Office 365 Snippets — October 20, 2016

Exchange Flat Tony

Yammer Generates Audit Events – Finally

Microsoft’s October 13 announcement that “Yammer bolsters security and compliance with new auditing and reporting capabilities” is good news. However, it’s only one step along the path to bring Yammer to where it should be when it comes to compliance. There’s still no sign of support for the kind of retention and preservation policies that exist in Exchange Online and SharePoint Online, nor is it possible to include Yammer content in content searches.

 

 

Although Yammer is now capable of providing events to the Office 365 audit log, the audit data only tells us that something happened. A lot more is needed and it doesn’t seem that Yammer will be a first-class compliance citizen within Office 365 anytime soon, at least not if what I heard in Dheepak Ramaswamy’s excellent talk on data governance at Ignite holds true.

A Connector for theSkimm

The October 14 announcement that Microsoft had partnered with theSkimm to enable a connector to fetch items generated by theSkimm and create conversation items (cards) in an Office 365 group was labelled as bringing “smart and sassy content to Office.” With such an endorsement, no one could be blamed for creating a new group to host such wonderful content.

Connectors don’t extract complete copies of content from external data sources. The cards that are created are snapshots that tell users what content exists elsewhere that they might be interesting in reading.

The idea with connectors is to advertise the availability of fresh content to users and provide sufficient information for them to make their mind up whether to click through to access the originating data source. In the case of a Twitter feed, the card created in an Office 365 group contains the tweet, but you can’t retweet or reply to the feed. A connector for a blog uses the RSS feed to create the cards and typically holds a couple of hundred characters from the introduction of each post. In the case of theSkimm, the card is literally a skimmed collection of headlines and some teaser text with links that bring you to the original site. A card is created daily and at the bottom of each card is a link to take you to theSkimm’s full posting for the day.

The Question of Bots

This connector is a reasonable example of how to collect and make web content available to users through Office 365 Groups. However, I am less enthused by theSkimm Skype bot, now available in preview, or any bots really. I can’t really imagine asking Skype to recommend a book to me. That’s something for Amazon to do.

Skype seems to be hot on bots, which is nice for those who like that sort of thing. To me, the interaction between a person and a bot in Skype seems like a modern version of Office Clippy (have a look at the examples in Figure 1 where a bot outputs “Looks like you’re planning a romantic getaway…”). Then again, I guess we’re all used to using Cortana and Siri to perform web searches for us, so this is just another way of doing the same thing. To each their own.

Skype for Business bots
Figure 1: Some creepy Skype bots (image credit: Microsoft)

The Love of IE and the Outlook Add-in for MyAnalytics

Those who use MyAnalytics (included in the Office 365 E5 plan and also available as a separate add-on) to gain personal insight into their working habits know that they have access to both a personal dashboard and an Outlook add. The add-in is automatically provisioned when an account is enabled for MyAnalytics to allow the user to view statistics about sent and read messages. Unfortunately, the links to “See more insights” and the MyAnalytics options both insist on launching Internet Explorer (IE), even if Windows is configured to use another browser. MVP Paul Cunningham complained about this behavior on August 1, yet nothing has changed nearly three months later.

You’d imagine that selecting the browser a user has opted to use for Windows is an easy fix. After all, there’s nothing odd or extraordinary in MyAnalytics to mandate needing IE. I don’t have any great objection to using IE instead of Chrome (my current browser of choice), but it is annoying to have personal choice overridden by a product team. I wonder what the European Union bureaucrats who forced Microsoft to provide EU citizens with the ability to choose their preferred browser think of this “feature”? It’s hardly grounds for another massive fine as happened in 2013, but it is pretty sloppy work by Microsoft.

Trimming Passwords for PowerShell

Office 365 supports a maximum password length of 16 characters. In fact,the limit is dictated by Azure Active Directory (AAD) rather than Office 365. AAD seems pretty happy with itself on that basis, even if some wish for longer passwords to better resist brute cracking attempts. In any case, the question of password length arose when I was asked why it was possible to connect to Exchange Online with PowerShell using a 20-character password, whereas the Connect-MsolService cmdlet from the AAD module for PowerShell refused to connect with the same password.

Further investigation revealed that the account password had been set through the Office 365 Admin Center. The only strange thing was that a 20-character password was created by a secure password generation program and then cut and pasted into the password and password confirmation fields shown in Figure 2. What the administrator didn’t notice is that the fields accept a maximum of 16 characters. The last four characters of the pasted password were dropped.

Office 365 password
Figure 2: Setting a password in the Office 365 Admin Center (image credit: Tony Redmond)

After a new password is set for an account, the Office 365 Admin Center displays a screen to allow the admin to send the new password to whatever recipients they wish (as shown in Figure 3). Note that the new password is not displayed, unless you click the Password (show) link that’s called out in Figure 3. This reveals the password, but only momentarily, and it’s easy for the administrator to not notice if anything’s awry with the new password, such as being four characters shorter than expected. It would be nice if the password stayed visible once the option is taken.

Office 365 Password 2
Figure 3: Processing the new password for the user (image credit: Tony Redmond)

The administrator then fired up PowerShell and connected to Exchange Online. There are many examples of how to do this on the Internet. My favorite is the script written by MVP Michel de Rooij. Lo and behold, Exchange Online was happy to accept the 20-character password (or so it seemed). However, when the administrator then tried to run the Connect-MsolService cmdlet to connect to AAD using the same credentials, the connection failed. Totally.

After some testing, we established that Exchange Online trims the password provided in an account credential to 16 characters and uses that value when it establishes a remote session. Therefore, the 20-character password submitted by the admin worked just fine. This might be because of the way that a remote session is set up between a local workstation and Exchange Online (or on-premises Exchange servers). For instance, here’s the function I use to establish a remote PowerShell session with Exchange Online:

function Connect-ExchangeOnline {

$global:Session365 = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $O365Cred -Authentication Basic -AllowRedirection

Import-PSSession $global:Session365 -DisableNameChecking -AllowClobber}

On the other hand, all you need to do with the AAD module is something like this:

Connect-MsolService -Credential $O365Cred

The cmdlet accepts whatever password is input and the credential either works or it doesn’t. No attempt is made to trim a supplied password to 16 characters.

The moral of the story is to know the limits of the software that you work with and stick within those limits. After all, you never know when software doesn’t work quite the way that you expect.

VMware and Microsoft Act Nice for Skype for Business

VMware and Microsoft have announced that they are collaborating to improve how Skype for Business works in virtual desktop infrastructures (VDIs). This is similar to the work done by Citrix in their realtime optimization pack. According to VMware, “the joint solution creates a direct peer-to-peer endpoint virtual channel and offloads media processing to the endpoints, resulting in an improved end-user experience while reducing the strain on datacenter infrastructure.” All of which sounds good. The new solution is due for delivery for both Office 365 and on-premises environments in Q1 2017. If you’re interested in an early look, you can sign up for the preview.

Top 10 Moments in the First 20 Years of Exchange

The Exchange product group celebrated the 20th anniversary of the first release of Exchange at Ignite. During the celebration, they showed a couple of videos, one of which is already available. Now, after reviewing the content of the second video to ensure that it’s suitable for public consumption, this masterpiece is available for your viewing pleasure. Of course, moment #10 is my personal favorite (more detail about that story is available in this Sway). The video is a nice mixture of humor, nostalgia, and libel, but that’s all the better. It’s nice when product groups don’t take themselves as seriously as some do!

Follow Tony on Twitter @12Knocksinna.

Want to know more about how to manage Office 365? Find what you need to know in “Office 365 for IT Pros”, the most comprehensive eBook covering all aspects of Office 365. Available in PDF and EPUB formats (suitable for iBooks) or for Amazon Kindle.