Docs update tracker

Updates from: 01/19/2024 05:06:01

Category	Microsoft Docs article	Related commit history on GitHub	Change details
admin	Sign Up For Office 365	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/sign-up-for-office-365.md	When you sign up for a new subscription, we ask you for the following informatio > [!NOTE] > The email address you enter here is different from your Microsoft 365 email address (your sign-in name). Because this is where we also send your billing information, we recommend that you use an e-mail address that's appropriate for receiving business email. -- A sign-in name (user ID)—The user ID you provide becomes your initial Microsoft 365 email address, just to get you started quickly, and is the email address that you use to sign in. For example, if your business name is Fourth Coffee, you might choose rob@fourthcoffee.onmicrosoft.com for your user ID. +- A username—The username you provide becomes your initial Microsoft 365 email address, just to get you started quickly, and is the email address that you use to sign in. For example, if your business name is Fourth Coffee, you might choose rob@fourthcoffee.onmicrosoft.com for your username. Most people add their own custom domain shortly after they sign up so they can start receiving email at that address. For example, if you have a custom domain named fourthcoffee.com, you can set up your email address as rob@fourthcoffee.com.
commerce	Purchases From Microsoft Open	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/purchases-from-microsoft-open.md	- Title: "Enter your Microsoft Open product key"-- NOCSH--------- Tier1-- scotvorg-- M365-subscription-management -- Adm_O365--- commerce_purchase-- AdminSurgePortfolio- -description: "Learn how to activate, renew, or add licenses to a Microsoft 365 for business subscription." Previously updated : 10/21/2020-- -# Enter your product key purchased from Microsoft Open - -If you purchased Microsoft 365 for business from a [Microsoft Open License Program](https://go.microsoft.com/fwlink/p/?LinkID=613298), this article is for you. Volume licensing customers who purchased a product key can follow this topic to activate, renew, or add licenses to a subscription. - - Need help immediately? [Call Microsoft Support](../admin/get-help-support.md). - - Need something else? - - For help with Microsoft 365 Home, or Personal, see [Using product keys with Microsoft 365](https://support.microsoft.com/office/12a5763a-d45c-4685-8c95-a44500213759). - - For help with Microsoft 365 Business Standard purchased from a retail store, see [Enter your product key purchased from a retail store](enter-your-product-key.md). - -## Activate, renew, or add licenses to a subscription purchased from Microsoft Open - -If you bought Microsoft 365 from a Microsoft Open License Program, the system automatically enters the key for you when you activate, renew, or add licenses to a subscription. - -1. After you purchase a key from a Microsoft 365 partner, check your inbox for an email from Microsoft containing an activation link. - - > [!TIP] - > The email is sent to the person listed as the online administrator in the volume licensing agreement. If you're not sure who is designated as the online administrator, ask your Microsoft 365 partner. - -2. Follow the link in the email to sign in with your work or school account, accept the Open License Agreement, and renew the subscription. For a step-by-step walkthrough, download the PDF guide, [Activate Online - -> [!NOTE] -> Volume licensing customers can also choose to activate subscriptions in the [Volume Licensing Service Center](https://go.microsoft.com/fwlink/p/?LinkID=282016). To learn how, download the PDF guide, [Activate Online Services in the Volume Licensing Service Center](https://go.microsoft.com/fwlink/p/?LinkId=618096). - -## What's next? - -If you're new to Microsoft 365 for business, learn how to [set up Microsoft 365 for your organization](../admin/setup/setup.md). - -## Still having trouble with product keys? - -Check out this list of common errors and solutions: [Problems with your product key?](product-key-errors-and-solutions.md) - -Partners, see [Partners: use a product key to set up a customer subscription](https://support.microsoft.com/office/cf22c50f-95c9-4fa2-b959-c264de256d40). - -Volume licensing customers can learn more by visiting [Microsoft Volume Licensing Service Center training and resources](https://go.microsoft.com/fwlink/p/?LinkId=618103). - -Or, if you want to talk to a person, [call Microsoft Support](../admin/get-help-support.md).
frontline	Flw Choose Scenarios	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/flw-choose-scenarios.md	Watch the following video for an overview of the virtual appointments experience More information: [Virtual Appointments with Microsoft Teams](virtual-appointments.md) -## Help your team, clients, and customers - -Find resources to share with your team to help them get comfortable using Teams apps and features. Get customizable infographics and web content to help your clients and customers use Virtual Appointments with your organization. - -\| Scenario \| Description \| -\| \| \| -\|[Help your clients and customers use virtual appointments scheduled with Bookings](virtual-appointments-toolkit.md) \|Customizable infographics and FAQ that you can add to your website to make it easy for your clients to use virtual appointments with your organization. \| -\|[Help your frontline workers track time and attendance](shifts-toolkit.md) \|Videos to help your frontline managers and employees learn about how to use Shifts in Microsoft Teams. \| - ## More scenarios and solutions with the digital ecosystem All of the scenarios above can be achieved with out of the box capabilities from Microsoft. But you can extend even further with third-party apps in [AppSource](https://appsource.microsoft.com/marketplace/apps?search=frontline&page=1) and custom apps that you or our partners build for you with Power Platform, Teams, and Viva extensibility.
frontline	Shifts Toolkit	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/frontline/shifts-toolkit.md	- Title: Help your frontline workers track time and attendance----- -searchScope: - - Microsoft Teams - - Microsoft Cloud for Healthcare -- NOCSH- - - microsoftcloud-healthcare - - m365solution-healthcare - - m365solution-scenario - - m365-frontline - - highpri - -description: Resources to help train your frontline team in using Shifts to access and manage their schedules. -appliesto: - - Microsoft Teams - - Microsoft 365 for frontline workers Previously updated : 10/28/2022-- -# Help your frontline workers track time and attendance - -Now that your organization has begun using Shifts to manage schedules, you'll need to make sure that your frontline workers understand how to track their time and attendance. - -Use your [corporate communications strategy](flw-corp-comms.md) to share Shifts training content with your team and make sure they have access to the resources they need: - -1. Share the [Shifts video training](https://support.microsoft.com/office/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821) with your team to help them understand the basics. -2. Share [Videos for frontline managers](#shifts-videos-for-managers) with your managers to help them set up and manage schedules for their teams. -3. Share [Videos for users](#shifts-videos-for-users) with all of your frontline staff to help them perform regular tasks such as clocking in and swapping shifts. - -## Shifts videos for managers - -Create a schedule with Shifts <br> -[View Create a schedule with Shifts on YouTube](https://go.microsoft.com/fwlink/?linkid=2202612) -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE546xr] - -Copy a schedule with Shifts <br> -[View Copy a schedule with Shifts on YouTube](https://go.microsoft.com/fwlink/?linkid=2202298) -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE54jxu] - -Reuse a weekly schedule from Excel with Shifts <br> -[View Reuse a weekly schedule from Excel with Shifts on YouTube](https://go.microsoft.com/fwlink/?linkid=2202611) -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE546xQ] - -## Shifts videos for users - -Clocking in with Shifts <br> -[View Clocking in with Shifts on YouTube](https://go.microsoft.com/fwlink/?linkid=2202613) -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE54uyx] - -Swap Shifts <br> -[View Swap Shifts on YouTube](https://go.microsoft.com/fwlink/?linkid=2202711) -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE54jBv] - -Tags with Shifts <br> -[View Tags with Shifts on YouTube](https://go.microsoft.com/fwlink/?linkid=2202712) -> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE5443n]
lighthouse	M365 Lighthouse Assign A Baseline	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-assign-a-baseline.md	Additionally, each partner tenant user must be a Microsoft 365 Lighthouse admin. ## Assign a baseline to a tenant -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select┬áTenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select┬áTenants. 2. Select a tenant to which you want to assign a new baseline. 3. Select Assign baseline. 4. Select the baseline you want to assign to the selected tenants.
lighthouse	M365 Lighthouse Block Signin Shared Mailboxes	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-block-signin-shared-mailboxes.md	Microsoft 365 Lighthouse provides visibility into all the shared mailboxes acros ## Block sign-in for shared mailbox accounts -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Account management > Shared mailboxes. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Account management > Shared mailboxes. 2. On the Shared mailboxes tab, select the Shared mailbox account you want to block and then select Block sign-in. Microsoft 365 Lighthouse provides visibility into all the shared mailboxes acros ## Notify users that access is blocked (optional) -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Account management > Shared mailboxes. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Account management > Shared mailboxes. 2. On the Shared mailboxes tab, select the check box next to the accounts you want to notify.
lighthouse	M365 Lighthouse Block User Signin	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-block-user-signin.md	You can block a user account if you think it's compromised. When you block a use ## Block sign-in for a user -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Account management > Search users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Account management > Search users. 2. On the Search users tab, enter a user's name in the search box. You can block a user account if you think it's compromised. When you block a use ## Block sign-in for risky users -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Risky users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Risky users. 2. On the Risky Users page, select the set of users you want to take action on.
lighthouse	M365 Lighthouse Change Cloud Pc Account Type	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-change-cloud-pc-account-type.md	You must be either a Windows 365 Administrator or a Global Administrator in the ## Set or change a Windows 365 Business Cloud PC account type -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Windows 365. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Windows 365. 2. Select the All Cloud PCs tab.
lighthouse	M365 Lighthouse Compare Compliance Policies	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-compare-compliance-policies.md	Make sure devices have a Microsoft Intune license and are enrolled in Microsoft ## Compare policy settings -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Device compliance. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Device compliance. 2. Select the Policies tab. You can filter the results to see Settings that differ, Settings that matc ## Configure a policy setting -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Device compliance. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Device compliance. 2. Select the Policies** tab.
lighthouse	M365 Lighthouse Create A Baseline	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-create-a-baseline.md	There are three ways to create a baseline in Lighthouse. You can clone an existi To clone an existing baseline: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select┬áDeployment > Baselines. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select┬áDeployment > Baselines. 2. From the baseline list, select the baseline you want to clone. To clone an existing baseline: To create a new baseline: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select┬áDeployment > Baselines. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select┬áDeployment > Baselines. 2. Select Create. To create a new baseline: To import a baseline: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select┬áDeployment > Baselines. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select┬áDeployment > Baselines. 2. Select Import. Baselines are composed of deployment tasks. You can add as many deployment tasks To clone a deployment task from an existing baseline: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Deployment > Baselines. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Deployment > Baselines. 2. Select a baseline from the list. 3. Select New task. 4. From the list, select Clone. Lighthouse will, where possible, detect configurations and policies that contain Lighthouse admins must review the extracted configuration and remove any tenant-specific setting values that shouldn't be applied to other managed tenants. -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Deployment > Baselines. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Deployment > Baselines. 2. Select a baseline from the list. 3. Select New task. 4. From the list, select the desired configuration.
lighthouse	M365 Lighthouse Create Manage Alert Rules	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-create-manage-alert-rules.md	You must be a Global Administrator to create and manage alert rules. ## Create a new alert rule -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Alerts. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Alerts. 2. On the Alerts page, select Alerts rules tab. 3. Select Create alert rule. The alert rules wizard opens. 4. From the Set up the basics page, configure the following basic information: You must be a Global Administrator to create and manage alert rules. ## Edit an existing alert rule -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Alerts. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Alerts. 2. On the Alerts page, select Alerts rules tab. 3. From the list, select an alert rule you want to edit. 4. Select Edit alert rule. The alert rules wizard opens. You must be a Global Administrator to create and manage alert rules. ## Delete an alert rule -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Alerts. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Alerts. 2. On the Alerts page, select Alerts rules tab. 3. From the list, select an alert rule you want to delete. 4. Select Delete.
lighthouse	M365 Lighthouse Deploy Task Automatically	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-deploy-task-automatically.md	Additionally, each partner tenant user must meet the following requirements: ## Deploy a task automatically -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. From the list of tenants, select a tenant you want to view.
lighthouse	M365 Lighthouse Deploy Task Manually	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-deploy-task-manually.md	Additionally, each partner tenant user must meet the following requirements: ## Deploy a task manually -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. From the tenant list, select the tenant you want to view. The task status will be updated to Compliant, and the Task Details pane will If the task status changes and is no longer compliant, you can reset the status to Not compliant. To do this: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. From the tenant list, select the tenant you want to view.
lighthouse	M365 Lighthouse Dismiss Task	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-dismiss-task.md	Additionally, each partner tenant user must meet the following requirements: ## Dismiss a task -1. In the left navigation in Lighthouse, select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. Select the appropriate tenant from the list.
lighthouse	M365 Lighthouse Get Access To Sales Advisor	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-get-access-to-sales-advisor.md	For more information, see [CPP role-based access](/partner-center/insights-roles ## Next steps -Once you have access to Sales Advisor, you can start reviewing insights on the Opportunities page. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Sales Advisor > Opportunities. To learn more about opportunities, see [Understanding opportunities and data in Sales Advisor](m365-lighthouse-understanding-opportunities-and-data.md). +Once you have access to Sales Advisor, you can start reviewing insights on the Opportunities page. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Sales Advisor > Opportunities. To learn more about opportunities, see [Understanding opportunities and data in Sales Advisor](m365-lighthouse-understanding-opportunities-and-data.md). ## Related content
lighthouse	M365 Lighthouse Get Help And Support	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-get-help-and-support.md	Several options are available if you need help. First, check to see if there are - Review the current health of customer tenant - 1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Service health. + 1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Service health. 2. View detailed information about current and past issues. - Review the current health of the Lighthouse tenant
lighthouse	M365 Lighthouse Manage Inactive Users	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-manage-inactive-users.md	Lighthouse uses sign-in activity to detect inactive users accounts. The Inacti ## Review inactive users -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Account management > Inactive users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Account management > Inactive users. 2. On the Inactive Users tab, set filters to the desired result. Lighthouse uses sign-in activity to detect inactive users accounts. The Inacti ## Block sign-in for multiple user accounts -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Account management > Inactive users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Account management > Inactive users. 2. On the Inactive users tab, expand any tenant in the list to see a list of inactive users within the tenant, select the users you want to block, and then select Block sign-in.
lighthouse	M365 Lighthouse Manage Mfa	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-manage-mfa.md	The customer tenant must be active within Microsoft 365 Lighthouse. To determine ## Notify users who aren't registered for MFA -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > multifactor authentication. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > multifactor authentication. 2. Select the tenant that contains the user(s) that you want to notify. The customer tenant must be active within Microsoft 365 Lighthouse. To determine ## Exclude users from MFA registration -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users \> multifactor authentication. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users \> multifactor authentication. 2. Select the tenant containing the user(s) you want to exclude. The customer tenant must be active within Microsoft 365 Lighthouse. To determine ## Block sign-in for users not registered for MFA -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > multifactor authentication. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > multifactor authentication. 2. Select the tenant that contains the user(s) you want to block. 3. Select Users not registered for MFA tab. 4. Select the user(s) that you want to block. Blocking a user prevents anyone from signing in as this user and is a good idea ## Remove a user from the Excluded users group -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > multifactor authentication. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > multifactor authentication. 2. Select the tenant that contains the user(s) you want to remove. 3. Select Exclude users tab. 4. Select the user(s) that you want to remove. Blocking a user prevents anyone from signing in as this user and is a good idea ## Next steps -Once MFA is enabled, you can enable Microsoft Entra self-service password reset (SSPR). SSPR allows users to change or reset passwords without administrator or help desk involvement. For more information, see Manage self-service password reset in Microsoft 365 Lighthouse. For more information, see┬á[Manage self-service password reset in Microsoft 365 Lighthouse](m365-lighthouse-manage-sspr.md). +Once MFA is enabled, you can enable Microsoft Entra self-service password reset (SSPR). SSPR allows users to change or reset passwords without administrator or help desk involvement. For more information, see┬á[Manage self-service password reset in Microsoft 365 Lighthouse](m365-lighthouse-manage-sspr.md). ## Related content
lighthouse	M365 Lighthouse Manage Sspr	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-manage-sspr.md	Selecting any tenant from the self-service password reset details table opens th ## Enable SSPR for a tenant -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Self-service password reset. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Self-service password reset. 2. On the Self-service password reset page, select a tenant from the list to open the details pane. Selecting any tenant from the self-service password reset details table opens th ## Notify users to register for SSPR -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Self-service password reset. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Self-service password reset. 2. On the Self-service password reset page, select a tenant from the list to open the details pane.
lighthouse	M365 Lighthouse Manage Tenant List	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-manage-tenant-list.md	You must be a Global Administrator of the partner tenant. ## Create a tag -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. Select Manage Tags. You must be a Global Administrator of the partner tenant. ## Edit a tag -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. Select Manage Tags. You must be a Global Administrator of the partner tenant. ## Assign a tag -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. From the list of tenants, select the three dots (more actions) next to the tenant you want to tag. Tags that are already assigned to the tenant have a check mark to the right of t ## Delete a tag -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. Select Manage Tags. Tags that are already assigned to the tenant have a check mark to the right of t ## Remove a tag -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. From the list of tenants, select the three dots (more actions) next to the tenant you want to edit.
lighthouse	M365 Lighthouse Manage Tenants Using Deployment Insights	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-manage-tenants-using-deployment-insights.md	Microsoft 365 Lighthouse provides deployment insights within and across the tena ## Manage deployment progress by using deployment insights -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Deployment > Deployment insights. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Deployment > Deployment insights. 2. On the Deployment insights page, review the following areas to gather insight on your tenants' deployment progress. For additional solutions for common deployment issues, see [Deploying baselines] ## Review regressed tasks -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Deployment > Deployment insights. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Deployment > Deployment insights. 2. From the Tenants list, review tenants with regressed tasks indicated by the Regressed tasks column. Every dismissed task and excluded user represent a potential threat. You can aud ### Audit dismissed tasks -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Deployment > Deployment insights. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Deployment > Deployment insights. 2. From the Tenants list, select the tenant with a dismissed task. Every dismissed task and excluded user represent a potential threat. You can aud ### Audit excluded users -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Deployment > Deployment insights. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Deployment > Deployment insights. 2. From the Tenants list, select the tenant with an Excluded user.
lighthouse	M365 Lighthouse Mitigate Threats	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-mitigate-threats.md	Microsoft 365 Lighthouse lets you investigate and mitigate threats across all yo To investigate a specific threat: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Threat management. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Threat management. 2. Select the Threats tab. The threat details pane provides the following information: To investigate threats on a specific device: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Threat management. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Threat management. 2. Select the Antivirus protection tab. Lighthouse displays all threats found on the device. To see details, select the A quick scan searches common locations where malware could be, such as registry keys and know startup folders. A full scan searches the entire device. In most cases, a quick scan is sufficient and is the recommended option for scheduled scans. -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Threat management. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Threat management. 2. Select the Antivirus protection tab. You can also scan multiple devices by selecting the checkbox next to each device To update Microsoft Defender Antivirus on a single device: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Threat management. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Threat management. 2. Select the Antivirus protection tab. If you need to create a new policy, select Update policy in the device detai When consecutive actions are applied to a device, you'll receive an action pending message. To check which actions are pending on a device: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Threat management. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Threat management. 2. Select the Antivirus protection tab. When consecutive actions are applied to a device, you'll receive an action pendi Some updates may require a device to restart to install correctly. -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Threat management. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Threat management. 2. Select the Antivirus protection tab.
lighthouse	M365 Lighthouse Reinstate Task	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-reinstate-task.md	Additionally, each partner tenant user must meet the following requirements: ## Reinstate a task -1. In the left navigation in Lighthouse, select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. Select the appropriate tenant from the list. 3. Select Deployment plan tab. 4. From the task list, select the task you want to reinstate.
lighthouse	M365 Lighthouse Reprovision Cloudpc	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-reprovision-cloudpc.md	You must be a Cloud PC Administrator in the partner tenant. ## Reprovision a Windows 365 Cloud PC -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Windows 365. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Windows 365. 2. Select the All Cloud PCs tab. You must be a Cloud PC Administrator in the partner tenant. ## Check the device action status -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Windows 365. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Windows 365. 2. Select the All Cloud PCs tab.
lighthouse	M365 Lighthouse Reset User Password	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-reset-user-password.md	Microsoft 365 Lighthouse lets you change or reset user passwords. You can reset ## Reset a password for a user -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Account management > Search users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Account management > Search users. 2. On the Search users tab, enter a user's name in the search box. Microsoft 365 Lighthouse lets you change or reset user passwords. You can reset ## Reset a password for a risky user -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Risky users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Risky users. 2. On the Risky Users page, select a risky user from the list.
lighthouse	M365 Lighthouse Review Audit Logs	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-review-audit-logs.md	To view audit logs, you must have one of the following permissions: ## Review audit logs -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Audit logs. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Audit logs. > [!NOTE] > It might take up to 1 hour to see new logs. Go to the respective service to see the most recent changes.
lighthouse	M365 Lighthouse Review Deployment Plan	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-review-deployment-plan.md	Additionally, each partner tenant user must meet the following requirements: ## Access a tenant deployment plan -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. From the tenant list, select the tenant you want to view.
lighthouse	M365 Lighthouse Search For Users	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-search-for-users.md	description: "For Managed Service Providers (MSPs) using Microsoft 365 Lighthous Microsoft 365 Lighthouse lets you search for a specific user across all active tenants. This allows you to find a user quickly without needing to navigate different tenants. -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Account management > Search users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Account management > Search users. 2. In the search box, enter a display name or user principal name (UPN).
lighthouse	M365 Lighthouse Setup Gdap	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-setup-gdap.md	Previously updated : 12/21/2023 Last updated : 1/18/2024 audience: Admin If you encounter any problems during GDAP setup, see [Troubleshoot error message To get started: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Home. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Home. 2. On the Set up GDAP card, select Set up GDAP. You need at least one security group per support role for each template. For the 8. Select Save and close to save your settings and exit GDAP Setup. -JIT agent security group users are eligible to request access to highly privileged GDAP roles; they are not given access to them automatically. As part of GDAP Setup, select a JIT approver security group from your tenant to approve access requests from JIT agents. The JIT approver security group must be role assignable. After completing GDAP setup, a JIT access policy is created for JIT agents to request access. You can review the policy created in the [Microsoft Entra ID Governance portal](https://portal.azure.com/#view/Microsoft_AAD_ERM/DashboardBlade/~/elmEntitlement), and JIT agents can request access to their roles from the [My Access portal](https://myaccess.microsoft.com/#/access-packages). For more information on how JIT agents can request access, see [Manage access to resources](/azure/active-directory/governance/entitlement-management-access-package-first?wt.mc_id=365admincsh_lighthouse). For more information on how approvers can approve requests, see [Approve or deny request](/azure/active-directory/governance/entitlement-management-access-package-first?wt.mc_id=365admincsh_lighthouse). +JIT agent security group users are eligible to request access to highly privileged GDAP roles; they're not given access to them automatically. As part of GDAP Setup, select a JIT approver security group from your tenant to approve access requests from JIT agents. + +The JIT approver security group must be role-assignable. If you're not seeing a security group appear in GDAP Setup, confirm that the security group is role-assignable. For more information on how to manage role assignments, see [Use Microsoft Entra groups to manage role assignments](/entra/identity/role-based-access-control/groups-concept). + +After completing GDAP setup, a JIT access policy is created for JIT agents to request access. You can review the policy created in the [Microsoft Entra ID Governance portal](https://portal.azure.com/#view/Microsoft_AAD_ERM/DashboardBlade/~/elmEntitlement), and JIT agents can request access to their roles from the [My Access portal](https://myaccess.microsoft.com/#/access-packages). For more information on how JIT agents can request access, see [Manage access to resources](/azure/active-directory/governance/entitlement-management-access-package-first). For more information on how approvers can approve requests, see [Approve or deny request](/azure/active-directory/governance/entitlement-management-access-package-first). ### Step 4: Tenant assignments It may take a minute or two for the settings you've configured to apply. If you > For customers with an existing DAP relationship, these settings are automatically applied. Customers with an Active status on the last page of GDAP Setup are assigned to roles and security groups as defined in the GDAP template. > [!NOTE] -> For customers without an existing DAP relationship, an admin relationship request link is generated for each customer on the last page of GDAP Setup. From there, you can send the link to your customer's Global Administrator so they can approve the GDAP relationship. Once the relationship is approved, the GDAP template settings will be applied. +> For customers without an existing DAP relationship, an admin relationship request link is generated for each customer on the last page of GDAP Setup. From there, you can send the link to your customer's Global Administrator so they can approve the admin relationship. Once the relationship is approved, the GDAP template settings will be applied. It may take up to an hour after relationship approval for changes to appear in Lighthouse. Once you've completed GDAP Setup, you can navigate to different steps to update or change roles, security groups, or templates. GDAP relationships are now visible in Partner Center and the security groups are now visible in Microsoft Entra ID.
lighthouse	M365 Lighthouse View Failed Network Connections	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-view-failed-network-connections.md	Microsoft 365 Lighthouse provides the connection status between your customer te ## View a failed network connection -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Devices > Windows 365. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Devices > Windows 365. 2. Select the Azure network connections tab.
lighthouse	M365 Lighthouse View Manage Risky Users	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-view-manage-risky-users.md	The following conditions must be met before users can appear in the risky users In Microsoft Entra ID Protection, risk detections include any identified suspicious actions related to user accounts in Microsoft Entra ID. -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Risky users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Risky users. 2. On the Risky Users page, review the users in the list with a risk state of At risk. In Microsoft Entra ID Protection, risk detections include any identified suspici To take action on multiple affected users at once: -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Users > Risky users. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Users > Risky users. 2. On the Risky Users page, select the set of users you want to take action on.
lighthouse	M365 Lighthouse View Opportunities	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-view-opportunities.md	You must hold the Executive report viewer or Report viewer role in Partner Cente ## View opportunities -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Sales Advisor > Opportunities. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Sales Advisor > Opportunities. 2. On the All opportunities tab, select the tenant you want to research. You must hold the Executive report viewer or Report viewer role in Partner Cente ## View opportunities by opportunity type -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Sales Advisor > Opportunities. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Sales Advisor > Opportunities. 2. Select the desired opportunity type you want to review. For a definition of each opportunity type, see the Opportunity Type section in [Understanding opportunities and data in Sales Advisor](m365-lighthouse-understanding-opportunities-and-data.md). ## Export opportunities out of Sales Advisor -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Sales Advisor > Opportunities. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Sales Advisor > Opportunities. 2. Select the view you want to export (All opportunities, Customer acquisition, Customer retention, or Customer growth). 3. Filter the list as needed using the filters (Probability, Opportunity type, and Date created). 4. Select Export.
lighthouse	M365 Lighthouse View Service Health	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-view-service-health.md	To view service health, you'll need a Microsoft Entra role in the partner tenant ## View service health status for all tenants -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Service health. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Service health. 2. On the Service health page, review the current service health status, including: To view service health, you'll need a Microsoft Entra role in the partner tenant ## Review issue details -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Service health. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Service health. 2. On the Service health page, select the All services or All issues tab.
lighthouse	M365 Lighthouse View Task Details	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-view-task-details.md	Additionally, each partner tenant user must meet the following requirements: ## View task details -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. Select an active tenant.
lighthouse	M365 Lighthouse View Your Roles	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/lighthouse/m365-lighthouse-view-your-roles.md	You must have access to a partner tenant that has onboarded to the Microsoft 365 ## View your roles -1. In the left navigation pane in [Lighthouse](https://lighthouse.microsoft.com), select Tenants. +1. In the left navigation pane in <a href="https://go.microsoft.com/fwlink/p/?linkid=2168110" target="_blank">Lighthouse</a>, select Tenants. 2. From the list of tenants, select any tenant name to open the tenant's Overview page.
loop	Loop Compliance Summary	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/loop/loop-compliance-summary.md	Where the loop content was originally created determines its storage location: \|Audit: Version history \|Version History [export in Purview](/purview/ediscovery-export-search-results#step-1-prepare-search-results-for-export) or via [Graph API](/graph/api/driveitem-get-content-format).\|Version History [export in Purview](/purview/ediscovery-export-search-results#step-1-prepare-search-results-for-export). <br><br>Not Yet Available: <br>API access to Loop workspace containers - this impacts third party export and eDiscovery tools.\| \|Audit: logs and events \|Audit logs for all events: search and export Microsoft 365 service events for security and compliance investigations <ol><li>use the [compliance admin center](https://compliance.microsoft.com/auditlogsearch)<li>search audit logs for "loop" or "fluid"<li>further filter exported results by "SourceFileExtension":"loop" or "SourceFileExtension":"fluid"\|Audit logs for all events: search and export Microsoft 365 service events for security and compliance investigations <ol><li>use the [compliance admin center](https://compliance.microsoft.com/auditlogsearch)<li>search audit logs for Loop ApplicationID `a187e399-0c36-4b98-8f04-1edc167a0996`\| \|Audit: log access \|Audit logs are retained, can be exported, and can be streamed to third party tools\|Audit logs are retained, can be exported, and can be streamed to third party tools\| -\|Legal Hold and eDiscovery: Purview \|Microsoft [Purview eDiscovery](/microsoft-365/loop/loop-components-teams#do-loop-and-fluid-files-support-ediscovery) review (premium only) and export (also as HTML, premium only).\|Microsoft [Purview eDiscovery](/microsoft-365/loop/loop-components-teams#do-loop-and-fluid-files-support-ediscovery) review (premium only) and export (also as HTML, premium only).\| +\|Legal Hold and eDiscovery: Purview \|Microsoft [Purview eDiscovery](/microsoft-365/loop/loop-components-teams#do-loop-and-fluid-files-support-ediscovery) supports search and collection, review (premium only), and export (premium only) as HTML or original. You can also download and re-upload the files to any OneDrive to view them in their native format.\|Microsoft [Purview eDiscovery](/microsoft-365/loop/loop-components-teams#do-loop-and-fluid-files-support-ediscovery) supports search and collection, review (premium only), and export (premium only) as HTML or original. You can also download and re-upload the files to any OneDrive to view them in their native format.\| \|Legal Hold and eDiscovery: Export \|Microsoft [Graph API](/graph/api/driveitem-get-content-format) export support.\|Not Yet Available: <br>API access to Loop workspace containers - this impacts third party export and eDiscovery tools.\| \|Legal Hold and eDiscovery: Legal Hold \|Legal Hold support to ensure content isn't deleted (as related to litigation and security investigations) and stored in the [Preservation Hold Library](/sharepoint/governance/ediscovery-and-in-place-holds-in-sharepoint-server).\|Legal Hold support to ensure content isn't deleted (as related to litigation and security investigations) and stored in the [Preservation Hold Library](/sharepoint/governance/ediscovery-and-in-place-holds-in-sharepoint-server).\| \|Data Lifecycle Management: Retention policies \|[Retention policies](/microsoft-365/compliance/retention-policies-sharepoint) are enforced.\|[Retention policies](/microsoft-365/compliance/retention-policies-sharepoint) configured for all SharePoint sites are enforced on all Loop workspaces. <br><br>Not Yet Available: <br>Retention policies that can be overridden or set individually at the Loop workspace level.\|
loop	Loop Components Teams	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/loop/loop-components-teams.md	Version History allows you to review, restore, or copy from previous versions of The .loop files can only be opened as links in your browser, such as Office.com, and as Loop components in Teams chat, Outlook email, Whiteboard, and Word for the web. If downloaded, they can't be opened again without first uploading them back to OneDrive or SharePoint. -## Do .loop (and .fluid) files support eDiscovery? - -Loop components created in Teams, Outlook, and Word for the web, are discoverable and have eDiscovery workflow support using the Microsoft Purview tool. Currently, these files are stored in the creatorΓÇÖs OneDrive and are available for search and collection in both eDiscovery (Standard) and eDiscovery (Premium). Render in review and HTML offline export format is supported on eDiscovery (Premium). You can also download and re-upload the files to any OneDrive to view them in their native format. - -A [graph export API](/graph/api/driveitem-get-content-format) solution is also available for Loop components that supports both raw export and an HTML offline format. - ## If Loop is disabled from the admin switch, what will the user experience be? If you disable these experiences as outlined in the [Settings management](loop-workspaces-configuration.md#settings-management-in-cloud-policy) section, the following experience-changes will apply: - The create/insert entry point within Teams messaging and Outlook email will be hidden. The users won't be able to create new .loop files. - Existing messages that would have formerly rendered as an interactive Loop component will instead render as a hyperlink. No interactive content will be displayed within the app that Loop components have been disabled in.-- When you click on the hyperlink or browse to a .loop file in OneDrive for Business and click it to open, it will open in a separate browser tab. You will still be able to edit the file. +- When you click on the hyperlink or browse to a .loop file in OneDrive and click it to open, it will open in a separate browser tab. You will still be able to edit the file. ## Known issues
loop	Loop Workspaces Storage Permission	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/loop/loop-workspaces-storage-permission.md	When you invite a user to a workspace, that user has access to all the pages in When you share only a Loop page, you're giving users access to that specific page exclusively (not the whole workspace). The user can choose to use a company share link or people-specific share link; unless their tenant admin has disabled some of the share link types. When sharing a page, you can choose to grant the user "edit" or "read only" access. -## Loop workspaces and Microsoft 365 groups +## Loop workspace membership and Microsoft 365 groups -Loop workspaces don't use Microsoft 365 groups for access management, instead they create a roster for access management. +Loop workspaces currently have one type, with membership visible and manageable within the Loop app by the workspace owner. However, there is no integration with Microsoft 365 groups or Security groups. -## eDiscovery support for Loop content stored in Loop workspaces +At present, owners cannot assign new members as owners. If the owner leaves the company, the workspace becomes ownerless. Administrators cannot assign new owners to ownerless workspaces. -Loop content (pages and components) created in the Loop app are discoverable and have eDiscovery workflow support using the Microsoft Purview tool. As mentioned above, these files are stored in SharePoint Embedded and are available for search and collection for both eDiscovery (Standard) and eDiscovery (Premium). Render in review and the HTML offline export format is supported on eDiscovery (Premium). You can also download and re-upload the files to any OneDrive to view them in their native format. +PowerShell support for number of owners on a SharePoint Embedded container is not yet available. Once it is, to find ownerless workspaces, query Loop workspace containers in SharePoint Embedded. For more information, see [Consuming Tenant Admin](/sharepoint/dev/embedded/concepts/admin-exp/cta), and [Get-SPO Container](/powershell/module/sharepoint-online/get-spocontainer). The Loop Application ID is listed in [Summary of governance, lifecycle and compliance capabilities](/microsoft-365/loop/loop-compliance-summary). -A graph export API that can access Loop content stored in [SharePoint Embedded](https://techcommunity.microsoft.com/t5/sharepoint-premium-blog/announcing-sharepoint-embedded-public-preview-at-espc23/ba-p/3993428) is not yet available. +Note that there are other types of groups and membership lists in the Microsoft ecosystem, such as Microsoft 365 groups and Security groups. Currently, Loop workspace membership cannot be managed by or associated with these groups or lists. ## Storage management after user departure
security	Defender Endpoint Demonstration Attack Surface Reduction Rules	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-attack-surface-reduction-rules.md	Attack surface reduction rules target specific behaviors that are typically used ## PowerShell commands + ```powershell Add-MpPreference -AttackSurfaceReductionRules_Ids BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550 -AttackSurfaceReductionRules_Actions Enabled Add-MpPreference -AttackSurfaceReductionRules_Ids D4F940AB-401B-4EfC-AADC-AD5F3C50688A -AttackSurfaceReductionRules_Actions Enabled Add-MpPreference -AttackSurfaceReductionRules_Ids D1E49AAC-8F56-4280-B9BA-993A6D Add-MpPreference -AttackSurfaceReductionRules_Ids B2B3F03D-6A65-4F7B-A9C7-1C7EF74A9BA4 -AttackSurfaceReductionRules_Actions Enabled Add-MpPreference -AttackSurfaceReductionRules_Ids C1DB55AB-C21A-4637-BB3F-A12568109D35 -AttackSurfaceReductionRules_Actions Enabled Add-MpPreference -AttackSurfaceReductionRules_Ids 01443614-CD74-433A-B99E-2ECDC07BFC25 -AttackSurfaceReductionRules_Actions Enabled +Add-MpPreference -AttackSurfaceReductionRules_Ids 56a863a9-875e-4185-98a7-b882c64b5ce5 -AttackSurfaceReductionRules_Actions Enabled +Add-MpPreference -AttackSurfaceReductionRules_Ids 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2 -AttackSurfaceReductionRules_Actions Enabled +Add-MpPreference -AttackSurfaceReductionRules_Ids e6db77e5-3df2-4cf1-b95a-636979351e5b -AttackSurfaceReductionRules_Actions Enabled +Add-MpPreference -AttackSurfaceReductionRules_Ids a8f5898e-1dc8-49a9-9878-85004b8a61e6 -AttackSurfaceReductionRules_Actions Enabled Add-MpPreference -AttackSurfaceReductionRules_Ids 26190899-1602-49E8-8B27-EB1D0A1CE869 -AttackSurfaceReductionRules_Actions AuditMode Add-MpPreference -AttackSurfaceReductionRules_Ids 7674BA52-37EB-4A4F-A9A1-F0F9A1619A2C -AttackSurfaceReductionRules_Actions AuditMode ``` Get-MpPreference Note - some test files have multiple exploits embedded and triggers multiple rules -\| Rule name \| Rule GUID \| Windows version \| -\|:\|:\|:\| -\| Block executable content from email client and webmail \| BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550 \| 1709 \| -\| [Block Office applications from creating child processes](https://demo.wd.microsoft.com/Content/TestFile_OfficeChildProcess_D4F940AB-401B-4EFC-AADC-AD5F3C50688A.docm) \| D4F940AB-401B-4EFC-AADC-AD5F3C50688A \| 1709 \| -\| [Block Office applications from creating executable content](https://demo.wd.microsoft.com/Content/TestFile_Block_Office_applications_from_creating_executable_content_3B576869-A4EC-4529-8536-B80A7769E899.docm) \| 3B576869-A4EC-4529-8536-B80A7769E899 \| 1709 \| -\| Block Office applications from injecting into other processes \| 75668C1F-73B5-4CF0-BB93-3ECF5CB7CC84 \| 1709 \| -\| [Impede JavaScript and VBScript to launch executables](https://demo.wd.microsoft.com/Content/TestFile_Impede_JavaScript_and_VBScript_to_launch_executables_D3E037E1-3EB8-44C8-A917-57927947596D.js) \| D3E037E1-3EB8-44C8-A917-57927947596D \| 1709 \| -\| Block execution of potentially obfuscated scripts \| 5BEB7EFE-FD9A-4556-801D-275E5FFC04CC \| 1709 \| -\| [Block Win32 imports from Macro code in Office](https://demo.wd.microsoft.com/Content/Block_Win32_imports_from_Macro_code_in_Office_92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B.docm) \| 92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B \| 1709 \| -\|[{Block Process Creations originating from PSExec & WMI commands](https://demo.wd.microsoft.com/Content/TestFile_PsexecAndWMICreateProcess_D1E49AAC-8F56-4280-B9BA-993A6D77406C.vbs) \| D1E49AAC-8F56-4280-B9BA-993A6D77406C \| 1803 \| -\| [Block Execution of untrusted or unsigned executables inside removable USB media](https://demo.wd.microsoft.com/Content/UNSIGNED_ransomware_test_exe.exe) \| B2B3F03D-6A65-4F7B-A9C7-1C7EF74A9BA4 \| 1803 \| -\| Aggressive Ransomware Prevention \| C1DB55AB-C21A-4637-BB3F-A12568109D35 \| 1803 \| -\| Block executable files from running unless they meet a prevalence, age, or trusted list criteria \| 01443614-CD74-433A-B99E-2ECDC07BFC25 \| 1803 \| -\| Block Adobe Reader from creating child processes \| 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c \| 1803 \| +\| Rule name \| Rule GUID \| +\|:\|:\| +\| Block executable content from email client and webmail \| BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550 \| +\| [Block Office applications from creating child processes](https://demo.wd.microsoft.com/Content/TestFile_OfficeChildProcess_D4F940AB-401B-4EFC-AADC-AD5F3C50688A.docm) \| D4F940AB-401B-4EFC-AADC-AD5F3C50688A \| +\| [Block Office applications from creating executable content](https://demo.wd.microsoft.com/Content/TestFile_Block_Office_applications_from_creating_executable_content_3B576869-A4EC-4529-8536-B80A7769E899.docm) \| 3B576869-A4EC-4529-8536-B80A7769E899 \| +\| Block Office applications from injecting into other processes \| 75668C1F-73B5-4CF0-BB93-3ECF5CB7CC84 \| +\| [Impede JavaScript and VBScript to launch executables](https://demo.wd.microsoft.com/Content/TestFile_Impede_JavaScript_and_VBScript_to_launch_executables_D3E037E1-3EB8-44C8-A917-57927947596D.js) \| D3E037E1-3EB8-44C8-A917-57927947596D \| +\| Block execution of potentially obfuscated scripts \| 5BEB7EFE-FD9A-4556-801D-275E5FFC04CC \| +\| [Block Win32 imports from Macro code in Office](https://demo.wd.microsoft.com/Content/Block_Win32_imports_from_Macro_code_in_Office_92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B.docm) \| 92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B \| +\|[{Block Process Creations originating from PSExec & WMI commands](https://demo.wd.microsoft.com/Content/TestFile_PsexecAndWMICreateProcess_D1E49AAC-8F56-4280-B9BA-993A6D77406C.vbs) \| D1E49AAC-8F56-4280-B9BA-993A6D77406C \| +\| [Block Execution of untrusted or unsigned executables inside removable USB media](https://demo.wd.microsoft.com/Content/UNSIGNED_ransomware_test_exe.exe) \| B2B3F03D-6A65-4F7B-A9C7-1C7EF74A9BA4 \| +\| Aggressive Ransomware Prevention \| C1DB55AB-C21A-4637-BB3F-A12568109D35 \| +\| Block executable files from running unless they meet a prevalence, age, or trusted list criteria \| 01443614-CD74-433A-B99E-2ECDC07BFC25 \| +\| Block Adobe Reader from creating child processes \| 7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c \| +\| Block abuse of exploited vulnerable signed drivers \| 56a863a9-875e-4185-98a7-b882c64b5ce5 \| +\| Block credential stealing from the Windows local security authority subsystem (lsass.exe) \| 9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2 \| +\| Block persistence through WMI event subscription \| e6db77e5-3df2-4cf1-b95a-636979351e5b \| +\| Block Webshell creation for Servers \| a8f5898e-1dc8-49a9-9878-85004b8a61e6 \| ## Scenarios You should immediately see an "Action blocked" notification. You should immediately see an "Action blocked" notification. -### Scenario 3 (Windows 10 version 1803 or later): ASR rule blocks unsigned USB content from executing +### Scenario 3 (Windows 10 or later): ASR rule blocks unsigned USB content from executing 1. Configure the rule for USB protection (B2B3F03D-6A65-4F7B-A9C7-1C7EF74A9BA4). Download and run this [clean-up script](https://demo.wd.microsoft.com/Content/AS Alternately, you can perform these manual steps: +++++++++++ ```powershell Add-MpPreference -AttackSurfaceReductionRules_Ids BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550 -AttackSurfaceReductionRules_Actions Disabled Add-MpPreference -AttackSurfaceReductionRules_Ids D4F940AB-401B-4EfC-AADC-AD5F3C50688A -AttackSurfaceReductionRules_Actions Disabled
security	Defender Endpoint Demonstration Network Protection	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/defender-endpoint-demonstration-network-protection.md	- demo Previously updated : 10/21/2022 Last updated : 01/15/2024 # Network protection demonstrations Applies to: -- [Microsoft Defender for Endpoint Plan 1](https://go.microsoft.com/fwlink/p/?linkid=2154037) - [Microsoft Defender for Endpoint Plan 2](https://go.microsoft.com/fwlink/p/?linkid=2154037) +- [Microsoft Defender for Business](https://www.microsoft.com/security/business/endpoint-security/microsoft-defender-business) +- [Microsoft Defender for Endpoint Plan 1](https://go.microsoft.com/fwlink/p/?linkid=2154037) +- [Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows) Network Protection helps reduce the attack surface of your devices from Internet-based events. It prevents employees from using any application to access dangerous domains that may host phishing scams, exploits, and other malicious content on the Internet. ## Scenario requirements and setup -- Windows 10 1709 build 16273, Windows 11 +- Windows 11 or Windows 10 version 1709 build 16273 or newer. +- Windows Server 2022, Windows Server 2019, Windows Server 2016, and Windows Server 2012 R2 with the new unified MDE Client. +- macOS +- Linux - Microsoft Defender Antivirus -## PowerShell command +## Windows + +PowerShell command ```powershell Set-MpPreference -EnableNetworkProtection Enabled ``` -## Rule states +Rule states \|State \| Mode\| Numeric value \| \|:\|:\|:\| Set-MpPreference -EnableNetworkProtection Enabled \| Enabled \| = Block mode \| 1 \| \| Audit \| = Audit mode \| 2 \| -## Verify configuration +Verify configuration ```powershell Get-MpPreference ``` -## Scenario +Scenario 1. Turn on Network Protection using powershell command: Get-MpPreference 2. Using the browser of your choice (not Microsoft Edge), navigate to the [Network Protection website test](https://smartscreentestratings2.net/). Microsoft Edge has other security measures in place to protect from this vulnerability (SmartScreen). -## Expected results +Expected results Navigation to the website should be blocked and you should see a Connection blocked* notification. -## Clean-up +Clean-up ```powershell Set-MpPreference -EnableNetworkProtection Disabled ``` +## macOS/Linux + +To configure the Network Protection enforcement level, run the following command from the Terminal: ++ +```bash +mdatp config network-protection enforcement-level --value [enforcement-level] +``` + +For example, to configure network protection to run in blocking mode, execute the following command: ++ +```bash +mdatp config network-protection enforcement-level --value block +``` + +To confirm that network protection has been started successfully, run the following command from the Terminal, and verify that it prints "started": ++ +```bash +mdatp health --field network_protection_status +``` + +To test Network Protection on macOS/Linux + +1. Using the browser of your choice (not Microsoft Edge), navigate to the [Network Protection website test](https://smartscreentestratings2.net/). Microsoft Edge has other security measures in place to protect from this vulnerability (SmartScreen). +1. or from terminal + +```bash +curl -o ~/Downloads/smartscreentestratings2.net https://smartscreentestratings2.net/ +``` + +Expected results + +Navigation to the website should be blocked and you should see a Connection blocked* notification. + +Clean-up ++ +```bash +mdatp config network-protection enforcement-level --value audit +``` + ## See also [Network Protection](network-protection.md)
security	Onboard Windows Multi Session Device	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/onboard-windows-multi-session-device.md	- tier3 search.appverid: met150 Previously updated : 06/27/2023 Last updated : 01/18/2024 # Onboard Windows devices in Azure Virtual Desktop As part of your onboarding, you may want to consider setting a machine tag to di When building your golden image, you may want to configure initial protection settings as well. For more information, see [Other recommended configuration settings](configure-endpoints-gp.md#other-recommended-configuration-settings). -Also, if you're using FSlogix user profiles, we recommend you exclude the following files from always-on protection: - -Exclude Files: - -`%ProgramFiles%\FSLogix\Apps\frxdrv.sys` - -`%ProgramFiles%\FSLogix\Apps\frxdrvvt.sys` - -`%ProgramFiles%\FSLogix\Apps\frxccd.sys` - -`%TEMP%\.VHD` - -`%TEMP%\.VHDX` - -`%Windir%\TEMP\.VHD` - -`%Windir%\TEMP\.VHDX` - -`\\storageaccount.file.core.windows.net\share\\.VHD` - -`\\storageaccount.file.core.windows.net\share\\.VHDX` - -Exclude Processes: - -`%ProgramFiles%\FSLogix\Apps\frxccd.exe` - -`%ProgramFiles%\FSLogix\Apps\frxccds.exe` - -`%ProgramFiles%\FSLogix\Apps\frxsvc.exe` +Also, if you're using FSlogix user profiles, we recommend you follow the guidance described in [FSLogix antivirus exclusions](/fslogix/overview-prerequisites#configure-antivirus-file-and-folder-exclusions). #### Licensing requirements Licensing requirements for Microsoft Defender for Endpoint can be found at: [Lic [FSLogix anti-malware exclusions](/fslogix/overview-prerequisites#configure-antivirus-file-and-folder-exclusions) [Configure Microsoft Defender Antivirus on a remote desktop or virtual desktop infrastructure environment](/microsoft-365/security/defender-endpoint/deployment-vdi-microsoft-defender-antivirus)+ [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../../includes/defender-mde-techcommunity.md)]
security	Get Started Xdr	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/get-started-xdr.md	- tier1 search.appverid: met150 Previously updated : 12/07/2023 Last updated : 01/18/2024 # Get started with Microsoft Defender Experts for XDR Once identified, the individuals or groups will receive an email notifying them 2. Add a Phone number (optional) that Defender Experts can call for matters that require immediate attention. 3. Under the Contact for dropdown box, choose Incident notification or Service review. 4. Select Add. -3. Select Next to Review your settings -4. Select Submit. The step-by-step guide then completes the initial setup. -5. Select View readiness assessment to complete the necessary actions required to [optimize your security posture](#prepare-your-environment-for-the-defender-experts-service). - +1. Select Next to confirm your contacts list and proceed to creating a Teams channel where you can also receive incident notifications. +1. Select Next to Review your settings. +1. Select Submit. The step-by-step guide then completes the initial setup. +1. Select View readiness assessment to complete the necessary actions required to [optimize your security posture](#prepare-your-environment-for-the-defender-experts-service). To edit or update your notification contacts after the initial setup, go to Settings > Defender Experts > Notification contacts. :::image type="content" source="../../media/xdr/who-to-contact-for-imp-matters-2.png" alt-text="Screenshot of notification contacts." lightbox="../../media/xdr/who-to-contact-for-imp-matters-2.png"::: +## Receive managed response notifications and updates in Microsoft Teams + +Apart from email and in-portal chat, you also have to option to use Microsoft Teams to receive updates about managed responses and communicate with our experts in real time. When this setting is turned on, a new team named Defender Experts team is created, where managed response notifications related to ongoing incidents are sent as new posts in the Managed response channel. Learn more about using Teams chat + +> [!IMPORTANT] +> Defender Experts will have access to all messages posted on any channel in the created Defender Experts team. To prevent Defender Experts from accessing messages in this team, select Apps in Teams > Manage your apps > Defender Experts > Remove. This removal action cannot be reversed. + +To turn on Teams notifications and chat: + +1. In the same Defender Experts settings setup, under Teams, select the Communicate on Teams checkbox. +2. Select Next to Review your settings. +3. Select Submit. The step-by-step guide then completes the initial setup. +4. Select View readiness assessment to complete the necessary actions required to [optimize your security posture](#prepare-your-environment-for-the-defender-experts-service). + +To turn on Teams notifications and chat after the initial setup, go to Settings > Defender Experts > Teams. ++ +You can add new members to the channel by navigating to Defender Experts team > More options (ΓÇª) > Manage team > Add member. + ## Prepare your environment for the Defender Experts service Apart from onboarding service delivery, our expertise on the Microsoft Defender XDR product suite enables Defender Experts for XDR to let you run a readiness assessment and help you get the most out of your Microsoft security products. The readiness assessment has two parts: > [!IMPORTANT] > Defender Experts for XDR reviews your readiness assessment periodically, especially if there are any changes to your environment, such as the addition of new devices and identities. It's important that you regularly monitor and run the readiness assessment beyond the initial onboarding to ensure that your environment has strong security posture to reduce risk. -When you complete all the required tasks and meet the onboarding targets in your readiness assessment, your service delivery manager (SDM) initiates the monitoring phase of the Defender Experts for XDR service. For a few days, our experts start monitoring your environment closely to identify latent threats, sources of risk, and normal activity. As we get better understanding of your critical assets, we can streamline the service and fine-tune our responses. +After youΓÇÖve completed all the required tasks and met the onboarding targets in your readiness assessment, your service delivery manager (SDM) initiates the monitoring phase of the Defender Experts for XDR service, where, for a few days, our experts start monitoring your environment closely to identify latent threats, sources of risk, and normal activity. As we get better understanding of your critical assets, we can streamline the service and fine-tune our responses. + +Once our experts begin to perform comprehensive response work on your behalf, youΓÇÖll start receiving [notifications about incidents](../defender/start-using-mdex-xdr.md#incident-notifications) that require remediation steps and targeted recommendations on critical incidents. You can also chat with our experts or your SDMs regarding important queries and regular business and security posture reviews, and [view real-time reports](../defender/start-using-mdex-xdr.md#understand-the-defender-experts-for-xdr-report) on the number of incidents weΓÇÖve investigated and resolved on your behalf. + ### Next step
security	Microsoft 365 Security Center Mdi	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-365-security-center-mdi.md	The table below lists the changes in navigation between Microsoft Defender for I \| Alert page \| Microsoft Defender XDR alert details page <br><br>Tip: Use [alert tuning](investigate-alerts.md#tune-an-alert) to optimize the alerts you see in Microsoft Defender XDR. \| \| Search \| Microsoft Defender XDR global search \| \| Health issues \| Microsoft Defender XDR Identities > Health issues \| -\| Entity activities \| - Advanced hunting <br>- Device page > Timeline <br>- Identity page > Timeline tab \| +\| Entity activities \| - Advanced hunting <br>- Device page > Timeline <br>- Identity page > Timeline tab <br>- Group pane > Timeline tab \| \| Settings \| Settings -> Identities \| \| Users and accounts \| Assets -> Identities \| \| Identity security posture \| [Microsoft Defender for Identity's security posture assessments](/defender-for-identity/security-assessment) \|
security	Start Using Mdex Xdr	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/start-using-mdex-xdr.md	- tier1 search.appverid: met150 Previously updated : 11/10/2023 Last updated : 01/18/2024 # Start using Defender Experts for XDR service Apart from these one-click actions, you can also receive managed responses from - Mark as skipped - Mark as new -#### Chat - -The Chat tab provides you with a space in the Microsoft Defender portal to engage with our experts and further understand the incident, our investigation, and the recommended actions we provided. You could ask about a malicious executable, malicious attachment, information about activity groups, advanced hunting queries, or any other information that would assist you with the incident resolution. +### Chat with Defender Experts > [!NOTE] > The chat option is only available for incidents where we issued managed response. +#### In-portal chat + +The Chat tab within the Microsoft Defender XDR portal provides you with a space to engage with our experts and further understand the incident, our investigation, and the recommended actions we provided. You could ask about a malicious executable, malicious attachment, information about activity groups, advanced hunting queries, or any other information that would assist you with the incident resolution. + +#### Teams chat + +Apart from using the in-portal chat, you also have the option to engage in real-time chat conversations with Defender Experts directly within Microsoft Teams, providing you and your SOC team additional flexibility when responding to incidents that require managed response. Learn more about turning on notifications and chat on Teams + +Once you turn on chat on Teams, a new team named Defender Experts team is created. An incident that requires your attention is posted on this teamΓÇÖs Managed response channel as a new post. To engage with our experts (for example, ask follow-up questions), use the Reply text bar to type your message. ++ +Important reminders when using the Teams chat: + +- Only reply to posts (announcing managed response is published on an incident) created by Defender Experts. When you create a new post, our experts might not be able to see it. +- Tag or mention our experts by typing @Defender Experts in your replies, so they are notified to join the chat conversation. +- DonΓÇÖt attach any attachments (for example, files for analysis) in the chat. For security reasons, Defender Experts won't be able to view the attachments. Instead, send them to appropriate submissions channels or provide links where they can be found in Microsoft Defender XDR portal. + +Conversations in the Teams chat about an incident are also synchronized with the incidentΓÇÖs Chat tab in the Microsoft Defender XDR portal so that you can see messages and updates about an investigation wherever you go. + +> [!IMPORTANT] +> Defender Experts will have access to all messages in any channel in this team. + ## Get visibility to Defender Experts investigations in your SIEM or ITSM application As Defender Experts for XDR investigate incidents and come up with remediation actions, you can have visibility to their work on incidents in your security information and event management (SIEM) and IT service management (ITSM) applications, including applications that are available out of the box.
security	Whats New In Microsoft Defender Urbac	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/whats-new-in-microsoft-defender-urbac.md	Last updated 11/8/2023 This article provides information about new features and important product updates for the latest release of Microsoft Defender XDR Unified role-based access control (RBAC). +## January 2024 + +Microsoft Defender XDR Unified RBAC is now generally available to GCC High and DoD customers. To learn more about the supported workloads and supported data sources, see [Microsoft Defender XDR Unified role-based access control (RBAC)](manage-rbac.md). + +The process of importing roles from individual workloads' RBAC models into Microsoft Defender XDR Unified RBAC has been improved. Admins can now view the permissions and assignment of a role before importing it by clicking the role name at the roles to import selection stage. + ## December 2023 ### Microsoft Defender XDR Unified RBAC is now generally available
security	Whats New	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/whats-new.md	ms.pagetype: security ms.localizationpriority: medium Previously updated : 01/15/2024 Last updated : 01/18/2024 audience: ITPro You can also get product updates and important notifications through the [messag ## January 2024 +- Defender Experts for XDR now lets you [receive managed response notifications and updates using Teams](get-started-xdr.md#receive-managed-response-notifications-and-updates-in-microsoft-teams). You can also chat with Defender Experts regarding incidents where managed response is issued. - (GA) Microsoft Defender for Cloud alerts integration with Microsoft Defender XDR is now generally available. Learn more about the integration in [Microsoft Defender for Cloud in Microsoft Defender XDR](microsoft-365-security-center-defender-cloud.md). - Activity log is now available within an incident page. Use the activity log to view all audits and comments, and add comments to the log of an incident. For details, see [Activity log](manage-incidents.md#activity-log). - (Preview) [Query history](advanced-hunting-query-history.md) in advanced hunting is now available. You can now rerun or refine queries you have run recently. Up to 30 queries in the past 28 days can be loaded in the query history pane.
security	Tenant Allow Block List Email Spoof Configure	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-allow-block-list-email-spoof-configure.md	To create block entries for spoofed senders, use any of the following methods: > > Email from these senders is marked as phishing. What happens to the messages is determined by the [anti-spam policy](anti-spam-policies-configure.md) that detected the message for the recipient. For more information, see the Phishing detection action in [EOP anti-spam policy settings](recommended-settings-for-eop-and-office365.md#eop-anti-spam-policy-settings). > -> When you configure a block entry for a domain pair, the spoofed sender becomes a manual allow entry that appears only on the Spoofed senders tab in the Tenant Allow/Block List. +> When you configure a block entry for a domain pair, the spoofed sender becomes a manual block entry that appears only on the Spoofed senders tab in the Tenant Allow/Block List. > > Block entries for spoofed senders never expire.
syntex	Archive Manage	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/archive/archive-manage.md	When you reactivate a site, its permissions, lists, pages, files, folder-structu Other than these two exceptions, you can expect the site to be unchanged. +## Change the archive status of site via PowerShell + +You can also change the status of an archived site by using the PowerShell cmdlet [Set-SPOSiteArchiveState](/powershell/module/sharepoint-online/set-spositearchivestate?view=sharepoint-ps). + ## Site templates supported +\|Template ID \|Template \| +\|\|\| +\|1 \|Document Workspace \| +\|4 \|Wiki Site \| +\|9 \|Blog \| +\|32 \|News Site \| +\|64 \|Team Site \| +\|68 \|Communication Site \| + + +<! \|Template ID \|Template \| \|\|\| \|0 \|Global \| Other than these two exceptions, you can expect the site to be unchanged. \|6115 \|Project Site \| \|6215 \|Microsoft Project Site \| \|14483 \|Records Center \| +>
syntex	Esignature Troubleshoot	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/esignature-troubleshoot.md	SharePoint eSignature is an extension of SharePoint document storage and managem Certain [conditional access](/entra/identity/conditional-access/overview) policies might determine whether an external recipient (signers outside of your organization or Microsoft 365 tenant) will be able sign a document. When this happens, the external signers might not be able to access the document for signing. In some other cases, they might be able to access the document for signing but the signing operation will be unsuccessful. One common way to resolve this is to contact your IT admin who will be able to add the eSignature app to the list of approved apps via the Microsoft Entra admin center. +## Unable to find the request emails +If you were sent an eSignature request and cannot find it in your email inbox, you should check your spam or junk folder. It is also good practice to mark the sender as non-spam so that future emails from the same sender go directly into your inbox. + ## Unable to sign a document as an external recipient When you receive a document for signing from someone outside of your organization, you might be able to access and read the document but the signing operation fails when you attempt to sign it. Other times, you might not be able to access and read the document. If you're experiencing any issues with signing a document sent from someone outside your organization, contact the sender who will be able to resolve the issue.
test-base	Faq	https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/faq.md	While for functional tests, you can specify whether a reboot is required for eac 4. If test running indeed exceeds 60 mins, split into multiple scripts below 60 mins. 1. Run all testing job in one central script which doesnΓÇÖt have time limit, monitor the status from multiple Test Base artifact scripts. +Q: How can I pause my active packages? + +A: To pause your active packages, follow these steps: +1. Go to the ΓÇÿManage packagesΓÇÖ page by clicking the link in the navigation bar. +2. Select the packages that you want to pause by checking the boxes next to package names. +3. Click the ΓÇÿDisable future testsΓÇÖ button at the top of the page. + +Note: The selected packages will be disabled for execution on all future OS updates that you have chosen. To resume the tests, you need to re-enable the packages by clicking the ΓÇÿEnable future testsΓÇÖ button. + ## Debugging options Q: Do we get access to the Virtual Machines (VMs) in case of failures? What does Test Base share?