Microsoft 365 and Teams settings and security
Little Tricks
Corporations are increasingly turning to Microsoft's cloud services in the form of Exchange Online, SharePoint Online, or OneDrive for Business. The environment previously known as Office 365, and now renamed Microsoft 365, is enjoying increasing popularity. The same is true for Microsoft Teams – and not just since the pandemic. In this article, I offer simple but effective tips for the administration of both worlds.
Although Microsoft recently changed the name of Office 365 to Microsoft 365, in many cases it's still referred to as Office 365, and the names are interchangeable. Nothing has changed in terms of administration. I start with user management, which does not always have to take place at a central IT location, because in Office 365 you can delegate administrative authorizations to users or lower level administrators.
Services are managed in the Microsoft 365 Admin Center, which you can reach quickest by going to https://admin.microsoft.com. You can see the user roles there in the Manage roles menu item in user management by clicking on the user to access the menu item. The most important roles appear first in the window. You can view all the roles that are available by clicking on the item Show all by category .
Now you will see the roles and a description. If you click on a role, you will see its members in Assigned admins . Use the Export admin list link to create a CSV file listing all roles and their members. You will only see roles with members; the report will not show empty roles. If you click on several roles, you can compare their rights in context with the menu item Compare roles .
PowerShell Management
PowerShell also lets you manage authorizations and other settings for Office 365; you need the Azure AD module:
Install-<ModuleName> AzureAD
To log in, you need the Connect-MsolService
cmdlet. For example, if you want to add user Thomas Joos
to the Teams Service Administrator
group, use the command:
Add-MsolRoleMember -RoleMemberEmailAddress "thomas@joos-test.de" -RoleName "Teams Service Administrator"
You can display all roles with Get-MsolRole
.
Spam and Antivirus Protection
In the Exchange Admin Center for Office 365 (https://outlook.office365.com/ecp) you can configure the spam settings and the virus protection from the Protection menu item. The settings correspond to the options available to you in local installations of Exchange Online. However, quarantine is not managed in the Exchange Admin Center in Exchange Online, but with the Office 365 Security & Compliance (https://protection.office.com/quarantine) item.
Connecting Smartphones and Tablets
To manage the security of mobile devices connected to Office 365 you need Office 365 Security & Compliance (https://protection.office.com/). In the Data Loss Prevention section, you will find the Manage devices link, which you can use to create policies.
Setting up Mobile Device Management (MDM) in Office 365 is a wizard-based process in the Microsoft 365 Admin Center [1]. In several steps, you first configure the cloud environment and create the policies. If users connect their endpoints to Microsoft 365, the policies are transferred automatically, but users first need to register their devices and agree to the policies for private devices. If users refuse to implement the policy on individual devices, they will not be given a connection to Office 365. You first need to enable MDM in the corresponding subscription, because the functions are not enabled by default.
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.