SEP Manager 14.2 RU1 Authentication errors after upgrade
paul | Friday, 24 May 2019 | SEP | SEP

After upgrading the Symantec Endpoint Protection Management server to 14.2 RU1 the server may stop authenticating with Active Directory servers. This is due to "improved" LDAP support.

To fix the AD server must be specified using the FQDN rather than just the domain name or IP address.

This is a known issue. Further information at:  https://support.symantec.com/en_US/article.TECH251819.html

Display Comments...
eDiscovery Export Tool does not start
paul | Monday, 15 April 2019 | Office365 | eDiscovery

If after downloading the "Microsoft Office 365 eDiscovery Export Tool" and starting it you receive an error message "Cannot Start Application".

This may be due to downloading the tool using Chrome or another similar browser. The Tool must be downloaded using Microsoft Internet Explorer. It will then run ok.

Display Comments...
Giving access to Office 365 leavers email
paul | Friday, 15 February 2019 | Office365 | leavers

When an Office 365 user leaves the company their Active Directory account would be disabled and at some point deleted. When ADConnect next syncs this would remove their Office 365 account and any Exchange Online mailbox attached to it. The mailbox would then become an inactive mailbox and after a set time that would be removed unless the mailbox was on litigation hold or had a retention policy against it. The inactive mailbox can be accessed suing the following powershell commands.

Getting a list of inactive mailboxes:

Get-Mailbox -InactiveMailboxOnly | FL Name,DistinguishedName,ExchangeGuid,PrimarySmtpAddress

Get an inactive mailbox:
 
$InactiveMailbox = Get-Mailbox -InactiveMailboxOnly -Identity <identity of inactive mailbox>
 
Recovering an inactive mailbox - replaces inactive mailbox with active one:
 
New-Mailbox -InactiveMailbox $InactiveMailbox.DistinguishedName -Name annbeebe -FirstName Ann -LastName Beebe -DisplayName "Ann Beebe" -MicrosoftOnlineServicesID [email protected] -Password (ConvertTo-SecureString -String '[email protected]' -AsPlainText -Force) -ResetPasswordOnNextLogon $true
 
Restoring an inactive mailbox contents to an existing mailbox - copying and merging contents:
 
New-MailboxRestoreRequest -SourceMailbox $InactiveMailbox.DistinguishedName -TargetMailbox [email protected] -AllowLegacyDNMismatch
 
Restoring to a specific folder rather than merging:
 
New-MailboxRestoreRequest -SourceMailbox $InactiveMailbox.DistinguishedName -TargetMailbox [email protected] -TargetRootFolder "Inactive Mailbox" -AllowLegacyDNMismatch
 
Restoring inactive mailboxes archive to existing users archive:
 
New-MailboxRestoreRequest -SourceMailbox $InactiveMailbox.DistinguishedName -SourceIsArchive -TargetMailbox [email protected] -TargetIsArchive -TargetRootFolder "Inactive Mailbox Archive" -AllowLegacyDNMismatch
 
The key is to ensure retention policy is applied, or litigation hold, before deletion to allow the inactive mailbox to be retained and recovered.

 

Display Comments...
Office 365 Security Alert: Elevation of Exchange admin privilege
paul | Thursday, 14 February 2019 | Office365 | Alerts

We recently received a worrying security alert about elevation of exchange admin priviledge.

A low-severity alert has been triggered

⚠ Elevation of Exchange admin privilege

Severity: ● Low

Time: 2/14/2019 3:15:00 PM (UTC)

Activity: GrantAdminPermission

User: [email protected]

Details: GrantAdminPermission. This alert is triggered whenever someone in your organization becomes an admin or gets new admin permissions.

   View alert details   

Thank you,
The Office 365 Team

 

A check of global admins confirmed that nobody had assigned the Exchange Admin role but a quick google returned a webpage explaining this alert occurs by design when either a Sharepoint/Skype for Business/Exchange role had been assigned.

https://support.microsoft.com/en-gb/help/4039823/boxserviceaccount-is-added-to-a-role-in-office-365-alerts

 

 

Display Comments...
Error accessing Outlook Web Access
paul | Thursday, 13 December 2018 | Office365 | OWA

When accessing Outlook Web Access the error below is displayed after login:

X-ClientId: 0DBF7AF36AB94DA722A9FB4D8D807

request-id a7c5806f-0929-41ac-84d4-d7f40ef7b2d0

X-Auth-Error OpenIdConnect Microsoft.Exchange.Clients.Security.AccountTerminationException

X-OWA-Version 15.20.1425.20

X-FEServer LO2P265CA0129

X-BEServer LO2P265MB1134

Date:13/12/2018 14:47:49

Everything looked ok with the account but it would not access the mailbox from the Outlook client or OWA.

Fixed by removing the Exchange Online license from the user and then readding it after a short while.

 

Display Comments...
Page 1 of 71 (357 Articles) << 1 2 3 4 5  Next >>