MTP Advanced Hunting – Public free E-Mail services

Today I received an e-mail from a customer explaining to me that at times they have false positives with e-mail Impersonation. Depending on your configuration the e-mail will end up being moved to the user’s junk folder or into quarantine. When releasing such a message and have safety tips turned on, you might see the following message at the top of the message. Reading Tip: Protect yourself from phishing schemes and other forms of online Read More …

User Spam & Phish Submissions configuration in Office 365 – Part 1

Yesterday I noticed a tweet from @Pawp81 about a new feature being rolled out in Office 365 to configure user submissions. So, let’s have a look at this. When enabling the ‘Report Message’ add-in in Office 365, users can report misclassified email, whether safe or malicious, to Microsoft and its affiliates for analysis. Until now IT admins had to deploy the ‘Report Message’ add-in to their end users by configuring the centralized add-in deployment within Read More …

Microsoft Threat Protection – Using advanced hunting to see what’s going on with your mail

Last December Microsoft introduced Microsoft Threat Protection (MTP) including advanced hunting that allows us to run queries across multiple data sources i.e. Microsoft Defender ATP and Office 365 ATP. If you haven’t heard yet about MTP I recommend reading Christian Müller’s blog post Microsoft Threat Protection – unified hunting Now while the primary purpose of the unified hunting capability is to find information about indicators and entities, we can also use it to get an Read More …

How to enable DKIM in Office 365

Just in case you are not familiar with what DKIM is all about but still interested, I suggest you first read Use DKIM to validate outbound email sent from your custom domain in Office 365 If you’re looking for detailed instructions how to enable DKIM in Office 365 continue reading. Prerequisites Windows PowerShell PowerShell Script Validate-DkimConfig.ps1 download from here Access to Exchange Online through PowerShell Access to DNS Update 23.3.2020 The above link to the Read More …

Retrieving Office 365 roadmap information with PowerShell

Here’s a small cmdlet I wrote today to pull the Office 365 roadmap information with PowerShell.

 

Office 365 Centralized Deployment service

Just recently Microsoft announced the general availability of the Office 365 centralized deployment service. I have tested it and it really makes deploying Office Add-ins super easy. The add-in configuration and deployment can be managed through the Office 365 portal or using PowerShell. For a quick overview watch the video “How to Deploy Office Add-ins within Your Organization”. Now since I like using PowerShell, here’s a quick example how to enable and deploy an Office Read More …

PowerShell Script – Get-MsolUserInformation

The Get-MsolUserInformation cmdlet provides an easy way to retrieve all users that are a member or guest and/or are registered in Azure Directory or Active Directory.

 

Office 365 PowerShell script to retrieve AccountSku license information

A small PowerShell script that lists all users that have the specified Office 365 AccountSkuid enabled on their account.

PowerShell Script to remove Office 365 Service Plans from a user

When assigning an Office 365 license to a user, by default several service plans are enabled. When assigning an Office 365 E3 license to a user, the following service plans are enabled by default: Azure Rights Management Office 365 Pro Plus Skype for Business Online (Plan 2) Office Online SharePoint Online (Plan 2) Exchange Online (Plan 2) From an end user perspective the user will see the following options when logging on to Office 365. Read More …