User Profile
Ketzpatel
Brass Contributor
Joined 4 years ago
User Widgets
Recent Discussions
OneDrive shortcuts to Teams do not work
We moved several Teams spaces from NA multi geo locations to several new GEO locations and before moving, users had shortcuts to Teams folder/files to their One Drive, after successful move of Teams to new geo locations, shortcut on their One drive do not work anymore and they get error: This shortcut isn't working because it was archived, deleted, locked or access was changed by the owner or admin. anyone else has similar issues after migration to new geo location?537Views0likes0CommentsRe: Issues with Search-UnifiedAuditLog
AND if I run below PS without record type or operations, it works but only pull user login & mailitemasccessed operations. It does not pull any logs related to softdelete, harddelete or any other exchange operations. Search-UnifiedAuditLog -StartDate "8/1/2024" -EndDate "8/15/2024" -UserIds email address removed for privacy reasons -SessionId "UnifiedAuditLogSearch 05/08/17" -SessionCommand ReturnLargeSet -ResultSize 5000 | export-csv517Views0likes0CommentsRe: Issues with Search-UnifiedAuditLog
Thanks VasilMichev tried below but not getting desired result. I know I deleted several emails and calendar items but when running below I get only 1 log entry in csv. Search-UnifiedAuditLog -StartDate "8/1/2024" -EndDate "8/15/2024" -UserIds email address removed for privacy reasons -SessionId "UnifiedAuditLogSearch 05/08/17" -SessionCommand ReturnLargeSet -ResultSize 5000 -RecordType exchangeitemgroup539Views0likes1CommentIssues with Search-UnifiedAuditLog
I have been trying to export user mailbox audit logs using search-unfiedauditlog PS script but it does not export or find any logs related to delete, movetodeleteditems,softdelete or harddelete operations. I tried below and all other options and either it error out or does not pull anything. I am trying with all below operations and only UPDATE & CREATE works. Search-UnifiedAuditLog -StartDate "08/01/2024" -EndDate "08/15/2024" -UserIds "email address removed for privacy reasons" -RecordType "ExchangeItem" -Operations "SoftDelete", "HardDelete", "MoveToDeletedItems" -ResultSize 5000 -SessionCommand ReturnLargeSet -HighCompleteness OR Search-UnifiedAuditLog -StartDate "08/01/2024" -EndDate "08/15/2024" -UserIds "email address removed for privacy reasons" -RecordType "ExchangeItem" -Operations "SoftDelete", "HardDelete", "MoveToDeletedItems" -ResultSize 5000 -SessionCommand ReturnLargeSet I also tried the above PS using each individul operations but nothing works. Does anybody have any clue or fix for this? Appreciate your help.694Views0likes3CommentsiOS 18 release and support for Device enrolment with company portal?
As per the MS message center post below, User enrolment with company portal will not be supported. We use device enrolment with company portal as a enrolment type for all our users, will device enrolment with company portal also stop support post iOS 18? in 2 enrolment types below, we only use DEVICE ENROLMENT WITH COMPANY PORTAL 1 - User enrolment with company portal 2 - Device enrolment with company portal Plan for Change: Microsoft Intune ending support for User Enrollment with Company Portal for iOS/iPadOSSolvedRe: Conditional Access Policy Blocks Guests users from Accepting the invitations. Unable to exclude
manojviduranga I am experiencing the same issue after setting upa CAP to block all apps for Guests except Teams. I added MS Teams service, MyApps, Myprofile & O365 SPO online in exclusion list but guest accounts are being blocked when accessing Teams from my organization. Access has been blocked by Conditional Access policies. The access policy does not allow token issuance. User type Guest Cross tenant access type B2B collaboration Application Microsoft Teams Application ID 1fec8e78-bce4-4aaf-ab1b-5451cc387264 Resource Microsoft Teams Services1.3KViews0likes0CommentsRe: Change assignment scope from all devices to all users
So we have a below Configuration profile for iOS Properties Basics Name iOS - AnyConnect VPN Description No Description Platform iOS/iPadOS Profile type VPN Assignments Edit Included groups Group All Users Earlier this same config profile was assigned using "All devices". I changed the assignment scope to "All users" and the profile got removed from the device but it is not being pushed to any devices anymore after assignment to All users.933Views0likes2CommentsChange assignment scope from all devices to all users
We recently built our Intune environment for iOS and Android and during the setup we assigned all profiles and policies to All devices. we recently changed the assignment of all policies and profiles from all devices to all users, all profiles and policies removed from the devices but they are not pushing back to the device and there are no errors. Did anyone experienced the same issue?Exclude Microsoft first party applications in Azure conditional access policy
We have app built on Microsoft Graph resource and we have a conditional access policy that targets all cloud apps. when users sign into this app using Chrome browser on iOS they get error and prompt to use Edge. We do not want users to change the browser and tried to exclude Microsoft Graph from CA policy using all options including API but fails with the below error. Policy contains invalid applications: unsupported firstpartyapplication. Is there a way to exclude Microsoft Graph from the policy?Re: Authentication request goes in infinite loop
Thank you. We did not try this as this is not a fix. if we change the loop detection to 1 than users will get the same error but more quicker. This appears to be an issue from MS side as this used to work fine and since last few weeks, we have been having this issue and this only happens with MS apps. Looks like the MS apps are not behaving correctly and not able to validate the token cookies issued by ADFS and keep sending the request to ADFS which than stops by ADFS after 5 attempts which is default loop detection value in our ADFS.2.6KViews0likes0CommentsAuthentication request goes in infinite loop
We have several users in our org have been experiencing authentication issues, as specially on their iOS and Android device, when they enroll a new device or setup Outlook, Teams or any other MS apps on their mobile devices and try to authenticate to setup an account, they all get below error. MSIS7042: The same client browser session has made '{0}' requests in the last '{1}' seconds. Contact your administrator for details. We checked the ADFS and everything appears to be fine that end and ADFS successfully issues token to the request. it seems like MS identity platform or relaying party application is misbehaving and is not successfully consuming the token issued by AD FS, and the application is sending the passive client back to AD FS, repeatedly, for a new token. AD FS will issue the passive client a new token each time, as long as they do not exceed 5 requests within 20 seconds. We also opened up a case with Microsoft but so far, no updates and as usual they have no clue. Any help resolving this issue will be greatly appreciated.Re: Guest user and teams invite email
Guest users are able to successfully redeem the invitation and we can see the status in ASD but after adding them to Teams, they never receive Teams welcome email and even if they sign into Teams.Microsoft.com they fo not ser the Team they were invited to.1KViews0likes1CommentGuest user and teams invite email
We opened up a guest access in Teams like several months ago but recently having issues with teams invite. When guest user is added to the tenant, they receive a redemption request and after that we add them to the teams but they never receive Teams welcome email. This used to work fine before and have a case opened with MS and currently PG is trying to figure this out. We even added MS engineers as a guest and later invited to the Trams by adding them as members but they fo not get Teams welcome email. Also just wondering what is the default setting of WelcomeemailEnabled when new Teams is created? All our recently created teams have this setting set to FALSE.1.1KViews0likes2CommentsNew user provisioning and M365 Multi-Geo
We recently purchased multi-geo licenses and also registered 6 different geo locations in SPO and everything appears to be working. We only assign multi-geo licenses to one PDL location users, but we add PDL attribute for all users now but not everyone is licensed for multi-geo. What I started noticing is when new hire accounts are created, their MBX and OneDrive locations are now provisioned at satellite location without assigning multi-geo licenses to those user accounts. Is this something in error? I know multi-geo license is required for new users and to move existing users OD and mailbox.Numbers of teams a user can be a owner or member of
Hello folks, As per the below TechNet, a user can be a member of max. 1000 teams, but We have a account in the tenant which owns almost 1300 Teams, and we can still add the users to more teams. Are these limits do not apply when teams are created, or member is added by calling a graph API? is this limit applies to only UI? https://learn.microsoft.com/en-us/microsoftteams/limits-specifications-teamsRe: Hybrid Azure AD joined Devices WITHOUT Intune show up as Non Compliant
This is correct but 50% of the total devices shows NA and other devices shows compliant = none which is **bleep** confusing and all user devices with either status able to pass conditional access and can access org resources. Opening a case and involving product team did not help as they have no clue why this is happening.2.2KViews0likes0Comments
Recent Blog Articles
No content to show