Time is ebbing away and the date when the Azure AD PowerShell modules will start not to work is approaching. Microsoft wants customers to upgrade to the Microsoft Graph PowerShell SDK or Graph API requests. That’s fine, but a knowledge gap exists because most of the examples – including in Microsoft’s own documentation – for how to interact with Azure AD via PowerShell use the old modules. And then every other blog on the planet (with some notable exceptions) does the same. So we have work to do to bridge the knowledge gap and help people to make the transition.
Microsoft has launched application access to Exchange Online via IMAP4 and POP3 using modern authentication. The approach Microsoft takes is reasonable and pragmatic and should be simple enough for app developers to implement. However, with an eye on the future, maybe this isn’t the best strategic choice to make. Moving to the Graph APIs will take more work, but it’s a better long-term solution.
The ninth (2023) edition of the Office 365 for IT Pros eBook is now available. Totally refreshed end-to-end and packed full of new examples and information about Office 365 technology, Office 365 for IT Pros is the ultimate guide to understanding and managing Exchange Online, SharePoint Online, Teams, Planner, Azure AD, and more within the Microsoft 365 ecosystem. The book is packed full of practical examples of using PowerShell and the Microsoft Graph to automate operational processes. Best of all, Office 365 for IT Pros is updated monthly to make sure that its information remains current.
Microsoft’s work to create Stream on SharePoint continues unabated, and a handy spreadsheet is available to check features against Stream Classic. One thing’s for sure. Stream on SharePoint (or Stream 2.0) is very different to the Office 365 video portals that have gone before. It’s all about video management services and leveraging SharePoint storage now.
Teams likes to control the channel folders it creates in SharePoint Online, which is why it removes the Delete and Move to options from the folder menu. But once Teams removes a channel permanently, shouldn’t it allow the SharePoint folder to be removed?
Surprisingly, Microsoft has decided to retire the SharePoint Inside Look feature. This is where background processes extract three points from the text of Word documents and use them to help users understand the essence of the document. The text is also used in SharePoint sharing notifications. It’s a pity that the feature is going, but it’s English only and the resources needed to accommodate other languages might be too much for the predicted return.
The Microsoft Graph continues to grow in importance, as do tools like the Graph Explorer web application. The Explorer has received a couple of new and useful features recently, including the generation of PowerShell code snippets. This doesn’t work for every Graph API, but it’s a start and a great enhancement to what’s already a very useful tool.
A new feature allows administrators to block the ability of anonymous participants to send chats during Teams meetings. They can still read chats, but can’t send messages. Microsoft calls this write access to chat, which I guess it is. In other news, the new browser interface for Teams meetings is arriving in tenants and it’s much better than the old one.
A new setting in Teams meeting policies allows administrators to control the languages used to generate Teams meeting invitations. The policy setting takes precedence over the language used by the user who creates a new Teams meeting. You can select up to two languages.
An update for SharePoint Online and OneDrive for Business means that the Office desktop apps (Windows and macOS) will apply default sensitivity labels to documents that aren’t already labeled. This is a good change because it helps to close a gap for organizations that want to be sure that every document is labeled.
The GUI of the Microsoft Purview compliance center doesn’t support the exclusion of selected mailboxes when the special All target is used. However, you can use PowerShell to add mailbox exclusions to sensitivity label policies, including adding the members of a group as exclusions.
Some recent announcements will make it much easier to work with PDFs protected with sensitivity labels. Adobe is now bundling the MIP plug-in with the Acrobat installer and has plans to allow users to apply sensitivity labels within Acrobat. But the big news is the change in Office applications to generate protected PDFs when saving, exporting, or sharing protected documents, spreadsheets, and presentations.
The new Stream client contains some useful new features. However, the client is still in preview and is missing other features, like the ability to manage sets of videos through Microsoft 365 groups. Even so, there’s enough available now to demonstrate the wisdom of moving to the ODSP platform for video storage and management.
Message center notification MC392289 highlights the need to keep the .NET Framework and the Edge WebView2 components updated to make sure that the Teams meeting add-in works with “degradation.” No further information is offered as to why Microsoft needs to sound this warning several years after introducing the Teams meeting add-in.
It’s easy to create a Teams meeting from Outlook, but it’s also easy to create a Teams meeting in the wrong calendar. This can lead to the “message of doom” when you try to connect to the meeting and end up in the Teams meeting lobby with nowhere to go. Apart from being careful about which calendar a meeting is created in, it’s a good idea to add an organization logo to Teams meeting invites so that if you create the meeting when signed into the wrong organization, you’ll get a visual clue.
A new SharePoint Online setting allows tenants to switch the target for the Stream tile in the app launcher to the new Stream. The intention to is have users become accustomed to the features of the new GUI and the way that Stream can manage video content anywhere inside Microsoft 365. The downside is that migration from Classic Stream isn’t available yet. It’s coming, just like Christmas.
Microsoft Teams users can use the chat with self feature to create a special chat designed to take notes and capture other information someone might want. It’s similar to features that exist in other messaging platforms, so it’s likely that the Teams chat with self capability will be well-accepted by users, especially those with secrets to share with themselves.
For whatever reason, Microsoft documentation says that items in the OneDrive for Business recycle bin are not indexed and cannot be discovered. They’re wrong. Searches can find items which end up the in OneDrive for Business recycle bin and any holds that applied to those items are respected. Maybe it’s just a matter of phrasing, but this proves once again that documentation can be incorrect. Just like blog posts!
Microsoft is introducing new controls for delegate access to encrypted emails accessed via Outlook clients other than Outlook for Windows. The controls are implemented in three new PowerShell cmdlets which can block, validate, and allow delegate access to encrypted messages. It’s nice to see some coherence being introduced for almost all the Outlook clients, even if Outlook for Windows does its own thing.
A new preview feature supports the creation of dynamic Azure AD groups based on the membership of other groups, including dynamic groups and distribution lists (aka nested groups). It’s a nice feature that adds value, even if dynamic groups require Azure AD Premium P1 licenses.
The Azure AD PowerShell module allows guest accounts to sign into target tenants and update their account photo there. The Microsoft Graph PowerShell SDK includes a cmdlet to do the job, but it doesn’t work when connected to a target tenant. Permissions are the reason why, which is what we explain in this article.
Despite the advent of shared channels in Teams and the wonders of Azure AD Direct Connect, the chances are that Azure AD B2B Collaboration (Azure AD guest accounts) will remain the predominant method for external collaboration for the immediate future. That’s not so bad, as long as you maintain good guest hygiene!
Microsoft will soon make an update available for Purview Premium eDiscovery to reveal Teams reactions to chats and channel conversations when investigators review the results of searches. The information comes from Teams rather than the compliance records stored in Exchange Online. The new feature isn’t coming to Standard eDiscovery.
The Microsoft 365 substrate captures Teams compliance records for chats and channel conversations and stores them in Exchange Online. How many do you have? Although you might not care, sometimes it’s good to know (like a tenant to tenant migration), so we explain how to count Teams compliance records for chats and channel conversations.
The Office 365 for IT Pros team is delighted to announce that the June 2022 update is now available for subscribers to download. this is update #84 in a series going back to May 2015. A new edition is on its way and will be released on July 1.
Exchange Online tenants have a choice between inactive mailboxes and shared mailboxes when the need arises to keep “leaver” data like that belonging to ex-employees. Inactive mailboxes are essentially a compliance tool and sometimes shared mailboxes are better choices. We explore both in this short article.
The Teams platform is an attractive target for developers, especially now that Microsoft supports monetization opportunities for Teams apps. In other words, ISVs can make money by selling licenses for their apps or through in-app purchases. That’s a good thing from an ISV perspective, but it’s yet another factor for administrators to factor in when deciding to unblock apps for users.
A new feature allows Teams users to request access to Teams Store apps that are currently blocked. Administrators review requests and decide to release or continue blocking the app. Microsoft says that seamless communication happens between users and administrators. That’s not what I experienced…
Teams supports external access through guest account membership in teams and external sharing of shared channels. Sometimes, things go wrong and sharing can’t happen. In this article, we explore some common reasons and explain the solutions. And the need for patience!
Outlook’s Org Explorer (available in Insider builds) brings together information from multiple Microsoft 365 sources to help users understand the people they work with in an organization. It’s like an Office 365 profile card on steroids, but only for user accounts as guest accounts and other external people are ignored. In other news, roaming signatures for Outlook desktop are getting closer as OWA now supports the creation and use of multiple web signatures, all of which can be used by Outlook desktop.
If you run a search in Office.com, Microsoft Search now includes Teams and Outlook messages in its results. This is similar to the capability exposed when Bing.com connects Microsoft Search to include work items in its results. Loop components are also available in search results.
The new Graph X-Ray extension available for the Chrome and Edge browsers gives developers an insight into how the Azure AD admin center uses Graph API commands to retrieve user and group objects. The insight is invaluable when teasing out some of the syntax needed to get work done with the Graph. It’s much appreciated.
On May 19, Microsoft disclosed that a problem had stopped audit events being generated when people used the Exchange SendAs and SendOnBehalfOf permissions to send email for other mailboxes. Microsoft says that the problem is now fixed, but as it turns out, some issues still exist with capturing audit records for SendAs events.
A reader asked if it’s possible to use PowerShell to return the unread count for the Inbox folder in user mailboxes. The standard Exchange Online PowerShell cmdlets tell you a lot about mailbox folder statistics, but they can’t look inside a folder. But the Microsoft Graph APIs can, so a combination of PowerShell and the Graph deliver a solution to the problem.
The upcoming removal of support for basic authentication in seven Exchange Online connectivity protocols could mean trouble for some Office 365 tenants if they don’t take care to ensure that modern authentication is used for PowerShell connections. The old-style Remote PowerShell connection must be replaced with the Connect-ExchangeOnline cmdlet from the Exchange Online management module (aka the V2 module). Apart from anything else, this should improve the performance and robustness of scripts, especially after Microsoft finishes the work to remove the WinRM dependency for older cmdlets.
A new feature for Azure AD access reviews allows Microsoft 365 tenants to check for inactive guest accounts in group memberships. It’s useful functionality if your Microsoft 365 groups are used for Teams rather than Outlook groups. Email activity is ignored by these access reviews, so all guest members are deemed to be inactive!
A recent session at the Microsoft 365 conference offered some insight about the growth of SharePoint Online in both storage and sites. Adding 100 petabytes of storage monthly is a lot of data, but about a third of it could be consumed by Teams meeting recordings. And the 8 million sites created each month is large, but maybe not so big when you consider the reasons why Microsoft 365 tenants create sites. Teams, including private and shared channels, drives a lot of the growth in sites.
Two new features are available to Teams users. The Teams Owners automatic grouping (tag) allows users to address channel messages to the owners of a team (but not in private or shared channels),. Teams desktop clients catch up with their mobile counterparts by supporting suggested replies in 1:1 chats. Neither are particularly earthshattering features, but both are useful in their own way.
Microsoft Loop components are available now in Teams chats and will soon become available in OWA. Loop components are a new way of collaborative working that some will find very attractive. However, under the covers, some compliance issues can block organizations from allowing the use of Loop components. This post explains the issues involved in eDiscovery and export of items containing Loop components.
The Exchange Online name change for mailboxes will roll out at the end of May, 2022. The change only applies to new mailboxes, but its introduction creates some interesting challenges for PowerShell scripts that process mail-enabled objects, including some good side-effects. In this post, we discuss some of the issues we’ve already encountered.
