At my customer we are using Privileged Identity Management (PIM) for all admin related tasks, no employee has standing access within the company.
What is PIM Let’s first start by explaining Privileged Identity Management. It is a service that is available in Azure AD and is part of Azure AD Plan 2. For a user to use it, they need this plan enabled. PIM makes it possible to give a user the privilege to elevate his or her access rights for a preset amount of time to a higher role such as User Administrator or SharePoint Administrator.
It was that time of the year again to visit Belgium for their SharePoint Saturday. An excellent day organized by BIWUG.
This year was a tribute to an amazing SharePoint teacher who passed away too soon, Patrick Tisseghem. I did not know him but heard and read about him, I only was working 1 year with SharePoint when he passed away. During the day there were videos and photos about the things he did for the community.
Some time ago I got the question if it was possible to start using AAD Connect while some of the users are already in Office 365 with a cloud account without losing their content and access. So this was a first that I had this question and found myself searching on the internet and found an article from Microsoft that this was possible. https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-existing-tenant
This article describes that you can start syncing an on-premises AD with Azure AD when you already have users in Azure AD.
Today I saw a notification in the Office 365 Portal about the correct sizing of Shared Mailboxes.
It seems that Microsoft is creating Shared and resource mailboxes with a max limit of 100GB. As the documentation states these mailboxes can only have a size of 50GB and when you need more space you need to assign an Exchange Plan 2 license to that mailbox to get 100GB of space for that mailbox.
In this post, I want to take you with me how you can use app credentials in an Azure Automation script to connect to SharePoint Online. Many PowerShell scripts use a username and password, but these are less secure than using an app credential and can also be used to login to SharePoint Online in the browser. By default, connecting to SharePoint uses basic authentication and many companies are on route to disable this to make use of conditional Access and MFA.
It was time again for the European Collaboration Summit. After the success of last year, I attended again. This time it was a bit closer to home in Mainz.
We started on Tuesday with a keynote from Dan Holme (@DanHolme) with a recap of the SharePoint Conference in Las Vegas from last week. The take a way’s for me were
OneDrive can handle over 300 different filetypes with a preview; this works in the browser and on the mobile clients.
When setting up a hybrid environment we usually first setup hybrid search and do not that much on hybrid profiles. I have noticed that there are some quirks in the hybrid profiles what might not get noticed while setting it up. At the moment of setting up hybrid profiles, there is not that much to configure. Only none, all in Office 365 or based on a group. As many of you know a good user profile consists of some basic data like a photo, name, contact details, manager and location.
There are various ways of security in office 365, this time I walk you thru the security possibilities for Email. As we start with the basics, we have the option to use an SPF record to protect us from spam on a very basic level. This is so basic and a requirement when you add the domain to Office 365.
As we go deeper into the security of the mail flow we see DKIM and DMARC.
A common situation in SharePoint is adding custom properties to a SharePoint profile. In an on-premises environment, it was very easy to link these properties to a property in AD. In SharePoint Online, you are not able to link these Azure AD properties. So how can we solve this?
There is a very simple solution for this in the Office Dev PnP PowerShell pack called ‘Set-PnPProfileProperty’.
This command sets any user profile property for the given user.
In 2014 I wrote a post on how to force the renewal of the content types in an on-premises environment and got a request on that post if it was possible to do the same in Office 365.
After a short research and some changes to the original script, see below for the result.
It uses the Office Dev PnP PowerShell CmdLets.
See below for the version for SharePoint Online