The cloud-based mailbox then uses Autodiscover to find the ActiveSync URL and syncs 28 days of the users mailbox data. It uses the AutoDetect service, not to be confused with the on-premises Autodiscover URL, to connect to the on-premises mailbox. The Outlook Mobile client does not connect directly to the Exchange on-premises mailbox, but via the cloud-based mailbox.
Part 2: When user is still on-premises and uses Outlook Mobile
It is used to cache emails for 28 days when you use Outlook Mobile to access the on-premises mailbox.Read more about Search for Teams chat data for on-premises users on Teams compliance records search.Read more about Technical and licensing requirements for Outlook Mobile.
#SEARCH SHARED MAILBOX OUTLOOK 2010 AND EXCHANGE 2016 LICENSE#
It requires at least an Exchange Online Plan 1 license assigned to the user.It is not possible to log on or access the mailbox in any scenario.It is created to store compliance records for Microsoft Teams personal chat and meeting activity.The Add App Content for On-Premises Users checkbox specifies that you are searching the cloud-based mailbox of the user. Then re-run the search and validate that you can find the Teams data stored for compliance reasons. To see Teams chats and meetings stored for compliance reasons you can add Kind:MicrosoftTeam as a keyword. The result should be empty and you have validated that no calendar data is cached in the cloud-based mailbox. Note that you need to have Compliance Administrator role assigned to your admin user and you need and exchange license with online mailbox for result preview to work. Then you find the actual user you want to search and click Save & Run. In the keyword field you type a title of a calendar event for the user you want to search. You can navigate to Microsoft 365 Compliance Center and go to Content Search and click New search. How can you know? You can run a content search against the user and verify that no calendar events are stored in Exchange Online. Nothing is stored in Microsoft 365 in this scenario, except for personal chat activity for compliance reasons. Also read How Exchange and Microsoft Teams interact for a general understanding I got this information from a very informative and detailed TechCommunit article by MVP Thomas Stensitzki Microsoft Teams and on-premises mailboxes: Part 2 – Teams Calendar App Troubleshooting. The Teams Backend Service will den relay the parsed calendar data to the Teams client requesting the data.
It is enough to limit access to known Microsoft IP ranges found in the Office 365 URLs and IP address ranges article. This means that you do not need to expose the on-premises Autodiscover and EWS to the clients for calendaring in Teams to work. The great news is that the Teams clients connects via the Teams Backend Service to EWS to get calendar data. Part 1: When user is still on-premises, does not use Outlook Mobile but uses calendaring in Microsoft Teams The questions are, what is stored in Microsoft 365 when the mailbox is still on-premises and can we limit the attack surface for Exchange on-premises in this setup? The answers has two parts. Meetings in Teams and MFA for Outlook Mobile are the main drivers. They are not ready to migrate everything to Microsoft 365 but want to use the secure remote work components. Secure Remote Work from Anywhere is the trend of 2021! This trend has forced more companies over to Microsoft Teams for meetings and wanting to utilize conditional access, MFA and Outlook Mobile for on-premises hosted users.