The only always up-to-date book about Office 365
The April 2021 update for the Office 365 for IT Pros eBook is available for download by the book’s subscribers. Every chapter received updates in April, making this month’s update the broadest revision we have ever delivered. It all underlines the amount of change which occurs within Office 365 and why a book that’s republished monthly is so valuable.
Backup vendors say you should definitely use their products to protect your valuable Microsoft 365 data. Backup products can do a good job, but the nature of Microsoft 365 creates many challenges at a technical level. A lack of APIs is the most fundamental issue, but the connected nature of Microsoft 365 apps is another.
Organizations can choose to control updates of user photos by policy in their Office 365 tenants or allow users to go ahead and use any image they like. In this article, we explore the value of having a user photo for every Office 365 account (and Teams and Groups too) and the choices organizations must make when they decide whether to control user-driven updates.
Users of the Teams mobile clients can now choose background images for their meetings, including custom backgrounds from their device’s camera roll. The implementation works well as long as the image you want is in your camera roll. Not being able to browse other repositories is a small gripe about a feature that many users will welcome.
Supporters of the Bing search engine will be delighted that Microsoft 365 can link Azure AD accounts to to personal accounts to accrue Microsoft Rewards. A tenant org-wide setting is available to control the feature. Whether this is enough to convince organizations and individual users to switch allegiance to Bing from another search engine is debatable.
Microsoft’s One Outlook program aims to rationalize the current client set. The Edge WebView2 component allows Outlook desktop to reuse OWA features, which is why Microsoft now distributes WebView2 with the Microsoft 365 apps for enterprise (desktop apps). We’re now seeing signs of reuse with an obvious example being the appearance of OWA’s room finder in Outlook for Windows.
Teams meetings include a neat Private Preview feature to allow users to see what their video feed will look like if they enable their camera. All good, except that a strange blog post feels that user privacy might be compromised. In my opinion, that view is a load of rubbish. Private Preview is a very worthwhile feature and a little training can make sure that no one is ever surprised by their video geed appearing unexpectedly in a Teams meeting.
A new phishing attack is circulating from an Office 365 tenant. The attack attempts to lure recipients into clicking a link to download a document. The phishing email is not quite as crude as other attempts and might lure users into doing the wrong thing, especially as the message is delivered to inboxes.
Teams Live Events now support anonymous external presenters, defined as people who don’t have Azure AD or MSA accounts. It’s a useful change because many large public meetings (the natural ground for Live Events) involve external presenters brought in because of their expertise in the meeting topic. The update is rolling out in April 2021.
Teams breakout rooms are a popular method to split meetings into smaller discussion groups. Microsoft has improved how breakout rooms work, notably by adding a countdown timer. The settings for breakout rooms and the assignment of users across rooms now persist across sessions. These small but important improvements reduce the friction of running meetings with breakouts.
Microsoft has refreshed the Send to Teams option in Outlook for Windows, OWA, and Outlook for Mac. You might not notice the change, but it’s a little faster and works better. Software engineering changes like this happen all the time in the cloud to speed up performance and improve reliability. We keep an eye on stuff like this to make sure that we understand what’s happening across Microsoft 365. It’s just what we do…
PowerShell pros know the secrets of typed variables and why this matters when cmdlets return data, but some of us have been doing things wrong for years. Which is why I spent a couple of hours contemplating the differences between typed and untyped variables when handling items returned by cmdlets. They say that old dogs can’t learn new tricks. I beg to differ…
The Microsoft 365 admin center UI to manage group memberships might look pretty, but it’s not as functional as it could or should be, especially for large groups. The lack of search, sorting, and filtering capabilities is OK when a group has fewer than 50 members, but once past that number these features matter. It’s time for some TLC for group management.
Microsoft plans to push ads for Teams for personal life into the activity feed of Teams mobile clients used by enterprise accounts. It’s a daft idea. Unsolicited communication is never welcome. This is a bad example of a company abusing its position to advance its own interests without asking whether their paying customers want this kind of communication.
Microsoft 365 organizations which use Teams but don’t have a Teams DLP policy will see a Compliance Center widget recommending the creation of a DLP policy. Sounds good, and the policy covers the most common sensitive data types that people worry about. The downside is that Teams demands Office 365 E5 licenses for DLP policies. You might not know that, but you will if you accept the recommendation.
Azure AD holds information about managers and their direct reports. It’s easy for that data to go out of date, so we create a report to tell us who are the managers and how many direct reports they have. Azure AD has some cmdlets to retrieve information about managers and direct reports, but as it turns out, the older Get-User cmdlet is the best way to proceed.
The latest update for sensitivity labels allows them to control the sharing capability of SharePoint Online sites. It’s a powerful example of policy-based management in action and demonstrates just how useful sensitivity labels will be as Microsoft steadily builds out the set of controls available through labels.
Every Microsoft 365 tenant has a tenant identifier. Sometimes you need to know what the identifier is, so here are several options to find it from PowerShell to the Azure AD portal to an external service. Tenant identifiers are public and need to be, otherwise apps wouldn’t be able to find the data they want.
Microsoft 365 tenant users can look forward to an increased range of self-service license purchases with the addition of Power BI Premium and Power Automate with RPA. Nine products are now eligible for self-service purchases, unless a tenant administrator decides that this kind of thing is nonsense and uses PowerShell to disable self-service purchases for all or some products.
You can configure Exchange Online distribution lists so that they reject messages sent to them as BCC recipients. I’m not sure how much use this feature will get, but it’s nice to have it anyway. PowerShell is the only management tool to configure distribution lists for the new block until Microsoft gets around to updating the Exchange Admin Center.
Sensitivity labels are a great way to protect confidential documents stored in SharePoint Online. Sometimes the documents must be decrypted. This article explains how to build a PowerShell script which uses Graph API calls to navigate to a folder in a SharePoint Online document library and decrypt the protected documents found in the folder.
A new Microsoft 365 admin center feature allows tenants to create an auto-claim policy to assign licenses when users sign into Teams for the first time. It seems like a good idea, but it’s limited by the fact that only Teams supports the auto-claim policy. No scoping exists either, which will disappoint those who like to manage licenses on a granular level. There’s some work to do before these policies will be right for everyone.
SharePoint Online and OneDrive for Business have a new sharing link control which highlights the permissions assigned to sharing recipients. It’s a minor tweak which is actually a pretty good idea as the last iteration of the sharing control buried permissions behind the scenes. And as we all know, permissions are important to IT resources.
A new preview feature allows the resources available to an Azure AD guest account to be reassigned to another email address. It’s a nice feature, but Teams has some problems with it at present. On the upside, everything works great with SharePoint Online and Planner, and we’re sure that Microsoft will fix the problem with Teams soon.
Microsoft will soon introduce roster containers to Planner. These are plans without Microsoft 365 Groups that apparently are tied to some mysterious new functionality. Because we have no idea what this functionality will be, we decided to disable it using Planner’s odd approach to PowerShell. Suffice to say that it’s not straightforward. Now if only someone had a plan…
Microsoft has released the public preview of the ability to set the Exchange out of office (OOF) auto-reply from the Teams desktop and browser clients. OOFs set in Teams are synchronized back to Exchange using EWS so that the new auto-reply configuration is picked up by clients like Outlook and OWA. It’s a small but useful update.
The OneDrive sync client is an important Microsoft 365 component which underpins features like autosave and coauthoring of Office documents. During the March 15 Azure AD outage, the client had a meltdown and removed all the local copies of files stored in a SharePoint Online folder, seemingly because it couldn’t authenticate. The problem was easily fixed, but it’s a bad example of handling what could be a transient authentication issue.
OneDrive for Business now stores Teams meeting recordings. You can protect files with sensitivity labels, but does this have any side effects for Teams? As it turns out, it does because the protective wrapper which encrypts the recording breaks the link to Teams. This might not be important if you need to protect a confidential recording and restrict access to a known set of users, but it’s something to consider before applying any labels.
Microsoft and Accenture have published a case study including some interesting statistics about Accenture’s Microsoft 365 usage. Some interesting headline numbers are cited, but the more interesting detail about how Accenture manages such a large tenant isn’t discussed at all – and that would be very interesting to know.
The Teams mobile clients (iOS and Android) benefit from a reduced data usage mode during video calls. The new mode can cut the amount of cellular data consumed significantly. We ran a simple test of a ten-minute meeting involving a shared PowerPoint slideshow and saw data usage reduce by 71%. That’s not a bad outcome!
Exchange Online tenants can activate external email tagging, which causes Outlook clients (not desktop yet) to highlight messages received from external domains. The feature can replace custom implementations to mark external email, usually done with transport rules. It’s easy to implement and control, but the mail tip offering to block an external sender seems a little over the top.
Microsoft has released V2.0 of the Teams PowerShell module. It brings some welcome improvements, notably the inclusion of all the management cmdlets, but has a downside too. The new cmdlets for managing teams templates are not easy to use and some authentication issues affect the Connect-MicrosoftTeams cmdlet after a change in authentication libraries. Microsoft has some work to do to improve this version of the module.
Microsoft is retiring the Delve mobile apps. That’s not a surprise because Microsoft hasn’t put much effort into Delve for the last few years. The question is when the Delve browser app will get the bullet. Call me cynical, but Microsoft has bigger concerns in areas like Search, SharePoint Syntex, and Viva Topics that mean Delve is unlikely to receive any tender loving care in the future.
Microsoft will include the Edge WebView2 runtime with Microsoft 365 apps for enterprise version 2101 or later. This doesn’t mean they install Edge; it’s simply a software component to make it possible for Outlook desktop to run features developed for OWA. You can block the deployment if you like, but there’s really no good reason to do so.
Microsoft plans to make the Dynamic View feature available for Teams meetings in mid-March. The signs are that the enhanced presentation of meeting content will make attending meetings a tad more engaging. Not much can be done with visual tweaks to rescue boring meetings where presenters drone on about stuff they should cover in a few minutes, but maybe the changes made by Dynamic View will brighten attendee spirits, We can but hope.
Attendees of Teams meetings now have the ability to share their opinion of the proceedings through live reactions, a set of emoticons ranging from thumbs-up to laugh. Reactions appear on attendee cards or float up from the bottom of the screen when material is beiing shared. Tenants can disable reactions uising Teams meeting policies, but meeting organizers can change meeting settings to allow reactions in specific events. Although it seems like a feature that doesn’t add much for a business user, reactions have their place – if used intelligently!
Now deployed to Office 365 tenants, large Teams meetings can support up to 20,000 view-only attendees, if an organization chooses to update its Teams meeting policies. Interestingly, this is a feature which Microsoft originally planned to license under its Teams advanced communication add-on, but the growth of large meetings in organizations might have forced their hand to bring the feature to mainline Teams.
Teams desktop clients are being updated with a new history menu to reveal the last 20 locations visited by a user in their Teams session. It’s a much faster way to get back to something than the older back arrow method. Another example of how Microsoft is refining the Teams client UI to remove little bits of friction and make everything work more smoothly. Or so they say.
The March 2021 update for the Office 365 for IT Pros eBook is now available. Office 365 for IT Pros is the only book updated monthly. which covers Microsoft’s cloud office system. This update covers 23 of the 24 chapters and is packed full of new information and insights covering anything from Teams to Stream to Exchange Online and SharePoint Online.
If you encounter an error when sharing a SharePoint file, you might see an error code like OSE204. What do these mainframe-like codes mean and why does SharePoint show them? Or more importantly, how did the sharing capability of a site change through administrator incompetence? And why is Microsoft removing the option to send a sharing link via Outlook (OWA)?
Microsoft is changing the way new teams are created in the Teams admin center to make sure that their settings are consistent with teams created in other interfaces. It’s a good idea because it means that all teams are then created equal. Organizations who wish to use different settings can update teams once they’re created using either PowerShell or the Graph API.