New tenant admin app in Microsoft Teams

image

If you search the apps available in Microsoft Teams you’ll find a new one from Microsoft called Admin as shown above.

image

When you add the Admin app to your Microsoft Teams environment you see a number of basic administration options you can alter as shown above.

image

You can, for example, set some basic meeting settings as shown above.

At this stage the app is pretty basic but it is handy to have many of the common admin settings inside Microsoft Teams overcoming the need to switch out to the admin console. Over time I’d guess that more options will be added to this app to make Microsoft 365 management easier.

Get your Azure invoice emailed to you

image

If you need a copy of the Azure invoice emailed to you then you can configure that inside your Azure portal be navigating firstly to the Cost Management + Billing.

image

Then select Invoices from the menu on the left.

image

Finally, select Invoice email preferences from the menu on the right then enter the desired email address on the right in the dialog that appears. Remember to save your changes and from now on that email address will receive a copy of your Azure invoice monthly.

Escalating to multiple roles using Privileged Identity Management

Privileged Identity Management or PIM, is great way to ensure that users are not given standing administrative access. Instead, with PIM, these rights can be requested, approved and removed in an automated and audited way.

In the scenario where a user may need administrative rights to multiple services at the same time, say Exchange Online administration and SharePoint Online administration together, you can achieve this by using the capability in Azure AD to assign multiple roles to an Azure AD group. You then have users go through the PIM process to become members of that group. When they do, they automatically get access to the roles that are part of that group. Once PIM deactivated them, they are removed from that group and lose those permissions.

This video take you through that process.

https://www.youtube.com/watch?v=mAA1KjxjAuQ

remember, to achieve this you’ll need to have an Azure AD P2 assigned and that currently this feature is in preview.

For more information consult the following documentation from Microsoft:

Management capabilities for Privileged Access groups


Syncing M365 Message Center to Microsoft Planner

image

If you want to stay up to date with what Microsoft is developing and implementing with Microsoft 365, then you should be paying attention to information from the Microsoft 365 Message Center. You’ll find this in the Microsoft 365 Admin Center as shown above.

One of the options with this information is to have it delivered via email. To do this, select the Preferences cog as shown above.

image

Doing so will then display a number of configuration options on the right. Select the Email option from the menu at the top as shown.

image

You can now select whether to deliver these messages to the original tenant admin account, which is selected by default, but also up to two email addresses, which need to be separated by a semicolon. You can then select what emails you wish to received. Be warned, there are options for all Microsoft 365 services (like Exchange, SharePoint, Teams, etc) as well as major updates and privacy. Be careful of information overload here!

Select the Save button at the bottom of this dialog to update your preferences.

image

Another very handy option is to sync these messages with Microsoft Planner. To enable this option, select the Planner syncing menu item as shown above.

image

A dialog will now appear on the right, as shown above, that allows you to set up this process using a wizard. Simply select the Set up syncing button at the bottom of the page to commence this process off.

image

You’ll need to have a Microsoft Plan into which the Message Center will sync. If you don’t already have one, you can select the link on the page as shown to create one.

image

Your destination Microsoft Plan doesn’t need to be anything special. You need at least one bucket into which all the Message Center items will end up. In this case, that bucket will be the standard ‘To-do’ bucket.

image

Select the appropriate Microsoft Plan and the destination plan bucket, or select to create a new one.

Select the Next button at the bottom of the page to continue.

image

Like the email option, you now need to select which messages you wish to receive.

Select the Next button at the bottom of the page to continue.

image

You can now elect to import messages from a previous period i.e. messages already in the Message Center from the last X days.

Select the Next button at the bottom of the page to continue.

image

Review the settings.

Select the Next button at the bottom of the page to continue.

image

If you wish to set up an automatic process to sync the Message Center messages on a recurring basis, set the desired update time options and select the Create Flow with Power Automate button as shown.

image

Select the Continue button.

image

You’ll also need to sign in to allow access to the Message Center connector. Simply select the ‘+’ icon and the current account you are logged in with will be used. Ensure that a green check appears to the right of the Microsoft 365 message center as shown above.

image

Review the configuration and automatic syncing if enabled, and select the Done button to complete the process.

image

If you now visit the Power Automate service and look My Flows and Shared with me, you should see a Sync Microsoft 365 message center to Planner flow as shown above.

image

If you edit that Flow, you should see it simply has a recurrence trigger and a Sync messages to planner (preview) action, as shown above. The owners of this Flow will be the group associated with the Microsoft Plan you selected as your destination as well as the user who configured this process. You can always add more owners if you wish to this Flow. The Microsoft 365 message center connection will be authorised by the account you used to set up this process. This can also be altered if needed.

image

When Message Center data is synced to Planner it will look like the above, with all messages being delivered to the bucket that you nominated in the setup as individual tasks.

image

If you select any of these new Message Center tasks in Planner, they will appear as shown above, with details about the notification in the Notes of the task. These can now be used as any task would be inside Microsoft Planner.

As good as delivering Message Center information to Planner is, I feel that a better destination or this is actually Microsoft Teams. I’ll be covering off how to deliver it to a Microsoft Teams channel in an upcoming post, so stay tuned for that.

Light or Dark mode?

One of the perennial high powered technology debates is whether Light or Dark mode is better. This ranks alongside similar torch and pitch fork ‘discussion’ events  like iOS or Android, PC or Mac and tabs or spaces. Luckily, just about everything these days, including Microsoft 365, supports a choice of modes.

image

Now I’ve dabbled with switching to dark mode over the years but recently I’ve decided to go all in for at least 30 days. This means I’ve switched EVERYTHING to dark mode. Every app, every device. Dark mode everywhere.

image

So, I’ve switched my Office apps (OneNote above), browsers (Edge and Brave) as well as Microsoft 365 and Azure into dark mode.

A few days in, I gotta admit, that it takes some getting used to. The border of desktop windows is much harder to find along with the dialog windows header. I notice far more reflection from what’s behind me when using my Surface PC, which is somewhat distracting, and the local post office had issues scanning an email QR code on my iPad until I changed it back to light mode. However, I’m sticking it out for the full 30 days to see but I’m not a convert as yet by any means.

I think that dark mode works a lot better if you are a coding type who spends hours and hours every day looking at lines of code. That is not the case for productivity workers who are regularly swapping between applications. This, in my opinion, is much harder when using dark mode.

Let’s see what the 30 day trial brings. I do appreciate the benefits but whether these are noticeable to me, only time will tell.

Allow administrators to delete any chat message in Teams

By default, in Microsoft Teams, you have the ability to delete your own messages but not other people’s. That’s a good thing unless you are an administrator or owner of the Team. There are plenty of cases where a chat message from another member of the Team could be considered inappropriate and needs to be removed by an administrator. Problem is that, generally, even an administrator cannot delete another person’s chat message.

This behaviour can be changed in the Teams administration portal by making changes to the appropriate Messaging policy.

image

You’ll firstly need to navigate to the Teams administration center which you can access via the Microsoft 365 admin center. You can also get there directly by navigating to:

https://admin.teams.microsoft.com/

You then need to select Messaging policies from the items on the left as shown above.

Then, on the right, you will see the option to Manage policies, which you should select.

Most tenants should only have a single policy as shown above, but if not you’ll need to select the appropriate policy you wish to change. Simply click on the policy name you wish to change. Here, I’ve selected the only one available Global (Org-wide default).

image

Ensure the option Owners can delete sent messages is set on On as shown above.

You’ll now need to wait for that policy to be updated to your Team. It will take a little while so don’t expect the changes to be seen immediately. Not that I have tried to see whether using PowerShell to force the changes works any quick but if you find it does, let me know. The command you want if you plan to user PowerShell to make this change is:

set-csteamsmessagingpolicy –allowownerdeletemessage $true

Once the changes in the policy have been pushed out to the Team, any owner of that Team will now be able to delete any chat message from any user as simply as they can their own messages.

image

This ability will hopefully make life a little easier for Team owners who need to ensure compliance and appropriate behaviour in their Teams.