Office 2016 for Mac Update & EXO Authentication Problems – Enable EXO Tenant for ADAL

Posted on Updated on


If you are using Office 2016 for Mac and recently started seeing multiple authentication prompts, you may be using a new ADAL (Active Directory Authentication Library) and your Exchange Online tenant may not be enabled, thus causing authentication problems.1.

To resolve this issue for your Outlook for Mac clients (Windows Outlook can use ADAL, although it must be enabled, however Outlook was automatically updated and is looking for an ADAL Auth response from EXO), follow the steps below.


Turn on modern authentication for Exchange Online

  1. Connect to Exchange Online as shown here.
  2. Run the following command:
    Set-OrganizationConfig -OAuth2ClientProfileEnabled:$true
  3. Run the following command to verify that change was successful:
    Get-OrganizationConfig | ft name, *OAuth*


  • Restart your Outlook for Mac client and authenticate


Note – You should NOT receive multiple authentication prompts, although you may need to authenticate the first time, which is saved into your Mac Keychain!

Exchange Online Protection (EOP) – SPAM, Blocklist, URL Community Participation

Posted on


For those Exchange Online Admins who are interested in Protection, SPAM and other security related mail concepts, this posting is for you.

Exchange Online participates in Protection Communities, which handle tracking and sharing information to other Community Members:

  • Exchange Online participates in the following communities in regards to security:
    • IP Blocklist in concert with Spamhaus
    • URL Lists in concert with Spamhaus, SURBL, URIBL and Invaluement

Office 365 & Mobility Management – Enterprise Mobility Suite

Posted on Updated on

Screen Shot 2014-07-03 at 3.07.21 PM

For you Online Administrators who have a mobility management role and responsibility, then this posting is FOR YOU!  Learn more about how to manage your Bring Your Own Device (BYOD) strategy by managing business mobile devices via Microsoft Online Services.  The Enterprise Mobility Solution allows for iOS, Android and Windows Phones, and desktop(s), providing a complete solution for all your mobility needs and business needs.

Microsoft Enterprise Mobility Suite

Screen Shot 2014-07-03 at 3.04.37 PM

Exchange Online Load Balancing of Mailboxes – Considerations to Outlook Clients

Posted on


For Exchange Online Administrators who hear from their users that they “sometimes” get disconnected and reconnected quickly and wondering…what is going on…this posting is for you!


Exchange Online is constantly reviewing Exchange Mailbox Servers, determining if the right load or amount of mailboxes are on the Exchange Server.  As you know, the Exchange Store, Database Availability Groups (DAG), etc all play a part in how many mailboxes should be located on a server.  EXO makes sure that no servers are NOT overburdened to make sure all users, using any mail application, are not impacted by slow or sluggish performance.

To this end, Office 365 Exchange Admins may notice from time to time, through an Exchange Hybrid Server or Exchange Online Remote PowerShell that EXO mailboxes are being moved, with a move designation as local. This signifies that the mailbox is being load balanced onto another backend mailbox server and don’t worry, this is an Online Move, which means the MBX is being copied/moved over to a new server to provide the best server resources available.  As a result of the Online Move, once complete the original MBX is removed, Active Directory and Exchange are updated to the new location of the mailbox and the Outlook user will reconnect to, which then connects to the new mailbox server and mailbox.

Outlook Users

For those users whose MBXs are being moved to provide the best possible server health and access, they may see Outlook show as Disconnected and then quickly show Connected, with each Outlook connection changing within seconds or less.  In order to minimize the impact to users, the best possible configuration for Outlook users is the following, which allows Outlook to send credentials when asked without being prompted.

  1. Internet Explorer
    1. Why IE?  IE leverages the OS’ WinInet, which is used by socket based applications and when EXO asks for credentials and you add the following to your IE Security Zone settings, Outlook is able to release those credentials without being prompted to manually enter them
      1. Internet Explorer –> Tools –> Internet Options –> Security –> Local Intranet –> Sites –> Advanced
        1. For Active Directory Federation Service (ADFS) SSO (Single Sign-On) users add:
          1. https://*
          2. https://*
        2. For non ADFS users
          1. https://*
  2. Outlook
    1. When connecting to Exchange Online via Outlook, make sure each user uses the Save or Remember Me authentication dialog box.  This saves the users credentials into the Windows Operating System’s Credential Manager (CredMan), so when/if their mailbox is moved and Outlook must reconnect to an Exchange Online CAFE Server (Client Access Front-End), EXO will ask “who are you” and CredMan will silently pass those credentials and allow the Outlook client to quickly reconnect!

Posted on Updated on


For those Exchange Online Administrators who have and/or send/organize large Calendar Invitations (500 or more recipients), then this posting is for you!

..special thanks to Folke for pulling this information into a great format!

Office 365 : Exchange Online

  • Exchange Online has a restriction of a max of 500 recipients/message
  • Use Online Distribution Group when sending large Calendar Meetings in Exchange Online
  • Turn OFF Request Response in meeting request


Issue: Actions: Timeline:
Sending Calendar Meetings to more than 500 recipients with Exchange Online, it is HIGHLY RECOMMENDED that the usage of an Exchange Online Distribution List (DL) is used, as groups are counted as 1 recipient.In Exchange Online, the recipient limit per message is restricted to a maximum of 500, which is why EXO DLs should be used.  When and if the recipients are > 500, the Meeting Organizer is unable to properly send updates, cancellations, etc,  due to the 500 limit. Turn off the large calendar meeting option for Request Response which will allow users to respond, however they will not have the ability to send “comments”.The disablement of this Request Response is needed in Exchange Online meetings so that respondents are not pulled out of the DL and placed onto the To line, which starts the counter towards the EXO 500 recipient limit: Office 365: Recipients and Sender limits

Note -Due to the fact that certain mobile devices, such as an HTC Android, does not adhere to this Request Response setting. As a result these devices and the respondent will be added to the To line.  Meeting Organizers should be careful in that if you have ~500 HTC Androids that respond to this meeting invite, the Meeting Item will be come unmanageable.

Should use this process going forward for large EXO Large Calendar Invitations.


More Information

Solution: Use EXO DLs and Turn Off “Request Response”


When sending these large calendar invitations in Exchange Online (i.e. All Hands Meeting), you should:

  1. Create and use EXO Distribution Lists (DLs) as recipients in the large calendar item
  2. Disable the Request Response flag in the Outlook meeting, so users are not pulled out of the DL and placed onto the To line, starting the 500 Max Recipients/Message EXO limit.


Additional Information

Exchange Online has a restriction of a max of 500 recipients per message to prevent Denial of Service Attacks against the service.

When you leave the standard setting of Request Response=on, attendees can respond not only with Accept, Tentative and Decline, but also with comments.

If an attendee responds with comments, that attendees email address is placed on the TO line, thus outside of the DL and counts as one recipient.

If this happens more than 500 times, the max recipients exceed the 500 limit (1DL+ 500 recipients on TO line=501 recipients = limit exceeded).  Now the Meeting Organizer cannot properly manage the Calendar Meeting Invite, because they cannot send updates because there are more than 500 people on the To line.


More Information

Outlook & Office 365 RSS Feeds for Blogs, IP Address Changes & SHD

Posted on Updated on

For those who manage Office 365 and need to be kept up to date on Service Health Dashboard entries, Office 365 Blogs, and/or IP Address Changes, this posting is for you!

Office 365 RSS Feed

There are different ways to do this work, depending on which version of Outlook you have, so I am providing some links for Outlook 2007, 2010 and 2013 and hopefully you can get your IT / Help Desk teams to use the same, so they are always up to date on Service Health Dashboard content:

Note – While these steps are referencing Outlook, you may use another Email Application which may have the ability to create and monitor/view RSS feeds.  The steps will be different for different Mail Clients, however the steps below are specific to Outlook, using the different versions.

How to setup RSS Feeds in Outlook

  1. 2007 –
  2. 2010 –
  3. 2013 –

Office 365 Feeds

  1. Services Health Dashboard Feed URL:–3s
    1. Note – The items retrieved for this feed are specific to your Office 365 tenant.
  2. Office 365 Technical Blog:
    1. Note – This is a global Blog feed and will provide many different topics and updates and the content is not specific to your Office 365 online tenant.
  3. Office 365 IP Addresses (Portal, SharePoint, Lync, Exchange, etc):
    1. Note – There is also a Change Log page where network administrators can also monitor and review to understand the changes made in IP Addresses for Microsoft Online Services:

Once enabled in Outlook, you can select the RSS Feeds folder and create a new RSS feed, which will pull all the information into Outlook and give you another way to make sure you are up to date on Office 365 Service Health Dashboard entries.

  1. Browse to the Folders view in Outlook and find the RSS Subscriptions folder
    1. Outlook_RSS_Feed
  2. Right-click the RSS Subscriptions and select Add a New RSS Feed
    1. Enter the URL copied from above
    2. Office 365 Services Health Dashboard
      1. Add_rss_feed
    3. Office 365 Technical Blog
      1. RSS_Blog_Feed
    4. Click Add
    5. Once created, click the Office 365 Blog created:
      1. Service Health Dashboard RSS Feed and see the new items start to be synchronized into your Outlook client
        1. outlook_feed_created
      2. Office Blog RSS Feed and see the new items start to be synchronized into your Outlook client
        1. RSS_Entry

Outlook Alerts

Once this step is complete, you can set Outlook to provide a Mail Alert on the O365 Incidents from the RSS feed.


  1. Go to “Manage Rules & Alerts” and select “Enable Rules on all messages downloaded from RSS feeds”.
  2. Create a new Outlook alert rule that will fire off a Mail Alert, and you will see an Outlook alert pop-up.
    1. Outlook –> Manage Rules & Alerts
      1. manage_rules
    2. Click New Rules, using this configuration for new Mail Item Notification when RSS Feeds are received –> Next
      1. new_alerts
    3. Look for RSS Feeds lower in the list and select, as seen below, selecting the From any RSS Feed,
      so you don’t have to worry about specific text or which person writes the posting

      1. rss_feeds_selection
      2. Select the notification options you want, typically towards the bottom of the Rules Wizard, as seen below, with the below playing a sound AND displaying a Desktop Alert –> Next
        1. rss_feeds_selection
      3. Provide any exceptions to this rule –> Next
        1. rule_exceptions
    4. Name it and Finish


  • The above can be used for any of your RSS feeds, whether those are the SHD and/or the Office Blog location.
  • Outlook must be running in order to pick up these incoming RSS Notifications, as seen below



Stretch Goal – Setting up rss feed for your favorite web browser

Setup Browser RSS Feed & Favorites

  1. Browse to website in your web browser:
    1. Find link to Blog Site …for business service updates here
      1. o365_learn_more
    2. Click Subscribe All at top of page:
      1. O365_blog_subscribe
    3. Click Subscribe to Feed
      1. O365_blog_subToFeed
    4. Save to Favorites and Feed –> Subscribe, which saves to your Browser Feed location
      1. O365_blog_feed_accesptance



Office 365 Mobile Admin App

For those interested in viewing their Office 365 Services Health Dashboard, please refer to the following, which will give you an additional “tool” in monitoring your Office 365 Services Health.