Manage Microsoft Teams from Powershell and admin center

This article outlines the steps to manage Microsoft Teams from powershell and admin center.

We need to download the Microsoft Teams Module from the powershell Gallery

Install-Module -Name MicrosoftTeams -RequiredVersion 0.9.0

PWT

PWT1

Verify if the module is installed

Get-Module MicrosoftTeams -ListAvailable

FM1

Connect to Microsoft Teams

Connect-MicrosoftTeams -Credential $cred

PWT2

To view the teams

Get-Team

PWT3

To view Team Guest Settings and Team Fun settings

Get-TeamGuestSettings

Get-TeamFunSettings

PWT5

PWT6

List of team commands available as of now

Get-Command -Module *teams*

PWT8

To create new Team

New-Team -DisplayName TeamName -Description GiveDescription -AccessType private -AddcreatorasMember:$false

PWT9

PWT10

Unfortunately Add-TeamUser is not available for bulk operation as of now. Microsoft will release them in near future very soon from teams module.

PWT12

Bulk adding/removing  the associated group unified group for that team is not populating the users to the Team immediately. The Microsoft Teams PowerShell module is based on Microsoft Graph.This is because of the Microsoft Graph SLA is 24 hours to replicate and synchronize any changes done from azure AD.

Below command can be used to bulk add the users to associated teams group.

Import-Csv D:\Teams\Test.csv | % {Add-AzureAdGroupMember -ObjectID mentionobjectid -Refobjectid $_.objectid}

PWN

Below command can be used to bulk remove the users to associated teams group.

Import-Csv D:\Teams\Test.csv | % {Remove-AzureAdGroupMember -ObjectID mentionobjectid -Refobjectid $_.objectid}

PWN1

The same action can be performed via unified group as well.

Import-Csv E:\Teams\T1.csv | % {Add-UnifiedGroupLinks -Identity T1 -LinkType Members -Links $_.userprincipalname}

FM31

Now the new admin center for Microsoft Teams and SFB have options to manage MS teams

Untitled.png

Adding and updating locations data

Untitled1

Following options are available from end users options in MS Teams

Untitled4

Following meeting policies to control the features are available

Untitled6

Following org wide settings are available

Untitled7

Untitled8

We have the meeting customization settings

Untitled9

Option to customize the real time media traffic to online is also available

Untitled10

Controlling  the live event policies is present

Untitled11

Global user level policies can be enforced

Untitled12

Controlling external access

Untitled13

We have option to control the guest access settings

Untitled14

We have very nice option to have email integration, File sharing option and show organization tab to end users.

Untitled15

Skype for business Interop, search and Bots feature can be customized.

Untitled16

We have the teams upgrade options which have island mode set by default.

Untitled17.png

After this we have the Call quality dashboard and first line worker configuration as a last option. The First line worker configuration will be removed and will not be available after october 2019 according to Microsoft . All these features available in  first line worker configuration are available in MS Teams and customer needs to shift to MS teams.

Above are the list of administrative options available for Microsoft Teams as of now and they will be definitely changing and adding more new features since Microsoft is more focused on enhancing and bringing new features in Microsoft teams.

Thanks & Regards
Sathish Veerapandian

Microsoft Teams – Blur your background experience

Microsoft  recently added a new feature of blur my background in Microsoft Teams. This feature is really cool. This helps participants to attend the meeting on the go  from anywhere like coffee shop, restaurant , even from home without worrying the background  and provide participants to focus only on the person attending the meeting.

Once we have joined the meeting, there is an option to choose blur my background.

Blur3

Once enabled we see the background completely blurred. This is a rock solid feature which is more helpful when we are attending meeting from outside, home and do not need to worry about  on choosing  a right place to attend a video conference.

Blur1

New artificial intelligence (AI) powered option from Microsoft uses facial detection to blur the background during video meetings.

Microsoft through  its machine learning technology brought intelligent meeting recording which will provide speech to text transcription capable of applying captions automatically and searchable transcript. These options will be available worldwide later this year and customers will be able to stream live and on demand events in teams.

 
Source – https://www.microsoft.com/en-us/microsoft-365/blog/2018/09/24/10-new-ways-for-everyone-to-achieve-more-in-the-modern-workplace/

Bulk Import local PST files to Office 365 mailboxes

In this article we will look at the steps to bulk import PST files to office 365 mailboxes.
There might be a scenario when a switch over from on premise to office 365 is done users might have maintained local PST files in network drive without an archive solution which is a bad practice.
When we run into these kind of scenarios its definitely not recommended to maintain this data in this approach.We might have bunch of pst files or probably more which might be 10 years worth of email that needs to be imported to the associated mailboxes.

There are 2 options to perform this action

Method 1: Use the free Azure service to upload the .PST files and map to the users mailbox.

Below prerequisites needs to be done:

1)So as a initial prerequisite move all the pst files to one central location which will be easier to perform the bulk import. If you have them in different sites then better to create one central location per site.

2)If we have more number of PST files and the data is more then create multiple jobs which will be better for tracking and not to choke the bandwidth and throttling.

3) The administrator will require a mailbox import\export rights to perform this operation.

Step 1:  Assign RBAC Mailbox import Export role to the required account. This can be done via power shell to connecting remote session to office 365 account or via Exchange admin console in office 365.

Untitled

Untitled1

 

Office356

 

Once permission is granted navigate to data migration option setup  in the admin  page in office 365 admin URL – Here we need to select the option upload PST files.

2

Now Upload PST files go to New Import Job and type the Job name >> Next. Then check on Upload Your Data or hit on Next.

3

Now an import job window will appear. Here we need to click on Show network upload SAS URL and copy the URL by clicking Copy to clipboard. After that download Azure AzCopy for download the AzCopy tool and install the application.

4

Click on Azure AzCopy software and type the given command.

AzCopy.exe /Source:\\network path /Dest:”SAS URL” /V: give location  to save log file \AzCopy.log /Y

5

Note: We need to give the Sharing Permission for our file or folder where the PST file is present.

Navigate  to the import data window and check on the both preparing the mapping file’s option and click on Next.

6

Now in this import data we need to create the pst mapping and user in the excel file.

7

And upload the file by clicking the Select mapping file option

8

 

9

Once done we can see the pst files have been successfully imported to the associated office 365 mailboxes.

Method 2: Use a third-party solution for migrating PST to O365 Cloud Platform

Sometime we need  solution to import specific items from bunch PST file data into Office 365. So here we are going to discuss one more method which is a third-party tool for migrating PST to Exchange Online Mailbox.

I happened to have a look at this  MailsDaddy PST to Office 365 Migration Tool and it provides  security and easiness to Import all PST file data like emails, contacts, calendars, appointments, and attachments etc into o365 .

The tool carries advantages like:

Export the selected items only: It will show all the preview of PST file data and you can select the items and migrate them to O365 account. This is very much useful where in terms of an organization have restored a large mailbox from the old backup tapes for a legal issue. Here the exported huge PST from the backup can be taken and only the required important emails can be selected and imported to the user mailbox in online.

Date Range Filter: With the data filter option you can search the emails between the specific times and import only required data from PST file to Exchange online Mailbox. This option is also useful for cases where end user requires a restore of missing emails or a resigned employee from an old data from the backup and extract data only for last 1 year and importing them to the associated  office 365 mailbox.

Impersonation Option: Using this option, we will be able to migrate multiple mailboxes using sharing throttling and connection limits of each users. To use the impersonation export option, users must have application impression rights and full access to the admin account.

Bulk export Option: With this option, we can export multiple PST files into multiple mailboxes by mapping all mailboxes using a CSV file.

Below are the steps to use the Mails Daddy PST import tool :

Step 1: We can download this application and install it.

Step 2: Once it installed launch this software. After that click on Add file to upload the PST file.

Step 3: Once we click on upload the PST the software it will show all the preview of the PST file data.

10

Now we can select the mail, contacts, calendars, appointments, and attachments etc. if we need to export only selected items.
Click Export button to import all data from PST into Office 365.
Now select the provide export option and put the Office 365 Mailbox ID and password>> click Export.

Here we have 3 options export  all folders , export selected folders, export to primary mailbox and export to archive mailbox.

11

Once the export is clicked the  selected emails will be imported to  associated office 365 mailboxes successfully.

Steps to enable vault cache in Enterprise Vault

In this article we will have a look at enabling vault cache in veritas enterprise vault.

What is Vault Cache?

Vault cache is like a personal folder  or local copy  of their archived data which can be enabled and presented to end users in outlook. This can be  limited based on size of the file  and  can be enabled only for few users based on the requirement.

When this option is enabled it is provides  a local pst folder mapping  of users archived data to end user  through virtual vault. This wizard starts automatically once after we enable this option on server side and we need to run this setup only once from the end user side.

Follow the below steps to enable vault cache in enterprise vault:

Logon to Enterprise Vault – expand the policies container – navigate to  exchange  desktop policy  and select properties – click on Vault cache tab Click on enable – make vault cache available for users.

Once done we get the below warning to ensure that the cache location have enough space in addition to other vault operations that takes place from this location. Because enabling this option adds extra files in this location during the end user actions.

VaultCache1

We can check the vault cache location  and cache size in below location

Open vault admin console – navigate to enterprise vault – right click on ev server properties – click on cache tab- Make sure that you have added some extra space based on the number of users that we are going to assign this policy to end users

VaultCache2

Once enabled we have the following options

we can allow users to decide whether they can choose this option or leave them not to enable and access from EV store.

We have option to limit the archive download on GB. When this option is enabled  and it reaches the maximum level the oldest item is deleted and later the new items are copied over here.

In content strategy we have  3 options

Do not store any items in cache:

When this option is enabled only item headers are synchronized in the  vault cache and the content still remains in the vault store partition.

Store all items:

When this option is enabled it stores the item headers and the content from the server and maintains them as a local copy.

Store only items that user opens:

When this option is enabled it stores the local copy of headers and content of  only the items users retrieves from the client.

The rest below features that we see are the outlook client options that we can control on the end users based on our requirement.

VaultCache3

There are few more features in the advanced tab which helps admins to determine the vault cache settings and provide them based on the requirement.

On switching to advanced tab – list settings from vault cache

We can specify the download age limit. Default vault is 0. This helps  admins to control the size of the download cache to the clients.

VaultCache4

We have an option to control the download age limit from server side and not providing this option to end user to make decision.

VaultCache5

There are few more options which can be modified based on our requirement.

The most important thing is that we have an option to enable this feature for the delegated archive. We have option to enable all type of archives, default archive only the user mailbox and all mailbox and shared archive. This setting is mandatory required if we need to enable Virtual Vault for archives other than a user’s default archive.

VaultCache8

Below are the advantages of virtual vault:

  1. User will be to access archived items when offline  even when they are away from internet connection.
  2. Users can perform parallel multiple retrievals at the same time and will come from local content directly.
  3. Virtual Vault looks exactly like a mailbox or mapped PST file. This makes the users comfortable on opening the archived items directly and not from shortcuts. They can drag and drop items to and from mailbox to virtual vault.

Points to consider:

  1. When we enable this option and disable for end users no new vault archives will be enabled for users, however the old downloaded archives will still be present.
  2. A Vault Cache is a local copy of a user’s Enterprise Vault archive and stored on the users local computer.  As a best practices its preferred not to store content locally due to security reasons. However enabling this provides improved search and items retrieval for end users. So an  Encryption – either at the folder or the drive level is recommend.
  3. After enabling this option on server side its recommended to limit the data on the machine side and not to download all the content since it requires disk space on the client.

Thanks & Regards 
Sathish Veerapandian

Product Review – Stellar Mailbox Extractor for Exchange Server

Stellar Mailbox Extractor for Exchange Server – Product Review

Exchange administrators face a wide range of nightmarish scenarios through their working career. Handling corrupted databases, restoring files from backup, extracting data from an old employee’s computer are some examples of situations that every Exchange administrator wants to avoid because they are complex and time-consuming. Unfortunately, they end up facing these scenarios more often than they like.

But the good news is there are tools like Stellar Mailbox Extractor for Exchange Server that can make your job a lot easier.

What is Stellar Mailbox Extractor for Exchange Server?

This is a handy tool to have in your arsenal as it is designed to extract data from clean EDB files and to connect directly to the Exchange environment. It can also be used to mass export data from an existing environment to other formats like PST.

Features

Let’s look at some of its prominent features to get an idea of what it can do for Exchange administrators like us.

  • Converts a mailbox from EDB format to other formats such as PST, MSG, EML, HTML, RTF and PDF
  • You can convert multiple mailboxes
  • Gives you the option to search for a particular content in your mailbox. The filters are advanced and offer a ton of flexibility.
  • Converts archives mailboxes to PST
  • Compatible with many versions of Exchange Server.

These features have been tremendously helpful for many Exchange administrators.

Ideal situations

This tool is handy because it saves time and effort in many common situations and problems. Here are a few where this tool would prove to be invaluable for you.

Extract Mailboxes

This is the most perfect tool to extract mailboxes from EDB file to PST. As an administrator, this extraction task has been an integral part of my working life, and Stellar Mailbox Extractor for Exchange Server saves a lot of time for me. It also takes away the mundane side of the job.

One aspect I truly love is its user interface which is almost identical to the Mailbox Extractor tool. So, there is nothing much to learn or experiment here; everything is fairly straightforward.

Mass Exports

Another ideal situation for this tool is when you want to do mass exports from the existing environment to PST and other formats. Our organization often uses this tool for migration, where we export mailboxes from one Exchange environment to another.

Though these are some of the prominent uses of Stellar Mailbox Extractor for Exchange Server, you can end up using it in many other situations as well.

Installation and Use

A salient feature of this tool is its easy interface.

Extracting content from mailboxes and exporting them to other formats is extremely complicated. But this tool masks the complexity behind a simple and intuitive user-interface. As a result, you simply stare at good looking screens, oblivious of what’s happening in the background.

This way, you are not only spared of the complex processes, but this interface makes it highly usable for anyone. You don’t have to be an Exchange administrator with many years of experience and in-depth knowledge to use it. Even novices can use this tool comfortably.

With all that said, let us briefly see how we can use this tool.

When you double-click on the exe file, the installation wizard starts the process. There is really nothing much for you to do, as the wizard takes care of everything.

After installation, when you open the tool, you’re given two choices to start off. You can either open an offline EDB file or connect to Online Exchange.

iu

You can even view the folder structure of each mailbox and the contents within each folder on the left hand side pane. As you expand the tree structure, you can navigate your way.

You can right-click the folders at any time and you’ll be given a set of formats to which you can convert.

iu

These formats give you a ton of flexibility to view and migrate your data at any time.

Another cool aspect about this tool is that you can view individual mails, contacts, notes, attachments and pretty much everything else stored in your EDB files.

There are even search criteria that help you to zone in on the messages you want to see.

iu

The search feature is advanced and helps you to quickly find what you want. The available fields include:

  • To
  • From
  • CC
  • Subject
  • Text in the body or email
  • Attachment name or file extension
  • Date range

Once you find the content you want, you can convert it into any of the recognized formats. Simply choose your content and select ‘Save’ or ‘Right Click on tree item’ in any of the following formats.

  • PST
  • MSG
  • EML
  • RTF
  • HTML
  • PDF
  • Office 365

Alternately, you can export the contents to a Live Exchange Server directly. In fact, you’ll be able to connect to an individual mailbox or all mailboxes, depending on your scenario.

Overall, Stellar Mailbox Extractor for Exchange Server is a great tool that eases the work of Exchange administrators and this is why it makes sense to have this tool on hand always. Its simple interface and powerful capabilities are sure to make exporting data from Exchange mailboxes a breeze and hassle-free task.

This tool would definitely be a major help in environments where the backup solution and exchange have been decommissioned on older exchange databases, which was taken 10 years back.Due to critical legal requirements there might be a need to extract mailbox or particular email from an employee who was resigned 10 years back. All we need is the older backup tapes should have this edb file and we can bring them to clean shutdown even if they are not present in that state and extract users data with no hassle with this tool.

Enable DLP for outgoing emails in Cisco Iron Port

Data Loss Prevention prevents the sensitive organization’s proprietary information by detecting before transit through ex-filtration transmissions and continuously monitors them to protect all types of data loss. The organizational data leak mostly happens when the end users unintentionally emailing sensitive data from our network which leads to Data leak Incidents.
There are many ways to achieve this and in this article we will look into how to prevent the data loss with the options present in Cisco Iron Port Email Gateway Solution.

Basically in any DLP there will be two actions involved :

Data Match: Where the DLP application scans the email body, header and attachments for the sensitive content created based on the DLP policy rules.

Action: Once any emails are identified to be sensitive, based on the DLP policy where it was blocked action types can be drop,quarantine or deliver with disclaimer and notify an admin or manager or recipient based on the policy and document classification.

Below are the steps to enable DLP on Cisco Iron Port-

Login to Cisco Iron Port – Select security Services – Click on Data Loss Prevention

DLP

By Default this option will be enabled – but now we need to creation DLP policies and action types based on our requirement.

Better to enable Content logging which will appear in message tracking and better in troubleshooting.

DLP1

In this example we will run through the DLP wizard which will have few popular policies which are common. Adding custom policies are very much possible via cisco ironport and there are more options to add custom.

An Example of enable matched content logging when DLP is enabled. This will help Admins to debug and find the reason why the email was blocked.

DLP2

There are more common used cases and in our example we can choose PCI-DSS which is most sensitive and must be enabled  especially for the Finance teams.

DLP3

Here we have an option to enable the DLP reports

DLP4

Once done in the outgoing mail policies will be configured for PCI-DSS we created.

DLP6

And in this policy we can edit and choose the inbuilt DLP  dictionaries based on our requirement.

DLP7

There is an option to add custom also.

DLP8

In Mail Policies there is an option to apply only for few users sent or in the recipient list.

DLP9

Options to add attachments is present

DLP10

The Severity settings can be altered below

DLP12

The severity scale can be altered based on the policy and our requirement

DLP13

Custom classifier can be added

DLP14

In the classifier we have an option to choose templates from dictionary and entity

DLP15

DLP16

Once Done based on the policy and action DLP will be working for outgoing emails.

Imp Notes:

    1. Before implementing DLP in any environment it requires lot of study in multi phase , closely working with security team and implementing purely based on the document classification.
    2. Need to understand how the sensitive data is currently handled by all the teams, identify the current risks. Post analysis the required action plan of creating policy and action must be done.
    3. End user awareness session is very important to deal with DLP. Advising to use more secure channels in Enterprise File Share DRMS solutions only for dealinig with sensitive documents for finance teams can be advised.
    4. Any DLP policies we create must have Audit and notify manager which will create awareness on employees and easier for tracking.

Thanks & Regards
Sathish Veerapandian

Microsoft Teams- Consult before transferring a call & HoloLens Remote assist

Calling in Teams is powered by Phone System (formerly known as Cloud PBX), the same service in Office 365 that enables PSTN calling capabilities in Skype for Business Online.

The Phone System feature set for Skype for Business is different from the Phone System feature set for Teams.Also With Direct Connect we can use our existing  PSTN Telephony system through an SBC . To connect the on premise SBC to Microsoft Teams a sip proxy is used to connect to  sip.pstnhub.microsoft.com.

Microsoft Teams have a new feature consult before transfer.

By using this option we can help the  wrong callers calling our extension to reach the right person.

This feature lets you quickly check in with another person via chat or audio call before transferring a call to them

Anyone with an Enterprise Voice license can do this, not just delegates! To try it, when you’re in a call, click More options (…) > Consult then transfer.

CBT

Call someone on a HoloLens –

Microsoft introduced the remote assist option for HoloLens users via Microsoft Teams.

Untitled

By using this option we can collaborate remotely to our Microsoft Teams Colleagues list. In remote assistance they can  perform reality annotations, we can show them  what we see , place arrows, draw lines and share images with our colleagues.

Prerequisites:

  1. This works from the Teams desktop app from Windows 10 PC.
  2. Need to have the remote assist app installed on the holo lens.

 

%d bloggers like this: