I'm a global administrator of my O365 account - I have an external user who is not in our O365 contact list and needs to send email to one of our O365 distribution group and I don't want to check mark on "allow external user to send to this Distribution list" as I don't want every external user send to that distribution list - my question is how do I can grant permission just to that one external user to send email to the distribution list who is not added as an O365 contact and where distribution list has a restriction to not receive email from external users.
Related
In my place of work we have an Active Directory with 'staff' accounts. Each of these AD accounts has an associated company email, e.g. john#example.com
Within the same AD we also have 'external' user accounts, e.g. suppliers, contractors etc. This allows the external users to login and access some of our systems using their AD credentials (user number and password). None of these external users have an email address associated with their AD account.
The only users with an AD email address are 'staff'. There are various reasons why we would like 'external' users to have an email address, e.g. Currently they cannot use the 'send to email' feature of our printers, as they have no associated email.
I have a few questions (I am not an AD administrator or security expert, and I'm not familiar with the email or AD infrastructure.)
is it technically possible to associate an external domain email address to our internal AD user accounts (e.g. john#gmail.com)
will doing this pose any security risks / why would AD admins be reluctant to do this
is there a better / safer alternative
I am using this guide created by Steven Goodman
http://www.stevieg.org/2010/07/using-powershell-to-import-contacts-into-exchange-and-outlook-live/
When importing .csv to Office 365 mailboxes with users created through local AD sync, the email address of the users in the same organisation, in the display email is shown as “xx xx”. External users email display name comes out as their email addresses.
However with uploading the same .csv to a non-AD synced email account, the display name appears as the normal email address.
Is there a way to show the emails in contacts, in the same organisation as their email addresses instead of this “LegacyExchangeDN”?
When AD accounts are sync'd to O365, the cloud objects become "read only" for many of the properties, especially values like email addresses.
What should be done is to import the values to the on-premises accounts and allow the MS dirsync to push those updates up to the cloud objects.
However, you cannot just set anything and have it go up to the cloud. The dirsync will only allow addresses that are in the list of accepted domains for the tenant and will purposely exclude non-smtp and non-x500 addresses. this means that if you wanted to preserve an old RFAX (right-fax solution) address, you cannot push that value to the cloud.
Copied from this document, can the source user for example test#mydomain.com and the destination user be test#audit.mydomain.com?
Types of users in a monitored email scenario
A monitored email scenario includes three types of users:
Administrator — Any domain administrator can create, retrieve, update, and delete an email monitor using the Email Audit API's monitor resource. In addition, an administrator can use the API to retrieve user account information and download the mailbox. These operations can only be done within the domain over which the administrator exercises control.
Source user — The source user is the user who receives or sends messages that are being audited by the monitoring destination user. Any domain administrator or account user can be a source user. The source user must be in the same domain as the administrator and destination user.
Destination user — The destination user is the auditor who receives the audited email messages.
The destination user (destUserName) goes off the primary username (regardless of audit.mydomain.com or mydomain.com). If audit.mydomain.com was added as a subdomain to mydomain.com and test#audit.mydomain.com was his primary email address it will work with the input:
name='destUserName' value='test'
I have a service account for an application that is used to send out emails via a MSExchange server. The 'From' field gets populated by the email address in the current users profile, but the server is sending back a response
"SmtpException: Mailbox unavailable. The server response was: 5.7.1 Client does not have permissions to send on behalf of the from address."
As there are alot of email addresses that could be being sent from, is it possible to set up the service account so that it will have send on behalf permissions for "*#domain1.com email addresses" or do they all have to be added one at a time?
Send on behalf isn't really possible like this given how it's set. If you were OK with Send-As (so the mails would come from Service1#domain1.com versus Service1 on Behalf of bob#domain1.com), you could grant the service account send-as rights at the domain, OU, or mailbox database levels.
Some social networking have an option: find all friends via a e-mail account. So how does it do that?
it requires your email account password
the social network enters your email account and fetches the contact list
it compares your list with its database of registered profiles (specifically, with the email of the registered users)
every match is a person which you have had contact with in the past.
All of those matches are proposed to you as friend.
This is more or less how it works.