Azure AD administrators should be able to assign a reserved alias to a new group. At least, that’s what the documentation says. As it turns out, this isn’t strictly true as there are places where administrative interfaces (GUI and PowerShell) block any attempt to use reserved aliases. Does this matter? Probably not, unless you like consistency… which we do!
A new music mode for Teams desktop clients is rolling out now to improve the quality of music playback in Teams meetings and calls. The new feature depends on the Satin codec released earlier this year. Basically, music mode delivers high-quality playback even when connected across poor networks when packet drops are common and throughput is uncertain. A range of other controls are available to adjust the audio stream when hosting meetings using professional facilities. It’s all too much for this non-audiophile, but music mode is great for those who care.
Microsoft has moved retention processing for SharePoint Online, OneDrive for Business, Teams, and Yammer from the Managed Folder Assistant to a new retention assistant. (background processing job). It’s part of an effort to use workload-agnostic processing whenever possible to perform retention actions across Microsoft 365.
Microsoft plans to start removing the automatically-generated transcript of some Stream videos in September 2021. Only automatic transcripts are affected, and only if no one is looking at the video. If you’ve taken the time to edit a transcript or upload a manual transcript, Stream will leave these transcripts alone. It’s all part of the big plan to get Stream off its own Azure storage and onto SharePoint Online and OneDrive for Business.
Teams supports pinning of chats to highlight important messages to chat participants. You can also pin messages in channel conversations, but the highlighting is different. Like many things in life, it’s the details that matter when figuring out how useful message pinning will be for individual users. I’ve found a way to make chat pinning useful for me. The question is whether you can do the same!
Microsoft 365 notification MC277196 informs tenants about a new service plan to control the Nucleus synchronization engine. In effect, this means you can disable offline working with Microsoft Lists. The new service plan is due to turn up in Office 365 SKUs in September 2021. Lists will get a new icon to show their synchronization status. Apart from the delayed deployment of Nucleus, it’s all good news.
Microsoft hopes to accelerate the removal of TLS 1.0 and 1.2 connections from Exchange Online by disabling connectivity in 2022 and forcing organizations which need to use the older protocols to connect to a new “legacy smtp” endpoint. It’s not a bad plan because it transfers responsibility for choosing to use obsolete connections to customers. Most organizations will go with the flow (no pun intended) and use TLS 1.2, but those who need some time to update applications and devices know what they have to do.
In this post, we describe how to use PowerShell to remove a single service plan from Microsoft 365 licenses using PowerShell. The script can remove any service plan from any SKU (license) in a tenant. You might want to do this to disable access to an obsolete feature (like Sway) or to prevent access to a new feature until the organization is ready to support user activity.
In October 2021, Microsoft will enable the Azure AD email one-time passcode identity provider in tenants. SharePoint Online and OneDrive for Business will use the provider to control access for external people to its resources. The net effect is that Azure AD will create guest accounts for external sharing recipients. Even though guest accounts need to be managed, there’s lots of good reasons to use guest accounts, as we describe here.
In this post, we explore how to use PowerShell to create a report about distribution lists and their owners. The script is quick and dirty, but it works, and the code will run on both Exchange Online and Exchange Server and generates both HTML and CSV outputs. We also look at whether it’s possible to speed things up by using Microsoft Graph API calls. As it turns out, because we’re interested in owner information, it’s no faster to retrieve distribution lists using the Graph. However, as shown in a second script, the Graph is great at retrieving membership information.
The OneDrive for Business sharing control (also used by SharePoint Online) now shows thumbnails of the set of people who already have access to an item. The idea is to give owners of information an at a glance view of who has access. It’s a nice change which adds something that probably no one thought was missing, The little things add all the difference!
Microsoft 365 retention policies control how the system removes items automatically from Exchange Online, SharePoint Online, Teams, and other locations. Because these policies are so powerful, it’s a good idea to keep an eye on who makes changes to their settings. The audit log is a natural place to go looking for information about policy updates and while we can find information there, some of the data is oddly formatted or obscured for some reason. Persistence and PowerShell delivers answers, but this is a task way harder than it should be.
Controlling the creation of Microsoft 365 Groups might seem complex, but it’s not as complicated as it might seem. Make sure Azure AD allows group creation, and then you can either allow everyone to create new groups or restrict the right to a limited set of accounts (a capability requiring Azure AD Premium licenses). And don’t forget OWA, because it’s got its own mailbox policy with a group creation setting. All good, clean, honest fun.
A recent conversation in the Microsoft Information Protection (MIP) community on Yammer about deleted templates led to a discussion about how this might affect users, like those who apply sensitivity labels with encryption to protect documents in SharePoint Online or email in Exchange Online. As it turns out, MIP has a backstop or get out of jail free card, but to understand how it works, you need to understand a little bit about publishing licenses and use licenses. We explain what happens in this article.
Microsoft has updated the creation settings for security groups and Microsoft 365 groups in the Azure AD admin center. The changes impose consistency over administrator creation of these groups and probably won’t affect tenants, but it’s good to check. The change makes us ponder why Microsoft doesn’t improve the GUI for other group controls, like those controlling who can create new Microsoft 365 Groups.
The Viva Insights app for Teams now boasts Headspace-powered meditation to add to its mindfulness capabilities. Available to English users with Exchange Online mailboxes, the set of six meditation exercises and two music selections will help some people relax and destress. Others won’t be interested, but that’s OK because a new PowerShell cmdlet is available to turn the Headspace feature off.
Microsoft’s Whiteboard app is moving its storage off Azure to OneDrive for Business. The switchover will happen in October 2021, but tenants can opt-in to use OneDrive storage from the end of August. Some Whiteboard clients won’t be able to cope with OneDrive then, but Microsoft says that everything will be straightened out for the switchover in October. As we explain here, it’s a good idea (for many reasons) to move Whiteboard storage to OneDrive.
A reader asked how to move membership of multiple distribution lists from one mailbox to another. We use PowerShell to do the job. Only a few lines are needed to switch the memberships, but we add a few more lines to make the script work better. We don’t handle dynamic distribution lists. This is possible for precanned (simple) filters, but given the number of dynamic distribution lists usually involved, it’s probably best to update directory settings manually.
In September Microsoft will introduce a new auto-expiration feature for Teams meeting recordings stored in OneDrive for Business and SharePoint Online. By default, recordings will be moved to the recycle bin 60 days after creation (30 days for users with Office 365 A1 licenses). Tenants can control the default expiration period using Teams meeting policies while users can override expiration for individual files. And if you use retention policies to control Teams meeting recordings, their instructions take precedence over auto-expiration.
The August 2021 update is now available for the Office 365 for IT Pros (2022 edition) eBook. Subscribers for the EPUB/PDF version can download books from Gumroad.com while Kindle purchasers can ask Amazon support for access to the updated files. Like every monthly update, August 2021 features a wide range of changes to different chapters across the book. Being able to issue monthly updates is a luxury afforded by the ePublishing model that makes sure that Office 365 for IT Pros is always up to date and current.
The Safe Links capability in Microsoft Defender for Office 365 is now generally available to protect Teams messages in chats and channel conversations, and even in web site links pinned as a channel tab. Most bad links flowing into an Office 365 tenant will continue to arrive by email, but this new capability closes off a gap where users are tempted to make a poor decision to share a malicious link through Teams.
Exchange Online already imposes limits on the number of messages a mailbox can receive per hour. New limits will restrict the number of messages individual senders can send to a third of the overall limit. The restriction doesn’t apply to senders with an Exchange Online mailbox in the same tenant. And if a mailbox runs into a limit, it features on the splendidly named Hot Recipients report. What’s not to like about that.
Microsoft claims that Teams has “nearly” 250 million monthly active users, which is quite a jump for the 145 million reported in April. We take a closer look at the numbers to try and figure out how Microsoft arrived at such a number. It seems like they can get there by lumping the numbers for commercial, education, and personal users together, but that’s not the same as reporting a nice simple number for commercial usage.
The message center in the Microsoft 365 admin center will soon use a new data privacy tag to highlight specific service updates to tenant administrators. No messages with the new tag have yet appeared, so it’s hard to know how Microsoft plans to use the new tag or what kind of attachments it will make available to administrators to help understand the sensitive data involved in data privacy. While we’re waiting, we took at look at the tags in use today and wrote some PowerShell to report which tag is most popular.
Many PowerShell scripts which access Office 365 data could do with a speed boost. Replacing cmdlets with Microsoft Graph API calls is one way to get extra speed. In this article, we take a PowerShell script to report the memberships users have of Microsoft 365 groups and replace some important cmdlets with Graph API calls. The result is a big speed increase.
Project Moca is no longer a separate OWA component. Boards created in Moca are now available through the OWA calendar, just like other boards created there. The question is how Microsoft will bring the board view to Outlook desktop. I figure it’s a candidate for OCX and WebView2, just like the Room Finder. Time will tell.
If their developers allow, Office 365 tenants can customize the properties of Teams apps to add their own icons, text, and links. In this article, we show how by customizing the Yammer Communities app to add a most remarkable photo taken at an Ignite event, a snazzier title (that no one can see), and some modified text. Is this enough to make the exercise worthwhile? that all depends on how you feel about corporate branding!
The preview of a new app governance add-on for Microsoft Client App Security gives Office 365 administrators insight into Graph-based apps. The add-on depends on information gathered from Azure AD and MCAS to generate insights about apps and their usage, including highlighting apps which are overprivileged or highly privileged. Although you can do some of the auditing yourself, the add-on makes it easier. It’s a preview, so some glitches are present.
Office 365 tenants users will soon be able to execute self-service purchase Windows 365 licenses. That is, unless you stop them by running some PowerShell commands to disable the capability. In this article, we explain the Windows 365 options available for self-service purchase and the PowerShell commands necessary to disable the option, if you think it’s a bad idea (as some do).
The Nostalgia set of Teams background images includes Office Clippy, the famous Bliss image used for the Windows XP desktop, and images of Paint and Solitaire. These are only part of the wide selection of suitable images to use as background effects in Teams meetings. And if you’ve got a great image to share, you can upload it to the Microsoft Gallery for others to use.
A new option in the Teams desktop and browser clients allows users to choose how they open Office documents. The choices are Teams (a viewer), browser (Office Online), and the desktop app. Being an old-time stuck-in-the-mud kind of person who’s used Office for 30-odd years, I naturally selected desktop apps. After all, who doesn’t like seeing Word spin up for the 99th time in an afternoon?
The latest version of the SharePoint Online PowerShell module reveals some new site properties to inform administrators if sites are connected to teams or even team channels (both private and shared). There’s also some changes coming to the SharePoint Online admin center, all of which are very useful in terms of tracking the sites used by Teams.
Office 365 tenants will soon be able to create adaptive scopes for retention policies. An adaptive scope is nothing more than a filter to select target mailboxes, sites, and Microsoft 365 groups based on some criteria. They’re adaptive because administrators don’t have to update policies as they add new objects. Like other Microsoft 365 Information Governance features which automate some aspect of operations, adaptive scopes are likely to demand Office 365 E5 or Microsoft 365 E5 Compliance licenses.
The thoughts of using Microsoft Graph API calls with PowerShell might seem to be too much trouble, but used correctly, Graph API calls help scripts speed up and get to some data that is not reachable through a cmdlet. I have a simple four-step approach that I use to figure out if I need to include some Graph API calls. The routine works for me. Feel free to disagree.
It is now possible to apply Microsoft 365 retention policies to Teams private channel messages. The messages are in user mailboxes and discoverable due to their properties. All the retention policy must do is find the messages and apply the policy settings, and if an item is expired, remove it from the mailbox. Easy… or is it?
Outlook and OWA users will soon see a banner notification to recommend the installation of an Edge extension. The extension logs into the user account to peek into the mailbox, calendar, tasks, and contacts. Tenant administrators have until July 30 to decide if they will block the display of the banners. This can be done using the Office Cloud Policy Service or a Group Policy Object.
New teams created using Teams clients are hidden from Exchange Online, but those created using administrative interfaces are not. The result is potential confusion. in this post, we describe a PowerShell script to find any team-enabled Microsoft 365 Groups which are visible to Exchange and hide them. It’s easy scripting, but you need to run the script periodically to update the settings for new teams.
Yammer compliance records are generated by the Microsoft 365 substrate and consumed by features such as communications compliance policies and eDiscovery. In this post, we consider where Yammer compliance records are stored and what they contain and how to use PowerShell to figure out the activity levels of Yammer communities.
Office 365 will see a batch of delayed features arrive during July 2021 along with two notable retirements and a new Personal Item Insights control. After going through the set of delayed features announced in the Microsoft 365 admin center, we share our list of the most important items here along with the two big retirements in the month and a new personal privacy control.
How do you create a report of all the Teams in a tenant and their SharePoint Online sites? As it turns out, a two-line script does the job. We make the script slightly prettier, but it’s still simple. And because it’s PowerShell, anyone can change the code to make it work the way they want it to.