Office-365

The title of this post is a bit strange because you need Office 365 Groups to use Microsoft Teams, it is built on top of Office 365 Groups. But then you might ask, we do not want to enable Office 365 Groups yet for our organization but we want to use or test Microsoft Teams?

To get this working you need to give a select number of people access to create Office 365 Groups, the people that is going to use Microsoft Teams do not need the permission to create Office 365 Groups. These users will not be able to create a new team, which is an Office 365 Group. They will get this error in Microsoft Teams.

In the last week of 2016 I was working on some issues that some users in certain groups were not synchronized to Azure AD. The users itself were in Azure AD but the group membership did not sync. The problem here was that the users were in another forest than the group.

At this customer, we have multiple forests with users from the different countries and they start to work together more and now we had some complaints that the users where not able to access resources while they placed them in the correct groups. The issue that we had was that the synchronization removed the users from the other forests from the group membership during the synchronization.

Since some time we have the ability to see the health of the Azure Active Directory Connect in the new portal (https://portal.azure.com) and since a few days I saw that the sync errors are now displayed in this blade as well. This is a great addition, because it will give a better overview of the synchronization errors than the email you get every 30 minutes. I also have noticed that there are rules created to move this email to another map when it arrives because it gives a lot of clutter in the mailbox.

This week I was trying to find a good way to disable the creating of Office 365 Groups from creating. I love the functionality of Office 365 Groups but it is still missing some key elements from using in a large corporation. The main thing missing is the ability to have naming convention, now you say but they released that. Well that is partly true. The naming convention is only applied when you create an Office 365 Group in Exchange, Outlook or the Groups app. When you create a group from Planner or any other application using groups the naming convention is not applied. This is because the naming convention that you can set is done within Exchange. This naming convention is initially meant for distribution groups but also applies for Office 365 Groups when created from the Exchange endpoint. This also applies to the creation of Office 365 Groups. You can disable this, but that only applies to the same 3 applications as the naming convention

A few weeks ago we got a few users telling us that they were not able to sign in to Office 365 with an error message “AADSTS50107: Requested federation realm object does not exist”. After searching the internet I only found errors with a whole domain not able to sign in because it was a subdomain and that was not recognized by Office 365. The affected users where able to sign in to other applications on ADFS and other users where able to sign in to Office 365 with that same domain name. This was a strange issue because the error would suggest that everybody should have an issue and not a few users on the domain.

Last weekend I visited SharePoint Saturday in Brussel Belgium. This was my fourth time here in Belgium and again a great one. The day was setup up 6 sessions of 50 minutes and a lunch break of 1.5 hours with a 30 minute.

We started at 9 with a welcome from the BIWUG team and the first session started short after that. I started with some developer sessions.

Get Typing with TypeScript

I started the day with a session from David Opdendries (@sharepointdavid)

Last week I had the privilege to attent Microsoft Ignite in Atlanta. This week was full of news, sessions and a lot of walking. Besides the sessions, this year the expo hall was large, I have spend a lot of time at the expo talking to venders, partners and Microsoft.

I have created a PDF from all my notes. On a few notes I have references to slides, the slides should be come available on https://myignite.microsoft.com/videos. On this site are also all the videos.

This week I will attend Microsoft Ignites 2016 conference in Atlanta. To make it easier for everyone to follow me I have created a OneNote that I will use to share my notes.

You can find that OneNote here: https://arjansp.nl/Ignite2016Notes

A few weeks ago it was the time of the year that the signing certificate of ADFS was expiring. Last year it took us by surprise because the ADFS team did not notify us and we did not put it in our agenda’s that the certificate would expire. So last year we had a lot of people complaining that SharePoint 2013 was not available anymore.

This year we had it in our agenda’s that the certificate would roll over, so we were prepared for a roll over and had contact with the ADFS team and made an arrangement to roll over the certificate. I also found a nice script that can be ran to prepare for the roll over. This script will download the new certificate and when the secondary certificate becomes the primary the script will update SharePoint.

Last week I got an email from a coworker that Microsoft has created a score website (https://securescore.office.com/) for Office 365 tenants. This website measures the security of your Office 365 tenant. By default the score of your Office 365 tenant is very low, I got on my personal tenant a score of 29 out of 243 and on one of my customers also got 29 out of 243.