Recently had a user who when outside the office could not connect to 365. Per below her Outlook would just sit on “Trying to Connect”
They used OAuth for Outlook and 2fa which means when outside of a “trusted IP” the box should come up asking for the 2fa code , however this prompt was not coming up ever after restart (usually fixes a stuck Oauth box ) .
Fix
Go into credential manager and delete all the ADAL for the user , then restart Outlook
Recently I tried to setup a 365 Send connector to relay it through another third party Mimecast ( https://community.mimecast.com/docs/DOC-1623 ) . Mimecast confirmed they had enabled the Tenant domains to relay through Mimecast.
The send connector was Failing as the last Step, however I was receiving the email. After numerous calls with office 365 support they came back with the reply “We don’t support technical help with Third Party SMTP Servers”
Checking the headers on the email that came through showed the validator wasn’t even relaying through Mimecast.
Enabling the Send Connector and trying again resolved the issue , however it’s a flawed design , because after enabling it during the validation if any user tries to send out and it doesn’t work they will produce an NDR
With an account that has full access to the Shared Mailbox , login to Webmail and Choose “Open Another Mailbox”
Enter the Shared Maibox and Click OK
Next Click on the settings Icon and Choose “Publish Calendar”
Next Change the Details Below
Next Send the External party the HTML or ICS file
Had a ticket regarding 3 different sent emails to 3 different third parties which were getting duplicated into an IT mailbox on Office 365.
I double checked the “rules” under Mail flow to make sure there were no BCC rules for the users sending which there were not.
In MailTrace the emails came up as Status “Expanded”. This means the email has been sent to a group, however the original email was sent to a Single External Email address?
Why was the external email being displayed as a group in 365?
Turns Out the Outbound Spam Preferences had been turned on! And for whatever reason, these items were triggering the BCC of suspicious messages!
Recently we swapped a users UPN on a local domain controller ( which syncs to 365 via AAdconnect) to another domain and SMTP alias, all worked well however she could not login to Skype for Business.
Resetting Windows Credentials, Caches and registry items still would not fix this.
Most of the time this is due to the SIP Address not being correct. Little did we know this user had Lync before migrating to 365 so they had a SIP address in the attribute editor
Changing this resolved the issue
When they initially onboarded, there was no filtering or security in any form:
Running a simple audit against Azure AD>Sign-ins showed the extent, even more when you export a CSV.
2000+ failed attempts within 24 hours:
Step 1) Sort or filter the CSV to find common trends (specific user account/IP/Country:
In this case, the client doesn’t have staff in China, nor should anyone be accessing from there
Step 2) Create a Blacklist – AzureAD>Conditional Access.
Make sure it works as intended!
End result:
In Office 365 Managers get Notifications of User deletions as well as access to the users OneDrive
When an office 365 account is deleted or the Ad Sync Item is removed ( Either by deleting the object or removing the AD Sync group from the user ) it has 30 days before it gets deleted ( Emails and Files )
The manager get notified of this at 30 days , then again at 7 days
https://docs.microsoft.com/en-us/onedrive/retention-and-deletion
Creation of a Team Calendar
Outlook will automatically add Team Members ( who have the same Manager ) calendars to each outlook, as well as the managers
https://support.microsoft.com/en-au/help/3163350/outlook-doesn-t-display-your-manager-s-team-calendarsExpand : User Configuration – Policies – Administrative Templates – Microsoft Outlook 2010 or/and 2013 or 2016– Outlook Options – Preferences – Calendar Options – Schedule View
And Set policy Prevent Reporting Line Group Calendar from appearing .
Recently when a user tried to look at his Online Archive in Webmail the folder was missing. In Outlook 2016 ( NOT Outlook 2013 as this doesn’t support archive very well ) the folders were listed.
The issue is due to the folder count in Online Archives. The folder limit 10,000 and the current folder count was 15,000
Kindly refer to the below article for more information.
https://support.microsoft.com/en-us/help/2849181/some-folders-are-not-visible-in-outlook-on-the-web
Recently had a user who’s accepted meeting requests were going straight to their Deleted items instead of being displayed in their Inbox
Closing all Outlook windows and trying this again , the accepted meeting request still went the deleted items in Webmail which showed this was server side not Outlook/Client Side.
Turns out there was a specific Webmail Server side Inbox rule/filter doing this which was not displayed in the Outlook Client. Disabling this resolved the issue
After deploying some sharepoint lists using Group Policy via Microsoft Outlook 2016/Account Settings/SharePoint Lists
The Lists would not add unless the user had clicked Allow to this error :
Do you want to allow this website to open a program on your computer?
From: companyweb
Program: Microsoft Outlook
Address: stssync://sts/?ver=1.1&type=tasks&cmd=add-folder&base-url=http%3A%2F%2Fcompanyweb&list-url=%2FLists%2FTasks%2F&guid=%7Bcf8bbfb4%2D575b%2D4dce%2Da800%2D5b34ac1786f1%7D&site-name=Corporate%20Intranet&list-name=Tasks
This error can stopped being displayed by deploying the below reg key :
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\ProtocolExecute
Add Key stssync
In that Key Create a Dword : “WarnOnOpen”
For this to apply to All users on the machine apply to the Key’s below
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\stssync
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\stssync