Add Participants to Teams Group Chats with @Mentions

A new feature allows people to add participants to Teams group chats through @mentions in the compose box. It’s a nice feature that should have been there a long time ago. Microsoft says that adding new group chat participants this way saves a whole two clicks over the old way. Will those two clicks make any difference to you?

Checking the Release of Quarantined Messages

On the surface, it seems easy to report when someone releases a quarantined message. As it turns out, things aren’t quite as easy as it first seems. Audit events are available in the unified audit log, but they don’t tell the full story. But by putting that data together with information about messages in quarantine, we can create a composite view that’s closer to what’s needed.

Running Exchange Online Historical Message Traces for Sets of Mailboxes

A question was asked about the best way to find out if shared mailboxes received email from certain domains over the past 60 days. Exchange Online historical message traces can extract trace data to allow us to check, but the process of running the message trace and then analyzing the data is just a little disconnected.

Reporting Distribution List Membership with the Microsoft Graph PowerShell SDK

Microsoft will deprecate the Azure AD and MSOL PowerShell modules in June 2023. It’s time to convert scripts that use cmdlets from these modules and the Microsoft Graph PowerShell SDK is probably the best answer. This article explains how to generate a report of Exchange Online distribution list memberships, a task often handled in the past with Azure AD cmdlets.

Adding New Azure AD Users to Groups Automatically

Several methods exist to add new user accounts to groups automatically. Dynamic group membership is an obvious option, but other choices exist, including org-wide teams (if your organization is under 10,000 accounts) and using PowerShell to manage the automatic addition of new members to a standard distribution list or Microsoft 365 group. This article examines the various methods. Once you understand what’s possible, you can make the right choice.

Teams Feedback Policy Controls the Suggest a Feature Option

A new setting in the Teams feedback policy controls the display of the Suggest a Feature option in the Teams help menu. It’s up to an organization to decide how they want users to communicate with Microsoft. The Teams feedback policy gives that control, if you want to use it.

Office 365 for IT Pros December 2022 Update Available

Office 365 for IT Pros

The December 2022 update for the Office 365 for IT Pros (2023 edition) eBook is now available for subscribers to download. As always, monthly update #90 contains a mixture of additions, updates, and deletions of information about the Microsoft 365 Office workloads, Azure AD, and PowerShell. There’s lots of good stuff for people to read — all 1,320 pages.

No Way Back to Exchange Server for Auto-Expanding Archives

Microsoft is introducing a block to stop customers attempting to move auto-expanding archives to Exchange Server. No very of the on-premises server has ever supported auto-expanding archives, so it’s reasonable to have a block. It’s still possible to move a primary mailbox back to Exchange Server, but its auto-expanding archive must stay in the cloud. It’s a good factor to take into account if an organization plans to use auto-expanding archives in the future.

The Fuss About the Azure AD Tenant Creation Setting

A fuss erupted about the Azure AD admin center setting to control Azure AD tenant creation by users. Allowing people to have their own tenant can be a good thing, especially for developers who want to have a tenant as a sandbox to test code in. In this article, we discuss what the control is, what it does, and how to set it with PowerShell.

Microsoft’s Cloud Email Signatures Solve a Problem for Outlook

Microsoft says that the roaming (or cloud) email signatures feature is now fully deployed. The new approach solves an Outlook problem, but it’s not a universal panacea for the management of email signatures within large organizations where you want consistency in the signatures used by everyone. You’ll need an ISV solution to get that kind of functionality.

The Role of SharePoint Online in Microsoft 365

SharePoint Online is a critical piece of the Microsoft 365 ecosystem. Its document management service is consumed by many apps like Teams, Yammer, and Planner. OneDrive for Business, the personal side of SharePoint Online, also contributes to SharePoint’s success with components like the synchronization client. Without SharePoint Online, Microsoft 365 would be a very different offering and a worse platform to work with.

How to Pause Membership Processing for Azure AD Dynamic Group Membership

The Azure AD admin center now includes the option to pause processing for the membership query for an Azure AD dynamic group. This article reviews how the new feature works and what it might be used for, including a PowerShell script to report the membership processing status of all Azure AD dynamic groups.

How to Use (and Disable) the Teams Games for Work App

Microsoft has released the Teams Games for Work app to enterprise and education tenants. The intention is to bring people together through game play. The technology in the game isn’t very different to anything we’ve seen before and the games are OK, even if it’s slightly weird to play them in a Teams meeting. The question is, is an app like Games for Work needed? If not, it’s easy to block the app.

Yammer Adds Stories to Storyline

Yammer stories are an extension of the previously announced storyline feature. A story is a short photo or video snippet to update other people about an event, happening, or other news. You can create stories through the Yammer apps or Viva Engage in Teams. Creating stories is easy and the interaction is smooth. The question for an enterprise is how best to use this new capability,

Microsoft 365 Change Notifications Get Relevance Indicator

Microsoft 365 message center notifications now boast a “relevance recommendation.” This is a visual marker computed by Microsoft based on aspects of the change. It’s intended as a way to highlight important changes so that administrators can dedicate more time to understanding the impact of these changes on their tenants. Sometimes the recommendation isn’t perfect, but you can tell Microsoft what you think and go ahead with your own assessment of how important any individual change really is.

Teams Allows Users to Delete Chats

The Teams Delete chat option allows people to remove chats from their chat list. It’s a nice way to restore some order to a list that can be very cluttered with long-dead chats. Some subtle differences exist between leaving a chat and deleting a chat that you might need to explain to users before deploying the feature, which is controlled by a setting in the Teams messaging policy.

Analyzing the Use of Sensitivity Labels without the Activity Explorer

The unified audit log contains records generated when users and applications apply sensitivity labels to emails and documents. This article explains how to use PowerShell to retrieve the data and create a report to help tenant administrators understand the usage of sensitivity labels.

Outlook Groups Support for Folders and Rules

Outlook Groups now boast support for folders and rules. In other words, group owners and members (if allowed) can create new folders and move and copy items from the inbox to those folders. They can also create rules to process inbound email arriving into the group inbox. It’s all well and good, but there are a few points to understand about how things work.

Using PowerShell to Manage Azure AD Custom Security Attributes

Azure AD custom security attributes can mark user and service principal objects for special processing, which is how the app filter for conditional access policies works. It’s nice to be able to interact with data through PowerShell and the Microsoft Graph PowerShell SDK cmdlets support setting, updating, and retrieval of Azure AD custom security attributes. Everything works, but it’s a pity that it’s a little clunky.

Creating a Teams Directory with PowerShell

Microsoft Teams doesn’t come with a Teams Directory, so it’s hard to know if a suitable team already exists when people ask for a new team. This fact contributions to teams sprawl where multiple teams exist to serve the same purpose. Teams sprawl creates an obstacle to effective collaboration and runs the danger that some important information is tucked away inside teams that no one ever goes near. Creating a Teams Directory helps team owners and users know what teams already exist inside a tenant. It’s an idea that just makes sense.

Use the Audit Log to Monitor Membership Changes in Selected Microsoft 365 Groups

A reader asks how to monitor membership changes for some specific high-profile groups. You can buy a commercial product to do the job or use PowerShell to exploit the information held in the Office 365 audit log. A combination of a custom attribute assigned to the sensitive groups and an audit log search does the job.

Exchange Online Mail Flow Rules Move to New EAC

Microsoft is moving the creation and management of mail flow rules to the new EAC from November. The UX in the legacy EAC should disappear in December 2022. The new UX is prettier and works better (apart from the rule wizard), but it’s a little disappointing that we have essentially the same way of managing mail flow rules in 2022 as we had in 2006. You can only hope that things might improve in the future.

Microsoft Launching New Teams Webinars Experience

Message center notification MC454809 announces that Microsoft will deploy a new Teams Webinars experience to tenants at the end of November with worldwide availability complete in early December. The new Teams Webinars experience is based on customer feedback and addresses issues like branding, registration control, and scalability. A new Teams events policy is available to control who can create webinars.

Microsoft Dumps Bulk Distribution List Migration to Microsoft 365 Groups in Legacy EAC

A November 3 announcement says that Microsoft will deprecate the bulk distribution list migration feature in the legacy EAC on February 1, 2023. Although no one will probably be surprised by the news, it’s disappointing that all Microsoft can suggest is a manual conversion process for those who want to move (simple) distribution lists to Microsoft 365 groups. Is it too much to ask to have a PowerShell script to do the job?

Upgrade of Teams Policy Cmdlets Enables Use in Azure Automation

This article explains how to make Teams policy assignments using an Azure Automation runbook and some of the modernized cmdlets available in the Teams PowerShell module. Not everything worked as smoothly as we’d like, but like most PowerShell scenarios, there’s usually a workaround available to get the job done. It just needs to be found.

Running Exchange Online Historical Message Traces

Exchange Online historical searches are the way to retrieve message trace information that’s older than 10 days (but less than 90 days). You might not have to run historical searches very often, but when you need to, you’ll be glad that the facility exists.

Office 365 for IT Pros November 2022 Update Available

Office 365 for IT Pros

The 89th monthly update for the Office 365 for IT Pros eBook has been released for subscribers to download. The November 2022 update contains the normal mixture of new features, updates to existing features, corrections and clarifications, and all the other stuff that happens to keep the world’s best book covering Office 365 as up-to-date and technically accurate as we can make it.

Azure AD Conditional Access Policies Get App Filter

Azure AD conditional access policies can now use an app filter based on custom security attributes to restrict access to specific apps. It’s a neat idea that should be popular in larger enterprises where the need exists to manage large numbers of apps. In other news, the Graph X-Ray tool is available in the Windows Store and a neat cmd.ms tool is available to provide shortcuts to Microsoft 365 sites.

Microsoft Cloud Revenues Slow Slightly in FY23 Q1 Results

Microsoft Cloud revenues reached $25.7 billion in Microsoft’s FY23 Q1 results. That sounds good, but it’s a slowing over the rate seen in previous quarters. It might be the case that the size of the installed base is not growing as quickly as it once did, but Microsoft is making sure that it extracts as much revenue as it can from its cloud customers. That’s a trend you can expect to continue

Azure AD Conditional Access Policies Add Check for External User Types

Azure AD conditional access policies can exert fine-grained control over the type of external users who can connect and what tenants they belong to. The new capability works especially well alongside Azure B2B Collaboration (guest users) and Azure B2B Direct Connect (used by Teams shared channels). It’s yet another way to impose control over who you allow to connect to your tenant.

Microsoft Hardens Authenticator App to Prevent MFA Fatigue

Microsoft has made number matching and additional context generally available for its Authenticator app. The new capabilities help users to avoid MFA fatigue. In other words, instead of being challenged with a simple request to approve a sign-in, users must respond by entering a number selected by Azure AD. At the same time, Authenticator can display additional information, such as where the sign-in originated from. It all helps to make Authenticator a more secure way of approving user sign-ins.

Migrating from Stream Classic to Stream for SharePoint

Microsoft has released the preview version of the Stream migration tool to move videos from Stream classic to Stream on SharePoint. The tool uses the same Mover technology as employed to migrate data from other repositories to SharePoint Online. Generally, it works well. The big decisions are all around what content to move and what can be left behind.

Outlook Reactions to Respond to Email

Users will soon have the option to use Outlook reactions to respond to emails received from people inside the same tenant (well, it also works with some other tenants). It’s the same kind of feature that already exists in Yammer and Teams, but whether this kind of response works with email remains to be seen. It’s a cultural thing!

Outlook and Teams Premium Both Claim Sensitivity Label and Meeting Recap Features

The new Teams Premium product ($10/.user/month) and Outlook both claim that they will support sensitivity labels and a meeting recap. That’s confusing, especially if Outlook delivers the features at no cost. However, when you look into the matter a little deeper, it’s obvious that what Teams Premium will deliver is very different to what you can expect to see in Outlook. All of which proves why it’s important to read announcements carefully and put them into context with what you already know about how products work.

Report SSPR Status for Azure AD Accounts

In most situations, it’s a good idea to enable Azure AD accounts for SSPR (self-service password reset) to avoid the need for administrators to update user accounts when things go wrong. This article explains how to report accounts that are not yet set up to use SSPR. It’s a check that should happen regularly, perhaps with the aid of Azure Automation.

Assigning Permissions to Azure AD Apps to Use the Microsoft Teams PowerShell Module

Before an app or an Azure Automation account can use the Teams PowerShell cmdlets in a script or runbook, it must have the permission to act as an administrator. In this article, we cover how to assign the necessary role to a service principal.

Updating Microsoft 365 User Accounts to use a New Domain

A reader asked how to update user email addresses and UPNs. As it turns out, this is not a very difficult technical challenge. The problem lies in the aftermath. It’s easy to update the primary SMTP address for a mail-enabled object or assign a new user principal name to an Azure AD account. Then problems might come into view, like needing to adjust the Microsoft Authenticator app to make MFA challenges work for the new UPN.

Researchers Worry About Office 365 Message Encryption

An October 14 report says that Office 365 Message Encryption shouldn’t be used because its encryption scheme might reveal email content. Well, that might be the case if an attacker can hijack connectivity from Office 365 to another email service. But the relatively low levels of OME usage and the difficulty of acquiring enough email to understand message structure makes this a less than practical attack in the wild.