Introduction: Auditing in Exchange Admin Center means troubleshooting the configuration issues by tracking specific changes made by administrators and to help you meet regulatory, compliance, and litigation requirements. Exchange provides two types of audit logging: Administrator audit logging. Mailbox audit logging. Note: You must enable mailbox audit logging for each mailbox so that audited events are saved to the audit log for that mailbox. Enabling Mailbox Audit Logging You need to use Remote PowerShell connected to your exchange, you can’t use EAC. Connect to Exchange Online using PowerShell. Open Windows PowerShell and run command. $UserCredential = Get-Credential In Windows PowerShell credential request, enter your Office 365 global admin account username and password. Run the following command. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection Run the following command. Import-PSSession $Session To verify that you’re connected to your Exchange Online organization, run the following command to get a list of all the mailboxes in your organization. Get-Mailbox This command enables mailbox audit logging for all user mailboxes in your organization. Get-Mailbox -ResultSize Unlimited -Filter {RecipientTypeDetails -eq “UserMailbox”} | Set-Mailbox -AuditEnabled $true You can see in above image AuditEnable is showing True, means mailbox audit logging has been enables for the mailboxes. Run a non-owner mailbox access report. In the EAC, go to Compliance Management> Auditing. Click Run a non-owner mailbox access report. Click Run a non-owner mailbox access report, you can specify dates and select mailbox for whom you want to view edit log. Run the admin audit log report – Administrator auditing logging is enabled by default. In the EAC, go to Compliance Management > Auditing and choose Run the admin audit log report. Choose Start date and End date. And then choose Search. All configuration changes made during the specified time are displayed. Similarly, you can run audit report for In-Place eDiscovery & hold, Litigation hold report, administrator role group report & external admin audit log report. Also, you can export the log report for Mailbox and the admin. Exporting the admin audit log report In the EAC, go to Compliance Management > Auditing > Export the admin audit log. Mention Start date and End date and select the User  whom you want to send the audit log. Click OK and Export. Audit log entries are saved to an XML file that is attached to a message and sent to the specified recipients within 24 hours. Conclusion: You can enable mailbox audit logging, generating reports and audit logs in Exchange Online using Exchange Admin Center.  

Introduction: Encryption is the process by which information is encoded so that only an authorized recipient can decode and consume the information. Steps: The process to setup and enable Office 365 Message Encryption is easy. There are three main steps that need to be followed: Activate Azure Rights Management. Setup Azure Rights Management for Exchange Online. Setup transport rules to enforce message encryption in Exchange Online. Step 1: Activate Azure Rights Management for O365 Message Encryption. Sign in to Office 365. In O365 Admin Center, go to Settings > Services & Add-ins and select Microsoft Azure Information Protection. Click on Manage Microsoft Azure Information Protection settings and you will be redirected rights management Activate the Rights Management. Step 2: Set up Azure Rights Management for O365 Message Encryption. In this step we will use PowerShell to connect to Exchange Online, Open PowerShell as Administrator and enter the following commands to connect and import the session Set-ExecutionPolicy RemoteSigned $cred = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic –AllowRedirection Import-PSSession $Session Verify your IRM is not already configured Get-IRMConfiguration Configure RMS with the online key-sharing locationfor Exchange Online with PowerShell (locations below). Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sprms.ap.aadrm.com/TenantManagement/ServicePartner.svc  Location RMS key sharing location North America https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc European Union https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc Asia https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc South America https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc Office 365 for Government https://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc Import the Trusted Publishing Domain(TPD) from RMS Online Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online” Verify successful setup of IRM in Exchange Online. Test-IRMConfiguration –sender admin@domain.com Disable IRM templates in OWA and Outlook.  Set-IRMConfiguration -ClientAccessServerEnabled $false Enable IRM for Office 365 Message Encryption. Set-IRMConfiguration -InternalLicensingEnabled $true Viewthe IRM Configuration. Get-IRMConfiguration Step 3: Create transport rule to encrypt message. In Office 365 Admin Center, go to Exchange Online Admin Center. Go to Mail Flow > Rules. Click the + and create your transport rule. This rule will encrypt anything that is sent external. Make sure the rules are active. Testing that the transport rule applies Office 365 Message Encryption. Conclusion: Its easy to encrypt your mail and secure it in Office 365.

Introduction: Across your organization, you probably have different types of content that require different actions taken on them to comply with industry regulations and internal policies. Labels in Office 365 can help you take the right actions on the right content. With labels, you can classify data across your organization for governance, and enforce retention rules based on that classification. With labels, you can: Enable people in your organization to apply a label manuallyto content in Outlook, OneDrive, SharePoint, and Office 365 groups. Users often know what type of content they’re working with, so they can classify it and have the proper policy applied. Apply labels to content automatically if it matches specific conditions, such as when the content contains: Specific types of sensitive information. This is available for content in SharePoint and OneDrive. Specific keywords that match a query you create. This is available for content in Exchange, SharePoint, OneDrive, and Office 365 groups. The ability to apply labels to content automatically is important because: You don’t need to train your users on all your classifications. You don’t need to rely on users to classify all content correctly. Users no longer need to know about data governance policies – they can instead focus on their work. Note that auto-apply labels require an Office 365 Enterprise E5 subscription. You create and manage labels on the Labels page in the Office 365 Security & Compliance Center. Create a Label. Sign in to Office 365. In Office 365 Admin Center, go to Admin Centers > Security & Compliance. In Security & Compliance, go to Classifications > Labels. Click on Create a label. Provide a name for Label and description. In Label settings, there is Retention option apart from Retention policy. You can turn this on if you want to apply retention settings to that label and if not, you can simply click on Next. If you turn this On, a various parameter will be shown (as shown in below image). Retain the content – Select the retention period that for how the data will be preserved. What do you want to do after this time – Here we need to select the action which will be taken after the retention age has reached. Label classification – If this is selected, users won’t be able to edit or delete the content or change or remove the label. After providing Label settings, click Next. Review your settings and click on Create this label. Publish labels in Office 365. The primary purpose of the label policy is to group a set of labels and specify the locations where you want those labels to appear. Sign in to Office 365. In O365 Admin Center, go to Admin Centers > Security & Compliance > Classification > Label Policies. Click Publish labels and choose the labels you want to publish for this label policy. A single label can be published in many policies. After adding label, you need to choose the location where you want to publish these labels. Name your policy. Review your settings. Click on Publish labels, it will take up to 1 day to publish these labels in the location you chose, so after clicking on Publish labels you will see the below screen. As it takes normally 1 day to publish the status will be in Pending till then. Applying Labels to the documents in SharePoint and OneDrive. From Office 365 Home tab, click the SharePoint tile. On the new SharePoint tab in your browser, click a site that needs an O365 label assigned. You can assign label to the whole document library at once or you can select the document for which you want to assign label. Applying label to individual document, select the document and apply label. Applying label to a document library, select that Document library > Library settings > Apply label to items in this list or library. Click on Apply label to items in this list or library and select the label you want to apply. Similarly, you can also apply labels to OneDrive document. Conclusion: This is how we can create Label and Label policy, then publish it so that users can classify data across organization for governance and enforce retention rule based on the classification.

Introduction: Messaging records management (MRM) helps organizations to manage email lifecycle and reduce legal risks associated with e-mail and other communications. MRM in exchange online is accomplished by using retention tags and policies. Retention Tags: Retention tags are used to apply retention settings to folders and individual items such as e-mail messages and voice mail. This specify how long a message remains in a mailbox and the action to be taken when the message reaches the specified retention age. When a message reaches its retention age, it’s moved to the user’s In-Place Archive or deleted. Types of Retention tags: Retention tags are classified into the following three types based on who can apply them and where in a mailbox they can be applied. Default policy tags – Applied automatically to entire mailbox. Retention policy tag – Applies automatically to a default folder. Personal tag – Manually to items and folders. Personal tags are available to Outlook web app users as a part of their retention policy. Creating retention tags: In EAC, go to Compliance center > Retention tags, and then click +. Retention tags are classified into three types, select one of the option. The New retention tag page title and options will vary depending on the type of tag you selected. Enter a name for tag, chose retention actions and period, click Save. Retention Actions: Delete and allow recovery – Allow the user to recover deleted items until the deleted items retention period for the mailbox has not reached. Move to archive – Move the message to user’s archive folder, this is applicable only for tags that are automatically applied to the entire mailbox (default) and applied by users to items & folders (Personal). Permanently delete – Purges the item from the mailbox database. Retention Policies: To apply one or more retention tags to a mailbox, you must add them to a retention policy and then apply the policy to mailboxes. A mailbox can’t have more than one retention policy. Retention tags can be linked to or unlinked from a retention policy at any time, and the changes automatically take effect for all mailboxes that have the policy applied. Creating a Retention Policy: In EAC, go to Compliance center > Retention policies, and then click +. In New Retention Policy, provide a name for the policy and click + to add retention tags. After click +, list of all the retention tags will shown and you can select from that. After linking retention tags to policy, click Save. A retention policy can contain the following tags: One DPT with the Move to Archive action One DPT with the Delete and Allow Recovery or Permanently Delete actions One DPT for voice mail messages with the Delete and Allow Recovery or Permanently Delete actions One RPT per default folder such as Inbox to delete items Any number of personal tags Default Retention Policy: Exchange Setup creates the retention policy Default MRM Policy. The Default MRM Policy is applied automatically to new mailboxes in Exchange Online. You can modify tags included in the Default MRM Policy. Place a mailbox on Retention Hold: Placing a mailbox on retention hold suspends the processing of a retention policy. Retention hold is designed for situations such as a user being on vacation or away temporarily. To set a mailbox on Retention Hold, you need to use Powershell. For placing a mailbox on Retention Hold: Command – Set-Mailbox “Uday Mane” -RetentionHoldEnabled $true To check whether the Retention Hold in enabled on a Mailbox: Command – Get-Mailbox “Uday Mane” | Select RetentionHoldEnabled To remove retention, hold from a mailbox: Command – Set-Mailbox “Uday Mane” -RetentionHoldEnabled $false Conclusion: So, this is how we can use MRM to manage email lifecycle and reduce legal risks associated with email and other communications.  

Introduction: Sharing policies enable users to share calendar information with different types of external users. Sharing polices are assigned to mailboxes and allow users to share their free/busy information with recipients in external Office 365 organizations. Creating a sharing policy in Exchange Online. Allow users to share calendar information and contacts with external organizations. Navigate to EAC Organization > Sharing. Under Individual Sharing, click+. In new sharing policy, type a name for the sharing policy in the Policy name. Click + to define the sharing rules for the policy. In sharing rule, select one of the following options to specify the domains you want to share with (as shown below): Sharing with all domains Sharing with a specific domain If you select Sharing with a specific domain, type the name of the domain. To specify the information which can be shared, select Share your calendar folder check box, and then select one of the following: Calendar free/busy information with time only Calendar free/busy information with time, subject, and location All calendar appointment information, including time, subject, location and title Click save to set the rules. If you want to set this sharing policy as the default sharing policy in your organization, select the Make this policy my default sharing policy check box. Click save to create the sharing policy. After creating the policy, User can share their calendar from Outlook. The person to whom you have allowed to share calendar will receive an email (as shown below). By clicking on Add this calendar, the calendar of yours will be shared with that person. Create an organizational relationship. Set up an organization relationship to share calendar information with an external business partner Navigate to Organization > Sharing in Exchange Admin Center. Under Organization sharing, click +. In new organization relationship, in the Relationship name  box, type a name for the organization relationship. In the Domains to share withbox, type the domain for the external Office 365 organization. In Enable calendar free/busy information sharingcheck box to turn on calendar sharing with the domains you listed. To set the free/busy access level, select one of the following: Calendar free/busy information with time only. Calendar free/busy with time, subject, and location. To set which users will share calendar free/busy information, select one of the following: Everyone in your organization. A specified security group – You can browse and select the group for whom you want to enable the sharing. Click save to create the organization relationship. For users to share calendar: Go to Outlook > Calendar. Click Share. Send a sharing invitation in email. Conclusion: So, in this way we can share the calendars between organizations and external users.

Introduction: Spam is an irrelevant or unsolicited messages sent over the Internet, basic spam filter settings in Exchange Online include selecting the action to take on messages identified as spam. Spam-filter policy settings are applied to inbound messages only. You can edit the default spam filter policy to configure your company-wide spam filter settings and create custom spam filter policies and apply them to domains in your organization. Administrator needs to have Organization Management and Hygiene Management role group assigned to them. In EAC, go to Protection > Spam filter. You can either edit the default settings or create a custom spam filter by click on +. On Spam and Bulk action page, under Spam and High confidence spam, select the action to take for incoming spam email. By default, move messages to Junk Email folder is selected. In this case, we are selecting Quarantine Message. Quarantine Message – Sends the message to quarantine instead of to the intended recipients. When you select quarantine message, In Retain spam for (days) specify the number of days during which the spam message will be quarantined. On the Block & Allow list page, you can specify entries, such as senders or domains. Message will always be marked as spam if it is in block list and message will always be delivered if sender is in allow list. On the International Spam page, you can filter email messages written in specific languages, or sent from specific countries or regions. You can configure up to 86 different languages and 250 different regions. On the Advanced Optionspage, you can choose On, Off, or Test for each advanced spam filtering option. If you select Test, no action is taken on messages that meet the spam filter criteria however, messages can be tagged with an X-header before they are delivered to the recipient. If you select Test for any of the advanced options, you can configure the following test mode settings when a match is made to a test-enabled option: None – Take no test mode action on the message. This is the default. Add the default test X-header text– Checking this option sends the message to the recipients but adds a X-header to the message that identifies it as having matched a specific advanced spam filtering option. Send a Bcc message to this address– Checking this option sends a Bcc of the message to the email address you provide. Quarantine – If you have selected to move the spam messages in quarantine then you review spam items in quarantine, messages can be released from there either to selected users or all the users. If an item was incorrectly reported as spam, you can also report it as a false positive. If reported as a false positive and it’s a spam-quarantined message, it will also be reported to the Microsoft Spam Analysis Team, who will evaluate and analyse the message. In the below screen, you can see test spam mails and the message status in the right pane. You can review & release the message as an administrator from EAC by selecting the message and clicking on the Release Message icon. If there are more than 500 messages, then you can have an advanced search to find the message. You can use several parameters to find the message, for targeted search for a specific message you can select Message ID. Message ID – If you discover that the message was sent to the quarantine you can then easily find this message in the quarantine by specifying its Message ID. For example, if a specific message is sent by, or intended for, a user in your organization, but it never reaches its destination, you can search for the message using the message trace feature. If you discover that the message was sent to the quarantine you can then easily find this message in the quarantine by specifying its Message ID. Message trace: As an administrator, you can find out what happened to an email message by running a message trace in the Exchange admin center (EAC). Enter the Data range or select custom to specify the search dates, and then click Search. From the Message trace results, select the message and click Edit. You will able to see the details of the message, status, message ID. Hence, you can get the message ID from message trace feature in Exchange Online and can do an advanced search in Quarantine. You can also analyse the message header from Microsoft remote connectivity analyser URL: https://testconnectivity.microsoft.com/?tabid=mha. Message Header – Message headers provide a list of details about the message, such as who sent it, the software used to compose it, and the email servers that it passed through on its way to the recipient. You can find message header in quarantine message, click on the message for which you want the message header. Copy the message header and paste it under message header analyser in Microsoft remote connectivity analyser. For end users to access spam-quarantined message and release message. Go to following URL: https://admin.protection.outlook.com/quarantine, provide Office 365 credentials and sign in. After you’ve signed in and been authenticated, you’ll be directed to the end user spam quarantine. User can view the details of the message and release messages from user quarantine. Configure end-user spam notification. Administrator can also configure spam notification for end-users. So that users get the notifications of spam quarantined message. Go to EAC > Protection > Spam Filter. Select the Spam filter policy for which you want to configure end-user spam notification. On configuration page, select the days in the range of 1-15 and tick on Enable end-user spam notifications. User will get a mail notification for the same. Conclusion: By this way, you can apply a default spam filter policy or create a custom policy for your organization which will help to protect organization from spam mails.

Introduction: Sometimes users accidentally can remove their emails from inbox and deleted items folder. You can find the deleted mail in Recover deleted items. There also might be a situation when a user cannot find a deleted email in their Office 365 mailbox, a user will probably ask you to recover missing mails. You can recover it directly through Exchange Online using the In-Place eDiscovery & hold options (You must be a Global Administrator in Office 365). Steps: To recover deleted emails, follow the steps below: 1. Login to your Office 365 account and go to the Admin app. 2. On Left pane, extend Admin centers and click Exchange (Exchange Admin Center). 3. Go to Permissions > Admin Roles. From list of roles select Discovery Management and click on Edit icon. 4. On resulting window, go to members section and click + to add a member. Search for your name and click add and Ok. Save it. 5. Sign out and Sign In again, so that changes take effect. 6. Once permission is assigned to you, go to the Compliance Management section and then In-Place eDiscovery & hold. Click + icon 7. Provide a name for your search and, optionally, a description. Click Next. 8. You can choose a mailbox you want to search. Select the Specify mailboxes to search option, and then click on the + icon to add a mailbox. Click Next. 9. The next step is to specify criteria for a search query. Click the Filter based on criteria option, and adjust search options to your needs. When you need to provide more than one keyword in a search query, you need to separate them with OR or AND, not commas. 10. In the same window, click on the Select message types and select Email. Click OK. You can similarly search for contacts, meetings, etc. 11. Once you adjusted search query to your needs, click Next. 12. In the In-Place eDiscovery and hold page click Next without choosing any options as we don’t want to place any content on hold. 13. Now, your settings will be saved. Once the process is completed, click Close. 14. Select the search you created and click Refresh to update the information displayed in the details pane. The status of Estimate Succeeded indicates that the search has finished. 15. In details pane, click Preview search results to view the items. This helps you identify the items you are looking for. 16. If you can’t find an item by previewing search results, then you can copy the search results to a special mailbox (called a discovery mailbox) and then open that mailbox in Outlook on the web to view the items. On the copy search results page, click Browse. Under the display name, click Discovery Search Mailbox, and then click OK and Copy (shown in above image). When the copying is complete, click Open to open the Discovery Search Mailbox to view the search results (shown in below image). The search results copied to the Discovery Search Mailbox are placed in a folder that has the same name as the In-Place eDiscovery search. 17. After you find the item you’re trying to recover for a user, the next step is to export the results from the search you ran to Export  to PST. The user will use this PST file in the next step to restore the deleted item to their mailbox. Click below arrow mark as shown in below image. 18. Click on Run to install eDiscovery tool. 19. Click on Browse button to add location and leave the enable deduplication & include unsearchable items option. 20. After providing PST location click Start, it will ask for Office 365 admin credentials, after providing the same download will start. 21. The last step is to just send this PST file to the user so that he can restore. User need to use the outlook desktop app to restore deleted item by using a PST file. Click to Open Outlook Data File, browse the file and click OK. The PST file appears in the left-nav bar in Outlook. Expand the same and right-click the item you want to recover and then click Move > Inbox. In the below image,  you can see recoverable items. Conclusion: You can easily recover the deleted mails of users even if it is deleted from deleted items and are not shown under recover deleted items.  

Now often, you want to have a common mail address for everyone within a team to monitor and interact through like info@domain.com or support@domain.com Office 365 provides this capability with something called as Shared Mailbox. Features of Shared Mailbox Shared Mailbox doesn’t need an Exchange license. Shared Mailbox doesn’t have its own credentials. Users add this mailbox to theirs and use their own credentials to access it. Shared Calendar is available in a Shared Mailbox where everyone can see who is available when Setting up Shared Mailbox You’ll need to be an administrator in Office 365 to be able to create a Shared Mailbox. Navigate to Office 365 Admin Center and find Shared Mailboxes options under Groups. Click on Add a mailbox I’ll call it Sales@domain.com, for example. And click Add. I selected both the users seen in above step to add to the Shared Mailbox. Those members are seen on the detail pane of the selected Shared Mailbox as shown below Shared mailbox gets created within moments! Adding Users to the Shared Mailbox Only users who have an Exchange Online license can be added to Shared Mailboxes. Click on the mailbox and then on Edit in Members area to add O365 users to the mailbox as shown below Click on +Add Members to add users to the mailbox. You’ll find all the members who already have an Exchange Online license are eligible for adding to the shared mailbox. I selected both the users seen in above step to add to the Shared Mailbox. Those members are seen on the detail pane of the selected Shared Mailbox as shown below Adding Shared Mailbox to Outlook I will show the OWA example in this blog to show how to add the shared mailbox to the user’s Outlook Let’s assume we have the mailbox pwagh@cft79.onmicrosoft.com and we want to add the shared mailbox sales@cft79.onmicrosoft.com to pwagh’s mailbox. In OWA, right click on the root folder of the mailbox and click on Add shared folder Start typing the name of the Shared Mailbox and it should auto-populate the same for you. Select the Shared Mailbox and click Add. The mailbox should then appear in your OWA. Note: It takes a few minutes until the Shared Mailbox is accessible from your mailbox after adding it Hope this was helpful.

Overview: O365 Message Encryption is a service based on Microsoft Azure Rights Management (Azure RMS). Once an RMS is setup, Email messages can be encrypted under certain rules set and provide the recipients with 2 options to read the encrypted email – By an OPT By signing into organization account. Pre-Requisites: Activate Azure RMS in Office 365. Setup Azure Rights Management for Exchange Online Setup transport rule to enforce message encryption in Exchange Online. Activate Azure Rights Management in Office 365: Following are the steps to enable Email Encryption. I’m going to enable encryption on one of my trial environments- Log in to Office 365 Admin Center as a Global Administrator Navigate to Settings section and then select Services and add-ins Then, look for Microsoft Azure Information Protection Open the same by clicking on the highlighted link as shown below On the rights management page, you’ll see the rights management is not activated and you’ll get an option to activate the same. Once you activate the same, it will be activated and you’ll see a page like this Here, Rights Management has been activated! Setup Azure Rights Management for Office 365 Email Encryption: Following steps are carried to setup Azure RMS for Email Message Encryption. Enter the following steps to authenticate and connect to the session. As shown above, enter the commandsSet-ExecutionPolicy RemoteSignedEnter Y/y when asked about changing the Execution Policy.Then, enter $cred = Get-CredentialThen, enter the admin credentials to your O365. 2. You’ll be authenticated, then enter the following commands$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic -AllowRedirection 3. Then, Import-PSSession $Session as shown below 4. Next step is to verify that IRM is not configured yet.   Get-IRMConfiguration 5. Now, configure with key-sharing location. For my North America environment, I’ll use the following –Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc Here’s the list of key sharing locations depending where your tenant resides Location RMS key sharing location North America https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc European Union https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc Asia https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc South America https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc Office 365 for Government https://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc1 6.  Import TPD i.e. Trusted Publishing Domain from RMS Online Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online” 7. Now, test the successful setup of IRM in Exchange Online Test-IRMConfiguration -sender crmadmin@cft77.onmicrosoft.com (Enter your Admin username) 8. Enable InternalLicensing and test again Set-IRMConfiguration -InternalLicensingEnabled: $true And you’ll get the passed result. 9. Few more steps – Disable IRM templates in OWA and Outlook Set-IRMConfiguration -ClientAccessServerEnabled $false and Enable IRM for O365 Message Encryption Set-IRMConfiguration -InternalLicensingEnabled $true 10. Now, check the IRM Configuration Get-IRMConfiguration IRM is now setup! Configure Rules in Exchange Admin Center: Now, we will setup a very simple rule which where the Exchange will send out an encrypted email Navigate to Exchange Admin Center in O365 Under Mail Flow section, create the below rule And set the conditions as – If the sender is CRM Admin, encrypt the email. And then save. And try sending a sample email – The email will be received like this Download the HTML file and open the same. The HTML file will have the following options – Let’s say, I select OPT, I’ll get another email as this And I enter that OTP, I can then see the message And you have the encrypted message feature as shown above! Hope this was helpful!  

Introduction: Sometime it happens that you want to write small piece of code and it should be accessible from outside but you may not have infrastructure ready for it. In that situation you can write a function which can be called from anywhere. Azure function provides required infrastructure for code you need to write and you can make it available within few minutes. You can use Azure functions where you code does not include any complex logic. Azure functions can be used for very small pieces of code which can be invoked via any triggered events. You can choose your language to write the code like C#, F#, Node.js, Python or PHP. Azure Functions lets you develop server less applications on Microsoft Azure. Description: 1. Features: Azure function provides the below features: Choice of language – We can write functions using C#, F#, Node.js, Python, PHP, batch, bash, or any executable. Pay-per-use pricing model – Pay only for the time spent running your code. Bring your own dependencies – we can include other library as well if needed. Integrated security – Protect HTTP-triggered functions with OAuth providers such as Azure Active Directory, Facebook, Google, Twitter, and Microsoft Account. Simplified integration – Easily leverage Azure services and software-as-a-service (SaaS) offerings. Flexible development – Code your functions right in the portal or set up continuous integration and deploy your code through GitHub, Visual Studio Team Services. 2. Function Task: Functions provides templates to get you started with key scenarios, Blob Trigger EventHubTrigger Generic webhook GitHub webhook HTTPTrigger QueueTrigger ServiceBusQueueTrigger ServiceBusTopicTrigger TimerTrigger Create your first function: Prerequisites: Windows Azure Subscription – you can also subscribe for a free trial of Windows Azure from URL. Add Function Apps In order to host your code, you must have a function app created in the Azure. Login to the azure portal and click on the +(plus) sign Select the function app and provide the required details Provide the Azure function details as shown below. Provide all the required field value and click create, you will able to see below screen, Create function: Click on the plus sign as shown Select the httptriger-csharp Provide a unique name to the function and click create Now you are read with the function that can be access from anywhere. This is the template you can write your own code, we will work with the sample code that generated automatically. Let’s test the function from outside. Copy the url form the console as show You will get the code url that can be called from any API tester application, lets we called it from the Postman application. As you can see in the below screen, I called the function from Postman and in out window you will find that it is showing message. It shows some validation message because I have not provided the required fields. I provided the name you will find that output shows the name with greeting. View the function logs Conclusion: So, it concludes that we can have small piece of code that can be called form outside and we don’t require to maintain the infrastructure.