The latest update for sensitivity labels allows them to control the sharing capability of SharePoint Online sites. It’s a powerful example of policy-based management in action and demonstrates just how useful sensitivity labels will be as Microsoft steadily builds out the set of controls available through labels.
Sensitivity labels are a great way to protect confidential documents stored in SharePoint Online. Sometimes the documents must be decrypted. This article explains how to build a PowerShell script which uses Graph API calls to navigate to a folder in a SharePoint Online document library and decrypt the protected documents found in the folder.
SharePoint Online and OneDrive for Business have a new sharing link control which highlights the permissions assigned to sharing recipients. It’s a minor tweak which is actually a pretty good idea as the last iteration of the sharing control buried permissions behind the scenes. And as we all know, permissions are important to IT resources.
A new preview feature allows the resources available to an Azure AD guest account to be reassigned to another email address. It’s a nice feature, but Teams has some problems with it at present. On the upside, everything works great with SharePoint Online and Planner, and we’re sure that Microsoft will fix the problem with Teams soon.
The OneDrive sync client is an important Microsoft 365 component which underpins features like autosave and coauthoring of Office documents. During the March 15 Azure AD outage, the client had a meltdown and removed all the local copies of files stored in a SharePoint Online folder, seemingly because it couldn’t authenticate. The problem was easily fixed, but it’s a bad example of handling what could be a transient authentication issue.
If you encounter an error when sharing a SharePoint file, you might see an error code like OSE204. What do these mainframe-like codes mean and why does SharePoint show them? Or more importantly, how did the sharing capability of a site change through administrator incompetence? And why is Microsoft removing the option to send a sharing link via Outlook (OWA)?
Microsoft has announced that recordings of Teams meetings stored in OneDrive for Business will be blocked for download by anyone except the owner. The change will roll out in mid-April and should be complete by mid-June. Microsoft’s post draws attention to the fact that you shouldn’t use channel meetings to discuss confidential topics. It’s all to do with the Microsoft 365 Groups membership model.
Audit records are a great way to gain an understanding of what happens inside Office 365. We use PowerShell to report actions taken with sensitivity labels such as protecting files and containers. The latest development is the addition of support in the Microsoft 365 apps for enterprise (Office desktop) to log audit events when users interact with sensitivity labels. Unsurprisingly, more events are often logged by the desktop apps than their online equivalents.
Microsoft’s Edge browser recently introduced sleeping tabs to conserve resources. Although this is a good idea, putting SharePoint Online tabs to sleep stops them reconnecting. I suspect it is because a refresh token times out and isn’t renewed. The solution is to add SharePoint Online sites to the list of sites that don’t sleep. Always-on document management is the best approach.
Viva Topics is one of the four modules in the Microsoft Viva employee engagement platform. You can run a 25-user trial for 30 days to create some topics and see how things work. A trial should help an organization decide if they want to pay the $5/user/month Microsoft asks for Viva Topics licenses – and everyone needs a license to see topic cards, which is the point of Topics.
A change made to the storage location in SharePoint Online for email sent to Teams channels caused problems for people who created Flows based on a known location. Instead of having one big folder for email messages sent to a folder, it seems like Microsoft plans to use a new folder for each month. There’s nothing wrong with this approach, but it would have been nice if Microsoft warned people using the folder for automated processing that a change was coming. They didn’t.
Storage for videos stored in the new Stream will be charged against SharePoint Online and OneDrive for Business accounts. This shouldn’t make much difference for Teams recordings, as there’s plenty of storage available for OneDrive accounts. You can increase the default amount to 5 TB in enterprise tenants, and that should be enough for even the most copious of Teams meeting recorders.
Microsoft says that SharePoint Online now has 200 million monthly active users. Teams is the major influence driving SharePoint growth with an increasing number of touchpoints between the two Microsoft 365 workloads.
The container management settings of sensitivity labels can now manage the external sharing capability of SharePoint Online team sites. The same settings as available in the SharePoint admin center or PowerShell can be applied through a label. Caching means that new settings in a label might not be picked up by SharePoint Online for up to 24 hours.
Site Mailboxes were the face of Microsoft collaboration at one time. But that’s long in the past and it’s time for these archaic mailboxes to be dispatched. Microsoft will retire them from Office 365 in April 2021, probably two years after they passed their best-by date. I tried to clean up my tenant and failed utterly, so I’m leaving the mess for Microsoft to sort out.
SharePoint Online now boasts the Add shortcut to OneDrive feature, which is a very usefuil way to assemble a set of points to important SharePoint folders in OneDrive. While Microsoft Search can find documents and Delve can display a set of documents added to boards, being able to find all your important folders in OneDrive for Business is a very effective way to have fast access to your most important files.
After a long delay to make adjustments, Teams is adopting the common file sharing mechanism used by Microsoft 365 applications. After being delayed, the roll-out starts in mid-March and should be complete in mid-April. 2021. With Teams in the fold, we can say that sharing is done consistently across Office 365, which can’t be a bad thing.
Office 365 Tenants need to stop people using Internet Explorer. On November 30, Teams stops support for IE11; nine months later, the rest of the Microsoft 365 apps cease support. According to Microsoft, the only browser in town is the new Edge (which has an IE mode), but most will keep on using Chrome, Firefox, Brave, or Safari as they do today.
The latest version of the Edge Chromium browser can read files protected by Office 365 sensitivity labels stored in SharePoint Online and Exchange Online. This might not be the feature that causes you to dump Chrome, but it’s very useful when your tenant uses sensitivity labels.
OneDrive clients have access to version history for files stored in SharePoint Online and OneDrive (business and consumer). Until they don’t, which is why I am grumpy today. As it turns out, the feature works on one PC but not another, and that’s super-frustrating.
When you need to block external access to your most sensitive documents, Office 365 Data Loss Prevention policies and sensitivity labels combine to find and protect the documents. A really simple policy is enough to detect and block external access, and is covered by Office 365 E3 licenses. If you have E5 licenses, you can consider auto-label policies to find and protect sensitive documents at scale.
Sensitivity labels are spreading across Office 365. Now you can search SharePoint Online to find documents with a specific label. And if you make an extra tweak to the search schema, you can find labeled sites too. All of which seems boring and uninteresting until you actually need to do it.
Support for sensitivity labels is generally available for SharePoint Online. Users can apply labels to classify and protect documents, but a mismatch can happen between labels applied to documents and the sites where the documents are stored. When this happens, SharePoint Online emails site owners to tell them that a mismatch exists.
SharePoint Online generates a lot of events in the Office 365 audit log. You can interrogate the log with PowerShell to create per-user reports of their activities. The Search-UnifiedAuditLog cmdlet finds all the necessary data; after that it’s just a matter of filtering and refining the data and then creating the reports.
Microsoft has published updates for the Exchange Online management and SharePoint Online PowerShell modules. Generally it’s a good idea to install the latest version of PowerShell modules for the different Office 365 products, but beware of some gotchas that await the unwary…
Do you need to find out who updated a SharePoint Online or OneDrive for Business document? Use PowerShell to search the Office 365 audit log for document events and the complete history is available. Well, at least the last 90 days’ history – or 365 days if you have the necessary licenses.
It’s easy to retrieve storage data for SharePoint Online sites with PowerShell, but it’s faster with the Graph. Some disadvantages do exist, but it’s nice to have a choice. TheGraph is faster, especially with large tenants, but the SharePoint Online PowerShell cmdlets can deliver more data.
Word users range from casual to professional writers. Those involved in collaborative co-authoring can now @mention others in comments. The feature is available in Word and PowerPoint (click to run) and the Office Online apps now and Excel desktop is due to get it too. Documents must be stored in SharePoint Online or OneDrive for Business to allow @mentioned people access the files.
SharePoint Online comes with a reasonable amount of free storage, but it’s surprising how quickly that storage can be consumed, especially if you use Office 365 retention policies. With that thought in mind, it’s a good idea to check what sites are consuming your SharePoint storage. This post covers how to write a PowerShell script to report SharePoint Online site storage, complete with a couple of bells and whistles.
Large Office 365 tenants with more than 10,000 seats can now use the SharePoint Online site swap feature to replace an old root site with a new communications site. The site swap must be done with PowerShell and needs a new version of the Invoke-SPOSiteSwap cmdlet. Once you prepare your new site for swapping, everything goes smoothly.
Like many other parts of Office 365, you can manage SharePoint Online with PowerShell. At least, you can manage some aspects of SharePoint Online with PowerShell. Microsoft has made it easier to keep up to date with the latest SharePoint Online module and the PnP module, so there’s lots of cmdlets to help Administrators do a better job of automating different aspects of SharePoint Online.
After a long delay, Microsoft has started to deploy the new Teams Files channel tab experience to Office 365 tenants. The new experience is more functional than the old, even if it doesn’t offer the complete set of features available in the SharePoint Online browser interface. You should see the new tab interface very soon if it’s not already in your tenant.
A recent Teams Live Event hosted by Microsoft’s Information Protection team discussed the automatic assignment of sensitivity labels to SharePoint Online and OneDrive for Business content. A preview is now available and Microsoft hopes to make this functionality available at the end of March 2020. You’ll need Office 365 E5 or Microsoft 365 E5 licenses.
Now that SharePoint Online supports Office 365 Sensitivity Labels, it’s time to consider how to protect files stored in document libraries. When you compare the two approaches, there’s really only one winner. And there’s no surprise in saying that the winner is Office 365 Sensitivity Labels.
The SharePoint Conference 2020 takes place in Las Vegas on 19-21 May 2020. SharePoint is very important to Office 365 and it’s important that tenant administrators understand SharePoint. Tony is going to Vegas to learn and to deliver sessions about Teams and Office 365 Sensitivity Labels. And avoid gambling, vice, and other bad things.
Teams and SharePoint Online share a connection through the Files Channel tab. Unfortunately, if you rename the URL of a SharePoint site, the connection broke. The good news is that Microsoft has now fixed the problem. Some pesky bugs got in the way, one of which stopped the connection being restored. But the developers persisted and the final bug was fixed last week.
Microsoft has announced that Delve blogs will no longer be supported in 2020. The news is unsurprising because Delve blogs have not been actively developed for several years. Office 365 tenants with content in Delve blogs must figure out where to move the content to. It might be the case that you don’t need to do anything because the content isn’t needed. If you do need to keep it, you could move Delve blog posts to SharePoint news or similar repositories.
Publishing SharePoint Online content to Teams is a great way to make users aware of important information. The standard SharePoint web part makes it easy to publish content from the site belonging to a team. Things are a little more difficult when you want to publish content to a team from a different site. Fortunately the website tab comes to the rescue.
We all store lots of information in the cloud and sometimes it is hard to find work that needs to be resumed or finished. OneDrive for Business and SharePoint Online now boast the ability to mark files and folders for later. The two apps share a common list and make it easy for users to find work that they need to return to.
The Get-SPOSite PowerShell cmdlet is used to fetch details about SharePoint Online sites. It works well, but some recent functionality upgrades means that script writers need to be more precise about how they use the cmdlet. Most scripts don’t need to process redirect sites or the sites belonging to Teams private channels, so why would you ask Get-SPOSite to fetch these sites?