Newsworthy Highlights |
Announcing Microsoft 365 Endpoint Data Loss Prevention public preview to US government customers
With Endpoint DLP, Microsoft 365 GCC, GCC High and DoD customers only need to create DLP policies once in the Microsoft 365 compliance center. They can then apply the policies to Exchange, Teams, SharePoint, OneDrive for Business, and now – to endpoints as well. All that is required is for the endpoint to be onboarded in their specific cloud environment using their established device management onboarding process.
Microsoft CMMC Acceleration Program Update – September 2021
We are actively building out our program by developing resources for both partners and Defense Industrial Base (DIB) companies to leverage in their Cybersecurity Maturity Model Certification (CMMC) journey.
Basic Authentication and Exchange Online – September 2021 Update
Basic Authentication is an outdated industry standard, and threats posed by Basic Auth have only increased in the time since we originally announced we were making this change. The original announcement was titled ‘Improving Security – Together’ and that’s never been truer than it is now. We need to work together to improve security. We take our role in that statement seriously, and our end goal is turning off Basic Auth for all our customers. But every day Basic Auth remains enabled in your tenant, your data is at risk, and so your role is to get your clients and apps off Basic Auth, move them to stronger and better options, and then secure your tenant, before we do.
Prepare offices for hybrid work with new experiences on Microsoft Teams Rooms and Teams devices
The time to build and act on a hybrid work plan is now, while many offices are empty and the chance of disruption is low, and Microsoft is committed to helping organizations navigate the journey. In March, we unveiled our vision for the future of Teams Rooms, and in June we shared new innovations designed to help people connect and engage, regardless of where they work.
Cybersecurity resources and training for U.S. public sector/government
According to industry predictions, almost six ransomware attacks will occur every minute in 2021.
A new button is now available for Cloud PC's that will end the seven-day grace period.
Microsoft Whiteboard availability to GCC environment
Microsoft Whiteboard data storage is changing to OneDrive for Business
Microsoft 365 Apps for Android will no longer be supported on Chromebooks and Chrome OS
New automation features available for Microsoft Intune setup guide
Support experience update in Microsoft Endpoint Manager
Microsoft live (fluid) components in Microsoft Teams chat
Microsoft Teams Supervised Chat
References and Information Resources |
Microsoft 365 Public Roadmap
This link is filtered to show GCC, GCC High and DOD specific items. For more general information uncheck these boxes under “Cloud Instance”.
New to filtering the roadmap for GCC specific changes? Try this:
Stay on top of Office 365 changes
Here are a few ways that you can stay on top of the Office 365 updates in your organization.
Microsoft Tech Community for Public Sector
Your community for discussion surrounding the public sector, local and state governments.
Microsoft 365 for US Government Service Descriptions
Be a Learn-it-All |
Public Sector Center of Expertise
We bring together thought leadership and research relating to digital transformation and innovation in the public sector. We highlight the stories of public servants around the globe, while fostering a community of decision makers. Join us as we discover and share the learnings and achievements of public sector communities.
Microsoft Teams for Gov YouTube Video Series
The hub for teamwork in Office 365 GCC, GCC High, & DoD
Microsoft Teams for US Government Adoption Guide
Message Center Posts and Updates for Microsoft Teams in GCC |
Looking for what’s on the map for Microsoft Teams and only Teams in GCC?
Go right to the GCC Teams Feature Communications Guide
Message Center Highlights |
MC288686 – In Development for Microsoft Intune is now available
The “In development for Microsoft Intune” page in our documentation has been updated.
How does this affect me?
The In development page provides a list of features in upcoming releases of Microsoft Intune to assist in your readiness and planning. The list has now been updated. You’ll start seeing these changes in the next month or in a subsequent release.
What do I need to prepare for this change?
You can inform your IT staff and helpdesk of the upcoming changes listed on this page. Plan to update your end user guidance, if you feel any of these features would be important to your end users.
Click Additional Information for the link to the In development page.
MC288642 – OneDrive and SharePoint: Improved Move/Copy user experience
Microsoft 365 Roadmap ID 85567
We're refreshing the Move/Copy user experience in OneDrive and SharePoint to make it easier for you to move and copy your files and folders.
When this will happen?
We will gradually roll out starting with Targeted release in mid-October and complete for Standard release in mid-November.
How this will affect your organization?
When a user moves or copies a file or folder within OneDrive or SharePoint, they will see a new dialog-based experience to choose the destination for their content. There is no change to the underlying Move or Copy capabilities—all limitations, errors and admin settings will be unimpacted.
What you need to do to prepare?
You might want to notify your OneDrive and SharePoint end users, update your user training, and prepare your help desk.
For your users: The support article titled Move or copy files in SharePoint describes the limitations and current Move experience.
The screenshots will be updated to reflect the new experience as it’s rolling out to customers.
MC288630 – Exchange online auto-expanding archive-Automatic archive of mailbox items in Purge, Versions, and Discovery Holds folders
We are rolling out an update which will automatically move any mailbox items preserved in the “Purges”, “Versions”, and “Discovery Holds” folders in the primary mailbox to the archive mailbox daily. Customers will no longer be required to create separate policies for archiving email content in the “Recoverable Items” folders mentioned. Once this change finishes rolling out, the existing archiving policies created by customers for these folders will be ignored. This change does not impact the “Deletions” folder which is also part of the “Recoverable items” folder.
When this will happen?
We will begin rolling out this in mid-October and expect to complete it by end of October.
How this will affect your organization?
When this feature rolls out, the mailbox items in the “Purges”, “Versions”, and “Discovery Holds” folders of the “Recoverable Items” folder will start moving to the archive mailbox 1 day after they come into those folders. Also, the existing archiving policies you have created for these folders in mailboxes will be ignored. There won’t be any perceived experience change for customers as these folders are not visible to users.
What you need to do to prepare?
There is nothing you need to do to receive this feature update and it will not affect your existing policies. However, existing archiving policies related to the affected folders will be ignored as described above. You may consider updating any training or reference material for your Exchange administrators to highlight that it is no longer necessary to create archiving policies for these folders.
MC288473 – Known Issue: Users unable to update Android Company Portal from Huawei AppGallery
The Android Company Portal is currently out-of-date in the Huawei AppGallery and recent updates to the Company Portal are unavailable through the Huawei AppGallery.
How this will affect your organization?
If users have downloaded the Company Portal from the Huawei AppGallery and you are using apps that support app protection policies (APP, also known as MAM), users may be prevented from accessing company resources with those apps if they do not have the latest Company Portal version.
What you need to do to prepare?
Notify your users as applicable that they will need to download the latest version of the Company Portal from one of the other supported app stores or from the Microsoft Download Center. See Install Company Portal app in People's Republic of China for a list of supported app stores and instructions. Our engineers are actively working to re-add the latest version of the Company Portal to the Huawei AppGallery and we will update this post once it is available.
MC288472 – Reminder: Update to Microsoft 365 and Outlook for Windows connectivity
30-day/Final Reminder (MC229143 - DEC '20 and MC274503 - July '21): To ensure that we meet performance expectations, we are updating the supported versions of Outlook for Windows that can connect to Microsoft 365 services.
Starting November 1, 2021, the following versions of Outlook for Windows, as part of Office and Microsoft 365 Apps, will not be able to connect with Office 365 and Microsoft 365 services.
Key Points:
· Major: Retirement
· Timing: Beginning November 1, 2021 and will be complete by mid-May 2022.
· Action: Ensure Outlook for Windows client are updated accordingly
How this will affect your organization?
Versions that are newer than minimum version requirements listed above, but are not the currently supported version, may experience connectivity issues.
To see a list of the currently supported versions, visit Update history for Microsoft 365 Apps (listed by date) (for Microsoft 365 Apps) or Latest updates for versions of Office that use Windows Installer (MSI) (see “Latest Public Update” for Office 2013 and 2016).
Supported versions of Outlook for Windows in Office and Microsoft 365 will continue to connect to Microsoft 365 services as expected.
What you need to do to prepare?
We recommend that all users upgrade to the supported versions of Office and Microsoft 365 Apps.
MC288217 – September 2021 Cumulative Updates Available for Exchange Server
The September Cumulative Updates for Exchange 2016 and Exchange 2019 are now available for download and installation. Staying current on Cumulative Updates is a critical aspect of running Exchange Server on-premises. This is a continual process.
For additional information please see Released: September 2021 Quarterly Exchange Updates
How this will affect your organization?
Your Office 365 tenant is configured with an Exchange Hybrid connector. Please check your on-premises Exchange Server environment and use this opportunity to validate that all of your servers are up to date.
MC288214 – Prevent/Fix: Teams Rooms on Android update
This hotfix will reduce video-related issues during calls and meetings on devices manufactured by Poly. Firmware will not be updated at this time.
When this will happen?
Rollout has started and will complete by early October.
How this will affect your organization?
This fix will reduce video-related issues during calls and meetings. No new functionality will be introduced as a part of this update.
This update will be delivered through Teams admin center as an app-only update (Teams APK version 1449/1.0.96.2021092701) and will not include new firmware.
Note: Touch console will be unpaired after update completes.
What you need to do to prepare?
No explicit action is necessary. You might want to update your documentation as appropriate.
MC288054 – Configuration Change: Power BI app for Microsoft Teams automatic installation and availability for government customers
Users will soon find it easier to find and share reports in Teams and they’ll be able to receive notifications when content is shared to them. Messaging extension will support search, link unfurling, and inserting cards into messages.
Two changes are planned:
· Power BI will be automatically installed for users in your organization when they use the Power BI service in a web browser and have a Microsoft Teams license.
· Power BI app for Teams will become available to government customers.
These change will affect the Power BI app in Microsoft Teams (web, desktop).
When this will happen?
We expect this rollout to begin in early November and expect the rollout to be fully completed by late December.
How this affects your organization?
When Power BI app for Microsoft Teams is installed, users get better experiences without leaving Teams, like:
· Activity feed notifications for sharing and request access, help them work faster and be more responsive without leaving where they collaborate
· Links sent in chat turn into preview cards making collaboration richer, helping users find reports more quickly
· Items open in Teams, so users don’t have to switch apps just to see what data was shared to them
The new automatic installation makes it much easier for organizations who use Power BI and Microsoft Teams to deploy the fully integrated experiences for their users.
The automatic installation will occur for a user under the following conditions:
· The Power BI app for Microsoft Teams is set to allowed in the Microsoft Teams admin portal
· The Power BI tenant setting Install Power BI app for Microsoft Teams automatically is enabled
· The user has a Microsoft Teams license
· The user uses the Power BI service in a web browser
Initially, auto-install applies to new users the first time they visit Power BI service in a web browser. In the future, this will expand so that auto-install occurs for all active users of the Power BI service who meet the criteria.
When auto-install occurs, the user will receive a notification in the Power BI service notification pane.
Users in government clouds will be able to use the Power BI app for Teams experiences.
NOTE: Messaging extension support for government clouds will not be included in the initial release.
What you need to do to prepare?
An action is only required if you want to opt out of automatic installation.
· To opt out, navigate to the Power BI admin portal tenant settings. Set the Install Power BI app for Microsoft Teams automatically setting to Disabled or customize it to apply to appropriate subset of users.
· To opt out of Power BI app for Teams in the Government Community Cloud navigate to the Teams admin center. Select the Power BI app and set it to not allowed. Note: the Power BI app will not be available in Teams admin center until it has rolled-out.
Please click Additional Information to learn more.
MC288052 – Reminder: IE11 desktop application retires in 9 months on June 15, 2022 – Set up IE mode today (non-LTSC, non-Server)
As announced in MC257152 (May 2021), the future of Internet Explorer on Windows 10 is in Microsoft Edge. Internet Explorer mode (IE mode) provides legacy browser support within Microsoft Edge. Because of this, the IE11 desktop application will be retired on June 15, 2022. This means that the IE11 desktop application will no longer be supported and afterwards will redirect to Microsoft Edge if a user tries to access it.
With 9 months left before retirement, we highly recommend you start preparing today. The essential first step—Site Discovery—typically takes 3-4 weeks.
Internet Explorer 11 desktop application
· Timing: The IE11 desktop application will be retired on June 15, 2022
o Windows 10 LTSC and Server not affected. For a full list of what is in scope for retirement, see the FAQ.
· Action:
o To continue using a supported browser, transition to the Microsoft Edge.
o To continue using legacy IE-based sites and apps, you will need to configure those sites and apps to open in Microsoft Edge using Internet Explorer mode.
§ Start setting up IE mode by performing Site Discovery (3-4 week process depending on the size of your organization). This is also available as part of the Configure IE mode guided experience in the Microsoft 365 Admin Center.
How this will affect your organization?
If your organization has legacy sites and apps with IE dependencies, you will need to set up IE mode so that users can access them through Microsoft Edge. Microsoft Edge, with Internet Explorer mode, is the only browser with built-in compatibility for legacy IE-based sites and apps. It also gives your organization world-class compatibility with a dual engine advantage:
· Microsoft Edge renders IE-based sites and apps using IE mode.
· Microsoft Edge renders modern sites and apps using Chromium.
IE mode support follows the lifecycle of Windows Client, Server, and IoT releases at least through 2029. Additionally, Microsoft will give one year notice to deprecate the IE mode experience in-market when the time comes.
Note: After June 15, 2022, the IE11 desktop application will be removed via Windows update. We do not recommend avoiding Windows updates to keep IE11 as Window updates contain critical operating system security patches.
What you need to do to prepare?
To prepare, we recommend setting up Microsoft Edge in your organization. If your organization needs legacy browser support, we recommend setting up IE mode in Microsoft Edge as soon as possible.
· View the Microsoft browser usage report in the Microsoft 365 Admin center to help size IE usage in your organization. Appropriate permissions required.
· Use the Getting Started guide to learn how to set up Microsoft Edge in your organization, configure Internet Explorer mode (if needed), and move your end users.
o Start setting up IE mode by performing Site Discovery (typically 3-4 weeks). This is also available as part of the Configure IE mode guided experience in the Microsoft 365 Admin Center.
o FastTrack can help with deployment and configuration at no additional charge for customers with 150 or more seats of Windows 10.
o For help with web app and site compatibility, especially if you have legacy site concerns after configuring IE mode, learn more about the App Assure program.
Additional Information
· Read our announcement blog and our blog series for more information.
· Visit the Internet Explorer mode website.
· Read our FAQ to help answer your questions.
· Visit the Microsoft Edge and IE lifecycle page for more details.
We always value feedback and questions from our customers. Please feel free to submit either feedback or questions via Message Center.
MC288051 – (Updated) Upcoming Changes to Auto-Expanding Archive
Updated September 30, 2021: We have updated the content below for additional clarity. Thank you for your patience.
We will be removing the word ‘Unlimited’ from our service description and related public documentation for the auto-expanding archiving feature, and instituting a 1.5TB limit for archive mailboxes. This limit is not configurable.
Key points:
· Timing: This change will take effect beginning November 1, 2021 and is applicable to all environments.
· Roll-out: tenant level
· Action: review and assess
How this will affect your organization?
Once this limit takes effect, your users will not be able to extend their online archives beyond 1.5TB. As currently noted in our documentation, auto-expanding archive is only supported for mailboxes used for individual users or shared mailboxes with a growth rate that does not exceed 1 GB per day. Using journaling, transport rules, or auto-forwarding rules to copy messages to Exchange Online Archiving for the purposes of archiving is not permitted. A user's archive mailbox is intended for just that user. Microsoft reserves the right to deny auto-expanding archiving in instances where a user's archive mailbox is used to store archive data for other users or in other cases of inappropriate use.
If you have previously worked with Microsoft Support to provide exceptions for existing archives exceeding 1.5TB, those specific archives will not be affected by this change. You will not, however, be able to create any new archives that exceed 1.5TB.
What you need to do to prepare?
You should check the size of archives in your organization if you are concerned that they might be close to the limit and consider deleting some of the content if you intend to continue adding to the archive. You can use Get-MailboxFolderStatistics to view archive mailbox size.
MC287820 – New Presenter modes with desktop and window sharing – GCC High and DoD
Microsoft 365 Roadmap ID 87522
While sharing a screen or window, presenters will soon be able to present in three new Presenter modes. Standout, Side-by-side and Reporter modes will provide an immersive experience overlaid on top or alongside their content. This feature will be available for presenters using the Microsoft Teams desktop app for both Windows and Mac.
When this will happen?
We will begin rolling this out in mid-October.
How this will affect your organization?
1. Standout mode:
When a presenter selects Standout mode, the presenter video feed will be overlaid over the content for a more engaging experience.
2. Side-by-side:
When a presenter selects Side-by-side mode, participants will see the presenter’s video feed and content overlaid on a background image.
3. Reporter mode:
In Reporter mode, participants will see the presenter’s video feed superimposed over the background image while having the content over their shoulder, placed diagonally.
Meeting presenters can select the desired background image before starting the presentation for Side-by-side and Reporter modes.
The presenter can easily enable or disable the video feed can during the presentation from the sharing bar.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC287809 – Removal of Wi-Fi MAC address on personally-owned work profile devices and device administrator Android 9
Starting in October, Intune will no longer display a Wi-Fi MAC address for Android Enterprise newly enrolled personally-owned work profile devices and devices managed with device administrator running Android 9 and above.
This is because Google is requiring all app updates to target API 30 by November 2021. With this change, Android prevents apps from collecting the MAC address used by the device.
How this will affect your organization?
In October, you will no longer be able to view the Wi-Fi MAC address in the Microsoft Endpoint Manager admin center for Android Enterprise newly-enrolled personally-owned work profile devices and devices managed with device administrator running Android 9 and above. For previously enrolled devices, you may see a cached value listed.
What you need to do to prepare?
No action is needed, only awareness. We will continue to update Android 12 Day Zero Support with Microsoft Endpoint Manager blog with any additional information or changes that we discover as we approach the Android 12 release.
MC287354 – Teams Guest Access (GCC-High)
Microsoft 365 Roadmap ID 82803
Guest Access in Microsoft Teams allows organizations to collaborate with users outside their tenant in teams and channels, meetings, and other resources. Teams Guest Access is built on Azure Active Directory B2B. This release enables tenants inside the GCC-H Sovereign Cloud to invite and collaborate with users in other tenants in the same cloud.
NOTE: Currently, only users with AAD identities in a GCC-H Cloud tenant can be invited as Guests into another GCC-H tenant.
When will this happen?
Microsoft Teams Guest Access will be available for GCC-H cloud users as of 10/25/2021.
How will this change affect your organization?
This change does not impact your organization if Guest Access remains off in your tenant. If you choose to turn it on, this feature allows users in other GCC-H tenants to be invited as Guests into your tenant.
For reference, additional information on differences between Commercial and GCC-H Clouds is listed below:
· Azure AD B2B user experience and lifecycle (invitation, redemption, and termination) will be the same as in Commercial Cloud with differences or limitations as documented here.
· Admin Center controls are the same as in Commercial Cloud. However, Teams Guest Access is OFF by default in GCC-H Cloud, and IT admins have to explicitly turn it on for their tenant in the M365 Admin Center.
What you need to do to prepare?
Please familiarize yourself with the Teams Guest Access feature, and how it differs from other collaboration mechanisms already available within Microsoft Teams.
Guest access in Microsoft Teams - Microsoft Teams | Microsoft Docs
MC287353 – (Updated) Hardware Support for AJA and Blackmagic Devices - GCC
Microsoft 365 Roadmap ID 82812 and 83486
Updated September 30, 2021: We've updated the rollout timeline below. Thank you for your patience.
The ability for Teams clients to stream content from a client to the local network via Network Device Interface (NDI) is being expanded to enable streaming content to select attached hardware devices. Users with the ability to turn on NDI will also be able to push content to attached hardware devices from AJA or Blackmagic Designs. This will enable users to push content from Teams out via attached SDI or HDMI devices.
When this will happen?
We expect to roll this out in late October (previously late September) and expect the rollout to be complete by mid-November (previously mid-October).
How this will affect your organization:
Existing users of NDI will soon have a new ability to stream out to SDI or HDMI if they have the appropriate hardware. The meeting policy for local streaming is the same for both NDI and the attached hardware output.
What you need to do to prepare?
No changes will happen to any users aside from those who already have the ability to stream via NDI; they will see an update in their settings to show if they have attached compatible hardware.
MC286993 – Microsoft Defender for Office 365: DomainKeys Identified Mail (DKIM) support for Advanced Delivery
Microsoft 365 Roadmap ID 82083
We're adding support for DomainKeys Identified Mail (DKIM) domain entry to the Advanced Delivery policy. This enhancement enables security administrators to use DKIM domains in addition or instead of P1 sending domains to configure their third-party phishing simulations.
This option adds flexibility as well as another secure method for third-party phishing simulation vendors that utilize large number of P1 sending domains in their phishing simulation campaigns. Vendors can instead sign all their domains with one or a few DKIM domains. The end user (security administrator) will then just need to specify the DKIM domain in their advanced delivery policy configuration.
When will this happen?
We expect to begin this rollout in late September and expect the rollout to be fully completed in early October.
How will this affect your organization?
The DKIM domain option provides third-party phishing simulation vendors and our shared customers with another secure method to configure phishing simulations in Defender for Office 365.
What do you need to prepare?
There is no change or action for customers who are already using advanced delivery policy to configure their third-party phishing simulations using P1 sending domain.
Upon review, if specified by your third-party phish simulation vendor, update domain entry in the advanced delivery policy configuration to utilize DKIM domain when this enhancement rolls out to your tenant.
Learn more about the advanced delivery policy: Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOp...
MC286992 – Microsoft Teams: Download Attendance report for GCC
Microsoft 365 Roadmap ID 87518
Attendance Report is useful for online classes, training, meetings and Webinars, in this release, we are enabling it in GCC include:
· Downloadable attendance report during meeting.
· Downloadable attendance report after meeting from meeting chat.
These capabilities will be available to users with the following licenses: Office 365 or Microsoft 365 E3/E5/A3/A5/Business Standard/Business Premium. For the rest of 2021, we are offering temporary availability to Teams users to try the features with their existing commercial subscription.
Note: We will honor any existing meeting settings enabled within your organization.
Key points:
· Timing: available late October.
· Control type: admin control
· Action: review and assess
How this will affect your organization?
After the meeting:
1. In the meeting chat, a tile labeled Attendance report will pop into the chat about five minutes after your meeting ends.
2. Select it to download the .CSV file to your device.
Note: For recurring meetings, you'll receive a unique attendance report after each occurrence.
The feature will be OFF by default For everyone. In order to view who attended meetings, we recommended setting the “AllowEngagementReport" policy to Enabled. To turn this on in the Teams admin center, go to Meetings > Meeting policies, and set the policy to Enabled.
This is a per-user policy. This setting controls whether meeting organizers can download the meeting attendance report.
Or you can also use Powershell:
· Edit an existing Teams meeting policy by using the Set-CsTeamsMeetingPolicy cmdlet
· Create a new Teams meeting policy by using the New-CsTeamsMeetingPolicy cmdlet and assign it to users.
· To enable a meeting organizer to download the meeting attendance report, set the AllowEngagementReport parameter to Enabled. To prevent a meeting organizer from downloading the report, set the parameter to Disabled
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC286991 – Microsoft Teams Room on Windows – In meeting experience update - GCC
Microsoft 365 Roadmap ID 84578, 85810, 85811, 85813, 85814, 85815, 85817, 85819, 85820, 85821, 85822
We will be updating the Teams meeting roster (viewable on the Teams Rooms console) to closely align with the current experience available on the Teams desktop application. This will provide new capabilities such as, participant grouping for instructed meetings, sorting roster by raised hand, an integrated user search and the ability to ask others to join meetings from an invite or from chat.
In addition to this, we will be making the roster position on the console better align with that of the Teams desktop application while adding a touch friendly interface for participant options. Users will also benefit from a unified universal bar that will provide in meeting call controls for presenters and attendees for Teams meetings, large meetings support, and Live events (presenter only).
This robust Teams meeting update will also bring chat bubbles, Live reactions for meeting participants and lock meeting support for organizers. To help create an immersive experience for hybrid meetings, we will be making a major update to the front of room display experience to make it more dynamic, including splitting video participants across two in room displays.
This is rolling out on Microsoft Teams Rooms on Windows only.
When this will happen?
Rollout will begin in late September and should be complete by mid-October.
How this will affect your organization?
Users using Microsoft Teams Rooms will experience a slightly different yet familiar update to in the meeting experience.
Users will be able to tap on a participant to reveal all meeting controls/ settings available for the participant, depending on their role.
Front of room experience will look more familiar to that in desktop and better with local layouts and video participants splitting across both front of room displays for rooms configured with dual displays.
Users will be able to pin or spotlight meeting participants on the stage as well. Users can pin up to 9 participants and spotlight up to 7 participants. Pin is local to the room and spotlight is a global action.
What you need to do to prepare?
You might want to notify your users about this updated experience and update your training and documentation as appropriate.
MC286990 – (Updated) Exchange Online and Basic Auth – September 2021 Update
Updated September 27, 2021: We have updated the content for additional clarity. Thank you for your feedback.
We're making some changes to improve the security of your tenant. We announced in 2019 we would be retiring Basic Authentication for legacy protocols, and in early 2021 we announced we would begin to retire Basic Authentication for protocols not being used in tenants, but not disable Basic Authentication for any in-use protocols until further notice.
Today, we are announcing that we are restarting the program to end the use of Basic Auth in Exchange Online. Beginning October 1, 2022, we will begin to disable Basic Auth in all tenants, regardless of usage (with the exception of SMTP Auth, which can still be re-enabled after that).
We previously communicated this change via several Message Center posts: MC191153 (Sept. ‘19), MC204828 (Feb. ‘20), MC208814 (April ‘20) and MC237741 (Feb. ‘21) and you can always read the latest information about our plans to turn off Basic Authentication here.
Beginning early 2022, as we roll out the changes necessary to support this effort, we are also going to begin disabling Basic Auth for some customers on a short-term and temporary basis.
We selectively pick tenants and disable Basic Auth for all affected protocols except SMTP AUTH for a period of 12-48 hours. After this time, Basic Auth for these protocols will be re-enabled, if the tenant admin has not already re-enabled them using our self-service tools.
During this time all clients and apps that use Basic Auth in that tenant will be affected, and they will be unable to connect. Any client or app using Modern Auth will not be affected. Users can use alternate clients (for example, Outlook on the Web instead of an older Outlook client that does not support Modern Auth) while they upgrade or reconfigure their client apps.
How this will affect your organization?
If you receive a Message Center post between now and October 2022, informing you that we are going to disable Basic Auth for a protocol due to non-usage, or you get one saying we know you are using Basic Auth, but we intend to proactively disable it for a short period of time, and you don’t want us to disable specific protocols, you can use the new self-service feature in the Microsoft 365 admin center to opt-out and request that we leave specific protocols enabled until October 2022. We added this feature to help minimize disruptions as you transition away from using Basic Auth.
We will disable Basic Authentication beginning October 2022, and once that happens, users in your tenant will be unable to access their Exchange Online mailbox using Basic Authentication.
Read more here.
MC286781 – Restarting a Teams Live Event - GCC
Microsoft 365 Roadmap ID 82953
For some Teams Live Events, you may want to restart the event after it has already started, or after you have ended it. Until now, this capability was not available. However, soon you will be able to restart a Teams Live Event if it is accidently ended it or if there is a connection issue during the event.
When this will happen?
We will begin rollout of this feature by late September, and expect to complete rollout by early October.
How this will affect your organization?
If a producer chooses to restart a live event after it has started or after you have ended, you will lose the recording, transcript, and captions data of the event in progress and attendees will not be able to view the current event on demand. Once the producer restarts the event, all presenters and producers must re-join the call and can start the event once they re-join. Only producers may restart an event.
What you need to do to prepare?
No action is required. You may want to update your documentation as needed.
MC286778 – Microsoft 365 Information Governance
Microsoft 365 Roadmap ID 85628
We're improving the how Microsoft 365 retention policies and labels work for SharePoint Online and OneDrive. This change will introduce a new retention engine to process these policies aimed at improving scalability and consistency across Microsoft 365 applications.
NOTE: The new retention engine is already available and in use for commercial clouds; this update rolls out the improved engine specifically to GCC, GCC-H and DoD cloud environments.
When this will happen?
Rollout will begin in early October 2021, and will complete by the end of December 2021.
How this will affect your organization?
This change should not provide disruption, however If you are using retention policies and retention labels combined within the same location of SharePoint Online or OneDrive you might notice a difference on which one "wins" (takes precedence) and therefore which one is enforced as this update will evaluate both together and will resolve the "winning" policy based on the retention principles outlined in our documentation: Learn about retention policies & labels to automatically retain or delete content - Microsoft 365 Co...
It is possible you might see a change in behavior due to these changes.
What you need to do to prepare?
If you are using both retention labels and retention policies on SharePoint Online sites or OneDrive accounts, review them to ensure that the resolution of which one will take precedence per our principles of retention matches your expectation and if it doesn't you can update them to produce the right behavior.
No action is needed to enable this change; however you may want to communicate this change to your users or team responsible for Legal, Information Governance and Records Management at your organization.
MC286561 – 1:1 Calling in Safari - GCC
Microsoft 365 Roadmap ID 87312
This feature update will bring 1 to 1 calling from Teams to Safari. Users will be able to initiate a 1:1 call with another Teams user while using Teams on Safari.
When this will happen?
We will begin rolling this out in late September and be complete by early October.
Users can initiate a 1:1 call from the Calls App or from the Call button in the header of a 1:1 chat.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC286557 – Teams Rooms on Windows: Large gallery view and Together Mode view in GCC-High
Microsoft 365 Roadmap ID 85812
Microsoft Teams adds support for Large gallery and Together mode gallery views in GCC High cloud. This is rolling out on Microsoft Teams on desktop and Microsoft Teams Rooms on Windows only.
When this will happen?
Rollout will begin in late September and should be complete by mid-October.
How this will affect your organization?
Users using Microsoft Teams Rooms will be able switch to large gallery or together mode gallery views from the in room touch console. Users can position up to 50 invitees into a virtual space by removing each individual background people have and replacing them with a common background.
What you need to do to prepare?
You might want to notify your users about this updated experience and update your training and documentation as appropriate.
MC286342 – SPO View in File Explorer available in Microsoft Edge
Microsoft 365 Roadmap ID 82123
We recommend using the OneDrive sync app to sync SharePoint files with your computer, rather than using View in File Explorer. Sync with OneDrive Files On-Demand helps you work with all your cloud files in File Explorer without having to download all the files and use storage space on your device. In some special cases, we understand that some customers may still have a need to use View in File Explorer to access modern document libraries. Currently, The View in File Explorer option is only available in IE11. As we have announced in MC257029, IE11 support for Office 365 services and apps has retired as of August 17, 2021.
Starting in Microsoft Edge Stable version 93, you can enable the View in File Explorer capability on SharePoint Online for Modern Document Libraries. For this experience to be visible and work for your users, you will need to enable the Microsoft Edge policy "Configure the View in File Explorer feature for SharePoint pages in Microsoft Edge" and update your SharePoint Online tenant configuration.
Note: while "View in File Explorer" will be available, it is not recommended. Whether you're using Chrome, Microsoft Edge, or another browser, Sync is a faster and more reliable method for putting SharePoint files into folders you can see in File Explorer. To learn more, visit SharePoint file sync.
When this will happen?
· Targeted Release: This change will start rolling out in early October.
· Standard Release: This will begin rolling out in early November and complete by the end of November.
What you need to do to prepare?
By default, there will be no impact to your organization. By default, the “View in File Explorer” menu option will not be visible to Admins and End Users on the SPO Modern Document Library interface. We recommend using the OneDrive sync app to sync SharePoint files with your computer, rather than using “View in File Explorer”. However, if your organization has a need for the "View in File Explorer" feature in SPO Modern Document Libraries, admins will be able to opt-in to turn on this feature in their tenant, to work on Edge browsers.
To enable View in File Explorer review: View SharePoint files with File Explorer in Microsoft Edge - SharePoint in Microsoft 365 | Microsoft Docs.
MC286340 – Retiring the advanced hunting table named ‘DeviceTvmSoftwareInventoryVulnerabilities’
The advanced hunting table named DeviceTvmSoftwareInventoryVulnerabilities will be retired in favor of two new tables. One table is focused solely on software inventory and the other table is focused on vulnerabilities. This change will provide better clarity and reduce noise/complexity when using advanced hunting for common threat and vulnerability management scenarios.
Tables that are replacing DeviceTvmSoftwareInventoryVulnerabilities:
· DeviceTvmSoftwareInventory:This table serves as a complete list of all software on your devices, whether or not they have any vulnerabilities.
o No duplicate entries – unlike the old table, you have a single row for each software installed on every device.
o New fields – EndOfSupportStatus and EndOfSupportDate have the end-of-support state (if applicable) for specific software versions installed on devices.
· DeviceTvmSoftwareVulnerabilities:This table is dedicated to discovering Common Vulnerabilities and Exposures (CVEs) in existing software across all your devices.
o New fields – RecommendedSecurityUpdate and RecommendedSecurityUpdateId have missing security updates / Knowledge Bases (KBs) for installed software.
When will this happen?
These new tables are available today. The old advanced hunting table will be retired on October 15th, 2021.
How this will affect your organization?
The advanced hunting table named DeviceTvmSoftwareInventoryVulnerabilities will be retired and replaced with the advanced hunting tables named DeviceTvmSoftwareInventory and DeviceTvmSoftwareVulnerabilities.
Users will no longer be able to execute queries (either manually or via API) that use the retired table when this change is implemented.
What you need to do to prepare?
If you use the old table, either for manual queries or via API, it’s strongly encouraged you switch to using the new tables today to avoid breaking existing flows.
MC286338 – Refreshed Microsoft Whiteboard client experience coming soon - GCC
Microsoft 365 Roadmap ID 72196, 82093 and 82094
Microsoft Whiteboard clients on Windows 10, iOS and Android will be available for you soon. We are also refreshing the look and feel of Whiteboard inside web and Teams.
Note: The update to our native application on Surface Hub will be coming later this year. Until then, it will continue to work as local-only application.
When this will happen?
· Web and Teams clients: mid-September and will complete by the end of September
· Surface Hub: well begin at the end of October and complete by mid-November
How this will affect your organization?
New features have begun rolling out to our web and Teams clients, more will continue to roll out between now and the end of September.
The upgrade for Surface Hub will start rolling out at the end of October and complete by mid November.
Modern look and feel:
· Streamlined user experience - an unobtrusive app UI maximizes your canvas space.
· Creation gallery - a highly discoverable, simple way of finding and using objects and features in the application.
Collaboration features:
· Collaboration roster - see who is on the board and collaborating with you.
· Collaborative cursors – see where other people are on the canvas and what they are editing.
· Laser pointer - get other people’s attention as you share your best ideas.
· Improved performance - quickly open boards, pan and zoom, create content, and collaborate in real time with numerous editors at once during large working sessions.
Interactive content features:
· 30+ customizable templates – get started quickly and collaborate, brainstorm, and ideate with brand new templates.
· Reactions - provide lightweight, contextual feedback with a set of fun reactions.
· Note grids – insert a grid of sticky notes in one of 12 available colors to help in workshops and ideation sessions.
· Images – add images from your local drive to the canvas and annotate them to build visual interest on your boards.
Facilitation features:
· Copy/paste – copy and paste content and text within the same whiteboard.
· Object alignment – use alignment lines and object snapping to precisely organize content spatially. Format background lines and object snapping to precisely organize content spatially.
· Format background – personalize your whiteboard by changing the background color and pattern .
Inking features:
· Ink arrows – smoothly draw single and double-sided arrows using ink to better facilitate diagramming.
· Ink effect pens – express yourself in a creative way using rainbow and galaxy ink .
The features below will change as part of the Surface Hub native app update:
· Ruler - for straight lines, users can now insert lines from the shapes menu or hold down the pen when inking.
· Erase entire ink strokes - for faster erasing, users can now erase the entire ink stroke instead of a portion of it.
· Lock image – the ability to lock images and other canvas content will be available shortly after the update.
· Like/unlike sticky notes - users can use reactions instead as a workaround for lightweight voting and liking. We will be releasing more enhanced voting capabilities in a future update.
· Sorting – the ability to organize and sort lists and note grids are being rebuilt and will be included in a future update.
· Export template to CSV and email summary – these features are being rebuilt and will be included in a future update, including different ways to export content from the board.
· Ink to table – this feature is being rebuilt and will be included in a future update.
· Accessibility checker and alt text – these features are being rebuilt and will be included in a future update.
· Bing image search – users can download and insert images onto the canvas with the insert image feature.
What you need to do to prepare?
Microsoft Whiteboard Web and Teams clients:
· The new features in Web and Teams will be automatically rolled out.
Microsoft Whiteboard clients on Windows 10, iOS and Android:
· Once the update is made, we will send a follow-up announcement that roll out is complete. At that time, you can notify your users that they can download the applications directly.
Microsoft Whiteboard client on Surface Hub:
· The new features in our native Surface Hub client will be automatically rolled out.
Learn more: Meet the new Microsoft Whiteboard designed for Hybrid Work.
MC286337 – Send Feedback on Image Tags
Microsoft 365 Roadmap ID 68902
Users will now be able to provide feedback on tags associated with an image by using the “Give feedback” option within the details pane of the document library.
Using the feedback policy settings, tenant admins will be able to control how much feedback the users can choose to share with Microsoft.
When this will happen?
We expect this update to begin rolling out in early October and expect the rollout to be completed by mid-October.
How this will affect your organization?
With this change, users in your tenant will be able to send feedback on tags associated with an image. Users will also have the option of sharing the image that they are providing feedback for. They may also share their email address and allow Microsoft to contact them about the feedback, if required.
Tenant admins will be able to control whether the users can send feedback, whether sharing images/content with Microsoft through the feedback is allowed, and whether the users can share an email address with Microsoft to be contacted regarding the feedback.
NOTE: Existing settings will not be changed or affected.
What you need to do to prepare?
We recommend that you review and set up the feedback policies for your organization here.
By default, sharing feedback with Microsoft is enabled, and sharing image/content and email address is disabled.
You can change this at any point by changing the following policies:
· Allow users to submit feedback to Microsoft
· Allow users to include log files and content samples when feedback is submitted to Microsoft
· Allow Microsoft to follow up on feedback submitted by users
Learn more about image tags: Work with Image Tags in a SharePoint library
MC286077 – Announcing general availability of OneDrive data in Content Explorer - GCC
Microsoft 365 Roadmap ID 85626
Currently in public preview, you will soon be able to view data classification details for OneDrive data within Content Explorer.
When this will happen?
Rollout will begin in early October and is expected to be complete by late October.
How this will affect your organization?
With the availability of OneDrive data in Content Explorer, you will be able to review sensitive information, sensitivity labels, and retention labels detected on files and documents in OneDrive within the Content Explorer in the Microsoft 365 compliance center.
OneDrive data will appear as a new workload in Content Explorer. To view information about data classification applied to OneDrive data, select OneDrive from the All locations list in Content Explorer.
Learn more:
Get started with content explorer - Microsoft 365 Compliance | Microsoft Docs
MC285906 – Anti-malware policy: Common attachment filter: Additional file types block by default
Microsoft 365 Roadmap ID 85611
The 'Common attachment filter' option in the 'Anti-malware' policy helps the Administrator configure the file types (based on file extension) which need to be blocked in the emails. This block action is applied anytime the file type of any attachment in the email matches this configurated file type list.
The current pre-configured list has 96 file types. Of these 96 file types, 10 files types are selected by default in the block list. When a new policy is created, these 10 file types are selected, to be blocked, by default. Administrator can make changes to this selection by selecting more file types or making changes to existing file types. If the Administrator chooses to extend this behavior to more file types, then this is possible using PowerShell option.
As part of this enhancement to the feature, we are adding three additional file types to the default selection list. The newly added file types are '.iso', '.cab' and '.jnlp'.
Key points:
· Timing: We expect this feature to begin rolling out in early October and expect the rollout to be completed by late October.
· Roll-out: tenant level
· Action: Review and assess.
How this will affect your organization?
Once these enhancements are rolled out, any email received by / sent from the users of your organization will be quarantined if any of the attached files matches with the newly added three file types.
What you need to do to prepare?
If your organization would like to have the emails with these file types blocked, then there is no action. However, if your organization needs require that these files be allowed, then the Administrator needs to edit the Anti-Malware policies and de-select these newly added file types.
MC285905 – Join meetings anonymously from your Teams desktop app (across clouds)
Microsoft 365 Roadmap ID 86311
Today, if you want to join a meeting hosted in a different cloud to one of your tenant, you are directed to use the Teams web experience. We are improving the experience to allow users to join meetings across clouds from their desktop app anonymously.
Key points:
· Timing: We will begin rolling this out in mid-October and expect to complete rollout by late November. There will be 3 phases as part of this overall rollout:
o Phase 1: Standard and GCC customers will be able to join meetings in GCC-High and DOD clouds.
o Phase 2: GCC-High customers will be able to join meetings in Standard, GCC and DOD clouds.
o Phase 3: DOD customers will be able to join meetings in Standard, GCC, and GCC-High clouds.
· Roll-out: tenant level
· Action: review and assess
How this will affect your organization?
Once this rolls out, users will be able to join meetings in other clouds anonymously from their Teams desktop app (across clouds).
This change honors the existing setting for Anonymous users can join a meeting.
What you need to do to prepare?
Review your existing settings for Anonymous users can join a meeting to ensure the correct experience is enabled for your organization. Additionally, consider updating your training and documentation as appropriate.
MC285886 – Reply to specific chat messages in Teams Desktop - GCC
Microsoft 365 Roadmap ID 81113
With this update, Microsoft Teams Desktop users will receive the long awaited ability to reply to specific messages in chat from the message actions menu. This will help bring more context into conversations. This feature has already been available on the iOS and Android apps.
When this will happen?
· Standard: will rollout in mid-September and we expect it to be completed by early October.
· GCC: will rollout in mid-October and we expect it to be completed by early November.
How this will affect your organization?
Users have already been able to do this on mobile apps but will now be able to use this feature on Microsoft Teams Desktop as well.
What you need to do to prepare?
No action required. Once available users will be able to use this feature on their Desktop client.
MC285602 – (Updated) OneDrive: New Command Bar
Microsoft 365 Roadmap ID 85602
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience
With this update users will be able to easily identify the right file and access primary commands. The new simplified view will permit users to focus on the content while at the same time being visually pleasing.
When this will happen?
Targeted release (entire org): Will begin rolling out in mid-September and expect to be complete in late September.
Standard release: Will Will begin rolling out in late September and expect to be complete in mid-October (previously early October).
Note: Some users may see this feature before other users within your organization.
How this will affect your organization?
Users who interact with the OneDrive/SharePoint web viewer will easily find primary commands they usually interact with.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC285601 – New SharePoint hub to hub associations - GCC
Microsoft 365 Roadmap ID 85613
This release will add the ability to associate a SharePoint hub site to another hub site to expand search results across multiple hubs in your organization. This will enable users to discover relevant content when searching on any sites related to the associated hubs.
When this will happen?
· Targeted release (select users and entire org): will begin rolling out in mid-September and be complete by late September.
· Standard: will begin rolling out in mid-October and by complete by late October.
How this will affect your organization?
SharePoint administrators will be able to associate hubs to other hubs in the SharePoint admin center. When you associate hubs, there are no visual changes to the user experience except for when users search for content. When searching for content, users will see a breadcrumb path that will display the name of the hub site where content is located.
Hub associations are designed to expand the availability of related content to end-users. Hub to hub site associations create a network of hubs that roll-up to each other to create connections. When hubs are associated with each other, content can be searched for and displayed on hubs up to three levels of association.
What you need to do to prepare?
You do not need to do anything to prepare for this update.
Note: SharePoint administrators will have the ability to associate hub sites to other hub sites in the SharePoint admin center.
Learn more:
SharePoint hub to hub associations
MC285054 – (Updated) Microsoft Bookings – SMS notifications for booking appointments
Microsoft 365 Roadmap ID 85600
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience.
With this rollout, we are enabling SMS notifications to be sent to the person booked for an appointment scheduled through the Bookings web app or Bookings app in Teams or via the self-serve booking page. Additionally, the SMS will include the Teams meeting link for virtual booking appointments. See here for all licenses for Bookings availability. A valid US and Canada phone number is required to send SMS texts to attendees.
Note: We will be providing unlimited SMS notifications through a promotion period for customers with Bookings licenses until Feb 28, 2022. Following the promotional period, all organizations will have a set number of SMS included in their existing M365 licensing, with add-ons planned for overage usage. As we get closer to the end of the promotion period we will provide additional details on licensing requirements.
When this will happen?
The feature roll out will begin in late September and be complete by mid-October.
How this will affect your organization?
With this feature release, admins for a Bookings calendar, using either the Bookings app in Teams or the Bookings web app, will see a new configuration available in the Appointment types (Services) settings page to enable SMS notifications for appointments. This setting will be off by default but can be turned on by going to Settings > Appointment type.
Note: When this configuration is enabled, SMS notifications will be sent to attendees with details about the appointment. Attendees can opt out of receiving further SMS updates by replying STOP to the sender.
To better understand SMS notification usage, admins will have access to SMS reports and tiles in the Teams Admin Center (TAC).
Detailed reports include key data such as time/date sent, origin number, message type, event type, delivery status and indicators to monitor consumption.
What you need to do to prepare?
Educate your Bookings calendar admins about how to turn SMS off for a Bookings calendar. To turn off SMS messaging, they will need to navigate to the Bookings settings and turn off the configuration for each Appointment Type.
Additional information for managing Bookings:
· When this change takes effect, you will need to verify that "Allow Microsoft Bookings" is set for the experience you prefer.
· To allow all of your users access to Bookings, there is no action required. This is the default.
· To turn Bookings Off for your entire tenant, follow the instructions detailed in this support document.
· If you would like to limit access to Bookings to individual users, you can utilize a group policy for full app access or use a Mailbox Policy (via PowerShell) to grant specific users the ability to create Bookings pages. Instructions are detailed in this support document.
· Learn more about Bookings in the enterprise.
MC285023 – Co-authoring on Microsoft Information Protection encrypted documents in Office Desktop is Generally Available
Microsoft 365 Roadmap ID 82112
Co-authoring on Word, Excel, and PowerPoint documents encrypted with Microsoft Information Protection sensitivity labels on Windows and Mac is now generally available. This feature is already available on Office on the web
When this will happen?
This is now generally available.
How this will affect your organization?
Microsoft Information Protection enables you to protect your most sensitive content using an integrated, unified, and intelligent approach including the ability to apply encryption to Word, Excel, and PowerPoint documents using sensitivity labels. With this unique capability, multiple users can now edit these documents in real-time with AutoSave, empowering teams do their best work while maintaining the protection across the document lifecycle
What you need to do to prepare?
· Deploy the latest Current Channel or Monthly Enterprise Channel updates of Office. We highly recommend using Configuration Manager and Servicing Profiles to ease this transition
· If your organization uses Azure Information Protection to apply labels in Word, Excel, and PowerPoint on Windows, make sure to also update to the latest version
· Navigate to the Microsoft 365 Compliance Center settings page to enable the feature
This feature requires all clients working on Office files to have updated capabilities for supporting the new metadata changes for sensitivity labels. Any third-party or custom solutions interacting with sensitivity labels may also need to be updated. You can read more about this feature here.
MC284824 – Better Together feature for Calls on Teams phones and displays - GCC
Microsoft 365 Roadmap ID 84308
Better together allows Microsoft Teams devices to seamlessly integrate with your PC to bring a companion experience for cross-device interaction. With the new feature support, users will be able to make and receive calls from either a Teams device or PC client with a distributed calling experience across both devices.
When this will happen?
The feature roll out will begin in mid-September and be complete by late September.
How this will affect your organization?
If you are already using Teams phones and displays, and if you have better together feature enabled, the feature will also be available for calls.
What you need to do to prepare?
No action required for tenant admins but you might want to notify your users about this new capability and update your training and documentation as appropriate.
MC284624 – Excel Power View Retirement
Silverlight, a component used in Power View, will no longer be supported beginning on October 12th. In response, we will be starting the process to retire Power View from Microsoft 365. As an alternative to Power View, we recommend using Power BI Desktop, which is where we will continue to invest our development resources.
Key points:
· Timing: Beginning October 12, 2021 this change will roll out as an update.
· Action: Inform users of the retirement and direct them to utilize Power BI Desktop as an alternative.
How this will affect your organization?
Once users have taken the update they will no longer be able to create or open Power View reports from Excel.
What you need to do to prepare?
Instead of using Power View, we recommend using other ways to do analysis and visualizations within Excel (For example, PivotTables, PivotCharts, and so on). For more information, see BI capabilities in Excel and Office 365, or you can use Power BI Desktop (a free download). Existing Power View reports can be opened in Power BI, and new reports can be created in Power BI from Excel data.
Please click Additional Information to learn more.
MC284358 – Chat Delete Capabilities within Supervised Chats
Microsoft 365 Roadmap ID 82939
Earlier this year, through the Supervised Chat feature, we provided the capability to block restricted users from starting new chats unless an appropriate supervisor is present.
We are continuing to iterate on this experience and soon we will provide another tool for supervisors to be able to delete any inappropriate chat within those supervised environments.
The ability to delete chats will ONLY be available for users assigned the “Full permissions” role within the Chat permissions role policy within the Messaging policy options.
When this will happen?
We will start releasing the feature mid-September and it will be rolled out to all tenants by mid-October.
How this will affect your organization?
This feature will be turned off by default for all tenants. To turn on the functionality within the Messaging policy options, switch the following policy to True: AllowFullSupervisionUsersToDeleteOthersChatMessages.
Once you have done that, users that you have assigned Full Permissions will now have the ability to delete individual chats.
What you need to do to prepare?
Assess within your tenant who you might want to provide the functionality of deleting chats. Only those who have Supervised Chat turned on AND assigned the role “Full Permission” will have the ability to delete chats.
MC284357 – New tool for self-service troubleshooting of device issues in Microsoft Defender for Endpoint
With this latest feature release of Microsoft Defender for Endpoint (MDE) Client Analyzer you will be able to benefit from a self-service mode. You'll be able to troubleshoot device issues related to Microsoft Defender for Endpoint all by yourself. At any time, if needed, you can contact Microsoft support for assistance with reviewing the tool’s results.
When this will happen?
Now available.
How this will affect your organization?
The new tool provides the health status of the device with a list of issues that were found and that might be the root cause of various issues like impaired communication, onboarding issues, or environment supportability problems in the MDE device.
What you need to do to prepare?
Review the materials below to learn more and install the MDE Client Analyer tool:
· Download and run the client analyzer
· Run the client analyzer on Windows
· Run the client analyzer on MacOS or Linux
· Data collection for advanced troubleshooting on Windows
· Understand the analyzer HTML report
· Provide feedback on the client analyzer tool
MC284355 – Announcing physical badging first-party data connector (preview) for government clouds
Microsoft 365 Roadmap ID 85588
The physical badging data connector will soon be available in public preview for government clouds.
When this will happen?
Rollout will begin in mid-September and is expected to be complete by early October.
How this will affect your organization?
With this update, you can set up a data connector in the Microsoft 365 compliance center to import physical badging data, such as employee’s raw physical access events (like entry to a building, server room, or datacenter) or any physical access alarms generated by your organization's badging system. This data can then be used within the Microsoft 365 insider risk management solution to help protect your organization from malicious activity or data theft inside your organization.
What you need to do to prepare?
Users must be assigned the Mailbox Import Export role to set up the connector.
By default, this role isn't assigned to any role group in Exchange Online. You can add the Mailbox Import Export role to the Organization Management role group. Or you can create a role group, assign the Mailbox Import Export role, and then add yourself or other users as a member. For more information, see the 'Add a role to a role group' or the 'Create a role group' sections in Manage role groups in Exchange Online
Set up a connector to import physical badging data
Explore data connectors within the Microsoft 365 compliance center:
· Microsoft 365 compliance center for GCC
· Microsoft 365 compliance center for GCC-High
· Microsoft 365 compliance center for DoD
MC284260 – Microsoft Stream: Updated Web player for video
Microsoft 365 Roadmap ID 87204
This coming update to the web player for audio & video files, that are stored in OneDrive and SharePoint (including embedded files in Teams, Yammer, and SharePoint web parts), will offer a new user look and feel while adhering to greater levels of accessibility for keyboard navigation and screen readers. In addition to this, we are introducing new controls to allow users to skip forward or skip backward by 10 seconds during recording playback as well as providing a new button on the player that users can click to open (pop out) any embedded video in a new browser tab for more immersive viewing.
When this will happen?
We will begin rolling this out in early October and expect to complete rollout by late November.
How this will affect your organization?
Users will see (October) and interact with the new player for all OneDrive for Business and SharePoint video and audio files.
Skip forward/backward: Users will be able to see (November) and exact more control over their viewing with skip forward/backward.
Pop-out button: Users will see (November) a new pop-out button to open embedded videos in the browser.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC284149 – Plan for Change – Planned Maintenance: Intune Service
We have service maintenance planned that includes downtime for your Intune account in the GCC High and DoD environments. During this maintenance we will be making improvements to incorporate disaster recovery resilience into our infrastructure. This is a step towards ultimately making Intune more resilient to single datacenter outages. However, there is action required on your part at this time, to ensure that the Intune service continues to operate as expected after the maintenance.
How this will affect your organization?
This downtime will impact Microsoft Endpoint Manager admin center. During this downtime, you’ll be able to login to these portals, but you will not be able to make any admin changes. We recommend not logging in to Intune during downtime, since data and reports may not be accurately displayed. Services, for example, device check in, enrollment and app installation will not be available in the console. End users will not be able to access the Company Portal or enroll their device during this time. You shouldn’t plan to make any updates or changes during this maintenance window.
If you have any firewall rules configured, they'll need to be altered to include the new IP address, prior to the downtime. Click Additional Information for more details on Network endpoints for Intune. You will find additional IP addresses listed under the domain “*.manage.microsoft.us”, which will need to be included in your firewall rules.
What you need to do to prepare?
This message is notice that maintenance is being planned around a month from now. You should update your existing firewall rules as mentioned above, in preparation for it.
We’ll post another message 5 days before this maintenance, with an exact downtime window for your planning purposes. You can reach out to us at svcinc@microsoft.com or through your Microsoft contact if you have any questions or concerns.
This maintenance will be planned outside of normal business hours, to help minimize any impact to your organization. We apologize for the impact this may have on your users. We are working hard to improve Intune, to minimize these maintenance windows.
Additional Information
https://docs.microsoft.com/mem/intune/fundamentals/intune-us-government-endpoints
MC283865 – Office add-in dialog API hardening update
We recently made some changes to harden the security of the Office Add-in dialog API, which impacts cross-domain communication. Normally we do not do Message center communications on these monthly changes, but in the case we want to make sure the potential for impact is understood.
Note: If your organization is not using Office Add-ins you can safely disregard this message.
This change only impacts Office Add-ins and does not affect COM/VSTO add-ins.
When will this happen?
These changes will take effect in the semi-annual channel on September 14th. Please ensure your add-in is updated before this date.
How does this affect your organization?
If your organization is deploying an office add-in, your add-in functionality may be impacted. Please confirm with your add-in provider whether your add-in is using either the Office.ui.messageParent or Office.dialog.messageChild methods to communicate between the dialog and the parent page (typically a task pane) on different domains. If so, your add-in will need to be updated to pass a new parameter to enable cross-domain communication.
The changes are rolling out with the following builds:
· Office on the web: Live from 7/19/2021
· Microsoft 365 on Windows subscription: 16.0.14310.10000
· Office on Mac: 16.52.21080801
· Office on iOS: 2.52.21080801
· Semi-annual channel: The September Patch Tuesday (9/14/2021) will include the update.
What can you do to prepare?
For more information, see Action required: Update your Office add-in dialog for cross-domain communication
On Windows, you can set a registry key to bypass the target origin validation if needed. (For instructions, see the Tip in Cross-domain messaging to the host runtime.) Doing so allows add-ins making cross-domain communication to continue running even if they haven’t been updated to use the new parameter. Do this only as a temporary expediency until the add-in is updated.
MC283611 – Create task from Teams message - GCC
Microsoft 365 Roadmap ID 68696
We apologize that we did not meet our change communication commitments for this feature. We are working to address this moving forward to ensure we provide awareness prior to a feature becoming available.
This new feature will allow users to create Tasks from Teams chats or channel posts and enable them to identify tasks that arise naturally in Teams conversations while ensuring important work isn't overlooked. This will rollout on Microsoft Teams desktop and mobile.
When this will happen?
This feature is now available.
How this will affect your organization?
This feature will unify tasks in the Teams Task app in your organization. Select More options on a Teams message to choose Create task and track in the Tasks app in Teams. All tasks created from chats and posts will appear with all of a users tasks in the Teams Tasks app. Individual tasks can be added to My tasks and collaborative tasks can be added to any shared plan.
Both will include a link back to the original chat or channel post to provide context. Your users will be able to add accountability by assigning tasks, setting due dates, priority, assignments, and even add notes right from their chat or channel post.
Create task available in menu
Create in available options
View Task details
NOTE: The Tasks app must be installed to use this feature. Tasks is on by default unless your organization has made explicit changes to exclude Tasks.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC283609 – Support experience update in Microsoft Endpoint Manager
We are introducing an improved support experience in the Microsoft Endpoint Manager admin center which integrates the simplicity of in-console search and virtual assistant functionality to address more complex issues. This provides a seamless experience to guide you to Microsoft Intune issue-specific troubleshooting insights and web-based solutions, helping you get resolution faster.
How this will affect your organization?
The updated experience is similar to what you may see in the Microsoft 365 admin center but we have tailored it to the Intune service to provide accurate self-help content and help you create support requests.
Depending on the keyword you enter, you will be able to drill down into more complex scenarios based on things like what platform you are using, and whether you need help troubleshooting an issue or want more information on setting up a device. We have a few diagnostics available in this workflow too, so you can run tests to detect issues in your enrolled users and devices.
What you need to do to prepare?
There is no action needed. We have already implemented this support experience for a few support scenarios accessed via the Intune and Co-management options in the Help and support blade. We will continue adding scenarios over the next few months. You can start using the new workflow as it shows up for you and continue to use the Help and support blade as you do today to create support tickets. Click Additional Information for a link to our blog post to see screenshots of what the new experience will look like.
MC283608 – Privacy changes to Microsoft 365 Usage Analytics
We apologize that we did not meet our change communication commitments for this feature. We are working to address this moving forward to ensure we provide awareness prior to a feature becoming available.
At Microsoft, we’re committed to both data-driven insights and user privacy. As part of that commitment, we have made a change to Microsoft 365 usage analytics to pseudonymize user-level information by default. This change affects the following products and APIs, and will help companies support their local privacy laws:
· Microsoft 365 Reports in the Microsoft 365 admin center
· Microsoft 365 usage reports in Microsoft Graph
· Microsoft Teams analytics and reporting in the Microsoft Teams admin center
· The reportRoot: getSharePointSiteUsageDetail API (1.0 and beta) for SharePoint site detail
Global administrators can revert this change for their tenant and show identifiable user information if their organization’s privacy practices allow. This can be achieved in the Microsoft 365 admin center by going to Settings > Org Settings > Services and selecting Reports. Uncheck the statement In all reports, display de-identified names for users, groups, and sites, and then save your changes. Showing identifiable user information is a logged event in the Microsoft 365 compliance center audit log.
When user identification is enabled, administrative roles and the report reader role will be able to see identifiable user level information. Global reader and Usage Summary Reports Reader roles will not have access to identifiable user information, regardless of the setting chosen.
These changes to the product will bolster privacy for users while still enabling IT professionals to measure adoption trends, track license allocation and determine license renewal in Microsoft 365.
Click here for more information: Show user details in the reports
MC283605 – Bookings Teams app available in GCC
Microsoft 365 Roadmap ID 85599
With this update, Bookings will now be available as an app in the Teams app store for your organization in GCC. This release is incremental to the Microsoft Bookings web app that has been available for GCC customers since March 2021.
Key points:
· Timing: Bookings app in Teams will be rolled out to GCC customers in early October. Customers can use this app in Teams in conjunction with the Microsoft Bookings web app available in Microsoft Office 365 portal.
· Roll-out: tenant level
· Control type: admin control
· Action: review and assess
How this will affect your organization?
Microsoft Bookings app in Teams makes it easier for your users to manage in person and virtual appointments both inside and outside of your organization.
Upon downloading the app, Bookings will be enabled for your entire organization however you'll be able to turn it off or on, or limit it to specific users.
· With Bookings enabled for users, they can create a Bookings page, create a calendar, and allow other people to book time with them.
· To disable Bookings for your organization, visit the Microsoft 365 Admin center and go to Settings > Org settings > select Bookings and unselect the checkbox to ‘Allow your organization to use Bookings’. To enable Bookings, select the same checkbox 'Allow your organization to use Bookings' and Save changes.
What you need to do to prepare?
When this change takes effect, you will need to verify that "Allow Microsoft Bookings" is set for the experience you prefer.
· To allow all of your users access to Bookings, there is no action required. This is the default.
· To turn Bookings Off for your entire tenant, follow the instructions detailed in this support document.
· If you would like to limit access to Bookings to individual users, you can utilize a group policy for full app access or use a Mailbox Policy (via PowerShell) to grant specific users the ability to create Bookings pages. Instructions are detailed in this support document.
If you choose to allow access to Bookings, consider updating your user documentation and training. Learn more about Bookings in the enterprise.
MC283589 – Microsoft 365 Information Governance – Announcing general availability of retention polices for Teams private channels
Microsoft 365 Roadmap ID 82100 and 70582
We are excited to announce that retention policies for Teams private channels messages are now generally available.
When this will happen?
This feature is generally available now.
How this will affect your organization?
Administrators will now be able to create Teams private channel messages retention policies from the Information Governance solution in the Microsoft 365 Compliance Center.
Retention policies for Teams private channel messages do not apply to Teams channel messages or Teams chat messages.
What you need to do to prepare?
No action is needed to receive this feature; a new location for “Teams private channels” is visible and selectable when creating a new retention policy. To begin retaining content in Teams private channels, create a new retention policy which leverages this location.
You may also want to update any training materials and communicate this change to your users or team responsible for Information Governance at your organization.
MC283569 – New Feature: Improvements to the Text web part for SharePoint pages and news
Microsoft 365 Roadmap ID 85584
We’re adding the ability to paste inline images into the Text web part so that images can be closer to text and so that text can wrap around images.
We’re also addressing feedback to reduce line spacing in text.
When this will happen?
We expect to begin this rollout to Targeted Release customers starting in mid to late September and expect to complete the rollout to all customers by early October.
How this will affect your organization?
Authors of SharePoint pages and news will be able to paste images into the Text web part and align the images to the left, right, or center with text wrapping.
We’re also addressing feedback on the text line spacing by reducing the line spacing size between header and body text, and in between bullets points.
What you need to do to prepare?
You do not need to do anything to prepare for this update, but you may want to let your users know about these improvements.
MC283431 – Teams Network planner for government clouds
Microsoft 365 Roadmap ID 83471
Network planner in Teams Admin Center will identify bandwidth requirements of Teams clients to help you better estimate the bandwidth needs for your organization.
When this will happen?
We will begin rolling this out to Teams Admin Center in mid-September and expect to complete the rollout by late September 2021.
How this will affect your organization?
Network Planner can help you determine and organize network requirements for connecting Microsoft Teams users across your organization. When you provide your network details and Teams usage, the Network Planner calculates your network requirements for deploying Teams and cloud voice across your organization's physical locations.
The Network Planner tool will be available in the Teams Admin Center under the Planning section. To use Network planner, you must be a Global Administrator, Teams Administrator, or Teams Communications Administrator.
You will be able to:
· Create representations of your organization using sites and Microsoft recommended personas (office workers, remote workers, and Teams room system) or custom personas.
· Generate reports and calculate bandwidth requirements for Teams usage.
What you need to do to prepare?
You might want to notify your Teams administrators about this new capability and update your training and documentation as appropriate.
MC282998 – Customer Key for Microsoft 365: Multi-workload encryption
Microsoft 365 Roadmap ID 68870
Microsoft 365 provides baseline, volume-level encryption through BitLocker. Service Encryption provides an added layer of data-at-rest encryption at the application level. Customer Key allows you to control your organization's encryption keys.
As an application level encryption service, Customer Key support exists today for Exchange Online, SharePoint Online, and OneDrive for Business workloads in Microsoft's data centers.
We are extending Customer Key support to provide a multi-workload encryption support through a new service called M365DataAtRestEncryption.
When this will happen?
We will begin rolling this out in mid-October 2021 and expect to complete by late November 2021.
How this will affect your organization?
Microsoft 365 Customer Key now offers the option of creating and assigning a multi-workload Data Encryption Policy that encrypts data for all tenant users across multiple Microsoft 365 workloads that are listed here. If you opt for this service, there is no impact to your organization or your data as long you maintain the health and accessibility of the customer managed root keys.
What you need to do to prepare?
To onboard using multi-workload Customer Key for multi-workload encryption, reach out to Microsoft 365 Customer Key team at m365-ck@service.microsoft.com with your onboarding request. Please review documentation for the onboarding instructions.
MC282993 – Teams: Voice-Enabled Channels (Collaborative Calling) – GCC
We are introducing a new feature to support Voice-Enabled Channels (Collaborative Calling) in the Microsoft Teams desktop client. This feature will provide a new way of configuring call queues by allowing you to link Teams channels to call queues.
When this will happen?
We will begin and complete rolling this out in early September.
How this will affect your organization?
You will be able to configure call queues differently in a way that will allow the members of a channel to be automatically synchronized and set as the agents for the call queue. After configuring, a new Calls tab will be available in the Teams desktop client for members of the channel. The new Calls tab will provide a dedicated call history for agents of the call queue showing;
· Opt-in status of cohort agents.
· Call queue's shared voicemail (if configured).
This feature will not affect existing call queues and new call queues can continue to be configured using the current configuration settings.
What you need to do to prepare?
This is default off and no action is required unless you want to configure a new Voice-Enabled Channel. You can configure a new or existing call queue to be a Voice-Enabled Channel by simply selecting the Automatic option in the Teams Admin Center call queue configuration menu when setting a list of agents. Existing call queues will continue to retain their current configuration, which is listed as a Manual option to select specific users or groups.;
MC282990 – Communication Compliance features updates coming to GC in gov clouds
Microsoft 365 Roadmap ID 83699, 83700, and 85585
Several new Communication Compliance features will soon be generally available for government clouds to give you additional guidance and control over your policy settings: policy health check and ability to pause a policy, policy cloning and consumption visibility, and sensitive information types (SITs) by location reporting.
When this will happen?
Rollout will begin in late September and is expected to be complete by late October.
How this will affect your organization?
Policy health check and ability to pause policy: The new policy health check will provide visibility into the storage consumption of each Communication Compliance policy. The new ability to pause a policy will enable a Communication Compliance administrator to manually suspend evaluations of communications as needed.
Policy cloning and consumption visibility: The new policy cloning feature helps you easily create similar policies for different audiences but with the same conditions, for instance. The new policy consumption visibility will help you manage policies within your tenant.
Sensitive information types per location report: With this new report, you will be able to review and export the sensitive information types detected in all your Microsoft 365 and non-Microsoft communication channels currently in the scope of your Communication Compliance policies. You can access this report under the Reports tab.
What you need to do to prepare?
By default, global administrators do not have access to Communication Compliance features. To enable permissions for Communication Compliance features, see Make Communication Compliance available in your organization.
You might want to notify appropriate users about these new capabilities and update your training and documentation as needed.
To access the Communication Compliance solution, visit the Microsoft 365 compliance center:
· Microsoft 365 compliance center for GCC
· Microsoft 365 compliance center for GCC-H
· Microsoft 365 compliance center for DoD
Learn More:
· Learn more about Communication Compliance in Microsoft 365.
· Learn about Communication Compliance reports.
MC282986 – Plan for Change: Intune APP/MAM moving to support Android 9 and higher
As mentioned in MC266487, with the upcoming release of Android 12, Intune app protection policies (APP, also known as MAM) for Android will be moving to support Android 9 (Pie) and higher on October 1, 2021. This change is to align with Office mobile apps for Android support of the last four major versions of Android. Based on your feedback, we have updated our support statement. We are doing our best to keeping your organization secure and protecting your users and devices, while aligning with Microsoft app lifecycles.
Note: Teams Android devices are not impacted by this announcement and will continue to be supported regardless of their Android OS version.
How this will affect your organization?
If you are using app protection policies on any device that is running Android version 8.x or lower, or decide to enroll any device that is running Android version 8.x or lower, please note that these devices will no longer be supported for APP. While APP policies will continue to be applied to devices running Android 6.x – Android 8.x, if you do run into issues with an Office app and APP, support will request you update to a supported Office version for app troubleshooting. To continue to receive support for APP, update your devices to Android version 9 (Pie) or higher or replace them with a device on Android version 9.0 or higher before October 1, 2021.
What you need to do to prepare?
Notify your helpdesk, if applicable, of this updated support statement. You also have two admin options to help inform your users.
Here’s how you can warn users:
1. Configure an app protection policy Conditional launch setting with a Min OS version requirement to warn users.
Utilize a device compliance policy for Android device administrator or Android Enterprise and set the action for non-compliance to send a message to users before marking them non-compliant.
MC282785 – Upcoming Android 12 support for Microsoft Endpoint Manager
With the upcoming release of Android 12, we have been hard at work making sure Microsoft Intune customers are supported on the new OS release. Most app protection policies and mobile device management scenarios will continue to be fully compatible with Android 12. However, Google is making some significant changes in Android 12 that affect management capabilities available to Intune.
How this will affect your organization?
If you are currently using or planning to use Android 12 devices, see the blog Android 12 Day Zero Support for Microsoft Endpoint Manager for details on how this new OS will be supported.
What you need to do to prepare?
Review the Android Day Zero Support for Microsoft Endpoint Manager. Action may be needed if you are using:
1. Serial number, IMEI, and MEID for personally-owned work profiles.
2. Safe boot and/or Debugging features configuration settings in device restrictions for Android Enterprise fully managed, dedicated, and corporate-owned work profile devices. See MC275160 or the blog for more details.
We will update the blog with any additional information we learn as testing continues, and when Android 12 releases.
Support Tip: Android 12 upgrade can affect NAC-enabled network access
MC282783 – Microsoft Forms: Manage and organize your forms and quizzes now
Microsoft 365 Roadmap ID 70734
This new Forms feature release will allow users to manage and group all forms and quizzes as desired and in their own way, to efficiently archive and categorize their forms into collections.
This is rolling out desktop, web and mobile.
When this will happen?
Standard: We will begin rolling this out in late September and expect to complete rollout late November.
Government: We will begin rolling this out in early November and expect to complete rollout late November.
How this will affect your organization?
End users in your organization will be able to easily archive and manage their own personal forms into different collections which will allow them to work more productively and feel more in control of their personal content. Additionally, this new update will provide a smooth experience for users when they switch between different products in office.com (e.g. PowerPoint, Word, Excel, OneDrive).
In addition, users will also be able to:
· Better archive and manage quick polls/instances that are generated through Microsoft Teams, Outlook, and PowerPoint
· Easily manage their forms/quizzes/polls and quickly locate the certain file they are looking for among user-created, shared and group forms
This is the view that users will see after they create and manage forms /quizzes into collections from their personal forms.
Collection is supported in mobile view as well. Below shows how the collection looks like on small screens.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC282782 – Microsoft Teams: Sharing device audio on iOS and Android
Microsoft 365 Roadmap ID 85005
This feature update will allow users to include their device audio when screen sharing on iPhones/iPads and Android devices. This is rolling out on Teams mobile and will be available for iPhones & iPads running iOS 13 or later and phones and tablets running Android 10 or later.
When this will happen?
We will begin rollout mid-September and complete by the end of September.
How this will affect your organization?
This update will enable the meeting participants to hear the device audio during the meeting, while the presenter is sharing audio-enabled content (e.g., videos, music, apps with audio).
Once it's rolled out, users will see an additional option to include device audio, next to the existing Share Screen option.
They will also see the option to turn off device audio sharing during the presentation, if they've already started the sharing.
This option is rolling out default off for users. Users can choose to enable it as needed for each screen sharing session.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC282776 – (Updated) Follow/Mute conversation in Teams – GCC
Microsoft 365 Roadmap ID 70569
Updated September 7, 2021: We have updated the rollout timeline below. Thank you for your patience.
Users will soon have greater control to turn channel notifications on or off at a conversation thread level in the Teams desktop app. This feature update will allow channel members who were not originally a part of a thread to opt-in to receive notifications (follow) as desired. For channel members who were originally a part of a thread, this update will allow them to opt-out of receiving notifications (mute) at any time.
When this will happen?
We will begin rolling this out in mid-September (previously early September) and expect to complete rollout by late September (previously mid-September).
How this will affect your organization?
This Teams desktop feature update enables your end users to:
· Opt-in to receive notifications on all follow up channel member posts in a conversation where they haven’t previously participated by turning notifications on
· Opt-out from receiving notifications on all follow up channel member posts in a conversation they've previously participated in by turning notifications off
Opt-in to receive channel thread notifications by turning notifications on.
Opt-out of receiving channel thread notifications by turning notifications off.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC282551 – In Development for Microsoft Intune is now available
The “In development for Microsoft Intune” page in our documentation has been updated.
How does this affect me?
The In development page provides a list of features in upcoming releases of Microsoft Intune to assist in your readiness and planning. The list has now been updated. You’ll start seeing these changes in the next month or in a subsequent release.
What do I need to prepare for this change?
You can inform your IT staff and helpdesk of the upcoming changes listed on this page. Plan to update your end user guidance, if you feel any of these features would be important to your end users.
Click Additional Information for the link to the In development page.
MC282484 – Upcoming retirement of the Azure Information Protection classic client and labeling/policy configuration
As announced in March 2021, to provide a unified and streamlined customer experience, Azure Information Protection classic client and label and policy management in the Azure portal are being retired as of September 30, 2021. This timeframe allows all current Azure Information Protection (AIP) GCC customers to transition to our unified labeling solution using the Microsoft Information Protection unified labeling platform. Learn more in the official retirement notice.
Key Points:
· Timing: September 30, 2021
· Action: Review and take action as appropriate for your organization
How this will affect your organization?
You are receiving this message because our reporting indicates you might be using the AIP classic client. If you have enabled AIP analytics, you can identify the end users that are affected. Otherwise, you can use your current software to identify affected users and endpoints.
After September 30, 2021, administrators will no longer be able to edit AIP policies, labels, or languages, or be able to activate AIP protection on the Azure portal. No further support will be supplied for the AIP classic client and other retired services. As of March 31st, 2022 the backend service supporting the AIP classic client will be permanently disabled.
What you need to do to prepare?
After this change is implemented, administrators should use the Microsoft 365 compliance center to manage labels and policies.
· If you use the Azure portal to manage labels, the first step in the transition will be to migrate labels and policies from the Azure portal to unified labeling and sensitivity labels in the Microsoft 365 compliance center.
· If you use the AIP classic client, the next step will be to upgrade to the latest Microsoft 365 app that supports built-in labeling capabilities, or upgrade to the AIP unified labeling client.
For built-in labeling or the AIP unified labeling client, we recommend using the Microsoft 365 compliance center, which is where we will continue to focus our development resources. We encourage you to transition as soon as possible.
Learn more:
· Identify affected users using AIP reports
· Migrate Azure Information Protection labels to unified sensitivity labels
· Understanding unified labeling migration
MC282480 – SharePoint channel sites – Temporary permissions editing
We recently provided guidance (June - MC261534) “SharePoint: Updates for Microsoft Teams connected team sites” about how to edit permissions for SharePoint team sites that are connected to a channel in Microsoft Teams.
In the post, we specified that the addition, removal, or the editing of permissions for a channel site would need to be done in Settings for the team in Teams.
· To allow team owners more time to adjust to this change, we have temporarily enabled (for the first three weeks of September) users to continue to edit site permissions in the SharePoint team site. This will allow you to audit and remove permissions that have been added directly to the SharePoint site.
Key points:
This temporary update is available to all customers until mid-to-late September 2021.
· We will alert you via a follow-up Message center post to announce when this window is closing.
How this will affect your organization?
Starting this week, team owners can edit site level permissions for the channel site for the next three weeks. After three weeks, team owners will need to manage channel site permissions in Settings for the team in Microsoft Teams.
What you need to do to prepare?
You do not need to do anything to prepare. This is a temporary change to the way site permissions will be managed for Teams connected experiences. In a few weeks, all channel site permissions will be managed in Microsoft Teams Settings.
Learn more:
· Manage Teams connected sites
· Private channels in Microsoft Teams
MC282186 – Announcing availability of legal hold for Teams private channels (GCC-H and DoD)
Microsoft 365 Roadmap ID 82114
You can use a Core eDiscovery or Advanced eDiscovery case to create holds to preserve content that might be relevant to the case. With this update, we're extending this capability to preserve content in Teams private channels.
When this will happen?
Rollout will begin in late September and is expected to be complete by mid-October.
How this will affect your organization?
Microsoft Teams private channel chats are stored in user mailboxes, while normal channel chats are stored in the Teams’ group mailbox. If there is already a legal hold in place for a user mailbox, the hold policy will now automatically apply to private channel messages stored in that mailbox. There is no further action needed for an admin to turn this on. Legal hold of files shared in private channels is also supported.
What you need to do to prepare?
You can access Core eDiscovery (G3+) and Advanced eDiscovery (G5) solutions in the Microsoft 365 compliance center:
· Microsoft 365 compliance center for GCC-H
· Microsoft 365 compliance center for DoD
Review documentation for additional details:
· Learn more about legal hold for Microsoft Teams
· Manage holds in Advanced eDiscovery
MC282182 – Temporary change to Whiteboard in Teams meetings on Surface Hub
In preparation for an upcoming update to Whiteboard on Surface Hub, the ability to start a whiteboard in a Teams meeting from the Surface Hub has been temporarily disabled. This means users cannot start a whiteboard during a Teams meeting from the Surface Hub.
How this affects your organization?
You are receiving this message because our reporting indicates your organization may be impacted by this issue.
If you are impacted by this issue, you may be able to use the following to work around this problem:
Users on the Surface Hub can still collaborate and participate on whiteboards shared during the meeting, but the whiteboard must be launched from another device connected to the Teams meeting. Users will also be able to use the screen share mode without any difficulty.
What you can do to address the issue?
You may consider educating users on the workaround outlined above. We are working on an update to address this issue, and hope to resolve this by end of October when the new Teams electron application gets rolled out.
MC282167 – Introducing 2x2 gallery view for Teams meetings viewed in Safari browser - GCC
Microsoft 365 Roadmap ID 86513
Safari browser will soon be able to display up to four participant videos (2x2) during a Teams meeting.
When this will happen?
We will begin rolling this out in first week of September and expect to complete by mid-September.
How this will affect your organization?
Gallery view now can show up to four participant videos during a meeting in Edge or Chrome browser.
What you need to do to prepare?
You may consider updating your training and documentation as appropriate.
MC281936 – Sensitivity Labels for Teams Created from Templates - GCC
Microsoft 365 Roadmap ID 84232
Sensitivity labels allow Teams admins to protect and regulate access to sensitive organizational content created during collaboration within teams. With this update, you will be able to apply sensitivity labels to teams created from templates as well.
When this will happen?
We will begin rolling this out in late September and expect to complete rollout mid-October.
How this will affect your organization?
End users will now be able to use the sensitivity labels that Admins have created within the tenant when creating a team from a team template.
What you need to do to prepare?
Please share the below links with users so they understand how to create a team from a template with sensitivity labels.
MC281923 – Announcing data loss prevention integration with Microsoft Cloud App Security
Microsoft 365 Roadmap ID 85565
You will soon be able to extend data loss prevention (DLP) policies to third-party cloud apps (non-Microsoft cloud apps, i.e. SalesForce, Box, Dropbox, Google Workspace) to monitor and detect when sensitive items are used and shared via third-party cloud apps.
When this will happen?
Rollout will begin in late September and is expected to be complete by mid-October.
How this will affect your organization?
With this update, you can extend DLP policies to third-party cloud apps using Microsoft Cloud App Security (MCAS). Using these policies gives you the visibility and control that you need to ensure that sensitive data is protected from risky or inappropriate sharing, transfer, or use in third-party cloud apps.
When configuring a DLP policy in the Microsoft 365 compliance center, you can select a location for the DLP policy, and turn on the Microsoft Cloud App Security location.
To select a specific app or instance, select Choose instance.
If you don't select an instance, the policy uses all connected apps in your Microsoft Cloud App Security tenant.
What you need to do to prepare?
Learn more about creating DLP policies for third-party cloud apps:
· DLP policies for third-party cloud apps use Cloud App Security DLP capabilities. To use it, you should prepare your Cloud App Security environment. For instructions, see Set instant visibility, protection, and governance actions for your apps
To use DLP policy to a specific third-party cloud app, the app must be connected to Cloud App Security. Refer to documentation for more information.
MC281910 – Microsoft Viva: Viva Connections Desktop for GCC
Microsoft 365 Roadmap ID 85575
Viva Connections for Teams desktop enables users to discover and search SharePoint content, sites, and news from across the organization in Microsoft Teams desktop. It combines the power of your intelligent SharePoint intranet with Teams chat and collaboration tools all in one place.
In September, Viva Connections for Teams desktop will be available for GCC customers by creating a package in PowerShell, and then uploading the package as an app in the Microsoft Teams Admin Center.
· To use Viva Connections for Teams desktop, we highly recommend that you configure a SharePoint home site.
· Global navigation must be enabled in the SharePoint app bar for intranet resources to display in the Teams app bar.
· Only modern SharePoint sites and pages can be viewed inside Teams and all other content will open in a browser.
· All SharePoint out-of-the-box site headers are compatible with Viva Connections for Teams desktop. However, if you modify your SharePoint site to remove, or significantly change the site header, contextual collaboration buttons may not be available to the user.
· You must use the most up-to-date version of SharePoint PowerShell to create the Viva Connections for Teams desktop app package.
When this will happen?
This experience will be available for GCC customers starting early September.
How this will affect your organization?
Now GCC customers have more options to help surface important intranet resources and personalized content to users using Microsoft 365 apps. Viva Connections for Teams desktop helps make communicating and collaborating on shared resources easier than ever and allows you to incorporate your organization’s brand and identity directly in Teams.
What you need to do to prepare?
This is not an automatic update. To take advantage of Viva Connections for desktop, it is highly recommended that you configure a SharePoint home site with global navigation enabled in the SharePoint app bar. We strongly recommend that you use your home site as the landing experience in Teams. Viva Connections for Teams desktop can be provisioned through the Microsoft download center using PowerShell and then can be uploaded as an app in the Teams Admin Center. The PowerShell script is available in this documentation.
Related links:
· Set up a home site for your organization
· Set up and customize global navigation in SharePoint app bar
· Modernize your classic SharePoint sites
· Onboard your end-users to Viva Connections for Teams
MC281909 – Replacement of SCOM Management Pack for Office 365
We apologize for not providing 30 days advanced notice, per our customer-committed process, regarding the replacement of the Office 365 Management Pack with the new and improved Microsoft System Center Operations Manager Management Pack for Microsoft 365 that's available now for your use.
Note: If your organization is not using System Center Operation Manager (SCOM) Management Pack (MP) for Office 365, you can safely disregard this message.
When this will happen?
In early August, with the release of the Microsoft System Center Operations Manager Management Pack for Microsoft 365 we retired support for the System Center Operation Manager (SCOM) Management Pack (MP) for Office 365.
How this will affect your organization?
Users can no longer download and should not use this old MP. The MP will continue to work but will not be supported for any reported issues.
What you need to do to prepare?
We recommend you use the Microsoft System Center Operations Manager Management Pack for Microsoft 365, which is where we will continue to invest our development resources.
MC281142 – (Updated) We’re bringing Microsoft Search to GCC
Microsoft 365 Roadmap ID 72216
Updated September 30, 2021: We have updated the rollout timeline below. Thank you for your patience.
We are bringing Microsoft Search to GCC. This includes organization-wide search via the Search Box navigation header in SharePoint, OneDrive for Business, Office.com, and on Microsoft Search in Bing. This release includes customizable Bookmarks and Q&A Answers.
When this will happen?
We roll out Microsoft Search to GCC customers beginning in early October (previously late September) and expect the rollout to be completed by early October.
How this will affect your organization?
Microsoft Search brings work answers and search results to familiar search experiences, like SharePoint and OneDrive for Business, Office.com, and Bing.
End users will be able to enter search queries and get organization-wide results and answers.
When enabled, users who go to Bing.com and sign in with a valid work account can easily and securely find the work information they need with Microsoft Search in Bing.
Search Admins will be able to customize Bookmarks and Q&A Answers via the Search & Intelligence admin center.
What you need to do to prepare?
For GCC customers, Microsoft Search in Bing is off by default.
· Search Admins can turn on Microsoft Search in Bing in the Admin Center (Settings > Search & intelligence settings > Configurations > Microsoft Search in Bing settings).
· Choose Change settings and turn on Allow your organization to use Microsoft Search in Bing.
Instructions to turn on Microsoft Search in Bing
Learn more about Microsoft Search and customizing Bookmarks and Q&A Answers here: Microsoft Search | Plan your content
Learn more about Microsoft Search in GCC here: https://go.microsoft.com/fwlink/?linkid=2169288
MC280921 – (Updated) Introducing the Email summary panel for consistent navigation
Microsoft 365 Roadmap ID 82101
Updated September 23, 2021: We have updated the rollout timeline below. Thank you for your patience.
We’re making it easier for security teams to see the full picture of emails within Microsoft Defender for Office 365 and Microsoft Defender 365. We launched a single, integrated view with the email entity page, and now we’re making it easier to see this information in multiple experiences. This feature release targets more consistency, and easier navigation, saving time and effort for the customers.
When this will happen?
We will start rolling out the email summary panel to our private preview customers first, then we will begin rolling out to Standard release beginning in early January (previously late September) and expect to complete by end of February (previously mid-November).
How this will affect your organization?
This will replace the traditional Explorer flyout / other flyouts with email summary panel for experiences: Explorer, Advanced Hunting, Threat Protection Status report, Submissions, Quarantine.
What you need to do to prepare?
You may consider updating your training and documentation as appropriate.
MC280914 – (Updated) Microsoft 365 Records Management – Announcing public preview of adaptive policy scopes for retention and label policies - GCC
Microsoft 365 Roadmap ID 70578
Updated September 14, 2021: We have updated the rollout timeline below. Thank you for your patience.
This new feature (preview), Adaptive policy scopes, will allow data administrators to scope retention policies and retention label policies to a dynamic set of users, SharePoint sites, or Microsoft 365 Groups. This is enabled by using the properties or attributes associated with these locations. Adaptive policy scopes work with all locations, including Exchange mailboxes, Microsoft 365 Groups, SharePoint sites, OneDrive accounts, Teams chats, channel messages (including private channels), and Yammer user and community messages.
· Before this release, admins had to manually manage what was included in each policy by creating multiple custom scripts to add or remove locations from a policy. Adaptive policy scopes will automatically add and remove applicable locations to a policy as properties change for the associated user, site, or group.
· Additionally, adaptive policy scopes are not subject to previous per-policy limits of only including 100 sites or 1000 mailboxes per policy which often caused duplicate policies in large organizations.
When this will happen?
Public preview: will begin rolling out in mid-October (previously early September) and be complete by the end of October (previously mid-October).
Standard release: will begin rolling out in mid-October and be complete by mid-November.
How this will affect your organization?
When this feature rolls out, Compliance administrators will be able to create adaptive scopes and apply one or more of these scopes to retention policies and retention label policies.
None of your existing policies will be affected by this feature. If you plan to replace the existing policies with new adaptive policies, we recommend creating the new adaptive policies before deleting the existing policies.
What you need to do to prepare?
There is nothing you need to do to receive this feature and it will not affect your existing policies. You may consider updating any training or reference material for your Compliance administrators and determining if you have policies which would benefit from using adaptive policy scopes.
Learn more:
If you are interested in using adaptive policy scopes as they are enabled in your tenant, we recommend watching the webinar where we announced the private preview of this feature.
Note: We will be hosting a webinar on September 20th, 2021, which will describe in detail how to use this feature and we will be providing you a sign up link within a week or two in another MC update.
MC280286 – (Updated) Retiring Teams mobile support for devices running on iOS version 13 and below
Updated August 31, 2021: We have updated the timeline below. Thank you for your patience.
We will be retiring the Teams mobile support on iOS version 13 and below. Instead we recommend that users upgrade to newer iOS builds, which is where we will continue to invest our development resources. We will also begin encouraging users to update to the newest version of Teams if they're running builds older than 1 year.
Key points:
· Timing: The retirement will begin in early November (previously early October) and is expected to complete by mid-November (previously mid-October).
· Action: Instead of using iOS 13 or below, we recommend updating to OS versions 14 and above.
How this will affect your organization?
You are receiving this message because one or more users in your organization might be using iOS mobile devices that are running on version 13 or lower.
The exiting Teams build 3.17.0 will continue to work on iOS 13 devices but there won't be any app updates going forward. In addition to this, you will not be able to reinstall the build from the app store if you uninstall Teams or reset your device.
MC279469 – (Updated) 1:1 VOIP and PSTN call recording and transcription in Calls App V2
Microsoft 365 Roadmap ID 83497
Updated September 21, 2021: We have updated the content to show as intended. Thank you for your feedback.
Microsoft Teams will now release ability to record and transcribe 1:1 VOIP and PSTN calls and show the recording and transcription in Call history in the calls details panel. This is a critical feature specifically for our Public Switched Telephone Network (PSTN) customers. In absence of chat, PSTN callees do not have a way to view call recordings and transcriptions.
When this will happen?
· We expect to begin this roll out to Standard and GCC tenants in late September and expect the rollout to be completed by mid-October.
· We expect to begin this roll out to GCC-High and DoD tenants in late October and expect the rollout to be completed by mid- November.
How this will affect your organization?
· Call Transcription for 1:1 PSTN and VOIP calls will show in call history in call details panel.
· Call Recording for 1:1 PSTN and VOIP calls will show in call history in call details panel.
· Users can delete recording from chat and the recording will not show in call history in call details panel.
· If there are multiple recordings in a call, they will show in a list form in call history in call details panel.
What you need to do to prepare?
Teams admins will need to make sure that AllowCloudRecordingForCalls and AllowTranscriptionForCallingis turned on to enable recording and transcription of 1:1 VOIP and PSTN calls.
MC278893 – (Updated) Breakout Rooms Presenter support - GCC
Microsoft 365 Roadmap ID 81118
Updated September 16, 2021: We have updated the rollout timeline below. Thank you for your patience.
We are adding the ability for organizer to extend the management of Breakout Rooms to specific presenters. This feature will enable meeting organizers to add and remove presenters as Breakout Room managers.
By taking control from Breakout rooms management panel, appointed presenters will be allowed to perform Breakout room operations as manager or meeting organizer, as well as joining Rooms as Breakout Room manager.
This is rolling out on desktop only.
When this will happen?
Rollout will begin mid-October (previously mid-September) and should be complete by late October (previously late September).
How this will affect your organization?
Organizers who will configure and manage Breakout Rooms on a Teams desktop client will have access to appoint Presenters as Breakout Room managers. Currently, only users who are named presenters from the same tenant are supported to become Breakout rooms managers.
When Breakout rooms managers join the meeting, they will see the Breakout rooms icon in toolbar.
Breakout rooms managers will have to take control to manage rooms. (Only one manager can manage rooms at the same time).
Once in control, Breakout rooms managers can perform operations to manage Breakout rooms, such as:
· assign users to rooms
· add/delete rooms
· open/close rooms
· re-assign users to rooms
· send announcements
· recreate rooms
· set timer
· adjust other Breakout rooms settings
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
Learn more:
Use breakout rooms in Teams meetings will be updated after launch
MC278891 – (Updated) Breakout rooms: Pre-meeting room creation and participant assignment - GCC
Microsoft 365 Roadmap ID 81390
Updated September 16, 2021: We have updated the rollout timeline below. Thank you for your patience.
We are adding the ability for meeting organizers to pre-create rooms ahead of a meeting start and perform participant assignment tasks (both auto and manual) in advance.
This is rolling out on desktop only.
When this will happen?
Rollout will begin mid-October (previously mid-September) and should be complete by late October (previously late September).
How this will affect your organization?
Via this capability, organizers of Channel and Private meetings will be able to perform the following Breakout Rooms configuration tasks before a meeting begins:
· Bulk creating / deleting rooms
· Adding / deleting / renaming individual rooms
· Configuring meeting options for each room
· Adjusting settings for breakout rooms session (timer, selecting breakout rooms managers and more)
· Pre-assigning participants via both manual and automatic assignment options
Before a meeting starts, meeting organizers will be able to access a new tab in scheduling form called Breakout rooms that will enable them to pre-create breakout rooms and pre-assign participants.
Note:
· During live session, rooms will only be managed via the Breakout Room panel in the meeting itself (organizer or BR manager are required to join the meeting)
· Only invited attendees will be available for assignment, up to 300 participants (At this time, invited channel members will not be available for pre-assignment)
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate
Learn more:
Use breakout rooms in Teams meetings will be updated after launch.
MC278675 – (Updated) Updates to Spam Confidence Level within EmailEvents table in Advanced Hunting
Updated September 21, 2021: We have updated the rollout timeline below. Thank you for your patience.
We will be changing the named values under Spam confidence levels from the existing set (Not Spam, Moderate, Skipped, High) to Normal and High. This change is applicable to the field ConfidenceLevel within Email Events. There will be no change made to the Column Name or how data is represented. The only change is around the named values, that will align to the new values Normal and High, whenever a Spam ThreatType is detected.
Key points:
· Timing: begin at the end of September (previously mid-September) and complete by end of October (previously mid-October)
· Roll-out: tenant level
· Control type: admin control
· Action: review, assess and update all saved queries
How this will affect your organization?
Note: Once this change is enabled, you will start seeing the named values Normal and High within Spam Confidence level.
· If you have any queries and or custom detections that are relying on the old values, they will not work after this update.
· You will need to update your saved queries and custom detections to align with the new values, Normal and High
What you need to do to prepare?
You might want to update your training and documentation as appropriate.
MC277639 – (Updated) Microsoft 365 roadmap site updates
Updated September 30, 2021: We have updated the rollout timeline below and provided additional details. Thank you for your patience.
We will be making updates to the Microsoft 365 roadmap on how you view, filter, search for, and sort the information.
When this will happen?
We will roll this out in mid-October (previously late September).
How this will affect your organization?
The below changes are coming to help your organization better organize and manage key information on the Microsoft 365 roadmap.
UI changes
· See last added will be removed from the header and can be accessed in the filters, under New/updated
· Filters will be moving just below the header image, inline with the search bar, so it’s easier to view your selected filters and if you have search turned on
· The features will be displayed on feature cards, as opposed to a table format, in order to optimize space and make information easier to view
· You will be able to sort the feature cards by either preview date or Generally Available (GA) date
· Status will be represented visually on the feature card to save space and make it easier to perform a quick scan
· Feature cards will be easier to collapse if you want to explore looking at the status, title, and preview and GA dates
· On the feature card;
o you will be able to see tags organized by category (product, release phase, platform, cloud instance)
o you will be able to initiate a feedback submission (the feedback experience does not change)
· Mobile view – the same changes will be applicable in mobile view so you can easily view, sort, filter, and search
API changes
· Preview date will be a new data point available to you
· The filters or tags will be prefaced by a category name
Understanding the new Preview data
· Not all features will have public previews, however when a public preview date is available, it will be displayed
· The status of a roadmap item (In Development, Rolling Out or Launched) will be in relation to the GA date and not the preview date
The Preview data will be available and the roadmap item’s description will be updated to read, “This item is currently available in Public Preview” when the following is true:
· Roadmap item has a Preview Tag, Preview Date and we are in the Preview Month
Below is a sample of the updated JSON format enabling both the new preview dates and the categories for the various tags
{
"id": 68731,
"title": "Microsoft Teams: Microsoft Graph API for Teams Export (Preview)",
"description": "Enterprise Information Archiving (EIA) for Microsoft Teams is a key scenario for our customer as it allows them to solve for retention, indexing, e-discovery, classification, and regulatory requirements. The Teams Export API allows the export of Teams Messages (1:1 and group chat) along with attachments (file links and sticker), emojis, GIFs and user @Mentions. This API supports polling daily Teams messages and allows archiving of deleted messages up to 30 days.",
"status": "In development",
"moreInfoLink": null,
"publicRoadmapStatus": "Include this month",
"tags":
{
"tagName": "Microsoft Teams",
"tagCategoryId": 1
},
{
"tagName": "Web",
"tagCategoryId": 2
},
{
"tagName": "",
"tagCategoryId": 3
},
{
"tagName": "Worldwide (Standard Multi-Tenant)",
"tagCategoryId": 4
}
,
"created": "2020-09-22T16:34:04.613Z",
"modified": "2021-08-31T23:29:25.33Z",
"publicDisclosureAvailabilityDate": "September CY2021",
"publicPreviewDate": "April CY2021"
},
What you need to do to prepare?
You might want to notify your users about these changes and update any documentation as appropriate.
MC277413 – (Updated) General Availability of automatic labeling using trainable classifiers in Office apps for Windows and Web (gov clouds)
Microsoft 365 Roadmap ID 82119
Updated September 10, 2021: We have updated the rollout timeline below. Thank you for your patience.
Within the Microsoft 365 compliance center, you will now be able to create sensitivity labels and corresponding automatic or recommended labeling policies in Office apps using built-in classifiers as well as your own custom trainable classifiers.
When this will happen?
Rollout will begin in early October (previously mid-September) and is expected to be complete by early November (previously mid-October).
How this will affect your organization?
The following Office applications will support automatic sensitivity labeling using built-in trainable classifiers (Resume, Source code, Threat, Harassment, Profanity), as well as your own custom trainable classifiers:
· Microsoft 365 Apps for enterprise (formerly Office 365 Pro Plus) for Windows, Current Channel in version 2009 and later:
o Word
o Excel
o PowerPoint
o Outlook
· Office Online Apps (Opt-in to enable sensitivity labels required)
o Word Online
o Excel Online
o PowerPoint Online
o Outlook Web
What you need to do to prepare?
Get started creating labels and policies in the Microsoft 365 compliance center:
· Microsoft 365 compliance center for GCC
· Microsoft 365 compliance center for GCC-High
· Microsoft 365 compliance center for DoD
Learn more by reviewing this documentation:
· Manage sensitivity labels in Office apps - Microsoft 365 Compliance | Microsoft Docs
MC277112 – (Updated) Introducing background effects on the web
Microsoft 365 Roadmap ID 85738
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience.
Introducing background effects on web. If you want to change what appears behind you in your video meeting or call, you can either blur your background or replace it entirely with any image you want.
Note: Blurring or replacing your background might not prevent sensitive information from being visible to other people in the call or meeting.
When this will happen?
We expect this rollout to begin in early October (previously early September) and expect the rollout to be completed by late October (previously late September).
How this will affect your organization?
Web users will now have the ability to use background effects for video calls. You can manage the Video effects policy via PowerShell or via the Tenant Admin dashboard.
MC276031 – (Updated) Up to 25,000 members per team in GCC-High
Microsoft 365 Roadmap ID 85339
Updated September 03, 2021: We have updated the rollout timeline below. Thank you for your patience.
We are pleased to announce that you can now add up to 25,000 members per team in GCC-High. Once this rolls out to your tenant, all new and existing teams will be able to grow and host up to 25,000 members.
We expect this rollout to begin mid-October (previously early September) and expect the rollout to be completed in late November (previously October).
How this will affect your organization?
All new and existing teams will now be able to host up to 25,000 members.
What you need to do to prepare?
No special preparation needed. You may want to update your documentation as necessary.
MC274520 – (Updated) New default for Teams notification style for GCC-High
Microsoft 365 Roadmap ID 86087
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience.
With this change the default Notification Style (specifically for new users) will change to Native Notifications from Teams Built In. This will apply across Windows and Mac.
NOTE: The current default notification style for new users is Teams Built In.
When this will happen?
We expect this rollout to begin at the end of September (previously early September) and expect it to be completed by early October (previously mid-September).
How this will affect your organization?
New users will be defaulted to receive Native Notifications (rather than Teams Built In) which provide a host of benefits like support for focus assist mode, notifications in action center and OS improvements. A user can choose to change their notification style to settings -> notifications -> notification style.
NOTE: Existing users who have already set their default notification settings will not be affected.
What you need to do to prepare?
There is no specific action required. You may want to update your documentation as needed.
MC274188 – (Updated) Teams Meeting Recording Auto-Expiration in OneDrive and SharePoint
Microsoft 365 Roadmap ID 84580
Updated September 23, 2021: We have updated the rollout timeline below. Additionally, we have updated this post to correct the setting modification capability limitations and will provide an additional update when those limitations are corrected.
As part of the evolution of the new Stream (built on SharePoint), we are introducing the meeting recording auto-expiration feature, which will automatically delete Teams recording files stored in OneDrive or SharePoint after a preset period of time.
Note: The cmd to preemptively change the MeetingExpirationDays setting in Teams is not available yet, we apologize for the inconvenience. It will be available for all tenants to set by September 1st before the expiration feature is enabled.
Key points:
· Timing: early November (previously late September) through mid-November
· Roll-out: tenant level
· Control type: user control and admin control
· FAQs: https://docs.microsoft.com/microsoftteams/cloud-recording#auto-expiration
· Action: review, assess and decide what you want the default expiration period to be for your organization
How this will affect your organization?
New recordings will automatically expire 60 days after they are recorded if no action is taken. The 60-day default was chosen as, on average across all tenants, most meeting recordings are never watched again after 60 days. However this setting can be modified if a different expiration timeline is desired.
Modification of the default value is not yet possible, but we will update this message center post when you are able to modify it. We will provide instructions on how to modify the setting in PowerShell or the Teams Admin Center at that time. You will be able to modify the setting before the feature goes live.
Users (except for users with A1 licenses) can also modify the expiration date for any recordings on which they have edit/delete permissions, using the files details pane in OneDrive or SharePoint. A1 users will receive a 30-day expiration default that can be reduced but not increased. To retain recordings for longer than 30 days A1 users will need to download the file to a non-synced folder.
At either the tenant or user level (excluding A1 users as noted above), the expiration timeline can range from one day to several years, or even set to never auto-expire.Users (except for users with A1 licenses) can also modify the expiration date for any recordings on which they have edit/delete permissions, using the files details pane in OneDrive or SharePoint. A1 users will receive a 30-day expiration default that can be reduced but not increased. To retain recordings for longer than 30 days A1 users will need to download the file to a non-synced folder.
At either the tenant or user level (excluding A1 users as noted above), the expiration timeline can range from one day to several years, or even set to never auto-expire.
Additional clarifications:
· The expiration setting is not a retention setting. For example, setting a 30-day expiration on a file will trigger an auto-deletion 30 days after the file was created, but it will not prevent a different system or user from deleting that file ahead of that schedule.
· When a recording is deleted due to the expiration setting, the end user will be notified via email. The SharePoint tenant or site admin, or the end user with edit/delete permissions will be able to retrieve the file from the recycle bin for up to 90 days.
· Any retention/deletion/legal hold policies you have designated in the Compliance center will override this feature. In other words, if there is a conflict between your designated Compliance policy setting and the expiration setting, the compliance policy timeline always wins.
· The admin does not have the ability to override end-user modification capabilities.
· This will not impact any existing meeting recordings created before the feature is deployed. Also, any changes to the default date in the admin console will only apply to newly created meeting recordings after the change is made.
· The min number of days that can be set on MeetingRecordingExpirationDays is 1 and the maximum is 99,999 (e.g. 273 years).
· This feature does not impact meeting recordings stored in Microsoft Stream (classic Stream) but will affect recordings stored in the new Stream (built on OneDrive and SharePoint).
· This feature is only available for Teams meeting recordings created by the Teams service in OneDrive and SharePoint. It is not available for other file types in OneDrive and SharePoint.
What you need to do to prepare?
Once we enable the setting modification, please change the default if you do not want to inherit the 60-day default we are setting for you. An updated message center post will be published when modification is possible.
If you are going to specify a tenant level expiration standard, inform your user base about the change before we deploy it so that they are aware they will need to take action to retain their new recording files past the specified time period once the feature is enabled.
Learn more about the feature in these FAQs.
MC271631 – (Updated) Microsoft Teams Revised In-meeting Share Experience
Microsoft 365 Roadmap ID 70560
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience.
Microsoft Teams desktop users on Windows and Mac will soon have a revised share experience while in meetings.
Key points:
· Timing: mid-October (previously mid-August) through mid-November (previously mid-September)
· Roll-out: tenant level
· Control type: user control
· Action: review and assess
How this will affect your organization?
In Microsoft Teams desktop client on Windows and Mac, users will see a new design when sharing their screen, window, or PowerPoint during meetings, as shown below.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC268726 – (Updated) Real-time messaging protocol (RTMP) Streaming Support to Custom Endpoints
Microsoft 365 Roadmap ID 83562
Updated September 14, 2021: We have updated the rollout timeline below. Thank you for your patience.
Microsoft Teams will support the ability for your users to stream their Teams meetings and webinars to large audiences through real-time messaging protocol (RTMP) including endpoints outside your organization.
This feature will rollout on desktop and Mac.
When this will happen?
· Standard: We will begin rolling this out in late October (previously late September) and expect to complete rollout by late November (previously late October).
· Government: We will begin rolling this out in late October (previously late September) and expect to complete rollout by late November (previously late October).
How this will affect your organization?
With this feature enabled, Microsoft Teams will support the ability for your users to stream their Teams meetings and webinars to large audiences via RTMP, including endpoints outside your organization (such as LinkedIn, Facebook, and YouTube).
What you need to do to prepare?
This feature will rollout default OFF. If you would like to enable this feature, you can do so by turning on LiveStreamingMode user-level policy with the following command in Powershell:
· Set -CsTeamsMeetingPolicy -LiveStreamingMode Enabled
Visit this help documentation for more information.
MC268725 – (Updated) Microsoft Teams: webinars plus new meeting registration options for GCC
Microsoft 365 Roadmap ID 83611
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience.
We are excited to announce the forthcoming availability of Teams webinar capabilities, beginning rollout in early August 2021
Associated features that apply to webinars and meetings, include:
· Registration page creation with email confirmation for registrants.
· Reporting for registration and attendance.
These capabilities will be available to users with the following licenses: Office 365 or Microsoft 365 E3/E5/A3/A5/Business Standard/Business Premium.
For the rest of 2021, we are offering temporary availability to Teams users to try the features with their existing commercial subscription.
Note: We will honor any existing meeting settings enabled within your organization.
Key points:
· Timing: beginning mid-October (previously mid-September) through mid-December (previously mid-November)
· Control type: user control / admin control / admin UI
· Action: review and assess
How this will affect your organization?
When scheduling a meeting, your users will see the Webinar option on the Calendar drop down menu in Teams (desktop/web).
Additionally, users will be able to add registrations for meetings and webinars for people in your organization and outside of your organization.
The registration feature will be on by default For everyone. In order to view who attended the webinars, we recommended setting the “AllowEngagementReport” policy to true. Please see previous June (MC260565) for how to configure Attendance report policy.
Note: We will honor any existing meeting policies enabled within your organization:
· If allow scheduling private meetings is turned off, then users will not be able to schedule webinars.
· When anonymous join is disabled for the tenant, users can schedule a public webinar but it will fail on join.
· SharePoint lists are required in order to set up webinars. To set this up, learn more here: Control settings for Microsoft Lists
What you need to do to prepare?
By default, all users within your tenant will be able to schedule webinars unless current policy configuration prohibits it.
Should you wish to restrict who can host a webinar that requires registration for everyone, change the WhoCanRegister policy accessed in the Teams admin center.
· You can disable this policy tenant-wide
· You can enable this policy for specific users
You can manage the registration feature in the Teams admin center or with PowerShell commands. There are three options for admin management.
· Turn off registration for the entire tenant (set AllowMeetingRegistration to False)
· Turn off registration for external attendees (set AllowMeetingRegistration to TRUE and WhoCanRegister to EveryoneInCompany)
· Give select users the ability to create a registration page that supports external attendees. All other users would be able create a registration page for people inside the tenant. (Leverage the New-CsTeamsMeetingPolicy cmdlet to create a new meeting policy that includes AllowMeetingRegistration to TRUE and WhoCanRegister to Everyone and then assign that to your specific users)
These policies are managed via PowerShell.
· Edit an existing Teams meeting policy by using the Set-CsTeamsMeetingPolicy cmdlet.
· Create a new Teams meeting policy by using the New-CsTeamsMeetingPolicy cmdlet and assign it to users.
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC268191 – (Updated) Meeting Join Custom Branding - GCC
Microsoft 365 Roadmap ID 79957
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience. Additionally, this feature will be available as a preview until December 31, 2021. After that, an Advanced Communications license is required to continue using this feature, as noted below.
This new release of meeting Join Custom Branding will allow tenant admins to upload their company logo to the Teams admin portal so it appears on the meeting pre-join and lobby screens for meetings organized by members of their tenant.
The logo will be seen by users joining on desktop, web, and mobile.
When this will happen?
Rollout will begin at the mid-October (previously end of August) and be complete at the end of October (previously early September).
How this will affect your organization?
This update gives users who join your meetings a branded experience distinctive to your tenant. The feature is part of the Advanced Communications license, meaning the logo will appear only if the meeting organizer has the license. The feature has been implemented as a meetings policy to give tenant admins choice and the flexibility to apply the logo to certain members or globally.
· Multiple logos can be upload at once, allowing you to assign different logos to different people or groups if that's helpful for your tenant.
· You will have an option to preview how the logo looks before uploading.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC267138 – (Updated) Additional third-party data connectors in Microsoft 365 compliance center for GCC
Microsoft 365 Roadmap ID 82038
Updated September 03, 2021: Based on learnings from our early rings, we have made the decision to make additional changes before we proceed with the rollout. We will deliver a new Message center post once we re-start the rollout. Thank you for your patience.
Admins can use data connectors to import and archive third-party data from social media platforms, instant messaging platforms, and more to mailboxes in your Microsoft 365 organization. This enables you to extend various Microsoft 365 compliance solutions to the imported content, helping ensure that non-Microsoft data is in compliance with the regulations and standards that affect your organization. We're rolling out a new set of data connectors to expand this capability to an additional group of third-party data sources.
When this will happen?
We will communicate via Message center when we are ready to proceed.
How this will affect your organization?
The following Veritas (formerly Globanet) data connectors are being onboarded to the GCC environment:
Note: Before you can archive data in Microsoft 365, you have to work with Veritas to set up their archiving service (called Merge1) for your organization.
Additional third-party data connectors will be made available within the Microsoft 365 compliance center as they complete testing and attestation, and will be communicated via Message Center.
What you need to do to prepare?
MC266077 – (Updated) SharePoint Collapsible Sections
Microsoft 365 Roadmap ID 67147
Updated September 30, 2021: As shared previously, the new Collapsible Sections was deployed to 100% of Targeted Release customers. We held the solution at the Targeted Release phase while we addressed some issues that were reported with the solution. The issues have now been addressed and we will be resuming the global rollout to all customers. It is now our expectation that we’ll complete the rollout of the feature by the end of October 2021. Thank you for your patience.
This new feature will allow users to create rich, information-dense SharePoint pages. As part of this release, we will enable the page author to configure sections within the SharePoint page to be able to expand, collapse and set the default page-load state for the section.
When this will happen?
We will begin rolling out to Targeted release (select users and organization) in early July and expect to be complete for Standard release in late October (previously late September).
How this will affect your organization?
This feature will give authors new ways to build rich and interesting SharePoint pages.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC265759 – (Updated) Microsoft Defender for Office 365: Extending Secure by Default for Exchange Transport Rules (ETRs)
Updated September 30, 2021: We have updated the rollout timeline below. Thank you for your patience.
Microsoft believes it’s critical to keep our customers secure by default. We have determined that legacy overrides tend to be too broad and cause more harm than good. As a security service, we believe it's imperative that we act on your behalf to prevent your users from being compromised. This means these legacy overrides will no longer be honored for email messages we believe are malicious. We already apply this approach with malware messages and now we have extended it to messages with high confidence phish verdicts. We have been taking a very deliberate approach to rolling out these changes in phases to ensure customers are not surprised and there are no negative side effects. We began to rollout Secure by Default for high confidence phishing messages by the override type starting in December 2020 (Roadmap ID 60827). Today, we’re at a point in our Secure by Default journey where the following overrides are not honored for malicious emails (malware or high confidence phish emails):
· Allowed sender lists or allowed domain lists (anti-spam policies)
· Outlook Safe Senders
· IP Allow List (connection filtering)
We are now extending Secure by Default to cover high confidence phishing messages for the remaining legacy override type, Exchange mail flow rules (also known as transport rule or ETRs).
Key Points:
· Timing: We will begin rolling out Secure by Default for ETRs starting at the end of August (previously early August) and complete rollout by end of October (previously the end of September).
· Action: Review and assess impact.
How this will affect your organization?
After the last phase of Secure by Default is enabled in August for ETRs, Defender for Office 365:
· Will no longer deliver messages with a high confidence phish verdict, regardless of any explicit ETRs.
· Will no longer recommend using ETRs to configure third-party phishing simulations or Security Operations mailbox message delivery.
What you need to do to prepare?
If you are currently using Exchange mail flow rules (also known as transport rules or ETRs) to configure your third-party phishing simulation campaigns or delivery for security operation mailboxes, you should begin to configure these with the new Advanced Delivery policy when the feature is launched in July (Roadmap ID 72207). For more information, please refer to message center post MC256473. Administrators should also use the submission portal to report messages whenever they believe a message has the wrong verdict so that the filter can improve organically. We are further improving this experience with the integration of the Tenant Allow/Block List (TABL) in the Admin submission portal. With this update, you will be able to override filtering verdicts and allow similar messages while your submission is being reviewed. Please see message center post MC267137 to learn more.
Note: If your organization has compliance requirements that make it necessary to opt out of this change, that requirement is met by Microsoft Defender for Office 365 continuing to honor the ETR when MX record points away from us (not O365).
Learn more:
· Microsoft Defender for Office 365 tech community blog announcing the final phase of Secure by Default rollout: Mastering Configuration Part Two (microsoft.com)
· How we are keeping customers secure: Secure by default in Office 365 - Office 365 | Microsoft Docs
· MS documentation on the new Advanced Delivery Policy: Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOp...
MC259495 – (Updated) End-to-end encryption for Teams calling - GCC
Microsoft 365 Roadmap ID 70780
Updated September 21, 2021: We have updated the rollout timeline below. Thank you for your patience.
End-to-end encryption is the encryption of information at its origin and decryption at its intended destination without the ability for intermediate nodes to decrypt. Teams will support an option to use end-to-end encryption (E2EE) for ad hoc 1:1 Teams VoIP calls. To support customer security and compliance requirements, IT will have full control of who can use E2EE in the organization.
When this will happen?
We expect to begin rolling this out in early November (previously late September) and expect the rollout to be completed by end of November (previously early October).
How this will affect your organization?
· Admins:
o A new policy will be added and it will have parameter to enable E2EE for 1-1 calls, default value is OFF so no impact until enabled. Admin can enable E2EE for a set of users or entire tenant.
· End users:
o If allowed by admin, the end user will see E2EE option in their settings, by default it will be OFF until switched ON by end user. E2EE calls will only support basic calling features like audio, video, screen share, chat and advanced features like call escalation, transfer, record, merge etc. will not be available.
What you need to do to prepare?
· E2EE calls first release will only support basic calling features and many advanced features like escalation, call transfer, recording, captions etc. will not be available in E2EE calls, end users will be made aware of all the limitations when they opt-in.
· E2EE will work only when both caller and call receiver have enabled E2EE
· Feature will be available on Desktop and Mobile clients only
MC256838 – (Updated) Azure B2B Integration with SharePoint Online is now Generally Available - GCC
Microsoft 365 Roadmap ID 81955
Updated September 03, 2021: We have updated the rollout timeline below. Thank you for your patience.
Azure B2B Integration with SharePoint Online and OneDrive is now generally available.
When this will happen?
We will begin rolling this out in late October (previously late July) and expect to complete rollout in late November (previously late August).
How this will affect your organization?
To enable this integration while it was in Preview, customers were required to enable the feature in SharePoint Online Management Shell and to enable One Time Passcode in Azure Active Directory (AAD). Going forward, only the PowerShell flag is required to enable this integration. While disabled, external sharing in OneDrive and SharePoint Online will use the SharePoint Online One Time Passcode experience.
· When the integration flag is enabled: External users will be invited via the Azure B2B platform when sharing from SPO. If Azure B2B One Time Passcode option is enabled, recipients that do not have password backed accounts will get a sign in experience through AAD that uses One Time Passcodes. Otherwise, external users will authenticate via their own AAD account or via an MSA account.
· When the integration flag is not enabled: External users will continue to use their existing accounts previously invited to the tenant. Any sharing to new external users may result in either AAD backed accounts or SPO only email authorized guests that use an SPO One Time Passcode experience for sign in.
Note: This integration is still disabled by default and can be enabled by tenant administrators using the SharePoint Online Management Shell.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
Learn how to enable Microsoft SharePoint and Microsoft OneDrive integration with Azure AD B2B
MC256837 – (Updated) Sharing Links for Microsoft Lists is now available
Microsoft 365 Roadmap ID 81965
Updated July 10, 2021: We have updated the rollout timeline below. Thank you for your patience.
This release will allow users to now share Microsoft Lists using the same sharing links that they have been using for files and folders.
When this will happen?
We will begin rolling this out in early September (previously May) and expect to complete at the end of October (previously end of July).
How this will affect your organization?
Users can now share entire lists using sharing links. The experience is identical to the sharing links experiences that are supported for files and folders. The same admin controls that apply to sharing files and folders will also apply to lists and list items.
What you need to do to prepare?
You might want to notify your users about this new capability and update your training and documentation as appropriate.
MC256466 – (Updated) Information barriers feature and service plan coming to GCC-High and DoD
Microsoft 365 Roadmap ID 70729
Updated September 21, 2021: We have updated the rollout timeline below. Thank you for your patience.
With this feature release, you will now be able to configure and apply information barriers policies. You will also see a new service plan, Information Barriers, as part of your licensing details.
Key points:
· Timing: Rollout will begin in late September (previously mid-August) and is expected to be complete by late November (previously end of August).
· Roll-out: tenant level
· Control type: admin control per below roles
· Action: review and assess
How this will affect your organization?
The information barriers compliance feature enables restricting communication and collaboration between two groups to avoid a conflict of interest from occurring in your organization. After this change takes place, you’ll be able to prevent users in your organization from interacting with and viewing other members of your organization. This is particularly helpful for organizations that need to adhere to ethical wall requirements and other related industry standards and regulations.
What you need to do to prepare?
Note: To define or edit information barrier policies, you must be assigned one of the following roles:
· Compliance administrator
· IB Compliance Management
· Microsoft 365 global administrator
· Office 365 global administrator
You may consider updating your training and documentation as appropriate.
Learn More:
· Define information barrier policies
· Learn about information barriers in Microsoft 365
MC253497 – (Updated) Together Mode – GCC-High and DoD
Microsoft 365 Roadmap ID 68847 and 70625
Updated September 28, 2021: We have updated the rollout timeline below. Thank you for your patience.
This release of Together mode uses AI segmentation technology in meetings to digitally place participants in a shared background, making it feel like users are sitting in the same room. This is rolling out on Teams desktop.
When this will happen?
· GCC-High: We will begin rolling this out in early June (previously early May) and expect to complete rollout late June (previously late May) – complete
· DoD: We will begin rolling this out in early October (previously early September) and expect to complete rollout mid-November (previously mid-October).
How this will affect your organization?
Meeting participants in your tenant can now view participants in Together Mode. Additionally, users will be able to select from various different virtual spaces and change the scenes in Together Mode.
Microsoft 365 IP and URL Endpoint Updates |
Documentation - Office 365 IP Address and URL web service
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.