The CSC (Reps included) has been granted view-only rights to pretty much everything in Office 365 in regards to Exchange Online. Staff will go to https://outlook.office.com/ecp and sign-in with their O365 credentials. From there, here's some key highlights:
- Recipients: Just like the on-prem version of Exchange, you can look up users under "Mailboxes", room and equipment mailboxes under "Resources", and shared mailboxes under....well, shared. Do a search, open the result, go to Mailbox Delegation and they'll see who has Full Access to the mailbox, who has Send As rights, etc. You can see the mailbox usage for everything as well. Still within Recipients, there's also a Groups tab, which is all mail-enabled groups...whether they are Distribution Lists or Security Groups. Any group that has an address will be in there, and you can see who the owners and members are, what email addresses are assigned to the group, etc.
- Protection: Under "Action Center" you can see if any compromised accounts are currently being blocked by Microsoft for sending email out. Not heavily used, but you do see tickets every once in a while.
- Mail Flow: Under Message Trace, you can track every email in the past seven days that has gone in or out of anybody's mailbox. This will NOT tell you if Cisco quarantined a message coming in from some external source, but this will tell you if messages were delivered, what folder they went to (typically including the reasoning why, like rules or forwarding), and will even tell you what IP O365 connected to for sending an email out to some external source.
- Public Folders: Gives you a list of the Public Folders and they should be able to click on the "Folder Permissions > Manage" link on the right side of the page when they have a PF highlighted.
Add Comment