|
|||
|
|||
Can you tell me where things are at with supporting Microsoft 365 Modern Authentication? We just received word that Microsoft is once again going to be starting the program to disable Basic Authentication that RangerMSP uses.
We brought this up back in 2019 when it was first announced but I do not believe there have been any changes to RangerMSP in regards to this yet. The disabling of Basic Authentication is going to start effecting us at the beginning of 2022 so we need to have Modern Authentication working before this time. |
|
|||
|
|||
Thank you for posting this.
Yes, we've started implementing in that direction awhile back and then when Covid hit, Microsoft announced that they postpone all this to a future time, so this then received a lower priority. We have recently checked Microsoft timeline and saw that the current suggested deadline is October 2022 (We based this on the following article: https://techcommunity.microsoft.com/...e/ba-p/2772210 ) In any case, we plan to revisit this shortly. Thanks for asking! |
|
|||
|
|||
We received an email from Microsoft last week containing the following.....
Today, we are announcing that we are restarting the program to end the use of Basic Auth in Exchange Online. Beginning October 1, 2022, we will begin to disable Basic Auth in all tenants, regardless of usage. Beginning early 2022, as we roll out the changes necessary to support this effort, we are also going to begin disabling Basic Auth for some customers on a short-term and temporary basis. We will randomly select tenants and disable Basic Auth for all protocols for a period of 12-48 hours. After this time, these protocols will be re-enabled, if the tenant admin has not already re-enabled them using our self-service tools. During this time all clients and apps that use Basic Auth in that tenant will be affected, and they will be unable to connect. Any client or app using Modern Auth will not be affected. Users can use alternate clients (for example, Outlook on the Web instead of an older Outlook client that does not support Modern Auth) while they upgrade or reconfigure their client apps. So based on this we are going to need Modern Auth support much sooner then October. |
|
|||
|
|||
Well, Oct. 2022 is the deadline, the low number of randomly picked tenants that will face this limit for several hours is something that we look at and will aim to avoid, however, this update from Microsoft was released 5 days ago and we cannot tell at this point when it will be ready for release, besides that it is expected to be ready well in advance before the deadline. Rest assured that this new announcement brought this back to the table set with a high priority.
Thanks! |
|
|||
|
|||
Support, where are things at with starting to support Modern Authentication? We've been asking for this for over 2 years now because Microsoft has given us the warning that basic authentication is going away. The October deadline is coming up quickly and I'm sure this is going to require to testing. Several of us were hit with the email connector not working last month and we really need to get something in place soon in case MS does something again.
|
|
|||
|
|||
As I’ve had needed to share these notes with dev teams on other platforms, thought I would share here too.
All of Microsoft’s APIs use Oauth for authentication. This webpage is helpful, with many different scenarios, types of apps and language examples listed. https://docs.microsoft.com/en-us/azu...2-code#desktop Specifically, this is the modern equivalent of the authentication method we used 3 years ago (using .NET Framework) when we first implemented sending email via Microsoft Graph. https://github.com/Azure-Samples/act...1-Call-MSGraph Using a client secret or client certificate are both possible. After the method of authentication succeeds submitting email for sending is fairly straight forward. Use .NET HttpWebRequest with this uri. https://graph.microsoft.com/v1.0/users/{user}/SendMail https://docs.microsoft.com/en-us/gra...-1.0&tabs=http For prototyping… Anyone can sign up to a Microsoft Office 365 Dev Tenant? https://techcommunity.microsoft.com/...e/ba-p/2036610 You get 25 E5 licenses (for free), and you can prepopulate it with sample data packs that Microsoft have preconfigured. I use my developer tenant to write code and scripts against, but also to test out various Office 365 features that I’m unsure of. |
|
|||
|
|||
Can we get an update on where things are at with Modern Authentication? We are less then two months away from Microsoft enforcing this and need to have enough time for testing beforehand. If this isn't going to be up and running in time we are going to need to a replacement to Ranger before October.
This has been known about for more then 3 years. I am really surprised Ranger is cutting things so close to the deadline. |
|
|||
|
|||
|
|
|||
|
|||
Update: Support for Microsoft 365 modern authentication for Email (OAuth) was introduced in RangerMSP 30.
|