The Office 365 audit log is packed full of information about what happens inside workloads. New events show up all the time. The question is how to understand what actions these events relate to. We outline a simple procedure to discover the presence of new audit events and dive into the investigation of an event called Consent to application, which is pretty important in the context of recent high-profile attacks.
The February 2021 update for the Office 365 for IT Pros eBook is now available for subscribers to download. Office 365 for IT Pros is the only book with monthly updates covering the Office components of the Microsoft 365 ecosystem. Subscribers to the 2021 edition can now download updates PDF and EPUB files from Gumroad.com.
Microsoft released their FY21 Q2 results on Tuesday. Buried in the details were several nuggets relating to Office 365.. Here are the interesting bits including some detail on the penetration of Teams into large organizations and a new number for Azure AD users.
Teams Data Loss Prevention (DLP) policies help to stop users sharing confidential information through chats and channel conversations. A recent update means that accounts to be included or excluded in DLP policies can be specified using distribution lists or mail-enabled security groups. While this doesn’t sound very exciting, it is if you need to deploy DLP policies to targeted sets of Teams users.
Feb 24 2021 Update: The picker used for OneDrive for Business accounts will support distribution lists and security groups in March.
Need a PowerShell script to do something with Office 365? You might find a script or at least an idea – in the Office 365 for IT Pros GitHub Repository. We have created over 80 scripts as examples and demonstrations of how to get stuff done in an Office 365 tenant with PowerShell. You’re welcome to use anything in the repository and especially welcome to fix our bugs.
All services suffer outages or incidents. The Service Communications API allow Office 365 tenants to retrieve information about incidents programmatically and report details in whatever way they want. In this post, we show how to use PowerShell to fetch service messages with the API and filter for recent incidents. After that, it’s just a matter of presenting the details.
The January 2021 update is available for Office 365 for IT Pros, the only eBook about Microsoft’s cloud Office service that’s updated monthly. Twenty-one of the 24 content chapters are updated as change keeps on happening in Exchange Online, SharePoint Online, Teams, Planner, Stream, Azure AD, and more.
It’s easy to create a custom theme for the Office 365 browser apps (except Teams, which does its own thing). All you need is a corporate logo, some colors, and perhaps a sense of how colors go together. You can also block users from selecting from the default set of themes that come along with Office 365, an action that might just remove some light from some peoples’ lives.
Microsoft is changing the default setting for guest access to Teams from Off to On. This won’t affect tenants already using Teams, but it’s a good opportunity to review how guest access is used in tenants and consider whether existing guest accounts are needed or can be removed. This post offers some ideas about using policies to control guests and how to check what these accounts are used for.
The data used for Microsoft 365 usage reports comes from the Microsoft Graph. You can anonymize the data to replace references to user, group, and site names with system-generated values to protect user privacy. This works, but it reduces the usefulness of the reports by a large degree, so you should be prepared to switch to show full user data sometimes.
Many Microsoft 365 features depend on accurate user account data in Entra ID (Azure AD). Here’s how to use PowerShell to track down accounts with important missing properties. Once you know which accounts need to be updated, it’s easy to insert the missing properties. Boring, but easy…
When you use an Office 365 content search to find items, the results from Exchange Online might include some encrypted attachments. A change means that the attachments can now be decrypted to make it easier for investigators to review the information. It’s a small but important change, just like the update to Edge which stops ClickOnce programs running unless an Edge setting is enabled. All good, clean, honest fun.
An update to the Teams Windows and Mac clients introduces automatic noise suppression for Teams meetings. You can tune suppression up or down to reflect your environment. The feature works by analyzing the audio feed from the microphone used in a meeting and removing unwanted noise. The more suppression is done, the more resources are used, so this is something to keep an eye on.
Microsoft has made Endpoint DLP generally available. Leveraging Windows 10 workstations and the Edge browser, Endpoint DLP sends signals for evaluation to detect possible violations. The solution requires Microsoft 365 licenses and only supports Windows, so it’s not for every tenant. But those who have Microsoft 365 licenses will find this an attractive solution.
Project Moca is a new Office 365 personal productivity app which doesn’t have a mobile app. It’s hard to be productive if you can’t be when mobile. Which is why To Do allows people to capture thoughts. A workaround of sorts is available through To Do tasks. Whether this is enough for you to switch to Moca is debatable.
Microsoft has updated the Exchange Online outbound spam filter policy to stop automatic forwarding of email from user mailboxes. The change is now effective with the default set to block automatic forwarding. You can create a custom policy and apply it to selected mailboxes and distribution lists if they need to forward email.
Together Mode is a more immersive way to present participants in a Teams meeting. The original theater scene is being augmented with new scenes including boardrooms (suitable for small meetings) and amphitheaters (for large meetings). At the same time, the view used for Teams meeting recordings is changing from 2×2 to 3×3.
Quest has acquired Quadrotech to add to their portfolio of Office 365 applications designed to help organizations get date into the cloud and manage it when it’s there. Recent Quest acquisitions of Metalogix, Binary Tree, and now Quadrotech give it a bunch of technology, notably in the area of tenant-to-tenant migrations.
Unlike email systems, Microsoft Teams doesn’t support user delegation, or assigning the right for someone to act on behafl of someone else. Here’s how to workaround some of the issues involved in helping managers and their assistants work effectively together, including personal chat, channel messages, and scheduling calendar meetings.
The Teams Windows and MacOS desktop clients will soon allow users to add a personal account to the set of Office 365 tenants they connect to. A great deal of excitement ensued after people saw Microsoft 365 roadmap item 68845 and assumed this meant that Teams would support connections with multiple work accounts. The ability to add more than one work account to your Teams profile isn’t available now as the update is to support connectivity to Teams at home (personal), but support for multiple work accounts is coming in the future.
Microsoft is rolling out an update to remove the Everyone Except External Users (EEEU) permission from OneDrive for Business accounts created before August 1. They’re also doing a permissions reset of lists created in those accounts, meaning that some folks might lose access to lists. It’s hard to know how much impact this will have on Office 365 tenants, but it’s probably a good ideas to ask.
Outlook Mobile synchronizes contacts from Exchange Online to iOS. Sometimes errors happen and duplicate contacts result. It’s easy to resolve the problem by forcing a complete resynchronization of contacts to rebuild what’s on the iOS device.
Over time, you might join several Office 365 tenants as a guest. Some of those Azure AD guest accounts probably won’t be needed forever and you want to clean them up. This is easy for individuals to do through their MyAccount page, which might just be a page that they never knew existed.
The November 2020 update for the world’s best Office 365 book is available. Subscribers to Office 365 for IT Pros can now download updated files. The companion volume has also been updated. Full details of the updates to 222 chapters can be found in the Office 365 for IT Pros change log.
The Teams Meeting add-in for Outlook schedules online private Teams meetings. A recent update for Outlook for Windows allows meeting settings to be changed. It’s a logical and useful update to allow people who prefer to work in Outlook to maintain their meetings without needing to go to the Teams calendar app.
A crude phishing attempt based on voicemail notifications from a VoIP service arrived in mailboxes. It’s easy for experienced users to pick up signs to stay away, but the unwary can be trapped. Report samples of phishing attempts to Microsoft to make Exchange Online Protection better and keep on educating users.
Microsoft’s FY21 Q3 results told us that Teams now has 115 million users, a 53% uptick since April. Office 365 keeps on growing in numbers, revenue, and profit. While growth might be slowing, there’s still a ton of accounts to be moved to the cloud, where they’ll probably end up as Teams users.
An unfortunate problem in the Office 365 Planner app allows external recipients to be added to to email so that they receive and see comments posted for tasks. Although this doesn’t sound like such a big problem, it is because it can lead to confidential information leaking outside the organization in an uncontrollable manner. Microsoft support says that Planner is working by design. We don’t believe that this could possibly be the case.
Office 365 Message Encryption (OME) allows OWA users to revoke some messages after they are delivered to recipients. But if the message goes to Office 365 or Outlook.com, you can’t revoke it. And there’s the slight matter of needing an Office 365 E5 license too. Even so, it’s still nice to be able to revoke messages if they go to the wrong place.
Site Mailboxes were the face of Microsoft collaboration at one time. But that’s long in the past and it’s time for these archaic mailboxes to be dispatched. Microsoft will retire them from Office 365 in April 2021, probably two years after they passed their best-by date. I tried to clean up my tenant and failed utterly, so I’m leaving the mess for Microsoft to sort out.
Teams notifications can now be handled by Windows and macOS, and you can get better privacy by disabling message preview in the notifications, including on Teams mobile clients. The privacy updates are available now and support for the native OS notifications in both Windows and macOS should be available in mid-November.
Teams depends on Microsoft 365 groups. You can add groups as meeting attendees and expect that members of those groups will receive meeting invitations. But they won’t unless you update group settings to force Office 365 to send invitations to all members. The job is easily done with PowerShell, and we show how in this post.
In an update posted to Teams User Voice, Microsoft said that they had enabled offline capabilities for messaging with access to recent chats and channel conversations. This is good, but the problem is that Teams is much more than chats and offline access remains problematic for many of the components people access through Teams. Until all apps support offline access, functionality will remain limited.
Among some interesting statistics offered at the Ignite 2020 conference, we learned that 79% of Microsoft 365 groups successfully auto-renewed because of their activity. That leaves 21% of groups which didn’t meet the bar to be automatically renewed. Only groups within the scope of an expiration policy are included, but even so millions of groups weren’t renewed. Is that a problem?
Microsoft says that the new EAC is ready to use. While we don’t deny the fact, we think some of the magic that existed in previous portals has gone. PowerShell is replaced by the Graph as the foundation for the EAC. Progress happens, but it’s sad when a feature like command logging is left in the mists of the past.
Without saying anything, Microsoft changed where Microsoft 365 stores Teams compliance records in user and group mailboxes. The logic behind the change is impeccable even if it will cause PowerShell scripts to break. In addition, any ISV claiming to backup Teams by copying compliance records has some work to do.
The latest build of the Microsoft Teams desktop and browser clients include the ability for users to see the essential details of calendar events through a “peek.” Single clicking on an event exposes the most commonly used information and some command buttons. It’s a quick and easy way to find out what you need to know about an event. Also, Teams has finally shipped two features announced in June and July, examples of how things sometimes get delayed for different reasons.
The latest update for the Teams admin center includes the ability to manage the permissions used by third-party apps to access data via the Microsoft Graph. The updates also include the ability to manage resource specific consent (RSC) for Teams apps. While third-party apps ate the obvious target, LOB apps created by tenants are managed in the same way.
Teams is introducing a new Offline presence status this month to allow users to continue working while appearing unavailable and uncontactable to coworkers. The new status behaves differently to the Do Not Disturb presence, which gives coworkers some hope that you’ll soon be online and available.
The Office 365 audit log is a great source of information about what happens inside a Office 365 tenant. Searching the audit log takes practice, but it turns up lots of insight. This article covers how to use the ObjectIds and FreeText parameters to find information about what happens to an object,