At Microsoft Ignite 2019, the Exchange product group announced the public preview of a set of REST-based PowerShell cmdlets to replace some of the most popular (and in performance terms, most painful) traditional cmdlets. The new cmdlets are more reliable and robust and run 2-4 times faster than the older Remote PowerShell-based cmdlets (your mileage will vary). All good stuff.
Microsoft made a ton of Office 365-related announcements at their Ignite conference in Orlando. Here's a summary of the key news for SharePoint, Exchange, Stream, Teams, Yammer, and Outlook. More information will emerge during the week, so stay tuned for more coverage as news emerges.
A recent Microsoft post contained the news that Exchange Online uses Windows Server Core. That might be news to some, but not to anyone who's been following the advice of the Exchange product group. Exchange Online doesn't use virtual servers, follows a preferred architecture, wants to reduce the potential attack surface, and extract as much CPU as possible out of its servers. All good reasons why Windows Server Core helps.
Microsoft posted an odd blog on September 9 to announce improvements in the relationship between Exchange Online and Azure Active Directory. Many Office 365 tenants might have ignored the post, but it's actually about a piece of important work to help the service run better. Many updates happen to Exchange Online objects that need to be replicated to Azure Active Directory and onward to other Office 365 app directories. This work means that changes show up faster, which is good, but there's a small downside to note.
In a surprising but welcome announcement, Microsoft moved the end of extended support for Exchange 2010 to October 2020. This version of Exchange was the most technology-rich and significant in the product's history, which might be the reason why so many organizations still depend on Exchange 2010 for email. Better options exist, and Exchange Online is the natural place to go... if your network and applications allow the move.
Microsoft has announced that Exchange Online and Outlook will soon synchronize email signatures across devices. Does this mean that the ISV market for email autosignature products is over? I don't think so because there's lots of other things to do with email signatures once device synchronization is handled.
Microsoft has updated the vererable Get-MailboxStatistics cmdlet in Exchange Online PowerShell to return a bunch of new mailbox activity properties. The properties cover different activities like email and calendar, but the problem with the LastLogon property remains and you still need to do some extra work to get accurate last login information for a user.
OWA is the only Outlook client that supports "Likes." This begs the question how OWA supports likes and where the information about likes is stored. Some probing using easily accessible tools reveals the answer. You might think that the answer only interests Office 365 Trivial Pursuit nerds, but it's actually of real interest to eDiscovery investigators.
Some people worry that Exchange Online mailboxes could be compromised by ransomeware and people will be forced to pay BitCoin to decrypt their messages. It's certainly a possibility, but out-of-the-box solutions exist if you're unlucky enough to be infected. That is, if you've done the necessary up-front planning to prepare for the worst to happen.,
Microsoft has started to flag its intention to deprecate the Search-Mailbox cmdlet. It's probably the right time to remove this cmdlet from Exchange Online because Office 365 compliance searches can serve the same purpose. At least, compliance searches can do most of what Search-Mailbox does faster. Some functionality gaps need to be filled before we can bid adieu to Search-Mailbox, but its time is coming.
PowerShell is a great way of automating common administrative Office 365 operations. That is, if you know what module to use and how to use the cmdlets in that module. Unfortunately things are a bit of a mess with too many modules and inconsistent behavior in areas like error handling. With so many development groups working on Office 365, the PowerShell situation might be inevitable, but it needs cleaning up.
A recent report by a security vendor says that 25% of phishing messages get by Exchange Online Protection (EOP) and arrive into Office 365 user mailboxes. This highlights the need to configure EOP properly and run multiple lines of defense. Microsoft would like you to use Office 365 Advanced Threat Protection (ATP) alongside EOP. Offerings from other security vendors are also available. For better protection against phishing, you should consider something like ATP.
Microsoft has moved the venerable EHLO blog maintained by the Exchange product group to the Microsoft Technical Community (MTC) platform. The first post is about the Exchange 2019 sizing calculator. Hopefully the changeover won't affect the great content published in EHLO over the years. What's of more concern is the lack of participation in the MTC by Microsoft product engineers and MVPs.
Turla, a Russian cyber-espionage group is reported as being behind an attack on Exchange on-premises servers that uses transport agents to capture and process messages for selected users. It's an attack vector that hasn't been seen before and raises the question of how often administrators should review transport agents active on their servers. The important point is that unless your network is compromised, hackers cannot install transport agents on Exchange servers and this attack is more theoretical than practical.
The PST is now a very old file format. Originally introduced to give users the ability to store email moved from their Exchange mailbox, the need for PSTs disappeared years ago because Office 365 users have massive mailboxes. Despite this, some organizations persist in allowing people to use PSTs.