Tony, Vasil, and I talk about the book creation process, why the book’s a subscription instead of a single-priced purchase, how the sausage is made, and why tech editing is so important. We close out the episode by choosing our “favorite” recent O365 feature– you may be surprised to hear our choices.
Tony and I had grand ambitions of recording a podcast but, uh, things have been a little busy, what with all the lockdown, working-under-quarantine, and so on. We did something a little different this time– we recorded this episode in a Teams meeting with guests in attendance. See if you can spot the difference!
(programming note: we originally recorded a section planned on the coming death of Basic Authentication in Exchange Online. As Microsoft has pushed this date back until sometime in the happy future, we took that segment out since most of it was us expressing certainty that Microsoft wouldn’t push the date back.)
The other day, I got a request from one of my staff: could we please start using Shifts for scheduling his team’s on-call rotations? “Sure,” I said, little realizing what a journey that would entail. To make a long and painful story as short as possible: Shifts didn’t work in our tenant, so I filed a ticket, which took six weeks and multiple escalations before it got to someone who actually realized the problem (it was a back-end provisioning issue) and fixed it.
Six weeks. Hold that thought.
Now, a digression.
It is no big secret that Microsoft is working very, very hard to increase adoption of their cloud services. At their recent Inspire partner conference, there was a steady drumbeat of adoption-focused messaging directed, loudly, at Microsoft partners, and many Microsoft partner and sales personnel have found that their fiscal year (FY) 2020 compensation is directly tied to increasing adoption. For example, one person I spoke to told me that in FY 2020, the target they were expected to meet was to drive Teams adoption in their target market year-over-year (YoY) up by more than 250%.
Now, really: I get it. Microsoft is selling their “three clouds” (Dynamics 365, Office 365, and Microsoft 365) as hard as they can, but the old phenomenon of “channel stuffing” rears its head when customers buy licenses for those three clouds and don’t use them fully. If you buy a bunch of O365 Enterprise E3 licenses, for example, but only use Exchange Online, Microsoft is worried that you might a) buy less expensive licenses at renewal or b) defect to Gmail. They therefore have a really strong interest in not only selling licenses for these services but ensuring that people actually use what they’ve paid for.
Not only that, if customers don’t use the licenses they already have, it’s darn hard to upsell them more expensive or more capable licenses. This is a major brake on Microsoft 365 adoption: it’s hard to sell people a new SKU for Windows 10 and Office 365 when they already have O365 licenses on a multi-year agreement and perpetual Win10 licenses on their existing devices.
Side note: Azure is of course a Microsoft cloud, and it absolutely has its own, and rather daunting, adoption and consumption targets, but since almost all Azure services are priced based on actual usage, the play in Azure-land is to get people to use more rather than to get more use out of what they’ve already bought. Thus the intense focus on topics such as “digital transformation,” which translates to “getting stuff out of your on-premises data centers and into Azure” and the various Azure security offerings (which translate to “pay us per-minute to do cool security stuff on your Azure-hosted resources.”)
To recap: Microsoft wants customers to use all of the workloads in their O365 or M365 SKUs because doing so helps them keep customers around longer and sell them more stuff. In fairness, customers can benefit too by getting better value (defined as “more productivity” or “better security” or whatever) from their existing investment, but I think Microsoft is mostly interested in this because “customers can benefit” directly turns into “customers give us money.”
With that background, you’d probably think that Microsoft is always looking for new ways to increase user adoption… and you’d be right. That explains the mail I received this morning.
It looked like a support ticket, but I figured it must just be a decent phishing attempt. After all, I didn’t open a ticket, so the “Your request…” language was suspicious. Then I read it and damn near threw my coffee mug at the monitor.
Think about it. This is Microsoft sending me a “support ambassador” to try to convince me to use more of their services, i.e. to increase adoption, in a test tenant with only 1 paid license… something which only benefits Microsoft.
Meanwhile, users in my production tenant have to wait SIX WEEKS to get an actual problem fixed, one that directly affects their ability to work. Oh, by the way, fixing that problem would drive adoption of the service! We wanted to use Shifts but couldn’t until the problem was fixed– so no need to manufacture a fake support ticket to try to get me engaged.
Apparently there are enough “support ambassadors” roaming around to waste time dunning the admin of a single-user test tenant because “[their] system detected that not all users are using the services included.” Now, of course I realize that the “support ambassadors” here are not really support engineers in the same mold as the people who answer, y’know, actual support requests. What this email really means is that Microsoft is spending money on trying to drive adoption that would be spent better on the actual support organization.
This is part of the same tiring and worrisome trend we’ve seen in Office 365 for years now, where Microsoft does questionable stuff behind their customers’ backs. Here are a few examples:
Contacting the tenant admin (me in this case) to drive adoption based on data I haven’t seen about what my users were doing– perhaps this would be an unpleasant surprise to admins who don’t realize that user usage data is used for this purpose
Faking a support ticket as a means to fool customers into thinking they should read the adoption-related propaganda. (I split this one out separately because it irritates me so much.)
Pushing feedback surveys directly to Teams end users. Here’s some feedback for y’all: don’t talk directly to my organization’s end users without permission. Interestingly, the Teams team has made no public comment on this feature despite the uniformly negative feedback I have heard they’ve received.
Magically generating O365 Group objects from distribution groups and making them appear in the GAL
Turning on any number of other features by default so that they appear to end users with little or no warning. I do appreciate that the roadmap communications have gotten more detailed, and more frequent, as the service has matured, but since I still don’t know exactly when feature X will hit my tenant, it’s harder to do adoption and change management than it should be.
MVPs have a reputation for giving Microsoft candid and honest feedback, so here it is in two short digestible sound bites.
First, tighten up the support organization so that it doesn’t take multiple weeks to fix any problem. I can migrate a 100,000+ user organization in the amount of time it takes Microsoft to recognize and fix simple provisioning problems.
Second, stop bypassing (or trying to bypass) the tenant admins. Be very, very judicious with which new features are on by default; provide admin controls for new features on day 1 (and not later), and don’t assume that your customers are OK with you interacting directly with their end users.
As longtime readers probably know, I have a cat. As cats do, he will sometimes jump on my desk.
Pancake the cat on his royal pillow
Some of you may know that, because my job entails working with a worldwide team, I often have early-morning conference calls. To make this easier, I have a small workstation in my bedroom where I can work and be near the coffee machine. This machine is set up with a Logitech c920 webcam and a Blue Snowball USB microphone.
Most of you probably don’t know that I tend to pace when on telephone calls.
So picture the scene. I’ve straggled out of bed to grab a cup of coffee, yawn and stretch, and get on a call. I’m pacing around and speaking. Suddenly the gentleman I’m speaking to (my long-suffering counterpart, Tony Sterling, who owns our customer experience team) starts cracking up. “Dude, turn your camera off!”
Sure enough, somehow the Teams app had started showing Tony video of me pacing around in my boxers and T-shirt. Thankfully it was only him. I apologized deeply, turned off the camera, and removed Pancake from the keyboard. After the meeting, I scoured the Teams documentation to find out what the keyboard shortcut for controlling the camera was.
There isn’t one. This made me a little nervous, nervous enough to put a Post-It note over the camera lens so Pancake didn’t accidentally turn on the camera one night when I was asleep or something.
Today I was in a Teams meeting. The cat jumped on the keyboard and… voila… I got a macOS permissions dialog asking me whether Teams should have permission to use the camera. He’d done it again!
It turns out that when you’re in a Teams meeting, hitting a key will act like a mouse click on whatever control currently has focus. By default, the camera on/off button has focus. Try it yourself: join a meeting, switch out of the Teams app and back into it, and hit a key.
This is, shall we say, not a great design. I appreciate that the Teams team has provided keyboard focus selection, which is great for accessibility, but having focus default to camera on/off is a recipe for unpleasant surprises.
Lesson learned: since I can’t keep my cat off the keyboard, I’ll keep my webcam covered.
Join me and co-hosts Tony Redmond and Vasil Michev as we talk about all manner of things, including the new Outlook web app, Microsoft’s checkered history with transport rules for security, various SharePoint topics, and the pungent cloud of FUD emanating from certain Office 365 ecosystem vendors.
As per tradition, Tony Redmond and I got together at Microsoft Ignite 2018 in Orlando to record a new episode of “Office 365 Exposed” podcast. The Ignite organizers make studios available for this purpose, which is most appreciated. We were joined by special guest and noted humorist Greg Taylor, recently-appointed Microsoft Director of Marketing for Exchange and Exchange Online, to discuss the conference, some announcements made at the event, what Exchange 2019 means for on-premises customers, and what’s happening with Microsoft 365. It’s an easy 45-minute listen.
Sorry that my first blog post in a while is a complaint, but, hey, at least you’re not paying a subscription fee for it.
We ran into an odd problem with our work Microsoft Teams environment. (I’ll blog more about the details once I confirm that it’s fixed; we’re still troubleshooting it.) Thanks to valiant efforts by Tony Redmond and the Teams engineering team, the root cause was tentatively identified as one of the Teams microservices being disabled. I needed to re-enable it.
First stop, the “Enterprise Applications” blade of the Azure portal. Note the list below is the default view, and it’s all you get– a naive user might assume that the list shows all applications in the AAD tenant because the filters are set to “application status any” and “application visibility any,” and the list appears to go from A through W.
But noooooo. Notice that there’s no entry for “Microsoft Teams,” which I know perfectly well is enabled. OK then, let’s try setting the “Show” pulldown to “Microsoft applications.” Set that filter, click “Apply,” and check out the results.
Huh. Still no entry for Teams. This time I notice the text in the search field: “First 20 shown, to search all your applications, enter a display name or the application ID.” All right, fine, I’ll try searching for “Teams”. Type that in, hit return, and…
Well, that seems wrong. Let me try “Microsoft”. That produced a good-sized list of results, very few of which showed up in any of the preceding screenshots.. but only one entry showed up with a name of “Microsoft Teams.”
Finally, Vasil Michev took pity on me and told me to search for “Microsoft Teams.” Et voilà…
There’s the problem child. A couple of clicks later, the service was enabled as intended.
Now, sure, in the grand scheme of things this is a minor issue. There’s so much stuff in the Azure portal, and so many great Azure services, that I can understand that maybe search in this one little corner of the portal isn’t a priority.
Having said that: this is an embarrassing thing to get wrong, and it’s emblematic of similar problems across other Microsoft properties (let’s not even talk about how bad content search is in the Teams client, or why I can’t search Exchange Online archive mailboxes on the Mac Outlook client).
This episode was recorded at the Continental Hotel in Budapest, where Tony and I were joined by Office 365 MVPs Alan Byrne and Vasil Michev. We explore the wonders of the Spectre/Meltdown vulnerability and learn how it affects– or doesn’t affect– Exchange and Office 365 administrators– and we finally have a name for our “point/counterpoint” segment. Tune in to find out what it is.
Tony and I decided to do a special holiday edition of the podcast to celebrate a banner 2017. In 2018, we have some big things planned– but until then, enjoy this episode where you can learn what our favorite new Office 365 features were, hear Tony fulminate about the Teams PowerShell extension, and find out whether we actually believe that Teams will kill off email (spoiler: nope.)
I get to say this a lot given how often Microsoft drops new features into various parts of the service. Sometimes they announce these features in advance, and sometimes they don’t. Sometimes these features are large, and sometimes they’re small.. but even the small ones are often surprisingly valuable.
Today’s example: the new Remove-CalendarEvents cmdlet, which solves the issue of what to do with recurring meetings when a user leaves or is on extended leave. Here’s what the documentation says:
This cmdlet cancels meetings in the specified mailbox where the mailbox is the meeting organizer, and the meeting has one or more attendees or resources. It doesn’t cancel appointments or meetings without attendees or resources.
This is perfect for handling the case when someone leaves an organization and leaves behind recurring meetings, but it’s also useful for cleaning up calendar items for people who are on parental leave, medical leave, or other types of absence with a defined start and end time.
You can cancel all meetings with the -CancelOrganizedMeetings switch, or you can specify a date range with switches to specify the start date and the number of days or the end date to cancel. Keep in mind that if you don’t include -CancelOrganizedMeetings, nothing will happen when you run the cmdlet– if you want to see what it would do, you can use -PreviewOnly. I am not sure why the team didn’t use the standard -WhatIf switch, but that’s a minor point.
The cmdlet is very easy to use. I wanted to cancel all future meetings organized by a user who’s left my tenant, so this is what I did:
A single cmdlet will remove all of the target user’s meetings
Note what happened on the first try– I didn’t specify any switches, and the cmdlet warned me that it wouldn’t do anything… and indeed, it didn’t. The second attempt did exactly what it was supposed to:
Poof! no more meeting
I was delighted to see this result– it’s proof that Microsoft is paying attention to the small sharp edges that sometimes annoy administrators disproportionately. Hats off to the calendaring team (hi, Julia!) and thanks for listening.
I recently ran into a bizarre problem with the Office 365 Hybrid Configuration Wizard, and solved it after a bit of trial and error. Hopefully this article will be a useful breadcrumb for future hybridizers.
The HCW used to be a standalone Windows executable that you’d download. The Office 365 team (hi, Tim Heeney!) made the wise decision to turn it into a Click-To-Run (C2R) executable. The biggest benefit to using C2R is that whenever you click the link (which downloads the application’s manifest file) you get the latest version of the HCW, streamed directly to you from Microsoft’s servers. This ensures that everyone always gets the most up-to-date version, but it also introduces a few potential stumbling blocks.
C2R application manifests aren’t executable themselves; they’re just XML files that provide some metadata about the application. With that said, on a properly configured Windows box, as soon as you download the manifest, the C2R helper application does its thing; it reads the manifest, streams the application, and launches it.
In my Exchange 2016 lab, that’s not what was happening. When I clicked on the HCW link in Internet Explorer, the little “Scanning..” infobar would flash across the bottom of the window, but that was it. Same thing in Chrome. Downloading the HCW manually using the Start-BitsTransfer PowerShell cmdlet got me the manifest file, but it couldn’t be launched. Of course, since the C2R launcher itself wasn’t launching, there were no log files to use to troubleshoot the problem. By contrast, when I downloaded the HCW onto my Windows 10 desktop, it would fail because I didn’t have the right prerequisites installed, leaving me a log file full of juicy details. All of the machines in my lab had the same problem, perhaps not surprising since they were built from the same Amazon Web Services AMI.
I spent some time doing the usual things: trolling the TechNet forums, searching random posts by people who had problems with the HCW (all of which were problems with what it did after launch, not problems getting it launched), and asking my smart MVP friends. Nada.
Then I had a hunch and opened the Default Programs control panel. For the “.application” file type, this is what I saw:
Looks plausible, but it’s totally wrong
I changed the “.application” file type to be opened with Internet Explorer. Then I went back to the HCW link, clicked it, and was rewarded with a properly functioning copy of the HCW. Filed for future reference…
I’m delighted to announce that I’ll be presenting 3 sessions at the new Office 365 Engage conference, 19-22 June in Haarlem, The Netherlands.
With the death of TechEd and the product-specific conferences, Microsoft has more or less abandoned the broad conference market in Europe. They’ve hosted smaller, more focused events covering specific technologies in individual countries, but customers who want a broader perspective, or any degree of engagement with non-Microsoft speakers and experts, have had to come to the US-based conferences. Now the UnityConnect team, led by the redoubtable Tony Redmond, are hosting a full-spectrum event focused on all aspects of Office 365, including Teams, Planner, and Groups– not just the more established Exchange/SharePoint/Skype trinity (although there is plenty of that content, too). The speaker lineup is stellar as well; in fact, I wonder how I got in. Attendees will have the opportunity to hear from Michael Van Hybrid Horenbeeck, Steve Goodman, Michel de Rooij, Sigi Jagott, Brian Reid, Alan Byrne, and a host of other MVPs and Microsoft technology experts. The session catalog is pretty impressive.
As for me, I’m presenting three sessions:
The Ins and Outs of Monitoring Office 365 covers the fundamentals of monitoring such a complex service environment. Although it may be tempting to just say “let Microsoft worry about it,” the fact is that it’s critical to keep tabs on the health and integrity of the service and all its components, as your users depend on it and probably won’t accept “it was Microsoft’s fault” as an answer. The session will cover the basic tools that Microsoft provides and analyze how they compare to the monitoring needs imposed by dependence on a hybrid cloud service.
Windows Information Protection and Azure Rights Managment: Better Together. Normally I hate the phrase “better together” because it is Microsoft-speak for “buy more of our products,” but in this case it’s apropos. WIP and AzureRM work quite well together, and the combination enables some interesting data protection scenarios that I’ll cover here in depth.
Like a Megaphone: Skype Meeting Broadcast will cover the little-known, but quite useful, Skype Meeting Broadcast feature. As its name implies, Broadcast lets you take an ordinary Skype for Business meeting and scale it out to up to 10,000 attendees… but there are some caveats you’ll need to know about to use it effectively.
There’s a full slate of pre-conference workshops, receptions, and so on as well. Perhaps I can persuade Tony to do a live episode of Office 365 Exposed while we’re there– we shall see. Come join me! The conference team has given me a discount code, SPRPR469, which will save you 10% on the registration cost. I hope to see you there!
A few weeks ago I complained about the Focused Inbox feature. A big part of my complaint was that Windows Outlook didn’t support it. This morning, I updated my Windows Office installation and found that the Focused tab magically appeared.. sort of.
First, how I got it: I was already signed up for the Office Insider program, and my tenant is enrolled in Office 365 First Release. My Office installation showed up with “Current” instead of “Office Insider Fast,” though (to check yours, click File | Office Account in any Windows Office application). For some reason, on my unmanaged, non-domain-joined Windows 10 machine, this setting periodically resets, so I launched regedit and changed the value of the UpdateBranch key under Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\office\16.0\common\officeupdate to “Insiderfast”, relaunched Word, and checked for updates. After a few minutes of coffee break, the updates had downloaded. When I launched Outlook, I got the pop-up telling me that Focused Inbox was active.
This leads me to my “sort of” comment. This installation of Outlook has 3 Exchange Online accounts, 1 IMAP account, and a dozen or so shared mailboxes in its default profile. My home robichaux.net account is default. All 3 Exchange Online accounts are on tenants where Focused Inbox is available, and all 3 show the appropriate UI in OWA and Mac Outlook. However, only my work account shows the Focused tab; the other two don’t. Relaunching Outlook didn’t fix this, nor did rebooting, nor did waiting a while. At this point it isn’t clear if having only a single Focused Inbox is by design, a bug, or a temporary limitation. However, I’m happy to see the feature appear at all.
This must be a very new change, as the Outlook 2016 update history doesn’t include it as I write this. Perhaps Microsoft will update it soon to explain more about Focused Inbox support.
About two and a half years ago, Microsoft rolled out a new mail-sorting feature called Clutter. It was intended to use machine learning to filter important mail from newsletters, shipping notifications, and other… well, clutter, leaving your inbox filled only with mail that required your attention. It was a great idea, and, although it had a few bumps in its implementation, soon evolved into a useful and dependable feature. Now Clutter is gone, and Focused Inbox has replaced it. How’s that working out so far?
First some history: in 2014, Acompli introduced what they called “Focused Inbox” in their mobile client. This represented a different take on inbox cleaning; machine learning would still be applied to sort important mail from clutter, but the important and unimportant mails wouldn’t be logically separated into different folders. This had the advantage of working across multiple email systems. Fast forward to today: Acompli was purchased by Microsoft in December 2014, the former Acompli team has been crushing it with their Outlook Mobile app, and key ex-Acompli folks have taken over some key positions on the Outlook team. Focused Inbox has become the new sheriff in town, and Microsoft is rolling it out to Office 365 tenants. One of my tenants was recently upgraded, so I wanted to write about my experience working with it as an end user. (Keep in mind that, as I write this, Microsoft’s January 26 announcement that they didn’t have a firm timeline for rolling out Focused support for Outlook for Windows is still in force.)
I use three primary clients: the Outlook Mobile client for iOS, Outlook 2016 for Windows, and Outlook 2016 for Mac OS X. I mostly use the mobile client to triage mail while away from my desk– I can quickly respond to important items and delete or file stuff I don’t need. In that role, I’ve been depending on Focused Inbox for a while, and I got used to the disparity between what I’d see on the Focused tab on my phone versus what showed up in my inbox– the desktop inbox showed all my messages, not just the Focused ones, but that wasn’t a big deal, as I was usually grooming my inbox by throwing away or otherwise dealing with the contents of the “Other” tab frequently enough to avoid ugly buildup.
When your tenant’s enabled for Focused Inbox, OWA and Outlook for Mac will display a prompt telling you so; when you click to acknowledge it, you’ll see the new Focused and Other tabs in the UI, just like in the mobile app. Here’s where the fun starts.
First up, Clutter is turned off when you accept that prompt, and it’s turned off permanently… so every message formerly filtered into the Clutter folder now goes straight to your inbox. That means you’ll get a notification (if that feature’s enabled) for each new message, much more frequently than you’re probably used to. I’ve long had mail notifications turned off on my phones, but now I have to turn them off on my Windows machine too.
Second, the mobile client doesn’t currently have a way to focus or unfocus a message– so now that Clutter isn’t filtering my inbox traffic, I get crap that I want to mark as “other” but I can’t until I get to a desktop. This is the exact opposite of what I want, and it breaks my normal triage-on-the-go workflow. Alert reader Dang Le Duy pointed out that you can focus or unfocus a message from the mobile client– tap the “overflow” icon (the three little dots) and you’ll see a popup that lets you change the message state, like this:
Yay! I didn’t know this feature existed but it makes me happy
Third, the Mac version of Outlook has long had a feature that combines the contents of the Inbox folder from each account into a single über-inbox (which the team calls the Unified Inbox). IMAP, POP, Exchange, gmail, whatever, all your messages appear in a single handy list. Unfortunately, you only get Focused Inbox in Exchange Online accounts that have the feature enabled– so when you switch back to the Unified Inbox view, all those messages that were neatly tucked away in the “Other” tab come back into your message list. When you select an individual account that has Focused Inbox enabled, you see what you’d expect to:
However, if you go to the Unified Inbox view at the top level, you get something completely different– 6 of the 20 displayed messages appear when they would normally be hidden in the “Other” tab of their parent account:
Focused Inbox doesn’t work in the Mac Outlook Unified Inbox
This to me is a significant loss of utility. It’s a complicated problem, to be sure; trying to figure out the right behavior for a mix of accounts (some with Focused Inbox, some without) is tricky. I hope the Mac Outlook team is working on a solution.
With these gripes, you may believe I’m down on Focused Inbox as a feature. I wouldn’t say that’s true. It is useful, and it has tremendous potential, especially when coupled with other machine-learning-driven filtering and prioritization capabilities. But the current client-side implementation takes away some of the utility we had with Clutter, and I want it back. Hopefully we’ll see not only a return to feature parity, so that all my unwanted messages stay tucked out of sight, but improvements that make Focused Inbox clearly superior.
(edited 2-8-17 to reflect that you can, indeed, focus or unfocus messages from the mobile app)
Everything at the Microsoft MVP Summit is automatically under NDA, so rather than talk about all the secret stuff, I thought I’d share something I learned there that isn’t under NDA because it was already public. Somehow I missed this announcement before, but: there’s a public preview of a new Exchange Online PowerShell module that supports Azure multi-factor authentication (MFA). If you have turned on MFA for administrators in Office 365, you’ve probably found that they can’t use PowerShell to manage Exchange objects. Now you can: download and install this module and you’re all set. Here’s what it looks like in action:
I found out about this when I complained publicly in Tim Heeney‘s session that this doesn’t work. Thankfully Tim set me straight posthaste; after I got the link to the preview, a little searching turned up fellow MVP Vasil Michev’s article describing it, which I either forgot about or never saw.