Posts Tagged ‘365’


Get Distinguished Name:

get-Mailbox [Username] | fl Name,Distinguishedname

Groups:

get-group -ResultSize Unlimited -Filter ‘Members -eq “[User Distinguished Name]”‘

Distribution Groups:

Get-DistributionGroup -ResultSize Unlimited -Filter ‘Members -eq “[User Distinguished Name]”‘

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

What you need to do to enable Mailguard Filtering and Officemailguard 365

Login to 365 Portal 

Inbound Filter by IP

This forces all internal mail to only be accepted by 365 from Mailguard IP’s. Spammers start caching DNS records so even though you changed MX records they use old ones!

  • Exchange Administration 
  • Mailflow
  • Connectors

From Partner Organization
To Office 365
How do you want to identify the partner organization? Domain
Specify one or more sender domains: *
Reject email messages if they aren’t sent from within this IP address range ( IP Range from Mailguard )

203.21.125.32/32
69.16.202.203/32
174.36.235.195/32
69.16.202.216/32
50.23.246.238/32
50.23.252.166/32
108.168.255.216/32
108.168.255.217/32
203.21.125.33/32

Outbound Filter forcing SMTP relay

Make sure all Office 365 IP’s http://pastebin.com/6UZZcWPQ are in trusted networks

  • Exchange Administration 
  • Mailflow
  • Connectors

Only when I have a transport rule set up that redirects messages to this connector – Tick
Route email through these smart hosts : filter.riskca-1.mailguard.com.au
Always use Transport Layer Security (TLS) to secure the connection (recommended)

  • Exchange Administration 
  • Mailflow
  • Rules

Name : Relay Outbound through MailGuard
*Apply this rule if… – The Sender is Located … Inside the organization
*Do the following… : Use the following connector Name of Connector Above

SMTP SPF

Add this include to the TXT record for the outgoing domains

include:customer.mailguard.com

VN:F [1.9.22_1171]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

IOffice-365-New[1] used the AZCopy to copy some PSTS up to the Azure blob to copy them to 365 

All users apart from one imported OK

One user came back with “Completed With Errors  View details”

 
Status Failed – Import in progress
 
After checking with 365 , this was due to the user having a soft deleted mailbox
 
Login to MSOLINE via powershell and run
 
Remove-MsolUser –UserPrincipalName <account id> -RemoveFromRecycleBin
 
 
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Office-365-New[1]You can forward these emails to : junk@office365.microsoft.com or use the Outlook plugin to report and hopefully Microsoft should block these in future : https://www.microsoft.com/en-us/download/details.aspx?id=18275

 

Microsoft have actually now got a new filtering service for 365 however its paid for and by user you could maybe try : https://products.office.com/en-us/exchange/online-email-threat-protection

It’s not uncommon nowadays to have another third party appliance such as a barracuda or a hosted service such as post fix to filter items before they get to 365. It seems once a spammer figures out how to exploit 365 , all domains get the same spam. 2 layers of protection is safer!

 

1) Make sure your own SPF Records are in check : http://www.spfwizard.net/

2) Get your DKIM records in check : http://blogs.msdn.com/b/tzink/archive/2015/10/08/manually-hooking-up-dkim-signing-in-office-365.aspx

3) Get your DMARC Records in check : http://blogs.msdn.com/b/tzink/archive/2014/12/03/using-dmarc-in-office-365.aspx

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
Office-365-New[1]Add Permissions
 

$LiveCred = Get-Credential

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $LiveCred -Authentication Basic –AllowRedirection

Import-PSSession $Session

//Add to Outlook
UserA to B
Add-MailboxPermission -identity UserB@domain.com -user UserA@domain.com -AccessRights FullAccess
 
//Don't add to Outlook
Add-MailboxPermission -Identity <Mailbox ID1> -User <Mailbox ID2>-AccessRights FullAccess -AutoMapping:$false
 
//Remove-MailboxPermission
Remove-MailboxPermission -identity ian@jeppesenheaton.co.uk -user geraldine@jeppesenheaton.co.uk -AccessRights FullAccess
 
//Viewmailbox Permission for Single Users 
Get-MailboxPermission –Identity “simon” | fl user, accessrights
 
//Export of All Permissions
Get-mailbox | Get-MailboxPermission | select-object FolderName,User,AccessRights,Identity, IsInherited,IsValid | export-csv -Path c:\teste.csv
 
//Add Distribution Group
Add-DistributionGroupMember -Identity Support -Member James -BypassSecurityGroupManagerCheck
 
 
//Password Never Expire
Connect-MSOLService
Get-MSOLUser | Set-MSOLUser -PasswordNeverExpires $true
 
//Remove Strong Password One User
Set-MsolUser -UserPrincipalName user1@abc.com -StrongPasswordRequired $False
 
//Remove for all Users
Get-MSOLUser | Set-MSOLUser -StrongPasswordRequired $False
 
 
// Forward to contact without Mailbox
New-MailContact John –ExternalEmailAddress Johnwang@forwardto.com
$obj = Get-MailContact John
$obj.EmailAddresses.Add(“smtp:Johnwang@contoso.com“)
Get-MailContact John | Set-MailContact -EmailAddresses $obj.EmailAddresses
 
Send as distribution List
Create Discribution List and add user to it
Set Account to Receive from outside 
Add-RecipientPermission newsletter@cogmotive.com -AccessRights SendAs -Trustee alan@cogmotive.com
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Modified from the tracked back URL , this goes through all mailbox’s on the Exchange server and export’s their Mailbox Access Perimissions to CSV Files inside C:\Export\ and also any extra folder permissions that have been assigned to any other folders :

(Blank Folder name means mailbox access! )

 

$Mailboxes = Get-Mailbox -ResultSize Unlimited
 
ForEach ($Mailbox in $Mailboxes) {
 
$MBXFolders = @() 
$MBXFoldersCorr = New-Object System.Collections.ArrayList 
$Permissions = @() 
$MBX_tocheck = "$Mailbox" $MBXFolders = Get-MailboxFolderStatistics 
$MBX_tocheck | select folderpath
 
$Permissions += Get-MailboxPermission -Identity "$Mailbox" | where {$_.user.tostring() -ne "NT AUTHORITY\SELF" -and $_.IsInherited -eq $false} |
 
Select User,@{Name='AccessRights';Expression={[string]::join(', ', $_.AccessRights)}}
 
foreach ($item in $MBXFolders) {  $temp = $item.FolderPath  $temp = $Temp.Replace("/","\")  $MBXFoldersCorr.Add($temp) | out-null } foreach ($item in $MBXFoldersCorr) { Try {  $MailboxFolder = $MBX_tocheck + ":" + $item  $Permissions += $(Get-MailboxFolderPermission $MailboxFolder -ErrorAction Stop | Select-Object FolderName,User,AccessRights | where {
 
($_.AccessRights -notcontains “None”)})  } Catch {
 
 Continue  } }
 
 $Permissions | Select FolderName,User,@{Name='AccessRights';Expression={[string]::join(";", ($_.AccessRights))}}  | export-csv -path "C:\Export\
 
$MBX_tocheck.csv"
 
}

 

Get list of Full Access Mailbox permissions 

Get-Mailbox | Get-MailboxPermission | where { ($_.AccessRights -eq "FullAccess") -and ($_.IsInherited -eq $false) -and -not ($_.User -like "NT AUTHORITY\SELF") } | ft @{Name="Identity";expression={($_.Identity -split "/")[-1]}}, User -AutoSize

For Office 365

$Mailboxes = Get-Mailbox -ResultSize Unlimited
 
ForEach ($Mailbox in $Mailboxes) {
 
Get-MailboxFolderPermission -identity $Mailbox.name | Where AccessRights -ne "None" |FL
 
}

Get all current Mailbox Forwards

Get-mailbox -ResultSize unlimited | select DisplayName,ForwardingAddress | where {$_.ForwardingAddress -ne $Null}

A cool feature to make this better , would be to email this report out to each user so they can see the permissions on their mailbox and alter themselves or speak to the helpdesk!

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)