This update will be very interesting for migration context to Exchange Online – may be other situation too but can’t see it right now.
Microsoft is introducing a new parameter to the Set-User command to permanently remove previous Exchange Online details.
Imagine the following scenario:
Removing the online mailbox has been always tricky in this situation because you have a 30 days retention period; meaning even when you remove the ExO license, the next time you will re assign the license ExO will automatically reassociate the ‘wrong’ mailbox.
There was no other way than deleting the online user account, but this also impacts other Office 365 workloads.
With this update, you will be able to get rid for good of the ‘incorrect’ Exchange Online mailbox
Set-User <email address> –PermanentlyClearPreviousMailboxInfo
As you may already know, you had the ability to have a preview of a quarantine email before deciding what to do. But this preview was basically raw data (plain view), meaning if the email was in HTML format you basically got the HTML code displayed, making it complicated to review it.
An update has been deployed which allows you to choose if you want to view the raw data (as before) or switch to HTML view.
This applies to both end-user self service quarantine (accessible using https://admin.protection.outlook.com/quarantine) or for administrators reviewing quarantine emails from the Security and Compliance portal (https://protection.office.com/#/quarantine)
When previewing a quarantine email, just switch to HTML view (end-user) or HTML (administrators)
NOTE end-user will get a notification to remind them even if the content has been sanitized, this still could be dangerous
The latest and new release of Deployment Toolkit (MDT) for Windows is now available for download at
This version supports Windows 10 build 1709 (Fall Creator Update) and SCCM current branch (1710), as well as includes some fixes like:
In order to improve the security, Office 365 services are going to stop supporting Transport Layer Security (TLS) 1.0 and 1.1
If you are in hybrid scenarios (either with Exchange or Skype for Business) and/or if you use AD FS for your authentication services, you need to ensure your on-premises services supports TLS 1.2
Starting March 1st, 2018 if you did not upgrade to TLS 1.2, online services will not be accessible.
You can read this article which provides guidance to move to TLS 1.2 https://support.microsoft.com/en-us/help/4057306/preparing-for-tls-1-2-in-office-365
It has just been published (December 12th, 2017), a new potential security hole in Azure AD Connect (at least version 1.1.649.0, the advisory bulletin does not specify the impacted version(s)) which could leads the Azure AD Connect service account with insufficient restriction when Azure AD Connect automatically creates it.
See the advisory bulleting available at https://docs.microsoft.com/en-us/security-updates/securityadvisories/2017/4056318 for more details and additional actions to lockdown the service.
You are also invited to upgrade to the latest version (1.1.654.0) from http://go.microsoft.com/fwlink/?LinkId=615771
This has been announced some time ago already (July 2016); Clutter is going to be deprecated and eventually removed and replaced by Focused Inbox.
Now, we have an official end of life date for Clutter: this will be January 31, 2020.
So you still have some time to communicate to your end-users, update your support team and training documentation.
You may also have to deployed Outlook build 16.0.8730 Version 1711 or greater to ensure you are getting Focused Inbox on your Outlook client.
If you are using Outlook 2016 MSI or earlier, you will have to move either to Office Click to Run or deploy the coming Outlook 2019. If you stay with these ‘unsupported’ version of Outlook for Focused Inbox after January 2020, messages will stop being cluttered and will be delivered to the Inbox as usual.
UPDATE additional information and screenshots after Patch Tuesday
This has always been a nightmare for sysadmins, identifying devices with pending reboot.
Now with SCCM, it becomes easier. The latest update for SCCM Current Branch (build 1710) has a new column to use in the Console\Devices to identify such devices with pending reboot
To get this information, access the Assets and compliance workspace from the SCCM console and go to Overview\Devices. Then right click on the header of the device list and scroll down to get Pending Restart
With previous version you had to use Configuration Items and Configuration Baseline to identity them.
As a result, when a device is pending a restart, you know the reason of the pending restart
NOTE this attribute can not be used as filtering option neither to create a device collection (or at least I did not find the way to do)
This update will probably be more interesting for non-English customer.
An update is currently being deployed to get messages from Message Center translated in a different language than the English one, as messages in Message Center are written only in English.
To check/change your language settings, open the Gear menu from the Office 365 administration portal and update your language/time zone settings to match your language
As soon as you have changed your language, the administration portal is refreshing to display the UI in your language, then you can access the Message Center where you will see an option to translate messages in Message Center in different language – you can choose a different language than the one you configured for you – the default selected language for translation will be the one you defined previously
For the purpose of this post I have updated my language from English to French
If you click directly to the Traduire en francais (or what ever will be displayed), all message are automatically translated to the corresponding language
Office 365 ATP (Advanced Threats Protection) is an advanced protection solution provided by Office 365, already available for Exchange Online and for few months on Office Click To Run (see to learn more about ATP https://support.office.com/en-us/article/Office-365-Advanced-Threat-Protection-e100fe7c-f2a1-4b7d-9e08-622330b83653?ui=en-US&rs=en-US&ad=US)
The solution is used to deeply analyzed URL’s and attachments before letting end-users accessing it.
Now, Office 365 ATP is also available (through Office 365 E5 [enterprise and education] or additional Office 365 subscriptions for other plans) for SharePoint Online and Teams.
This works exactly the same way than it does for Exchange and Office Click to Run.
To enable ATP for SharePoint and Teams, go to the Security and Compliance administration center (https://protection.office.com/)
Then go to Threat Management\Policy
Then check the box Turn on ATP for SharePoint, OneDrive and Microsoft Teams to enable ATP for these workloads
Then it make take up to 30 minutes to be completed.
Once ATP detects a malicious file a notification will be displayed on the SharePoint web page and blocks access to the infected file (screenshot courtesy of Microsoft)
As administrator you can also create an alert to get notified when an infected file is detected on SharePoint, OneDrive or Teams.
While still in the Security and Compliance portal, reach out to the Alerts\Alert policies section
And create a new alert policy with the following settings:
Each Team is created with a General channel.
By default everyone can post in this channel.
Now you can define with 3 different levels who can post in this channel:
To define this setting, you need to go (as the Team owner) to the Team settings (Manage Team) and then access the Permissions options
Below the notification if you choose the second option (Everyone can post but display a notification); you can see how many user will see your post
Benoit is specialized on Microsoft infrastructure (Active Directory, Azure, ForeFront products, Hyper-V, Identity Management, System Center, Windows) and collaboration (BPOS, Exchange, Office 365, SharePoint, Lync/Skype for Business) technologies.
He has been awarded as Microsoft Most Valuable Professional (MVP) since 2002 - on Windows, then SharePoint and finally Office 365. He has been recoginzed as Microsoft Community Contributor for his work on the Office 365 community in 2013 and 2014.
He has been involved in early stage of testing phase for many Microsoft products - from Windows to Office 365, including Exchange, SharePoint or Office client and WindowsUpdate.
He has participated as speaker or Ask The Expert (ATE) at many Microsoft or Quest events. He also participed in writing several books on SharePoint (2003 to 2010).
With more than 10 years of professional experience, he has a deep knowledge of the Microsoft market and his competitors.
This blog is using tracking code for analytics purpose.
No personal data are stored and maintained.