Microsoft 365 Security Report

Report created for Acestara on Monday 09 June 2025 at 1:30 PM

Dashboard

Admins

Users

Licenses

Mailbox Access

Devices

Mobile Devices

Contacts

Resources

Groups

Forwarding

Transport Rules

Inbox Rules

Conditional Access

Action Points

Glossary of Terms

Company Information

Name	Technical E-mail	Telephone Number
Acestara	glenn@mspeasytools.co.uk	01218090309

Tenant wide options

Unified Audit Log	Security defaults	Days until password expiry	Authentication Methods Policy
Enabled	Disabled	NEVER	migrationInProgress

Authentication Methods

Active Sync	POP	IMAP	MAPI	SMTP	OAuth2
Enabled	Disabled	Disabled	Enabled	Enabled	Enabled

MFA conditional access policies

Name	ID	Users included	Users excluded	Groups included	Groups excluded	Roles included	Roles excluded	State
MFA global admin	3ff2a2d3-93e3-4efa-90e0-d691ab635657	glenn@acestara.com	andrew@acestara.com, Ginger@acestara.com, Hippo@acestara.com	ef9910ce-4da7-4117-8be9-723ac772b6e5>Acestara Team		Global Administrator		enabled
MSPET-Require-MFA-for-All-Users	941cee82-df7e-45c2-bbfa-0903cb0b72e9	All						enabled

Global Administrators

Search:

Admin Role	Name	MFA Status	Is Licensed	Is Blocked	E-mail Address
Global Administrator	Glenn Evans	enforced	yes	no	glenn@acestara.com
Global Administrator	Quinn Evans	Enabled (CA)	yes	no	quinn@acestara.com
Global Administrator	Jennifer Aurelli	Enabled (CA)	yes	no	Jenny@acestara.com
Global Administrator	Chris Anthemum	enabled	no	no	Chris@acestara.com
Global Administrator	Andrew test	enforced	yes	no	andrew@acestara.com
Global Administrator	Andrew Demo Admin account	enforced	no	no	demo@acestara.com
Global Administrator	Connie Test	Enabled (CA)	no	no	connie@acestara.com
Global Administrator	Hippo Bill	Enabled (CA)	no	no	Hippo@acestara.com
Global Administrator	andrew2 Eardley	Enabled (CA)	no	no	andrew2@acestara.com
Global Administrator	Kamil Haluska	Enabled (CA)	no	no	KamilHaluska@acestara.com
Global Administrator	MSP Easy Tools	enforced	no	no	MSPET@acestara.com

Showing 1 to 11 of 11 entries

First Previous1Next Last

Domains

Search:

Domain Name	Verification Status	Default	DKIM enabled
acestara.onmicrosoft.com	Verified	No	Enabled
acestara.com	Verified	Yes	Enabled

Showing 1 to 2 of 2 entries

First Previous1Next Last

Azure AD registered applications

Search:

Name	AppID	Created on	Publisher Domain	Client Secret expiry	Client Secret status	Certificate expiry	Certificate status
P2P Server	e7a627c8-ad59-428c-b444-3eb4415ae131	2025/04/05 18:07	acestara.com

Showing 1 to 1 of 1 entries

First Previous1Next Last

Enterprise AD registered applications

Search:

Name	AppID	Created on
Microsoft Graph Command Line Tools	14d82eec-204b-4c2f-b7e8-296a70dab67e	2025/05/14 08:07
Nine for Office 365	516e4bcb-86da-4cfe-92cb-435c1e8dbf71	2022/09/11 09:42
Google Workspace	4d7fe9fb-5646-447f-ba61-ba9bd4455b27	2025/04/05 21:08
OfficeMail Pro	875f7cff-1574-438d-9385-cf9b391910ce	2024/11/18 09:51

Showing 1 to 4 of 4 entries

First Previous1Next Last

Users with Strong Password Enforcement Disabled

Search:

Information
Information: No Users were found with Strong Password Enforcement disabled

Showing 1 to 1 of 1 entries

First Previous1Next Last

Users with password expiry policy disabled

Search:

Name	Primary Email Address	Is Licensed	MFA Status	Password Expiry Policy
MSP Easy Tools	MSPET@acestara.com	False	enforced	Never Expires

Showing 1 to 1 of 1 entries

First Previous1Next Last

Role Assignments

Search:

Admin Role	Name	MFA Status	Is Licensed	Is Blocked	E-mail Address
Application Administrator	Kamil Haluska	Enabled (CA)	no	no	KamilHaluska@acestara.com
Attribute Assignment Administrator	www www	Enabled (CA)	no	no	www@acestara.com
Authentication Administrator	www www	Enabled (CA)	no	no	www@acestara.com
Azure DevOps Administrator	Quinn Evans	Enabled (CA)	yes	no	quinn@acestara.com
Billing Administrator	Quinn Evans	Enabled (CA)	yes	no	quinn@acestara.com
Billing Administrator	Chris Anthemum	enabled	no	no	Chris@acestara.com
Billing Administrator	Olive Yew	enabled	no	no	Olive@acestara.com
Billing Administrator	Equipment	enabled	no	no	equipment@acestara.com
Exchange Administrator	Mark Potts	Enabled (CA)	no	no	Mark@acestara.com
Exchange Administrator	Ralph Higgins	enabled	no	no	ralph@acestara.com
Exchange Administrator	Andrew test	enforced	yes	no	andrew@acestara.com
Exchange Administrator	Pamela Pumpkin	Enabled (CA)	no	no	Pam@acestara.com
Global Administrator	Glenn Evans	enforced	yes	no	glenn@acestara.com
Global Administrator	Quinn Evans	Enabled (CA)	yes	no	quinn@acestara.com
Global Administrator	Jennifer Aurelli	Enabled (CA)	yes	no	Jenny@acestara.com

Showing 1 to 15 of 29 entries

First Previous1 2Next Last

Role Assignments Chart

Microsoft 365 Users

Search:

Name	Primary E-mail address	Licenses	Email Type	Last Logon date	Days since last logon	Reset Password at Next Logon	Is Blocked	MFA Status	System Preferred Authentication Method Enabled	System Preferred Authentication Method	User Preferred Method For Secondary Authentication	MFA Methods Registered	Self Service Password reset capable	Self Service Password reset registered	Self Service Password reset enabled	Passwordless Capable	ActiveSync	POP	IMAP	MAPI	SMTP	OWA	E-mail Aliases

Name	Primary E-mail address	Licenses	Email Type	Last Logon date	Days since last logon	Reset Password at Next Logon	Is Blocked	MFA Status	System Preferred Authentication Method Enabled	System Preferred Authentication Method	User Preferred Method For Secondary Authentication	MFA Methods Registered	Self Service Password reset capable	Self Service Password reset registered	Self Service Password reset enabled	Passwordless Capable	ActiveSync	POP	IMAP	MAPI	SMTP	OWA	E-mail Aliases
Alan Thomas	alanthomas@acestara.com	TEAMS_ESSENTIALS_AAD	UserMailbox	Not available	Not available	False	No	Enabled (CA)	True			passwordAuthenticationMethod	False	False	False	False	Enabled	Disabled	Disabled	Disabled	Disabled	Enabled	alanthomas@acestara.com
Alfie McDee	alfiemcdee@acestara.com		Not Active	Not available	Not available	False	No	enforced	True	PhoneAppNotification	push	passwordAuthenticationMethod	False	False	False	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
Andrew test	andrew@acestara.com	MICROSOFT 365 BUSINESS BASIC	UserMailbox	2025-03-19 09:12:58	82	False	No	enforced	True	PhoneAppNotification	push	passwordAuthenticationMethod, emailAuthenticationMethod, phoneAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod	True	True	True	False	Enabled	Disabled	Disabled	Enabled	Disabled	Enabled	testemail@acestara.com, andrew@acestara.com
andrew2 Eardley	andrew2@acestara.com		Not Active	2023-11-06 10:07:45	581	False	No	Enabled (CA)	True	PhoneAppNotification	push	passwordAuthenticationMethod, phoneAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod	True	True	True	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
Anne Teak	Anne@acestara.com		Not Active	Not available	Not available	False	No	Enabled (CA)	True	PhoneAppNotification	push	passwordAuthenticationMethod	False	False	False	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
Art Deco	Art@acestara.com		Not Active	Not available	Not available	False	No	enforced	True	PhoneAppNotification	push	passwordAuthenticationMethod, temporaryAccessPassAuthenticationMethod	False	False	False	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled	Art@acestara.com
Ben Dover	Ben@acestara.com	MICROSOFT POWER AUTOMATE FREE, EXCHANGE ONLINE KIOSK	UserMailbox	Not available	Not available	False	No	enforced	True	PhoneAppNotification	push	passwordAuthenticationMethod	True	True	True	False	Enabled	Disabled	Disabled	Disabled	Disabled	Enabled	Ben@acestara.com
chee	chee@acestara.com		UserMailbox	Not available	Not available	False	No	enforced	True	PhoneAppNotification	push	passwordAuthenticationMethod	False	False	False	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled	chee@acestara.onmicrosoft.com, chee@acestara.com
Chris Anthemum	Chris@acestara.com		Not Active	Not available	Not available	False	No	enabled	True			passwordAuthenticationMethod	True	True	True	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
Connie Test	connie@acestara.com		Not Active	2025-06-03 13:52:52	5	False	No	Enabled (CA)	True	PhoneAppNotification	push	passwordAuthenticationMethod, phoneAuthenticationMethod, temporaryAccessPassAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod	True	True	True	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
ddd ddd	ddd@acestara.com		Not Active	Not available	Not available	False	No	Enabled (CA)	True			passwordAuthenticationMethod	False	False	False	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
Andrew Demo Admin account	demo@acestara.com		Not Active	2022-06-16 12:44:19	1089	False	No	enforced	True		oath	passwordAuthenticationMethod	True	True	True	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
Equipment	equipment@acestara.com		EquipmentMailbox	Not available	Not available	False	No	enabled	True	PhoneAppNotification	push	passwordAuthenticationMethod	True	True	True	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled	equipment@acestara.com
Ginger Plant	Ginger@acestara.com		Not Active	Not available	Not available	False	No	enforced	True	PhoneAppNotification	push	passwordAuthenticationMethod	False	False	False	False	Disabled	Disabled	Disabled	Disabled	Disabled	Disabled
Glenn Evans	glenn@acestara.com	EXCHANGE ONLINE (PLAN 1), MICROSOFT_INTUNE_SUITE, AZURE ACTIVE DIRECTORY PREMIUM P1	UserMailbox	2025-06-04 20:12:19	4	False	No	enforced	True	PhoneAppNotification	push	passwordAuthenticationMethod, phoneAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod, microsoftAuthenticatorAuthenticationMethod	True	True	True	False	Enabled	Disabled	Disabled	Enabled	Enabled	Enabled	admin@acestara.com, glenn@acestara.com, admin@acestara.onmicrosoft.com

Showing 1 to 15 of 44 entries

First Previous1 2 3Next Last

Licensed and Unlicensed users chart

Microsoft 365 User MFA Status

Microsoft 365 Mailbox Types

Microsoft 365 Licenses

Search:

Name	Total Amount	Assigned Licenses	Unassigned Licenses
MICROSOFT_INTUNE_SUITE	1	1	0
EXCHANGE ONLINE KIOSK	5	3	2
EXCHANGE ONLINE (PLAN 1)	1	1	0
TEAMS_ESSENTIALS_AAD	0	1	-1
AZURE ACTIVE DIRECTORY PREMIUM P1	1	1	0
MICROSOFT 365 BUSINESS BASIC	0	1	-1

Showing 1 to 6 of 6 entries

First Previous1Next Last

Microsoft 365 Licenses and Users

Search:

Name	Users allocated this license
Microsoft_Intune_Suite	glenn@acestara.com
Exchange Online Kiosk	Ben@acestara.com, Jenny@acestara.com, quinn@acestara.com
Exchange Online (Plan 1)	glenn@acestara.com
TEAMS_ESSENTIALS_AAD	alanthomas@acestara.com
Azure Active Directory Premium P1	glenn@acestara.com
Microsoft 365 Business Basic	andrew@acestara.com

Showing 1 to 6 of 6 entries

First Previous1Next Last

Microsoft 365 Licensing Charts

Microsoft 365 delegated access to mailboxes

Search:

Primary E-Mail	Mailbox Type	Users who can access this mailbox
glenn@acestara.com	UserMailbox
alanthomas@acestara.com	UserMailbox
andrew@acestara.com	UserMailbox
Ben@acestara.com	UserMailbox
chee@acestara.com	UserMailbox	quinn@acestara.com,ralph@acestara.com,Art@acestara.com,chee@acestara.com
equipment@acestara.com	EquipmentMailbox
Hugo@acestara.com	SharedMailbox
Jenny@acestara.com	UserMailbox	quinn@acestara.com,Jenny@acestara.com,support@acestara.com,ralph@acestara.com,meetingroom@acestara.com,alanthomas@acestara.com
quinn@acestara.com	UserMailbox
ralph@acestara.com	SharedMailbox	quinn@acestara.com,Jenny@acestara.com,chee@acestara.com,www@acestara.com
reception@acestara.com	SharedMailbox	www@acestara.com,alanthomas@acestara.com
support@acestara.com	SharedMailbox	quinn@acestara.com,ralph@acestara.com
www@acestara.com	SharedMailbox

Showing 1 to 13 of 13 entries

First Previous1Next Last

Microsoft 365 devices

Search:

InActive Days	Owners	Registration Date Time	Device Id	Is Managed	Enabled	Administrative Units	Name	Object Id	Operating System	Management Type	Groups	Users	Last SignIn Date Time	BitLocker Encrypted	Is Compliant	OS Version	Join Type
11	KamilHaluska@acestara.com	-	60c153d4-2296-4667-a6bb-da2df61d98f1	-	True	-	MSPET	0af0258f-9b7a-405a-9390-f555a8d70221	Windows	-	-	KamilHaluska@acestara.com	29/05/2025 08:25:32	No	-	10.0.26100.2314	Azure AD registered

Showing 1 to 1 of 1 entries

First Previous1Next Last

Microsoft 365 mobile device access

Search:

Primary Email Address	Display Name	Name	Device Model	Device Type	Device OS	Development Name	Device Id	Client Type	Client Version	Mobile Operator	First Sync	Last Sync	Last Sync Attempt
andrew@acestara.com	Andrew test	andrew	SM-S928B	Android	Android 14.S928BXXU3AXH7	e3qxeea	4E696E65364131333437433035323839	EAS	16.1	vodafone UK	2024/11/19 13:23	2024/11/22 21:43	2024/11/22 21:43
glenn@acestara.com	Glenn Evans	admin	Outlook for iOS and Android	Outlook	14		3C07E3A45F6336689A4B35C543C8CD2F	Outlook	1.0		2025/04/05 20:21	2025/04/05 20:40	2025/04/05 20:40
glenn@acestara.com	Glenn Evans	admin	Outlook for iOS and Android	Outlook	9		D5949AAD949B314EA959EBA145C96202	Outlook	1.0		2025/04/05 18:23	2025/04/05 18:23	2025/04/05 18:23

Showing 1 to 3 of 3 entries

First Previous1Next Last

Mobile device types

Microsoft 365 contacts

Name	E-mail Address
PamP	pam@acestara.com
Sydney	sydney@Asw342A.com

Microsoft 365 Mail Users

Search:

Name	Primary E-Mail	E-mail Aliases
Paulo	Paulo@gpostpc321.com
sydney_Asw342A.com#EXT#	sydney@Asw342A.com

Showing 1 to 2 of 2 entries

First Previous1Next Last

Microsoft 365 Room Mailboxes

Name	Primary E-Mail	E-mail Aliases
Meeting Room	meetingroom@acestara.com

Microsoft 365 Equipment Mailboxes

Name	Primary E-Mail	E-mail Aliases
Equipment	equipment@acestara.com

Microsoft 365 Groups

Search:

Name	Type	Owner	Members	E-mail Address	ID
Acestara	Microsoft 365 Group	andrew@acestara.com, andrew2@acestara.com, Chris@acestara.com, connie@acestara.com, demo@acestara.com, glenn@acestara.com, Hippo@acestara.com, KamilHaluska@acestara.com, MSPET@acestara.com, quinn@acestara.com	alanthomas@acestara.com, andrew@acestara.com, Art@acestara.com, Ben@acestara.com, chee@acestara.com, glenn@acestara.com, Hippo@acestara.com, holly@acestara.com, Hugo@acestara.com, Jenny@acestara.com, KamilHaluska@acestara.com, kevin@acestara.com, Mark@acestara.com, Paulo@gpostpc321.com, quinn@acestara.com, rhea@acestara.com, sydney@Asw342A.com, www@acestara.com, alfiemcdee@acestara.com, andrew2@acestara.com, Anne@acestara.com, Chris@acestara.com, connie@acestara.com, ddd@acestara.com, demo@acestara.com, Ginger@acestara.com, Jean@acestara.com, Liz@acestara.com, Mal@acestara.com, MarkA@acestara.com, michael@acestara.com, MSPET@acestara.com, Neil@acestara.com, Olive@acestara.com, Pam@acestara.com, Perry@acestara.com, Pet@acestara.com, Peter@acestara.com, Ray@acestara.com, Simon@acestara.com, ttt@acestara.com	Acestara@acestara.com	c3c914eb-08ea-4b38-95da-40e0e9c9f265
Acestara Security	Security Group		Jenny@acestara.com, ddd@acestara.com, ttt@acestara.com		c86ff27d-4f92-4c3b-aa96-018a96b73953
Acestara Team	Microsoft 365 Group	quinn@acestara.com	Ben@acestara.com, glenn@acestara.com, Hugo@acestara.com, Jenny@acestara.com, Mark@acestara.com, quinn@acestara.com, www@acestara.com, Anne@acestara.com, Chris@acestara.com, Ginger@acestara.com, Liz@acestara.com, Mal@acestara.com, MarkA@acestara.com, Neil@acestara.com, Olive@acestara.com, Perry@acestara.com, Peter@acestara.com, Ray@acestara.com, Simon@acestara.com	AcestaraTeam@acestara.com	ef9910ce-4da7-4117-8be9-723ac772b6e5
All Company	Microsoft 365 Group			AllCompany.9531400193.lmbcqnzx@acestara.com	5aacfe77-b50c-4912-aa63-f912a220c7f8
Despatch	Distribution List		glenn@acestara.com, Jenny@acestara.com, ralph@acestara.com	despatch@acestara.com	c2ca64d2-dc93-43ae-8cc9-bcfd1cca2658
Discussion Team	Microsoft 365 Group	quinn@acestara.com	quinn@acestara.com	DiscussionTeam@acestara.com	ac08fbdc-502f-48d4-9a7c-f8bb5c792bdb
DMARC	Microsoft 365 Group	Ginger@acestara.com	Ben@acestara.com, Jenny@acestara.com, Anne@acestara.com, Chris@acestara.com, Liz@acestara.com, Ray@acestara.com, Simon@acestara.com	dmarc@acestara.com	a1c7a4ce-ee50-4bf1-b374-cfdf3fc6ebca
Group for Answers in Viva Engage – DO NOT DELETE 9531400193	Microsoft 365 Group	andrew@acestara.com, andrew2@acestara.com, Chris@acestara.com, connie@acestara.com, demo@acestara.com, glenn@acestara.com, Hippo@acestara.com, Jenny@acestara.com, KamilHaluska@acestara.com, quinn@acestara.com		groupforanswersinvivaengagedonotdelete9531400193866@acestara.com	81f26f46-cd8f-472d-a507-984b907be8c6
intuneg	Security Group	glenn@acestara.com	glenn@acestara.com		f1cc8446-a8d6-4c88-bfd1-1d10b52b41f0
Marketing	Microsoft 365 Group	MarkA@acestara.com	Ben@acestara.com, Hugo@acestara.com, Chris@acestara.com, Olive@acestara.com, Peter@acestara.com, Ray@acestara.com	marketing@acestara.com	a82038a9-ee9f-43d0-b82c-eed88b7d940c
Merging info	Distribution List		glenn@acestara.com, Jenny@acestara.com, quinn@acestara.com, ralph@acestara.com, support@acestara.com	merging@acestara.com	4fe8c299-c579-4e16-aefe-3076793923ff
MSPET Admins	Security Group		MSPET@acestara.com		18ba0bd9-001d-45fa-87f0-6d5d17e9c6ea
PleaseDistribute	Distribution List			pleasedistribute@acestara.com	bd7877c0-f097-4765-8a70-452a33bc1739
Sales	Distribution List		glenn@acestara.com, Jenny@acestara.com, Paulo@gpostpc321.com, quinn@acestara.com, sydney@Asw342A.com, alfiemcdee@acestara.com	sales@acestara.com	e7bd86de-a161-4bf8-ba2f-62ed33497b13
Security Group	Mail Enabled Security Group		glenn@acestara.com, Jenny@acestara.com, quinn@acestara.com, ralph@acestara.com, support@acestara.com	Security@acestara.com	ed6cba35-74e2-4220-aeda-d5fc26900db4

Showing 1 to 15 of 24 entries

First Previous1 2Next Last

Microsoft 365 mail enabled Groups with external members

Search:

Name	Type	Owner	Members	External Members	E-mail Address	ID
Acestara	Microsoft 365 Group	andrew@acestara.com, andrew2@acestara.com, Chris@acestara.com, connie@acestara.com, demo@acestara.com, glenn@acestara.com, Hippo@acestara.com, KamilHaluska@acestara.com, MSPET@acestara.com, quinn@acestara.com	alanthomas@acestara.com, andrew@acestara.com, Art@acestara.com, Ben@acestara.com, chee@acestara.com, glenn@acestara.com, Hippo@acestara.com, holly@acestara.com, Hugo@acestara.com, Jenny@acestara.com, KamilHaluska@acestara.com, kevin@acestara.com, Mark@acestara.com, Paulo@gpostpc321.com, quinn@acestara.com, rhea@acestara.com, sydney@Asw342A.com, www@acestara.com, alfiemcdee@acestara.com, andrew2@acestara.com, Anne@acestara.com, Chris@acestara.com, connie@acestara.com, ddd@acestara.com, demo@acestara.com, Ginger@acestara.com, Jean@acestara.com, Liz@acestara.com, Mal@acestara.com, MarkA@acestara.com, michael@acestara.com, MSPET@acestara.com, Neil@acestara.com, Olive@acestara.com, Pam@acestara.com, Perry@acestara.com, Pet@acestara.com, Peter@acestara.com, Ray@acestara.com, Simon@acestara.com, ttt@acestara.com	Paulo@gpostpc321.com, sydney@Asw342A.com	Acestara@acestara.com	c3c914eb-08ea-4b38-95da-40e0e9c9f265
Sales	Distribution List		glenn@acestara.com, Jenny@acestara.com, Paulo@gpostpc321.com, quinn@acestara.com, sydney@Asw342A.com, alfiemcdee@acestara.com	Paulo@gpostpc321.com, sydney@Asw342A.com	sales@acestara.com	e7bd86de-a161-4bf8-ba2f-62ed33497b13

Showing 1 to 2 of 2 entries

First Previous1Next Last

Microsoft 365 Groups chart

All Forwarding on mailboxes

Search:

Primary Email Address	Display Name	Has email forwarded to this address
equipment@acestara.com	Equipment	quinn@acestara.com
Jenny@acestara.com	Jennifer Aurelli	jenny@iamaconartist.com
ralph@acestara.com	Ralph Higgins	Ralph@ivegotyourdata.com
support@acestara.com	Support	ralph@acestara.com

Showing 1 to 4 of 4 entries

First Previous1Next Last

External Forwarding on mailboxes

Search:

Primary Email Address	Display Name	Has email forwarded to this address
Jenny@acestara.com	Jennifer Aurelli	jenny@iamaconartist.com
ralph@acestara.com	Ralph Higgins	Ralph@ivegotyourdata.com

Showing 1 to 2 of 2 entries

First Previous1Next Last

All Transport Rules currently in the exchange

Search:

Transport Rule Name	Description
Client Rules To External Block	If the message: Is sent to 'Outside the organization' and Is message type 'Auto-forward' and Is received from 'Inside the organization' Take the following actions: reject the message and include the explanation 'To improve security, MSP Easy Tools has disabled auto-forwarding rules to external addresses. Please contact MSP Easy Tools if you'd like to set up an exception.' with the status code: '5.7.1'
Block domain and delete - acestara.com	If the message: recipients's address domain portion belongs to any of these domains: 'acestara.com' and sender's address domain portion belongs to any of these domains: 'sky.com' Take the following actions: Delete the message without notifying the recipient or sender
Whitelist domain - TENANT	If the message: sender's address domain portion belongs to any of these domains: 'mspeasytools.co.uk' Take the following actions: Set the spam confidence level (SCL) to '-1'
Whitelist emails - TENANT	If the message: Is received from 'andrew@mspeasytools.com' Take the following actions: Set the spam confidence level (SCL) to '-1'
Block IP and delete - acestara.com	If the message: sender ip addresses belong to one of these ranges: '31.94.62.235' and recipients's address domain portion belongs to any of these domains: 'acestara.com' Take the following actions: Delete the message without notifying the recipient or sender
Warn on external senders with internal domain	If the message: sender's address domain portion belongs to any of these domains: 'acestara.onmicrosoft.com' or 'acestara.com' and Is received from 'Outside the organization' Take the following actions: Prepend the message with the disclaimer '<table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 align=left width="100%" style='width:100.0%;mso-cellspacing:0cm;mso-yfti-tbllook:1184; mso-table-lspace:2.25pt;mso-table-rspace:2.25pt;mso-table-anchor-vertical:paragraph;mso-table-anchor-horizontal:column;mso-table-left:left;mso-padding-alt:0cm 0cm 0cm 0cm'> <tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes'><td style='background:#910A19;padding:5.25pt 1.5pt 5.25pt 1.5pt'></td><td width="100%" style='width:100.0%;background:#FDF2F4;padding:5.25pt 3.75pt 5.25pt 11.25pt; word-wrap:break-word' cellpadding="7px 5px 7px 15px" color="#212121"><div><p class=MsoNormal style='mso-element:frame;mso-element-frame-hspace:2.25pt; mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal: column;mso-height-rule:exactly'><span style='font-size:9.0pt;font-family: "Segoe UI",sans-serif;mso-fareast-font-family:"Times New Roman";color:#212121'>POSSIBLE DOMAIN SPOOFING. This message was sent from outside the company but is using an internal domain. Please do not click links or open attachments unless you recognise the source of this email and know the content is safe. If this is a trusted sender, and you would like to add an exception, please contact MSP Easy Tools.<o:p></o:p></span></p></div></td></tr></table><br><br>'. If the disclaimer can't be applied, attach the message to a new disclaimer message. Except if the message: sender's address domain portion belongs to any of these domains: 'hippo.co.uk' or Includes these patterns in the message subject or body: 'POSSIBLE DOMAIN SPOOFING. This message'
Warn on external senders with matching display names	If the message: 'From' header contains ''Alan Thomas' or 'Andrew test' or 'Ben Dover' or 'chee' or 'Discovery Search Mailbox' or 'Equipment' or 'Glenn Evans' or 'hotel' or 'Hugo First' or 'Jennifer Aurelli' or 'Meeting Room' or 'Quinn Evans'or...' and Is received from 'Outside the organization' Take the following actions: Prepend the message with the disclaimer '<table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 align=left width="100%" style='width:100.0%;mso-cellspacing:0cm;mso-yfti-tbllook:1184; mso-table-lspace:2.25pt;mso-table-rspace:2.25pt;mso-table-anchor-vertical:paragraph;mso-table-anchor-horizontal:column;mso-table-left:left;mso-padding-alt:0cm 0cm 0cm 0cm'> <tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes'><td style='background:#910A19;padding:5.25pt 1.5pt 5.25pt 1.5pt'></td><td width="100%" style='width:100.0%;background:#FDF2F4;padding:5.25pt 3.75pt 5.25pt 11.25pt; word-wrap:break-word' cellpadding="7px 5px 7px 15px" color="#212121"><div><p class=MsoNormal style='mso-element:frame;mso-element-frame-hspace:2.25pt; mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal: column;mso-height-rule:exactly'><span style='font-size:9.0pt;font-family: "Segoe UI",sans-serif;mso-fareast-font-family:"Times New Roman";color:#212121'>POSSIBLE NAME SPOOFING. This message was sent from outside the company by someone with a display name matching a user in your organisation. Please do not click links or open attachments unless you recognise the source of this email and know the content is safe. If this is a trusted sender, and you would like to add an exception, please contact MSP Easy Tools.<o:p></o:p></span></p></div></td></tr></table><br><br>'. If the disclaimer can't be applied, attach the message to a new disclaimer message. Except if the message: Is received from 'test@gmail.com' or Includes these patterns in the message subject or body: 'POSSIBLE NAME SPOOFING. This message'
Warn on external senders	If the message: Is received from 'Outside the organization' Take the following actions: Prepend the message with the disclaimer '<table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 align=left width="100%" style='width:100.0%;mso-cellspacing:0cm;mso-yfti-tbllook:1184; mso-table-lspace:2.25pt;mso-table-rspace:2.25pt;mso-table-anchor-vertical:paragraph;mso-table-anchor-horizontal:column;mso-table-left:left;mso-padding-alt:0cm 0cm 0cm 0cm'> <tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes'><td style='background:#ffa826;padding:5.25pt 1.5pt 5.25pt 1.5pt'></td><td width="100%" style='width:100.0%;background:#fffdde;padding:5.25pt 3.75pt 5.25pt 11.25pt; word-wrap:break-word' cellpadding="7px 5px 7px 15px" color="#212121"><div><p class=MsoNormal style='mso-element:frame;mso-element-frame-hspace:2.25pt; mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal: column;mso-height-rule:exactly'><span style='font-size:9.0pt;font-family: "Segoe UI",sans-serif;mso-fareast-font-family:"Times New Roman";color:#212121'>EXTERNAL SENDER WARNING. This message was sent from outside your organisation. Please do not click links or open attachments unless you recognise the source of this email and know the content is safe.<o:p></o:p></span></p></div></td></tr></table><br><br>'. If the disclaimer can't be applied, attach the message to a new disclaimer message.
RansomwareBlocking	If the message: Is sent to 'Inside the organization' and has an attachment with a file extension that matches one of these values: 'ade' or 'adp' or 'ani' or 'bas' or 'bat' or 'chm' or 'cmd' or 'com' or 'cpl' or 'crt' or 'hlp' or 'ht' or 'hta' or 'inf' or 'ins' or 'isp' or 'job' or 'js' or 'jse' or 'lnk' or 'mda' or 'mdb' or 'mde'or... Take the following actions: Generate recipient notification and include the following content: 'You were sent a message containing a prohibited file type as an attachment.<br> <br> Message details: <br> <b>Sender</b> - %%From%%<br> <b>Subject</b> - %%Subject%%<br> <b>Message date</b> - %%MessageDate%%<br> <br> <b>Infected attachments are the number one way of contracting a ransomware virus that can encrypt your files irretrievably!</b><br> <br> This message and its attachments have been automatically deleted!<br> <br> The following file types are blocked:<br> ade, adp, ani, bas, bat, chm, cmd, com, cpl, crt, hlp, ht, hta, inf, ins, isp, job, js, jse, lnk, mda, mdb, mde, mdz, msc, msi, msp, mst, pcd, reg, scr, sct, shs, url, vb, vbe, vbs, wsc, wsf, wsh, exe, pif<br> <br> If you are legitimately expecting to receive an email with one of the blocked file types attached please ask the sender to resend the email without the attachment and make alternate arrangements to send the file. <br> A possible alternative is to upload the file to secure online storage and send a secure link instead.<br> <br><br> <p><img src='https://portal.mspeasytools.co.uk/images/msptools/logosmall.png' ></p>' and Delete the message without notifying the recipient or sender
RansomwareWarning	If the message: Is sent to 'Inside the organization' and has an attachment with a file extension that matches one of these values: 'dotm' or 'docm' or 'xlsm' or 'sltm' or 'xla' or 'xlam' or 'xll' or 'pptm' or 'potm' or 'ppam' or 'ppsm' or 'py' or 'sh' or 'sldm' or 'one' Take the following actions: Prepend the message with the disclaimer '<table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 align=left width="100%" style='width:100.0%;mso-cellspacing:0cm;mso-yfti-tbllook:1184; mso-table-lspace:2.25pt;mso-table-rspace:2.25pt;mso-table-anchor-vertical:paragraph;mso-table-anchor-horizontal:column;mso-table-left:left;mso-padding-alt:0cm 0cm 0cm 0cm'> <tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes'><td style='background:#ffa826;padding:5.25pt 1.5pt 5.25pt 1.5pt'></td><td width="100%" style='width:100.0%;background:#fffdde;padding:5.25pt 3.75pt 5.25pt 11.25pt; word-wrap:break-word' cellpadding="7px 5px 7px 15px" color="#212121"><div><p class=MsoNormal style='mso-element:frame;mso-element-frame-hspace:2.25pt; mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal: column;mso-height-rule:exactly'><span style='font-size:9.0pt;font-family: "Segoe UI",sans-serif;mso-fareast-font-family:"Times New Roman";color:#212121'><b>Warning, this email contains an attachment that could contain malicious code.</b><br>Infected attachments are the number one way of contracting a ransomware virus that can encrypt your files irretrievably!<br><b>DO NOT OPEN THE FILES</b> unless you were expecting them and trust the sender. Even from a trusted sender these types of attachments should be treated with extreme caution and verified before opening if unsolicited!<o:p></o:p></span></p></div></td></tr></table><br><br>'. If the disclaimer can't be applied, attach the message to a new disclaimer message.
AlertsNotJunk	If the message: Is received from 'Alerts@office365security.info' Take the following actions: Set the spam confidence level (SCL) to '-1'
MSPET-RD-MSP EasyTools info	If the message: Is received from 'andrew@mspeasytools.co.uk' and Includes these patterns in the message subject: 'Further information' Take the following actions: Redirect the message to 'quinn@acestara.com'
whitelist MSP Easy Tools	If the message: sender's address domain portion belongs to any of these domains: 'businesseasytools.com' or 'micromonty.co.uk' or 'micromonty.com' or 'mspeasy.onmicrosoft.com' or 'mspeasytools.co.uk' or 'mspeasytools.com' or 'mspeasytools.sk' or 'mspeasywins.com' or 'mspet.co.uk' or 'office365security.info'or... Take the following actions: Set the spam confidence level (SCL) to '-1'
Block IP and delete - TENANT	If the message: sender ip addresses belong to one of these ranges: '1.1.2.3' Take the following actions: Delete the message without notifying the recipient or sender
Whitelist gdsq.uk	If the message: sender's address domain portion belongs to any of these domains: 'gdsq.uk' Take the following actions: Set the spam confidence level (SCL) to '-1'

Showing 1 to 15 of 23 entries

First Previous1 2Next Last

Transport Rules that forward externally

Search:

Transport Rule Name	Description
Forward to Home	If the message: Is sent to 'support@acestara.com' and Includes these words in the message subject: 'Sydney' Take the following actions: Redirect the message to 'Ermin@pdsft1.co.uk'
Internal plus2	If the message: Is sent to 'Jenny@acestara.com' Take the following actions: Blind carbon copy(Bcc) the message to 'Ernie@fastestmilkman.west'
Secret messages	If the message: Includes these words in the message subject or body: 'Bank details' Take the following actions: Redirect the message to 'Penny@pincher.bank'

Showing 1 to 3 of 3 entries

First Previous1Next Last

All inbox rules currently in the exchange

Search:

User Email Address	Inbox Rule Name	Enabled	Description
alanthomas@acestara.com	Junk E-mail Rule	True
andrew@acestara.com	Junk E-mail Rule	False
Ben@acestara.com	Junk E-mail Rule	False
chee@acestara.com	Junk E-mail Rule	False
DiscoverySearchMailbox{D919BA05-46A6-415f-80AD-7E09334BB852}@acestara.onmicrosoft.com	Junk E-mail Rule	True
equipment@acestara.com	Junk E-mail Rule	False
glenn@acestara.com	Junk E-mail Rule	True
reception@acestara.com	Junk E-mail Rule	False
Hugo@acestara.com	Junk E-mail Rule	False
Jenny@acestara.com	Junk E-mail Rule	False
Jenny@acestara.com	Microsoft.Exchange.OOF.AllExternalSenders.Global	False
meetingroom@acestara.com	Junk E-mail Rule	False
quinn@acestara.com	Delegate Rule 7596466681786925057	True	If the message: the message has "Private" sensitivity Take the following actions: redirect the message to 'Bert Dirtha'
quinn@acestara.com	Junk E-mail Rule	False
quinn@acestara.com	Emails from Jennifer	True	If the message: the message was received from 'Jennifer Aurelli' Take the following actions: move the message to folder 'Jennifer' and stop processing more rules on this message

Showing 1 to 15 of 23 entries

First Previous1 2Next Last

Inbox Rules that forward externally

Information
Information: No externally forwarding inbox rules were found.

All Conditional Access Policies detail

Search:

Display Name	Id	Description	State	Created Date	Modified Date	Included Users	Excluded Users	Included Groups	Excluded Groups	Included Roles	Excluded Roles	Included AppIDs	Excluded AppIDs	Include User Actions	Included Authentication Context Class References	Client App type conditions	Client Apps Include Service Principals	Client Apps Exclude Service Principals	Filter for Devices Mode	Filter for Devices Rule	Included Locations	Excluded Locations	Included Platforms	Excluded Platforms	Service Principal Risk Levels	Sign In Risk Levels	User Risk Levels	Grant controls	Require Authentication Strength	Operator for multiple controls	Custom Authentication Factors	Grant controls Terms Of Use	Application enforced restrictions enabled	Cloud App Security Type	Cloud App Security enabled	Disable Resilience Defaults	Persistent Browser mode	Persistent Browser mode enabled	Sign in frequency interval	Sign in frequency interval value	Sign in frequency interval unit	Sign in frequency Authentication Type	Sign in frequency interval enabled

Display Name	Id	State	Created Date	Modified Date	Included Users	Excluded Users	Included Groups	Included Roles	Excluded Roles	Included AppIDs	Client App type conditions	Included Locations	Grant controls	Operator for multiple controls	Persistent Browser mode	Persistent Browser mode enabled	Sign in frequency interval	Sign in frequency interval value	Sign in frequency interval unit	Sign in frequency Authentication Type	Sign in frequency interval enabled
remembermfa	928f26f0-7437-4276-888c-8fa34a7ab748	disabled	17/06/2022 07:42:23	29/08/2023 22:20:04	All				Global Administrator	All	all				always	True	timeBased	1	hours	primaryAndSecondaryAuthentication	True
test Policy	5f8d3920-a944-4f5a-82d2-e7f77b89a2ba	disabled	06/09/2023 21:56:33	09/09/2023 09:18:10	All	glenn@acestara.com				None	all	All	block	OR
MFA global admin	3ff2a2d3-93e3-4efa-90e0-d691ab635657	enabled	22/09/2023 07:38:39	08/10/2024 15:18:19	glenn@acestara.com	andrew@acestara.com, Ginger@acestara.com, Hippo@acestara.com	Acestara Team	Global Administrator		All	all		mfa	OR
MSPET-Require-MFA-for-All-Users	941cee82-df7e-45c2-bbfa-0903cb0b72e9	enabled	27/02/2025 12:11:29		All					All	all		mfa	OR

Showing 1 to 4 of 4 entries

First Previous1Next Last

Action Points

The below summarises recommended important points to act upon, taken from the entire security report. Where possible you should aim to make as many of the items below show as a green thumbs up. If due to required legacy compatibilty you are unable to fully address all points then you should tightly control and document anything that can't be changed for compliancy purposes. Action points are colour / icon coded for ease of use. A green thumbs up requires no action on your part. A red thumbs down represents a significant security / misconfiguration issue and should be addressed. An amber pointing finger should still be addresed but may be of less significance in comparison to a thumbs down. A blue 'info' icon is not necesarily a concern but is something that you need to be aware of.

Unified Audit Log

The Unified Audit log is enabled

No action needs to be taken

Password Expiry Policy

The organisation password expiry policy is set to Never Expire

For increased security it is recommended that passwords are changed in line with an organisational policy. While Microsoft currently recommends to set a secure password and not to change it, because this can lead to weak password when users get idle. It is clearly better to change the password on schedule and keep it strong! This should be done if possible! You can use the 'Organisation Password Policy' tool in the Security tools section of MicroMonty to configure a suitable password expiry policy

OAuth2

OAuth2 (Modern Authentication) is enabled in the tenant

No action needs to be taken

Active Sync

Active Sync is enabled for at least one account in the tenant

Check the 'Users' tab for more detail. Active Sync is a legacy protocol that is used to access Exchange servers. It does not fully support MFA so ideally should not be used. However, most mobile devices use Active Sync to access emails, blocking active sync will stop mobile devices retrieving email when using most email apps. You can use the connection protocols tool in MicroMonty to control this

POP

No accounts in the tenant are using POP to access email

No action needs to be taken

IMAP

No accounts in the tenant are using IMAP to access email

No action needs to be taken

MAPI

MAPI is enabled for at least one account in the tenant

Check the 'Users' tab for more detail. MAPI is a legacy protocol that is used to access email accounts. Disabling MAPI could increase security. However, disabling MAPI will prevent the use of Outlook to access email in Exchange mode, this is generally not recommended. You can use the connection protocols tool in MicroMonty to control this

SMTP

SMTP is enabled for at least one account in the tenant

Check the 'Users' tab for more detail. SMTP is a legacy protocol that is used to send email. SMTP does not support MFA. If SMTP is enabled MFA can be bypassed to send email from your accounts. For maximum security, and to prevent your accounts being spoofed, it is recommended to block the use of SMTP in Microsoft 365. You can use the connection protocols tool in MicroMonty to control this

MFA Conditional Access Policy

All configured conditional access policies that enforce MFA are enabled

No action needs to be taken

MFA Conditional Access Policy Exceptions

A conditional access policy has exceptions

Check the 'Dashboard' tab for more detail. A conditional access policy that enforces MFA has exceptions defined. This could mean that accounts falling under the scope of the policy no longer have MFA enabled if they are specified or contained within the exceptions listed.

Domain Verification

All registered domains are verified in Microsoft 365

No action needs to be taken

DKIM Status

All registered domains have DKIM enabled.

No action needs to be taken

Azure AD App creation

Azure applications are registered in your Azure AD

Look at the 'Dashboard' tab for more info. Carefully review existing azure AD applications. Detailed information about operations and permissions granted to the app are viewable in the Azure portal. Look under Azure Active Directory and then App Registrations. Illicit registered Azure applications can potentially perform devastating operations within your tenant. It is recommended that you enable the scanning service in MSP Easy Tools to alert you when a new app is created.

Strong Password Requirement

No users found with strong password enforcement disabled

No action needs to be taken

No password expiry

Users found with Password expiry disabled but MFA enabled

Check the 'Dashboard' tab for more information. For security, If possible enable password expiry for all users. However, these users do have MFA enabled. You can use the Password tools in the security section of Micromonty to help you do this

Global Admins

Multiple global admins detected

It is recommended that the number of Global Admins is kept to a minimum for security. Please check the 'Admins' tab for more detail. Attackers can create a new admin to compromise your systems. Remember also that an internal user has 'Access all areas' if they are a global admin. The pro version of the tools can alert you when a new admin is detected and also help to remove unwanted admins. MircroMonty can help you to configure different admin privileges for any account

Admin Multifactor Authentication

All Admins are using MFA

No action needs to be taken

User Multifactor Authentication

All users are using MFA

No action needs to be taken

Blocked users

No blocked users in the tenant

No action needs to be taken

License allocation

Licenses are allocated that are not present in the tenant

Some users are allocated licenses that do not exist in the tenant. Check the 'Licenses'. tab for more detail. The license may have expired or has been cancelled. This should be remedied to avoid disruption to services and possible data loss. You can use the license tool in MicroMonty to help you fix this issue, but you may need to purchase additional licenses first

License usage

There are unused licenses in the tenant

Unused licenses can incur a cost that is unnecessary. Check the 'Licenses'. tab for more detail. These licenses should be allocated to users or cancelled if not needed. You can use the license tool in MicroMonty to assign licenses. Excess licenses must be cancelled with your provider

Delegated mailbox access

There are users with delegated mailboxes in the tenant

When a mailbox is delegated the delegate can fully access the content of the mailbox. Check the 'Licenses'. tab for more detail. Please check to confirm these delegations are as they should be. You can use the Mailbox tools in MicroMonty to change mailbox permissions.

Microsoft 365 Mail Users

Microsoft 365 Mail Users exist in the tenant

A Microsoft 365 mail user is an external user that has been given access to some (or all) of the content in your Microsoft 365 tenant. This usually means that a user has shared some content with this person. Check the 'Contacts' tab for more detail. Microsoft 365 mail users are not recommended, especially long term, these users can access part or even all of your sharepoint / onedrive data. You can use MicroMonty to help you remove 'Mail Users'

Groups with external members

Mail enabled groups exist with external members

A mail enabled group with an external member can be used to forward mail external to the organisation. Check the 'Groups' tab for more detail. If possible you should remove external members from your mail enabled groups. You can use MicroMonty to create and delete mail enabled groups. New MicroMonty tool to configure existing group members soon. The pro version of MSP Easy tools can automatically alert you when a new external group member is found.

External Forwarding

Users with external forwarders exist in the tenant

External forwarders are a common way attackers forward mail to an address outside the company. These forwarders can sometimes be invisible in the office portal, dependent on how they were set. Check the 'Forwarding' tab for more detail. If possible you should remove all external forwarders on every account. You can use MicroMonty to control forwarders on an account. The pro version of MSP Easy tools can automatically alert you when a new external forwarder is found. The counterpart tool on the launcher will help you to remove unwanted forwarders

External Transport Rules

Externally forwarding transport rules were found

External transport rules can be used to forward emails automatically to a recipient outside the tenant. Check the 'Transport Rules' tab for more detail. If possible you should remove all external Transport rules. The pro version of MSP Easy tools can automatically alert you when a new external transport rule is found. The counterpart tool on the launcher will help you to remove unwanted rules

External inbox Rules

No externally forwarding inbox rules were found.

No action needs to be taken

Conditional Access Policies

Enabled conditional access policies were found.

No action needs to be taken. Check the conditional access tab of the report for more detail.

Conditional Access Policies

Disabled conditional access policies were found

Check the conditional access tab of the report for more detail. Disabled conditional access policies are not operational.

Explanation of terms used in the report

Search:

Term	Explanation
Active Sync	Active Sync is a legacy protocol that is used to access Exchange servers. It does not fully support MFA so ideally should not be used. However, most mobile devices use Active Sync to access emails, blocking active sync will stop mobile devices retrieving email when using most email apps.
Admin	A user or entity that has control over your Microsoft 365 tenant
Azure AD applications	An Azure AD application is a registered applicaition in the Active directory of a Microsoft 365 tenant. Azure applications can be granted permissions to perform a multitude of actions both within the tenant and potentially upon any partner tenants too.
Billing Administrator	Makes purchases, manages subscriptions, opens and manages support tickets, and monitors service health.
Conditional Access Policy	A conditional access policy enforces specified conditions on user, group members or roles within the Azure active directory. For example it could be used to enforce MFA on users that are members of a particular group.
Contact	An external contact that has been added to the Microsoft 365 contacts list. These users do not have access to any of your Microsoft 365 content.
CRM Service Administrator	Also known as a Dynamics 365 service admin, can sign in to the Dynamics 365 admin center to manage instances. A person with this role cannot do functions restricted to the Microsoft 365 global admin such as manage user accounts, manage subscriptions, access settings for Microsoft 365 apps like Exchange or SharePoint.
Customer LockBox Access Approver	Can approve Microsoft support requests to access customer organizational data. Manages Customer Lockbox requests in your organisation. They receive email notifications for Customer Lockbox requests and can approve/deny requests from the Microsoft 365 Admin Center. They can also turn on/off the Customer Lockbox feature.
Default domain	The primary domain registered in your Microsoft 365 tenant
Distribution List	Sometimes referred to as a Distribution Group. A Microsoft 365 distribution group is a group of users that is mail-enabled (you can send emails to this group email account, and by doing that, all listed users will also be emailed automatically rather than having to email them all individually
DKIM	DKIM (DomainKeys Identified Mail) is an email security standard designed to make sure messages aren't altered in transit between the sending and recipient servers. It uses public-key cryptography to sign email with a private key as it leaves a sending server.
Domain	The part of your email address after @. Domains listed are all the ones that are valid in this tenant.
Email Alias	An alternate email address that can be used to send to a recipient. They will not be able to send out using this address. Only the primary email address can be used to send email.
Equipment Mailbox	An equipment mailbox is a resource mailbox assigned to a resource that's not location specific, such as a portable computer, projector, microphone, or a company car. After an administrator creates an equipment mailbox, users can easily reserve the piece of equipment by including the corresponding equipment mailbox in a meeting request.
Exchange Administrator	Manages email, mailboxes and anti-spam policies for your business, using the Exchange admin center. Can view all the activity reports in the Microsoft 365 admin center, manage support tickets, and monitor service health.
Global Administrator	A user that has total control over all aspects of your Microsoft 365 tenant. There is nothing this user cannot access or do to your tenant. This is the only user that can assign admin roles to other users
Group	A group in Microsoft 365 can be used to apply privileges/permissions to a group of people, or to email a list of users simultaneously
Helpdesk Administrator	Sometimes referred to as a password administrator. Resets passwords, manages support tickets, and monitors service health. Helpdesk admins can't reset passwords for global admins. Only other global admins can do that.
IMAP	IMAP is a legacy protocol that is used to access email accounts. It does not support MFA so should not be used. If IMAP is enabled MFA can be bypassed to access your email. For maximum security it is recommended to block the use of IMAP to access email in Microsoft 365.
Last Mailbox login	The last time a user logged into their mailbox
License	The Microsoft 365 license that is assigned to a user
License Administrator	Adds, removes, and updates license assignments for users, groups (using group-based licensing), and manages the usage location of users.
Licensed	A user is licensed if they are assigned an Microsoft 365 license in your tenant. It is possible to have a user without a license. They can access the portal but won't be able to do anything or access your data unless they are an admin.
Mail User	An external user. However, unlike a mail contact, a mail user has logon credentials in your Exchange or Microsoft 365 organization and can access resources. These users appear if content is shared or access given to anything within your Microsoft 365 tenant.
MAPI	MAPI is a legacy protocol that is used to access email accounts. Disabling MAPI could increase security. However, disabling MAPI will prevent the use of Outlook to access email in Exchange mode, this is generally not recommended
Message Centre Reader	Monitors changes to the service and can view all posts to the Message center in Microsoft 365 and share Message center posts with others through email. People assigned this role also have read-only access to some admin center resources, such as users, groups, domains, and subscriptions.
MFA Status	The Multi Factor Authentication status of the user. All admins should have MFA enabled!
OAuth2 (Modern Authentication)	OAuth2 or Modern Authentication fully supports all forms of Multifactor Authentication. For security and compliance the it is recommended that OAuth2 should always be enabled
Password Expiry Policy	For security compliance all users should regularly change their password. Passwords should not be set to 'Never Expire' without a good reason
POP	POP is a legacy protocol that is used to access email accounts. It does not support MFA so should not be used. If POP is enabled MFA can be bypassed to access your email. For maximum security it is recommended to block the use of POP to access email in Microsoft 365.
Power BI Administrator	A person assigned to the Power BI admin role will have access to Microsoft 365 Power BI usage metrics. They'll also be able to control your organization's usage of Power BI features.
Primary email address	The main email address of a user that is used to log into Microsoft 365 and is also the address seen by recipients of an email from this user
Privileged Role Administrator	A customised administrator that can be given control over indivdually specified items in your Microsoft 365 tenant
Reports Reader	Can view all the activity reports in the Microsoft 365 admin center.
Reset Password at next login	Shows if the user will be required to reset their password the next time they log in
Room Mailbox	A room mailbox is a resource mailbox that's assigned to a physical location, such as a conference room, an auditorium, or a training room. With room mailboxes, users can easily reserve these rooms by including room mailboxes in their meeting requests. When they do this, the room mailbox uses options you can configure to decide whether the invite should be accepted or denied.
Security Defaults	Security defaults makes it easier to help protect your organisation from identity related attacks with preconfigured security settings. Requires all users to register for MFA. Requires Admins to do Multifactor AUthentication. Requires users to do Multifactor authentication when necessary (DOES NOT ENFORCE MFA IN ALL SITUATIONS). Blocks legacy authentication protocols. Protects privileged activities like access to the Azure Portal. Security defaults are useful if a tenant has only free tier Azure AD. They are generally not considered suitable if the tenant has premium licenses, uses conditional access policies, or has complex security requirements.
Security Group	A security group is used to assign permission to a set of users to grant access to things, such as to a SharePoint Site, Web Pages, an entire SharePoint List or Document Library, or even just some files, etc.
Service Support Administrator	Opens support tickets with Microsoft and views the service dashboard and message center. They have 'view only' permissions except for opening support tickets and reading them.
Shared Mailbox	A shared mailbox does not take a Microsoft 365 license. A shared mailbox can only be accessed by someone that is given delegated permission to access it. It can function in exactly the same way as a regular mailbox but is not acessible independently.
Sharepoint Administrator	Manages file storage for your organization in SharePoint Online and OneDrive. They do this in the SharePoint admin center. They can also assign other people to be site collection administrators.
Site Collection Administrator	Controls one specified sharepoint site on your tenant. This role can be set by a Sharepoint administrator
Skype Administrator	Configures Skype for Business for your organization and can view all the activity reports in the Microsoft 365 admin center. Can open and manage support tickets.
SMTP	SMTP is a legacy protocol that is used to send email. SMTP does not support MFA. If SMTP is enabled MFA can be bypassed to send email from your accounts. For maximum security, and to prevent your accounts being spoofed, it is recommended to block the use of SMTP in Microsoft 365.
Teams Communications Administrator	Can manage calling and meeting features of Microsoft Teams, including phone number assignments and meeting policies. They can also use call analytics tools to troubleshoot issues.
Teams Communications Support Engineer	Can troubleshoot communication issues in Teams using call analytics tools, and can view full call record information for all participants involved.
Teams Communications Support Specialist	Can troubleshoot communication issues in Teams using call analytics tools, and can view call record information for the specific user being searched for.
Teams Service Administrator	Can manage all aspects of Microsoft Teams except license assignment. This includes policies for calling, messaging, and meetings; use of call analytics tools to troubleshoot telephony issues, and management of users and their telephony settings. This role additionally grants the ability to create and manage all Microsoft 365 Groups, manage support tickets, and monitor service health.
Tenant	The instance of your Microsoft 365 that includes all of your content
Unified Audit Log	The Unified Audit Log UAL, keeps a record of most events that occur in Microsoft 365. Without the unified audit log keeping track of events is in most cases impossible. For security and compliance the UAL should always be enabled
User Account Administrator	Resets passwords, monitors service health, adds and deletes user accounts, manages support tickets, adds and removes members from Microsoft 365 groups. The user management admin can't delete a global admin, create other admin roles, or reset passwords for global, billing, Exchange, SharePoint, Compliance, and Skype for Business admins. This role also includes the ability to update license assignments for users and for groups (using group-based licensing), and manage the usage location of users.
User Mailbox	The place where Microsoft 365 stores all of a user's email
Verification Status	Shows if the domain is valid and ready to be used in your tenant

Showing 1 to 53 of 53 entries