Microsoft Retreats From 1TB Limit for Auto-Expanding Archives – For Now

In November, Microsoft set a 1TB limit for Exchange Online auto-expanding archive mailboxes. Now they’ve retreated and the latest service description says nothing about a limit. The two changes in the service featured little or no customer communications and a total lack of any supporting material, like administrative controls to help manage archive mailboxes approaching the limit. While a limit has gone for now, it will be back.

How to Post Microsoft 365 Roadmap Items to Teams Channels with PowerShell

Finding it hard to keep up to date with Office 365? This post describes how to use PowerShell to post recent Microsoft 365 roadmap updates to a Teams channel.The message cards hold details of what an update contains, its status, the posting date, and the technology categories the item covers. Apart from posting to Teams, the script also creates a CSV file holding details of all the roadmap items that you can use for reporting and analysis.

Microsoft Removing Legacy Office 365 eDiscovery Tools

Microsoft announced the retirement of legacy eDiscovery tools from Office 365. The Exchange Online in-place holds and eDiscovery tool, Office 365 Advanced eDiscovery 1, and the Search-Mailbox cmdlet are being retired. All will be gone by mid-2020. It’s a pity to see the Search-Mailbox cmdlet being removed, but time and progress make this kind of thing inevitable.

Antivirus Exclusions and the Teams Desktop Client

Like all applications, the Microsoft Teams client has some “hot” files that the app depends on. Antivirus software processing can affect app performance if it conflicts with the hot files. You can exclude the Teams hot files from antivirus processing to see if that helps performance. Like anything to do with antivirus software, it’s a question of balancing security and performance.

Office 365 Message Encryption (OME) Making Protected Email Better

Microsoft is releasing some updates to Office 365 Message Encryption (OME) in January. The detail in the announcement wasn’t great, so we plunged in to find out what’s happening. THe bottom line is that OME will use tenant domains to send email so that anti-spam filters will consider the messages to be authentic.

The End of Delve Blogs

Microsoft has announced that Delve blogs will no longer be supported in 2020. The news is unsurprising because Delve blogs have not been actively developed for several years. Office 365 tenants with content in Delve blogs must figure out where to move the content to. It might be the case that you don’t need to do anything because the content isn’t needed. If you do need to keep it, you could move Delve blog posts to SharePoint news or similar repositories.

Microsoft Launches Office 365 in Switzerland

Office 365 services are now available in Switzerland from Microsoft’s datacenters located in Geneva and Zurich. The services available include Exchange Online, SharePoint Online, and Teams. Swiss tenants will continue to access other services like Stream and Planner from Office 365 datacenters in other regions.

Teams Replaces Commercial Cloud Trial with Exploratory Experience

Microsoft Teams will soon offer users the chance to engage with an exploratory experience to see what Teams is all about. The new experience replaces the previous 1-year trial offer. Office 365 tenant admins who don’t want users to test software can disable the ability to sign up for trial apps and services in the Office 365 Admin Center.

Improved Role Management in the Office 365 Admin Center

The Office 365 Admin Center is a critical tool for tenant admins. Recently, Microsoft has improved the management of role assignments by providing a way to compare what different roles can do. The idea is that if you know exactly what a role enables people to do, you’re less likely to assign the wrong role to the wrong people.

Why Site Renames and Teams Private Channels Mean You Should Review the Usage of Get-SPOSite

The Get-SPOSite PowerShell cmdlet is used to fetch details about SharePoint Online sites. It works well, but some recent functionality upgrades means that script writers need to be more precise about how they use the cmdlet. Most scripts don’t need to process redirect sites or the sites belonging to Teams private channels, so why would you ask Get-SPOSite to fetch these sites?

Why We Write PowerShell (for Office 365) Like We Do?

Everyone’s PowerShell style is different. Here at Office365ITPros, we try and write code to help people understand what’s possible when working with Office 365. Our scripts are certainly not up to professional standard in that they’re incomplete in many ways (comments are always good). But the code works and proves what you can do, which we think is important.

How to Configure the Per-Site Anyone Link Expiration Policy for SharePoint Online Sites

You can use PowerShell to configure a customized per-site Anyone sharing link period for different sites. Public sites might have a 365 day period while more confidential sites might have a more restricted period. All it takes is the Set-SPOSite cmdlet to set the necessary properties and you have a customized policy.

Get Email Notifications When Office 365 Services Break

Office 365 is a complex place and service incidents happen all the time. When something breaks, it’s good to know what those problems are. A new feature in the Office 365 Admin Cemter enables you to get email notifications for service incidents that affect your tenant. It’s all goodness, as long as the email service you choose to receive notifications remains in operation.

How to Use PowerShell to Send a Welcome Message to New Office 365 Users

Multiple PowerShell modules are available to Office 365 administrators to automate common processes. In this case, we want to send a welcome message to new accounts. Three PowerShell modules are available, but what’s the best in terms of performance and ease of use? There’s only one answer and that’s Exchange Online.

Using the Immersive Reader in Teams and OWA

The Microsoft Immersive Reader exists to make messages more readable for those who need a little help. It’s built into Office apps like Teams and OWA. Most people don’t know this or don’t need to use the reader, but those who do need support to access and understand text will find the Immersive Reader very helpful.

Disable Self-Service Purchases for Power Platform Apps

The prospect of allowing user-controlled purchases of Power Platform apps in an Office 365 tenant maddened many administrators. Microsoft promised to release a method to allow administrators control self-service purchases in a tenant. The MSCommerce PowerShell module is now available. Here’s how to use it to disable self-service purchases.

Teams Updates PowerShell Module for Private Channels

Some new and updated cmdlets in a new version of the Teams PowerShell module are available to support private channels. The cmdlets and parameters are pretty straightforward for anyone used to working with Teams through PowerShell. Remember to read up and understand all about private channels before trying to work with them through PowerShell.

Use ORCA to Check Office 365 Advanced Threat Protection Settings

ORCA is a project to help Office 365 tenant administrators validate their anti-spam and anti-malware settings against recommendations from Microsoft. ORCA is installed as a PowerShell module with just one cmdlet. After running Get-ORCAReport, you’ll have a report containing recommendations and observations about your configuration.

SharePoint Online Gains New Office 365 Compliance Features

At the Microsoft Ignite 2019 conference, Microsoft described how SharePoint Online will use Office 365 compliance features such as sensitivity labels and information barrier policies to better protect information stored in SharePoint sites. The Office Online apps also gain support for sensitivity labels. The new features will enter a mixture of public and private previews starting November 20.

Disabling Azure Active Directory Service Principal Might Block Power Platform Self-Service Purchases

Microsoft annoyed many Office 365 tenant administrators when they announced plans to allow self-service purchases for the Power Platform apps. A curious note in the FAQ might reveal how tenants can block this feature. If self-services purchases depend on accessing your tenant directory, maybe you can disable the service principal that holds the role enabling that access.

Helping Office 365 Users Access Azure Active Directory MySign-Ins

Azure Active Directory now features the public preview of the My Sign-Ins feature, which allows users to see where their sign-ins originate and what applications are used to sign-in. It’s a nice idea but Office 365 users are unlikely to find the page. We can help by creating a custom tile with a link to the My Sign-Ins page. The tile appears in the Office 365 apps menu and makes it easy for people to access their sign-in data.

Microsoft Clamps Down on Old Teams Desktop Clients

In an Office 365 notification to tenants, Microsoft says that the Modern Lifecycle Policy means that users must keep the Teams desktop up-to-date. The result is that users must make sure that their desktop client is no more than three months behind the latest software. If it is, they won’t be able to use the desktop client until it is updated.

Report Office 365 License Assignments to User Accounts

The Office 365 Admin Center includes reports of licenses assigned to users. The same information can be extracted with PowerShell, which means that you can analyze license assignments anyway you wish. The script is quick and easy, mostly because its error handling is non-existent, but it’s enough to get going.

Exchange Online Protection Improves Zero-Hour Auto Purge (ZAP)

The fight against spam and malware goes on unabated. ZAP, or zero-hour auto purge, is an Exchange Online Protection (EOP) feature that’s getting some extra features to deal better with spam and phish malware. New policy controls are available to control the feature.

Combining Microsoft Graph and Flow for Better Office 365 Adminstration

The Microsoft Graph gives programmers a RESTful interface to Office 365 data. Flow allows even non-programmers to automate tasks by combining building blocks of Office 365 data and actions. Put the two together and you can generate some impressive results. In this example, we combine Graph and Flow to create some nagging emails to admins to encourage them to improve the tenant’s Secure Score.

How to Report Exchange Online Mailbox Quota Usage Over a Set Threshold

Some Exchange Online mailboxes are quite small (2 GB for frontline users). Tenant administrators might want to monitor mailbox usage to make sure that quotas aren’t unexpectedly exhausted. This post explains how to use a PowerShell script to calculate the percentage of mailbox quota used and highlight the problem if a threshold is passed.

Safe Links and Safe URLs Delay Email Delivery For the Right Reasons

The Office 365 E5 plan includes Advanced Threat Protection (ATP), which builds on the anti-malware capabilities of Exchange Online Protection. ATP the includes Safe Attachments and Safe Links features, both of which can delay email delivery. I don’t notice the delay but others do. In any case, the more protection you have against malware, the better.

Discovering URLs for SharePoint Online and OneDrive for Business Sites

If you want to include SharePoint Online and OneDrive for Business locations in an Office 365 content search, you need to know the URLs of the target sites. Finding the URLs can be problematic, but here’s some easy ways to do the job. PowerShell, as usual, comes up trumps…

Stream Adds Recycle Bin for Videos

The Stream video service now boasts a recycle bin to allow Office 365 users 30 days to restore deleted videos. Stream administrators can access and restore videos deleted by anyone in a tenant. And, if necessary, users can permanently remove deleted videos before the 30-day retention period expires.

How AvePoint Backs Up Teams Conversations

The topic of Teams tenant-to-tenant migration generated a lot of reaction after an article published last week. This lead to a chat with AvePoint, who have a product similar to BitTitan. What was interesting is that AvePoint use the same API to backup Teams. Although the backup isn’t as functional as you want and definitely not designed for backups, you do end up with data backed up that can be restored. The solution is imperfect, but it is available now.

Using Teams App Permission Policies

Teams App Permissions policies allow Office 365 tenants to exert a fine degree of control over the apps users are allowed to install. You can amend the default policy or create new policies and assign the policies to user accounts through the Teams Admin Center or with PowerShell.

Microsoft Introduces New OWA Setting to Control Access to Storage Providers

Microsoft has announced that the AdditionalStorageProvidersAvailable setting in OWA mailbox policies will now control access to both first-party and third-party storage providers. The new setting is now available and becomes active in August. Before then, you might want to adjust some of your OWA mailbox policies.

How to Generate and Send a Teams Creation Report by Email

Office 365 Activity Alerts don’t seem to be working too well these days. At least, that’s what we found when we tried to create an alert for Teams creation events. Never mind, PowerShell will do the job as we can quickly whip up a PowerShell script to find audit records for team creations and put them into an email.

Analyzing Exchange Message Delete Events in the Office 365 Audit Log

Exchange Online writes audit records into the Office 365 audit log when messages are deleted by delegates and administrative action. We can analyze the audit records to find out who deleted a specific message. Some challenges exist to interpret the audit records for admin-generated deletions (for example, when you run Search-Mailbox), but it’s easy enough to code the necessary checks in PowerShell.

Reporting Spam to Make Exchange Online Protection Better

No one likes getting spam. Although EOP generally does a good job, Office 365 users can help themselves and help others by reporting spam that gets through to their mailboxes using Outlook’s Report Message add-in. And if they’d like someone else to report bad mesages, admins can do so through the Security and Compliance Center.

How to Find Azure Active Directory Administrative Accounts Unprotected by MFA

Microsoft makes a strong case that all Azure Active Directory accounts should be protected with multi-factor authentication (MFA). That’s a great aspiration, but the immediate priority is to check accounts holding administrative roles. This post explains how to use PowerShell to find and report those accounts.

New Roles Page in Office 365 Admin Center

Microsoft has introduced a new Roles page in the Office 365 Admin Center. The new page lists all the roles available in an Office 365 tenant and allows admins to quickly see who holds each role, and add or remove accounts from roles as needed. It’s a small but important change that is welcome because it makes it easier for tenants to manage permissions.

Microsoft Breaks PowerShell Command Logging in Exchange Online Admin Center

The ability to see the PowerShell commands executed by Exchange administrative centers has existed since Exchange 2007. Now something has changed in Exchange Online and the command log is blank. It’s sad because many administrators learned to use PowerShell by examining how Microsoft used it to manage Exchange. Let’s hope that Microsoft fixes this bug soon.

Teams Compliance Records and Frontline Office 365 Accounts

Teams does a good job of storing compliance records in Exchange Online mailboxes so that the data is available for Office 365 eDiscovery. But the number of records can impact the mailbox quotas of frontline workers, especially if they send graphics in personal and group chats. Here’s some PowerShell to help discover how much mailbox quota is being absorbed by compliance records.