Microsoft Deprecates Remote PowerShell Support in Exchange Online

Cloud Computing

Key Takeaways:

  • Microsoft has permanently discontinued Remote PowerShell Protocol (RPS) for Exchange Online, requiring users’ migration to the Exchange Online PowerShell version 3 module.
  • The retirement of RPS aligns with Microsoft’s commitment to fortify Exchange Online’s security against cyber threats.
  • The new PowerShell v3 module enhances performance and reliability and introduces multifactor authentication (MFA), providing an added layer of security against unauthorized access.

In a decisive move toward bolstering cybersecurity, Microsoft is permanently turning off Remote PowerShell Protocol (RPS) for Exchange Online this month. The company urges customers to move to the REST-based Exchange Online PowerShell version 3 module instead.

Remote PowerShell Protocol (RPS) is a feature that allows IT admins to run PowerShell commands or scripts on a remote computer. It helps to perform various administrative tasks on remote machines, such as managing mailboxes, distribution groups, contacts, and public folders. Remote PowerShell supports Basic Authentication that lacks support for multifactor authentication, and it’s subject to password spray attacks.

Last year, Microsoft announced its plans to deprecate Remote PowerShell for Exchange Online. In the first step, the company started blocking RPS connections for new tenants created after April 1, 2023. Microsoft began blocking it for Exchange Online customers in June, with an option to re-enable it until September 2023.

Microsoft asks Exchange Online customers to switch to the PowerShell version 3 module

Starting October 1, Microsoft is pulling the plug on RPS for Exchange Online, and organizations can no longer opt-out or continue to use the module. The company plans to notify customers via the Microsoft 365 Admin Center when the service will be discontinued for their tenant.

“We previously announced the Deprecation of Remote PowerShell Protocol (RPS) in Exchange Online, and we’ve now reached the end of RPS. Since making the announcement, usage of RPS in our WW cloud has dropped dramatically. We have disabled the self-service diagnostic to re-enable or opt-out of this change, and we will now be turning off RPS. In fact, we will turn off RPS for our WW cloud customers by tomorrow,” the Exchange team explained.

The retirement of RPS is a part of Microsoft’s ongoing efforts to harden Exchange Online security against sophisticated cyberattacks. The company launched the more modern PowerShell v3 module in September 2022. It promises significant performance and reliability improvements over RPS. The REST-based API cmdlets help to minimize long query execution times and failures caused by network delays. It also supports multi-factor authentication (MFA) to boost protection against cyber threats.