All about Microsoft 365
Spotting some strange entries in the output of a Graph SDK cmdlet leads us down the rabbit hole of troubleshooting “missing” GUIDs in Entra ID. Or how SignInActivity data for users’ access to other tenants is collected …
Do you know that you can now restrict access to the Microsoft 365 audit log events based on membership of Administrative unit(s)? Read the full article to find out how! …
Continue readingMicrosoft 365 Audit adds support for administrative unit scoping
Microsoft has been gradually expanding the reach of its Conditional Access feature, while at the same time also releasing a bunch of controls that allow us to more granularly scope CA policies. Examples in this area include not just the ability to scope policies to a subset of the objects …
Continue readingScoping conditional access policies to “tagged” applications
Microsoft has steadily been adding Graph API endpoints to cover eDiscovery scenarios, albeit only targeting the “Premium” experience. Just recently, the Export operation become available, bringing full coverage for (Premium) eDiscovery operations. Among other things, eDiscovery export is still being leveraged as one of the few ways to get data …
Continue readingUsing the Graph API to Export eDiscovery (Premium) datasets
For this week’s updated PowerShell script, we will tackle the scenario of removing all mailbox (Full access) permissions for a given user. Such task might be performed as part of a cleanup after (suspected) account compromise, or as part of the leaver process. We did in fact cover this scenario …
Continue readingBulk remove mailbox permissions for Microsoft 365 users