Microsoft has made a preview version of the new Teams client available to commercial tenants worldwide. The preview runs only on Windows and isn’t yet available in browser sessions. Some functionality is missing because it’s incomplete but the new client is faster and snappier than the classic Teams client. To use the preview, you’ll need to enable the new client through a Teams update policy.
The changes in Microsoft 365 keep on coming thick and fast. Changes range from the introduction of fundamental new technology like Microsoft 365 Copilot to an update to a small product detail. In this case, the Azure AD admin center is moving to the Microsoft Entra admin center. Microsoft has its own reasons for making this change, which will ripple out across the community to affect content developers and trainers. Is that a problem? Only if you don’t respond.
Microsoft has overhauled the Teams Files App as part of its work to refresh the Teams client UI. We’re still waiting to know about the new channels experience which is supposed to appear at around the same time. This work will refresh and enhance the Teams V1 client while also appearing in the Teams V2.1 client that’s expected to be available in preview soon.
The Teams green screen effect allows people to select a uniform backdrop to apply effects upon using fewer system resources and achieving a cleaner output. Not everyone has a suitable backdrop, so I used the wall behind my desk to see what the Teams green screen effect could do with it. And although some imperfections resulted from the lack of uniformity for the wall, you can still see how this will be a useful feature. That is, if you use a proper backdrop!
Microsoft has integrated Authenticator Lite, a subset of the full Microsoft Authenticator app, into Outlook for iOS and Android. The code allows users to respond to MFA challenges using number matching or one-time codes without leaving Outlook and is intended to help organizations deploy and manage MFA with less friction. Although you can’t use Authenticator Lite if the Authenticator app is present on the same device, integrating MFA capabilities direct into apps sounds like a great idea.
SharePoint Online has a new block download file policy that stops users from downloading Teams meeting recordings. The policy applies to all sites and OneDrive for Business accounts in the tenant and is due to be part of the feature set covered by the Syntex-SharePoint Advanced Management license.
SharePoint Online is embracing Azure AD more closely by forcing new tenants to use the integration between the two Microsoft 365 components. In addition, site sharing will use the Azure AD invitation mechanism instead of SharePoint’s own code. The changes make a lot of sense and shouldn’t cause much disruption for tenants. It’s a good reminder to check the relevant policies that control external access via Azure B2B Collaboration.
Microsoft continues to improve the sound quality available in Teams meetings with support for spatial audio and ultrasound howling detection (feedback echo). Spatial audio depends on the right equipment and aims to help you know who’s speaking in a meeting. Howling detection means that Teams detects when multiple people in a physical room join a meeting and suppresses audio to avoid a feedback loop.
The first app in a new community project called IdPowerToys helps Azure AD tenants to document conditional access policy settings in PowerPoint. The information used to document the CA policies is extracted (manually or automatically) from Azure AD, analyzed, and output as a PowerPoint presentation. It’s a nice way to see what CA policies exist in a Microsoft 365 tenant and helpful if you want to rationalize the set of policies in use.
Teams now displays People Insights on the User Profile card. The insights come from LinkedIn and Viva Insights and are intended to keep people informed. The user profile card already includes lots of information and it’s debatable whether knowing when birthdays come around for your LinkedIn contacts adds much value. As always. beauty is in the eye of the beholder.
The Azure AD sign-in frequency controls how often accounts must reauthenticate. Setting an unreasonably short value makes it more difficult for people to work because Azure AD constantly nags for credentials, including MFA challenges. I experienced the effect of such a policy last week and it wasn’t nice. Security policies need to be practical and pragmatic as well as effective.
A new setting in the Teams meeting policy allows Microsoft 365 tenants to dictate that meetings organized by some or all users must gain explicit consent from users before they can be recorded. The new control is intended to help address privacy concerns that some users might have. This article describes how to apply the policy setting and its impact on meeting participants.
Teams bulk policy assignment options include two features in the Teams admin center, batch jobs, Azure Automation and plain-old PowerShell. In this article, we examine the options in the Teams Admin Center to revert policy assignments back to the global (default) policy and a way to perform Teams bulk policy assignments for selected accounts. And we mention the other methods that exist which don’t involve the Teams admin center.
Microsoft uses machine learning in Outlook and Exchange Online to create the basis for what they call intelligent technology like suggested replies and text prediction. To generate the language models used to figure out how Outlook should respond to users, Microsoft needs to copy data from user mailboxes for processing. The data is removed and the results stored in user mailboxes once processing is complete. Is this an issue for Microsoft 365 tenants? It all depends on your view of how data should be processed.
Microsoft 365 pronouns for display in apps like Teams and OWA can now be enabled on a tenant-wide basis. Displaying pronouns is a topic that can cause strong feelings for some, so organizations should take their time and plan an implementation before rushing to deployment.
Microsoft is dropping lots of hints to the press about the imminent arrival of the new Teams client (V2.1), due to arrive in public preview in late March 2023. According to reports, the new Teams client will deliver better performance while using 50% less memory and making fewer demands for CPU. It all sounds great. With the new client coming into sight, it’s time to prepare Teams update policies to make sure that the right users get the new software at the right time.
Version 5.0 of the Microsoft Teams PowerShell module contains a major overhaul for the Get-CsOnlineUser cmdlet, which receives better filtering capabilities. The overhaul is part of Microsoft’s ongoing efforts to modernize and enhance the cmdlets inherited from the Skype for Business Online connector. Although there’s still work to do to fix some glitches, the update is welcome.
The new Azure AD app property lock feature (in preview) prevents attackers updating the credentials for an Azure AD enterprise app so that they can get an access token and exploit the app’s permissions. This technique has been used in several attacks, notably the infamous SolarWinds exploit in 2021. The app property lock is not mandatory and it’s important to keep on checking the audit log to make sure that attackers don’t creep into your tenant.
Mail contacts have long been used by Exchange organizations to provide an identity for external people. Contacts show up in the GAL to make it easy for users to send messages to external people and they can be included in distribution lists. The downside is that mail contacts are only available to Exchange Online. Perhaps the time is right to consider switching focus to Azure AD guest accounts? We explore the option here.
The Office 365 for IT Pros March 2023 update is available. Subscribers can download the updated files from Gumroad or Amazon. The March 2023 update contains lots of new content and changes ranging from the fallout of the Yammer rebranding to the general availability of Teams Premium. It’s an important update to download and use.
The new SharePoint block download policy applies at the site level to stop users downloading files, even to work with them using the Office desktop apps. It also stops people printing and synchronizing files. In this article, we explain how to apply the policy with PowerShell, including how to apply the SharePoint block download policy to all sites assigned a certain sensitivity label.
The Test-Message cmdlet is a useful tool to check if Exchange transport rules and DLP policies work correctly. You can input a test message to see what happens as the Exchange transport service applies transport rules, DLP policies, and auto-label policies based on the message contents and properties. Nice as it is to have the Test-Message cmdlet, human knowledge of what transport rules should do is probably an even more important asset.
A recent Practical365.com article got me thinking about the Report Message and Report Phishing Outlook add-ins and how the new Monarch client can’t use COM add-ins. Microsoft is busily updating its add-ins to move away from COM to embrace the new approach based on HTML and JavaScript. If Microsoft is taking this action, I hope the same is happening in ISVs and in-house development teams who generated COM add-ins in the past.
The subscription versions of the Office desktop apps now boast a sensitivity bar to show users what sensitivity label applies to the document they’re working on. It’s a good change because it means that people have full access to information about available labels. You can opt to hide the sensitivity bar, meaning that you hide the name of the sensitivity label rather than the complete bar.
Exchange Online will create a new inbound connector but won’t activate it until the tenant gives a business justification to Microsoft Support. The restriction applies only to tenants created after January 1, 2023. Microsoft isn’t saying why they implemented the restriction, but it’s likely because of a security concern. In any case, the deafening silence from Microsoft has left ISVs that depend on inbound connectors in a very bad place.
Applying a default sensitivity label to a SharePoint Online document library is just one of the set of security and management and governance features requiring the new Syntex Advanced Management license. The new license is in preview so all the features that it covers might not be fully baked. Microsoft 365 customers might well ask if this is yet another example of Microsoft bundling features into a new paid-for add-on license. Of course it is. You don’t expect new functionality for free, do you?
As part of its rebranding of Yammer to Viva Engage last week, Microsoft added the Viva Engage Core service plan to user accounts. Which is nice, unless a tenant had blocked Yammer. The new service plan means that accounts can now use Yammer In many cases, it won’t matter too much that users can now access Yammer, but in other instances it will. In any case, we should tidy up by removing the Viva Engage Core service plan from any account that already blocks Yammer. Some PowerShell does the trick, but it would have been nice if Microsoft had thought things through a little more.
Microsoft announced that the new Message Recall feature is rolling out to tenants worldwide. They hope to increase the success rate for recalls imitated by users from 40% to 90%. Significant limitations exist. Message recall only works from Outlook for Windows and recall can only handle messages that remain within the same Exchange organization. Even so, the prospect of a huge improvement in the success rate will make the new feature very attractive to the people who really need to recall a message.
On April 12, 2023, Microsoft will retire the original version of Teams free introduced in 2018. If you want to stay using a free version, Microsoft has Teams for Home. However, the functionality isn’t the same and there’s no migration tools available to move from one platform to the other. In this kind of situation, it might just be time to bite the bullet and pay for Teams.
Mesh avatars are a new visual way for people to participate in Teams meetings. A mesh avatar is a 3D representation of a person used instead of a video image. Some will consider the notion of using an avatar in a meeting abhorrent, but it’s really not that bad and can be very useful at times. Using avatars is an intensely personal decision. For some, it might be their first step into the metaverse. For others, it could be their last (until something better comes along)…
Microsoft announced that they will rebrand Yammer as Viva Engage. The decision isn’t surprising given the relative lack of success the Yammer brand has had within Microsoft 365 since its acquisition in 2012. The hope is that the now-renamed Yammer can forge ahead and be more successful under the Viva brand. Time will tell.
After a while, you discover the holes in any technology. In the case of the Microsoft Graph PowerShell SDK, some inconsistencies await unwary developers. The SDK doesn’t like $Null, doesn’t support pipelining, insists on specific property casing at times, sometimes accepts user principal names and sometimes doesn’t, and sticks valuable data in hash tables hiding in a property you might know nothing about. Good as it is to have the SDK cmdlets, they need to be treated with care as you transition from the old Azure AD and MSOL modules.
Room mailboxes are still heavily used for in-person meetings. It’s good to know how often and when rooms are used, which is why we have the room mailbox report script. In the second version of the script, we include code to figure out the daily usage pattern of individual rooms and for all rooms across the organization. The graphics in our bar chart are crude, but the chart is generated with a few lines of PowerShell, so feel free to improve the script.
Microsoft makes a 30-day Teams Premium trial license available to allow customers to test the premium features. Once the trial finishes, it’s a good idea to clean up and remove the Teams Premium trial licenses from the Azure AD accounts that participated in the trial, especially as the trial license has the same display name as the paid-for Teams Premium license. You can accomplish the task through the Microsoft 365 admin center, but we explain how to do the job with PowerShell too. The same technique works to remove any specific license from a set of user accounts.
Teams Premium is now generally available. Not all its features are online yet, but Teams meeting templates are, so we tested them to see if they help users to organize better meetings. After playing around with templates, including the optional use of sensitivity labels to control template settings, we conclude that this is a nice feature to have but maybe not one that will influence the buying decision for Teams Premium.
It’s easy to invite people to become guest users in a Microsoft 365 tenant, but some of the invitees never accept the invitation. Perhaps they don’t need to redeem the invitation to do work or maybe it’s because they don’t want to. In either case, Azure AD guest accounts with unredeemed invitations can accumulate and become stale. In this post, we discuss how to use PowerShell to find and remove those stale accounts in a safe manner.
Microsoft plans to retire Azure Automation Run As Accounts on September 30, 2023 and replace them with managed identities. I don’t have any issue with the proposal because managed identities are more secure and a better overall solution. It would have been nice if Microsoft had communicated the change more broadly. I guess if you were in the know, you found out about this development, but maybe the average Microsoft 365 tenant administrator might have struggled to discover what’s happening.
Discovering new PowerShell tricks is always a delight, especially if they help solve problems. In this post, I cover a situation where a trick from the dawn of PowerShell helped answer a query about the Microsoft 365 Groups and Teams activity report script. I also discuss why better alternatives exist to the Export-CSV cmdlet when it comes to exporting report data containing non-ASCII characters.
Every quarter, Microsoft reports its progress in growing Office 365 revenue. An important measure is the average revenue per user (ARPU), which has grown steadily over the last few years as Microsoft convinces customers to upgrade to more expensive licenses. Microsoft’s desire to drive ARPU higher won’t stop, so customers need to keep an eye on the licenses they buy to make sure that the licenses are suitable for the organization and assigned to the right people… and that no licenses are left unused.
The February 2023 update for the Office 365 for IT Pros (2023 edition) eBook is available for subscribers to download. This is the 92th monthly update for Office 365 for IT Pros, something that makes the book unique in terms of its ability to remain current in the changing world of Microsoft 365. In 2022, people in 82 different countries subscribed to Office 365 for IT Pros. That’s a proud record which we hope to improve on in the coming years.