Edit Stream videos in admin mode

image

If you have users uploading videos into Microsoft Stream, you may have occasion to edit these as an administrator for some reason. You can easily do that from your own administration console by simply searching for the user’s video and then select the ellipse (three dots) to the right of the video, as shown above.

This should display a menu with the option Edit in admin mode, which you then select.

image

You should then see all the same settings as the user would see when they edit their video. However, you’ll also notice the big banner across the top of the page letting you know you are in Admin mode.

image

You can also to Admin mode by viewing the video and selecting the Settings Cog in the lower right. From the menu that appears you can select View in admin mode.

image

You can then select the option to again Edit in admin mode as shown above.

Stream Usage Statistics and Recycle Bin

image

If you are a Microsoft Stream administrator (and by default global tenant Microsoft 365 administrators are), then you can select the Cog in the top right of the Stream page and then select Admin settings as shown above.

image

Then on the left hand side you’ll be able to select Usage details under the Manage Stream heading. This will then show you a report of how much data your videos are currently consuming. When your organization purchased Microsoft Stream, you received 500 GB of base storage and an additional 0.5 GB of storage per licensed user. If you need additional storage for your Stream content, you can purchase one or more 500 GB storage add-ons.

image

You can also select the Recycle bin option, also on the left, to recover any videos that have been deleted for 30 days.

There are plenty more administration options inside the Stream admin area, so go and check them out!

Need to Know podcast–Episode 216

In this episode I speak with Rohan Milne, Global CEO of Switch Connect who are a telephony provider focused on enabling voice with Microsoft Teams. Rohan gives the state of play in the Australian market as well as the opportunities, not only around voice in Team, but also around digital transformation across the whole Microsoft 365 suite. Listen along for some great insights and clarification on how to take advantage of this opportunity if you are an IT reseller.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-216-switch-connect/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@switchconnectau

Switch Connect

Switch Connect – YouTube

@contactbrenton

@directorcia


Connecting to Exchange Online with Azure Cloud Shell

I’ve written previously about

Azure Cloud Shell

and how handy it is when it comes to connecting to your tenant with PowerShell. What you may not realise is that you can also Azure Cloud Shell to connect to Exchange Online! All you need to do once you have launched Azure Cloud Shell is run the command:

connect-exopssession

image

As you can see from the above where I have connected and then used the command get-mailbox inside Azure Cloud Shell.
image

This now means you could copy my mailbox forwarding checking script:

https://github.com/directorcia/Office365/blob/master/o365-exo-fwd-chk.ps1

into your Clouddrive that is part of Azure Cloud Shell and run it.

image

And thanks to Clouddrive it will be there next time you use Azure Cloud Shell. Handy eh? If you want to learn about this capability, visit:

Azure Cloud Shell now supports Exchange Online

Edge Enterprise Preview

image

Just in case you weren’t aware, the Edge Insider Preview has an Enterprise option that allows you to sign in with your Office 365 credentials.

image

and is also available for MacOS.

I will also say that having now used Edge Insider Preview for a while, I can thoroughly recommend it and have never had any troubles. I really like all this integration when you look at Windows 10, Azure AD, Microsoft 365, Office and now Edge.

Need to Know podcast–Episode 215

In this episode I speak with Alex Fields about the power of conditional access. You’ll learn what it is, how to implement it as well as many best practices recommended by Alex based in his experience and knowledge. The great new is conditional access is part of Microsoft 365 Business, so listen in for the way to make it work to protect your information.

Brenton and I also bring you up to speed with all the latest Microsoft Cloud news, so listen in for the latest as always. We hope you enjoy this episode and don’t forget to send us your feedback.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-215-alex-fields/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@vanvfields

@contactbrenton

@directorcia

CIAOPS Patron Community

ITProMentor

ITProMentor – Best parctices

Attacker Kill Chain described

ITProMentor – Free Microsoft 365 Business eBook

ITProMentor – Licensing Guide

Telstra Purple

New version of To-Do

Authenticator backup on Android now available

Prepare for iPadiOS Launch

New webparts coming to SharePoint

Azure QuickStart Center

Top 5 advantages of syncing with OneDrive

Modernize your root site

Check your journaling rules

One of challenges with security is that there are lots of places to check and secure but only one vulnerability required for compromise. Most compromises happen at the user level but there are also other places that you may want to keep an eye. One of the is the journaling rules in Exchange Online.

Now, journaling rules can only generally be configured by an administrator. According to:

https://docs.microsoft.com/en-us/exchange/security-and-compliance/journaling/journaling

“Journaling can help your organization respond to legal, regulatory, and organizational compliance requirements by recording inbound and outbound email communications.”

That means it maybe possible to record email traffic and forward it to another location. That may mean for example, a rogue administrator setting up a journaling rule to send the CEO’s emails to their own private external email box.

Defending against rogue admin is tough and requires some planning. The least that you could do is check any existing journaling rules and ensure that only required ones appear.

image

You can do this by visiting the Exchange Online Admin Center. From here select Compliance Management then journal rules as shown above.

As you can see there are no journal rules in this tenant and it is my experience that most tenants don’t use journaling at all. That doesn’t mean there isn’t legitimate reasons for having journaling rules. All I’m saying is that you should check what you have and ensure it is right.

As always, I find that using PowerShell is a much quicker way to report on this using the command:

get-journalrule

The reason which checking journaling is important, is because as I understand it, journaling won’t show up in the audit logs for the tenant. This means that once it was surreptitiously enabled, it could run unreported in the background, collecting information unknown to everyone? That is a bad thing.

The best solution against rogue administrators in general is Privileged Access Management (PAM) in Office 365:

Configuring Privileged Access Management

which is typically only included in advanced Microsoft 365 licensing like E5. This, unfortunately, puts it beyond the reach of many. So, for the time being, keep an eye on your journaling rules and check to see where they maybe sending your information.

 

Not all characters are created the same

image

I was up late doing some PowerShell coding to set alerts on mailboxes in Microsoft 365 and I had everything working nicely as you can see above. At this stage I was just using the standard PowerShell ISE to execute the code.

I had also been updating the code with Visual Studio Code so I could then push it up to my GitHub repositories. Just before call it quits I now ran the scripts directly from the command prompt which is where the Visual Studio Code version had been saved. In essence, at the command prompt, I ran:

.\o365-mx-alert-set.ps1

When I did this I now received the following error:

image

How is that possible? The code on the disk via Visual Studio Code is exactly the same as the code I had been working with directly in the PowerShell ISE. I don’t understand why I am getting this error.

I spent quite a long time trying to resolve the issue but to no avail. Out of desperation, the following morning,  I contacted PowerShell guru Elliot Munro from GITS for help.

Long story short, Elliot pointed out that from the error it appeared to be:

an issue with the em dash character, the one in front of AuditDelegate is a different dash compared to the other parameters ( – instead of – ). I guess running it from the command line doesn’t automatically convert it to the standard dash like ISE does.

BINGO we have a winner. Changing the dash to the “right” one fixed that problem immediately! Elliot, you are a legend and life saver.

image

As you can see from the above, there is very slight difference in the dash at front of the parameter. The top one is the one that works, the bottom one is the one that causes the error. No much in it eh? However, that was all it took to waste a few hours of my time late at night looking for an answer.

Hopefully, this article get found by others who may have the same issue and error in PowerShell and I can ‘pay forward’ Elliot’s assistance.