User Profile
TonyRedmond
MVP
Joined 10 years ago
User Widgets
Recent Discussions
Microsoft Increases Office 365 and Microsoft 365 License Prices
Customers will see their bills increase from July 1, 2026, when Microsoft 365 pricing increases go into effect, adding up to $3/month for licenses. This is the first increase since March 2022, and it moves the baseline Office 365 E3 license to $26/month and Microsoft 365 E5 to $60/month. Microsoft justifies the increases based on the functionality and apps it delivers. Time for a licensing review... https://office365itpros.com/2025/12/08/microsoft-365-pricing-increase/12Views0likes0CommentsMicrosoft Blocks EWS Access for Kiosk Users
A December 2 announcement says that Exchange Online will block access to Exchange Web Services for users with kiosk or frontline worker licenses from March 2026. In fact, the Exchange Online service description has always excluded EWS access for these licenses, but the necessary code to enforce the exclusion was never implemented. It will be in March. Time to check licenses… https://office365itpros.com/2025/12/05/exchange-web-services-kiosk/16Views0likes0CommentsJourney to Passwordless Authentication Might Include Some Bumps
Microsoft recommends passwordless authentication to help secure Microsoft 365 tenants. The latest is synced passkeys, something that apparently leads to “syncability,” whatever that might mean. In any case, after some struggles, I managed to enable synched passkeys for my iPhone and then started to consider how to remediate user accounts that are flagged with a high-risk (compromised) status when they can’t simply update their password. https://office365itpros.com/2025/12/04/passwordless-authentication/Talking Microsoft 365 Compliance at the European SharePoint Conference
Paul Robichaux and I led a session about Microsoft 365 Compliance at the European SharePoint Conference in Dublin on December 2, 2025. During the session, we discussed how intelligent versioning works and its value in saving storage, priority cleanup and its ability to delete files even if the files are under retention hold, and the recent revamp of the Purview eDiscovery solution. We were thrilled at the attendance. Here’s what happened. https://office365itpros.com/2025/12/03/microsoft-365-compliance-espc/8Views0likes0CommentsApp-Only Authentication for SharePoint Online PowerShell
The latest versions of the SharePoint Online PowerShell module support app-only authentication (certificate-based authentication) for the Connect-SPOService cmdlet. In other words, applications can now connect to SharePoint Online to run administrative cmdlets by presenting a registered Entra ID app and an X.509 certificate instead of the credentials for a human SharePoint administrator. It’s a good change, even if I still prefer using the Graph APIs for SharePoint automation. https://office365itpros.com/2025/12/02/app-only-authentication-spo/44Views0likes0CommentsRe: Announcing Office 365 for IT Pros (2026 Edition)
Office 365 for IT Pros December 2025 Update The Office 3675 for IT Pros team is happy to announce that the files for update #126 are available for subscribers to download from Gumroad.com. The paperback edition of the PowerShell book has also been refreshed. Updated PDF and EPUB files are available for the Office 365 for IT Pros and Automating Microsoft 365 with PowerShell eBooks. Happy reading! https://office365itpros.com/2025/12/01/office-365-for-it-pros-126/35Views0likes0CommentsChecking the Effectiveness of a Transport Rule to Block Spammy Email
Some weeks ago, I wrote about using a transport rule to suppress spammy email by sending the messages to the quarantine. But what’s the best way to check the rule’s effect? One method is to use the transport rule report PowerShell cmdlet to check for the actions you expect the rule to perform. Once information is found, it’s a matter of slicing and dicing the data. https://office365itpros.com/2025/11/26/transport-rule-effectiveness/37Views0likes0CommentsHow to Check if Shared Mailboxes Need MDO Licenses
Shared mailboxes might need Microsoft Defender for Office 365 licenses, but how do you identify how many licenses? We use PowerShell to do the job by analyzing external email sent to shared mailboxes. If a mailbox receives external email, then by definition the mailbox receives benefit from MDO, and that’s the test for requiring a license. https://office365itpros.com/2025/11/25/microsoft-defender-for-office-365-3/33Views0likes0CommentsTeams Messaging Gains New Protections
Teams now includes weaponized file protection and malicious URL protection to make sure that people don’t share bad files or URLs in chats or channel conversations. Given that a user can post a message to up to 50 channels at one time, it obviously makes a heap of sense to check that any files or URLs that people share in chat or channel conversations are safe and not malicious. https://office365itpros.com/2025/11/24/weaponized-file-protection-teams/Re: Automating Microsoft 365 with PowerShell Second Edition
Automating Microsoft 365 with PowerShell December 2025 Update The December 2025 update (version 18) of the Automating Microsoft 365 with PowerShell eBook is now available to download. Current subscribers can fetch the updated EPUB and PDF files from Gumroad.com using the link in their account (or receipt), but we can’t do much for the paperback edition except consider using scissors, paste, and Tippex, just like the old days. https://office365itpros.com/2025/11/21/automating-microsoft-365-18/58Views0likes0CommentsPurview Launches New DLP Policy to Control Copilot Prompts
A new DLP policy for Copilot prompts monitors blocked sensitive information types like credit card numbers to stop their use in Copilot prompts. The new policy can’t be combined with the existing DLP policy for Copilot, which checks for files with specific sensitivity labels to prevent Copilot using their content in its responses. But that’s OK because the two policies do very different work. https://office365itpros.com/2025/11/20/dlp-policy-for-copilot-prompts/79Views0likes0CommentsMicrosoft 365 Announcements at Ignite 2025
The Ignite 2025 keynote was a marathon 150-minute event, but some interesting Microsoft 365 announcements emerged, mostly centered on AI. Microsoft is obviously focused on making AI and agents a very real part of tenant activities, so there’s new agent management and a repository among other things that will roll out in the year ahead. https://office365itpros.com/2025/11/19/ignite-2025-day-1/84Views0likes0CommentsMicrosoft Launches Preview of Exchange Admin API
Microsoft launched the preview of the Exchange Admin API on November 17. The new API is intended to close known feature gaps that exist in the Graph APIs and allow developers to migrate from EWS before Microsoft retires EWS in October 2026. Think of the Exchange Admin API as a discardable time-limited API that allows clients to submit cmdlets for processing. It’s certainly one way to approach the EWS problem! https://office365itpros.com/2025/11/18/exchange-admin-api-preview/32Views0likes0CommentsCreating a Service Principal Analysis for a Microsoft 365 Tenant
Understanding the set of registered and enterprise apps active in a Microsoft 365 tenant is important. Attackers can sneak in and plant an app to exfiltrate or otherwise steal data. This article explains how to use PowerShell to create a service principal analysis report that highlights common problems and gives tenant administrators the data needed to manage apps. https://practical365.com/service-principal-analysis-report/19Views0likes0CommentsRemoving Inactive Entra ID User Accounts with PowerShell
The Entra ID Governance solution includes a workflow to detect and remove inactive user accounts. Sounds good, but the same can be done with PowerShell if you want to avoid the cost of Entra ID Governance licenses or want to create a bespoke workflow that’s better suited to the business needs of the organization. Azure Automation would be a good way to process this workflow. https://office365itpros.com/2025/11/17/remove-inactive-user-accounts/28Views2likes0CommentsCopilot’s Temporary Chat
A temporary chat with Microsoft 365 Copilot is one that forgets everything discussed in the conversation once the chat is over. The idea is that by leaving no trace, Copilot won’t recycle the ideas discussed in the chat later. Copilot absolutely discards the chat thread, but those pesky compliance records remain behind, ready for eDiscovery and other compliance investigations. https://office365itpros.com/2025/11/14/temporary-chat-copilot/107Views0likes0CommentsMicrosoft Makes Another Change to Teams Channel Email Storage Location
In January 2025, Microsoft changed the SharePoint folder location to store copies of the email sent to Teams channels. Apparently, this update improved security, but it’s unclear exactly how the improvement comes about unless through obscurity. In any case, we missed this change completely and are publishing this note to remind everyone else of the importance of reading message center posts. https://office365itpros.com/2025/11/13/email-sent-to-teams-channels/Auditing Claude Usage with the Copilot Researcher Agent
The question was asked if it was possible to identify use of the Claude LLM by the Copilot Researcher Agent. Audit records often help, so that’s the natural location to check. As it turns out, some information is captured when the Researcher agent is used but figuring out if the agent uses the default ChatGPT-5 or Claude LLMs is a matter of intuition (or guesswork). https://office365itpros.com/2025/11/12/audit-claude-use-researcher-agent/How to Check Unexpected Sign-Ins Against Utility Accounts
Utility accounts exist in every Microsoft 365 tenant. These accounts are not intended for normal user activity and include accounts used for Exchange room and shared mailboxes and the break-glass or emergency accounts intended to allow administrators to sign-in if their usual accounts are blocked. This article shows how to use PowerShell and the Microsoft Graph to check sign-in events to ensure that the accounts aren't being accessed. https://practical365.com/check-utility-accounts-break-glass-signins/28Views0likes0CommentsA Brief History of Soft-Deleted Entra ID Groups
Entra ID has long supported soft-deleted Microsoft 365 Groups. Now support is available to list and restore soft-deleted security groups in both the Entra admin center and cmdlets from the Microsoft Graph PowerShell SDK, so the articles include a script to show how to list and recover deleted Microsoft 365 and security groups. The update is very welcome as it fixes a big recovery gap in the Entra ID story. Too many important security groups have been deleted in error, much to the chagrin of administrators. https://office365itpros.com/2025/11/11/soft-deleted-security-groups/28Views0likes0Comments
Recent Blog Articles
No content to show