Exchange

[EXO] Exchange Online is depreciating Basic Authentication

If you havent heard already, Microsoft is taking huge steps to improve the overall security in Exchange Online and Office 365 by disabling basic authentication for legacy authentication protocols therein lies the question of “how” to prepare and shift your organization to adopting modern authentication protocols. In the second half of 2021, Microsoft had planned   →

[EXO] Various ways to grab all SMTP address from mailbox

 

[EXO] Concert IMCEAEX string to X500

Simple script to convert IMCEAEX to X500 Address.

 

[EXO] Inbox Rule Issues Post Migration

In some instances, users with client side rules may  break as they do not get touched in the migration. For any client rules that reference a specific sender/folder/etc they will normally use X500/LegacyDN to identify conditions and will stop working. There is no set limit for the amount of Inbox rules a user can have.   →

[EXO] Identifying Validation Errors

$errors = (Get-MsolContact –ObjectID <Object_ID>).Errors $errors | foreach-object {“nService: ” + $_.ErrorDetail.Name.split(“/”)[0]; “Error Message: “+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} $errors = (Get-MsolGroup –ObjectID <Object_ID>).Errors $errors | foreach-object {“nService: ” + $_.ErrorDetail.Name.split(“/”)[0]; “Error Message: “+ $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} $errors = (Get-MsolUser -UserPrincipalName “<User_ID>”).Errors $errors | foreach-object {“`nService: ” + $_.ErrorDetail.Name.split(“/”)[0]; “Error Message: ” + $_.ErrorDetail.ObjectErrors.ErrorRecord.ErrorDescription} Get-MsolUser -HasErrorsOnly -All | ft DisplayName,UserPrincipalName,@{Name=”Error”;Expression={($_.errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription)}}   →

[EX2010] Identifying Cmd-let associated with Role, and who has it.

$Perms = Get-ManagementRole -Cmdlet remove-remotemailbox $Perms | Foreach {Get-ManagementRoleAssignment -Role $_.Name -Delegating $false | Format-Table -Auto Role,RoleAssigneeType,RoleAssigneeName} Role RoleAssigneeType RoleAssigneeName —- —————- —————- Mail Recipient Creation RoleGroup Recipient Management Mail Recipient Creation RoleGroup Organization Management Get-ManagementRoleAssignment -Role “Mail Recipient Creation” get-rolegroupmember “organization management”

[EXO] The client and server cannot communicate, because they do not possess a common algorithm

Windows Server 2008 can’t do beyond TLS 1.0. Newer versions can, but don’t have TLS 1.1 or 1.2 turned on by default. Best pratice to disable 1.0, 1.1 – mostly depreciated and not supported Check supported protocols: https://www.ssllabs.com/ssltest/index.html Turn off TLS 1.0.1.1 and SSL

Enabling TLS 1.2 Use

 

[EXO][EX2010] Removing dual mailboxes

Ensure you have a user mailbox backup prior to starting the following process as there is potential risk of data loss.  Options are to have a third party solution to perform a mailbox backup or export to PST (see new-mailboxexport cmdlet). Capture relevant information from on-premise exchange and exchange online. Grab the mailbox information (primary   →

[EX2010][EXO] Forwarding Address Export and Import

 

Single mailbox export to PST file

Add member of a role group which has the Mailbox Import Export role

Export primary mailbox:

  Export archive mailbox:

  More details https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/New-MailboxExportRequest?redirectedfrom=MSDN&view=exchange-ps