CISA Report Only Scratches Surface of Securing Office 365

The CISA report titled “Microsoft Office 365 Security Observations” makes five recommendations to improve security of an Office 365 tenant. The recommendations are valid, but competent administrators won’t take long to implement them. In fact, the worst thing is that consultants brought in to help organizations didn’t seem to have much expertise in securing Office 365.

LinkedIn Connector for Office 365 Uses Group to Control Users Allowed to Access Contacts

The LinkedIn connector for Office 365 now uses a group to control the set of user accounts allowed to connect their accounts to LinkedIn. It’s a good change because it makes the connection easier to manage. Even so, you might still need to use PowerShell to manage the membership of the group, especially if you want to add multiple people to the group at one time.

Azure Active Directory Feature Bans Custom Words from User Passwords

Making sure that Office 365 user (and administrator) accounts have good passwords is a never-ending task. A new preview feature in Azure Active Directory helps by ensuring that users can’t include common words specific to the organization (like its name) in a password. It’s another piece in the puzzle to frustrate potential attackers.

“Unable to discover PowerShell endpoint URI” when using MFA with Skype Online

Grrr. It’s been that kind of day. While chasing a Teams bug (about which more another time, once I have a consistent repro case), I needed to log on to Skype Online PowerShell. We use the Azure baseline policy that forces MFA for all admin accounts in our tenant; I just updated Chapter 3 of …

How to Remove a Feature from an Office 365 Plan with PowerShell

Need a script to turn off sub-options in Office 365 plans like the one that controls Microsoft Teams? Here’s a Petri.com article that explains how to do it with the Microsoft Online Services PowerShell module.

Losing the Last Name, First Name Legacy

Office 365 Gravtar

A recent post by MVP Mark Vale describes how to use synchronization transformation rules in AADConnect to change the last name, first name format (for example, Smith, James) for display names to a more user-friendly first name last name format (our example becomes James Smith) for accounts as they synchronize to Azure Active Directory from an …