Last year, Microsoft removed the need to have a General channel in a team. Now the General channel is making a comeback, and you can choose to have one in a team. If you choose to have a General channel, it appears at the top of the channel list. If not, Teams sorts the channel list alphabetically. In other news, code snippets are being replaced by code blocks and the end of classic Teams is nigh.
Subscribers for Office 365 for IT Pros (2025 edition) eBook can download the May 2025 updates (#119) now. Update #11.3 for the PowerShell book is also downloadable. Another month brings a new batch of changes, updates, and new information. The Microsoft 365 conference happens this month, and Microsoft might disclose some interesting nuggets there, but only about SharePoint, OneDrive, or Teams. Oh well… on to June.
The Direct Send feature allows apps and devices to send unauthenticated email via Exchange Online to internal receipts. Microsoft doesn’t want unauthenticated connections to send email because these connections could be hijacked by spammers. Enter the Reject Send feature to block Direct Send. Reject Send is in preview now but Microsoft wants it to be the default setting in the future.
Microsoft will retire Exchange Web Services (EWS) from Exchange Online on October 1, 2026. A new usage report helps tenants understand what apps use EWS. Many of the apps are likely to be first-party (Microsoft) apps, but some might be third-party apps developed externally or internally. Those apps need to be retired or upgraded to use Graph APIs. Time is slipping away to do the work.
Update #11 for the Automating Microsoft 365 with PowerShell eBook is now available for subscribers to download. The eBook is now over 300 pages long and includes extensive coverage of using PowerShell to interact with Exchange Online, Teams, Planner, SharePoint Online, and OneDrive for Business data using workload modules or the Graph APIs (and Microsoft Graph PowerShell SDK).
Microsoft 365 Copilot will soon introduce a feature to fix spelling and grammar errors with one click. At least, that’s the promise when Microsoft delivers the new feature in late April 2025. It seems like a good idea to do everything with a single pass to generate error-free text that the user can accept or reject. Quite how well this works in practice remains to be seen.
Litigation holds were great when introduced with Exchange 2010. Fifteen years on, better methods exist to preserve user information, like eDiscovery holds. It might seem unnatural to move from litigation holds to eDiscovery cases, but this approach allows the preservation of both mailbox and OneDrive content for as long as necessary. Retention policies can serve the same purpose, so choice exists for modern preservation.
Microsoft’s April 17 announcement that OWA in Exchange Server will not support access to online archives after May 12, 2025, surprised quite a few people. However, the decision is entirely logical and is driven by falling mailbox numbers on-premises and the need to match engineering and support costs with revenue. Outlook classic continues to support access to online archives. Maybe Outlook will be the Exchange on-premises client for the future.
Microsoft is introducing a Dedicated Exchange Hybrid App to facilitate the transition away from EWS to use Graph API requests for rich hybrid coexistence (free/busy, Mail Tips, and user photos). The plan involves the creation of an Entra ID app to hold EWS permissions (stage 1) followed by Graph permissions (stage 2). Everything has to be complete by October 1, 2026, because that’s when EWS goes away.
The last thing you want on a Saturday morning is to find that Entra ID has blocked your account because of leaked credentials. Even though the account is protected by MFA, it’s still important to remediate the event by changing its password. A check against some beta sign-in metrics shows that no one has tried to use the leaked credentials, so that’s good.
Entra ID populates the sponsor property for new guest accounts with details of the person who invites the guest to the tenant. It’s data that can be used for different purposes, such as having someone to justify the continued presence of a guest account in a Microsoft 365 tenant. This article explains how to report guest accounts and their sponsors with some straightforward PowerShell.
Microsoft is making some important changes to Purview eDiscovery from May 26, 2025. The changes affect how content searches work and are likely to affect many Microsoft 365 tenants. Administrators and eDiscovery investigators will both have to master new ways of working with eDiscovery cases, searching for information, reviewing search results, and exporting what’s found. Changes to PowerShell cmdlets might affect scripts, so there’s lots to consider.
Microsoft Purview makes it easy to apply sensitivity labels to Office documents and PDF files with auto-label policies. Licenses are needed for auto-label policies, but at what cost? We look at the various licenses available to cover the functionality and consider if a DIY approach using the Graph API to apply labels would be cost effective.
Microsoft will disable service principal-less authentication in March 2026. This step closes a hole that doesn’t exist today but might in the future. The strange thing is that many Microsoft 365 applications seem to use service principal-less authentication. Microsoft will take care of first-party apps before March 2026, but there’s work to do for apps from other vendors.
V2.26 and V2.26.1 of the Microsoft Graph PowerShell SDK were low-quality, buggy disasters. Microsoft aims to fix the problem in the next version to make it possible for the SDK to work with Azure Automation runbooks again and address many of the obvious problems that should never have appeared outside Microsoft. It will take time for customer confidence to be restored.
The Microsoft E5 Security add-on is available for Microsoft 365 Business Premium (and other) tenants. The add-on looks like a bargain because the bundle offers significant value over individual licenses, but is it really? Like everything in life, unless you can use something, there’s no point in having it. In this case, have a plan to use E5 Security to deliver measurable results before you hand over any more license revenue to Microsoft.
Any site member can create a SharePoint agent. There’s no out-of-the-box method to report the creation of agents, but agents are created like any other file, and SharePoint Online captures audit records for file creations. Some PowerShell retrieves the file creation events and extracts the necessary information about who is creating agents and what sites the agents are created in.
Often Microsoft 365 tenants have large numbers of old but confidential documents that they need to protect and stop Microsoft 365 Copilot finding. Auto-label policies and trainable classifiers can apply sensitivity labels to protect Office files from Microsoft 365 Copilot using the DLP policy for Copilot. It’s a great example of combiining Microsoft 365 features to achieve a goal.
File sharing is at the heart of SharePoint Online. Being able to report file sharing events by analyzing the audit log is a good skill for Microsoft 365 tenant administrators to have. It allows administrators to know who shared what with whom and if the information being shared is protected adequately with sensitivity labels. But reporting file sharing is not just a matter of retrieving audit events. Work is necessary to refine and extract the goodness from the data.
Microsoft Defender for Office 365 includes many tools to help investigators manage threat. The Email Preview tool shows the layout and appearance of the messages with which attackers try to fool recipients. It’s a valuable way of understanding how threat penetrates. But a recent change makes bad links in the email preview clickable, and that doesn’t seem like a good idea.
The Conditional Access Optimization Agent is one of 6 Security Copilot agents unveiled by Microsoft on March 24, 2025. The idea is that the agent can optimize CA policies by observing the connectivity behavior within a tenant. The agent can suggest how to fill gaps in CA coverage, detect new users and apps, and generally be helpful. Is it worth it? Experience will tell…
Neither Outlook nor Teams includes a transfer meeting ownership feature for user calendars. Moving meetings owned by an ex-employee to give someone else the ownership requires manual intervention to find and reschedule meetings. Administrators can cancel future meetings for a user. In this article, we explore how to generate a report of meetings that might need to be rescheduled.
Restricted Content Discovery (RCD) is a solution to prevent AI tools like Microsoft 365 Copilot and agents accessing files stored in specific sites. RCD works by setting a flag in the index to stop Copilot attempting to use files. RCD is available to all tenants with Microsoft 365 Copilot and it’s an excellent method to stop Copilot finding and reusing confidential or sensitive information.
The April 2025 Update for the Office 365 for IT Pros eBook is now available for subscribers to download. This is monthly update #118 for Office 365 for IT Pros. The Automating Microsoft 365 with PowerShell eBook also receives an update to version #10. With sending messages to the wrong place in the news, we also consider whether the same problem can arise with Microsoft 365. It can, but mitigation exists.
A reader asked if it’s possible to discover who made retention label assignments for SharePoint files. The Files Graph API can’t tell you who (or what policy) made retention label assignments, but it’s possible to find this information in the audit log and use that data to report the requested information. All with a few lines of PowerShell!
The February 2025 EX1015484 incident explains why mail user objects with duplicate SMTP addresses are created for guest accounts. That’s a problem because Exchange Online can’t route messages to objects with duplicate email addresses. Fortunately, you can find out if any duplicates exist in your tenant with some PowerShell. Problems happen!
Artificial Intelligence and PowerShell should be a good thing to help hard-pressed Microsoft 365 tenant administrators cope with common tasks. The early signs are there with Copilot in the Microsoft 365 admin center. However, the current state of the art depends on what’s gone before and can’t handle the kind of complex automation that tenants sometimes need, like generating a licensing report from Entra ID, product information, and license costs.
Microsoft 365 users can connect their OneDrive for Business account to ChatGPT. This is not a great thing because it exposes the potential for sensitive corporate information to be exposed outside the organization. How can you block ChatGPT Access to OneDrive? The best way is to stop people from using the ChatGPT app. If that’s not possible, make sure to encrypt confidential files with sensitivity labels.
Teams Windows and Mac desktop clients have started to prompt users about location privacy. Location data is used by several Teams features like the Call Quality Dashboard and emergency calling, so it’s good to allow access. These are Teams Phone features that you might not care about, but keeping an eye on location privacy is a good thing in case the data is used elsewhere.
Microsoft is tweaking the auto-hide inactive channels feature to make it less automatic and more user controllable (opt-in). It’s a good change for Teams to make. In other news, I’ve reverted to the old method of accessing chats and channel conversations because the new experience doesn’t work for me. Both situations prove how hard it is to make GUI changes to popular applications.
Microsoft has given the Copilot for Outlook UI a revamp to make the UI easier to use. The new UI is certainly better and reveals the option to rewrite as a poem. Not that sending poetic emails will make much difference to anyone, but the revamp proves once again that good design makes a difference. Overall, the new UI is a sign that Copilot is maturing after its hectic start.
The DLP policy for Microsoft 365 Copilot blocks access to sensitive files by checking for the presence of a sensitivity label. If a predesignated label is found on a file, Copilot Chat is blocked from using the file content in its responses. The nicest thing is that the DLP policy prevents users knowing about sensitive information by searching its metadata.
Microsoft 365 makes it easy to remove domains. However, if you remove a domain and don’t adjust email proxy addresses, some fix-up might be needed to make sure that mail-enabled objects don’t have primary SMTP addresses or proxy addresses that use the removed domains. This article explains how to fix up mail-enabled objects with PowerShell to remove traces of any removed domains.
The Facilitator agent can make sense of the messages posted to a Teams chat and summarize the discussion and extract to-do items and unanswered questions. It’s a very practical tool that allows chat participants to focus on the ebb and flow of a conversation instead of pausing to take notes. A Microsoft 365 Copilot license is required before you can use AI Notes in Teams chat.
Microsoft says that the Report Button is now available for all Outlook clients and it’s time to remove the old Report Phishing and Report Message add-ins. A note in the documentation says that the old add-ins are unsafe, but Microsoft is probably more concerned about getting rid of COM-based add-ins. In any case, a single button to handle all aspects of reporting suspicious email seems like a good idea.
Microsoft has announced that the SharePoint Online PowerShell module will be upgraded from the very old and now obsolete IDCRL protocol to use modern (OAuth) authentication in versions released from March 28, 2025. The update to OAuth should not affect scripts, but it’s always wise to test in case your use of the module is an edge case that Microsoft doesn’t test.
The new message recall facility has been around since 2022. Even after Microsoft revamped the feature in 2023, it’s still only possible to recall protected messages with OWA and the new Outlook. As it turns out, the reason is that a premium license is needed and Outlook classic might need some new code to check for that license. In other news, Outlook mobile now supports message recall.
Outlook Newsletters are intended for internal communications, at least for the preview. It’s possible to take the HTML for a newsletter and send it with Azure Email Communication Services (ECS), the PAYG service for bulk email. It sounds like a good way to use Outlook Newsletters to share information with customers and other external recipients. Some manual intervention makes everything works. It would be great if Microsoft tweaked Outlook to remove the rough edges.
Microsoft has enabled a one-year retention policy for Teams meeting attendance reports. Tenants can’t opt out of the policy or set a different retention period. Microsoft says that the new policy exists to make sure that Teams complies with the Microsoft privacy policy. Another way of looking at the situation is that the new policy will simply remove some old data that no one ever looks at.
Exchange Online is imposing a new tenant-wide limit of 3,000 Dynamic Distribution Groups. Few tenants might be affected, but the question might be asked why Microsoft is limiting DDGs at this point. Is it a cunning plan to prompt people to use dynamic Microsoft 365 groups instead? Or are some tenants abusing DDGs in weird and wonderful ways? Who knows, but the limit applies from early April 2025.