Description

As officially announced by Microsoft, Basic Authentication will be disabled in Exchange Online effective October 1, 2022. This will have an impact on eDiscovery Platform Microsoft365 Collection configured with MAPI over HTTP protocol which internally uses Basic Authentication.   

What’s changing?  

Microsoft is removing the ability to use Basic authentication in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, Remote PowerShell, Exchange Web Services (EWS), Offline Address Book (OAB), Outlook for Windows, and Mac. This change by Microsoft requires customers to move from apps that use Basic Authentication to apps that use Modern Authentication.  

When will the change take place?  

Microsoft has already started to implement this change. New Microsoft 365 tenants are created with Basic Authentication already turned off as they have Security defaults enabled. In September 2021, Microsoft announced that effective October 1, 2022, they will disable Basic Authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online with a one time extension available through January 1, 2023.

Impact on eDiscovery Platform 

eDiscovery Platform supports multiple ways to collect to Microsoft365. 

• MAPI Over HTTP based Collection, designed to use Basic Authentication. 

• Microsoft Graph based Collection, designed to use Modern Authentication. 

Exchange Source Collection based on MAPI Over HTTP: 

• In context with eDiscovery Platform versions 9.5.x / 10.0.x / 10.1.x version…. 

• If eDiscovery Platform software is running with Windows Server 2012/2016 Operating System (with Office 2013) then Exchange Source collection using MAPI over HTTP is supported. Post the Basic Authentication disablement deadline mentioned by Microsoft, this functionality will be impacted.  

• If eDiscovery Platform software is running on Windows Server 2019 Operating system, Microsoft365 collection using MAPI over HTTP is not supported.  

• In context with eDiscovery Platform versions 10.2 version….. 

• Exchange Source Collection based on MAPI over HTTP is not supported. 

M365 Collection based on Microsoft Graph API: 

• eDiscovery Platform version 9.5.1 and onwards supports Microsoft 365 Collection using Microsoft Graph API. This internally uses Modern Authentication and hence is not impacted. There is no action required in this case.   

Additional Information: 

This issue is currently under investigation by Veritas Technologies LLC. Pending the outcome of the investigation, this issue may be resolved by way of a patch or hotfix in current or future revisions of the software. However, this particular issue is not currently scheduled for any release.  If you feel this issue has a direct business impact for you and your continued use of the product, please contact your Veritas Sales representative or the Veritas Sales group to discuss these concerns.
 
Note: Customers experiencing this issue are encouraged to contact Veritas Technical Support as data is still being collected to assist in resolving this issue.