Exchange

ExchangeOnlineManagement 3.1.0 released as GA

Andres Bohren
Hi All, Just a few hours ago, Microsoft has released the ExchangeOnlineManagement PowerShell Module 3.1.0 as GA. ExchangeOnlineManagement 3.1.0 https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.1.0 What is new in this release: v3.1.0 : 1. Support for providing an Access Token with Connect-ExchangeOnline. 2. Bug fixes in Connect-ExchangeOnline and Get-ConnectionInformation. 3. Bug fix in Connect-IPPSSession for connecting to Security and Compliance PowerShell using Certificate Thumbprint. Check what Version is installed and what's available from the PowerShell Gallery

January 2023 Exchange Server Security Updates

Andres Bohren
Hi All, Just a few hours Ago the January 2023 Exchange Server Security Updates have been released. Released: January 2023 Exchange Server Security Updates https://techcommunity.microsoft.com/t5/exchange-team-blog/released-january-2023-exchange-server-security-updates/ba-p/3711808 In my case i have downloaded the Security Update 5 for Exchange 2016 CU23 Security Update For Exchange Server 2016 CU23 SU5 (KB5022143) https://www.microsoft.com/en-us/download/details.aspx?id=104914 Then run the Security Update When you run the HealthChecker and it has found an update close and reopen Exchange Management Shell after the update.

Exchange Online Role Based Access Control (RBAC) for Applications

Andres Bohren
Hi All On December 01 Microsoft has announced in the Exchange Team Blog that they Support Role Based Access Control (RBAC) for Applications in Exchange Online. The most important Takeaways are: The Preview is now available to all customers in our worldwide multi-tenant environment, and we expect to reach general availability in H1 2023 This feature extends our current RBAC model and will replace the current Application Access Policy feature. Service Principals representing apps must be manually created in Exchange Online during the Preview, but this process will be automated to offer a more efficient user experience at GA The Preview provides two resource scoping mechanisms, both of which are supported by Exchange RBAC: management scopes, and admin units Announcing Public Preview of Role Based Access Control for Applications in Exchange Online

Authenticated Received Chain (ARC)

Andres Bohren
Hi All, Did you come across "Authenticated Received Chain (ARC)"? Authenticated Received Chain (ARC) is an email authentication system designed to allow an intermediate mail server like a mailing list or forwarding service to sign an email's original authentication results. This allows a receiving service to validate an email when the email's SPF and DKIM records are rendered invalid by an intermediate server's processing. ARC is defined in RFC 8617, published in July 2019, as "

Exchange Online Migration: Deprecation of BadItemLimit and use of Data Consistency Score

Andres Bohren
Hi All, If you are a frequent Reader of the Exchange Team Blog, then you probably saw, that they announced to depreciate Bad Item Limit (BIL) and Large Item Limit (LIL) until end of 2022. Deprecating bad item limit and large item limit migration parameters https://techcommunity.microsoft.com/t5/exchange-team-blog/deprecating-bad-item-limit-and-large-item-limit-migration/ba-p/3652478 Migrations with Data Consistency Score (DCS) – more than you ever wanted to know! https://techcommunity.microsoft.com/t5/exchange-team-blog/migrations-with-data-consistency-score-dcs-more-than-you-ever/ba-p/2393406 Let's see that in Action Connect-ExchangeOnline $ONPREMCREDS = get-credential "

How to delete MAPI Permission if Remove-MailboxFolderPermission does not work

Andres Bohren
Hi All, Today i helped a Collegue with an Exchange Online Folderpermission Problem. He could not remove the Permissions from a Mailbox Folder (MAPI Permission). Get-MailboxFolderPermission -Identity email@domain.tld:\Kalender | fl Let's remove the User (In fact a Mail Enabled Security Group) Remove-MailboxFolderPermission -Identity email@domain.tld:\Kalender -User CH_DE_Room_Equipment_Reviewer This resulted in the following Error: Microsoft.Exchange.Management.StoreTasks.UserNotFoundInPermissionEntryException | There is no existing Permission entry found for user I've grabbed MFCMAPI from Stephen Griffin. https://github.com/stephenegriffin/mfcmapi/releases/latest

How to Fix "WorkHoursVersion1 is null" in Exchange Online

Andres Bohren
Hi All, I've performed a lot of Exchange Online Migrations this Year. After the Mailbox was migrated i did run a Post Migration Script to set some Setting on the Mailbox like: Set-MailboxRegionalConfiguration -Identity $UPN -TimeZone "W. Europe Standard Time" -DateFormat "dd.MM.yyyy" -TimeFormat "HH:mm" -Language "de-CH" -ErrorAction Stop Set-MailboxCalendarConfiguration -Identity $UPN -WeekStartDay Monday -WorkDays Weekdays -WorkingHoursStartTime 08:00:00 -WorkingHoursEndTime 17:00:00 -WorkingHoursTimeZone "W. Europe Standard Time" -ShowWeekNumbers $True -ErrorAction Stop In some cases there where this Error: "

Exchange Online - Other ways of Testing IMAP OAuth2 Client Credential Flow

Andres Bohren
Hi All, I write this Blog Article in Addition to the Exchange Online POP and IMAP OAUTH 2.0 Client Credentials Flow https://blog.icewolf.ch/archive/2022/12/17/exchange-online-pop-and-imap-oauth-2-0-client-credentials.aspx I tried out other ways of testing First we need to get the Access Token ############################################################################### # Get Access Token with MSAL ############################################################################### Import-Module MSAL.PS $AppID = "3bf0cf36-87bf-47a9-927b-0ef9df7cf146" $TenantID = "icewolfch.onmicrosoft.com" $ClientSecret = ConvertTo-SecureString "YourClientSecret" -AsPlainText -Force $Scope = "https://outlook.office.com/.default" Clear-MsalTokenCache $Token = Get-MSALToken -ClientId $AppID -ClientSecret $ClientSecret -TenantId $TenantID -Scope $Scope

ExchangeOnlineManagement 3.1.0-Preview2 released

Andres Bohren
Hi All, Yesterday the ExchangeOnlineManagement 3.1.0-Preview2 PowerShell Module has been released to the PowerShell Gallery. ExchangeOnlineManagement 3.1.0-Preview2 https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.1.0-Preview2 A few REST API cmdlets in Exchange Online PowerShell have been updated with the experimental UseCustomRouting switch. This switch routes the command directly to the required Mailbox server, and might improve overall performance. When you use the UseCustomRouting switch, you can use only the following values for identity of the mailbox: User principal name (UPN) Email address Mailbox GUID The UseCustomRouting switch is available only on the following REST API cmdlets in Exchange Online PowerShell:

Exchange Online POP and IMAP OAuth 2.0 Client Credentials Flow

Andres Bohren
Hi All, OAuth 2 Authentication for POP and IMAP was announced already back in June 2022 at the Exchange Team Blog. Announcing OAuth 2.0 Client Credentials Flow support for POP and IMAP protocols in Exchange Online https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-oauth-2-0-client-credentials-flow-support-for-pop-and/ba-p/3562963 There is a pretty decent Step-by-step Guide here. But there are some steps missing - that's why i have created a more detailed Guide. Authenticate an IMAP, POP or SMTP connection using OAuth