A real hand-banger of an issue thanks to Microsoft’s love for hiding settings behind classic admin centers. After enabling Office for Web and OneDrive (or Sharepoint) for several users, they were unable to edit Office documents in Office Online / Office Web Apps via www.office.com. They didn’t even show up!
What Was Being Seen:
What Should Be Seen:
The resolution was classic Microsoft. After making sure that the users had the correct applications assigned, namely Office Apps for Web and either SharePoint or OneDrive, we had to navigate to the SharePoint Admin Center, click on Settings, and then classic settings.
Once there, the first option was the cause of our trouble. Make sure you don’t hide the icons!
Since being thrust into using GSuite / Google Workspace, I found the GAM tool on Github incredibly valuable.
We recently have a spear-phishing attack sent to a number of users in finance pretending to be the CFO. I was able to test and then remove all the emails from users mailboxes by using the following command:
gam all users delete threads query from:[xyz]@gmail.com doit
I encountered this one recently. Google doesn’t make it simple (or clear) how to allow external people to send emails to a Google Group (which most people use as the equivalent of a distribution list / Office365 group).
In Google Admin, navigate to the Google Group and check off “Allow” (a checkmark) where Publish Posts and External intersect (seen below with the number 1 in red)
That’s it! External users will now be able to email the group.
Recently I had to implement a tag for external emails. However, I wanted to test it out first and see what would be tagged.
I created my rule and set these settings:
Audit this rule… should be checked off but can be set to “Not specified” while the mode should be Test without Policy Tips.
Ok the rule.
Wait a day, then go to to the Reports section of Office365 Security & Compliance Center. On the Dashboard, click on the Exchange transport rule section.
Once there, click the dropdown for “Show data for” and choose your transport rule. This will only list transport rules where you have checked off Audit this rule with severity level: . No matter the setting, that must be checked off or you won’t see results here!
That’s it. Filter by sender, date, etc. and you’ll see the emails affected by the rule. Happy hunting!
I’ve noted this as the 2020 edition because simply… Microsoft loves to change their GUIs and portals. If you’ve worked with Office365 for a long time, you can remember the BPOS days and all the subsequent portals.
Anywho, the link for Exchange Admin is more in-line with the Sharepoint and Teams admin portals and is easier to remember: https://admin.exchange.microsoft.com/
As of this writing, it’s… pretty blank when you arrive there. You can still run message traces through here. One of the bigger changes is they’ve combined User and Shared Mailboxes under Mailboxes and put distribution lists and Office365 groups under Groups. Resource Mailboxes are under Resources.
As of now, I still work out of PowerShell or the old admin center. This will probably be finished by late next year… just in time for the next version of the EAC to apprear.