Your quick fix of all things Microsoft Cloud
Today I chat with Andrew Lowes about the new Exchange Online PowerShell V3 module.
#Microsoft #Microsoft365 #ExchangeOnline #MicrosoftCloudQuickFix
URLs shown in today’s video podcast include:
https://learn.microsoft.com/en-us/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.0.0
Microsoft has released Exchange Online PowerShell V3 module. This is today’s #MicrosoftCloudQuickFix !
It is recommended to now use the Exchange Online PowerShell V3 module. Exchange Online cmdlets backed by the REST API are available in Exchange Online PowerShell V3. REST API cmdlets have the following advantages:
For installation and connection instructions, see Exchange Online Management 3.0.0 and Connect to Exchange Online PowerShell.
#MicrosoftCloudQuickFix #Microsoft365 #ExchangeOnline
In this episode Ryan McKay is joined by Andrew Lowes and discuss the deprecation of Basic Authentication in Microsoft 365 on October 1, 2022 and its impact to user experience along with the upcoming #MicrosoftIgnite2022
URLs shown in today’s video podcast include:
Deprecation of Basic authentication in Exchange Online
One Last Chance to Pause the Great Exchange Online Basic Authentication Shutoff
Microsoft Ignite Home
#Microsoft #Microsoft365 #BasicAuthentication #ModernAuthentication #MicrosoftCloudSecurity #MSIgnite #MicrosoftCloudQuickFix
So you have done your due diligence and are sure your in the clear. You would like to manage this change and turn off Basic Authentication and test yourself before and not wait for Microsoft. That is todays #MicrosoftCloudQuickFix !
As outlined in my previous blogpost to prepare for the change check the Azure Active Directory Sign-In logs per New tools to block legacy authentication in your organization – Microsoft Tech Community which will help track down any clients still using Basic Authentication.
If you don’t have any Basic Authentication sign-ins then you can move on to block Basic Authentication for protocols on your tenant.
In your Microsoft 365 Admin Portal Next navigate to settings > Org Settings > under Services > Modern Authentication and ensure that “Turn on modern authentication for Outlook 2013 for Windows and later” is enabled and then under “Allow access to basic authentication protocols” uncheck any protocols you wish to no longer use Basic Authentication. Click “Save” and test.
For more information check out the following Disable Basic authentication in Exchange Online | Microsoft Docs in Microsoft Docs.
#Microsoft365 #ExchangeOnline #BasicAuthentication #ModernAuthentication #MicrosoftCloudSecurity #MicrosoftCloudQuickFix
There are three work weeks left until #Microsoft is scheduled to disable Basic Authentication access to Exchange Online. This is today’s #MicrosoftCloudQuickFix !
Back in September 2019 Microsoft announced they are disabling Basic Authentication access to Exchange Online to be replaced with Modern Authentication methods built on OAuth 2.0 token-based authorization. Modern Authentication has many improvements which mitigate issues with Basic Authentication and provide an improved security posture but as we are all aware there were circumstances in the world that pushed that date forward.
Beginning October 1, 2022 Microsoft will start disabling Basic Authentication for MAPI, RPC, Offline Address Book (OAB), Exchange Web Services (EWS), POP, IMAP, Exchange ActiveSync (EAS), and Remote PowerShell access protocols on randomly selected Exchange Online tenants. You will know ahead of time when your tenant has been chosen by a posted message in your Microsoft365 Admin Center Messages 7 days beforehand and a post to the Service Health Dashboard notifications.
To prepare for this change check the Azure Active Directory Sign-In logs per New tools to block legacy authentication in your organization – Microsoft Tech Community which will help track down any clients still using Basic Authentication and allow you to update your clients as appropriate. After the change to your tenant any client using Basic Authentication for an affected protocol will be unable to connect and will receive an HTTP 401 error: bad username or password error.
If you don’t have any Basic Authentication sign-ins then there is nothing you need to do.
Microsoft does recognize you may not be ready to turn off Basic Authentication and there is a Self-Service Re-Enablement process outlined. Note: that this is a one time re-enablement of Basic Authentication which will last until the end of December 2022 only and during the first few weeks of 2023 any re-enabled protocols will be disabled again permanently.
For more information check out the following Deprecation of Basic authentication in Exchange Online in Microsoft Docs.
#Microsoft365 #ExchangeOnline #BasicAuthentication #ModernAuthentication #MicrosoftCloudSecurity #MicrosoftCloudQuickFix
If you’re like me you enjoy the rich set of features included in Microsoft Defender for Office 365 including the Safe Links and Safe Attachments capabilities. Microsoft has announced a change to retire the ‘replace’ action in Safe Attachment policies and that is today’s #MicrosoftCloudQuickFix !
Safe Attachments in Microsoft Defender for Office 365 provides an additional layer of protection for email attachments that have already been scanned by anti-malware protection in Exchange Online Protection (EOP). Specifically, Safe Attachments uses a virtual environment to check attachments in email messages before they’re delivered thru a process know as detonation.
Safe Attachments protection is controlled by Safe Attachment policies configured in the Microsoft 365 Defender portal. In Safe Attachment policies one of the actions which can be applied to a message is the ‘Replace’ action which delivers only the message body to the recipient without the original attachments when it has been found to contain malware.
Beginning in September 2022 the ‘Replace’ action will be retired and no longer available for use in Safe Attachment policies. The first phase of the retirement will automatically apply the ‘Block’ action, which will quarantine the email, to any existing policies with the ‘Replace’ action specified.
The second phase of the retirement targeted to complete by late-October 2022 will remove the ‘Replace’ action altogether from the Microsoft Defender portal and any existing policies with it will be changed to use the ‘Block’ action.
There will not be a similar action to ‘Replace’ post retirement and we recommend that you review and update all applicable Safe Attachments policies in your tenant beforehand.
For more information on Safe Attachment policy settings in Microsoft Defender for Office 365 please see Safe Attachments – Office 365 | Microsoft Docs
#Microsoft #Microsoft365 #MicrosoftDefenderforOffice365 #MicrosoftCloudSecurity #MicrosoftCloudQuickFix
In this episode Ryan McKay and Andrew Lowes look at new Microsoft Entra portal for modern identity and access solutions.
URLs shown in today’s video podcast include:
Microsoft Entra | Microsoft Docs
Microsoft Entra – Secure Identities and Access | Microsoft Security
Microsoft Entra Datasheet
Microsoft Entra Admin Center
#Microsoft #Microsoft365 #MicrosoftEntra #MicrosoftIdentityandAccess #MicrosoftCloudSecurity #MicrosoftCloudQuickFix