Skip to main content

Posts

Showing posts from 2018

ZAP (Zero-hour auto purge) Junk email reporting for Office365 using EWS and REST

Zero-hour auto purge is one of the features of Office365 that will detect malicious and Spam emails and move them to the Junk email folder for any email that has breached the first level defences and has been delivered to users mailboxes. There is a good description of how it works here but basically when the service learns a particular message was malicious/spam it can retrospectively detect and eliminate/move any simular messages that arrived previously and weren't detected. This is a good and much need feature as no AntiSpam or Malware solution is perfect (no matter what the vendor say) so there will always be the case where thing slip through. But this very fact is what causes an exposure point where the potentially malicious email sits in the Inbox of end user up until the time its gets zapped. What I wanted to present in this post is a few ways you can measure the amount of the time you may have been vulnerable for and show some methods you can use to look more at message...

Updates to the Exch-Rest PowerShell Module to support PowerShell Core, Azure Cloud Shell and more ADAL integration options

I've had some time recently to do some much needed updates to my Exch-Rest module so it now supports both Azure Cloud Shell and PowerShell Core on Linux (tested on RHEL,CentOS, Debian and Ubuntu). So now you can logon to an Office365 Mailbox using this Module with Powershell on Linux and send Email or a Skype for Business Message or do some mailbox reporting eg The requirements on Linux is you need to be using the latest version of PowerShell core installed as per  https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-powershell-core-on-linux?view=powershell-6 .This ensures that all the required .net Core libraries will be available as older version of .Net core didn't have some of the libraries I'm using and I didn't want to backport for older versions.  Also because there are no Linux forms to interact with for authentication you need to pass in the credentials to use via a PSCredential and the code will use the password grant to get the Token e...

Scripters guide to using Guest Access in Office365 to automate things

Guest access is one of the ways in Office365 of collaborating between different organizations which allows you to give certain people who are outside of your company access to a limited subset of the resources you have in the Cloud. This can be an Office365 unified Group or Microsoft Team but also other workloads like SharePoint and OneDrive can utilize this. When it comes to scripting there are a number of value add things you can do to automate tasks for different people who have guest accounts in another tenant. The first step to automating with Guest Access is to Authenticate and generate an access token in the Guest tenant. Getting the Guest Tenants Authorization Endpoint Before you can authenticate you need to first obtain the Guest tenants Authorization endpoint for the tenant where the Guest Account exists in. To do this you can make a simple Get Request like the following Invoke-WebRequest -uri ("[https://login.windows.net/{0}/.well-known/openid-configu...

How to Create a Presence based Distribution List in Office 365

For those that follow the RSS feed on my blog I've published this article on Medium in the hope of getting a little more exposure and hopefully some work which I could really use at the moment. Check it out here  https://medium.com/@gscales_52503/how-to-create-a-presence-based-distribution-list-in-office-365-67d2daca7ce4?_branch_match_id=588962753274621730

Reporting on Skype for Business Messaging Activity using the Conversation History Folder in Exchange

Skype for Business (and formally Lync before that) uses the Conversation History folder in an Exchange mailbox to store the history of your IM conversations. One message in your mailbox may represent many messages in an IM conversation where the conversation is broken out itself into an XML string in the Message in the "ConversationXml.{CA2F170A-A22B-4f0a-B899-93439DEC3FBC}" extended property which looks something a little bit like this if you dumped its values Which comes from the below underlying MAPI property While Instant Messaging hasn't been around as long as Email the statistics and Reporting on its usage even from third party vendors is pretty underwhelming as the data made available for reporting is limited. If however we take advantage of a Mailbox API like EWS or the Graph API and delve into the above information you can start to produce some more useful statistical reporting about your IM traffic. This could be especially useful at the moment if you w...
All sample scripts and source code is provided by for illustrative purposes only. All examples are untested in different environments and therefore, I cannot guarantee or imply reliability, serviceability, or function of these programs.

All code contained herein is provided to you "AS IS" without any warranties of any kind. The implied warranties of non-infringement, merchantability and fitness for a particular purpose are expressly disclaimed.