Search

Håvard Siegel Haukeberg

Paste life: Ctrl+C -> Ctrl+V [MVP]

Category

Coding without code

The IT blog – used for work and home

How to get complete Microsoft Teams Chat and channel history with eDiscovery

Did someone say something? or Do you just need to document what has been said for later?

Here is how you can use eDiscovery to get chat and channel history. In this guide I use the two following scenarios:

1. I need to find a chat with one certain keyword

2. I need to find all chats with a certain user or between certain users.

Here is what it looks like:

Search result from a private chat
search result from a channel

Here is what you need to do:

1. Get an admin to grant you an eDiscovery Role. You need this in order to view or pull reports. Have a conversation with your organization about having a manager or a reader role. There are plenty of roles to choose from but you MUST have a reviewer role to see the preview-results

How to set eDiscovery Manager premissions
Select the user and remember to click Save.

2. Now it is time to create an eDiscovery Search. Logon with our user that has the new rights (remember, even a global admin needs to be assigned this right. https://protection.office.com is where you log in. Then click “Search” and “Content Search”

Here is what the new search experience look like. You may switch back to the old one if you want to, black circle.

3. It is time to create some conditions in order to scope the search. I have images of two conditions below. One where I lookup a keyword and one where I lookup an user or external user. Remember, dont click save just yet. Jump to point 4 first below these images.

Here it will look for the keyword “Kommune”
Here it will look for a specific users interaction on your tenant

4. Now you may modify where to look in order to minimize the time it takes to run the eDiscovery query. Click on Modify and in this scenario I want the first option only for Microsoft Teams. Check the first slider and click save.

The search can also be scoped to users and groups or even teams inside this location picker.

5. While you run eDiscovery, your administrator will be notified by email. It looks like this:

eDiscovery has been executed by me.

6. I prefer the old eDiscovery preview so I will switch to the old panel in order to browse the results. Then select your search, if you do not see it just click refresh. Now on the right side click “Preview Search results” if your query is large it might take some time for the preview to be avaliable.

Time to get your results
This result will get the latest instance when I used the word “Kommune”

7. If you need an element simply click “Get Original item” and your chat string will be downloaded to you as a *.eml

That is it. Simple but with some clicking.

Advertisements

Protect and Encrypt SPSS files with Azure Information Protection

Download the Azure Information Protection Client (Rights Management Service) client here:
https://www.microsoft.com/en-us/download/details.aspx?id=53018 You can also get a distribution package in *.msi format.
Note that there is a separate viewer file which you can use in order to open protected files on a mac, pc or mobile phone.

  1. Install it (you will get a UAC promt).
  2. Find the SPSS file
  3. Right Click it and select “Classify and Protect”
  4. Login with your Azure AD account
  5. Select your label (you may add specific people and and expiration date)
  6. Click “Use”
  7. Now it is protected by your user personally and you may track the document.

To remove the protection, simply double click it and it will run and check your credentials. If approved SPSS will run 🙂

Dual Content Streams in Teams Live Event

If you have Microsoft Teams and the proper licenses you may initiate a Teams Live Meeting. The technology behind it is described there: https://docs.microsoft.com/en-us/microsoftteams/teams-live-events/what-are-teams-live-events

In all simplicity, you want to stream a presentation to very many participants on a multitude of devices. Anyone can join from wherever.

Here is how you have a synchronized dual view of both a video stream and content stream during your live event.

First start a meeting:


Remember to select Teams Live Event
This part enables recording in Microsoft Stream
Rememer to Turn on your camera here or on the next screen
Select Dual Screen
To add more than video click the share button
Now press “Send Live” and click “Start” Recording starts automatically
This is what your participants can see
Recording starts automatically

Create a new Azure AD directory in the same tenant

In your Azure/Office 365 tenant you may have several separate directories. You may also have custom domains but they will initially belong to a specific Azure AD.

An Azure AD directory is identified by the *.onmicrosoft.com

Here is how you create multiple Azure AD directories in the same tenant:

  1. Navigate to Azure AD Blade
  2. Click Create new directory
  3. Fill in information and select the correct country
  4. Click create and wait a bit
  5. Then click to manage your new directory
  6. Add custom domains if you need or just sync your new domain with dirsync

You may now add users or set up a separate domain sync. Or even custom domains.

This user catalog is separate and users need to be invited or added. Only one user will be present and that is the admin user that you were logged on with.

Hide Azure Active Directory from users

If any user in your organization decides to start using azure he/she by default can log in at https://portal.azure.com and view the entire AAD catalog with object details. The user can also start to spin up resources and invite guest users.

First to hide the portal resources for your organization:

Now you can have hidden your org resources from all other users in the azure portal.

Next you may want to review the guest invitation permissions so users can not invite external users into your organization.

Review the settings here. Don’t be too strict.

Hvordan få Uendelig Office 365 Education Lisenser

Hvis du er en kvalifisert skolekunde av Microsoft så kan du hente ned uendelig antall Office 365 Education lisenser for fakultet og student. Det er anbefalt å skille mellom lærer og elev/student. Noe funksjonalitet er avhengig av at lisensen er riktig.

Naviger til https://portal.office.com

Trykk på “Fakturering” og velg “Kjøp tjenester”

Husk å merk av for “Planer for Utdanning

kjøp planer

Hvis du ikke har kjøpt de før så havner de litt lengere ned på listen. Jeg har kjøpt det før så hos meg står det “Kjøpt” og jeg må trykke på de tre prikkene for å hente flere eller konvertere til “uendelige lisenser

kjøp flere

Trykk på “Endre lisensantall

kjøp eller hent flere

Velg så “Send inn” og du vil nå få uendelig lisenser for Office 365 A1 (Education)

få uendelig lisenser

Du får en oversikt over lisensene dine under “Fakturering” og “Abonnementer

Activate Azure Enterprise Subscription

Hi, here is a quick walkthrough of how to activate your top level Azure Enterprise Subscription Account on https://ea.azure.com

This is where you define your organization, departments and organizational structure down to the individual faculty level.

NOTE: You do this before you log into https://portal.azure.com .

NOTE 2: DO NOT add student and teachers here. This is for administration, IT and some researchers. You add teachers and students later in https://portal.azure.com

  1. Find your activation email and copy or click the link (if you click it, make sure you are not logged into any other account.) azure welcome email
  2. Use your OFFICE 365/AZURE AD ACCOUNT for your enterprise. Do not use a Microsoft account such as @hotmail.com
  3. Verify that you are using your correct workplace account to login to the service.
  4. Verify that again. I am serious. Make sure you are using the right account. If you are unsure, stop what you are doing and email me hhauk@microsoft.com
  5. Your EA subscription is now linked to your workplace account. You are done.

Now you should add extra administrators. Click on Manage and “Enrollment” and add minimum 2 named admins.

AddAdmin

Now, look at your organizational structure and start to add Departments. Remember to add administrators to each department.

AddDepartment (1)

AddAdmin2

Once you have set up your departments and accounts you may add additional subscriptions. Remember that services that run on different subscriptions do not talk to each other. Click Subscriptions and add extra subscriptions. You may create as many as you would like.

 

 

As you have multiple subscriptions with the same name, it is smart to change the name of each subscription. you do that in the https://portal.azure.com click on “Subscriptions” then select the subscription you would like to rename and click “Rename

ChangeSubscriptionName

Finally it is time to add users or co-editors to your subscriptions. This can be students or teachers that only need access to this subscription for teaching or learning reasons.

 

 

 

 

Enable Microsoft Bookings in Office 365 Education

If Microsoft Bookings is not turned on for your organization by default, this is how you enable it.

My tenant setup

  • Office 365 A1 Education / Office 365 Education
  • My user is  a Global Admin
  • Please note that Bookings is a Office 365 A3/E3 feature (I can enable it but not use it)

Step 1:

Navigate to https://portal.office.com

Step 2:

Click on Services and Addins (The image has local language)

office 365 admin portal

Step 3:

Find Bookings in that list and click it

office 365 services and addins

Step 4:

Make sure that the first slider is set to On

Please take a note of the feature in red.

This feature does 2 things:

  1. Enables Facebook login which makes it easier for users outside your organization to book
  2. Enables sharing to social media.

It is by default “Off”. I suggest setting this to “On” if you are only using bookings with users that belong to your Office 365 Organization. Then you force them to use their Office 365 credentials to login and book. If you want external users, consider setting this to “Off”

enable microsoft bookings

 

Adopted from the Microsoft guide here: Turn on Bookings (Microsoft)

Please se the guide above for instructions on how to turn off/on bookings for individual users.

Enable windows hello login with camera on Windows 10 Intune joined machines

Symptom:

If you have a Windows 10 machine with a camera that supports Windows hello login you might see that Windows Hello is disabled by administrator.

windows 10 hello disabled

This is becasue of the Intune Policy in Microsoft Intune.

Implications:

Note, that if you want to enable Windows Hello you will also force the user that uses Azure AD join to enroll with a pin, adding an extra step to the Azure AD join process.

Steps:

Navigate to https://portal.azure.com and log in with admin credentials and select Intune.

intune blade

Select then Device enrollment.

device enrollment

Select then Windows Enrollment

windows enrollment

You should then see Windows Hello for Business, click it.

manage windows hello for business

You may create several policies based on Groups. However there should be a default policy that is assigned to everyone.

default policy

I had the policy disabled. Now click enable.

whfb status

You do not need to change any settings, just Ensure that you allow biometric auth. Then remember to click “Save”enable biometric and click save

That is it. On a Windows 10 Device you can update the policies or log off/on/restart to recieve this new policy.

windows hello enabled

You can also force this policy Down on the Device by syncronizing it:

syncronize with intune

Blog at WordPress.com.

Up ↑

%d bloggers like this: