Sysadmin Today #61: Office 365 Best Practices

6 thoughts on “Sysadmin Today #61: Office 365 Best Practices”

1. Fantastic show! Nice to know I’m doing some things right in my Office 365 instance. Like anything, though, revisiting fundamentals can be pretty important, and stuff like disabling IMAP and POP is a lot more relevant now in the current environment and something to implement for nearly all of our mailboxes. (I think there are two where I need them up due to the requirements of some legacy systems.)

   Reply

   1. Thanks, Eric.

      Reply

2. Good show -ITProMentor also just came out with a guide a few days ago at https://www.itpromentor.com/email-security-checklist/
   He also has scripts and a pdf to go through – very helpful.
   I’m working on getting one to work across delegated tenants too but it takes a fair amount of work.

   With all the BEC’s I’ve seen,most of them are now saving the emails to the RSS feeds folder. However, a recent method of attack is to use Flow rules as these are not going to be in a place most people look at and can work just as well to move and forward emails around.

   Reply

   1. Andy, thanks for the feedback.

      Reply

3. Thanks for the episode – you mentioned there was a way to use Powershell to cycle through your CSP tenants to adjust settings. Can you point me in the right direction as to how to do this? thanks

   Reply

   1. Matt,

      See below. My guest Chris Hamm wrote this and should give some insight on how to use scripting to pull information and make changes.

      ########################################
      # Subscription Info Across All Tenants #
      ########################################

      # Setup credentials
      Connect-MsolService

      # Pull All Tenants Tied to Partner Account
      $AllTenants = Get-MsolPartnerContract | ForEach-Object {
      $TenantID = $_.TenantId
      $TenantName = (Get-MsolPartnerInformation -TenantId $_.TenantId).PartnerCompanyName

      New-Object -TypeName PSObject -Property @{
      TenantName = $TenantName
      TenantID = $TenantId
      }
      }

      # All Tenant Licenses
      $AllTenantLicenses = $AllTenants | ForEach-Object {
      $TenantName = $_.TenantName

      # Pull List of License SKUs
      $TenantSKUs = Get-MsolAccountSku -TenantId $_.TenantID

      # Pull SKU Information
      $TenantSKUs | ForEach-Object {
      New-Object -TypeName PSObject -Property @{
      TenantName = $TenantName
      SkuPartNumber = $_.SkuPartNumber
      AccountSkuId = $_.AccountSkuId
      ActiveUnits = $_.ActiveUnits
      WarningUnits = $_.WarningUnits
      ConsumedUnits = $_.ConsumedUnits
      }
      }
      }

      # Output to File
      $AllTenantLicenses | Select-Object TenantName, SkuPartNumber, AccountSkuId, ActiveUnits, WarningUnits, ConsumedUnits | Export-CSV AllTenantLicenses.csv -NoTypeInformation

      # All Tenant Subscriptions
      $AllTenantSubscriptions = $AllTenants | ForEach-Object {
      $TenantName = $_.TenantName

      # Pull List of License SKUs
      $TenantSubscriptions = Get-MsolSubscription -TenantId $_.TenantID

      # Pull SKU Information
      $TenantSubscriptions | ForEach-Object {
      New-Object -TypeName PSObject -Property @{
      TenantName = $TenantName
      Sku = $_.SkuPartNumber
      StartDate = $_.DateCreated
      RenewalDate = $_.NextLifecycleDate
      TotalLicenses = $_.TotalLicenses
      Status = $_.Status
      IsTrial = $_.IsTrial
      }
      }
      }

      # Output to File
      $AllTenantSubscriptions | Select-Object TenantName, Sku, IsTrial, TotalLicenses, StartDate, RenewalDate, Status | Export-CSV AllTenantSubscriptions.csv -NoTypeInformation

      Reply