Book Image

Microsoft Office 365 Administration Cookbook

By : Nate Chamberlain
Book Image

Microsoft Office 365 Administration Cookbook

By: Nate Chamberlain

Overview of this book

Organizations across the world have switched to Office 365 to boost workplace productivity. However, to maximize investment in Office 365, you need to know how to efficiently administer Office 365 solutions. Microsoft Office 365 Administration Cookbook is packed with recipes to guide you through common and not-so-common administrative tasks throughout Office 365. Whether you’re administering a single app such as SharePoint or organization-wide Security & Compliance across Office 365, this cookbook offers a variety of recipes that you’ll want to have to hand. The book begins by covering essential setup and administration tasks. You’ll learn how to manage permissions for users and user groups along with automating routine admin tasks using PowerShell. You’ll then progress through to managing core Office 365 services such as Exchange Online, OneDrive, SharePoint Online, and Azure Active Directory (AD). This book also features recipes that’ll help you to manage newer services such as Microsoft Search, Power Platform, and Microsoft Teams. In the final chapters, you’ll delve into monitoring, reporting, and securing your Office 365 services. By the end of this book, you’ll have learned about managing individual Office 365 services along with monitoring, securing, and optimizing your entire Office 365 deployment efficiently.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Office 365 Administration Cookbook
Nate Chamberlain
Sep, 2020 | 442 pages
Small book image
Mastering Office 365 Administration
Alara Rogers | Nikkia Carter | Thomas Carpe
May, 2018 | 532 pages
Small book image
Managing Microsoft Teams: MS-700 Exam Guide
Nate Chamberlain | Peter Rising
Feb, 2021 | 452 pages
Small book image
Deploying Microsoft 365 Teamwork: Exam MS-300 Guide
Aaron Guilmette
Jan, 2020 | 632 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Sections
Get in touch
Reviews
1
Chapter 1: Office 365 Setup and Basic Administration
Chapter 1: Office 365 Setup and Basic Administration
Technical requirements
Accessing the admin centers
Setting up the PowerShell environment
Viewing and filtering the roadmap
Discovering upcoming changes
Opening a service request
Monitoring service request status
Adding a domain
Changing the domain for users
Assigning a license to a user
Assigning a license to a group
Customizing navigation of the admin center
Personalizing your admin center home page
Free Chapter
2
Chapter 2: Office 365 Identity and Roles
Chapter 2: Office 365 Identity and Roles
Technical requirements
Creating a new user
Importing users in bulk
Creating a new Office 365 group
Enabling Security Defaults (MFA)
Exporting users
Managing guest users
Creating a user template
Restricting users from creating new O365 groups
Assigning the User Administrator admin role in Azure AD
Managing admin roles in the Microsoft 365 admin center
3
Chapter 3: Administering Office 365 with PowerShell
Chapter 3: Administering Office 365 with PowerShell
Technical requirements
Getting a list of all available commands
Creating a user
Disabling a user
Changing user settings or profile information
Getting a list of all users with user properties
Changing a user password
Connecting via PowerShell to SharePoint Online
Creating a SharePoint site collection
Adding a new site collection admin to all SharePoint Online sites
Restoring a deleted OneDrive site
Hiding Office 365 groups from the Global Address List
Preventing external senders from emailing internal Office 365 groups
4
Chapter 4: Managing Exchange Online
Chapter 4: Managing Exchange Online
Technical requirements
Creating a user mailbox
Creating a mail-enabled security group
Creating a shared mailbox without an O365 group
Creating a distribution list
Creating a dynamic distribution list
Assigning permissions and roles
Creating an Exchange-specific retention policy
Creating a mail flow rule
Configuring spam filter policies
Creating room and equipment resources
Enabling advanced threat protection (ATP) features
5
Chapter 5: Setting Up and Configuring Microsoft Search
Chapter 5: Setting Up and Configuring Microsoft Search
Technical requirements
Creating an acronym
Creating a bookmark
Importing bookmarks in bulk from CSV
Importing SharePoint promoted results as bookmarks
Adding a location
Adding a floor plan
Adding a Q&A result
Assigning the Search Admin and Search Editor roles
Setting up the usage of Microsoft Search in Bing
Using Search Insights dashboard reports
6
Chapter 6: Administering OneDrive
Chapter 6: Administering OneDrive
Technical requirements
Enabling the local syncing of files
Restricting local syncing to PCs on specific domains
Setting up compliance safeguards
Providing manager access to a terminated employee's OneDrive
Setting the default share link type
Configuring external sharing permission levels
Restricting sharing to specific domains
Adjusting all users' default storage allocation and retention periods
Restricting OneDrive access to devices on specific IP address locations
Configuring mobile app permissions
Migrating data using the SharePoint Migration Tool
7
Chapter 7: Configuring the Power Platform
Chapter 7: Configuring the Power Platform
Technical requirements
Creating a new Power Platform environment
Restricting certain connectors in Power Apps and Power Automate from accessing business data
Installing an on-premises data gateway
Restricting users from installing on-premises data gateways
Auditing Power BI embed codes created by your organization
Restricting Power BI's Publish to Web (anonymous share) ability to specific security group members
Restricting the external sharing of Power BI reports
Configuring a default logo, cover image, and theme for Power BI
Creating a Common Data Service database
8
Chapter 8: Administering SharePoint Online
Chapter 8: Administering SharePoint Online
Technical requirements
Creating a new site collection
Deleting a site collection
Limiting external sharing abilities
Setting up stricter external sharing settings for a specific site collection
Setting up the default share link type
Configuring site collection storage
Giving someone access to another user's OneDrive site
Importing data from network locations using Migration Manager
Hiding the Subsite creation button
Designating a site collection as a hub site and associating other site collections with it
Restricting access by IP address
9
Chapter 9: Managing Microsoft Teams
Chapter 9: Managing Microsoft Teams
Technical requirements
Creating a team
Creating a Teams policy
Creating a meeting policy
Configuring meeting settings
Creating a live event policy
Configuring live event settings
Creating a messaging policy
Configuring Teams setup policies
Configuring external access
Configuring guest access
Reviewing teams and their owners
Using PowerShell to export a list of all the teams' owners and members
10
Chapter 10: Configuring and Managing Users in Azure Active Directory (Azure AD)
Chapter 10: Configuring and Managing Users in Azure Active Directory (Azure AD)
Technical requirements
Bulk create users in AAD
Adding branding to the AAD sign-in page
Adding a privacy statement to the AAD sign-in page
Installing and connecting to AAD via PowerShell
Adding/removing users via PowerShell in AAD
Creating an access review report in Azure AD
Allowing/disallowing users from connecting LinkedIn to their account
Enabling a self-service password reset
Using SSO to simplify organization-wide sign-in processes
11
Chapter 11: Understanding the Microsoft 365 Security & Compliance Center
Chapter 11: Understanding the Microsoft 365 Security & Compliance Center
Technical requirements
Viewing a report on all users who have accessed a specific SharePoint file
Using Content Search to find content containing certain keywords
Creating a retention policy based on the discovery of certain keywords
Accessing the standard Microsoft BAA
Accessing and reviewing an organization's secure score
Complying with Secure Score security configuration recommendations
Assigning permissions for non-IT users to the Security & Compliance admin center
Using Communication Compliance to identify potential policy violations in messages
12
Chapter 12: Deploying Data Loss Prevention and eDiscovery
Chapter 12: Deploying Data Loss Prevention and eDiscovery
Technical requirements
Creating a DLP policy to protect content with HIPAA-protected data detected
Using DLP to automatically report HIPAA incidents
Creating a DLP policy for content with custom keywords in the name or subject
Tuning a sensitive information type's confidence level
Creating an eDiscovery case
Managing eDiscovery cases
Creating an advanced eDiscovery case
Changing who has access to an advanced eDiscovery case
13
Chapter 13: Monitoring Office 365 Apps and Services
Chapter 13: Monitoring Office 365 Apps and Services
Technical requirements
Finding at-risk users
Creating alerts for specific activities performed by users in OneDrive
Reviewing mail handling to see spam and malware history
Identifying your least active SharePoint sites
Reviewing search activity across SharePoint site collections
Checking the service health status and known issues
Checking general usage data for Office 365 apps and services
Checking Teams usage and user activity
Monitoring Power Apps and Power Automate usage
14
Chapter 14: Appendix – Office 365 Subscriptions and Licenses
Chapter 14: Appendix – Office 365 Subscriptions and Licenses
15
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Enabling Security Defaults (MFA)

Security Defaults are a set of rules and identify security mechanisms preconfigured by Microsoft, but the rules are left disabled by default. Enabling these defaults will impact your entire tenant. Admins and users will be required to start using MFA (adding an additional layer of security upon sign-in), better protecting your tenant and the data within from exposure through phishing and other identity-related attacks.

The See also section of this recipe includes a link to user training as well as additional resources you should read before enabling the Security Defaults, to ensure you are clear on the impact to your organization.

Getting ready

Only an admin with the Global Admin role can make these changes to the tenant security settings. These steps are based on the "new" admin center (released for preview in 2018-2019).

This process assumes you are working from a recently created tenant (2017 or newer). If you are using an older tenant and have set up baseline policies, you will need to disable those policies and move to the new Security Defaults. Additionally, you may need to activate modern authentication in your tenant (the See also section of this recipe has instructions on how to verify this). This is not required for recently created tenants (2017 or newer).

How to do it…

  1. Sign in to the Microsoft 365 Admin Center at http://admin.microsoft.com.
  2. Go to the Azure AD Properties page at https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties.
  3. Select Manage Security defaults at the bottom of the page.
  4. The Enable Security defaults panel will load:
    Figure 2.12 – Information about and ability to Enable Security defaults

    Figure 2.12 – Information about and ability to Enable Security defaults

  5. Toggle the Enable Security defaults selector to Yes.
  6. Click Save.

How it works…

You've just enabled MFA, among other security enhancements, by toggling on Enable Security defaults. Security defaults are rules, or conditional access policies, which are set by default to help control how users and admins interact with Office 365.

See also

Previous Section
End of Section 6
Next Section