Dominik Höfling

My colleagues and I are working on a (pilot) multi-forest Exchange hybrid environment with a single Office 365 tenant. In this early stage of the project we will have two companies, each with their own on-premises environment. One of the requirement is a delegated administrative concept for Exchange Online, which means administrators and helpdesk workers should only manage and configure settings for their specific domains. This blog post will show you how to handle this with Role Based Access Control (RBAC). ...

Enabling single sign-on for your users must not be a big deal. There are multiple hybrid identity authentication scenarios available to obtain single sign-on capabilities to your users: Active Directory Federation Services (AD FS): single sign-on, based on one identity in your on-premises Active Directory and publishes on-premises and cloud web applications. This is the most complex scenario and often used by organizations with 250+ seats. They are not only using Office 365 applications for single sign-on, but also for other Intranet and Internet applications to achieve SSO user experience. Password Hash Sync (PHS): same sign-on, which means you must authenticate again with your on-premises credentials accessing Office 365 services. Pass-through authentication (PTA): single sign-on, allows your users to sign in to Azure Active Directory directly validating the users’ passwords against your on-premises Active Directory. Seamless single sign-on: single sign-on, automatically signs your users in when they are on their corporate devices connected to your corporate network. Can be combined with either PHS or PTA. When should I use AD FS instead of other hybrid authentication methods? ...

We are very happy to announce that Dominik Hoefling was awarded for the 1st Microsoft MVP Award for Office Servers and Services! Dominik has expertise in Microsoft Office 365 and is a recognized expert, MSL (Microsoft Learning) author, blogger, and conference speaker. See Dominik’s MVP profile. Dominik (@DominikHoefling) is a Senior Consultant for atwork deutschland GmbH. He currently works in Microsoft technologies, especially in Microsoft Exchange, Exchange Online and Office 365. He holds several Microsoft certifications including MCSA for Office 365, MCSE Messaging and MCITP Enterprise Administrator for Windows Server. Dominik also write technical blog posts for international companies and various topics about Exchange Hybrid deployments and Office 365. ...

I recently had a curious behavior in my customers Exchange 2010 SP3 hybrid environment with centralized mail transport for Exchange 2010 SP3 Edge servers enabled. Before I describe the topic in more detail I would like to say thank you to the guys from Microsoft: Timothy Heeney, Scott Landry and Tom Kern helped me with my ‘little’ mail flow problem . Appreciate your help. My customer is using a smtp gateway for external mail flow as usual. Some of the mailboxes have configured smtp forwarding like ForwardingAddress (mail contact) and ForwardingSMTPAddress (external smtp address directly set on the mailbox). ...