Microsoft 365 Groups
9 TopicsMicrosoft Office 2019 365 Pro Plus 32/64 Bites License Key
Hi Everyone, I have two laptop. 1 old with Office pro 2013 and Windows 8. New laptop that came with Win 10 and I bought online a key for "Microsoft Office 2019 365 Pro Plus 32/64 Bites License Key" The new laptop (win 10) installed with same Windows user like the old laptop and I can't activate the office license key I got from the seller. Appreciate your support. Thank you! LD11KViews0likes6CommentsSelf-prevision guest account to AzureAD from ODFB sharing, but not MS Teams guest invitation
Our Tenant currently has "Sharing - Let users add new guests to the organization" set to Off. All the external sharing settings for SharePoint/OneDrive for Business (ODFB) and Microsft Teams guest are set to on to the maximum permissive level. When users share a file in ODFB to a specific external user who has an external Microsft account, such as Hotmail account, or another O365 Tenant account, the account will be automatically added as Azure AD guest. However, in Microsoft Teams when users add a guest user as the Teams member who has a different O365 Tenant account, the guest user has to already exist in the Azure AD or it will report no permission. The account cannot be automatically added to Azure AD as a guest user. I wonder how come ODFB can override the Tenant level setting "Sharing - Let users add new guests to the organization", which cause the inconsistent behavior and hard to control the guest provision? Is there any way to disable this gust account self-provision with ODFB but not affect it guest link sharing?1.7KViews0likes3CommentsAdd Support for Multiple Domains for federation with O365
Hi Team, We currently have ADFS (ADFS is running on Windows 2016) in place for around 100 users auth to 365 using a single domain 'domain1.com', we have federated it and enabled SSO. We now need to federate additional domains - 'domain2.com and domain3.com' The new domains have been added and verified in 365 so now show as managed domains The original domain1.com did not have the -supportmultipldomains switch used when it was converted to a federated domain. What do we need to do here? Should we remove the Microsoft Online trust from AD FS federation server Management Console? and then update original domain . Though, i assume it will be done during non-business hours. Password synch is enabled and we do not want to change passwords of users. What will be the Impact on 100 or more current users of The original domain1.com, if we delete the Microsoft Office 365 Identity Platform entry from our AD FS federation server Management Console? Please explain the impact on the Production Users. Thanks!13KViews0likes3CommentsConnect Office365 PowerShell using Service Account
Hi All, This is the first time I am starting a conversation in Office 365 forum and I hope someone could help me with below. In my organisation, there is a hybrid exchange environment with Exchange 2010 and Office 365. We have an automated user offboarding process using scheduled PowerShell scripts. We already have scripts scheduled to run on leaving the user's final working day to remove access and all other required tasks. We also would like to block the user's Azure AD authentication on the user's final working day using the same scheduled PowerShell Script. The reasoning behind this is, we keep terminated user accounts as disabled users for 30 days before purging the account. During this time period, the user can still access Yammer and Office 365 emails. We reset the account password to prevent this at the moment. We would like this process to be cleaner by disabling online authentication. (Set-AzureADUser -ObjectID <sign-in name of the user account> -AccountEnabled $false) In order to this, we need to connect Microsoft online PowerShell with provided credentials.( $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Creds -Authentication Basic -AllowRedirection ). The Scheduled task runs using a service account and we created this user in exchange online with below privileges. Helpdesk (Password) administrator Service administrator Exchange administrator User management administrator I can connect to exchange online PowerShell Module using this service account credentials. MY question is Is there a way for the scheduled task to connect exchange online PowerShell module using the scheduled task credentials without storing credentials in a text file? I know these text file can be encrypted and secure; however, my organisation still does not like the idea of saving admin credentials a text file. I hope my explanation is clear enough for someone to help me with this. Thank you very much!6KViews0likes6CommentsAssign Contitional Access Policy to a SharePoint Group
Hi, I have set up a Conditional Access Policy so that some of our Guest accounts are required to have MFA to access the SharePoint Online subsite that they have been invited to. These Guests are added to a SharePoint Group and internal staff added to an on-prem AD group which is synced up to Azure AD and this domain group given access. When a set up the CA, see screenshot, I can add individual guest accounts. This means that when I invite an external user to the group, I also have to manually add them to the CA policy. Is it possible to include the SharePoint group to the policy rather than individual guest accounts? Thank you, Ollie1.5KViews0likes3CommentsUse of Microsoft CASB
Hi Team, Actually in my previous project for SSO i have used 3rd party CASB Reverse proxy. We had integrated Office 365 and Salesforce with that. If user trying to hit SAAS application it will be redirected to IDP and and user authenticated by IDPband response sent back to Reverse proxy. If we want to implement Microsoft CASB how we will do that because it is hosted in office 365. Can we implement SAML based single sign on. Please suggest1.1KViews0likes1CommentAssigning Sensitivity Label via Unattended Script
I've come across an interesting problem recently. I have a requirement to set a group sensitivity label as part of an unattended automation script which I'm using application permissions and Graph calls with. Things I've tried: Setting the label via application permissions using Graph- this fails as the sensitivity label attribute is not available using app-only permissions Setting via delegated permissions using Graph - this fails as it turns out setting a label is not supported, only viewing Setting via Exchange Online PoSh V2 with Certificate auth - this fails as you need to be logged in as a user with a mailbox Setting via Exchange Online PoSh V2 with delegated permission - not possible I believe I might be missing something, any ideas? BTW I'm really trying to avoid allowing basic auth and storing credentialsSolved2.6KViews0likes3CommentsEnabling SMS changes default authentication method
We want to be able to add SMS as a backup authentication method for our users, some still only have Symbian phones. So, in Azure AD Service Settings. We add Text message to phone as a verification option. But after re reset a test users MFA the default option goes to SMS and not authenticator app. Is there a way we can switch it around or change the default authentication method? I've looked around but cannot see an option anywhere.Solved2.8KViews0likes1Comment