Automatic Hiding of Teams Channels ContinuesSeptember 11, 2024 7:00 am-The Teams feature to hide inactive channels is now fully rolled out. Another recent change suppresses notifications from hidden channels, and this could cause a problem for people who rely on notifications to know what’s happening in a channel. Both updates are good, but some differentiation or control over notifications for user-hidden and auto-hidden channels might be good.
Microsoft 365 Admin Center to Support Continuous Access EvaluationSeptember 10, 2024 7:00 am-The Microsoft 365 admin center will support continuous access evaluation (CAE) from September 2024 to help revoke access from accounts more quickly when critical events happen (like an account password being changed). Adding CAE support to an admin center is always a good idea, but it shouldn’t take away from the need to protect Microsoft 365 accounts with multifactor authentication. Stop compromise before you need to react to compromise!
Purview eDiscovery’s Big MakeoverSeptember 9, 2024 7:00 am-eDiscovery is a calling best left to skilled investigators. But Microsoft 365 administrators need to know how to search and how the new Purview eDiscovery works. The new implementation is due by the end of 2024 and is in preview now. It unifies the three existing solutions in the Microsoft 365 eDiscovery space and promises to deliver new functionality. But will it make its dates? Who knows!
Using Guest Accounts to Bypass the Teams Meeting LobbySeptember 6, 2024 9:14 am-One of the things that vexes me is the need to change account to attend a Teams meeting. I forget this all the time and end up with unexpected waits in virtual lobbies, twiddling my thumbs while waiting for someone to admit me to the call. Sometimes I end up missing calls because people can’t admit participants from outside the tenant if they don’t have a guest account. The solution might come from the application of more intelligence and a change to the Teams UI.
Copilot’s Automatic Summary for Word DocumentsSeptember 5, 2024 7:00 am-The automatic document summary feature for Word duly turned up and Copilot for Microsoft 365 has been busy generating summaries ever since. The feature works well for documents with less than 80,000 words, which should be enough for most documents but limits summarization for documents that might use it most, like complex plans or contracts. In any case, I haven’t found a way to turn document summaries off. Maybe that’s coming.
Teams Improves Text Pasting and Mic PendingSeptember 4, 2024 7:00 am-Thankfully, Teams pasted text no longer contains a timestamp and the author's name. The change is effective worldwide and addresses a longstanding irritation. Quite why it took so long for Microsoft to understand how people felt about the insertion of unwanted metadata is a mystery, but it’s gone now. And in other news, Mic Pending is a new feature for Teams calls and meetings.
Transferring Reusable PowerShell Objects Between Microsoft 365 TenantsSeptember 3, 2024 7:00 am-People often need to transfer objects or code between Microsoft 365 tenants. When it comes to dealing with objects, the Microsoft Graph PowerShell SDK's ToJsonString method is very useful. The method outputs a string containing JSON content, but only for object properties that have a value. This makes the much easier to use the output as the basis for a template object or as the payload body to create an object in another tenant.
Office 365 for IT Pros September 2024 UpdateSeptember 2, 2024 3:00 am-Files are available to download for the September 2024 update for the Office 365 for IT Pros (2025 edition) eBook. This is monthly update #111 for the only book covering Microsoft 365 that's updated monthly. As normal, this update covers a bunch of new information and insights from across the Microsoft 365 ecosystem.
Microsoft Withdraws Copilot Catch Up FeatureAugust 30, 2024 7:00 am-After reaching 50% deployment and on track to general availability, Microsoft decided to withdraw the Copilot catch up feature. Catch up shows a set of cards in a carousel to highlight documents and other items that Copilot believes are of interest to the user. It's like the insights surfaced in other places within Microsoft 365, such as Office applications, Viva Insights, and Delve.
PnP PowerShell Changes Its Entra ID AppAugust 29, 2024 5:00 am-On August 21, 2024, news emerged that the PnP PowerShell module will transition from using a multi-tenant Entra ID app to a tenant-specific app. The change is scheduled for September 9, 2024, which doesn’t leave a lot of time available for developers to review, update, and test PowerShell scripts based on PnP PowerShell. Some extra warning would have been nice.
Why Entra ID can Restore Some Types of Deleted Groups and Not OthersAugust 28, 2024 7:00 am-The ability to restore deleted groups only covers Microsoft 365 groups. That's an odd situation to be in given the different types of groups in Microsoft 365, and the reasons why things work (or don’t) the way they do is down to history and different teams within Microsoft. It’s logical that customers assume they can restore any type of deleted group. Microsoft needs to do some magic to make that assumption real.
The Problem with Scoped Audit Log SearchesAugust 27, 2024 7:00 am-Microsoft Purview and the Exchange Online Search-UnifiedAuditLog cmdlet both perform searches of the Microsoft 365 unified audit log. Both mechanisms support the concept of scoped searches to limit audit records returned by searches to the administrative units an account can manage. But the permissions assigned by the two mechanisms aren’t synchronized, which can lead to complications.
Finding Non-Compliant Shared MailboxesAugust 26, 2024 7:00 am-Shared mailboxes have Entra ID accounts. No one needs to sign into the accounts because Exchange Online manages connections using mailbox permissions. But it can happen that people do sign into shared mailboxes and if the accounts aren’t licensed, they don’t comply with Microsoft licensing requirements. As explained here, some PowerShell can check for potential licensing violations.
Teams External Domain Activity Report Gets a RefreshAugust 23, 2024 7:00 am-Microsoft says that they plan to refresh the Teams external domain activity report from September 2024. But access to the report requires a Teams Premium license. It seems like this kind of fundamental information should be available to every tenant as it’s not basic security data instead of something that could be considered as Advanced Collaboration Analytics.
Report Detailing Unlicensed OneDrive for Business Accounts AvailableAugust 22, 2024 7:00 am-Microsoft announced their plan to charge for unlicensed OneDrive for Business accounts in July. Now we have an unlicensed OneDrive accounts report in the SharePoint Online admin center. The report divides unlicensed OneDrive accounts into four categories and it’s up to Microsoft 365 tenant administrators to figure out whether to retain or remove unlicensed accounts before automatic archival comes into force in January 2025.
The Benefits of Rationalizing License Management in the Microsoft 365 Admin CenterAugust 21, 2024 7:00 am-The decision to rationalize license management in the Microsoft 365 admin center wasn't popular but the signs are that it could deliver benefits to customers in the form of new features and functionality. The first updates are a GUI to manage self-service purchases and trials together with notifications to administrators when a user makes a self-service purchase. More needs to happen, but positive indications are there.
Reporting Entra ID Administrative Role AssignmentsAugust 20, 2024 7:00 am-A recent report highlighted the problem of on-premises accounts synchronized to Entra ID that receive administrative role assignments. This article explains how to report the administrative role assignments managed by Privileged Identity Management (PIM) or direct role membership so that it's easy to highlight on-premises accounts holding administrative roles.
Mandatory MFA Requirement for Access to Azure Sites and ToolsAugust 19, 2024 7:00 am-Microsoft's project to impose a mandatory MFA requirement for access to Azure management tools and sites will start enforcement on or after October 15, 2024. The new requirement will only affect administrator accounts who access Azure sites and tools (like PowerShell). Normal users shouldn’t notice any difference. The Azure MFA requirement is a great way to drive home the need for MFA to protect Microsoft 365 administrator accounts against attack. Prepare now!
Microsoft Copilot to Get Enterprise Data ProtectionAugust 16, 2024 7:00 am-The August 15 announcement that Microsoft Copilot (the version that doesn’t use the Graph) will benefit from enterprise data protection from September is good new. However, Microsoft said nothing about the security issues around Copilot for Microsoft 365 reported at the recent BlackHat USA 2024 conference. In other news, tenants can pin Microsoft Copilot to app navigation bars using a new control in the Microsoft 365 admin center.
Switching Microsoft 365 Data Report Privacy On and OffAugust 15, 2024 7:00 am-The Usage Reports Graph API is now generally available, which means that it's fully supported. In other news, a Graph API is available for Microsoft 365 Backup, The news demonstrates once again how widely the Graph APIs are used with Microsoft 365 and why tenant administrators should acquire some knowledge about how the Graph works.
Handling the Too Many Retries Error and Dealing with Odd Numbers of Audit EventsAugust 14, 2024 7:00 am-The AuditLog Query Graph API remains in beta status but cmdlets are now available in the Microsoft Graph PowerShell SDK. This led to some oddities in results when the number of audit events found by a search didn't match those reported by the Purview compliance portal. It all worked out in the end. In other news, the Set-MgRequestContext helped sort out some retry problems.
Comparing Microsoft Cloud Email ServicesAugust 13, 2024 7:00 am-HVE and ECS are two competing Microsoft Cloud Email Services. At least, they seem to compete. In reality, HVE and ECS serve different target audiences. HVE is all about internal email services for apps and devices while ECS is for high volume external mailings like customer newsletters. We tested both services by sending subscription reminder notifications to Office 365 for IT Pros readers.
Handling Online Teams Meetings Organized by Ex-EmployeesAugust 12, 2024 7:00 am-When someone leaves a Microsoft 365 organization, the possibility exists that they leave some active Teams online meetings dangling behind them. What can be done to take over these meetings and make someone else the meeting organizer? The answer is simple: nothing. Organizing a replacement meeting is one way out, but maybe it’s best to use a dedicated account to organize important company events.
Microsoft 365 Admin Center to Take Over License AssignmentsAugust 9, 2024 7:00 am-Microsoft is removing license assignments from the Entra admin center. From Sept 1, new license assignments are done in the Microsoft 365 admin center. In other news, a new Self-service trials and purchases page is coming to the Microsoft 365 admin center to control the ability of users to purchase self-service licenses or use trial licenses.
How to List Details of Teams AppsAugust 8, 2024 7:00 am-A question asked about filtering Teams apps based on their blocked status. The Teams admin center doesn't support this kind of filter and getting details of Teams apps is surprisingly difficult. For instance, you can't get a list of the 2,500+ apps shown in the Teams admin center. PowerShell cmdlets are available to list Teams apps, but they focus on apps known to a tenant rather than the entire catalog.
Dealing with Teams Chat Messages When People LeaveAugust 7, 2024 7:00 am-Tenant administrators know that they need to deal with mailboxes and OneDrive accounts when people leave, but what about Teams chat messages? Or rather, the information stored in the compliance records captured in Exchange Online mailboxes? Reviewing chat messages can be an ardous task, so perhaps the solution might be to export the compliance records to a PST for long-term retention.
Teams Tightens Access Controls for Meeting Recordings and TranscriptsAugust 6, 2024 7:00 am-Teams meeting transcripts are enormously helpful and are used by many features, including Copilot for Microsoft 365. Access to transcript files needs good control because of the possibility of confidential information being captured in transcripts. Several recent changes made to the Teams meeting policy and meeting options help organizations to exert better control over access to transcript files.
Microsoft Quashes Bad Habit of Sending Passwords in EmailAugust 5, 2024 7:00 am-MC837081 announces that the Microsoft 365 admin center is to lose its ability to send password in email after updating a user account. It's the right thing to do because sending passwords in email is bad practice and encourages people to treat passwords with less respect than they should. The long term solution is to move away from passwords, but it will take time before Microsoft 365 is passwordless.
Microsoft Cloud Revenues Keep on GrowingAugust 2, 2024 3:00 am-The Microsoft FY24 Q4 results delivered solid growth in Microsoft Cloud revenues. No new numbers were given for Office 365 or Teams users, possibly because of a slowdown in new user acquisition. We learned that Teams Premium now has more than 3 million users and that Copilot for Microsoft 365 is being used by more customers than ever before, but without real numbers it's hard to say just how well things are going.
Office 365 for IT Pros August 2024 UpdateAugust 1, 2024 3:00 am-The first update for Office 365 for IT Pros (2025 edition) or monthly update #110 is now available for subscribers to download. The update covers both the Office 365 for IT Pros and Automating Microsoft 365 with PowerShell books. Many of the changes in this update are small but we do have some new information to share in some chapters.
Teams App-Centric Management (ACM)July 31, 2024 7:00 am-Teams ACM replaces app permission policies with an easier method of defining who can use Teams apps. A wizard in the Teams admin center runs a one-time non-reversable switchover from app permission policies to ACM and makes sure that the permissions assigned through policy are present for each app. In other news, Teams is much better at presenting Graph permissions that apps need to run.
Microsoft to Charge for Unlicensed OneDrive for Business AccountsJuly 30, 2024 7:00 am-Microsoft plans to archive unlicensed OneDrive sites starting in January 2025. The obsolete sites will end up in Microsoft 365 archive, from where the sites can be reactivated for a small per-gigabyte fee. Archived sites are indexed and discoverable. However, the message is clear: remove unlicensed OneDrive sites now. They’re only cluttering up your digital landscape and might give Copilot for Microsoft 365 a headache.
Finding Managers of Users with the Microsoft Graph PowerShell SDKJuly 29, 2024 7:00 am-The task to find manager for Entra ID accounts seems simple until you find the bunch of utility accounts created by Exchange Online that should be ignored. This makes the task more “interesting” when the time comes to find user accounts that don’t have assigned managers. Eventually, all the filters work, and you have a result, but the task is more complicated than it should be.
The Maddening Side of the Microsoft Graph PowerShell SDKJuly 26, 2024 7:00 am-All software has unique quirks, and the foibles of the Microsoft Graph PowerShell SDK are well known. But it’s much harder when the underlying foundation contributes to the craziness as described in this article. Graph pagination works in a specific way and Microsoft tunes the Graph to deliver great performance by reducing the set of properties returned for objects. Both can cause concern for developers.
The OneDrive for Business Problem Created When Deleting User AccountsJuly 25, 2024 7:00 am-On the surface, the work to delete OneDrive for Business accounts seems straightforward because Microsoft provides a 30-day deletion period to review contents and uses an automatic delegation process to assign control over the account to the deleted user’s manager. But given the number of applications that store data in OneDrive for Business, can anyone perform an end-to-end review of what’s in the account in a reasonable time?
Stream Moves to Intelligent VersioningJuly 24, 2024 7:00 am-In a change designed to reduce the consumption of storage quota, Stream video versions are no longer being generated for non-video updates such as changes to video metadata. Anything that alters the video content, like trimming some seconds from the start or end of a video, will create a new version. It seems like a perfectly reasonable change to make that might help SharePoint storage not be consumed quite so quickly.
Adding Cost Center Reporting to the Microsoft 365 Licensing ReportJuly 23, 2024 7:00 am-The Microsoft 365 licensing report now supports a cost center analysis based on cost center values stored in an Exchange custom attribute. The new analysis is entirely optional, but it seems like many tenants store cost center values in custom attributes, so this update might work well for them. That is, if the cost center data stored in Exchange is accurate… Rubbish in always means rubbish out…
Comparing Shared and Inactive Mailboxes for Retaining Ex-Employee ContentJuly 22, 2024 8:00 am-Every Microsoft 365 tenant must deal with ex-employee mailboxes. The default choice is to make the mailboxes into shared mailboxes. But inactive mailboxes could be a better option to deal with the requirements to preserve user privacy and avoid inadvertent disclosure of PII to people who don’t need that information. Perhaps it’s time to reassess how your organization deals with ex-employee mailboxes?
Self-Service Purchase Notifications for Tenant AdministratorsJuly 19, 2024 7:00 am-I dislike the Microsoft 365 self-service purchase mechanism and disable it in any tenant where I can. Global and Billing administrators for tenants that allow self-service purchases will soon receive notifications when self-service purchases occur to allow them to take action to allow, cancel, or change the purchased subscription. Or they can do what I do and avoid the problem in the first place by prohibiting self-service purchases.
Exchange Online Previews Inbound SMTP DANE with DNSSECJuly 18, 2024 6:00 am-On July 17, Microsoft announced the public preview of inbound SMTP DANE with DNSSEC for Exchange Online, a welcome step forward to improve messaging security. A previous attempt to launch the preview foundered because Microsoft wanted to insist on Microsoft 365 E5 licenses for the feature. Mature reflection prevailed and inbound DANE with DNSSEC is available to all, which is how it should be.
Team Owners Can Rename the General ChannelJuly 17, 2024 7:00 am-In what seems to be a small change, team owners can rename general channels (naturally with 'meaningful names.' The change is more important than it seems because it’s associated with an effort to make users think about using channels as the basis for collaboration instead of always creating a new team. Being able to rename the General channel might make the channel more useful. After all, it's just a regular channel.
Monitoring Updates to Sensitivity Label Policies and LabelsJuly 16, 2024 7:00 am-A reader wanted to know why the Purview Compliance portal doesn't show who last updated sensitivity label policies. The reason why is unclear, but what's for sure is that Purview doesn't record the data anywhere. But PowerShell and the audit log soon reveal who last made changes to labels and policies. It's yet another example of how PowerShell fills gaps Microsoft leaves behind.
Upgrading the Teams and Groups Activity Report to 6.0July 15, 2024 6:00 am-The Teams and Groups activity report is a popular script that helps administrators identify inactive teams and groups within a Microsoft 365 tenant. The script code has been developed over the years. The last version converted to Graph API requests to improve performance. This time, the upgrade is to use the Microsoft Graph PowerShell SDK to make the code easier to maintain.
Outlook Mobile Continues to Set the Standard for Microsoft 365 Email MobilityJuly 12, 2024 6:00 am-It's common to be asked which is the best mobile email client for Exchange Online. My view is that Outlook Mobile is the only client to use (if possible). I know that this opinion is unpopular with devotees of clients like the Apple iOS mail client, but the simple facts are that Outlook mobile is more functional and better integrated into the Microsoft 365 ecosystem. That's the defining factor for many.
The Right Way to Replace the Remove-SPOExternalUser CmdletJuly 11, 2024 4:00 am-Microsoft says they will remove the Remove-SPOExternalUser cmdlet starting July 29. They recommend using Remove-AzureADUser as a replacement. It's a bad call because that cmdlet is part of a now-retired and soon to be deprecated module. Overall, recommendations like this make you think that Microsoft doesn’t know what’s happening across the whole of Microsoft 365. And you might be right.
Office Connectors Retirement for TeamsJuly 10, 2024 3:00 am-In June, Microsoft retired Office Connectors for SharePoint Online and Microsoft 365 Groups. Starting on August 15, they're retiring connectors for Teams. The problem is finding out which teams and channels have configured connectors. That's when PowerShell comes in handy, as we prove with a script to report which teams have connectors.
Configuring Outlook DLP Policy Pop-Ups for Sensitive ContentJuly 9, 2024 7:00 am-A cloud policy setting enables a delay for evaluating message content and allows Outlook DLP Policy Tips to be displayed after detection of a policy violation. The setting works by pausing message sends until Outlook has had time to check the content for DLP policy violations Pop-up messages inform users about the pause and the result of the check.
Outlook Mobile Introduces Synchronization WindowJuly 8, 2024 4:00 am-A new Outlook Mobile synchronization setting allows users to select a window of between 1 and 90 days to download copies of email and attachments. The new setting allows organizations who worry about corporate data being on mobile devices to limit exposure to one day while enabling people who like having their entire mailbox on their device get closer to that point. Everyone wins.
New Policy to Disable Some In-Product Messages in TeamsJuly 5, 2024 6:55 am-In a welcome update, the Teams development group have provided a new policy setting to control the display of some in-product messages in Teams clients. The policy can only be updated with PowerShell. Some other Microsoft 365 development groups need to follow Teams and offer paying customers a way to suppress the annoying in-product ads.
All SharePoint Online Sharing Links Now Support Expiration DatesJuly 4, 2024 7:00 am-A very useful update to support sharing links expiration for all link types used by SharePoint Online and OneDrive for Business is now rolling out and should be available in all Microsoft 365 tenants soon. Until now, expiration dates were only available for anyone links. Many organizations don’t allow anyone links, so enabling the feature for company-wide and specific people links will be much appreciated.
Teams to Begin Automatically Hiding Inactive ChannelsJuly 3, 2024 7:00 am-From mid-July 2024, Teams will begin hiding inactive channels for users. The inactive channels can be unhidden, and users can opt out of the automatic process. The new clean up routine can be invoked whenever users want and if a mistake is made, it’s easy to unhide a channel. Given the number of channels in use, it’s likely that a few in everyone’s channel list are inactive and deserve to be hidden.
Using Company-wide Sharing Links with Copilot for Microsoft 365July 2, 2024 8:00 am-Some folks wonder why they can't use documents shared with them using company-wide links with Copilot for Microsoft 365. As it turns out, the answer is simple. People must redeem a sharing link before SharePoint validates their access to a shared file. Copilot cannot use a document unless it has access to it. All of which brings up the point if it’s a good idea to use company-wide sharing links.
Office 365 for IT Pros 2025 Edition is Now AvailableJuly 1, 2024 12:01 am-Office 365 for IT Pros 2025 edition, the 11th edition of the most comprehensive and in-depth book covering the Microsoft 365 Office servers, is now available. Office 365 for IT Pros subscriptions include a new 240-page book titled Automating Microsoft 365 with PowerShell covering PowerShell, Microsoft Graph APIs, and the Microsoft Graph PowerShell SDK. No Microsoft 365 tenant administrator should be without a copy of Office 365 for IT Pros!
Teams Chat Gets the Shared TabJune 28, 2024 7:00 am-The old Files tab in Teams chat is being replaced by the Shared tab. The new tab exposes both files and hyperlinks and Microsoft says that the Shared tab will support more types of objects in the future. No dates are given for the future enhancements, but the new Shared tab will roll out for Teams chat users in early July 2024. I like the new tab because I tend to share many hyperlinks in chats.
Teams to Block Federated Communications with Trial TenantsJune 27, 2024 7:00 am-Microsoft is moving to block federated communications with trial Microsoft 365 tenants to cut off a potential exploitation route for attackers. The new block goes into force on July 29, 2024, and is controlled by the ExternalAccessWithTrialTenants setting in the tenant federation configuration policy. We’ve been saying for years that tenants should clamp down on federated chat. It seems that Microsoft now agrees.
The Curiously Unfinished Outlook Settings APIJune 26, 2024 7:00 am-The Outlook settings API is a unfinished Graph API that can read and update some but not all mailbox settings. It's a pity that the API is incomplete because it would be nice to have a comprehensive API that supported every mailbox setting, including some of the more recently introduced tweaks seen in OWA. The current state of the Outlook settings API is usable but not for much, but at least it can update auto-reply settings.
Adding Details of Authentication Methods to the Tenant Passwords and MFA ReportJune 25, 2024 7:00 am-V1.2 of the User Passwords and MFA report includes the names of authentication methods registered for user accounts. V1.3 expands the amount of detail reported for each method, such as the phone number used for SMS challenges, or the email address used for SSPR. It’s a small but important detail that’s useful to administrators. However, it also comes with a potential privacy issue, so the script must handle that too.
Outlook (Win32) Becomes Outlook (Classic)June 24, 2024 7:00 am-Microsoft has announced the formal renaming of the Win32 version of Outlook to be Outlook (classic). It's preparing for the general availability of the new Outlook for Windows, expected very soon into the new Microsoft fiscal year starting on July 1, 2024. The change doesn’t affect the status of Outlook (classic) or the commitment to support the client until at least 2029.
Planner User Policy Stops Task and Plan DeletionsJune 21, 2024 7:00 am-The Set-PlannerUserPolicy cmdlet allows Microsoft 365 tenant administrators stop users deleting tasks created by other users. However, an undocumented consequence of setting the policy for user accounts is that it stops those accounts removing plans too. The unexpected block imposed by Set-PlannerUserPolicy caused me problems when attempting to delete a plan with PowerShell. It would be nice if the modules created by Microsoft worked as expected (and as documented).
Version 1.9 of the Microsoft 365 Licensing ReportJune 20, 2024 7:00 am-The Microsoft 365 Licensing Report is a popular PowerShell script that's just been updated to V1.9 with a bunch of changes to highlight different aspects such as license costs for disabled user accounts and inactive user accounts. Copious use of some very dubious color choices makes the HTML report created by the script look very nice (if you're color blind) and the new version can generate an Excel worksheet.
Microsoft Urges Consumer and Enterprise Users to Move to Newer Outlook VersionsJune 19, 2024 7:00 am-Microsoft wants users to upgrade from legacy Outlook clients. The biggest impact for Microsoft 365 tenants might be the loss of OWA light, but consumer users are in for the same kind of change that enterprise users experienced when Microsoft blocked basic authentication for Exchange Online. The announcement wasn't very clear about what's happening, so we're happy to clarify matters.
Working with Calendar Permissions using the Microsoft Graph PowerShell SDKJune 18, 2024 7:00 am-The Set-MailboxFolderPermission cmdlet is usually used to set calendar permissions, including the permission for the default user to allow everyone in an organization to see each other’s calendars. But you can use cmdlets from the Microsoft Graph PowerShell SDK too. The Graph SDK cmdlets are faster, but not enough to warrant replacing the Exchange cmdlet in scripts. We explain why here.
Using PowerShell to Post Channel Messages with Teams WorkflowsJune 17, 2024 7:00 am-The incoming webhook connector is a popular method to post information to Teams channels, but Microsoft seems set on retiring the Office connectors. The Teams post to channel workflow when a webhook request is received seems like is a possible replacement, but it's not just a matter of switching mechanisms. Some PowerShell magic is needed to create a suitable adaptive card to post to the channel, which is exactly what we explain how to do here.
Per-User MFA State Added to Tenant Passwords and MFA ReportJune 14, 2024 7:00 am-A Microsoft Graph update makes per-user MFA state available for user accounts. Being able to access the data means that we can include it in the User Passwords and Authentication report. You can now see if accounts are disabled, enabled, or enforced for per-user MFA along with all the other information captured about passwqrd changes, MFA authentication methods, and so on.
Blocking Download Access to Teams Channel Meeting RecordingsJune 13, 2024 7:00 am-Our review of the Videos chapter for the Office 365 for IT Pros eBook found a Teams meeting policy setting we hadn't documented to block downloads for channel meeting recordings. Naturally, this was a disaster, so we spent some time investigating what the policy setting does and if it's useful in practice. It works, but do you want to block downloads of channel meeting recordings?
To Splat or Not to Splat, That’s the QuestionJune 12, 2024 7:00 am-Splatting is an optional PowerShell technique designed to make it easier to pass parameter values for cmdlets. It’s a personal choice whether to use splatting instead of passing values to individual parameters in the command line. Although the Microsoft Graph PowerShell SDK can be a little strange at times, you can use splatting with SDK cmdlets, even with some pretty complex parameters such as those used to filter objects.
The End for Office 365 Connectors Comes Into SightJune 11, 2024 7:00 am-Office 365 Connectors bring data from external sources into Microsoft 365 apps like Teams and Outlook. Workflows and Power Automate are replacing Connectors for Microsoft 365 Groups (Outlook groups) and SharePoint Online. Connectors are still available in Teams but for how long? No one knows, but it does seem like Microsoft is rationalizing no-code automation around Power Automate.
Understanding SharePoint Online StorageJune 10, 2024 7:00 am-Understanding SharePoint Online storage used to be easy. Then applications like Loop arrived. Other influences like retention and archive can affect storage too. It's a complicated situation before you throw OneDrive for Business into the mix and consider that Microsoft has removed unlimited OneDrive storage while an increasing number of apps store files in OneDrive. It's a complicated situation.
Interpreting Audit Records for Teams Meeting Recordings (Again)June 7, 2024 7:00 am-Three years ago, I wrote a script to analyze the audit records generated for Teams meeting recordings. Then things changed in terms of how the audit records were generated and how the Search-UnifiedAuditLog cmdlet returns audit search results. All of which meant that considerable work was needed to revamp (rewrite) the script. Maybe you need to check any script that uses the Search-UnifiedAuditLog cmdlet too?
Report Delegated Permission Assignments for Users and AppsJune 6, 2024 7:00 am-This article describes how to use the Microsoft Graph PowerShell SDK to report delegated permission assignments to user accounts and apps. Like in other parts of Microsoft 365, the tendency exists to accrue delegated permissions for both user accounts and apps over time. There's nothing wrong with having delegated permissions in place, if they are appropriate and needed - and that's why we report their existence.
Choosing Between Graph API Requests or Graph SDK CmdletsJune 5, 2024 7:00 am-Deciding whether to use Microsoft Graph PowerShell SDK cmdlets or Graph API requests is sometimes not easy. Some say that it's best to use Graph API requests everywhere and avoid the complication of possibly buggy Graph PowerShell SDK cmdlets. My approach is different. I start with Graph PowerShell SDK cmdlets and only resort to Graph API requests when absolutely necessary. It works for me!
Teams Custom Emojis Arrive in June 2024June 4, 2024 7:00 am-The latest technology initiative from Microsoft comes in the form of Teams custom emojis, designed to bring light and happiness to Microsoft 365 tenants. Of course, the light and happiness will only happen if tenants don't disable the settings in Teams messaging policies that allow users to upload custom emojis. A tenant can support up to 5,000 Teams custom emojis. That's a lot of room for people to get inventive.
Notify When Available Comes to Teams 2.1June 3, 2024 7:00 am-Without any fuss or bother, Microsoft announced that the Teams 2.1 client has regained the Notify When Available feature. This functionality allows users to subscribe to the presence status for someone else to receive notifications when that person's presence status changes to Available. It's a very useful and worthwhile feature to have that goes back to Skype. It's good to have it back!
Office 365 for IT Pros June 2024 UpdateJune 1, 2024 1:00 am-The June 2024 update for the Office 365 for IT Pros 2024 edition ebook is available for download. We're also announcing the availability of the 2025 edition on 1 July 2024. Office 365 for IT Pros 2025 edition drops the companion volume and introduces a new book dedicated to Automating Microsoft 365 with PowerShell. Anyone who subscribes to the 2024 edition in June 2024 will receive a free update to the 2025 edition when it is published.
Better Copilot Audit Records and Copilot Chat Appears in Classic OutlookMay 31, 2024 7:00 am-Copilot audit records generated for the Microsoft 365 audit log capture details of the resources (files, emails, and documents) used by Copilot in its answers. This doesn't sound very exciting, but it is important for forensic investigators who need to understand what information is consumed to generate AI answers. In another development, the Copilot for Microsoft 365 chat app is now available in Outlook classic.
Teams Meeting Audit Events Available to Purview Audit Standard CustomersMay 30, 2024 7:00 am-Microsoft is deploying additional audit events to tenants with Purview Audit (Standard) licenses. Among the 15 Teams events in the set are Teams meeting audit events to capture details of meetings and participants. Unhappily, some of the data that you'd like to have for meetings, like the subject, are missing. And meeting participant information is available for some classes of user but not for others.
Teams Adjusts the Activity FeedMay 29, 2024 7:00 am-The Teams Activity feed received two recent major changes. First, calendar notifications now show up in the feed. Second, the set of filters that were available are reduced to just two (mentions and unread). Reducing the filters is part of Microsoft’s effort to streamline the Teams 2.1 client and remove unnecessary screen elements. I guess it’s OK, and you can disable the calendar notifications to stop that annoyance.
Reporting Mailbox Audit ConfigurationsMay 28, 2024 7:00 am-A request came in for a PowerShell script to report mailbox audit configurations to check that the important new events are being generated by mailboxes. After diverting into the hellhole of Microsoft licensing, normal sanity was resumed and a PowerShell script written to do the job. The script generates a CSV file or Excel worksheet for tenant administrators to review. After that, it's up to you.
Teams Changes Location for Meeting TranscriptsMay 27, 2024 7:00 am-Microsoft is changing the storage location for Teams Meeting Transcripts from Exchange Online to OneDrive for Business. The change is designed to standardize storage of meeting recordings and transcripts in OneDrive for Business. The change makes sense seeing that Stream has completed its migration to SharePoint and OneDrive. In other news, because transcripts are now so important for other features, a bunch of new controls are coming to allow organizations to limit access to this data.
Stream Development Presses Ahead After Migration FinishesMay 24, 2024 7:00 am-The Stream browser client has received some nice new features including the ability to trim videos in a very efficient manner and to add callouts to videos to appear between specific timecodes. And there’s Copilot for Stream, which is available if you have Copilot for Microsoft 365. The extra functionality demonstrates that Microsoft continues to invest in the development of the Stream client, which is nice.
Microsoft Finally Delivers Promised Audit Events to Purview Audit Standard TenantsMay 23, 2024 7:00 am-A May 20 post contains the welcome news that the new audit events promised for Purview Audit standard customers should be available in June 2024. Some of these events are for Exchange Online, like the famous MailItemsAccessed event. Others are for Teams and SharePoint Online. In the case of Exchange, tenant administrators might have to do some work to validate that mailbox audit configurations are correct.
Organizers of Teams Recurring Meetings Can Create Loop Workspaces for Shared ContentMay 22, 2024 7:00 am-A new feature for Teams recurring meetings allows meeting organizers to create Loop workspaces to hold content shared within the meetings. It's an example of close integration between different parts of the Microsoft 365 ecosystem to add value for customers. That's great, providing you have the correct licenses to allow meeting organizers to create Loop workspaces and don't need to support guest access (coming soon).
Big Change Coming in Authentication for Outlook Add-insMay 21, 2024 7:00 am-On April 9, 2024, Microsoft announced a big change in authentication for Outlook add-ins. It's likely that people don't realize the kind of change that's coming. The change removes legacy Exchange authentication methods and replaces them with Nested App Authentication (NAA). Time is running short for developers to upgrade and test their code and Microsoft 365 tenants to get ready for the changeover.
European Union Lines up Anti-Trust Charges Against Microsoft Over TeamsMay 20, 2024 7:00 am-The Financial Times reported that the EU is lining up new charges against Microsoft for Teams anti-competitive behavior. Given that Microsoft has already unbundled Teams from Office 365 products, it's hard to know what remedy the EU will seek. If it's a fine, then Microsoft could be charged up to 10% of their worldwide revenues. That's unlikely, but the issue highlights how hard it is to compete against an integrated solution.
Microsoft Causes Fuss Around Azure MFA AnnouncementMay 17, 2024 7:00 am-On May 14, Microsoft announced that they will require Azure MFA for connections to services starting in July 2024. No details about the implementation are available, so it's difficult to measure the likely impact on Microsoft 365 tenants. Given that very few people access services like the Azure portal, it's probable that the impact will not be large, but it would be nice to hear more precise details from Microsoft.
Teams Adds Slash Commands to the Message Compose BoxMay 16, 2024 8:00 am-Teams has added the ability to use slash commands (shortcuts) to the message compose box. Although the feature seems useful, I wonder about its potential usage. The fact is that people are pretty accustomed to how they compose message text and other options are available to add Loop or code blocks or set their online status, so why would they use the slash commands in the message compose box?
SharePoint Online Deletion of Non-Empty FoldersMay 15, 2024 8:00 am-A recent SharePoint Onlne update enables folder deletion when items are present in a folder. This is probably the way that things should have always worked. Even so, it's good to have this capability because it helps site users clean out old and obsolete information, something that's becoming increasingly important in the AI era for Microsoft 365.
The Extremely Useful Meeting Follow ResponseMay 14, 2024 7:00 am-The Follow response is a new option for people invited to a meeting to indicate that they can't attend but are interested in what happens. Replying with a Follow response means that the user gains access to the meeting artifacts (like the chat and recap). It also means that the allotted time is not blocked in their calendar. The feature will be most valuable to people who have heavily-used calendars.
Block Device Code Authentication Requests with Conditional AccessMay 13, 2024 6:00 am-This article describes the process of blocking device code authentication requests against Entra ID with a preview feature for conditional access policies. It's a good idea to tighten tenant security by removing device code authentication unless a clearly-defined need exists for apps to authenticate using this method. I suspect that most tenants will find that they can happily do without device code authentication.
Team and Channel Creation Simplified in New DesignMay 10, 2024 7:00 am-Team channel collaboration might be a better choice than always creating a new team to host discussions about a topic, especially if channels grow in features. Now that a single team can support a mix of up to 1,000 regular, shared, and private channels, all of which can be archived, is it a good option to continue to create new teams? The answer is probably not, especially if Microsoft continues on a path to develop channel capabilities.
Update Entra ID User Role Permissions to Secure Your TenantMay 9, 2024 7:00 am-The user authorization policy defines user role permissions, or actions that non-admin users can take within an Entra ID tenant. The default settings are silly. I can't think of good reasons to allow non-admin users to create new registered apps, tenants, or security groups. Why default settings allow these actions is a mystery, and it could be they're just outdated.
Microsoft Launches Support for Entra ID External Authentication MethodsMay 8, 2024 7:00 am-In a May 2 announcement, Microsoft said that they have signed up 9 ISVs to add support for Entra ID authentication methods. The third-party methods work the same way as native Entra ID authentication (like the Authenticator app), meaning that verified connections can be used by other Entra solutions like Privileged Identity Management.
Teams Adds Background Effects for Mobile Video MessagesMay 7, 2024 7:00 am-The Teams iOS client can send one-minute Teams video messages (or clips) to chats or channels conversations. Now, the videos can use image or blur backgrounds. Nice as it is to be able to expose your artistic side in Teams messaging, the compliance problem with Teams video messages remains. If you allow users to send video messages, remember that they could use this route to get around compliance barriers.
More Microsoft Graph PowerShell SDK ProblemsMay 6, 2024 4:00 am-Some problems emerged in V2.17 and V2.18 of the Microsoft Graph PowerShell SDK. In one case, Microsoft changed cmdlet names. In another, it's an identity issue caused by incompatible assemblies. In both cases, questions have to be asked about the level of testing done by Microsoft before they release a new module. Bugs do happen, but testing should catch the obvious problems.
Microsoft Retires Stream Mobile AppMay 3, 2024 4:00 am-On May 2, 2024, Microsoft announced the retirement of the Stream Mobile app on July 1, 2024. It's all to do with rationalization and focus, or so Microsoft says. In any case, the suggested replacements are the OneDrive and Microsoft 365 apps, both of which are capable of handling video uploads, management, and playback.
Removing Outlook Add-ins From Mailboxes with PowerShellMay 2, 2024 7:00 am-The Share to Teams Outlook add-in posts an email to a Teams chat or channel conversation. I was asked how to disable the add-in for some mailboxes. Here's how to do the job using PowerShell to find a set of target mailboxes and then turn off Send to Teams for each mailbox.
Office 365 for IT Pros May 2024 Update AvailableMay 1, 2024 1:15 am-Another month, another update for the Office 365 for IT Pros eBook. In this case, it's monthly update #107 for Office 365 for IT Pros (2024 edition), now available for download by subscribers from Gumroad.com and Amazon.com. Like every month, update #107 contains a mixture of new features and revised knowledge, all essential information for Microsoft 365 tenant administrators to have.
Disabling Bits of Copilot for Microsoft 365April 30, 2024 7:00 am-The Copilot for Microsoft 365 license has 8 service plans to govern feature availability. You can disable individual components, if you know what you're doing. One thing that's not possible is to disable Copilot for individual Office apps. A single service plan covers all the "productivity apps," so they're either all on or all off.
Teams Classic Client Slipping AwayApril 29, 2024 7:00 am-The Teams classic client has been replaced by the Teams 2.1 client. Microsoft will block access to the Teams classic client for people running the app on unsupported platforms in October 2024. The final block swings into place for everyone on July 1 2025. The migration to the new client appears to be going well, so I'm not sure if many will miss the old client.
Microsoft Cloud Exceeds 50% of Microsoft Total RevenuesApril 26, 2024 9:34 am-The Microsoft FY24 Q3 results didn't contain any new user numbers for Office 365 or Teams. However, we did learn that Copilot and Azure are popular words in the Microsoft lexicon. As usual, statistics were introduced without context, but investors won't really care too much as Microsoft continues to generate tons of revenue at a healthy margin, especially from its cloud business.
Automatic Hiding of Teams Channels Continues September 11, 2024 7:00 am - The Teams feature to hide inactive channels is now fully rolled out. Another recent change suppresses notifications from hidden channels, and this could cause a problem for people who rely on notifications to know what’s happening in a channel. Both updates are good, but some differentiation or control over notifications for user-hidden and auto-hidden channels might be good.
Microsoft 365 Admin Center to Support Continuous Access Evaluation September 10, 2024 7:00 am - The Microsoft 365 admin center will support continuous access evaluation (CAE) from September 2024 to help revoke access from accounts more quickly when critical events happen (like an account password being changed). Adding CAE support to an admin center is always a good idea, but it shouldn’t take away from the need to protect Microsoft 365 accounts with multifactor authentication. Stop compromise before you need to react to compromise!
Purview eDiscovery’s Big Makeover September 9, 2024 7:00 am - eDiscovery is a calling best left to skilled investigators. But Microsoft 365 administrators need to know how to search and how the new Purview eDiscovery works. The new implementation is due by the end of 2024 and is in preview now. It unifies the three existing solutions in the Microsoft 365 eDiscovery space and promises to deliver new functionality. But will it make its dates? Who knows!
Using Guest Accounts to Bypass the Teams Meeting Lobby September 6, 2024 9:14 am - One of the things that vexes me is the need to change account to attend a Teams meeting. I forget this all the time and end up with unexpected waits in virtual lobbies, twiddling my thumbs while waiting for someone to admit me to the call. Sometimes I end up missing calls because people can’t admit participants from outside the tenant if they don’t have a guest account. The solution might come from the application of more intelligence and a change to the Teams UI.
Copilot’s Automatic Summary for Word Documents September 5, 2024 7:00 am - The automatic document summary feature for Word duly turned up and Copilot for Microsoft 365 has been busy generating summaries ever since. The feature works well for documents with less than 80,000 words, which should be enough for most documents but limits summarization for documents that might use it most, like complex plans or contracts. In any case, I haven’t found a way to turn document summaries off. Maybe that’s coming. 
Teams Improves Text Pasting and Mic Pending September 4, 2024 7:00 am - Thankfully, Teams pasted text no longer contains a timestamp and the author's name. The change is effective worldwide and addresses a longstanding irritation. Quite why it took so long for Microsoft to understand how people felt about the insertion of unwanted metadata is a mystery, but it’s gone now. And in other news, Mic Pending is a new feature for Teams calls and meetings.
Transferring Reusable PowerShell Objects Between Microsoft 365 Tenants September 3, 2024 7:00 am - People often need to transfer objects or code between Microsoft 365 tenants. When it comes to dealing with objects, the Microsoft Graph PowerShell SDK's ToJsonString method is very useful. The method outputs a string containing JSON content, but only for object properties that have a value. This makes the much easier to use the output as the basis for a template object or as the payload body to create an object in another tenant.
Office 365 for IT Pros September 2024 Update September 2, 2024 3:00 am - Files are available to download for the September 2024 update for the Office 365 for IT Pros (2025 edition) eBook. This is monthly update #111 for the only book covering Microsoft 365 that's updated monthly. As normal, this update covers a bunch of new information and insights from across the Microsoft 365 ecosystem.
Microsoft Withdraws Copilot Catch Up Feature August 30, 2024 7:00 am - After reaching 50% deployment and on track to general availability, Microsoft decided to withdraw the Copilot catch up feature. Catch up shows a set of cards in a carousel to highlight documents and other items that Copilot believes are of interest to the user. It's like the insights surfaced in other places within Microsoft 365, such as Office applications, Viva Insights, and Delve. 
PnP PowerShell Changes Its Entra ID App August 29, 2024 5:00 am - On August 21, 2024, news emerged that the PnP PowerShell module will transition from using a multi-tenant Entra ID app to a tenant-specific app. The change is scheduled for September 9, 2024, which doesn’t leave a lot of time available for developers to review, update, and test PowerShell scripts based on PnP PowerShell. Some extra warning would have been nice.
Why Entra ID can Restore Some Types of Deleted Groups and Not Others August 28, 2024 7:00 am - The ability to restore deleted groups only covers Microsoft 365 groups. That's an odd situation to be in given the different types of groups in Microsoft 365, and the reasons why things work (or don’t) the way they do is down to history and different teams within Microsoft. It’s logical that customers assume they can restore any type of deleted group. Microsoft needs to do some magic to make that assumption real.
The Problem with Scoped Audit Log Searches August 27, 2024 7:00 am - Microsoft Purview and the Exchange Online Search-UnifiedAuditLog cmdlet both perform searches of the Microsoft 365 unified audit log. Both mechanisms support the concept of scoped searches to limit audit records returned by searches to the administrative units an account can manage. But the permissions assigned by the two mechanisms aren’t synchronized, which can lead to complications.
Finding Non-Compliant Shared Mailboxes August 26, 2024 7:00 am - Shared mailboxes have Entra ID accounts. No one needs to sign into the accounts because Exchange Online manages connections using mailbox permissions. But it can happen that people do sign into shared mailboxes and if the accounts aren’t licensed, they don’t comply with Microsoft licensing requirements. As explained here, some PowerShell can check for potential licensing violations.
Teams External Domain Activity Report Gets a Refresh August 23, 2024 7:00 am - Microsoft says that they plan to refresh the Teams external domain activity report from September 2024. But access to the report requires a Teams Premium license. It seems like this kind of fundamental information should be available to every tenant as it’s not basic security data instead of something that could be considered as Advanced Collaboration Analytics.
Report Detailing Unlicensed OneDrive for Business Accounts Available August 22, 2024 7:00 am - Microsoft announced their plan to charge for unlicensed OneDrive for Business accounts in July. Now we have an unlicensed OneDrive accounts report in the SharePoint Online admin center. The report divides unlicensed OneDrive accounts into four categories and it’s up to Microsoft 365 tenant administrators to figure out whether to retain or remove unlicensed accounts before automatic archival comes into force in January 2025.
The Benefits of Rationalizing License Management in the Microsoft 365 Admin Center August 21, 2024 7:00 am - The decision to rationalize license management in the Microsoft 365 admin center wasn't popular but the signs are that it could deliver benefits to customers in the form of new features and functionality. The first updates are a GUI to manage self-service purchases and trials together with notifications to administrators when a user makes a self-service purchase. More needs to happen, but positive indications are there.
Reporting Entra ID Administrative Role Assignments August 20, 2024 7:00 am - A recent report highlighted the problem of on-premises accounts synchronized to Entra ID that receive administrative role assignments. This article explains how to report the administrative role assignments managed by Privileged Identity Management (PIM) or direct role membership so that it's easy to highlight on-premises accounts holding administrative roles.
Mandatory MFA Requirement for Access to Azure Sites and Tools August 19, 2024 7:00 am - Microsoft's project to impose a mandatory MFA requirement for access to Azure management tools and sites will start enforcement on or after October 15, 2024. The new requirement will only affect administrator accounts who access Azure sites and tools (like PowerShell). Normal users shouldn’t notice any difference. The Azure MFA requirement is a great way to drive home the need for MFA to protect Microsoft 365 administrator accounts against attack. Prepare now!
Microsoft Copilot to Get Enterprise Data Protection August 16, 2024 7:00 am - The August 15 announcement that Microsoft Copilot (the version that doesn’t use the Graph) will benefit from enterprise data protection from September is good new. However, Microsoft said nothing about the security issues around Copilot for Microsoft 365 reported at the recent BlackHat USA 2024 conference. In other news, tenants can pin Microsoft Copilot to app navigation bars using a new control in the Microsoft 365 admin center.
Switching Microsoft 365 Data Report Privacy On and Off August 15, 2024 7:00 am - The Usage Reports Graph API is now generally available, which means that it's fully supported. In other news, a Graph API is available for Microsoft 365 Backup, The news demonstrates once again how widely the Graph APIs are used with Microsoft 365 and why tenant administrators should acquire some knowledge about how the Graph works.
Handling the Too Many Retries Error and Dealing with Odd Numbers of Audit Events August 14, 2024 7:00 am - The AuditLog Query Graph API remains in beta status but cmdlets are now available in the Microsoft Graph PowerShell SDK. This led to some oddities in results when the number of audit events found by a search didn't match those reported by the Purview compliance portal. It all worked out in the end. In other news, the Set-MgRequestContext helped sort out some retry problems.
Comparing Microsoft Cloud Email Services August 13, 2024 7:00 am - HVE and ECS are two competing Microsoft Cloud Email Services. At least, they seem to compete. In reality, HVE and ECS serve different target audiences. HVE is all about internal email services for apps and devices while ECS is for high volume external mailings like customer newsletters. We tested both services by sending subscription reminder notifications to Office 365 for IT Pros readers.
Handling Online Teams Meetings Organized by Ex-Employees August 12, 2024 7:00 am - When someone leaves a Microsoft 365 organization, the possibility exists that they leave some active Teams online meetings dangling behind them. What can be done to take over these meetings and make someone else the meeting organizer? The answer is simple: nothing. Organizing a replacement meeting is one way out, but maybe it’s best to use a dedicated account to organize important company events.
Microsoft 365 Admin Center to Take Over License Assignments August 9, 2024 7:00 am - Microsoft is removing license assignments from the Entra admin center. From Sept 1, new license assignments are done in the Microsoft 365 admin center. In other news, a new Self-service trials and purchases page is coming to the Microsoft 365 admin center to control the ability of users to purchase self-service licenses or use trial licenses.
How to List Details of Teams Apps August 8, 2024 7:00 am - A question asked about filtering Teams apps based on their blocked status. The Teams admin center doesn't support this kind of filter and getting details of Teams apps is surprisingly difficult. For instance, you can't get a list of the 2,500+ apps shown in the Teams admin center. PowerShell cmdlets are available to list Teams apps, but they focus on apps known to a tenant rather than the entire catalog.
Dealing with Teams Chat Messages When People Leave August 7, 2024 7:00 am - Tenant administrators know that they need to deal with mailboxes and OneDrive accounts when people leave, but what about Teams chat messages? Or rather, the information stored in the compliance records captured in Exchange Online mailboxes? Reviewing chat messages can be an ardous task, so perhaps the solution might be to export the compliance records to a PST for long-term retention.
Teams Tightens Access Controls for Meeting Recordings and Transcripts August 6, 2024 7:00 am - Teams meeting transcripts are enormously helpful and are used by many features, including Copilot for Microsoft 365. Access to transcript files needs good control because of the possibility of confidential information being captured in transcripts. Several recent changes made to the Teams meeting policy and meeting options help organizations to exert better control over access to transcript files.
Microsoft Quashes Bad Habit of Sending Passwords in Email August 5, 2024 7:00 am - MC837081 announces that the Microsoft 365 admin center is to lose its ability to send password in email after updating a user account. It's the right thing to do because sending passwords in email is bad practice and encourages people to treat passwords with less respect than they should. The long term solution is to move away from passwords, but it will take time before Microsoft 365 is passwordless.
Microsoft Cloud Revenues Keep on Growing August 2, 2024 3:00 am - The Microsoft FY24 Q4 results delivered solid growth in Microsoft Cloud revenues. No new numbers were given for Office 365 or Teams users, possibly because of a slowdown in new user acquisition. We learned that Teams Premium now has more than 3 million users and that Copilot for Microsoft 365 is being used by more customers than ever before, but without real numbers it's hard to say just how well things are going.
Office 365 for IT Pros August 2024 Update August 1, 2024 3:00 am - The first update for Office 365 for IT Pros (2025 edition) or monthly update #110 is now available for subscribers to download. The update covers both the Office 365 for IT Pros and Automating Microsoft 365 with PowerShell books. Many of the changes in this update are small but we do have some new information to share in some chapters.
Teams App-Centric Management (ACM) July 31, 2024 7:00 am - Teams ACM replaces app permission policies with an easier method of defining who can use Teams apps. A wizard in the Teams admin center runs a one-time non-reversable switchover from app permission policies to ACM and makes sure that the permissions assigned through policy are present for each app. In other news, Teams is much better at presenting Graph permissions that apps need to run.
Microsoft to Charge for Unlicensed OneDrive for Business Accounts July 30, 2024 7:00 am - Microsoft plans to archive unlicensed OneDrive sites starting in January 2025. The obsolete sites will end up in Microsoft 365 archive, from where the sites can be reactivated for a small per-gigabyte fee. Archived sites are indexed and discoverable. However, the message is clear: remove unlicensed OneDrive sites now. They’re only cluttering up your digital landscape and might give Copilot for Microsoft 365 a headache.
Finding Managers of Users with the Microsoft Graph PowerShell SDK July 29, 2024 7:00 am - The task to find manager for Entra ID accounts seems simple until you find the bunch of utility accounts created by Exchange Online that should be ignored. This makes the task more “interesting” when the time comes to find user accounts that don’t have assigned managers. Eventually, all the filters work, and you have a result, but the task is more complicated than it should be.
The Maddening Side of the Microsoft Graph PowerShell SDK July 26, 2024 7:00 am - All software has unique quirks, and the foibles of the Microsoft Graph PowerShell SDK are well known. But it’s much harder when the underlying foundation contributes to the craziness as described in this article. Graph pagination works in a specific way and Microsoft tunes the Graph to deliver great performance by reducing the set of properties returned for objects. Both can cause concern for developers.
The OneDrive for Business Problem Created When Deleting User Accounts July 25, 2024 7:00 am - On the surface, the work to delete OneDrive for Business accounts seems straightforward because Microsoft provides a 30-day deletion period to review contents and uses an automatic delegation process to assign control over the account to the deleted user’s manager. But given the number of applications that store data in OneDrive for Business, can anyone perform an end-to-end review of what’s in the account in a reasonable time?
Stream Moves to Intelligent Versioning July 24, 2024 7:00 am - In a change designed to reduce the consumption of storage quota, Stream video versions are no longer being generated for non-video updates such as changes to video metadata. Anything that alters the video content, like trimming some seconds from the start or end of a video, will create a new version. It seems like a perfectly reasonable change to make that might help SharePoint storage not be consumed quite so quickly.
Adding Cost Center Reporting to the Microsoft 365 Licensing Report July 23, 2024 7:00 am - The Microsoft 365 licensing report now supports a cost center analysis based on cost center values stored in an Exchange custom attribute. The new analysis is entirely optional, but it seems like many tenants store cost center values in custom attributes, so this update might work well for them. That is, if the cost center data stored in Exchange is accurate… Rubbish in always means rubbish out…
Comparing Shared and Inactive Mailboxes for Retaining Ex-Employee Content July 22, 2024 8:00 am - Every Microsoft 365 tenant must deal with ex-employee mailboxes. The default choice is to make the mailboxes into shared mailboxes. But inactive mailboxes could be a better option to deal with the requirements to preserve user privacy and avoid inadvertent disclosure of PII to people who don’t need that information. Perhaps it’s time to reassess how your organization deals with ex-employee mailboxes?
Self-Service Purchase Notifications for Tenant Administrators July 19, 2024 7:00 am - I dislike the Microsoft 365 self-service purchase mechanism and disable it in any tenant where I can. Global and Billing administrators for tenants that allow self-service purchases will soon receive notifications when self-service purchases occur to allow them to take action to allow, cancel, or change the purchased subscription. Or they can do what I do and avoid the problem in the first place by prohibiting self-service purchases.
Exchange Online Previews Inbound SMTP DANE with DNSSEC July 18, 2024 6:00 am - On July 17, Microsoft announced the public preview of inbound SMTP DANE with DNSSEC for Exchange Online, a welcome step forward to improve messaging security. A previous attempt to launch the preview foundered because Microsoft wanted to insist on Microsoft 365 E5 licenses for the feature. Mature reflection prevailed and inbound DANE with DNSSEC is available to all, which is how it should be.
Team Owners Can Rename the General Channel July 17, 2024 7:00 am - In what seems to be a small change, team owners can rename general channels (naturally with 'meaningful names.' The change is more important than it seems because it’s associated with an effort to make users think about using channels as the basis for collaboration instead of always creating a new team. Being able to rename the General channel might make the channel more useful. After all, it's just a regular channel.
Monitoring Updates to Sensitivity Label Policies and Labels July 16, 2024 7:00 am - A reader wanted to know why the Purview Compliance portal doesn't show who last updated sensitivity label policies. The reason why is unclear, but what's for sure is that Purview doesn't record the data anywhere. But PowerShell and the audit log soon reveal who last made changes to labels and policies. It's yet another example of how PowerShell fills gaps Microsoft leaves behind.
Upgrading the Teams and Groups Activity Report to 6.0 July 15, 2024 6:00 am - The Teams and Groups activity report is a popular script that helps administrators identify inactive teams and groups within a Microsoft 365 tenant. The script code has been developed over the years. The last version converted to Graph API requests to improve performance. This time, the upgrade is to use the Microsoft Graph PowerShell SDK to make the code easier to maintain.
Outlook Mobile Continues to Set the Standard for Microsoft 365 Email Mobility July 12, 2024 6:00 am - It's common to be asked which is the best mobile email client for Exchange Online. My view is that Outlook Mobile is the only client to use (if possible). I know that this opinion is unpopular with devotees of clients like the Apple iOS mail client, but the simple facts are that Outlook mobile is more functional and better integrated into the Microsoft 365 ecosystem. That's the defining factor for many.
The Right Way to Replace the Remove-SPOExternalUser Cmdlet July 11, 2024 4:00 am - Microsoft says they will remove the Remove-SPOExternalUser cmdlet starting July 29. They recommend using Remove-AzureADUser as a replacement. It's a bad call because that cmdlet is part of a now-retired and soon to be deprecated module. Overall, recommendations like this make you think that Microsoft doesn’t know what’s happening across the whole of Microsoft 365. And you might be right.
Office Connectors Retirement for Teams July 10, 2024 3:00 am - In June, Microsoft retired Office Connectors for SharePoint Online and Microsoft 365 Groups. Starting on August 15, they're retiring connectors for Teams. The problem is finding out which teams and channels have configured connectors. That's when PowerShell comes in handy, as we prove with a script to report which teams have connectors.
Configuring Outlook DLP Policy Pop-Ups for Sensitive Content July 9, 2024 7:00 am - A cloud policy setting enables a delay for evaluating message content and allows Outlook DLP Policy Tips to be displayed after detection of a policy violation. The setting works by pausing message sends until Outlook has had time to check the content for DLP policy violations Pop-up messages inform users about the pause and the result of the check.
Outlook Mobile Introduces Synchronization Window July 8, 2024 4:00 am - A new Outlook Mobile synchronization setting allows users to select a window of between 1 and 90 days to download copies of email and attachments. The new setting allows organizations who worry about corporate data being on mobile devices to limit exposure to one day while enabling people who like having their entire mailbox on their device get closer to that point. Everyone wins.
New Policy to Disable Some In-Product Messages in Teams July 5, 2024 6:55 am - In a welcome update, the Teams development group have provided a new policy setting to control the display of some in-product messages in Teams clients. The policy can only be updated with PowerShell. Some other Microsoft 365 development groups need to follow Teams and offer paying customers a way to suppress the annoying in-product ads.
All SharePoint Online Sharing Links Now Support Expiration Dates July 4, 2024 7:00 am - A very useful update to support sharing links expiration for all link types used by SharePoint Online and OneDrive for Business is now rolling out and should be available in all Microsoft 365 tenants soon. Until now, expiration dates were only available for anyone links. Many organizations don’t allow anyone links, so enabling the feature for company-wide and specific people links will be much appreciated.
Teams to Begin Automatically Hiding Inactive Channels July 3, 2024 7:00 am - From mid-July 2024, Teams will begin hiding inactive channels for users. The inactive channels can be unhidden, and users can opt out of the automatic process. The new clean up routine can be invoked whenever users want and if a mistake is made, it’s easy to unhide a channel. Given the number of channels in use, it’s likely that a few in everyone’s channel list are inactive and deserve to be hidden.
Using Company-wide Sharing Links with Copilot for Microsoft 365 July 2, 2024 8:00 am - Some folks wonder why they can't use documents shared with them using company-wide links with Copilot for Microsoft 365. As it turns out, the answer is simple. People must redeem a sharing link before SharePoint validates their access to a shared file. Copilot cannot use a document unless it has access to it. All of which brings up the point if it’s a good idea to use company-wide sharing links.
Office 365 for IT Pros 2025 Edition is Now Available July 1, 2024 12:01 am - Office 365 for IT Pros 2025 edition, the 11th edition of the most comprehensive and in-depth book covering the Microsoft 365 Office servers, is now available. Office 365 for IT Pros subscriptions include a new 240-page book titled Automating Microsoft 365 with PowerShell covering PowerShell, Microsoft Graph APIs, and the Microsoft Graph PowerShell SDK. No Microsoft 365 tenant administrator should be without a copy of Office 365 for IT Pros!
Teams Chat Gets the Shared Tab June 28, 2024 7:00 am - The old Files tab in Teams chat is being replaced by the Shared tab. The new tab exposes both files and hyperlinks and Microsoft says that the Shared tab will support more types of objects in the future. No dates are given for the future enhancements, but the new Shared tab will roll out for Teams chat users in early July 2024. I like the new tab because I tend to share many hyperlinks in chats.
Teams to Block Federated Communications with Trial Tenants June 27, 2024 7:00 am - Microsoft is moving to block federated communications with trial Microsoft 365 tenants to cut off a potential exploitation route for attackers. The new block goes into force on July 29, 2024, and is controlled by the ExternalAccessWithTrialTenants setting in the tenant federation configuration policy. We’ve been saying for years that tenants should clamp down on federated chat. It seems that Microsoft now agrees.
The Curiously Unfinished Outlook Settings API June 26, 2024 7:00 am - The Outlook settings API is a unfinished Graph API that can read and update some but not all mailbox settings. It's a pity that the API is incomplete because it would be nice to have a comprehensive API that supported every mailbox setting, including some of the more recently introduced tweaks seen in OWA. The current state of the Outlook settings API is usable but not for much, but at least it can update auto-reply settings.
Adding Details of Authentication Methods to the Tenant Passwords and MFA Report June 25, 2024 7:00 am - V1.2 of the User Passwords and MFA report includes the names of authentication methods registered for user accounts. V1.3 expands the amount of detail reported for each method, such as the phone number used for SMS challenges, or the email address used for SSPR. It’s a small but important detail that’s useful to administrators. However, it also comes with a potential privacy issue, so the script must handle that too.
Outlook (Win32) Becomes Outlook (Classic) June 24, 2024 7:00 am - Microsoft has announced the formal renaming of the Win32 version of Outlook to be Outlook (classic). It's preparing for the general availability of the new Outlook for Windows, expected very soon into the new Microsoft fiscal year starting on July 1, 2024. The change doesn’t affect the status of Outlook (classic) or the commitment to support the client until at least 2029.
Planner User Policy Stops Task and Plan Deletions June 21, 2024 7:00 am - The Set-PlannerUserPolicy cmdlet allows Microsoft 365 tenant administrators stop users deleting tasks created by other users. However, an undocumented consequence of setting the policy for user accounts is that it stops those accounts removing plans too. The unexpected block imposed by Set-PlannerUserPolicy caused me problems when attempting to delete a plan with PowerShell. It would be nice if the modules created by Microsoft worked as expected (and as documented).
Version 1.9 of the Microsoft 365 Licensing Report June 20, 2024 7:00 am - The Microsoft 365 Licensing Report is a popular PowerShell script that's just been updated to V1.9 with a bunch of changes to highlight different aspects such as license costs for disabled user accounts and inactive user accounts. Copious use of some very dubious color choices makes the HTML report created by the script look very nice (if you're color blind) and the new version can generate an Excel worksheet.
Microsoft Urges Consumer and Enterprise Users to Move to Newer Outlook Versions June 19, 2024 7:00 am - Microsoft wants users to upgrade from legacy Outlook clients. The biggest impact for Microsoft 365 tenants might be the loss of OWA light, but consumer users are in for the same kind of change that enterprise users experienced when Microsoft blocked basic authentication for Exchange Online. The announcement wasn't very clear about what's happening, so we're happy to clarify matters.
Working with Calendar Permissions using the Microsoft Graph PowerShell SDK June 18, 2024 7:00 am - The Set-MailboxFolderPermission cmdlet is usually used to set calendar permissions, including the permission for the default user to allow everyone in an organization to see each other’s calendars. But you can use cmdlets from the Microsoft Graph PowerShell SDK too. The Graph SDK cmdlets are faster, but not enough to warrant replacing the Exchange cmdlet in scripts. We explain why here.
Using PowerShell to Post Channel Messages with Teams Workflows June 17, 2024 7:00 am - The incoming webhook connector is a popular method to post information to Teams channels, but Microsoft seems set on retiring the Office connectors. The Teams post to channel workflow when a webhook request is received seems like is a possible replacement, but it's not just a matter of switching mechanisms. Some PowerShell magic is needed to create a suitable adaptive card to post to the channel, which is exactly what we explain how to do here.
Per-User MFA State Added to Tenant Passwords and MFA Report June 14, 2024 7:00 am - A Microsoft Graph update makes per-user MFA state available for user accounts. Being able to access the data means that we can include it in the User Passwords and Authentication report. You can now see if accounts are disabled, enabled, or enforced for per-user MFA along with all the other information captured about passwqrd changes, MFA authentication methods, and so on.
Blocking Download Access to Teams Channel Meeting Recordings June 13, 2024 7:00 am - Our review of the Videos chapter for the Office 365 for IT Pros eBook found a Teams meeting policy setting we hadn't documented to block downloads for channel meeting recordings. Naturally, this was a disaster, so we spent some time investigating what the policy setting does and if it's useful in practice. It works, but do you want to block downloads of channel meeting recordings?
To Splat or Not to Splat, That’s the Question June 12, 2024 7:00 am - Splatting is an optional PowerShell technique designed to make it easier to pass parameter values for cmdlets. It’s a personal choice whether to use splatting instead of passing values to individual parameters in the command line. Although the Microsoft Graph PowerShell SDK can be a little strange at times, you can use splatting with SDK cmdlets, even with some pretty complex parameters such as those used to filter objects.
The End for Office 365 Connectors Comes Into Sight June 11, 2024 7:00 am - Office 365 Connectors bring data from external sources into Microsoft 365 apps like Teams and Outlook. Workflows and Power Automate are replacing Connectors for Microsoft 365 Groups (Outlook groups) and SharePoint Online. Connectors are still available in Teams but for how long? No one knows, but it does seem like Microsoft is rationalizing no-code automation around Power Automate.
Understanding SharePoint Online Storage June 10, 2024 7:00 am - Understanding SharePoint Online storage used to be easy. Then applications like Loop arrived. Other influences like retention and archive can affect storage too. It's a complicated situation before you throw OneDrive for Business into the mix and consider that Microsoft has removed unlimited OneDrive storage while an increasing number of apps store files in OneDrive. It's a complicated situation.
Interpreting Audit Records for Teams Meeting Recordings (Again) June 7, 2024 7:00 am - Three years ago, I wrote a script to analyze the audit records generated for Teams meeting recordings. Then things changed in terms of how the audit records were generated and how the Search-UnifiedAuditLog cmdlet returns audit search results. All of which meant that considerable work was needed to revamp (rewrite) the script. Maybe you need to check any script that uses the Search-UnifiedAuditLog cmdlet too?
Report Delegated Permission Assignments for Users and Apps June 6, 2024 7:00 am - This article describes how to use the Microsoft Graph PowerShell SDK to report delegated permission assignments to user accounts and apps. Like in other parts of Microsoft 365, the tendency exists to accrue delegated permissions for both user accounts and apps over time. There's nothing wrong with having delegated permissions in place, if they are appropriate and needed - and that's why we report their existence.
Choosing Between Graph API Requests or Graph SDK Cmdlets June 5, 2024 7:00 am - Deciding whether to use Microsoft Graph PowerShell SDK cmdlets or Graph API requests is sometimes not easy. Some say that it's best to use Graph API requests everywhere and avoid the complication of possibly buggy Graph PowerShell SDK cmdlets. My approach is different. I start with Graph PowerShell SDK cmdlets and only resort to Graph API requests when absolutely necessary. It works for me!
Teams Custom Emojis Arrive in June 2024 June 4, 2024 7:00 am - The latest technology initiative from Microsoft comes in the form of Teams custom emojis, designed to bring light and happiness to Microsoft 365 tenants. Of course, the light and happiness will only happen if tenants don't disable the settings in Teams messaging policies that allow users to upload custom emojis. A tenant can support up to 5,000 Teams custom emojis. That's a lot of room for people to get inventive.
Notify When Available Comes to Teams 2.1 June 3, 2024 7:00 am - Without any fuss or bother, Microsoft announced that the Teams 2.1 client has regained the Notify When Available feature. This functionality allows users to subscribe to the presence status for someone else to receive notifications when that person's presence status changes to Available. It's a very useful and worthwhile feature to have that goes back to Skype. It's good to have it back!
Office 365 for IT Pros June 2024 Update June 1, 2024 1:00 am - The June 2024 update for the Office 365 for IT Pros 2024 edition ebook is available for download. We're also announcing the availability of the 2025 edition on 1 July 2024. Office 365 for IT Pros 2025 edition drops the companion volume and introduces a new book dedicated to Automating Microsoft 365 with PowerShell. Anyone who subscribes to the 2024 edition in June 2024 will receive a free update to the 2025 edition when it is published.
Better Copilot Audit Records and Copilot Chat Appears in Classic Outlook May 31, 2024 7:00 am - Copilot audit records generated for the Microsoft 365 audit log capture details of the resources (files, emails, and documents) used by Copilot in its answers. This doesn't sound very exciting, but it is important for forensic investigators who need to understand what information is consumed to generate AI answers. In another development, the Copilot for Microsoft 365 chat app is now available in Outlook classic.
Teams Meeting Audit Events Available to Purview Audit Standard Customers May 30, 2024 7:00 am - Microsoft is deploying additional audit events to tenants with Purview Audit (Standard) licenses. Among the 15 Teams events in the set are Teams meeting audit events to capture details of meetings and participants. Unhappily, some of the data that you'd like to have for meetings, like the subject, are missing. And meeting participant information is available for some classes of user but not for others.
Teams Adjusts the Activity Feed May 29, 2024 7:00 am - The Teams Activity feed received two recent major changes. First, calendar notifications now show up in the feed. Second, the set of filters that were available are reduced to just two (mentions and unread). Reducing the filters is part of Microsoft’s effort to streamline the Teams 2.1 client and remove unnecessary screen elements. I guess it’s OK, and you can disable the calendar notifications to stop that annoyance.
Reporting Mailbox Audit Configurations May 28, 2024 7:00 am - A request came in for a PowerShell script to report mailbox audit configurations to check that the important new events are being generated by mailboxes. After diverting into the hellhole of Microsoft licensing, normal sanity was resumed and a PowerShell script written to do the job. The script generates a CSV file or Excel worksheet for tenant administrators to review. After that, it's up to you.
Teams Changes Location for Meeting Transcripts May 27, 2024 7:00 am - Microsoft is changing the storage location for Teams Meeting Transcripts from Exchange Online to OneDrive for Business. The change is designed to standardize storage of meeting recordings and transcripts in OneDrive for Business. The change makes sense seeing that Stream has completed its migration to SharePoint and OneDrive. In other news, because transcripts are now so important for other features, a bunch of new controls are coming to allow organizations to limit access to this data.
Stream Development Presses Ahead After Migration Finishes May 24, 2024 7:00 am - The Stream browser client has received some nice new features including the ability to trim videos in a very efficient manner and to add callouts to videos to appear between specific timecodes. And there’s Copilot for Stream, which is available if you have Copilot for Microsoft 365. The extra functionality demonstrates that Microsoft continues to invest in the development of the Stream client, which is nice.
Microsoft Finally Delivers Promised Audit Events to Purview Audit Standard Tenants May 23, 2024 7:00 am - A May 20 post contains the welcome news that the new audit events promised for Purview Audit standard customers should be available in June 2024. Some of these events are for Exchange Online, like the famous MailItemsAccessed event. Others are for Teams and SharePoint Online. In the case of Exchange, tenant administrators might have to do some work to validate that mailbox audit configurations are correct.
Organizers of Teams Recurring Meetings Can Create Loop Workspaces for Shared Content May 22, 2024 7:00 am - A new feature for Teams recurring meetings allows meeting organizers to create Loop workspaces to hold content shared within the meetings. It's an example of close integration between different parts of the Microsoft 365 ecosystem to add value for customers. That's great, providing you have the correct licenses to allow meeting organizers to create Loop workspaces and don't need to support guest access (coming soon).
Big Change Coming in Authentication for Outlook Add-ins May 21, 2024 7:00 am - On April 9, 2024, Microsoft announced a big change in authentication for Outlook add-ins. It's likely that people don't realize the kind of change that's coming. The change removes legacy Exchange authentication methods and replaces them with Nested App Authentication (NAA). Time is running short for developers to upgrade and test their code and Microsoft 365 tenants to get ready for the changeover.
European Union Lines up Anti-Trust Charges Against Microsoft Over Teams May 20, 2024 7:00 am - The Financial Times reported that the EU is lining up new charges against Microsoft for Teams anti-competitive behavior. Given that Microsoft has already unbundled Teams from Office 365 products, it's hard to know what remedy the EU will seek. If it's a fine, then Microsoft could be charged up to 10% of their worldwide revenues. That's unlikely, but the issue highlights how hard it is to compete against an integrated solution.
Microsoft Causes Fuss Around Azure MFA Announcement May 17, 2024 7:00 am - On May 14, Microsoft announced that they will require Azure MFA for connections to services starting in July 2024. No details about the implementation are available, so it's difficult to measure the likely impact on Microsoft 365 tenants. Given that very few people access services like the Azure portal, it's probable that the impact will not be large, but it would be nice to hear more precise details from Microsoft.
Teams Adds Slash Commands to the Message Compose Box May 16, 2024 8:00 am - Teams has added the ability to use slash commands (shortcuts) to the message compose box. Although the feature seems useful, I wonder about its potential usage. The fact is that people are pretty accustomed to how they compose message text and other options are available to add Loop or code blocks or set their online status, so why would they use the slash commands in the message compose box?
SharePoint Online Deletion of Non-Empty Folders May 15, 2024 8:00 am - A recent SharePoint Onlne update enables folder deletion when items are present in a folder. This is probably the way that things should have always worked. Even so, it's good to have this capability because it helps site users clean out old and obsolete information, something that's becoming increasingly important in the AI era for Microsoft 365.
The Extremely Useful Meeting Follow Response May 14, 2024 7:00 am - The Follow response is a new option for people invited to a meeting to indicate that they can't attend but are interested in what happens. Replying with a Follow response means that the user gains access to the meeting artifacts (like the chat and recap). It also means that the allotted time is not blocked in their calendar. The feature will be most valuable to people who have heavily-used calendars.
Block Device Code Authentication Requests with Conditional Access May 13, 2024 6:00 am - This article describes the process of blocking device code authentication requests against Entra ID with a preview feature for conditional access policies. It's a good idea to tighten tenant security by removing device code authentication unless a clearly-defined need exists for apps to authenticate using this method. I suspect that most tenants will find that they can happily do without device code authentication.
Team and Channel Creation Simplified in New Design May 10, 2024 7:00 am - Team channel collaboration might be a better choice than always creating a new team to host discussions about a topic, especially if channels grow in features. Now that a single team can support a mix of up to 1,000 regular, shared, and private channels, all of which can be archived, is it a good option to continue to create new teams? The answer is probably not, especially if Microsoft continues on a path to develop channel capabilities.
Update Entra ID User Role Permissions to Secure Your Tenant May 9, 2024 7:00 am - The user authorization policy defines user role permissions, or actions that non-admin users can take within an Entra ID tenant. The default settings are silly. I can't think of good reasons to allow non-admin users to create new registered apps, tenants, or security groups. Why default settings allow these actions is a mystery, and it could be they're just outdated.
Microsoft Launches Support for Entra ID External Authentication Methods May 8, 2024 7:00 am - In a May 2 announcement, Microsoft said that they have signed up 9 ISVs to add support for Entra ID authentication methods. The third-party methods work the same way as native Entra ID authentication (like the Authenticator app), meaning that verified connections can be used by other Entra solutions like Privileged Identity Management.
Teams Adds Background Effects for Mobile Video Messages May 7, 2024 7:00 am - The Teams iOS client can send one-minute Teams video messages (or clips) to chats or channels conversations. Now, the videos can use image or blur backgrounds. Nice as it is to be able to expose your artistic side in Teams messaging, the compliance problem with Teams video messages remains. If you allow users to send video messages, remember that they could use this route to get around compliance barriers.
More Microsoft Graph PowerShell SDK Problems May 6, 2024 4:00 am - Some problems emerged in V2.17 and V2.18 of the Microsoft Graph PowerShell SDK. In one case, Microsoft changed cmdlet names. In another, it's an identity issue caused by incompatible assemblies. In both cases, questions have to be asked about the level of testing done by Microsoft before they release a new module. Bugs do happen, but testing should catch the obvious problems.
Microsoft Retires Stream Mobile App May 3, 2024 4:00 am - On May 2, 2024, Microsoft announced the retirement of the Stream Mobile app on July 1, 2024. It's all to do with rationalization and focus, or so Microsoft says. In any case, the suggested replacements are the OneDrive and Microsoft 365 apps, both of which are capable of handling video uploads, management, and playback.
Removing Outlook Add-ins From Mailboxes with PowerShell May 2, 2024 7:00 am - The Share to Teams Outlook add-in posts an email to a Teams chat or channel conversation. I was asked how to disable the add-in for some mailboxes. Here's how to do the job using PowerShell to find a set of target mailboxes and then turn off Send to Teams for each mailbox. 
Office 365 for IT Pros May 2024 Update Available May 1, 2024 1:15 am - Another month, another update for the Office 365 for IT Pros eBook. In this case, it's monthly update #107 for Office 365 for IT Pros (2024 edition), now available for download by subscribers from Gumroad.com and Amazon.com. Like every month, update #107 contains a mixture of new features and revised knowledge, all essential information for Microsoft 365 tenant administrators to have.
Disabling Bits of Copilot for Microsoft 365 April 30, 2024 7:00 am - The Copilot for Microsoft 365 license has 8 service plans to govern feature availability. You can disable individual components, if you know what you're doing. One thing that's not possible is to disable Copilot for individual Office apps. A single service plan covers all the "productivity apps," so they're either all on or all off.
Teams Classic Client Slipping Away April 29, 2024 7:00 am - The Teams classic client has been replaced by the Teams 2.1 client. Microsoft will block access to the Teams classic client for people running the app on unsupported platforms in October 2024. The final block swings into place for everyone on July 1 2025. The migration to the new client appears to be going well, so I'm not sure if many will miss the old client.
Microsoft Cloud Exceeds 50% of Microsoft Total Revenues April 26, 2024 9:34 am - The Microsoft FY24 Q3 results didn't contain any new user numbers for Office 365 or Teams. However, we did learn that Copilot and Azure are popular words in the Microsoft lexicon. As usual, statistics were introduced without context, but investors won't really care too much as Microsoft continues to generate tons of revenue at a healthy margin, especially from its cloud business.