Copilot Agent Governance Product Launched by ISV

Agent governance - no agents running amok

Agent governance is the framework that allows tenants to deploy agents safely, securely, and under control. A new ISV offering from Rencore helps to fill some gaps in Copilot agent governance that currently exist in what’s available in Microsoft 365. It’s good to see ISV action in this space because the last thing that anyone wants is the prospect of Copilot agents running amok inside Microsoft 365 tenants.

Microsoft 365 PowerShell Modules Need Better Testing

Microsoft 365 PowerShell Modules Need Better Testing

Recent problems with Microsoft 365 PowerShell modules afflicted the ability of Azure Automation runbooks to execute cmdlets Microsoft Graph PowerShell SDK and Exchange Online Management modules. The root cause is a decision to remove support for .NET6, but the worrying point is the lack of awareness within Microsoft engineering that Azure Automation is where many critical scripts run. Better pre-release testing is definitely needed.

Microsoft Pushes European Sovereign Solutions

Microsoft 365 Local: Lipstick on an on-premises pig?

On June 16, Microsoft announced European sovereign solutions, including a new offering called Microsoft 365 Local that has nothing to do with Microsoft 365 apart from the need to connect to Azure from time to time. Microsoft 365 Local is an on-premises packaged solution. There’s nothing bad about that because some companies need to run on-premises servers for their own reasons. But calling it Microsoft 365?

People Skills Rolling Out Within Microsoft 365

People Skills and Microsoft 365

People Skills is a new Microsoft 365 solution that uses AI to determine what skills are possessed by users based on their profile and activities. The skills recorded for users turn up on the Microsoft 365 profile card, just like the older SharePoint/Delve implementation. Is this an example of more AI being used “just because we can” or a useful solution? It’s up to you to decide.

AI Generative Summaries Make Life Even Harder for Technology Websites

AI-based generative summaries make it harder for technology websites

The AI-based generative summaries featured by Google and other search engines remove organic traffic from technology websites and make it less attractive for content creators to write about new topics. The upshot is likely to be a decrease in the amount of new knowledge shared on public websites and a resultant lack of information for the AI LLMs to feed off.

How to Block PST Files for the New Outlook for Windows

Block PST access for the new Outlook for Windows

An OWA mailbox setting is available to block PST access for the new Outlook for Windows client. The setting mimics controls available for Outlook classic, where companies have been blocking PST access for a long time. Once email is in a PST, it’s invisible to any of the compliance solutions that organizations pay for. It’s also invisible to Copilot, which might not be a bad thing…

Mailbox Import-Export Graph APIs Leave No Audit Trail

Mailbox Import-Export Graph API

A recent post revealed that the Mailbox Import-Export Graph API doesn’t capture audit events for its operations. The API is in beta, but this is disappointing. Auditing any mailbox is important, but it becomes a critical requirement when the possibility exists that attackers could use the API to exfiltrate mailbox data outside of the tenant. This is a hole that Microsoft needs to close.

The Case of the Mysterious SharePoint Embedded Containers

The case of the mysterious SharePoint Embedded Containers.

A set of 80 mysterious SharePoint Embedded containers turned up because Microsoft pre-provisioned storage for files used as knowledge sources by Copilot agents. Details of the pre-provisioning are in message center notification MC1058260, but who has the time to read and analyze everything posted to the message center? And anyway, the mysterious containers have now disappeared…

June 2025 Update for the Automating Microsoft 365 with PowerShell eBook

Microsoft 365 PowerShell. Automating Microsoft 365 with PowerShell #12

The June 2025 update for the Automating Microsoft 365 with PowerShell eBook is now available. Coding automation with Microsoft 365 PowerShell can be challenging, but not with this book beside you. It contains hundreds of examples of working with Entra ID, Exchange Online, SharePoint Online, OneDrive for Business, Teams, and Planner using regular PowerShell cmdlets and the Graph APIs.

Quest Tool Migrates Protected Email and Files Between Tenants

Sensitivity label T2t migration

A new feature of the Quest On Demand migration suite supports the tenant-to-tenant migration of Exchange and SharePoint content protected by sensitivity labels. This might not seem a big deal, but it’s the first time that a migration product has been able to automatically move protected files and messages from one tenant to another, including files protected by sensitivity labels with user-defined permissions.

Time to Review How to Preserve Ex-Employee Data

Preserve ex-employee data

This week’s Microsoft layoffs provide a timely reminder to review how to retain and secure ex-employee data. OneDrive for Business might be the biggest challenge because of the variety of application data that now ends up in user OneDrive accounts. Agents and Flows are also an area of concern, as are objects like apps, phone numbers, and recurring meetings.

Are Microsoft E5 Licensing Add-Ons a Good Deal?

Microsoft E5 Security for Microsoft 365 Business Premium

The Microsoft E5 Security add-on is available for Microsoft 365 Business Premium (and other) tenants. The add-on looks like a bargain because the bundle offers significant value over individual licenses, but is it really? Like everything in life, unless you can use something, there’s no point in having it. In this case, have a plan to use E5 Security to deliver measurable results before you hand over any more license revenue to Microsoft.

Microsoft Defender for Office 365 Exposes Bad Links in Email Preview

Email Preview for Microsoft Defender for Office 365

Microsoft Defender for Office 365 includes many tools to help investigators manage threat. The Email Preview tool shows the layout and appearance of the messages with which attackers try to fool recipients. It’s a valuable way of understanding how threat penetrates. But a recent change makes bad links in the email preview clickable, and that doesn’t seem like a good idea.

Artificial Intelligence, PowerShell, and Microsoft 365 Administration

artificial intelligence and powershell

Artificial Intelligence and PowerShell should be a good thing to help hard-pressed Microsoft 365 tenant administrators cope with common tasks. The early signs are there with Copilot in the Microsoft 365 admin center. However, the current state of the art depends on what’s gone before and can’t handle the kind of complex automation that tenants sometimes need, like generating a licensing report from Entra ID, product information, and license costs.

Microsoft Imposes 1-Year Retention for Teams Meeting Attendance Reports

Teams Meeting Attendance Report Retention Policy

Microsoft has enabled a one-year retention policy for Teams meeting attendance reports. Tenants can’t opt out of the policy or set a different retention period. Microsoft says that the new policy exists to make sure that Teams complies with the Microsoft privacy policy. Another way of looking at the situation is that the new policy will simply remove some old data that no one ever looks at.

Why Microsoft 365 Copilot Works for Some and Not for Others

Make Copilot Useful

Some people get great results from AI tools like Microsoft 365 Copilot. Others struggle to make Copilot useful. As an article by a Microsoft product manager points out, the reason might be the way we use Copilot. If you don’t give Copilot the right data to work with and don’t ask the right questions through well-structured prompts, there’s no prospect of good answers.

How to Use Bulk User Operations in Entra Admin Center

Update Multiple Entra ID Accounts.

A new preview option in the Entra admin center supports the ability to update multiple Entra ID accounts. You can update properties, add managers and sponsors, update group membership, revoke account access, and so on. The only surprising thing about the new option is that it’s taken Microsoft so long to add it to the admin center.

Maester Framework Continues to Prosper

Maester framework continues to prosper.

The Maester project continues to prosper with a bunch of new features added, including several in the DevOps space. Maester usually tests tenant settings to find and highlight misconfigurations or potential issues. Some new custom tests look for missing user account properties, which is great except for the problem of finding the right accounts to check. All discussed here.

Microsoft Cloud Revenues Keep on Heaping Up

Microsoft Cloud Revenues pass $40 billion per quarter.

Microsoft’s FY25 Q2 results featured bumper Microsoft Cloud revenues, which broke the $40 billion mark for the first time. Although they wanted to talk a lot about Copilot and AI in general, Microsoft didn’t give any new user numbers for Microsoft 365 or Teams.

Primer: Running Audit Searches and Sending Email from Azure Automation

Microsoft 365 audit log searches with Azure Automation.

This article describes how to use Azure Automation for audit searches. The runbook runs an audit search to find events for specific operations, refines the set of events found by the search, and sends the information by email. Hopefully, someone will respond to the message and do the right thing to check the insight derived from the events.

All About the Office 365 for IT Pros GitHub Repository

The Office365ITPros GitHub repository holds over 300 PowerShell scripts showing how to interact with Microsoft 365 and Entra ID. Anyone can contribute to Office365ITPros by forking the code to a copy of the repository and making changes to scripts there. If you want, you can push the changes back to us so that we can consider their inclusion in Office365ITPros. It’s a great example of community in action.

Viva Engage Items Show Up in Search Results

News that Viva Engage search results are included in the results generated by Office.com and SharePoint.com is not unexpected. Only certain Viva Engage items appear in search results such as storyline items and question and answers from public communities. In other news, ten years after Microsoft’s Acompli acquisition, there’s no doubt that Outlook Mobile is a huge success.

Microsoft Search in Bing Gets the Bullet

On 19 December 2024, Microsoft announced the retirement of the Microsoft Search in Bing feature. Copilot is better at searching and presenting web and work results. Although tenant administrators might worry about the recent batch of retirements, the fact is that Microsoft retires unsuccessful products and features from Microsoft 365 all the time. The swift demise of the Office tags feature is another example.

Blocking Microsoft 365 Copilot Making Inferences in Teams Meetings

The Copilot inference and evaluation policy controls if users can ask Copilot in Teams to evaluate the emotions of other meeting participants. It sounds creepy that meeting participants can ask Copilot how someone is feeling based on their contributions to a meeting, but AI is happy to answer unless blocked by policy. Maybe blocking big brother monitoring should be the norm rather than an exception?

Microsoft Kills Viva Goals

Microsoft’s announcement of the Viva Goals retirement came as a complete surprise to the customers using Viva Goals to implement the OKR methodology for their organization. From Microsoft’s text, it seems pretty clear that Viva Goals just didn’t succeed in winning sufficient customers to warrant ongoing development. The outcome is that Microsoft cut its losses and will retire Viva Goals.

The Impact of Generative AI on Technology Websites

Generative AI tools are nice to have, but the LLMs used by these tools must come from somewhere. The impact of generative AI on technology websites is very real and will have a far reaching effect if websites close due to reduced traffic and revenues. How will the LLMs used by generative AI refresh their knowledge base if websites don’t create that information for them (for free)?

Microsoft’s Simple Message at Ignite: It’s All About AI

The slew of product announcements at the Microsoft Ignite 2024 conference included lots about AI and Copilot. This article covers some of the more interesting announcements for Microsoft 365 tenants for Teams, SharePoint Online, and Purview. Many of the new features need high-end licenses or add-ons, but that doesn’t mean that the issues addressed by the technology should be ignored.

Microsoft to Enforce Mandatory MFA Requirement for Microsoft 365 Admin Center

In February 2025, Microsoft will begin enforcing a mandatory MFA requirement for the Microsoft 365 admin center. All connections to the Microsoft 365 admin center must pass an MFA challenge. The move is to increase the percentage of Entra ID user accounts protected by MFA. This article explains what’s happening and outlines how to gain insight into who might be affected by the change.

How to Search for Email Protected by Sensitivity Labels

Finding email protected by sensitivity labels

A reader asked how to find emails with sensitivity labels. Everyone knows that you can find SharePoint files protected by sensitivity labels, but what about emails? MAPI properties exist that hold details of sensitivity labels. These properties are promoted to Microsoft Search, and this allows features like end-user searching through the Microsoft 365 app and Outlook to work. But the best way to find emails with sensitivity labels is to use a Purview content search.

Will Microsoft 365 Copilot Errors and Hallucinations Eventually Corrupt the Microsoft Graph?

Copilot errors in generated text can happen for a variety of reasons, including poor user prompts. If the errors end up in documents, they can infect the Graph and become the root cause for further errors. Over time, spreading infection can make the results derived from Graph sources like SharePoint Online unreliable. Humans can prevent errors by checking AI content thoroughly before including it in documents, but does this always happen?

Working with Copilot Pages

Copilot Pages are part of the September 2024 Copilot Wave 2 announcement. They’re a good way to capture the text generated by Copilot in response to a prompt. Each Copilot page is a Loop component stored in a SharePoint Embedded container. Figuring out how to manage these containers will take a little time, especially as Microsoft hasn’t yet delivered the APIs needed to do the job.

Adding a Custom Test to the Maester Tool

Custom Maester Tests

The Maester tool is a great way to get a security assessment for a Microsoft 365 tenant. Being able to create custom Maester tests makes it even better. In this article, we explain how to create a custom Maester test that reads the Entra ID Groups policy to report if users are allowed to create new Microsoft 365 groups (and teams).

Microsoft Retires the Revoke-SPOUserSession Cmdlet

Unsurprisingly, Microsoft announced the deprecation of the Revoke-SPOUserSession cmdlet for November 2024. The cmdlet is replaced by the Revoke-MgUserSignInSession cmdlet, which works across Microsoft 365 rather than just SharePoint Online. All of this happened while the 2nd annual PowerShell Script-Off happened at TEC 2024 and competitors struggled with what to do to secure a user account for an ex-employee.

TEC 2024 Rolls Into Dallas

TEC 2024 (aka “The Experts Conference”) takes place on Oct 1-2 at the Loews Arlington Hotel. TEC is a great conference for many reasons, notably the intensely practical nature of the coverage technology receives during conference keynotes, sessions, and workshops. If you’re looking for a high-quality event to attend in 2025, put TEC 2025 on the list.

Microsoft Withdraws Copilot Catch Up Feature

After reaching 50% deployment and on track to general availability, Microsoft decided to withdraw the Copilot catch up feature. Catch up shows a set of cards in a carousel to highlight documents and other items that Copilot believes are of interest to the user. It’s like the insights surfaced in other places within Microsoft 365, such as Office applications, Viva Insights, and Delve.