The Azure AD sign-in frequency controls how often accounts must reauthenticate. Setting an unreasonably short value makes it more difficult for people to work because Azure AD constantly nags for credentials, including MFA challenges. I experienced the effect of such a policy last week and it wasn’t nice. Security policies need to be practical and pragmatic as well as effective.
Teams bulk policy assignment options include two features in the Teams admin center, batch jobs, Azure Automation and plain-old PowerShell. In this article, we examine the options in the Teams Admin Center to revert policy assignments back to the global (default) policy and a way to perform Teams bulk policy assignments for selected accounts. And we mention the other methods that exist which don’t involve the Teams admin center.
Microsoft uses machine learning in Outlook and Exchange Online to create the basis for what they call intelligent technology like suggested replies and text prediction. To generate the language models used to figure out how Outlook should respond to users, Microsoft needs to copy data from user mailboxes for processing. The data is removed and the results stored in user mailboxes once processing is complete. Is this an issue for Microsoft 365 tenants? It all depends on your view of how data should be processed.
Microsoft 365 pronouns for display in apps like Teams and OWA can now be enabled on a tenant-wide basis. Displaying pronouns is a topic that can cause strong feelings for some, so organizations should take their time and plan an implementation before rushing to deployment.
Microsoft is dropping lots of hints to the press about the imminent arrival of the new Teams client (V2.1), due to arrive in public preview in late March 2023. According to reports, the new Teams client will deliver better performance while using 50% less memory and making fewer demands for CPU. It all sounds great. With the new client coming into sight, it’s time to prepare Teams update policies to make sure that the right users get the new software at the right time.
The new Azure AD app property lock feature (in preview) prevents attackers updating the credentials for an Azure AD enterprise app so that they can get an access token and exploit the app’s permissions. This technique has been used in several attacks, notably the infamous SolarWinds exploit in 2021. The app property lock is not mandatory and it’s important to keep on checking the audit log to make sure that attackers don’t creep into your tenant.
On April 12, 2023, Microsoft will retire the original version of Teams free introduced in 2018. If you want to stay using a free version, Microsoft has Teams for Home. However, the functionality isn’t the same and there’s no migration tools available to move from one platform to the other. In this kind of situation, it might just be time to bite the bullet and pay for Teams.
Microsoft announced that they will rebrand Yammer as Viva Engage. The decision isn’t surprising given the relative lack of success the Yammer brand has had within Microsoft 365 since its acquisition in 2012. The hope is that the now-renamed Yammer can forge ahead and be more successful under the Viva brand. Time will tell.
Every thirteen weeks, Microsoft shares some numbers as part of its quarterly results. The FY23 Q2 data included a new Teams user number (280 million monthly active users) and some clues that Office 365 is approaching 400 million paid seats – or maybe active users. You can never quite tell from the data Microsoft releases. One thing’s for sure. The cloud market is slowing in line with the general economy, which means that Microsoft needs to extract more money from each user to offset the slowdown in seat growth.
This article describes how to restore deleted Azure AD groups with PowerShell using cmdlets from the Microsoft Graph PowerShell SDK. Although options exist in the Microsoft 365 admin center and Azure AD admin center to restore deleted groups, it’s nice to have the option to do the same with PowerShell.
The Report a concern option is available in Teams personal and group chats when enabled in a messaging policy and the organization uses communication compliance policies. Microsoft creates a communication compliance policy automatically to process messages reported by users. The investigation process follows the same flow as for other communication compliance policies, even if the messages might vary a tad in terms of their content because it’s a very subjective decision by a user to report content. Overall, a nice feature to have.
Microsoft announced that they will pause sending the daily Viva Briefing messages to make improvements to the personalized content in the messages. No detail has been revealed about the kind of changes Microsoft is contemplating, so all we can do is write some PowerShell to show which mailboxes are currently enabled to receive the daily briefing.
The ChatGPT project is an interesting and worthwhile examination of how artificial intelligence can generate answers to questions. However, the answers depend on the source material, and the signs are that ChatGPT isn’t great at answering questions about Microsoft 365.
A December 2 post by the Microsoft Graph development team clarifies how it plans to charge for some Microsoft 365 APIs. The three-tier model Microsoft plans to use is logical and the default will remain free access to customer data. However, the way Microsoft has communicated the introduction of a charging model for some high-capacity APIs is a model of how not to manage change.
SharePoint Online is a critical piece of the Microsoft 365 ecosystem. Its document management service is consumed by many apps like Teams, Yammer, and Planner. OneDrive for Business, the personal side of SharePoint Online, also contributes to SharePoint’s success with components like the synchronization client. Without SharePoint Online, Microsoft 365 would be a very different offering and a worse platform to work with.
Microsoft Cloud revenues reached $25.7 billion in Microsoft’s FY23 Q1 results. That sounds good, but it’s a slowing over the rate seen in previous quarters. It might be the case that the size of the installed base is not growing as quickly as it once did, but Microsoft is making sure that it extracts as much revenue as it can from its cloud customers. That’s a trend you can expect to continue
Hidden membership is supported for Microsoft 365 Groups and distribution lists. Hidden membership means that no one except members and admins can see who’s in a group. It’s a useful feature if you don’t want people poking around to find out who’s in a group or distribution list. One thing to be aware of is that once a Microsoft 365 group has hidden membership, it has it forever. Distribution lists on the other hand can flip between hidden and visible membership.
Microsoft DART (cybersecurity response team) published an interesting article about the essential sources of Microsoft 365 audit data used for forensic investigations. The Office 365 audit log gets a big mention and DART seems pretty impressed by the new audit log search that’s available in preview in the Purview Compliance portal. I’m not impressed by the performance of the new interface and will continue to use PowerShell. As it turns out, so will DART.
After debuting in summer 2021, the Microsoft Cortana Scheduler service will close on September 1, 2023. High cost and a lack of users are among the likely causes for Scheduler’s demise, but it wouldn’t be surprising to see it reappear in the future as part of a high-end Office 365 or Microsoft 365 bundle.
A new version of the Microsoft 365 user activity report PowerShell script is available. This version extends the activity lookback period to 180 days, which is helpful when assessing if user accounts are active when people might be on parental leave or sabbaticals.
In a welcome move, Microsoft has revamped its guidance for Microsoft 365 compliance licensing, specifically for Data Lifecycle and Records Management. The new text is much clearer about when different licenses are needed to use a feature, which is goodness even if you disagree that a feature should need a high-end license. Now if only Microsoft could do the same for the rest of its documentation…
Microsoft has released 42 new sensitive information types (SITs) in preview. The new SITs cover credentials used in services such as Azure, GitHub, Amazon, and Google, and can be deployed in Purview solutions like DLP and auto-labeling policies.
Microsoft’s FY22 Q4 results didn’t reveal too much in terms of real numbers for Office 365 users, or usage of individual workloads like Teams or SharePoint Online. We do know that the Microsoft Cloud segment reached the landmark of $100 billion in annualized run rate ($91.2 billion actual). How much of that is down to Office 365? That takes some guesswork, but we’ve done our best.
A new Software Updates page in the Microsoft 365 admin center is intended to help tenant administrators keep an eye on what Office and Windows software people are using. As you’d expect, the page offers no details about non-Microsoft clients connected to Microsoft 365. That’s OK, except when work is needed to make sure that clients can cope with the effects of a massive change, like the October retirement of basic authentication for seven email connection protocols.
Some recent announcements will make it much easier to work with PDFs protected with sensitivity labels. Adobe is now bundling the MIP plug-in with the Acrobat installer and has plans to allow users to apply sensitivity labels within Acrobat. But the big news is the change in Office applications to generate protected PDFs when saving, exporting, or sharing protected documents, spreadsheets, and presentations.
Microsoft Loop components are available now in Teams chats and will soon become available in OWA. Loop components are a new way of collaborative working that some will find very attractive. However, under the covers, some compliance issues can block organizations from allowing the use of Loop components. This post explains the issues involved in eDiscovery and export of items containing Loop components.
Outlook users have been able to see LinkedIn profile information for several years. Now Teams chat has the same kind of LinkedIn connection to expose profile information of people you chat with. Because Teams is more internally-focused than email is, the integration might be less useful than it is in Outlook. Then again, you might need to find out some information about people you work with!
Microsoft is rolling out the necessary bits to applications to support the Microsoft 365 web app account switcher. The account switcher allows users to move between accounts in different Microsoft 365 tenants, or to their personal Microsoft Services (MSA) accounts for apps like Outlook.com and OneDrive (consumer). The account switcher works, but only when all the necessary code is available. When that happens, all should be well, but in the interim, maybe it’s wise to wait.
Microsoft’s FY22 Q3 results disclose a ton of success for the Microsoft Cloud, with revenues now approaching an annualized run rate of $100 billion. We got a new number for Office 365 users too and learned that Microsoft has 345 million paid seats for Office 365. Good progress too for Enterprise Mobility and Security and Azure Active Directory. All in all, great results.
On the surface, the Admin-Microsoft 365 Teams app seems to offer a lot of promise. However, its functionality is disappointing and anyway, do you really want administrators performing tenant management through Teams when they’re signed into their personal accounts? Some will like the app, but I’m not a fan.
Microsoft marketing folks are no doubt very pleased with their latest branding success in introducing the Microsoft Purview suite. Others aren’t quite so thrilled, especially anyone who writes about technology and now has to update text to match the desires of the brand police. On the upside, there’s some good new functionality coming for different products in the suite.
A new Microsoft Graph query makes it easy to fetch per-team activity data for reporting. You can also fetch the data with the Microsoft Graph PowerShell SDK. The data goes back a maximum of 90 days and is at least two days old when you fetch it. Those facts are easy to live with. What’s not so good is that the activity data focuses exclusively on channel activity and avoids everything else which happens in Teams.
Microsoft is deploying an update to extend support for its customer lockbox feature to Teams user content, like chat or channel messages. Customer lockbox is part of the Office 365 and Microsoft 365 E5 products. It’s a useful control over the access Microsoft support personnel can get to user content, but it seems like this feature should be included in lower-cost products like Office 365 E3. Not that this will happen…
Microsoft has released the preview of an idle session timeout policy to control the automatic sign-out of Microsoft 365 web apps. Not every web app is covered, but those that are will be signed out automatically when one of the covered apps becomes inactive for a stated period in a browser session. At that point, Microsoft 365 signs out all the web apps and forces the user to sign in again. Sounds like a reasonable idea, and it replaces existing mechanisms available for OWA and SharePoint Online.
Microsoft’s Remote Connectivity Analyzer (MRCA) utility is now able to run diagnostics to check connectivity between Teams and an Exchange hybrid organization. MRCA was in the doldrums for several years because no one inside Microsoft had any interest in providing funding for its development and support. Now the utility is roaring back with a set of new tests covering different aspects of Microsoft 365. Recommended!
In a March 4 update, Microsoft announced that Microsoft 365 web apps will get a new account switcher to allow users to run multiple signed-in sessions and switch between the accounts seamlessly. Not every Microsoft 365 web app supports the new feature, with Teams being a notable miss, but there’s enough there to make this a very useful feature.
People insights is one of the three types of insights derived by the Microsoft Graph from signals gathered from user activity in Microsoft 365 apps. Some organizations don’t like to show people insights in the user profile card, and now you can update an organization setting to remove people insights from the card for all or just some users.
An update to Microsoft Search means that search results available in SharePoint Online and Office.com now include Outlook and Teams messages. Microsoft has also updated Microsoft Search in Bing to include Outlook messages. All in all, these changes make Microsoft Search the go-to location when you need to find mailbox and Teams messages.
The February 2022 update for Office 365 for IT Pros (2022 edition) is now available for subscribers to download. This is the 80th monthly update for the book, so you can say that we have accumulated some practice in producing monthly updates. Every month, we meet some surprises as we develop new content, amend existing text, or remove old material. It’s part of the joy of working on a book which evolves all the time, We’d appreciate if subscribers download the February update at their convenience… why use old text when an updated version is available?