We recently had to perform the year-end tasks in Teams/SchoolDataSync which should be easy really – run through the cleanup process to archive all of last year’s teams, then update the SDS profiles with the new term dates, and resume syncing with the new data. Unfortunately ours messed up and removed all members from the archived teams – presumably as I forgot to hit “Reset Sync” before feeding it the new year’s data.
Luckily there’s a solution to get these memberships back – we need to go and search the Azure AD audit log for group membership removal events. Head to the Compliance Admin Centre > Audit > Audit Search, and search for the activity “Azure AD group administration: Removed member from group”. Put the date range in, and click Search. You should hopefully get some results, all performed by the ServicePrincipal account. If you click onto one of these results and examine the data, you’ll notice we can discover the username, team name and the team’s group ID, which is all contained in the JSON formatted data associated with the log entry. Continue reading “Teams: Recover deleted team memberships”
There’s been a Group Policy setting to sync Team/SharePoint libraries for a while although last time I looked at it the functionality didn’t actually work yet – I think it was meant to be available from Windows 10 1909 but didn’t quite make it. Besides the fact that the setting didn’t do anything, all the documentation claimed it could take “up to 8 hours” for the library to appear in the user’s sync client/Explorer – clearly this is no use especially if you’re in an environment where people hot desk and share machines. I’ve had another look at it to see if it’s any better now.
I don’t like things that can’t be automated. I started looking at School Data Sync (SDS) last year, however the templates provided by iSAMS, which is our school Management Information System, just gave a set of CSVs and you had to manually click to get them, then click to upload them into SDS. Since iSAMS has an API, I thought this was a bit of a silly way of doing things – who wants to go through a manual process every time a pupil changes class? So instead I wrote my own powershell to pull the data through the iSAMS API, then run through the New-Team cmdlet to create a team per class, and populate it with teachers and students.
As we’re a school we need our new teams to be running the Edu_Class template, but the template parameter on New-Team only exists in the preview (and in Graph, on the beta endpoint) where it has much harsher limitations on how often and fast you can call it – a nightmare trying to call it in a loop. Anyway with the addition of “Start-Sleep 30” in the loop I eventually got them all created. However this time I am having another look at SDS and using Power Automate (previously known as Flow) to make the process completely automatic.
A while ago I needed to update my PHP applications mail handing scripts, as Microsoft are disabling basic authentication and they connected using EWS with basic authentication. I took the opportunity to update them to use the Microsoft Graph API instead.
My systems generally run mail as a background process, e.g. sending/receiving mail to the helpdesk mailbox, so this article is written in that vein. If you wanted to access mail in an interactive way (so the user is sat in front of the browser at the time mail is accessed) you’d need to switch to Delegated rights, rather than Application, and the user would log in rather than the script logging in. I’ve not looked at this so not able to say much more about it.
(Updated 4th Sept 2020: Use New-CsBatchPolicyPackageAssignmentOperation instead of Grant-CsUserPolicyPackage now)
I’ve recently needed to apply a PolicyPackage to a group of users (well 2 packages to 2 groups) using PowerShell – as the Teams Admin centre only allows you to apply to users by typing in all the names one at a time and pressing Add and discovered the New-CsGroupPolicyAssignment cmdlet, which looks good – however this applies a policy to a group, but I want to apply a policy package.
I’ve been looking for a way to get mailto: links in websites open in Office 365 (Outlook Web) rather than the full Outlook client – as we have Outlook installed on our network, but unconfigured as everybody uses the web version.
I wrote something about 10 years ago which did this when we had a local Exchange box, although it’s since been lost as it no longer worked when we updated from Exchange 2003 to Exchange 2007. I’ve since written a new one which works with Office 365! Continue reading “Office 365 mailto: Link Handler”
I’ve been looking for a while at a way to automate email signatures for everybody using OWA on Office 365. The new layout we want for our signatures includes images and everywhere I’ve read says it’s impossible to embed images in a signature set using PowerShell. (Note I want them embedded rather than hotlinked).
The solution I came up with takes details from the Active Directory user account – I’m using the description field to insert the person’s name (to allow things like “Mrs Blah” rather than just outputting firstname surname), fields like title (job title), telephone, mobile and also using a few of the extensionAttributes for the Twitter/Facebook links. All of these are standard fields so no need to mess with the AD schema. Continue reading “Office 365 Automated Signature Generator”
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.