A new version (1.1.819.0) of Azure AD Connect (the directory synchronization tool for Office 365 / Azure AD) has been released.
You can get it from http://go.microsoft.com/fwlink/?LinkId=615771
This new version includes new capabilities like:
This version also includes lot of fixes.
It has been a long waited feature since ability to invite external users to join the organization but this is now there: you can now leave by yourself any organization you have been invited to join.
To do so just login to your Azure AD Access Panel Application (https://account.activedirectory.windowsazure.com) and open the Gear menu available at the right side of the Organizations section from the menu, or reach out the URL https://account.activedirectory.windowsazure.com/r#/profile/organizations
Then scroll down the page as the top displays devices associated with your account (aka Azure AD Joined) and click to the Sign in to leave the organization which will then log you on the inviting organization; you can review to what you have access and confirm your decision to leave or not
Go back again to the Organization section (see above), now the link Sign in to leave becomes Leave organization
Once you click on the Leave organization link you will be requested to confirm your choice
After hitting the Leave button to confirm you will get confirmation you have left the inviting organization and within the next few minute you will also a confirmation email
After releasing a first version of his own SharePoint migration tool, Microsoft has updated it and has released the v2 of the SharePoint Migration Tool (available at https://aka.ms/SPMT
This new version includes support for more SharePoint lists like:
It also includes support for AD FS authentication method; which makes all supported authentication methods available for the migration tool.
Don’t forget, you need to prepare and plan for your migration and for this you can still refer/use the SharePoint Migration Assessment tool available at https://www.microsoft.com/en-us/download/details.aspx?id=53598
Microsoft is deploying a better dashboard to have insight in mail flows.
This dashboard will be available worldwide by the end of May from the Security and Compliance center (https://protection.office.com).
Thanks to this dashboard you will have some insights for your mail flow, like:
To access this new mail flow dashboard, go to to your Security and Compliance portal (https://protection.office.com) and reach out the Mail flow\Dashboard blade
Then you can navigate the dashboard
If you click on one of the active content you can have more readable details (like for the Top Senders and Recipients)
Microsoft has released the Azure Mobile App for iOS and Android in General Availability (GA)
With this mobile app, you will be able to:
You can also use your Fingerprint to authenticate/access the Azure App
If you work with Azure this is a must have application
With Windows 10, Microsoft has introduced an advanced protection system integrated with Windows Defender caller Windows Defender Advanced Threat Protection (WDATP) (see https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/windows-defender-advanced-threat-protection to know more).
Now, with Intune you can also use Windows Defender ATP status to allow/deny access to resources.
To use Windows Defender ATP in your conditional access, go to your Azure ARM portal (https://portal.azure.com) and access your Intune\Device Compliance configuration blade
Access the policies blade and create a new compliance requirement as follow:
The device threat levels are going from Secured (highest security level) to Low
Any Windows 10 devices with WDATP with a threat level higher than the one defined here will be denied to access the resources.
Few days after the release of the new Windows 10 build (1803, also known as April Update), the ADMX files to manage GPO settings for Windows 10 1803 are now available for download here https://www.microsoft.com/en-us/download/details.aspx?id=56880
NOTE for some reason, the files are not extracted to the defined target folder when running the MSI package (default “C:\Program Files (x86)\Microsoft Group Policy\Windows 10 April 2018 Update (1803)\”) but to C:\PolicyDefinitions. Even if you define a different target folder.
An updated Message Trace is now available from the Security and Compliance Portal on Office 365.
The Message Trace on Exchange Online is very well known tool to help troubleshooting mail flow issues but had few glitches.
With this new Message Trace, you will be able to create custom queries and save them, have a list of previous queries executed so you can reused them, increase to the last 10 days for real time analysis…
To start using this new Message Trace, connect to your Security and Compliance portal (https://protection.office.com) and go to Mail flow\Message trace section
From there you will find some default queries and any queries you will execute or save once you start using the new message trace
When you create a new query, the UI is a little bit simpler and more intuitive
Microsoft has just announced Office 2019 is now available in preview.
You need to register at https://go.microsoft.com/fwlink/?linkid=872092
It is important to note that Office 2019 will only available in Click to Run installation mode; no more MSI installation package available.
You will be able to upgrade from an MSI package installation to Office 2019.
To have a complete list of the features available, go https://go.microsoft.com/fwlink/?linkid=872297
UPDATE May 6th, after the release of the ADMX file for Windows 10 1803, the GPO settings to manage these restrictions are available
With the Windows 10 April Update (build 1803) you finally can manage the amount of bandwidth being used by Windows Update.
To manage the limits (applicable to both download and upload [aka sharing with internet clients] - knowing that if you have already restrict the sharing with PC on your local network only this will not be applied), open the Settings\Windows Update\Advanced Options
Then scroll down to locate the Delivery Optimization option and scroll down again to get the Advanced Options
From there you can define the bandwidth limits for both download (separated into 2 section – background and foreground download) and upload.
The limits also include for the upload, an amount of maximum data shared.
The minimum you can set is:
To define the restrictions by GPO you need to have the Windows 10 1803 ADMX files (https://t.co/93MJI3a1rX). The GPO settings are located in the Computer Configuration\Administrative Templates\Windows Components\Delivery Optimization
It does not seems there is GPO setting available (as looking at the local policy as ADMX files for Windows 10 1803 are not yet released)
UPDATE thanks to my colleague Karl Gilbert who took a look as I did not , here is the registry keys associated with theses settings. You can then push it with GPO or script
Benoit is specialized on Microsoft infrastructure (Active Directory, Azure, ForeFront products, Hyper-V, Identity Management, System Center, Windows) and collaboration (BPOS, Exchange, Office 365, SharePoint, Lync/Skype for Business) technologies.
He has been awarded as Microsoft Most Valuable Professional (MVP) since 2002 - on Windows, then SharePoint and finally Office 365. He has been recoginzed as Microsoft Community Contributor for his work on the Office 365 community in 2013 and 2014.
He has been involved in early stage of testing phase for many Microsoft products - from Windows to Office 365, including Exchange, SharePoint or Office client and WindowsUpdate.
He has participated as speaker or Ask The Expert (ATE) at many Microsoft or Quest events. He also participed in writing several books on SharePoint (2003 to 2010).
With more than 15 years of professional experience, he has a deep knowledge of the Microsoft market and his competitors.
This blog is using tracking code for analytics purpose.
No personal data are stored and maintained.