Hybrid Configuration Wizard Transfers Settings – Sorry bit late now

Screen Shot 2018-06-25 at 11.21.43.png

Microsoft’s announcement that the Exchange Hybrid Configuration Wizard (HCW) is now able to transfer some configuration settings from an Exchange on-premises organization to Exchange Online came as a disappointment. Not because of the functionality, which is welcome, but because it is limited and far too late. Continue reading → Hybrid Configuration Wizard Transfers Settings – Sorry bit late now

Teams Can Now Capture Compliance Records for Hybrid & Guest Users

Screen Shot 2018-06-07 at 10.43.44.png

Capturing Compliance Data Since January

Neatly aligned with the need for better compliance mandated by GDPR, Microsoft announced on June 1 that they have been collecting compliance records for messages sent by on-premises users in personal chats since January 31, 2018. Microsoft says that they are working to create compliance records for chats before this date but cannot commit to when this data might be available. Continue reading → Teams Can Now Capture Compliance Records for Hybrid & Guest Users

Deep Dive: How Hybrid Authentication Really Works

A hybrid deployment offers organizations the ability to extend the feature-rich experience and administrative control they have with their existing on-premises Microsoft Exchange organization to the cloud. A hybrid deployment provides the seamless look and feel of a single Exchange organization between an on-premises Exchange organization and Exchange Online in Microsoft Office 365. In addition, a hybrid deployment can serve as an intermediate step to moving completely to an Exchange Online organization.

But one of the challenges some customers are concerned about is that this type of deployment requires that some communication take place between Exchange Online and Exchange on-premises. This communication takes place over the Internet and so this traffic must pass through the on-premises company firewall to reach Exchange on-premises.

The aim of this post is to explain in more detail how this server to server communication works, and to help the reader understand what risks this poses, how these connections are secured and authenticated, and what network controls can be used to restrict or monitor this traffic. Continue reading → Deep Dive: How Hybrid Authentication Really Works

Demystifying Hybrid Free/Busy: what are the moving parts?

Hybrid Free/Busy is one of those things that many people do not fully understand. If everything works well, the complexity is hidden from view and people working in various parts of organization can seamlessly work together. But if things go wrong… you will appreciate deeper understanding of what makes it work. This is why we wanted to create the blog post series on the subject.

In this article, we will discuss how Free/Busy works in an Exchange Hybrid configuration. In next blog post, you will learn what are the most common problems along with how we go about diagnosing those (often) complex issues.

So, what is Free/Busy? Free/Busy is a feature that allows you to see when others are free (their calendar shows availability), busy (their calendar shows them as busy), or even Out of Office, or Something Else (tentative or working away) so that you can find an appropriate time for your meetings. Calling it all “Free/Busy/OOF/Something-Else” didn’t sound so cool to marketing hence “Free/Busy”. In a Hybrid deployment, we usually have some mailboxes in Exchange On-Premises and some mailboxes in Exchange Online (users are in different premises) and this has to work there too. Continue reading → Demystifying Hybrid Free/Busy: what are the moving parts?

Active Directory Access Control List – Attacks and Defense

Recently there has been a lot of attention and a few different blog posts (references at the end of the post) regarding the use of Discretionary Access Control List (DACL) for privilege escalation in a Domain environment. This potential attack vector involves the creation of an escalation path based in AD object permissions (DACLs). For example, gaining “Reset Password” permissions on a privileged account is one possible way to compromise it by DACL’s path.

Although DACL permissions are not the easiest topic to cover in one post and should be digested slowly, there are examples of potential attack scenarios we want to share. The following blog tries to shed some light on the subject, present the possible escalation paths and suggest relevant mitigations.

Continue reading → Active Directory Access Control List – Attacks and Defense