Known issues
This section explains known issues with this probe.
Probe does not show -version on AIX platforms
There is currently a known issue whereby the -version command does not return the probe's version details correctly when running on AIX platforms. The probe's version can be seen in the probe's log.
Probe for Microsoft EWS could access all mailboxes
There is a security concern due to Probe for Microsoft EWS apparent ability to access all mailboxes in the tenant domain.
Resolution
You can resolve this issue by limiting probe access to specific Exchange Online mailboxes.
By default, OAuth
authentication enables the probe to access all mailboxes in an
organization on Exchange Online. Administrators can identify the set of mailboxes to permit access
by putting them in a mail-enabled security group. Administrators can then limit probe access to only
that set of mailboxes by creating an application access policy for access to that group using the
following steps:
-
Create a new mail-enabled security group using steps in Create a group or use an existing one and identify the email address for the group.
-
Add the user of mailbox to be accessed by probe into the group.
-
Connect to EWS using Exchange Online PowerShell. For details, see Connect to Exchange Online PowerShell.
-
Create an access policy on the registered Azure Active Directory application.
New-ApplicationAccessPolicy -AppId <<Application/ClientID>> -PolicyScopeGroupId <<SecGroupEmail>> -AccessRight RestrictAccess -Description "IBM Netcool EWS Probe Mailbox"