There's a lot of content out there about backups for Office 365. I, personally, have written and spoken a lot about backups for Office 365. If you ask 10 experts, you will probably get 10 different opinions about how, or why, or what you should or should not backup in Office 365. Depending on the day (and let’s be honest, who I am working for) I may give you different answers myself.

Here is one thing I will say every time about backing up Office 365 – before you buy any add-on service, you better know what is built in.

In this blog post, I am going to look at Single Item Recovery for Exchange Online. I will go through what it is, how it works, and what is new in Single Item Recovery.

Read More

I have done a lot of migrations into Office 365. I started doing these migrations around about June 2011 and have been doing them almost constantly since then. One of the questions that I am asked during almost every one of those migrations is if AD FS or Password Hash Sync (PHS) is more secure. There really is not one straight forward simple answer I can give to that question, so I thought it was about time for me to write down my answer as a blog post here.

In this blog post I am going to look PHS and how it works as an authentication option for your Office 365 tenant. I will give you my best recommendation as to which you should be using under what circumstances, and why. I will try to break my overall answer down into a few small chucks as sort of a FAQ style brief. Let us get started.

Read More

Securing Exchange servers is hard. I mean it can be a giant pain sometimes. There are what, hundreds of millions or maybe billions of lines of code running on your Exchange servers, right? It doesn’t take much for a typo to get through and open a vulnerability that can then be exploited opening the most important and valuable data within your organization to all kinds of bad actors.

When I was starting my career as an IT pro, generally a virus would just crash your PC. Maybe you would get your hard drive deleted, which was terribly inconvenient but not much of a financial threat to organizations. In 2020, if a hacker can gain access to your IT resources, that person is most often doing so with some sort of monetary goal in mind. That goal might be a ransomware attack, it might be to harvest passwords to sell (notice how I did not say “on the dark web”? I assume that is where most passwords are sold but since this is not a commercial for some sketchy identity protection product, I don’t feel the need to include that bit of extra scare tactic).

There are real world vulnerabilities out that that could be affecting your on-premises Exchange servers right now (okay, maybe a little scare is warranted). In this blog post I’m going to talk about those exploits, how to protect your organization from them, and how to keep your organization safe from future exploits.

Read More

The great thing about Office 365 is that it is a constantly updated service. For your subscription, your organization is constantly getting new features and functionality that can greatly improve the overall Office 365 experience. Of course, the downside of that is that IT pros working in Office 365 need to keep up to date on these changes. Luckily for you, you have found this amazing blog post that is going to explain some recent updates to Modern Authentication in Exchange Online.

That’s right. In this blog post, I am going to explain what Modern Authentication is, what the alternative is, why you want it, and how you can implement it in your Exchange Online deployment.

Read More

Moving from on-premises Exchange into Exchange Online is a big change for multiple reasons. These are different systems that require different administration strategies.

For administrators, one of the best reasons for moving to a cloud service such as Office 365 is that a lot of the tedious and difficult tasks are done for you. Building new servers, checking hard drives for enough space, replacing failed hardware, patching systems and making backups are areas that Microsoft and other cloud service providers will handle for your organization. But one area that requires some attention is Exchange Online backups.

Read More

Hello from the bunker! I assume most of you will be reading this blog post from my future, and hopefully the world has returned to something closer to “normal”. By normal, I mean there isn’t a pandemic going on and people can leave their houses. As I write this blog post, I am about a month into the COVID-19 pandemic of 2020 and I haven’t left my house except for trips to the grocery store for what feels like about 20 years.

Regardless of if you’re reading this from your own social distancing hide out, or if you’re back in the office working like you did in 2019, it’s time for organizations to put more effort into their remote worker management. I do think that a lot more people are going to be doing a lot more remote work in the very near future. With more users working remotely, we as IT pros need to focus more on reporting data around our services usage and helping management understand how IT resources are being used.

Read More

With the number of users and organizations on Office 365, circumstances will inevitably require some of them to move between tenants.

An Office 365 tenant-to-tenant migration can occur for several reasons, such as after a merger or acquisition or part of a company gets sold. These business events come with complicated legal maneuvers with rigid timelines. Most of these situations require completing tenant-to-tenant migrations on a schedule made by lawyers and executives with little to no regard for the time it takes to move the associated data. It's up to the technical team to work out how to complete the migration and meet their deadline.

Whatever the reason, successfully executing a tenant-to-tenant migration within Office 365 is a complex process with some significant limitations. Let's walk through the process to clarify what's involved with this type of data migration process.

Read More

There is no doubt that Microsoft has fully embraced The Cloud. While “Mobile first, cloud first” might be a silly statement, there is no doubt that Microsoft means it. There are very few on-premises products that Microsoft has much interest in selling at all. If there is a cloud-based option for any solution, Microsoft is going to push that cloud version at the expense of the on-premises version.

It’s also clear that Microsoft big advantage over other cloud providers in the ability to provide hybrid solutions. Not every solution can be cloud-only, and aside from maybe Windows itself, I would say Active Directory leads that category. On-premises Active Directory isn’t going away.

In this blog post we’re going to look at on-premises Active Directory and my suggestions for how to keep it healthy. I’ll try to cover all the big points you to keep your organization’s Active Directory happy, healthy and functional.

Read More

Exchange continues to serve as the on-ramp into Office 365 for many organizations. One big reason is the hybrid capabilities that connect on-premises Exchange and Exchange Online.

If you use Exchange Server, it's not difficult to join it to Exchange Online for a seamless transition into the cloud. Microsoft refined the Exchange hybrid configuration wizard to remove a lot of the technical hurdles to shift one of the more important IT workloads into Exchange Online. If you haven't seen the Exchange hybrid experience recently, you may be surprised about some of the improvements over the last few years.

Read More

What a great time to be an IT pro. I mean really, who has it better than us? On any given day there is so much going on, so much to learn, so much to improve, I do really enjoy my job(s). As I think about how to open this blog post, it occurs to me that I’ve had some great opportunities in my career. Sort of a “as one door closes, another one opens” sort of thing.

I have spent most of my career as an “email guy”. I started as a Banyan Vines administrator, moved through numerous evolutions of the email concept, and now I find myself at a place where email is being deemphasized. I don’t mean to say email is “done”. I don’t by into that nonsense that Yammer, Slack, Teams, Skype, or any other alternative collaboration platform is ever going to replace what email. Email provides a platform that none of those others can replace. They can add-on and improve the overall enterprise collaboration experience, but I don’t see replace an option that will ever happen.

Read More

While Office 365 and Exchange Online are all the talk in the messaging world, there are still a lot of mailboxes in the data center. Most estimates say there are more Exchange mailboxes running on premises right now than there are in Office 365.

Exchange Server's importance to your organization means it's crucial to hone your abilities to diagnose a problem when an outage occurs. Every issue is different, but there are some common problems that can be fixed with some Exchange troubleshooting tools to get the system back up and working in short order.

Read More

Since the dawn of time, or at least the dawn of computers, logging into our computer resources has been all about username and password. The username and password model has worked pretty well considering the simplicity of this model, but now it’s time to move on to better thought out authentication and authorization systems.

In this blog post I’m going to look at the current state of Conditional Access in Azure and Office 365. We’ll look at what Conditional Access is, how it works, and some of the other authentication and authorization systems interact with Conditional Access. In this blog post, I’m not so much going for a technical explanation of what buttons to click to make this or that feature work so much as a higher-level discussion of the reasons and theories behind Conditional Access.

Read More

As IT Pros a major part of our responsibility is to keep our organizations IT services up and running. Historically this was a pretty straight forward job. It’s never been an easy job, but your software on your servers connected to your network makes everything straight forward. Moving services to Office 365 makes things much more complicated. How do you manage an outage for a cloud service? Is there any point to monitoring a cloud service when you can’t do anything to fix an outage?

In this blog post I’m going to look at a recent Office 365 outage and talk about what we as IT Pros should be doing to ensure that we’re helping the organizations we work for get the most out of their Office 365 subscription.

Read More

So, the cloud, am I right? While it always nice to get away from having to worry about failed hard drives, or backups, or patches, or a million other things, the real upside to using cloud services is that the good folks at Microsoft are able to put so much more into developing new features. Even for services like Exchange that seem mature, there are always new and unexpected ways for them to evolve as part of a huge infrastructure like Office 365 and Azure.

While this blog post isn’t about new features in Exchange Online, it is about a new way to access and administer Exchange Online.

In this blog post I’m going to explore a new feature of Azure that allows for administrators to access Exchange Online in a whole new way.

Read More

As Microsoft implements modern authentication across Office 365, administrators need to understand how to use and control the authentication framework to avoid disruptions.

Modern authentication is an updated set of authentication protocols and policies for Office 365 and Azure that allow improved authentication scenarios. Modern authentication is the term Microsoft uses for its version of OAuth 2.0 to utilize multifactor authentication, smart card authentication and other advanced authentication flows that were not possible with basic, or legacy, authentication.

Read More