Tag Archives: Outlook

Need Password prompt in Outlook after clearing everyone’s sessions

Exchange Server, , ,

Long story short one of our vendors got hacked and sent out a phishing scam email using a SharePoint link and session hijacking that was able to bypass MFA. One of my users, who was waiting on a quote from this vendor, clicked it and entered their credentials. A week later their email was used to send out the same phishing email.

We followed the recommended Microsoft steps to clean things up. I did a content search on his account to see what he sent out and then emailed everyone letting them know it was a phishing attempt and if they fell for it they should reset their own passwords and contact their IT people. I then sent out a internal email saying if anyone clicked on the link they also need to change their password and to remind everyone about phishing emails. Then to be extra careful we forced a logout of all 365 sessions using PowerShell:

Connect-AzureAD
Get-AzureADUser | Revoke-Azureaduserallrefreshtoken

Which should have been the equivalent of going into the admin center on each user and clicking “Sign out of all sessions”. We told everyone that they might have to re-login to things and to reboot. Then followed up with some exports of everyones inbox rules, forwarding rules, etc, to make sure no one else was affected. It was a super fun Friday afternoon into evening.

The following Monday 95% of our users are completely fine, no issues, everything works. 5% of our users are getting the “Need Password” prompt at the bottom right in Outlook right after it finishes syncing all folders. If they try to get to public folders, other mailboxes they have access to, etc Outlook hard locks for a couple minutes and then connects and looks fine. Opening up the “Outlook Connection Status” during this time and you can see under status it saying “Connecting….” for each one then disconnected, over and over until it figures it out and connects. But then will go back to Need Password after a couple minutes. But if you simply click on where it says “Need Password” as soon as it pops up it connects the user with no other issues and works fine. So they were operational but with a annoying work around.

So I search google and the majority of things tell people to set a couple of registry keys which Microsoft has a entire article about not doing. Instead I followed the steps in that article which didn’t help at all. Tried the Microsoft support assistant for this issue, also didn’t work. Then moved on to having users change passwords and reboot, disconnect their accounts under “Access work or school” and reconnect, delete the Outlook profile and recreate, etc. All the standard Outlook is broken things to try but nothing seemed to work.

Well it turns out Microsoft put out a advisory that users with a Online Archive in a Exchange Hybrid setup were having trouble if the Autodiscover URL was pointing to the on prem server. So it ended up being a really bad coincidence. But this got me thinking why do I need to point Autodiscover to the on prem server at all if 100% of our mailboxes are migrated. It’s just a extra unneeded step which at best adds a little time to autodiscover compared to going directly to Microsoft and at worst if our internet or Exchange is down could prevent users from connecting.

Time to change that. I deleted my internal DNS autodiscover HOST record and put in a autodiscover CNAME record pointing to Microsofts autodiscover.outlook.com. Did the same for my GoDaddy DNS record. Once that was done I removed the SCP value from the internal server:

Get-ClientAccessService | Set-ClientAccessService -AutoDiscoverServiceInternalUri $Null

Flushed DNS on my own computer, rebooted, and verified Outlook connected without issues. I then updated the SRV records to also point directly up just in case in DNS under Domain -> _tcp -> _autodiscover and pointed that to autodiscover.outlook.com.

It’s now been like this for a couple months with no issues and since we have 0 mailboxes hosted locally there is no reason not to go directly to Microsoft for autodiscover.

VB.Net Drag and Drop from Outlook

Programming, , , , , ,

One thing I have been working on for years now is a database program that among other things has a part that lets you attach files into it. The drag and drop functionality was easy for regular files on the hard drive but a feature request came in to drag and drop files from a outlook attachment. Luckily someone had already figured this out in C# which I converted into VB here: http://www.codeproject.com/Articles/7140/Drag-and-Drop-Attached-File-From-Outlook-and-ab. This was all fine and dandy until I got a request last week to attach the actual email itself, not a attachment. After more searching I found someone that did this using the Outlook interop libraries here: http://www.emoreau.com/Entries/Articles/2008/05/Dropping-a-Outlook-message-on-your-application.aspx. So after a little more playing I updated my drag and drop code to decipher between a normal file, a Outlook attachment, or a Outlook email and act accordingly.

Couple notes: DisplayMessageBox is a custom message box used by my program (replace with MsgBox if needed) and AddTempFileToArray does exactly that, adds any temp files I create or use to a array which I then delete when my program closes (don’t want a bunch of temp files created and left), and SaveButton is enabled only during a edit operation.

In my control where I will accept the drop:

Private Sub MyControlToAcceptTheDrop_DragEnter(ByVal sender As Object, ByVal e As System.Windows.Forms.DragEventArgs) Handles MyControlToAcceptTheDrop.DragEnter
' Make sure that the format is a file drop.
If (e.Data.GetDataPresent(DataFormats.FileDrop)) And (SaveButton.Visible = True) Then
e.Effect = DragDropEffects.Copy
ElseIf (e.Data.GetDataPresent("FileGroupDescriptor")) And (SaveButton.Visible = True) Then
e.Effect = DragDropEffects.Copy
Else
' Do not allow drop.
e.Effect = DragDropEffects.None
End If
End Sub

And my code to handle the drop:

'''

''' Handle File Drops
'''

''' DragEventArgs ''' Path to the actual file or temp file
''' Returns the full path to the file being dropped or to a temp file that contains the file in memory (for use with Outlook or other program drag drops)
Friend Function HandleFileDrops(ByVal e As System.Windows.Forms.DragEventArgs) As String
Try
If e.Data.GetDataPresent(DataFormats.FileDrop) Then
' We have a file so lets pass it to the calling form
Dim Filename As String() = CType(e.Data.GetData(DataFormats.FileDrop), String())
HandleFileDrops = Filename(0)
ElseIf e.Data.GetDataPresent("FileGroupDescriptor") Then
' We have a embedded file. First lets try to get the file name out of memory
Dim theStream As Stream = CType(e.Data.GetData("FileGroupDescriptor"), Stream)
Dim fileGroupDescriptor(512) As Byte
theStream.Read(fileGroupDescriptor, 0, 512)
Dim fileName As System.Text.StringBuilder = New System.Text.StringBuilder("")
Dim i As Integer = 76
While Not (fileGroupDescriptor(i) = 0)
fileName.Append(Convert.ToChar(fileGroupDescriptor(i)))
System.Math.Min(System.Threading.Interlocked.Increment(i), i - 1)
End While
theStream.Close()
' We should have the file name or if its a email the subject line. Create our temp file based on the temp path and this info
Dim myTempFile As String = Path.GetTempPath & fileName.ToString
' Look to see if this is a email message. If so save that temporarily and get the temp file.
If InStr(myTempFile, ".msg") > 0 Then
Dim objOL As New Microsoft.Office.Interop.Outlook.Application
Dim objMI As Microsoft.Office.Interop.Outlook.MailItem
If objOL.ActiveExplorer.Selection.Count > 1 Then
DisplayMessageBox("You can only drag and drop one item at a time into this screen. The first item you selected will be used.", "One Item At A Time", , FormStartPosition.CenterParent)
End If
For Each objMI In objOL.ActiveExplorer.Selection()
objMI.SaveAs(myTempFile)
Exit For
Next
objOL = Nothing
objMI = Nothing
Else
' If its a attachment we need to pull the file itself out of memory
Dim ms As MemoryStream = CType(e.Data.GetData("FileContents", True), MemoryStream)
Dim FileBytes(CInt(ms.Length)) As Byte
' read the raw data into our variable
ms.Position = 0
ms.Read(FileBytes, 0, CInt(ms.Length))
ms.Close()
' save the raw data into our temp file
Dim fs As FileStream = New FileStream(myTempFile, FileMode.OpenOrCreate, FileAccess.Write)
fs.Write(FileBytes, 0, FileBytes.Length)
fs.Close()
End If
' Make sure we have a actual file and also if we do make sure we erase it when done
If File.Exists(myTempFile) Then
' Assign the file name to the add dialog
HandleFileDrops = myTempFile
Call AddTempFileToArray(myTempFile)
Else
HandleFileDrops = String.Empty
End If
Else
Throw New System.Exception("An exception has occurred.")
End If
Catch ex As Exception
DisplayMessageBox("Could not copy file from memory. Please save the file to your hard drive first and then retry your drag and drop.", "Drag and Drop Failed")
HandleFileDrops = String.Empty
End Try

End Function

As you might be able to guess I only look at the first email message if multiple are selected and let the user know that also. I’m sure there is a way to loop through multiple files, Outlook attachments, or Outlook emails but I don’t need that functionality so I didn’t code it (but I did warn in case it happens).