Showing posts from December, 2016

Recover Deleted items in Exchange online (Microsoft office 365)

  In Exchange online we provide 3 layers of Recovery so that messages can be recovered Deleted Items Folder Recover Deleted Items Folder Purges Folder     Deleted Items Folder When a mail is deleted(normal Delete not shift Delete) its moved to Deleted Items folder and its present there until, either we manually delete the messages from there or its deleted automatically as per the Retention Policy of the Organization(default value is 30 days)   Recover Deleted Items Folder   When a mail is Shift deleted(hard deleted), or deleted from Deleted items or removed from deleted items by the Retention policy, its moved to the Recover Deleted Items Folder and it remains there for next 14 days (can be extended to 30 days).   There are 2 folders under Recovery Deleted Items Deleted Folder(its not the normal Deleted folder in the mailbox) Purges Folder    When the mail is present in Recovery Deleted Items(Deleted folder) i

Restore data for a deleted office 365 user

We need to create a New user and assign it a Exchange online licenses and let the mailbox be provisioned. Once the Mailbox is created for the new user, proceed further. Connect PowerShell to Exchange Online using below command: $LiveCred = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri  -Credential $UserCredential -Authentication Basic –AllowRedirection Import-PSSession $Session Then checked the old (deleted) user in Soft Delete Get-Mailbox –SoftDeletedMailbox  (check for the deleted user) Get-mailbox –SoftDeletedMailbox –Identity “Name of the mailbox” | fl *guid* Copy the GUID (not Exchange GUID) in a notepad (1) Get-mailbox –Identity “Email address of the new user” | fl *guid* Copy the GUID (2) Following command will copy the old mailbox’s email to the new mailbox. New-MailboxRestoreRequest -SourceMailbox "GUID (1)" -TargetMailbox "GUID (2)" -Tar

Advance Threat protection - Safe Attachment

While Showcasing the ATP features to a client in a POC i noticed the following. ATP - Safe Attachment rule is set as Replace - Block bad attachment and continue to deliver the mail. However the Mail is not delivered it is deleted completely. Solution  Go to Exchange Admin Center > Protection > Malware Filter By default the Malware Policy is set to delete the entire mail if something is found as malware in the mail or attachment. Edit your Default policy. 1. Change the Default Setting to - Delete attachment and use default alert text or Custom Alert "depending on your requirement. In my case i had kept as default alert text. 2. You can also customize the Notification too.  3. You can also set the settings so that it will notifies the sender and sender for the undelivered of the Mail. 4. A notification about the same can be sent to the Admins too, you can use default or costume alert type too. (This will send a intimation to the adm

How to block employee access to Office 365 data

"What do I do to protect data when an employee leaves the organization?" and "How do I block a former employees access to Office 365 after they leave?" IMPORTANT:  The steps in this article are for Office 365 Business Essentials, Office 365 Business Premium and Office 365 Enterprise. A quick overview of the of the process looks like this: Block employee access to Office 365 data. (Optional) Get access to the data of the former employee. (Optional) Send the former employee's email to another employee. Delete the former employee's user account. IMPORTANT:  You need to be a member of the Office 365 global admin role to perform the steps in this topic. Make sure the user that performs these steps has the right permissions to complete these steps. Block employee access to Office 365 data The first thing you'll want to do is block the former employee from logging in and accessing Office 365 data. There are a few steps you