Managing email addresses in Exchange Online despite hybrid status

On August 20th, the Exchange team published a post that should give many admins and consultants a sigh of relief. It’s now finally possible (for what feels like an eternity) to change Exchange attributes, such as user email addresses, in the cloud. These changes are then even written back to the local AD using Entra …

Exchange SE Hybrid Licensing a consideration

In general, the topic of licensing at Microsoft is certainly not a simple one. Myths surrounding its interpretation and persistent rumors are constantly circulating. Therefore, I’d like to shed some light on a few things here.NOTE: This article is as of July 2025; changes and interpretations are subject to change at any time! I welcome …

Entra Connect Server transition to certificate-based App Identity

Since the end of May 2025, the current version (2.5.30) of Microsoft Entra Connect is no longer available for download in the public domain at Microsoft. This must now be downloaded via the Microsoft Entra Portal in the Entra Connect area. It is also advisable to look at the current version history of Entra Connect for a few minutes …

With MTA-STS for More Security in Email Traffic

Several days ago, the BSI published a good article on the topic of email security and modern email infrastructures. https://www.allianz-fuer-cybersicherheit.de/SharedDocs/Downloads/Webs/ACS/DE/BSI-CS/BSI-CS_155.pdf This prompted me to write this article. Since the SMTP protocol was designed in the 1980s and security was not a major concern at that time, we need to continuously develop mechanisms to adapt this …

M365 Defender for Business security recommendations

For some time now, I have been using M365 Defender for Business in my small tenant without Intune Management. This allows small networks to be monitored very well via the cloud. At regular intervals, I also look at the “Security recommendations”. During this routine check, however, I was somewhat shocked. After all, no alerts, which …