Title: Expose SHA-256 or SHA-1 for Mail Attachments in Microsoft Graph
Problem Email attachments in Graph don’t include a content hash. To identify or match attachments, developers have to download the entire file first. That wastes bandwidth and time and increases exposure. OneDrive/SharePoint already return hashes, but mail does not, so experiences are inconsistent. Request Add a server-provided content hash to every mail attachment. Prefer SHA-256. If that’s not feasible initially, expose SHA-1 as a minimum to align with existing Drive item hashes. Benefits Faster and cheaper: avoid downloading large files just to tell if you already have them. Deduplication: detect repeated attachments across threads and mailboxes. Security operations: correlate attachments with threat intel by hash and triage suspicious emails without fetching payloads. eDiscovery and compliance: confidently match the same document across mail and files. Consistency: a predictable, uniform approach across Mail and OneDrive/SharePoint.
Partner Intune reporting questions
I need some help for my global partner- SHI International. We have a monthly services modernization briefing with the SHI M365 practice team. They have a need around 1-2 Q&A deep-dive sessions where their team of M365 experts want to ask some in=depth technical and pre-sales related questions related to Intune Reporting Challenges and Customer Pain Points, Current Intune Reporting Limitations, Technical Barriers to Reporting, Permissions and Consent Model Confusion, Feedback on Documentation and User Experience. Appreciate any guidance on a PSA SME on this topic or a global black belt, that would be great. Appreciate if you can point me to the latest updated documentation on this topic. I reached out to several folks in the PSA team with no luck yet. Thanks!Automating Microsoft 365 with PowerShell Second Edition
The Office 365 for IT Pros team are thrilled to announce the availability of Automating Microsoft 365 with PowerShell (2nd edition). This completely revised 350-page book delivers the most comprehensive coverage of how to use Microsoft Graph APIs and the Microsoft Graph PowerShell SDK with Microsoft 365 workloads (Entra ID, Exchange Online, SharePoint Online, Teams, Planner, and more). Existing subscribers can download the second edition now free of charge. https://office365itpros.com/2025/06/30/automating-microsoft-365-with-powershell2/What’s the Best Way to Find SharePoint Online Sites with Graph PowerShell?
What’s the best way to find SharePoint sites with the Microsoft Graph PowerShell SDK? Is the Get-MgAllSite cmdlet best or should you use the Get-MgSite cmdlet? Does it matter if you’re looking for one site or many sites? We explore the issue in this article by examining some reasons why you’d choose Get-MgSite and others that drive the decision for Get-MgAllSite. https://office365itpros.com/2025/10/06/get-mgallsite-and-get-mgsite/Finding the Last App Accessed by a User
A reader question asked if it was possible to find the last app accessed by a user. Of course, anything is possible with PowerShell, but how? In this article, we explore using the Entra ID sign-in logs and Microsoft 365 audit log as sources for finding the desired information. Some performance issues emerge, so we end up running the code in Azure Automation. https://practical365.com/last-app-access-by-user/
Is hsprotect.net a Microsoft property? Graph authentication
Running connect-mggraph, I get the IE "Sign in to your account/Verify your identity" windows. The first time through, it presents several of the "Trusted Sites" dialogs, to add various MS URLs to the trusted zone. One of them is https://iframe.hsprotect.net. The WHOIS for this domain does not list Microsoft. It's NameCheap, with "withheld for privacy" addresses in Iceland. Microsoft does not document this domain anywhere, though A.I. claims/hallucinates that MS uses it for protection-related telemetry and is certain it's in the Defender API guide. Can anyone confirm what's going on here?Microsoft Deprecates Graph CLI and Toolkit
Microsoft has depreciated the Microsoft Graph CLI and Graph Toolkit. It’s nice to see some rationalization in this area, but the real need is for better quality and coverage across all the Microsoft 365 administrative actions. Even after fourteen years of development, too many undocumented and private APIs exist in use today in places like the Microsoft 365 admin center, which is an unacceptable situation. You should vote for a feedback portal item (link in article) to ask Microsoft to do better. https://office365itpros.com/2025/09/02/microsoft-graph-inconsistencies/Creating Dynamic Microsoft 365 Groups without Entra P1 Licenses
Dynamic Microsoft 365 Groups come with many advantages, but they also require Entra P1 licenses. This article explores how to create and maintain a DIY version of dynamic Microsoft 365 groups using the Microsoft Graph PowerShell SDK and Azure Automation. At the end of the day, the principle is proven, but maybe it's best to pay for the licenses. https://practical365.com/diy-dynamic-microsoft-365-group/Practical Graph: Working with Calendar Events Using Graph APIs
Calendar events make up user and group calendars. It's possible to create, update, cancel, and remove calendar appointments and meetings, including recurring events, through the Graph API. This article explains how to pass all the properties needed to create and manage events using PowerShell and the Graph APIs. https://practical365.com/calendar-events-graph-api/
