IBM Security MaaS360

Start the following commandlets

Note: ExchangeOnlineManagement version should be - 2.0.5

By default, we can’t install scripts. To require all PowerShell scripts that you download from the internet are signed by a trusted publisher, run PowerShell as administrator, and run the cmdlet. Press Y and press Enter.

Run the command Install-Module PowershellGet -Force. When asked to install NuGet provider, press Y and follow with Enter.

If Install-Module PowershellGet -Force already installed

Install the Exchange Online Management module. Press Y and Enter.

To check the version of the module that's currently installed

Import-Module ExchangeOnlineManagement; Get-Module ExchangeOnlineManagement

Start your connection to Exchange Online

Connect to Exchange Online PowerShell using the EXO V2 module with or without MFA.

Note :

• EAS Module v2.0.5: Install only this version of ExchangeOnlineManagement. Client may see issues if they upgrade to the latest (v3.0.0). To resolve this issue, uninstall the existing version, and install v2.0.5.

• Get-InstalledModule -Name ExchangeOnlineManagement
• Uninstall-Module -Name ExchangeOnlineManagement
• Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.5

How can the Exchange Online Credentials be Verified using Powershell?

How to Validate Exchange online credential on Cloud Extender config Tool?

Step 1: Open the Cloud Extender Config Tool and Navigate to the Exchange module

Step 2
1. Enter the hostname.

2. Enter the Username and password.

3. Click on Validate All Accounts.

4. Click on Next
5. Click on Save


How can the Proxy Setting Exchange Online Credentials be Verified using PowerShell?

#Set the username: $username = 'Your User Name ' <Enter> #Set the password: $password = 'Your Password here ' <Enter> #Clear any existing sessions: get-pssession | remove-pssession #Convert the password to a secure string: $securepassword = convertto-securestring $password -asplaintext -force #Create the credentials object: $PSCredObj = New-Object System.Management.Automation.PSCredential($username,$securepassword) $proxysettings = New-PSSessionOption -ProxyAccessType IEConfig #Set the URI: $serveruri = 'https://ps.outlook.com/powershell/' #Open the Office365 session: Connect-ExchangeOnline -Credential $PSCredObj -ConnectionUri $serveruri -PSSessionOption $proxysettings

How to configure and validate Exchange online credentials on Cloud Extender config Tool using Proxy?

Step 1: Open the Cloud Extender Config Tool and Navigate to the Exchange module

Step 2
1. Enter the hostname.

2. Enter the Username and password.

3. Select the checkbox Use IE proxy for Office365 PowerShell connection

4. Click on Validate All Accounts.

5. Click on Next
6. Click on Save

Troubleshooting

O365 currently supports only TLS 1.2 protocol. The PowerShell command we use to connect to exchange online may not using that protocol and hence the handshake may be failing.

1. Error Acquiring Token

• If you see the issue the following message in PowerShell, then the issue is related to TLS 1.2 protocol:

 To Solve the issue please follow the below steps:

1. Backup the current Registry on the CE Server.
2. Make the below changes in the Registry on the CE server
3. TLS 1.2 registry key

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]    "SystemDefaultTlsVersions" = dword:00000001    "SchUseStrongCrypto" = dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]    "SystemDefaultTlsVersions" = dword:00000001    "SchUseStrongCrypto" = dword:00000001

        4. Stop and Restart CE services and check if the issue persists.
       5. If the issue persists, reboot the CE server and check again if the issue persists.

2. If you see the following message in cloud extender config tool - Unable to authenticate the following service account

Add this registry Key - TLS 1.2 registry key

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]    "SystemDefaultTlsVersions" = dword:00000001    "SchUseStrongCrypto" = dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]    "SystemDefaultTlsVersions" = dword:00000001    "SchUseStrongCrypto" = dword:00000001

    4. Stop and Restart CE services and check if the issue persists.
    5. If the issue persists, reboot the CE server and check again if the issue persists.

Refer - https://docs.microsoft.com/en-us/mem/configmgr/core/plan-design/security/enable-tls-1-2-client

Wrapping up

The new Exchange Online module is powerful and makes working with Exchange Online a lot easier. I hope this article helped you to switch to Modern authentication for the Cloud Extender Exchange Active Sync module.

If you have any questions, just drop a comment below.

Find out more about Unified Endpoint Management: https://www.ibm.com/security/unified-endpoint-management

Find out more about IBM Security MaaS360 with Watson: https://www.ibm.com/products/unified-endpoint-management