The Microsoft Graph PowerShell SDK is a good way to execute Microsoft Graph API queries from PowerShell scripts. In this article, we explain how to use cmdlets from the SDK with a Azure Automation runbook. The example we use is a script to send a welcome email to new employees.
A year after announcing Teams shared channels, Microsoft is preparing to release the code into public preview in March 2022. The new collaboration mechanism uses Azure AD B2B Direct Connect instead of guest accounts, meaning that external members of shared channels use credentials issued by their home tenant to gain access. You'll need to configure a cross-tenant access policy to allow shared channels to work externally. Once that's done, the collaboration floodgates open.
Microsoft Defender for Office 365 (plan 2) contains the Threat Explorer feature. It's a useful way to investigate problematic messages which arrive in a tenant. The automated investigations feature can highlight messages containing malware by assembling evidence about warning signs in the message or its contents, and administrators can then action the recommendations up to and including the removal of messages already delivered to user mailboxes. Automating investigations is a good thing, if you afford Defender for Office 365 Plan 2.
The number of guest accounts in Azure AD keeps growing, largely due to usage in Microsoft Teams. In this article, we describe five basic management steps to control where guests come how, how they connect, what they can do and access, and removing inactive guests. It's the kind of thing all Microsoft 365 tenants should do.
33 Comments
Azure Automation runbooks can run Exchange Online PowerShell code on sandbox machines. Is this a good way of getting work done? In this article, we examine how to create an Azure automation account, a RunAs account, and some runbooks for PowerShell code to run against Exchange Online and other Microsoft 365 data.
Exchange Online now supports SMTP Strict Transport Security (MTA-STS), a mechanism to help defend SMTP communications between mail servers. Microsoft 365 tenants can decide if they want to enable MTA-STS for their domain by publishing a DNS record and an MTA-STS policy. You don't have to use MTA-STS, but it's a good idea to consider the option.
Over time, Microsoft 365 tenants tend to accumulate large numbers of guest accounts in Entra ID. And over time, some of those accounts become obsolete and inactive. In this article, we explore how to use PowerShell to analyze the activity of guest accounts to figure out what accounts are inactive and which are candidates for removal. It's something you should do annually.
Trainable classifiers are generated from a set of sample documents through a learning process and can then be used in many Microsoft 365 compliance scenarios like auto-labeling, communications compliance, and DLP. In this article, we review how to create a custom trainable classifier and how to give feedback for the matches generated by the classifier.
Teams is mostly an internal communications platform while email connects billions of people around the world. Inside Microsoft 365 tenants, you might need to connect Teams and email together. In this article, we discuss the out-of-the-box features available to link the two and describe some of the positive and negative points of each. You can certainly bridge the gap between Teams and email, but maybe Microsoft could grease the connection just a little more...
Exchange Online has mailbox retention policies. Microsoft 365 has retention policies and retention labels. In this article, we explore how to move away from Exchange Online retention to use Microsoft 365 retention. The transition makes it possible to use the advanced retention capabilities Microsoft is developing that will never show up in Exchange Online, so it's a good long-term goal to have even if it's not on your immediate work list.
In a December 24 announcement, Microsoft says that the roll-out of DNSSEC and DANE support in Exchange Online will start in mid-January 2022. Because this is a big change for the Exchange Online infrastructure, Microsoft is using a phased deployment which won't complete until mid-May. Support for DNSSEC and DANE has been coming for a long time, but it's good that the extra security which these standards bring will be available to Exchange Online tenants.
Microsoft Sentinel is Microsoft's log aggregator. Along with other data, Sentinel can ingest events from the Office 365 audit log. Once ingested, we can visualize the data through workbooks. If you have an Azure subscription, it's surprisingly easy to take advantage of the 31-day trial to see if Sentinel can do a job for your organization. Follow our steps and you'll be visualizing quickly.
