Auto-label policies are a good way to assign retention labels to important files stored in SharePoint Online and OneDrive for Business. The big problem is tracking the progress of auto-labeling. In this article, we explore how to use events logged in the Office 365 audit log to figure out what files are labeled and how long it takes the auto-label policies to process the files. The example explored here is an auto-label policy for Teams meeting recordings.
Microsoft is changing the SharePoint document library UI for sites used by Teams private channels to make sensitivity labels read-only and move a link into the command bar. That doesn’t sound so important, but it’s part of the preparation for the introduction of Teams Connect, aka Shared channels. It’s just a pity that the text of message center notification MC261534 was so confusing when it first appeared.
Two Microsoft 365 message center notifications covering Progressive Web Apps (PWAs) for OneDrive and Lists are interesting, but the news of the arrival of the new Nucleus synchronization engine within the OneDrive sync client (for Windows) is even more interesting. Together, the combination of PWAs and Nucleus make OneDrive and SharePoint data more accessible to users.
A preview for Sensitivity Labels show how they can use Azure AD authentication contexts and conditional access policies to protect SharePoint Online sites. Although you can link conditional access policies to sites with PowerShell, it’s a lot easier to make the connection through sensitivity labels. Any SharePoint Online site which receives a label configured with an authentication context automatically invokes the associated conditional access policy to protect its contents.
New PowerShell commands for sensitivity labels can configure default sharing link settings for SharePoint Online sites. Any site assigned a label configured for default sharing links inherits those settings within 24 hours. The new settings are in public preview now with general availability expected later this year. They build on the existing set of controls for container management available for sensitivity labels and show how powerful it is for organizations to be able to deploy management policy settings via labels.
Microsoft will soon impose a limit on the number of PST versions kept by SharePoint Online and OneDrive for Business. PST files have no business being in cloud storage, so this is a reasonable step. People shouldn’t keep PSTs in SharePoint or OneDrive document libraries and organizations shouldn’t let them. In fact, you should block PSTs from OneDrive synchronization and make plans to eradicate these pesky files.
SharePoint site owners can teamify (team-enable) their site, which is nice, Now you can create channel tabs based on site resources during the team enablement process. It’s a nice new feature but you must remember that a new team only has a General channel, so site resources will end up in a place where they might necessarily not end up in the long run.
The latest update for sensitivity labels allows them to control the sharing capability of SharePoint Online sites. It’s a powerful example of policy-based management in action and demonstrates just how useful sensitivity labels will be as Microsoft steadily builds out the set of controls available through labels.
Sensitivity labels are a great way to protect confidential documents stored in SharePoint Online. Sometimes the documents must be decrypted. This article explains how to build a PowerShell script which uses Graph API calls to navigate to a folder in a SharePoint Online document library and decrypt the protected documents found in the folder.
SharePoint Online and OneDrive for Business have a new sharing link control which highlights the permissions assigned to sharing recipients. It’s a minor tweak which is actually a pretty good idea as the last iteration of the sharing control buried permissions behind the scenes. And as we all know, permissions are important to IT resources.
A new preview feature allows the resources available to an Azure AD guest account to be reassigned to another email address. It’s a nice feature, but Teams has some problems with it at present. On the upside, everything works great with SharePoint Online and Planner, and we’re sure that Microsoft will fix the problem with Teams soon.
The OneDrive sync client is an important Microsoft 365 component which underpins features like autosave and coauthoring of Office documents. During the March 15 Azure AD outage, the client had a meltdown and removed all the local copies of files stored in a SharePoint Online folder, seemingly because it couldn’t authenticate. The problem was easily fixed, but it’s a bad example of handling what could be a transient authentication issue.
If you encounter an error when sharing a SharePoint file, you might see an error code like OSE204. What do these mainframe-like codes mean and why does SharePoint show them? Or more importantly, how did the sharing capability of a site change through administrator incompetence? And why is Microsoft removing the option to send a sharing link via Outlook (OWA)?
Microsoft has announced that recordings of Teams meetings stored in OneDrive for Business will be blocked for download by anyone except the owner. The change will roll out in mid-April and should be complete by mid-June. Microsoft’s post draws attention to the fact that you shouldn’t use channel meetings to discuss confidential topics. It’s all to do with the Microsoft 365 Groups membership model.
Audit records are a great way to gain an understanding of what happens inside Office 365. We use PowerShell to report actions taken with sensitivity labels such as protecting files and containers. The latest development is the addition of support in the Microsoft 365 apps for enterprise (Office desktop) to log audit events when users interact with sensitivity labels. Unsurprisingly, more events are often logged by the desktop apps than their online equivalents.
Microsoft’s Edge browser recently introduced sleeping tabs to conserve resources. Although this is a good idea, putting SharePoint Online tabs to sleep stops them reconnecting. I suspect it is because a refresh token times out and isn’t renewed. The solution is to add SharePoint Online sites to the list of sites that don’t sleep. Always-on document management is the best approach.
Viva Topics is one of the four modules in the Microsoft Viva employee engagement platform. You can run a 25-user trial for 30 days to create some topics and see how things work. A trial should help an organization decide if they want to pay the $5/user/month Microsoft asks for Viva Topics licenses – and everyone needs a license to see topic cards, which is the point of Topics.
A change made to the storage location in SharePoint Online for email sent to Teams channels caused problems for people who created Flows based on a known location. Instead of having one big folder for email messages sent to a folder, it seems like Microsoft plans to use a new folder for each month. There’s nothing wrong with this approach, but it would have been nice if Microsoft warned people using the folder for automated processing that a change was coming. They didn’t.
Storage for videos stored in the new Stream will be charged against SharePoint Online and OneDrive for Business accounts. This shouldn’t make much difference for Teams recordings, as there’s plenty of storage available for OneDrive accounts. You can increase the default amount to 5 TB in enterprise tenants, and that should be enough for even the most copious of Teams meeting recorders.
Microsoft says that SharePoint Online now has 200 million monthly active users. Teams is the major influence driving SharePoint growth with an increasing number of touchpoints between the two Microsoft 365 workloads.
The container management settings of sensitivity labels can now manage the external sharing capability of SharePoint Online team sites. The same settings as available in the SharePoint admin center or PowerShell can be applied through a label. Caching means that new settings in a label might not be picked up by SharePoint Online for up to 24 hours.
Site Mailboxes were the face of Microsoft collaboration at one time. But that’s long in the past and it’s time for these archaic mailboxes to be dispatched. Microsoft will retire them from Office 365 in April 2021, probably two years after they passed their best-by date. I tried to clean up my tenant and failed utterly, so I’m leaving the mess for Microsoft to sort out.
SharePoint Online now boasts the Add shortcut to OneDrive feature, which is a very usefuil way to assemble a set of points to important SharePoint folders in OneDrive. While Microsoft Search can find documents and Delve can display a set of documents added to boards, being able to find all your important folders in OneDrive for Business is a very effective way to have fast access to your most important files.
After a long delay to make adjustments, Teams is adopting the common file sharing mechanism used by Microsoft 365 applications. After being delayed, the roll-out starts in mid-March and should be complete in mid-April. 2021. With Teams in the fold, we can say that sharing is done consistently across Office 365, which can’t be a bad thing.
Office 365 Tenants need to stop people using Internet Explorer. On November 30, Teams stops support for IE11; nine months later, the rest of the Microsoft 365 apps cease support. According to Microsoft, the only browser in town is the new Edge (which has an IE mode), but most will keep on using Chrome, Firefox, Brave, or Safari as they do today.
The latest version of the Edge Chromium browser can read files protected by Office 365 sensitivity labels stored in SharePoint Online and Exchange Online. This might not be the feature that causes you to dump Chrome, but it’s very useful when your tenant uses sensitivity labels.
OneDrive clients have access to version history for files stored in SharePoint Online and OneDrive (business and consumer). Until they don’t, which is why I am grumpy today. As it turns out, the feature works on one PC but not another, and that’s super-frustrating.
When you need to block external access to your most sensitive documents, Office 365 Data Loss Prevention policies and sensitivity labels combine to find and protect the documents. A really simple policy is enough to detect and block external access, and is covered by Office 365 E3 licenses. If you have E5 licenses, you can consider auto-label policies to find and protect sensitive documents at scale.
Sensitivity labels are spreading across Office 365. Now you can search SharePoint Online to find documents with a specific label. And if you make an extra tweak to the search schema, you can find labeled sites too. All of which seems boring and uninteresting until you actually need to do it.
Support for sensitivity labels is generally available for SharePoint Online. Users can apply labels to classify and protect documents, but a mismatch can happen between labels applied to documents and the sites where the documents are stored. When this happens, SharePoint Online emails site owners to tell them that a mismatch exists.
SharePoint Online generates a lot of events in the Office 365 audit log. You can interrogate the log with PowerShell to create per-user reports of their activities. The Search-UnifiedAuditLog cmdlet finds all the necessary data; after that it’s just a matter of filtering and refining the data and then creating the reports.
Microsoft has published updates for the Exchange Online management and SharePoint Online PowerShell modules. Generally it’s a good idea to install the latest version of PowerShell modules for the different Office 365 products, but beware of some gotchas that await the unwary…
Do you need to find out who updated a SharePoint Online or OneDrive for Business document? Use PowerShell to search the Office 365 audit log for document events and the complete history is available. Well, at least the last 90 days’ history – or 365 days if you have the necessary licenses.
It’s easy to retrieve storage data for SharePoint Online sites with PowerShell, but it’s faster with the Graph. Some disadvantages do exist, but it’s nice to have a choice. TheGraph is faster, especially with large tenants, but the SharePoint Online PowerShell cmdlets can deliver more data.
Word users range from casual to professional writers. Those involved in collaborative co-authoring can now @mention others in comments. The feature is available in Word and PowerPoint (click to run) and the Office Online apps now and Excel desktop is due to get it too. Documents must be stored in SharePoint Online or OneDrive for Business to allow @mentioned people access the files.
SharePoint Online comes with a reasonable amount of free storage, but it’s surprising how quickly that storage can be consumed, especially if you use Office 365 retention policies. With that thought in mind, it’s a good idea to check what sites are consuming your SharePoint storage. This post covers how to write a PowerShell script to report SharePoint Online site storage, complete with a couple of bells and whistles.
Large Office 365 tenants with more than 10,000 seats can now use the SharePoint Online site swap feature to replace an old root site with a new communications site. The site swap must be done with PowerShell and needs a new version of the Invoke-SPOSiteSwap cmdlet. Once you prepare your new site for swapping, everything goes smoothly.
Like many other parts of Office 365, you can manage SharePoint Online with PowerShell. At least, you can manage some aspects of SharePoint Online with PowerShell. Microsoft has made it easier to keep up to date with the latest SharePoint Online module and the PnP module, so there’s lots of cmdlets to help Administrators do a better job of automating different aspects of SharePoint Online.
After a long delay, Microsoft has started to deploy the new Teams Files channel tab experience to Office 365 tenants. The new experience is more functional than the old, even if it doesn’t offer the complete set of features available in the SharePoint Online browser interface. You should see the new tab interface very soon if it’s not already in your tenant.
A recent Teams Live Event hosted by Microsoft’s Information Protection team discussed the automatic assignment of sensitivity labels to SharePoint Online and OneDrive for Business content. A preview is now available and Microsoft hopes to make this functionality available at the end of March 2020. You’ll need Office 365 E5 or Microsoft 365 E5 licenses.