Concurrent Exchange Online License Assignment Supported! Finally!!!

I’m back from winter break and today’s #MicrosoftCloudQuickFix is #Microsoft365 finally supports concurrent Exchange Online License Assignments!!! This is going to dramatically reduce the administrative burden managing #ExchangeOnline license assignments and specifically will allow an intuitive groups-based licensing strategy!

Previously when Microsoft 365 Tenant Admins tried to assign more then one license pack containing #ExchangeOnline to the same user, whether that be thru the Microsoft 365 Admin Center, #AzureActiveDirectory PowerShell, or group-based licensing, an exception message would be displayed and the assignment rejected.

In this case the user already has an Exchange Online Plan 1 license included in Microsoft 365 Business Standard suite and the Tenant Admin is looking to upgrade the user to an Exchange Online Plan 2 license likely to take advantage of the larger mailbox size, Data Loss Prevention, In-place Hold, or Exchange Online Archiving capabilities.

The same exception message is displayed for any combination of the following licenses:

  • Microsoft 365 Business packages: Basic, Standard, Premium
  • Microsoft / Office 365 F1, F2, F3, E1, E3, E5, A1, A3, A5
  • Exchange Online Essentials
  • Exchange Online Kiosk
  • Exchange Online Plan 1
  • Exchange Online Plan 2
  • Other #MicrosoftTeams and #MicrosoftProject license packs which rely on Exchange Online

Now with this change any combination of the above is allowed and Exchange Online will automatically decide which of the assigned plans is “superior” and will enable the features of that plan (mailbox quotas, transport limits, protocol access, etc.).

When a license is removed Exchange Online will reevaluate and adjust as needed to the new superior plan.

For more information, please see the following Exchange Team Blog post.

#MicrosoftCloudQuickFix #Microsoft365 #AzureActiveDirectory #ExchangeOnline

Exchange Server Security Updates Available for September 2022 Vulnerabilities

Today’s #MicrosoftCloudQuickFix is that #Microsoft has released the November 2022 Exchange Server Security Updates which contain fixes for the CVE-2022-41040 and CVE-2022-41082 vulnerabilities reported at the end of September 2022 and reported discussed on my blog post below:

Exchange Server Patch Alert! – Microsoft Cloud Quick Fix (mscqf.com)

CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability and can only be exploited by authenticated attackers while CVE-2022-41082 allows remote code execution (RCE) when PowerShell is accessible to the attacker.

The November 2022 Exchange Server Security Updates are available for Exchange Server 2013 CU23 (Note: Support ends in April 2023), Exchange Server 2016 CU22 and CU23, and Exchange Server 2019 CU11 and CU12. Since #Microsoft has been made aware of active exploits of related vulnerabilities their (and my) recommendation is to install these updates immediately!

Microsoft has indicated that #ExchangeOnline customers are already protected from the vulnerabilities addressed in the November 2022 Exchange Server Security Updates and do not need to take any action other than updating any remaining on-premises Exchange servers.

For more information about this and Exchange Server Patching see:

#Microsoft #Microsoft365 #ExchangeOnline #ExchangeServer #MicrosoftCloudQuickFix

Outlook Cloud Based Signatures

Upgrades to how your email signatures are stored will be launching soon. That is today’s #MicrosoftCloudQuickFix !

Email signatures regardless of your mailbox residing on-premises or in Exchange Online have traditionally been stored on your local computer. Users have had to recreate them every time they reinstall Outlook, move to a new device, or leverage multiple devices.

As outline in Microsoft 365 Roadmap ID 60371 with this change for mailboxes hosted in Exchange Online, #Microsoft will migrate the local signatures to the cloud automatically, no manual steps are required. This means the same set of signatures will be available on any Windows (Microsoft 365) or Web version of Outlook, and you will no longer need to reconfigure your signatures when getting a new device.

Per Microsoft if you use 3rd party solutions in your environment for signature management this change will not impact you at this time.

For more information, please see the following Microsoft Support page.

#MicrosoftCloudQuickFix #Microsoft365 #ExchangeOnline

Microsoft Book of News is out

Today’s #MicrosoftCloudQuickFix is #MicrosoftIgnite may be over, but all the announcements can be found in one place in the 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗜𝗴𝗻𝗶𝘁𝗲 𝗕𝗼𝗼𝗸 𝗼𝗳 𝗡𝗲𝘄𝘀 found here:

Microsoft Ignite 2022 Book of News

Lots of newsworthy announcements from new Azure Arc-enabled features, new features for Virtual Machine Scale Sets, Azure Premium SSD v2, to Azure Elastic SAN, now in preview, a fully managed storage area network service, to the new Microsoft Teams Premium add-on, Microsoft Places, and the unveiling Microsoft Syntex.

Another #MSIgnite in the books but there is lots more exciting technology to use! Thank-you #Microsoft for an awe-inspiring event!

 #MSIgnite #MicrosoftAzure #Microsoft365 #MicrosoftCloudQuickFix

The Microsoft Learn Cloud Skills Challenge is open!

Here is your #MicrosoftCloudQuickFix – #MSIgnite has begun, and the Microsoft Ignite Cloud Skill Challenge is now open until November 9, 2022!

There are 7 challenges to choose from and once you complete a challenge you choose you earn a 𝗳𝗿𝗲𝗲 exam credit for a Microsoft Certification exam on your #MicrosoftLearning account!!!

Check out The Microsoft Learn Cloud Skills Challenge for more information.

#MicrosoftCloudQuickFix #Microsoft #Microsoft365 #MicrosoftAzure #MicrosoftIgnite2022 #MSIgnite

Exchange Server Patch Alert!

Get ready to patch your on-premises versions of Exchange Server ASAP! This is today’s #MicrosoftCloudQuickFix !

Yet again as announced by #Microsoft on Friday September 30, 2022 there are two new reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 that are being exploited…

CVE-2022-41040 is a Server-Side Request Forgery (SSRF) vulnerability and can only be exploited by authenticated attackers while CVE-2022-41082 allows remote code execution (RCE) when PowerShell is accessible to the attacker.

Microsoft has said it’s “working on an accelerated timeline” to provide a patch for the two newly disclosed vulnerabilities and while mitigations exist I would recommend a rapid patch deployment once one is available and of course always keeping your Exchange Servers up-to-date with the latest Cumulative Update (CU) and Security Updates (SU).

Microsoft indicated that #ExchangeOnline customers don’t need to take any action at the moment because the company has detections and mitigation in place and of course will apply the patch seamlessly once available – Anyone still need a business case for migration to #ExchangeOnline ?

For more information about this and Exchange Server Patching see:

#Microsoft #Microsoft365 #ExchangeOnline #MicrosoftExchangeServer #MicrosoftCloudQuickFix

Sept 30, 2022 – New Podcast Available

Today I chat with Andrew Lowes about the new Exchange Online PowerShell V3 module.

#Microsoft #Microsoft365 #ExchangeOnline #MicrosoftCloudQuickFix

URLs shown in today’s video podcast include:

https://learn.microsoft.com/en-us/powershell/exchange/exchange-online-powershell-v2?view=exchange-ps

https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.0.0

General Availability of Exchange Online PowerShell V3

Microsoft has released Exchange Online PowerShell V3 module. This is today’s #MicrosoftCloudQuickFix !

It is recommended to now use the Exchange Online PowerShell V3 module. Exchange Online cmdlets backed by the REST API are available in Exchange Online PowerShell V3. REST API cmdlets have the following advantages:

  • More secure: REST API cmdlets have built-in support for modern authentication and don’t rely on the remote PowerShell session, so PowerShell on your client computer doesn’t need Basic authentication in WinRM for Exchange Online PowerShell.
  • More reliable: REST API cmdlets handle transient failures with built-in retries, so failures or delays are minimized. For example:
    • Failures due to network delays.
    • Delays due to large queries that take a long time to complete.
  • Better performance: The connection avoids setting up a PowerShell runspace in Exchange Online PowerShell.

For installation and connection instructions, see Exchange Online Management 3.0.0 and Connect to Exchange Online PowerShell.

#MicrosoftCloudQuickFix #Microsoft365 #ExchangeOnline

Sept 23, 2022 – New Podcast Available

In this episode Ryan McKay is joined by Andrew Lowes and discuss the deprecation of Basic Authentication in Microsoft 365 on October 1, 2022 and its impact to user experience along with the upcoming #MicrosoftIgnite2022

URLs shown in today’s video podcast include:
Deprecation of Basic authentication in Exchange Online
One Last Chance to Pause the Great Exchange Online Basic Authentication Shutoff
Microsoft Ignite Home

#Microsoft #Microsoft365 #BasicAuthentication #ModernAuthentication #MicrosoftCloudSecurity #MSIgnite #MicrosoftCloudQuickFix

Exchange Online – Basic Authentication Disabled Oct 1, 2022 – Part Deux

So you have done your due diligence and are sure your in the clear. You would like to manage this change and turn off Basic Authentication and test yourself before and not wait for Microsoft. That is todays #MicrosoftCloudQuickFix !

As outlined in my previous blogpost to prepare for the change check the Azure Active Directory Sign-In logs per New tools to block legacy authentication in your organization – Microsoft Tech Community which will help track down any clients still using Basic Authentication.

If you don’t have any Basic Authentication sign-ins then you can move on to block Basic Authentication for protocols on your tenant.

In your Microsoft 365 Admin Portal Next navigate to settings > Org Settings > under Services > Modern Authentication and ensure that “Turn on modern authentication for Outlook 2013 for Windows and later” is enabled and then under “Allow access to basic authentication protocols” uncheck any protocols you wish to no longer use Basic Authentication. Click “Save” and test.

For more information check out the following Disable Basic authentication in Exchange Online | Microsoft Docs in Microsoft Docs.

#Microsoft365 #ExchangeOnline #BasicAuthentication #ModernAuthentication #MicrosoftCloudSecurity #MicrosoftCloudQuickFix