顶尖168赛车手参与分析Copilot 168极速赛车官方开奖结果走势 Copilot Agent Governance Product Launched by ISV

Agent governance - no agents running amok

Agent governance is the framework that allows tenants to deploy agents safely, securely, and under control. A new ISV offering from Rencore helps to fill some gaps in Copilot agent governance that currently exist in what’s available in Microsoft 365. It’s good to see ISV action in this space because the last thing that anyone wants is the prospect of Copilot agents running amok inside Microsoft 365 tenants.

Token Protection Extends to Microsoft Graph PowerShell SDK Sessions

Token Protection Extends to Graph PowerShell SDK

The conditional access policy condition for token protection now extends to Microsoft Graph PowerShell SDK interactive sessions. Any account within the scope of a CA policy that requires token protection can use Web Account Manager (WAM) to sign in and check that everything is secure and ready to go. It’s a protection that might be of interest to administrators and developers that access sensitive data in Graph SDK sessions.

Microsoft 365 PowerShell Modules Need Better Testing

Microsoft 365 PowerShell Modules Need Better Testing

Recent problems with Microsoft 365 PowerShell modules afflicted the ability of Azure Automation runbooks to execute cmdlets Microsoft Graph PowerShell SDK and Exchange Online Management modules. The root cause is a decision to remove support for .NET6, but the worrying point is the lack of awareness within Microsoft engineering that Azure Automation is where many critical scripts run. Better pre-release testing is definitely needed.

Launch Plan for Office 365 for IT Pros (2026 Edition)

Office 365 for IT Pros (2026 Edition) Launch Plan

We’re a week away from the launch of the Office 365 for IT Pros (2026 edition) eBook, the 12th edition issued since the first book appeared in 2015. This article describes the launch plan and informs current subscribers about how they will receive an update offer to extend their subscription. We’re also updating the Automating Microsoft 365 with PowerShell eBook.

Outlook’s New Summarize Option for Email Attachments

Summarize Attachment in Outlook

Among the blizzard of Copilot changes is one where Outlook can summarize attachments. That sounds small, but the feature is pretty useful if you receive lots of messages with “classic” (file) attachments. Being able to see a quick summary of long documents is a real time saver, and it’s an example of a small change that helps users exploit AI. Naturally, it doesn’t work with Outlook classic.

Microsoft to Block Users Granting Third-Party App Access to User Sites and Files

App consent policy for 3rd party apps

In July, Microsoft plans to introduce an app consent policy to stop users granting access to third-party apps to their files and sites. Letting users grant unsupervised consent to third-party apps to access files stored in OneDrive for Business and SharePoint Online is a bad idea. There are certainly apps out there that need such access, but requiring one-time administrator approval is no hardship.

Updating the Entra ID Custom Banned Password List with PowerShell

Custom banned password list

Microsoft 365 tenants with Entra P1 or P2 licenses can use a custom banned password list to stop people using specific terms in their passwords. The idea is to prevent easily-guessed terms being used in passwords. You could also block words deemed to be objectionable. In any case, this article explains how to maintain the custom blocked password list with a PowerShell script.

Microsoft Pushes European Sovereign Solutions

Microsoft 365 Local: Lipstick on an on-premises pig?

On June 16, Microsoft announced European sovereign solutions, including a new offering called Microsoft 365 Local that has nothing to do with Microsoft 365 apart from the need to connect to Azure from time to time. Microsoft 365 Local is an on-premises packaged solution. There’s nothing bad about that because some companies need to run on-premises servers for their own reasons. But calling it Microsoft 365?

TOP168极速赛车排行榜、168幸运赛车开JIANG结果号码查询 People Skills Rolling Out Within Microsoft 365

People Skills and Microsoft 365

People Skills is a new Microsoft 365 solution that uses AI to determine what skills are possessed by users based on their profile and activities. The skills recorded for users turn up on the Microsoft 365 profile card, just like the older SharePoint/Delve implementation. Is this an example of more AI being used “just because we can” or a useful solution? It’s up to you to decide.

Using a Copilot Agent in SharePoint to Interact with Office 365 for IT Pros

Copilot Studio agent with Office 365 for IT Pros

Copilot Studio Agents can use files as knowledge sources to reason over when they respond to user prompts. We explain how to use the monthly PDFs issued for the Office 365 for IT Pros and Automating Microsoft 365 with PowerShell eBooks as knowledge sources. If you’ve got Microsoft 365 Copilot licenses, this is an interesting way to interact with the books.

AI Generative Summaries Make Life Even Harder for Technology Websites

AI-based generative summaries make it harder for technology websites

The AI-based generative summaries featured by Google and other search engines remove organic traffic from technology websites and make it less attractive for content creators to write about new topics. The upshot is likely to be a decrease in the amount of new knowledge shared on public websites and a resultant lack of information for the AI LLMs to feed off.

When the Invoke-MgGraphRequest Cmdlet Needs Help to Fetch Responses

Invoke-MgGraphRequest and Graph Explorer.

Sometimes it’s hard to get a response back from running a Graph API request with the Invoke-MgGraphRequest cmdlet. Graph Explorer helps. So does reading Microsoft’s documentation for the cmdlet. In the end, everything works out and we can discover some valuable information that comes back in a response header. In this case, the response header helps us discover if a purge job works.

How to Block Ad-Hoc Email-Based Subscriptions

How to block email-based subscriptions like Copilot Studio

The old Set-MsolCompanySettings cmdlet is no more, so how can a Microsoft 365 tenant block email-based subscriptions? With the Graph, of course! Seriously, there’s no 1-to-1 mapping from the old cmdlet to a new, but some of the settings are available in the Entra ID authorization policy. We can update the authorization policy with PowerShell to block email-based subscriptions, like Copilot Studio.

SharePoint Online Dumps OTP Authentication for Sharing Links

Entra ID B2B Collaboratio n and SharePoint Online Sharing Links

After July 1, 2025, any sharing links generated with one-time passcodes (OTP) will stop working. Only links based on Entra ID B2B Collaboration will work. Users who lose access to content shared from SharePoint Online or OneDrive for Business will have to contact the original sharer to ask them to generate a new sharing link. Sounds like a recipe for confusion, which is what might happen.

How to Block PST Files for the New Outlook for Windows

Block PST access for the new Outlook for Windows

An OWA mailbox setting is available to block PST access for the new Outlook for Windows client. The setting mimics controls available for Outlook classic, where companies have been blocking PST access for a long time. Once email is in a PST, it’s invisible to any of the compliance solutions that organizations pay for. It’s also invisible to Copilot, which might not be a bad thing…

Respond to Teams Messages with Multiple Emoji Reactions

Multiple emoji reactions to Teams messages

The need for more nuanced responses to Teams chat and channel messages can apparently be met through multiple emoji reactions instead of a basic one-emoji response like a smile or thumbs up. In any case, users can add up to 20 emojis in response to Teams chat and channel messages. The possibilities of what 20-emoji combinations might communicate are endless, or so it seems.

Exchange Online Upgrades Its Message Tracing Capabilities

Message Tracing Revamp

Microsoft announced the GA for the new message tracing feature on June 3. The old code will be deprecated in September 2025, so it’s time to update any PowerShell scripts that use the Get-MessageTrace or Get-MessageTraceDetail cmdlets. Upgrading is easy and shouldn’t take too long, once you find the time to do the work.

Mailbox Import-Export Graph APIs Leave No Audit Trail

Mailbox Import-Export Graph API

A recent post revealed that the Mailbox Import-Export Graph API doesn’t capture audit events for its operations. The API is in beta, but this is disappointing. Auditing any mailbox is important, but it becomes a critical requirement when the possibility exists that attackers could use the API to exfiltrate mailbox data outside of the tenant. This is a hole that Microsoft needs to close.

New Outlook and OWA Control for Viewing Protected Email

Two-click confirmation for Outlook to read protected email

The new TwoClickMailPreviewEnabled setting in the Exchange organization configuration controls if OWA and the new Outlook for Windows use two-click confirmation to open protected email. The new feature could be useful for people who commonly open confidential and protected email in situations where someone else could see what they’re reading. In other situations, it will irritate people.

June 2025 Update Available for Office 365 for IT Pros (2025 Edition)

Office 365 for IT Pros June 2025 Update

Monthly update #120 (June 2025) is available for the Office 365 for IT Pros eBook. This is the last update for the 2025 edition as the 2026 edition will be available on July 1, 2025. Change continues as Microsoft continues on their odyssey to an agentic world. Growth in the ecosystem continues and Microsoft 365 now has 430 million paid seats, 56 million of whom use Power Platform. All good!

Microsoft Launches the Copilot Interaction Export API

aiInteractionHistory Graph API

Microsoft will launch the aiInteractionHistory Graph API (aka, the Copilot Interaction Export API) in June. The API enables third-party access to Copilot data for analysis and investigative purposes, but any ISV who wants to use the API needs to do some work to interpret the records returned by the API to determine what Copilot really did in its interactions with users.

How to List Hidden Group Memberships with the Graph

Listing hidden group membership with the Graph

A user reported that a script didn’t list any details of hidden group memberships and asked why. The reason is that a separate Graph permission controls access to hidden group memberships. If an app doesn’t have the permission, the Graph returns null memberships, which is probably not all that helpful. Once the right permission is in place, everything works.

The Case of the Mysterious SharePoint Embedded Containers

The case of the mysterious SharePoint Embedded Containers.

A set of 80 mysterious SharePoint Embedded containers turned up because Microsoft pre-provisioned storage for files used as knowledge sources by Copilot agents. Details of the pre-provisioning are in message center notification MC1058260, but who has the time to read and analyze everything posted to the message center? And anyway, the mysterious containers have now disappeared…

Microsoft Launches Agent Management in the Entra Admin Center

Entra Agent ID

The prospect of agents running amok in Microsoft 365 tenants lessened a tad with the introduction of Entra Agent ID. Tenants will be able to manage agents through the Entra admin center. Custom agents created with Copilot Studio or Azure AI Foundry now have Entra identifiers and show up in the admin center. So far, not much else happens but the promise of more functionality is there.

Teams Tweaks its Discover Feed

Teams Discover Feed.

The Teams Discover Feed highlights unread items from channels that users might have missed. Microsoft tweaked the feature so that it only works with 5 or more channels. The logic behind the change is that if you have access to less than five channels, the Discover Feed is unlikely to be much use because it probably won’t have many unread messages to show. One limitation is that guest users can’t use the feed.

June 2025 Update for the Automating Microsoft 365 with PowerShell eBook

Microsoft 365 PowerShell. Automating Microsoft 365 with PowerShell #12

The June 2025 update for the Automating Microsoft 365 with PowerShell eBook is now available. Coding automation with Microsoft 365 PowerShell can be challenging, but not with this book beside you. It contains hundreds of examples of working with Entra ID, Exchange Online, SharePoint Online, OneDrive for Business, Teams, and Planner using regular PowerShell cmdlets and the Graph APIs.

How to Add a Loop Workspace to a Standard Teams Channel

Loop workspaces and Teams channel tab

The update to allow team members to add a Loop workspace as a channel tab is now rolling out and should be available worldwide soon. Microsoft is currently putting a lot of emphasis on Loop and its almost read-time collaboration capabilities are turning up in many places within Microsoft 365, like Copilot Pages. Will Loop replace OneNote eventually? That’s a big question…

Quest Tool Migrates Protected Email and Files Between Tenants

Sensitivity label T2t migration

A new feature of the Quest On Demand migration suite supports the tenant-to-tenant migration of Exchange and SharePoint content protected by sensitivity labels. This might not seem a big deal, but it’s the first time that a migration product has been able to automatically move protected files and messages from one tenant to another, including files protected by sensitivity labels with user-defined permissions.

Why Copilot Access to “Restricted” Passwords Isn’t as Big an Issue as Uploading Files to ChatGPT

Microsoft 365 Copilot and penetration tests

Some sites picked up the Microsoft 365 Copilot penetration test that allegedly proved how Copilot can extract sensitive data from SharePoint Online. When you look at the test, it depends on three major assumptions: that an attacker compromises a tenant, poor tenant management, and failure to deploy available tools. Other issues, like users uploading SharePoint and OneDrive files to process on ChatGPT, are more of a priority for tenant administrators.

Microsoft 365 Copilot Gets Viva Insights Service Plans

Microsoft 365 Copilot License gets Viva Insights

Two new service plans are now in the Microsoft 365 Copilot license to allow users access to Viva Insights. The new service plans enable the Copilot dashboard in Viva Insights. It’s nice to get new functionality, but sometimes you don’t want people to use a feature, which brings up the topic of disabling a Copilot service plan using GUIs or a PowerShell script.

Time to Review How to Preserve Ex-Employee Data

Preserve ex-employee data

This week’s Microsoft layoffs provide a timely reminder to review how to retain and secure ex-employee data. OneDrive for Business might be the biggest challenge because of the variety of application data that now ends up in user OneDrive accounts. Agents and Flows are also an area of concern, as are objects like apps, phone numbers, and recurring meetings.

Microsoft Graph PowerShell SDK V2.28 Attempts to Restore Stability

Microsoft Graph PowerShell SDK V2.28

On May 10, 2025, Microsoft released V2.28 of the Microsoft Graph PowerShell SDK in the hope that the new version would fix a bunch of annoying problems that have dogged the SDK for several months. The first few days haven’t revealed any new problems and bug reports are being closed, so the signs are positive. But do test before deploying V2.28 into production.

Replacing Litigation Holds with Microsoft 365 Retention Policies

Replace litigation holds with a Microsoft 365 retention policy

Litigation holds can retain mailbox data, but that’s it. You can swap litigation holds out for a Microsoft 365 retention policy and gain extra functionality, such as retaining OneDrive for Business content for the mailbox owners. It’s easy to script the transition from litigation holds to retention policy using PowerShell and to show how, we include a fully working script.

Use an OWA Mailbox Policy to Block Attachment Download for the New Outlook for Windows

Use a OWA Mailbox policy to stop the new Outlook downloading attachments

The ConditionalAccessPolicy setting in an OWA mailbox policy can be configured to work with Entra ID conditional access so that OWA blocks access to attachments on unmanaged devices. Microsoft originally introduced the feature in 2018 and as it turns out, the combination of OWA mailbox policy and CA policy also blocks attachment access for the new Outlook for Windows client.

Penetration Test Asks Questions About Copilot Access to SharePoint Online

Copilot for Microsoft 365 Penetration Test

An article by a company specializing in penetration tests raised some questions about how attackers might use Copilot for Microsoft 365 to retrieve data. The article is an interesting read and reveals how Copilot can reveal data in password protected Excel worksheets. However, many of the issues raised can be controlled by applying available controls, and the biggest worry is lhow the account being used to run Copilot came to be compromised!

The Downside of Losing the Exchange Mailbox Audit Search Cmdlets

Searching Exchange Mailbox audit data isn't so easy

Microsoft recently announced the deprecation of the Exchange cmdlets to search for mailbox audit data. The audit data is ingested into the Microsoft 365 unified audit log, but it’s more difficult to find and retrieve Exchange mailbox audit events. Methods are available to find mailbox audit data, but interpreting what comes back is different. Any script that depends on the old cmdlets must be updated to interact with the unified audit log.

How to Permanently Remove Mailbox Items with the Graph API

Permanent deletiion of mailbox items

Some new Graph APIs were announced on April 1 to close a feature gap with EWS. The new APIs permanently remove mailbox items and other objects, including folders, calendars, and calendar items. Permanent deletion means that items cannot be recovered through clients because they end up in the Purges folder in Recoverable Items. This article explains how the new APIs work, including a practical example.

How Microsoft 365 Copilot Tenants Benefit from SharePoint Advanced Management

SharePoint Advanced Management and Microsoft 365 Copilot

At Ignite 2024, Microsoft said that Copilot for Microsoft 365 tenants would benefit from SharePoint Advanced Management (SAM). What does that mean? Well, it doesn’t mean that Copilot tenants get SAM licenses, which is what many expect. It does mean that SAM checks for Copilot before it lets tenants use some, but not all, of its features. Read on…

Microsoft Extends DLP Policy for Copilot to Office Apps

DLP policy for Copilot

First introduced in March 2025 to block access to sensitive documents by BizChat, Microsoft has extended the DLP policy for Copilot to cover the web and desktop versions of the Office apps (Word, Excel, and PowerPoint). The implementation works but could confuse users. It might be better if Microsoft simply removes all traces of Copilot when working with files subject to the DLP policy.