-2. From the dashboard homepage, click on the **View more** button on the Active users - Microsoft 365 Apps card.

-2. From the dashboard homepage, click on the **View more** button on the Active users - Microsoft 365 Apps or the Active users - Microsoft 365 Services card to get to the Office 365 report page.

-description: "Get the OneDrive for Business Usage Report to learn more about the total number of files and storage used across your organization."

-# Microsoft 365 Reports in the admin center - OneDrive for Business usage

-For example, the OneDrive card on the dashboard gives you a high-level view of the value you are getting from OneDrive for Business in terms of the total number of files and storage used across your organization. You can then drill into it to understand the trends of active OneDrive accounts, how many files are users interacting with as well as the storage used. It also gives you details for each user's OneDrive.

-1. In the admin center, go to the **Reports**, and then select **Usage**.

-2. From the dashboard homepage, click on the **View more** button on the OneDrive card.

-The **OneDrive for Business usage** report can be viewed for trends over the last 7 days, 30 days, 90 days, or 180 days. However, if you select a particular day in the report, the table will show data for up to 28 days from the current date (not the date the report was generated).

-|URL <br/> |The web address for the user's OneDrive. Note: URL will be empty temporarily. <br/> |

-|Deleted <br/> |The deletion status of the OneDrive. It takes at least 7 days for accounts to be marked as deleted. <br/> |

-|Owner <br/> |The username of the primary administrator of the OneDrive. <br/> |

-|Owner principal name <br/> |The email address of the owner of the OneDrive. <br/> |

-|Last activity date (UTC) <br/> | The latest date a file activity was performed in the OneDrive. If the OneDrive has had no file activity, the value will be blank. <br/> |

-|Files <br/> |The number of files in the OneDrive. <br/>|

-|Active files <br/> | The number of active files within the time period.<br/> NOTE: If files were removed during the specified time period for the report, the number of active files shown in the report may be larger than the current number of files in the OneDrive. > Deleted users will continue to appear in reports for 180 days. <br/> |

-|Storage used (MB) <br/> |The amount of storage the OneDrive uses in MB. |

-| Site ID <br/> | The site ID of the site. |

-

-> The report only includes users who have a valid OneDrive for Business license.

-1. In the admin center, go to the **Reports** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=2074756" target="_blank">Usage</a> page.

-2. From the dashboard homepage, click on the **View more** button on the SharePoint card.

-> For tenants in Australia, Brazil, Canada, France, Germany, India, Japan, Qatar, South Korea, Norway, South Africa, Sweden, Switzerland, United Arab Emirates, and the United Kingdom, additional workloads are available for data residency commitments. For more information, see [Advanced Data Residency](advanced-data-residency.md).

-# Microsoft 365 network provider assessments (PREVIEW)

-Network availability is measured from the client and is defined using this formula.

-The Network Provider Index Chart (NPI Chart) shows aggregated performance and availability for network providers for a given State (or Province) and Country/region. The chart shows the largest network providers in that geography ordered by network performance. The chart also includes a Target Baseline entry, which shows average performance and availability for the best performing five network providers in the geography, excluding network providers with insignificant Office 365 usage.

-# Network provider connectivity attribution in the Microsoft 365 Admin Center (PREVIEW)

-## Network Provider Index Chart for the location

-The Network Provider Index Chart (NPI Chart) shows in an office location summary and lists large network providers that are being used by Office 365 customers in the same country/region and state as your office. We include availability and performance information attributed to these providers. This chart also shows a target baseline that shows what good performance observed in the same country/region and state looks like.

-[Microsoft 365 network connectivity test tool](office-365-network-mac-perf-onboarding-tool.md)

-When you first navigate to the network performance page, you'll have to configure your locations in order to see the map of global network performance, a network assessment scoped to the entire tenant, percentage of your users working remotely vs onsite, and a list of current issues to take action on and/or to research further. From the overview pane, you can drill down to view specific network performance metrics and issues by location. For more information, see [Network performance overview in the Microsoft 365 Admin Center](#network-connectivity-overview-in-the-microsoft-365-admin-center).

-## Pre-requisites for network connectivity assessments to appear

-To get started, turn on your location opt-in setting to automatically collect data from devices using Windows Location Services, go to your Locations list to add or upload location data, or run the Microsoft 365 network connectivity test from your office locations. These three options for office location information are detailed below. Whilst network connectivity can be evaluated across the organization, any network design improvements will need to be done for specific office locations. Network connectivity information is provided for each office location once those locations can be determined. There are three options for getting network assessments from your office locations:

-For this option, you must have at least two computers running at each office location that support the pre-requisites. OneDrive for Windows version must be up-to-date and installed on each computer. Network tests are only run no more than once a day at a random time. Network measurements are planned to be added to other Office 365 client applications soon.

-Measurement samples and office locations should start to appear 24 hours after these pre-requisites have been met. Office locations discovered from Windows Location Services are aggregated per City and are retained in your view for 90 days after samples are no longer received. If you choose to switch to office locations added by the Administrator with LAN subnet information you can disable Windows Location Services and hide all of the discovered locations. They will be removed after the 90 day period.

-Make sure that you also add locations in the **locations page** or import those from a CSV file. The locations added must include your office LAN subnet information. In the dialog for adding or editing a location, you can specify a number of LAN subnets and a number of public egress IP subnets. The LAN subnets are required and one of them must match the LAN subnet attribute on a received network assessment for results to show up. Super nets aren't supported so the LAN subnet must match exactly.

-Usually, LAN subnets are private IP address ranges as defined in RFC1918 such that the use of public IP addresses as the LAN subnets is likely to be incorrect. The dialog will show suggestions of LAN subnets that have been seen in recent network assessment tests for your organization so that you can choose.

-If you add public egress IP addresses, these are used as a secondary differentiator and are intended for when you have multiple sites using the same LAN subnet IP address ranges. To make sure your test results show up, you should start by leaving the public egress IP address ranges blank. If they are included, then a test result must match both one of the LAN subnet IP address ranges and one of the public egress IP address ranges.

-All test measurements from client machines include the LAN subnet information, which is correlated with the office location details that you've entered. Measurement samples and office locations should start to appear 24 hours after these pre-requisites have been met.

-Test reports are linked to a location if it was added with LAN subnet information, otherwise they are shown at the discovered City location only.

-Complex enterprises with multiple office locations and non-trivial network perimeter architectures can benefit from this information either during their initial onboarding to Microsoft 365 or to remediate network performance issues discovered with usage growth. This is usually not necessary for small businesses using Microsoft 365, or any enterprises who already have simple and direct network connectivity. Enterprises with over 500 users and multiple office locations are expected to benefit the most.

-Home user networking insights are aggregated and reported at a city level and limited to cities with a minimum of 5 remote employees. We are not identifying individual employees working from home.

-The details tab on the office location page shows the specific measurement results that were used to come up with any insights, recommendations, and the network assessment. This is provided so that network engineers can validate the recommendations and factor in any constraints or specifics in their environment. You will also find the estimated number of users for collected samples at that office locations as well as the remote workers in that city.

-By default, the network assessments for your organization and the network insights are shared with Microsoft employees. This does not include any personal data from your staff but only the specific network assessment metrics and network insights shown in the admin center for your office locations. It also does not include your office location names or street addresses so you would need to tell them the city and support ID of the office you want to discuss. If this is turned off, the Microsoft engineers that you are discussing your network connectivity with cannot view any of this information. Enabling this setting only shares future data starting the day after you enable it.

-1. Click the **Download current office locations (.csv)** link to export the current locations list to a CSV file, and save it to your local hard disk. This will provide you with a correctly formatted CSV with column headings to which you can add locations. You can leave the existing exported locations as they are; they will not be duplicated when you import the updated CSV. If you wish to change the address of an existing location, it will be updated when you import the CSV. You cannot change the address of a discovered city.

- 1. **Egress IP Address ranges 1-5** (optional): For each range, enter the circuit name followed by a space separated list of valid IPv4 CIDR addresses. These values are used to differentiate multiple office locations where you use the same LAN subnet IP Addresses. Egress IP Address ranges all must be /24 network size and the /24 is not included in the input.

-1. The file will be automatically validated. If there are validation errors, you will see the error message: _There are some errors in the import file. Review the errors, correct the import file, and then try again._ Click the link **Open error details** for a list of specific field validation errors.

-1. If there are no errors in the file, you will see the message: _The report is ready. Found x locations to add and x locations to update._ Click the **Import** button to upload the CSV.

-4. Click the **Browse** button next to the **Select a .tsv file to upload** field and select the saved TSV file. Please make sure the value in the file is tab separated.

-6. If there are no errors in the file, you will see the message: _Your file test.tsv is uploaded and ready. Select Import to upload your information._

-The Microsoft 365 service front door is an entry point on Microsoft's global network where Office clients and services terminate their network connection. For an optimal network connection to Microsoft 365, it is recommended that your network connection is terminated into the closest Microsoft 365 front door.

-An optimal Microsoft 365 service front door is one that is closest to your network egress, generally in your city or metro area. Use the [Microsoft 365 connectivity test tool](office-365-network-mac-perf-onboarding-tool.md) to determine the location of your in-use Microsoft 365 service front door and optimal service front door. If the tool determines your in-use front door is optimal, you are optimally connecting to Microsoft's global network.

-## Related topics

-## Use the Microsoft Graph PowerShell SDK

-```

-## Use the Azure Active Directory PowerShell for Graph module

-First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-azure-active-directory-powershell-for-graph-module).

-

-Next, list the license plans for your tenant with this command.

-```powershell

-Get-AzureADSubscribedSku | Select SkuPartNumber

-```

-Use these commands to list the services that are available in each licensing plan.

-```powershell

-$allSKUs=Get-AzureADSubscribedSku

-$licArray = @()

-for($i = 0; $i -lt $allSKUs.Count; $i++)

-{

-$licArray += "Service Plan: " + $allSKUs[$i].SkuPartNumber

-$licArray += Get-AzureADSubscribedSku -ObjectID $allSKUs[$i].ObjectID | Select -ExpandProperty ServicePlans

-$licArray += ""

-}

-$licArray

-```

-Use these commands to list the licenses that are assigned to a user account.

-```powershell

-$userUPN="<user account UPN, such as belindan@contoso.com>"

-$licensePlanList = Get-AzureADSubscribedSku

-$userList = Get-AzureADUser -ObjectID $userUPN | Select -ExpandProperty AssignedLicenses | Select SkuID

-$userList | ForEach { $sku=$_.SkuId ; $licensePlanList | ForEach { If ( $sku -eq $_.ObjectId.substring($_.ObjectId.length - 36, 36) ) { Write-Host $_.SkuPartNumber } } }

-```

-## Use the Microsoft Azure Active Directory module for Windows PowerShell

-First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell).

-Next, run this command to list the licensing plans that are available in your organization.

-```powershell

-Get-MsolAccountSku

-```

->[!Note]

->PowerShell Core does not support the Microsoft Azure Active Directory module for Windows PowerShell module and cmdlets with **Msol** in their name. To continue using these cmdlets, you must run them from Windows PowerShell.

->

-Next, run this command to list the services that are available in each licensing plan, and the order in which they are listed (the index number).

-```powershell

-(Get-MsolAccountSku | where {$_.AccountSkuId -eq "<AccountSkuId>"}).ServiceStatus

-```

-

-Use this command to list the licenses that are assigned to a user, and the order in which they are listed (the index number).

-```powershell

-Get-MsolUser -UserPrincipalName <user account UPN> | Format-List DisplayName,Licenses

-```

-### To view services for a user account

-To view all the Microsoft 365 services that a user has access to, use the following syntax:

-

-```powershell

-(Get-MsolUser -UserPrincipalName <user account UPN>).Licenses[<LicenseIndexNumber>].ServiceStatus

-```

-This example shows the services to which the user BelindaN@litwareinc.com has access. This shows the services that are associated with all licenses that are assigned to her account.

-

-```powershell

-(Get-MsolUser -UserPrincipalName belindan@litwareinc.com).Licenses.ServiceStatus

-```

-This example shows the services that user BelindaN@litwareinc.com has access to from the first license that's assigned to her account (the index number is 0).

-

-```powershell

-(Get-MsolUser -UserPrincipalName belindan@litwareinc.com).Licenses[0].ServiceStatus

-```

-To view all the services for a user who has been assigned *multiple licenses*, use the following syntax:

-```powershell

-$userUPN="<user account UPN>"

-$AllLicenses=(Get-MsolUser -UserPrincipalName $userUPN).Licenses

-$licArray = @()

-for($i = 0; $i -lt $AllLicenses.Count; $i++)

-{

-$licArray += "License: " + $AllLicenses[$i].AccountSkuId

-$licArray += $AllLicenses[$i].ServiceStatus

-$licArray += ""

-}

-$licArray

-<!--Worldwide endpoints version 2023120100-->

-<!--File generated 2023-11-30 17:00:11.7706-->

-10 | Allow<BR>Required | Yes | `*.mail.protection.outlook.com`<BR>`40.92.0.0/15, 40.107.0.0/16, 52.100.0.0/14, 104.47.0.0/17, 2a01:111:f400::/48, 2a01:111:f403::/48` | **TCP:** 25

-56 | Allow<BR>Required | Yes | `*.auth.microsoft.com, *.msftidentity.com, *.msidentity.com, account.activedirectory.windowsazure.com, accounts.accesscontrol.windows.net, adminwebservice.microsoftonline.com, api.passwordreset.microsoftonline.com, autologon.microsoftazuread-sso.com, becws.microsoftonline.com, ccs.login.microsoftonline.com, clientconfig.microsoftonline-p.net, companymanager.microsoftonline.com, device.login.microsoftonline.com, graph.microsoft.com, graph.windows.net, login.microsoft.com, login.microsoftonline.com, login.microsoftonline-p.com, login.windows.net, logincert.microsoftonline.com, loginex.microsoftonline.com, login-us.microsoftonline.com, nexus.microsoftonline-p.com, passwordreset.microsoftonline.com, provisioningapi.microsoftonline.com`<BR>`20.20.32.0/19, 20.190.128.0/18, 20.231.128.0/19, 40.126.0.0/18, 2603:1006:2000::/48, 2603:1007:200::/48, 2603:1016:1400::/48, 2603:1017::/48, 2603:1026:3000::/48, 2603:1027:1::/48, 2603:1036:3000::/48, 2603:1037:1::/48, 2603:1046:2000::/48, 2603:1047:1::/48, 2603:1056:2000::/48, 2603:1057:2::/48` | **TCP:** 443, 80

-59 | Default<BR>Required | No | `*.hip.live.com, *.microsoftonline.com, *.microsoftonline-p.com, *.msauth.net, *.msauthimages.net, *.msecnd.net, *.msftauth.net, *.msftauthimages.net, *.phonefactor.net, enterpriseregistration.windows.net, policykeyservice.dc.ad.msft.net` | **TCP:** 443, 80

-114 | Default<BR>Optional<BR>**Notes:** Office Mobile URLs | No | `*.appex.bing.com, *.appex-rf.msn.com, c.bing.com, c.live.com, d.docs.live.net, docs.live.net, partnerservices.getmicrosoftkey.com, signup.live.com` | **TCP:** 443, 80

-| **Can I customize the extent of managed response?** | You can configure the extent to which our experts do managed response actions on your behalf by excluding certain devices and users (individually or by groups) either during onboarding or later by modifying your service's settings. [Read more about excluding device and user groups](../defender/get-started-xdr.md#exclude-devices-and-users-from-remediation) |

-1. If you wish to [exclude device and user groups](#exclude-devices-and-users-from-remediation) in your organization from remediation actions, select **Manage exclusions**.

-## Exclude devices and users from remediation

-Defender Experts for XDR lets you exclude devices and users from remediation actions taken by our experts and instead get remediation guidance for those entities. These exclusions are based on identified [device groups](../defender-endpoint/machine-groups.md) in Microsoft Defender for Endpoint and identified [user groups](/entra/fundamentals/concept-learn-about-groups) in Microsoft Entra ID.

-**To exclude user groups:**

-> Incident comments are one-way posts. Defender Experts can't respond to any comments or questions you add in the **Comments and history** panel. If you wish to correspond with our experts, reply to the email Defender Experts sent you instead.

-Otherwise, if an incident is classified as _True Positive_, our experts then identify the required response actions that need to be performed. The method in which the actions are performed depends on the permissions and access levels you have given the Defender Experts for XDR service. [Learn more about granting permissions to our experts](get-started-xdr.md#grant-permissions-to-our-experts).

-description: Admins can learn how to use the configuration analyzer to find and fix security policies that are below the settings in Standard protection and Strict protection in preset security policies.

-Configuration analyzer in the Microsoft Defender portal provides a central location to find and fix security policies where the settings are below the Standard protection and Strict protection profile settings in [preset security policies](preset-security-policies.md).

-The rest of the tab is the table of settings that need to be brought up to the level Standard or Strict protection. The table contains the following columns:

-### Change a policy setting to the recommended value

-On the **Standard protection** or **Strict protection** tab of the configuration analyzer, select the row in the table. The following buttons appear:

-If you select a row and click **Apply recommendation**, a confirmation dialog (with the option to not show the dialog again) appears. If you click **OK**, the following things happen:

-If you select a row and click **View policy** you're taken to the details flyout of the affected policy in the Microsoft Defender portal where you can manually update the setting.

-After you automatically or manually update the setting, click **Refresh** to see the reduced number of recommendations and the removal of the updated row from the results.

-This tab allows you to track the changes that have been made to your security policies and how those changes compare to the Standard or Strict settings. By default, the following information is displayed:

-To filter the results, click **Filter**. In the **Filters** flyout that appears, you can select from the following filters:

-When you're finished, click **Apply**.

-To export the results to a .csv file, click **Export**.

-To filter the results by a specific **Modified by**, **Setting name**, or **Type** value, use the **Search** box.