Last week’s announcement that Exchange Online will block basic authentication for multiple protocols on October 1, 2022, got some attention. Now the hard choices of what to do with clients and applications need to be made. To smoothen the path to remove basic authentication, Microsoft is making an exception for SMTP AUTH. Your scripts and multi-function devices will keep working after October 2022, but the writing is on the wall and eventually even SMTP AUTH will stop working.
October 1, 2022 will be a big day for Exchange Online tenants because that’s when Microsoft starts to disable basic authentication for connectivity protocols whether or not tenants want this to happen. This is a huge and fundamental change that’s being driven by the need to increase the overall security of Exchange Online and individual tenants, while also blocking common attacks seeking to compromise user accounts. With only a year to go, it’s time to start work on preparing everything that needs to be in place for the great October 1 switchoff.
Inactive mailboxes have been available in Exchange Online since 2015. A new inactive mailboxes listing is available in the Microsoft 365 compliance center. The GUI isn’t very functional, but perhaps it’s a starting point for some enhanced management capabilities for inactive mailboxes. We’ve only been waiting six years…
A new Teams preview feature introduces Top Hits in the set of suggestions it makes for a search term. Teams also highlights the search term in its suggestions to provide context. Neither feature will make much different to end users in the overall scheme of things, but both are useful in a kind of fit-and-finish way.
By default, Exchange Online allows other users in your tenant to see limited details of your availability when scheduling meetings. More information can be displayed by updating the calendar permissions for mailboxes. This is easy to do with PowerShell, but needs to be done on an ongoing basis because Exchange Online doesn’t have an organization or mailbox plan setting to assign the value to new mailboxes.
Teams clients can use quoted replies in group, 1:1, and meeting chats. A quoted reply is where Teams inserts a snippet from a previous message to create a new message. It’s a tremendously useful feature which allows users to add context to something discussed in a chat. (quoted replies are not supported in channel conversations). The only question is why it’s taken Microsoft so long to add this feature to Teams?
Understanding how to create effective queries using the Microsoft Graph APIs takes some work, especially with some of the more complex filters used to refine the data returned by the Graph. In this article, we look at how filters using lambda qualifiers work and explore some examples of these qualifiers in use.
Teams-based webinars are a popular way of hosting events like product briefings or announcements. Behind the scenes, the Microsoft 365 substrate stores information about webinar speakers, attendance, and event details as lists in the meeting organizer’s OneDrive for Business account. The information stored in OneDrive is indexed and available for eDiscovery. It’s a great example of the Microsoft 365 ecosystem in action.
Microsoft wants to eliminate the Search-Mailbox cmdlet, but it’s still very valuable when the time comes to remove mailbox items because of a spam attack or similar reasons. The suggested replacement is Core eDiscovery searches and associated content search purge actions, but these are slower and less effective than Search-Mailbox. To prove the point, we’ve put together a demonstration script to show how to compose a search query and run it against a set of mailboxes.
Microsoft has released support for background effects for Teams browser clients. It seems like only Microsoft-curated background images (including blur) works and that you can’t use organization images or custom uploaded images. This might just be a timing issue and Microsoft will enable this functionality in the future. For those who like using the Teams browser client to join meetings, this is a nice solution.
The latest innovation in the Teams client is the display of a P marker to the upper right of the user profile photo (avatar). This means that the client runs public preview software and the marker is intended to allow users and support personal understand when clients run public preview rather than the generally available software. Of course, users only know this when they’re told about the magic P.
Due in late September, users with a Teams Phone system license will be able to record and transcribe 1:1 calls made to PSTN and VOIP numbers, assuming that the Teams calling policy assigned to their accounts allows these features. The new capabilities close an important gap in the Teams Phone system for anyone who needs to be sure of the details of customer contacts and other interactions.
The usage reports available in the Microsoft 365 admin center, Teams admin center, and other places now include anonymized user information by default. The new default became active on September 1, 2021 and the organization setting applies to any usage data generated by the Microsoft Graph usage reports API, which means that some scripts might create reports less interesting and useful than before. It’s a good change for privacy, but will organizations persist with the new default?
Adding the ability to search for spoken text in Teams meeting recordings is just one of the new features added after Microsoft moved storage for meeting recordings to OneDrive for Business. A new video viewer and support for 27 additional languages (some different variants of a base language) are also important developments. In this article, we explore how Exchange Online captures the text spoken in Teams meetings, how OneDrive for Business links the text with the video, and how Search can find spoken text from the transcripts.
Microsoft is applying their Viva brand to the features currently known as MyAnalytics. Viva Insights will span a monthly email digest, the Outlook insights add-on, and the Insights dashboard. If you don’t want users to access these features, you can disable the features individually or remove the service plan from user licenses. The rebranding is happening now and due to complete in November.
You can now access videos and slides for sessions given at The Experts Conference 2021. The sessions cover a wide range of technology from Azure AD to Microsoft 365 to infrastructure modernization. And you can now register for TEC 2022, which will run as an in-person event in Atlanta on September 20-21, 2022. It should be great fun!
Microsoft has replaced the controls which disabled document insights in Delve with new Graph-based settings. However, you might still have a bunch of users with the Delve settings who need to migrate to the Graph settings. In this article, we explore how the settings work and how to query the Graph to find the set of users who disabled the setting in Delve. We can then use PowerShell to add those accounts to the group of disabled insights users for the Graph-based settings.
The longstanding problem where the renaming of a Teams channel did not rename the folder in the SharePoint document library is being fixed. First flagged as an issue in 2016, this is one of the oldest bugs in Teams and it’s taken far too long for Microsoft to squash. The good news is that the fix will deploy in mid-September to close off the problem once and for all.
The September 2021 update is available to subscribers of the Office 365 for IT Pros eBook. The update for the only constantly updated book covers changes across Office 365 in the last month, including new functionality and features, a new SLA figure for the service, and a bunch of updated PowerShell examples. And we fixed some annoying typos. All in all, it was a busy but productive month. Please update and use the new text at your earliest convenience. We wouldn’t like you to use now obsolete information.
Microsoft is preparing to enable lightweight plans soon. The new plans are managed via the Planner app and should turn up in Teams meetings as a fluid component to allow meeting participants to capture tasks assigned during calls. It’s a neat way to use a plan that isn’t associated with a Microsoft 365 group. We’ll see what happens in September/October when the functionality lands. Also, a new cmdlet is available to export Planner data for a user. You never know where this might be useful.
Azure AD administrators should be able to assign a reserved alias to a new group. At least, that’s what the documentation says. As it turns out, this isn’t strictly true as there are places where administrative interfaces (GUI and PowerShell) block any attempt to use reserved aliases. Does this matter? Probably not, unless you like consistency… which we do!
A new music mode for Teams desktop clients is rolling out now to improve the quality of music playback in Teams meetings and calls. The new feature depends on the Satin codec released earlier this year. Basically, music mode delivers high-quality playback even when connected across poor networks when packet drops are common and throughput is uncertain. A range of other controls are available to adjust the audio stream when hosting meetings using professional facilities. It’s all too much for this non-audiophile, but music mode is great for those who care.
Microsoft has moved retention processing for SharePoint Online, OneDrive for Business, Teams, and Yammer from the Managed Folder Assistant to a new retention assistant. (background processing job). It’s part of an effort to use workload-agnostic processing whenever possible to perform retention actions across Microsoft 365.
Microsoft plans to start removing the automatically-generated transcript of some Stream videos in September 2021. Only automatic transcripts are affected, and only if no one is looking at the video. If you’ve taken the time to edit a transcript or upload a manual transcript, Stream will leave these transcripts alone. It’s all part of the big plan to get Stream off its own Azure storage and onto SharePoint Online and OneDrive for Business.
Teams supports pinning of chats to highlight important messages to chat participants. You can also pin messages in channel conversations, but the highlighting is different. Like many things in life, it’s the details that matter when figuring out how useful message pinning will be for individual users. I’ve found a way to make chat pinning useful for me. The question is whether you can do the same!
Microsoft 365 notification MC277196 informs tenants about a new service plan to control the Nucleus synchronization engine. In effect, this means you can disable offline working with Microsoft Lists. The new service plan is due to turn up in Office 365 SKUs in September 2021. Lists will get a new icon to show their synchronization status. Apart from the delayed deployment of Nucleus, it’s all good news.
Microsoft hopes to accelerate the removal of TLS 1.0 and 1.2 connections from Exchange Online by disabling connectivity in 2022 and forcing organizations which need to use the older protocols to connect to a new “legacy smtp” endpoint. It’s not a bad plan because it transfers responsibility for choosing to use obsolete connections to customers. Most organizations will go with the flow (no pun intended) and use TLS 1.2, but those who need some time to update applications and devices know what they have to do.
In this post, we describe how to use PowerShell to remove a single service plan from Microsoft 365 licenses using PowerShell. The script can remove any service plan from any SKU (license) in a tenant. You might want to do this to disable access to an obsolete feature (like Sway) or to prevent access to a new feature until the organization is ready to support user activity.
In October 2021, Microsoft will enable the Azure AD email one-time passcode identity provider in tenants. SharePoint Online and OneDrive for Business will use the provider to control access for external people to its resources. The net effect is that Azure AD will create guest accounts for external sharing recipients. Even though guest accounts need to be managed, there’s lots of good reasons to use guest accounts, as we describe here.
In this post, we explore how to use PowerShell to create a report about distribution lists and their owners. The script is quick and dirty, but it works, and the code will run on both Exchange Online and Exchange Server and generates both HTML and CSV outputs. We also look at whether it’s possible to speed things up by using Microsoft Graph API calls. As it turns out, because we’re interested in owner information, it’s no faster to retrieve distribution lists using the Graph. However, as shown in a second script, the Graph is great at retrieving membership information.
The OneDrive for Business sharing control (also used by SharePoint Online) now shows thumbnails of the set of people who already have access to an item. The idea is to give owners of information an at a glance view of who has access. It’s a nice change which adds something that probably no one thought was missing, The little things add all the difference!
Microsoft 365 retention policies control how the system removes items automatically from Exchange Online, SharePoint Online, Teams, and other locations. Because these policies are so powerful, it’s a good idea to keep an eye on who makes changes to their settings. The audit log is a natural place to go looking for information about policy updates and while we can find information there, some of the data is oddly formatted or obscured for some reason. Persistence and PowerShell delivers answers, but this is a task way harder than it should be.
Controlling the creation of Microsoft 365 Groups might seem complex, but it’s not as complicated as it might seem. Make sure Azure AD allows group creation, and then you can either allow everyone to create new groups or restrict the right to a limited set of accounts (a capability requiring Azure AD Premium licenses). And don’t forget OWA, because it’s got its own mailbox policy with a group creation setting. All good, clean, honest fun.
A recent conversation in the Microsoft Information Protection (MIP) community on Yammer about deleted templates led to a discussion about how this might affect users, like those who apply sensitivity labels with encryption to protect documents in SharePoint Online or email in Exchange Online. As it turns out, MIP has a backstop or get out of jail free card, but to understand how it works, you need to understand a little bit about publishing licenses and use licenses. We explain what happens in this article.
Microsoft has updated the creation settings for security groups and Microsoft 365 groups in the Azure AD admin center. The changes impose consistency over administrator creation of these groups and probably won’t affect tenants, but it’s good to check. The change makes us ponder why Microsoft doesn’t improve the GUI for other group controls, like those controlling who can create new Microsoft 365 Groups.
The Viva Insights app for Teams now boasts Headspace-powered meditation to add to its mindfulness capabilities. Available to English users with Exchange Online mailboxes, the set of six meditation exercises and two music selections will help some people relax and destress. Others won’t be interested, but that’s OK because a new PowerShell cmdlet is available to turn the Headspace feature off.
Microsoft’s Whiteboard app is moving its storage off Azure to OneDrive for Business. The switchover will happen in October 2021, but tenants can opt-in to use OneDrive storage from the end of August. Some Whiteboard clients won’t be able to cope with OneDrive then, but Microsoft says that everything will be straightened out for the switchover in October. As we explain here, it’s a good idea (for many reasons) to move Whiteboard storage to OneDrive.
A reader asked how to move membership of multiple distribution lists from one mailbox to another. We use PowerShell to do the job. Only a few lines are needed to switch the memberships, but we add a few more lines to make the script work better. We don’t handle dynamic distribution lists. This is possible for precanned (simple) filters, but given the number of dynamic distribution lists usually involved, it’s probably best to update directory settings manually.
In September Microsoft will introduce a new auto-expiration feature for Teams meeting recordings stored in OneDrive for Business and SharePoint Online. By default, recordings will be moved to the recycle bin 60 days after creation (30 days for users with Office 365 A1 licenses). Tenants can control the default expiration period using Teams meeting policies while users can override expiration for individual files. And if you use retention policies to control Teams meeting recordings, their instructions take precedence over auto-expiration.
The August 2021 update is now available for the Office 365 for IT Pros (2022 edition) eBook. Subscribers for the EPUB/PDF version can download books from Gumroad.com while Kindle purchasers can ask Amazon support for access to the updated files. Like every monthly update, August 2021 features a wide range of changes to different chapters across the book. Being able to issue monthly updates is a luxury afforded by the ePublishing model that makes sure that Office 365 for IT Pros is always up to date and current.
