SuperTekBoy

Practical Help for Exchange & Office 365

Exchange News

Exchange Online Updates (September 2020)

By 1 Comment

2 Shares
Share
Tweet
Share
Reddit
Print

Block Outlook for Android on wearables and smartwatches

Microsoft has added a policy to Intune that grants an administrator the ability to block Outlook for Android on wearable devices (for example, a Samsung Galaxy Watch). This block prevents any Outlook data from being shared with the wearable device. This includes emails, calendar items, and more.

To configure this block, log into Endpoint Manager and select the Apps > App Configuration Policy tabs. From here, click Add and choose Managed Apps (you can also modify an existing Outlook app policy).

Give the policy a name and click Select public apps. Search for, and add Microsoft Outlook. Click Next.

Block Outlook to wearable devices and smartwatches

On the Settings tab, expand Outlook configuration settings, and next to the field Org Data on Wearables select No. From here select any other settings to go into your App Configuration Policy and click Next. On the next screen pick which users or groups of users will get this settings. Click Next and Create.

Block Outlook to wearable devices and smartwatches B

For those who do not have an Intune subscription, a new feature is being added to mobile device policies in Exchange Online (which anyone with an Exchange license can leverage) to disable Bluetooth on the device. You can do this via PowerShell. In the example below, we are disabling Bluetooth for the policy named, Company Mobile Policy.

 C:\> Set-MobileDeviceMailboxPolicy -Identity "Company Mobile Policy" -AllowBluetooth Disable

Global recipient limits

Earlier in the year, Microsoft announced a change to recipient limits in Office 365. Recipient limits dictate how many recipients someone can add to a single email message (this includes all recipients added to the To, Cc, and Bcc lines). This limit was previously hardcoded to 500 recipients. With the February announcement, administrators were allowed to configure this limit per mailbox, with a value of 1 to 1,000 recipients per message.

Starting in August Microsoft extended this functionality by allowing a global recipient limit to be set via PowerShell using the Set-TransportConfig command.

To see the current configuration, connect to Exchange Online PowerShell and run the following command.

 C:\> Get-TransportConfig | Format-List MaxRecipientEnvelopeLimit

MaxRecipientEnvelopeLimit : Unlimited

A value of Unlimited denotes the Office 365 published limits, which at the time of writing is 1,000 recipients per message.

You can modify this value with the following command. In the example below we are setting the max recipients per message to 500.

 C:\> Set-TransportConfig -MaxRecipientEnvelopeLimit 500

In most cases, when this setting is configured on both the mailbox and globally, the mailbox will win. The exception to this is when the mailbox is set to Unlimited, then the global parameter wins. Another way to think of Unlimited at the mailbox and global level is null or not set.

[Read more…] about Exchange Online Updates (September 2020)

Exchange Cumulative Update (September 2020)

By Leave a Comment

6 Shares
Share
Tweet
Share
Reddit
Print
Exchange 2019 Cumulative Update 7

This week was a big week for Exchange. Microsoft released its seventh cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange Logo Mini

Exchange 2019 Cumulative Update 7 (VLSC)| KB4571787

Exchange 2013 Cumulative Update 9

Exchange 2016 Cumulative Update 18 | KB4571788 | UM Language Pack

So, what’s new in this Cumulative Update?

Microsoft has resolved a number of issues with the Exchange 2019 Sizing Calculator. I actually ran into one of these myself where the transport database size estimate (under the Role Requirements tab) always reported a 0 GB size per server. This issue has now been fixed in version 10.5 of the calculator (included with the Exchange 2019 CU7 ISO in the Support folder). Be sure to ditch v10.4.

Exchange Server Sizing Caculator 9.1 error in Transport Calc

These series of cumulative updates also resolves an issue where Surface Hub would connect to meetings with the wrong communications client (Skype or Teams) if both clients were installed on the device.

A couple of other items of note is that this cumulative update will fix an issue where the MAPI App Pool could become locked and drive CPU to 100% for over an hour and resolves the security issue CVE-2020-16875, which addresses a remote code execution vulnerability.

[Read more…] about Exchange Cumulative Update (September 2020)

Sysadmin Today #78: Talking Tech with Gareth Gudger

By Leave a Comment

8 Shares
Share
Tweet
Share
Reddit
Print

On July 19th, I had the great pleasure of being a guest on SysAdmin Today. I joined host Paul Joyner to discuss several hot topics for Exchange and Office 365; including:

  • Introductions
  • Overview of Microsoft MVP Program
  • Getting out of the patching and server management business
  • Updated Hybrid Configuration Wizard (v17)
  • Keeping an Exchange server on-prem for secure mail relay
  • GUI for restoring deleted mail for users
  • Reply-all storm protection
  • Support for DANE / DNSSEC
  • New defaults for SMTP Auth
  • Deprecation and deadline extension for basic auth
  • Getting all users to multi-factor authentication
Sysadmin Today #78 - Talking Tech with Gareth Gudger
[Read more…] about Sysadmin Today #78: Talking Tech with Gareth Gudger

Exchange Cumulative Updates (June 2020)

By 3 Comments

6 Shares
Share
Tweet
Share
Reddit
Print
Exchange 2019 CU6

This week was a big week for Exchange. Microsoft released its sixth cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange Logo Mini

Exchange 2019 Cumulative Update 6 (VLSC)| KB4556415

Exchange 2013 Cumulative Update 9

Exchange 2016 Cumulative Update 17 | KB4556414 | UM Language Pack

So, what’s new in these Cumulative Updates?

In this series of cumulative updates, Microsoft added thirteen new blocked file types for use with the OWA Mailbox Policy. The additions included several scripting extensions, including many python file types such as .py, .pyc, and .pyo. For a full list of the new extensions, check the following article.

These cumulative updates also correct an issue when using the Restore-RecoverableItems command in a pipe. We covered the cloud-exclusive GUI version of this command in an article earlier this week. Be sure to check it out.

Companies leveraging Hybrid Modern Authentication will also want to take note of these updates as they fix unexpected authentication prompts during certificate rollovers.

Customers leveraging Edge Transport will also want to take note as these updates resolve a situation where Edge Transport servers may become unresponsive due to deadlock in the shadow redundancy manager.

For a full list of all fixes, be sure to check out the KBs KB4556415 and KB4556414.

[Read more…] about Exchange Cumulative Updates (June 2020)

Exchange Online Updates (June 2020)

By Leave a Comment

6 Shares
Share
Tweet
Share
Reddit
Print

Recover deleted mail using the new Exchange Admin Center in Office 365

In the last quarterly update, we covered the new Exchange Admin Center in Office 365. Exclusive to the new admin center is the ability to recover deleted items back into a user’s mailbox. This process has been available using PowerShell for some time.

Recover deleted email items for a user in Office 365 B

Keep in mind you can only recover up to the limit of your single item recovery policy. By default, this is 14 days in Office 365, but can be increased to 30 days (although you will need to set this ahead of time).

You can read more about how to recover deleted items in the following article.

Preventing Reply-All Storms in Exchange Online

Microsoft has added a new feature to combat reply-all storms. These storms are particularly prevalent when numerous people execute a reply-all to a massive distribution list.

Reply-All Storm Protection in Exchange Online

Microsoft’s initial reply-all protection will block replies to an email thread for 4 hours if it detects more than ten reply-all messages within 60 minutes to a thread with over 5,000 recipients.

The eleventh sender will receive a non-delivery report titled Reply-All Storm Protection with the reason the message was blocked.

[Read more…] about Exchange Online Updates (June 2020)

RunAs Radio #684 – Exchange in 2020 with Gareth Gudger

By Leave a Comment

26 Shares
Share
Tweet
Share
Reddit
Print

On February 29th I had the great pleasure of being a guest on the RunAs Radio podcast. I joined host Richard Campbell to discuss all the new security requirements coming to Exchange Online, specifically around the new modern authentication requirement and the deprecation of TLS 1.0 and 1.1.

Gareth on Runas Radio #684 - Exchange in 2020 with Gareth Gudger
[Read more…] about RunAs Radio #684 – Exchange in 2020 with Gareth Gudger

Exchange March 2020 Updates

By 3 Comments

11 Shares
Share
Tweet
Share
Reddit
Print
Exchange 2016 Cumulative Update 15

This week was a big week for Exchange. Microsoft released its fifth cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange Logo Mini

Exchange 2019 Cumulative Update 5 (VLSC)| KB4537677

Exchange 2013 Cumulative Update 9

Exchange 2016 Cumulative Update 16 | KB4537678 | UM Language Pack

So, what’s new in these Cumulative Updates?

In this series of cumulative updates, Microsoft has resolved a number of security and non-security issues. You can read more about those in KBs 4537677 and 4537678.

This series of cumulative updates shipped with a new version of the calculator for Exchange 2019. This new calculator corrects an issue where developing a design around mailbox size or IOPs was not producing the correct number of mailboxes per database.

Cumulative Update 5 also corrects an issue in the Manage-MetaCacheDatabase.ps1 script that ships with Exchange 2019. The script has been corrected to only return solid-state disks that are initialized. It does this by filtering out all disks with no disk number. This issue was first identified in this article.

These Cumulative Updates also fix an issue with how cookies are handled in Google Chome 80 and later. The SameSite cookie issue was first identified in this post.

[Read more…] about Exchange March 2020 Updates

Exchange December 2019 Updates

By 2 Comments

24 Shares
Share
Tweet
Share
Reddit
Print
Exchange 2016 Cumulative Update 15

This week was a big week for Exchange. Microsoft released its fourth cumulative update for Exchange 2019 as well as a cumulative update for Exchange 2016. At the time of writing, there is no cumulative update for Exchange 2013.

As always, test these updates in a lab first! I recommend checking out this 7-part guide on configuring Exchange in your lab. It doesn’t take much to get one going.

The updates are as follows:

Exchange Logo Mini

Exchange 2019 Cumulative Update 4 (VLSC)| KB4522149

Exchange 2013 Cumulative Update 9

Exchange 2016 Cumulative Update 15 | KB4522150 | UM Language Pack

Exchange 2010 support extended

Back in September, the Exchange Team announced that is was extending support for Exchange 2010 by nine months. Exchange 2010 now shares the same end-of-life date as Office 2010 and SharePoint 2010, which is October 13th, 2020.

While this extension allows for a little more breathing room, it does not extend support for Windows Server 2008 R2, which is the underlying operating system for many Exchange 2010 installations. Server 2008 R2 will still go end of life on January 14th, 2020.

The Exchange Team has provided this extension to allow companies more time to migrate to a newer email platform, such as Office 365, or, Exchange 2016.

Unfortunately, there is no direct path to Exchange 2019 from 2010. If you do plan to stay on-prem, you will need to migrate to either 2013 or 2016 (I’d recommend 2016 as 2013 is now in extended support). From there you can migrate to 2019.

For more information on migrating from Exchange 2010 to 2016, check out this recent blog article from the Exchange Team: Exchange On-Premises Best Practices for Migrations from 2010 to 2016

So, what’s new in these Cumulative Updates?

In this series of cumulative updates, Microsoft has resolved a number of security and non-security issues. You can read more about those in KBs 4522149 and 4522150.

Most notably this fixes an issue I had run into myself in both Exchange 2016 CU13 and CU14. The issue was after running the Hybrid Configuration Wizard you could no longer modify the Outbound to Office 365 send connector if your source servers were Edge Transport servers.

Attempting any modifications to the send connector would result in the errors: Error 0x5 (Access is denied) from cli_GetCertificate or Error 0x6ba (The RPC server is unavailable) from cli_GetCertificate. This error was caused because the Exchange organization was attempting to access the certificates on the Edge Transport servers. I can confirm CU15 resolved this error for me.

Error 0x5 Access is denied from cli_GetCertificate Exchange 2016 Edge Transport

Note: Error 0x5 (Access is denied) from cli_GetCertificate was also reported in Exchange 2019 CU2 and CU3. It has been resolved in CU4.

[Read more…] about Exchange December 2019 Updates