User Profile
TonyRedmond
MVP
Joined Jun 23, 2016
User Widgets
Recent Discussions
How to Use Scoped Graph Permissions with SharePoint Lists
This article explains how to use scoped Graph permissions to restrict app access to lists and list items in SharePoint Online and OneDrive for Business sites. It's a follow-up to other articles covering how to restrict app access to SharePoint Online sites and files. Scoping app access to specific objects is important because otherwise apps can access everything in SharePoint Online, and that isn't good. https://office365itpros.com/2026/02/25/scoped-graph-permission-lists/9Views0likes0CommentsMicrosoft Extends DLP Policy for Copilot Protection to All Storage Locations
Microsoft has enhanced the DLP policy for Copilot to cover Office files held in any storage location instead of only Microsoft 365 locations like SharePoint Online and OneDrive for Business. The change is made in the Office augmentation loop, a little-known internal component that coordinates use of connected experiences by apps. Extending the DLP policy to cover all locations makes perfect sense. https://office365itpros.com/2026/02/24/dlp-policy-for-copilot-storage/82Views0likes0CommentsRe: Automating Microsoft 365 with PowerShell Second Edition
Update #21 for Automating Microsoft 365 with PowerShell Update #21 for the Automating Microsoft 365 with PowerShell eBook is now available for current subscribers to download from Gumroad.com. Refreshed PDF and EPUB files are available and the paperback version available from Amazon.com is also updated. Automating Microsoft 365 with PowerShell is packed with practical ready-to-use examples of working with apps, sites, mailboxes, teams, plans, and other data. Every Microsoft 365 administrator should have this book! https://office365itpros.com/2026/02/23/automating-microsoft-365-ps21/15Views0likes0CommentsMicrosoft Takes Aim at ChatGPT
Microsoft would very much like Microsoft 365 tenants to use Copilot instead of ChatGPT. A recent comparison between Copilot and ChatGPT outlines some areas that Microsoft thinks are important when deciding which AI tool to use. Microsoft has a point because Copilot is embedded into Microsoft 365 whereas ChatGPT is more of an add-on. The competition for hearts and minds is very intense in the AI space. https://office365itpros.com/2026/02/20/copilot-and-chatgpt/46Views0likes0CommentsUsing Dev Proxy with the Microsoft Graph PowerShell SDK
Dev Proxy is a Microsoft tool built to help developers figure out the most effective way of using Microsoft Graph API requests. On the surface, Dev Proxy doesn’t seem like a tool that would interest people who use the Microsoft Graph PowerShell SDK to write scripts for Microsoft 365. But all tools have some use, and Dev Proxy can help. https://office365itpros.com/2026/02/19/dev-proxy-graph-sdk/16Views0likes0CommentsHow to Use Scoped Graph Permissions to Access SharePoint Files
Scoped permissions grant apps granular access to files and folders in SharePoint Online and OneDrive for Business sites using the Files.SelectedOperations.Selected Graph permission. The permission allows apps to access specific files or all the files in a folder. It’s a great way to make sure that apps don’t have unfettered access to confidential documents. Not that any app would try to have that kind of access… https://office365itpros.com/2026/02/18/scoped-access-files-and-folders/29Views0likes0CommentsPrimer: How to Use RBAC for Applications to Control App Use of the Mail.Send Permission
The temptation to use the Mail.Send application permission in scripts can lead PowerShell developers into trouble because the permission allows access to all mailboxes, including sensitive executive and financial mailboxes. Fortunately, RBAC for Applications allows tenants to control the access that apps have to mailboxes and other Exchange content. All explained here with an example script to test RBAC of Applications. https://office365itpros.com/2026/02/17/mail-send-rbac-for-applications/Exchange Online PowerShell Dumps the Credential Parameter
On February 12, Microsoft announced the deprecation of the Credential parameter for the Connect-ExchangeOnline cmdlet in the Exchange Online PowerShell module. The deprecation won’t affect interactive sessions (which should all be protected by MFA), but it might stop some background jobs running when Microsoft retires the server components that currently support the ROPC authentication flow. Time to check scripts! https://office365itpros.com/2026/02/16/exchange-online-powershell-ropc/60Views0likes0CommentsCode Error Allowed Copilot Chat to Expose Confidential Information
A code error allowed Copilot Chat to expose confidential email. Microsoft is fixing the problem, but it’s a reminder of how AI can expose information of Microsoft 365 tenants don’t use available features to restrict AI access. Those features need to be configured and deployed, but that doesn’t take much effort. It’s better than users complaining when Copilot exposes their most secret thoughts. https://office365itpros.com/2026/02/13/dlp-policy-for-copilot-bug/967Views0likes0CommentsNew Outlook Gets Smarter DLP
The news that the new Outlook client will support custom oversharing dialogs for DLP policies might not seem very interesting, but it provoked me into looking more closely into how to build and deploy custom oversharing dialogs. All it takes is some well-structured JSON and an update to DLP rules, and the classic and Monarch Outlook clients should display custom tenant instructions to anyone who violates DLP rules. https://office365itpros.com/2026/02/12/custom-oversharing-dialog-dlp/57Views0likes0CommentsHow to Deactivate an Entra ID Application
This article explores how to deactivate applications (aka disable apps) in Entra ID. Everything is done through PowerShell and the Microsoft Graph PowerShell SDK because the feature isn’t currently available in the Entra admin center. We’ve even included a fully functional example script to show you how the process works. Feel free to fix or enhance our code in GitHub! https://office365itpros.com/2026/02/11/deactivate-application-entra/49Views0likes0CommentsMaester and UTCM Are Complementary Tools for Microsoft 365 Tenant Management
Since the release of the preview version of the UTCM solution, some have asked if UTCM will replace the Maester tool. The answer is no. The tools are complementary and both are very useful to Microsoft 365 tenant management. Maester is a community-driven reporting tool that highlights inconsistencies between external and Microsoft baselines. UTCM focuses on setting drift that can occur in workload configurations. Both have their own niche. https://office365itpros.com/2026/02/10/maester-and-utcm/72Views0likes0CommentsHow to Report Adaptive Scope Membership
The Get-AdaptiveScopeMembers cmdlet reveals details of adaptive scope membership to make it possible to report this information programmatically. The task is not as simple as you might imagine. Summary records must be separated from member records, which can reflect add or remove operations. And there’s the question of pagination for large adaptive scope. All explained here with a PowerShell script to help. https://office365itpros.com/2026/02/09/adaptive-scope-membership/17Views0likes0CommentsThe Final Countdown to Remove EWS from Exchange Online Begins
Microsoft announced the dates leading to the final retirement of Exchange Web Services from Exchange Online. If all goes well, the EWS retirement in the cloud will happen by May 2027. Challenges still exist. Microsoft must remove EWS from its own apps, including Outlook, and help tenants and ISVs make the leap to Graph APIs. Plans are in place and progress is being made, but will everyone be ready when Microsoft starts to remove EWS permanently from Exchange Online in April 2027? https://office365itpros.com/2026/02/06/ews-retirement-may-2027/97Views0likes0CommentsMicrosoft Previews userConfiguration Graph API
A new userConfiguration API is available to retrieve data from Folder Associated Items (FAIs) in Exchange mailboxes. The new Graph API is part of the EWS migration project and is intended to allow application developers to migrate EWS code that updates FAIs with Graph equivalents. Most Microsoft 365 tenants will never use this API, but it’s nice to know how things work. https://office365itpros.com/2026/02/05/userconfiguration-api-beta/57Views0likes1CommentPAYG Services Like Purview DSI Can Rack Up Large Charges
Microsoft offers several PAYG services to Microsoft 365 tenants. Data Security Investigations (DSI) is the newest. These services can rack up compute charges to perform processing (in the case of DSI, AI processing of items found in Microsoft 365 sources). If tenants don’t take care, they might end up with big Azure bills. Be aware, prepare, measure, and minimize processing to avoid large charges. https://office365itpros.com/2026/02/04/dsi-costs-compute/17Views0likes0CommentsMicrosoft Unified Tenant Configuration Management
Unified Tenant Configuration Management (UTCM) is a new tenant configuration management solution that can monitor changes to over 300 resource types found within Microsoft 365 tenants. Currently accessible via Microsoft Graph beta APIs to all tenants, UTCM offers an alternative to Microsoft DSC and third-party configuration management products. No details are available yet about an admin UX, licensing, or availability. https://office365itpros.com/2026/02/03/utcm-beta/582Views0likes1CommentRe: Announcing Office 365 for IT Pros (2026 Edition)
February 2026 Update for Office 365 for IT Pros The February 2026 (update #128) files for the Office 365 for IT Pros (2026 edition) eBook are available for current subscribers to download from Gumroad.com. The Automating Microsoft 365 for PowerShell eBook has also been updated. Like any month, the updates applied to Office 365 for IT Pros make sure that the book stays refreshed and up-to-date with the changing world of Microsoft 365. https://office365itpros.com/2026/02/02/office-365-for-it-pros-128/78Views0likes0CommentsMicrosoft 365 Exceeds 450 Million Commercial Paid Seats
Microsoft FY26 Q2 results included a new figure for Microsoft 365 commercial paid seats: “over 450 million.” Seats are growing at a consistent 6% year-over-year rate, and the June 2026 increases could mean an extra $10 billion or so revenue. In other news, we learned that Microsoft 365 Copilot has 15 million paid seats, or roughly 3.33% of the Microsoft 365 installed base. https://office365itpros.com/2026/01/30/microsoft-fy26-q2-results/234Views2likes0CommentsMicrosoft Delays Retirement of Basic Authentication for SMTP AUTH
Microsoft has delayed the retirement of basic authentication for the SMTP AUTH client submissions protocol to 2027 or beyond. New tenants will be the first to be blocked and Microsoft will disable basic authentication for SMTP AUTH in a way that existing tenants can reenable the protocol. Eventually, we’ll get a date for final retirement sometime in 2027. These things take time! https://office365itpros.com/2026/01/29/smtp-auth-basic-retirement/274Views0likes1Comment
Recent Blog Articles
No content to show