Office 365 Admin Updates: June 2018
AMT’s Monthly Office 365 Updates keep you up to date with new features and important announcements from Microsoft. Office 365 has a continuous roll-out of changes. We filter out the announcements that we think will be most relevant to our customers and send them out in an easily digestible form. Here are the June updates from Microsoft.
If you would like to receive these updates in newsletter form, once a month and straight to your email, please click subscribe below.
Changes to your Azure Information Protection configuration
Microsoft are making some changes to your Azure Information Protection (AIP) configuration. Starting July 1, 2018, they will be enabling the protection features in Azure Information Protection to customers with the eligible Office 365 licenses.
Please note: If you are using Active Directory Rights Management Services (AD RMS) in your on-prem environment, you should opt-out of this change immediately. Without additional steps, some computers might automatically start using the Azure Rights Management service and also connect to your AD RMS cluster. This scenario isn’t supported and has unreliable results, so it’s important that you opt-out of this change within the next 30 days, when Microsoft roll out these new features. Please see the guidance below on how to opt-out of this change.
Message Centre Reader Role
The new Message center Reader role allows you to permit your users access to Message Center within the Office 365 Admin Center. Users assigned this role also have read-only access to some admin center resources, such as users, groups, domains, and subscriptions. The Reader role permits users to monitor changes to Office 365 services by viewing all posts in Message Center and share Message Center posts with others through email.
Microsoft will be gradually rolling this out to all customers beginning this week and will complete worldwide roll out by mid-June.
Changes to AutoPilot profile assignment in Intune
Historically, AutoPilot deployment profiles were assigned to selected devices. With the May Intune update that shipped this week, here’s what you’ll do to assign these profiles:
• Create Azure AD groups containing AutoPilot devices.
• Assign desired profiles to an Azure AD group. The AutoPilot profile will now be assigned to AutoPilot devices in that group.
This change will not impact current AutoPilot profiles, devices or profile assignments. However, changes to existing profiles will apply to devices after you assign the profile to an Azure AD group that contains your AutoPilot devices
New feature: Admin controls for attachments in Office 365 Message Encryption
Microsoft are rolling out an update that allows you to control whether attachments are rights-protected when the Encrypt-only email template is used. This is a new feature in Office 365 Message Encryption and is rolling out now.
New feature: Label Activity Explorer in Office 365
Use the Labels Activity Explorer Dashboard to gain insights into labels usage in your organization, including top labels, ratio of user vs. auto-applied and more.
The rollout will be completed by the end of June.
Updated feature: Secure external sharing experience for files and folders in OneDrive and SharePoint Online
Microsoft are updating the one-time passcode secure external sharing experience for files and folders in OneDrive and SharePoint Online. With this change, external recipients who also use Office 365 in their organization will be asked to sign in to their Office 365 account. This process will create a Guest account in your organisation’s directory and can be managed by you in the same way that all other Guest accounts can be managed today. This update will also allow external recipients that use Office 365 in their organisation to open Office documents using the Office desktop apps.
The roll out for this feature has already begun and will be completed worldwide by the end of June.
Updated feature: Branding of sharing emails in OneDrive for Business and SharePoint
Microsoft are updating OneDrive for Business and SharePoint Online to give you the ability to include company branding in emails you share.
They will begin rolling this update out soon.
Introducing the Microsoft 365 Admin Centre
Admins previously using the Office 365 admin center to manage Office 365 will now use the Microsoft 365 admin Center. The Microsoft 365 admin center is your central location for managing and monitoring applications, services, data, devices, and users across your deployment. The Microsoft 365 admin center experience is very similar to the Office 365 admin center. The navigation is the same, and you’ll have the same granularity of control over your environment. As you add new apps and services like device management, those will light up in your left navigation pane. Most importantly, you’ll receive all the latest admin center updates and features as they become available. There will be no change to your Office 365 subscription or billing.
By the end of July, Microsoft will be updating the admin center links across Office 365 to use the new https://admin.microsoft.com/ address.
Plan for change: Intune moving to TLS 1.2 for encryption
As of October 31, 2018, Intune will no longer support TLS 1.0 and TLS 1.1. All client-server and browser-server combinations should use TLS version 1.2 to ensure connection without issues to Intune. Note that this change has an end-user device impact as some devices ─ devices that are no longer supported by Intune but are still receiving policy through Intune ─ cannot use TLS version 1.2. This includes devices such as those running Android 4.3 and below. You can view a list of additional devices and browsers impacted in the support blog linked in Additional Information below.
If you experience an issue related to the use of an old TLS version after October 31, 2018, you will be required to update to TLS 1.2 or to a device that supports TLS 1.2 as part of the resolution.
What’s New in the Microsoft Intune Service Update for May
Microsoft have introduced some changes that we’re excited for you to try out, for example:
• Enable kiosk mode on Windows 10 devices
• Set compliance by device location
• Multiple Exchange Connector support
Updated feature: SharePoint Document Libraries
Microsoft are aligning the behaviour of creating new files in modern document libraries with the behaviour of uploading files. When a new file is created (using Office Online) in a Document Library by clicking the New button and entering the required metadata, the file will no longer be checked out automatically to the user who created it. This allows other people to see the file even if required metadata has not been specified yet.
This will be gradually rolling this out to all customers beginning mid-June, and the roll out will be completed worldwide by the end of June.
Updated feature: SharePoint Modern Lists
Modern lists update. Microsoft will be gradually rolling this out to Targeted Release customers in late June, and the roll out will be completed worldwide by mid-July.
The following list templates now have modern UI support:
- Issue Tracking List
- Contacts List
- Custom List in Datasheet View
New and existing lists created using one of these templates will now appear in modern UI by default.
Additionally, modern UI now supports multi-line text field with the “Append Changes to Existing Text” setting enabled. Lists that contain this field type will no longer fall back to classic mode to accommodate these fields.
Updated feature: SharePoint Online storage allocation
With this change, SharePoint Online per user license storage allocation will increase to 1 TB plus 10 GB per user license purchased (up from 1 TB plus .5 GB per user license purchased). Note this does not include SharePoint Online kiosk plans including Office 365 F1 and Microsoft 365 F1.
Once complete, you’ll see this increased storage in your SharePoint Online admin center. If you are manually managing site collection storage limits those will not be changed, but you will have a larger tenant storage allocation to draw from.
Microsoft will begin rolling out this update starting late June and will be completed worldwide by the end of August 2018.
New Feature: Improved Insights and Reports in Security and Compliance Centre
Microsoft is announcing the upcoming general availability of smart reports and insights in the Office 365 Security and Compliance Center. The Office 365 SCC already gives you access to rich trend reports, real time reports and report detail views. With this new release, we are adding cloud powered reports and other dashboards that will help identify, prioritize and highlight problem areas that we recommend you pay attention to. These insights also recommend customized actions and remediation’s you can take to keep your organisation safe. This feature will be rolled out at the beginning of June and the roll out will be completed worldwide by the end of July.
New feature: Support for third party storage providers in Outlook on the web
Outlook on the web already has great integration with OneDrive for Business, but Microsoft are giving you more options by adding support for selected third party storage services. They’ll be rolling this out to Targeted Release organisations over the next few weeks, and the rollout will be completed Worldwide by the end of September 2018.
Updated feature: Sender rewriting scheme for auto-forwarded and relayed emails
This new sender rewriting scheme in Office 365 will change the sender email address to use the domain of the organization whose mailbox is forwarding the message. This will avoid rejections by some email servers with strict settings for their SPF checks. Specifically, the “Mail From” field that email servers use to determine the sender email address will be rewritten. The separate “From” header which contains the sender address that is shown to recipients in their email client will not be changed. If any forwarded emails fail to be delivered to the forwarded address, the non-delivery responses will be sent to the original sender of the email which has always been the case.
Beginning mid-July, Microsoft will begin rolling out Sender Rewriting Scheme (SRS) functionality in Office 365 to improve auto-forwarding compatibility with SPF.
Updated feature: New Exchange Mailbox Actions to Audit
After receiving feedback and suggestions, Microsoft will begin auditing two new mailbox actions (UpdateInboxRules and UpdateCalendarDelegation) to ensure that you have access to critical security-related audit data. Roll out will begin in the next couple weeks and should be complete by the end of July.
New feature: Centralised deployment for Outlook add-ins is now available
With this feature, you can now deploy Outlook add-ins to individual users, groups or an organisation with ease, right from your Office 365 admin center. Centralized Deployment supports both AppSource and Office Store add-ins, as well as custom internal add-ins. It will work for commercial Office 365 organizations across Outlook on the web, Outlook 2013 and Outlook 2016 for Windows, and Outlook 2016 for Mac.
This feature is off-by-default. You can provide the right visibility for add-ins by either enabling them for everyone in your organisation, or by giving end users the option to enable or disable them. The feature will be available to Office 365 organisations starting June 27, 2018. Microsoft have worldwide support for Centralised Deployment for all supported Office languages. They also support the Microsoft Office sovereign datacenters for Germany. The Centralised Deployment Preview is not currently supported for any other sovereign clouds. AppSource add-ins as well as custom add-ins built internally for use within your organization can be deployed using Centralized Deployment to tenants worldwide.