Posts Tagged ‘mimecast’

Mimecast Guide

Azure Microsoft Guide

Create a Distribution Group in Office 365, this will be to Add the users to you want enable SSO on , add Users 

Make sure Mimecast is Synced with Office365 AD – Services -> Directory Synchronization ( Connect to 365 ) 

Perform manual sync in Mimecast to download user and group

Azure

On Azure – Got o Azure Active Directory, All Application find:  Mimecast Personal Portal

Next Single Sign-On

Sign on URL : https://au-api.mimecast.com/login/saml

Identifier : https://au-api.mimecast.com/sso/%Customer ID% per Mimecase User Guide

Reply URL : https://au-api.mimecast.com/login/saml

User Identifier : user.mail

Azure AD Properterties : User assignment  required No 

Mimecast

Configuring Mimecast-Personal-Portal for single sign-on

1.In a different web browser window, log into your Mimecast Personal Portal as an administrator.

2.Go to Services > Applications.

3.Click Authentication Profiles.

4.Click New Authentication Profile.

5.In the Authentication Profile section, perform the following steps:

a. In the Description textbox, type a name for your configuration.

b. Select Enforce SAML Authentication for Mimecast Personal

c. As Provider, select Azure Active Directory.

d. In Issuer URL textbox, paste the value of Azure AD SAML Entity ID : https://sts.windows.net/434324324342343242323442/ which you have copied from Azure portal.

e. In Login URL textbox, paste the value of Azure AD Single Sign-On Service URL : https://login.microsoftonline.com/434324324342343242323442/saml2 which you have copied from Azure portal.

f. In Logout URL textbox, paste the value of Sign-Out URL which you have copied from Azure portal.

g. Open your Downloaded Azure AD Signing Certificate (Base64 encoded) in notepad downloaded from Azure portal, copy the content of it into your clipboard, and then paste it to the Identity Provider Certificate (Metadata) textbox.

h. Select Allow Single Sign On.

i. Click Save.

Now Add a New Application Settings to Application and Link the Group you created in the first step to use this New Authentication Profile

Issues

reply address ‘https://au-api.mimecast.com/login/saml’ does not match the reply addresses configured for the application: ‘https://au-api.mimecast.com/sso/’.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

If you are using products such as Cofense PhishMe , FriendlyPhishing or Knowbe4 as Phish testing software in your organisation then these test’s will get blocked in Mimecast. These organisations will give you a list of IP Addresses e.g for Cofense PhishMe ( 52.1.96.230, 52.5.119.169, 52.20.155.14 and 52.20.128.29 ) which you will need to whitelist through Mimecast 

Login to the portal and choose Policies then Permitted Senders

Create a new policy with the below options :

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

The attached files listed below have been blocked. This is because they contain potentially harmful links. If you believe this is a mistake, please contact your administrator.

This means your Attachement has been blocked in the Sandbox , however you can release this

Login to the Admin Portal of Mimecast

Go to Monitoring, then Attachments

Release the blocked Attachment

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Find the email in Administration – Gateway – Tracking

See : Connection Attempt

Go to Administration – Monitoring – Connections

See : Attempt Greylisted

Go to : Gateway – Policies – Greylisted

Add new Policy to Overide the existing Policy and Whitelist email address or domain

Get Email sent again

VN:F [1.9.22_1171]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: +1 (from 1 vote)