O365 – A Cloud Guy

Microsoft 365 Admins: August 2025 Ushers in Major Retirements, AI-Powered Features & Key Compliance Shifts – Here’s Your Definitive Guide

July 31, 2025 by Kumaran

If you thought July was intense, buckle up, August 2025 is a heavyweight month for Microsoft 365 changes. Between legacy retirements, AI-driven security enhancements, and new controls across Teams, Outlook, and Purview, this is not the month to sleep on your Message Center.

Whether you’re managing governance, fine-tuning DLP, or trying to avoid last-minute fire drills, this guide breaks it all down into what’s retiring, what’s new, and what needs your immediate attention.

August at a Glance

Category	Count
🔻 Retirements	4
🆕 New Features	7
🔧 Enhancements	3
🔄 Changes in Functionality	1
⚠️ Action Needed	3

Retirements: Say Farewell to These Legacy Tools

1. Classic eDiscovery in Microsoft Purview

August 1, 2025 — Say goodbye to Classic eDiscovery, including Content Search, eDiscovery (Standard), and (Premium).
What to do: Migrate to the unified eDiscovery experience for better search, performance, and compliance.
🔗 Learn more

2. Project for the Web & Project in Teams

Early-August 2025 — Microsoft is sunsetting Project for the web. Users will be redirected to Planner and Portfolios.
What to do: Migrate Roadmap data to Portfolios and update any pinned tabs in Teams.
🔗 Details

3. Outlook for Mac: Legacy Switch Retires

Mid-August 2025 — New Outlook becomes default for Mac (v16.100+). Admin toggle to revert will be retired.
What to do: Prepare users for permanent shift by October 2025 (v16.102).
🔗 More info

4. Speaker Coach in Microsoft Teams

Mid-August 2025 — The preview feature providing real-time feedback during meetings will be retired.
What to do: Inform users and explore alternatives like Copilot-generated meeting recaps.
🔗 Announcement

New Features: Worth Your Immediate Attention

AI-Powered Data Security Investigations in Purview

An all-new AI-driven tool for visualizing data risk, investigating incidents, and refining policies, now built into Microsoft Purview.
🔗 Details

Advanced Mail Merge in Outlook for Web & New Outlook

August 2025 — Personalize email templates with dynamic fields, custom formatting, and preview features.
🔗 Roadmap

Copilot Blocked from Processing Labeled Emails via DLP

August 2025 — Microsoft Purview DLP will block Copilot from interacting with labeled content in chat.
🔗 Read more

Risky AI Usage Detection in Insider Risk Management

Early-August 2025 — Detect prompts, intents, and AI-generated content using Microsoft 365 Copilot, Copilot Studio, and ChatGPT Enterprise.
🔗 More info

Silent Test Calls in Teams for Network Diagnostics

Early-August 2025 — Run silent test calls via Teams Premium to proactively check network readiness.
🔗 Message Center

Rule-Based Management of Certified Teams Apps

Mid-August 2025 — Automatically manage apps based on permission access and publisher trust status.
🔗 Roadmap

Independent DLP Email Notification Settings

August 2025 — Decouple policy tips and notifications in SharePoint/OneDrive DLP settings.
🔗 Roadmap

Enhancements: Quiet but Important

Updated Audit Logs in Purview – Better granularity and new Pre/Post Execution messages for role group changes.
🔗 Read more
Microsoft Fabric Workspace User Limit – Enforcing a max of 1,000 users/groups per workspace role.
🔗 Details
Apple/Google Sign-In on Teams Web – New SSO methods are coming for consumer users (preview).
🔗 Message Center

Functionality Change: Stay Updated

Updated Sender for Teams DLP Incident Emails

August 20, 2025 — Teams DLP GIR emails will only come from no-reply@teams.mail.microsoft.com.
What to do: Update inbox rules and alert filters if needed.
🔗 Message Center

Action Needed: These Deadlines Are Not Flexible

Entra ID Retention Policy for Access Reviews

August 15, 2025 — Only 12 months of access review data will be available via UI/API.
What to do:

Export old data using Graph API
Store reports securely
Create an annual backup process
🔗 More info

Legacy Message Trace Retires in Exchange Online

August 31, 2025 — New Message Trace UI and V2 cmdlets become the default.
What to do: Update any scripts to use Get-MessageTraceV2 and Get-MessageTraceDetailV2.
🔗 Read more

Azure AD Graph API Retirement

August 31, 2025 — Azure AD Graph API officially ends; apps using it will stop working.
What to do: Migrate to Microsoft Graph API. Use Entra admin center to identify impacted apps.
🔗 Migration Help

Final Thoughts

August 2025 is a pivotal month between the rise of AI-enhanced compliance tools and the retirement of legacy Microsoft features, the Microsoft 365 ecosystem is evolving fast.

If you’re responsible for security, collaboration, or compliance, now’s the time to document changes, communicate with your teams, and adjust scripts and policies. Waiting until the last minute will put you behind both operationally and reputationally.

Bookmark this.
Share it with your team.
Knock out the action items before they knock on your door.

Thank you for stopping by. ✌️

Microsoft 365 Admins: June 2025 Brings Major Updates, Retirements & Action Items — Here’s Your Definitive Guide

June 2, 2025 by Kumaran

Buckle up, admins! June’s heating up with a fresh wave of Microsoft 365 changes. Whether you manage identity, information protection, collaboration, or compliance, there’s something here that will nudge your daily workflow—or bulldoze it if you’re not paying attention.

Let’s cut through the clutter. Below is your clear, actionable roundup of what’s coming, what’s going, and what needs your immediate attention across the Microsoft 365 landscape.

In the Spotlight

Smoother OneDrive File Transfers

Say goodbye to clunky cleanup processes when employees leave. Microsoft’s new “Move and keep sharing” feature lets you transfer ownership while preserving existing sharing permissions. Combine that with new filters to zero in on important files and clearer notification emails, and you’ve got an admin’s dream come true.

Shared Mailboxes in New Outlook (Finally!)

The New Outlook for Windows now lets you add shared mailboxes like real accounts—no more backflips to get the same experience your users are used to. Easier management, better UX, happier end users.

Non-Profit Grant Offers Retiring

Heads up for non-profit orgs: Microsoft is retiring Microsoft 365 Business Premium and Office 365 E1 grant offers. If your licensing strategy includes these grants, now’s the time to rethink and re-budget.

June at a Glance

Category	Count
Retirements	4
New Features	10
Enhancements	9
Changes in Functionality	5
Action Needed	2

Retirements: What’s Going Away

Meeting Details in OneNote for Windows 10 – Poof, gone starting June 2025.
Private Content Mode in Viva Engage – Say farewell by June 30, 2025.
Teams Recording Initiator Policy – Both the MeetingInitiator value and MeetingRecordingOwnership setting will be retired by June 30, 2025.
Sports Calendars in Outlook – “Interesting Calendars” will vanish starting early June 2025.

New Features: What You’ll Want to Try First

Copilot Troubleshooter in Power Automate – Diagnose and resolve flow errors with a few clicks inside the designer.
Copilot for Security in Purview Insider Risk Management – Contextual alerts and smarter investigations—yes, please.
Data-at-Rest Scanning in SharePoint/OneDrive – Finally scan previously untouched files for sensitive info and apply sensitivity labels.
Microsoft Backup Enhancements – Define backup policies that automatically cover all Exchange, OneDrive, and SharePoint users—even new ones.
Automated Retention Actions in Gov Cloud – US government tenants can now use Power Automate to act on expired items.
50+ Modern SharePoint Page Templates – No more pixel-pushing—get sleek, branded designs in a click.
New Insider Risk Email Indicators – Spot emails with attachments sent to free public domains or to oneself—cue the red flags.
Risky AI Activity Detection – Admins can now monitor for sensitive prompt usage and sketchy AI behavior.
Microsoft Defender XDR Integration – Insider Risk data will now flow into XDR for unified investigations.
Fabric Network Enhancements (Preview) – Private links and outbound access controls to lock down Fabric workspaces like Fort Knox.

Enhancements: Refinements You’ll Appreciate

HR Connector in Insider Risk Management – Apply the updated PowerShell script or risk issues.
Exclude Folders from OneDrive Sync – Control bloat and protect endpoints.
Reduce Noise in Communication Compliance – Filter out newsletters and spam to surface real threats.
On-Demand Classification – Retroactively classify sensitive content in SharePoint/OneDrive.
New Teams Role: Teams Reader – View-only access in the admin center. Great for auditors or curious execs.
View and Upload Anyone Links – Strike a balance between accessibility and control.
Global Exclusions in Insider Risk – Now supports more logical rules to cut alert fatigue.
DLP + Administrative Units – SharePoint DLP policies can now be scoped by administrative units. Finally.
Targeted IRM Policies – Use combinations of users, groups, and adaptive scopes for laser-focused risk management.

Functional Changes: What’s Evolving

SharePoint Online CDN Migration – Allow public-cdn.sharepointonline.com and stop relying on hardcoded links.
Teams DLP Reports – Incident notifications now come from both old and new sender addresses.
Exchange Federation Cmdlet Changes – Get-FederationInformation is being scoped down.
Audit Log Cmdlets Go Read-Only – No changes/downloads after June for Search-MailboxAuditLog and New-MailboxAuditLogSearch.
Separate Policy Tip Settings – Customize email notifications separately for SharePoint and OneDrive DLP.

Action Needed: Do This Now

Viva Engage External Networks – Legacy networks will be retired June 1, 2025. Transition to modern external networks now to avoid disruption.
Microsoft Defender SIEM Agents – After June 19, 2025, no new agents can be configured. Move to supported APIs to future-proof your integration.

Final Thoughts

If you’re managing Microsoft 365 in an enterprise setting, June is a no-joke month for updates. With new features that improve automation, security, and governance—and retirements that could leave gaps if ignored—it’s vital to stay proactive.

Bookmark this post, forward it to your team, and prep your change calendar. Because in IT, those who fail to plan… usually end up on a 2 a.m. call with their CISO.

Stay sharp, stay current—and keep your tenant tight.

Thank you for stopping by. ✌️

Microsoft SharePoint Premium: Getting the Most Out of SharePoint Advanced Management

April 5, 2025January 18, 2025 by Kumaran

Let’s be real—managing SharePoint at scale is no walk in the park. When you’ve got thousands of users, sprawling document libraries, and security risks lurking around every corner, the last thing you need is more complexity. Enter Microsoft SharePoint Premium, specifically its SharePoint Advanced Management capabilities, designed to bring order to the chaos.

But is it just another fancy add-on, or does it actually make your life easier? Let’s break it down.

Site Lifecycle Policies: Keeping SharePoint Tidy

Without oversight, SharePoint sites tend to pile up like old emails in an unchecked inbox. That’s where Site Lifecycle Policies come in.

Inactive SharePoint Sites Policy – Automatically detects and archives (or deletes) sites that haven’t been used in a while. Think of it as digital housekeeping that prevents clutter.
Site Ownership Policy – Ever had a SharePoint site where no one knows who’s in charge? This policy ensures every site has a designated owner—and prompts them to confirm ownership periodically.

These policies save IT teams from sifting through forgotten sites and guessing which ones are still relevant.

Data Access Governance (DAG) Insights: Who’s Seeing What?

Ever worry that sensitive data is floating around where it shouldn’t be? DAG Insights help IT admins spot and control broad access issues.

“Everyone Except External Users” (EEEU) Insights – This permission group sounds harmless, but it can sometimes overexpose data internally. DAG Insights help admins quickly identify and correct these cases.
Sharing Links & Sensitivity Labels – Visibility into which files are shared externally (and with what sensitivity labels) ensures sensitive documents don’t end up in the wrong hands.
PowerShell: Permission State Report – Need an exhaustive report on who has access to what? This PowerShell tool provides a deep dive across SharePoint, OneDrive, and specific files.
Sharing Links Report – Helps admins monitor and manage shared links across the organization, reducing unnecessary exposure.

Site Access Reviews: Keeping Permissions in Check

Permissions in SharePoint can get complicated fast. The Site Access Review feature ensures that access stays intentional and secure. Admins can set up periodic reviews, prompting site owners to confirm who still needs access—and who doesn’t.

It’s like a spring cleaning for permissions, reducing security risks and keeping data locked down to the right people.

PowerShell: Restricted Content Discovery (RCD)

Sometimes, sensitive data ends up where it shouldn’t be. With Restricted Content Discovery (RCD), admins can scan SharePoint and OneDrive for files that shouldn’t be widely accessible. This helps with compliance and security audits—before problems arise.

Restricted Access Control (RAC): Locking Down Sensitive Sites

Some SharePoint sites contain data that only a select few should ever see. Restricted Access Control (RAC) ensures that even if a user has general access to SharePoint, they won’t automatically see certain sensitive sites.

This applies to both SharePoint and OneDrive, providing an extra layer of control where it’s needed most.

Recent Admin Actions & Change History: Who Did What?

Admins make changes all the time—adjusting permissions, creating new policies, modifying access levels. Recent Admin Actions and Change History provide a log of what’s been modified, making it easier to track down unexpected issues or roll back unintended changes.

Block Download Policy: Extra Security for Sensitive Content

Not all files should be downloadable—especially sensitive reports or confidential recordings. The Block Download Policy lets admins restrict downloads from SharePoint, OneDrive, and even Teams recordings. Users can still view the content online but can’t save a local copy, reducing the risk of data leaks.

Should You Upgrade?

If you’re a small team with a handful of SharePoint sites, Advanced Management might feel like overkill. But for organizations juggling hundreds (or thousands) of users, it’s the difference between smooth operations and constant headaches.

So, if your team is spending way too much time managing permissions, cleaning up inactive sites, or chasing security risks, upgrading to SharePoint Premium’s Advanced Management might just be the smartest move you make.

At the very least, it’s worth a test drive—because who doesn’t want a smoother, safer, and smarter SharePoint experience?

Thanks for stopping by. ✌

How SharePoint Advanced Management Prepares Your Organization for Microsoft Copilot

July 8, 2025January 11, 2025 by Kumaran

Introduction

Microsoft Copilot is revolutionizing the way organizations interact with data, leveraging AI to deliver intelligent insights and automation. However, for Copilot to function effectively, it requires a well-structured and secure data environment. SharePoint Advanced Management (SAM) provides essential tools to optimize, secure, and manage SharePoint content, ensuring your organization is Copilot-ready.

This post explores how SAM enhances permissions management, content governance, data accuracy, privacy, and security to maximize the benefits of Microsoft Copilot.

Accidental Oversharing – Taming the Wild West of Permissions

One of the biggest risks in any SharePoint environment is accidental oversharing of sensitive information. SAM helps organizations identify and remediate these risks through features such as:

Access Reviews: Automated reports highlight excessive or outdated permissions, enabling administrators to take corrective action.
Sharing Controls: Policies can be enforced to restrict sharing of certain file types or limit external sharing.
Auditing and Reporting: Advanced logging provides visibility into sharing activities, ensuring compliance with security policies.

By leveraging these tools, organizations can mitigate security risks, ensuring that only the right users have access to the right content, an essential step before enabling Copilot.

Minimize Your Content Governance Footprint – Streamlining for Efficiency

Microsoft Copilot’s efficiency is directly tied to the quality and relevance of the data it processes. Organizations with cluttered SharePoint environments may experience degraded performance and unnecessary costs. SAM offers capabilities to reduce redundant, obsolete, and trivial (ROT) content through:

Data Lifecycle Management: Policies that automate archiving or deletion of outdated content.
Content Insights: Identifies and flags low-value content, enabling administrators to focus on high-priority data.
Retention Labels: Ensures only necessary content is retained, reducing Copilot’s processing burden.

A leaner, well-structured SharePoint environment not only improves Copilot’s efficiency but also enhances its ability to provide accurate and relevant responses.

Improve Copilot Response Quality – Feeding Copilot the Right Data

Copilot’s output quality depends on the integrity of the data it analyzes. SAM helps improve content relevance and accuracy through:

Metadata Enrichment: Standardizes data classification, making it easier for Copilot to extract meaningful insights.
Duplicate Content Detection: Reduces information overload by identifying and consolidating redundant documents.
Content Curation Tools: Helps teams maintain well-organized libraries, ensuring Copilot pulls from authoritative and up-to-date sources.

By cleaning up SharePoint content, organizations can ensure Copilot provides more precise, actionable responses to users.

Control Content Access by Copilot – Ensuring Data Privacy and Compliance

As organizations integrate Copilot into their workflows, maintaining control over which content Copilot can access is crucial for privacy and regulatory compliance. SAM provides several features to manage Copilot’s data access:

Sensitivity Labels: Prevents Copilot from analyzing or referencing classified documents.
Conditional Access Policies: Restricts Copilot’s access based on location, device, or role.
Permissions Management: Ensures that Copilot can only interact with approved datasets, reducing the risk of data leakage.

These tools help organizations align Copilot usage with internal and external compliance requirements, protecting sensitive business information.

Ensure Data Safety for Business-Critical Sites – Protecting Your Crown Jewels

Certain SharePoint sites contain mission-critical data that require enhanced security and governance. SAM enables organizations to fortify these high-value sites by:

Access Reviews for Critical Sites: Periodically verifies that only authorized users retain access.
Advanced Threat Protection: Detects and prevents unauthorized access attempts.
Lifecycle Management: Ensures outdated or irrelevant data is systematically archived or deleted.

By implementing these controls, organizations can protect their most valuable digital assets while maintaining Copilot readiness.

Conclusion

Preparing for Microsoft Copilot requires more than just enabling AI-powered tools, it demands a well-governed, secure, and optimized SharePoint environment. SharePoint Advanced Management provides the essential capabilities to streamline content, secure sensitive data, and enhance permissions management, ensuring Copilot delivers accurate and efficient insights. By leveraging SAM, organizations can maximize the value of Copilot while maintaining security and compliance.

Start preparing your SharePoint environment today to unlock the full potential of Microsoft Copilot!

Thanks for stopping by. ✌

Office 365 – Export Email Addresses and UPN of O365 users with PowerShell

August 31, 2022December 3, 2021 by Kumaran

I will go over steps on how to export the list of users with their UPN, Object ID, primary SMTP address and Alias email address.

The Get-AzureADUser cmdlet comes in handy to pull all the user details in this scenario. The Mail attribute contains the Primary SMTP address of the user and the Primary SMTP address and Alias email address are stored in the ProxyAddresses attribute in Azure AD. The ProxyAddresses attribute is a multi-value property. The Primary SMTP address can be easily identified as it is in this format, SMTP:user@emaple.com The upper-case SMTP denotes that it the primary email address.

When an object is synced from on-premise Active Directory to Azure AD, the values in the proxyAddresses attribute in AD are compared with Azure AD rules and then populated in Azure AD. So, the values of the proxyAddresses attribute in AD may not match the ProxyAddresses attribute in AzureAD.

Export all users to csv file

The below script will pull all Azure AD users,

Connect-AzureAD

$Output = @() #create an empty array

$AzureADUsers = Get-AzureADUser -All $true | Select DisplayName,UserprincipalName,ObjectId,Mail,ProxyAddresses #Get all Azure AD users

ForEach ($User in $AzureADUsers)
{
	$Output += New-Object PSObject -property $([ordered]@{ #fetch user detail and add to $output
		UserName = $User.DisplayName
		UserprincipalName = $User.UserprincipalName
		UserId = $User.objectId
		SMTPAddress = $User.Mail
		AliasSMTPAddresses = ($User.ProxyAddresses | Where-object {$_ -clike 'smtp:*'} | ForEach-Object {$_ -replace 'smtp:',''}) -join ','
		
	})
}
$Output | Export-csv "C:\tmp\O365Users_$((Get-Date).ToString("MMddyyyy_HHmmss")).csv" -NoTypeInformation -Encoding UTF8 #Export users to csv file

Output file,

Thank you for stopping by.✌