Office 365
1181 TopicsUsage data for Personal Bookings/Bookings with me
Is there a way (powershell cmdlet or graph call) to get a count of how many users in a tenant have created/enabled Personal Bookings? I'm not talking about shared Bookings calendars, but people who have turned on the "Bookings with me" feature. The reason I'm looking for this data is that right now we have some departments who are using other similar services, in some cases they are costing the org quite a bit of money. If we can demonstrate that a significant percentage of users are making use of this feature that we're already paying for, we have leverage to recoup some operating costs.22Views1like0CommentsRe-locate ost-files
Hi everybody, we have a customer with a default ost-file location to the Homedrive of the user because they used Citrix in the past and now using AVD. They now want to migrate to OneDrive and disable the homedrive. In that case we want to move the ost-files back to the default location within the profile because now the profile is re-located by fslogix. As far as I know a re-location of existing ost-files is not possible and the only way to change this is to create a new Outlook profile. Cannot change the location of .ost file - Outlook | Microsoft Learn Does anyone have a better idea to solve that issue without less effort? Thanks in advance Guido2.8KViews0likes4CommentsDMarc/DKIM Issues
I have enabled DKIM in Microsoft 365, and according to Microsoft 365 Defender page, it is enabled and valid for my Exchange domains. I have created a TXT _dmarc record: v=DMARC1; p=quarantine; pct=100; rua=mailto:email address removed for privacy reasons; ruf=email address removed for privacy reasons Yet I keep receiving problem reports like the one below. How can I fix this? <feedback xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <version>1.0</version> <report_metadata> <org_name>Enterprise Outlook</org_name> <email>email address removed for privacy reasons</email> <report_id>640f326a62f640e4815e84e6f0020d9c</report_id> <date_range> <begin>1730764800</begin> <end>1730851200</end> </date_range> </report_metadata> <policy_published> <domain>z.com</domain> <adkim>r</adkim> <aspf>r</aspf> <p>none</p> <sp>none</sp> <pct>100</pct> <fo>0</fo> </policy_published> <record> <row> <source_ip>40.107.96.92</source_ip> <count>1</count> <policy_evaluated> <disposition>none</disposition> <dkim>fail</dkim> <spf>fail</spf> </policy_evaluated> </row> <identifiers> <envelope_to>b.n</envelope_to> <envelope_from>z.com</envelope_from> <header_from>z.com</header_from> </identifiers> <auth_results> <dkim> <domain>onmicrosoft.com</domain> <selector>-onmicrosoft-com</selector> <result>fail</result> </dkim> <spf> <domain>z.com</domain> <scope>mfrom</scope> <result>none</result> </spf> </auth_results> </record> </feedback>21Views0likes0CommentsUrlDefense change my email when send with thunderbird
Hello everybody, I hope somebody could help me. I have a nonprofit organization account with microsoft. I have configured my email server with a exchange rule to add a same firm to all users. This firm has some urls to images and webpages. Many of ours users are using thunderbird. When a I send a email with outlook web or gmail android client the firm it's ok, but when I use thunderbird the urldefense changes the original path and then the firm it's not ok. I don't know what is the problem. Could you help me?? Thanks a lot for the help!! JorgeSolved40Views0likes2CommentsShared mailbox: Use send-as, not send on behalf from Outlook 2016
Hello, We have a lot of shared mailboxes. For every shared mailbox, we create a specific security group that contains the members who should have access to that particular shared mailbox. We give full mailbox permissions and send-as permissions for that particular security group onto the shared mailbox. For example, security group A has full mailbox access and send-as permissions onto shared mailbox A. By adding users to security group A, they have full access to the shared mailbox. We create every new shared mailbox/security group combo using Powershell. That has been working flawlessly for the last years. However, for a recent new shared mailbox/security group combination, when a user that's member of the related security group wants to send an e-mail from the shared mailbox (by changing the from field in Outlook and selecting the shared mailbox from the global address list), Outlook tries to send every time 'send-on behalf'. This only happens for that newly created mailbox. I compared the output of Get-Mailbox and Get-RecipientPermission for the new problem shared mailbox and an older shared mailbox (which enable users to send mail send-as from outlook just fine) but I couldn't find any differences. For your information, that's the error we get back immediately after trying to do a send-as for the new shared mailbox: Your message did not reach some or all of the intended recipients. Subject: Test from Outlook Sent: 23/11/2017 9:27 The following recipient(s) cannot be reached: name of sending user on 23/11/2017 9:27 This message could not be sent. Try sending the message again later, or contact your network administrator. You do not have the permission to send the message on behalf of the specified user. Error is [0x80070005-0x0004dc-0x000524]. Why does Outlook always tries to do a send on behalf (what we don't want) where else for other shared mailboxes, send-as works fine? Using send-as from OWA however works just fine for the newest shared mailbox. It only seems a problem related to Outlook (tested on multiple clients that have access to the shared mailbox) and that particular new shared mailbox. Thanks in advance.Solved308KViews3likes12CommentsBad actors impersonating Microsoft Billing using rogue on-prem. Exchange > M365 tenants
Everyone should be aware and watch out for these very believable spoofs coming from microsoft-noreply_at_microsoft.com. If you have Threat Explorer (Defender Portal > Email & Collaboration > Explorer) or Advanced Hunting (EmailEvents table) available, you can find these messages by looking for these criteria: - Sender From Address:microsoft-noreply_at_microsoft.com (note the@ / _at_ swap) - Sender MailFrom Domain: Not equal to Microsoft.com (will be <something>.onmicrosoft.com) If you're getting these, you'll notice the MailFrom domain is an ever-changing long list of rogue tenants (e.g., <rogueTenant123>.onmicrosoft.com). The MailFrom address will be starting with "bounces+srs", like this "bounces+srs=<12345567890abcxyz>@<rogueTenant123>.onmicrosoft.com", letting us see that these bad actors are using an on-premises Exchange server, SMTP receive Connector and then a Send Connector up to and out via EXO/EOP. These things pass SPF, DKIM, and DMARC and so only get detected via General/Advanced filter and/or Fingerprint Matching (which only means loose match, there's no specific fingerprint/ID involved). The subject seems to always be "Your Microsoft order on September 23, 2024", and will be for the current date. Some people have raised this on Reddit, for example:email address removed for privacy reasons - Suspicious email : r/DefenderATP (reddit.com) I've been working with MS Support to try and get this addressed. We're seeing a lot of these, and so far it's be many many different rogue tenants, so it seems like the bad actors are working overtime and successfully standing up tenant after tenant to get these things out successfully.1.2KViews0likes1CommentDocument Mailbox permissions
We are preparing to start a Microsoft Exchange hybrid migration. I am looking for a tool that documents mailbox/resources permissions. I know I can use the get-mailboxpermissions, but that does not show permissions assigned by a user to another user. Anyone have any suggestions?92Views0likes1CommentUsername change is not reflecting in Teams channel while adding him to channel
Hello all, Recently we changed name of one of our users and that change reflected everywhere well but for the user's manager when they try to add this user to a Teams channel, they are getting the old name. I had checked the users name in AD, Azure AD, M365 admin center, Exchange admin center Everywhere it seems to be updated but the user is reporting he is still seeing the old name for him only while adding this user to teams channel. Please suggest me what I need to check.99Views0likes0CommentsValidate the working of default policy tag in MRM policy
Hi All, We have applied a retention policy to all mailboxes in our environment which also includes a default policy tag that moves all mails older than a year to Archive. Now, i know that the policy is applied and the default tag is doing its job, but, is there a way where i can see whether the mails are moved after the policy was applied ?101Views0likes1CommentHow to remove personal retention tags from all users mailboxes programmatically
My customer is using MRM and has been for a long time in office 365. Recently they noticed that employees were putting personal tags on some items, this is against their policy. The way to prevent users from using personal tags is documented here. Users can use all personal retention tags regardless of retention policy in Exchange Online - Microsoft Support Once that is complete, they'd like to remove any personal tags on email items or folders in all user mailboxes. I am told you need an EWS script to do this. Does anyone have an examples script?103Views0likes0Comments