Intune was born as Microsoft’s Cloud based Mobile Device Management platform. Since then, it has grown into a management platform for both mobile devices and P.C.s. Intune can now manage iPhone, Android, Windows Phone, and some versions of Windows. It’s clear that Microsoft intends to grow Intune into a complete cloud-based device management platform.

The process of planning for an Intune roll out can be difficult. The features and functionality within Intune are ever evolving, so knowing how to deploy Intune effectively takes some studying. In this blog post, we’ll provide an introduction into Intune's current capabilities. We will test out what Intune can do to make your data more secure in a “Cloud First, Mobile First” world. 

Read More

Microsoft has been working on improving the message tracking experience in Office 365. In this blog post we’ll look at the new message tracking features that are available in Office 365, and compare how the new interface is different from the old message tracing feature.

Message tracking within your messaging environment is the easy part. Office 365 keeps track of messages as they move around your tenant, and it gives you access to that data. So message tracking is very useful for finding out what happened to messages that were sent to your tenant, or that were sent within your tenant.

Read More

If your familiar with my writing, you know I'm a huge proponent of Office 365 administrators learning and using PowerShell. While it may be true that some admin tasks are easier to accomplish with a GUI, I'm strongly of the opinion that doing as much as possible in PowerShell will help build invaluable skills.

To that end, I recently decided it was time for me to figure out how to manage Teams with PowerShell. In this blog post I'll walk though some common, and maybe some less common, admin tasks for Microsoft Teams using PowerShell. There will be no GUI screenshots in this post. By the end of this blog, you should be able to put together a decent Teams management script.

Read More

Keeping your cloud-based IT infrastructure secure is a constant effort. The people who want access to your data are always working on ways they can get in, so both you and Microsoft need to be working on ways to keep them out. Microsoft is aware of this responsibility, and since you are reading this blog I assume you are as well.

Security Playbooks in Azure Security Center are a new preview tool in your Azure tenant to assist with the task of keeping your data secure. Security Playbooks can help automate your response to specific security alerts as they are detected by Security Center. There are templates available, or you can create your own Playbook from scratch. Playbooks use Azure Logic Apps, so charges for that service do apply.

In this blog post, we’re going to look at the features and functionality available in the preview of Security Playbooks. We will step through setting up a playbook, and we’ll see what playbooks have to offer.

Read More

One of the best things about Office 365 is that we can always count on new features and functionality to be available. Microsoft is constantly working to improve the services already live in Office 365, as well as working to create new services. Some of the new services added do have an additional licensing fee attached, but Microsoft also adds a considerable number of features to the license SKUs already in-place.

One of the new services that has recently been added to the E3 SKUs is Microsoft Bookings. Bookings has been available within the Small Business versions of Office 365 for some time, but now you can add it to your Enterprise Office 365 tenant if you know where to look.

In this blog post, we’re going to explore how to active and use Microsoft Bookings in your Enterprise Office 365 tenant.

Read More

With the influx of cloud services integrating with on-premises products, many Exchange administrators wonder what...

Read More

The move to the cloud often means that we need to learn new ways to manage access to cloud based resources. The methods of delegating administrative control we are accustomed to on-premises are often no longer applicable to cloud-based resources.

Office 365 has long had built in admin roles that can be used to delegate levels of permissions to administrators. The screenshot below shows the current built in admin roles available in Office 365.

Read More

As Exchange administrators we tend to think about servers, networks, and datacenters. While all that is important, the end-users think of email as the client experience. In other words, is Outlook running nicely, or is it running slowly?

One of the biggest factors that influences Outlook performance is caching.

Read More

We get to work with the newest and coolest software all the time. One of the biggest selling point of Office 365 is the constant stream of new features and functionality. New builds of Exchange Online are pushed into Office 365 daily, therefore new features can show up at any time.

These constant updates do come at a cost. To date, the documentation for Office 365 has not kept up with the pace of change in the service. New features and functionality are often added into Office 365 with little to no documentation. This often means that we need to figure them out on our own.

Read More

Cross-forest permissions have long been one of the more difficult aspects of an Exchange Hybrid migration. Ensuring mailbox permissions are preserved can be a major undertaking.

Exchange Hybrid migrations did not support any sort of cross-forest mailbox permissions at first. After a couple of years Microsoft made it possible for full access permissions to work cross-premises.

Recently Microsoft has improved the cross-forest permissions story for Exchange Hybrid migrations. In this blog post, I’ll give you the information you need to set the different permissions in your Exchange Hybrid deployment.

Read More

As more IT services move to the cloud, the need for better security features will only increase. People want to be able to log in hassle-free, but organizations need strong authentication security. The fastest way for this move to cloud service to fail is going to be though a large security breach. Microsoft is aware of all these facts, and they are putting a lot of work into ensuring that logging into their cloud servers is both easy and secure.

Microsoft has been investing in security and identity features for Azure Active Directory. These new features are becoming Generally Available (GA) within Azure Active Directory. In this blog post I’m going to delve into some of the new identity protection features in Azure Active Directory.

Read More

In any IT organization there are administrative tasks that need powerful admin privileges. It's a good security practice that accounts should have the fewest permissions necessary, and only for the period of time they need them. But managing the temporary assignment of admin permissions becomes time consuming. As a result, many organizations assign them on a permanent basis, which is not ideal.

Furthermore, auditing the assignment of administrative permissions is a challenging task. Many of us have used custom scripts and third party reporting tools to keep track of permissions.

Read More

Recently I've been working on a project to package about 1500 applications for distribution through SCCM. To gather the information I need, I wrote a 50-question survey for a few hundred people to answer. The challenge was to get this survey to a large audience and turn the results into actionable information.

There are a variety of services available online for running surveys. This customer is using Office 365, so I wanted to make use of their existing resources. Today, Office 365 has two solutions for running surveys:

Read More

Conditional Access is a premium feature of Azure Active Directory that allows administrators to specify conditions under which users can authenticate into other cloud services. With conditional access, you can specify that a certain set of users can only authenticate to specific applications from specific IPs for example.

The hard part about conditional access is that it takes a lot of work to configure and test the policies. Ensuring that you know how a policy is going to affect your users is critical. In this blog post I’m going to look at a new tool in the Conditional Access line that helps with this problem. "Azure-Active Directory-Conditional Access-What If" gives administrators a new way to test Conditional Access policies to see what the effect of applying those policies will be.

Read More

There are several general practices that can help improve the chances of rolling out Microsoft Exchange updates successfully.

Administrators apply updates to correct issues, but there are times a patch itself will break the system. There is no single way to update and -- if things do not go as planned -- recover Exchange. Every organization has different versions and configurations for the messaging platform. Every Microsoft patch is different.

Read More