May 18
Azure – New version of Azure AD Connect with quite new capabilities

A new version (1.1.819.0) of Azure AD Connect (the directory synchronization tool for Office 365 / Azure AD) has been released.

You can get it from http://go.microsoft.com/fwlink/?LinkId=615771

This new version includes new capabilities like:

  • Integration with PingFederate (in preview), allowing you to use Azure AD Connect to configure PingFederate for federation with Office 365/Azure AD

image

  • An updated troubleshooting utility to assist in troubleshooting in Linked Mailboxes or AD Dynamic Group sync issues; or SQL connectivity with a dedicated module (ADSyncTools.psm1)
  • Device write-back (if not yet configured) is now performed only through the Azure AD Connect wizard; no need anymore to run all the PowerShell commands

imageimage

This version also includes lot of fixes.

May 17
Azure – Azure AD B2B You can now leave inviting organization

It has been a long waited feature since ability to invite external users to join the organization but this is now there: you can now leave by yourself any organization you have been invited to join.

To do so just login to your Azure AD Access Panel Application (https://account.activedirectory.windowsazure.com) and open the Gear menu available at the right side of the Organizations section from the menu, or reach out the URL https://account.activedirectory.windowsazure.com/r#/profile/organizations

image

Then scroll down the page as the top displays devices associated with your account (aka Azure AD Joined) and click to the Sign in to leave the organization which will then log you on the inviting organization; you can review to what you have access and confirm your decision to leave or not

image

Go back again to the Organization section (see above), now the link Sign in to leave becomes Leave organization

image

Once you click on the Leave organization link you will be requested to confirm your choice

image

After hitting the Leave button to confirm you will get confirmation you have left the inviting organization and within the next few minute you will also a confirmation email

imageimage

May 14
SharePoint Online – New version of the SharePoint Migration Tool available

After releasing a first version of his own SharePoint migration tool, Microsoft has updated it and has released the v2 of the SharePoint Migration Tool (available at https://aka.ms/SPMT

This new version includes support for more SharePoint lists like:

  • GenericList
  • DocumentLibrary
  • Survey
  • Links
  • Announcements
  • Contacts
  • Events
  • Tasks
  • DiscussionBoard
  • PictureLibrary
  • XMLForm
  • GanttTasks
  • Posts
  • Comments
  • Categories
  • MySiteDocumentLibrary
  • IssueTracking

It also includes support for AD FS authentication method; which makes all supported authentication methods available for the migration tool.

Don’t forget, you need to prepare and plan for your migration and for this you can still refer/use the SharePoint Migration Assessment tool available at https://www.microsoft.com/en-us/download/details.aspx?id=53598

May 11
Exchange Online – A better mail flow dashboard is coming out

Microsoft is deploying a better dashboard to have insight in mail flows.

This dashboard will be available worldwide by the end of May from the Security and Compliance center (https://protection.office.com).

Thanks to this dashboard you will have some insights for your mail flow, like:

  • how many emails are stuck in queue (on Office 365) for more than 1 hour
  • how many emails are going through specific connector
  • alerts
  • forwarded emails

To access this new mail flow dashboard, go to to your Security and Compliance portal (https://protection.office.com) and reach out the Mail flow\Dashboard blade

image

Then you can navigate the dashboard

imageimage

If you click on one of the active content you can have more readable details (like for the Top Senders and Recipients)

image 

May 10
Azure – Azure Mobile App is now available in GA

Microsoft has released the Azure Mobile App for iOS and Android in General Availability (GA)

Get it on Google PlayDownload on the App Store

With this mobile app, you will be able to:

  • get notified of critical notifications and alerts
  • track health and status of your Azure resources
  • use the Cloud Shell to execute your commands, including Azure CLI experience to cover both PowerShell and Bash

imageimage

You can also use your Fingerprint to authenticate/access the Azure App

image

If you work with Azure this is a must have application

May 08
Intune – Enhanced conditional access with Windows Defender ATP

With Windows 10, Microsoft has introduced an advanced protection system integrated with Windows Defender caller Windows Defender Advanced Threat Protection (WDATP) (see https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection to know more).

Now, with Intune you can also use Windows Defender ATP status to allow/deny access to resources.

To use Windows Defender ATP in your conditional access, go to your Azure ARM portal (https://portal.azure.com) and access your Intune\Device Compliance configuration blade

image

Access the policies blade and create a new compliance requirement as follow:

  • Name: name the new compliance rule as you wish; as usual make it understandable
  • Platform: Windows 10 or later
  • Settings
    • Device Health: edit the Require the device to be at or under the Device Threat Level option to match your requirements

The device threat levels are going from Secured (highest security level) to Low

image

Any Windows 10 devices with WDATP with a threat level higher than the one defined here will be denied to access the resources.

May 06
Windows – Windows 10 1803 ADMX files are now available

Few days after the release of the new Windows 10 build (1803, also known as April Update), the ADMX files to manage GPO settings for Windows 10 1803 are now available for download here https://www.microsoft.com/en-us/download/details.aspx?id=56880

NOTE for some reason, the files are not extracted to the defined target folder when running the MSI package (default “C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803)\”) but to C:\PolicyDefinitions. Even if you define a different target folder.

May 03
Exchange Online – New Message Trace available in the Security and Compliance Portal

An updated Message Trace is now available from the Security and Compliance Portal on Office 365.

The Message Trace on Exchange Online is very well known tool to help troubleshooting mail flow issues but had few glitches.

With this new Message Trace, you will be able to create custom queries and save them, have a list of previous queries executed so you can reused them, increase to the last 10 days for real time analysis…

To start using this new Message Trace, connect to your Security and Compliance portal (https://protection.office.com) and go to Mail flow\Message trace section

image

From there you will find some default queries and any queries you will execute or save once you start using the new message trace

image

When you create a new query, the UI is a little bit simpler and more intuitive

image 

May 03
Office – Office 2019 is now available in preview

Microsoft has just announced Office 2019 is now available in preview.

imageYou need to register at https://go.microsoft.com/fwlink/?linkid=872092

It is important to note that Office 2019 will only available in Click to Run installation mode; no more MSI installation package available.

You will be able to upgrade from an MSI package installation to Office 2019.

To have a complete list of the features available, go https://go.microsoft.com/fwlink/?linkid=872297

May 02
Windows 10 – You can (finally) manage the bandwidth used by Windows Update

UPDATE May 6th, after the release of the ADMX file for Windows 10 1803, the GPO settings to manage these restrictions are available

With the Windows 10 April Update (build 1803) you finally can manage the amount of bandwidth being used by Windows Update.

To manage the limits (applicable to both download and upload [aka sharing with internet clients] - knowing that if you have already restrict the sharing with PC on your local network only this will not be applied), open the Settings\Windows Update\Advanced Options

image

Then scroll down to locate the Delivery Optimization option and scroll down again to get the Advanced Options

imageimage

From there you can define the bandwidth limits for both download (separated into 2 section – background and foreground download) and upload.

The limits also include for the upload, an amount of maximum data shared.

The minimum you can set is:

  • 5% for bandwidth usage
  • 5G for data sharing with internet client

image 

To define the restrictions by GPO you need to have the Windows 10 1803 ADMX files (https://t.co/93MJI3a1rX). The GPO settings are located in the Computer Configuration\Administrative Templates\Windows Components\Delivery Optimization

image

It does not seems there is GPO setting available (as looking at the local policy as ADMX files for Windows 10 1803 are not yet released)

UPDATE thanks to my colleague Karl Gilbert who took a look as I did not Smile, here is the registry keys associated with theses settings. You can then push it with GPO or script

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Settings

  • DownloadRateBackgroundPct
  • DownloadRateForegroundPct
  • UploadLimitGBMonth
  • UpRatePctBandwidth
1 - 10Next

 ‭(Hidden)‬ Blog Tools

 About

Benoit is specialized on Microsoft infrastructure (Active Directory, Azure, ForeFront products, Hyper-V, Identity Management, System Center, Windows) and collaboration (BPOS, Exchange, Office 365, SharePoint, Lync/Skype for Business) technologies.

He has been awarded as Microsoft Most Valuable Professional (MVP) since 2002 - on Windows, then SharePoint and finally Office 365. He has been recoginzed as Microsoft Community Contributor for his work on the Office 365 community in 2013 and 2014.

He has been involved in early stage of testing phase for many Microsoft products - from Windows to Office 365, including Exchange, SharePoint or Office client and WindowsUpdate.

He has participated as speaker or Ask The Expert (ATE) at many Microsoft or Quest events. He also participed in writing several books on SharePoint (2003 to 2010).

With more than 15 years of professional experience, he has a deep knowledge of the Microsoft market and his competitors.

 Copyright

​Privacy Information

This blog is using tracking code for analytics purpose.

No personal data are stored and maintained.

 Follow me on

 Share This

 Office365 Undercover by Arnaud ALCABEZ

Retrieving Data

 Certifications

Microsoft Certified Systems Administrator 
Microsoft Certified Systems Administrator - Messaging
Microsoft Certified Systems Engineer 
Microsoft Technology Specialist 
 Microsoft Certified IT Professional

 Translation Tool

Translate this page

 FaceBook Fan's Page

 Books I wrote

Le portail Microsoft SharePoint 
Microsoft Office SharePoint Portal Server 2003 et WSS au quotidien 
Microsoft Office SharePoint Server (MOSS) et Office 2007  
Microsoft Sharepoint 2010