Teams Integrates Viva Engage CommunitiesJanuary 23, 2026 7:00 am-A new integration with Viva Engage is available for Teams. The integration adds communities to the Teams navigation bar. It’s kind of odd when a separate highly functional Communities app exists. It’s unclear who is demanding another point of integration between Viva Engage and Teams. The suspicion is that this work is due to internal politics rather than to facilitate better collaboration.
Automating Microsoft 365 with PowerShell Update 20January 22, 2026 7:00 am-Monthly update #20 for the Automating Microsoft 365 with PowerShell eBook is now available for subscribers to download the updated EPUB and PDF files. Like any monthly update, #20 includes a mixture of new information, revisions, and even some bug fixes (changes to text or examples). Meantime, assembly clashes continue to be a bugbear for Microsoft 365 PowerShell modules. Microsoft should fix this problem!
Generate a Weekly Report of Role AssignmentsJanuary 21, 2026 7:00 am-This article explores how to use Entra ID audit records to create a weekly report about role assignment additions and deletions. After deciphering the information contained in the audit records, it’s easy to generate a report showing who made the assignments and if any critical role assignments are in the mix. We can then email the report to interested parties, all with some relatively simple PowerShell.
Synchronizing Security and Microsoft 365 Group MembershipsJanuary 20, 2026 7:00 am-An article from 2018 uses the AzureAD and Exchange PowerShell modules to synchronize membership between a security and a Microsoft 365 group. The idea is to enable collaboration for the members of the security group. This version does the work with the Microsoft Graph PowerShell SDK. The code is better and it will work as an Azure Automation runbook, which is always nice.
How to Create SharePoint Sites with the Graph APIJanuary 19, 2026 7:00 am-Microsoft released the beta version of the SharePoint Online create Site API for the Microsoft Graph in late November 2025. Since then, Microsoft has dropped one of the three site templates. Playing with the API, we’ve discovered that the API can certainly create sites but that the SharePoint Graph API misses a heap of features, like adding members to the new site. Oh well, one step forward…
Some Microsoft Graph PowerShell SDK Cmdlets Lose Body ParametersJanuary 16, 2026 7:00 am-A change made for some Directory Graph APIs has flowed through to the Microsoft Graph PowerShell SDK and affected how the associated cmdlets work, including the beta cmdlet to restore a deleted user account and while replacing the user principal name. Fortunately, the workaround is easy, but it is upsetting when something that worked suddenly doesn’t, even if it is a beta cmdlet.
Purview eDiscovery Simplifies Content Searches in February 2026January 15, 2026 7:00 am-As part of the modernization of the Purview eDiscovery solution, Microsoft will simplify the content searches UX in February 2026 to remove features that are inappropriate for the way that content searches are intended to be used. The change is logical and reasonable because you should use a full eDiscovery case to access all the eDiscovery functionality.
Teams External Collaboration Administrator Role ArrivesJanuary 14, 2026 7:00 am-A new Entra ID role is coming. The Teams External Collaboration administrator role allows users to manage external collaboration settings. Quite how often Microsoft 365 tenants need to manage these settings is unknown, but it’s a useful prompt to review the current set of roles used and users who are members of those roles. Time for an annual clean-up.
SharePoint Online Site Administrators Can Now Control Restricted Content DiscoveryJanuary 13, 2026 7:02 am-Restricted Content Discovery (RCD) is a feature that blocks access by Microsoft 365 Copilot and agents to the files stored in a SharePoint Online site. Instead of relying on tenant administrators, site administrators can now enable or disable RCD. It’s a natural evolution of what is an essential feature to keep sensitive and confidential information being leaked inadvertently by AI.
The Channel Agent Brings AI Interactions to Teams ChannelsJanuary 12, 2026 7:00 am-Chat and meetings have their agents, and now the Teams channel agent is available to help members understand what happens inside channels. Like any AI agent given limited sets of data to reason over, the channel agent does a good job of finding nuggets hidden in conversations. The issue is that the channel agent doesn’t currently work for channels that have external members, like guest accounts. That’s a big downside.
Entra ID Rationalizes Session Revocation for User AccountsJanuary 9, 2026 7:00 am-Microsoft is rationalizing the options to revoke sessions for a user account in the Entra admin center by removing an old revoke MFA sessions button. That seems like a perfectly reasonable thing to do. When administrators want to revoke sessions for an account, the best way is to create a PowerShell script to perform the necessary steps. That way you don’t need to worry about buttons.
Microsoft Cancels Exchange Mailbox External Recipient Rate LimitJanuary 8, 2026 7:00 am-After considering customer feedback, Microsoft cancelled the mailbox external recipient rate limit for Exchange Online. The idea behind the new limit was simple – it makes life more difficult for spammers to use Exchange Online as a platform. Unhappily, customers didn’t like losing the ability to send relatively small amounts of external email for different reasons. C'est la vie.
Teams Delivers a Slack Migration ToolJanuary 7, 2026 7:00 am-Microsoft announced the availability of a Slack to Teams migration tool in the Microsoft 365 admin center. The new tool exists to assist the 79 million monthly active users of Slack who might want to move to Teams and don’t know how to get there. ISVs have been helping people move from Slack to Teams for years, so other migration options exist.
A Quick Look at Purview Data Security InvestigationsJanuary 6, 2026 7:00 am-During the quiet holiday period, I tested the new Purview Data Security Investigations (DSI) solution, which seems to be put together from bits of Microsoft 365 together with Security Copilot and some generative AI. Assembling new solutions from existing components makes sense because it reduces engineering effort. Without real data, it's hard to know how effective DSI is, but the cost of an investigation came as a real surprise.
SharePoint Online Dumps Legacy Compliance FeaturesJanuary 5, 2026 7:00 am-MC1211579 (3 January 2026) announces the retirement of four legacy SharePoint compliance features in favor of Purview Data Lifecycle management and Records management. It’s always unsurprising when Microsoft chooses to remove old features developed for on-premises and replaces them with better online options, which is exactly what’s happening here. Some tenants might face additional licensing requirements for Purview.
Teams Admin Center Simplifies External CollaborationJanuary 2, 2026 7:00 am-Microsoft is rolling out a UX update for the Teams admin center to make it easier to manage external collaboration settings. The new UX doesn’t introduce any new features. Instead, its goal is to hide some of the policies and settings complexity that sometimes afflicts the Teams application. It’s a good change, even if it probably won’t make much difference.
January 2026 Update for Office 365 for IT ProsJanuary 1, 2026 7:00 am-Monthly Update #127 for the Office 365 for IT Pros eBook (2026 edition) is now available for current subscribers to download from Gumroad.com. In this note, we explore some of the options the writing team is considering for the next edition of the book. Microsoft 365 doesn’t stop changing, so it makes sense for the best Microsoft 365 book available today to change to reflect new developments.
Training People to Use Microsoft 365 Copilot EffectivelyDecember 31, 2025 7:00 am-A LinkedIn post explained how the UK Revenue and Customs authority train 30,000 people to use Microsoft 365 Copilot effectively. It’s a reminder that introducing complex software to a user community takes careful planning and support, including the provision of well-planned training to help people exploit the new software as quickly as possible. Otherwise, some of those expensive licenses might be wasted.
The Exchange EnforcedTimestamps Mailbox PropertyDecember 30, 2025 7:00 am-While examining mailbox properties, I noticed that the EnforcedTimeStamps property held some information that I just couldn't explain. Google search was no help, but Microsoft Copilot told me that the information related to the management of compliance holds. Basically, the data are guardrails to help the Managed Folder Assistant do the right thing, which is nice, even if no documentation exists.
How to Report DLP AlertsDecember 29, 2025 7:00 am-MC1169572 announces that administrators can add classifications to DLP alerts to help with reporting. But how do you report DLP alerts? As it turns out, it’s relatively easy to retrieve DLP alerts via the Microsoft Graph Security API. Using the Get-MgSecurityAlertV2 cmdlet from the Microsoft Graph PowerShell SDK makes it even easier to find and report the data.
Microsoft Graph PowerShell SDK V2.34 Makes WAM the DefaultDecember 23, 2025 7:00 am-The Web Account Manager (WAM) authentication broker becomes the default method for handling interactive Microsoft Graph PowerShell SDK connections from V2.34 onwards. The rapid release of a new version (V2.33 appeared 12 days beforehand) is usually a sign of a big problem, but in this case the reason is more likely to be a security vulnerability that’s just come to light. We’ll find out after the holidays.
Automating Microsoft 365 with PowerShell Update 19December 22, 2025 7:00 am-Update #19 of the Automating Microsoft 365 with PowerShell eBook is now available. Subscribers can download the updated PDF and EPUB files from Gumroad.com. A paperback version is also available, but we can’t update the print characters. In any case, a new SharePoint create Site API is in beta, and a new version of the Microsoft Graph PowerShell SDK is available. Both have their moments, as we discuss here.
Microsoft Tenant-to-Tenant Migration OrchestratorDecember 19, 2025 7:00 am-Microsoft has launched a tenant-to-tenant migration orchestrator solution in public preview to migrate mailboxes, OneDrive accounts, and Teams chat between tenants. ISVs have been active in the T2T space for a long time. They probably won’t welcome the new Microsoft offering, but at least the migration orchestrator legitimizes the concept of tenant-to-tenant migration.
Removing Retention Holds from Exchange MailboxesDecember 18, 2025 7:00 am-A new Exchange Online feature allows administrators to remove multiple types of holds from mailboxes (usually inactive mailboxes). It’s a great way to release holds that might be keeping inactive mailboxes lingering in a tenant. The feature doesn’t remove holds used to retain items required for eDiscovery or other compliance purposes. Even so, this is definitely a feature that needs to be carefully tested.
SharePoint Online Expands Version Expiration for Audio and Video FilesDecember 17, 2025 7:00 am-Microsoft is launching version expiration policies in SharePoint Online for audio and video files. The approach is the same as used for intelligent versioning of Office files stored in SharePoint Online and OneDrive for Business and can be configured at the tenant, site, and document library level. If your tenant uses Clipchamp, this could be a way to save expensive SharePoint storage.
Old Versions of Exchange ActiveSync Clients Get the BulletDecember 16, 2025 7:00 am-Exchange Online will require email clients to use Exchange ActiveSync (EAS) V16.1 to connect from March 1, 2026. Email clients that use older versions of EAS won’t be able to synchronize with Exchange Online to upload outbound messages or download messages, attachments, and calendar items. There should be relatively few clients using an old version of EAS, but it’s wise to check.
Microsoft Baseline Security Mode Rolls OutDecember 15, 2025 7:00 am-Microsoft has released a set of security benchmark recommendations for Microsoft 365 tenants that it calls baseline security mode. The recommendations cover authentication, file access, and Teams and the idea is that these are settings that Microsoft believes have proven their value over the years. The only criticism that you might have is about the potential clash for conditional access policies, but that’s not serious.
Microsoft to Enable Anthrophic Models by DefaultDecember 12, 2025 7:00 am-After the fuss around the initial introduction of the Anthrophic models into Microsoft 365 in September, we learn that Microsoft will enable access for all in January 2026. It would have been so much better had Microsoft said that they were working on the data protection arrangements with Anthrophic, but that didn’t happen. Is all well now? We’ll see in January…
Testing the MCP Server for EnterpriseDecember 11, 2025 7:00 am-The MCP Server for Enterprise is one of a set of preview servers released by Microsoft to show how MCP servers can help Microsoft 365 tenants get real work done. I’m sure things will improve, but the current state of the preview is that it can do a splendid job to answer simple questions, but once things get more complex, don’t depend on any of the PowerShell code the server generates.
Teams Messaging Gets AutocorrectDecember 10, 2025 7:00 am-The addition of Autocorrect for messaging is a small but important change for Teams messaging brings Teams up to speed with the other Office applications. It’s taken Teams a little longer than it perhaps should have to support Autocorrect and the implementation is not as functional as it is in Outlook, but that’s not a reason to overlook the update.
Checking Where Tenant Users Go as GuestsDecember 9, 2025 7:00 am-After all the fuss about Teams users inviting people to chat via email, tenant administrators realize that knowing where users are active as guest accounts is not as easy as it might seem. Part of the problem is that data about user activity is mostly controlled by host rather than home tenants. However, it’s possible to extract some information from audit sign-in logs to figure out where tenant users go as guests.
Microsoft Increases Office 365 and Microsoft 365 License PricesDecember 8, 2025 7:00 am-Customers will see their bills increase from July 1, 2026, when Microsoft 365 pricing increases go into effect, adding up to $3/month for licenses. This is the first increase since March 2022, and it moves the baseline Office 365 E3 license to $26/month and Microsoft 365 E5 to $60/month. Microsoft justifies the increases based on the functionality and apps it delivers. Time for a licensing review!
Microsoft Blocks EWS Access for Kiosk UsersDecember 5, 2025 7:00 am-A December 2 announcement says that Exchange Online will block access to Exchange Web Services for users with kiosk or frontline worker licenses from June 2026. In fact, the Exchange Online service description has always excluded EWS access for these licenses, but the necessary code to enforce the exclusion was never implemented. It will be in March. Time to check licenses...
Journey to Passwordless Authentication Might Include Some BumpsDecember 4, 2025 7:00 am-Microsoft recommends passwordless authentication to help secure Microsoft 365 tenants. The latest is synced passkeys, something that apparently leads to “syncability,” whatever that might mean. In any case, after some struggles, I managed to enable synched passkeys for my iPhone and then started to consider how to remediate user accounts that are flagged with a high-risk (compromised) status when they can’t simply update their password.
Talking Microsoft 365 Compliance at the European SharePoint ConferenceDecember 3, 2025 7:00 am-Paul Robichaux and I led a session about Microsoft 365 Compliance at the European SharePoint Conference in Dublin on December 2, 2025. During the session, we discussed how intelligent versioning works and its value in saving storage, priority cleanup and its ability to delete files even if the files are under retention hold, and the recent revamp of the Purview eDiscovery solution. We were thrilled at the attendance. Here’s what happened.
App-Only Authentication for SharePoint Online PowerShellDecember 2, 2025 7:00 am-The latest versions of the SharePoint Online PowerShell module support app-only authentication (certificate-based authentication) for the Connect-SPOService cmdlet. In other words, applications can now connect to SharePoint Online to run administrative cmdlets by presenting a registered Entra ID app and an X.509 certificate instead of the credentials for a human SharePoint administrator. It’s a good change, even if I still prefer using the Graph APIs for SharePoint automation.
Office 365 for IT Pros December 2025 UpdateDecember 1, 2025 7:00 am-The Office 3675 for IT Pros team is happy to announce that the files for update #126 are available for subscribers to download from Gumroad.com. The paperback edition of the PowerShell book has also been refreshed. Updated PDF and EPUB files are available for the Office 365 for IT Pros and Automating Microsoft 365 with PowerShell eBooks. Happy reading!
Checking the Effectiveness of a Transport Rule to Block Spammy EmailNovember 26, 2025 7:00 am-Some weeks ago, I wrote about using a transport rule to suppress spammy email by sending the messages to the quarantine. But what’s the best way to check the rule's effect? One method is to use the transport rule report PowerShell cmdlet to check for the actions you expect the rule to perform. Once information is found, it’s a matter of slicing and dicing the data.
How to Check if Shared Mailboxes Need MDO LicensesNovember 25, 2025 7:00 am-Shared mailboxes might need Microsoft Defender for Office 365 licenses, but how do you identify how many licenses? We use PowerShell to do the job by analyzing external email sent to shared mailboxes. If a mailbox receives external email, then by definition the mailbox receives benefit from MDO, and that’s the test for requiring a license.
Teams Messaging Gains New ProtectionsNovember 24, 2025 7:00 am-Teams now includes weaponized file protection and malicious URL protection to make sure that people don't share bad files or URLs in chats or channel conversations. Given that a user can post a message to up to 50 channels at one time, it obviously makes a heap of sense to check that any files or URLs that people share in chat or channel conversations are safe and not malicious.
Automating Microsoft 365 with PowerShell December 2025 UpdateNovember 21, 2025 7:00 am-The December 2025 update (version 18) of the Automating Microsoft 365 with PowerShell eBook is now available to download. Current subscribers can fetch the updated EPUB and PDF files from Gumroad.com using the link in their account (or receipt), but we can’t do much for the paperback edition except consider using scissors, paste, and Tippex, just like the old days.
Purview Launches New DLP Policy to Control Copilot PromptsNovember 20, 2025 7:00 am-A new DLP policy for Copilot prompts monitors blocked sensitive information types like credit card numbers to stop their use in Copilot prompts. The new policy can’t be combined with the existing DLP policy for Copilot, which checks for files with specific sensitivity labels to prevent Copilot from using their content in its responses. But that’s OK because the two policies do very different work.
Microsoft 365 Announcements at Ignite 2025November 19, 2025 7:00 am-The Ignite 2025 keynote was a marathon 150-minute event, but some interesting Microsoft 365 announcements emerged, mostly centered on AI. Microsoft is obviously focused on making AI and agents a very real part of tenant activities, so there’s new agent management and a repository among other things that will roll out in the year ahead.
Microsoft Launches Preview of Exchange Admin APINovember 18, 2025 7:00 am-Microsoft launched the preview of the Exchange Admin API on November 17. The new API is intended to close known feature gaps that exist in the Graph APIs and allow developers to migrate from EWS before Microsoft retires EWS in October 2026. Think of the Exchange Admin API as a discardable time-limited API that allows clients to submit cmdlets for processing. It’s certainly one way to approach the EWS problem!
Removing Inactive Entra ID User Accounts with PowerShellNovember 17, 2025 7:00 am-The Entra ID Governance solution includes a workflow to detect and remove inactive user accounts. Sounds good, but the same can be done with PowerShell if you want to avoid the cost of Entra ID Governance licenses or want to create a bespoke workflow that’s better suited to the business needs of the organization. Azure Automation would be a good way to process this workflow.
Copilot’s Temporary ChatNovember 14, 2025 7:00 am-A temporary chat with Microsoft 365 Copilot is one that forgets everything discussed in the conversation once the chat is over. The idea is that by leaving no trace, Copilot won’t recycle the ideas discussed in the chat later. Copilot absolutely discards the chat thread, but those pesky compliance records remain behind, ready for eDiscovery and other compliance investigations.
Microsoft Makes Another Change to Teams Channel Email Storage LocationNovember 13, 2025 7:00 am-In January 2025, Microsoft changed the SharePoint folder location to store copies of the email sent to Teams channels. Apparently, this update improved security, but it’s unclear exactly how the improvement comes about unless through obscurity. In any case, we missed this change completely and are publishing this note to remind everyone else of the importance of reading message center posts.
Auditing Claude Usage with the Copilot Researcher AgentNovember 12, 2025 7:02 am-The question was asked if it was possible to identify use of the Claude LLM by the Copilot Researcher Agent. Audit records often help, so that's the natural location to check. As it turns out, some information is captured when the Researcher agent is used, but figuring out if the agent uses the default ChatGPT-5 or Claude LLMs is a matter of intuition (or guesswork).
A Brief History of Soft-Deleted Entra ID GroupsNovember 11, 2025 7:00 am-Entra ID has long supported soft-deleted Microsoft 365 Groups. Now support is available to list and restore soft-deleted security groups in both the Entra admin center and cmdlets from the Microsoft Graph PowerShell SDK. The update is very welcome as it fixes a big recovery gap in the Entra ID story. Too many important security groups have been deleted in error, much to the chagrin of administrators.
Teams Gains Ability to Start Chat with Email AddressNovember 10, 2025 7:00 am-A new Teams feature allows users to initiate chats with any email address. This caused some commotion in the security community, but it's not that bad. In fact, it’s an extension of existing functionality that allows Teams users to chat with guest accounts. All that’s happening is that initiating a chat causes a new guest account to be created in the tenant, and there’s lots of controls to make sure that guests are controlled.
Reporting the Use of Emojis in Teams ReactionsNovember 7, 2025 7:00 am-This article explains how to use PowerShell to extract audit data to analyze the use of emojis as Teams reactions to chat and channel messages. This is not an exercise that leads to any great business value, but it’s a good way to show the sometimes surprising data that can be extracted from audit records.
Version 1.5 of the Microsoft 365 User Password and Authentication ReportNovember 6, 2025 7:00 am-The Microsoft 365 User Passwords and Authentication report now includes the last used date for authentication methods (when available). The new data is available through the Graph beta API for listing authentication methods and the equivalent Graph PowerShell SDK cmdlet. Another change that might break scripts is a new way to expose the created date for authentication methods. The changing sands of Graph programming...
Microsoft 365 Companion Apps Fail to ImpressNovember 5, 2025 7:00 am-Microsoft 365 Companion Apps are being deployed to Windows 11 PCs now. The apps don't seem to add much if any value over standard Microsoft 365 apps like Outlook and OneDrive. With that thought in mind, we move to unclutter PCs by either blocking the installation of the companion apps or stopping the apps starting up to take over valuable toolbar space.
Microsoft Won’t Dump Outlook for a New AI ClientNovember 4, 2025 7:00 am-A recent report says that new Microsoft leadership wants to reimagine Outlook with lots of many AI features to make the client much more of an effective assistant. While this might be true, it doesn't mean that New Outlook is dead. However, there’s a bunch of uninformed commentary out there alleging that Microsoft will change course dramatically. I think there is little chance that this will happen.
Office 365 for IT Pros November 2025 UpdateNovember 3, 2025 7:00 am-The Office 365 for IT Pros Team is happy to announce the availability of the November 2025 update. Subscribers can download the PDF and EPUB files for update #125 from Gumroad.com. In other news, we consider the lack of information provided at the Microsoft FY26 Q1 results and the quality of some reports that find their way onto the internet.
Microsoft Issues Updated Guidance for Defender for Office 365 LicensingOctober 31, 2025 7:00 am-Some inconsistencies in the MDO P2 service description and licensing terms exposed a need for tenants to license every user and shared mailboxes. Microsoft has changed the service description and licensing terms to make them simpler. Mailboxes still need MDO licenses, but only if they benefit from MDO protection, including MDO P2 if that’s what they use. Tenant admins have some extra work to do to deploy policies. All explained here.
Using the SharePoint Site Attestation PolicyOctober 30, 2025 7:00 am-The site attestation policy is designed to require site owners to make a positive statement that the settings of their site, including its current membership, are accurate. The idea is that requiring site owners to attest that their site is still needed will force people to decide whether sites are still in active use and should be kept online. If not, the policy can move the sites into Microsoft 365 Archive.
Modernizing Sensitivity Label Grouping for App DisplayOctober 29, 2025 7:00 am-Microsoft announced the modernization of grouping for sensitivity labels to a new "dynamic architecture." It doesn't take much to be more dynamic than the previous parent-child arrangement. Even if the announcement is a tad overhyped, it’s still goodness because administrators can now move labels between label groups in a way that wasn’t possible before. The new way of displaying labels should be everywhere in December 2025.
Auto-Updating Teams Work Location is Not Employee MonitoringOctober 28, 2025 7:00 am-As is the way of the internet, the news that a feature to automatically set the Teams work location for users created a huge fuss about the prospect that managers would keep an eye on employees based on their location. Of course, this is all rubbish. The update automates an existing feature that no sane manager would use to monitor employees.
Stealing Access Token Secrets from Teams is Hard Unless a Workstation is CompromisedOctober 27, 2025 7:00 am-Teams stores information in a local state file, including encrypted access tokens. A report from a French company explained how to extract and use those tokens with the Graph API. Is this important? It could be if attackers manage to gain access to a workstation, but at that point you’ve got other problems, and maybe using code to decrypt some tokens is the least of your troubles.
Allowing Users to Add Enterprise Apps to Entra ID is a Bad IdeaOctober 24, 2025 7:00 am-Enterprise apps can come from a variety of sources. Most are Microsoft 1st party apps, and the rest are ISV apps. It's easy to add an app without really intending to, which is a good reason to force users through the Entra ID app consent workflow when they want to add an app. Unhappily, I failed the test and added an app in a moment of weakness. Here’s what happened.
Updating the Entra ID Password Protection Policy with the Microsoft Graph PowerShell SDKOctober 23, 2025 7:00 am-The Entra ID password protection policy contains settings that affect how tenants deal with passwords. Entra ID includes a default policy that doesn’t require additional licenses. Creating a custom password protection policy requires tenant users to have Entra P1 licenses. As explained in this article, once the licensing issue is solved, it’s easy to update the policy settings with PowerShell.
Important Change Coming for Entra ID Passkeys in November 2025October 22, 2025 7:00 am-Entra ID is about to introduce passkey profiles, a more granular approach to passkey settings. The change is good, but you might like to check the current passkey settings to make sure that the values inherited by the new default passkey profile behave the way that you want. In particular, check attestation enforcement to make sure that the right kind of passkeys are used.
Automating Microsoft 365 with PowerShell November 2025 UpdateOctober 21, 2025 7:00 am-The November 2025 update for the Automating Microsoft 365 with PowerShell eBook is available online. Subscribers can download the new PDF and EPUB files from their Gumroad account. As always, the update features a mixture of new and updated information, some corrections, and removal of obsolete information. Look no further for guidance about using PowerShell with the Graph APIs to interact with Microsoft 365 data!
New Audio-Only Recording Option for Teams MeetingsOctober 20, 2025 7:00 am-A new audio-only recording option for Teams meeting suppresses the video feed from meeting participants when generating the MP4 file for the meeting recording. The idea is to better preserve user privacy during recording playbacks. Few will miss the video stream because the audio is usually more important. The audio is also the basis for the meeting transcript, and that leads to AI-generated outputs like meetings summaries and action items.
Outlook Gets AI Drafting of Meeting AgendasOctober 17, 2025 7:00 am-Agenda auto-draft is a new feature for OWA and the new Outlook to help meeting organizers create a draft meeting agenda using AI. The Copilot-generated draft agenda contains an introduction and some bullet points created from the meeting subject. It’s not a make or break feature for Microsoft 365 Copilot. Some will like it, if they discover how to use agenda auto-draft.
Using the Secret Management PowerShell Module with Azure Key Vault and Azure AutomationOctober 16, 2025 7:00 am-If you can't use managed identities, credential resources are a way to manage username and password credentials for Azure Automation runbooks. The Secret Management module is an alternative, and it’s a good option to manage credentials that are shared between interactive scripts and automation runbooks. This article describes how to use the Secret Management PowerShell module to fetch credentials stored in Azure Key Vault for use in an automation runbook.
The My Sign-Ins Portal, Applications, and Conditional AccessOctober 15, 2025 7:00 am-A recent change has exposed the applications used by the My Sign-ins portal for use in conditional access policies. This article discusses the app-centric nature of Microsoft 365 and Entra ID and why it’s important that the newly-revealed set of applications are available for conditional access processing, just in case the Entra ID agents planned by Microsoft can't optimize your policies.
Changing the Offline Access Period for Sensitivity LabelsOctober 14, 2025 7:00 am-One of the settings for sensitivity labels governs how long items protected by a label remain accessible (including offline access) before reauthentication. The default is 30 days, which is a good balance between security and avoiding users having to constantly reauthenticate to open protected messages and files. If necessary, tenant administrators can change the validity period to be anything from 0 to 65535 days.
ChatGPT Enterprise Connects to SharePoint OnlineOctober 13, 2025 7:00 am-OpenAI has launched a ChatGPT enterprise SharePoint Connector that allows organizations to synchronize files from SharePoint Online to ChatGPT. I could never understand why Microsoft 365 tenants allowed users to upload individual files from SharePoint or OneDrive to ChatGPT for processing. Using a connector to synchronize entire sites to ChatGPT makes even less sense, especially from a compliance perspective. I must be missing something!
Microsoft 365 Copilot Usage Report API General AvailabilityOctober 10, 2025 7:00 am-The Copilot usage report Graph API is now generally available. Like the report APIs for the other workloads, the Copilot usage API helps to understand usage of some very expensive licenses. Even better, the usage data can be combined with data from other Microsoft 365 sources to produce interesting and valuable insights. All it takes is some PowerShell to knit everything together.
Exchange 2016 and 2019 End of Life and Some Interesting Exchange Online DevelopmentsOctober 9, 2025 7:00 am-On Oct 14, 2025, Exchange 2019 and 2016 reach end-of-life and Exchange SE becomes the only supported on-premises Exchange server. In other news, we discuss Microsoft guidance for moving to cloud first identity, HVE and ECS and the extension of basic authentication support to September 2028, the introduction of auto-archiving for Exchange Online, and why Microsoft is deprecating the Contact object from Exchange Online.
Teams Support for Emojis in Chat and Channels Section NamesOctober 8, 2025 7:00 am-Teams users can use emojis to create or rename chat section names. By incorporating emojis into section names, users create "visual anchors" to help navigate through Teams chats and channels. Sprinkling emojis around section names doesn’t really make me navigate any smarter, but it’s a feature that Slack has, so Teams can’t be left behind in the pretty interface stakes.
Chromium 141 Update Will Affect Offline Access for SharePoint Online and OneDrive for BusinessOctober 7, 2025 7:00 am-An update for Chromium 141 can affect the ability of SharePoint Online and OneDrive for Business to access offline content, including files and lists and lead to degraded performance. The change is designed to improve user privacy, but some Microsoft 365 apps need browsers to be able to access local files, notably for OneDrive synchronization. Prepare by upgrading the OneDrive Sync client and distributing a new policy to workstations.
What’s the Best Way to Find SharePoint Online Sites with Graph PowerShell?October 6, 2025 7:00 am-What's the best way to find SharePoint sites with the Microsoft Graph PowerShell SDK? Is the Get-MgAllSite cmdlet best or should you use the Get-MgSite cmdlet? Does it matter if you’re looking for one site or many sites? We explore the issue in this article by examining some reasons why you’d choose Get-MgSite and others that drive the decision for Get-MgAllSite.
Microsoft Introduces Restore Capability for Conditional Access PoliciesOctober 3, 2025 7:00 am-New Graph APIs allow Entra administrators to restore a conditional access policy with a Graph request. This article explains how to list, restore, and permanently remove soft-deleted conditional access policies using Graph API requests run in PowerShell. Being able to restore conditional access policies removed in error closes a big gap, especially if agents might begin working on policies. Who knows what errors might happen in future.
Teams Stamps External Users with Trust IndicatorsOctober 2, 2025 7:00 am-Attackers might attempt to use social engineering to trick Teams users in compromise. Trusted indicators help users understand the status of external users with difficult visual markers. The idea is that users will see the marker and realize that they should be less trusting in their communications. Sounds good. But maybe securing external access for Teams with a comprehensive block list is even better?
Office 365 for IT Pros October 2025 UpdateOctober 1, 2025 7:00 am-Monthly update #124 for the Office 365 for IT Pros (2026 edition) eBook is now available. Current subscribers can download the updated PDF and EPUB files from Gumroad.com. An update is also available for the Automating Microsoft 365 with PowerShell eBook. Like every month, changes are made to many chapters in the book, so if you’re a subscriber, please download the files.
January 2026 Change for How Outlook Extracts Events from EmailSeptember 30, 2025 7:00 am-The Outlook events from email feature changes from January 31, 2026. Events will only be created if notifications support the properties for events defined by schema.org. Seeking consistency is a good idea, especially if it means that Outlook can process notifications sent by airlines, car hire companies, and other event providers in a way that doesn’t happen today. However, some disruption is likely.
Using the Enterprise Website Microsoft 365 Copilot ConnectorSeptember 29, 2025 7:00 am-Microsoft 365 Copilot Search can be extended by ingesting information from external sources through a Microsoft 365 Copilot Connector. In this article, we show how to configure the Enterprise websites prebuilt connector to ingest articles from the Office365ITPros.com and Practical365.com sites, and how Copilot Search presents that information in its results and summaries. It’s quick, easy, and seamless - so really pretty good!
Microsoft Use of Anthropic AI Models Creates Concerns for TenantsSeptember 26, 2025 7:00 am-On September 24, Microsoft announced that Anthrophic LLMs could be used with the Copilot Researcher agent and to build agents with Copilot Studio. Although it’s great to enable choice so that customers can choose the AI model they prefer, questions about data security, lack of support for compliance solutions, and adherence to standards like the EU data boundary will concern Microsoft 365 tenants.
SharePoint Knowledge Agent Available in PreviewSeptember 25, 2025 7:00 am-With not a little hype, Microsoft launched the SharePoint Knowledge Agent on September 18. Getting some AI help to organize sites sounds good, but only if the assistance delivered by the artificial intelligence does something useful. In this case, the agent generated some moderately interesting results without ever reaching the level of AI magic anticipated (and reported) by some.
Assembly Clashes Make Microsoft 365 PowerShell FrustratingSeptember 24, 2025 7:00 am-An assembly clash happens when a PowerShell module attempts to load a .NET assembly only to find that a different version is already loaded in the session. Unhappily, this kind of thing happens far too often with Microsoft 365 modules, which implies that there isn’t a great deal of coordination between different development groups. All you can do is to load modules in the right order.
Updating the User Password and Authentication ReportSeptember 23, 2025 7:00 am-A change to a Graph beta API meant that some data used to create the user password and authentication report was no longer available. A script update was required. The experience underlines the truth that developers should not rely on the Graph beta APIs because the APIs are prone to change at any time as Microsoft moves them along to become production-ready.
Automating Microsoft 365 with PowerShell October 2025 UpdateSeptember 22, 2025 7:05 am-The Office 365 for IT Pros team is happy to announce the availability of the October 2025 update for the Automating Microsoft 365 with PowerShell eBook. Subscribers can download the latest PDF and EPUB files from Gumroad.com. In other news, a new eBook about Exchange Server Subscription Edition (SE) is available. It’s always nice to see new sources of knowledge open up!
Copilot Chat Arrives in Microsoft 365 AppsSeptember 19, 2025 7:00 am-The rollout of the Copilot Chat integration with the Microsoft 365 apps has started, with the intention of making it easier to use AI in peoples’ work. Nice as the integration is, the news that an Open in Word action button is coming (soon) to allow content generated by Copilot to be edited in Word is even better. And we round out the week with a note about a change to the domain used by Teams.
What’s the Best Way to Manage Guest Accounts?September 18, 2025 7:00 am-Guest account management should be a part of every Microsoft 365 tenant administrator’s checklist, unless the tenant has no guests. That’s possible but given the way that workloads like Teams and SharePoint Online create new guest accounts, the average tenant is likely to have quite a few guests. The question is how to manage guests – with Microsoft’s tools or using tenant-designed PowerShell scripts?
Entra ID’s Keep Me Signed In Feature – Good or Bad?September 17, 2025 7:00 am-The Entra ID Keep Me Signed In (KMSI) feature creates persistent authentication cookies to allow users to avoid sign-ins during browser sessions. Is this a good or bad thing and should Microsoft 365 tenants enable or disable KMSI. I think KMSI is fine in certain conditions and explain my logic in this article. Feel free to disagree!
Copilot Administrative Skills Don’t Do Much for SharePoint ManagementSeptember 16, 2025 7:00 am-Microsoft 365 Copilot now has some SharePoint skills to deploy in the SharePoint admin center. The problem is that the skills aren't very good and don’t do much to help hard-pressed SharePoint Online administrators cope with the vast explosion of sites that exist in many tenants today. The problem is data. If Copilot doesn’t have the information to reason over, it can’t answer questions or give advice.
Copilot Transcription Behavior Changing for Teams MeetingsSeptember 15, 2025 7:00 am-Microsoft plans to deploy an update to change how transcription behaves for Teams meetings where Copilot is enabled. New meetings will not generate a transcript unless the meeting organizer explicitly enables transcription or the Microsoft 365 tenant deploys custom meeting policies that enable transcription with Copilot. The AI features work even without a transcript. But no transcript means no searchable artifact, and that’s what some want.
Running Teams PowerShell Cmdlets in Azure AutomationSeptember 12, 2025 7:00 am-This article describes the prerequisites and how to run cmdlets from the Teams PowerShell module in Azure Automation runbooks. We also consider when you’d want to consider using Teams PowerShell cmdlets instead of Graph API requests or cmdlets from the Microsoft Graph PowerShell SDK. The bottom line is that it’s possible, but maybe not a frequently-used option.
Running the SharePoint Site Content and Policy Comparison ReportSeptember 11, 2025 6:00 am-A new SharePoint Site content and policy comparison report is available to tenants with Microsoft 365 Copilot or SharePoint advanced management licenses. The idea is that you choose some reference sites to compare other sites against to detect deviations from the reference site. It seems like a good idea if you’re trying to impose standards to control Copilot. Unhappily, attempts at running the report turned up zero results.
Microsoft’s Effort to Develop a Broad People PlatformSeptember 10, 2025 7:00 am-Microsoft 365 users see the profile card and might wonder where the information displayed on the card comes from. Entra ID is the obvious source, but the people platform that Microsoft is developing is another and could include information imported through a Copilot connector to build out a complete picture of users and contacts within a Microsoft 365 tenant. It’s early days yet, but beta code is available.
Microsoft’s Push to Save Office Files in the CloudSeptember 9, 2025 7:00 am-A new policy setting is available to force Microsoft 365 enterprise (Office subscription) applications to save to cloud locations and ignore the local disk. The idea is to increase cloud usage and improve compliance by storing all Office files in OneDrive for Business or SharePoint Online. Like a network PC, creating a dependency on a network connection only makes sense when a network connection is dependable, which might not always be the case.
Microsoft Bolts on Copilot License Check onto ExRCASeptember 8, 2025 7:00 am-Microsoft announced a new Copilot license check diagnostic for the Exchange Connectivity Analyzer. Sounds good, but the test is very simple, and its results don’t tell you anything more than a few lines of PowerShell can deliver. To prove the point, we wrote a quick script to show how to perform a Copilot license check with the Microsoft Graph PowerShell SDK.
How to Update Entra ID Apps to Run Teams CmdletsSeptember 5, 2025 7:00 am-MC1134747 describes a new permissions requirement for Entra apps that run Teams PowerShell cmdlets. Fixing apps to meet the new requirement is easily done with PowerShell. First, find the apps that use Teams PowerShell (we show two ways), and then assign the two required permissions to the apps. All done with a few lines of Microsoft Graph PowerShell SDK code.
People Settings Appear in the Microsoft 365 Admin CenterSeptember 4, 2025 7:00 am-The Org Settings section of the Microsoft 365 admin center has a new People Settings section where you can choose properties for the Microsoft 365 profile card instead of using PowerShell. The kicker is that the old method of using Exchange custom properties to customize what appears on the profile card is being replaced with standard Entra ID properties. A migration is needed, and it’s easily done with PowerShell.
Microsoft Explains the Differences Between Copilot MemoriesSeptember 3, 2025 7:00 am-Copilot memory is a term that refers to different things, including Copilot communication memory, a method to use the Graph to personalize responses for users. The idea is to use all the sources of information available through the Graph as Copilot responds to user prompts in Microsoft 365 apps instead of limiting sources to whatever the app works with. It's a good idea, providing the Graph sources are accurate.
Microsoft Deprecates Graph CLI and ToolkitSeptember 2, 2025 7:00 am-Microsoft has depreciated the Microsoft Graph CLI and Graph Toolkit. It’s nice to see some rationalization, but the real need is for better quality and coverage across all the Microsoft 365 administrative actions. Even after fourteen years of development, too many undocumented and private APIs exist today, which is an unacceptable situation. You should vote for a feedback portal item to ask Microsoft to do better.
September 2025 Update for Office 365 for IT ProsSeptember 1, 2025 7:00 am-Monthly update #123 is available for the Office 365 for IT Pros eBook. Subscribers can download updated EPUB and PDF files for the main book and the Automating Microsoft 365 with PowerShell book from their Gumroad.com account. As with every month, the update touches most chapters as we continue to make sense of the changes that occur across the Microsoft 365 ecosystem. Subscribe today!
Teams Integrates Viva Engage Communities January 23, 2026 7:00 am - A new integration with Viva Engage is available for Teams. The integration adds communities to the Teams navigation bar. It’s kind of odd when a separate highly functional Communities app exists. It’s unclear who is demanding another point of integration between Viva Engage and Teams. The suspicion is that this work is due to internal politics rather than to facilitate better collaboration.
Automating Microsoft 365 with PowerShell Update 20 January 22, 2026 7:00 am - Monthly update #20 for the Automating Microsoft 365 with PowerShell eBook is now available for subscribers to download the updated EPUB and PDF files. Like any monthly update, #20 includes a mixture of new information, revisions, and even some bug fixes (changes to text or examples). Meantime, assembly clashes continue to be a bugbear for Microsoft 365 PowerShell modules. Microsoft should fix this problem!
Generate a Weekly Report of Role Assignments January 21, 2026 7:00 am - This article explores how to use Entra ID audit records to create a weekly report about role assignment additions and deletions. After deciphering the information contained in the audit records, it’s easy to generate a report showing who made the assignments and if any critical role assignments are in the mix. We can then email the report to interested parties, all with some relatively simple PowerShell.
Synchronizing Security and Microsoft 365 Group Memberships January 20, 2026 7:00 am - An article from 2018 uses the AzureAD and Exchange PowerShell modules to synchronize membership between a security and a Microsoft 365 group. The idea is to enable collaboration for the members of the security group. This version does the work with the Microsoft Graph PowerShell SDK. The code is better and it will work as an Azure Automation runbook, which is always nice.
How to Create SharePoint Sites with the Graph API January 19, 2026 7:00 am - Microsoft released the beta version of the SharePoint Online create Site API for the Microsoft Graph in late November 2025. Since then, Microsoft has dropped one of the three site templates. Playing with the API, we’ve discovered that the API can certainly create sites but that the SharePoint Graph API misses a heap of features, like adding members to the new site. Oh well, one step forward…
Some Microsoft Graph PowerShell SDK Cmdlets Lose Body Parameters January 16, 2026 7:00 am - A change made for some Directory Graph APIs has flowed through to the Microsoft Graph PowerShell SDK and affected how the associated cmdlets work, including the beta cmdlet to restore a deleted user account and while replacing the user principal name. Fortunately, the workaround is easy, but it is upsetting when something that worked suddenly doesn’t, even if it is a beta cmdlet.
Purview eDiscovery Simplifies Content Searches in February 2026 January 15, 2026 7:00 am - As part of the modernization of the Purview eDiscovery solution, Microsoft will simplify the content searches UX in February 2026 to remove features that are inappropriate for the way that content searches are intended to be used. The change is logical and reasonable because you should use a full eDiscovery case to access all the eDiscovery functionality.
Teams External Collaboration Administrator Role Arrives January 14, 2026 7:00 am - A new Entra ID role is coming. The Teams External Collaboration administrator role allows users to manage external collaboration settings. Quite how often Microsoft 365 tenants need to manage these settings is unknown, but it’s a useful prompt to review the current set of roles used and users who are members of those roles. Time for an annual clean-up.
SharePoint Online Site Administrators Can Now Control Restricted Content Discovery January 13, 2026 7:02 am - Restricted Content Discovery (RCD) is a feature that blocks access by Microsoft 365 Copilot and agents to the files stored in a SharePoint Online site. Instead of relying on tenant administrators, site administrators can now enable or disable RCD. It’s a natural evolution of what is an essential feature to keep sensitive and confidential information being leaked inadvertently by AI.
The Channel Agent Brings AI Interactions to Teams Channels January 12, 2026 7:00 am - Chat and meetings have their agents, and now the Teams channel agent is available to help members understand what happens inside channels. Like any AI agent given limited sets of data to reason over, the channel agent does a good job of finding nuggets hidden in conversations. The issue is that the channel agent doesn’t currently work for channels that have external members, like guest accounts. That’s a big downside.
Entra ID Rationalizes Session Revocation for User Accounts January 9, 2026 7:00 am - Microsoft is rationalizing the options to revoke sessions for a user account in the Entra admin center by removing an old revoke MFA sessions button. That seems like a perfectly reasonable thing to do. When administrators want to revoke sessions for an account, the best way is to create a PowerShell script to perform the necessary steps. That way you don’t need to worry about buttons.
Microsoft Cancels Exchange Mailbox External Recipient Rate Limit January 8, 2026 7:00 am - After considering customer feedback, Microsoft cancelled the mailbox external recipient rate limit for Exchange Online. The idea behind the new limit was simple – it makes life more difficult for spammers to use Exchange Online as a platform. Unhappily, customers didn’t like losing the ability to send relatively small amounts of external email for different reasons. C'est la vie.
Teams Delivers a Slack Migration Tool January 7, 2026 7:00 am - Microsoft announced the availability of a Slack to Teams migration tool in the Microsoft 365 admin center. The new tool exists to assist the 79 million monthly active users of Slack who might want to move to Teams and don’t know how to get there. ISVs have been helping people move from Slack to Teams for years, so other migration options exist.
A Quick Look at Purview Data Security Investigations January 6, 2026 7:00 am - During the quiet holiday period, I tested the new Purview Data Security Investigations (DSI) solution, which seems to be put together from bits of Microsoft 365 together with Security Copilot and some generative AI. Assembling new solutions from existing components makes sense because it reduces engineering effort. Without real data, it's hard to know how effective DSI is, but the cost of an investigation came as a real surprise.
SharePoint Online Dumps Legacy Compliance Features January 5, 2026 7:00 am - MC1211579 (3 January 2026) announces the retirement of four legacy SharePoint compliance features in favor of Purview Data Lifecycle management and Records management. It’s always unsurprising when Microsoft chooses to remove old features developed for on-premises and replaces them with better online options, which is exactly what’s happening here. Some tenants might face additional licensing requirements for Purview.
Teams Admin Center Simplifies External Collaboration January 2, 2026 7:00 am - Microsoft is rolling out a UX update for the Teams admin center to make it easier to manage external collaboration settings. The new UX doesn’t introduce any new features. Instead, its goal is to hide some of the policies and settings complexity that sometimes afflicts the Teams application. It’s a good change, even if it probably won’t make much difference.
January 2026 Update for Office 365 for IT Pros January 1, 2026 7:00 am - Monthly Update #127 for the Office 365 for IT Pros eBook (2026 edition) is now available for current subscribers to download from Gumroad.com. In this note, we explore some of the options the writing team is considering for the next edition of the book. Microsoft 365 doesn’t stop changing, so it makes sense for the best Microsoft 365 book available today to change to reflect new developments.
Training People to Use Microsoft 365 Copilot Effectively December 31, 2025 7:00 am - A LinkedIn post explained how the UK Revenue and Customs authority train 30,000 people to use Microsoft 365 Copilot effectively. It’s a reminder that introducing complex software to a user community takes careful planning and support, including the provision of well-planned training to help people exploit the new software as quickly as possible. Otherwise, some of those expensive licenses might be wasted.
The Exchange EnforcedTimestamps Mailbox Property December 30, 2025 7:00 am - While examining mailbox properties, I noticed that the EnforcedTimeStamps property held some information that I just couldn't explain. Google search was no help, but Microsoft Copilot told me that the information related to the management of compliance holds. Basically, the data are guardrails to help the Managed Folder Assistant do the right thing, which is nice, even if no documentation exists.
How to Report DLP Alerts December 29, 2025 7:00 am - MC1169572 announces that administrators can add classifications to DLP alerts to help with reporting. But how do you report DLP alerts? As it turns out, it’s relatively easy to retrieve DLP alerts via the Microsoft Graph Security API. Using the Get-MgSecurityAlertV2 cmdlet from the Microsoft Graph PowerShell SDK makes it even easier to find and report the data.
Microsoft Graph PowerShell SDK V2.34 Makes WAM the Default December 23, 2025 7:00 am - The Web Account Manager (WAM) authentication broker becomes the default method for handling interactive Microsoft Graph PowerShell SDK connections from V2.34 onwards. The rapid release of a new version (V2.33 appeared 12 days beforehand) is usually a sign of a big problem, but in this case the reason is more likely to be a security vulnerability that’s just come to light. We’ll find out after the holidays.
Automating Microsoft 365 with PowerShell Update 19 December 22, 2025 7:00 am - Update #19 of the Automating Microsoft 365 with PowerShell eBook is now available. Subscribers can download the updated PDF and EPUB files from Gumroad.com. A paperback version is also available, but we can’t update the print characters. In any case, a new SharePoint create Site API is in beta, and a new version of the Microsoft Graph PowerShell SDK is available. Both have their moments, as we discuss here.
Microsoft Tenant-to-Tenant Migration Orchestrator December 19, 2025 7:00 am - Microsoft has launched a tenant-to-tenant migration orchestrator solution in public preview to migrate mailboxes, OneDrive accounts, and Teams chat between tenants. ISVs have been active in the T2T space for a long time. They probably won’t welcome the new Microsoft offering, but at least the migration orchestrator legitimizes the concept of tenant-to-tenant migration.
Removing Retention Holds from Exchange Mailboxes December 18, 2025 7:00 am - A new Exchange Online feature allows administrators to remove multiple types of holds from mailboxes (usually inactive mailboxes). It’s a great way to release holds that might be keeping inactive mailboxes lingering in a tenant. The feature doesn’t remove holds used to retain items required for eDiscovery or other compliance purposes. Even so, this is definitely a feature that needs to be carefully tested.
SharePoint Online Expands Version Expiration for Audio and Video Files December 17, 2025 7:00 am - Microsoft is launching version expiration policies in SharePoint Online for audio and video files. The approach is the same as used for intelligent versioning of Office files stored in SharePoint Online and OneDrive for Business and can be configured at the tenant, site, and document library level. If your tenant uses Clipchamp, this could be a way to save expensive SharePoint storage.
Old Versions of Exchange ActiveSync Clients Get the Bullet December 16, 2025 7:00 am - Exchange Online will require email clients to use Exchange ActiveSync (EAS) V16.1 to connect from March 1, 2026. Email clients that use older versions of EAS won’t be able to synchronize with Exchange Online to upload outbound messages or download messages, attachments, and calendar items. There should be relatively few clients using an old version of EAS, but it’s wise to check.
Microsoft Baseline Security Mode Rolls Out December 15, 2025 7:00 am - Microsoft has released a set of security benchmark recommendations for Microsoft 365 tenants that it calls baseline security mode. The recommendations cover authentication, file access, and Teams and the idea is that these are settings that Microsoft believes have proven their value over the years. The only criticism that you might have is about the potential clash for conditional access policies, but that’s not serious.
Microsoft to Enable Anthrophic Models by Default December 12, 2025 7:00 am - After the fuss around the initial introduction of the Anthrophic models into Microsoft 365 in September, we learn that Microsoft will enable access for all in January 2026. It would have been so much better had Microsoft said that they were working on the data protection arrangements with Anthrophic, but that didn’t happen. Is all well now? We’ll see in January…
Testing the MCP Server for Enterprise December 11, 2025 7:00 am - The MCP Server for Enterprise is one of a set of preview servers released by Microsoft to show how MCP servers can help Microsoft 365 tenants get real work done. I’m sure things will improve, but the current state of the preview is that it can do a splendid job to answer simple questions, but once things get more complex, don’t depend on any of the PowerShell code the server generates.
Teams Messaging Gets Autocorrect December 10, 2025 7:00 am - The addition of Autocorrect for messaging is a small but important change for Teams messaging brings Teams up to speed with the other Office applications. It’s taken Teams a little longer than it perhaps should have to support Autocorrect and the implementation is not as functional as it is in Outlook, but that’s not a reason to overlook the update.
Checking Where Tenant Users Go as Guests December 9, 2025 7:00 am - After all the fuss about Teams users inviting people to chat via email, tenant administrators realize that knowing where users are active as guest accounts is not as easy as it might seem. Part of the problem is that data about user activity is mostly controlled by host rather than home tenants. However, it’s possible to extract some information from audit sign-in logs to figure out where tenant users go as guests.
Microsoft Increases Office 365 and Microsoft 365 License Prices December 8, 2025 7:00 am - Customers will see their bills increase from July 1, 2026, when Microsoft 365 pricing increases go into effect, adding up to $3/month for licenses. This is the first increase since March 2022, and it moves the baseline Office 365 E3 license to $26/month and Microsoft 365 E5 to $60/month. Microsoft justifies the increases based on the functionality and apps it delivers. Time for a licensing review! 
Microsoft Blocks EWS Access for Kiosk Users December 5, 2025 7:00 am - A December 2 announcement says that Exchange Online will block access to Exchange Web Services for users with kiosk or frontline worker licenses from June 2026. In fact, the Exchange Online service description has always excluded EWS access for these licenses, but the necessary code to enforce the exclusion was never implemented. It will be in March. Time to check licenses...
Journey to Passwordless Authentication Might Include Some Bumps December 4, 2025 7:00 am - Microsoft recommends passwordless authentication to help secure Microsoft 365 tenants. The latest is synced passkeys, something that apparently leads to “syncability,” whatever that might mean. In any case, after some struggles, I managed to enable synched passkeys for my iPhone and then started to consider how to remediate user accounts that are flagged with a high-risk (compromised) status when they can’t simply update their password.
Talking Microsoft 365 Compliance at the European SharePoint Conference December 3, 2025 7:00 am - Paul Robichaux and I led a session about Microsoft 365 Compliance at the European SharePoint Conference in Dublin on December 2, 2025. During the session, we discussed how intelligent versioning works and its value in saving storage, priority cleanup and its ability to delete files even if the files are under retention hold, and the recent revamp of the Purview eDiscovery solution. We were thrilled at the attendance. Here’s what happened.
App-Only Authentication for SharePoint Online PowerShell December 2, 2025 7:00 am - The latest versions of the SharePoint Online PowerShell module support app-only authentication (certificate-based authentication) for the Connect-SPOService cmdlet. In other words, applications can now connect to SharePoint Online to run administrative cmdlets by presenting a registered Entra ID app and an X.509 certificate instead of the credentials for a human SharePoint administrator. It’s a good change, even if I still prefer using the Graph APIs for SharePoint automation.
Office 365 for IT Pros December 2025 Update December 1, 2025 7:00 am - The Office 3675 for IT Pros team is happy to announce that the files for update #126 are available for subscribers to download from Gumroad.com. The paperback edition of the PowerShell book has also been refreshed. Updated PDF and EPUB files are available for the Office 365 for IT Pros and Automating Microsoft 365 with PowerShell eBooks. Happy reading!
Checking the Effectiveness of a Transport Rule to Block Spammy Email November 26, 2025 7:00 am - Some weeks ago, I wrote about using a transport rule to suppress spammy email by sending the messages to the quarantine. But what’s the best way to check the rule's effect? One method is to use the transport rule report PowerShell cmdlet to check for the actions you expect the rule to perform. Once information is found, it’s a matter of slicing and dicing the data.
How to Check if Shared Mailboxes Need MDO Licenses November 25, 2025 7:00 am - Shared mailboxes might need Microsoft Defender for Office 365 licenses, but how do you identify how many licenses? We use PowerShell to do the job by analyzing external email sent to shared mailboxes. If a mailbox receives external email, then by definition the mailbox receives benefit from MDO, and that’s the test for requiring a license.
Teams Messaging Gains New Protections November 24, 2025 7:00 am - Teams now includes weaponized file protection and malicious URL protection to make sure that people don't share bad files or URLs in chats or channel conversations. Given that a user can post a message to up to 50 channels at one time, it obviously makes a heap of sense to check that any files or URLs that people share in chat or channel conversations are safe and not malicious.
Automating Microsoft 365 with PowerShell December 2025 Update November 21, 2025 7:00 am - The December 2025 update (version 18) of the Automating Microsoft 365 with PowerShell eBook is now available to download. Current subscribers can fetch the updated EPUB and PDF files from Gumroad.com using the link in their account (or receipt), but we can’t do much for the paperback edition except consider using scissors, paste, and Tippex, just like the old days. 
Purview Launches New DLP Policy to Control Copilot Prompts November 20, 2025 7:00 am - A new DLP policy for Copilot prompts monitors blocked sensitive information types like credit card numbers to stop their use in Copilot prompts. The new policy can’t be combined with the existing DLP policy for Copilot, which checks for files with specific sensitivity labels to prevent Copilot from using their content in its responses. But that’s OK because the two policies do very different work.
Microsoft 365 Announcements at Ignite 2025 November 19, 2025 7:00 am - The Ignite 2025 keynote was a marathon 150-minute event, but some interesting Microsoft 365 announcements emerged, mostly centered on AI. Microsoft is obviously focused on making AI and agents a very real part of tenant activities, so there’s new agent management and a repository among other things that will roll out in the year ahead.
Microsoft Launches Preview of Exchange Admin API November 18, 2025 7:00 am - Microsoft launched the preview of the Exchange Admin API on November 17. The new API is intended to close known feature gaps that exist in the Graph APIs and allow developers to migrate from EWS before Microsoft retires EWS in October 2026. Think of the Exchange Admin API as a discardable time-limited API that allows clients to submit cmdlets for processing. It’s certainly one way to approach the EWS problem!
Removing Inactive Entra ID User Accounts with PowerShell November 17, 2025 7:00 am - The Entra ID Governance solution includes a workflow to detect and remove inactive user accounts. Sounds good, but the same can be done with PowerShell if you want to avoid the cost of Entra ID Governance licenses or want to create a bespoke workflow that’s better suited to the business needs of the organization. Azure Automation would be a good way to process this workflow.
Copilot’s Temporary Chat November 14, 2025 7:00 am - A temporary chat with Microsoft 365 Copilot is one that forgets everything discussed in the conversation once the chat is over. The idea is that by leaving no trace, Copilot won’t recycle the ideas discussed in the chat later. Copilot absolutely discards the chat thread, but those pesky compliance records remain behind, ready for eDiscovery and other compliance investigations.
Microsoft Makes Another Change to Teams Channel Email Storage Location November 13, 2025 7:00 am - In January 2025, Microsoft changed the SharePoint folder location to store copies of the email sent to Teams channels. Apparently, this update improved security, but it’s unclear exactly how the improvement comes about unless through obscurity. In any case, we missed this change completely and are publishing this note to remind everyone else of the importance of reading message center posts.
Auditing Claude Usage with the Copilot Researcher Agent November 12, 2025 7:02 am - The question was asked if it was possible to identify use of the Claude LLM by the Copilot Researcher Agent. Audit records often help, so that's the natural location to check. As it turns out, some information is captured when the Researcher agent is used, but figuring out if the agent uses the default ChatGPT-5 or Claude LLMs is a matter of intuition (or guesswork).
A Brief History of Soft-Deleted Entra ID Groups November 11, 2025 7:00 am - Entra ID has long supported soft-deleted Microsoft 365 Groups. Now support is available to list and restore soft-deleted security groups in both the Entra admin center and cmdlets from the Microsoft Graph PowerShell SDK. The update is very welcome as it fixes a big recovery gap in the Entra ID story. Too many important security groups have been deleted in error, much to the chagrin of administrators.
Teams Gains Ability to Start Chat with Email Address November 10, 2025 7:00 am - A new Teams feature allows users to initiate chats with any email address. This caused some commotion in the security community, but it's not that bad. In fact, it’s an extension of existing functionality that allows Teams users to chat with guest accounts. All that’s happening is that initiating a chat causes a new guest account to be created in the tenant, and there’s lots of controls to make sure that guests are controlled.
Reporting the Use of Emojis in Teams Reactions November 7, 2025 7:00 am - This article explains how to use PowerShell to extract audit data to analyze the use of emojis as Teams reactions to chat and channel messages. This is not an exercise that leads to any great business value, but it’s a good way to show the sometimes surprising data that can be extracted from audit records.
Version 1.5 of the Microsoft 365 User Password and Authentication Report November 6, 2025 7:00 am - The Microsoft 365 User Passwords and Authentication report now includes the last used date for authentication methods (when available). The new data is available through the Graph beta API for listing authentication methods and the equivalent Graph PowerShell SDK cmdlet. Another change that might break scripts is a new way to expose the created date for authentication methods. The changing sands of Graph programming...
Microsoft 365 Companion Apps Fail to Impress November 5, 2025 7:00 am - Microsoft 365 Companion Apps are being deployed to Windows 11 PCs now. The apps don't seem to add much if any value over standard Microsoft 365 apps like Outlook and OneDrive. With that thought in mind, we move to unclutter PCs by either blocking the installation of the companion apps or stopping the apps starting up to take over valuable toolbar space.
Microsoft Won’t Dump Outlook for a New AI Client November 4, 2025 7:00 am - A recent report says that new Microsoft leadership wants to reimagine Outlook with lots of many AI features to make the client much more of an effective assistant. While this might be true, it doesn't mean that New Outlook is dead. However, there’s a bunch of uninformed commentary out there alleging that Microsoft will change course dramatically. I think there is little chance that this will happen.
Office 365 for IT Pros November 2025 Update November 3, 2025 7:00 am - The Office 365 for IT Pros Team is happy to announce the availability of the November 2025 update. Subscribers can download the PDF and EPUB files for update #125 from Gumroad.com. In other news, we consider the lack of information provided at the Microsoft FY26 Q1 results and the quality of some reports that find their way onto the internet.
Microsoft Issues Updated Guidance for Defender for Office 365 Licensing October 31, 2025 7:00 am - Some inconsistencies in the MDO P2 service description and licensing terms exposed a need for tenants to license every user and shared mailboxes. Microsoft has changed the service description and licensing terms to make them simpler. Mailboxes still need MDO licenses, but only if they benefit from MDO protection, including MDO P2 if that’s what they use. Tenant admins have some extra work to do to deploy policies. All explained here.
Using the SharePoint Site Attestation Policy October 30, 2025 7:00 am - The site attestation policy is designed to require site owners to make a positive statement that the settings of their site, including its current membership, are accurate. The idea is that requiring site owners to attest that their site is still needed will force people to decide whether sites are still in active use and should be kept online. If not, the policy can move the sites into Microsoft 365 Archive.
Modernizing Sensitivity Label Grouping for App Display October 29, 2025 7:00 am - Microsoft announced the modernization of grouping for sensitivity labels to a new "dynamic architecture." It doesn't take much to be more dynamic than the previous parent-child arrangement. Even if the announcement is a tad overhyped, it’s still goodness because administrators can now move labels between label groups in a way that wasn’t possible before. The new way of displaying labels should be everywhere in December 2025.
Auto-Updating Teams Work Location is Not Employee Monitoring October 28, 2025 7:00 am - As is the way of the internet, the news that a feature to automatically set the Teams work location for users created a huge fuss about the prospect that managers would keep an eye on employees based on their location. Of course, this is all rubbish. The update automates an existing feature that no sane manager would use to monitor employees.
Stealing Access Token Secrets from Teams is Hard Unless a Workstation is Compromised October 27, 2025 7:00 am - Teams stores information in a local state file, including encrypted access tokens. A report from a French company explained how to extract and use those tokens with the Graph API. Is this important? It could be if attackers manage to gain access to a workstation, but at that point you’ve got other problems, and maybe using code to decrypt some tokens is the least of your troubles.
Allowing Users to Add Enterprise Apps to Entra ID is a Bad Idea October 24, 2025 7:00 am - Enterprise apps can come from a variety of sources. Most are Microsoft 1st party apps, and the rest are ISV apps. It's easy to add an app without really intending to, which is a good reason to force users through the Entra ID app consent workflow when they want to add an app. Unhappily, I failed the test and added an app in a moment of weakness. Here’s what happened.
Updating the Entra ID Password Protection Policy with the Microsoft Graph PowerShell SDK October 23, 2025 7:00 am - The Entra ID password protection policy contains settings that affect how tenants deal with passwords. Entra ID includes a default policy that doesn’t require additional licenses. Creating a custom password protection policy requires tenant users to have Entra P1 licenses. As explained in this article, once the licensing issue is solved, it’s easy to update the policy settings with PowerShell. 
Important Change Coming for Entra ID Passkeys in November 2025 October 22, 2025 7:00 am - Entra ID is about to introduce passkey profiles, a more granular approach to passkey settings. The change is good, but you might like to check the current passkey settings to make sure that the values inherited by the new default passkey profile behave the way that you want. In particular, check attestation enforcement to make sure that the right kind of passkeys are used.
Automating Microsoft 365 with PowerShell November 2025 Update October 21, 2025 7:00 am - The November 2025 update for the Automating Microsoft 365 with PowerShell eBook is available online. Subscribers can download the new PDF and EPUB files from their Gumroad account. As always, the update features a mixture of new and updated information, some corrections, and removal of obsolete information. Look no further for guidance about using PowerShell with the Graph APIs to interact with Microsoft 365 data!
New Audio-Only Recording Option for Teams Meetings October 20, 2025 7:00 am - A new audio-only recording option for Teams meeting suppresses the video feed from meeting participants when generating the MP4 file for the meeting recording. The idea is to better preserve user privacy during recording playbacks. Few will miss the video stream because the audio is usually more important. The audio is also the basis for the meeting transcript, and that leads to AI-generated outputs like meetings summaries and action items.
Outlook Gets AI Drafting of Meeting Agendas October 17, 2025 7:00 am - Agenda auto-draft is a new feature for OWA and the new Outlook to help meeting organizers create a draft meeting agenda using AI. The Copilot-generated draft agenda contains an introduction and some bullet points created from the meeting subject. It’s not a make or break feature for Microsoft 365 Copilot. Some will like it, if they discover how to use agenda auto-draft.
Using the Secret Management PowerShell Module with Azure Key Vault and Azure Automation October 16, 2025 7:00 am - If you can't use managed identities, credential resources are a way to manage username and password credentials for Azure Automation runbooks. The Secret Management module is an alternative, and it’s a good option to manage credentials that are shared between interactive scripts and automation runbooks. This article describes how to use the Secret Management PowerShell module to fetch credentials stored in Azure Key Vault for use in an automation runbook.
The My Sign-Ins Portal, Applications, and Conditional Access October 15, 2025 7:00 am - A recent change has exposed the applications used by the My Sign-ins portal for use in conditional access policies. This article discusses the app-centric nature of Microsoft 365 and Entra ID and why it’s important that the newly-revealed set of applications are available for conditional access processing, just in case the Entra ID agents planned by Microsoft can't optimize your policies.
Changing the Offline Access Period for Sensitivity Labels October 14, 2025 7:00 am - One of the settings for sensitivity labels governs how long items protected by a label remain accessible (including offline access) before reauthentication. The default is 30 days, which is a good balance between security and avoiding users having to constantly reauthenticate to open protected messages and files. If necessary, tenant administrators can change the validity period to be anything from 0 to 65535 days.
ChatGPT Enterprise Connects to SharePoint Online October 13, 2025 7:00 am - OpenAI has launched a ChatGPT enterprise SharePoint Connector that allows organizations to synchronize files from SharePoint Online to ChatGPT. I could never understand why Microsoft 365 tenants allowed users to upload individual files from SharePoint or OneDrive to ChatGPT for processing. Using a connector to synchronize entire sites to ChatGPT makes even less sense, especially from a compliance perspective. I must be missing something!
Microsoft 365 Copilot Usage Report API General Availability October 10, 2025 7:00 am - The Copilot usage report Graph API is now generally available. Like the report APIs for the other workloads, the Copilot usage API helps to understand usage of some very expensive licenses. Even better, the usage data can be combined with data from other Microsoft 365 sources to produce interesting and valuable insights. All it takes is some PowerShell to knit everything together.
Exchange 2016 and 2019 End of Life and Some Interesting Exchange Online Developments October 9, 2025 7:00 am - On Oct 14, 2025, Exchange 2019 and 2016 reach end-of-life and Exchange SE becomes the only supported on-premises Exchange server. In other news, we discuss Microsoft guidance for moving to cloud first identity, HVE and ECS and the extension of basic authentication support to September 2028, the introduction of auto-archiving for Exchange Online, and why Microsoft is deprecating the Contact object from Exchange Online.
Teams Support for Emojis in Chat and Channels Section Names October 8, 2025 7:00 am - Teams users can use emojis to create or rename chat section names. By incorporating emojis into section names, users create "visual anchors" to help navigate through Teams chats and channels. Sprinkling emojis around section names doesn’t really make me navigate any smarter, but it’s a feature that Slack has, so Teams can’t be left behind in the pretty interface stakes. 
Chromium 141 Update Will Affect Offline Access for SharePoint Online and OneDrive for Business October 7, 2025 7:00 am - An update for Chromium 141 can affect the ability of SharePoint Online and OneDrive for Business to access offline content, including files and lists and lead to degraded performance. The change is designed to improve user privacy, but some Microsoft 365 apps need browsers to be able to access local files, notably for OneDrive synchronization. Prepare by upgrading the OneDrive Sync client and distributing a new policy to workstations.
What’s the Best Way to Find SharePoint Online Sites with Graph PowerShell? October 6, 2025 7:00 am - What's the best way to find SharePoint sites with the Microsoft Graph PowerShell SDK? Is the Get-MgAllSite cmdlet best or should you use the Get-MgSite cmdlet? Does it matter if you’re looking for one site or many sites? We explore the issue in this article by examining some reasons why you’d choose Get-MgSite and others that drive the decision for Get-MgAllSite.
Microsoft Introduces Restore Capability for Conditional Access Policies October 3, 2025 7:00 am - New Graph APIs allow Entra administrators to restore a conditional access policy with a Graph request. This article explains how to list, restore, and permanently remove soft-deleted conditional access policies using Graph API requests run in PowerShell. Being able to restore conditional access policies removed in error closes a big gap, especially if agents might begin working on policies. Who knows what errors might happen in future.
Teams Stamps External Users with Trust Indicators October 2, 2025 7:00 am - Attackers might attempt to use social engineering to trick Teams users in compromise. Trusted indicators help users understand the status of external users with difficult visual markers. The idea is that users will see the marker and realize that they should be less trusting in their communications. Sounds good. But maybe securing external access for Teams with a comprehensive block list is even better?
Office 365 for IT Pros October 2025 Update October 1, 2025 7:00 am - Monthly update #124 for the Office 365 for IT Pros (2026 edition) eBook is now available. Current subscribers can download the updated PDF and EPUB files from Gumroad.com. An update is also available for the Automating Microsoft 365 with PowerShell eBook. Like every month, changes are made to many chapters in the book, so if you’re a subscriber, please download the files.
January 2026 Change for How Outlook Extracts Events from Email September 30, 2025 7:00 am - The Outlook events from email feature changes from January 31, 2026. Events will only be created if notifications support the properties for events defined by schema.org. Seeking consistency is a good idea, especially if it means that Outlook can process notifications sent by airlines, car hire companies, and other event providers in a way that doesn’t happen today. However, some disruption is likely.
Using the Enterprise Website Microsoft 365 Copilot Connector September 29, 2025 7:00 am - Microsoft 365 Copilot Search can be extended by ingesting information from external sources through a Microsoft 365 Copilot Connector. In this article, we show how to configure the Enterprise websites prebuilt connector to ingest articles from the Office365ITPros.com and Practical365.com sites, and how Copilot Search presents that information in its results and summaries. It’s quick, easy, and seamless - so really pretty good!
Microsoft Use of Anthropic AI Models Creates Concerns for Tenants September 26, 2025 7:00 am - On September 24, Microsoft announced that Anthrophic LLMs could be used with the Copilot Researcher agent and to build agents with Copilot Studio. Although it’s great to enable choice so that customers can choose the AI model they prefer, questions about data security, lack of support for compliance solutions, and adherence to standards like the EU data boundary will concern Microsoft 365 tenants. 
SharePoint Knowledge Agent Available in Preview September 25, 2025 7:00 am - With not a little hype, Microsoft launched the SharePoint Knowledge Agent on September 18. Getting some AI help to organize sites sounds good, but only if the assistance delivered by the artificial intelligence does something useful. In this case, the agent generated some moderately interesting results without ever reaching the level of AI magic anticipated (and reported) by some.
Assembly Clashes Make Microsoft 365 PowerShell Frustrating September 24, 2025 7:00 am - An assembly clash happens when a PowerShell module attempts to load a .NET assembly only to find that a different version is already loaded in the session. Unhappily, this kind of thing happens far too often with Microsoft 365 modules, which implies that there isn’t a great deal of coordination between different development groups. All you can do is to load modules in the right order.
Updating the User Password and Authentication Report September 23, 2025 7:00 am - A change to a Graph beta API meant that some data used to create the user password and authentication report was no longer available. A script update was required. The experience underlines the truth that developers should not rely on the Graph beta APIs because the APIs are prone to change at any time as Microsoft moves them along to become production-ready.
Automating Microsoft 365 with PowerShell October 2025 Update September 22, 2025 7:05 am - The Office 365 for IT Pros team is happy to announce the availability of the October 2025 update for the Automating Microsoft 365 with PowerShell eBook. Subscribers can download the latest PDF and EPUB files from Gumroad.com. In other news, a new eBook about Exchange Server Subscription Edition (SE) is available. It’s always nice to see new sources of knowledge open up!
Copilot Chat Arrives in Microsoft 365 Apps September 19, 2025 7:00 am - The rollout of the Copilot Chat integration with the Microsoft 365 apps has started, with the intention of making it easier to use AI in peoples’ work. Nice as the integration is, the news that an Open in Word action button is coming (soon) to allow content generated by Copilot to be edited in Word is even better. And we round out the week with a note about a change to the domain used by Teams.
What’s the Best Way to Manage Guest Accounts? September 18, 2025 7:00 am - Guest account management should be a part of every Microsoft 365 tenant administrator’s checklist, unless the tenant has no guests. That’s possible but given the way that workloads like Teams and SharePoint Online create new guest accounts, the average tenant is likely to have quite a few guests. The question is how to manage guests – with Microsoft’s tools or using tenant-designed PowerShell scripts?
Entra ID’s Keep Me Signed In Feature – Good or Bad? September 17, 2025 7:00 am - The Entra ID Keep Me Signed In (KMSI) feature creates persistent authentication cookies to allow users to avoid sign-ins during browser sessions. Is this a good or bad thing and should Microsoft 365 tenants enable or disable KMSI. I think KMSI is fine in certain conditions and explain my logic in this article. Feel free to disagree!
Copilot Administrative Skills Don’t Do Much for SharePoint Management September 16, 2025 7:00 am - Microsoft 365 Copilot now has some SharePoint skills to deploy in the SharePoint admin center. The problem is that the skills aren't very good and don’t do much to help hard-pressed SharePoint Online administrators cope with the vast explosion of sites that exist in many tenants today. The problem is data. If Copilot doesn’t have the information to reason over, it can’t answer questions or give advice.
Copilot Transcription Behavior Changing for Teams Meetings September 15, 2025 7:00 am - Microsoft plans to deploy an update to change how transcription behaves for Teams meetings where Copilot is enabled. New meetings will not generate a transcript unless the meeting organizer explicitly enables transcription or the Microsoft 365 tenant deploys custom meeting policies that enable transcription with Copilot. The AI features work even without a transcript. But no transcript means no searchable artifact, and that’s what some want.
Running Teams PowerShell Cmdlets in Azure Automation September 12, 2025 7:00 am - This article describes the prerequisites and how to run cmdlets from the Teams PowerShell module in Azure Automation runbooks. We also consider when you’d want to consider using Teams PowerShell cmdlets instead of Graph API requests or cmdlets from the Microsoft Graph PowerShell SDK. The bottom line is that it’s possible, but maybe not a frequently-used option.
Running the SharePoint Site Content and Policy Comparison Report September 11, 2025 6:00 am - A new SharePoint Site content and policy comparison report is available to tenants with Microsoft 365 Copilot or SharePoint advanced management licenses. The idea is that you choose some reference sites to compare other sites against to detect deviations from the reference site. It seems like a good idea if you’re trying to impose standards to control Copilot. Unhappily, attempts at running the report turned up zero results. 
Microsoft’s Effort to Develop a Broad People Platform September 10, 2025 7:00 am - Microsoft 365 users see the profile card and might wonder where the information displayed on the card comes from. Entra ID is the obvious source, but the people platform that Microsoft is developing is another and could include information imported through a Copilot connector to build out a complete picture of users and contacts within a Microsoft 365 tenant. It’s early days yet, but beta code is available.
Microsoft’s Push to Save Office Files in the Cloud September 9, 2025 7:00 am - A new policy setting is available to force Microsoft 365 enterprise (Office subscription) applications to save to cloud locations and ignore the local disk. The idea is to increase cloud usage and improve compliance by storing all Office files in OneDrive for Business or SharePoint Online. Like a network PC, creating a dependency on a network connection only makes sense when a network connection is dependable, which might not always be the case.
Microsoft Bolts on Copilot License Check onto ExRCA September 8, 2025 7:00 am - Microsoft announced a new Copilot license check diagnostic for the Exchange Connectivity Analyzer. Sounds good, but the test is very simple, and its results don’t tell you anything more than a few lines of PowerShell can deliver. To prove the point, we wrote a quick script to show how to perform a Copilot license check with the Microsoft Graph PowerShell SDK.
How to Update Entra ID Apps to Run Teams Cmdlets September 5, 2025 7:00 am - MC1134747 describes a new permissions requirement for Entra apps that run Teams PowerShell cmdlets. Fixing apps to meet the new requirement is easily done with PowerShell. First, find the apps that use Teams PowerShell (we show two ways), and then assign the two required permissions to the apps. All done with a few lines of Microsoft Graph PowerShell SDK code.
People Settings Appear in the Microsoft 365 Admin Center September 4, 2025 7:00 am - The Org Settings section of the Microsoft 365 admin center has a new People Settings section where you can choose properties for the Microsoft 365 profile card instead of using PowerShell. The kicker is that the old method of using Exchange custom properties to customize what appears on the profile card is being replaced with standard Entra ID properties. A migration is needed, and it’s easily done with PowerShell.
Microsoft Explains the Differences Between Copilot Memories September 3, 2025 7:00 am - Copilot memory is a term that refers to different things, including Copilot communication memory, a method to use the Graph to personalize responses for users. The idea is to use all the sources of information available through the Graph as Copilot responds to user prompts in Microsoft 365 apps instead of limiting sources to whatever the app works with. It's a good idea, providing the Graph sources are accurate.
Microsoft Deprecates Graph CLI and Toolkit September 2, 2025 7:00 am - Microsoft has depreciated the Microsoft Graph CLI and Graph Toolkit. It’s nice to see some rationalization, but the real need is for better quality and coverage across all the Microsoft 365 administrative actions. Even after fourteen years of development, too many undocumented and private APIs exist today, which is an unacceptable situation. You should vote for a feedback portal item to ask Microsoft to do better.
September 2025 Update for Office 365 for IT Pros September 1, 2025 7:00 am - Monthly update #123 is available for the Office 365 for IT Pros eBook. Subscribers can download updated EPUB and PDF files for the main book and the Automating Microsoft 365 with PowerShell book from their Gumroad.com account. As with every month, the update touches most chapters as we continue to make sense of the changes that occur across the Microsoft 365 ecosystem. Subscribe today!