Here’s to another year of practical advice on all things Microsoft! Practical 365 is wrapping up the year with a whopping 200+ articles, focusing on topics such as PowerShell, Exchange, Azure AD, Teams, and much more. This article shares 9 must-read posts, recommended by Steve Goodman, Tony Redmond, and Paul Robichaux.
Security researchers love to report software vulnerabilities that they find. That's their role and it's a valuable contribution to the technical community. However, some of the reports about Microsoft 365 flaws are over-hyped and under-considered, like a recent example covering the risk of phishing in the Exchange Online Direct Send feature.
Adaptive retention policies are great, but they require high-end Office 365 or Microsoft 365 licenses. The solution is to build your own version using PowerShell and Azure Automation. The code is reasonably straightforward and is a practical example of how to replicate a Microsoft 365 feature in your own way.
Microsoft has released the public preview of RBAC for Applications. The new mechanism allows tenants to control the access Azure AD apps have to mailboxes at a granular level. RBAC for Applications will replace application access policies.
This article explains how to use the Microsoft Graph API and PowerShell to extract meeting data from the calendars of room mailboxes to generate statistics about the usage of the rooms. Only confirmed meetings are included in the data.
Azure AD and Exchange Online store information about user principal names and email addresses, but they don't store the domain name of an account. In this article, we explain how to use a custom attribute to store the domain name and then use that with an adaptive scope in a Microsoft 365 retention policy.
Outlook groups and shared mailboxes both help small teams work with shared email. The decision as to which to use depends on the exact needs the team has. Microsoft has given Outlook groups some useful enhancements recently, but shared mailboxes are still the most email-friendly choice.
Now that they've disabled basic authentication for email connection protocols, Microsoft is doing the same for the Autodiscover service. This makes sense. There's no point in allowing basic authentication for Autodiscover when clients can't use basic authentication to connect. Microsoft will therefore turn off basic authentication for Autodiscover as it removes basic authentication for protocols like POP3, EAS, IMAP4, EWS, and MAPI.
Microsoft plans to launch a Pay As You Go backup and restore service for Exchange Online and SharePoint Online as part of its Syntex content management suite. This is new ground for Microsoft as they've never offered a backup service for Microsoft 365 before. How will Syntex compare to ISV backup services? Time will tell!
18 Comments
Microsoft 365 tenants can assign colors to the sensitivity labels used to mark files and messages. However, the set of colors chosen by Microsoft is frankly a bit weird. You can use PowerShell to assign different colors to labels and in this article, we show you how to use a traffic light color scheme.
For those wanting to eliminate the SMTP AUTH protocol, Microsoft has three ways to send email using Graph APIs. This article looks at how to use the Send-MgUserMail cmdlet and compares it to the Send-MgUserMessage cmdlet (covered in depth in a previous article). Our conclusion is that you'll probably end up using Send0-MgUserMail because it's easier to use.
A Wired article calls Exchange Server a security liability and it's hard to argue the case that the assertion is incorrect. Too many vulnerabilities, too many attacks, and an architecture that's creaking at the seams means that Exchange on-premises is at the end of its days.
