If you encounter an error when sharing a SharePoint file, you might see an error code like OSE204. What do these mainframe-like codes mean and why does SharePoint show them? Or more importantly, how did the sharing capability of a site change through administrator incompetence? And why is Microsoft removing the option to send a sharing link via Outlook (OWA)?
Microsoft is changing the way new teams are created in the Teams admin center to make sure that their settings are consistent with teams created in other interfaces. It’s a good idea because it means that all teams are then created equal. Organizations who wish to use different settings can update teams once they’re created using either PowerShell or the Graph API.
Microsoft is giving the Teams desktop and browser clients a makeover with their Fluent design system. If you look closely, you’ll see some changes in app icons, but the other changes are too subtle for many, including me. Up on the upside, while those of us who write about Teams will have to refresh some illustrations, the documentation for the Fluent design system is an interesting read. Well, it is late at night when you’ve nothing better else to do…
There are many examples of PowerShell scripts which create reports about the membership of Microsoft 365 Groups. Most are slow. This version is faster because of its per-user rather than per-group approach to processing. The output is a nice HTML report and two CSV files containing a list of memberships in Microsoft 365 Groups and summary data for each user in the tenant.
Microsoft has announced that recordings of Teams meetings stored in OneDrive for Business will be blocked for download by anyone except the owner. The change will roll out in mid-April and should be complete by mid-June. Microsoft’s post draws attention to the fact that you shouldn’t use channel meetings to discuss confidential topics. It’s all to do with the Microsoft 365 Groups membership model.
Many people want to print off membership details of Microsoft 365 groups, which makes it curious why Microsoft doesn’t support the option in Teams, OWA, or other applications. Fortunately, it is very easy to extract and report membership with PowerShell. Here’s how to generate a HTML report with a CSV file on the side.
The Office 365 audit log is packed full of information about what happens inside workloads. New events show up all the time. The question is how to understand what actions these events relate to. We outline a simple procedure to discover the presence of new audit events and dive into the investigation of an event called Consent to application, which is pretty important in the context of recent high-profile attacks.
From April 2021, Exchange Online will apply hard limits for the number of messages a mailbox can receive per hour. The limit remains the same (3,600), but now Exchange will block the mailbox receiving any more email for an hour. The new version of the Exchange Admin Center (EAC) promises to highlight problem mailboxes so that admins can ask owners why their mailboxes receive so much email.
Audit records are a great way to gain an understanding of what happens inside Office 365. We use PowerShell to report actions taken with sensitivity labels such as protecting files and containers. The latest development is the addition of support in the Microsoft 365 apps for enterprise (Office desktop) to log audit events when users interact with sensitivity labels. Unsurprisingly, more events are often logged by the desktop apps than their online equivalents.
The Teams desktop and browser clients are gaining an offline send capability. Messages sent offline are queued locally and go when the network reappears. Connectivity must be resumed within 24 hours. If not, users need to review the messages to make sure that it still makes sense to resend them.
Microsoft’s Edge browser recently introduced sleeping tabs to conserve resources. Although this is a good idea, putting SharePoint Online tabs to sleep stops them reconnecting. I suspect it is because a refresh token times out and isn’t renewed. The solution is to add SharePoint Online sites to the list of sites that don’t sleep. Always-on document management is the best approach.
The Microsoft 365 substrate now captures Teams app card data in compliance records to make the data available for eDiscovery, content searches, holds, and retention. The compliance records are stored in user and group mailboxes. Audit records for card interactions are also logged in the Office 365 audit log. Using compliance records means that some app data context is lost, but at least you can find the information.
Viva Topics is one of the four modules in the Microsoft Viva employee engagement platform. You can run a 25-user trial for 30 days to create some topics and see how things work. A trial should help an organization decide if they want to pay the $5/user/month Microsoft asks for Viva Topics licenses – and everyone needs a license to see topic cards, which is the point of Topics.
A change made to the storage location in SharePoint Online for email sent to Teams channels caused problems for people who created Flows based on a known location. Instead of having one big folder for email messages sent to a folder, it seems like Microsoft plans to use a new folder for each month. There’s nothing wrong with this approach, but it would have been nice if Microsoft warned people using the folder for automated processing that a change was coming. They didn’t.
Microsoft has updated the format of the Teams attendance report to include more data about who attends meetings. The new report is persistent and available after a meeting ends. The new format will no doubt be popular with teachers who need to track who attends their online classes, but it’s likely to be also popular in the enterprise for those who organize meetings with mandatory attendance.
Microsoft wants to remove basic authentication from Exchange Online connection protocols. But pressures have forced Microsoft into a new strategy and away from the mid-2021 date for deprecation of basic authentication for five protocols. Instead, Microsoft will disable basic authentication for protocols where it’s not used, include four addition protocols in its target set, and pause action for tenants where basic authentication is in active use. When they restart, Microsoft will give tenants 12 months’ notice that basic authentication will be blocked for a protocol. You can argue that Microsoft should have pressed ahead with their original plan, but would widespread disruption of service be worth the benefit gained from blocking vulnerable protocols? Balancing risk versus reward is often not easy.
Teams meeting notes are a form of the Teams wiki with much the strengths and weaknesses of the wiki. Good enough for small meetings but limited for larger gatherings when you’ll probably want to capture details using a tool like Word or OneNote.
Yammer now boasts inclusive reactions, the ability to select a person-appropriate skin tone for thanks and like reactions. The feature is only available in the new Yammer UI. Being able to select a skin tone for reactions is not a new idea and now that Yammer has it, Teams can’t be far behind.
The inbound webhook connector used by Teams and Microsoft 365 Groups to accept information from external sources is getting a new format. Existing connectors must be updated by April 11, 2021. If not, data will stop flowing into the target channel or group, and that would be a bad thing.
A new control over Teams meetings allows meeting organizers to choose if participants can chat before, after, during, or not at all. Stopping people chatting during online meetings is one way to try and keep their attention, but this feature is likely to be more popular in education than in the enterprise.
The February 2021 update for the Office 365 for IT Pros eBook is now available for subscribers to download. Office 365 for IT Pros is the only book with monthly updates covering the Office components of the Microsoft 365 ecosystem. Subscribers to the 2021 edition can now download updates PDF and EPUB files from Gumroad.com.
Setting a daily status message in Teams is a great way of keeping your coworkers informed about your overall availability during the coming day. Another tip to consider is to advise people who want to chat with you that they should start the conversation in a meaningful way by setting the context. Don’t start chats with Hi or Hello.
Microsoft released their FY21 Q2 results on Tuesday. Buried in the details were several nuggets relating to Office 365.. Here are the interesting bits including some detail on the penetration of Teams into large organizations and a new number for Azure AD users.
Teams Data Loss Prevention (DLP) policies help to stop users sharing confidential information through chats and channel conversations. A recent update means that accounts to be included or excluded in DLP policies can be specified using distribution lists or mail-enabled security groups. While this doesn’t sound very exciting, it is if you need to deploy DLP policies to targeted sets of Teams users.
Feb 24 2021 Update: The picker used for OneDrive for Business accounts will support distribution lists and security groups in March.
You can create an Azure AD Access Review for all guests in teams and groups in your tenant and then see what’s happening with the Graph API. In this case, we use PowerShell with the API to grab the access review data and create a report about the overall status of the review in a tenant.
A new setting for Teams meetings allows organizers to limit the ability to bypass the meeting lobby to people explicitly invited to the meeting. Precise control is important when you set up meetings to review confidential or sensitive data. After all, you don’t want anyone who gets a copy of the meeting link turning up to listen in to what’s going on.
The ability to assign “smart backgrounds” generated by Designer to a Planner plan is now rolling out to Office 365 tenants. The smart part of the background is that the plan name is used to generate the image. Any plan member can change the background, which should lead to some entertaining conflicts when people differ over the choice of background.
Need a PowerShell script to do something with Office 365? You might find a script or at least an idea – in the Office 365 for IT Pros GitHub Repository. We have created over 80 scripts as examples and demonstrations of how to get stuff done in an Office 365 tenant with PowerShell. You’re welcome to use anything in the repository and especially welcome to fix our bugs.
Sometimes delegate access for an Exchange Online calendar goes awry due to corrupted items in the mailbox. To help sort out problems, Microsoft has upgraded the Remove-MailboxFolderPermission cmdlet to do the work that used to be done by a multi-phase fix performed using the MFCMAPI or EWS editor utilities. The nice thing is that this method is quick, simple, and works well.
The Teams meeting recap feature highlights some of the important resources which can be generated for meetings. The recording, transcript, and attendance report are displayed under the Details tab for meetings accessed through the Teams calendar app.
Exchange dynamic distribution lists allow messages to be sent to sets of recipients determined by a query against the directory. A custom filter is a powerful way to find the right set of recipients. In this case, we want to find mailboxes with certain job titles whose Azure AD accounts are not blocked for sign-in. Here’s how to create the filter, make sure it works, and create the DDL.
Microsoft 365 priority accounts are a way to mark accounts for special processing. Microsoft is building features to exploit priority accounts, but they can be used for other purposes, like checking if an account has account to a resource. Of course, multiple other methods exist to do the same job, but that’s not reason to exclude priority accounts from the mix.
Exchange Online now insists on TLS 1.2 connections between email clients and servers. PowerShell scripts using the Send-MailMessage cmdlet will fail. The problem is easily solved by forcing PowerShell to use TLS 1.2 to connect, but it does mean that some work is needed to check scripts (before they fail).
Outlook for Windows is gaining a new Meet Now button in the Teams meeting add-in. You can use the add-in to launch impromptu private Teams meetings. That is, if the settings in the Teams meeting policy assigned to your account allows. And guests better not try to Meet Now when they’re signed into a host tenant because they’ll probably end up frustrated down a black hole, which is a horrible place to be.
All services suffer outages or incidents. The Service Communications API allow Office 365 tenants to retrieve information about incidents programmatically and report details in whatever way they want. In this post, we show how to use PowerShell to fetch service messages with the API and filter for recent incidents. After that, it’s just a matter of presenting the details.
The Teams channel calendar app highlights meetings scheduled for a calendar and makes it easier for team members to attend these events. Meetings for all channels in a team are stored in a single calendar, so the app applies a filter to display the meetings belonging to the channel it is installed into.
The Teams meeting add-in allows users to schedule online Teams meetings from Outlook. While you might know that the add-in exists, do you know how to find its version number and where the add-in DLL is stored? These questions and others are answered in this post.
Long-term Outlook users have probably noticed that they can’t attach files in events created as Teams meetings. Teams like cloudy files, not email attachments, so if you want to send some important information along with a meeting invitation, you can include links to the data or paste it into the body of the invitation. And once the meeting is created, you can share files with meeting participants, which is really the Teams way of getting the job done.
Microsoft has released a set of new sensitive information types, used to locate sensitive data by Microsoft 365 DLP policies. Many are country-specific versions of previous generic types (like passports or identity cards). The recommendation is to consider upgrading DLP policies to use the new types to get better (more accurate) matching.
Outlook for Windows has the option to make Teams online meetings the default for all new meetings. Users can edit meeting settings through Outlook too. Unlike the other Outlook clients, Outlook for Windows depends on a registry setting to control whether an online event should be created. And there’s no support for third-party meeting platforms.