Category: Exchange Online

Cat Links Exchange Online, Microsoft 365, Office 365

Microsoft (unintentionally?) exposes inactive mailboxes content via the EWS API

Posted on Vasil Michev

In what seems like an “accidental feature release”, we can now leverage the EWS API methods to directly access content stored within inactive mailboxes in Exchange Online. I’d wager this to be a bug, but until we get some sort of official confirmation from Microsoft, all bets are off. Either way, I believe it is important for Microsoft 365 customers to known about this change in behavior, hence this short article. …

Continue readingMicrosoft (unintentionally?) exposes inactive mailboxes content via the EWS API

Cat Links Exchange Online, Microsoft 365, Office 365, PowerShell

Create report schedules for Microsoft 365 reports via PowerShell

Posted on Vasil Michev

While the functionality to create report schedules for (handful of the) Microsoft 365 hasn’t received any love for years now, I want to remind you that it still exists. In this article, we will take a deeper look at the PowerShell cmdlets used to manage report schedules, as well as refresh your memory on some of the basics. And who knows, Microsoft might eventually remember this functionality exists and add support for more reports 🙂 …

Continue readingCreate report schedules for Microsoft 365 reports via PowerShell

Cat Links Exchange Online, Microsoft 365, Office 365, PowerShell

Few notes on disabling access to PowerShell in Exchange Online

Posted on Vasil Michev

A question over at Experts Exchange prompted me to refresh my memory on the process of disabling access to PowerShell for Exchange Online users. The proper way to do that, as detailed by Tony in this article, is to toggle the corresponding flag on the user object. Microsoft is however …

Continue readingFew notes on disabling access to PowerShell in Exchange Online

Cat Links Graph API, Exchange Online, Microsoft 365, Office 365

First look at the analyzedEmails Graph API endpoint

Posted on Vasil Michev

Today’s article will be about the newly introduced /analyzedEmails Graph API endpoint, which in a nutshell is a lightweight Threat explorer implementation. While the new API fails to measure up to the robust tool that Threat explorer is, this is not to say it has no merit, as it does …

Continue readingFirst look at the analyzedEmails Graph API endpoint

Cat Links Entra ID, Exchange Online, Graph API, Office 365, OneDrive for Business

Some ramblings around Continuous access evaluation, support for Graph and service principals

Posted on Vasil Michev

Does the Graph resource support Continuous Access Evaluation? How exactly are long-lived CAE tokens issued, and is it worth it to accept some additional risk as a tradeoff? But most importantly, beware of scenarios where CAE-capable service principal is compromised, as the advertised support for revocation seems to be a bit shady! …

Continue readingSome ramblings around Continuous access evaluation, support for Graph and service principals