User Profile
DaveTheTeamsGuy
Iron Contributor
Joined 5 years ago
User Widgets
Recent Discussions
SharePoint site access review for sites not in the top 100 on baseline oversharing report?
Has anyone been able to initiate a site access review for a site that isn't in the top 100 on the SharePoint baseline oversharing report using PowerShell? Documentation seems to indicate you can only initiate a review on the top 100 sites in the data access governance reports available in SharePoint admin center. Since this one is only available via PowerShell, I'm hoping any site on the report is in scope for a review.40Views0likes0Commentspossible to prevent users from selecting security groups?
We have some AD synced and cloud only security groups with large memberships (think 'all employees', 'all contractors' etc) that are used for various administrative purposes. Is it possible to hide those groups or prevent users from selecting them to 'secure' their objects such as SharePoint sites and Power Apps?Ownerless group policy broken?
Between November and January, ownerless group policy was broken - users received a 500 error when responding to accept / decline ownership. That was resolved a few weeks ago, but it seems to be malfunctioning again. Users can decline ownership, but when they attempt to accept ownership they are getting an error message 'We are unable to complete that action right now. Please try again later.' Is anyone else using ownerless group policy seeing this?481Views2likes8CommentsUnlicensed M365 Copilot users seeing Work / Web switch?
We have a mix of licensed / unlicensed M365 Copilot users. We noticed today that users who do not have an M365 Copilot license are now seeing the work / web toggle in Copilot chat (copilot.cloud.microsoft). Is anyone else seeing this? Pretty sure that's not supposed to happen.972Views3likes4CommentsCopilot missing in Teams chat for many users
We are piloting Copilot for Microsoft 365. Some of our users see Copilot at the top of the Teams chat list. Many do not. All have a Copilot license. The issue occurs in both the full Windows client and web version. iOS version does show Copilot in chat. All are running the same version of Teams. Those who don't have it also don't have a switch in settings to turn it on. Is this being slowly rolled out? Is it bugged?464Views0likes0CommentsUsing groups to assign admin roles - works great except...
About a year ago we migrated our internal processes to using Entra ID security groups to manage Entra ID role assignment. It is mostly a good solution, but over time we started finding issues that Microsoft either can't or is unwilling to fix. Their "solution" is always to "assign the role directly", which isn't scalable for an organization that doesn't own entitlement to PIM. Below are the roles and functionality that are broken if roles are not directly assigned: Exchange Administrator - Unable to download message trace logs Groups Administrator / Global Administrator - Unable to configure group expiration policy Power Platform Administrator / Global Administrator - Unable to elevate to Power Platform System Administrator role in environments Do others have this issue? Is there any hope of MS actually fixing this, or are we going to have to switch our process back to direct role assignment by some other means?385Views1like0CommentsRe: Stopping Copilot Access to SharePoint Online Sites and Document Libraries
We recently asked Copilot if it was possible to block access to sites using sensitivity labels. The response we got included DLP as part of the solution. It looks like the solutions you presented are at the SPO setting level or the content label level. Does this response provide a third option? +++++ To configure Copilot to exclude a site based on a sensitivity label, you’ll need to use Microsoft Information Protection (MIP) and set up the appropriate policies. Here’s a step-by-step guide to help you through the process: 1. Create Sensitivity Labels: - Go to the Microsoft 365 compliance center. - Navigate to Information protection under Solutions. - Click on Labels and then Create a label. - Define the label name, description, and settings (e.g., encryption, content marking). 2. Publish Sensitivity Labels: - After creating the labels, go to Label policies. - Click on Publish labels and select the labels you want to publish. - Choose the users or groups to whom the labels should be available. 3. Configure Policies to Exclude Sites: - In the compliance center, go to Information protection. - Under Data loss prevention, create a new policy. - Define the policy settings, including the conditions and actions. - In the conditions, specify the sensitivity label that should trigger the exclusion. - In the actions, configure the policy to block access to specific sites or content. 4. Apply the Policy: - Ensure the policy is applied to the relevant users or groups. - Test the policy to confirm that it correctly excludes access to the specified sites based on the sensitivity label. By following these steps, you can effectively configure Copilot to exclude sites based on sensitivity labels.9.1KViews0likes2CommentsRe: Stopping Copilot Access to SharePoint Online Sites and Document Libraries
No, I do not believe everything Copilot says, however the response got me thinking about the possibility. The response basically says to create a label, then create a DLP policy that blocks access to the site based on applied label. I was not able to find any reference to using a combination of sensitivity labels and DLP policies to block Copilot from indexing SPO sites in my research, so before digging further I simply wanted to run the response by this thread in case my research wasn't turning up something obvious.11KViews0likes0CommentsGroup expiration policy - what criteria does the policy use to determine when a group expires?
We are considering enabling group expiration on 80k+ groups. Before we do so we would like to understand which groups will be affected. There isn't any documentation that I could find on which criteria the group expiration policy uses, and when we opened a case with Microsoft they weren't able to tell us much other than 'check audit logs', which doesn't help since that only keeps data for 90 days. Does anyone have any insight on this one? Maybe a way to run a 'what-if' scenario before we kick off the policy? Thanks!Solved1.9KViews0likes2CommentsTeams Speaker Coach preview - when will it be fully rolled out?
We would like to roll out Speaker Coach to our organization but are hesitant since it is still in "Preview" (since 2022). Is anyone aware of timing on this functionality moving out of Preview? Preview: Speaker Coach in Microsoft Teams meetings - Microsoft Support340Views0likes0Comments
Recent Blog Articles
No content to show