User Profile
BMoreOs
Brass Contributor
Joined 3 years ago
User Widgets
Recent Discussions
Microsoft Security Recommendation issues and Impersonation
Within the numerous dashboards for Microsoft, we see impersonation protection as failed/not compliant, or not enabled in our environment. This is a 2-part question: 1. Does it work well? Why do we see impersonated emails in our environment despite having the users set up for it? We have seen 3 in the last week for our CEO even though he is on the list. 2. Despite having it on and our owned domains added, the environment still shows we don't have it setup. Also, it gives us a limit of 350 users, are we supposed to check each person one by one? Why negatively impact security scores when you are only supposed to set this up for VIPs? Why not allow it to be on for all users? EDIT: This is what it advises even though you are limited to 350 users.Ensure that all users have an assigned anti-phishing policy with ‘Enable domains to protect’, ‘Include domains I own’and ‘Include custom domains’options enabled, by either updating your existing policies or creating new ones.Sending OneDrive Files Externally is not working correctly
We send OneDrive file links to external partners. I setup a test account with F3 licensing which is what these users have. Sending from my test account to a Gmail account, the Gmail account receives the email, clicks the link and enters the email address and one time passcode.... no issues opening and downloading the files. For other users, when they send, the link forces them to login into our tenant to download the file. The external user doesn't have a guest account in our tenant so they have an error. I don't understand why it's doing this for the other users and not my test account. All settings are the same for both users. Below are the default sharing settings in SharePoint admin. How can I fix this quickly? ThanksData Retention, Compliance, and Litigation Holds
We recently revamped our data retention policies and now I need to set up everything in M365. In the past, we would enable litigation hold under the user's account. Since that only does email, that is not enough. We are now drastically shortening our retention policy and it's critical that all data for a user is accessible if they were brought into a litigation issue. So if we were subpoenaed, I would "freeze" the users data and then it would be possible to search if we were required 1/2/3 months down the road. Is the best way to do this by starting an eDiscovery search and placing everything on hold but not searching for anything? Then, if we were required to search the account, I would edit that eDiscovery hold to include specific queries? Or maybe I would create a "Litigation Hold" retention policy outside of the new default one that would hold their data indefinitely? That seems like a pain to exclude the user and then add them to the other and probably not efficient. Looking for advice from anyone who does this a lot as Microsoft gives a ton of options.. which is great, but it makes it difficult to know the best way when handling critical data.Teams Guests
I looked around and cannot figure this out. We have a vendor we are using short term who has Microsoft Teams. We also use teams. The communication involves sensitive data. We want to add the vendors in as guest accounts for communication. I added in one as a test account and they do not have the ability see or chat with anyone in our org. All settings are correct. They also have no visibility of the Team I added them to. Also, we want the chat data to stay in our tenant so it will not be available to the vendor after our project is complete. Is that possible? ThanksAdmin Teams Attendance Reporting
A manager contacted IT and needs a Teams' attendance report for those that report to her. Basically needs to know if scheduled meetings are happening on time and if those who are invited are showing up. If I go to Manage User and find the users, I see "Past Meetings" which lists the meetings and participants. If I click the meeting ID, the data the manager asked for is there. Unfortunately, there is no way to properly export this to provide the data the manager requested as the individual meetings only show that particular meeting. For "Past Meetings", there is no way to export. Is there a way to export this data?Secure Remote Management
I need a secure and easy way to pull files from remote users on network and via Intune. This problem keeps coming up and rather then having to bother the user, global admins need to remotely connect to file explorer and pull a log file in various situations. It is not critical for this to work via Intune as the majority of the laptops we need to do this for are in an office and on domain.. but knowing how to do it via Intune would be great since we will eventually be moving all devices to it. I looked into PSTools and see that I need to enable firewall rules for some ports and some services via GPO. After testing it, I see that I have to enable file and print sharing firewall rules too. A further test showed that attack surface rules need to be modified... that is where I draw the line. What is everyone doing to securely allow this functionality? ThanksSharepoint / Azure Storage Best Practices
Hello - We are buying a company and beginning to look at bringing all resources in. 2 old systems they have will be replaced with what we are currently using, leaving around 5 TBs of data that will need to be queried every 3-6 months or so. We do have hardware on prem where we could just throw it on there and save on costs but Sharepoint or Azure may be best if the cost is not too high. Our current Sharepoint library has all company documents and we have 2 TBs free of 4 TB. So I guess that isn't the best option. Next would be Azure? Azure cold or archived? I am not too familiar with that. In the end, we want to have this data accessible whenever it would be needed (compliance or audits, for example) but do not want to spend a ton. If on prem is the best option, we are OK with that too.IPSec Azure AD
Hi. Really need help on this one as I am new to Azure. We are setting up an IPSec tunnel from our router to our new billing vendor for SSO. The router we have is not compatible with their setup... They refuse to modify anything and they do not have access to SSO registration for Azure SSO. It is on us now to figure out a solution. We have a connection from on prem to Azure AD for syncing. I see the virtual network, etc. but I am not aware if I can just add a new connection that can route to the new vendor. I am getting errors that the connection is already being used when I am setting it up. Can I latch onto that connection or do I need to setup something completely new? Do I need to create a connection from Azure to on prem AND to the vendor? Or can I just have a connection from Azure to the vendor for access to Azure AD? ThanksTeams Screen Share Problems
Hi - We have a weekly Teams meeting for new hire orientation. A particular remote speaker joins 30-45 minutes into the meeting to speak on their part. The presenter always has to share the slides again in order for them to see it. Why is this and how do we permanently fix that issue? ThanksMicrosoft Defender P1 and P2 - Any issues?
Hi All - I currently subscribe to Defender P1, with no known issues in the past. Everything worked great after testing and deploying. I would like to trial out P2, but I want to make sure it will not cause any issues. It should not, right? Does anyone have any experience with P2 blocking legitimate services and causing issues? Part 2 - If I turn it on and it does cause issues, is the fastest way to fix it just turning it "off"? I want to be as prepared as I can be. Thanks
