch), people have been inadvertently deleting stuff. As is attributed to Uncle Ben, “with great power comes great responsibility,” and so it is true with the system administrator. … [ Continue reading ]
In my previous post, I discussed using the new Attack Simulator for crafting phishing campaigns against your users. If you haven’t tried it out yet, I’d heartily recommend it. It’s more fun than a barrel of monkeys.
For this post, we’re going to shift into slightly more traditional attack strategies. … [ Continue reading ]
A few months ago, I debuted a new tool for AAD Connect deployment (read about it here: AAD Connect Network and Name Resolution Test or download it here: https://gallery.technet.microsoft.com/Azure-AD-Connect-Network-150c20a3) which allows you to test a number of conditions to make sure your server and environment are suitable for deploying AAD Connect.… [ Continue reading ]
Picking up where I left off on part 1 of this post, I wanted go into what it would take to refine some roles for managing eDiscovery for larger organizations.
In this scenario, we’re going to:
- Remove users from any existing eDiscovery roles or groups
- Create a security group to hold users that will perform eDiscovery searches
- Create a custom role group that has the appropriate eDiscovery roles and add the security group as a member
If you didn’t read the previous blog post on this topic, I’d encourage you to go back and do so, since I’m going to continue using the same users and compliance filters.… [ Continue reading ]
Diving deeper into the Security & Compliance Center, I decided to embark on trying to scope eDiscovery permissions to meet a certain set of requirements that we see when multiple business units want or need to maintain independence from a content search and discovery perspective.… [ Continue reading ]
Hey! It’s finally here! After months of hard work (almost a year from when we started until a copy at my doorstep), we’ve finally made it to the finish line! Also, pay no mind to my poor cuticles!
You can read the press release here: https://blogs.msdn.microsoft.com/microsoft_press/2017/11/27/new-book-microsoft-office-365-administration-inside-out-includes-current-book-service-2nd-edition
Or jump straight to Amazon and order it: http://aka.ms/o365adminio
While you’re at it, be sure to check out the blogs of the other authors, filled with all sorts of goodies:
Darryl Kegg, https://aka.ms/dkeggblog
Lou Mandich, http://blogs.technet.com/b/loum/
Ed Fisher, https://blogs.technet.microsoft.com/edfisher/… [ Continue reading ]
UPDATE: [11/20/2018] I had an error in the transport rule configuration in the last example, as well as a note that a TR would NDR external traffic. I have this post accordingly.
We’re all familiar with how Office 365 tenants work–when you spin up a new Office 365 tenant, you get a managed domain (tenant.onmicrosoft.com). … [ Continue reading ]
I meant to post this earlier, but I wanted to let everyone know that I’ve had the great honor of being able to write a book with some of the titans of Microsoft Consulting Services. The book has all new content for Office 365 based on our experience in the field, and even features current service release updates. … [ Continue reading ]
For those of you that have embarked upon the trek to Office 365, you’ve undoubtedly run (or at least heard of) IDFix. It detects and fixes a number of conditions that will cause the directory sync to report errors.… [ Continue reading ]
Today, I had to subtract one list of users from another list of users. Some Excel wizards can do this with VLOOKUP, but I spend more time in trial-and-error with VLOOKUP and verifying my results that it would take to just do a CTRL-F for every object. … [ Continue reading ]
I’ve run into this delightful scenario a few times–the network team generates CSRs and certificates for the environment, and since they want to do SSL termination on their network devices, complete the certificate process there. When you ask for an export of the certificate from, say, an F5, they will just give you the unsigned certificate–so that when you import it into your server, you end up with something unusable, since it has no private key.… [ Continue reading ]
From time to time, we update the URLs and IP addresses that our services use. This happens as a normal course of business (deploying new services, adding new capacity in datacenters or regions). If your organization is trying to filter network traffic, you need to make sure you are allowing your users to these services. … [ Continue reading ]