As we come to the end of 2018, or the beginning of 2019 depending on when you’re reading this, it seems like a good time to look at how Exchange Online has changed over the last year.
It wouldn’t be too hard for an email administrator these days to think of Exchange Online as a static service. If you are not actively paying attention to the updates in the service, you may have missed some of the changes that have rolled out recently. I thought this would be a good time to take a quick look back at some of the more important changes that have come into Exchange Online.
In this blog post, I’ll give a quick overview of three new features for Exchange Online. I’m not going to go into a full implementation guide for any of these features, but I will link to the appropriate documentation for each of these new features.
Hybrid Organization Configuration Transfer V2
In June 2018, Microsoft introduced the new Organization Configuration Transfer (OCT) into the Hybrid Configuration Wizard (HCW). OCT is a tool that helps to transfer some of the settings from your on-premises Exchange organization into Exchange Online without the need to manually review and recreate a bunch of clicks.
The first version of the OCT tool transferred the settings for:
Active Sync Mailbox Policy
Mobile Device Mailbox Policy
OWA Mailbox Policy
Retention Policy Tag
In November, the OCT tool was updated to transfer the settings for these additional features:
Active Sync Device Access Rule
Active Sync Organization Settings
Malware Filter Policy
Policy Tip Config
The list above notes twelve Exchange features for which your on-premises configuration can seamlessly be transferred into Exchange Online. In addition, to the ability to copy these new settings, the second version of the OCT also gives admins the choice to overwrite online settings that differ from the on-premises settings. There is even a script created to roll back the updates when overwrites are provided.
As someone who has had to manually transfer these settings many times, I can say this OCT tool is a real time saver and it clearly demonstrates the benefit of a subscription service model that provides constant updates.
Disabling Basic Authentication for Exchange Online
Modern Authentication (MA) has been available for Exchange Online for some time now. MA allows users to authenticate into Exchange Online with Multi-factor Authentication as well as enabling some other nifty authentication scenarios. The ability to disable Basic Authentication means that organizations can now force all client connections to Exchange Online to use these more secure connection protocols.
There is a lot of leg work to be done before disabling Basic Authentication, so I’d recommend carefully reading the documentation before proceeding. I don’t have the space in this blog post to cover the whole process, so I do want to warn you that making this change can have catastrophic consequences. Please make sure you test this change before pushing it into production.
Public Folder Migration Improvements
For the first few years of Office 365, Microsoft didn’t support public folders in Exchange Online at all. But we all know that public folders are harder to kill than… (you can fill in your own joke. I can’t be blamed for what’s in your head.)
With the release of Exchange 2013 public folders got updates on-premises and could exist in Exchange Online. The migration process into the cloud for Public Folders, however, is complex and painful. While the improvements made to the migration process this year don’t exactly make it a winning experience, they do make the process of migrating Public Folders into the cloud better.
The improvements to Public Folder migrations include:
Reliability improvements – previously some non-fatal errors during the migration process would cause the migration batch to be marked as failed. In these cases, the admin would need to resubmit the migration batch, which can cause significant delays in the migration process. Microsoft has made changes to the migration process that will ignore those non-fatal errors when a migration batch completes. Unfortunately, the documentation isn’t very specific about what those errors are, so will just have to assume ignoring them is a good thing.
Speed improvements – As a Public Folder migration batch completes, the Mailbox Replication Service (MRS) performs clean up tasks. Microsoft found that sometimes these clean up tasks would fail, and then go into a four-hour waiting period before trying to complete again. Microsoft made changes in the clean-up process that occurs after a Public Folder migration batch. The documentation claims this change can reduce the time it takes to complete a Public Folder migration batch by several days.
Migrating up to 250,000 Public Folders from all versions of Exchange – All versions of on-premises Exchange 2010 and later now support migrating up to 250,000 public folders into Exchange Online.
Controlled connections to Public Folders – Public Folders might be an organizational requirement for your company, but that does not mean everyone in the organization needs to access them. Earlier this year, Microsoft added the ability to control who connects to Public Folders. New PowerShell attributes for Set-CASMailbox and Set-OrginizationConfig allow administrators to control which users will get Public Folder information in their AutoDiscover responses, so that only authorized users clients will attempt to make a connect to Public Folders.
Wrapping it up
It’s one thing to know that Office 365 is an ever-evolving service, but it's another thing entirely to keep up to date with all the new features and functionalities. In this blog I touched on three new features of Exchange Online. Most of us working as administrators in the Office 365 world need to keep track of a lot more than just Exchange Online... Skype for Business Online, Teams, SharePoint Online, Azure Active Directory, and more can add up to a significant workload just trying to keep track of the new features.
Nathan O'Bryan MCSM
Nathan is a five time former Microsoft MVP and he specializes in Exchange, Microsoft 365, Active Directory, and cloud identity and security.