Forum Widgets
Latest Discussions
Audit booking changes
Have users reporting long-standing discrepancies on room bookings - stuff being cancelled months ago, but not showing anywhere. I remember in the past, being able to audit this. Unfortunately, we now have Purview - a tool we didn't ask for, don't want, but allegedly are forced to use. These are Resources in 365, they have Exchange Mailboxes. Exchange has a tool to search for changes, but demands the subject line. The booking has been removed by the users - and I have no idea if this wants the original 'Booking' or the 'Re: Booking' or the 'FW: booking' or which of the 120 emails were generated. So I'm looking for alternative ways. I believe in the past, I did this via Defender. There WERE activities for Mailbox changes within this audit tool. They appear to be gone - or searching for Mailbox just removes all activities labeled 'Mailbox', I'm not sure. CoPilot gives me an evolving series of deprecated/possibly non-existent cmdlets for powershell, so that's fun. please do not refer me to another terrible marketing 'article'.. I have read so many, learned absolutely nothing useful, and I'm over it. Thank you
Conditional Access App Control issues
I'm trying to create a Cloud App policy to detect and block logins to any of our cloud apps that are leveraging SSO with Entra from Tor or anonymous IP's. I read an article where you can use Conditional Access App Control to apply cloud app policies during login via Entra. I've created the initial CA policy (report only), applied to users, applied to specific cloud app, set to use Use Conditional Access App Control choosing "Use custom policy..." and logged onto the cloud app. I then check the users signin log and confirmed the CA rule was marked as success. Next I go to Defender portal, Cloud Apps, Policy management and try to create an access policy and I get this error: You don't have any apps deployed with Conditional Access App Control. Go to the Conditional Access App Control page to deploy an app. Missing a step?Error in Microsoft 365 Admin Center Trying to Enable Teams for Organization
In the Microsoft 365 admin center, it says that "Teams is off for your organization". When I click that, I get an error: However, I believe I have teams setup since I can reach admins.teams.microsoft.com and manage things. The problem I am having is that no one from my organization can join a guest organization and I suspect it has something to do with microsoft 365 not being configured correctly.
Windows 11 Upgrade mit Intune
I used Intune (Feature Update) to upgrade from Windows 10 to Windows 11. For some devices, the update was completed within 12 hours. However, there were also devices that took 48 hours or longer to update to Windows. In the meantime, I carried out software installations (via Intune) on the devices within an hour. How can I force the feature update? Especially for new devices? Thank you for your support StefanMicrosoft to Block Users Granting Third-Party App Access to User Sites and Files
In July, Microsoft plans to introduce an app consent policy to stop users granting access to third-party apps to their files and sites. Letting users grant unsupervised consent to third-party apps to access files stored in OneDrive for Business and SharePoint Online is a bad idea. There are certainly apps out there that need such access, but requiring one-time administrator approval is no hardship. https://office365itpros.com/2025/06/19/app-consent-policy-user-app-consent/Azure AD Join (Entra Join) vs Hybrid Azure AD Join vs Azure AD Registration (Workplace Join)
I still find it hard to understand the differences between Azure AD Join (Entra Join) vs Hybrid Azure AD Join vs Azure AD Registration (Workplace Join). I know Azure AD Registration (Workplace Join) is supposed to be nest for Personal devices (BYOD) but if you have security as an important part of your business why would you want to allow this? You could end up with a billion random machines in your Entra. What's the benefit of this? Also, if I have a Hybrid environment and I have booth cloud and on prem apps that do auth via both on prem (for on prem apps linked to AD) and Entra for cloud do I need to be Hybrid Azure AD Joined to support on prem an cloud? Or will a person working from a Azure AD Joined machine still be able to access on prem resources like file servers and any app that uses AD groups for auth, access provisioning etc?Practical Graph: Using PowerShell to Create and Run eDiscovery Cases
The new Purview eDiscovery implementation supports a Graph API. Where there's a Graph API, there are PowerShell cmdlets based on the API. This article explains how to use PowerShell to automate different aspects of eDiscovery cases. PowerShell can't review the items found by searches, but it can handle most of the other processing. https://practical365.com/purview-ediscovery-powershell/Updating the Entra ID Custom Banned Password List with PowerShell
Microsoft 365 tenants with Entra P1 or P2 licenses can use a custom banned password list to stop people using specific terms in their passwords. The idea is to prevent easily-guessed terms being used in passwords. You could also block words deemed to be objectionable. In any case, this article explains how to maintain the custom blocked password list with a PowerShell script. https://office365itpros.com/2025/06/19/custom-banned-password-list/
