If you can‘t send an email with iOS 11 and an Outlook.com or Exchange mail account

You might not be able to send email with an Outlook.com, Office 365, or Exchange account until you update to iOS 11.0.1.

If your email account is hosted by Microsoft on Outlook.com or Office 365, or an Exchange Server 2016 running on Windows Server 2016, you might see this error message when you try to send an email with iOS 11: “Cannot Send Mail. The message was rejected by the server.”

To fix the issue, update to iOS 11.0.1 or later.

Important update for Azure Active Directory Connect – Version 1.1.553.0

Microsoft released Azure Active Directory Connect version 1.1.553.0 on June 26, 2017. More importantly, they published an important security advisory one day later.

Microsoft Security Advisory 4033453 – Vulnerability in Azure AD Connect Could Allow Elevation of Privilege explains,

The [ADD Connect version 1.1.553.0] update addresses a vulnerability that could allow elevation of privilege if Azure AD Connect Password writeback is misconfigured during enablement. An attacker who successfully exploited this vulnerability could reset passwords and gain unauthorized access to arbitrary on-premises AD privileged user accounts. The issue is addressed in the latest version (1.1.553.0) of Azure AD Connect by not allowing arbitrary password reset to on-premises AD privileged user accounts.

Microsoft highly recommends all customers update to version 1.1.553.0 or later to mitigate this vulnerability, even if you don’t use the optional password writeback feature. If you are unable to update immediately, the article above describes mitigation steps you can consider.

  • If the AD DS account is a member of one or more on-premises AD privileged groups, consider removing the AD DS account from the groups.
  • If an on-premises AD administrator has previously created Control Access Rights on the adminSDHolder object for the AD DS account which permits Reset Password operation, consider removing it.
  • It may not always be possible to remove existing permissions granted to the AD DS account (for example, the AD DS account relies on the group membership for permissions required for other features such as Password synchronization or Exchange hybrid writeback). Consider creating a DENY ACE on the adminSDHolder object which disallows the AD DS account with Reset Password permission using Windows DSACLS tool.

Expta

Active Directory Synchronization (DirSync) Deprecation 4 April 2017

Active Directory Synchronization (DirSync) Deprecation

Status: Active

Action Required by: April 4, 2017

Details: We will be removing the Windows Azure Active Directory Synchronization feature from Office 365, beginning April 4, 2017. You are receiving this message because our reporting indicates your organization is using Windows Azure Active Directory Synchronization. When this change is implemented, administrators will no longer be able to synchronize their Active Directories. Instead of using Windows Azure Active Directory Synchronization, use Azure Active Directory Connect.

Message Center: MC45036 – We are removing Windows Azure Active Directory Synchronization from Office 365

Posted: April 13, 2016

Additional Information: Upgrade Windows Azure Active Directory Sync (“DirSync”) and Azure Active Directory Sync (“Azure AD Sync”)

Exchange Online RPC over HTTP Deprecation(Outlook 2007) October 31 2017

Status: Active

Action Required by: October 31, 2017 at 5:59 PM UTC

Details: On October 31st, 2017, Exchange Online mailboxes in Office 365 will require connections from Outlook for Windows use MAPI over HTTP, our new method of connectivity and transport between Outlook for Windows and Exchange. In May of 2014, Microsoft introduced MAPI over HTTP as a replacement for RPC over HTTP. RPC over HTTP was a legacy connection protocol that is being deprecated from Exchange Online. Beginning October 31, 2017, Outlook for Windows clients using RPC over HTTP will be unable to access their Exchange Online mailbox. The necessary action depends on the version of Outlook in use in your organization. If you are using Outlook 2007 or earlier, you need to upgrade. Outlook 2007 does not contain support for the MAPI/HTTP protocol. We encourage you to update to the Office 365 ProPlus subscription, or access Outlook via the web browser (which is included in your current subscription plan). Outlook 2010-2016 customers will need to ensure their version of Outlook for Windows is set up to support MAPI/HTTP. At a minimum, you should ensure you have installed the December 2015 update. Lastly, ensure your Outlook clients are not using a registry key to block MAPI/HTTP.

Message Center: MC85988 – Potential service disruption for Outlook for Windows users

Posted: November 16, 2016

Additional Information: KB3201590: RPC over HTTP deprecated in Office 365 on October 31, 2017

Server 2016 and ADFS Error 364 0d00-0080000000e1 EnableIdPInitiatedSignonPage False

image

On ADFS page you get error: 00000000-0000-0000-0d00-0080000000e1

Event viewer: Event 364 Microsoft.IdentityServer.Web.IdPInitiatedSignonPageDisabledException: MSIS7012: An error occurred while processing the request.

image

image

Get-AdfsProperties | select EnableIdPInitiatedSignonPage

Set-AdfsProperties -EnableIdPInitiatedSignonPage $true

adfs-server-2016-issue-testing

Azure AD Connect Adds Support for Windows Server 2016 and SQL 2016

If you’re a customer who uses Azure Active Directory Connect, you’ll want to know that Microsoft just released version 1.1.343.0, which adds support for Windows Server 2016 and SQL Server 2016 and fixes some bugs.

Improvements:
– Added support for installing Azure AD Connect on Windows Server 2016 standard or better.
– Added support for using SQL Server 2016 as the remote database for Azure AD Connect.
– Added support for managing AD FS 2016 using Azure AD Connect.

Fixed issues:
– Sometimes, installing Azure AD Connect fails because it is unable to create a local service account whose password meets the level of complexity specified by the organization’s password policy.
– Fixed an issue where join rules are not re-evaluated when an object in the connector space simultaneously becomes out-of-scope for one join rule and become in-scope for another. This can happen if you have two or more join rules whose join conditions are mutually exclusive.
– Fixed an issue where inbound synchronization rules (from Azure AD) which do not contain join rules are not processed if they have lower precedence values than those containing join rules.

Download Office 2016 with Click-to-Run for Office 365 products by using the Office Deployment Tool

There are two different versions of the Office Deployment Tool available – one for Office 2013 and a different one for Office 2016. Each Office Deployment Tool works only with that specific version of Office. You can download them from the Microsoft Download Center by using the following links:

Configuration.xml

<Configuration>
  <Add SourcePath=”d:\2016\” OfficeClientEdition=”32″ Branch=”Current”>
    <Product ID=”O365ProPlusRetail”>
      <Language ID=”en-us” />
      <Language ID=”nl-nl” />
    </Product>
    <Product ID=”VisioProRetail”>
      <Language ID=”en-us” />
      <Language ID=”nl-nl” />
    </Product>
  </Add>

  <!–  <Updates Enabled=”TRUE” Branch=”Current” /> –>

  <Display Level=”Full” AcceptEULA=”TRUE” />
 
  <Logging Name=”OfficeSetup.txt” Path=”%temp%” />

  <Property Name=”AUTOACTIVATE” Value=”1″ />

</Configuration>

Download

D:\2016\setup.exe /download d:\2016\configuration.xml

Install / Configure Office 365 (2016)

D:\2016\setup.exe /configure d:\2016\configuration.xml

Source: https://technet.microsoft.com/en-us/library/jj219424.aspx

Skype for Business Basic Client

Lync Basic 2013 provides all the basic functionality that’s available in the full version of Lync (Lync 2013). However, if you want to use any of the following features, you will need to upgrade to Lync 2013:

  • Advanced call features (not available with all Office 365 subscriptions); advanced call features include team ring, call forwarding, simultaneous ring, voice mail, call park, call delegation, response groups, and remote call control
  • Calendar delegation
  • Gallery video view
  • OneNote sharing
  • Recording
  • Skill search (not available with Office 365)
  • Virtual Desktop Infrastructure (VDI) (not available with Office 365)

Download Skype for Business Basic

Microsoft Skype for Business Basic (64 Bit)
http://www.microsoft.com/en-us/download/details.aspx?id=49440

Microsoft Skype for Business Basic (32 Bit)
http://www.microsoft.com/en-us/download/details.aspx?id=49439

Microsoft Office Lens for IOS, Android & Windows Phone

Office Lens trims, enhances and makes pictures of whiteboards and docs readable, and saves them to OneNote. You can use Office Lens to convert images to PDF, Word and PowerPoint files too.    Office Lens is like having a scanner in your pocket. Like magic, it will digitalize notes on whiteboards or blackboards. Always find important documents or business cards. Sketch your ideas and snap a picture for later. Don’t lose receipts or stray sticky notes again!   

What’s new:
– Now you can convert your pictures to PDF files with selectable text, in addition to Word and PowerPoint files, and save them to OneDrive. 

Scenarios:
– Capture and crop a picture of a whiteboard or blackboard and share your meeting notes with co-workers.
– Make digital copies of your printed documents, business cards or posters and trim them precisely.
– Printed text will be automatically recognized (using OCR) so you can search for words in images and copy and edit them.  

Features:
– With Whiteboard mode, Office Lens trims and cleans up glare and shadows.
– With Document mode, Office Lens trims and colors images perfectly.
– Pictures are saved to your camera roll and also directly into OneNote, so you can see the images across all your devices.
– Choose to convert images to PDF (.pdf), Word (.docx), or PowerPoint (.pptx) files that are automatically saved to OneDrive.   
Note: Office Lens requires logging in with your Microsoft Account. Your Microsoft Account must be same as the one registered on your device.

Translate »