Trying to copy and paste into the body of an email in Office 365 while using Internet Explorer 9 prompts for clipboard access.
Pressing allow or block causes OWA to crash with an Internet Explorer has stopped working message.
This is an Internet Explorer 9 issue and since Office 365 is designed to work with the current or immediately previous version of Internet Explorer, it is recommended to upgrade to the latest version of IE.
If unable to upgrade at this time, the following workaround will help:
Copy and paste should now be enabled in OWA.
For more information refer to the Office 365 forum
By default when accessing Outlook Web App on an Android device users are forced to use OWA light.
By making a slight change to the URL used to access OWA, users can load the full OWA experience from their Android device.
From a smartphone, use the following URL: https://<servername>/owa/?layout=tnarrow
Adding ?layout=tnarrow will give you a narrow view for the phone.
From a tablet or device with a larger screen than a smartphone, use the following URL: https://<servername>/owa/?layout=twide
Adding ?layout=twide will give you a wide view for tablet use.
Messageware OWA Desktop users with an Office 365 account using Internet Explorer 10 on a Windows 8 x64bit operating system may experience a crash when previewing Microsoft Office document attachments in Outlook Web App.
To prevent this occurrence there are two options available to the user:
When opening a contact in Business-Card view, the Outlook user does not have access to any Notes included with the contact.
When opening the same contact with People view, the Notes field is populated:
If you have set up your computer to use Outlook Web App offline, and then log into OWA with a different account, the App cache of any offline user on the machine will be cleared.
The new user logging in will be presented with the following message:
John Smith has set up this computer to be able to use Outlook Web App offline. If you sign into Outlook Web App, John Smith will no longer be able to use mail offline.
The use then has the choice to cancel their sign in or to sign in anyway.
By Ross Smith IV, Blogs.TechNet.com
Dedicated OAB Generation Mailboxes in Cumulative Update 5
CU5 moves away from the previous model where an OAB generation mailbox generates all the OAB’s in the organization. While an OAB generation mailbox can continue to generate multiple OABs (the default behavior when you deploy Exchange 2013), what’s new in CU5 is that an OAB can only be assigned to a single OAB generation mailbox.
This architectural change addresses the aforementioned deficiencies:
From a connectivity perspective, Autodiscover provides back an OAB URL for the site in which the user’s mailbox is located. That URL resolves to a Client Access server which proxies the request to the linked OAB generation mailbox that is responsible for generating the requested OAB.
As a result, Contoso can now display the following OAB architecture:
Redmond users will now only download the Redmond OAB from the Redmond AD site and Portland users will only download the Portland OAB from the Portland AD site. Neither set of users will have an OAB full download as a result of traveling between locations because the users will always be referred back to the Mailbox server hosting the OAB generation mailbox that contains their OAB.
To read the full article, go to: The Exchange Team Blog
By Office 365 Team, OfficeBlogs.com
Molly has asked Alex to watch over her calendar while she is out. In order to give others access to her calendar, she needs to first share her calendar with them and then give them delegate permissions. She starts by clicking SHARE in the top right corner of the calendar module. She can also do this by right-clicking her calendar to open a context menu where she can click share calendar.
She then types in Alex’s name, and if he doesn’t immediately show up, she can search for him in Contacts & Directory.
Alex is now added to the list, and she can select which permissions she wants him to have. In this case, she wants him to be a Delegate.
A couple of things to note here. We inform you that a delegate is going to get copies of all your meeting requests. This is so they can respond on your behalf without having to open your calendar or inbox to do so. Appointments you have marked Private are by default not viewable by a delegate, although we give you the option to allow this.
Once Molly is done here, Alex will get an email confirming the permissions she has given him. You’ll notice that she changed the subject to “Please monitor my calendar while I’m out” as a customized reminder to him. Once everything is all set, she clicks SEND at the top.
Now Molly can take her leave with the peace of mind that Alex has everything he needs to manage her calendar.
But what about when she returns? Does Alex still need to have delegate permissions to her calendar? Maybe he does, maybe he doesn’t, or maybe he just needs to see her calendar but not respond to any of her meeting requests. Molly can configure all of these scenarios. She simply right-clicks her calendar and selects permissions…
From here Molly can see that Alex has delegate permissions and Sara can see full details. If she wants, she can just remove Alex by clicking the x on his card or she can choose to downgrade his permissions to something less, like “Full details” or “Limited details.”
Molly can also configure how her meeting requests are to be handled. Her delegates will always get a copy of the meeting request and will be allowed to respond on her behalf. The question is, what does she want to see in her own inbox? Does she want to be able to respond to meeting requests for herself? If so, she can select “Both delegate and me.” If she just wants to know that she has a meeting request but doesn’t want to take action on it, then she can select “Delegate only. Send me notifications.” Lastly, if she doesn’t want to be bothered with meeting requests at all, she can select “Delegate only.”
Molly can also configure delegate access to her calendar from her tablet device. She can open up Outlook Web App with a compatible mobile browser or OWA for iPad, and follow the same set of commands.
As you can see, delegate access configuration is a powerful feature. It’s something Outlook users have had for a long time, but now it’s also available on Outlook Web App.1 This provides users even more options to ensure their work gets done, even when they’re on vacation or leave.
To read the full article, go to: OfficeBlogs.com
By Office 365 Team, OfficeBlogs.com
Let’s say you’re about to go on vacation and you don’t want to distract yourself from your fun, so you’ve decided to turn work email off on your phone and leave your laptop at home for this trip. Even though you’re off having a good time, it’s still business as usual in the office, and someone needs to check your email and calendar to make sure everything runs smoothly while you’re away. This is where delegate access comes in. Whether you need your coworker to check your inbox or your admin to manage your calendar, the ability to give delegate access to your Exchange Online data is important. Historically, the ability to configure delegate access was available only in Outlook. Now, you’re able to configure both folder permissions and calendar delegation directly from Outlook Web App 2013 and Office 365
Let’s take a quick look at how this works.
Folder permissions in Outlook Web App
Molly is planning to take some time off from work and needs Alex to cover for her. With Outlook Web App, she can quickly and easily give Alex permissions to view and modify the messages in her mailbox.
To share one of her mail folders with Alex (her inbox, in this case), Molly just needs to right-click it and select “permissions.”
This brings up the folder permissions dialog box.
At the top of the dialog box is a list of people other than Molly who currently have permissions to view the folder. In this case, since this is the first time Molly’s changed her folder permissions, there’s no one in the list yet.
To give Alex permissions to her inbox, Molly clicks the PLUS SIGN (+) at the top left of the dialog box and then types Alex’s name.
After selecting Alex and clicking add, Molly can choose from several predefined permissions settings in the drop-down menu or, if she prefers, she can configure custom permissions.
Once she has set Alex’s permissions appropriately, she just needs to click ok and she’s done.
If Molly wants to give Alex permissions to view any folder other than her inbox, there’s one more step. After setting permissions for the folder she wants to share, she also needs to click her mailbox’s root folder (“Molly Dempsey”) and grant permissions to that as well.
Again, this is necessary only if she wants to share a folder other than her inbox.
Now let’s take a look at Alex’s inbox. In order to see Molly’s mail, Alex needs to right-click his mailbox’s root folder (“Alex Darrow”) and select add shared folder…
He then simply needs to enter Molly’s name, and he’s done-he can view and, if she has allowed him, modify the contents of her inbox. He can tell he’s in Molly’s inbox because her name appears at the top of the message list.
Once he’s set himself up to view Molly’s mail on his desktop, Alex can also view her mail on his tablet and phone! He can open up Outlook Web App with a compatible mobile browser or with an app such as OWA for iPhone or OWA for iPad. He then just needs to tap the folder button at the bottom of the screen. This will bring up a list of his folders, as well as the folder that Molly has shared with him.
At that point, he can click Molly’s inbox and view it like any other folder.
To read the full article, go to: OfficeBlogs.com
After upgrading to Outlook 2013 Service Pack 1, users are unable to login to their Outlook profile and receive an error from Outlook.
In Exchange Server 2013 SP1 and Outlook 2013 SP1, Microsoft changed the protocol that Outlook uses when connecting to an Exchange Server 2013 SP1 server. It now uses MAPI over HTTP, prior it was using the RPC over HTTP protocol.
The CAS would need to be configured to use MAPI and below are the commands that are required to correct the connection from Outlook to Exchange Server 2013.
First, confirm the status of MAPI in your Exchange environment. Using Exchange Management Shell, type the following command:
Get-OrganizationConfig | fl *mapi*
Second, confirm if the Mapi Virtual Directory has a URL configured.
Get-MapiVirtualDirectory | fl *url*
Third, type the following command to set the Mapi Virtual Directory URL and setting the authentication protocols.
Perform an IISRESET in the exchange management shell.
When users open up their Outlook 2013 running SP1, it will now load the profile successfully.
By Brian Posey, Techtarget.com
Migrating from Exchange Server 2010 to Exchange Server 2013 is rarely an easy process, but you can make the migration less painful by using this 12-step plan. We'll cover digital certificates, mail flow, training and everything else that will come up during your organization's Exchange 2013 migration.
Even though Exchange Server 2013 has been widely regarded as one of the less significant Exchange Server releases, there are major architectural differences between Exchange Server 2010 and Exchange Server 2013. Your IT staff needs to receive the proper training before you even think about performing a migration. Similarly, it's a good idea to provide users with some updated training if they're used to Outlook Web App.
The Exchange Server 2013 system requirements are similar to those for Exchange Server 2010. Even so, reviewing the system requirements is an important part of the deployment planning process so you don't run into issues later on.
Prior to installing Exchange Server 2013, make a full system backup of your existing Exchange Servers and Active Directory. Deploying Exchange Server 2013 involves making updates to Active Directory, so you will need a way to roll back the directory if something were to go wrong.
The next step in the Exchange 2013 migration process is to install Exchange Server 2013. You'll need to prepare your Active Directory and download the latest updates prior to performing the installation. In fact, the original RTM release of Exchange Server 2013 wasn't even compatible with Exchange Server 2010. It was only possible to join Exchange 2013 servers to an Exchange Server 2010 deployment once Cumulative Update 1 was released.
After the Exchange Server 2013 installation completes, verify that the installation was successful. To make sure there weren't any critical errors, start by reviewing the setup logs and looking at the Application log in the Event Viewer. You can also use the Get-ExchangeServercmdlet in the Exchange Management Shell to make sure the new Exchange Server is recognized.
When you've verified the new server's functionality, enter your product key. This is a simple step, but it's so simple that it's easy to forget.
The next thing you should do in your Exchange 2013 migration is add digital certificates to the Client Access Server. Exchange Server 2013 includes a self-signed certificate that can be used for SSL encryption, but the self-signed certificate isn't appropriate for production use. You must provide your Client Access Server with a certificate created by a reputable, trusted certificate authority.
To read the full article, go to: searchexchange.techtarget.com
An attack campaign using advanced cyber-espionage techniques launched against Office 365’s Outlook Web App users in an attempt to steal email log-in credentials from the employees of military agencies, embassies, defense contractors and international media outlets.
Further reading material can be found at PC World
Third party OWA Security software can be found at www.messageware.com
By The Office Team, Blogs.Office.com
At the Microsoft Exchange Conference (MEC) in March, we announced that we’ll be bringing a native OWA mobile app to Android phones. Today, we’re pleased to announce a pre-release of this app available in the Google Play Store.
During this pre-release, we’ll be gathering feedback, fixing bugs and making sure the app is ready for prime time! The app distribution will be limited to a few devices to begin with. We’ll be adding new device support regularly, so if your device isn’t supported right now, check back often. Also, let us know which devices we should add next by voting here. Learn more about the background behind OWA for Android on this week’s Garage Series.
Can I use OWA for Android?
Here are the requirements to use OWA for Android:
To read the full article, go to: Office Blogs
By The Exchange Team, Blogs.TechNet.com
The Exchange team has announced the availability of our most recent quarterly servicing update to Exchange Server 2013. Cumulative Update 5 for Exchange Server 2013 and updated UM Language Packs are now available on the Microsoft Download Center. Cumulative Update 5 represents the continuation of our Exchange Server 2013 servicing and builds upon Exchange Server 2013 Service Pack 1. The release includes fixes for customer reported issues, minor product enhancements and previously released security bulletins. A complete list of customer reported issues resolved in Exchange Server 2013 Cumulative Update 5 can be found in Knowledge Base Article KB2936880. Customers running any previous release of Exchange Server 2013 can move directly to Cumulative Update 5 today. Customers deploying Exchange Server 2013 for the first time may skip previous releases and start their deployment with Cumulative Update 5 as well.
To read the full article, go to: The Exchange Team Blog
After you install Microsoft Exchange Server 2013 Service Pack 1 (SP1) or you upgrade an existing Microsoft Exchange Server 2013 installation to Exchange Server 2013 SP1, third-party or custom-developed transport agents cannot be installed correctly. Additionally, the Microsoft Exchange Transport service (MSExchangeTransport.exe) cannot start automatically. Specifically, you cannot enable third-party products that rely on transport agents. For example, you cannot enable anti-malware software or custom-developed transport agents.
When the installation fails, you also receive an error message that resembles the following:
The TransportAgentFactory type must be the Microsoft .NET class type of the transport agent factory.
Microsoft has developed a PowerShell script that corrects a formatting error in the configuration files that govern the Transport Extensibility that is built into Exchange Server 2013. To have us apply this script for you so that Transport Extensibility and third-party products that use this capability function correctly, go to the "Fix it for me" section. If you prefer to fix this problem yourself, go to the "Let me fix it myself" section.
To read the full article, go to: Microsoft Support
By The Exchange Team, Technet
Exchange Server 2013 Service Pack 1 (SP1) is now available for download! Please make sure to read the release notes before installing SP1. The final build number for Exchange Server 2013 SP1 is 15.00.0847.032.
SP1 has already been deployed to thousands of production mailboxes in customer environments via the Exchange Server Technology Adoption Program (TAP). In addition to including fixes, SP1 provides enhancements to improve the Exchange 2013 experience. These include enhancements in security and compliance, architecture and administration, and user experiences. These key enhancements are introduced below.
SP1 provides enhancements improving security and compliance capabilities in Exchange Server 2013. This includes improvements in the Data Loss Prevention (DLP) feature and the return of S/MIME encryption for Outlook Web App users.
DLP Policy Tips in Outlook Web App – DLP Policy Tips are now enabled for Outlook Web App (OWA) and OWA for Devices. These are the same Policy Tips available in Outlook 2013. DLP Policy Tips appear when a user attempts to send a message containing sensitive data that matches a DLP policy. Learn more about DLP Policy Tips.
DLP Document Fingerprinting – DLP policies already allow you to detect sensitive information such as financial or personal data. DLP Document Fingerprinting expands this capability to detect forms used in your organization. For example, you can create a document fingerprint based on your organization’s patent request form to identify when users are sending that form, and then use DLP actions to properly control dissemination of the content. Learn more about DLP Document Fingerprinting.
DLP sensitive information types for new regions – SP1 provides an expanded set of standard DLP sensitive information types covering an increased set of regions. SP1 adds region support for Poland, Finland and Taiwan. Learn more about the DLP sensitive information types available.
S/MIME support for OWA – SP1 also reintroduces the S/MIME feature in OWA, enabling OWA users to send and receive signed and encrypted email. Signed messages allow the recipient to verify that the message came from the specified sender and contains the only the content from the sender. This capability is supported when using OWA with Internet Explorer 9 or later. Learn more about S/MIME in Exchange 2013.
To read the full article, go to: Technet.com
By Tony Redmond, WindowsITPro
Three months after they shipped Exchange 2013 CU3, Microsoft has announced the release of Exchange 2013 SP1, or cumulative update 4 (CU4) to its friends. The announcement will no doubt come as pleasant relief to those who insist that no Microsoft server product can ever be installed until the first service pack appears. Like waiting for the first cuckoo of spring to sing before planting, such a well-worn adage is challenged in an era when the demands of the cloud mandates that on-premises customers receive quarterly updates, but some people find it hard to shift old habits. In any case, build 847.32 aka Exchange 2013 SP1 is now available for download.
To make sure that those running older versions of Exchange are not left out, Microsoft has also released Rollup Update 13 for Exchange 2007 SP3 and Rollup Update 5 for Exchange 2010 SP3.
I won't bore you with the details of how to install Exchange 2013 SP1 because the upgrade from CU3 was easy (at least for me). A schema extension is required to accommodate new objects and cmdlets and the consequent updates to RBAC roles, so be sure to include this step in your planning. The normal caveats about preparing DAG member servers by putting them into maintenance mode before starting the upgrade and shutting down all Exchange components like EMS and EAC apply. My upgrades occurred without trauma, which was a nice surprise. The sole caveat is to check that all services come back online after the upgrade as the transport services can be picky about restarting.
Looking through the set of features and updates provided in Exchange 2013 SP1, we find a mixture of finishing off important components and extending new functionality. Adding S/MIME support back for Outlook Web App (OWA) is an example of the former; providing the ability to add custom sensitive data types through document fingerprinting for Data Loss Prevention (DLP) is an example of the latter. The full list of updated functionality in SP1 is shown below. Where appropriate, the features are also available to users of Exchange Online in Office 365. In fact, the nature of the development process is that new functionality is slip-streamed into production in the cloud some weeks before it is made available to on-premises customers in an update like SP1. It is therefore quite possible that you have been able to use upgraded functionality for some time, even if you never realized it.
To read the full article, go to: WindowsITPro.com
By Steven Musil, CNet.com
After some of the company's social-networking accounts were hacked, Microsoft says some of its e-mail accounts were also compromised.
In addition to compromising some of Microsoft's social-networking accounts, the Syrian Electronic Army also accessed a "small number" of employee e-mail accounts, the company confirmed Wednesday.
The hacking group, which has taken responsibility for an array of breaches in the past couple of years, tweeted three e-mails over the weekend that appeared to originate from Microsoft employee Outlook Web Access accounts. The screenshots posted by the group included conversations among employees regarding recent compromises of Microsoft-owned Twitter accounts.
"A social engineering cyber-attack method known as phishing resulted in a small number of Microsoft employee social media and e-mail accounts being impacted," a Microsoft spokesperson said in a statement to CNET. "These accounts were reset and no customer information was compromised. We continue to take a number of actions to protect our employees and accounts against this industry wide issue."
The Syrian Electronic Army -- a political hacking group that supports Syrian President Bashar Assad -- appears to be waging a war on Microsoft. Over the weekend, the group took control of the Twitter accounts of Xbox and Xbox Support, along with Xbox's Instagram account. The company's TechNet blog was also compromised.
A tweet sent by the group Wednesday indicated that its campaign against the tech giant was not over.
Twitter has long been a favorite battleground for the Syrian Electronic Army, with recent hack victims including the accounts of the parody news site the Onion, the messaging app Viber, The Associated Press, NPR, CBS (parent company of CNET), the Guardian, and the BBC.
To read the full article, go to: News.Cnet.com
By Tony Redmond, WindowsITPro.com
Some difficulties with Wi-Fi forces a decision to use Outlook Web App configured for offline access instead of Outlook 2013. Why? Well, Outlook is a bit of a pig when it comes to network resources because it synchronizes so much data from so many sources. On the other hand, OWA is efficient and quick and uses far less bandwidth - and still provides a pretty good interface.
I've made lots of comments about Outlook Web App (OWA) over the last year. Justifiably so, I think, seeing that I have actually been using OWA more than I usually do and Microsoft has released their OWA for iOS app. But returning once again to my travel escapades that caused me to use OWA light on a TV set in Abu Dhabi, I continued to experience more network connectivity issues as I traveled onward to Australia that resulted in a decision being made to use OWA premium rather than Outlook 2013 for the duration of the trip. On the surface (no pun intended, for this was indeed the device I used), this might seem like a strange thing to do as Outlook 2013 is obviously a much more functional client than OWA. But Outlook’s functionality has to be paid for in the form of resources and in this case, it was the network that determined client choice. Or lack of network to be precise.
Australia is a wonderful country with friendly people, great weather, and a host of things to do. That advertisement for the Australian tourist authority has to be balanced by the fact that most Australian hotels insist on abusing their clients by over-charging for weak and slow Wi-Fi networks. $20 a night seems to be the going rate in most cities, which I wouldn’t mind paying if I was able to connect to more than just Facebook.
Of course, it’s possible to seek out free Wi-Fi in coffee shops and the like but there’s a limit to the amount of coffee that you can drink, good as it might be. So a decision was made to purchase a Telstra 4G USB modem, a device that can support up to 5 concurrent connections at reasonable speed in the major urban areas.
For years, one of Outlook’s strengths has been its ability to insulate users from flaky networks by synchronizing data to the OST. The transition from offline to online access is smooth and email flows without a hitch. It’s one of the things that has made Outlook a premium client and one of the reasons why many spend a lot of their working life deep in Outlook.
But Outlook consumes a lot of network bandwidth to get things done. Outlook 2013 was perfectly happy to connect using the 4G modem, albeit slowly. The problem is that Outlook 2013 often connects to more than your personal mailbox. In fact, Outlook 2013 is a connection fulcrum that fetches information from myriad places to present a full picture of your online world. Links to Facebook and LinkedIn via Outlook’s social connector inform of important new developments in the lives of friends and colleagues while connections to shared mailboxes, site mailboxes, and public folders mean that all manner of information is available. And of course, the OAB is updated daily so that you know about new mailboxes and groups. All good stuff, but highly dependent on solid networks.
To read the full article, go to: WindowsITPro.com
By Tony Redmond, WindowsITPro.com
If you’re running Windows XP on the desktop, you already know that the April 2014 deadline for termination of extended support is looming. Exchange 2013 CU3 might just be giving you a little hint too as it seems that IE8 on Windows XP doesn’t deliver a great user experience with Outlook Web App. In fact, it’s horrible. Or even worse than horrible – and Firefox browsers also seem to have problems. So the writing is on the wall – time to upgrade and move away from Windows XP, even if client desktop refreshes are always horrible, expensive, and painful to manage.
We’ve known that IW8 and the Exchange 2013 version of OWA don’t get on too well for some time now. Indeed, Microsoft’s official stance for Office 365 is that support for IE8 will end on April 8, 2014. KB2871314 provides a clue why OWA might have a problem in CU3 saying that IE8 users will experience:
“slow performance when they perform common tasks such as the following:
Given that Exchange 2013 CU3 is essentially an on-premises version of the Exchange Online software running in Office 365 (albeit several weeks or so in development terms behind), it should come as no surprise that if Office 365 damns IE8 with weak of no praise that Exchange 2013 won’t be too happy for people to use IE8 either.
What is surprising is that Microsoft hasn’t been more emphatic in getting the message across to on-premises customers, perhaps because some sensitivity already exists in the upcoming termination of extended support for Windows XP in April 2014. IE8 is, of course, the last version of the browser supported by Windows XP. Unfortunately the option to upgrade IE doesn’t exist as Microsoft doesn’t support IE9 and later versions on Windows XP.
To read the full article, go to: WindowsITPro.com
This security update resolves three publicly disclosed vulnerabilities and one privately reported vulnerability in Microsoft Exchange Server. The most severe of these vulnerabilities exist in the WebReady Document Viewing and Data Loss Prevention features of Microsoft Exchange Server. These vulnerabilities could allow remote code execution in the security context of the LocalService account if an attacker sends an email message containing a specially crafted file to a user on an affected Exchange server. The LocalService account has minimum privileges on the local system and presents anonymous credentials on the network.
This security update is rated Critical for all supported editions of Microsoft Exchange Server 2007, Microsoft Exchange Server 2010, and Microsoft Exchange Server 2013. For more information, see the subsection, Affected and Non-Affected Software, in this section.
The security update addresses the vulnerabilities by updating the affected Oracle Outside In libraries to a non-vulnerable version, by enabling machine authentication check (MAC) according to best practices, and by ensuring that URLs are properly sanitized. For more information about the vulnerabilities, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerabilities entry under the next section, Vulnerability Information.
Recommendation. Customers can configure automatic updating to check online for updates from Microsoft Update by using the Microsoft Update service. Customers who have automatic updating enabled and configured to check online for updates from Microsoft Update typically will not need to take any action because this security update will be downloaded and installed automatically. Customers who have not enabled automatic updating need to check for updates from Microsoft Update and install this update manually. For information about specific configuration options in automatic updating in supported editions of Windows XP and Windows Server 2003, see Microsoft Knowledge Base Article 294871. For information about automatic updating in supported editions of Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, see Understanding Windows automatic updating.
For administrators and enterprise installations, or end users who want to install this security update manually, Microsoft recommends that customers apply the update immediately using update management software, or by checking for updates using the Microsoft Update service.
For more information go to: technet.microsoft.com