Microsoft

Blog Categories

Subscribe to RSS feed

Archives

Follow Microsoft Technologies on Pinterest

Posts Tagged ‘Office 365’

Mac Solution for OneDrive For Business

I was recently involved in a discussion about the capabilities of OneDrive for Business for Mac, with my co-worker, Michael Toole. One of his customers was in the process of migrating network shares over to SharePoint. Majority of their user base was on Mac, and had very little experience with the web UI’s, so OneDrive sounded like a default choice for syncing their files to local machine.

In this post, I share our experience and findings for a quick and easy way to address the sync problems on Mac (I’ll share the credit for this post with Michael).

Currently OneDrive for Business does not have a sync client for Mac. It’s on the roadmap for later this year or early 2015 although expect it to be released with limited functionality such as only personal site sync (no team site). In the meantime there are few third party apps which does the same. There is an app currently available in the iTunes app store but only works if you have a SharePoint Online or qualifying Office 365 business subscription. Else, look at using Microsoft Document Connection for Mac.

macdc1

This allows you to connect the libraries to your Mac in a very similar way as the windows explorer view on Windows. Although document connection does not support offline access.

macdc2

To get around that limitation, download files to the local device. When the Mac OS is offline, you’ll be able to make any changes using the local Office applications. Once the Mac has a network connection, saving the updated documents to the Document Connection is available. It’ll also respect your check in and check out (read as exclusive check out). So, check out your document while you are online. Make changes while offline, and then check in back to the library when connected. Items also cannot be saved directly to OneDrive for Business through Document Connection. Newly created files on the Mac need to be stored locally and then uploaded to the system.

Spread out your files across multiple document libraries instead of folders in the same location. OneDrive for Business does not allow specific folder sync, but do allow sync across multiple libraries. In short try to go for flat structure across multiple libraries rather than the traditional folder structure.

It’s not the most convenient way when compared to windows, but might be the best way until the public beta for OneDrive for Mac releases next year.

Office 365 – Assign Licensing “User Location” via Active Directory

The first time you assigned an Office 365 license to a user, you likely used the portal as opposed to PowerShell. There’s also a good chance you saw the error message below:

Organizations populate Active Directory user objects with varied amounts of data. In many organizations, especially global organizations, the “Country” field is populated in Active Directory. It would seem logical if I’m using DirSync / AADSync and I have “Country” populated on-premises, then Office 365 should know “Country” as well.

So why are we getting this error?
Read the rest of this post »

Yammer Sign-in Now Tied with Office 365

Keeping up with the roll out momentum, Microsoft released a significant feature last week which allows you to use your existing Office 365 credentials to access Yammer. It essentially provides the same experience as when using OneDrive for Business, Outlook, and SharePoint.

yammer signin

 

Here are some facts which will help you understand what’s covered in this release:

  • The easiest way to know when this is coming to your tenant is to check the announcement in the Office 365 message center (if your tenant fulfills the requirements). Expected rollout is slated to start in December. The global menu will change and Yammer will be included and styled as the other Office 365 services. e.g. Outlook or SharePoint.
  • This feature will support many of the scenarios previously covered with Yammer SSO, but it doesn’t cover DirSync. Yammer DirSync will still be required. Microsoft is continuing to invest in Azure AD integration and have plans that cover Dirsync in the future. Note that some of the Yammer SSO scenarios are not yet covered with Office 365 login. These scenarios are covered in the documentation here.
  • When you connect to Yammer, you’ll be routed to the Microsoft login screen, enter your credentials there and then you would be redirected to your company’s ADFS server for authentication. You will be then redirected back to Yammer after ADFS authentication.
  • If the email address used to create a Yammer account is not part of your Office 365/AAD account, then the account won’t be mapped and you will continue to login using Yammer login.
  • Longer term as Microsoft continue to deepen the Yammer, Office 365, and Azure Active Directory integration, expect Office 365 active directory sync, Yammer DirSync and O365 DirSync be combined in the future.
  • A new option to synchronize from Azure AD (rather than on-premises AD) is on the backlog.

 

Hopefully you are as excited as I am with this announcement; Happy Yammering!!

 

Office 365 – How to Handle “Large Messages” During Migration

Exchange Online provides for a fair amount of flexibility; that said, there are a few aspects of the service that cannot be changed. These service restrictions are documented in the Exchange Online Limits for each of the subscription types.

One limitation that you may encounter when migrating to Exchange Online is the “Message Size Limit” of 25 MB. Depending on your current on-premises limit, mailboxes may contain messages that exceed 25 MB; these “large messages” will cause issues during your migration. Your first encounter with large message may be a result of the error “This mailbox exceeded the maximum number of large items that were specified for this request” during a mailbox move.

There are a number of methods to address large messages with each method causing a varied level of impact to your users. After determining that there are large messages in your environment, one of the first questions to answer is what do you want to do with them?
Read the rest of this post »

Hybrid Analytics in Healthcare with O365 & Power BI Webinar Recap

Last week, we had our Microsoft last business intelligence focused webinar of the year, “Hybrid Analytics in Healthcare: Leveraging Power BI and Office 365 to Make Smarter Business Decisions.”  Heidi Rozmiarek, Assistant Director of IT Development for UnityPoint Health, spoke, along with our Microsoft BI team, on implementing an analytics platform in a hybrid environment. WebinarReplay

First, the Perficient team covered architectural components and functions, architecture options including on premises, hybrid, cloud,  and delivery considerations. Next, Steven Gregor, a technical consultant on our Microsoft BI team, reviewed Power BI and its features, including the security model and client side Data Management Gateway, and then walked through a live demo.

Last, Heidi shared how her organization is architecting a successful analytics infrastructure using Microsoft technologies. She explained how UnityPoint Health is leveraging Microsoft’s BI stack to provide simple solutions for complex questions. Heidi shared how they built the solution, collected and cleansed the data, modeled the data, and visualize and report the answer. She wrapped up by sharing her organization’s plans to move further to a hybrid on-premises/cloud solution in the next few months. Read the rest of this post »

All About ‘Clutter’ – Home Run for Microsoft Office Graph

We all receive email that we may have signed up for (such as a blog posts, newsletter) and that isn’t exactly junk, but is less probable to get our attention. Clutter uses the intelligence of Office Graph to see how important (or unimportant) this email is to you. It learns over time your levels of importance, then uses that analysis to separate the clutter from other inbox items.  You can quickly scan the clutter, mark individual items as “not clutter,” and take action on the rest of it, such as deleting it all. And if you don’t like the feature, you can turn it off.

Statement from office team – “Clutter learns from your actions to determine the messages you are likely to ignore,” . The underlying idea is quite simple: Microsoft wants to leverage the knowledge it gains about your daily work activities to automatically filter out emails that don’t immediately need your attention.

The flow works something like this : First emails considered as SPAM are rejected before its delivered to your mailbox. Then if a message lands in the inbox, it gets routed through the rules, and eventually Clutter does its magic. As a result, Clutter will get smarter over time, by learning your prior actions with similar messages, and determining the type of content and even how you are addressed in the message. This means the Clutter experience is personalized to each individual, based on their actions and their preferences.

Here is a two step process to turn ON Clutter for your Office 365 inbox. Remember it’s a individual user setting, and currently no way to automate the process for multiple users.

Clutter01

Clutter02

After turning ON Clutter, you should receive a welcome email similar to this

Clutter03

We’ve seen how you get this feature for your inbox, now let’s dig a bit deeper to understand the various facts which may help you.

SOME INTERESTING & FUN  FACTS

  • Available to all SKU’s

  • Clutter works in all clients (in terms of moving messages to the clutter folder and learning from your behavior), though it currently requires OWA to turn it on.

  • Clutter is only a feature on individuals mailboxes.

  • Not available for Office 365 groups mailbox.

  • In order get the Clutter feature earlier, enable your Office 365 tenant to receive First Release.

  • It is an Exchange feature, not a client feature. That means in mobile or desktop no special client is required. They will see Clutter emails in their Clutter folder. The items will not show up in their Inbox. Clutter is available in all mail clients that can display and sync folders from your mailbox. i.e. Smartphones, tablets, etc.

  • If the user is not reading the Yammer notification emails, then Clutter will see that they are not important to that individual and will move them out of the inbox into the Clutter folder. You will need to drag the Yammer notification email into their Inbox folder, and then Clutter will learn that messages from Yammer are important and will leave them in your Inbox in future.

  • Clutter is a user preference feature, similar to electing to use conversation view. No current plans to add clutter specific admin controls, however Microsoft is looking at how to add broader tenant rollout controls.

  • Clutter is trained approximately once per day. Moving items out of Clutter is learned during the next training cycle.

  • You can train Clutter from your phone.

  • Clutter looks at the folders at the Exchange level, independent of client.

  • Clutter is only available in online version. It is not planned for next version of Exchange Server. Clutter requires rapid feedback to fine-tune the machine learning which isn’t possible in an on-prem deployment and also requires additional server processing resources that would impact the sizing for the on-prem server.

  • Q: What is the processing order between Junk Mail, Clutter and custom rules?
    A. Junk Mail first, then custom rules, then Clutter. (AFAIK)

    Q: Can we have a rule which force something to go to clutter / not go to clutter?
    A. Yes, but if you force a message into Clutter it won’t go through the Inbox and therefore won’t be considered as a signal for learning your preferences

    Q: Can we have a rule which operates on e-mail which does arrive in Inbox/Clutter only?
    A. All rules operate on inbound mail destined for the Inbox unless redirected by a rule. Clutter currently applies after all server-side rules. Clutter is not aware of client-side rules. There is a trick that allows you to force an item to not go through Clutter processing. You can create a rule which moves the item to a folder or your Inbox and Clutter won’t be processed on messages which that rule applies to. You can’t control the order in which rules and Clutter run. Today Clutter will always run after your last rule.

    Q: Can we create a rule and specify when it should be processed (before/after Junk Mail, before/after Clutter)?
    A. No

  • Q: I added clutter yesterday afternoon and now most of my mail goes to clutter?
    A: Check for – If you get a lot of circulars and non-personal email that could be regard as clutter. Possibly most email in your inbox was left marked unread before enabling Clutter

  • Q: Does Clutter learn from the Content / subject of an email to classify?
    A: Yes. Move the Internal communication email into Clutter and leave the Sales email in your Inbox and all will be well.

  • Rules vs Clutter

    If you want to apply that level of precision, use rules. Or turn them off to let Clutter do its stuff… but accept that all of the messages will go into a single folder.
    Clutter only learns from your choices, as everyone prioritizes their inbox differently.

  • Diff between JUNK and CLUTTER

    As an example Clutter can learn which internal distribution lists you read and which ones you don’t and will move the ones that you don’t read to Clutter. Junk Email doesn’t do that. You can think of junk email as being something that is not personalized – junk for one person is junk for others. Clutter on the other hand, is highly personalized – it’s the set that you tend to ignore, but others may not. junk is something that you really do not want to see in the future. Clutter is email that you will probably want to look at, but not as a high priority activity.

  • If you are one of those users who select multiple messages and mark them as read then clutter will not learn from any signal. You need to either leave messages unread or move them to Clutter folder (via drag drop or right click move to clutter) or yet delete them as unread to generate a clutter signal. Microsoft is looking at improvements for the model that will learn from users who mark everything as read.

  • If you are using Clutter nothing has populated the folder then try moving some messages to the Clutter folder and it should get signals.

  • Clutter only works on emails which are going to your Inbox. If a rule moves the email first then Clutter won’t move it or train on it later.

 

Source: Office 365 Community Network; Microsoft.com; Office Blogs

Power BI Basics Inside Office 365 – A Video Series

Yesterday, we were fortunate to have a customer, Heidi Rozmiarek, Assistant Director of IT Development for UnityPoint Health, speak alongside our Microsoft BI team for the webinar, “Hybrid Analytics in Healthcare: Leveraging Power BI and Office 365 to Make Smarter Business Decisions.” power-bi

It was an informative session that began by covering architectural components and functions, architecture options including on premises, hybrid, cloud and delivery considerations. Following this, we had a live Power BI demo, and last but not least, Heidi shared how her organization is using the Microsoft BI stack to provide simple solutions for complex questions. Keep an eye out for a post describing the webinar in more detail, but in the meantime, you can view the replay here. 

Whether or not you attended the webinar, if you are interested in learning more about building a hybrid analytics platform with Power BI and Office 365,  I highly recommend you take a look at the following short video series.

  1. Introduction to Power BI:  The first video includes an introduction to Power BI, particularly around Power BI Sites, “My Power BI” and the Power BI Admin page.
  2. Administration and Permissions in Power BI: This video focuses on Site Admin and security basics.
  3. Data Exploration and Visualization in Power BI: The third video in the series discusses data exploration and visualization using Excel and related power tools, including Power Pivot and Power View.
  4. Data Management Gateway for Power BI: Here, we cover the steps to enable data feeds in Power BI using the Data Management Gateway.

Expanding Data Loss Prevention Across Office 365

Continuing from my previous post on Information Rights Management (IRM), today we will focus our discussion at yet another security feature which is essentially part of customer controls, known as Data Loss Prevention aka DLP.

DLP provides users with policy tips and detects sensitive information in the context of communication. DLP was first rolled out in Exchange and Outlook and then expanded into Outlook Web App (OWA). The only problem was that email is not the only way to share information. A ton of information in this digital age is shared via documents and keeping that in mind, DLP was expanded into SharePoint Online (SPO) and OneDrive for Business (ODFB). Until now eDiscovery allowed us to search sensitive content across SharePoint and OneDrive and now policy actions (restrict and block access) and email notifications are also being introduced.

Source: blogs.office.com

Source: blogs.office.com

With the advent of Office 365, the Microsoft community has become increasingly collaborative in nature, and product teams are now more agile and communicative in their approach than ever before. Building on that approach, recently Microsoft conducted a yamjam around DLP features. Some great scenarios, concerns, and solutions were exchanged. Here is my attempt to capture and summarize that for you.

—————————————————————————

Q: Will DLP be a supplement or replacement to IRM and auditing mechanisms in SharePoint? And in what way will it supplement to IRM and or auditing.

A: DLP is a great supplement for IRM today. Both of these functionalities work seamlessly in Exchange and we are extending that same experience for SPO/ODFB

Q: Will DLP have effect on the content that is shown, or not shown, in Delve

A: That is absolutely our vision. Delve adheres to the user permissions set by your admins and end users, and we will respect the same when it comes to DLP.

Q: Will DLP be a part of the announced Dropbox partnership? Extending to Dropbox for business

A: Currently DLP functionalities are planned only for ODFB/SPO and not Dropbox.

Q: Will DLP be able to enforce IRM on documents that match a policy? 

A: That is definitely in our plans and you can expect us to release that in the service in early 2015

Q: If I want to make sure my policy is enforced on all content all users should have a sufficient license?

A: Yes, you need as many DLP licenses as the number of users. DLP is licensed on per user basis.

Q: How can we protect documents that contain trade secrets or company plans from being uploaded to OneDrive and then downloaded to home computers? These are random documents that may not have specific information to search for. What is to keep users from uploading a mass amount of documents and then downloading them at home?

A: The next level is to apply Rights Management Service (RMS) policies for all content that lands in that area. You can further protect using IRM from within the client and establish a further depth of what can/can’t be done, and possibly further restrict who. Next up is setting policy rules with #dlp that again help to inform and enforce actions that are and are not allowed. In the future we’ll have additional tools via MDM to help protect and reclaim/delete content that can no longer be on devices. Additionally, we’re planning auditing and reporting capabilities so admins can run reports to understand better how content is being used (shared, modified, viewed, etc.).

Q: Is OneDrive for Business a supported application by Azure RMS?

A:  IRM works today for documents on ODFBso yes, Azure RMS works for OneDrive for business. There are some fixes we are making for IRM protected libraries so that it syncs seamlessly just like any other library

Q: ODFB Management : For ODFB and IRM, it seems to be cumbersome to turn on IRM and with certain policy settings like “Allow users to print”. Plus, it does not seem to reference centralized IRM policies like you would expect with Azure RMS because you just name your own policy and do not select from a dropdown list. Is this because IRM on ODFB is not really supported by Azure RMS yet? And is this expected to change sometime soon?

A: ODFB is certainly covered, and is a manual process today from the scope of an audit or configuration of IRM. The concern you have is valid and is something the teams are aware of for auditing, eDiscovery, DLP scenarios. We don’t have timing to share, but we do want to treat ODFB as included by default, not something you have to configure for broader application

Q: If we have 10 users on E3 and 40 users on Business Essentials, do the messages created by the 40 Business Essentials users get evaluated by DLP? What about the server-side processing? If a non-E3 user sent a message that violates a DLP rule, would it be blocked, or would it be sent to the recipient?

A: DLP does require E3, so the non-E3 users would not get a DLP experience, aka the tool tips coming early next year. No, you need to have DLP licensing to enable server side and client side processing for sensitive content. So for eg, in exchange today, every time you use the “the message contains sensitive information” predicate, you need DLP license.

Q: We have a system that generates PDF reports and emails them via SMTP. We use DLP to block the messages from being forwarded but we would like to apply document level IRM as it enters the system via SMTP?

A: Look at adding a document library into your solution. You could then add additional capabilities if above needs a little more.

Q: Can you please elaborate on the phrase “with additional policy controls and actions like Information Rights Management, coming in the first quarter of 2015″ from the 10/28 blog post on DLP? What might this mean in terms of capabilities?

A: In our initial release for SPO policies, you will have actions such as block or request access when someone uploads a document. With RMS action, you will be able to automatically apply IRM action to the uploaded document if the document contains sensitive information.

Q: What will happen if a document is accessed through an API using custom coding? Will DLP apply?

A: If the content is stored in a location that is subject to a DLP policy, such as SharePoint – then yes the changes will be scanned and subject to the DLP requirements in the policy.

Q: Will Microsoft provide a way to automatically add ODFB sites (as they are provisioned) to DLP scope?

A: Yes, you can configure a DLP policy to apply to “all” OneDrive for Business sites, which will automatically include new sites as they are provisioned.

Q: <em?Will the fact that IRM is applied to a document be able to overwrite DLP actions? For instance if IRM is applied with ‘lower’ restrictions, van DLP apply more restrictieve restrictions? Consider this example: IRM can be configured by Site Admins, so a site admin makes a library for contracts. He configures very little restrictions. At company (DLP) level we have a very strict policy and want to override what the site admin on lower level set up.

A: We currently do not allow IRM policy override. This is an interesting feature request. will be available when our policy actions are available in early 2015.

Q: We found the mobility use case to be painful as iOS and Android devices cannot open IRM protected documents minus a few exceptions like PDFs with a purchased app. When is this targeted to change to where the Office Mobile apps will support IRM protected documents?

A: It works great today for email across OWA for devices, Outlook, Outlook for MAC, OWA etc and you can expect us to add the same functionality across Office documents. IRM works today for documents on ODFB so yes Azure RMS works for OneDrive for business.

Q: With an increasing number of non-technical small business users, what is the plan to give true user account management to Global Admins in O365? This weekend we had to terminate a long time employee who lives in a different state. I checked every source for clear guidelines and documentation surrounding this is nearly non-existent. There is no simple way to prevent loss of information other than resetting the user password. If “blocked” then we could not go into Exchange Online or ODFB to back up information. If we remove licenses, we lose all data. If we turn mailbox into shared, we lose auto archive folder/ability. We cannot backup to a PST due to auto archive as well. Four days after the fact, we learned that resetting the password means they can still have access to any sessions of mail, CRM, SharePoint that have not expired. How are we supposed to manage security under these conditions? Please advise when your 100% “cloud first/mobile first” O365 Online small business customers can expect to have the right tools to terminate an employee while preventing any data loss.

A: The scenario you describe is well covered in the enterprise, where we have additional value in the E1-E4 plans. And I’m guessing you know this, but want to be clear that all the compliance tools like RMS, DLP, eDiscovery … they are only offered to enterprise. It is very common to find smaller businesses using the enterprise plans when their needs require the more robust compliance capabilities. Consider upgrading your plan to enterprise. This article should get you started: I can tell you that you can recover documents. You would need to assign a secondary user who can then go into users’ ODFB. You can do this today here: SPO admin center > user profiles > Set up MySites > My Site Cleanup – and then add a secondary owner.

Here’s the text from in-product once you get to this admin setting, “My Site Cleanup”. When a user’s profile has been deleted, that user’s My Site will be flagged for deletion after fourteen days. To prevent data loss, access to the former user’s My Site can be granted to the user’s manager or, in the absence of a manager, a secondary My Site owner. This gives the manager or the secondary owner an opportunity to retrieve content from the My Site before it is deleted. Select whether or not ownership of the Site should be transferred to a manager or secondary owner before the site is deleted. Set a secondary owner to receive access in situations in which a user’s manager cannot be determined.

Q: Any plans to add DLP to Yammer? For instance if a user decides to share his credit card number on Yammer he will get a policy tip; Such as not allowing videos to be downloaded (but only to be viewed), to making sure that PII is not being shared inadvertently in healthcare or insurance companies. You can overcome these things with peer governance but it would be great to have some tech in place too.

A: Definitively something that we are thinking about. What kind of scenarios would you like to see if/when this would happen?

Q: When or will Data Loss Prevention (DLP) become available in the On-Premise version of SharePoint?

A: We’re not ready to discuss any portion of SharePoint Server vNext (on-premises) and what will be included. That said, there are a number of 3rd party solutions today that can be integrated with SharePoint already.

Office 365 – Understanding Archiving in Lync Online [Mac Edition]

In the recent article “Office 365 – Understanding Archiving in Lync Online“, I spent some time going through the differences between Conversation History and Archiving in Lync Online. While I’m not a Mac user, a commenter on that article asked about the behavior on a Mac. Certainly a valid question,
after all, anyone that has used the Lync client on the Mac knows that it’s quite a bit different than the Lync 2013 client in Windows.

Coincidentally, a few days later, Microsoft released an updated Lync client for Mac and in the release notes were specific references to changes in the functionality of Conversation History as well as a mention about Archiving. In the interest of providing a more complete story about Archiving in Lync Online, I added a couple Mac OS X installs to my lab environment.

     Do the Mac clients honor Lync client policies settings?

     Would there be a difference in the behavior between the new “Lync for Mac 2011 14.0.10″ client and legacy versions?

The results of my testing are below…
Read the rest of this post »

SharePoint Online eDiscovery Center For All Your Legal Needs

ediscovery Featured

Ever have requests to furnish old emails, messages, documents to your HR or legal teams? In this digital era, we experience an overflow of electronic information in forms of email, documents, IM conversations, etc. It can be chaotic when you are expected to look for content from several years in the past. Have you ever wondered what it would be like if you had a tool to help with ESI (electronic stored information) to collect, classify, and analyze? Even better, a tool that allows you to then preview and preserve for as long as your corporate policies allow?

The most-affected workgroups are Legal, IT, and the governance, risk, and compliance folks, who must manage all of the data legal and compliance groups are desperately trying to search. Now with Office 365, you can do just that and more. Office 365 equips you with an eDiscovery center to manage preservation, search, and export of content stored in Exchange and SharePoint, across SharePoint farms and Exchange servers.

eDiscovery2

Your SharePoint Online tenant comes with a pre-created eDiscovery center. What it needs from you is, configuring discovery sets and setting up your search queries in order to export the results. With SharePoint Online you can run an eDiscovery case on SharePoint, Exchange, Lync, and on premises File Shares at the same time, from one management console. This lets you search, preserve, and export all relevant content from all these repositories. For every discovery case, you would create a new case site where it is possible to conduct searches, place content on hold, and export content. There are new capabilities in eDiscovery you need to be aware of:

  • eDiscovery Sets: Combinations of sources, filters, and whether to preserve content. eDiscovery Sets are used to identify and preserve content.
  • In-Place Hold: Now you can preserve sites and mailboxes using search filters. Preservation works behind the scenes… people can work on their documents and delete email and not even know it is turned on, but for eDiscovery, you have the data you need in an immutable store.

eDiscovery3

 

  • Query: Search experience which is eDiscovery focused. This reduces the output data and help you find the content you are looking for.
  • Export: Download all of the data  directly to a local machine with an offline copy of native documents, email PSTs, archived MHT web pages, and CSV files for SharePoint lists.

eDiscovery4

eDiscovery5

After searching for relevant content in a eDiscovery set, you may want to put content on hold. This enables the original content to always there when your legal department asks for it. The eDiscovery center allows you to put SharePoint sites and Exchange mailboxes on hold, without disrupting the business.  Putting a SharePoint site on hold creates a hidden document library. This enables the user to still modify any content item subject to the legal hold while keeping the original copy of the item in that hidden library. Exchange mailboxes apply the same principle by creating a hidden folder where items are actually moved to when a user deletes an item.

This post guided you through the benefits and process to setup eDiscovery and empower your legal department to query and export content to help in any litigation or compliance needs. In the next few posts, I’ll dive into some other advanced security features in Office 365.