A new Microsoft support article clarifies premium features used by Office 365 Groups that require premium licenses. While good to know when you have to pay extra, it is baffling why some of the features fall into the premium category and why so many licenses are needed. The solution is to buy the Enterprise Mobility and Security suite. Or just pay for the extra licenses.
Azure Conditional Access policies can be used with Azure Information Protection (AIP) to secure protected documents against unauthorized access. If you have already decided to use AIP as part of your Office 365 data protection strategy, adding a conditional access policy is a quick way to frustrate people who try to access documents when they shouldn’t.
Microsoft clarified what AAD features need premium licenses at Ignite. Tenants need many of those features to control Office 365 Groups and Teams, and some of the listed features are surprising. Did you know that the group creation policy is a premium feature? Or adding a default classification. The chosen set of features seems odd, but at least Microsoft is now clear about what you must license.
Now that Microsoft has shipped external access for Teams, it is obvious that they have some work to do to smoothen access and increase functionality. Although access works as long as guest users have accounts in other Office 365 tenants, areas like switching, auditing what external users do, compliance, and blocking deserve some consideration. Here’s what we know from the last week.
Microsoft launched the long-awaited external access for Teams on Sept 11. The downside is that only Azure AD accounts are supported, but the functionality is sufficient to support interaction between Office 365 tenants. You can access a team in my tenant and I can access a team in yours. What’s not to like about that?
In this Ask the Admin, Russell Smith looks at how Microsoft’s Role-Based Access Control can help you manage administrator access to its Mobile Device Management service.
Sjoukje Zaal gives an overview of the different flavors of Azure Active Directory.
On August 9, Microsoft launched the Office 365 Groups expiration policy into preview. It expires groups after a set period and helps keep the spread of groups under control. All sounds good, but the new feature needs an Azure Active Directory Premium license, which isn’t so welcome.
The Azure AD team changed the sign-in experience used by services like Office 365 to improve and rationalize it. But things didn’t work out so well as tenants reacted badly to the way Microsoft communicated the change. Or rather, failed to communicate the change.
Microsoft has launched a new external sharing policy for groups that allows tenants to set allow and block lists for domains. The new policy is due for use with Teams, Planner, and other applications that need to block external users from specific domains. It’s a set along the path to getting full external access for Office 365 apps.
Recent developments show that a fully-populated Azure Active Directory is considered by Microsoft to be a core part of the overall Office 365 “experience.” Yet many tenants have partly-populated directories. Is that a problem? Or might it be a future problem?
In this Ask the Admin, Russell Smith shows you how to set up Azure Active Directory Connect pass-through authentication.
Microsoft finally launched an updated interface for managing Azure Active Directory in the Azure Portal, which makes it available for administrators of all Microsoft enterprise cloud services.