+Microsoft understands how critical these considerations are, which is why we employ a robust defense-in-depth strategy to help protect productivity tools like Microsoft 365 Copilot against security risks. This multi-layered approach involves a combination of advanced threat intelligence, rigorous security practices, and proactive safeguards. For example, in addition to our own red-teaming exercises to test Microsoft 365 Copilot, we engaged Casaba Security to test nine Copilot implementations across the Microsoft 365 product suite. We promptly addressed and resolved the findings of [their testing](https://servicetrust.microsoft.com/DocumentPage/67d59873-b315-4768-a057-8583cd84680a), which focused on identifying Open Worldwide Application Security Project's (OWASP) top 10 for LLM as well as traditional security vulnerabilities in supporting application infrastructure.

+Microsoft safeguards privacy, security, and reliability for Microsoft 365 CopilotΓÇÖs AI features, from the user input stage through the system output stage. Microsoft 365 Copilot is compliant with our existing [privacy, security, and compliance commitments](microsoft-365-copilot-privacy.md), including the General Data Protection Regulation (GDPR) and European Union (EU) Data Boundary. In keeping with these commitments, Microsoft handles the information in any prompts entered using Copilot, and the retrieved data and generated responses remain secured as Customer Data and subject to our contractual data handling requirements.

+The data that it uses to generate responses is processed by Microsoft pursuant to contractual data handling requirements, including being encrypted in transit, helping safeguard privacy and prevent data leakage. In addition, Microsoft 365 data, including data from Microsoft Graph and SharePoint, adheres to access control and auditing mechanisms.

+Microsoft 365 Copilot uses pretrained LLM models hosted by Microsoft; it doesnΓÇÖt use Customer Data to train these models. In addition, prompt and grounding data isnΓÇÖt used to train AI models and is never shared with OpenAI or other third parties.

+### How does Microsoft treat my prompts and responses?

+Microsoft treats prompts and responses as we treat other more traditional forms of content like emails, documents, and chats, and our contractual commitments are the same.

+Prompts, responses, and Customer Data accessed through Microsoft Graph aren't used to train foundation LLMs, including those used by Microsoft 365 Copilot. Product improvements are driven through techniques such as customer-reported incidents and synthetic prompt generation.

+- [Review information protection considerations](/purview/ai-microsoft-purview-considerations#information-protection-considerations-for-copilot) for Copilot. Microsoft 365 Copilot honors EXTRACT permissions and automatically [inherits sensitivity labels](/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance/microsoft-purview-service-description#microsoft-purview-information-protection-sensitivity-labeling) from referenced content to Copilot-generated responses and files.

+If you discover new vulnerabilities in any AI platform, we encourage you to follow responsible disclosure practices for the platform owner. MicrosoftΓÇÖs own procedure (for Copilot) is explained in this page: [Microsoft AI Bounty Program](https://www.microsoft.com/msrc/bounty-ai).

+> Users might need to relaunch Microsoft 365 to view the add-in icon on the app ribbon. Add-ins can take up to 24 hours to appear on app ribbons.

+[Deploy and manage Office add-ins](office-addins.md) (article)\

+## Watch: View, download, or print your bill

+Check out this video and others on our [YouTube channel](https://go.microsoft.com/fwlink/?linkid=2198016).

+> [!VIDEO 657e4bbf-a476-459f-9fba-58ca5e441f9f]

+ - If you're using the **Simplified view**, select **Billing**, then select **View invoices**.

+ Title: "External Domain Name System records for Microsoft 365"

+description: A reference list of external Domain Name System records to use when planning a Microsoft 365 deployment.

+# External Domain Name System records for Microsoft 365

+**Want to see a customized list of DNS records for your Microsoft 365 organization?** You can [find the info you need to create Microsoft 365 DNS records](../admin/get-help-with-domains/information-for-dns-records.md) for your domain in Microsoft 365.

+**Sticking around to use the reference list for your own custom deployment?** The following list should be used as a reference for your custom Microsoft 365 deployment. You need to select which records apply to your organization and fill in the appropriate values.

+**Go back to** [Network planning and performance tuning for Microsoft 365](./network-planning-and-performance.md).

+The following sections are organized by service in Microsoft 365. To see a customized list of the Microsoft 365 DNS records for your domain, sign in to Microsoft 365 and [Gather the information you need to create Microsoft 365 DNS records](https://support.office.com/article/77f90d4a-dc7f-4f09-8972-c1b03ea85a67).

+## External DNS records required for Microsoft 365 (core services)

+The CNAME record is only required for customers using [Microsoft 365 operated by 21Vianet](/microsoft-365/admin/services-in-china/services-in-china). It ensures that Microsoft 365 can direct workstations to authenticate with the appropriate identity platform.

+|**TXT** <br/> **(Domain verification)**|Used by Microsoft 365 to verify only that you own your domain. It doesn't affect anything else.|**Host:** @ (or, for some DNS hosting providers, your domain name) <br/> **TXT Value:** _A text string provided by_ Microsoft 365 <br/> The Microsoft 365 **domain setup wizard** provides the values that you use to create this record.|All customers|

+|**CNAME** <br/> **(Suite)**|Used by Microsoft 365 to direct authentication to the correct identity platform. [More information](../admin/services-in-chin?viewFallbackFrom=o365-worldwide) <br/> **Note** that this CNAME only applies to Microsoft 365 operated by 21Vianet. If present and your Microsoft 365 isn't operated by 21Vianet, users on your custom domain get a "*custom domain* isn't in our system" error and aren't able to activate their Microsoft 365 license. [More information](/office365/servicedescriptions/office-365-platform-service-description/office-365-operated-by-21vianet) |**Alias:** msoid <br/> **Target:** clientconfig.partner.microsoftonline-p.net.cn| 21Vianet customers only|

+## External DNS records required for email in Microsoft 365 (Exchange Online)

+Email in Microsoft 365 requires several different records. The three primary records that all customers should use are the Autodiscover, MX, and SPF records.

+- **The MX record** tells other mail systems where to send email for your domain. **Note:** When you change your email to Microsoft 365, by updating your domain's MX record, ALL email sent to that domain starts coming to Microsoft 365.

+Do you just want to switch a few email addresses to Microsoft 365? You can [Pilot Microsoft 365 with a few email addresses on your custom domain](https://support.office.com/article/39cee536-6a03-40cf-b9c1-f301bb6001d7).

+|**MX** <br/> **(Exchange Online)**|Sends incoming mail for your domain to the Exchange Online service in Microsoft 365. <br/> **Note:** Once email is flowing to Exchange Online, you should remove the MX records that are pointing to your old system. |**Domain:** For example, contoso.com <br/> **Target email server:**\<MX token\>.mail.protection.outlook.com <br/> **Time To Live (TTL) Value:** 3600 <br/> **Preference/Priority:** Lower than any other MX records (this ensures mail is delivered to Exchange Online) - for example 1 or 'low' <br/> Find your \<MX token\> by following these steps: <br/> Sign in to Microsoft 365, go to Microsoft 365 admin \> Domains. <br/> In the Action column for your domain, choose Fix issues. <br/> In the MX records section, choose What do I fix? <br/> Follow the directions on this page to update your MX record. <br/> [What is MX priority?](../admin/setup/domains-faq.yml)|

+There are specific steps to take when you use [Microsoft 365 URLs and IP address ranges](urls-and-ip-address-ranges.md) to make sure your network is configured correctly.

+|**SRV** <br/> **(Federation)**|Allows your Microsoft 365 domain to share instant messaging (IM) features with external clients by enabling SIP federation.|**Domain:** \<domain> <br/> **Service:** sipfederationtls <br/> **Protocol:** TCP <br/> **Priority:** 100 <br/> **Weight:** 1 <br/> **Port:** 5061 <br/> **Target:** sipfed.online.lync.com <br/> **Note:** If the firewall or proxy server blocks SRV lookups on an external DNS, you should add this record to the internal DNS record. |

+## External DNS records required for Microsoft 365 Single Sign-On

+> SPF is designed to help prevent spoofing, but there are spoofing techniques that SPF cannot protect against. In order to protect against these, once you have set up SPF, you should also configure DKIM and DMARC for Microsoft 365. To get started, see [Use DKIM to validate outbound email sent from your domain in Microsoft 365](../security/office-365-security/email-authentication-dkim-configure.md). Next, see [Use DMARC to validate email in Microsoft 365](../security/office-365-security/email-authentication-dmarc-configure.md).

+All SPF records contain three parts: the declaration that it's an SPF record, the domains, and IP addresses that should be sending email, and an enforcement rule. You need all three in a valid SPF record. Here's an example of a common SPF record for Microsoft 365 when you use only Exchange Online email:

+An email system that receives an email from your domain looks at the SPF record. If the email server that sent the message was a Microsoft 365 server, the message is accepted. If the server that sent the message was your old mail system or a malicious system on the Internet, for example, the SPF check might fail and the message wouldn't be delivered. Checks like this help to prevent spoofing and phishing messages.

+For scenarios where you're not just using Exchange Online email for Microsoft 365 (for example, when you use email originating from SharePoint Online as well), use the following table to determine what to include in the value of the record.

+> If you have a complicated scenario that includes, for example, edge email servers for managing email traffic across your firewall, you'll have a more detailed SPF record to set up. For more information, see [Set up SPF records in Microsoft 365 to help prevent spoofing](../security/office-365-security/email-authentication-spf-configure.md).

+If you already have an SPF record, you need to add or update values for Microsoft 365. For example, say your existing SPF record for contoso.com is the following:

+Now you're updating your SPF record for Microsoft 365. You edit your current record so you have an SPF record that includes the values that you need. For Microsoft 365, "spf.protection.outlook.com".

+If you're using the full Microsoft 365 suite and are using MailChimp to send marketing emails on your behalf, your SPF record at contoso.com might look like the following, which uses rows 1, 3, and 5 from the preceding table. Remember, rows 1 and 5 are required.

+Alternatively, if you have an Exchange Hybrid configuration where email is sent from both Microsoft 365 and your on-premises mail system, your SPF record at contoso.com might look like this:

+These are some common examples that can help you adapt your existing SPF record when you add your domain to Microsoft 365 for email. If you have a complicated scenario that includes, for example, edge email servers for managing email traffic across your firewall, you have a more detailed SPF record to set up. Learn how: [Set up SPF records in Microsoft 365 to help prevent spoofing](../security/office-365-security/email-authentication-spf-configure.md).

+The operational hierarchy coupled with this metadata enables frontline experiences, like [targeted announcements in Viva Connections](/viv) (Preview), and numerous frontline apps and capabilities, like task publishing, in the future. Start setting up your operational hierarchy today to get the full value of these upcoming features as they're released.

+- [Set up open shifts across locations in Shifts for your frontline](set-up-open-shifts-across-locations.md) (Preview)

+ Title: Deploy frontline teams with flexible membership

+audience: admin

+search.appverid: MET150

+description: Learn how to deploy and manage frontline teams with flexible membership for your organization in the Teams admin center.

+ms.localizationpriority: medium

+ - M365-collaboration

+ - m365-frontline

+appliesto:

+ - Microsoft Teams

+ - Microsoft 365 for frontline workers

+# Deploy frontline teams with flexible membership

+> [!NOTE]

+> This feature is currently in private preview.

+## Overview

+Create and manage frontline teams in bulk to drive communication and collaboration for every location in your frontline workforce. Team membership of your frontline teams is automatically synced with your frontline workersΓÇÖ [Microsoft Entra attributes](/entra/external-id/customers/how-to-define-custom-attributes). As team owners, frontline managers at each of your locations, like department heads, store leads, and warehouse managers, can manually add or remove members.

+> [!NOTE]

+> If you would like to provide feedback and help improve this feature, fill out this [form](https://forms.office.com/r/MPfxrGG9h4).

+## How it works

+In the setup process, you:

+- Select Microsoft 365 dynamic groups that include your frontline workers.

+- Select an attribute that represents the location of each frontline worker to divide them into location-based teams.

+- Choose a team template to standardize the channel structure in Teams across all your teams.

+- Select Microsoft 365 dynamic groups that include all the frontline managers for all your frontline locations who should be given team owner privileges for each of their frontline teams.

+- Define department and job titles of your frontline workers (optional).

+After submitting your setup, you can see which locations you can create teams for based on the dynamic groups you submitted. Then, you can choose which locations you want to create frontline teams for. You can always go back and edit your frontline settings, too.

+Team membership is automatically managed over time through the power of dynamic rules. As frontline workers are onboarded and offboarded, and as they change locations, their memberships in these teams are updated accordingly. Additionally, frontline managers who are given the team owner role have the flexibility to add or remove frontline workers.

+> [!IMPORTANT]

+> Changes that frontline managers make override any changes made by dynamic rules. Here's some examples:

+>

+>- User1 is added to a team based on dynamic rules. The frontline manager of the team then manually removes user1. In this scenario, user1 won't be added to the team again unless the frontline manager manually adds user1 back to the team.

+>- A frontline manager adds a user from the Location A team to their Location B team. In this scenario, the user is still a member of the Location A team based on dynamic rules and now part of the Location B team by the manual addition. This user won't be removed from the Location B team unless the frontline manager manually removes the user. In this way, frontline workers can be part of multiple teams at the same time.

+## Before you begin

+### Prerequisites

+- Users must have a Microsoft 365 F3, F1, E3, or E5 license. If a user doesn't have one of these licenses, they need a Microsoft Entra ID P1 add-on license to use dynamic teams. [Learn more about frontline licensing](flw-licensing-options.md).

+- Ensure you can define your frontline workers and managers and their work locations through data available in Microsoft Entra ID. If you don't have this data in Microsoft Entra ID, you can sync it through a [human capital management (HCM) connector](/azure/active-directory/app-provisioning/plan-cloud-hr-provision) or [use the PowerShell solution](deploy-teams-at-scale.md) to create static teams at scale.

+ - All your frontline workers should be added to up to 32 Microsoft 365 dynamic groups.

+ - All your frontline managers at each of your frontline locations should be added to up to 20 Microsoft 365 dynamic groups.

+ - There must be one attribute consistent across all frontline workers and managers that represents their frontline location.

+- If you want to enable [targeted communications](set-up-targeted-communications.md), ensure you can map the attributes of your frontline workers through data available in Microsoft Entra ID. If user profile information doesnΓÇÖt yet include job title or department, you can add it. [Learn more about how to add or update a userΓÇÖs profile information in Microsoft Entra ID](/entra/fundamentals/how-to-manage-user-profile-info).

+### Admin role to run the deployment

+To complete the steps in this article, you must be a Global Administrator or a Teams Administrator who is assigned a custom role (as described in this section) in Microsoft Entra ID with specific permissions.

+> [!IMPORTANT]

+> Microsoft recommends that you use roles with the fewest permissions. This helps improve security for your organization. Global Administrator is a highly privileged role that should be limited to emergency scenarios when you can't use a less-privileged role.

+To give Teams Administrators the ability to complete setup and deploy frontline teams, follow these steps to create the custom role and assign it to Teams Administrators.

+#### Create the custom role

+1. Sign in to the Microsoft Entra admin center as at least a [Privileged Role Administrator](/entra/identity/role-based-access-control/permissions-reference#privileged-role-administrator).

+1. Go to the [Roles and administrators](https://entra.microsoft.com/#view/Microsoft_AAD_IAM/RolesManagementMenuBlade/~/AllRoles) page, and then select **New custom role**.

+1. On the **Basics** tab:

+ 1. Provide a name for the role. Optionally, enter a description.

+ 1. Make sure **Baseline permissions** is set to **Start from scratch** (the default setting).

+1. On the **Permissions** tab, select the following permissions:

+ - **microsoft.directory/groups/create**

+ - **microsoft.directory/groups/dynamicMembershipRule/update**

+ - **microsoft.directory/servicePrincipals/create**

+1. On the **Review + create** tab, review the role definition, and then choose **Create**.

+ :::image type="content" source="media/frontline-teams-custom-role.png" alt-text="Screenshot of the Review + create tab for reviewing the role definition of the new custom role." lightbox="media/frontline-teams-custom-role.png":::

+#### Assign the custom role

+1. Sign in to the Microsoft Entra admin center as at least a [Privileged Role Administrator](/entra/identity/role-based-access-control/permissions-reference#privileged-role-administrator).

+1. Go to the [Roles and administrators](https://entra.microsoft.com/#view/Microsoft_AAD_IAM/RolesManagementMenuBlade/~/AllRoles) page, and then select the name of the new custom role you created.

+1. Choose **Add assignments**.

+1. Under **Select member(s)**, choose **No member selected**.

+ :::image type="content" source="media/frontline-teams-custom-role-members.png" alt-text="Screenshot of the No member selected option.":::

+1. Select the Teams Administrators to which you want to assign the custom role. Choose **Next**.

+1. On the **Setting** tab, set **Assignment type** as **Active**.

+ :::image type="content" source="media/frontline-teams-custom-role-assignment-type.png" alt-text="Screenshot of the Setting tab, showing assignment type and justification.":::

+1. Provide a justification, and then choose **Assign**.

+## Set up your frontline teams

+1. In the left navigation of the [Teams admin center](https://admin.teams.microsoft.com), choose **Frontline deployment** > **Manage frontline teams**.

+2. In the table, choose **Set up**.

+ :::image type="content" source="media/frontline-teams-setup.png" alt-text="Screenshot of the Manage frontline teams page, showing the Set up button." lightbox="media/frontline-teams-setup.png":::

+1. On the Overview page, review the setup and prerequisites information.

+1. On the Frontline workers page, select the Microsoft 365 dynamic groups that include your frontline workers. You can choose up to 32 Microsoft 365 dynamic groups. You can change these groups, as needed, after you submit your setup.

+ :::image type="content" source="media/frontline-teams-select-groups.png" alt-text="Screenshot showing where to add dynamic groups that include the frontline workers in your organization." lightbox="media/frontline-teams-select-groups.png":::

+1. On the Location page, select a Microsoft Entra attribute or a [custom user attribute](/entra/external-id/user-flow-add-custom-attributes) that defines the location your frontline employees work in. You can only choose one location attribute. You can change the attribute, as needed, after you submit your setup.

+ All custom attributes are case sensitive and must start with an "extension_" prefix. Only custom attributes of the String data type are supported.

+ :::image type="content" source="media/frontline-teams-location-attribute.png" alt-text="Screenshot showing where to enter your Microsoft Entra attribute that identifies the location where your frontline employees work." lightbox="media/frontline-teams-location-attribute.png":::

+1. On the Team settings page, define a naming pattern for your teams by choosing a prefix. The prefix is applied using the "prefix-location" format to all your teams.

+ :::image type="content" source="media/frontline-teams-team-settings.png" alt-text="Screenshot of the Team settings page showing options for prefix, team template, and adding team owner groups." lightbox="media/frontline-teams-team-settings.png":::

+1. Choose a team template. The team template you choose defines the channel structure for all your frontline teams. [Learn more about team templates](/microsoftteams/get-started-with-teams-templates-in-the-admin-console).

+ > [!NOTE]

+ > Currently, only team templates that are set to the English (United States) locale are supported. Keep in mind that the locale doesn't affect translation of the template or data residency. The locale setting is used only to distinguish between templates that have the same name that are created in different languages.

+1. Select up to 20 Microsoft 365 dynamic groups that include at least one frontline worker from each location to be made team owner.

+ Every location you want to deploy must have at least one frontline worker set as team owner. Team owners can add or remove membership from their frontline teams. For example, team owners can be your frontline managers, department heads, and/or leads.

+

+ You can change these groups, as needed, after you submit your setup.

+1. On the Map frontline attributes page, select the Microsoft Entra attributes that most accurately reflect the departments and job titles in your organization. You can set the **Department attribute**, **Job title attribute**, or both.

+ > [!NOTE]

+ > This step is optional. If you choose not to map frontline attributes, leave the values as **None**. You can always come back and map them later on the [Frontline teams settings page](#edit-your-frontline-teams-settings).

+ :::image type="content" source="media/frontline-teams-map-attributes.png" alt-text="Screenshot showing where to map your Microsoft Entra attributes for Job title and Department." lightbox="media/frontline-teams-map-attributes.png":::

+ These attributes map departments and job titles in your organization, which allows you to deliver targeted communications features, such as [automatic tags](set-up-targeted-communications.md#automatic-tags), to your frontline. Your frontline workers can quickly and easily reach the right group of people through tags that are automatically created based on the attribute mappings. [Learn more about attribute mapping and targeted communications](set-up-targeted-communications.md).

+1. Review your settings, and then choose **Submit.**

+ :::image type="content" source="media/frontline-teams-submit-setup.png" alt-text="Screenshot of the Review summary page, showing a summary of settings and the Submit button." lightbox="media/frontline-teams-submit-setup.png":::

+ > [!NOTE]

+ > Setup can take several hours to run. Refresh the Manage frontline teams page to get the latest status.

+## Deploy your frontline teams

+1. After setup is completed, go to the Manage frontline teams page, and then select the **Deploy** button.

+ :::image type="content" source="media/frontline-teams-deploy.png" alt-text="Screenshot of the Manage frontline teams page, showing the Deploy button." lightbox="media/frontline-teams-deploy.png":::

+1. On the Deploy frontline teams page, you can review your settings and view the list of locations that don't yet have a frontline team created.

+1. In the table, select the locations that you want to create teams for.

+ :::image type="content" source="media/frontline-teams-deploy-teams.png" alt-text="Screenshot of the table of locations." lightbox="media/frontline-teams-deploy-teams.png":::

+1. Select **Deploy**. This process can take several hours depending on how many teams you're creating.

+ After deployment is completed, you'll see the number of deployed frontline teams in the **Frontline teams** card. You can also download a CSV file with a list of those teams.

+ :::image type="content" source="media/frontline-teams-deploy-completed.png" alt-text="Screenshot showing the Frontline teams card and the Deployment health card on the Manage frontline teams page." lightbox="media/frontline-teams-deploy-completed.png":::

+ If an error occurred during the deployment process, you can download the error CSV file on the **Deployment health** card. Use the information in it to help resolve the errors, and then rerun the deployment experience

+1. You can repeat this process for any frontline locations that don't have a team.

+## Manage your frontline teams

+You can manage your teams when changes happen in your organization.

+### Create new teams for newly opened locations

+1. In the left navigation of the [Teams admin center](https://admin.teams.microsoft.com), choose **Frontline deployment** > **Manage frontline teams**.

+1. In the table, choose **Deploy**.

+1. Select the **Refresh location** button, and then proceed when prompted by the dialog box. This process can take several hours depending on the number of new locations.

+ :::image type="content" source="media/frontline-teams-refresh-locations.png" alt-text="Screenshot of the Refresh location button." lightbox="media/frontline-teams-refresh-locations.png":::

+1. After the refresh is completed, your setup status shows as **Complete**. You can proceed to [deploy your new teams](#deploy-your-frontline-teams). Deployment can take several hours depending on how many new teams you're deploying.

+### Edit your frontline teams settings

+1. In the left navigation of the [Teams admin center](https://admin.teams.microsoft.com), choose **Frontline deployment** > **Manage frontline teams**.

+1. In the **Deployment settings** column, choose **Deploy frontline teams**.

+1. On the Frontline teams settings page, edit your settings, and then select **Apply**. Your settings might take several hours to update.

+ :::image type="content" source="media/frontline-teams-edit-settings.png" alt-text="Screenshot of the Frontline teams settings page, showing options to edit frontline team settings" lightbox="media/frontline-teams-edit-settings.png":::

+ See the following table for the effects of updating your settings.

+ |Setting |Effect on existing frontline teams |Effect on new frontline teams |

+ |--|--||

+ |Frontline workers |All existing frontline teams will be updated with members that are part of the new dynamic groups you selected. Members added or removed by frontline managers won't be affected.|All new frontline teams members will include members that are part of the new dynamic groups you selected. |

+ |Location | Existing teams will continue to persist. If a team is no longer tied to a location, there will be no frontline workers in that team except the team owner, and the other users are put in their respective location teams. |You can create new frontline teams based on the locations defined by your new Microsoft Entra attribute. |

+ |Map your frontline attributes |All existing frontline team members will reflect the Microsoft Entra attribute you defined for department and job title. |All new frontline team members will use the Microsoft Entra attribute you defined for department and job title.|

+ |Team settings - team name prefix|All existing team names will be updated to reflect the prefix and location name if it was changed.|All new teams will have the updated naming convention. |

+ |Team settings - team template|No updates to the team structure will occur.|All new teams will use the updated team template. |

+ |Identify your team owners |Frontline managers that were already assigned team owner won't be removed or reprieved of their team owner role. New team owners from the new dynamic groups you selected will be added as team owners to their respective teams. |All new teams will have team owners that are part of the new dynamic groups you selected. There must be at least one team owner for every new team. |

+## Get analytics on frontline teams usage

+The [Teams frontline usage report](frontline-usage-report.md) on the usage dashboard of the Manage frontline teams page gives you an overview of usage activity in Teams for each of your frontline locations. You can view data, such as the number of active users and last activity date, to quickly see how many users at your frontline locations are using Teams to communicate and collaborate.

+## Frequently asked questions

+### Why are channels missing when I create my teams?

+It can take time for channels to propagate in Teams. The General channel is created first and the remaining channels are added over time. All channels should be available within 24 hours of team creation.

+### How do I delete a frontline team?

+You can delete a team by using the [Teams client](https://support.microsoft.com/office/delete-a-team-in-microsoft-teams-c386f91b-f7e6-400b-aac7-8025f74f8b41), [Teams admin center](/microsoftteams/archive-or-delete-a-team), [PowerShell](/powershell/module/teams/remove-team), or [Graph](/graph/api/group-delete).

+It can take up to 24 hours for a team and the Microsoft 365 group associated with the team to be fully deleted.

+If you need to redeploy a frontline location team that was deleted, follow these steps:

+1. [Refresh locations](#manage-your-frontline-teams).

+1. After the refresh is completed, choose the location you want to deploy.

+1. Select **Deploy**.

+## Related articles

+- [Learn where to start with a frontline deployment](flw-deploy-overview.md)

+- [How to find the best frontline team solution for your organization](frontline-team-options.md)

+- [Set up for targeted communications for your frontline](set-up-targeted-communications.md)

+ Title: Set up open shifts across locations in Shifts for your frontline

+audience: admin

+search.appverid: MET150

+description: Learn how to set up open shifts across locations for your frontline in Shifts. With this feature, frontline managers can offer open shifts across multiple locations for frontline workers to request, and workers can see and request open shifts at other locations.

+ms.localizationpriority: medium

+ - M365-collaboration

+ - m365-frontline

+ - teams-1p-app-admin

+appliesto:

+ - Microsoft Teams

+ - Microsoft 365 for frontline workers

+# Set up open shifts across locations in Shifts for your frontline

+> [!NOTE]

+> This feature is currently in public preview.

+## Overview

+### What are open shifts?

+Open shifts are shifts that aren't assigned to anyone. In Shifts, frontline managers can create and share open shifts in the schedule for frontline workers to request.

+### What is the open shifts across locations feature?

+With the open shifts across locations feature in Shifts, your frontline managers can offer open shifts across multiple locations (teams) within the regions or areas defined in your operational hierarchy. This allows frontline workers to see and request open shifts available at other specified locations.

+With this feature, you can:

+- Optimize your workforce by balancing the supply and demand of shifts across locations within an area.

+- Empower your frontline workers by giving them the flexibility to request open shifts at locations convenient to them.

+- Enhance customer satisfaction with the ability to schedule anyone within an area to help ensure your locations are fully staffed.

+> [!NOTE]

+> This feature isn't yet supported if you integrated Shifts with your workforce management (WFM) system through a [Shifts connector](shifts-connectors.md).

+## Set up your hierarchy

+As an admin, you define a [frontline operational hierarchy](deploy-frontline-operational-hierarchy.md) in the Teams admin center to map your organization's structure of frontline teams and locations to a hierarchy.

+You can organize your organizationΓÇÖs teams by country, region, area, city, district, and so on.

+## Turn on open shifts across locations

+After you define your hierarchy, frontline managers (team owners or schedule owners) must turn on the feature for their team's schedule on the **Settings** tab in Shifts.

+> [!NOTE]

+> To check whether this feature is set up for their team, managers can select **Check eligibility**. If you defined an operational hierarchy and the team is included within the hierarchy, managers don't need to perform this step.

+After a manager turns on the capability in Shifts settings, they can choose to enable it for each open shift they create in a schedule group by using the **Open shifts across locations** toggle.

+Frontline workers who are part of the same schedule group in other locations can see and request the open shifts. The manager at the location where the open shift is available can approve (or decline) the request.

+**What you need to know about schedule group names**

+- The schedule group name for an open shift must match across locations. This ensures that open shifts shared by a manager are available to all workers in the same schedule group at other locations within the hierarchy.

+- Schedule group names arenΓÇÖt case-sensitive. For example, if a schedule group is named "Cashiers" at some locations and "cashiers" at other locations, the open shift is available across all those locations.

+## Example scenario

+Contoso has hundreds of stores. Each store is grouped into an area and is managed by a different manager. To simplify this scenario, we focus on two stores in the West area.

+In this example:

+- The IT admin at Contoso set up an operational hierarchy in the Teams admin center to map their frontline team structure.

+- Bellevue and Redmond are store locations that are on the same level of the hierarchy. They share the parent node, West.

+- The schedule groups in Shifts at these locations are based on job types: Pickers, Runners, Stockers, Inventory specialists.

+- Roles:

+ - Babbak is the manager of the Bellevue location.

+ - Kayo is the manager of the Redmond location

+ - Isaac is a worker at the Redmond location in the Pickers schedule group.

+Babbak and Kayo turn on the feature in Shifts settings for their team schedules. Babbak creates an open shift in the Pickers schedule group and turns on the **Open shifts across location** toggle.

+Babbak shares the open shift, and workers that belong to the Pickers schedule group at both the Bellevue and Redmond locations can see and request it.

+Isaac, who wants to earn extra hours, requests the open shift that's available at the Bellevue location. Babbak is notified and approves the request.

+## Related articles

+- [Shifts for your frontline organization](shifts-for-teams-landing-page.md)

+- [Deploy your frontline operational hierarchy](deploy-frontline-operational-hierarchy.md)

+- [Use roles to define your frontline managers and workers in Shifts](shifts-frontline-manager-worker-roles.md)

+- [schedulingGroup](/graph/api/resources/schedulinggroup?view=graph-rest-beta)

+- [Create schedulingGroup](/graph/api/schedule-post-schedulinggroups?view=graph-rest-beta)

+> Optionally, [set up a frontline operational hierarchy](deploy-frontline-operational-hierarchy.md) to map your organizationΓÇÖs structure of frontline teams and locations to a hierarchy in the Teams admin center. Creating a frontline operational hierarchy will enable [location scenarios](set-up-open-shifts-across-locations.md) and other capabilities for your frontline.

+|Create open shifts for workers on their own team to request. <br/>Supported methods:<ul><li>Manually create shifts and time off one by one.</li><li>Bulk creation of shifts and time off through Excel import and copy/paste.</li></ul> | Yes | Not available in Shifts.¹ |

+|Create open shifts for workers on other teams (locations) to request. (Preview)<br/>Supported methods:<ul><li>Manually create shifts and time off one by one.</li><li>Bulk creation of shifts and time off through Excel import and copy/paste.</li></ul> | Yes | No |

+|Request open shifts at their own location for manager's approval. | Yes | Yes¹|

+|Request open shifts at other locations for manager's approval at that location. (Preview) | Yes | No|

+|Request time off. Currently, after the request is approved by a manager, the time off applies only to the team in which the worker requested it.| Yes | Yes¹|

+|Request to swap a shift with a coworker on the same team. | Yes | Yes¹|

+|Request to offer a shift to a coworker on the same team.| Yes | Yes¹|

+|:::image type="icon" source="/office/medi)** (Preview) With this feature, your frontline managers can offer open shifts across multiple locations (teams) within an area for workers to request and workers can see and request open shifts that are available at other locations.|

+## End user help and training

+|&nbsp; |&nbsp; |&nbsp; |&nbsp; |&nbsp; |&nbsp; |&nbsp; |&nbsp; |&nbsp; |

+||||||||||

+|:::image type="icon" source="/office/media/icons/arrow-right-2-teams.png"::: |[Shifts end user documentation](https://support.microsoft.com/office/get-started-in-shifts-5f3e30d8-1821-4904-be26-c3cd25a497d6)|:::image type="icon" source="/office/media/icons/get-started-teams.png"::: |[Video: What is Shifts?](https://support.office.com/article/what-is-shifts-f8efe6e4-ddb3-4d23-b81b-bb812296b821)|:::image type="icon" source="/office/media/icons/calendar.png":::|[Video: Create a shifts schedule](https://support.microsoft.com/office/create-a-shifts-schedule-2b94ca38-36db-4a1c-8fee-f8f0fec9a984)|:::image type="icon" source="/office/media/icons/blocks-teams.png":::|[Video: Manage a Shifts schedule](https://support.microsoft.com/office/manage-and-view-a-shifts-schedule-63acda7b-ea39-441a-b1c6-c404a72e79f7)|

+|Copilot Pages|✔️in Loop workspace|||

+|Admin toggles |**[Admin Toggles](/microsoft-365/loop/loop-components-configuration#available-policy-settings)** exist to turn on or off creation of and live rendering of Loop components in the Microsoft 365 ecosystem. If you enable Loop components in the Microsoft 365 ecosystem via the primary toggle, there are additional toggles to turn on or off Loop components in Outlook or Teams chats and channels. There's also an additional toggle to turn on or off Loop components for collaborative meeting notes.|**[Admin Toggle](/microsoft-365/loop/loop-workspaces-configuration)** exists to turn on or off creation of content stored in SharePoint Embedded, including Loop Ideas and new workspaces.|

+|Multi-Geo |**[Multi-Geo](/microsoft-365/enterprise/microsoft-365-multi-geo)** capabilities are supported, including creation of .loop files in a user's OneDrive in the geo that matches the user's [preferred data location](/microsoft-365/enterprise/plan-for-multi-geo#best-practices) and ability to move the user's OneDrive when their preferred data location changes.|**[Multi-Geo](/microsoft-365/enterprise/microsoft-365-multi-geo)** capabilities for Loop workspaces are supported using the [same mechanism as SharePoint sites](/microsoft-365/enterprise/m365-dr-workload-spo#move-a-sharepoint-site-or-sharepoint-embedded-container-site), including rehome and creation in the tenant's default geo. Manage the location of shared Loop workspaces like you would other collaboration artifacts, like SharePoint sites. <br><br>**[Multi-Geo](/microsoft-365/enterprise/microsoft-365-multi-geo)** capabilities for Copilot Pages are supported. Copilot Pages is a user-owned workspace, and is created in the geo that matches the user's preferred data location. <br><br>**Not Yet Available**: <br>Shared workspaces are not yet created in the user's preferred data location, they are instead created in the tenant's default geo, like SharePoint sites are.|

+|Version history |**Version History** [export in Purview](/purview/ediscovery-export-search-results#step-1-prepare-search-results-for-export) or via [Graph API](/graph/api/driveitem-get-content-format) is available. Loop files in OneDrive or SharePoint follow the same file versioning settings as other files.|**Version History** [export in Purview](/purview/ediscovery-export-search-results#step-1-prepare-search-results-for-export) is available. Loop files in SharePoint Embedded are configured at 50 versions and no admin setting is available to change this.|

+|Export (Third Party Tools) |Microsoft **[Graph API](/graph/api/driveitem-get-content-format)** export support.|Microsoft **[Graph API](/graph/api/driveitem-get-content-format)** export support. <br><br>Use [Get-SPOApplication](/powershell/module/sharepoint-online/get-spoapplication) to view guest application permissions. <br>Use [Set-SPOApplication](/powershell/module/sharepoint-online/set-spoapplicationpermission) to manage guest application permissions.|

+ - **NOTE**: If your organization has [disabled the creation of OneDrive](/sharepoint/manage-user-profiles#disable-onedrive-creation-for-some-users), regardless of the setting noted here, these people in your organization will not be able to create a Copilot Pages workspace.