Many PowerShell scripts use the Send-MailMessage cmdlet to send mail. That’s fine, but if you want to remove basic authentication to improve tenant security, you need to stop using Send-MailMessage. One solution is to move to use the Graph API SendMail call. This works fine, but it creates some new security issues that need to be thought through. In this article, we explain how to use the Graph to send email and some of those security considerations to ponder.
It’s important to know if a tenant has any very large distribution lists as these might be the source of reply-all mail storms. An old article explains how to report the membership counts for distribution lists on an on-premises Exchange server. Life is different in the cloud, and we need to take a different approach. This article explains how to use different calls in a PowerShell script to create a nice report about distribution list memberships.
Azure AD business-to-business guest user accounts are a terrific way to securely grant access to apps and services for external users and partner organizations. In this article, a script is introduced that can be used to automate the guest user invitation process, integrating it more seamlessly with any custom applications.
A variety of methods exist to block access to a user’s Office 365 (Azure AD) account from a complete block to a conditional access policy. In this article, we examine the various methods and debate the worth of each approach. Conditional access policies are the cleanest and most effective long-term solution, but you need Azure AD premium licenses. If you don’t have those licenses, maybe one of the other approaches will work for you.
Many Exchange Online scripts use the old Get-Mailbox cmdlet to fetch mailbox data. It’s time to change these calls out and replace them with Get-ExoMailbox. The new cmdlet is faster than the old and more resilient in its ability to handle server glitches. There’s no reason to continue using the old Remote PowerShell cmdlets unless you like slowness and errors.