Securing resources by tailoring Exchange Online RBAC (Part 1)
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1d ago
EHLO, folks! Here’s a story from my work with customers, that’s coming out as a blog post series. One of my banking customers raised a request regarding RBAC (Role Based Access Control) permissions for their Service Desk Team. Upon analysis, it came to our attention they had lots of unwanted RBAC permissions granted to their Service Desk team. The problem: giving too many RBAC permissions to users can result in accidental modifications of accounts. The way to deal with this is to customize the Role Groups and Management Roles. I’ll begin with an overview of how RBAC works. It is a method of re ..read more
Visit website
‘Last Exchange Server’ Scenario Feedback
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
6d ago
In April 2022, we released an update to Exchange Server 2019 Management Tools that enables organizations that use Azure AD Connect and sync their Active Directory to manage Exchange recipients without the need for a running Exchange Server on-premises.  If you have one or more Exchange servers that are used only for recipient management (often referred to as Last Exchange Server - LES), you can install the updated tools on a domain-joined machine and shut down your last Exchange Server. For more information, see Manage recipients in Exchange Server 2019 Hybrid environments.  We want ..read more
Visit website
Released: March 2024 Exchange Server Security Updates
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
2w ago
Microsoft has released Security Updates (SUs) for vulnerabilities found in: Exchange Server 2019 Exchange Server 2016 SUs are available for the following specific versions of Exchange Server: Exchange Server 2019 CU13 and CU14 Exchange Server 2016 CU23 The March 2024 SUs address vulnerabilities responsibly reported to Microsoft by security partners and found through Microsoft’s internal processes. Although we are not aware of any active exploits in the wild, our recommendation is to immediately install these updates to protect your environment. These vulnerabilities aff ..read more
Visit website
How to troubleshoot mail flow rules used to inspect attachments
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
2w ago
When troubleshooting mail flow rules related to attachments, it’s crucial to ensure the rules are set up correctly. At times, rules may not work as expected either due to misconfiguration or because behavior related to certain attachments isn't immediately obvious. This blog will delve into some common issues encountered with attachment-related mail flow rules, provide a systematic approach to diagnosing issues, and offer practical solutions to rectify them.  To address an issue with a message that wasn’t evaluated correctly, first begin by saving the message as a file.  We’ll use th ..read more
Visit website
Introducing PS.MTA-STS: a PowerShell module to enhance mail flow security with MTA-STS
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
3w ago
TL;DR  MTA-STS is a standard that allows domain owners to specify how mail servers should handle the encryption and authentication of their SMTP connections.  MTA-STS can help prevent email spoofing, interception, and tampering by enforcing TLS encryption and certificate validation for your domains.  PS.MTA-STS is a new, open-source PowerShell module that simplifies the deployment and testing of MTA-STS for your Exchange Online domains.  PS.MTA-STS can export a list of your domains that support MTA-STS, configure an Azure function app to host the required MTA-STS policy fo ..read more
Visit website
Retirement of RBAC Application Impersonation in Exchange Online
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1M ago
Today we are announcing that we will begin blocking the assignment of the ApplicationImpersonation role in Exchange Online to accounts starting in May 2024, and that in February 2025, we will completely remove this role and its feature set from Exchange Online. Modernizing Application Access Historically, when you needed to grant an application access to more than its own mailbox in your Exchange organization using Exchange Web Services (EWS), you had limited options. Simple delegation worked for one-to-one and even some one-to-few scenarios, but when you needed to grant access to many mailbox ..read more
Visit website
Final Reminder: Outlook REST API v2.0 and beta endpoints decommissioning
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1M ago
As we work to ensure better security, reliability, and performance for our customers, and as we announced in our previous blog post in September 2023, we are decommissioning the Outlook REST v2.0 and beta endpoints starting March 31, 2024. After this date, we will start progressively shutting off the endpoints until they become completely unavailable.  This means that any application that is still using these endpoints will stop working at some point after March 31, 2024 (except for Outlook Add-Ins as also communicated before). We strongly recommend that you migrate your applications ..read more
Visit website
Released: 2024 H1 Cumulative Update for Exchange Server
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
1M ago
Today we are announcing the availability of the 2024 H1 Cumulative Update (CU) for Exchange Server 2019 (aka CU14). CU14 includes fixes for customer reported issues, a security change, and all previously released Security Updates (SUs). A full list of fixes is contained in the KB article for CU14, but we also want to highlight a few changes in this CU. Extended Protection enabled by default As announced in August 2023, by default, starting with CU14, Setup enables the Windows Extended Protection (EP) feature on the Exchange server being installed. This will happen when running the GUI version ..read more
Visit website
Hybrid Configuration Wizard with granular configuration feature is now available
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
2M ago
Today, we are happy to announce the latest release of Hybrid Configuration Wizard (HCW). As we announced in the Exchange Server Roadmap Update blog post, this new version of HCW allows you to explicitly decide on which configurations should be performed by the wizard when it is re-run (the first run of HCW still needs to be a full run). Up to now, re-running the HCW could be challenging for organizations who have customized some of the settings that were made initially by the HCW (because HCW might reset these settings to the default if it is re-run). With the new “Choose Exchange Hybrid Confi ..read more
Visit website
MFA App ID deprecation in Exchange Online
Microsoft Exchange | Exchange Team Blog
by The_Exchange_Team
2M ago
We wanted to inform you of an important update regarding MFA App ID (Microsoft Exchange Online Remote PowerShell App ID) used in Exchange Online. The MFA App ID (a0c73c16-a7e3-4564-9a95-2bdf47383716) will be deprecated by the end of March 2024. After that date, the App ID will no longer be operational. What is the MFA app Id? e MFA App ID is an Azure-based identifier used for authentication purposes to access Exchange Online resources. This App ID was specifically designed for the now-deprecated Exchange Online PowerShell v1 module also called as MFA v1 module, which has be ..read more
Visit website

Follow Microsoft Exchange | Exchange Team Blog on FeedSpot

Continue with Google
Continue with Apple
OR