Entra ID has long supported soft-deleted Microsoft 365 Groups. Now support is available to list and restore soft-deleted security groups in both the Entra admin center and cmdlets from the Microsoft Graph PowerShell SDK. The update is very welcome as it fixes a big recovery gap in the Entra ID story. Too many important security groups have been deleted in error, much to the chagrin of administrators.
Azure AD administrators should be able to assign a reserved alias to a new group. At least, that’s what the documentation says. As it turns out, this isn’t strictly true as there are places where administrative interfaces (GUI and PowerShell) block any attempt to use reserved aliases. Does this matter? Probably not, unless you like consistency… which we do!
Teams Data Loss Prevention (DLP) policies help to stop users sharing confidential information through chats and channel conversations. A recent update means that accounts to be included or excluded in DLP policies can be specified using distribution lists or mail-enabled security groups. While this doesn’t sound very exciting, it is if you need to deploy DLP policies to targeted sets of Teams users.
Feb 24 2021 Update: The picker used for OneDrive for Business accounts will support distribution lists and security groups in March.