There are some exciting additions making their way to the Microsoft 365 application ecosystem this month. With improvements for Azure Active directory, and Admin Center reports, these updates will offer quality-of-life improvements for some of the most requested Microsoft 365 functionalities. The new additional tools will allow IT professionals to manage their application pools and active directories more easily.
The Updates app has been added to the MS Teams App Store and is available by default to all Teams users. Updates allows users to create, submit, and review Update workflows directly from the Teams application. Updates allows organizations to streamline their repeatable task check-in, and is a great option for verifying reports, inspections, and checklists.
The basic functionality that Updates provides has been available in various ways in the Microsoft 365 suite for quite a long time, but the creation and management of these tools has been less accessible to non-developer users in the past. With the addition of the Updates app to MS Teams, business focused users have an easily accessible tool to automate a large portion of their verification workflows right in their Teams application.
Organizations with a need for this type of task verification should consider moving their existing workflows to the new Updates Teams app. While existing workflows implemented in applications like SharePoint do offer some greater degree of customization and flexibility, the availability and ease of use that the Updates app offers may streamline the verification process to a considerable degree. To learn more about the Updates app in Microsoft Teams, visit the official Microsoft documentation.
Similarly to the Updates app implementation, E-signature approvals are now fully integrated into Microsoft Teams Approvals app. Now organizations with an E-signature provider can post and sign document approval requests using the existing Approvals app in Microsoft Teams. Previously, the Teams Approvals app would redirect users to their chosen third-party eSign authenticator (like Adobe Sign). The most recent update streamlines the workflow, allowing users to request and sign approvals without leaving the Teams application. This feature is expected to release in late June, 2022.
The full integration of eSign into Teams Approvals still requires a third party eSign tool license in addition to the licensing and admin setup required for the Approvals app. As of June 2022 only eSign providers DocuSign and Adobe Sign are fully supported in Teams. If your organization uses Teams Approvals and a supported eSign tool, it would be useful to inform the interested parties of these changes to avoid confusion. If you’d like to learn more about Teams Approvals and the integration of eSign tools you can find the resources to get started on the Teams Approvals App documentation page.
Starting in mid-July, 2022, Microsoft is adding Shared Channels to the existing channel types in Microsoft Teams. Shared Channels will allow users to collaborate with internal and external members beyond the boundaries of their assigned team or organization. Once added to a Shared Channel, external users will be able to access the channel from their Teams account without having to switch organizations.
This is a welcome addition to Teams and will facilitate streamlined collaboration between separate groups and organizations. When fully implemented by late-August, 2022, teams hosting external groups or organizations might want to consider using Shared Channels for collaboration instead of providing additional organizational accounts to external users. However, because full Active Directory access is often crucial to collaboration, Shared Channels may be less useful depending on the nature of the collaboration.
Administrators should consult with organizational security professionals to manage who is able to create these Shared Channels once they are implemented, as they could pose certain information security risks. For more information on Teams Shared Channels and access management, see the official release documentation.
A new feature has been added to Azure Active Directory (AD), Dynamic Groups. The Dynamic Groups feature, available as a preview for Azure AD Premium license subscribers, allows AD administrators to easily define a new group membership identity from the users listed in multiple existing groups. Dynamic Groups are defined by the ‘memberOf’ attribute, available for configuration using Azure portal, Microsoft Graph, and PowerShell APIs. Microsoft provides us with a helpful diagram, illustrating a simple use case for Dynamic Groups.
The users in Security Group X and Y are added to the Dynamic Group via the ‘memberOf’ attribute. Note that the users in the child security groups are not added when defined this way.
These changes shouldn’t affect existing AD Groups, but AD administrators that are looking to create new AD Groups from a pool of existing groups may find this to be a convenient way to do so. It’s worth noting that as of June 2022, this feature is still in preview so there are some limitations to the new Dynamic Groups and their associated AD Rule ‘memberOf.’ To learn more Dynamic Groups in Azure AD, and the current limitations, visit the official preview documentation.
New API endpoints have been added to the Graph API that allow Global Administrators to generate user level usage reports while maintaining pre-defined organizational security practices. The changes allow Administrator and Report Reader roles to see user, group, and site names (which are hidden by default), without having to change global report security settings. This feature is expected to be released in late July, 2022.
These changes will help reporters maintain security practices regarding identifiable information while still accomplishing their reporting goals. Organizations that consistently generate user reports should review these changes and modify their processes accordingly. Visit the Graph API reports documentation to learn more about usage reports and the latest additions to the API.
Microsoft has added three new Wizards to the Microsoft 365 Admin Center. All three can be found in the Security and Compliance section of the Advanced Deployment Guides menu. The Compliance Manager, eDiscovery, and Audit Wizards are now part of the growing catalog of setup guides available in the Admin Center. These setup guides streamline the deployment process and incorporate the best practices for deployment, ensuring that your applications and security infrastructure is set up quickly and correctly. These new wizards are available now as of late June, 2022.
Organizations that often engage in the deployment of Microsoft 365 and Office 365 services or are unsure of the most recent best practices for an existing deployment should consider working through the latest setup guides and updating their Admin Center training materials accordingly.
Microsoft has released a tool to help organizations evaluate the usage of 2013 Workflows in their clients. With the announcement that SharePoint 2010 Workflows would be unsupported as of November 2020, Microsoft also included that 2013 Workflows would soon follow their older cousins. In preparation for this eventuality, the open source Microsoft 365 Assessment Tool has been released to GitHub.
Officially endorsed by Microsoft, the Assessment Tool will provide usage data on 2013 Workflows and generate a Power BI Report to aid in planning the necessary migrations to SharePoint Online and Power Automate.
The 2013 Workflow retirement date has not been formally announced but Microsoft has shown no indication that it is not inevitable. Organizations operating in SharePoint 2013 spaces should consider using this tool to supplement their existing migration plans.