Configuration

Migrate-EOPSettings now does ATP!

ATP! ATP!

At long last, I’ve made a first pass at updating the Migrate-EOPSettings script to now include settings for Advanced Threat Protection.  I’ve had several customers moving their instances from commercial EOP to Office 365 GCC, and while my Migrate EOP script would capture just about everything, it came to my attention that we still had configuration to do for ATP. … [ Continue reading ]

Configuration

Adding OneDrive Locations to an Existing Retention Policy

Yesterday, while working with a customer, I was asked if there is a way to programmatically add OneDrive locations to an existing retention policy.  Say, for example, you have a blanket retention policy that covers all of your tenant at a base level (which is what I typically recommend to ensure you at least have either belt or suspenders), but then you have a second set of users that need a longer policy.… [ Continue reading ]

Configuration

Sensitive Information Types–now with more sensitivity!

UPDATE: The TechNet Gallery link for this post has been updated.

So, this is an entry that has been long in the making.  I have had several customers over the last few years give feedback about our Data Loss Prevention’s (DLP) matching requirements, mostly around how they require too much corroborating evidence (in the form of patterns or keywords) to meet their organization’s very restrictive policies.… [ Continue reading ]

Information

Report proxy addresses not in Accepted Domains

Like as the waves make towards the pebbled shore, so do our proxy addresses hasten to multiply.

At least, that’s how it seems.  As is the organizational ebb and flow, business objectives change, new business units are spun up, old projects are turned down, and you may need to add or remove proxy addresses in your Exchange environment to account for that. … [ Continue reading ]

Configuration

Update to the AAD Connect Advanced Permissions tool

Two updates for the tool in a week?  Yes! It is so!

At the behest of my good friend Darryl and one of his customer’s needs, I have updated the the AAD Connect Advanced Permissions tool with the following:

  • Allow the underscore (“_”) character to be used in an OU name path
  • Allow CN= to be used as part of the OU filter name path, since some organizations may want to try to scope permissions specifically to CN=Users.
[ Continue reading ]
Configuration

Creating and Managing Security and Compliance Filters in the Real World [Part 1]

Diving deeper into the Security & Compliance Center, I decided to embark on trying to scope eDiscovery permissions to meet a certain set of requirements that we see when multiple business units want or need to maintain independence from a content search and discovery perspective.… [ Continue reading ]