RangerMSP Business Automation for successful ITs


Go Back   RangerMSP Forums > RangerMSP Software Discussion Forum (CCRM)
Search Today's Posts Mark Forums Read

Thread Tools Search this Thread
 
March 2nd, 2020, 07:36 AM
AN-Tech
 
Posts: 478
With the requirement by Microsoft to implement new security policies we have turned on MFA for the account that is used by the Email Connector. Since CommitCRM wouldn't be able to do anything with MFA we created an App Password for the account. We ran ServerConfig.exe and entered the App Password into the password fields for Outgoing Mail Server and Email Connector but it doesn't seem to be working properly. When we run the test from those areas we just get responded back with bad username or password.

Does anyone have ideas on what might be going on?
 
March 2nd, 2020, 11:56 AM
AN-Tech
 
Posts: 478
So here is what I have gotten so far.

Microsoft announced an important update regarding these mandatory partner security requirements. Effective February 29, 2020, Azure Active Directory "baseline" policies will be removed and replaced with "security defaults." These new policies are more comprehensive and designed to protect your organization with pre-configured security settings for common attacks.

It sounds like Commit needs to support the more secure Modern Authentication method as opposed to the Legacy Authentication methods that were previously allowed. As a Microsoft Partner and CSP we are required to have made this change by Feb 29th.

In order to continue working in a manner that is compliant for Microsoft Partners and CSP's Commit would have needed to have been setup as a registered Office 365 Application in the Azure Portal. I don't believe this has been done yet.

So since most of us are MS Partners and CSP's, how is everyone else handling this without risking their Microsoft Partner status by disabling things to allow Commit to continue working?
 
April 28th, 2020, 08:27 AM
adent-ctc
 
Posts: 62
This doesn't specifically answer your question, but there might be an opportunity for me to assist to work around what you are using the CommitCRM email features for.

You are correct, Microsoft CSP tenants must have secure defaults turned on.
Alternatively you can purchase Azure Premium P1 for every mailbox/user in your Tenant.
Not a great alternative.
In our MSP/IT business, we do not use the email features of CommitCRM. For automated emailing to customers, we have traditionally used a inhouse LAMP platform that amoungst other things, sends AV and RMM reports to customers via a Postfix server.
I've never been entirely happy with this setup.

For a while we have been working on our Jupiter Server product, which eventually will replace our LAMP platform and our Postfix server.
As part of this, Microsoft's decision regarding SecureDefaults triggered us to work on a utility that harnesses Jupiter Server that we call sendmail.exe.

In summary,
Using Powershell (or a .NET application), it is possible to connect to Jupiter Server to obtain data from your CommitCRM database.
Also using Powershell, sendmail.exe can be scripted to allow you to send email with securedefaults turned on.

Documentation on sendmail.exe is here
https://dentaur.com.au/jupiter-serve...port/sendmail/

If you have further questions you can email me
andrew@dentaur.com
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search



All times are GMT -6. The time now is 07:28 AM.

Archive - Top    

RangerMSP - A PSA software designed for MSPs and IT Services Providers
Forum Software Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.