Skip Ribbon Commands
Skip to main content
Benoit s Corner

Benoit's corner

Apr 22
Yammer - Moving to Microsoft Datacenters

A new major milestone has been reached for Yammer

Yammer services will be moved to Microsoft Datacenters on May 16, 2015 - during the move process window there will be service disruption

Additionnaly if you restrict access to Office 365 services (and so including Yammer), the following IP range will be used by Yammer services after this move: 134.170.148.0/22

Check this post for all IP addresses used https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=en-US&rs=en-US&ad=US#BKMK_Yammer

Apr 19
Office 365 / SharePoint Online – More space available for SharePoint sites

After announcing that there will be no need to be worried about storage quota (see http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=682) and an almost unlimited storage space for OneDrive for Business, now Microsoft is announcing a huge increase for SharePoint Online sites.

It used to be 10 Gb + 500 Mb per licensed user, now it will be 1 To + 500 Mb  per licensed user. This is currently in testing so may be rolled out soon.

It has been announced on the Office 365 Roadmap site http://roadmap.office.com/en-us#I-211-15675

Enjoy this new huge storage Smile

Apr 06
SharePoint 2013 – Web Browser Mobile getting mobile view access error

I have been getting this issue for some time now and finally took time to take a look on it.

Here is the case: I have upgraded my SharePoint platform from 2010 to 2013 by deploying a full new server and performing the data migration using the database detach/attach method as I don’t have any customization.

Everything went fine and sites have been migrated and working without any issue… except I then discover that user using a mobile web browser (or when the setting of their browser on their mobile device was set to MOBILE instead of DEKSTOP) always got the “classic” mobile view access error page

image

This was strange has the mobile view features have been enabled, it has been working before the migration, and another sub site created AFTER the migration to 2013 is not getting this error.

It appears that there was an error in the PermMask permission for the Comments list.

The PermMask for this list was set to EmptyMask while it should have been set to ViewListItems, ViewVersions, ViewFormPages, Open, ViewPages, UseClientIntegration

Thanks to SharePoint Manager I was able to set the correct setting for the PermMask by setting the 200769 value for the AnonymousPermMask (not the AnonymousPermMask64)

image 

Apr 02
Office 365 / SharePoint Online – No need to be worry of site storage quotas

This has always been a pain for SharePoint Online administrators: setting up correct storage quotas when creating a new site (to get the longest time before being asked to extend) AND indeed extending the quotas when the site start reaching his limited storage.

This is (or will be soon) no longer a pain as Microsoft has now introduced (currently deploying across Office 365 tenant) a new feature called pooled storage model which in fact remove this storage quotas management by automatically adjusting the storage – off course up to the limit associated with your tenant (as reminder you get 10 GB + 500 MB * number of users). This feature does not apply to OneDrive for Business as this has already a unlimited storage.

The setting for this pooled storage will be set to true by default for new customers.

Existing customers need to go to the SharePoint Online Administration site and reach the Settings option to enable the feature.

Off course, you may still want to keep it disabled if you want to manage each site collection storage quotas.

Apr 01
Office 365 – Office 365 Admin mobile app updated

As announced some time ago the Office 365 Admin mobile application has been updated with a brand new interface and features which provide more administration stuff than the previous version which was more providing health services than anything else (see http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=667)

Even if almost everyone was happy to get this new version, there was still some missing point such as the ability to assign license to federated users.

Good news, since today this is now possible Smile

Mar 31
Office 365 – Mobile Devices Management is now available

It has been announced some time ago, Microsoft has now delivered a first release of the mobile devices management for Office 365.

You can now define complete access rules for mobile devices to access your Office 365 resources.

This feature is currently being roll out on Office 365 for all Office 365 commercial plans (Business, Enterprise, EDU and government).

If you are interested in cloud mobile devices management, the first thing is to choose between Intune and Office 365 MDM – see for the comparison https://technet.microsoft.com/library/dn957912.aspx

Enable and configure Office 365 MDM

Then, if you want to use the Office 365 MDM, you have to activate the service by going to the Mobile Devices menu from the Office 365 admin portal to activating it; please note it may take some time to complete the activation

imageimage

Then you will have to complete the configuration by:

  • configuring the DNS records required – please note the interface may display your tenant has been already correctly configured for the DNS but this is a false positive state because you already have associated Internet domain. DNS entries required
    • CNAME enterpriseenrollment pointing to enterpriseenrollment.manage.microsoft.com
    • CNAME entepriseregistration pointing to enterpriseregistration.windows.net

Please note that the last entry may already exists and points to your ADFS end point or your Azure device registration as this entry is used for the Join Workspace feature.

  • create the APN’s certificate to allow you to manage Apple devices (iPhone / iPad)

imageimage

Setup MDM Access Rules

Once this has been done, you can also additionally configure multi factor authentication requirements and setup the access rules.

Access rules are managed from the Compliance Center – which has been available since few days now.

NOTE this access rules are overriding the Exchange mobile devices access rule you may have already setup

image

To setup an access rule, just hit the + sign and follow the wizard

As part of the settings available you can:

  • request to setup a device password
  • require device encryption
  • block jail broker device

imageimageimage

Then you have the choice to apply or not the rule after the creation – this may take few minutes to apply on devices

image

NOTE if you want to apply now the new access rule, you have to select existing security group and you have to search for the DL; the interface does not gather automatically existing DL for performance reasons

image

View devices list

From the Office 365 admin portal you can get compliance reports for registered devices

imageimage

NOTE there is currently a defect as the user list returned contains sample Contoso data

image

From the Office 365 admin portal you can also have a quick look of these devices and perform a wipe operation – either FULL wipe which completely reset the device or a SELECTIVE wipe which removes ONLY your corporate data (OneDrive for Business, Mail…)

image

Setup Mobile Device

To enroll a device to for Office 365 MDM, you must use either:

  • use the workplace feature of Windows Phone 8.1

imageimageimage

  • use the Company Portal application for Apple and Android devices
Mar 29
Windows 10 – Do not install the latest Surface firmware if you have Bitlocker enabled and running Windows 10 10041

UPDATE 30/03/2015 - After disabling BitLocker to solve the issue, you can re enable it

Today, I have installed the latest updates available through Windows Update on my Surface Pro 3 running Windows 10 Technical Preview build 10041: KB 3050653 and System Firmware Update.

My Surface has Bitlocker enabled.

Unfortunately, after the usual system restart and after the Surface Firmware has been updated, I ran into the issue than Windows does not start anymore.

After entering the Bitlocker PIN, the system immediately ran into the “Preparing Bitlocker Recovery” mode and failed to load Windows with the error 8007139f.

I have been able to correctly start Windows if I choose to run the Recovery mode when Bitlocker asks for the PIN and then enter the long recovery code. Then I uninstalled the potential KB involved, restart but still had the issue.

So, this means this is the firmware which is in cause and the only solution if it has been installed is to disable Bitlocker if you are running Windows 10 Build 10041.

I don’t know if this happen also for user running Windows 8.1 on their Surface Pro 3 with Bitlocker as I have only 1 Surface Smile

Mar 28
Office 365 / Exchange Online – Changes in the Clutter feature

Since last November and the introduction of the Clutter feature (see http://blogs.office.com/2014/11/11/de-clutter-inbox-office-365/ for more details), Microsoft has updated the Clutter feature to allow better management of this feature by administrators.

Now, administrators can define retention policies, define rules to bypass Clutter or personalize the message received by end-users.

See http://blogs.office.com/2015/03/03/making-clutter-office-365-even-better/ to know more

Mar 28
Office 365 / SharePoint Online – Important change with document library

Starting March 24th, SharePoint Online has been updated by enabling by default document versioning on Document library.

This impact all new document library created since then, as well as new site. The document versioning enabled is the Create major version

So be aware of this change has some impact in the storage consumed as well as to the user experience as draft version may not be viewable Smile

More details https://support.microsoft.com/en-us/kb/3050531

Mar 27
Office 365 – Compliance Center

Following my previous post to announce the new Office 365 Compliance Center (http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=666), here is a quick post on how to go with it.

Access to the compliance center is allowed to global administrator and based on the RBAC (Role Based Access Control) permission models, the same than the one used by Exchange (either online or on premises); that said Exchange role groups and Compliance Center role groups does not share membership or permission, so this means if you already have setup some compliance role group on Exchange this will NOT be reused by the compliance center

Ok, so let’s discover the Compliance Center.

You can access the compliance center from the administration portal through the Compliance Center from the left menu (the option is located at the end below the Admin section)

image

Then this open a new tab to connect you to the Compliance Center

What you can do?

For this first version, the compliance center is now the central place to manage compliance policies for both Exchange Online and SharePoint Online.

image

You can create and manage eDiscovery cases for SharePoint Online, enable/disable Exchange Online Archive for cloud hosted mailboxes (this first version does not allow to manage on premises mailboxes in the context of an hybrid scenario) or define the retention policies for Exchange Online and SharePoint Online

Exchange Online Archive Management

When you hit the Archiving option, you will be able to enabled/disable the online archive feature for Exchange Online mailboxes only. For mailboxes which has already the archive enabled, you get some usage statistics

imageimageimage

eDiscovery

The eDiscovery section allows you to create and manage eDiscovery cases

The first time you logon and reach this section AND if you don’t have any eDiscovery site created on SharePoint Online, the system will automatically creates a new eDiscovery site for you

image

Then you will be able to create/manage cases

NOTE if you want to delegate access to this section (see later for the Permissions management for the compliance center), you have to manage the permission to the eDiscovery site from the site itself; delegation from the compliance center does not grant access to the eDiscovery site

image

Retention

This section allows you to manage retentions policies for SharePoint Online and Exchange Online. Until then, it was relatively simple for Exchange Online (as soon as you have been granted the permission) to manage retention policies but not for SharePoint Online

Each links will open a new window

In case this is the first you reach this section and want to manage SharePoint retention policies, the system will automatically create a new Document Deletion Policy Center (which is the Compliance Policy Center template)

NOTE for some reason the automatic provisioning may failed, so just go to the SharePoint Admin portal and provision manually the required site using the Compliance Policy Center AND with the URL CompliancePolicyCenter (if you use another URL, it will continue to fail); then once the site has been provisioned, everything will go fine

image

image

Then you will be able to manage from this central point the retention policies

Once again, delegation from the compliance center does not grant access to the compliance policy SharePoint site

image

Permissions

The last option allows you to delegate access to the compliance center.

You have default delegation permissions set but you can create your own to delegate specific tasks

As reminder global administrators have been automatically granted access to the compliance center

imageimage

Once a user has been delegated to access the compliance center he will be able to access the site

The following screenshots shows the delegated views for eDiscovery Manager (as sample)

First, as the user is only delegated for the Compliance Center, there is no link available from anywhere (ie like the Office 365 portal); he has to logon using the URL https://compliance.protection.outlook.com/Ucc

image

What to expect next

So, it’s quite difficult to say what will come and when in the future for the Compliance Center (also because I’m not allowed to do so Smile) but there is one thing I can say: there will be a mobile device management feature coming which will allow you to define access policies to your Office 365 resources.

1 - 10Next

 ‭(Hidden)‬ Blog Tools

 Copyright

 About

Benoit is specialized on Microsoft infrastructure (Active Directory, Azure, ForeFront products, Hyper-V, Identity Management, System Center, Windows) and collaboration (BPOS, Exchange, Office 365, SharePoint) technologies.

He has been awarded as Microsoft Most Valuable Professional (MVP) since 2002 - on Windows, then SharePoint and finally Office 365. Ha has been recoginzed as Microsoft Community Contributor for his work on the Office 365 community in 2013 and 2014.

He has been involved in early stage of testing phase for many Microsoft products - from Windows to Office 365, including Exchange, SharePoint or Office client and WindowsUpdate.

He has participated as speaker or Ask The Expert (ATE) at many Microsoft or Quest events. He also participed in writing several books on SharePoint (2003 to 2010).

With more than 10 years of professional experience, he has a deep knowledge of the Microsoft market and his competitor.

​Privacy Information

This blog is using tracking code for analytics purpose.

No personal data are stored and maintained.

 Follow me on

 Share This

 Office365 Undercover by Arnaud ALCABEZ

Retrieving Data

 Certifications

Microsoft Certified Systems Administrator 
Microsoft Certified Systems Administrator - Messaging
Microsoft Certified Systems Engineer 
Microsoft Technology Specialist 
 Microsoft Certified IT Professional

 Translation Tool

Translate this page

 FaceBook Fan's Page

 Books I wrote

Le portail Microsoft SharePoint 
Microsoft Office SharePoint Portal Server 2003 et WSS au quotidien 
Microsoft Office SharePoint Server (MOSS) et Office 2007  
Microsoft Sharepoint 2010