Deploying Cloud App Security

By Author on October 4, 2019October 4, 2019Leave a Comment

I have been recently investigating Cloud App Security how it can benefit organizations already paying for this functionality without even knowing. Do you already pay for the following Microsoft licenses?

Microsoft Cloud App Security
Microsoft Cloud App Security + Enterprise Mobility & Security E3 (EMS E3)
Enterprise Mobility & Security E5 (EMS E5)
Microsoft 365 E5 Security
Microsoft 365 E5
Microsoft 365 Education A5
Office 365 E5
Azure AD Premium 1

If yes, you are licensed to enable Cloud App Security for your organization

For more information about the licensing requirements
Click on the following URL
https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2NXYO

Log process flow: From raw data to risk assessment

The process of generating understanding the risk within your organisation from a Cloud Securtity starts here with the following. You can upload data to Cloud App Security and the process takes between a few minutes to several hours depending on the amount of data processed.

Upload – Web traffic logs from your network are uploaded to the portal.
Parse – Cloud App Security parses and extracts traffic data from the traffic logs with a dedicated parser for each data source.
Analyze – Traffic data is analyzed against the Cloud App Catalog to identify more than 16,000 cloud apps and to assess their risk score. Active users and IP addresses are also identified as part of the analysis.
Generate report – A risk assessment report of the data extracted from log files is generated.

Note
Continuous report data is analyzed twice a day.

Supported firewalls and proxies

Cloud App Security support data uploads from the following Firewalls and Proxies.

Barracuda – Web App Firewall (W3C)
Blue Coat Proxy SG – Access log (W3C)
Check Point
Cisco ASA with FirePOWER
Cisco ASA Firewall (For Cisco ASA firewalls, it’s necessary to set the information level to 6)
Cisco Cloud Web Security
Cisco FWSM
Cisco IronPort WSA
Cisco Meraki – URLs log
Clavister NGFW (Syslog)
Digital Arts i-FILTER
Forcepoint
Fortinet Fortigate
iboss Secure Cloud Gateway
Juniper SRX
Juniper SSG
McAfee Secure Web Gateway
Microsoft Forefront Threat Management Gateway (W3C)
Palo Alto series Firewall
Sonicwall (formerly Dell)
Sophos SG
Sophos XG
Sophos Cyberoam
Squid (Common)
Squid (Native)
Stormshield
Websense – Web Security Solutions – Investigative detail report (CSV)
Websense – Web Security Solutions – Internet activity log (CEF)
Zscaler

Automatic Risk Assessment

Cloud App Security also enables organizations to automatically discovery the Cloud Apps in use via actives on your firewall logs. This is done via Log Collectors that allows organizations upload logs to Cloud App Security. Every single long is automatically transfers to the portal, there is 2 different behaviours if you are using FTP or Syslog

FTP Uploads
FTP logs are uploaded to Microsoft Cloud App Security after the file finished the FTP transfer to the Log Collector

SysLog Uploads
The Log Collector writes the received logs to the disk. Then the collector uploads the file to Cloud App Security when the file size is larger than 40 KB

However, you may what to check that the data being used for Automatic upload is in a valid format. Check out this link for more information. https://docs.microsoft.com/en-us/cloud-app-security/create-snapshot-cloud-discovery-reports#using-traffic-logs-for-cloud-discovery-

App connectors

App connectors use APIs from cloud app providers to integrate the Cloud App Security cloud with other cloud apps. App connectors extend control and protection. They also give you access to information directly from cloud apps, for Cloud App Security analysis.

To connect an app and extend protection, the app administrator authorizes Cloud App Security to access the app. Then, Cloud App Security queries the app for activity logs, and it scans data, accounts, and cloud content. Cloud App Security can enforce policies, detects threats, and provides governance actions for resolving issues.

So how does the look from the portal?

Lets connect Office 365 for the purpose of this post.

Select the components you would like to monitor and connect the app

Conditional Access App Control protection

Microsoft Cloud App Security Conditional Access App Control uses reverse proxy architecture to give you the tools you need to have real-time visibility and control over access to and activities performed within your cloud environment. With Conditional Access App Control, you can protect your organization:

Avoid data leaks by blocking downloads before they happen
Set rules that force data stored in and downloaded from the cloud to be protected with encryption
Gain visibility into unprotected endpoints so you can monitor what’s being done on unmanaged devices
Control access from non-corporate networks or risky IP addresses

With Conditional Access App Control protection you can define you want to Monitor what is being accessed or block.

When configured you will notice the below appear for all access control applications

Policies

Once you have configured the basics above the next steps is to enable policies you would like run within your environment. Out of the box you will receive a number policies deemed appropriate from Microsoft but there may be additions ones you would like for example;

In my environment I have created a policy that check for OneDrive Documents shared outside my business to specific domains

This policy also has the power to remove the external user to prevent access and this is where Cloud App Security really comes into its own. As it allows organisations and IT Administrators to the power to real take control of corporate data.

I hope you found this run through helpful

Regards,
The Author – Blogabout.Cloud

Microsoft Bookings – What is it and how do I enable it?

By Author on August 28, 2019August 28, 2019Leave a Comment

Microsoft Bookings has recently come to my attention as Bookings will integrate with Teams and Skype meeting capabilities. This will enable businesses to set up services with online Skype/Teams meeting enabled. A meeting link will be added to the booking invite which customers can use to join the appointment.

This feature is being rolled out Worldwide (Standard Multi-Tenant), Online, Exchange, Education tenants.

What is Microsoft Bookings?

Microsoft Bookings is an online and mobile app for small businesses who provide services to customers on an appointment basis. Examples of businesses include hair salons, dental offices, spas, law firms, financial services providers, consultants, and auto shops.

Bookings has three primary components:

A booking page where your customers can schedule appointments with the staff member who should provide the service. You can show this page on Facebook, where your customers can schedule appointments, or your own web site.
A set of web-based, business-facing pages where business owners can record customer preferences, manage staff lists and schedules, define services and pricing, set business hours, and customize how services and staff are scheduled
A business-facing mobile app where business owners can see all of their bookings, access customer lists and contact information, and make manual bookings

Is Booking enabled for subscription?

Bookings are turned on by default for customers who have the Office 365 Business Premium, or Office 365 A3 and Office 365 A5 subscriptions.
Bookings is also available to customers who have Office 365 Enterprise E3 and E5, but it is turned off by default.

Get the free Microsoft Bookings add-on for Enterprise subscriptions

If you subscription is Office 365 for Business, Office 365 Enterprise E3 or E5, the Microsoft Bookings app offered through the Business Apps (free) add-on is off by default. Follow these steps to get licenses and assign to your users.

Turn Bookings off for your entire organization using Exchange Online PowerShell

If you don’t have access to the Bookings setting in Microsoft 365 admin center, you can turn off Bookings by running the following command in PowerShell.

Before you can do this procedure, you need to Connect to Exchange Online PowerShell.

1	Set-OrganizationConfig -BookingsEnabled $false

Let’s make a Booking

Now we have enabled Microsoft Bookings for your tenant it will now be available within your Office 365 as shown below

Regards
The Author – Blogabout.Cloud

Microsoft Teams Roadmap Announcements for July 2019

By Author on August 1, 2019August 1, 2019Leave a Comment

The following post contains the new features and updated features from July 2019. This post enables you to quickly glance at the Microsoft Teams Roadmap based on the latest information provided from Microsoft.

New Features

New Features	Current Status
Microsoft Teams – Give Feedback	In Development
Microsoft Teams – Channel Cross Posting	In Development
Microsoft Teams – Policy packages	In Development
Microsoft Teams – Secure private channels	In Development
Microsoft Teams – Phone System for GCC	In Development
Microsoft Teams – Screen sharing in Teams/Skype for Business interop	In Development
Microsoft Teams – Teams/Skype Consumer chat and calling interop	In Development
Microsoft Teams – Shorter Retention	In Development
Microsoft Teams – Reverse Number Lookup	In Development
Microsoft Teams – Dynamic E911	In Development
Microsoft Teams – Teams Voice Platform	In Development

Updated Features

Updated	Current Status
Files restore for SharePoint and Microsoft Teams	Launched
Microsoft Teams – Manage discovery of private teams	Launched
Microsoft Teams – Information Barriers	Launched
Microsoft Teams – Add up to 100 people to a group chat	Launched
Microsoft Teams – Announcements	Launched
Microsoft Teams – @-less mentions	In Development
Microsoft Teams: Partner Provided Calling Plans for Japan	In Development
Microsoft Teams – Shared links	In Development
Microsoft Teams – Share system audio in a Teams meeting	Rolling Out
Microsoft Teams Firstline Worker capability – Praise	Launched
Microsoft Teams for Firstline Worker capability – Graph API for Shifts	Launched
Microsoft Teams desktop app coming to existing installs of Office 365 ProPlus and Microsoft/Office 365 Business/Business Premium	Rolling Out
Teams EDU messaging policies migration	Launched
Microsoft Teams: Location Based Routing	In Development
Microsoft Teams – Lobby Support	Launched
Safe Links Protection for Microsoft Teams	Launched
Microsoft Teams – Stay productive with focus teams	Launched
Microsoft Team – Read Receipts in private chats	Launched
Microsoft Teams – Phone System for GCC	In Development

Remember if you would like to receive all the Microsoft Roadmaps updates to your Teams Client, check out this post.

Watching the Office 365 Roadmap with Microsoft Team Channel Messages

Regards
The Author – Blogabout.Cloud

Watching the Office 365 Roadmap with Microsoft Team Channel Messages

By Author on June 28, 2019July 11, 2019Leave a Comment

Do you find it hard to keep up to date with all the latest Office 365 Roadmap news?
Would you like an easier way to keep you and maybe your colleagues informed?

Then look no further, with power of Microsoft Teams you can now post the Roadmap updates directly into a Microsoft Teams Channel. By using the super powers of Microsoft Flow we can now publish the Office 365 Roadmap cleanly into a Microsoft Teams Channel and heres how we can do it.

Launch http://flow.microsoft.com

Creating the Microsoft Flow for RSS to Microsoft Teams Channel

Select My Flows
Create New
Automated – from Blank

Give you Microsoft Flow a name and choose the RSS trigger for “When a feed item is published” then click create 🙂

Provide the following URL http://feeds.feedburner.com/Office365RoadmapWatcher and select New Step as will now be defining the Microsoft Teams element to this flow

Please Note:
You must be signed into Flow with an account that has Microsoft Teams access.

Browse for Microsoft Teams and select Post a message (V3) (preview). The Microsoft Teams element in Flow are relatively new and all in public preview.

You will now need to specify your Team, Channel, Message and Subject. As you can see from below I am using Feed summary as the message and Feed title as the subject.

At the next trigger you will receive a message like below into your specified Microsoft Teams Channel.

Regards
The Author – Blogabout.Cloud

Microsoft Teams arrives to Office ProPlus, so what do I need to know

By Author on June 12, 2019June 12, 2019Leave a Comment

As a big advocate for Office ProPlus I am delighted to now see that Microsoft Teams now apart of the ProPlus deliver mechanism. However, just like any Microsoft product, it does have its caveats.

Microsoft Teams will only be included with NEW installations of Office 365 ProPlus dependent on the channel you are using. The below shows the schedule of the introduction but this is subject to change.

Update channel	Version	Date
Monthly Channel	Version 1902	March 4, 2019
Semi-Annual Channel (Targeted)	Version 1902	March 12, 2019
Semi-Annual Channel	Version 1902	July 9, 2019

Important Note:
Teams are also included with the following new installations:
Office 365 Business, starting with Version 1901, which was released on January 31, 2019. Office 365 Business is the version of Office that is included with certain business plans, such as the Microsoft 365 Business plan and the Office 365 Business Premium plan.

Office for Mac, starting with Version 16.21, which was released on January 16, 2019. Office for Mac comes with any plan that includes Office 365 Business or Office 365 ProPlus. For more information, see Microsoft Teams installations on a Mac.

Now Microsoft Teams is apart of the Office Deployment tool it is now subject to all the controls we are common use to so we exclude Teams if we really to 🙂 but why would we do that.

What about existing deployments of Office 365 ProPlus?

At the time of this post, it is not possible to get Microsoft Teams if you have an existing deployment of Office 365 ProPlus. Microsoft has announced that in Version 1906 Microsoft Teams will be shipped to existing deployment running this version. The table below gives an indication of when we can expect the rollout of Teams but if you are using Monthly Channel (Targeted) you should be seeing Microsoft appearing approximately on 25th June 2019.

Update channel	Version	Date
Monthly Channel	Version 1906	July 9, 2019
Semi-Annual Channel (Targeted)	To be determined	September 10, 2019
Semi-Annual Channel	To be determined	January 2020

If you don’t want Teams to be added to existing installations of Office 365 ProPlus when you update to a new version, you can use Group Policy or the Office Deployment Tool to exclude the installation.

Always keep up to date.
Make sure you’re using the most current version of the Office Deployment tool available on the Microsoft Download Center.

Be sure you’re using at least version 4867.1000 of the Administrative Template files (ADMX/ADML), which were released on June 7, 2019.

Temporarily, the name and help text for this policy setting is available only in English. The name and help text will be available in the usual set of languages by June 14, 2019.

Updating Microsoft Teams !! It doesnt follow the normal ProPlus cycles.

Once Microsoft Teams is installed, it automatically updates approximately every two weeks with new features and quality updates. This doesn‘t follow the normal update cycle for Office 365 ProPlus as other applications receive updates depending on which channel they’re on.

Regards
The Author – Blogabout.Cloud

New functionality now in preview for Conditional Access

By Author on May 17, 2019May 17, 2019Leave a Comment

So I was happily minding my own business looking at the configuration of my Conditional Access and notice 3 new options have appeared;

Baseline policy: End user protection (Preview)
Baseline policy: Block legacy authentication (Preview)
Baseline policy: Require MFA for Service Management (Preview)

Baseline policy: End user protection (Preview)

This policy protects users by requiring multi-factor authentication (MFA) during risky sign-in attempts to all applications. Users with leaked credentials are blocked from signing in until a password reset.

Once the policy is enabled, users are required to register for MFA within 14 days of their first login attempt. The default method of MFA registration is the Microsoft Authenticator App.

This policy is either On or Off and you can also exclude users from receiving this policy

Baseline policy: Block legacy authentication (Preview)

This policy blocks all sign-ins using legacy authentication protocols that don’t support multi-factor authentication (such as IMAP, POP, SMTP). The policy does not block Exchange ActiveSync.

Office 2013 (without registry keys)
Office 2010
Thunderbird client
Legacy Skype for Business
Native Android mail client

This policy is either On or Off and you can also exclude users from receiving this policy. This policy is great as I have configured a custom built policy for just this but my policy also includes Exchange Active Sync.

Baseline policy: Require MFA for Service Management (Preview)

This policy requires users logging into services that rely on the Azure Resource Manager API to perform multi-factor authentication (MFA).

Services requiring MFA include:

Azure Portal
Azure Command Line Interface (CLI)
Azure PowerShell Module

This policy is either On or Off and you can also exclude users from receiving this policy

Its great to see some more brilliant developments in Conditional Access and really excited to see these go live with customers.

Regards
The Author – Blogabout.Cloud

HCW8078 – Migration Endpoint could not be created

By Author on May 7, 2019May 8, 2019Leave a Comment

Quicktips: Notes from the field

While running the Exchange Hybrod Configuration Wizard I ran in the following issue;

HCW8078 – Migration Endpoint could not be created
Microsoft.Exchange.Migration.MigrationServerConnectionFailedException
The connection to the server ‘http://mail.domain.com’ could not be complete

This issue is a known issue to Microsoft and the resolution is the good old “Have you tried turning it off and on?”

The It Crowd Chris Odowd GIF - Find & Share on GIPHY

The resolution was to Disable MRSProxyEnabled, this can be easily completed for all servers using;

Get-WebServiceVirtualDirectory | Set-WebServiceVirtualDirectory -MRSProxyEnabled $False

Get-WebServiceVirtualDirectory | Set-WebServiceVirtualDirectory -MRSProxyEnabled $True

This script will need to repeat this process for all your servers where MRSProxy is being used.
Invoke-Command -ComputerName Server1 -ScriptBlock {iisreset /restart}

Once you have completed the below steps you will be able to successful rerun the Hybrid Configuration Wizard without any errors

Regards
The Author – Blogabout.Cloud

The pain in the a** that is special characters. Understanding what is and isnt supported when migrating to the Microsoft Cloud.

By Author on April 12, 2019April 12, 2019Leave a Comment

So in recent months, I have been working a number of large organisation that have issues with special characters that are affecting their migration to the Microsoft Cloud. Yes, I IDFix does an excellent job of correcting a lot of the issues. However, in recent time I have been rolled into customer sites to troubleshoot and report on special characters contained in Distribution Lists and Shared Mailboxes which cannot be migrated to Exchange Online.

What special characters are supported in Office 365?

So first of all, what is and is not supported. The below table gives an excellent break down what the character can be supported in UserNames, Password and Email Addresses.

Allowed In
Character Name	Character	User Name	Password	Email Address
Accent	`	No	Yes	No
Ampersand	&	No	Yes	No
Angle Brackets	< >	No	Yes	No
Apostrophe	’	No	Yes	Yes***
Asterisk	*	No	Yes	No
At Symbol	@	No	Yes	No
Backslash	\	No	Yes	No
Braces	[ ]	No	Yes	No
Brackets	{ }	No	Yes	No
Circumflex	^	No	Yes	No
Colon	:	No	Yes	No
Comma	,	No	Yes	No
Dollar Sign	$	No	Yes	No
Equal Sign	=	No	Yes	No
Exclamation Point	!	No	Yes	No
Hyphen	–	Yes*	Yes	Yes*
Number Sign	#	No	Yes	No
Parentheses	( )	No	Yes	No
Percent Symbol	%	No	Yes	No
Period	.	Yes*	Yes	Yes*
Pipe	\|	No	Yes	No
Plus Sign	+	No	Yes	No
Question Mark	?	No	Yes	No
Quotation Mark	“	No	Yes	No
Semicolon	:	No	Yes	No
Forward Slash	/	No	Yes	No
Tilde	~	No	Yes	No
Underscore	_	Yes**	Yes	Yes**
Uppercase Letters (A-Z)	A-Z	Yes	Yes	Yes
Lowercase Letters (a-z)	a-z	Yes	Yes	Yes
Numerals (0-9)	0-9	Yes	Yes	Yes

In order to test for the special characters above I have created the following script


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
cls

 $array = @('~', '!', '#', '$', '%', '^', '&amp;', '(', ')', '-', '.+', '=', '}', '{', '\', '/', '|', ';', ',', ':', '&lt;', '>', '"')

 $samaccountarray = @('[', '\', '"', '|' , ',' , '/', ':', '&lt;', '>', '+', '=', ';', ']')

 foreach ($char in $array) {

 Write-Host "Please Wait... Detecting",$char," in samaccountname" -ForegroundColor Yellow

 $objects = Get-distributiongroup

 foreach ($object in $Objects)

 {

 try {

  if ($object.SamAccountName -like "*$char*") 

 {

 Write-Host "Special Character",$char,"detected in SamAccountName",$object.samaccountname -ForegroundColor Red

 

 }

 else

 {

 #Write-Host "Special Character",$char," not detected in " $object.UserPrincipalName

 }

 }

 catch

 {

 Write-Host "Great News!! we was unable to detect",$char,"in samaccountnames for all Distribution List" -ForegroundColor Green

 }

 }

 }

Get-SpecialCharacters (49 downloads)

If you are interested in understanding what IDFix does and what special characters are not supported, please see this link

https://docs.microsoft.com/en-gb/office365/enterprise/prepare-for-directory-synchronization?redirectSourcePath=%252fen-us%252farticle%252fPrepare-to-provision-users-through-directory-synchronization-to-Office-365-01920974-9e6f-4331-a370-13aea4e82b3e

Regards

The Author – Blogabout.Cloud

Configuring Outbound Delivery Routing from Office 365 to Mimecast

By Author on April 4, 2019April 5, 2019Leave a Comment

When working with customer environments it is very possible a 3rd party appliance maybe involved and for the purpose of this post I will be directly looking at Mimecast to see how its configured to work with Office 365.

Prerequsities

An Office 365 administrator logon with permission to create a send connector.
Your internal domains must already be registered with us.
A Mimecast administrator logon with at view permission to the Gateway | Accepted Email menu item.

Mimecast recommend that if you are switching MX records, this task must be completed 3 days before changing the MX record to point at Mimecast. The reason for this allows Mimecast to build your Auto Allow list, based on recipients your users send messages to.

This has a positive impact on inbound email delivery speed, because many senders will already be known and consequently not be subject to our greylisting security feature.

Updating the SPF Record for your Domain(s)

You must have an SPF record for the domain(s) registered with Office 365. When implementing Mimecast with Office 365, this record must be updated in the DNS zone for the relevant domain to include the following:

Remove: v=spf1 include:spf.protection.outlook.com –all
Replace with or add: v=spf1 include:_netblocks.mimecast.com ~all

Important Note: If your outbound email is temporarily coexisting with Mimecast, you can leave the v=spf1 include:spf.protection.outlook.com –all SPF record. However, it must be removed once all your outbound email is routed through Mimecast.

Configuring Outbound Routing

Important Note: Mimecast has known issue with browsers that are not Internet Explorer and its recommend this process is completed using Internet Explorer only. All other browsers tested have issues.

Recommendation: Disable or remove any other Outbound Send Connectors. Failure to do this means your outbound email still uses these and isn’t routed through us.

Any send connectors used for other purposes (e.g archiving) may still be enabled. If in doubt, consult Mimecast Support.Any send connectors used for other purposes (login archiving) may login be enabled. If in doubt, consult Mimecast Support.

Adding the Office 365 Tenant Domain as an Internal Domain

Your Office 365 tenant domain must be added to the list of internal domains available in the Mimecast Administration Console. See the Configuring Internal Domain / Subdomains page for full details. This enables us to recognize certain auto response messages, where the sender address is not a normal internal domain. This is typically in the format @domain.onmicrosoft.com. Contact the Mimecast Support team if you have queries regarding this step.

Contact the Mimecast Support team if you have queries regarding this step.

Verifying Your Configuration

Once this step is complete, Office 365 must be added to your authorized outbounds as an umbrella account. View the Maintaining Authorized Outbound Addresses page for more information.

To verify that Office 365 is successfully routing email outbound via us:

Log on to the Offic 365 Administration Console.
Select Admin | Exchange

Select Mail Flow | Connectors
Create a Connector

Select Office 365 – From Field
Select Partner organization – To Field

Enter Name for Connector
Enter Description for Connector – Optional
Ensure “Turn it on” is ticked

Select “Only when email messages are sent to these domains”
Press the ( + )

Type the value * which will allow all outbound email to Mimecast

Press Next

Select “Route email through these smart hosts”
Press the ( + )

Now, depending on your location you will need to use the Smart Host address from the table

Region	Office 365 Account Hostnames
America	us-smtp-o365-outbound-1.mimecast.com
America	us-smtp-o365-outbound-2.mimecast.com
Australia	au-smtp-o365-outbound-1.mimecast.com
Australia	au-smtp-o365-outbound-2.mimecast.com
Europe (Excluding Germany)	eu-smtp-o365-outbound-1.mimecast.com
Europe (Excluding Germany)	eu-smtp-o365-outbound-2.mimecast.com
Germany	de-smtp-o365-outbound-1.mimecast.com
Germany	de-smtp-o365-outbound-2.mimecast.com
Offshore	je-smtp-o365-outbound-1.mimecast-offshore.com
Offshore	je-smtp-o365-outbound-2.mimecast-offshore.com
South Africa	za-smtp-o365-outbound-1.mimecast.co.za
South Africa	za-smtp-o365-outbound-2.mimecast.co.zaM

As shown below

Press Next

Select “Always use Transport Layer Security (TLS) to secure this connection (recommended)”
Select “Issued by a trusted certificate authority (CA)

Before pressing next please ensure that you confirm all your configured settings
Press Next

Press the ( + ) this will allow you to validate the connector

Enter an external email to send the test email

Click Validate

If everything is ok and configured correctly you should see a success message

Press save !!! and your all done

Recommendation: Disable or remove any other Outbound Send Connectors, if this is not completed it may cause email to fail as it won’t be routed through Mimecast

But if doing the above seems a bit boring, there’s always PowerShell 🙂

new-outboundconnector -name ConnectorName -smarthosts SmartHostAddress1,SmartHostAddress2 -tlssettings certificatevalidation -recipientdomains * -routeallmessagesviaonpremises $false -connectortype Partner -usemxrecord $false -whatif

or download my script for all Mimecast regions

Set-O365MimecastConnector (75 downloads)

Add your Office 365 domain as an internal domain in Mimecast

The Office 365 domain(s) must be added to the list of internal domain available in the Mimecast Administration console, if this action is missed. Mimecast are unable to recognise auto response message where the send address maybe @domain.onmicrosoft.com. Mimecast have a section about this on their website, please follow the link below.
Configuring Internal Domain / Subdomains

Verify your configuration

To verify that Office 365 is successfully routing email outbound via us:

Log on to the Administration Console.
Click on the Administration toolbar button.
Select the Message Center | Accepted Messages menu item.

See the Message Center: Accepted Messages page for full details.

You should see messages from your organization’s internal users to external recipients. If you don’t see messages shortly after they’re sent, this indicates a configuration problem on your Office 365 send connector. Double check your configuration. Use the Office 365 Message Trace Tool in the Mail Flow | Message Trace menu of the Exchange Admin Center to help identify the issue.

Important Note: Once this step is complete, Office 365 must be added to your authorized outbounds as an umbrella account. View the Maintaining Authorized Outbound Addresses page for more information.

Regards
The Author – Blogabout.Cloud

Get Disabled Users who have an Exchange Mailbox with PowerShell

By Author on April 1, 2019April 1, 2019Leave a Comment

If there’s one thing most IT department are not great at its removing Exchange Mailboxes for Disabled Users. So here’s a quick Powershell win to determine who within your Exchange organisation has a mailbox and a disabled AD account.

On-Premises Users


1
2
3
4
5
6
7
8
9
$Mailboxes = Get-Mailbox | where {$_.RecipientTypeDetails -eq 'UserMailbox'}

$Disabled = @()



Foreach ($Mailbox in $Mailboxes) {

    if((Get-ADUser -Identity $Mailbox.SamAccountName).Enabled -eq $False){

        $Disabled += Get-MailboxStatistics $Mailbox.SamAccountName | Select -Property DisplayName,TotalItemSize

    }    

}

$Disabled | Export-Csv -Path $env:userprofile\desktop\DisabledADUserwithMailbox.csv -NoTypeInformation

Cloud Users


1
2
3
4
5
6
7
8
9
10
11
Connect-MsolService

  

  $Mailboxes = Get-Mailbox | Where-Object {$_.RecipientTypeDetails -eq 'UserMailbox'}

  $Disabled = @()



  Foreach ($Mailbox in $Mailboxes) {

    if((Get-msolUser -userprincipalname $Mailbox.userprincipalname).Enabled -eq $False){

        $Disabled += Get-MailboxStatistics $Mailbox.userprincipalname | Select-Object -Property DisplayName,TotalItemSize

    }    

  }

  $Disabled | Export-Csv -Path $env:userprofile\desktop\DisabledAzureADUserwithMailbox.csv -NoTypeInformation

Regards

The Author – Blogabout.Cloud

Log process flow: From raw data to risk assessment

Supported firewalls and proxies

Automatic Risk Assessment

App connectors

Conditional Access App Control protection

Policies

Share this:

What is Microsoft Bookings?

Is Booking enabled for subscription?

Get the free Microsoft Bookings add-on for Enterprise subscriptions

Turn Bookings off for your entire organization using Exchange Online PowerShell

Let’s make a Booking

Share this:

New Features

Updated Features

Share this:

Creating the Microsoft Flow for RSS to Microsoft Teams Channel

Share this:

What about existing deployments of Office 365 ProPlus?

Updating Microsoft Teams !! It doesnt follow the normal ProPlus cycles.

Share this:

Baseline policy: End user protection (Preview)

Baseline policy: Block legacy authentication (Preview)

Baseline policy: Require MFA for Service Management (Preview)

Share this:

Share this:

What special characters are supported in Office 365?

Share this:

Prerequsities

Updating the SPF Record for your Domain(s)

Configuring Outbound Routing

Adding the Office 365 Tenant Domain as an Internal Domain

Verifying Your Configuration

Add your Office 365 domain as an internal domain in Mimecast

Verify your configuration

Share this:

On-Premises Users

Cloud Users

Share this: