Modern Authentication process flow:
- Client (Outlook) sends a request to Exchange Online (EXO) to access the mailbox and download data.
- Next EXO request that the client authenticates to Azure AD.
- Azure informs EXO that the user domain is federated and provides the Auth url for EXO to authenticate with the IDP, based off the root domain of the user.
- For example user@tecism.com authenticates to sts.tecism.com
- ADFS then communicates with your domain controller to authenticate the user account.
- The DC successfully authenticates the user, and sends the information back to ADFS.
- ADFS then sends the authenticated user token back to the client.
- The user’s client (Outlook 2016, Outlook 2013, Outlook app,etc) then goes Azure AD with the token, to authenticate, and upon a successful authentication is provided with Access and Refresh tokens that can be used for subsequent logins.
- The client then takes those access tokens and provide them to Exchange Online so it can access the user data.
[PS] Write-host and tips
Write-host (Alias: write)
Example for foreground color and background color:
Write-host “text” -ForegroundColor red -Background Color white |
- Using foreground and background will break a variable writing stored
Powershell has a built in color scheme
Write-warning (yellow on black) |
Write-error (red on black) |
[EXO] Enabling Mailbox on Exchange Online Hybrid Configuration (ADFS)
Enabling/Creating a Mailbox on Exchange Online in a Hybrid Configuration (ADFS)
Considerations:
- Retention policy must be applied on the Exchange Online instead of against the on-premises AD object.
Use the New-RemoteMailbox cmdlet to create a mail user in the on-premises AD and also create an associated mailbox in Exchange Online.
Enable-Remote Mailbox is for an existing AD user.
- remoteRoutingAddress needs to be specified to point to cloud
- Forwarding would be set on the cloud mailbox using the cloud connection
References:
[CMD] Add persistent route
show ipv4 route
netsh interface ipv4 show route
id idx (interface)
route print
add persistent route, bind to interface
route -p add mask 255.255.255.0 192.168.1.170 if
registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip \Parameters\PersistentRoutes
[TIP] Trouble shooting port 25 smtp in LINUX
Troubleshooting Linux e-mail issues.
netstat :
netstat -a | more
shows all listening ports of tcp and udp connections
netstat -at
shows all listening ports connected
netstat -plnt | grep ‘:25’
ss :
ss -lntu | grep ‘:25’
nmap :
nmap -sT -O localhost | grep 25
lsof:
lsof -i:25
telnet myserver.com 25