SharePoint 2013 Workflow Retirement: What It Means for Your Business
Microsoft has officially entered the final chapter of SharePoint 2013 workflows, and for many organizations, this update is more than just another lifecycle announcement — it’s a wake-up call. The retirement of SharePoint 2013 workflows in SharePoint Online marks a decisive shift away from legacy automation toward modern, cloud-first workflow platforms. For businesses that still rely on approval flows, notifications, and automated processes built years ago, the message is clear: those workflows will stop working, and planning can no longer be postponed. This updated news article explains what the retirement means, what changes technically after the deadline, and — most importantly — how organizations can migrate and modernize their workflows step by step. https://dellenny.com/sharepoint-2013-workflow-retirement-what-it-means-for-your-business/An Explosion of Audit Events for Legacy SharePoint Online Authentication
Microsoft phased out the legacy IDCRL authentication mechanism from SharePoint Online on May 1, 2026. Sounds good, until you notice the explosion of IDCRLBlockedDueToSoftEnforcement events created by SharePoint Online in the unified audit log. The events are associated with Microsoft Office apps like Word, which SharePoint appears to think are still using IDCRL. For whatever reason, the audit log is now cluttered with unwanted events generated by the interaction between SharePoint and Office. https://office365itpros.com/2026/05/07/idcrl-audit-events/Granular Restore for Microsoft 365 Backup Reaches General Availability
Eighteen months after the product became generally available, Microsoft 365 Backup has delivered granular restore for SharePoint Online and OneDrive sites. It’s the kind of feature that most tenant administrators might have assumed is already in the program, but at least it now is. The next step is apparently the ability to restore files in place. That isn’t available yet. https://office365itpros.com/2026/05/06/microsoft-365-backup-granular/How File-Level Archiving Works for SharePoint Online
SharePoint Online supports file-level archiving, meaning that you can send individual files (most types) to Microsoft 365 Archive to be held in cold storage. Individual users can make the decision about what files need to be online instead of forcing administrators to decide whether to archive complete sites. If needed, archived files can be retrieved, but it might take 24 hours for this to happen. https://office365itpros.com/2026/05/05/file-level-archiving-spo/How to check status on SharePoint Online file move/copy?
I began performing a file move from a personal cloud OneDrive for Business account to a SharePoint Online document library around 12 hours ago. The amount of data was around 15GB in total. There are still three sets of folders that haven't moved and when I attempt to re-trigger the move, I get a message that "the folder is already part of a move/copy operation". How can I see the running details of that move/copy operation to find out why it has stalled, slowed?Employee Onboarding in a Day: Creating Role-Specific Training Guides from SharePoint Content
In today’s fast-paced business environment, the expectation to get new employees productive as quickly as possible is higher than ever. Yet, onboarding often remains one of the most fragmented and time-consuming processes within organizations. Information is scattered, training materials are outdated, and new hires are left navigating a maze of documents with little guidance. https://dellenny.com/employee-onboarding-in-a-day-creating-role-specific-training-guides-from-sharepoint-content/Restricting App Creation of SharePoint Online Sites
This article discusses the use of restricted site creation for third-party Entra ID apps. The feature has an allow or deny list to identify apps that can create new SharePoint Online sites. Controlling the set of apps that can create new sites contributes to limiting site sprawl and makes sure that every site has a real function. First-party apps like Teams are unaffected. https://office365itpros.com/2026/04/02/restricted-site-creation-apps/I built a free, open-source M365 security assessment tool - looking for feedback
I work as an IT consultant, and a good chunk of my time is spent assessing Microsoft 365 environments for small and mid-sized businesses. Every engagement started the same way: connect to five different PowerShell modules, run dozens of commands across Entra ID, Exchange Online, Defender, SharePoint, and Teams, manually compare each setting against CIS benchmarks, then spend hours assembling everything into a report the client could actually read. The tools that automate this either cost thousands per year, require standing up Azure infrastructure just to run, or only cover one service area. I wanted something simpler: one command that connects, assesses, and produces a client-ready deliverable. So I built it. What M365 Assess does https://github.com/Daren9m/M365-Assess is a PowerShell-based security assessment tool that runs against a Microsoft 365 tenant and produces a comprehensive set of reports. Here is what you get from a single run: 57 automated security checks aligned to the CIS Microsoft 365 Foundations Benchmark v6.0.1, covering Entra ID, Exchange Online, Defender for Office 365, SharePoint Online, and Teams 12 compliance frameworks mapped simultaneously -- every finding is cross-referenced against NIST 800-53, NIST CSF 2.0, ISO 27001:2022, SOC 2, HIPAA, PCI DSS v4.0.1, CMMC 2.0, CISA SCuBA, and DISA STIG (plus CIS profiles for E3 L1/L2 and E5 L1/L2) 20+ CSV exports covering users, mailboxes, MFA status, admin roles, conditional access policies, mail flow rules, device compliance, and more A self-contained HTML report with an executive summary, severity badges, sortable tables, and a compliance overview dashboard -- no external dependencies, fully base64-encoded, just open it in any browser or email it directly The entire assessment is read-only. It never modifies tenant settings. Only Get-* cmdlets are used. A few things I'm proud of Real-time progress in the console. As the assessment runs, you see each check complete with live status indicators and timing. No staring at a blank terminal wondering if it hung. The HTML report is a single file. Logos, backgrounds, fonts -- everything is embedded. You can email the report as an attachment and it renders perfectly. It supports dark mode (auto-detects system preference), and all tables are sortable by clicking column headers. Compliance framework mapping. This was the feature that took the most work. The compliance overview shows coverage percentages across all 12 frameworks, with drill-down to individual controls. Each finding links back to its CIS control ID and maps to every applicable framework control. Pass/Fail detail tables. Each security check shows the CIS control reference, what was checked, what the expected value is, what the actual value is, and a clear Pass/Fail/Warning status. Findings include remediation descriptions to help prioritize fixes. Quick start If you want to try it out, it takes about 5 minutes to get running: # Install prerequisites (if you don't have them already) Install-Module Microsoft.Graph, ExchangeOnlineManagement -Scope CurrentUser Clone and run git clone https://github.com/Daren9m/M365-Assess.git cd M365-Assess .\Invoke-M365Assessment.ps1 The interactive wizard walks you through selecting assessment sections, entering your tenant ID, and choosing an authentication method (interactive browser login, certificate-based, or pre-existing connections). Results land in a timestamped folder with all CSVs and the HTML report. Requires PowerShell 7.x and runs on Windows (macOS and Linux are experimental -- I would love help testing those platforms). Cloud support M365 Assess works with: Commercial (global) tenants GCC, GCC High, and DoD environments If you work in government cloud, the tool handles the different endpoint URIs automatically. What is next This is actively maintained and I have a roadmap of improvements: More automated checks -- 140 CIS v6.0.1 controls are tracked in the registry, with 57 automated today. Expanding coverage is the top priority. Remediation commands -- PowerShell snippets and portal steps for each finding, so you can fix issues directly from the report. XLSX compliance matrix -- A spreadsheet export for audit teams who need to work in Excel. Standalone report regeneration -- Re-run the report from existing CSV data without re-assessing the tenant. I would love your feedback I have been building this for my own consulting work, but I think it could be useful to the broader community. If you try it, I would genuinely appreciate hearing: What checks should I prioritize next? Which security controls matter most in your environment? What compliance frameworks are most requested by your clients or auditors? How does the report land with non-technical stakeholders? Is the executive summary useful, or does it need work? macOS/Linux users -- does it run? What breaks? I have tested it on macOS, but not extensively. Bug reports, feature requests, and contributions are all welcome on GitHub. Repository: https://github.com/Daren9m/M365-Assess License: MIT (free for commercial and personal use) Runtime: PowerShell 7.x Thanks for reading. Happy to answer any questions in the comments.The Retirement of SharePoint Alerts is a Pain in the Rear
I’ve used a SharePoint alert to create an emailed daily digest of changes made to files in a document library for seven years. Microsoft plans to retire SharePoint Alerts in July 2026, and the race is on to find a replacement. Regretfully, neither Power Automate nor SharePoint Rules seem capable of generating an equivalent daily digest, perhaps because these solutions don’t handle the number of file versions created by AutoSave well. https://office365itpros.com/2026/03/27/sharepoint-alerts-replacement/ChatGPT Enterprise Apps Grab Some Work IQ
If installed into a Microsoft 365 tenant, ChatGPT Enterprise apps can access SharePoint Online files, Exchange Online email and calendar, and Teams chats, messages, and tasks. The Entra ID apps created by ChatGPT have the necessary permissions to access information accessible to the signed-in user. Microsoft 365 Copilot can access more information, but being able to process files, emails, calendar items, and chats and channel conversations delivers access to a lot of Work IQ. https://office365itpros.com/2026/03/24/chatgpt-enterprise-apps-workiq/
