Microsoft calls time on RPS for Exchange Online • The Register

Microsoft shutting down RPS connections for brand new Change On-line subscribers on April 1 as a part of its ongoing push for safer fashionable authentication strategies.

The Distant PowerShell Protocol is used for client-to-server communications by way of PowerShell (PS) cmdlets and is the interface for directors managing Change On-line by way of the command line.

In September 2022, Microsoft launched the PowerShell v3 module, which incorporates REST-based cmdlets, and let Change On-line customers know that the clock is ticking on RPS. The plan remains to be to drop RPS fully in June, however it is going to be blocked for brand new tenants coming onboard Change On-line on All Fools’ Day.

These new subscribers should use PowerShell v3.

“The general RPS deprecation plan we introduced in December [with the June deadline] applies to all Change On-line prospects connecting with RPS,” the Change Staff announced on Tuesday. “We advocate that every one prospects transfer to the v3 module, which is safer and extra dependable than the older PowerShell modules.”

PowerShell v3 does include reliability and efficiency benefits over older RPS-based variations – the REST API cmdlets can assist cut back failures resulting from community delays or lengthy question execution instances. However tighter safety is a high driver behind the change and key to that’s assist for contemporary authentication strategies, or what Redmond calls Trendy Auth.

Microsoft began its regular march towards Trendy Auth adoption greater than three years in the past and has since moved varied purposes – together with Outlook Desktop and Outlook Cellular App – to it by way of safety updates.

The software program big in September outlined plans to start disabling Primary Auth protocols in Change On-line. These protocols embody not solely RPS but in addition MAPI, Offline Tackle E book, POP, Change ActiveSync, and others.

The case for contemporary authentication is rising and an improve seems to be like a sensible transfer. Basic Auth methods do not naturally assist such fashionable safety instruments like multi-factor authentication.

The v3 module additionally consists of certificate-based authentication, which is also called app-only authentication and helps unattended script and automation instances by way of Azure Lively Listing apps and self-signed certificates.

Microsoft is also a significant proponent of passwordless authentication, as are different distributors, together with Google and Apple.

Redmond has mentioned that whereas it has disabled Primary Auth in lots of areas and that thousands and thousands of customers have already got moved away from it, there are nonetheless many who use these strategies regardless of periodic warnings from Microsoft.

The Change Staff is recommending that admins utilizing a v1 or v2 module or the New-PSSession cmdlet to determine a RPS connection set up the v3 module.

On the identical time, the Staff is responding to consumer issues in regards to the RPS timelines “and can quickly launch a device to permit tenant admins to request an extension to make use of RPS for somewhat longer.” ®