“Secret groups” is still on the Microsoft 365 Groups backlog, but there is no delivery date available at this time.
21 votesStefan shared this idea ·
1. Click into “details”.
2. Choose “connector report”.
3. Choose “request report”.
4. Answer the questions in the wizard, clicking “Next”, “Next”, and “Save”.
5. Wait for the report to come to the email address specified. It will contain the following fields:
message_id, direction, sender_address, recipient_address, connector_name, connector_type, tls_version, tls_cipher
With the Message_Id value, you can combine this with MessageTrace to get the Subject.
If this does not help, please provide more information as to the scenario and detail that is missing. Thank you for the feedback!
397 votes12 comments · Office 365 Security & Compliance » Advanced Security Management · Flag idea as inappropriate… · Admin →
Thanks for taking the time to provide this feedback. We’ve updated the TechNet documentation (https://technet.microsoft.com/library/mt842508(v=exchg.150).aspx) to clear up confusion around which authentication type and protocol combinations are supported in CARs. Expanding support for more combinations could prevent bad actors with valid credentials from accessing mailbox content, but it wouldn’t help with scenarios like password spray attacks or malicious lockout attempts because CARs are evaluated post-authentication. There’s work underway on a solution that covers a broader array of basic authentication scenarios – we’ll share more details as soon as possible. In the interim, this blogpost (https://cloudblogs.microsoft.com/enterprisemobility/2018/03/05/azure-ad-and-adfs-best-practices-defending-against-password-spray-attacks/) outlines the recommended approach for forcing multi-factor authentication when using AAD and ADFS.