blog.atwork.at

news and infos about microsoft, technology, cloud and more

atwork sucht (Senior) Consultant Office 365 (Identity, Exchange, Skype) (w/m) - Dienstort: Deutschland

Als Experte in allen Bereichen rund um Microsoft-Technologien und Cloud-Themen ist unser Mandant ein gesuchter Berater bei seinen Kunden. Sie werden Teil eines eigenständigen und verantwortungsbewussten Teams, in dem ein hohes Qualifizierungsniveau, immer auf aktuellstem Stand, höchste Priorität hat.

Limitation of Exchange Hybrid Centralized Mail Transport

I recently had a curious behavior in my customers Exchange 2010 SP3 hybrid environment with centralized mail transport for Exchange 2010 SP3 Edge servers enabled. Before I describe the topic in more detail I would like to say thank you to the guys from Microsoft: Timothy Heeney, Scott Landry and Tom Kern helped me with my ‘little’ mail flow problem . Appreciate your help. My customer is using a smtp gateway for external mail flow as usual. Some of the mailboxes have configured smtp forwarding like ForwardingAddress (mail contact) and ForwardingSMTPAddress (external smtp address directly set on the mailbox). As we all know, Exchange hybrid mailbox move will not migrate the ForwardingAddress configuration for mailboxes. For this and some other migration limitations my colleague Andreas from atwork developed an ‘Exchange Online Migration Tool’ which is used by my customer. This tool checks, amongst other things, if the forwarding recipient is synced to Azure Active Directory and will set the smtp forwarding again after migration, let’s say it’s one component of many hybrid pre and post-migration tasks. However, not all smtp domains which are used for smtp forwarding are created in the on-premises environment nor in Exchange Online. Also, some of these smtp domains don’t have any mx records populated in external DNS configuration. Mail flow for these domains is handled by the internal smtp gateway with some special configuration and different connectors. After the pilot migration of some Exchange 2010 users to Exchange Online, I saw a couple of ‘450 DNS socket error’ messages during mail flow checks. As I said not every smtp domain has its own MX record published. The first thing I checked was the CMC connector which looked like this: RecipientDomains * SmartHosts [x.x.x.x],[x.x.x.x] TlsDomain contoso.com TlsSettings DomainValidation IsTransportRuleScoped False RouteAllMessagesViaOnPremises True It seems that everything looks good. Next, I was looking for the X-MS-Exchange-Organization-AuthAs mail header which had the value ‘Internal’ and centralized mail transport is used. All mail flow tests from different Exchange Online tenants and external mail provider were routed through the on-premises environment correctly – except for those who have smtp forwarding configured. This behavior for users with smtp forwarding configured is by design and EOP will route these emails directly to the Internet. Tom provided me the official support link: https://support.microsoft.com/en-us/help/3194415/some-messages-aren-t-routed-through-the-on-premises-organization-when-you-use-centralized-mail-transport ‘This behavior is by design. To forward the message, an exact copy of the original message is created and sent to the external recipient. Mail routing logic sees that this new message originated in the on-premises environment and therefore doesn't send the message back to the on-premises environment. Instead, it's routed directly to the external recipient domain through Exchange Online Protection.’ Nevertheless, if you are in the same situation, you can use the following tasks to get centralized mail transport working: Configure your domains properly and create it as an internal relay domain for both on-premises and Exchange Online Don’t migrate these recipients to Exchange Online, set the domain to internal relay and let do your on-premises environment the resolving Rewrite it to something which is routable if you don’t want to use centralized mail transport for the on-premises organization Remove the external smtp forwarding

Working With Office 365 Groups And Connectors article series at MVP Award Blog

Recently, the Microsoft MVP Award Program Blog published my three-part series about “Working With Office 365 Groups And Connectors”. Read the articles online in the MVP blog here.

Unity Connect in Haarlem 2016

Last week Martina and I have been speaking at Unity Connect in Haarlem in the Netherlands. Unity Connect is an IT conference about Office 365, SharePoint, Exchange, Skype, Yammer, and Azure and took place from 16th to 18th November 2016 in the beautiful city of Haarlem. See some impressions of Unity Connect 2016 here.

Management capabilities for Office 365 Groups

By default, in Office 365 all users can create an Office 365 group. As IT Administrator you can restrict that users can create Office 365 groups. If you want to have a more granular control to define which users shall be able to create a group that’s more effort. See here, how this works.

MailTips in Exchange Online nutzen um sicherer zu kommunizieren

MailTips in Exchange Online können für unterschiedliche Dinge verwendet werden: gibt es eine DLP Policy, die den Benutzer warnt, bevor er sicherheitsrelevante Nachrichten versendet oder dies sogar verhindert oder auch einfache MailTips, die vor allem dazu dienen sollen, den Nachrichtenverlauf zu verbessern. Beispielsweise könnte ein MailTip dazu dienen den Absender zu informieren, dass er gerade an eine Verteilerliste mit mehr as 25 Empfängern sendet.

Raise user awareness with a MailTip for external recipients in Exchange Online

Policy tips in Exchange Online can be used for a lot of things: warnings if a user sends confidential information to someone outside the organization if a proper DLP policy is in place or other useful things. One simple and effective MailTip is available for a while now and helps to raise user awareness in writing e-mails.