Forum Widgets
Latest Discussions
Microsoft to Block Users Granting Third-Party App Access to User Sites and Files
In July, Microsoft plans to introduce an app consent policy to stop users granting access to third-party apps to their files and sites. Letting users grant unsupervised consent to third-party apps to access files stored in OneDrive for Business and SharePoint Online is a bad idea. There are certainly apps out there that need such access, but requiring one-time administrator approval is no hardship. https://office365itpros.com/2025/06/19/app-consent-policy-user-app-consent/Practical Graph: Using PowerShell to Create and Run eDiscovery Cases
The new Purview eDiscovery implementation supports a Graph API. Where there's a Graph API, there are PowerShell cmdlets based on the API. This article explains how to use PowerShell to automate different aspects of eDiscovery cases. PowerShell can't review the items found by searches, but it can handle most of the other processing. https://practical365.com/purview-ediscovery-powershell/
Azure AD Join (Entra Join) vs Hybrid Azure AD Join vs Azure AD Registration (Workplace Join)
I still find it hard to understand the differences between Azure AD Join (Entra Join) vs Hybrid Azure AD Join vs Azure AD Registration (Workplace Join). I know Azure AD Registration (Workplace Join) is supposed to be nest for Personal devices (BYOD) but if you have security as an important part of your business why would you want to allow this? You could end up with a billion random machines in your Entra. What's the benefit of this? Also, if I have a Hybrid environment and I have booth cloud and on prem apps that do auth via both on prem (for on prem apps linked to AD) and Entra for cloud do I need to be Hybrid Azure AD Joined to support on prem an cloud? Or will a person working from a Azure AD Joined machine still be able to access on prem resources like file servers and any app that uses AD groups for auth, access provisioning etc?Conditional Access App Control issues
I'm trying to create a Cloud App policy to detect and block logins to any of our cloud apps that are leveraging SSO with Entra from Tor or anonymous IP's. I read an article where you can use Conditional Access App Control to apply cloud app policies during login via Entra. I've created the initial CA policy (report only), applied to users, applied to specific cloud app, set to use Use Conditional Access App Control choosing "Use custom policy..." and logged onto the cloud app. I then check the users signin log and confirmed the CA rule was marked as success. Next I go to Defender portal, Cloud Apps, Policy management and try to create an access policy and I get this error: You don't have any apps deployed with Conditional Access App Control. Go to the Conditional Access App Control page to deploy an app. Missing a step?Updating the Entra ID Custom Banned Password List with PowerShell
Microsoft 365 tenants with Entra P1 or P2 licenses can use a custom banned password list to stop people using specific terms in their passwords. The idea is to prevent easily-guessed terms being used in passwords. You could also block words deemed to be objectionable. In any case, this article explains how to maintain the custom blocked password list with a PowerShell script. https://office365itpros.com/2025/06/19/custom-banned-password-list/
MS 365 Group Mailbox - New Outlook Search Not Working
We have just received a troubled call stating that the Search Feature inside of the MS 365 Group Mailboxes is not working. I reviewed this, and it is the same for all MS 365 Group Mailboxes, while the search feature dose work with all personal mailboxes. We are on the New Outlook platform and this issue is occurring for both Installed and web version of Outlook. Has anyone run across this or know of a fix? Thank You
Transfer OneNote Ownership
A while ago I started a OneNote notebook using my work email address. I shared that notebook out to my personal address. Now I want to transfer ownership to have it be with my personal email address in case I ever leave this job and lose access (this is my work product - I am not looking to take any confidential information). Is this possible? I have been researching for a long time and haven't come up with the solution. Thank youMicrosoft Pushes European Sovereign Solutions
On June 16, Microsoft announced European sovereign solutions, including a new offering called Microsoft 365 Local that has nothing to do with Microsoft 365 apart from the need to connect to Azure from time to time. Microsoft 365 Local is an on-premises packaged solution. There’s nothing bad about that because some companies need to run on-premises servers for their own reasons. But is calling it Microsoft 365 a case of putting lipstick on the proverbial pig? https://office365itpros.com/2025/06/18/microsoft-365-local-announcement/Error in Microsoft 365 Admin Center Trying to Enable Teams for Organization
In the Microsoft 365 admin center, it says that "Teams is off for your organization". When I click that, I get an error: However, I believe I have teams setup since I can reach admins.teams.microsoft.com and manage things. The problem I am having is that no one from my organization can join a guest organization and I suspect it has something to do with microsoft 365 not being configured correctly.
