Optimizing Microsoft 365 Licenses Using Behavior Data (E3/E1/F3)
Hi everyone, We are currently working on a Microsoft 365 license optimization initiative and would appreciate insights from the community and Microsoft experts. Our approach focuses on two main areas: (1) Revoking licenses for inactive users, and (2) Reviewing active users to ensure their assigned license (E3, E1, or F3) aligns with actual usage and collaboration needs. From a data perspective, we are leveraging Microsoft 365 usage signals such as Teams activity, Outlook email interactions, meetings, and SharePoint/OneDrive collaboration. While usage reports provide raw metrics, we are looking for guidance on how these signals should be interpreted and combined in a meaningful and fair way. Specifically, we would like to understand: (1) Which usage metrics best represent user collaboration behavior? (2) Are there any recommended thresholds or patterns that help distinguish light, standard, and heavy collaboration users to map E3, E1, or F3? Any best practices, references, or real-world experiences would be greatly appreciated. I'm sorry if this is the wrong forums to ask for. Thanks in advance for sharing your insights.Microsft Forms Permissions
Hello, We created a form for people to RSVP for an event. We shared the link with our invitees. Some individuals when they follow the link will see other peoples answers displayed in the question fields instead of the prompts we created. Furthermore, one individual opened Forms on their computer and saw that they had editing permissions to our form. How could this have happened and is there a way to remove people from what appears to be an editing permission? Thanks!
Has Your Organization Set Up a Viva Engage Community for Microsoft 365 Collaboration?
Hi everyone! As a trainer, I often get great questions during my Microsoft 365 sessions. While I share answers live, only the attendees benefit—leaving many others without that valuable info. I’ve already set up a Microsoft Learning Pathways SharePoint site as a resource, but I’m exploring ways to extend knowledge-sharing beyond the classroom.Has anyone created or participated in a Viva Engage community to share tips, answer questions, and collaborate around daily Microsoft 365 tools? I’d love to hear about your experiences, best practices, or ideas on how to maximize impact and reach across your organizations. Thanks in advance for sharing! Let’s empower everyone to get more from Microsoft 365.😃Does MC1189663 Impact Standard Power Automate Approvals?
Hi everyone After reviewing the change described in MC1189663 (retirement of external access tokens for actionable messages), I'm unsure wheter this also affect the out-of-the-box Standard Approval action in Power Automate. My question is specifically about the default "Start and wait for an approval" / "Standard Approval" action with no special configuration. Does this change impact approval emails or actionable messages generated by the Standard Approval action for internal usage (mails to internal accounts), or will those continue to work without modification? Thanks in advance for any clarification.External people can't open files with Sensitivity Label encryption.
Question: What are the best practices for ensuring external users can open files encrypted with Sensitivity Labels? Hi all. I've been investigating proper setup of sensitivity labels in Purview, and the impact on user experience. The prerequisites are simple enough, creating and configuring the labels reasonably straightforward, and publishing them is a breeze. But using them appears to be a different matter! Everything is fine for labels that don't apply encryption (control access) or when used internally. However, the problems come when labels do apply encryption and information is sent externally. The result is that we apply a label to a document, attach that document to an email, and send it externally - and the recipient says they can't open it and they get an error that their email address is not in our directory. This is because due to the encryption, the external user needs to authenticate back to our tenant, and if they're not in our tenant they obviously can't do this so the files won't open. So, back to the question above. What's the easiest / most secure / best way to add any user we might share encrypted content with to our tenant. As I see it we have the following options: Users have to request Admins add the user as a Guest in our tenant before they send the content. Let's face it, they'll not do this and/or get frustrated. Users share encrypted content directly from SharePoint / OneDrive, rather than attaching it to emails (as that would automatically add the external person as a Guest in the tenant). This will be fine in some circumstances, but won't always be appropriate (when you want to send them a point-in-time version of a doc). With good SharePoint setup, site Owners would also have to approve the share before it gets sent which could delay things. Admins add all possible domains that encrypted content might be shared with to Entra B2B Direct Connect (so the external recipient doesn't have to be our tenant). This may not be practical as you often don't know who you'll need to share with and we work with hundreds of organisations. The bigger gotcha is that the external organisation would also have to configure Entra B2B Direct Connect. Admins default Entra B2B Direct Connect to 'Allow All'. This opens up a significant attack surface and also still requires any external organisation to configure Entra B2B Direct Connect as well. I really want to make this work, but it need to be as simple as possible for the end users sharing sensitive or confidential content. And all of the above options seem to have significant down-sides. I'm really hoping someone who uses Sensitivity Labels on a day-to-day basis can provide some help or advice to share their experiences. Thanks, Oz.
