Blog

Practical Microsoft security guidance from Patriot Consulting's engineers and MVPs.

• Unable to find type [short] Set-OrganizationConfig -RejectDirectSend $true September 5, 2025

  If you don't have a valid use of DirectSend in Exchange Online, Microsoft recommends that you disable it with this Exchange Online PowerShell cmdlet below. This is a follow-up post to our previous pos

• An improved approach to blocking Direct Send Abuse August 9, 2025

  Guest post By Chris Lehr Executive Summary If you are a Microsoft 365 customer and you are seeing an uptick of spam and phish emails sent to your domain, but also from your domain that seem to be gett

• Federating Identities between two MS365 Tenants for Collaboration June 5, 2025

  A customer asked me for guidance to federate identities between two Microsoft 365 organizations for the purpose of document collaboration. My approach was to start off with the Claude4 AI LLM then I i

• The Clock is Ticking on Windows 10: Are You Intune with What Comes Next? June 4, 2025

  By Joe Stocker, Founder & Microsoft Security MVP, Patriot Consulting Windows 10 support officially ends on October 14, 2025. And while your devices won’t suddenly stop working, the protection behind t

• Microsoft vs Proofpoint March 21, 2025

  Microsoft Email Security picks up 13 new Fortune 500 companies in the past 10 months, growing at 11%. Between Microsoft and Proofpoint, they have captured 76% of the email security market. imagehttp:/

• Migrating from OKTA to Microsoft Entra can pay for the entire XDR Suite March 20, 2025

  When I meet customers using OKTA as their Identity and Access Management, the following three questions often come up: 1 is Microsoft as good or better? 2 Can I save money by consolidating to Microsof

• Mitigating AiTM Token Theft in 2025: Why It’s Time to Adopt Passkeys March 16, 2025

  Mitigating MiTM Token Theft in 2025: Why It’s Time to Adopt Passkeys Introduction: Rising Threat of Token Theft Attacks Adversary-in-the-middle AiTM phishing attacks have evolved to target even multi-

• Top misconfigurations in Microsoft Email Security January 29, 2025

  \This is a guest post by Chris Lehr, Patriot’shttps://patriotconsultingtech.com/ top email security expert\ 1 Configuration of Allow Lists in an insecure manner If you have usage of an Antispam Allowe

• Microsoft Copilot for Security (6 months later) October 4, 2024

  Since I last wrote about ~Microsoft Security Copilot~ Microsoft Copilot for Security CFS here/blogs/2024/04/01/purchase-and-deploy-microsoft-security-copilot on launch day A

• Microsoft gains on Email Security Market June 25, 2024

  Microsoft has gained 9% market share in the email security among the Fortune 500 since I last checked in August 2023https://thecloudtechnologist.com/2023/08/28/microsoft-and-proofpoint-capture-72-of-t

• First Impression of the unified Sentinel and Defender XDR Portal April 3, 2024

  On April 3rd, 2024, Microsoft’s new Unified Portal became public preview, where anyone running their Sentinel SIEM can connect it to the Microsoft Defender XDR Portal Security.Microsoft.com. My though

• Purchase and Deploy Microsoft Security Copilot April 1, 2024

  Beginning April 1st, 2024, you can now purchase and deploy Microsoft Security Copilot. The setup process takes less than 5 minutes to complete. I am going to share my experience of setting it up and s

• The Novelty Effect of Copilot for Microsoft 365 (Part one of two) March 22, 2024

  In our recent analysis of Copilot for Microsoft 365, we observed a notable trend: a 64% decrease in user interactions with Copilot over a 9 week period. This decline suggests a concerning "Novelty Eff

• Microsoft Copilot for Security Pricing March 13, 2024

  Microsoft Secure 2024 was a digital two-hour event held on 3/13/2024. If you missed the event, you can watch the recording on demand herehttps://mssecure.event.microsoft.com/home. The big news was tha

• Error: "You don't have access to this" could be from Device Code CA Policy March 6, 2024

  I consider myself an early adopter of most Microsoft security controls, not just to protect our own organization, but with the goal to help the community understand the potential benefits and impacts

• Guarding the Gatekeepers: Combatting UEFI-Bypassing Bootkits with Practical Cybersecurity Measures January 3, 2024

  Imagine wiping your computer clean, thinking you've washed away every digital threat. But what if the infection persisted, hidden deep within the very core of your system? That's the chilling reality

• Ushering in a Passwordless Era: Why Microsoft Passkeys are the Future of Secure Logins December 12, 2023

  For years, passwords have served as the primary gatekeeper to our digital lives. However, their inherent vulnerabilities – susceptibility to phishing attacks, data breaches, and user negligence – have

• QR Code Phishing November 29, 2023

  \Update 12/12/2023 -Microsoft may be the first email security vendor to extract malicious hyperlinks from QR codes. This is a remarkable engineering feat, something I did not think they would accompli

• Microsoft and ProofPoint capture 72% of the Fortune 500 Email Security Market August 28, 2023

  Microsoft has gained 20% in the last 12 months of the customers that make up the Fortune 500. ProofPoint’s growth over the same period was just 9%. So even though ProofPoint has almost half the email

• How to get a job in cybersecurity June 20, 2023

  White Belt: Basic Computer Skills image/blogs/assets/2023/06/image_thumb.png "image"/blogs/assets/2023/06/image.png Basics of

• Why you need to enable Multi Admin Approval in Intune March 7, 2023

  Intune has a new feature called Multi Admin Approval MAA which is extremely important to enable because it reduces the risk that an attacker who compromises an Intune Admin can use that privilege to d

• Microsoft Entra Authentication Methods Policy Convergence December 4, 2022

  “Complexity is the worst enemy of security, and our systems are getting more complex all the time.” - Bruce Schneier @schneierbloghttps://twitter.com/schneierblog Microsoft recently launched “Authenti

• CISA Minimum Viable Secure Configuration Baseline for Microsoft 365 December 4, 2022

  The Cybersecurity and Infrastructure Agency CISA in the United States of America is responsible for providing guidance to all United States government agencies and critical infrastructure. On October

• What is the value of moving file servers to SharePoint Online or OneDrive? September 13, 2022

  I was recently asked “How can I help convince my leadership that moving files from on-premises file servers to M365 SharePoint, OneDrive, Teams is the right move to make?” In my opinion, migrating fil

• Microsoft increases email security market share 18% June 25, 2022

  Back in 2019, I wrote a blog post here/blogs/2019/04/07/analysis-of-dns-recon-of-the-fortune-500-part-1-of-3 explaining how to identify the primary DNS MX records used by th

• Azure AD Combined Registration (SSPR + MFA) is rolling out by October 2022 June 18, 2022

  I’m starting to get questions from my customers about what to expect when the Azure AD “Combined Registrationhttps://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration

• Pre-registering MFA in M365 April 29, 2022

  This article describes how to make the user onboarding experience into MFA as smooth as possible by pre-registering MFA methods. Disclaimer: This article only applies to organizations that have decide

• Lapsus$ gains access to OKTA and Microsoft March 22, 2022

  Today 3/22/2022 both OKTA and Microsofthttps://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/ released statements abo

• PowerPoint Rehearse with Coach February 1, 2022

  https://www.quotemaster.org/images/s_56/568ae47c911c8f32203ca6a197928e5a.jpg Today I discovered a PowerPoint feature called Rehearse with Coach. Since I do lot of customer facing presentations, I thou

• How to use Intune Device Enrollment Restrictions to block “Second Wave Phishing” January 27, 2022

  Microsoft recently published an article herehttps://www.microsoft.com/security/blog/2022/01/26/evolved-phishing-device-registration-trick-adds-to-phishers-toolbox-for-victims-without-mfa/ describing a

• OneDrive not starting up December 14, 2021

  Ok this was bizarre – we had a customer who had multiple machines where OneDrive for Business would not startup. They swore that it was working fine. Never trust an end user. The fix was to reverse a

• How to fix OneDrive Sync Pending December 13, 2021

  This was so annoying – OneDrive would not sync this one stupid file on my machine. I finally found the fix is to run an administrative command prompt and then run: chkdsk /r /f Reboot Fixed Credit goe

• What happened to the Email Security Funnel Reports? December 10, 2021

  Don’t feel bad if you missed the September 20th 2021 blog post titled “Improving the reporting experience in Microsoft Defender for Office 365https://techcommunity.microsoft.com/t5/microsoft-defender-

• Conditional Access Policy to Block Non-Compliant Devices November 2, 2021

  Recently came across a scenario where we needed to block access to everything in Azure Active Directory AAD for non-compliant devices. Setting up that Conditional Access CA Policy was not a problem. T

• Everything you wanted to know about Security and Audit Logging in Office 365 October 15, 2021

  There are four primary audit log locations in Office 365. Depending on license level, these logs have varying lengths of retention. 1. Office 365 “Unified Access Log” 1. Enabled by ‘opt in’ The first

• Learning SAML in Azure AD October 15, 2021

  In my opinion, the best way to learn a technology such as SAML is building a hands-on lab environment. In this blog we’ll explore how to create a SAML Application in Azure AD, using the “Azure AD SAML

• Troubleshooting Windows 365 Business “Setup failed, please reset your Cloud PC” August 16, 2021

  My first attempt at Windows 365 Business failed with error message “Setup failed, please reset your Cloud PC.” I thought it would be as simple as assigning a license to a user. Turns out there are a f

• Security Concerns with Windows 365–aka Cloud PC August 12, 2021

  Cloud PC sold as the Windows 365 Product SKU is the latest Virtual Desktop service hosted by Microsoft in Azure. This post Part 1 documents some of the security concerns that Infosec Twitter has ident

• Disable Exchange Online Remote PowerShell for users as a scheduled task July 25, 2021

  This PowerShell script can run unattended as a scheduled task and will enumerate the global administrators, then remove remote PowerShell access for any user who is not a global administrator. See Pre

• Securing Windows Virtual Desktop (2 of 2) April 18, 2021

  This is part 2, to learn how to setup a lab for WVD see part 1.https://www.thecloudtechnologist.com/securing-windows-virtual-desktop-1-of-2/ The first rule of securing WVD is to block all internet por

• Securing Windows Virtual Desktop (1 of 2) April 18, 2021

  This is the first part in a two part blog series on securing Windows Virtual Desktop WVD. In this first part we are going to setup the lab environment first. To skip the lab build and go right into se

• Is your Exchange Hybrid Server internet-facing? You have likely already been hacked March 7, 2021

  \- This is twice as big as the SolarWinds breach. \- Patching is not enough If your Exchange Server was open to the internet via TCP 80 or 443 between February 26 and March 3rd or later assume it was

• US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor December 14, 2020

  Multiple news sourceshttps://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b8

• Does Defender scan USB drives? December 4, 2020

  No, not by default. But this isn’t as bad as it sounds Here is Microsoft’s explanation from ~four years ago: “Historically, antivirus products had a function to scan all files when a removable device

• Defender for Endpoint (MDATP) for Windows Servers December 1, 2020

  \Update: 10/7/2021\ Microsoft released to public preview a unified installer so that Windows Server 2012 R2 and 2016 now have a single installer for both AV and EDR. The prerequisite is to deploy MS K

• Defender for Endpoint on iOS November 16, 2020

  The public preview of Defender for Endpoint on iOS can be installed by browsing to http://aka.ms/defenderioshttp://aka.ms/defenderios Prerequisites: iOS 11.0 or higher, and the mobile device has Intun

• Switch your Public DNS zone to Azure DNS October 29, 2020

  Recently we experienced an issue with Cloudflare DNS. I opened a support ticket but they were unable to explain why some locations around the world were unable to resolve our DNS MX records. imagehttp

• Use PowerShell to Connect to Exchange Online unattended in a Scheduled Task September 5, 2020

  If you have MFA enabled, how do you connect to Exchange Online in an unattended script, like a Scheduled Task? Some people may have embedded a password into their scripts, but that will stop working i

• What happened to Defender running in a Sandbox? MP_FORCE_USE_SANDBOX August 21, 2020

  A colleague asked me today "Does Microsoft Defender run itself in a sandbox by default, or does that need to be manually enabled?" He was referring to a breakthrough feature first announced herehttps:

• Defending against Pass-the-PRT August 9, 2020

  \Update: pass-the-PRT CVE-2021-33779 has been patched in the July 13 2021 Windows 10 cumulative security patch KB5004237\ The Azure AD Primary Refresh Token PRT can be extracted using ROADtoolshttps:/

• Switch from ADFS to Azure AD July 31, 2020

  A surprising number of clients are still operating complex ADFS farms. ADFS Complexity/blogs/assets/2021/08/1d44a-adfs-complexity_thumb.jpg "ADFS Complexity"https

• What is Double Key Encryption (DKE)? July 21, 2020

  Today Microsoft announced the public preview of Double Key Encryption DKE. What does “Double Key” mean? It’s similar to a missile launch where two people must turn their key at the same time. In the c

• July 2020 Major Vulnerability Roundup July 15, 2020

  Palo Alto CVE-2020-2021 If you have SAML enabled on your Palo Alto, a CVE Severity 10 Critical vulnerability allows remote unauthenticated access https://security.paloaltonetworks.com/CVE-2020-2021htt

• Using Intune to Deploy MDATP to Mac OSX in 7 clicks May 17, 2020

  Got Mac OSX? Are they enrolled into Intune? If so, then deploying Microsoft Defender ATP MDATP to these devices is done in 7 easy clicks. Start off by browsing to Microsoft Endpoint Manager at https:/

• Fortune 500 Email Security Vendor Market share May 13, 2020

  Which email security vendors are gaining or losing market share? About a year ago I wrote an article herehttps://www.thecloudtechnologist.com/analysis-of-dns-recon-of-the-fortune-500-part-1-of-3/ deta

• MDATP and THOR–A Powerful combination May 1, 2020

  Microsoft Defender Advanced Threat Protection MDATP is an extended detection and response XDR solution, a kind of SHIELD, that combines protection for endpoints Microsoft Defender ATP, email and produ

• Conditional Access with Hybrid Domain Join requires browser extension for Chrome April 11, 2020

  For Chrome to be compatible with Azure AD conditional access security policies that check for Hybrid Domain Join, you must install a Browser extension from herehttps://docs.microsoft.com/en-us/azure/a

• Deploying MailItemsAccessed Audit Event in Office 365 March 7, 2020

  MailItemsAccessed is a new audit event in Office 365 that records when email data is accessed by mail protocols and clients. Why is MailItemsAccessed so important? During an investigation where a mail

• Clear Teams Cached Credentials February 3, 2020

  Today 2/3/2020 MS Teams is experiencing an outage. In our testing we were able to get back into teams by clearing the Teams cached credentials from Credential Manager. To do this, search for "Credenti

• Cybersecurity 101 Podcast - Episode 1 January 18, 2020

• Emotet Analysis December 15, 2019

  This blog post is an informal analysis of Emotet and how Microsoft security solutions detect it. Disclaimer: Do not try this on your own unless you know what you are doing even if you know what you ar

• RYUK Ransomware and Trickbot Analysis November 28, 2019

  This blog post is an informal analysis of RYUK ransomware MITRE T1486https://attack.mitre.org/techniques/T1486/ and Trickbot. There have already been many professional write-ups on RYUK, including Fir

• Microsoft Defender for Endpoint (MDE) Best Practices November 26, 2019

  - Enable Tamper Protectionhttps://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection - Why? The first st

• Azure AD Connect Deletion Scare September 27, 2019

  On September 10th, 2019, Microsoft released Azure AD Connect v1.4.https://docs.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-version-history Customers that had configured their A

• Microsoft Resets Office 365 external cloud storage preferences August 1, 2019

  Important Announcement from Microsoft on 7/31/19 to all Office 365 customers. Beginning 8/15/19, Microsoft will enable a new setting that allows all Office 365 users to send data to their personal clo

• Like it or not – Guest Sharing now includes your Privacy Policy – or LACK of Policy July 26, 2019

  On June 18th Microsoft announced in the Office 365 Message Center "MC182498" that guest user invites will now include your organization's privacy policy contact information to all external guest invit

• Top MFA Myths and Misconfigurations July 20, 2019

  As a consultant who specializes in deploying Microsoft security solutions, I have helped deploy multi-factor authentication to hundreds of companies over the years. I've heard lots of excuses why comp

• How to disable diagnostic data from being sent to Microsoft in Windows 10 and Office July 17, 2019

  I have never put much thought into disabling diagnostic data from being sent to Microsoft, because I've always given them the benefit of the doubt that they benefit from using this data to identify fa

• Unified Labeling in Azure Information Protection May 13, 2019

  Microsoft's Rights Management Services RMS first debuted as a role in Windows Server 2003. It was then made available in Office 365 as Azure Rights Management, eliminating the hassle of hosting on-pre

• Defending against Evilginx2 in Office 365 April 29, 2019

  \Updated 7/11/2019 - Azure AD now supports FIDO2 tokens for MFA, which also protect against EvilGinx2\ This is my second blog post in this series. In the first blog post herehttp://www.thecloudtechnol

• Office 365’s MFA is vulnerable to EvilGinx2 April 24, 2019

  According to the latest Microsoft Security Intelligence Reporthttps://www.microsoft.com/en-us/security/operations/security-intelligence-report, spear phishing remains the preferred attack method used

• Analysis of DNS Recon of the Fortune 500 (Part 1 of 3) April 7, 2019

  In this three-part blog series, I will be writing about interesting trends amongst the Fortune 500 using public DNS reconnaissance posted in open source github repositories. This first post is focused

• Top 10 Fixes for troubleshooting free/busy between Exchange on-premises and Exchange Online in Office 365 December 15, 2018

  Free/busy often fails to work out-of-the-box after configuring Hybrid Exchange with Office 365. Here are my top ten fixes: 1. Set the sharing policy to match on-premises and cloud. First, Connect to E

• How to fix Exchange Online Hybrid Outbound Connector 454 4.7.5 Certificate Validation Failure December 15, 2018

  While recently helping a client setup an Exchange Hybrid, the cloud to on-premises mail flow was failing validation due to 454 4.7.5 Certificate Validation Failure. https://thecloudtechnologist.com/wp

• Passwordless phone sign-in with the Microsoft Authenticator app – not compatible with conditional access require approved client app October 2, 2018

  This blog post details the effort to enable passwordless phone sign-in to Azure Active Directory using the Microsoft Authenticator App. Last week Microsoft announced this capability on September 26th

• Azure Conditional Access and Azure AD Connect Service Account September 4, 2018

  If you deploy an Azure Conditional Access policy to require all Windows PC's to be domain joined, you may find that Azure AD Connect no longer synchronizes. And during an upgrade to the latest version

• In Preview: Privileged Access Management for Office 365 August 29, 2018

  Privileged Access Management PAM for O365https://docs.microsoft.com/en-us/Office365/Enterprise/privileged-access-management-in-office-365 is a way to restrict access to Office 365 administrative funct

• Office 2016 and older clients will not connect to Office 365 after 10/13/2020 August 29, 2018

  Now that Office 2019 is in beta/preview, it may be wise to start planning deployment now because after October 13th 2020, Office 365 ProPlus 2016 and older clients will be actively blocked from connec

• Protecting Smartphones from Ransomware April 16, 2018

  At the 2018 RSA Conference I attended a session by Kevin McNamee Director of Nokia's Threat Intelligence Lab and learned some valuable things that I would like to share with my blog followers. From th

• Attack Simulator for Office 365 February 21, 2018

  Microsoft has released Attack Simulator \See full GA Announcement 4/27/2018 herehttps://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/GA-of-Attack-Simulator-For-Office-365-Threat-Inte

• 20 Things to do before and after a phishing event in Office 365 February 12, 2018

  Statistics indicate that 20% to 50% of corporate users will give away their username and password when asked to do so by a social engineer for example through a phishing email. 50% to 70% of corporate

• PowerShell script to automatically heal non-deliverable emails (NDRs) as X500 January 27, 2018

  One of the possible causes for a non-delivery report NDR is when a mail object in Exchange is moved or removed Contact, Mailbox, MailUser, etc. When an object is moved, any internal user who had previ

• Change Skype Audio Conferencing Number in Bulk using PowerShell January 8, 2018

  A client recently asked me if it was possible to change their default Skype Audio Conferencing phone number, because the one they had been assigned was in a different city than where their headquarter

• “Alt Coins” have passed Bitcoin for total market cap in Q2 2018 January 3, 2018

  In the last month 12/8 to 1/3, the Bitcoin market cap has declined from it's peak of 67% to 37%, while alternative coins such as Ripple have grown from 2% to 14% total market share. https://thecloudte

• Office 365 Groups Expiration Review September 5, 2017

  This is a quick review of the new groups expiration feature in Office 365. Pros: Very simple to configure – set a group expiration of 180, 365, or Custom. Then enter an email address of someone to not

• End of Support for Office for Mac 2011 September 5, 2017

  Microsoft will end support for Office for Mac 2011 on Oct. 10, 2017 a date set two years ago. After that date, Microsoft will no longer provide patches for security vulnerabilities or fixes for other

• How to block legacy authentication in Azure AD Premium Conditional Access July 27, 2017

  \Update 5/25/2018\ Per this forum post \herehttps://techcommunity.microsoft.com/t5/Microsoft-Intune/Conditional-policies-in-Azure-AD-vs-Intune/m-p/197719M664\ it looks like blocking legacy authenticat

• Azure AD Premium Conditional Access for Domain Joined Machines July 22, 2017

  This article is an attempt at discovering what the minimum steps are to get the Conditional Access feature which checks for Domain Join status for both Windows 10 and Windows 7 operating systems. Cond

• Top 5 Azure Information Protection Limitations June 14, 2017

  Before I discuss the limitations of any product, I try my best to point out all of the things I appreciate about a product. In general, you will not hear Microsoft tell you about product limitations.

• Moving from Azure Classic to Azure Resource Manager (ARM) May 22, 2017

  Microsoft has made great strides it making it easy to migrate from Azure Classic aka IaaS 1.0 to Azure Resource Manager, aka ARM or what I consider IaaS v2.0. At a very high level, the process involve

• Avoid Cisco Meraki for S2S VPN with Azure March 24, 2017

  Just got off a phone call with some engineers at Microsoft who informed me that both Cisco and Microsoft have mutually agreed that using a Cisco Meraki firewall is not recommended for creating site to

• Error 1603 when Installing Skype for Business Server 2015 March 21, 2017

  \Updated 3/25/2017\ During the installation of Skype for Business 2017 you may run into errors if you select 'Connect to the internet to check for updates' and you also change the default installation

• Windows Information Protection March 17, 2017

  Windows Information Protection is a feature of Windows 10 Anniversary Update that helps protect corporation information by encrypting data using the Encrypted File System. This is not to be confused w

• Extension Dialing (aka) Tenant Dial Plans in Skype for Business Online February 14, 2017

  Microsoft has announced that "Tenant Dial plans" are now in Public Preview in Office 365 Cloud PBX. This is relevant for companies that migrate to Office 365 Cloud PBX Skype for Business Online and co

• OneDrive NGSC for SharePoint Team sites is now GA January 25, 2017

  Yesterday 1/24/17, Microsoft announced herehttps://blogs.office.com/2017/01/24/onedrive-brings-new-file-collaboration-and-management-features-to-the-enterprise/ that the OneDrive Next Generation Sync

• How to restrict Office 365 Groups Creation to IT Department Only January 17, 2017

  Currently, an Office 365 Group can be created in OWA, the Outlook 2016 Client, Office 365 Planner, SharePoint, Microsoft Teams and PowerBI. You may want to restrict Office 365 Group Creation to a grou

• OneDrive Admin Center First Look December 16, 2016

  \Post Updated 12/19 to correct the statement on Device Access with MAM settings\ At the Ignite conference, Microsoft announced Herehttps://blogs.office.com/2016/09/26/sharepoint-online-sync-preview-he

• SIP 500 internal server error "from or target user pool or deployment assignment is incompatible with split-domain traffic type" October 12, 2016

  Problem: User could not transfer a phone call. Symptom: Bogus error message about split-domain traffic, with almost no articles on the internet or forums to help. Equally bogus error message was "requ

• How to prevent Cortana from mining your web browsing history September 2, 2016

  When Cortana is enabled, information such as your calendar, contacts, speech, handwriting patterns, typing history, location, and browsing history are sent to Microsoft so that Cortana can provide rec

• Outlook gets “Play” Button for Microsoft Cloud PBX VoiceMail August 31, 2016

  Recently, while checking my voicemail in Cloud PBX, I noticed that I now have the Play button in Outlook Now instead of opening up the .MP3 attachment to listen to voicemails, I can simply click the p

• Why PSTN Conferencing Dynamic Conference IDs are so important August 15, 2016

  Microsoft announced on Friday, August 12th that Dynamic Conference IDs are coming September 1st to Office 365 E5 PSTN Conferencing. This is an important because it solves a privacy limitation with the

• The most useful and controversial changes in Office 365 (Part 2 of 2) August 13, 2016

  This is part 2. To read part 1, click herehttp://www.thecloudtechnologist.com/the-most-useful-and-controversial-changes-in-office-365-part-1-of-2/. In general, Corporate IT Departments want to control

• The most useful and controversial changes in Office 365 (Part 1 of 2) August 13, 2016

  This is the first of a 2-part blog series highlighting the changes in Office 365 in the last 6 months April 2016 to present. - What are the top 3 most useful changes in Office 365 in the past 6 months

• Top 3 reasons I should have adopted Outlook App for iOS a long time ago July 22, 2016

  1\. Send Availability How often do we get an email like “are you available to meet tomorrow.” Now, when I reply, I can click a button and select available time slots, and with one more button press, I

• AutoMapping stuck after mailbox migration June 30, 2016

  After migrating a mailbox to Office 365 Exchange Online, if the mailbox previously had full access permissions prior to the migration, then after the mailbox migration is finished the user may receive

• Skype for business Event ID 1047 LS File Transfer Agent June 22, 2016

  During a deployment at a customer site I ran into a problem with SkypeFB Edge replication. After adding the Edge to the topology, installing the role on the server and proper certificates, replication

• Skype for Business Services won’t start June 21, 2016

  Immediately after installing Skype for Business Server 2015 Standard Edition the front-end services would not start. Tom Rimala’s blog articlehttps://tomrimala.wordpress.com/tag/sha1/ that suggested t

• Skype for Business Online Delegate Calendar Scheduling May 4, 2016

  Imagine a scenario where an executive assistant needs to schedule Office 365 Skype for Business Online meetings on behalf of at least two or more executives during the same timeframe. Without proper t

• Top 10 tips to bolster enterprise email security April 28, 2016

  The FBI issued an alert on April 4th that CEO Fraud a form of Spear-phishing is on the rise, and companies have already reported losses of 2.3 Billion dollars. Mattel made headlines for falling prey t

• How to stop email spoofing using DMARC April 7, 2016

  Did you know that 91% of successful data breaches started with a spear-phishing attack? According to research from Trend Microhttp://news.techworld.com/security/3413574/91-of-cyberattacks-begin-with-s

• Simple Bulk Licensing Script for Office 365 March 16, 2016

  I am sometimes asked for a very simple PowerShell script that can be used to apply licenses to Office 365 users in bulk. This is handy when you have a large amount of users who need to be assigned a l

• Top five reasons to consider Azure DNS March 5, 2016

  Azure DNS was first announced at the Microsoft Ignite conference in Chicago in May of 2015. I was there in the conference session when it was announced, because I confess – I love DNS. In this blog po

• Changes to Azure AD Connect Sync Scheduler February 27, 2016

  The latest builds of Azure AD Connect, beginning with build 1.1.105.0 Feb 2016 no longer rely on the Task Scheduler for scheduling when the directory sync runs. Also, the default interval has changed

• Crawl OneDrive Sites to report usage information February 25, 2016

  I just uploaded a PowerShell script to the Microsoft Technet ScriptCenter that provides reporting information on OneDrive usage, with a CSV output of each user’s usage. reporthttp://tctblgs.azurewebsi

• Office 365 Education “Domain in Use” February 25, 2016

  When it comes to planning an Office 365 migration, there is one gotcha that can be a surprise that is only found when signing up for a new Tenant. Surprise Your domain name is not available because it

• ExpressRoute Providers in Southern California February 25, 2016

  If you work in Southern California, you may be interested in finding out which telecommunications providers have connectivity into Microsoft Data Centers such as Azure and Office 365. The list below r

• Delve Analytics First Look February 25, 2016

  In a previous post here/blogs/2016/01/26/how-to-enable-delve-analytics-in-an-office-365-e5-tenant I described how to enable Delve Analytics at the tenant level. After that has been ena

• What is included in the Office 365 E5 license? February 23, 2016

  Many customers are asking what is included in the new E5 license that was announced on December 1st, 2015. The E5 license introduced several new products, and since it includes everything that exists

• New Admin Controls Available for Office 365 Software Downloads February 10, 2016

  Microsoft announced today herehttps://blogs.office.com/2016/02/09/deferred-channel-build-now-available-for-the-office-365-client-apps/ that beginning today, Office 365 Administrators have new controls

• How to access the new E5 Advanced eDiscovery (aka Equivio Analytics) (Part 2 of 2) February 9, 2016

  This is a continuation post from a 2 part series on accessing the new ‘Advanced eDiscovery’ from an acquisition of a company called ‘Equivio’, now included in the Microsoft Office 365 “E5” SKU. To rea

• Using the new Microsoft OMS to monitor Active Directory Health from Azure February 7, 2016

  Microsoft Operations Management Suite, which runs in Azure, can check the health of on-premises Active Directory, including replication health. Why is it so important to check AD replication health? W

• Azure AD Connect (Dirsync) Password Sync taking too long February 6, 2016

  I was assisting a customer who reported that Azure AD Connect aka Dirsync was taking too long for passwords to synchronize. It was such a huge lag that they assumed it was broken entirely. Upon inspec

• Are you prepared for the February automatic upgrade to Office 365 ProPlus? February 5, 2016

  The default installation for Office 365 Professional Plus Word, Excel, Outlook, PowerPoint, etc will begin automatically upgrading this month after February 23rd, 2016 to the Office 365 ProPlus 2016 v

• When to use an Instance Level IP (ILPIP) in Azure February 4, 2016

  Instance Level IP addresses ILPIP are distinct from other types of IP addresses in Azure and have a very specific purpose and benefit. They are limited to 5 per Azure Subscription and intended to perm

• How to access the new E5 Advanced eDiscovery (aka Equivio Analytics) (Part 1 of 2) February 3, 2016

  If you own the E5 license within Microsoft Office 365, you may be wondering how to take advantage of all the features that you have purchased. One of these features is called Advanced eDiscovery. This

• Optimize your Office 365 connection speed with this DNS Trick January 28, 2016

  Your Office 365 Outlook connection will do a DNS lookup and Microsoft will use the GEO location of that lookup to connect you to your ‘nearest’ Microsoft Data-center. Outlook will connect to an Exchan

• How to enable Delve Analytics in an Office 365 E5 Tenant January 26, 2016

  To activate the new E5 feature “Delve Analytics”, the Office 365 administrator must follow these steps: 1. Browse to the Office 365 admin center. http://portal.office.comhttp://portal.office.com 2. En

• New: Mandatory Link Expiration for SharePoint Online and OneDrive January 22, 2016

  Mandatory Anonymous Link Expiration is a new feature for SharePoint Online and OneDrive for Business. This feature started rolling out January 12th, 2016, and is scheduled to complete in the coming we

• Music on Hold now available for Office 365 Cloud PBX January 20, 2016

  As of January 16th, 2016, Music on hold is now available in Office 365 Cloud PBX. This is deployed via a client policy, using a remote PowerShell session. For instructions on how to connect to Skype f

• Should you deploy the new OneDrive for Business Next Generation Sync Client? December 17, 2015

  On December 16th, Microsoft announced herehttps://blogs.office.com/2015/12/16/onedrive-for-business-update-on-storage-plans-and-next-generation-sync-client/ the availability of the highly anticipated

• Surface Pro 4 Black Screen December 15, 2015

  On my Surface Pro 4, I have found that it does not always wake up from sleep mode. It sometimes comes up with a black screen, even though the keyboard backlight is lit up. The fix is to power down har

• Containers in Windows Server 2016 November 5, 2015

  Mark Russinovich demonstrates containers in Windows Server 2016. There are enhancements to the windows 2016 server kernel that allows multiple instances of user mode processes. https://azure.microsoft

• Is Microsoft changing the promise of Unlimited Storage for OneDrive for Business? November 4, 2015

  \Update 12/16/2015 – This has been answered Microsoft will keep the promise of unlimited storage for OneDrive for Business See this blog post from Microsoft for more details: https://blogs.office.com/

• Azure AD Connect Password Sync fails for multiple forests October 1, 2015

  In two different environments I have reproduced behavior where Azure AD Connect does not synchronize passwords when it is configured for multiple source AD forests. The fix has been to change the ‘Con

• How to see console output from a VM in Azure IaaS September 26, 2015

  Earlier this month Sep ‘15 Microsoft announcedhttps://azure.microsoft.com/en-us/blog/boot-diagnostics-for-virtual-machines-v2/ a new diagnostic capability for VMs running in IaaS - the ability to see

• Troubleshooting OneDrive for Business Synchronization Problems September 16, 2015

  The current ODFB synchronization engine is based on groove.exe and msosync.exe. If you see OneDrive.exe in your task manager, that is the consumer edition synchronization engine for Onedrive. SNAGHTML

• Pre-Sales Script to identify Microsoft Technology August 8, 2015

  Before speaking to a customer, it is often helpful to understand what technology they may have deployed. By checking for the existence of DNS records in Public DNS, you can get a good idea on the emai

• Limiting access to Executive Mailboxes in Exchange Online July 7, 2015

  In my last blog post/blogs/2015/07/02/how-to-use-the-workload-specific-roles-for-delegated-administration-of-office-365, I wrote about how the new workload specific role feature in Off

• How to use the Workload-specific roles for delegated administration of Office 365 July 2, 2015

  Many customers would like to reduce the number of Office 365 Global Admins to a small handful, while granting service specific admin roles to designated administrators. Workload-specific admin roles b

• June 2015 Office 2016 Update Breaks OneNote June 18, 2015

  After applying the June update to Office 2016 Preview 16.0.4201.1002, my OneNote notebooks would not open. The error message was that there were no accounts associated with an active Office 365 subscr

• ADFS behind Websense or Bluecoat causes CRL check to fail May 22, 2015

  Scenario: You configure a relying party trust in ADFS for SSO. ADFS event logs show this error: “The encryption certificate of the relying part trust … is not valid. It might indicate that the certifi

• What I learned at the Microsoft Ignite Conference (Chicago 2015) May 15, 2015

  The 2015 Microsoft Ignite Conference May 4 – 8 was held in Chicago and included over 1,000 sessions on a range of Microsoft technologies. The conference sessions and focused intent seemed to me to be

• Reviewing Office 365’s MDM Capabilities April 17, 2015

  Exchange and Exchange Online have had decent mobile management capabilities through ActiveSync policies prior to the March 30th 2015 announcementhttp://blogs.office.com/2015/03/30/announcing-general-a

• Dirsync soft matching vs hard matching April 15, 2015

  I recently was asked to advise on how cloud identities can be converted to federated identities such that when Azure AD Connect is run for the first time, the on-premises Active Directory takes over a

• Converting distribution groups to the new Office 365 “Groups” March 30, 2015

  In a previous blog post, I wrote about the value of the new Office 365 “Groups.” These are a next generation type of group that replaces the function of a traditional distribution group, and includes

• VM level backups now available in Azure Backup March 27, 2015

  As far as Azure IaaS goes, this is the biggest improvement to the platform since the ExpressRoute offering. The announcement is here, and I highly recommend reading it: http://azure.microsoft.com/blog

• Manually install the Azure VM Agent March 27, 2015

  When you first deploy a Virtual Machine to Azure using the Gallery, you have the option of installing the VM Agent. You should always leave this box selected because it adds tremendous value. image\_t

• Upgrading Dirsync to Azure Active Directory Connect Public Preview - March 2015 update March 25, 2015

  In this blog post I am going to review the upgrade process of Dirsync to the new AAD-Connect. The March 2015 previewhttp://blogs.technet.com/b/ad/archive/2015/03/24/azure-ad-connect-preview-2-is-avail

• Controlling Access to Application Proxy (Optional) March 21, 2015

  This is a follow-on post from my post on Azure Application Proxy/blogs/2015/03/20/azure-application-proxy-services. Assuming that you have published your first application via the Azur

• Azure Application Proxy services March 20, 2015

  Azure AD Application Proxy AAD-AP is a type of reverse proxy solution that enables access to web-based applications that exist on a corporate LAN, secured behind a corporate firewall. The benefits of

• Shrinking SQL Log files in an Availability Group Cluster or Database Mirror March 18, 2015

  A very common problem that I see time and time again is the Log file growth of Microsoft SQL Server .LDF files. This problem can cause service outages when a hard disk is filled up completely by these

• Azure AD Federated SaaS Apps March 11, 2015

  Thanks to Aaron Smalser on the Microsoft Azure product team, I was pointed in the direction of this page that allows me to see the list of Azure AD pre-integrated apps that support SAML or WS-Federati

• Office 365 “Groups” are next generation distribution lists February 26, 2015

  There is a new Azure AD feature that allows you to create O365 groups through the Azure Access Panel. This feature is in Preview Beta but this blog post is a walkthrough of this as well as exploring t

• Lync Online and External Contacts December 21, 2014

  Update 3/9/2015: I just updated this article to include a previously undocumented dependency, that both Lync and Outlook must be on the same version for this to work. Here is an interesting scenario t

• OneDrive offers unlimited cloud storage October 27, 2014

  Today Microsoft announced that OneDrive for Business customers will soon have unlimited storage previous limit was 1TB. Many people have pointed out that the 20,000 file limit seems to nullify the “un

• Lync Phone edition tls handshake fail with usb tethering out of box August 19, 2014

  MSFT support engineers have identified a bug with the USB tethering on Lync Phone Edition. They compared the packet traces of the PIN authentication successful TLS handshake and compared it with the f

• Assign lync policies based on ad group August 15, 2014

  I adapted a script I found online to run within a scheduled task to assign a Conferencing Policy based on the membership of a global group named “CSLyncRecordingUsers.” Originally the script accepted

• Windows Azure Automation August 15, 2014

  Windows Azure Automation allows you to automate the creation, monitoring, deployment, and maintenance of resources in your Windows Azure environment. For example, by default Azure Automation comes wit

• Simple Disk Performance Testing July 31, 2014

  I came across an excellent blog article on disk performance testing: http://www.brentozar.com/archive/2008/09/finding-your-san-bottlenecks-with-sqlio/http://www.brentozar.com/archive/2008/09/finding-y

• Microsoft Azure (IaaS) Cost Estimator Tool July 16, 2014

  Microsoft just released a tool that can connect to your on-premises environment and estimate the cost of running it in Azure Infrastructure as a Service IaaS. You can target an individual physical mac

• DSN 5.1.1 Office 365 User could not email on-premise user June 27, 2014

  Had a strange issue where a user mailbox was created in Office 365 before Dirsync was enabled. After dirsync was enabled and the domain name was validated, the same primary SMTP alias existed in two p

• Combined Powershell script for managing both Azure AD and Exchange Online June 27, 2014

  \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_BEGIN Connect.ps1\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ $LiveCred = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -Connectio

• Minimum Exchange Hybrid Server Requirements for Managing On-Premises Users June 12, 2014

  Recently I was trying to locate guidance for the minimum requirements that an Exchange Hybrid Server would need if the only purpose for the server was to manage on-premise remote mailboxes. An on-prem

• Offline Root CA’s require periodic maintenance June 12, 2014

  In most environments where an offline Root CA is used, it must come back online once every 7 months to provide the Subordinate CA’s with an update CRL list. If this does not happen, the Subordinate CA

• How to prevent Ransomware from infecting your Enterprise Applications June 10, 2014

  Everyone has heard of Spyware and Malware. Ransomware is becoming an all too familiar term but I feel many IT Organizations assume it is a threat isolated to consumers and not Enterprises. In my opini

• An analysis of what is available in Azure RMS Usage Logging today May 22, 2014

  As a follow-up to my last blog post on “Configuring the Azure Rights Management Connector with a Windows FCI File Serverhttp://blogs.catapultsystems.com/IT/archive/2014/04/07/configuring-the-azure-rig

• Configuring the Azure Rights Management Connector with a Windows FCI File Server April 7, 2014

  On March 4th, 2014, Microsoft announced the availability of integrating on-premise File Classification Infrastructure FCI file server with the Azure Rights Management service using the Azure RMS Conne

• Hyper-V Replication between two workgroup servers April 4, 2014

  Enabling Hyper-V between two workgroup servers requires issuing self-signed certificates with makecert.exehttp://1drv.ms/1gv52cK and a registry key to bypass the revocation check. The reason why makec

• Office 365 Message Encryption February 19, 2014

  Today Microsoft announced the generally availability of Office 365 Message Encryption http://blogs.office.com/2014/02/19/office-365-message-encryption-now-rolling-out/http://blogs.office.com/2014/02/1

• Recommendations for reducing the impact to mobile devices during a hybrid migration to Office 365 February 19, 2014

  One of the features available during a Hybrid / “rich-coexistence” migration to Office 365 is the friendly URL redirect that users can receive if they try using the old OWA URL that was pointing to th

• Introduction to Windows Azure Active Directory “Premium” December 16, 2013

  Windows Azure Active Directory WAAD “Premium” is a paid offering that unlocks additional features of WAAD. It is currently in preview and can be unlocked in the Azure Preview Portalhttp://www.windowsa

• 802.1x Wireless Authentication differences in Windows 7 and Windows December 13, 2013

  Rolling out WPA2/Enterprise and all Windows 8 clients could connect fine but Windows 7 clients could not connect. Client side errors in event viewer logged Event 8002 Reason Code 16 “authentication fa

• How to Manage Azure with On-Premise Active Directory November 30, 2013

  When you sign up with a Windows Azure account, by default it creates an instance of Active Directory that resides in Windows Azure only called Windows Azure Active Directory WAAD. This is the same exa

• Configuring Windows Azure Active Directory for 3rd Party Single Sign-On November 30, 2013

  You can add 3rd party applications like Yammer, Twitter, Skype, etc to be enabled for Single Sign-On using WAAD integrated through your on-premises Active Directory. Users can access these application

• The RMS Sharing Application (Preview) in 3 steps November 21, 2013

  The RMS Sharing Application is now generally available As of November 19th ~still in preview as of this writing but you can evaluate it now~. ~It is expected to be released in Q4 2013.~ It allows you

• Enable AADRM in Exchange Online in 2 easy steps November 21, 2013

  On November 5th, 2013 Microsoft announced the general availability of a hosted version SaaS of Rights Management, called Windows Azure AD Rights Management AADRM. Azure RMS is now included in Office 3

• Introducing Windows Azure AD Rights Management (AADRM) August 26, 2013

  Organizations that are interested in taking advantage of the Rights Management features available in volume licensed versions of Microsoft Office have a new deployment option available: Windows Azure

• Linux runs faster on Windows Azure than Amazon or Rackspace Openstack! August 9, 2013

  I recently reviewed a detailed comparison of the top 5 IaaS cloud providers and it listed Windows Azure as having the best overall value both in cost and performance. The interesting thing about the c

• Microsoft Office 365 Federation Metadata Update Automation Installation Tool February 10, 2013

  What is the Microsoft Office 365 Federation Metadata Update Automation Installation Tool? This tool automates an otherwise manual process, which if not performed, would prevent all users from signing

• How to recover missing emails in Office 365 February 6, 2013

  When an email is deleted, where does it go? It goes to the Deleted Items folder. When the deleted items folder is emptied, where does it go? It goes to a hidden folder called deletions. The duration t

• Windows Update December 2012–KB931125 Causes issues with Lync replication February 6, 2013

  We have had customers experience a problem with replication between the Lync FE’s and the Edge services. You can check status by running this command: get-csmanagementreplicationstore We discovered th

• Network Load Balancing: Multicast vs Unicast February 6, 2013

  Windows Network Load Balancing NLB is a pretty popular free solution for quickly setting up load balancers. You must chose either Unicast or Multicast operational mode. Unicast - Each NLB cluster node

• 20 ways to send large files over the Internet February 2, 2013

  When you need to send large files, email is often the most restrictive transport. By default on-premise Exchange 2010 limits emails to just 10 megabytes, and Office 365 offers 25megabytes per email me

• How to share your Outlook calendar free/busy with your friends and family January 21, 2013

  Both Microsoft Exchange on-premise and the hosted version of Office 365 provide a calendar publishing feature that makes it easy to share your calendar free/busy information with your friends and fami

• 10 Recommendations for preventing worm outbreaks January 13, 2013

  The US Department of Homeland defense issued a statement on Friday to disable Java. It’s a serious recommendation because many business applications rely on Java. http://www.kb.cert.org/vuls/id/625617

• Active Directory Migration Toolkit (ADMT) Walkthrough December 30, 2012

  Active Directory Migration Toolkit latest version is v3.2 is a free tool that allows both Inter-Forest and Intra-Forest user, group and computer migration. Installation ADMT Version 3.2 must be perfor

• How to Quarantine unauthorized smartphones with Exchange or Office 365 November 30, 2012

  Some organizations have a mobile device policy where they only permit company-owned phones to connect to their email server. They want to prevent employee-owned or rogue devices from establishing an a

• Office 365 free busy not working with Exchange 2003 August 27, 2012

  In an Exchange 2003 and Office 365 Hybrid Deployment environment, the Office 365 users are able to view the Free/Busy information of Exchange 2003 users or resources. However, the Exchange 2003 user m

• SQL Transaction Logs filling up disk February 16, 2012

  This is the most common cause of SQL outages and crashes. The SQL transaction logs multiply until they completely fill up the hard disk, causing the databases to go offline and disrupting service to a

• How to verify that SQL Server is using the best practice NTFS Cluster Size February 23, 2011

  When planning the NTFS cluster size for a new volume the general consensushttp://sqladm.blogspot.com/2010/06/ntfs-cluster-size.html with the latest versions of Microsoft SQL Server is to use 64k. So i

• What defines success for IT Operations? September 1, 2009

  What must an IT Department do to be successful? The Operations Department within IT requires diligence across many technology disciplines. Here are some suggestions for IT Operations Management, that

• Locked out of SQL? August 6, 2009

  I was recently found myself locked of a demo environment by removing the builtin\\administrators group from SQL Server’s sysadmin role – a good practice by the way. I needed to get into SQL Management