User Profile
VasilMichev
MVP
Joined Jun 23, 2016
User Widgets
Recent Discussions
Re: Older Emails not showing in group mailbox
Are you using cached mode? And what's the value selected for the "cache slider"? The reason I'm asking this is because in newer Outlook versions, the same settings apply to both the primary and any additional mailboxes, i.e. automapped shared ones. So if the "main" mailbox is configured to only show 1 year worth of emails, the same will apply tot he shared ones. Here's an article with more details: https://learn.microsoft.com/en-us/microsoft-365-apps/outlook/data-files/shared-mail-folders-in-cached-exchange-mode Apart from the reg keys mentioned in the article above, you can consider adding the shared mailbox as additional account in Outlook, instead of having it as additional mailbox/automapped. The steps for that are here: https://michev.info/blog/post/3567/how-to-add-a-shared-mailbox-as-additional-account-in-outlook-2022-version14Views1like0CommentsRe: How do you work around the client restrictions for opening encrypted documents?
You need an "enlightened" app to work with IRM-protected documents, there is no other way around it. So you're at the classical crossroad - decide between usability and security. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip36Views1like0CommentsRe: Exchange online retention policy
Yes, you can use groups. Keep in mind that only the current membership of the group will be accounted for, future changes will not be reflected. For a more dynamic approach, consider using Adaptive scopes instead. https://learn.microsoft.com/en-us/purview/retention-settings#configuration-information-for-exchange-mailboxes-and-exchange-public-folders48Views1like0CommentsRe: Objects in a Retention Policy populated by Adaptive Scopes
Neither policy distribution nor scope provisioning/changes are immediate processes, here's the relevant quote from the documentation: It can take up to five days for the queries to fully populate and changes aren't immediate. Factor in this delay by waiting a few days before you add a newly created scope to a policy. That said, my previous replies are indeed wrong/insufficient. After taking a closer look at an adaptive scope policy, I can see what you are referring to, and neither cmdlets mentioned above will give you this data. Afaik, there is no PowerShell equivalent of the endpoint used (https://purview.microsoft.com/apiproxy/gws/DlmServices/AdaptivePolicyReports('a06715ef-3e41-4991-a79b-da526933aac4')/Locations) and the only method to monitor the progress of policy applications seems to be via the Audit log. Outside of the UI, that is. Here's what a sample audit log entry looks like: RecordType : DataGovernance CreationDate : 26/01/26 20:12:14 UserIds : 75c66a25-a1d9-4853-97c6-b56d70d2fcc6 Operations : ApplicableAdaptivePolicyChange AuditData : {"CreationTime":"2026-01-26T20:12:14","Id":"14ed604f-5bb0-4193-b490-08de5d17327b","Operation":"ApplicableAdaptivePolicyChange","OrganizationId":"923712ba-352a-4eda-bece-09d0684d0cfb"," RecordType":38,"UserKey":"75c66a25-a1d9-4853-97c6-b56d70d2fcc6","UserType":4,"Version":1,"Workload":"SecurityComplianceCenter","ObjectId":"ToBeRemoved@michev.info","UserId":"75c66a25-a 1d9-4853-97c6-b56d70d2fcc6","ExtendedProperties":[{"Name":"AssociatedAdaptivePolicyIds","Value":"a06715ef-3e41-4991-a79b-da526933aac4"},{"Name":"DissociatedAdaptivePolicyIds","Value":" "},{"Name":"CorrelationId","Value":"47fe9801-f3eb-4cc6-af0a-d1f4b046c7eb"}],"ObjectType":"User"} ResultIndex : 1 ResultCount : 1 Identity : 14ed604f-5bb0-4193-b490-08de5d17327b IsValid : True ObjectState : Unchanged So a query like this should do: Search-UnifiedAuditLog -StartDate (Get-Date).AddDays(-1) -EndDate (Get-Date).AddDays(1) -Operations ApplicableAdaptivePolicyChange4Views0likes1CommentRe: Objects in a Retention Policy populated by Adaptive Scopes
Get-AdaptiveScope/Get-AdaptiveScopeMember give you that info: https://learn.microsoft.com/en-us/powershell/module/exchangepowershell/get-adaptivescopemembers?view=exchange-ps Refer to the examples in the article for an "export" method as well.49Views0likes5CommentsRe: How do I import Purview Unified Audit Log data related to the use of the Audit Log into Sentinel?
The Microsoft 365 connector is what you need, see for example https://learn.microsoft.com/en-us/azure/sentinel/connect-services-api-based There are few additional connectors that cover Entra ID data, Defender, Information protection and so on. It all boils down to what data you need.46Views0likes1CommentRe: Setting up mail forwarding of an account with no Outlook license
"Standard" forwarding controls do indeed require a mailbox, but you should be able to use a mail flow rule instead: https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/mail-flow-rule-actions Configure the conditions as needed and use the RedirectMessageTo action.39Views0likes0CommentsRe: Extract telephoneNumber/businessPhones in Graph via PowerShell
Some properties are considered "sensitive", so you might need additional permissions/admin roles to work with them. See for example this document: https://learn.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0#sensitive-actions The other thing that comes to mind is to make sure to specifically request the property: Get-MgUser -All -Property DisplayName,Id,businessPhones | select DisplayName,Id,businessPhones118Views0likes0CommentsRe: Reachability of a domain across multiple tenants
A domain can only be verified in a single tenant. The easy solution is to use subdomains, i.e. us.company.com, ca.company.com and so on. More convoluted solutions involve cross-tenant sync, guest users and so on, and why this can help with getting the users into a single tenant, they will still keep their own identity/email addresses, associated with the "home" tenant.59Views0likes0CommentsRe: Teams, SharePoint, Viva Engage - which to use for dept comms?
Teams should do just fine, unless you have some special requirements. Create a new team with all the users (you might be able to use a dynamic membership one), configure a channel or two for generic announcements that can only be published by specific people (i.e. enable moderation), and some that are "free" for all to share praise/recognitions/etc. As each team comes with its own SharePoint site, you can directly leverage this as a store for any documents you might want to share with the department, add them as tabs when needed, etc. Use the built-in tags (@channel, @team) to ensure people get notified. It should also be straightforward to integrate with any HR system you might be using and you can take advantage of the many first- and third-party apps, bots and so on. For example, if you HR system already has a recognition functionality, it can feed data into a specific channel. Same for any sales data, or pretty much any tool out there - the vast majority nowadays have some sort of integration with Teams. Remember that Teams also come with an email address, which you can leverage to ensure people that don't live in Teams also receive the important stuff. Though you might have to work with your IT folks to ensure all members can receive such email directly in their Inbox ("subscribers"). Channels can also have an email address (separate from the Team one), but you have less control over it.38Views0likes0CommentsRe: LitigationHold Delayholdapplied and Managed Folder Assistant
For deletion to happen, the MFA must reprocess any item that was previously on hold. In the scenario you detail above, when this happens, the MFA will detect the removal of the hold and toggle the DelayHoldApplied flag, thus "extending" any holds that previously applied on items. In other words, you have nothing to worry about. You can "tickle" faster MFA processing by running Start-ManagedFolderAssistant, although that's not a guarantee.40Views1like0Comments
Recent Blog Articles
No content to show