CIAOPS Brief 20240803

Microsoft 365 Insider Round Up –

https://www.linkedin.com/pulse/august-2024-microsoft-365-insider-fugwc/

Microsoft Defender XDR – Monthly news – August 2024 –

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-august-2024/ba-p/4207232

New onboarding flow to managing Android Enterprise devices with Microsoft Intune –

https://techcommunity.microsoft.com/t5/intune-customer-success/new-onboarding-flow-to-managing-android-enterprise-devices-with/ba-p/4206602

Windows 365 at three years: Customer-centric solutions for security, management and productivity –

https://blogs.windows.com/windowsexperience/2024/08/01/windows-365-at-three-years-customer-centric-solutions-for-security-management-and-productivity/

New Windows 365 features help provide a more secure workspace –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/new-windows-365-features-help-provide-a-more-secure-workspace/ba-p/4206802

Windows 365 GPU-enabled Cloud PCs now generally available –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-365-gpu-enabled-cloud-pcs-now-generally-available/ba-p/4206600

New 1Password SIEM integration with Microsoft Sentinel now generally available –

https://blog.1password.com/1password-microsoft-sentinel-siem/

Supercharge Your Business: Simplify communications with AI in Microsoft Teams and Teams Phone –

https://techcommunity.microsoft.com/t5/small-and-medium-business-blog/supercharge-your-business-simplify-communications-with-ai-in/ba-p/4205360

Microsoft Announces General Availability of Microsoft 365 Backup and Microsoft 365 Backup Storage –

https://techcommunity.microsoft.com/t5/microsoft-365-backup-blog/microsoft-announces-general-availability-of-microsoft-365-backup/ba-p/4205300

SharePoint roadmap pitstop: July 2024 –

https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/sharepoint-roadmap-pitstop-july-2024/ba-p/4204521

What’s new in Copilot | July 2024 –

https://techcommunity.microsoft.com/t5/copilot-for-microsoft-365/what-s-new-in-copilot-july-2024/ba-p/4200439

What’s New in Microsoft Teams | July 2024 –

https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-july-2024/ba-p/4205316

Looking back on FY24: from Copilots empowering human achievement to leading AI Transformation –

https://blogs.microsoft.com/blog/2024/07/29/looking-back-on-fy24-from-copilots-empowering-human-achievement-to-leading-ai-transformation/

Best practices AI and machine learning Microsoft Purview 3 min read New Microsoft whitepaper shares how to prepare your data for secure AI adoption –

https://www.microsoft.com/en-us/security/blog/2024/07/30/new-microsoft-whitepaper-shares-how-to-prepare-your-data-for-secure-ai-adoption/

Use WinGet 1.8 to download Microsoft Store apps –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/use-winget-1-8-to-download-microsoft-store-apps/ba-p/4204522

Monitoring Microsoft Sentinel Reports with Dashboard Hub & Power BI –

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/monitoring-microsoft-sentinel-reports-with-dashboard-hub-amp/ba-p/4203870

Looking back on FY24: from Copilots empowering human achievement to leading AI Transformation –

https://blogs.microsoft.com/blog/2024/07/29/looking-back-on-fy24-from-copilots-empowering-human-achievement-to-leading-ai-transformation/

Announcing quarantine release integration in MDO hunting experience!! –

https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/announcing-quarantine-release-integration-in-mdo-hunting/ba-p/4198601

Windows Security best practices for integrating and managing security tools –

https://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/

After hours

Sugata Mitra: Build a School in the Cloud – https://www.youtube.com/watch?v=y3jYVe1RGaU

Editorial

If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

CIAOPS Need to Know Microsoft 365 Webinar – August

laptop-eyes-technology-computer_thumb

Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at Power Automate.

Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.

You can register for the regular monthly webinar here:

August Webinar Registrations

(If you are having issues with the above link copy and paste – https://bit.ly/n2k2408

The details are:

CIAOPS Need to Know Webinar – August 2024
Thursday 29th of June 2024
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

Copilot plugins make all the difference

If you are using the Copilot for Microsoft 365 chat interface as shown above

and you ask it to reference something on the web, such as asking for a summary of a piece of legislation, you’ll probably find that it doesn’t deliver on the results expected as shown above.

This is because, if you want Copilot for Microsoft 365 to use content from the web you’ll need to enable a Plugin. You find these in the lower right of the screen, on the input line as shown above.

When you select the Plugin icon you’ll see the above dialog box appear where you can enable web content.

If you now run the same prompt, you’ll get a much better result as shown above.

Unfortunately, at this stage you have to enable the web content plugin each time you use Copilot for Microsoft 365. I’m still search for a way to have this enabled by default. If you do know how to do that, please let me.

Check mailbox auditing settings using PowerShell

an art deco cartoon of someone doing an audit

An important part of good security in Microsoft 365 is to ensure you are capturing all the logs available. Exchange Online has a number of actions that can be audited and some may not be enabled in your environment. The list available and what is enabled by default can be found here:

Manage mailbox auditing

Here is a quick script you can run to display all the audit settings for each mailbox:

Get-OrganizationConfig | Format-List AuditDisabled
$mailboxes=get-mailbox -ResultSize unlimited
foreach ($mailbox in $mailboxes) {
     write-host “`nMailbox =”,$mailbox.userprincipalname
     write-host (“`— Admin —“)
     $mailbox | Select-Object -ExpandProperty AuditAdmin | Sort-Object
     write-host (“— Delegate —“)
     $mailbox | Select-Object -ExpandProperty AuditDelegate | Sort-Object
     write-host (“— Owner —“)
     $mailbox | Select-Object -ExpandProperty Auditowner | Sort-Object
}

Just compare the list in the link to what you have configured to ensure everything that is available to you is enabled.

To connect to Exchange online prior to running the above code you can use my script:

https://github.com/directorcia/Office365/blob/master/o365-connect-exo.ps1

CIAOPS Brief 20240728

Create Microsoft 365 Copilot adoption community in Viva Engage –

https://www.youtube.com/watch?v=qmr0NZVvXZI

Microsoft Purview Data Governance will be generally available September 1, 2024 –

https://www.microsoft.com/en-us/security/blog/2024/07/16/microsoft-purview-data-governance-will-be-generally-available-september-1-2024/

Migrate ADAL apps to MSAL with enhanced insights –

https://techcommunity.microsoft.com/t5/microsoft-entra-blog/migrate-adal-apps-to-msal-with-enhanced-insights/ba-p/4194361

Public Preview: New Azure Monitor Auxiliary Logs Plan –

https://azure.microsoft.com/en-us/updates/v2/azure-monitor-auxiliary-logs

Onyx Sleet uses array of malware to gather intelligence for North Korea –

https://www.microsoft.com/en-us/security/blog/2024/07/25/onyx-sleet-uses-array-of-malware-to-gather-intelligence-for-north-korea/

Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture –

https://www.microsoft.com/en-us/security/blog/2024/07/24/zero-trust-in-the-age-of-ai-join-our-online-event-to-learn-how-to-strengthen-your-security-posture/

Try out the new Copilot in Planner (preview) today in the new Microsoft Planner in Teams –

https://techcommunity.microsoft.com/t5/planner-blog/try-out-the-new-copilot-in-planner-preview-today-in-the-new/ba-p/4193042

ON DEMAND | OneDrive in-depth: Learning content –

https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/on-demand-onedrive-in-depth-learning-content/ba-p/4193875

The Microsoft Copilot Dashboard is now included with Copilot for Microsoft 365 –

https://techcommunity.microsoft.com/t5/viva-insights-blog/the-microsoft-copilot-dashboard-is-now-included-with-copilot-for/ba-p/4198372

Prompts to try in Copilot for Microsoft 365 –

https://www.youtube.com/watch?v=x0WCK9mIAkU

After hours

AI’s trillion dollar time bomb – https://www.youtube.com/watch?v=dx-tMK7w5g8

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

Viva Engage Copilot adoption community setup

Navigate to:

https://engage.cloud.microsoft/main/admin/m365-copilot-adoption

and you should see:

Select the Launch early adopters button.

Make any changes or updates here and select Create.

You will have then created a Viva Engage Community in your organisation where people can share their learning journey around Copilot.

Getting Global Administrators using the Graph

A common task that needs to be performed is to return all the Global administrators in a tenant via PowerShell. With the focus on using the Microsoft Graph to do things like this you can use the following:

import-module Microsoft.Graph.Identity.DirectoryManagement

Connect-MgGraph -Scopes “RoleManagement.Read.Directory”,”User.Read.All”

$globalAdmins = Get-MgDirectoryRole | Where-Object { $_.displayName -eq “Global Administrator” }
$globalAdminUsers = Get-MgDirectoryRoleMember -DirectoryRoleId $globalAdmins.id

$globaladminsummary = @()
foreach ($adminuser in $globalAdminUsers) {
     $user = Get-MgUser -userId $adminuser.Id
     $globaladminSummary += [pscustomobject]@{
         Id                = $adminuser.Id
         UserPrincipalName = $user.UserPrincipalName
         DisplayName       = $user.DisplayName
     }
}

$globaladminsummary

which I have also uploaded to my Github repo here:

https://github.com/directorcia/Office365/blob/master/graph-globaladmins-get.ps1

You may also need to consent to some permissions like:

If your user doesn’t have these. Permissions required are:

RoleManagement.Read.Directory
User.Read.All

The list of tenant global admins will be held in the variable $globaladminsummary at the completion of this script.

July Microsoft 365 Webinar resources

The slides from this month’s webinar are available at:

https://github.com/directorcia/general/blob/master/Presentations/Need%20to%20Know%20Webinars/202407.pdf

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

http://www.ciaopsacademy.com.au/p/need-to-know-webinars

Watch out for next month’s webinar

Key Topics:

Microsoft 365 update: Robert shared some new features and updates for Microsoft 365, such as copilot in planner, inbound SMTP Dane and DNS Secure, and guest sharing in loop. 1:51
Defender for business overview: Robert explained the benefits and features of defender for business, a security product that is included with business premium and available as a standalone SKU. It provides enterprise-grade protection and integration with other Microsoft products for SMBs. 5:03
Defender for business configuration: Robert demonstrated how to configure defender for business settings, onboarding, alerts, investigations, and integrations. He advised not to use the wizard and to enable all the advanced features. He also showed how to use the assets, incidents and alerts, and vulnerability management sections. 19:34
Defender for business resources and Q&A: Robert provided some links and resources for further learning and support. He also invited the attendees to ask any questions or provide feedback. 49:11