Bug Hunting in the Security and Compliance Centre


I  was finishing up an Exchange Hybrid deployment for a customer this week and came across an interesting bug in the new Office 365 Security and Compliance Centre.

The requirement was a mass PST ingestion to the Online Archive mailbox for each freshly migrated user.  I’m going to cover this rather time-consuming and annoying process in a future blog post, describing the wonders of the Azure AZ Copy Tool which seems to be permanently in Preview.

I was having a look around and noted that the S&C center allows a degree of Exchange recipient management.  I was particularly interested to see that it allows you the option of enabling an Archive mailbox for an Exchange user when you go to https://protection.office.com/#/archiving.


We all know that although you can do this via the Exchange Online admin GUI, when you tick the box to enable the archive you get an error.  The same happens with remote PowerShell to Exchange Online.  The PowerShell error is shown below:

Enable-Mailbox user-15 -Archive:$true

Remote PowerShell To Exchange Online Trying To Enable Archive

(checkout Rod Milne’s blog for a walk-through)

I figured I’d try enabling an archive mailbox anyway, somehow hoping i wasn’t going to be faced with the dreaded PST import copy process described above.  And it worked!  At least no error message and I even logged out and in again and tried it for a couple of different users.  The archive mailbox was provisioned when viewed in OWA (didn’t test with Outlook).  Thinking I must have missed this new functionality announcement – which would be awesome given the fact that doing it via GUI should be possible IMO – I had a search through the documentation and blogs and could not see anything that discussed this.  Trying to enable via the EAC still results in failure, so clearly there was a mismatch happening between portals.

Thanks to the power of twitterland, I tweeted to the community, in particular the guru of all things Hybrid…Michael van Hybrid (@vanhybrid).  He confirmed:


This isn’t the first time I’ve found product bugs.  A few years ago when I used to do a fair amount of GroupWise and Lotus Notes migrations, I’d find bugs in the Quest Migration Manager for Active Directory and Exchange product.  That code was originally written by Aelita Software, which employed a team of about 375 software developers in Russia.  No surprises for guessing then that some of that Russian code never translated correctly into English.  If I remember correctly I had three official bug fixes included in future version releases.

I don’t think the Office 365 environment will provide such rich pickings, there’s a remarkable amount of QA that goes on before any net new functionality such as the Security and Compliance center goes into Prod.  However, when you have multiple engineering teams collaborating, things can get missed and this was a biggie in my opinion.

A few days later the esteemed Tony Redmond (@12knocksinna) confirmed the bug was accepted, which made me smile…cool!


This entry was posted in Microsoft and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s