Author: Tony Redmond

Latest Articles

Microsoft Takes Steps to Offset Midnight Blizzard Damage

The fallout from the Midnight Blizzard attack against Microsoft continues as Microsoft takes action to harden the security of its own and customer tenants. One step is to retire the EWS Application Impersonation role. This will happen in February 2025 ahead of the retirement of Exchange Web Services in October 2026.

March 11, 2024

Cleaning Out Old Messages from a Team Channel

A question asked about the best way to remove channel messages from Teams. Microsoft 365 retention policies are an option, but you'll have to wait for retention processing to complete. PowerShell helps because you can create a script to remove all messages and replies from a channel. Everything works, but processing is slow, as we discover when we plunge into the details of writing code.

March 6, 2024

Managing the Discoverability of Private Teams

Microsoft has a new approach to control private team discoverability. You can have all-in access by enabling discoverability through Teams policies or granular access by using sensitivity labels to control if private teams are discoverable or not. This article explains how both methods work.

March 4, 2024

Stopping Spam Sent from Bad Microsoft 365 Domains

Anecdotal evidence is that some spam originates from onmicrosoft.com domains. These are the domains used by Microsoft 365 tenants and the spam indicates that attackers sign up for 'disposable' tenants to send their malware. This article describes what onmicrosoft.com domains are and how to use a mail flow rule to control their traffic.

February 26, 2024

Including Costs in a Microsoft 365 Licensing Report

This article describes how to include user license costs in a Microsoft 365 tenant licensing report created with the Microsoft Graph PowerShell SDK. The report includes annual costs for all licenses assigned to each user plus an overall licensing summary for the tenant. It even reports how effective the tenant is at assigning licenses!

February 7, 2024

Microsoft Attacked by Russian Nation State Actor

A January 19 report from the Microsoft Security Response Center (MSRC) tells of an attack by Russian state actor Midnight Blizzard against Microsoft corporate systems. The attack resulted in the exfiltration of some email and documents from email accounts owned by senior Microsoft employees.

January 20, 2024

Microsoft Drops Copilot Restrictions

In a January 15 announcement, Microsoft says that they have removed the previous restrictions that applied to purchases of Copilot for Microsoft 365 licenses. Office 365 E3 and E5 tenants can now buy and deploy Copilot and the requirement to buy a minimum of 300 licenses is gone. Suddenly, 2024 has become much more interesting from an AI perspective for many Office 365 tenants.

January 15, 2024