Disable OneDrive Retention Policy for One User Account
We have one OneDrive default retention policy for all staff in M365. We have one user, because of the work they do, has one file that is rewritten many times during the day which creates an incredibly huge version history. I can't delete the version history because of the retention policy. I don't need more than a day or two retention. It looks like I can create an exclusion by going to Admin portal --> Compliance --> Data Lifecycle Mgmt --> Microsoft 365 --> Retention Polices --> I keep clicking Next till I get to "Choose Where to Apply This Policy" then I select OneDrive accounts. Under Included we have "All user accounts". Under Excluded we currently have "None". In order to exclude someone I need "remove all the included ones". In order to include someone it looks like I have to remove all the excluded ones. Clearly I am either misreading this or just not understanding. I need to exclude this one user or be able to delete the many 100's of versions of this one file. Your help is appreciated.
Restrict 365 to specific device or MAC address
Good afternoon We have different users in the field that need to access mailboxes and perhaps 365 apps, but they can't use MFA. We're looking into providing them with access to email (right now), but we'd like to limit it to a specific device or MAC address. Is this at all possible?
Powershell Script to Generate eDiscovery Case
Hello Everyone, Currently working on a series of scripts that I will be using to administrate Office365 regularly for my clients, including one to generate the eDiscovery search and export. In my script I found that the param -OneDriveLocation for New-ComplianceSearch comes up as an invalid parameter. The whole premise behind this is to automate the user decommissioning process as much as possible, even if the last step is to log into the compliance center and download the clickonce application to export the zipped up export, we can easily save 30~60 minutes per user decommissioning we have to run, with an average of 3 a day it allows my techs on our service desk to work on other tickets during that time frame.Microsoft Purview > Alert policy questions
So, I setup and Alert policy in Purview/Compliance. For the activity I selected 'Granted mailbox permission'. I added myself to receive an email alert. This alert seems to be working but only if I add 'Full access' permission to a mailbox. I do NOT receive an alert when I add Send As, or Send on behalf. I would assume those 2 would also trigger this alert. Am I doing something wrong? Thanks
Email Encryption Transport Rule > Blank Sensitive Information Types List?
I'm setting up M365 email encryption and for some reason the Sensitive Information Types don't load or the list is blank? Specifically, I'm setting up a transport rule -> new rule -> Apply this rule if: The message contains any of these types of sensitive information. I want to add SITs like Routing #, SSN, etc. When I click to select the type of SITs, nothing loads. It just says "No data are available" and I can't really do anything except for clicking Cancel. The licensing assigned to the users I want to apply the rule to include: Microsoft 365 Business Basic + Azure Information Protection Premium P1. I've already applied the rule where I can set custom words or whatever in the subject and that works fine. I'm just not able to choose any default Sensitive Information Types. I know I've done this before for users who had E3 licenses in the past - is this feature not available in the P1 license or am I missing something else? I'm used to seeing options for ABA routing number, medical terms, SSN, etc. to choose from when setting up transport rules for email encryption - but this list is empty. I've even logged into a different tenant that has a M365 E3 user to compare and their list of Sensitive Information Types under the mail transport rule menu doesn't populate any results either. Thanks for the help
Microsoft Data Retention and Destruction
Our compliance team has requested we shorten our retention policy on data. From the numerous sys admin jobs I have had, I have never had to deal with this because we typically had a 10+ year retention policy. So all of this new to me and I wanted to ask for some best practices and advice. We are to set up yearly purging of emails from the previous year and to wipe all Teams' chats past 30 days. We are setting up exclusions for certain people. To those who have experience, what is the best way to set this up in the Microsoft Environment? We are not an E3 or E5 customer so the Purview options I see are not an option. Thanks
