Multi-factor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.
In Office 365 the way MFA works is that you use your normal username & password but after you have verified that factor of authentication you are then sent a text message (SMS Message) to your mobile phone with a code to enter into the login screen.
This increases security because if someone does find out your username & password they still cannot login to your account without your mobile phone.
Setting up MFA on Office 365
You will need to be an administrator of your office 365 tenant to set this up.
MFA is a free service that you get with Office 365. At the very least you should have MFA enabled on all administrative users and if you can you should have it enabled on all Office 365 user accounts.
Sharing users calendars is one of the most used parts of an Exchange Server(which is included in most of the business versions of Office 365), this feature allows others inside of your organisation to view or edit calendars.
The old school way of doing this was to go around to each user and set the permissions directly on the calendar by right clicking on it and selecting properties, then navigating to the permissions tab where you could set the permissions for each user or group over the calendar.
But there is a better way. We can use PowerShell to set these permissions in bulk on either exchange or office 365.
So what are the different exchange calendar permission levels?
Straight out of the box calendars come with a bunch of preset permission levels, this makes your life easier because you can allow a bunch of different controls over the calendars from not being able to see them or being able to set users to be able to book meetings and delete meetings if needed. The different permission levels are as follows:
Notice that all of the commands are to do with MailboxFolderPermission, this is because Exchange actually treats the calendar as a folder, so whatever we are doing to the calendar we are actually doing to an exchange folder.
Using PowerShell to Edit Calendar Permissions
So now lets get into it, if you are using Microsoft Exchange installed on your server then you can just open the Exchange PowerShell application, if you are using Office 365 you will need to first connect to office 365 in PowerShell, you can follow the instructions in that article to connect.
Once you are connected to exchange in PowerShell it is time to run some commands.
Getting a users calendar permissions
To get a users calendar permissions we will use the Get-MailboxFolderPermission command in PowerShell.
Some final notes and recommendations with folder sharing in office 365
When setting permissions it is best not to set owner permissions for the calendars as this will allow other users to delete the calendar on someone else’s mailbox. This could lead to a real headache as the users calendar will just disappear and they wont know why.
Setting PublishingEditor permission will allow users to have all permissions except to delete the actual calendar.
Setting default sharing is usually a pretty handy thing in smaller businesses that are using the service. This will allow for more collaboration and a more open workplace.
As you might know with the release of Windows 10 Microsoft gave the ability to join your computer to Azure Active Directory to manage the devices from the cloud.
The main benefit to connecting your computer to Azure AD is that you get Single Sign On(SSO) to all of your Office 365 apps and as Office 365 uses Azure AD for to store all of its user information if you have Office 365 you have Azure AD.
To enroll your device into Azure AD follow these steps
Open the settings
From the settings app open the System settings
Select the about tab and click the Join Azure AD button
Type in your Azure AD Credentials and hit the sign in button
Once you have finished joining AD on Azure then you will need to restart the computer and log in using the Azure AD credentials.
Now you are enrolled into your organisation.
A good feature of Office 365 is that you can actually wipe a mobile device from it. This can be quite useful if a phone or tablet has been stolen or lost and you do not want people to access your enterprise data.
Microsoft Exchange Server also has this same feature and it is the same process in exchange to do this.
You can only clear the data from a device if it was set up to use Exchange ActiveSync. If the device was not setup with activesync then this will not work.
What you will need to do is:
login as the administrator to your office 365 portal.
Then navigate to the ADMIN section on the left hand side and select Exchange. This will then redirect you to the Exchange section of Office 365.
Inside the Exchange you will need to go to the recipients tab and select mailboxes(Mailboxes should be selected first anyway)
Then find the user that you want to wipe the mobile device for and select them
In the right hand side there will be a section saying mobile devices, click on that
Now it should have all the mobile devices that are associated
Select the mobile device that is lost or stolen
Up the top of the window you will be able to select wipe
I got this error after moving someone from a local Exchange 2003 server to Office 365.
When you open outlook you will get a message saying:
The file C:\Users\<username>\Local\Microsoft\Outlook\<emailaddress>.ost cannot be accessed because it has been configured for use with a different mailbox.
From what I can figure out it is because it another exchange account with the same name but different credentials and on a different server but still using the same profile so outlook tries to use the same OST file.
How to fix the OST cannot be accessed error
To fix this issue what you need to do is configure a different email profile. To do this follow these steps:
Open Control Panel
Add a new profile
Give the profile a name and hit OK
Then connect your email account using the correct credentials
Now when you open Outlook it should sync up with Exchange or Office 365.