Forum Discussion

Tim Hunter's avatar
Tim Hunter
Iron Contributor
Feb 01, 2019

Remove TLS 1.0/1.1 and 3DES Dependencies

When I went to http://servicetrust.microsoft.com to see any users still using TLS 1.9/1.1. How do I remove TLS 1.0/1.1. How do I go about making these compatible so they work come February 28, 2019 w...
Exchange Server
office 365
TLS
guptashash's avatar
guptashash
Copper Contributor
Feb 02, 2019

Even I went ahead and tried to research on the topic, no such information is available. 

 Protocol Agent
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1MacOutlook/14.7.2.170228+(Intel+Mac+OS+X+10.9.6)
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1MacOutlook/14.7.2.170228+(Intel+Mac+OS+X+10.9.6)
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+Office/14.0+(Windows+NT+6.1;+Microsoft+Outlook+14.0.7190;+Pro)
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+6.3;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1MacOutlook/14.7.2.170228+(Intel+Mac+OS+X+10.9.6)
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Android-SAMSUNG-SM-G570F/101.80000
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1MacOutlook/14.7.2.170228+(Intel+Mac+OS+X+10.9.6)
TLS1.0/1.1Microsoft+Office/14.0+(Windows+NT+6.1;+Microsoft+Outlook+14.0.7190;+Pro)
TLS1.0/1.1Android-SAMSUNG-SM-G570F/101.700
TLS1.0/1.1MacOutlook/14.7.2.170228+(Intel+Mac+OS+X+10.9.6)
TLS1.0/1.1Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.11126;+Pro)
TLS1.0/1.1Apple-iPhone8C1/1602.92
TLS1.0/1.1-
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1MacOutlook/14.7.2.170228+(Intel+Mac+OS+X+10.9.6)
TLS1.0/1.1Microsoft+BITS/7.5
TLS1.0/1.1

Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.10730;+Pro)

 

 

Not sure why Microsoft+Office/16.0+(Windows+NT+10.0;+Microsoft+Outlook+16.0.10730;+Pro) still using TLS 1.0/1.1 ?

David Kamp's avatar
David Kamp
Brass Contributor
Feb 04, 2019
My report Also shows the +(Windows+NT+10.0;+Microsoft+Outlook+16.0.10730;+Pro) still using TLS 1.0/1.1 and
Several Apple-iPhone
What / Why would the two items be on the list?
  • Alan_McFarlane's avatar
    Alan_McFarlane
    Iron Contributor
    Feb 19, 2019
    Looking on Sunday night at the reports of my ~20 client tenants, there seems to have been a change. None of them now contain any Win10 (Office16/15) entries. So I’m wondering if there was a bug in the reports and it’s been fixed!

    Anyone see the same?

    The reports look a bit sparse also however. MNy have no rows. Perhaps the school holidays last week meant less folk were connecting? The reports clearly aren’t cumulative over all time, as entries from an older report don’t always appear in a later one. I wonder what needs to happen to make a device appear, is it just to connect to read mail etc, or it that it needs to re-authenticate e.g. after 14 days etc?
    • Tim Hunter's avatar
      Tim Hunter
      Iron Contributor
      Feb 20, 2019

      I just re-ran the report this morning and have different results also and I did not make any changes or modifications. Here is what I show now and not sure how to fix them. Most of them are on either Android or Apple phones. I still show 1 on Office, not sure what Microsoft+BITS/7.5 is??

      • Vivek Jain's avatar
        Vivek Jain
        Iron Contributor
        Feb 21, 2019

        The differences in reports on different days might be due to the fact that if a user does not work on a particular day (hence doesn't connect to Office 365) then for that day's report the user will not show up, even though the user is still not compliant. 

         

        Then how do we know for sure everyone is compliant, I do not have much clue. Microsoft should have keep listing all users it detected earlier until it detects a compliant connection from the same user.

Resources