Hi All, A few days ago a new Version of the Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) Module has been released. ORCA 2.0
https://www.powershellgallery.com/packages/ORCA/2.0
Use the following commands to Install the Module
Find-Module Orca Install-Module Orca Get-InstalledModule Orca
You can already connect to Exchange Online (Or the Script will do it also for you) Connect-ExchangeOnline
There is just one simple Command to run the Report
Get-OrcaReport
It's recommended to run the report from Time to Time.
Hi All, Recently Microsoft announced an update to "Every Meeting Online" (EMO) Feature. Not only can you configure to have Meeting Links for every Meeting, you can also configure the Default Online Meeting Provider TeamsForBusiness BlueJeans GoToMeeting Webex Zoom GoogleMeet JioMeet RingCentral AmazonChimePublic AmazonChimePrivate AlibabaDingTalk FacebookWorkplace AppleFacetime ClaroVideoconferencia Make every meeting online
https://support.microsoft.com/en-us/office/make-every-meeting-online-70f9bda0-fd29-498b-9757-6709cc1c73f0
To Activate you have to Configure the Exchange Online OrganizationConfig Get-OrganizationConfig | fl OnlineMeetingsByDefaultEnabled Set-OrganizationConfig -OnlineMeetingsByDefaultEnabled $true
Hi All, There has been an update to Plus addressing in Exchange online. Plus adressing will be enabled by default starting from 17. April 2022 If you wish to Opt-Out of Plus Adressing you will need to use this command
Set-OrganizationConfig -DisablePlusAddressInRecipients $true
Plus Addressing in Exchange Online
https://docs.microsoft.com/en-us/exchange/recipients-in-exchange-online/plus-addressing-in-exchange-online
If you want to check your current Recipients for Plus addresses you can use my Script from GitHub
https://github.com/BohrenAn/GitHub_PowerShellScripts/blob/main/ExchangeOnline/CheckPlusEmailAddresses.ps1
You can review your Exchange Online Settings in your tenant with the following Command
Hi All, Today the ExchangeOnlineManagement Preview 5 PowerShell Module has been released to the PowerShell Gallery. As you can see it's the first time you can use Certificate Based Authentication (CBA) to Authenticate with Connect-IPPSSession.
ExchangeOnlineManagement Preview5
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/2.0.6-Preview5
Installing the Module (PowerShell must be startet "As Administrator")
Find-Module ExchangeOnlineManagement -AllowPrerelease Install-Module ExchangeOnlineManagement -AllowPrerelease -Force
How to set up the Azure AD App i have documented here https://blog.icewolf.ch/archive/2021/04/04/exchange-online-powershell-v2-authentication-with-app-in-azuread-update.aspx
Connect to Exchange Online with a Certificate stored in your CurrentUser Certificate Store
Hi All, Did you hear about the "Modern Dynamic Distribution Groups in Exchange Online"? Little less dynamic but with more caching 😊
Modern Dynamic Distribution Groups in Exchange Online
https://docs.microsoft.com/en-us/exchange/recipients-in-exchange-online/manage-dynamic-distribution-groups/modern-dynamic-distribution-groups
Create a new Dynamic Distribution Group in Exchange Online
New-DynamicDistributionGroup -Name DDG-Icewolf-UserMailbox -IncludedRecipients MailboxUsers -ConditionalCompany "Icewolf"
Show the Details - note the Recipient Filter
Get-DynamicDistributionGroup -Identity DDG-Icewolf-UserMailbox | fl
If you check for the Members - it's still empty
Get-DynamicDistributionGroupMember -Identity DDG-Icewolf-UserMailbox
Hi All, It's that time of the Month again and Microsoft has released Patches for Exchange 2013 up to Exchange 2019
Released: March 2022 Exchange Server Security Updates
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2022-exchange-server-security-updates/ba-p/3247586 Description of the security update for Microsoft Exchange Server 2019 and 2016: March 8, 2022 (KB5012698)
https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-and-2016-march-8-2022-kb5012698-440c5421-dc0e-448f-93ef-4e686c18f7c3
Security Update For Exchange Server 2016 CU22 (KB5012698)
https://www.microsoft.com/en-us/download/details.aspx?id=103999 Don't forget to start the msp from an elevated cmd Prompt
Regards Andres Bohren
Hi All, Recently there was an Annoucement in the M365 Message Center that announced the depreciation of the Get/Set-PhishFilterPolicy. Move to the new Commands
Get-TenantAllowBlockListSpoofItems New-TenantAllowBlockListSpoofItems Set-TenantAllowBlockListSpoofItems Remove-TenantAllowBlockListSpoofItems The Get-PhishFilterPolicy will soon be depreciated
Get-PhishFilterPolicy | ft Sender, SpoofedUser, NumberOfMessages, DecisionSetBy, AllowedToSpoof, SpoofType
To see only the entrys, that are allowed to Spoof
Get-PhishFilterPolicy | where {$_.AllowedToSpoof -eq "Yes"} | ft Sender, SpoofedUser, NumberOfMessages, DecisionSetBy, AllowedToSpoof, SpoofType
Instead use this Command now
Hi All, A few Weeks ago i received the Mail below that was filtered out as Junk-E-Mail. So i took a closer look as it is legitimate. It contained a "Forgot Password" Link to theyr Portal. These are classic Phishing Techniques-
I took a look at the Mailheaders with the Message Header Analyzer https://mha.azurewebsites.net/ As you can see the Spam Confidence Level (SCL) is high at 5 and it's classified also as spam (SPM).
Hi All, I've recently had to deal with Litigation Hold. So i did a bit of research.
Place a mailbox on Litigation Hold
https://docs.microsoft.com/en-us/exchange/policy-and-compliance/holds/litigation-holds?view=exchserver-2019
When a mailbox is placed on Litigation Hold, items in the Purges subfolder are preserved for the hold duration specified by the Litigation Hold. The hold duration is calculated from the original date an item was received or created, and defines how long items in the Purges subfolder are held.
Hi Everybody, In June 2020 i applied for the Data residency move to the newly created M365 Datacenter Location in Switzerland
Today i had the following Message in the M365 Message Center Moving core data to new Microsoft 365 datacenter geos
https://docs.microsoft.com/en-us/microsoft-365/enterprise/moving-data-to-new-datacenter-geos?view=o365-worldwide
I've checked the Data location. As you can see the Exchange Data has been moved to Switzerland 😍
Regards Andres Bohren