User Profile
VasilMichev
MVP
Joined Jun 23, 2016
User Widgets
Recent Discussions
Re: There needs to be a way to disable the Editor for Outlook.
You can disable (most of) the Editor features, though the settings for that are a bit hidden. Start by composing a new message, then on the Ribbon, scroll all the way right to the last group and select Editor > Editor settings. Toggle text predictions, auto-correct and so on as you see fit.12Views1like0CommentsRe: MFA catch-22 during onboarding due to registration policy
You don't need to use the registration policy, even without it the users will be prompted to register methods the first time they try to access any MFA-protected app. Also, you can scope a CA policy to the registration process itself: https://learn.microsoft.com/en-us/entra/identity/conditional-access/policy-all-users-security-info-registration Alternatively, consider using methods such as TAP for the initial account provisioning.60Views0likes0CommentsRe: Adaptive Scope
Are those mail/mailbox enabled users? When talking about CustomAttributeXX, the documentation refers to the set of Exchange attributes, which in turn means that only objects recognized by Exchange can be used with such. If this is a "pure" user object, without any footprint in ExO, you will not be able to use CustomAttributeXX for this purpose, even if its showing as "populated" under OnPremisesExtensionAttributes. Other than that, make sure the user is properly licensed, as adaptive scopes do enforce licensing requirements21Views0likes0CommentsRe: Older Emails not showing in group mailbox
Are you using cached mode? And what's the value selected for the "cache slider"? The reason I'm asking this is because in newer Outlook versions, the same settings apply to both the primary and any additional mailboxes, i.e. automapped shared ones. So if the "main" mailbox is configured to only show 1 year worth of emails, the same will apply tot he shared ones. Here's an article with more details: https://learn.microsoft.com/en-us/microsoft-365-apps/outlook/data-files/shared-mail-folders-in-cached-exchange-mode Apart from the reg keys mentioned in the article above, you can consider adding the shared mailbox as additional account in Outlook, instead of having it as additional mailbox/automapped. The steps for that are here: https://michev.info/blog/post/3567/how-to-add-a-shared-mailbox-as-additional-account-in-outlook-2022-version36Views1like0CommentsRe: How do you work around the client restrictions for opening encrypted documents?
You need an "enlightened" app to work with IRM-protected documents, there is no other way around it. So you're at the classical crossroad - decide between usability and security. https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/information-protection/windows-information-protection/enlightened-microsoft-apps-and-wip45Views1like0CommentsRe: Exchange online retention policy
Yes, you can use groups. Keep in mind that only the current membership of the group will be accounted for, future changes will not be reflected. For a more dynamic approach, consider using Adaptive scopes instead. https://learn.microsoft.com/en-us/purview/retention-settings#configuration-information-for-exchange-mailboxes-and-exchange-public-folders65Views1like0CommentsRe: Objects in a Retention Policy populated by Adaptive Scopes
Neither policy distribution nor scope provisioning/changes are immediate processes, here's the relevant quote from the documentation: It can take up to five days for the queries to fully populate and changes aren't immediate. Factor in this delay by waiting a few days before you add a newly created scope to a policy. That said, my previous replies are indeed wrong/insufficient. After taking a closer look at an adaptive scope policy, I can see what you are referring to, and neither cmdlets mentioned above will give you this data. Afaik, there is no PowerShell equivalent of the endpoint used (https://purview.microsoft.com/apiproxy/gws/DlmServices/AdaptivePolicyReports('a06715ef-3e41-4991-a79b-da526933aac4')/Locations) and the only method to monitor the progress of policy applications seems to be via the Audit log. Outside of the UI, that is. Here's what a sample audit log entry looks like: RecordType : DataGovernance CreationDate : 26/01/26 20:12:14 UserIds : 75c66a25-a1d9-4853-97c6-b56d70d2fcc6 Operations : ApplicableAdaptivePolicyChange AuditData : {"CreationTime":"2026-01-26T20:12:14","Id":"14ed604f-5bb0-4193-b490-08de5d17327b","Operation":"ApplicableAdaptivePolicyChange","OrganizationId":"923712ba-352a-4eda-bece-09d0684d0cfb"," RecordType":38,"UserKey":"75c66a25-a1d9-4853-97c6-b56d70d2fcc6","UserType":4,"Version":1,"Workload":"SecurityComplianceCenter","ObjectId":"ToBeRemoved@michev.info","UserId":"75c66a25-a 1d9-4853-97c6-b56d70d2fcc6","ExtendedProperties":[{"Name":"AssociatedAdaptivePolicyIds","Value":"a06715ef-3e41-4991-a79b-da526933aac4"},{"Name":"DissociatedAdaptivePolicyIds","Value":" "},{"Name":"CorrelationId","Value":"47fe9801-f3eb-4cc6-af0a-d1f4b046c7eb"}],"ObjectType":"User"} ResultIndex : 1 ResultCount : 1 Identity : 14ed604f-5bb0-4193-b490-08de5d17327b IsValid : True ObjectState : Unchanged So a query like this should do: Search-UnifiedAuditLog -StartDate (Get-Date).AddDays(-1) -EndDate (Get-Date).AddDays(1) -Operations ApplicableAdaptivePolicyChange8Views0likes1CommentRe: Objects in a Retention Policy populated by Adaptive Scopes
Get-AdaptiveScope/Get-AdaptiveScopeMember give you that info: https://learn.microsoft.com/en-us/powershell/module/exchangepowershell/get-adaptivescopemembers?view=exchange-ps Refer to the examples in the article for an "export" method as well.56Views0likes5CommentsRe: How do I import Purview Unified Audit Log data related to the use of the Audit Log into Sentinel?
The Microsoft 365 connector is what you need, see for example https://learn.microsoft.com/en-us/azure/sentinel/connect-services-api-based There are few additional connectors that cover Entra ID data, Defender, Information protection and so on. It all boils down to what data you need.50Views0likes1CommentRe: Setting up mail forwarding of an account with no Outlook license
"Standard" forwarding controls do indeed require a mailbox, but you should be able to use a mail flow rule instead: https://learn.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/mail-flow-rule-actions Configure the conditions as needed and use the RedirectMessageTo action.53Views0likes0CommentsRe: Extract telephoneNumber/businessPhones in Graph via PowerShell
Some properties are considered "sensitive", so you might need additional permissions/admin roles to work with them. See for example this document: https://learn.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0#sensitive-actions The other thing that comes to mind is to make sure to specifically request the property: Get-MgUser -All -Property DisplayName,Id,businessPhones | select DisplayName,Id,businessPhones159Views0likes0Comments
Recent Blog Articles
No content to show