Questions[microsoft-dfo365](server)

We are using an Azure logic app to integrate a third party API service with a D365FO instance. The third party supplied us with a public CA certificate file (crt) and a self signed certificate plus key file set (crt and key) to secure the connection.

Now there are instructions on MS docs how to apply the client certificate to a HTTP request to the API service. Although just using the client certificate will give us a TrustFailure error when running the logic app. This result also seems to be described in Microsoft docs:

https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-securing-a-logic-app?tabs=azure-portal#access-for-outbound-calls-to-other-services-and-systems

At the same time we have also been provided a public (CA) certificate that might alleviate the issue, but we are unsure how to apply a CA certificate to an Azure logic app. Maybe the CA certificate is not necessary here at all, though. Could someone give us directions how to handle this?

Due to the Data Privacy regulations in our Country we have been asked by management to disable Microsoft Office Pro Plus, 365, 2016 from sending Telemetry Data to Microsoft so i did the following as stated on the official website https://docs.microsoft.com/en-us/deployoffice/compat/manage-the-privacy-of-data-monitored-by-telemetry-in-office .

So I downloaded ADMX templates > Configuration > Administrative Templates > Microsoft Office 2016 > Telemetry Dashboard and did the following in order to disable Telemetry Agent policy settings that disable logging

TO STOP LOGGING BY USING THE GROUP POLICY SETTINGS

Setting

Turn on telemetry data collection

Set this setting to Disabled to turn off data collection.

Turn on data uploading for Office Telemetry Agent

Set this setting to Disabled to stop uploading data to the shared folder.

According to Microsoft if logging is deactivated folder this %LocalAppData%\Microsoft\Office\16.0\Telemetry folder does not exit. I double checked on one of our test clients and truly that path doesnt exist.

Nevertheless my attention was then drawn to another location %localappdata%\Microsoft\Office\OTele. Check out this article https://www.gruppenrichtlinien.de/artikel/office-20162019365-telemetrie-deaktivieren-disabletelemetry/

This location also logs some kind of Office Telemetry Data and it gets populated anytime office is active. Is this location relevant? If so how do we stop it from logging office Data?

Reference link: https://social.technet.microsoft.com/Forums/office/en-US/f98dd521-fc45-4187-af30-f00031585f44/disable-microsoft-office-telemetry-not-working-properly-data-logging-locations-very-confusing?forum=Office2016ITPro#f98dd521-fc45-4187-af30-f00031585f44

I'm getting an odd error in many of my security and compliance pages, error is as follows or a varient of the same:

The requested search root 'APCPR06A002.prod.outlook.com/ConfigurationUnits/XXXXXXXXXX.onmicrosoft.com/Configuration/Transport Settings/Rules/SafeLinksVersioned' is not within the scope of this operation. Cannot perform searches outside the scope 'apcprd06.prod.outlook.com/Configuration/Services/Microsoft Exchange/ExchangeLabs'.

any advice? :)

In preparation for Office 365, I have downloaded Idfix to run against my Active Directory to clean up any duplicate or incorrect attributes.

Because I plan to migrate 2x AD forest (a.com and b.com with interforest trust and selective authentication NOT forest-wide authentication) into 1x single Azure tenant, I thought I will need to run Idfix against the 2x forest at the same time so that it could find out if there are any conflicts. However, I found out so far that Idfix cannot handle multi-forest (while I think multi-domain with the same forest can).



Can someone who have gone through multi-forest migration to Azure give me some feedback? And if I really cannot use Idfix to clean up the objects before migration, is there a way to do it manually?

Much appreciated.

Thanks.

I am planning to migrate our Exchange 2010 SP3 server to O365 using Hybrid environment. We also use Sophos Email Appliance which is a box sitting inhouse.

Currently, the mail flows like this.

Inbound from Internet
Internet --> Sophos Email Appliance --> Edge Server --> Mail Server

Outbound to Internet
Mail Server --> Edge Server --> Internet

I want to retain Sophos Email Appliance and at the same time don't want to break the Microsoft rule that I should not be putting anything between O365 and On-Premises Exchange and also referring to the following article: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/manage-mail-flow-on-office-365-and-on-prem

I come up with:

Inbound from Internet
Internet --> Sophos Email Appliance --> O365 --> Edge Server --> Mail Server
(I must admit the routing is a bit inefficient as incoming mail has to be sent back to the internet to reach O365)

Outbound to Internet (no change)
Mail Server --> Edge Server --> Internet

Will this work?
Thanks in advance.