Sunday, September 30, 2018

Absorbing content from Ignite 2018

One of the biggest challenges with events like Microsoft Ignite is simply the sheer scale of information presented. There is no way that you can see everything you want, let alone absorb it all in the time.

The great thing is that apart from Microsoft Live Streaming everything for those like me that weren’t there but they also record it and make it available at:

On demand sessions

Simply search for the session, title or topic that you want. The video content actually ends up on YouTube on the Microsoft Ignite channel. However, at the moment, the sessions from Ignite are unlisted so you need to know their direct URL.

As I did with Ignite 2017 I have created a list of all the session URLs on YouTube and posted that on my GitHub here:

There currently are not many sessions in the list but I’ll continue to add them as I go along, so make sure you book mark that location. Also, if you find a link to a session please send it to me so I can include it.

Now one of the other things I like to do is go and grab all the slides from the sessions and upload them to my SharePoint site so I can search them if needed. There is great PowerShell script here:

That will allow you to grab all the slides and all the videos if you want. The script is also smart enough to determine what you already have if you re run it as you can see -


and you may need to do this as all the content is not up there just yet. I’ve managed to grab about 1,115 or 1,620 sessions so far but I’ll be running the script a few more times over the next couple of weeks to make sure I get everything.

It’ll take me a a full 12 months to go through all these sessions but it is worth the investment and kudos to Microsoft for making all this content available to anyone and everyone.

Friday, September 28, 2018

More interesting news from Ignite 2018

Here are some more announcements from Microsoft Ignite 2018 that caught my eye:

Office 365 / Microsoft 365

Announcing new Microsoft Forms features at Microsoft Ignite -

Introducing Multi-Geo in SharePoint and Office 365 Groups -

SharePoint powers teamwork in Office 365 - Ignite 2018 announcements -

What's new in Microsoft Stream - Ignite 2018 announcements -

Beginning in October, employees can watch videos on the go with the Stream mobile app for iOS and Android, with support for offline viewing.

Passwordless phone sign-in with the Microsoft Authenticator app (public preview) -

Microsoft Whiteboard is now available for more devices -

Whiteboard on iOS -


Private preview of Azure VM Image builder -

Azure monitor alerting just got better -

Move Managed Disks and VMs now available -

Introducing Azure Functions 2.0 -

Tuesday, September 25, 2018

Top learnings from Microsoft Ignite 2018–Day 1

Here’s what caught my attention on Day 1 of Ignite 2018:

1. Windows Virtual Desktop

Windows Virtual Desktop gives you a Windows 7 or 10 desktop on Azure -

"Access Windows Virtual Desktop for free if you’re a Microsoft 365 E3, E5, or F1 customer or a Windows E3 or E5 customer—you only need to setup or use an Azure free account to quickly deploy and manage your virtualization environment. Pay only for the virtual machines you use and take advantage of options such as Azure Reserved Virtual Machine Instances."

2. File on demand for Mac

Try files on demand for Mac -

3. Microsoft Learn

Microsoft Learn -

4. OneDrive updates

Beginning later this year, automated transcription services will be natively available for video and audio files in OneDrive and SharePoint using the same AI technology available in Microsoft Stream. While viewing a video or listening to an audio file, a full transcript (improving both accessibility and search) will show directly.


Leverage intelligent search with the Microsoft Graph in OneDrive and SharePoint to find audio and video that contains specific words or phrases the same way you search across documents.


Use keywords found in transcribed audio and video can be used to kick off workflows in Microsoft Flow. For example, any content that contains a specific keyword can be copied to a marketing folder for that product.

"We are pleased to announce that you’ll soon be able to sync folders from multiple Office 365 tenants on both PC and Mac." - From <>

5. Staffhub to be retired

Microsoft Staffhub to be retired -

6. A mobile app for Microsoft Stream is coming

Beginning in October, employees can watch videos on the go with the Stream mobile app for iOS and Android, with support for offline viewing. From <>

7. Azure SMB files just gets better

A new era for Azure files -

Today, we are pleased to announce the preview of Azure AD authentication for Azure Files SMB access. This feature allows the native preservation of Windows access control lists (ACLs) on Azure file shares. It also enables end users to access Azure file shares through an Azure AD Domain Services joined machine with Azure AD credentials.

Azure AD authentication for Azure SMB file access now in public preview -

8. New Azure exams

AZ-200 = Microsoft Azure Developer Core Solutions

AZ-201 = Microsoft Azure Developer Advanced Solutions

AZ-202 = Microsoft Azure Developer Certification Transition

9. New Office 365 (I suspect Microsoft 365) exam in March 2019



What will Day 2 bring?

September Office 365 Webinar Resources

Slides from this month’s webinar are at:

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

Watch out for next month’s webinar.

Sunday, September 23, 2018

Need to Know podcast–Episode 190

Brenton and I take an opportunity to get you up to date ahead of Microsoft Ignite on all the latest news in the Microsoft Cloud. We have some news about SharePoint and Outlook as well as some changes to Windows 7 support. Brenton also suggests that maybe we need a dedicated episode on PowerShell. What do you think? Let us know.

Take a listen and let us know what you think

You can listen directly to this episode at:

Subscribe via iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.




New Outlook on the web

Helping customers shift to a modern desktop

Microsoft Ignite

Microsoft Teams data residency

Windows 7 monthly update charge

PowerShell basics

Initial set up of an Office 365 PowerShell environment



Auditing Office 365 logins

Using Azure Automation to schedule mailbox checks

Saturday, September 22, 2018

Ignite 2017 sessions on YouTube

With Microsoft Ignite 2018 just around the corner I know there is always going to be a huge amount of content and no way that I can be across all of it immediately. Luckily, Microsoft has been recording these sessions and posting them up to YouTube for later review. This has allowed me to work through many sessions over the year to improve my knowledge.


Unfortunately, there is not a single directory of all the session recordings in YouTube, at least not that I know of, so I have created and maintained a list of these sessions as I worked through them. I’ve now made my list of the Ignite 2017 sessions available via my GitHub repository at:

Simply find the session that you are interested in a hopefully I’ve managed to capture the link to the session on YouTube. If you know of any sessions that aren’t listed let me and I’ll add to my catalogue.

Personally, watching the pre-recorded sessions gives me some benefits I don’t get attending in person. Firstly, I generally watch the sessions at 1.5 speed which allows me to get through more sessions. I’m also able to have my own Office 365 or Azure tenant up in another window and be following along with what I see being presented. I also get the ability to pause the session and come back later as YouTube keeps track of my history. Also, as I watch session YouTube suggest more sessions like the one I’m watching, so discovery of new relevant sessions becomes much easier once you start getting into it.

I plan to do the same for the Ignite 2018 sessions when they become available but I’ll start doing that immediately and posting into a new file in the same repository. So keep an eye out for that one coming soon.

Even after 12 months, I haven’t been able to get through everything but I do have to say thanks to Microsoft for making all this content freely available for those that couldn’t attend.

Sunday, September 16, 2018

Office 365 Mobile Application Management basics

When you look at a licensed user in Office 365 you will see sections like this:


You’ll see there are no device settings as yet.


If a user now downloads and installs the Outlook app on their phone.


and then logs into it


they will be able to receive the emails as expected.


However, they will also see that the organization is protecting their device.


and thus, they will require a PIN for the Outlook application.


They can also download the OneDrive app and connect to their OneDrive for Business.


If they however use GMail to access their emails they will again see the prompt above letting them know that Office 365 will be controlling part of this account.


The user will see the things that will be possible via remote management.


The users account can be connected via most mail clients using their login and password.


and they will be able to see their emails.


The same thing applies if they use the native mail client that comes with the device. That account will need to be put under management before it can be used as shown above.


Once done so, the user can read their emails.


Now that a user has configured their device for an Office 365 service you will see an additional option in the list of items for their account in the administration center – Device Settings.

This item is Device Settings and you should see the devices they have configured.


If you select Device Settings you should see all the devices the user has configured, as shown above. You will notice that these devices are “App managed”, which basically means just the software on the device is managed, not the operating system or the anything else on the device.


You can select the device and then select Remove company data, however, because the device is only “App managed” you’ll see that you can’t wipe the whole the device.


if you continue with the Remove company data option, you see the above confirmation screen.


If you then select Confirm you will see the above confirmation that data removal from the device has commenced.


If you wish to remove the OneDrive data as well it is best practice to go into the OneDrive settings and Initiate a sign out as shown above.


You’ll then receive confirmation that this sign process has commenced.

This basic version of device management is available across all Office 365 plans, however if you are looking for more powerful management, with full device management, then you need to consider using Intune and actually enrolling the devices which I’ll cover in an upcoming update.

Tuesday, September 11, 2018

Auditing Office 365 user logins via PowerShell


One of the common audit requirements people have with Office 365 is to determine when their users successfully. and unsuccessfully logged into Office 365.

I’ve detailed how to do this in the web interface here:

Searching the Office 365 activity log for failed logins

but now you can find this script that I have made available that will report this via PowerShell:

In the variables area you will find three options for $operations like so:

$operation="userloginfailed","userloggedin" ## use this line to report all logins

##$operation="userloginfailed" ## use this line to report failed logins

##$operation="userloggedin" ## use this line to report successful logins

Only one of these should be uncommented. (the ## designates everything after it as a comment in PowerShell, just so you know).


The first option “userloginfailed”,”userloggedin” will give you all users logins between the dates you nominate as shown above. Any failed logins will be highlighted in red, successful ones are in green.


The second option, “userloginfailed” will just so failed logins for the period as shown above

The third option, “userloggedin” will just show successful logins for the period.

Those are the main variable to change to get different outputs, but make sure you read the whole script and set the other variables appropriately for your environment.

I’ll be improving the script over time so remember to check bag regularly but now you should be able to easily audit all your user logins to Office 365 using PowerShell.

Friday, September 7, 2018

Need to Know Podcast–Episode 189

This is our follow up episode with Marcus Dervine from Webvine speaking about Digital Transformation. We continue with the transformation pillars that Marcus has outlined in his as the road to successful adoption of technologies like Office 365. Of course Brenton joins me again to catch you up on all the cloud news. We've tried to keep the update as short as we can as we noticed that the episodes are getting longer. We'll do a deeper dive into updates in the next episode as we wanted to make sure there was plenty of time for our guest.

Take a listen and let us know what you think

You can listen directly to this episode at:

Subscribe via iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.





Marcus's book - Digital Transformation, from the inside out (use coupon code CIAOPS for 20% off)


Azure outage

New file template management

Mass delete notification

Passwordless Login

Windows 10 sandboxing

Windows 10 Quality updates

Thursday, September 6, 2018

Creating Office 365 Protection Alerts with PowerShell

I’ve previously covered off how to create a new Protection Alert in Office 365 using the web interface:

Setting an alert for file download in Office 365

I’d also tried doing this via PowerShell but ran into some issues:

I’m puzzled by new-protcetionalert

Luckily, after some chasing down, I have learned that I overlooked an important option in my scripting. It seems the option:

-aggregationtype none

needs to be included. This tells the script to only create a single alert at a time. Thus to create a Protection Alert that will tell you of malware in a file in OneDrive for Business or SharePoint you need to run:

New-protectionalert -category $category -name "Detected malware in files" -ThreatType activity –NotifyUser “” -Operation filemalwaredetected -AggregationType none -Severity High

You’ll first need to connect to the Security and Compliance center with PowerShell before you can run this command.


If you then at the Alert Policies you should see the above.


Interestingly, when you look at the activity that will trigger the alert you see the above, which doesn’t provide you any indication of what the activity for the alert actually is. You will also notice that I can’t edit the activity or much else on the alert once it has been created via PowerShell.

However, I do know that setting Protection alerts via PowerShell does work so I’m happy that I can do bulk add alerts via a script. I just that one option.

Wednesday, September 5, 2018

CIAOPS Need to Know Office 365 Webinar–September


Power BI is an Office 365 service that allows to easily report and dashboard on data from a variety of sources. These sources can be from inside and outside Office 365. In this month’s webinar we’ll take a look at what Power BI and how you can start using it in your business to make better business decisions.

You can register for the regular monthly webinar here:

September Webinar Registrations

The details are:

CIAOPS Need to Know Webinar – September 2018
Tuesday 25th of August 2018
11am – 12am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

There of course will also be open Q and A so make sure you bring your questions for me and I’ll do my best to answer them.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

or purchase them individually at:

Also feel free at any stage to email me directly via with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session.

Tuesday, September 4, 2018

Determining the time Office 365 ATP takes to scan an attachment

Office 365 Advanced Threat Protection (ATP) has the ability to sandbox and test attachments prior to delivery to an Office 365 inbox. This is known as ATP Safe Attachments which you read about here:

Office 365 ATP Safe Attachments

Basically, it takes email attachments and opens them in a protected sandbox inside the Microsoft data center to see whether they do any malicious or unexpected. If it does, then actions can be taken to prevent that attachment from reaching the inbox. If not, the attachment is delivered as normal.

Now this sandbox testing does cause a slight delay in delivery of attachment. In my experience, I have never seen any attachment, no matter how large take longer than 2 minutes to deliver. However, there maybe the need to test this delivery time when troubleshooting.

Luckily, I looked around and found this great article from Kloud:

which contains some handy scripting to allow you to determine the time ATP takes to verify an attachment. So I thought I’d build on that.

To complete this process you firstly need to have a tenant that has Office 365 ATP assigned to it. You’ll also need to target a recipient that has an Office 365 ATP license assigned to them. You’ll basically send this recipient two emails, one with an attachment and one without, and then we’ll use a script to determine and report the time difference.


So step 1 is to send a standard email without an attachment to the recipient. I’ll do this here from my Yahoo account.


Once that has been successfully sent, I’ll immediately send another email that is basically the same but this time with an attachment. In this case, I’m send a Word document of 52KB in size.


I need to now wait to ensure both emails are FULLY delivered to the recipient.


If you have Safe Attachment Dynamic Delivery enabled where the body is received while the attachment is still being scanned you need to wait until this scanning process has FULLY completed.


That is, you need to wait until the whole message, including the attachment has been delivered to the Inbox as shown above.


Ensure that you are connected to Exchange Online with PowerShell already and then run my script, which you can find at:

After a few moments you should see the results like that shown above, giving you the number of additional second it took to scan the attachment. In this case around 101 seconds.

There is no real guidance from Microsoft on how long ATP scanning should take so if you do run this script I’d really appreciate you completing this short survey:

ATP Timings

so we can get an idea of what people are seeing out there with ATP. That should also give us an ‘average’ figure we can use to understand ‘normal’ ATP performance.

The survey has one required field of the time in seconds you received but if you could also indicate the size of the attachment you tested that would also help understand whether the size of attachment play a role in any way.

Like I said, my experience has been that ATP never takes more than around 2 minutes to do attachment scanning but I’d love to get your feedback in the survey if you run this script. Thanks again to Kloud for their blog post around this and doing the hard scripting yards.

Monday, September 3, 2018

CIAOPS Learn is here

One of the most common stumbling blocks I see with business today, especially when it comes to using technology is that most simply don’t have the minimum skills to drive productivity benefits. This means that technology becomes more of a hinderance than a help.

This lack of digital literacy has arisen simply because of the low priority that training has been given within the organisation. Many businesses seem to expect their staff to learn technology on ‘the fly’ or in their own time. This is not an environment where people can grow their knowledge about the products and most simply revert to using the ‘minimum’ with each product and fail to explore the full range of options and services that are available to them.

This lack of digital literacy is even more the case with services like Office 365 that are constantly being upgraded and enhanced. Without dedicated time to learning the vast majority of the benefits of these tools are going to remain hidden from the business. This in turn makes them less competitive and productive.

The challenge with traditional training is that sending people ‘back to school’, where they attend all day training courses is simply not feasible or consistent enough not to mention being expensive. Trying to pick up information from the web or YouTube can result in actually getting the wrong or misleading information.

With these challenges in mind I am happy to announce the CIAOPS Learn program that provides web based video training for Office 365 across the whole range of services. From Outlook to OneNote, from OneDrive to Stream, you’ll find it here. For a simple per user per month cost you can give people access to a vast array of up to date training material. You can also customise the learning paths that people take as well as see a dashboard of their progress.


Because this a per user per month service, you can subscribe for as long as you need. You can also sign up for as many licenses as you need at any time. There are single and multiple user options. Payments are handled directly via the CIAOPS Academy but invoicing in AU$ is also possible as well as options for resellers.

To find out more about the service visit:

where you’ll find more information as well as how to sign up immediately using the portal. CIAOPS Gold and Silver patrons also receive free access to the portal as part of their benefits as well, so if you are supporting the Microsoft Cloud you should become a Patron today to receive access to this plus a range of additional benefits.

The better you can utilise technologies like Office 365, the productive and profitable your business will be. With CIAOPS Learn you are now to do this and stay up to date for a low monthly fee.

Become digitally literate today, join the CIAOPS Learn program  

Saturday, September 1, 2018

Using Azure Automation to schedule Office 365 mailbox forward checks

One of the many things I say is that you should not think of Office 365 or Microsoft 365 alone, you should think of incorporating services like Azure as well since they provide a huge amount of additional functionality as I have detailed here before:

Add Azure to Office 365 for more flexibility

As I have also pointed out, I believe you should deploy Azure immediately with Office 365

Deploy Office 365 and Azure together

because until you start using Azure it isn’t going to cost you anything since Azure billing is typically consumption based. That is, you are only billed for what you use.

Now, one of the ways that you can use Azure to take advantage of the automation abilities it has. This is really handy when you want to run repeated process. One such process that you should run regularly I believe is checking for mailbox forwards in Office 365 tenants. I have detailed how to do manually this using a PowerShell script here:

PowerShell script to check email forwards

So, thanks to Azure automation we can take the heart of this script and automate it to run regularly against our tenant and provide an email report on which mailboxes have forwards enabled. Thus, Azure Automation allows us to automate the execution of PowerShell scripts to make life easier.

To enable all this you are going to need to use an Azure account with a paid subscription. It doesn’t have to be the same tenant as the Office 365 one, it just has to be a tenant with a paid subscription because there are costs (very slight) to running Azure Automation.


Once you have logged into you Azure tenant locate the Azure Automation Accounts and select the Add button in the top left to create a new account to use.


Give the new Azure Automation Account a name, paid subscription, resource group and location. Then select Create.


Once created, you’ll see an overview of the new account as shown above.


From the menu on the left locate Modules and select it.


Because this is a new automation account it will only have the standard PowerShell modules included. We need to go and add the one for Office 365.

We can find the Office 365 PowerShell module by selecting the option to Browse gallery from the buttons across the top on the right.


Do a search for “online” and the first result should be MSOnline as you see above.

Select this module to add it.


You should now see more detail about the module displayed. Select the Import button at the to of the page to include that module in this new Automation Account.


In a few moments you should get a message letting you know the module has been imported successfully. Remember, you only need to do this once for any new Automation Account that you wish to run commands against Office 365.


Return to the list of items for the Automation Account and locate the option for Credentials and select it. It is a few below the Modules one you just selected.


Select Add a credential at the top of the page.


Now enter the user details for the user who is going to login to the Office 365 tenant when executing the script. This will typically be a global administrator that doesn’t have MFA enabled on the account. The credentials are stored securely in Azure and will be accessed with the name of the credential account you used (here m365B555418).

Generally, you will only need one set of credentials in your Automation Account but it is possible to have as many as you want for performing different tasks.

Select Create to complete this process.


From the Automation Account menu locate Runbooks and select it.


From the menu across the top select Add a runbook.


Select the option to Create a new runbook. Give the runbook a Name and select the type as PowerShell. Then select Create to establish the area for your code.


This should then take you to an editor where you can enter your code as shown above.

Rather then re-inventing the wheel you can use my code here:

which you can just copy and paste in place.


With that done, your screen should look like the above.

A few things to note here. Ensure that you change the name in the first line of the code to match the name of the credential you created earlier because it is from here that the login details for the Office 365 tenant will be sourced. You will also need to change email addresses on the last line of the script to match your environment. Remember, if you don’t I’ll know who it is!

The code is pretty short and sweet. All it does is look for any account that has any sort of forward enabled and sends those details through. If no forwards are found you’ll also get a message indicating that.

Feel free to modify and improve the script as you see fit, this version is simply designed to demonstrate what is possible.

When you have finished editing your script, select Publish in the top left as shown. Remember to always do this anytime your code changes or is updated.


You’ll now be taken back to to the Runbook overview. Here, select the Start button in the menu to run the script immediately.


You will now be taken to the Job summary page as shown above. You can check on the progress of the job from the Job Status field as shown.

The job will first be queued and then run.


In a matter of moments the job should complete as you see above. If there are any errors or exceptions with your code then they will be visible in this summary page.


If everything went to plan, you should see an email like that shown above indicating the process has completed successfully.


Each job run is recorded in a log on the summary page as shown above. Clicking on that job will give you more details.


Now, we started this whole process with the aim of automating something so now we need to do this once we have confirmed our script is running as expected.

From the Runbook menu across the top select Schedule.


Complete your desired schedule for this process. Typically, it will be daily as shown above. When you have configured the desired options select Create and your job will now run on that schedule.

You can return to Azure Automation at any time to view and adjust your job but always remember to Publish your code if you make any changes.

Hopefully, I’ve shown you how straight forward it is to use Azure Automation with PowerShell scripting to target regular processes for you Office 365 tenants. There are many, many things you can automate thanks to PowerShell and Azure, so go forth and automate!