A new feature allows administrators to block the ability of anonymous participants to send chats during Teams meetings. They can still read chats, but can’t send messages. Microsoft calls this write access to chat, which I guess it is. In other news, the new browser interface for Teams meetings is arriving in tenants and it’s much better than the old one.
A new setting in Teams meeting policies allows administrators to control the languages used to generate Teams meeting invitations. The policy setting takes precedence over the language used by the user who creates a new Teams meeting. You can select up to two languages.
An update for SharePoint Online and OneDrive for Business means that the Office desktop apps (Windows and macOS) will apply default sensitivity labels to documents that aren’t already labeled. This is a good change because it helps to close a gap for organizations that want to be sure that every document is labeled.
The GUI of the Microsoft Purview compliance center doesn’t support the exclusion of selected mailboxes when the special All target is used. However, you can use PowerShell to add mailbox exclusions to sensitivity label policies, including adding the members of a group as exclusions.
Some recent announcements will make it much easier to work with PDFs protected with sensitivity labels. Adobe is now bundling the MIP plug-in with the Acrobat installer and has plans to allow users to apply sensitivity labels within Acrobat. But the big news is the change in Office applications to generate protected PDFs when saving, exporting, or sharing protected documents, spreadsheets, and presentations.
The new Stream client contains some useful new features. However, the client is still in preview and is missing other features, like the ability to manage sets of videos through Microsoft 365 groups. Even so, there’s enough available now to demonstrate the wisdom of moving to the ODSP platform for video storage and management.
Message center notification MC392289 highlights the need to keep the .NET Framework and the Edge WebView2 components updated to make sure that the Teams meeting add-in works with “degradation.” No further information is offered as to why Microsoft needs to sound this warning several years after introducing the Teams meeting add-in.
It’s easy to create a Teams meeting from Outlook, but it’s also easy to create a Teams meeting in the wrong calendar. This can lead to the “message of doom” when you try to connect to the meeting and end up in the Teams meeting lobby with nowhere to go. Apart from being careful about which calendar a meeting is created in, it’s a good idea to add an organization logo to Teams meeting invites so that if you create the meeting when signed into the wrong organization, you’ll get a visual clue.
A new SharePoint Online setting allows tenants to switch the target for the Stream tile in the app launcher to the new Stream. The intention to is have users become accustomed to the features of the new GUI and the way that Stream can manage video content anywhere inside Microsoft 365. The downside is that migration from Classic Stream isn’t available yet. It’s coming, just like Christmas.
Microsoft Teams users can use the chat with self feature to create a special chat designed to take notes and capture other information someone might want. It’s similar to features that exist in other messaging platforms, so it’s likely that the Teams chat with self capability will be well-accepted by users, especially those with secrets to share with themselves.
For whatever reason, Microsoft documentation says that items in the OneDrive for Business recycle bin are not indexed and cannot be discovered. They’re wrong. Searches can find items which end up the in OneDrive for Business recycle bin and any holds that applied to those items are respected. Maybe it’s just a matter of phrasing, but this proves once again that documentation can be incorrect. Just like blog posts!
Microsoft is introducing new controls for delegate access to encrypted emails accessed via Outlook clients other than Outlook for Windows. The controls are implemented in three new PowerShell cmdlets which can block, validate, and allow delegate access to encrypted messages. It’s nice to see some coherence being introduced for almost all the Outlook clients, even if Outlook for Windows does its own thing.
A new preview feature supports the creation of dynamic Azure AD groups based on the membership of other groups, including dynamic groups and distribution lists (aka nested groups). It’s a nice feature that adds value, even if dynamic groups require Azure AD Premium P1 licenses.
The Azure AD PowerShell module allows guest accounts to sign into target tenants and update their account photo there. The Microsoft Graph PowerShell SDK includes a cmdlet to do the job, but it doesn’t work when connected to a target tenant. Permissions are the reason why, which is what we explain in this article.
Despite the advent of shared channels in Teams and the wonders of Azure AD Direct Connect, the chances are that Azure AD B2B Collaboration (Azure AD guest accounts) will remain the predominant method for external collaboration for the immediate future. That’s not so bad, as long as you maintain good guest hygiene!
Microsoft will soon make an update available for Purview Premium eDiscovery to reveal Teams reactions to chats and channel conversations when investigators review the results of searches. The information comes from Teams rather than the compliance records stored in Exchange Online. The new feature isn’t coming to Standard eDiscovery.
The Microsoft 365 substrate captures Teams compliance records for chats and channel conversations and stores them in Exchange Online. How many do you have? Although you might not care, sometimes it’s good to know (like a tenant to tenant migration), so we explain how to count Teams compliance records for chats and channel conversations.
The Office 365 for IT Pros team is delighted to announce that the June 2022 update is now available for subscribers to download. this is update #84 in a series going back to May 2015. A new edition is on its way and will be released on July 1.
Exchange Online tenants have a choice between inactive mailboxes and shared mailboxes when the need arises to keep “leaver” data like that belonging to ex-employees. Inactive mailboxes are essentially a compliance tool and sometimes shared mailboxes are better choices. We explore both in this short article.
The Teams platform is an attractive target for developers, especially now that Microsoft supports monetization opportunities for Teams apps. In other words, ISVs can make money by selling licenses for their apps or through in-app purchases. That’s a good thing from an ISV perspective, but it’s yet another factor for administrators to factor in when deciding to unblock apps for users.
A new feature allows Teams users to request access to Teams Store apps that are currently blocked. Administrators review requests and decide to release or continue blocking the app. Microsoft says that seamless communication happens between users and administrators. That’s not what I experienced…
Teams supports external access through guest account membership in teams and external sharing of shared channels. Sometimes, things go wrong and sharing can’t happen. In this article, we explore some common reasons and explain the solutions. And the need for patience!
Outlook’s Org Explorer (available in Insider builds) brings together information from multiple Microsoft 365 sources to help users understand the people they work with in an organization. It’s like an Office 365 profile card on steroids, but only for user accounts as guest accounts and other external people are ignored. In other news, roaming signatures for Outlook desktop are getting closer as OWA now supports the creation and use of multiple web signatures, all of which can be used by Outlook desktop.
The new Graph X-Ray extension available for the Chrome and Edge browsers gives developers an insight into how the Azure AD admin center uses Graph API commands to retrieve user and group objects. The insight is invaluable when teasing out some of the syntax needed to get work done with the Graph. It’s much appreciated.
On May 19, Microsoft disclosed that a problem had stopped audit events being generated when people used the Exchange SendAs and SendOnBehalfOf permissions to send email for other mailboxes. Microsoft says that the problem is now fixed, but as it turns out, some issues still exist with capturing audit records for SendAs events.
A reader asked if it’s possible to use PowerShell to return the unread count for the Inbox folder in user mailboxes. The standard Exchange Online PowerShell cmdlets tell you a lot about mailbox folder statistics, but they can’t look inside a folder. But the Microsoft Graph APIs can, so a combination of PowerShell and the Graph deliver a solution to the problem.
The upcoming removal of support for basic authentication in seven Exchange Online connectivity protocols could mean trouble for some Office 365 tenants if they don’t take care to ensure that modern authentication is used for PowerShell connections. The old-style Remote PowerShell connection must be replaced with the Connect-ExchangeOnline cmdlet from the Exchange Online management module (aka the V2 module). Apart from anything else, this should improve the performance and robustness of scripts, especially after Microsoft finishes the work to remove the WinRM dependency for older cmdlets.
A new feature for Azure AD access reviews allows Microsoft 365 tenants to check for inactive guest accounts in group memberships. It’s useful functionality if your Microsoft 365 groups are used for Teams rather than Outlook groups. Email activity is ignored by these access reviews, so all guest members are deemed to be inactive!
A recent session at the Microsoft 365 conference offered some insight about the growth of SharePoint Online in both storage and sites. Adding 100 petabytes of storage monthly is a lot of data, but about a third of it could be consumed by Teams meeting recordings. And the 8 million sites created each month is large, but maybe not so big when you consider the reasons why Microsoft 365 tenants create sites. Teams, including private and shared channels, drives a lot of the growth in sites.
Two new features are available to Teams users. The Teams Owners automatic grouping (tag) allows users to address channel messages to the owners of a team (but not in private or shared channels),. Teams desktop clients catch up with their mobile counterparts by supporting suggested replies in 1:1 chats. Neither are particularly earthshattering features, but both are useful in their own way.
Microsoft Loop components are available now in Teams chats and will soon become available in OWA. Loop components are a new way of collaborative working that some will find very attractive. However, under the covers, some compliance issues can block organizations from allowing the use of Loop components. This post explains the issues involved in eDiscovery and export of items containing Loop components.
The Exchange Online name change for mailboxes will roll out at the end of May, 2022. The change only applies to new mailboxes, but its introduction creates some interesting challenges for PowerShell scripts that process mail-enabled objects, including some good side-effects. In this post, we discuss some of the issues we’ve already encountered.
The ImportExcel PowerShell module is a useful addition to any Microsoft 365 tenant administrator’s toolbox. Although standard cmdlets exist to interact with spreadsheet data, they are limited to CSV files and can’t exploit the full power of Excel in the way that ImportExcel can do, all without needing to install the Excel application on a workstation.
A leaked build of Project Monarch’s “One Outlook” client created some excitement last week, but when you examine the details of the client and what it can do, it’s really just a prettier version of OWA for Exchange Online. That doesn’t mean that Microsoft hasn’t done a bunch of software engineering to prepare the ground to accelerate progress toward the final client. Microsoft has also provided a way to block people using the client, with promise of an official beta soon.
October 1, 2022, is when Microsoft begins the final process of removing support for basic authentication for 7 email connection protocols from Exchange Online. The process will take several months to complete, and when it’s done, Office 365 will be a safer place that attackers will find more difficult to penetrate. But it’s time for tenants to prepare, if you haven’t already done so, and we highlight some critical points from Microsoft’s most recent post on this topic.
Outlook users have been able to see LinkedIn profile information for several years. Now Teams chat has the same kind of LinkedIn connection to expose profile information of people you chat with. Because Teams is more internally-focused than email is, the integration might be less useful than it is in Outlook. Then again, you might need to find out some information about people you work with!
A new control in the SharePoint Online configuration is available to enable or disable Microsoft Loop components in Microsoft 365 apps, just in time for their introduction in OWA and Outlook for Windows. However, before we get all excited, there are some important issues with loop components when exported in eDiscovery search results that might make tenant administrators ponder. Just a tad…
A new capability is available for users to post comments to Microsoft Stream videos stored in OneDrive for Business and SharePoint Online. By itself, this doesn’t sound like a great feature to have, but it means that Stream video and audio files are treated in the same way as other Office formats, and it delivers a feature available in other video platforms like YouTube and Facebook.
The Office 365 for IT Pros team is delighted to announce the availability of the May 2022 update. Subscribers can download the updated files from Gumroad.com or Amazon. Among the many improvements made this month was a big effort to remove typos and grammatical errors using Grammarly. This worked well, as long as sensitivity labels didn’t get in the way.