Not a Rant About Microsoft’s Plan to Stop Old Exchange Servers Sending Email to Exchange Online

Microsoft’s plan to stop Exchange Online accepting email from unsupported Exchange Servers caused a lot of fuss and bother. Looking through the commentary and questions about the announcement, I’m not sure if people understand fully what’s happening. It seems clear to me, but as Richard Campbell of RunAs Radio fame wants me to rant about the topic, here’s my measured opinion (not a rant).

How the Request Files Feature Works in SharePoint Online

SharePoint Online now supports the Request Files feature to allow users to create links for external people to upload files to a folder in a document library. It’s a feature that will appeal to some organizations and horrify others who see the ability for external people to upload files to SharePoint Online as just another avenue for attack. The feature depends on the tenant allowing Anyone links, which are blocked by many organizations.

Microsoft Enforces New License Rules for Teams Room Devices

On March 24, Microsoft announced new rules for licensing Teams Rooms Devices. Instead of being able to assign a user subscription license (like Office 365 E3), tenants must assign a Teams Rooms Pro or Teams Rooms Standard license to the room mailboxes used by devices. If they don’t, the devices won’t be able to connect after July 1, 2023. Microsoft suggests a script to find licensed room mailboxes. It’s OK, but we can make the script run much faster, which might just be important in the types of tenants that use Teams Rooms devices.

New Teams 2.1 Client Arrives in Preview

Microsoft has made a preview version of the new Teams client available to commercial tenants worldwide. The preview runs only on Windows and isn’t yet available in browser sessions. Some functionality is missing because it’s incomplete but the new client is faster and snappier than the classic Teams client. To use the preview, you’ll need to enable the new client through a Teams update policy.

Azure AD Admin Center Moves to Microsoft Entra Admin Center

The changes in Microsoft 365 keep on coming thick and fast. Changes range from the introduction of fundamental new technology like Microsoft 365 Copilot to an update to a small product detail. In this case, the Azure AD admin center is moving to the Microsoft Entra admin center. Microsoft has its own reasons for making this change, which will ripple out across the community to affect content developers and trainers. Is that a problem? Only if you don’t respond.

Teams Files App Gets an Overhaul

Microsoft has overhauled the Teams Files App as part of its work to refresh the Teams client UI. We’re still waiting to know about the new channels experience which is supposed to appear at around the same time. This work will refresh and enhance the Teams V1 client while also appearing in the Teams V2.1 client that’s expected to be available in preview soon.

Teams Meetings Gains Green Screen Effect

The Teams green screen effect allows people to select a uniform backdrop to apply effects upon using fewer system resources and achieving a cleaner output. Not everyone has a suitable backdrop, so I used the wall behind my desk to see what the Teams green screen effect could do with it. And although some imperfections resulted from the lack of uniformity for the wall, you can still see how this will be a useful feature. That is, if you use a proper backdrop!

Microsoft Expands Multi-Factor Authentication Methods to Companion Apps

Microsoft has integrated Authenticator Lite, a subset of the full Microsoft Authenticator app, into Outlook for iOS and Android. The code allows users to respond to MFA challenges using number matching or one-time codes without leaving Outlook and is intended to help organizations deploy and manage MFA with less friction. Although you can’t use Authenticator Lite if the Authenticator app is present on the same device, integrating MFA capabilities direct into apps sounds like a great idea.

SharePoint Online Block Download Policy for Teams Meeting Recordings

SharePoint Online has a new block download file policy that stops users from downloading Teams meeting recordings. The policy applies to all sites and OneDrive for Business accounts in the tenant and is due to be part of the feature set covered by the Syntex-SharePoint Advanced Management license.

SharePoint Online Gets Closer to Azure AD

SharePoint Online is embracing Azure AD more closely by forcing new tenants to use the integration between the two Microsoft 365 components. In addition, site sharing will use the Azure AD invitation mechanism instead of SharePoint’s own code. The changes make a lot of sense and shouldn’t cause much disruption for tenants. It’s a good reminder to check the relevant policies that control external access via Azure B2B Collaboration.

Teams Enhances Audio For Meetings

Microsoft continues to improve the sound quality available in Teams meetings with support for spatial audio and ultrasound howling detection (feedback echo). Spatial audio depends on the right equipment and aims to help you know who’s speaking in a meeting. Howling detection means that Teams detects when multiple people in a physical room join a meeting and suppresses audio to avoid a feedback loop.

Document Azure AD Conditional Access Policies with the IdPowerToys App

The first app in a new community project called IdPowerToys helps Azure AD tenants to document conditional access policy settings in PowerPoint. The information used to document the CA policies is extracted (manually or automatically) from Azure AD, analyzed, and output as a PowerPoint presentation. It’s a nice way to see what CA policies exist in a Microsoft 365 tenant and helpful if you want to rationalize the set of policies in use.

Teams Adds Explicit Consent for Recorded Meetings

A new setting in the Teams meeting policy allows Microsoft 365 tenants to dictate that meetings organized by some or all users must gain explicit consent from users before they can be recorded. The new control is intended to help address privacy concerns that some users might have. This article describes how to apply the policy setting and its impact on meeting participants.

Teams Admin Center Options for Bulk Policy Assignments

Teams bulk policy assignment options include two features in the Teams admin center, batch jobs, Azure Automation and plain-old PowerShell. In this article, we examine the options in the Teams Admin Center to revert policy assignments back to the global (default) policy and a way to perform Teams bulk policy assignments for selected accounts. And we mention the other methods that exist which don’t involve the Teams admin center.

How Exchange Online and Outlook use Machine Learning

Microsoft uses machine learning in Outlook and Exchange Online to create the basis for what they call intelligent technology like suggested replies and text prediction. To generate the language models used to figure out how Outlook should respond to users, Microsoft needs to copy data from user mailboxes for processing. The data is removed and the results stored in user mailboxes once processing is complete. Is this an issue for Microsoft 365 tenants? It all depends on your view of how data should be processed.

Microsoft 365 Profile Card Gains Support for Pronouns

Microsoft 365 pronouns for display in apps like Teams and OWA can now be enabled on a tenant-wide basis. Displaying pronouns is a topic that can cause strong feelings for some, so organizations should take their time and plan an implementation before rushing to deployment.

Preparing for the Teams 2.1 Client to Arrive

Microsoft is dropping lots of hints to the press about the imminent arrival of the new Teams client (V2.1), due to arrive in public preview in late March 2023. According to reports, the new Teams client will deliver better performance while using 50% less memory and making fewer demands for CPU. It all sounds great. With the new client coming into sight, it’s time to prepare Teams update policies to make sure that the right users get the new software at the right time.

Microsoft Releases Version 5 of the Microsoft Teams PowerShell Module

Version 5.0 of the Microsoft Teams PowerShell module contains a major overhaul for the Get-CsOnlineUser cmdlet, which receives better filtering capabilities. The overhaul is part of Microsoft’s ongoing efforts to modernize and enhance the cmdlets inherited from the Skype for Business Online connector. Although there’s still work to do to fix some glitches, the update is welcome.

Azure AD Moves to Block OAuth App Hijacking

The new Azure AD app property lock feature (in preview) prevents attackers updating the credentials for an Azure AD enterprise app so that they can get an access token and exploit the app’s permissions. This technique has been used in several attacks, notably the infamous SolarWinds exploit in 2021. The app property lock is not mandatory and it’s important to keep on checking the audit log to make sure that attackers don’t creep into your tenant.

Office 365 for IT Pros March 2023 Update Available

The Office 365 for IT Pros March 2023 update is available. Subscribers can download the updated files from Gumroad or Amazon. The March 2023 update contains lots of new content and changes ranging from the fallout of the Yammer rebranding to the general availability of Teams Premium. It’s an important update to download and use.

How to Use SharePoint Online’s New Block Download Policy

The new SharePoint block download policy applies at the site level to stop users downloading files, even to work with them using the Office desktop apps. It also stops people printing and synchronizing files. In this article, we explain how to apply the policy with PowerShell, including how to apply the SharePoint block download policy to all sites assigned a certain sensitivity label.

How to Run the Test-Message Cmdlet

The Test-Message cmdlet is a useful tool to check if Exchange transport rules and DLP policies work correctly. You can input a test message to see what happens as the Exchange transport service applies transport rules, DLP policies, and auto-label policies based on the message contents and properties. Nice as it is to have the Test-Message cmdlet, human knowledge of what transport rules should do is probably an even more important asset.

Outlook COM Add-Ins Nearing the End of the Line

Outlook logo

A recent Practical365.com article got me thinking about the Report Message and Report Phishing Outlook add-ins and how the new Monarch client can’t use COM add-ins. Microsoft is busily updating its add-ins to move away from COM to embrace the new approach based on HTML and JavaScript. If Microsoft is taking this action, I hope the same is happening in ISVs and in-house development teams who generated COM add-ins in the past.

Sensitivity Bar Appears in Office Desktop Apps

The subscription versions of the Office desktop apps now boast a sensitivity bar to show users what sensitivity label applies to the document they’re working on. It’s a good change because it means that people have full access to information about available labels. You can opt to hide the sensitivity bar, meaning that you hide the name of the sensitivity label rather than the complete bar.

Exchange Online Disables New Inbound Connectors

Exchange Online will create a new inbound connector but won’t activate it until the tenant gives a business justification to Microsoft Support. The restriction applies only to tenants created after January 1, 2023. Microsoft isn’t saying why they implemented the restriction, but it’s likely because of a security concern. In any case, the deafening silence from Microsoft has left ISVs that depend on inbound connectors in a very bad place.

Microsoft Introduces New Syntex-SharePoint Advanced Management License

Applying a default sensitivity label to a SharePoint Online document library is just one of the set of security and management and governance features requiring the new Syntex Advanced Management license. The new license is in preview so all the features that it covers might not be fully baked. Microsoft 365 customers might well ask if this is yet another example of Microsoft bundling features into a new paid-for add-on license. Of course it is. You don’t expect new functionality for free, do you?

How to Disable the Viva Engage Core Service Plan

As part of its rebranding of Yammer to Viva Engage last week, Microsoft added the Viva Engage Core service plan to user accounts. Which is nice, unless a tenant had blocked Yammer. The new service plan means that accounts can now use Yammer In many cases, it won’t matter too much that users can now access Yammer, but in other instances it will. In any case, we should tidy up by removing the Viva Engage Core service plan from any account that already blocks Yammer. Some PowerShell does the trick, but it would have been nice if Microsoft had thought things through a little more.

Exchange Online Rolls Out Improved Message Recall

Microsoft announced that the new Message Recall feature is rolling out to tenants worldwide. They hope to increase the success rate for recalls imitated by users from 40% to 90%. Significant limitations exist. Message recall only works from Outlook for Windows and recall can only handle messages that remain within the same Exchange organization. Even so, the prospect of a huge improvement in the success rate will make the new feature very attractive to the people who really need to recall a message.

Change to Microsoft Teams Free Version Means Downgraded Functionality

On April 12, 2023, Microsoft will retire the original version of Teams free introduced in 2018. If you want to stay using a free version, Microsoft has Teams for Home. However, the functionality isn’t the same and there’s no migration tools available to move from one platform to the other. In this kind of situation, it might just be time to bite the bullet and pay for Teams.

Teams and Mesh Avatars

Mesh avatars are a new visual way for people to participate in Teams meetings. A mesh avatar is a 3D representation of a person used instead of a video image. Some will consider the notion of using an avatar in a meeting abhorrent, but it’s really not that bad and can be very useful at times. Using avatars is an intensely personal decision. For some, it might be their first step into the metaverse. For others, it could be their last (until something better comes along)…

Microsoft Dumps Yammer Brand

Microsoft announced that they will rebrand Yammer as Viva Engage. The decision isn’t surprising given the relative lack of success the Yammer brand has had within Microsoft 365 since its acquisition in 2012. The hope is that the now-renamed Yammer can forge ahead and be more successful under the Viva brand. Time will tell.

Mastering the Foibles of the Microsoft Graph PowerShell SDK

After a while, you discover the holes in any technology. In the case of the Microsoft Graph PowerShell SDK, some inconsistencies await unwary developers. The SDK doesn’t like $Null, doesn’t support pipelining, insists on specific property casing at times, sometimes accepts user principal names and sometimes doesn’t, and sticks valuable data in hash tables hiding in a property you might know nothing about. Good as it is to have the SDK cmdlets, they need to be treated with care as you transition from the old Azure AD and MSOL modules.

Reporting Exchange Online Meeting Room Usage Patterns

Room mailboxes are still heavily used for in-person meetings. It’s good to know how often and when rooms are used, which is why we have the room mailbox report script. In the second version of the script, we include code to figure out the daily usage pattern of individual rooms and for all rooms across the organization. The graphics in our bar chart are crude, but the chart is generated with a few lines of PowerShell, so feel free to improve the script.

Teams Meeting Templates: Helping to Organize Better Meetings

Teams Premium is now generally available. Not all its features are online yet, but Teams meeting templates are, so we tested them to see if they help users to organize better meetings. After playing around with templates, including the optional use of sensitivity labels to control template settings, we conclude that this is a nice feature to have but maybe not one that will influence the buying decision for Teams Premium.

How to Purge Guest Accounts with Unredeemed Invitations from Azure AD

It’s easy to invite people to become guest users in a Microsoft 365 tenant, but some of the invitees never accept the invitation. Perhaps they don’t need to redeem the invitation to do work or maybe it’s because they don’t want to. In either case, Azure AD guest accounts with unredeemed invitations can accumulate and become stale. In this post, we discuss how to use PowerShell to find and remove those stale accounts in a safe manner.