Tuesday, September 1, 2020

Microsoft M365 F3 licensing Limitations and Confusion

 

If you are working in regulated environment you could be dealing with F3 license for some of your users and I am sure you have read MS license agreement making below bold statement on numerous articles about F3 license features.

From MS license agreement, ⁶F3 includes Office for Web and mobile apps only.

Office mobile limited to devices with integrated screens 10.1” diagonally or less”. ⁷F3 includes 2GB inbox only, No Outlook Integration, no Voicemail

Above statement is incorrect/misleading and needs to be corrected. PG needs to make sure, the information pertaining for license agreement does have clear wording on the licensing documentation explaining the difference Volume license version or MAK keys and Office web versions behavior so that customers can continue to prepare M365 migrations with correct business needs/requirements.

If you have volume license Outlook and OneDrive tick clients your F3 licensed users will be able to use them and there is no reason to force them to use OWA or OneDrive Web versions, until your organization is ready to transition to use Office apps that are being provided to your tenant part of your organization M365 subscription.

License agreement

https://www.microsoft.com/en-us/microsoft-365/enterprise/f3?activetab=pivot%3aoverviewtab

 

Azure Solutions Architect
AWS Certified Cloud Practitioner
Azure Certified Security Engineer Associate
https://simplepowershell.blogspot.com
https://cloudsec365.blogspot.com
https://msazure365.blogspot.com
https://twitter.com/Message_Talk

 

Wednesday, July 8, 2020

One Drive For Business Best Practices for Enterprise Environments.

One Drive For Business Best Practices for Enterprise Environments.

ODFB (One Drive For Business) Group policy settings. Most the business moving into M365 and its offered services for known reasons over the years. For large enterprises process of course will take time and correct Engineering and deep design to make sure your business is getting the most out of such services. One of the services offered is ODFB, and I assume you are reading this because you would like to perhaps revisit your design or plan it correctly.

I will list available GPO settings for ODFB and which ones you must deploy without any hesitation from get go.

 

Order

List of policies

1

Allow OneDrive to disable Windows permission
 inheritance in folders synced read-only

2

Allow syncing OneDrive accounts for only specific organizations

3

Allow users to choose how to handle Office file sync conflicts

4

Block file downloads when users are low on disk space

5

Block syncing OneDrive accounts for specific organizations

6

Coauthor and share in Office desktop apps

7

Configure team site libraries to sync automatically

8

Continue syncing on metered networks

9

Continue syncing when devices have battery saver mode turned on

10

Convert synced team site files to online-only files

11

Disable the tutorial that appears at the end of OneDrive Setup

12

Enable automatic upload bandwidth management for OneDrive

13

Limit the sync app download speed to a fixed rate

14

Limit the sync app upload rate to a percentage of throughput

15

Limit the sync app upload speed to a fixed rate

16

Prevent the sync app from generating network traffic until users sign in

17

Prevent users from changing the location of their OneDrive folder

18

Prevent users from fetching files remotely

19

Prevent users from moving their Windows known folders to OneDrive

20

Prevent users from redirecting their Windows known folders to their PC

21

Prevent users from syncing libraries and folders shared from other organizations

22

Prevent users from syncing personal OneDrive accounts

23

Prompt users to move Windows known folders to OneDrive

24

Prompt users when they delete multiple OneDrive files on their local computer

25

Receive OneDrive sync app updates on the Deferred ring

26

Require users to confirm large delete operations

27

Set the default location for the OneDrive folder

28

Set the maximum size of a user's OneDrive that can download automatically

29

Set the sync app update ring

30

Silently move Windows known folders to OneDrive

31

Silently sign in users to the OneDrive sync app with their Windows credentials

32

Use OneDrive Files On-Demand

33

Warn users who are low on disk space

 

Following link will provide details for above GPOs

https://docs.microsoft.com/en-us/onedrive/use-group-policy#list-of-policies

 

Now which GPO set you need to use get go? Invest time to understand below policies, most polices listed below makes the most sense for most of the organizations. GPO # 1 and GPO# 9 would be two most critical GPO you would want to deploy at the least for obvious reasons.

GPO Order

List of policies

1

Allow syncing OneDrive accounts for only specific organizations

2

Enable automatic upload bandwidth management for OneDrive

3

Prevent users from changing the location of their OneDrive folder

4

Prevent users from syncing personal OneDrive accounts

5

Prompt users to move Windows known folders to OneDrive

6

Prompt users when they delete multiple OneDrive files on their local computer

7

Require users to confirm large delete operations

8

Silently sign in users to the OneDrive sync app with their Windows credentials

9

Use OneDrive Files On-Demand

10

Warn users who are low on disk space

 

Good luck with your deployment and if you need any assistance fell free to reach out.

Azure Solutions Architect
AWS Certified Cloud Practitioner
Azure Certified Security Engineer Associate
https://simplepowershell.blogspot.com
https://cloudsec365.blogspot.com
https://msazure365.blogspot.com
https://twitter.com/Message_Talk


Friday, June 26, 2020

RoboCopy Folder and its content to another folder using PowerShell

RoboCopy Folder and its content to another folder using PowerShell.

In this example we will use RoboCopy with pre-defined options to move content of folder A Form Source A Server into Folder A on Destination Server. Here is goes;

You will need to adjust some of the variables to make sure it fits into your needs

  

 

<#     
 
.NOTES
#=============================================
# Script      : RoboCopy-Files-V1.ps1
# Created     : ISE 3.0 
# Author(s)   : Casey.Dedeal 
# Date        : 06/24/2020 12:58:36 
# Org         : ETC Solutions
# File Name   : RoboCopy-Files-V1.ps1
# Comments    : Copy Files from source to destination
# Assumptions :
#==============================================
 
SYNOPSIS           : RoboCopy-Files-V1.ps1
DESCRIPTION        : Copy folders/content source to destination
Acknowledgements   : Open license
Limitations        : None
Known issues       : None
Credits            : None
 
.EXAMPLE
  .\RoboCopy-Files-V1.ps1
 
  MAP:
  -----------
  #(1)_.Adding Vars
  #(2)_.Define source and destination vars
  #(3)_.RoboCpy Options
  #(4)_.Function to check/create destination folder
 
  Note : Take out /TEE option if you want silent mode
  $Options     = ("/B","/MIR", "/XJ", "/FFT", "/R:0", "/V", "/LOG:$LogFile")
 
#>
 
 
 
#(1)_.Define source and destination vars
$timestamp = (Get-Date -format 'dd-MMM-yyyy-HH-mm-ss-')
$fileName  = 'RoboCopy.LOG'
$logname   = $now+$Filename
 
#(2)_RoboCpy Options
$destinDC    = 'SERVER002'
$sourceDC    = 'SERVER001'
$dataSource  = "\\$sourceDC\d$\Scripts\"
$dataDestin  = "\\$destinDC\d$\Scripts\"
$LogFile     = ($dataDestin+$logname )
$Options     = ("/MIR", "/XJ","/FFT", "/TEE", "/R:0", "/V","/LOG:$LogFile")
 
 
#(3)_.Function to check/create destination folder
Function Function-Check-Destination-Folder{
 
  [CmdletBinding()]
  param(
    [parameter(
     Mandatory         = $true,
     ValueFromPipeline = $true)]
      [string]$DestinationPath)
 
 Try{
 
 if (!(Test-Path -Path $DestinationPath))
 {
  New-Item -Type Directory -Path $DestinationPath -ErrorAction Stop | Out-Null
 }
 
}catch{
  
    $errormessage = $($PSItem.ToString())
    Write-Warning 'Error has occoured'
    Write-host 'Problem FOUND:' $errormessage -ForegroundColor Red -BackgroundColor Black
   }
}
 
#(4)_.Function-Check-Source Folder , Stop if not found
Function Function-Check-Source-Folder{
 
  [CmdletBinding()]
  param(
    [parameter(
     Mandatory         = $true,
     ValueFromPipeline = $true)]
      [string]$SourcePath)
 
 Try{
 
 if (!(Test-Path -Path $SourcePath))
 {
     Write-Host 'CANNOT locate (SOURCE) directory' -ForegroundColor White -BackgroundColor Red
     Write-Host 'Script will stop' -ForegroundColor Yellow
     break;
 
 }
 
}catch{
  
    $errormessage = $($PSItem.ToString())
    Write-Warning 'Error has occoured'
    Write-host 'Problem FOUND:' $errormessage -ForegroundColor Red -BackgroundColor Black
   }
}
 
#(5)_.Check source path,Action:<STOP>, if it does not exist
Function-Check-Source-Folder -SourcePath $dataSource
 
 
#(6)_.Create Destination,action:<CREATE>, if it does not exist
Function-Check-Destination-Folder -DestinationPath $dataDestin
 
#(7)_Start Robocopy with pre-defined options
 
write-host '++++++++++++++++++++++++++++++++++++++++++++++++++++'
Write-host 'Starting RoboCopy now' -ForegroundColor DarkYellow
robocopy $dataSource $dataDestin $Options
write-host '++++++++++++++++++++++++++++++++++++++++++++++++++++'
Write-host 'Completed' -ForegroundColor Green
   
 

 

Azure Solutions Architect
AWS Certified Cloud Practitioner
Azure Certified Security Engineer Associate
https://simplepowershell.blogspot.com
https://cloudsec365.blogspot.com
https://msazure365.blogspot.com
https://twitter.com/Message_Talk