Exchange Online Basic Auth - One (Final) Time Enablement


Userlevel 7
Badge +22

A quick note on an important point that I missed originally in Microsoft’s announcement. As users are starting to find their basic authentication mechanisms are being actively disabled, Microsoft have provided one last mechanism to prevent a complete outage if you rely on basic authentication currently.

 

Which Protocols Are Impacted?

 

If you’re using basic authentication for any of the following protocols, you might find that suddenly it has stopped working:

  • Exchange ActiveSync (EAS)
  • Exchange Web Services (EWS)
  • IMAP
  • MAPI
  • Offline Address Book (OAB)
  • POP
  • Remote PowerShell
  • RPC

 

I Think This Impacts Me, What Do I Do?

 

Microsoft are offering one final time to re-enable Basic Authentication, via the self-service diagnostics, direct link here.

From this link, you can see which protocols are disabled, and choose a specific protocol that you can re-enable.

 

Warning: Microsoft Are Serious This Time

 

Microsoft have stated that any protocols that are re-enabled will be automatically disabled in the first calendar week of 2023, and no further exceptions will be permitted. You need to have migrated away from basic auth by this time.

 

For a full read of this announcement and the basic authentication retirement plan, read this blog post from Microsoft here.


5 comments

Userlevel 7
Badge +12

A quick note on an important point that I missed originally in Microsoft’s announcement. As users are starting to find their basic authentication mechanisms are being actively disabled, Microsoft have provided one last mechanism to prevent a complete outage if you rely on basic authentication currently.

 

Which Protocols Are Impacted?

 

If you’re using basic authentication for any of the following protocols, you might find that suddenly it has stopped working:

  • Exchange ActiveSync (EAS)
  • Exchange Web Services (EWS)
  • IMAP
  • MAPI
  • Offline Address Book (OAB)
  • POP
  • Remote PowerShell
  • RPC

 

I Think This Impacts Me, What Do I Do?

 

Microsoft are offering one final time to re-enable Basic Authentication, via the self-service diagnostics, direct link here.

From this link, you can see which protocols are disabled, and choose a specific protocol that you can re-enable.

 

Warning: Microsoft Are Serious This Time

 

Microsoft have stated that any protocols that are re-enabled will be automatically disabled in the first calendar week of 2023, and no further exceptions will be permitted. You need to have migrated away from basic auth by this time.

 

For a full read of this announcement and the basic authentication retirement plan, read this blog post from Microsoft here.

Thx @MicoolPaul , some customers are still using public folders, so need to migrate to shared mailboxes or M365 groups in order to have a backup...

Userlevel 7
Badge +12

@RK99

The link doesn‘t make any sense to me regarding @MicoolPaul blog post. :)

Can you please explain why your link is helpful for understanding basic auth deprecation? The word basic or legacy is not mentioned once on the link you provided.

 

Thanks

Fabian

Userlevel 5
Badge

A quick note on an important point that I missed originally in Microsoft’s announcement. As users are starting to find their basic authentication mechanisms are being actively disabled, Microsoft have provided one last mechanism to prevent a complete outage if you rely on basic authentication currently.

 

Which Protocols Are Impacted?

 

If you’re using basic authentication for any of the following protocols, you might find that suddenly it has stopped working:

  • Exchange ActiveSync (EAS)
  • Exchange Web Services (EWS)
  • IMAP
  • MAPI
  • Offline Address Book (OAB)
  • POP
  • Remote PowerShell
  • RPC

 

I Think This Impacts Me, What Do I Do?

 

Microsoft are offering one final time to re-enable Basic Authentication, via the self-service diagnostics, direct link here.

From this link, you can see which protocols are disabled, and choose a specific protocol that you can re-enable.

 

Warning: Microsoft Are Serious This Time

 

Microsoft have stated that any protocols that are re-enabled will be automatically disabled in the first calendar week of 2023, and no further exceptions will be permitted. You need to have migrated away from basic auth by this time.

 

For a full read of this announcement and the basic authentication retirement plan, read this blog post from Microsoft here.

This Link will help us to find more insights Exchange ActiveSync | Microsoft Learn

Userlevel 7
Badge +6

It should be noted that at this time, Microsoft shouldn’t be turning off Basic Auth for those that are already using it, but I have had several tenants that have not been using and and it has been disabled.  There will be a note in the Admin console showing that Basic Auth is in the process of being disabled when that is happening.  I haven’t had anyone yet where I need to turn it back on, but I think those will come.  The usual suspects I’ve had for needing basic auth are multifunction copiers for scan to email, some applications, and voicemail to email from VOIP phone systems.  Most of them can be set to relay using option 3 at the below link which is what I tend to use.  Option 2 is available as long as you don’t want to relay to external addresses.

https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365

 

Userlevel 7
Badge +21

Always good to know this information especially for M365.  😁

Comment