The Records management solution in the Microsoft 365 compliance center has some important controls for retention labels. Two new controls allow organizations to decide if they will allow users to unlock items assigned a record retention label. If they can’t, they won’t be able to update document contents or change an item’s metadata. This won’t suit all organizations, but it will make those which want locked down records management very happy indeed.
Outlook desktop couldn’t display actionable messages generated by Teams and Yammer properly while OWA and Outlook mobile could. It’s a small issue in the context of Microsoft 365, but it irritated me. I fixed the problem but don’t know how except that the Actionable Messages Debugger for Outlook might have been involved. Another day in the life of a Microsoft 365 tenant administrator…
Office 365 Message Encryption protection is not available for messages sent to dynamic distribution groups. It’s all to do with rights management licensing. However, if you need to protect messages sent to dynamic distribution groups, for instance to make sure that confidential messages are inaccessible to external recipients use a sensitivity label instead and assign the special tenant-wide permission to recipients.
Message center notifications for service changes posted to the Microsoft 365 admin center will include monthly active user counts for affected workloads. That sounds good, until you realize some of the downloads incurred by depending on the Microsoft Graph Reports API as the source of user data. Still, it’s better than nothing and a welcome advance.
You might never need to use a break glass account, but if the need arises, you’ll be glad that you had the foresight to anticipate that bad things can happen and create a break glass account for your Microsoft 365 tenant. This article describes why you might want one or more of these accounts, their characteristics, some pitfalls to avoid, and how to check that the break glass accounts aren’t being used.
Microsoft 365 retention policies allow organizations to keep or remove content from workloads like Exchange Online and SharePoint Online. You can apply filters in retention policies, but Microsoft only supports this capability auto-label retention policies. You can go ahead and update a standard retention policy to add a content filter with PowerShell and the policy will work. The question is, how long will it work for before Microsoft changes something on the backend to stop the policy working?
Two new features will help users enjoy Microsoft Teams meetings better. Or at least, improve the “user experience” by removing some irritations people currently have during meetings. The first allows users to suppress notifications arriving during meetings. The second hides a user’s video feed from their view to remove what seems to be a distraction for many. I’ve already disabled notifications for meetings. Maybe you should do the same?
Finding the age of a Microsoft 365 tenant isn’t an important administrative operation. However, understanding how to retrieve this information (if asked) is an interesting question, which is why we spent several hours playing around with PowerShell and the Microsoft Graph to figure out how to answer the question. It’s the kind of in-depth analysis we do all the time to build content for the Office 365 for IT Pros eBook.
A new List Teams API is available in the beta version of the Microsoft Graph. In time, the new API might replace the existing methods used to fetch sets of teams for processing. For now, there’s no need to update any code as we wait for Microsoft to fully bake the new API. Maybe it will be more performant and functional in the future!
On January 10, Microsoft announced that the base Office 365 workloads support Continuous Access Evaluation (CAE) for critical Azure AD events like password changes or account deletions. Although you can take CAE even further with conditional access policies, giving Exchange Online, SharePoint Online, and Teams the ability to react to critical events in almost real-time is a very big thing indeed.
Microsoft Teams enterprise users can now communicate with Teams consumer users. That is, if the right settings are in place to allow communication (they’re enabled by default). Communication is straightforward but limited to chat messages. The question is how many people will use external access to connect with Teams consumer users. Time will tell.
Auto-label retention policies find items in Microsoft 365 locations and apply retention labels to those items. In this article, we explain the steps involved in creating an auto-label retention policy to look for items with sensitivity labels and apply retention labels to those items.
Microsoft Teams posts system messages to a team’s information pane to let people know about membership changes. You can’t stop Teams doing this because Microsoft doesn’t provide control over the system messages at the tenant or team level. You can obscure the names of new members by changing their display name, but maybe the best idea is not to add new members until the time is right.
Whiteboard is the latest Teams-enabled app to use OneDrive for Business for its storage. It’s unsurprising and it’s a trend likely to continue, and it creates an administrative challenge in terms of how to handle deleted Microsoft 365 user accounts. The suggested approach of having a designated user review the information and retrieve what’s important is OK for documents but doesn’t work for app-linked content. Retention policies are a better option.
Planner now creates digital twins (copies) of tasks in user mailboxes in Exchange Online to make data available for eDiscovery and compliance. Storing items in the Microsoft 365 substrate is the same approach to making data available for search and compliance as taken by Teams and Yammer.
In a surprising December 21 announcement, Microsoft put its Information Protection labeling client into maintenance mode effective January 1, 2022. Making an announcement as the IT industry was closing down for the holiday period is no good way to make certain customers learn about a development, and it’s curious that Microsoft left it until nine days before the client entered maintenance mode to let people know.
The January 2022 update for the Office 365 for IT Pros eBook is available for subscribers to download. This is the 79th monthly update for the only eBook updated monthly to keep pace with change inside Office 365 and the surrounding Microsoft 365 ecosystem. Subscribers are welcome to download the updated files from their Gumroad.com account or by using the download link in their original receipt.
Microsoft pushed out version 2.0.88.0 of the AAD Connect synchronization utility earlier this month. Unfortunately, the new software removes disabled on-premises user accounts from Azure AD, which means that on-premises shared mailboxes disappear for cloud users. Microsoft has released version 2.0.89.0 but maybe it’s better to go back to a version that you know works. At least until after the holidays.
Among the changes Microsoft postponed to January is the introduction of a new unmute keyboard shortcut for meetings. While I lik shortcuts generally, this one doesn’t seem to make much sense, especially because an existing keyboard shortcut is available to toggle mute on and off during meetings. In any case, if you don’t want to use the shortcut, you can disable it in Teams settings. To each their own…
To make Microsoft 365 DLP policies work like Exchange transport-rule based DLP, a January change will switch evaluation of sender conditions away from envelope information to message headers. Although this change might seem to be something beloved of email geeks, it’s actually an important update for organizations who want to move away from ETR-based DLP to Microsoft 365 DLP policies.
A change in how Office apps apply mandatory labeling as dictated by sensitivity label policies means that both new and old documents are processed. New documents have always been dealt with; the change being made ensures that Office apps detect the lack of a label when opening an existing document and will apply mandatory labeling at that point. It’s a change to help customers move on from the unified labeling client.
The Microsoft 365 audit log holds all kinds of useful data, including events logged for SharePoint Online and OneDrive for Business file deletions. It’s easy to use PowerShell to search the audit log to find and interpret the events and create a report. Large tenants might need to export the audit data on a regular basis to an external repository to allow for long-term retention and analysis. We explain the principles of the process in this article.
Some changes in the Microsoft Teams desktop and browser clients will allow users to decline guest invitations from other organizations, leave organizations, and hide organizations from Teams. Although leaving another organization has been a well-trodden path for several years, it’s required knowledge to find the right place to go. Having these options in Teams makes it much easier to manage a cluttered set of organizations.
It might seem like a small thing, but some users are upset when they don’t receive copies of their messages sent to Outlook Groups in their Inbox. A new setting allows users and administrators to control if they receive copies of messages from groups, but only when the user is a subscriber to groups (Follow in Inbox is turned on). In this article, we explore how to set the EchoGroupMessageBackToSubscribedSender control via OWA options and PowerShell, and how to sign up to be a group subscriber by yourself or with a little help from an Exchange administrator.
Microsoft is changing the way the Exchange Online transport service resolves the membership of dynamic distribution groups. Instead of doing this when someone sends a message to a dynamic group, Exchange resolves the membership once daily and whenever the recipient filter changes. It’s a reasonable approach designed to make messages move faster and more reliably, and it’s similar to the way that Azure AD dynamic groups maintain their memberships, so it shouldn’t make much difference.
A new tweak to the sharing link dialog used by OneDrive for Business, SharePoint Online, and other Microsoft 365 workloads block downloads of video and audio files by default. This is probably what you want to happen as, unlike Office documents, when you share a video or audio file, it’s likely to be final content ready to be consumed rather than being worked on.
New audit events are available to capture information about Teams meetings and participants, but only if you have Office 365 E5 or above licenses. That’s because Microsoft deems these events to be high-value audit information prized by forensic investigators when they try to unravel what happened in an incident. You’ll have to make your own mind up how valuable the events are, but we’ve written some PowerShell to make the data more accessible.
Microsoft is rolling out new activity feed controls for notifications posted by apps and when people use reactions to respond to messages. The idea is to make the activity feed less distracting for busy users. The interesting technical issue is how to deal with notifications created by the many hundreds of Teams-enabled apps available today.
The ability to lookup a user, site, or group and report the Microsoft 365 retention policies applicable to the location is now available in preview. The new feature helps administrators understand what retention policies might block the deletion of a mailbox, site, or group, something that’s often difficult when multiple retention policies exist in a tenant. Although welcome, it would be nice if Microsoft could extend the feature to add some actions. Maybe that will come in the next version.
Microsoft enhanced a new 99.99% SLA for Teams Phone and Calling on December 1. The new SLA is backed with financial commitments for credit if Microsoft doesn’t meet its standards. All of this is very nice, as long as you understand how the SLA is calculated and what you need to do if problems happen to be in a position to make a claim.
Microsoft 365 informed network routing is now available, if you have the right Cisco SD WAN network gear in your datacenter. This is a set forward to help network controllers make better routing decisions for Microsoft 365 network traffic by providing application-specific quality of service metrics instead of using artificial probes to detect network issues. Sounds good, but will it make a difference to your Office 365 tenant? Read on…
A new sharing link dialog for OneDrive for Business and SharePoint Online is rolling out to Office 365 tenants. The new dialog makes it easier to configure settings for copy links. This might sound like a small thing on the overall scale of Microsoft 365, but making it absolutely clear how to configure sharing links is a good step towards helping users send the right kind of links when they share documents with others.
The December 2021 update is available for Office 365 for IT Pros, the only eBook updated monthly to document technology changes and new capabilities across Office 365 and relevant parts of the Microsoft 365 ecosystem. Subscribers for the EPUB/PDF version can download the updated files from Gumroad.com to make sure that they have the most up-to-date content available.
Microsoft is adding Audio conferencing to all Teams plans and making it easier to embrace the Teams Phone system with a new Teams Phone and Calling Plan product. The new offering is available on January 1, 2022 and replaces separate products targeted at the SMB and enterprise markets. While it’s good that Microsoft is simplifying their Teams Phone offering, buying a product is only the start of a journey to implementation.
Information barriers seem like a good idea. Implement policy-driven controls over who can communicate within a Microsoft 365 tenant. Microsoft is making the solution available to education tenants. In reality, they should spend some the engineering effort required to improve the current sad state of the information barriers solution. No GUI, horrible management, PowerShell with impenetrable errors, and a lack of visibility into how the solution works.
The Office 365 for IT Pros team will be at the European Collaboration Summit (ECS) in Dusseldorf. Come to listen to Tony talk about sensitivity labels on Tuesday or Paul discuss tenant to tenant migration on Wednesday. ECS is a great community-led event that’s well worth attending if you find yourself in Europe and have the ability to travel to Germany. Don’t forget your mask!
Azure AD has a history of outages which have caused problems for Microsoft 365 tenants over the years. Microsoft hopes to solve the problem with a backup authentication service that’s capable of keeping things going if the primary Azure AD service goes offline. Basically, the backup service has copies of successful authentications over the last three days which can be used to process authentication requests for most sessions when the primary service fails. It seems like a good idea.
The Viva Learning app is available for deployment to Microsoft Teams users. The Viva Learning app delivers courseware to users to allow them to browse and access content created by Microsoft, the tenant, or external courseware providers such as Skillsoft and Pluralsight. In this article, we describe the three quick and easy steps to get Viva Learning up and running to help expand the minds of your Teams users.
A new per-user policy setting for Microsoft Teams allows admins to exert per-user control over who can have anonymous people join their meetings. The new policy setting can be managed now with PowerShell and will co-exist alongside the current tenant-wide setting for a period. Microsoft will then deprecate the tenant-wide setting to allow the policy settings exert sole control.
Microsoft Teams is introducing a new co-organizer role for meetings. The role allows people to share the workload involved in managing complex meetings, like webinars. The role is optional and likely to be used in a small minority of Teams meetings. Even so, it’s a useful feature to have available when you’re planning a large and complex meeting.
