Detecting Outlook / Exchange data exfiltration

While I was working on a script to configure Office 365 Secure Score settings, I came up with a few scripts that I thought would be helpful in monitoring your messaging environments.  Many organizations have policies against data exfiltration, but detecting and enforcing are totally different animals.  One method that an attacker can set up…

2

User failing to migrate with “Server returned an invalid SOAP Fault – unexpected end of file”

The customer here was trying to migrate a mailbox from an Exchange 2010 server to Exchange Online. Exchange 2013 was being used as the hybrid server and MRS proxy. Server/domain/item names have been changed to protect the innocent. 🙂 The error being encountered was: CommunicationErrorTransientException: The call to ‘https://mail3.state.nn.us/EWS/mrsproxy.svc XYZ-SERVER.domain.w2k.state.nn.us (15.0.1104.4 caps:1F7FFFFFCB07FFFF)’ failed. Error details:…


Archive policy not moving emails from main mailbox to archive

The customer in this case had an Archive policy set on the mailbox that should move all items older than 1 day to archive, and items were not moving at all. We went through a lot of “typical” troubleshooting that we would look at when items are not being moved to the archive. (An example…


Using an Exchange Transport Rule to reject messages sent to a specific domain with a custom NDR

In this case, the customer had the following request: We migrated domains two years ago, and now are wanting to decommission the old domain (tailspintoys.org). We would like to set up some sort of catch all for messages sent to the old domain that would respond back with “sorry this domain has been decommissioned, please…


Using Exchange EWS to Obtain Exchange Online Meeting Details from Room Mailboxes

Exchange PFE Daya Patil shares with us a recent script she wrote to help obtain the meeting details from Exchange Online Room Mailboxes.   One of our customers needed a way to determine the number of meetings in each room mailbox Exchange online organization.  We quickly wrote a script to get this information, and wanted…


Office 365 Pilot Group Mail Flow Issues

When initially deploying and configuring Office 365, one of the initial questions is to select the on-premises objects which will be replicated to Azure Active Directory.  It is strongly recommended that all of the required directory and user hygiene is fully completed prior to the installation of Azure AD Connect.  It is easier and simpler…


Office 365 Pilot Group Mail Flow Issues

When initially deploying and configuring Office 365, one of the initial questions is to select the on-premises objects which will be replicated to Azure Active Directory.  It is strongly recommended that all of the required directory and user hygiene is fully completed prior to the installation of Azure AD Connect.  It is easier and simpler…


マイクロソフト認定パートナーがお客様の導入計画作成を支援『導入計画サービス』

[提供: ソフトバンク・テクノロジー株式会社] 導入計画サービス(SharePoint・Skype for Business &Exchange・Azure)のご紹介 ■導入計画サービスとは 導入計画サービスとは、マイクロソフトとの包括的なライセンス契約をお持ちのお客様がバウチャーを利用することで無償で導入支援を受けられるサービスです。 本プログラムは、Office EA や Core CAL EAなどマイクロソフトとの包括的なライセンス契約をお持ちのお客様向けの特典です。


お客様の環境に最適な展開を提案『Microsoft Office 365 導入・運用支援サービス』

[提供: ソフトバンク・テクノロジー株式会社] Microsoft Office 365 導入・運用支援サービスは、ご要望に合わせた柔軟な構築メニューをご用意しています。 Office 365 の知識がなく導入が不安、導入や移行の手順が分からない、導入後のユーザー問い合わせに対応できるか心配、といったお客様の様々な課題に合わせて選択できるサービスメニューをご用意しております。


Exchange 2016 CU7 AD Forest Function Level Requirements

In September 2016, just over a year ago from the time of writing, Exchange 2016 CU3 added support for Windows 2016.  Exchange 2016 CU3 added support for installing Exchange 2016 onto Windows Server 2016 and also to have Windows 2016 Domain Controllers (DCs) in the environment.  There is a nuance with the latter.  In order…