Category | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
admin | Information For Dns Records | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/information-for-dns-records.md | description: "Gather the values/information you need to create DNS records to co ::: moniker-end -2. On the **Domains** page, select your domain, then select **Start setup**. You'll go back to the domains setup wizard to see the specific value you need to add. +2. On the **Domains** page, select your domain, then select **Continue setup**. You'll go back to the domains setup wizard to see the specific value you need to add. 3. On the **Domain Verification** page, select **Add a TXT record to the domain's DNS records**, then select **Continue**. description: "Gather the values/information you need to create DNS records to co [Domains FAQ](../setup/domains-faq.yml) (article)\ [Find and fix issues after adding your domain or DNS records](find-and-fix-issues.md) (article)\-[Manage domains](/admin) (link page) +[Manage domains](/admin) (link page) |
compliance | Create Sensitivity Labels | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/create-sensitivity-labels.md | In comparison, when you delete a label: - For containers, such as sites in SharePoint and Teams: The label is removed and any settings that were configured with that label are no longer enforced. This action typically takes between 48-72 hours for SharePoint sites, and can be quicker for Teams and Microsoft 365 Groups. -- Be aware that without a GUID-to-name mapping available after you delete a label, deleted labels can display as GUIDs rather than label names in applications such as [activity explorer](data-classification-activity-explorer.md).+- Be aware that without a GUID-to-name mapping available after you delete a label, deleted labels can display as GUIDs rather than label names in applications such as [content explorer](data-classification-content-explorer.md) and [activity explorer](data-classification-activity-explorer.md). As with all label changes, removing a sensitivity label from a label policy or deleting a sensitivity label takes time to replicate to all users and services. |
compliance | Ediscovery Export Documents From Review Set | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/ediscovery-export-documents-from-review-set.md | To export documents from a review set: 1. In the Microsoft Purview compliance portal, open the eDiscovery (Premium) case, select the **Review sets** tab, and then select the review set that you want to export. -2. In the review set, select **Action** > **Export**. +2. In the review set, select the items to export. +3. Select **Action** > **Export**. The Export tool displays the flyout page with the settings to configure the export. Some options are selected by default, but you can change these. See the following section for descriptions of the export options that you can configure.  -3. After you configure the export, select **Export** to start the export process. Depending on the option that you selected in **Output options** section, you can access the export files by direct download or in your organization's Azure Storage account. +4. After you configure the export options, select **Export** to start the export process. Depending on the option that you selected in **Output options** section, you can access the export files by direct download or in your organization's Azure Storage account. > [!NOTE] > Export jobs are retained for the life of the case. However, you must download the content from an export job within 30 days after the export job is complete. To export documents from a review set: ## Export options -Use the following options to configure the export. Not all options are allowed for some output options, most notably, export of text files and redacted PDFs aren't allowed when exporting to the PST format. +Use the following options to configure the export. Not all options are allowed for some output options, most notably, the export of text files and redacted PDFs aren't allowed when exporting to the PST format. - **Export name**: Name of the export job. This will be used to name the ZIP files that will be downloaded. - **Description**: Free-text field for you to add a description. Use the following options to configure the export. Not all options are allowed f - All filtered documents: This option exports the documents in an active filter. This option is only available when a filter is applied to the review set. - All documents in the review set: This option exports all documents in the review set. +- **Expand selection**: Use the following options to export additional items that are related to filtered/selected items in the review set: ++ - *None*: This option doesn't export the family items or conversation items. It only exports the items that are selected or to all items in the review set list. + - *Include associated family items*: This option includes associated family items. Family items are items that share the same [*FamilyId* metadata property](/microsoft-365/compliance/ediscovery-document-metadata-fields) value. For example, a document that's attached to an email message shares the same *FamilyId* as the email message. If this option is selected, the email message and the document are exported in this example, even though the document might not be included in the list of review set items. + - *Include associated conversation items*: This option includes associated items that are in the same Teams or Yammer conversation. Conversation items are items that share the same [*ConversationId* metadata property](/microsoft-365/compliance/ediscovery-document-metadata-fields) value. All messages, posts, and corresponding transcript file of a conversation share the same *ConversationId*. + + If any option other than *None* is selected, all items that share the same association ID are exported, even though some of those items might not be in the results of the current review set query. For more information about conversation items, see [eDiscovery (Premium) workflow for content in Microsoft Teams](/microsoft-365/compliance/ediscovery-teams-workflow#grouping). + - **Output options**: Exported content is either available for download directly through a web browser or can be sent to an Azure Storage account. The first two options enable direct download. - Reports only: Only the summary and load file are created. If you select this export option, the exported content is organized in the follo ### Condensed directory structure exported to your Azure Storage Account -This option uses the same general structure as the *Condensed directory structure*, however the contents aren't zipped and the data is saved to your Azure Storage account. This option is generally used when working with a third-party eDiscovery provider. For details about how to use this option, see [Export documents in a review set to an Azure Storage account](download-export-jobs.md). +This option uses the same general structure as the *Condensed directory structure*, however the contents aren't zipped and the data is saved to your Azure Storage account. This option is used when working with a third-party eDiscovery provider. For details about how to use this option, see [Export documents in a review set to an Azure Storage account](download-export-jobs.md). |
enterprise | Cross Tenant Mailbox Migration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/cross-tenant-mailbox-migration.md | -Commonly, during mergers or divestitures, you need the ability to move your users' Exchange Online mailboxes into a new tenant. Cross-tenant mailbox migration allows tenant administrators to use well-known interfaces like Exchange Online PowerShell and MRS to transition users to their new organization. +During mergers or divestitures, you might need the ability to move your users' Exchange Online mailboxes into a new tenant. Cross-tenant mailbox migration allows tenant administrators to use well-known interfaces like Exchange Online PowerShell and MRS to transition users to their new organization. Administrators can use the **New-MigrationBatch** cmdlet, available through the _Move Mailboxes_ management role, to execute cross-tenant moves. -Users migrating must be present in the target tenant Exchange Online system as MailUsers, marked with specific attributes to enable the cross-tenant moves. The system will fail moves for users that aren't properly set up in the target tenant. +Users migrating must be present in the target tenant Exchange Online system as a _MailUser_, marked with specific attributes to enable the cross-tenant moves. The system will fail to move users that aren't properly set up in the target tenant. -When the moves are complete, the source user mailbox is converted to a MailUser and the targetAddress (shown as ExternalEmailAddress in Exchange) is stamped with the routing address to the destination tenant. This process leaves the legacy MailUser in the source tenant and allows for coexistence and mail routing. When business processes allow, the source tenant may remove the source MailUser or convert them to a mail contact. +After the moves are complete, the source user mailbox is converted to a MailUser and the targetAddress (shown as _ExternalEmailAddress_ in Exchange) is stamped with the routing address to the destination tenant. This process leaves the legacy MailUser in the source tenant and allows for coexistence and mail routing. When business processes allow, the source tenant may remove the source MailUser or convert them to a mail contact. Cross-tenant Exchange mailbox migrations are supported for tenants in hybrid or cloud only, or any combination of the two. This article describes the process for cross-tenant mailbox moves and provides guidance on how to prepare source and target tenants for the Exchange Online mailbox content moves. > [!IMPORTANT]-> Do not use this feature to migrate mailboxes on any type of hold. Migrating source mailboxes for users on hold is not supported. -> When a mailbox is migrated cross-tenant with this feature, only user visible content in the mailbox (email, contacts, calendar, tasks, and notes) is migrated to the target (destination tenant). After successful migration, the source mailbox is deleted. This means that after the migration, under no circumstances, is the source mailbox available, discoverable, or accessible in the source tenant. +> Mailboxes that are on any type of hold will not be migrated and the move for that mailbox will be blocked. ++When a mailbox is migrated cross-tenant with this feature, only user visible content in the mailbox (email, contacts, calendar, tasks, and notes) is migrated to the target (destination tenant). After successful migration, the source mailbox is deleted. This means that after migration, under no circumstances is the source mailbox available, discoverable, or accessible in the source tenant. > [!NOTE] > If you are interested in previewing our new feature Domain Sharing for email alongside your cross-tenant mailbox migrations, please complete the form at [aka.ms/domainsharingpreview](https://aka.ms/domainsharingpreview). Domain sharing for email enables users in separate Microsoft 365 tenants to send and receive email using addresses from the same custom domain. The feature is intended to solve scenarios where users in separate tenants need to represent a common corporate brand in their email addresses. The current preview supports sharing domains indefinitely and shared domains during cross-tenant mailbox migration coexistence. ## Licensing -Cross Tenant User Data Migration is available as an add-on to the following Microsoft 365 subscription plans for Enterprise Agreement customers. User licenses are per migration (onetime fee). Please contact your Microsoft account team for details. +Cross Tenant User Data Migration is available as an add-on to the Microsoft 365 subscription plans below and is only available to customers with an active Enterprise Agreement customer. User licenses are per migration (onetime fee). Contact your Microsoft account team for details. -Microsoft 365 Business Basic/Business Standard/Business Premium/F1/F3/E3/A3/E5/A5; Office 365 F3/E1/A1/E3/A3/E5/A5; Exchange Online; SharePoint Online; OneDrive for Business. +Microsoft 365 Business Basic/Business Standard/Business Premium/F1/F3/E3/E5/; Office 365 F3/E1/E3/E5; Exchange Online; SharePoint Online; OneDrive for Business. ## Preparing source and target tenants Microsoft 365 Business Basic/Business Standard/Business Premium/F1/F3/E3/A3/E5/A Before starting, be sure you have the necessary permissions to configure the Move Mailbox application in Azure, EXO Migration Endpoint, and the EXO Organization Relationship. -Additionally, at least one mail-enabled security group in the source tenant is required. These groups are used to scope the list of mailboxes that can move from source (or sometimes referred to as resource) tenant to the target tenant. This allows the source tenant admin to restrict or scope the specific set of mailboxes that need to be moved, preventing unintended users from being migrated. Nested groups aren't supported. +Additionally, at least one mail-enabled security group in the source tenant is required. These groups are used to scope the list of mailboxes that can move from source tenant (or sometimes referred to as resource) to the target tenant. This allows the source tenant admin to restrict or scope the specific set of mailboxes that need to be moved, preventing unintended users from being migrated. Nested groups aren't supported. You'll also need to communicate with your trusted partner company (with whom you will be moving mailboxes) to obtain their Microsoft 365 tenant ID. This tenant ID is used in the Organization Relationship DomainName field. -To obtain the tenant ID of a subscription, sign in to the [Microsoft 365 admin center](https://go.microsoft.com/fwlink/p/?linkid=2024339) and go to [https://aad.portal.azure.com/\#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties). Click the copy icon for the Tenant ID property to copy it to the clipboard. +To obtain the tenant ID of a subscription, sign in to the [Microsoft 365 admin center](https://go.microsoft.com/fwlink/p/?linkid=2024339) and go to [https://aad.portal.azure.com/\#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Properties). Select the copy icon for the Tenant ID property to copy it to the clipboard. -Make sure that all the users in the source and target organization must be licensed with appropriate Exchange Online subscriptions applicable for the organization. Also ensure that the Cross Tenant User Data Migration licenses are also applied to all the users that will be migrated to the target side. +All users in both the source and target organizations must be licensed with the appropriate Exchange Online subscriptions. Also, make sure to apply Cross Tenant User Data Migration licenses to all users that will be migrated to the target side. ### Configuration steps to enable your tenants for cross-tenant mailbox migrations Make sure that all the users in the source and target organization must be licen  -2. Click View under "Manage Azure Active Directory". +1. Select View under "Manage Azure Active Directory".  -3. On the left navigation bar, select "App registrations". +1. On the left navigation bar, select "App registrations". -4. Select "New registration" +1. Select "New registration"  -5. On the "Register an application page", under "Supported account types", select" Accounts in any organizational directory (Any Azure AD directory - Multitenant)". Then, under "Redirect URI (optional)", select Web and enter <https://office.com>. Lastly, select Register. +1. On the "Register an application page", under "Supported account types", select" Accounts in any organizational directory (Any Azure AD directory - Multi-tenant)". Then, under "Redirect URI (optional)", select Web and enter <https://office.com>. Lastly, select Register.  -6. On the top-right corner of the page, you'll see a notification pop-up that states the app was successfully created. --7. Go back to Home, Azure Active Directory and click on "App registrations". --8. Under "Owned applications", find the app you created and click on it. --9. Under "Essentials", you'll need to copy down the "Application (client) ID" as you'll need it later to create a URL for the target tenant. --10. Now, on the left navigation bar, click on "API permissions" to view permissions assigned to your app. --11. By default, User. Read permissions are assigned to the app you created, but we don't require them for mailbox migrations, you can remove that permission. +1. On the top-right corner of the page, you'll see a notification pop-up that states the app was successfully created. +1. Go back to Home, Azure Active Directory and select on "App registrations". +1. Under "Owned applications", find the app you created and select on it. +1. Under "Essentials", you'll need to copy down the "Application (client) ID" as you'll need it later to create a URL for the target tenant. +1. Now, on the left navigation bar, select on "API permissions" to view permissions assigned to your app. +1. By default, User. Read permissions are assigned to the app you created, but we don't require them for mailbox migrations, you can remove that permission.  -12. Now we need to add permission for mailbox migration, select "Add a permission" --13. In the "Request API permissions" window, select "APIs my organization uses", search for "Office 365 Exchange Online", and select it. +1. Now we need to add permission for mailbox migration, select "Add a permission." +1. In the "Request API permissions" window, select "APIs my organization uses", search for "Office 365 Exchange Online", and select it.  -14. Next, select "Application permissions" --15. Then, under "Select permissions", expand Mailbox, and check "Mailbox.Migration", and "Add permissions" at the bottom on the screen. +1. Next, select "Application permissions." +1. Then, under "Select permissions", expand Mailbox, and check "Mailbox.Migration", and "Add permissions" at the bottom on the screen.  -16. Now select Certificates & secrets on the left navigation bar for your application. --17. Under "Client secrets", select "New client secret". +1. Now select Certificates & secrets on the left navigation bar for your application. +1. Under "Client secrets", select "New client secret".  -18. In the Add a client secret window, enter a description, and configure your desired expiration settings. -- > [!NOTE] - > This is the password that will be used when creating your migration endpoint. It is extremely important that you copy this password to your clipboard and or copy this password to secure/secret password safe location. This is the only time you will be able to see this password! If you do somehow lose it or need to reset it, you can log back into our Azure portal, go to App registrations, find your migration app, select Secrets & certificates, and create a new secret for your app. +1. In the Add a client secret window, enter a description, and configure your desired expiration settings. -19. Now that you've successfully created the migration application and secret, you'll need to consent to the application. To consent to the application, go back to the Azure Active Directory landing page, click on Enterprise applications in the left navigation, find your migration app you created, select it, and select Permissions on the left navigation. --20. Click on the "Grant admin consent for [your tenant]" button. --21. A new browser window will open and select "Accept". +> [!NOTE] +> This is the password that will be used when creating your migration endpoint. It is extremely important that you copy this password to your clipboard and or copy this password to secure/secret password safe location. This is the only time you will be able to see this password! If you do somehow lose it or need to reset it, you can log back into our Azure portal, go to App registrations, find your migration app, select Secrets & certificates, and create a new secret for your app. -22. You can go back to your portal window and select Refresh to confirm your acceptance. +Now that you've successfully created the migration application and secret, you'll need to consent to the application. To consent to the application: -23. Formulate the URL to send to your trusted partner (source tenant admin) so they can also accept the application to enable mailbox migration. Here's an example of the URL to provide to them you'll need the application ID of the app you created: +1. Go back to the Azure Active Directory landing page, select on Enterprise applications in the left navigation, find your migration app you created, select it, and select Permissions on the left navigation. +1. Select on the "Grant admin consent for [your tenant]" button. +1. A new browser window will open and select "Accept". +1. You can go back to your portal window and select Refresh to confirm your acceptance. +1. Formulate the URL to send to your trusted partner (source tenant admin) so they can also accept the application to enable mailbox migration. Here's an example of the URL to provide to them you'll need the application ID of the app you created: - ```powershell - https://login.microsoftonline.com/contoso.onmicrosoft.com/adminconsent?client_id=[application_id_of_the_app_you_just_created]&redirect_uri=https://office.com - ``` +```PowerShell +https://login.microsoftonline.com/contoso.onmicrosoft.com/adminconsent?client_id=[application_id_of_the_app_you_just_created]&redirect_uri=https://office.com +``` - > [!NOTE] - > You will need the application ID of the mailbox migration app you just created. - > - > You will need to replace contoso.onmicrosoft.com in the above example with your source tenants correct onmicrosoft.com name. - > - > You will also need to replace [application_id_of_the_app_you_just_created] with the application ID of the mailbox migration app you just created. +> [!NOTE] +> You will need the application ID of the mailbox migration app you just created. +> You will need to replace contoso.onmicrosoft.com in the above example with your source tenants correct onmicrosoft.com name. +> You will also need to replace [application_id_of_the_app_you_just_created] with the application ID of the mailbox migration app you just created. ### Prepare the target tenant by creating the Exchange Online migration endpoint and organization relationship 1. [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell) in the target Exchange Online tenant.+1. Create a new migration endpoint for Cross-tenant mailbox moves. -2. Create a new migration endpoint for cross-tenant mailbox moves -- > [!NOTE] - > You will need the application ID of the mailbox migration app you just created and the password (the secret) you configured during this process. Also depending on the Microsoft 365 Cloud Instance you use your endpoint may be different. Please refer to the [Microsoft 365 endpoints](/microsoft-365/enterprise/microsoft-365-endpoints) page and select the correct instance for your tenant and review the Exchange Online Optimize Required address and replace as appropriate. -- ```powershell -- # Enable customization if tenant is dehydrated - $dehydrated=Get-OrganizationConfig | select isdehydrated - if ($dehydrated.isdehydrated -eq $true) {Enable-OrganizationCustomization} - $AppId = "[guid copied from the migrations app]" - $Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $AppId, (ConvertTo-SecureString -String "[this is your secret password you saved in the previous steps]" -AsPlainText -Force) - New-MigrationEndpoint -RemoteServer outlook.office.com -RemoteTenant "contoso.onmicrosoft.com" -Credentials $Credential -ExchangeRemoteMove:$true -Name "[the name of your migration endpoint]" -ApplicationId $AppId - ``` --3. Create new or edit your existing organization relationship object to your source tenant. +> [!NOTE] +> You will need the application ID of the mailbox migration app you just created and the password (secret) you configured during this process. Depending on the Microsoft 365 cloud instance you use, your endpoint may be different. Please refer to the [Microsoft 365 endpoints](/microsoft-365/enterprise/microsoft-365-endpoints) page, select the correct instance for your tenant and review the Exchange Online _Optimize/Required_ address and replace as appropriate. ++```PowerShell +# Enable customization if tenant is dehydrated +$dehydrated=Get-OrganizationConfig | select isdehydrated +if ($dehydrated.isdehydrated -eq $true) {Enable-OrganizationCustomization} +$AppId = "[Guid copied from the migrations app]" +$Credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $AppId, (ConvertTo-SecureString -String "[this is your secret password you saved in the previous steps]" -AsPlainText -Force) +New-MigrationEndpoint -RemoteServer outlook.office.com -RemoteTenant "contoso.onmicrosoft.com" -Credentials $Credential -ExchangeRemoteMove:$true -Name "[the name of your migration endpoint]" -ApplicationId $AppId +``` - ```powershell - $sourceTenantId="[tenant id of your trusted partner, where the source mailboxes are]" - $orgrels=Get-OrganizationRelationship - $existingOrgRel = $orgrels | ?{$_.DomainNames -like $sourceTenantId} - If ($null -ne $existingOrgRel) - { - Set-OrganizationRelationship $existingOrgRel.Name -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability Inbound - } - If ($null -eq $existingOrgRel) - { - New-OrganizationRelationship "[name of the new organization relationship]" -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability Inbound -DomainNames $sourceTenantId - } - ``` +1. Create new or edit your existing organization relationship object to your source tenant. ++```PowerShell +$sourceTenantId="[tenant id of your trusted partner, where the source mailboxes are]" +$orgrels=Get-OrganizationRelationship +$existingOrgRel = $orgrels | ?{$_.DomainNames -like $sourceTenantId} +If ($null -ne $existingOrgRel) +{ + Set-OrganizationRelationship $existingOrgRel.Name -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability Inbound +} +If ($null -eq $existingOrgRel) +{ + New-OrganizationRelationship "[name of the new organization relationship]" -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability Inbound -DomainNames $sourceTenantId +} +``` ### Prepare the source (current mailbox location) tenant by accepting the migration application and configuring the organization relationship -1. From a browser, go to the URL link provided by your trusted partner to consent to the mailbox migration application. The URL will look like this: -- ```powershell - https://login.microsoftonline.com/contoso.onmicrosoft.com/adminconsent?client_id=[application_id_of_the_app_you_just_created]&redirect_uri=https://office.com - ``` -- > [!NOTE] - > You will need the application ID of the mailbox migration app you just created. - > You will need to replace contoso.onmicrosoft.com in the above example with your source tenants correct onmicrosoft.com name. - > You will also need to replace [application_id_of_the_app_you_just_created] with the application ID of the mailbox migration app you just created. --2. Accept the application when the pop-up appears. You can also log into your Azure Active Directory portal and find the application under Enterprise applications. --3. [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell) on the source Exchange Online tenant. -4. Create a new organization relationship or edit your existing organization relationship object to your target (destination) tenant in Exchange Online PowerShell: -- ```powershell - $targetTenantId="[tenant id of your trusted partner, where the mailboxes are being moved to]" - $appId="[application id of the mailbox migration app you consented to]" - $scope="[name of the mail enabled security group that contains the list of users who are allowed to migrate]" - New-DistributionGroup -Type Security -Name $scope - $orgrels=Get-OrganizationRelationship - $existingOrgRel = $orgrels | ?{$_.DomainNames -like $targetTenantId} - If ($null -ne $existingOrgRel) - { - Set-OrganizationRelationship $existingOrgRel.Name -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability RemoteOutbound -OAuthApplicationId $appId -MailboxMovePublishedScopes $scope - } - If ($null -eq $existingOrgRel) - { - New-OrganizationRelationship "[name of your organization relationship]" -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability RemoteOutbound -DomainNames $targetTenantId -OAuthApplicationId $appId -MailboxMovePublishedScopes $scope - } - ``` +1. From a browser, go to the URL link provided by your trusted partner to consent to the mailbox migration application. The URL will look like the following: -> [!NOTE] -> The tenant ID that you enter as the $sourceTenantId and $targetTenantId is the GUID and not the tenant domain name. For an example of a tenant ID and information about finding your tenant ID, see [Find your Microsoft 365 tenant ID](/onedrive/find-your-office-365-tenant-id). +```PowerShell +https://login.microsoftonline.com/contoso.onmicrosoft.com/adminconsent?client_id=[application_id_of_the_app_you_just_created]&redirect_uri=https://office.com +``` -### How do I know this worked? +> [!NOTE] +> You will need the application ID of the mailbox migration app you just created. You will need to replace _contoso.onmicrosoft.com_ in the above example with your source tenant's onmicrosoft.com URL. You will also need to replace [application_id_of_the_app_you_just_created] with the application ID of the mailbox migration app you just created. -You can verify cross-tenant mailbox migration configuration by running the [Test-MigrationServerAvailability](/powershell/module/exchange/Test-MigrationServerAvailability) cmdlet against the cross-tenant migration endpoint that you created on your target tenant. -Run the following cmdlet from target tenant: +1. Accept the application when the pop-up appears. You can also log into your Azure Active Directory portal and find the application under Enterprise applications. +1. [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell) on the source Exchange Online tenant. +1. Create a new organization relationship or edit your existing organization relationship object to your target (destination) tenant in Exchange Online PowerShell: -```powershell -Test-MigrationServerAvailability -EndPoint "[the name of your migration endpoint]" -TestMailbox "[Primary SMTP of MailUser object in target tenant]" +```PowerShell +$targetTenantId="[tenant id of your trusted partner, where the mailboxes are being moved to]" +$appId="[application id of the mailbox migration app you consented to]" +$scope="[name of the mail enabled security group that contains the list of users who are allowed to migrate]" +New-DistributionGroup -Type Security -Name $scope + $orgrels=Get-OrganizationRelationship +$existingOrgRel = $orgrels | ?{$_.DomainNames -like $targetTenantId} +If ($null -ne $existingOrgRel) +{ + Set-OrganizationRelationship $existingOrgRel.Name -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability RemoteOutbound -OAuthApplicationId $appId -MailboxMovePublishedScopes $scope +} +If ($null -eq $existingOrgRel) +{ + New-OrganizationRelationship "[name of your organization relationship]" -Enabled:$true -MailboxMoveEnabled:$true -MailboxMoveCapability RemoteOutbound -DomainNames $targetTenantId -OAuthApplicationId $appId -MailboxMovePublishedScopes $scope +} ``` -### Move mailboxes back to the original source --If a mailbox is required to move back to the original source tenant, the same set of steps and scripts will need to be run in both new source and new target tenants. The existing Organization Relationship object will be updated or appended, not recreated. The migration can't happen both ways simultaneously. +> [!NOTE] +> The tenant ID that you enter as the \$sourceTenantId and \$targetTenantId is the GUID and not the tenant domain name. For an example of a tenant ID and information about finding your tenant ID, see [Find your Microsoft 365 tenant ID](/onedrive/find-your-office-365-tenant-id). ## Prepare target user objects for migration -Users migrating must be present in the target tenant and Exchange Online system (as MailUsers) marked with specific attributes to enable the cross-tenant moves. The system will fail moves for users that aren't properly set up in the target tenant. The following section details the MailUser object requirements for the target tenant. +Users migrating must be present in the target tenant and Exchange Online system (as a MailUser) marked with specific attributes to enable the Cross-tenant moves. The system will fail to move users that aren't properly set up in the target tenant. The following section details the MailUser object requirements for the target tenant. ### Prerequisites for target user objects Ensure the following objects and attributes are set in the target organization. > [!TIP]-> Microsoft is developing a feature to provide a secure automated method to set many of the attributes in the following section. This feature, named Cross-Tenant Identity Mapping, is currently looking for customers willing to participate in a small private preview. For more information about this pre-release feature and how it can simplify your cross-tenant migration processes, see the article **[Cross-Tenant Identity Mapping](cross-tenant-identity-mapping.md)**. --1. For any mailbox moving from a source organization, you must provision a MailUser object in the Target organization: -- - The Target MailUser must have these attributes from the source mailbox or assigned with the new User object: -- - ExchangeGUID (direct flow from source to target): The mailbox GUID must match. The move process will not proceed if this isn't present on target object. - - ArchiveGUID (direct flow from source to target): The archive GUID must match. The move process won't proceed if this isn't present on the target object. (This is only required if the source mailbox is Archive enabled). - - LegacyExchangeDN (flow as proxyAddress, "x500:\<LegacyExchangeDN>"): The LegacyExchangeDN must be present on target MailUser as x500: proxyAddress. In addition, you also need to copy all x500 addresses from the source mailbox to the target mail user. The move processes won't proceed if these aren't present on the target object. Also, this step is important for enabling reply ability for emails that are sent before migration. The sender/recipient address in each email item and the auto-complete cache in Microsoft Outlook and in Microsoft Outlook Web App (OWA) uses the value of the LegacyExchangeDN attribute. If a user cannot be located using the LegacyExchangeDN value then the delivery of email messages may fail with a 5.1.1 NDR. - - UserPrincipalName: UPN will align to the user's NEW identity or target company (for example, user@northwindtraders.onmicrosoft.com). - - Primary SMTPAddress: Primary SMTP address will align to the user's NEW company (for example, user@northwindtraders.com). - - TargetAddress/ExternalEmailAddress: MailUser will reference the user's current mailbox hosted in source tenant (for example user@contoso.onmicrosoft.com). When assigning this value, verify that you have/are also assigning PrimarySMTPAddress or this value will set the PrimarySMTPAddress, which will cause move failures. - - You can't add legacy smtp proxy addresses from source mailbox to target MailUser. For example, you can't maintain contoso.com on the MEU in northwindtraders.onmicrosoft.com tenant objects). Domains are associated with one Azure AD or Exchange Online tenant only. -- Example **target** MailUser object: -- | Attribute | Value | - | -- | | - | Alias | LaraN | - | RecipientType | MailUser | - | RecipientTypeDetails | MailUser | - | UserPrincipalName | LaraN@northwintraders.onmicrosoft.com | - | PrimarySmtpAddress | Lara.Newton@northwindtraders.com | - | ExternalEmailAddress | SMTP:LaraN@contoso.onmicrosoft.com | - | ExchangeGuid | 1ec059c7-8396-4d0b-af4e-d6bd4c12a8d8 | - | LegacyExchangeDN | /o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=74e5385fce4b46d19006876949855035Lara | - | EmailAddresses | x500:/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=d11ec1a2cacd4f81858c81907273f1f9-Lara | - | | smtp:LaraN@northwindtraders.onmicrosoft.com | - | | SMTP:Lara.Newton@northwindtraders.com | -- Example **source** Mailbox object: +> Microsoft is developing a feature to provide a secure automated method to set many of the attributes in the following section. This feature, named Cross-Tenant Identity Mapping, is currently looking for customers willing to participate in a small private preview. For more information about this pre-release feature and how it can simplify your Cross-tenant migration processes, see the article [Cross-Tenant Identity Mapping](cross-tenant-identity-mapping.md). ++For any mailbox moving from a source organization, you must provision a MailUser object in the Target organization: ++ 1. The Target MailUser must have these attributes from the source mailbox or assigned with the new User object: ++ 1. ExchangeGUID (direct flow from source to target): The mailbox GUID must match. The move process won't proceed if this isn't present on target object. + 1. ArchiveGUID (direct flow from source to target): The archive GUID must match. The move process won't proceed if this isn't present on the target object. (This is only required if the source mailbox is Archive enabled). + 1. LegacyExchangeDN (flow as proxyAddress, "x500:\<LegacyExchangeDN\>"): The LegacyExchangeDN must be present on target MailUser as x500: proxyAddress. In addition, you also need to copy all x500 addresses from the source mailbox to the target mail user. The move processes won't proceed if these aren't present on the target object. Also, this step is important for enabling reply ability for emails that are sent before migration. The sender/recipient address in each email item and the auto-complete cache in Microsoft Outlook and in Microsoft Outlook Web App (OWA) uses the value of the LegacyExchangeDN attribute. If a user can't be located using the LegacyExchangeDN value, the delivery of email messages may fail with a 5.1.1 NDR. + 1. UserPrincipalName: UPN will align to the user's NEW identity or target company (for example, user@northwindtraders.onmicrosoft.com). + 1. Primary SMTPAddress: Primary SMTP address will align to the user's NEW company (for example, user@northwindtraders.com). + 1. TargetAddress/ExternalEmailAddress: MailUser will reference the user's current mailbox hosted in source tenant (for example user@contoso.onmicrosoft.com). When assigning this value, verify that you have/are also assigning PrimarySMTPAddress or this value will set the PrimarySMTPAddress, which will cause move failures. + 1. You can't add legacy smtp proxy addresses from source mailbox to target MailUser. For example, you can't maintain contoso.com on the MEU in northwindtraders.onmicrosoft.com tenant objects). Domains are associated with one Azure AD or Exchange Online tenant only. ++ Example **target** MailUser object: ++| Attribute | Value | +| -- | | +| Alias | LaraN | +| RecipientType | MailUser | +| RecipientTypeDetails | MailUser | +| UserPrincipalName | LaraN@northwintraders.onmicrosoft.com | +| PrimarySmtpAddress | Lara.Newton@northwindtraders.com | +| ExternalEmailAddress | SMTP:LaraN@contoso.onmicrosoft.com | +| ExchangeGuid | 1ec059c7-8396-4d0b-af4e-d6bd4c12a8d8 | +| LegacyExchangeDN | /o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=74e5385fce4b46d19006876949855035Lara | +| EmailAddresses | x500:/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=d11ec1a2cacd4f81858c81907273f1f9-Lara | +| | smtp:LaraN@northwindtraders.onmicrosoft.com | +| | SMTP:Lara.Newton@northwindtraders.com | ++Example **source** Mailbox object: ++| Attribute | Value | +| -- | | +| Alias | LaraN | +| RecipientType | UserMailbox | +| RecipientTypeDetails | UserMailbox | +| UserPrincipalName | LaraN@contoso.onmicrosoft.com | +| PrimarySmtpAddress | Lara.Newton@contoso.com | +| ExchangeGuid | 1ec059c7-8396-4d0b-af4e-d6bd4c12a8d8 | +| LegacyExchangeDN | /o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=d11ec1a2cacd4f81858c81907273f1f9Lara | +| EmailAddresses | smtp:LaraN@contoso.onmicrosoft.com | +| | SMTP:Lara.Newton@contoso.com | ++1. Other attributes may be included in Exchange hybrid write-back already. If not, they should be included. + 1. msExchBlockedSendersHash ΓÇô Writes back online safe and blocked sender data from clients to on-premises Active Directory. + 1. msExchSafeRecipientsHash ΓÇô Writes back online safe and blocked sender data from clients to on-premises Active Directory. + 1. msExchSafeSendersHash ΓÇô Writes back online safe and blocked sender data from clients to on-premises Active Directory. +1. If the source mailbox Recoverable Items size is greater than our database default (30 GB), moves won't proceed since the target quota is less than the source mailbox size. You can update the target MailUser object to transition the ELC mailbox flags from the source environment to the target, which triggers the target system to expand the quota of the MailUser to 100 GB, thus allowing the move to the target. In a Hybrid environment, you'll need set the appropriate msExchELCMailboxFlags on the target ADUser. +1. Non-hybrid target tenants can modify the quota on the **Recoverable Items** folder for the MailUsers prior to migration by running the following command to enable Litigation Hold on the target MailUser object and increasing the quota to 100 GB: ++```PowerShell +Set-MailUser -Identity <MailUserIdentity> -EnableLitigationHoldForMigration +``` - | Attribute | Value | - | -- | | - | Alias | LaraN | - | RecipientType | UserMailbox | - | RecipientTypeDetails | UserMailbox | - | UserPrincipalName | LaraN@contoso.onmicrosoft.com | - | PrimarySmtpAddress | Lara.Newton@contoso.com | - | ExchangeGuid | 1ec059c7-8396-4d0b-af4e-d6bd4c12a8d8 | - | LegacyExchangeDN | /o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn=d11ec1a2cacd4f81858c81907273f1f9Lara | - | EmailAddresses | smtp:LaraN@contoso.onmicrosoft.com | - | | SMTP:Lara.Newton@contoso.com | +This won't work for tenants in a hybrid configuration. - - Additional attributes may be included in Exchange hybrid write-back already. If not, they should be included. - - msExchBlockedSendersHash ΓÇô Writes back online safe and blocked sender data from clients to on-premises Active Directory. - - msExchSafeRecipientsHash ΓÇô Writes back online safe and blocked sender data from clients to on-premises Active Directory. - - msExchSafeSendersHash ΓÇô Writes back online safe and blocked sender data from clients to on-premises Active Directory. +Users in the target organization must be licensed with appropriate Exchange Online subscriptions applicable for the organization. You may apply a license in advance of a mailbox move but ONLY once the target MailUser is properly set up with ExchangeGUID and proxy addresses. Applying a license before the ExchangeGUID is applied will result in a new mailbox provisioned in target organization. You must also apply a Cross Tenant User Data Migration license, or you may see a transient error reading "needs approval", which will report a warning in the move report that a license hasn't been applied to the target user. -2. If the source mailbox Recoverable Items size is greater than our database default (30 GB), moves will not proceed since the target quota is less than the source mailbox size. You can update the target MailUser object to transition the ELC mailbox flags from the source environment to the target, which triggers the target system to expand the quota of the MailUser to 100 GB, thus allowing the move to the target. In a Hybrid environment you will need set the appropriate msExchELCMailboxFlags on the target ADUser. +> [!NOTE] +> When you apply a license on a Mailbox or MailUser object, all SMTP type proxyAddresses are scrubbed to ensure only verified domains are included in the Exchange EmailAddresses array. -3. Non-hybrid target tenants can modify the quota on the Recoverable Items folder for the MailUsers prior to migration by running the following command to enable Litigation Hold on the target MailUser object and increasing the quota to 100 GB: +1. You must ensure that the target MailUser has no previous ExchangeGuid that doesn't match the Source ExchangeGuid. This might occur if the target MEU was previously licensed for Exchange Online and provisioned a mailbox. If the target MailUser was previously licensed for or had an ExchangeGuid that doesn't match the Source ExchangeGuid, you need to perform a cleanup of the cloud MEU. For these cloud MEUs, you can run `Set-User <identity> -PermanentlyClearPreviousMailboxInfo`. - ```powershell - Set-MailUser -Identity <MailUserIdentity> -EnableLitigationHoldForMigration - ``` +> [!CAUTION] +> This process is irreversible. If the object has a softDeleted mailbox, it cannot be restored after this point. Once cleared, however, you can synchronize the correct ExchangeGuid to the target object and MRS will connect the source mailbox to the newly created target mailbox. (Reference EHLO blog on the new parameter.) - Note this will not work for tenants in hybrid. +Find objects that were previously mailboxes using this command. -4. Users in the target organization must be licensed with appropriate Exchange Online subscriptions applicable for the organization. You may apply a license in advance of a mailbox move but ONLY once the target MailUser is properly set up with ExchangeGUID and proxy addresses. Applying a license before the ExchangeGUID is applied will result in a new mailbox provisioned in target organization. You must also apply a Cross Tenant User Data Migration license or you may see a transient error saying needs approval which will report a warning in the move report that a license is not applied to the target user. +```PowerShell +Get-User <identity> | select Name, *recipient* | Format-Table -AutoSize +``` - > [!NOTE] - > When you apply a license on a Mailbox or MailUser object, all SMTP type proxyAddresses are scrubbed to ensure only verified domains are included in the Exchange EmailAddresses array. +Here's an example: -5. You must ensure that the target MailUser has no previous ExchangeGuid that does not match the Source ExchangeGuid. This might occur if the target MEU was previously licensed for Exchange Online and provisioned a mailbox. If the target MailUser was previously licensed for or had an ExchangeGuid that does not match the Source ExchangeGuid, you need to perform a cleanup of the cloud MEU. For these cloud MEUs, you can run `Set-User <identity> -PermanentlyClearPreviousMailboxInfo`. +```PowerShell +Get-User John@northwindtraders.com |select name, *recipient*| Format-Table -AutoSize - > [!CAUTION] - > This process is irreversible. If the object has a softDeleted mailbox, it cannot be restored after this point. Once cleared, however, you can synchronize the correct ExchangeGuid to the target object and MRS will connect the source mailbox to the newly created target mailbox. (Reference EHLO blog on the new parameter.) +Name PreviousRecipientTypeDetails RecipientType RecipientTypeDetails +- - - -- +John UserMailbox MailUser MailUser +``` - Find objects that were previously mailboxes using this command. +Clear the soft-deleted mailbox using this command. - ```powershell - Get-User <identity> | select Name, *recipient* | Format-Table -AutoSize - ``` +```PowerShell +Set-User <identity> -PermanentlyClearPreviousMailboxInfo +``` - Here is an example. +Here's an example: - ```powershell - Get-User John@northwindtraders.com |select name, *recipient*| Format-Table -AutoSize +```PowerShell +Set-User John@northwindtraders.com -PermanentlyClearPreviousMailboxInfo -Confirm - Name PreviousRecipientTypeDetails RecipientType RecipientTypeDetails - - - - -- - John UserMailbox MailUser MailUser - ``` +Are you sure you want to perform this action? +Delete all existing information about user "John@northwindtraders.com"?. This operation will clear existing values from Previous home MDB and Previous Mailbox GUID of the user. After deletion, reconnecting to the previous mailbox that existed in the cloud will not be possible and any content it had will be unrecoverable PERMANENTLY. +Do you want to continue? +[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): Y +``` - Clear the soft-deleted mailbox using this command. +### How do I know this worked? - ```powershell - Set-User <identity> -PermanentlyClearPreviousMailboxInfo - ``` +You can verify Cross-tenant mailbox migration configuration by running the [Test-MigrationServerAvailability](/powershell/module/exchange/Test-MigrationServerAvailability) cmdlet against the Cross-tenant migration endpoint that you created on your target tenant. Run the following cmdlet from target tenant: - Here is an example. +```PowerShell +Test-MigrationServerAvailability -EndPoint "[the name of your migration endpoint]" -TestMailbox "[Primary SMTP of MailUser object in target tenant]" +``` - ```powershell - Set-User John@northwindtraders.com -PermanentlyClearPreviousMailboxInfo -Confirm +### Move mailboxes back to the original source - Are you sure you want to perform this action? - Delete all existing information about user "John@northwindtraders.com"?. This operation will clear existing values from Previous home MDB and Previous Mailbox GUID of the user. After deletion, reconnecting to the previous mailbox that existed in the cloud will not be possible and any content it had will be unrecoverable PERMANENTLY. - Do you want to continue? - [Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is "Y"): Y - ``` +If a mailbox is required to move back to the original source tenant, the same set of steps and scripts will need to be run in both new source and new target tenants. The existing Organization Relationship object will be updated or appended, not recreated. Migration can't happen both ways simultaneously. ### Perform mailbox migrations -Cross-tenant Exchange mailbox migrations are initiated from the target tenant as migration batches. This is like the way that on-boarding migration batches work when migrating from Exchange on-premises to Microsoft 365. +Cross-tenant Exchange mailbox migrations are initiated from the target tenant as migration batches. This is similar to the way on-boarding migration batches work when migrating from Exchange on-premises to Microsoft 365. ### Create Migration batches -Here is an example migration batch cmdlet for kicking off moves. +Here's an example command for initiating a batch migration: -```powershell +```PowerShell New-MigrationBatch -Name T2Tbatch -SourceEndpoint target_source_7977 -CSVData ([System.IO.File]::ReadAllBytes('users.csv')) -Autostart -TargetDeliveryDomain northwindtraders.onmicrosoft.com Identity Status Type TotalCount T2Tbatch Syncing ExchangeRemoteMove 1 > [!NOTE] > The email address in the CSV file must be the one specified in the target tenant (for example, userA@northwindtraders.onmicrosoft.com), not the one in the source tenant.-> > [For more information on the cmdlet click here](/powershell/module/exchange/new-migrationbatch)-> > [For some example CSV file info click here](/exchange/csv-files-for-mailbox-migration-exchange-2013-help) The following is a minimal example CSV file: Once the mailbox moves from source to target, you should ensure that the on-prem ### Remove endpoints and organization relationships after migration -Use the Remove-MigrationEndpoint(/powershell/module/exchange/remove-migrationendpoint) cmdlet to remove existing migration endpoints for source or destination servers after the migration is complete. +Use the Remove-MigrationEndpoint(/PowerShell/module/exchange/remove-migrationendpoint) cmdlet to remove existing migration endpoints for source or destination servers after the migration is complete. -Use the Remove-OrganizationRelationship (/exchange/sharing/organization-relationships/remove-an-organization-relationship#use-exchange-online-powershell-to-remove-an-organization-relationship) cmdlet to remove existing organization relationships for source or destination servers after the migration is complete. +Use the Remove-OrganizationRelationship (/exchange/sharing/organization-relationships/remove-an-organization-relationship\#use-exchange-online-PowerShell-to-remove-an-organization-relationship) cmdlet to remove existing organization relationships for source or destination servers after the migration is complete. ## Frequently asked questions -### Do we need to update RemoteMailboxes in source on-premises after the move? +### Do I need to update RemoteMailboxes in the source on-premises tenant after the move? -Yes, you should update the targetAddress (RemoteRoutingAddress/ExternalEmailAddress) of the source on-premises users when the source tenant mailbox moves to target tenant. While mail routing can follow the referrals across multiple mail users with different targetAddresses, Free/Busy lookups for mail users MUST target the location of the mailbox user. Free/Busy lookups will not chase multiple redirects. +#### Source Exchange Organization ++You should update the targetAddress (RemoteRoutingAddress/ExternalEmailAddress) of each source on-premises user when the source tenant mailbox moves to the target tenant. While mail routing can follow the referrals across multiple mail users with different targetAddresses, Free/Busy lookups for mail users **must** target the location of the mailbox user. ++#### Target Exchange Organization ++After migration is complete in a hybrid organization, run the following PowerShell command if you want your users to have remote mailboxes on-premises: ++```PowerShell +Get-MailUser -Identity <Migrate Mail User> | Enable-RemoteMailbox +``` ### Do Teams meetings migrate cross-tenant? -The meetings will move, however the Teams meeting URL does not update when items migrate cross-tenant. Since the URL will be invalid in the target tenant, you will need to remove and recreate the Teams meetings. +While Teams meetings are moved, the meeting URL isn't updated when items migrate cross-tenant. Since the URL will be invalid in the target tenant, you must remove and recreate Teams meetings. ### Does the Teams chat folder content migrate cross-tenant? -No, the Teams chat folder content does not migrate cross-tenant. When a mailbox is migrated cross-tenant with this feature, only user visible content in the mailbox (email, contacts, calendar, tasks, and notes) is migrated. +No, the Teams chat folder content doesn't migrate cross-tenant. When a mailbox is migrated cross-tenant with this feature, only user visible content in the mailbox (email, contacts, calendar, tasks, and notes) is migrated. ### How can I see just moves that are cross-tenant moves, not my onboarding and off-boarding moves? -Use the _Flags_ parameter. Here is an example. +Use the _Flags_ parameter: -```powershell +```PowerShell Get-MoveRequest -Flags "CrossTenant" ``` ### Can you provide example scripts for copying attributes used in testing? > [!NOTE]-> SAMPLE ΓÇô AS IS, NO WARRANTY -> This script assumes a connection to both source mailbox (to get source values) and the target on-premises Active Directory Domain Services (to stamp the ADUser object). +> SAMPLE ΓÇô AS IS, NO WARRANTY This script assumes a connection to both source mailbox (to get source values) and the target on-premises Active Directory Domain Services (to stamp the ADUser object). -```powershell +```PowerShell # This will export users from the source tenant with the CustomAttribute1 = "Cross-Tenant-Project" # These are the 'target' users to be moved to the northwindtraders tenant $outFileUsers = "$home\desktop\UsersToMigrate.txt" $mailboxes = Get-Content $outFileUsers $mailboxes | ForEach-Object {Get-Mailbox $_} | Select-Object PrimarySMTPAddress,Alias,SamAccountName,FirstName,LastName,DisplayName,Name,ExchangeGuid,ArchiveGuid,LegacyExchangeDn,EmailAddresses | Export-Clixml $outFileUsersXML ``` -```powershell +```PowerShell # Copy the file $outfile to the desktop of the target on-premises then run the below to create MEU in Target+$symbols = '!@#$%^&*'.ToCharArray() +@([char[]]([char]'a'..[char]'z'), [char[]]([char]'A'..[char]'Z'), [char[]]([char]'0'..[char]'9') + $symbols) ++function GeneratePassword { + param( + [ValidateRange(12, 256)] + [int] + $length = 16 + ) ++ do { + $password = -join (0..$length | ForEach-Object { $characterList | Get-Random }) + [int]$hasLowerChar = $password -cmatch '[a-z]' + [int]$hasUpperChar = $password -cmatch '[A-Z]' + [int]$hasDigit = $password -match '[0-9]' + [int]$hasSymbol = $password.IndexOfAny($symbols) -ne -1 ++ } + until (($hasLowerChar + $hasUpperChar + $hasDigit + $hasSymbol) -ge 3) ++ $password | ConvertTo-SecureString -AsPlainText +} + $mailboxes = Import-Clixml $home\desktop\UsersToMigrate.xml-add-type -AssemblyName System.Web foreach ($m in $mailboxes) { $organization = "@contoso.onmicrosoft.com"- $mosi = $m.Alias+$organization - $Password = [System.Web.Security.Membership]::GeneratePassword(16,4) | ConvertTo-SecureString -AsPlainText -Force - $x500 = "x500:" +$m.LegacyExchangeDn + $mosi = $m.Alias + $organization + $Password = GeneratePassword + $x500 = "x500:" + $m.LegacyExchangeDn $tmpUser = New-MailUser -MicrosoftOnlineServicesID $mosi -PrimarySmtpAddress $mosi -ExternalEmailAddress $m.PrimarySmtpAddress -FirstName $m.FirstName -LastName $m.LastName -Name $m.Name -DisplayName $m.DisplayName -Alias $m.Alias -Password $Password- $tmpUser | Set-MailUser -EmailAddresses @{add=$x500} -ExchangeGuid $m.ExchangeGuid -ArchiveGuid $m.ArchiveGuid -CustomAttribute1 "Cross-Tenant-Project" - $tmpx500 = $m.EmailAddresses | ?{$_ -match "x500"} - $tmpx500 | %{Set-MailUser $m.Alias -EmailAddresses @{add="$_"}} - } -``` + $tmpUser | Set-MailUser -EmailAddresses @{add = $x500 } -ExchangeGuid $m.ExchangeGuid -ArchiveGuid $m.ArchiveGuid -CustomAttribute1 "Cross-Tenant-Project" + $tmpx500 = $m.EmailAddresses | Where-Object { $_ -match "x500" } + $tmpx500 | ForEach-Object { Set-MailUser $m.Alias -EmailAddresses @{add = "$_" } } +} -```powershell -# Now sync the changes from On-Premises to Azure and Exchange Online in the Target tenant +# Now synchronize the changes from On-Premises to Azure and Exchange Online in the target tenant # This action should create the target mail enabled users (MEUs) in the Target tenant Start-ADSyncSyncCycle ``` ### How do we access Outlook on Day 1 after the user mailbox is moved? -Since only one tenant can own a domain, the former primary SMTPAddress will not be associated to the user in the target tenant when the mailbox move completes; only those domains associated with the new tenant. Outlook uses the user's new UPN to authenticate to the service and the Outlook profile expects to find the legacy primary SMTPAddress to match the mailbox in the target system. Since the legacy address is not in the target System the outlook profile will not connect to find the newly moved mailbox. +Since only one tenant can own a domain, the former primary SMTPAddress won't be associated to the user in the target tenant when the mailbox move completes; only those domains associated with the new tenant. Outlook uses the user's new UPN to authenticate to the service and the Outlook profile expects to find the legacy primary SMTPAddress to match the mailbox in the target system. Since the legacy address isn't in the target System the outlook profile won't connect to find the newly moved mailbox. For this initial deployment, users will need to rebuild their profile with their new UPN, primary SMTP address and resync OST content. For this initial deployment, users will need to rebuild their profile with their ### What Exchange RBAC roles do I need to be member of to set up or complete a cross-tenant move? -There is a matrix of roles based on assumption of delegated duties when executing a mailbox move. Currently, two roles are required: --- The first role is for a one-time setup task that establishes the authorization of moving content into or out of your tenant/organizational boundary. As moving data out of your organizational control is a critical concern for all companies, we opted for the highest assigned role of Organization Administrator (OrgAdmin). This role must alter or set up a new OrganizationRelationship that defines the -MailboxMoveCapability with the remote organization. Only the OrgAdmin can alter the MailboxMoveCapability setting, while other attributes on the OrganizationRelationship can be managed by the Federated Sharing administrator.+There's a matrix of roles based on assumption of delegated duties when executing a mailbox move. Currently, two roles are required: -- The role of executing the actual move commands can be delegated to a lower-level function. The role of Move Mailboxes is assigned to the capability of moving mailboxes in or out of the organization.+- The first role is for a one-time setup task that establishes the authorization of moving content into or out of your tenant/organizational boundary. As moving data out of your organizational control is a critical concern for all companies, we opted for the highest assigned role of **Organization Administrator**. This role must alter or set up a new OrganizationRelationship that defines the -MailboxMoveCapability with the remote organization. Only the Organization Admin can alter the MailboxMoveCapability setting, while other attributes on the OrganizationRelationship can be managed by the Federated Sharing administrator. +- The role of executing the actual move commands can be delegated to a lower-level function. The role of **Move Mailboxes** is assigned to the capability of moving mailboxes in or out of the organization. ### How do we target which SMTP address is selected for targetAddress (TargetDeliveryDomain) on the converted mailbox (to MailUser conversion)? -Exchange mailbox moves using MRS craft the targetAddress on the original source mailbox when converting to a MailUser by matching an email address (proxyAddress) on the target object. The process takes the -TargetDeliveryDomain value passed into the move command, then checks for a matching proxy for that domain on the target side. When we find a match, the matching proxyAddress is used to set the ExternalEmailAddress (targetAddress) on the converted mailbox (now MailUser) object. +Exchange mailbox moves using MRS craft the targetAddress on the original source mailbox when converting to a MailUser by matching an email address (proxyAddress) on the target object. The process takes the -TargetDeliveryDomain value passed into the command, then checks for a matching proxy for that domain on the target side. When we find a match, the matching proxyAddress is used to set the ExternalEmailAddress (targetAddress) on the converted mailbox (now MailUser) object. -### How mail flow works after migration? +### How does mail flow work after migration? -Cross-Tenant mail flow after migration works similar to Exchange Hybrid mail flow. Each migrated mailbox needs the source MailUser with the correct targetaddress to forward incoming mail from source tenant to mailboxes in target tenant. Transport rules, security and compliance features will run as configured in each tenant that the mail flows through. So, for inbound mail, features like anti-spam, anti-malware, quarantine, as well as transport rules and journaling rules will run in the source tenant first, then in the target tenant. +Cross-Tenant mail flow after migration works similar to Exchange Hybrid mail flow. Each migrated mailbox needs the source MailUser with the correct target address to forward incoming mail from source tenant to mailboxes in target tenant. Transport rules, security and compliance features will run as configured in each tenant that the mail flows through. So, for inbound mail, features like anti-spam, anti-malware, quarantine, and transport rules and journaling rules will run in the source tenant first, then in the target tenant. ### How do mailbox permissions transition? Mailbox permissions include Send on Behalf of and Mailbox Access: -- Send On Behalf Of (AD:publicDelegates) stores the DN of recipients with access to a user's mailbox as a delegate. This value is stored in Active Directory and currently does not move as part of the mailbox transition. If the source mailbox has publicDelegates set, you will need to restamp the publicDelegates on the target Mailbox once the MEU to Mailbox conversion completes in the target environment by running `Set-Mailbox <principle> -GrantSendOnBehalfTo <delegate>`.+- Send On Behalf Of (AD:publicDelegates) stores the DN of recipients with access to a user's mailbox as a delegate. This value is stored in the Active Directory and currently doesn't move as part of the mailbox transition. If the source mailbox has publicDelegates set, you'll need to restamp the publicDelegates on the target Mailbox once the MEU to Mailbox conversion completes in the target environment by running `Set-Mailbox <principle> -GrantSendOnBehalfTo <delegate>`. +- Mailbox Permissions that are stored in the mailbox will move with the mailbox when both the principal and the delegate are moved to the target system. For example, the user TestUser*7 is granted FullAccess to the mailbox TestUser_8 in the tenant SourceCompany.onmicrosoft.com. After the mailbox moves complete to TargetCompany.onmicrosoft.com, the same permissions are set up in the target directory. Examples using \_Get-MailboxPermission* for TestUser_7 in both source and target tenants are shown below. Exchange cmdlets are prefixed with source and target accordingly. -- Mailbox Permissions that are stored in the mailbox will move with the mailbox when both the principal and the delegate are moved to the target system. For example, the user TestUser*7 is granted FullAccess to the mailbox TestUser_8 in the tenant SourceCompany.onmicrosoft.com. After the mailbox move completes to TargetCompany.onmicrosoft.com, the same permissions are set up in the target directory. Examples using \_Get-MailboxPermission* for TestUser_7 in both source and target tenants are shown below. Exchange cmdlets are prefixed with source and target accordingly.+Here's an example of the output of the mailbox permission before a move from the source side: -Here is an example of the output of the mailbox permission before a move from the source side. --```powershell -Get-MailboxPermission TestUser_7 | Format-Table -AutoSize User, AccessRights, IsInherited, Deny +```PowerShell +Get-MailboxPermission TestUser_7 | Format-Table -AutoSize User, AccessRights, is Inherited, Deny User AccessRights IsInherited Deny - -- - NT AUTHORITY\SELF {FullAccess, ReadPermission} TestUser_8@contoso.onmicrosoft.com {FullAccess} False False ``` -Here's an example of the output of the mailbox permission after the move from the target side. +Here's an example of the output of the mailbox permission after the move from the target side: -```powershell +```PowerShell Get-MailboxPermission TestUser_7 | Format-Table -AutoSize User, AccessRights, IsInherited, Deny User AccessRights IsInherited Deny TestUser_8@northwindtraders.onmicrosoft.com {FullAccess} ``` > [!NOTE]-> Cross-tenant mailbox and calendar permissions are NOT supported. You must organize principals and delegates into consolidated move batches so that these connected mailboxes are transitioned at the same time from the source tenant. +> Cross-tenant mailbox and calendar permissions are not supported. You must organize principals and delegates into consolidated move batches so that these connected mailboxes are transitioned at the same time from the source tenant. ### What X500 proxy should be added to the target MailUser proxy addresses to enable migration? The cross-tenant mailbox migration requires that the LegacyExchangeDN value of t Example: -```powershell +```PowerShell LegacyExchangeDN value on source mailbox is: /o=First Organization/ou=Exchange Administrative Group(FYDIBOHF23SPDLT)/cn=Recipients/cn=d11ec1a2cacd4f81858c81907273f1f9Lara x500:/o=First Organization/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn ### Can the source and target tenants utilize the same domain name? -No, the source tenant and target tenant domain names must be unique. For example, a source domain of contoso.com and the target domain of northwindtraders.com. +No, the source tenant and target tenant domain names must be unique; for example, a source domain of contoso.com and the target domain of northwindtraders.com. ### Will shared mailboxes move and still work? -Yes, however, we only keep the store permissions as described in these articles: +Yes. However, we only keep the store permissions as described in these articles: - [Manage permissions for recipients in Exchange Online](/exchange/recipients-in-exchange-online/manage-permissions-for-recipients)- - [How to grant Exchange and Outlook mailbox permissions in Office 365 dedicated](https://support.microsoft.com/topic/how-to-grant-exchange-and-outlook-mailbox-permissions-in-office-365-dedicated-bac01b2c-08ff-2eac-e1c8-6dd01cf77287) ### Do you have any recommendations for batches? -Do not exceed 2000 mailboxes per batch. We strongly recommend submitting batches two weeks prior to the cut-over date as there is no impact on the end users during synchronization. If you need guidance for mailboxes quantities over 50,000 you can reach out to the Engineering Feedback Distribution List at crosstenantmigrationpreview@service.microsoft.com. +Don't exceed 2,000 mailboxes per batch. We strongly recommend submitting batches two weeks prior to the cut-over date as there's no impact on the end users during synchronization. If you need guidance for mailboxes quantities over 50,000, you can reach out to the Engineering Feedback Distribution List at crosstenantmigrationpreview@service.microsoft.com. -### What if I use Service encryption with Customer Key? +### What if I use Service encryption with Microsoft Purview Customer Key? -The mailbox will be decrypted prior to moving. Ensure Customer Key is configured in the target tenant if it is still required. See [here](/microsoft-365/compliance/customer-key-overview) for more information. +The mailbox will be decrypted prior to moving. Ensure Customer Key is configured in the target tenant if it's still required. See [here](/microsoft-365/compliance/customer-key-overview) for more information. ### What is the estimated migration time? Cross-tenant migration only migrates mailbox data and nothing else. There are mu ### Can I have the same labels in the destination tenant as you had in the source tenant, either as the only set of labels or an additional set of labels for the migrated users depending on alignment between the organizations.\*\* -Because cross-tenant migrations do not export labels and there is no way to share labels between tenants, you can only achieve this by recreating the labels in the destination tenant. +Because cross-tenant migrations don't export labels and there's no way to share labels between tenants, you can only achieve this by recreating the labels in the destination tenant. ### Do you support moving Microsoft 365 Groups? -Currently the Cross-Tenant mailbox migrations feature does not support the migration of Microsoft 365 Groups. +Currently the cross-tenant mailbox migrations feature doesn't support the migration of Microsoft 365 Groups. ### Can a source tenant admin perform an eDiscovery search against a mailbox after the mailbox has been migrated to the new/target tenant? -No, after a cross tenant mailbox migration, eDiscovery against the migrated user's mailbox in the source does not work. This is because there is no longer a mailbox in the source to search against as the mailbox has been migrated to the target tenant and now belongs to the target tenant. eDiscovery, post mailbox migration can only be done in the target tenant (where the mailbox now exists). If a copy of the source mailbox needs to persist in the source tenant after migration, the admin in the source can copy the contents to an alternate mailbox pre migration for future eDiscovery operations against the data. +No, after a cross-tenant mailbox migration, eDiscovery against the migrated user's mailbox in the source doesn't work. This is because there's no longer a mailbox in the source to search for as the mailbox has been migrated to the target tenant and now belongs to the target tenant. eDiscovery after mailbox migration can only be done in the target tenant (where the mailbox now exists). If a copy of the source mailbox needs to persist in the source tenant after migration, the admin in the source can copy the contents to an alternate mailbox pre migration for future eDiscovery operations against the data. ### At which point will the destination MailUser be converted to a destination mailbox and the source mailbox converted to a source MailUser? These conversions happen automatically during the migration process. No manual s ### At which step should I assign the Exchange Online license to destination MailUsers? -This can be done before the migration is complete, but you should not assign a license prior to stamping the _ExchangeGuid_ attribute or the conversion of MailUser object to mailbox will fail and a new mailbox will be created instead. To mitigate this risk, it is best to wait until after the migration is complete, and assign licenses during the 30 day grace period. --### Can I use Azure AD Connect to sync users to the new tenant if I am keeping the on-prem Active Directory? +This can be done before the migration is complete, but you shouldn't assign a license prior to stamping the _ExchangeGuid_ attribute or the conversion of MailUser object to mailbox will fail and a new mailbox will be created instead. To mitigate this risk, it's best to wait until after the migration is complete and assign licenses during the 30-day grace period. -Yes. It is possible to have two instances of Azure AD Connect synchronize to different tenants. -However, there are some things you need to be aware of. +### Can I use Azure AD Connect to sync users to the new tenant if I'm keeping the on-premises Active Directory? -- Preprovisioning the user's accounts with the script provided in this article should not be done. Instead, a selective OU sync of the users in scope for the migration can be performed to populate the target tenant; you will receive a warning about the UPN not matching during Azure AD Connect configuration.-- Depending on your current state of Hybrid Exchange, you need to verify that the on-prem directory objects have the required attributes (such as msExchMailboxGUID and proxyAddresses) populated correctly before attempting to sync to another tenant, or you will run into issues with double mailboxes and migration failures.-- You need to take some extra steps to manage UPN transitioning, changing it on-prem once the migration has been completed for a user unless you are also moving the custom domain during a cut-over migration.+Yes. It's possible to have two instances of Azure AD Connect synchronize to different tenants. However, there are some things you need to be aware of: -## Known issues +- Preprovisioning the user's accounts with the script provided in this article shouldn't be done. Instead, a selective OU sync of the users in scope for the migration can be performed to populate the target tenant. You'll receive a warning about the UPN not matching during Azure AD Connect configuration. +- Depending on your current state of hybrid Exchange, you need to verify that the on-premises directory objects have the required attributes (such as msExchMailboxGUID and proxyAddresses) populated correctly before attempting to sync to another tenant or you'll run into issues with double mailboxes and migration failures. +- You need to take some extra steps to manage UPN transitioning, changing it on-premises once the migration has been completed for a user unless you're also moving the custom domain during a cut-over migration. -- **Issue: Post migration Teams functionality in the source tenant will be limited.** After the mailbox is migrated to the target tenant, Teams in the source tenant will no longer have access to the user's mailbox. So, if a user logs into Teams with the source tenant credential, then there will be a loss of functionality such as the inability to update your profile picture, no calendar application, and an inability to search and join public teams.+### Do auto-expanded archive mailboxes move? -- **Issue: Auto Expanded archives cannot be migrated.** The cross-tenant migration feature supports migrations of the primary mailbox and archive mailbox for a specific user. If the user in the source however has an auto expanded archive ΓÇô meaning more than one archive mailbox, the feature is unable to migrate the additional archives and should fail.+Yes, if the user in source has auto-expanding archives enabled and has additional auxiliary archives, cross-tenant mailbox migration will work. We support moving users that have no more than 12 auxiliary archive mailboxes. Additionally, users with large primary, large main archive, and large auxiliary archive mailboxes will require extra time to synchronize and should be submitted well in advance of the cutover date. Also note that if the source mailbox is expanded during the mailbox migration process, the migration will fail as a new auxiliary archive will be created in the source, but not in the target. In this case, you'll need to remove the user from the batch and resubmit them. -- **Issue: Cloud MailUsers with non-owned smtp proxyAddress block MRS moves background.** When creating target tenant MailUser objects, you must ensure that all SMTP proxy addresses belong to the target tenant organization. If an SMTP proxyAddress exists on the target mail user that does not belong to the local tenant, the conversion of the MailUser to Mailbox is prevented. This is due to our assurance that mailbox objects can only send mail from domains for which the tenant is authoritative (domains claimed by the tenant):+## Known issues - - When you synchronize users from on-premises using Azure AD Connect, you provision on-premises MailUser objects with ExternalEmailAddress pointing to the source tenant where the mailbox exists (LaraN@contoso.onmicrosoft.com) and you stamp the PrimarySMTPAddress as a domain that resides in the target tenant (Lara.Newton@northwindtraders.com). These values synchronize down to the tenant and an appropriate mail user is provisioned and ready for migration. An example object is shown here. +- Post-migration Teams functionality in the source tenant will be limited. After the mailbox is migrated to the target tenant, Teams in the source tenant will no longer have access to the user's mailbox. If a user logs into Teams with the source tenant credential, there will be a loss of functionality such as the inability to update their profile picture, no calendar application, and an inability to search and join public teams. +- Cloud MailUsers with non-owned smtp proxyAddress will block MRS moves. When creating target tenant MailUser objects, you must ensure that all SMTP proxy addresses belong to the target tenant organization. If an SMTP proxyAddress exists on the target mail user that doesn't belong to the local tenant, the conversion of the MailUser to a mailbox is prevented. This is due to our assurance that mailbox objects can only send mail from domains for which the tenant is authoritative (domains claimed by the tenant). + - If you synchronize users from on-premises using Azure AD Connect in the target tenant, then you can provision on-premises MailUser objects with ExternalEmailAddress pointing to the source tenant where the mailbox exists (LaraN@contoso.onmicrosoft.com) and you stamp the PrimarySMTPAddress as a domain that resides in the target tenant (Lara.Newton@northwindtraders.com). These values synchronize down to the tenant and an appropriate mail user is provisioned and ready for migration. An example object is shown here. - ```powershell - Get-MailUser LaraN | select ExternalEmailAddress, EmailAddresses +```PowerShell +Get-MailUser LaraN | select ExternalEmailAddress, EmailAddresses - ExternalEmailAddress EmailAddresses - -- -- - SMTP:LaraN@contoso.onmicrosoft.com {SMTP:lara.newton@northwindtraders.com} - ``` +ExternalEmailAddress EmailAddresses +-- -- +SMTP:LaraN@contoso.onmicrosoft.com {SMTP:lara.newton@northwindtraders.com} +``` - > [!NOTE] - > The _contoso.onmicrosoft.com_ address is _not_ present in the EmailAddresses / proxyAddresses array. +> [!NOTE] +> The _contoso.onmicrosoft.com_ address is _not_ present in the EmailAddresses / proxyAddresses array. -- **Issue: MailUser objects with "external" primary SMTP addresses are modified / reset to "internal" company claimed domains**+- MailUser objects with "external" primary SMTP addresses are modified / reset to "internal" company claimed domains MailUser objects are pointers to non-local mailboxes. In the case for cross-tenant mailbox migrations, we use MailUser objects to represent either the source mailbox (from the target organization's perspective) or target mailbox (from the source organization's perspective). The MailUsers will have an ExternalEmailAddress (targetAddress) that points to the smtp address of the actual mailbox (ProxyTest@northwindtraders.onmicrosoft.com) and primarySMTP address that represents the displayed SMTP address of the mailbox user in the directory. Some organizations choose to display the primary SMTP address as an external SMTP address, not as an address owned/verified by the local tenant (such as northwindtraders.com rather than as contoso.com). However, once an Exchange service plan object is applied to the MailUser via licensing operations, the primary SMTP address is modified to show as a domain verified by the local organization (contoso.com). There are two potential reasons: - - When any Exchange service plan is applied to a MailUser, the Azure AD process starts to enforce proxy scrubbing to ensure that the local organization is not able to send mail out, spoof, or mail from another tenant. Any SMTP address on a recipient object with these service plans will be removed if the address is not verified by the local organization. As is the case in the example, the Fabikam.com domain is NOT verified by the contoso.onmicrosoft.com tenant, so the scrubbing removes that northwindtraders.com domain. If you wish to persist these external domains on MailUser, either before the migration or after migration, you need to alter your migration processes to strip licenses after the move completes or before the move to ensure that the users have the expected external branding applied. You will need to ensure that the mailbox object is properly licensed to not affect mail service. + - When any Exchange service plan is applied to a MailUser, the Azure AD process starts to enforce proxy scrubbing to ensure that the local organization isn't able to send out mail, spoof, or mail from another tenant. Any SMTP address on a recipient object with these service plans will be removed if the address isn't verified by the local organization. As is the case in the example, the northwindtraders.com domain is not verified by the contoso.onmicrosoft.com tenant, so the scrubbing removes that northwindtraders.com domain. If you wish to persist these external domains on MailUser, either before the migration or after migration, you need to alter your migration processes to strip licenses after the move completes or before the move to ensure that the users have the expected external branding applied. You'll need to ensure that the mailbox object is properly licensed to not affect mail service. - An example script to remove the service plans on a MailUser in the contoso.onmicrosoft.com tenant is shown here. - ```powershell - $LO = New-MsolLicenseOptions -AccountSkuId "contoso:ENTERPRISEPREMIUM" DisabledPlans "LOCKBOX_ENTERPRISE","EXCHANGE_S_ENTERPRISE","INFORMATION_BARRIERS","MIP_S_CLP2","MIP_S_CLP1","MYANALYTICS_P2","EXCHANGE_ANALYTICS","EQUIVIO_ANALYTICS","THREAT_INTELLIGENCE","PAM_ENTERPRISE","PREMIUM_ENCRYPTION" - Set-MsolUserLicense -UserPrincipalName ProxyTest@contoso.com LicenseOptions $lo - ``` -- Results in the set of ServicePlans assigned are shown here. -- ```powershell - (Get-MsolUser -UserPrincipalName ProxyTest@contoso.com).licenses | Select-Object -ExpandProperty ServiceStatus |sort ProvisioningStatus -Descending -- ServicePlan ProvisioningStatus - -- - ATP_ENTERPRISE PendingProvisioning - MICROSOFT_SEARCH PendingProvisioning - INTUNE_O365 PendingActivation - PAM_ENTERPRISE Disabled - EXCHANGE_ANALYTICS Disabled - EQUIVIO_ANALYTICS Disabled - THREAT_INTELLIGENCE Disabled - LOCKBOX_ENTERPRISE Disabled - PREMIUM_ENCRYPTION Disabled - EXCHANGE_S_ENTERPRISE Disabled - INFORMATION_BARRIERS Disabled - MYANALYTICS_P2 Disabled - MIP_S_CLP1 Disabled - MIP_S_CLP2 Disabled - ADALLOM_S_O365 PendingInput - RMS_S_ENTERPRISE Success - YAMMER_ENTERPRISE Success - PROJECTWORKMANAGEMENT Success - BI_AZURE_P2 Success - WHITEBOARD_PLAN3 Success - SHAREPOINTENTERPRISE Success - SHAREPOINTWAC Success - KAIZALA_STANDALONE Success - OFFICESUBSCRIPTION Success - MCOSTANDARD Success - Deskless Success - STREAM_O365_E5 Success - FLOW_O365_P3 Success - POWERAPPS_O365_P3 Success - TEAMS1 Success - MCOEV Success - MCOMEETADV Success - BPOS_S_TODO_3 Success - FORMS_PLAN_E5 Success - SWAY Success - ``` -- The user's PrimarySMTPAddress is no longer scrubbed. The northwindtraders.com domain is not owned by the contoso.onmicrosoft.com tenant and will persist as the primary SMTP address shown in the directory. -- Here is an example. -- ```powershell - Get-Recipient ProxyTest | Format-Table -AutoSize UserPrincipalName, PrimarySmtpAddress, ExternalEmailAddress, ExternalDirectoryObjectId - UserPrincipalName PrimarySmtpAddress ExternalEmailAddress ExternalDirectoryObjectId - -- -- - - ProxyTest@northwindtraders.com ProxyTest@northwindtraders.com SMTP:ProxyTest@northwindtraders.com e2513482-1d5b-4066-936a-cbc7f8f6f817 - ``` -- - When msExchRemoteRecipientType is set to 8 (DeprovisionMailbox), for on-premises MailUsers that are migrated to the target tenant, the proxy scrubbing logic in Azure will remove non-owned domains and reset the primarySMTP to an owned domain. By clearing msExchRemoteRecipientType in the on-premises MailUser, the proxy scrub logic no longer applies. -- Below is the full set of current service plans that include Exchange Online. -- | Name | - | | - | eDiscovery (Premium) Storage (500 GB) | - | Customer Lockbox | - | Data Loss Prevention | - | Exchange Enterprise CAL Services (EOP, DLP) | - | Exchange Essentials | - | Exchange Foundation | - | Exchange Online (P1) | - | Exchange Online (Plan 1) | - | Exchange Online (Plan 2) | - | Exchange Online Archiving for Exchange Online | - | Exchange Online Archiving for Exchange Server | - | Exchange Online Inactive User Add-on | - | Exchange Online Kiosk | - | Exchange Online Multi-Geo | - | Exchange Online Plan 1 | - | Exchange Online POP | - | Exchange Online Protection | - | Graph Connectors Search with Index | - | Information Barriers | - | Information Protection for Office 365 - Premium | - | Information Protection for Office 365 - Standard | - | Insights by MyAnalytics | - | Microsoft Information Governance | - | Microsoft Purview Audit (Premium) | - | Microsoft Bookings | - | Microsoft Business Center | - | Microsoft Data Investigations | - | Microsoft MyAnalytics (Full) | - | Microsoft Communications Compliance | - | Microsoft Communications DLP | - | Microsoft Customer Key | - | Microsoft 365 Advanced Auditing | - | Microsoft Records Management | - | Office 365 eDiscovery (Premium) | - | Office 365 Advanced eDiscovery | - | Microsoft Defender for Office 365 (Plan 1) | - | Microsoft Defender for Office 365 (Plan 2) | - | Office 365 Privileged Access Management | - | Premium Encryption in Office 365 | +```PowerShell +$LO = New-MsolLicenseOptions -AccountSkuId "contoso:ENTERPRISEPREMIUM" DisabledPlans "LOCKBOX_ENTERPRISE","EXCHANGE_S_ENTERPRISE","INFORMATION_BARRIERS","MIP_S_CLP2","MIP_S_CLP1","MYANALYTICS_P2","EXCHANGE_ANALYTICS","EQUIVIO_ANALYTICS","THREAT_INTELLIGENCE","PAM_ENTERPRISE","PREMIUM_ENCRYPTION" +Set-MsolUserLicense -UserPrincipalName ProxyTest@contoso.com LicenseOptions $lo +``` ++Results in the set of ServicePlans assigned are shown here: ++```PowerShell +(Get-MsolUser -UserPrincipalName ProxyTest@contoso.com).licenses | Select-Object -ExpandProperty ServiceStatus |sort ProvisioningStatus -Descending ++ServicePlan ProvisioningStatus +-- +ATP_ENTERPRISE PendingProvisioning +MICROSOFT_SEARCH PendingProvisioning +INTUNE_O365 PendingActivation +PAM_ENTERPRISE Disabled +EXCHANGE_ANALYTICS Disabled +EQUIVIO_ANALYTICS Disabled +THREAT_INTELLIGENCE Disabled +LOCKBOX_ENTERPRISE Disabled +PREMIUM_ENCRYPTION Disabled +EXCHANGE_S_ENTERPRISE Disabled +INFORMATION_BARRIERS Disabled +MYANALYTICS_P2 Disabled +MIP_S_CLP1 Disabled +MIP_S_CLP2 Disabled +ADALLOM_S_O365 PendingInput +RMS_S_ENTERPRISE Success +YAMMER_ENTERPRISE Success +PROJECTWORKMANAGEMENT Success +BI_AZURE_P2 Success +WHITEBOARD_PLAN3 Success +SHAREPOINTENTERPRISE Success +SHAREPOINTWAC Success +KAIZALA_STANDALONE Success +OFFICESUBSCRIPTION Success +MCOSTANDARD Success +Deskless Success +STREAM_O365_E5 Success +FLOW_O365_P3 Success +POWERAPPS_O365_P3 Success +TEAMS1 Success +MCOEV Success +MCOMEETADV Success +BPOS_S_TODO_3 Success +FORMS_PLAN_E5 Success +SWAY Success +``` ++The user's PrimarySMTPAddress is no longer scrubbed. The northwindtraders.com domain isn't owned by the contoso.onmicrosoft.com tenant and will persist as the primary SMTP address shown in the directory. ++Here's an example: ++```PowerShell +Get-Recipient ProxyTest | Format-Table -AutoSize UserPrincipalName, PrimarySmtpAddress, ExternalEmailAddress, ExternalDirectoryObjectId +UserPrincipalName PrimarySmtpAddress ExternalEmailAddress ExternalDirectoryObjectId +-- -- - +ProxyTest@contoso.com ProxyTest@contoso.com SMTP:ProxyTest@contoso.com e2513482-1d5b-4066-936a-cbc7f8f6f817 +``` ++- When msExchRemoteRecipientType is set to 8 (DeprovisionMailbox), for on-premises MailUsers that are migrated to the target tenant, the proxy scrubbing logic in Azure will remove non-owned domains and reset the primarySMTP to an owned domain. By clearing msExchRemoteRecipientType in the on-premises MailUser, the proxy scrub logic no longer applies. ++Below is the full set of current service plans that include Exchange Online: ++| Name | +| | +| eDiscovery (Premium) Storage (500 GB) | +| Customer Lockbox | +| Data Loss Prevention | +| Exchange Enterprise CAL Services (EOP, DLP) | +| Exchange Essentials | +| Exchange Foundation | +| Exchange Online (P1) | +| Exchange Online (Plan 1) | +| Exchange Online (Plan 2) | +| Exchange Online Archiving for Exchange Online | +| Exchange Online Archiving for Exchange Server | +| Exchange Online Inactive User Add-on | +| Exchange Online Kiosk | +| Exchange Online Multi-Geo | +| Exchange Online Plan 1 | +| Exchange Online POP | +| Exchange Online Protection | +| Graph Connectors Search with Index | +| Information Barriers | +| Information Protection for Office 365 - Premium | +| Information Protection for Office 365 - Standard | +| Insights by MyAnalytics | +| Microsoft Information Governance | +| Microsoft Purview Audit (Premium) | +| Microsoft Bookings | +| Microsoft Business Center | +| Microsoft Data Investigations | +| Microsoft MyAnalytics (Full) | +| Microsoft Communications Compliance | +| Microsoft Communications DLP | +| Microsoft Customer Key | +| Microsoft 365 Advanced Auditing | +| Microsoft Records Management | +| Office 365 eDiscovery (Premium) | +| Office 365 Advanced eDiscovery | +| Microsoft Defender for Office 365 (Plan 1) | +| Microsoft Defender for Office 365 (Plan 2) | +| Office 365 Privileged Access Management | +| Premium Encryption in Office 365 | |
security | Microsoft 365 Zero Trust | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/Microsoft-365-zero-trust.md | |
security | Active Content In Trusted Docs | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/active-content-in-trusted-docs.md | search.appverid: - MET150 description: "Admins can learn how to create policies to block active content in Office documents" Previously updated : 06/22/2021 Last updated : 1/31/2023 # Manage active content in Office documents |
security | Mdb Onboard Devices | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-business/mdb-onboard-devices.md | When you run the local script on Mac: 9. You'll be prompted to allow installation of a driver from Microsoft (either "System Extension Blocked" or "Installation is on hold", or both). You must allow the driver installation: Select **Open Security Preferences** or **Open System Preferences** > **Security & Privacy**, and then select **Allow**. -10. Use the following Python command in Bash to run the onboarding package: `/usr/bin/python MicrosoftDefenderATPOnboardingMacOs.sh` +10. Use the following Bash command to run the onboarding package: ++ ```bash + /usr/bin/unzip WindowsDefenderATPOnboardingPackage.zip \ + && /bin/chmod +x MicrosoftDefenderATPOnboardingMacOs.sh \ + && /bin/bash -c MicrosoftDefenderATPOnboardingMacOs.sh + ``` After Mac is enrolled in Intune, you can add it to a device group. [Learn more about device groups in Defender for Business](mdb-create-edit-device-groups.md). |
security | Device Control Removable Storage Access Control | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/device-control-removable-storage-access-control.md | For specific guidance, see: The [Microsoft 365 Defender portal](https://security.microsoft.com/advanced-hunting) shows events triggered by the Device Control Removable Storage Access Control. To access the Microsoft 365 security, you must have the following subscription: -- Microsoft 365 for E5 reporting+- Microsoft 365 E5 +- Microsoft Defender for Endpoint Plan 2 + If `AuditAllowed` or `AuditDenied` is configured in your policy and **Send event** is selected in **Options**, an event will be sent to Advanced hunting or the Device control report for every covered access (`AccessMask` in the entry), regardless of whether it was initiated by the system or by the user who signed in. |
security | Enable Update Mdav To Latest Ws | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/enable-update-mdav-to-latest-ws.md | ms.pagetype: security ms.localizationpriority: high Previously updated : 08/10/2022 Last updated : 02/16/2023 audience: ITPro To enable and update Microsoft Defender Antivirus on Windows Server, perform the First, ensure that Microsoft Defender Antivirus is not disabled either through Group Policy or registry. For more information, see [Troubleshoot Microsoft Defender Antivirus while migrating from a third-party solution](/microsoft-365/security/defender-endpoint/troubleshoot-microsoft-defender-antivirus-when-migrating). +If Microsoft Defender Antivirus features and installation files were previously removed from Windows Server 2016, follow the guidance in [Configure a Windows Repair Source](/windows-hardware/manufacture/desktop/configure-a-windows-repair-source) to restore the feature installation files. + On Windows Server 2016, in some cases, you may need to use the [Malware Protection Command-Line Utility](command-line-arguments-microsoft-defender-antivirus.md) to re-enable Microsoft Defender Antivirus. As a local administrator on the server, perform the following steps: |
security | Export Certificate Inventory Assessment | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/export-certificate-inventory-assessment.md | Property (ID)|Data type|Description ### 1.6.1 Request example ```http-GET https://api.securitycenter.microsoft.com/api/machines/BaselineComplianceAssessmentByMachine +GET https://api.securitycenter.microsoft.com/api/machines/CertificateAssessmentByMachine ``` ### 1.6.2 Response example |
security | Mac Whatsnew | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/mac-whatsnew.md | For more information on Microsoft Defender for Endpoint on other operating syste - [What's new in Microsoft Defender for Endpoint on Linux](linux-whatsnew.md) - [What's new in Microsoft Defender for Endpoint on iOS](ios-whatsnew.md) - **Mac devices to soon receive built-in protection** Tamper protection will extend to macOS devices and will be turned on in block mode by default to help secure your Mac against threats. To learn more, see [Protect macOS security settings with tamper protection](built-in-protection.md). Apple has fixed an issue on macOS [Ventura upgrade](<https://developer.apple.com **Catalina Deprecation**<br> Microsoft Defender for Endpoint no longer supports macOS Catalina (10.15) as Apple ended support for Catalina (10.15) in December 2022. </br>++### Feb-2023 (Build: 101.97.94 | Release version: 20.123011.19794.0) ++| Build: | **101.97.94** | +|--|--| +| Release version: | **20.123011.19794.0** | +| Engine version: | **1.1.20000.2** | +| Signature version: | **1.383.104.0** | ++##### What's new ++- Improved performance, stability, and security +- Bug fixes +- Discontinued support macOS Catalina [10.15] ++<br/> + <details> <summary>Jan-2023 (Build: 101.96.85 | Release version: 20.122112.19413.0)</summary> Microsoft Defender for Endpoint no longer supports macOS Catalina (10.15) as App <br/> </details> - <details> <summary>Dec-2022 (Build: 101.90.97 | Release version: 20.122102.19097.0)</summary> |
security | Manage Updates Baselines Microsoft Defender Antivirus | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus.md | We recommend updating your Windows 10 (Enterprise, Pro, and Home editions), Wind For more information, see [Microsoft Defender update for Windows operating system installation images](https://support.microsoft.com/help/4568292/defender-update-for-windows-operating-system-installation-images). +### 20230215.1 ++- Defender package version: **20230215.1** +- Security intelligence version: **1.383.51.0** +- Engine version: **1.1.20000.2** +- Platform version: **4.18.2301.6** ++#### Fixes ++- None ++#### Additional information ++- None + ### 20230118.1 - Defender package version: **20230118.1** |
security | Switch To Mde Phase 2 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/switch-to-mde-phase-2.md | ms.pagetype: security ms.localizationpriority: medium Previously updated : 01/12/2023 Last updated : 02/16/2023 audience: ITPro As you're making the switch to Defender for Endpoint, you might need to take cer - Under **Base**, select **Hexadecimal**. +If Microsoft Defender Antivirus features and installation files were previously removed from Windows Server 2016, follow the guidance in [Configure a Windows Repair Source](/windows-hardware/manufacture/desktop/configure-a-windows-repair-source) to restore the feature installation files. + > [!NOTE] > After onboarding to Defender for Endpoint, you might have to set Microsoft Defender Antivirus to passive mode on Windows Server. To validate that passive mode was set as expected, search for **Event 5007** in the **Microsoft-Windows-Windows Defender Operational** log (located at `C:\Windows\System32\winevt\Logs`), and confirm that either the **ForceDefenderPassiveMode** or **PassiveMode** registry keys were set to **0x1**. |
security | Configure Siem Defender | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/configure-siem-defender.md | Last updated 10/25/2021 > - [Microsoft 365 Defender Incidents](incident-queue.md) consists of collections of correlated alerts and their evidence. > - [Microsoft 365 Defender Streaming API](streaming-api.md) streams event data from Microsoft 365 Defender to event hubs or Azure storage accounts. -Microsoft 365 Defender supports security information and event management (SIEM) tools ingesting information from your enterprise tenant in Azure Active Directory (AAD) using the OAuth 2.0 authentication protocol for a registered AAD application representing the specific SIEM solution or connector installed in your environment. +Microsoft 365 Defender supports security information and event management (SIEM) tools ingesting information from your enterprise tenant in Azure Active Directory (AAD) using the OAuth 2.0 authentication protocol for a registered AAD application representing the specific SIEM solution or connector installed in your environment. For more information, see: For more information on the new ArcSight SmartConnector for Microsoft 365 Defend The SmartConnector replaces the previous FlexConnector for Microsoft Defender for Endpoint that has been deprecated. +### Elastic ++Elastic Security combines SIEM threat detection features with endpoint prevention and response capabilities in one solution. +The Elastic integration for Microsoft 365 Defender and Defender for Endpoint enables organizations to leverage incidents and alerts from Defender within Elastic Security to perform investigations and incident response. Elastic correlates this data with other data sources, including cloud, network, and endpoint sources using robust detection rules to find threats quickly. +For more information on the Elastic connector, see: [Microsoft M365 Defender | Elastic docs](https://docs.elastic.co/integrations/m365_defender) ## Ingesting streaming event data via Event Hubs -First you need to stream events from your AAD tenant to your Event Hubs or Azure Storage Account. For more information, see [Streaming API](../defender/streaming-api.md). +First you need to stream events from your Azure AD tenant to your Event Hubs or Azure Storage Account. For more information, see [Streaming API](../defender/streaming-api.md). For more information on the event types supported by the Streaming API, see [Supported streaming event types](../defender/supported-event-types.md). For more information on the Splunk Add-on for Microsoft Cloud Services, see the ### IBM QRadar >Use the new IBM QRadar Microsoft 365 Defender Device Support Module (DSM) that calls the [Microsoft 365 Defender Streaming API](streaming-api.md) that allows ingesting streaming event data from Microsoft 365 Defender products via Event Hubs or Azure Storage Account. For more information on supported event types, see [Supported event types](supported-event-types.md). -## Related topics +### Elastic ++For more information on the Elastic streaming API integration, see [Microsoft M365 Defender | Elastic docs](https://docs.elastic.co/integrations/m365_defender). ++## Related articles [Use the Microsoft Graph security API - Microsoft Graph | Microsoft Learn](/graph/api/resources/security-api-overview) |
security | Usgov | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/usgov.md | The following are the Microsoft 365 Defender portal URLs for US Government custo |Customer type|Portal URL| ||| |GCC|<https://security.microsoft.com>|-|GCC High|Rolling out| -|DoD|Rolling out| +|GCC High|[https://security.microsoft.us](https://security.microsoft.us)| +|DoD|[https://security.apps.mil](https://security.apps.mil)| | > [!NOTE] > If you are a GCC customer and in the process of moving from Microsoft Defender for Endpoint commercial to GCC, use https://transition.security.microsoft.com to access your Microsoft Defender for Endpoint commercial data. These are the known gaps: |Feature name|GCC|GCC High|DoD| ||::|::|::|-|Integrations: Microsoft Sentinel (Incidents & Raw data)| In public preview| In public preview| In public preview| |Microsoft Threat Experts| On engineering backlog| On engineering backlog| On engineering backlog| For detailed list of Event Streaming API tables, see [Microsoft 365 Defender streaming event types supported in Event Streaming API](supported-event-types.md). |
security | Address Compromised Users Quickly | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/address-compromised-users-quickly.md | ms.localizationpriority: medium search.appverid: - MET150 - MOE150-++ - m365-security + - tier2 Last updated 1/31/2023 description: Learn how to speed up the process of detecting and addressing compromised user accounts with automated investigation and response capabilities in Microsoft Defender for Office 365 Plan 2. |
security | Admin Review Reported Message | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/admin-review-reported-message.md | + - tier2 description: Learn how to review messages that are reported and give feedback to your users. |
security | Air About Office | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-about-office.md | search.appverid: - MOE150 - m365-security-- m365initiative-defender-office365+- tier2 keywords: automated incident response, investigation, remediation, threat protection Last updated 01/17/2023 description: See how automated investigation and response capabilities work in Microsoft Defender for Office 365 |
security | Air About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-about.md | search.appverid: - MOE150 - m365-security-- m365initiative-defender-office365+- tier2 description: Get started using automated investigation and response capabilities in Microsoft Defender for Office 365. - air |
security | Air Custom Reporting | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-custom-reporting.md | search.appverid: - MOE150 - m365-security-- m365initiative-defender-office365+- tier2 description: Learn how to integrate automated investigation and response with a custom or third-party reporting solution. Last updated 1/31/2023 |
security | Air Remediation Actions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-remediation-actions.md | search.appverid: - MOE150 - m365-security-- m365initiative-defender-office365+- tier2 description: "Learn about remediation actions following automated investigation in Microsoft Defender for Office 365." Last updated 1/31/2023 |
security | Air Report False Positives Negatives | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-report-false-positives-negatives.md | +- tier2 - autoir |
security | Air Review Approve Pending Completed Actions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-review-approve-pending-completed-actions.md | search.appverid: - MOE150 - m365-security-- m365initiative-defender-office365+- tier2 description: Learn about remediation actions in automated investigation and response capabilities in Microsoft Defender for Office 365 Plan 2. |
security | Air View Investigation Results | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/air-view-investigation-results.md | search.appverid: - MOE150 - m365-security-- m365initiative-defender-office365+- tier2 description: During and after an automated investigation in Microsoft 365, you can view the results and key findings. Last updated 01/31/2023 |
security | Anti Malware Policies Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-malware-policies-configure.md | search.appverid: ms.assetid: b0cfc21f-e3c6-41b6-8670-feb2b2e252e5 - m365-security- - m365initiative-defender-office365 + - tier2 description: Admins can learn how to view, create, modify, and remove anti-malware policies in Exchange Online Protection (EOP). -- seo-marvel-apr2020 Last updated 11/28/2022 |
security | Anti Malware Protection About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-malware-protection-about.md | search.appverid: ms.assetid: 0e39a0ce-ab8b-4820-8b5e-93fbe1cc11e8 - m365-security- - m365initiative-defender-office365 + - tier2 description: Admins can learn about anti-malware protection and anti-malware policies that protect against viruses, spyware, and ransomware in Exchange Online Protection (EOP). |
security | Anti Malware Protection For Spo Odfb Teams About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-malware-protection-for-spo-odfb-teams-about.md | search.appverid: ms.assetid: e3c6df61-8513-499d-ad8e-8a91770bff63 - m365-security+ - tier2 description: Learn about how SharePoint Online detects viruses in files that users upload and prevents users from downloading or syncing the files. |
security | Anti Phishing From Email Address Validation | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-from-email-address-validation.md | search.appverid: ms.assetid: eef8408b-54d3-4d7d-9cf7-ad2af10b2e0e - m365-security+ - tier2 description: Admins can learn about the types of email addresses that are accepted or rejected by Exchange Online Protection (EOP) and Outlook.com to help prevent phishing. |
security | Anti Phishing Mdo Impersonation Insight | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-mdo-impersonation-insight.md | search.appverid: ms.assetid: - m365-security+ - tier2 description: Admins can learn how the impersonation insight works. They can quickly determine which senders are legitimately sending email into their organizations from domains that don't pass email authentication checks (SPF, DKIM, or DMARC). - seo-marvel-apr2020 |
security | Anti Phishing Policies About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-policies-about.md | ms.localizationpriority: medium ms.assetid: 5a6f2d7f-d998-4f31-b4f5-f7cbf6f38578 - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn about the anti-phishing policies that are available in Exchange Online Protection (EOP) and Microsoft Defender for Office 365. |
security | Anti Phishing Policies Eop Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-policies-eop-configure.md | ms.localizationpriority: medium ms.assetid: - m365-security+ - tier2 description: Admins can learn how to create, modify, and delete the anti-phishing policies that are available in Exchange Online Protection (EOP) organizations with or without Exchange Online mailboxes. |
security | Anti Phishing Policies Mdo Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-policies-mdo-configure.md | ms.localizationpriority: medium ms.assetid: - m365-security+ - tier2 description: Admins can learn how to create, modify, and delete the advanced anti-phishing policies that are available in organizations with Microsoft Defender for Office 365. |
security | Anti Phishing Protection About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-protection-about.md | search.appverid: ms.assetid: 75af74b2-c7ea-4556-a912-8c48e07271d3 - m365-security- - m365initiative-defender-office365 + - tier2 - TopSMBIssues- - seo-marvel-apr2020 description: Admins can learn about the anti-phishing protection features in Exchange Online Protection (EOP) and Microsoft Defender for Office 365. |
security | Anti Phishing Protection Spoofing About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-protection-spoofing-about.md | + - tier2 - TopSMBIssues - seo-marvel-apr2020 |
security | Anti Phishing Protection Tuning | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-phishing-protection-tuning.md | ms.localizationpriority: medium search.appverid: - m365-security- - m365initiative-defender-office365 + - tier2 - MET150 description: Admins can learn to identify the reasons why and how a phishing message got through in Microsoft 365, and what to do to prevent more phishing messages in the future. |
security | Anti Spam Backscatter About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-backscatter-about.md | search.appverid: ms.assetid: 6f64f2de-d626-48ed-8084-03cc72301aa4 - m365-security+ - tier2 - seo-marvel-apr2020 description: In this article, you'll learn about Backscatter and Microsoft Exchange Online Protection (EOP) |
security | Anti Spam Bulk Complaint Level Bcl About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-bulk-complaint-level-bcl-about.md | search.appverid: ms.assetid: a5b03b3c-37dd-429e-8e9b-2c1b25031794 - m365-security+ - tier2 description: Admins can learn about bulk complaint level (BCL) values that are used in Exchange Online Protection (EOP). |
security | Anti Spam Policies Asf Settings About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-policies-asf-settings-about.md | search.appverid: ms.assetid: b286f853-b484-4af0-b01f-281fffd85e7a - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn about the Advanced Spam Filter (ASF) settings that are available in anti-spam policies in Exchange Online Protection (EOP). |
security | Anti Spam Protection About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-protection-about.md | search.appverid: ms.assetid: 6a601501-a6a8-4559-b2e7-56b59c96a586 - m365-security- - m365initiative-defender-office365 + - tier2 - seo-marvel-apr2020 description: Admins can learn about the anti-spam settings and filters that will help prevent spam in Exchange Online Protection (EOP). |
security | Anti Spam Spam Confidence Level Scl About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-spam-confidence-level-scl-about.md | search.appverid: ms.assetid: 34681000-0022-4b92-b38a-e32b3ed96bf6 - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn about the spam confidence level (SCL) that applied to messages in Exchange Online Protection (EOP). |
security | Anti Spam Spam Vs Bulk About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spam-spam-vs-bulk-about.md | search.appverid: ms.assetid: 8079f193-1b40-4081-9e5d-d0e50dfbcc59 - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn about the differences between junk email (spam) and bulk email (gray mail) in Exchange Online Protection (EOP). |
security | Anti Spoofing Spoof Intelligence | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/anti-spoofing-spoof-intelligence.md | search.appverid: ms.assetid: 978c3173-3578-4286-aaf4-8a10951978bf - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn about the spoof intelligence insight in Exchange Online Protection (EOP). |
security | Attack Simulation Training End User Notifications | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-end-user-notifications.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how to create end-user notification email messages for Attack simulation training in Microsoft Defender for Office 365 Plan 2. search.appverid: met150 |
security | Attack Simulation Training Faq | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-faq.md | search.appverid: - MET150 - MOE150 ms.assetid:-++- m365-security +- tier2 - seo-marvel-apr2020 description: Admins can learn about deployment considerations and frequently asked questions regarding Attack simulation and training in Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2 organizations. |
security | Attack Simulation Training Get Started | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-get-started.md | search.appverid: ms.assetid: - m365-security- - m365initiative-m365-defender + - tier2 - seo-marvel-apr2020 description: Admins can learn how to use Attack simulation training to run simulated phishing and password attacks in their Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2 organizations. |
security | Attack Simulation Training Insights | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-insights.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how Attack simulation training in the Microsoft 365 Defender portal affects users and can gain insights from simulation and training outcomes. |
security | Attack Simulation Training Login Pages | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-login-pages.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how to create and manage login pages for simulated phishing attacks in Microsoft Defender for Office 365 Plan 2. search.appverid: met150 |
security | Attack Simulation Training Payload Automations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-payload-automations.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how to use payload automations (payload harvesting) to collect and launch automated simulations for Attack simulation training in Microsoft Defender for Office 365 Plan 2. search.appverid: met150 |
security | Attack Simulation Training Payloads | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-payloads.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how to create and manage payloads for Attack simulation training in Microsoft Defender for Office 365 Plan 2. |
security | Attack Simulation Training Simulation Automations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-simulation-automations.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how to create automated simulations that contain specific techniques and payloads that launch when the specified conditions are met in Microsoft Defender for Office 365 Plan 2. search.appverid: met150 |
security | Attack Simulation Training Simulations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-simulations.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how to simulate phishing attacks and train their users on phishing prevention using Attack simulation training in Microsoft Defender for Office 365 Plan 2. |
security | Attack Simulation Training Training Campaigns | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-training-campaigns.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn how to create training campaigns in Attack simulation training in Microsoft Defender for Office 365 Plan 2. search.appverid: met150 |
security | Attack Simulation Training Training Modules | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/attack-simulation-training-training-modules.md | - - m365initiative-defender-office365 + - tier2 description: Admins can learn about the Training modules that are available to use in Training campaigns in Attack simulation training in Microsoft Defender for Office 365 Plan 2. search.appverid: met150 |
security | Azure Ip Protection Features | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/azure-ip-protection-features.md | search.appverid: ms.assetid: 7ad6f58e-65d7-4c82-8e65-0b773666634d - m365-security+ - tier3 - seo-marvel-apr2020 description: This article explains the changes being rolled out to the protection features in Azure Information Protection |
security | Campaigns | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/campaigns.md | search.appverid: ms.assetid: - m365-security- - m365initiative-defender-office365 + - tier1 description: Learn about Campaigns in Microsoft Defender for Office 365. |
security | Configuration Analyzer For Security Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/configuration-analyzer-for-security-policies.md | search.appverid: ms.assetid: - m365-security+ - tier1 description: Admins can learn how to use the configuration analyzer to find and fix security policies that are below the settings in Standard protection and Strict protection in preset security policies. Previously updated : 07/23/2020 Last updated : 1/31/2023 # Configuration analyzer for protection policies in EOP and Microsoft Defender for Office 365 |
security | Configure Junk Email Settings On Exo Mailboxes | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/configure-junk-email-settings-on-exo-mailboxes.md | search.appverid: - MET150 - m365-security+ - tier2 description: Admins can learn how to configure the junk email settings in Exchange Online mailboxes. Many of these settings are available to users in Outlook or Outlook on the web. Previously updated : 03/11/2020 Last updated : 1/31/2023 # Configure junk email settings on Exchange Online mailboxes |
security | Connection Filter Policies Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/connection-filter-policies-configure.md | search.appverid: ms.assetid: 6ae78c12-7bbe-44fa-ab13-c3768387d0e3 - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn how to configure connection filtering in Exchange Online Protection (EOP) to allow or block emails from email servers. |
security | Connectors Detect Respond To Compromise | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/connectors-detect-respond-to-compromise.md | ms.localizationpriority: medium ms.assetid: - m365-security+ - tier2 description: Learn how to recognize and respond to a compromised connector in Microsoft 365. |
security | Connectors Mail Flow Intelligence | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/connectors-mail-flow-intelligence.md | ms.assetid: c29f75e5-c16e-409e-a123-430691e38276 description: Admins can learn about the error codes that are associated with message delivery using connectors (also known as mail flow intelligence). -++- m365-security +- tier2 Last updated 12/01/2022 |
security | Connectors Remove Blocked | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/connectors-remove-blocked.md | ms.localizationpriority: medium ms.assetid: - m365-security+ - tier2 description: Learn how to remove blocked connectors in Microsoft 365 Defender. |
security | Create Block Sender Lists In Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/create-block-sender-lists-in-office-365.md | +- m365-security +- tier2 ms.localizationpriority: medium search.appverid: - MET150s description: Admins can learn about the available and preferred options to block inbound messages in Exchange Online Protection (EOP). Previously updated : 09/13/2019 Last updated : 1/31/2023 # Create blocked sender lists in EOP |
security | Create Safe Sender Lists In Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/create-safe-sender-lists-in-office-365.md | +- m365-security +- tier2 ms.localizationpriority: medium search.appverid: - MET150s |
security | Defender For Office 365 Whats New | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/defender-for-office-365-whats-new.md | - - m365initiative-defender-office365 + - tier1 |
security | Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/defender-for-office-365.md | search.appverid: ms.assetid: e100fe7c-f2a1-4b7d-9e08-622330b83653 - m365-security- - m365initiative-defender-office365 + - tier1 - highpri - seo-marvel-apr2020 |
security | Detect And Remediate Illicit Consent Grants | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/detect-and-remediate-illicit-consent-grants.md | +- tier2 - m365-security Previously updated : 07/28/2022 Last updated : 1/31/2023 ms.localizationpriority: medium search.appverid: - MET150 |
security | Detect And Remediate Outlook Rules Forms Attack | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/detect-and-remediate-outlook-rules-forms-attack.md | f1.keywords: Previously updated : 04/23/2018 Last updated : 1/31/2023 audience: ITPro - - o365_security_incident_response + - tier2 - m365-security ms.localizationpriority: medium |
security | Email Authentication About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-authentication-about.md | search.appverid: ms.assetid: - m365-security- - Strat_O365_IP + - tier2 ms.localizationpriority: high description: Admins can learn how EOP uses email authentication (SPF, DKIM, and DMARC) to help prevent spoofing, phishing, and spam. |
security | Email Authentication Anti Spoofing | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-authentication-anti-spoofing.md | search.appverid: ms.assetid: 3aff33c5-1416-4867-a23b-e0c0c5b4d2be - m365-security+ - tier2 - seo-marvel-apr2020 description: Learn how Microsoft 365 uses the Sender Policy Framework (SPF) TXT record in DNS to ensure that destination email systems trust messages sent from your custom domain. |
security | Email Authentication Dkim Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-authentication-dkim-configure.md | f1.keywords: Previously updated : 04/05/2021 Last updated : 1/31/2023 audience: ITPro search.appverid: ms.assetid: 56fee1c7-dc37-470e-9b09-33fff6d94617 - m365-security- - m365initiative-defender-office365 + - tier1 - seo-marvel-apr2020 description: Learn how to use DomainKeys Identified Mail (DKIM) with Microsoft 365 to ensure messages sent from your custom domain are trusted by the destination email systems. |
security | Email Authentication Dkim Support About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-authentication-dkim-support-about.md | search.appverid: ms.assetid: a4c95148-a00c-4d12-85ed-88520b547d97 - m365-security+ - tier1 description: Learn about the validation of DKIM signed messages in Exchange Online Protection and Exchange Online |
security | Email Authentication Dmarc Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-authentication-dmarc-configure.md | search.appverid: ms.assetid: 4a05898c-b8e4-4eab-bd70-ee912e349737 - m365-security- - m365initiative-defender-office365 + - tier1 description: Learn how to configure Domain-based Message Authentication, Reporting, and Conformance (DMARC) to validate messages sent from your organization. |
security | Email Authentication Spf Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-authentication-spf-configure.md | search.appverid: ms.assetid: 71373291-83d2-466f-86ea-fc61493743a6 - m365-security+ - tier2 - seo-marvel-apr2020 description: Learn how to update a Domain Name Service (DNS) record to use Sender Policy Framework (SPF) with your custom domain in Office 365. |
security | Email Security In Microsoft Defender | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/email-security-in-microsoft-defender.md | - - m365initiative-defender-office365 + - tier1 description: View and investigate malware phishing attempts. - seo-marvel-apr2020 |
security | Eop About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/eop-about.md | f1.keywords: Previously updated : 09/18/2020 Last updated : 1/31/2023 audience: ITPro -++ - m365-security + - tier2 ms.localizationpriority: medium ms.assetid: 1270a65f-ddc3-4430-b500-4d3a481efb1e |
security | Help And Support For Eop | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/help-and-support-for-eop.md | ms.assetid: 64535a0a-1044-413f-8bc2-ed8e8a0bc54c description: Microsoft provides help for EOP in a variety of places and methods including self-support and assisted-support. -++- m365-security +- tier3 search.appverid: met150 Previously updated : 09/16/2019 Last updated : 1/31/2023 # Help and support for EOP |
security | How Policies And Protections Are Combined | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined.md | description: Admins can learn about the application order of protections in Exch search.appverid: met150 Previously updated : 09/17/2019 Last updated : 1/31/2023 # Order and precedence of email protection |
security | Identity Access Policies Guest Access | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/identity-access-policies-guest-access.md | - - highpri + - tier2 search.appverid: met150 Previously updated : 10/08/2020 Last updated : 1/31/2023 # Policies for allowing guest access and B2B external user access |
security | Identity Access Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/identity-access-policies.md | - - highpri + - tier2 search.appverid: met150 Previously updated : 10/08/2020 Last updated : 1/31/2023 # Common security policies for Microsoft 365 organizations |
security | Identity Access Prerequisites | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/identity-access-prerequisites.md | - - highpri + - tier2 search.appverid: met150 Previously updated : 10/08/2020 Last updated : 1/31/2023 # Prerequisite work for implementing Zero Trust identity and device access policies |
security | Install App Guard | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/install-app-guard.md | ms.localizationpriority: medium search.appverid: - MET150 - MOE150-++- m365-security +- tier3 description: Get the latest in hardware-based isolation. Prevent current and emerging attacks like exploits or malicious links from disrupting employee productivity and enterprise security. |
security | Integrate Office 365 Ti With Mde | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/integrate-office-365-ti-with-mde.md | keywords: integrate, Microsoft Defender, Microsoft Defender for Endpoint Previously updated : 12/02/2021 Last updated : 1/31/2023 audience: ITPro ms.localizationpriority: medium search.appverid: - MOE150 - m365-security+ - tier3 description: Use Microsoft Defender for Office 365 together with Microsoft Defender for Endpoint to get more detailed information about threats against your devices and email content. - seo-marvel-apr2020 |
security | Investigate Malicious Email That Was Delivered | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/investigate-malicious-email-that-was-delivered.md | f1.keywords: Previously updated : 12/16/2020 Last updated : 1/31/2023 audience: ITPro search.appverid: ms.assetid: 8f54cd33-4af7-4d1b-b800-68f8818e5b2a - m365-security+ - tier1 description: Learn how to use threat investigation and response capabilities to find and investigate malicious email. - seo-marvel-apr2020 |
security | Mail Flow About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mail-flow-about.md | +- m365-security +- tier3 search.appverid: met150 Last updated 12/02/2022 |
security | Mail Flow Inbound Ipv6 Support About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mail-flow-inbound-ipv6-support-about.md | search.appverid: ms.assetid: b68df621-0a5f-4824-8abc-41e0c4fd1398 - m365-security+ - tier3 - seo-marvel-apr2020 description: Admin can learn how to configure support for anonymous inbound email from IPv6 sources in Exchange Online and Exchange Online Protection. |
security | Mail Flow Troubleshooting | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mail-flow-troubleshooting.md | search.appverid: ms.assetid: f4caa4e1-e414-4b21-8822-31c08064c059 - m365-security+ - tier3 - seo-marvel-apr2020 description: This article provides troubleshooting information for issues with sending email to inboxes in Microsoft 365 & best practices for bulk mailing to Microsoft 365 customers. |
security | Mcas Saas Access Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mcas-saas-access-policies.md | Title: Recommended Microsoft Defender for Cloud Apps policies for SaaS apps - Microsoft 365 Enterprise | Microsoft Docs + Title: Recommended Microsoft Defender for Cloud Apps policies for SaaS apps description: Describes recommended policies for integration with Microsoft Defender for Cloud Apps. audience: Admin Previously updated : 03/22/2021 Last updated : 1/31/2023 - it-pro+- tier2 search.appverid: met150 |
security | Mdo Data Retention | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-data-retention.md | f1.keywords: Previously updated : 09/14/2022 Last updated : 1/31/2023 audience: ITPro +- tier2 description: Microsoft Defender for Office 365 data retention informationThreat Explorer/ Real-Time detections search.appverid: met150 |
security | Mdo Email Entity Page | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-email-entity-page.md | Title: "The Microsoft Defender for Office 365 email entity page" + Title: Microsoft Defender for Office 365 email entity page f1.keywords: - NOCSH +- tier1 +- highpri description: Microsoft Defender for Office 365 E5 and P1 and P2 customers can see email details in all Microsoft Defender for Office 365 experiences including the email headers for copy, Detection details, Threats detected, Latest and Original delivery locations, Delivery actions, and IDs like Alert Id, Network Message ID and more. search.appverid: met150 |
security | Mdo Portal Permissions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-portal-permissions.md | audience: Admin ms.localizationpriority: high - m365-security+ - tier1 search.appverid: - MOE150 - MET150 |
security | Mdo Sec Ops Guide | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-sec-ops-guide.md | search.appverid: - MOE150 - m365-security+ - tier1 description: A prescriptive playbook for SecOps personnel to manage Microsoft Defender for Office 365. Previously updated : 03/11/2022 Last updated : 1/31/2023 # Microsoft Defender for Office 365 Security Operations Guide |
security | Mdo Sec Ops Manage Incidents And Alerts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mdo-sec-ops-manage-incidents-and-alerts.md | search.appverid: - MOE150 - m365-security+ - tier1 description: SecOps personnel can learn how to use the Incidents queue in Microsoft 365 Defender to manage incidents in Microsoft Defender for Office 365. Previously updated : 04/07/2022 Last updated : 1/31/2023 # Manage incidents and alerts from Microsoft Defender for Office 365 in Microsoft 365 Defender |
security | Message Headers Eop Mdo | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/message-headers-eop-mdo.md | search.appverid: ms.assetid: 2e3fcfc5-5604-4b88-ac0a-c5c45c03f1db - m365-security- - m365initiative-defender-office365 + - tier2 description: Admins can learn about the header fields that are added to messages by Exchange Online Protection (EOP). These header fields provide information about the message and how it was processed. |
security | Message Trace Scc | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/message-trace-scc.md | + - m365-security + - tier2 ms.localizationpriority: medium ms.assetid: 3e64f99d-ac33-4aba-91c5-9cb4ca476803 description: Admins can use the message trace link in the Microsoft 365 Defender search.appverid: met150 Previously updated : 09/13/2019 Last updated : 1/31/2023 # Message trace in the Microsoft 365 Defender portal |
security | Mfi Mail Flow Map Report | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/mfi-mail-flow-map-report.md | + - m365-security + - tier3 ms.localizationpriority: medium ms.assetid: description: Admins can learn how to use the Mail flow map in the Mail flow dash search.appverid: met150 Previously updated : 09/13/2019 Last updated : 1/31/2023 # Mail flow map in the Security & Compliance Center |
security | Microsoft 365 Continuous Access Evaluation | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/microsoft-365-continuous-access-evaluation.md | + - tier1 search.appverid: met150 Previously updated : 10/25/2021 Last updated : 1/31/2023 # Continuous access evaluation for Microsoft 365 |
security | Microsoft 365 Policies Configurations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/microsoft-365-policies-configurations.md | + - tier1 search.appverid: met150 Previously updated : 10/08/2020 Last updated : 1/31/2023 # Zero Trust identity and device access configurations |
security | Microsoft Defender For Office 365 Product Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/microsoft-defender-for-office-365-product-overview.md | + - tier1 description: Security in Office 365, from EOP to Defender for Office 365 Plans 1 and 2, Standard vs. Strict security configurations, and more. Understand what you have, and how to secure your properties. adobe-target: true Previously updated : 09/15/2022 Last updated : 1/31/2023 # Microsoft Defender for Office 365 security product overview |
security | Migrate To Defender For Office 365 Onboard | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-onboard.md | + - tier1 description: "Complete the steps for migrating from a third-party protection service or device to Microsoft Defender for Office 365 protection." Previously updated : 10/28/2021 Last updated : 1/31/2023 # Migrate to Microsoft Defender for Office 365 - Phase 3: Onboard |
security | Migrate To Defender For Office 365 Prepare | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-prepare.md | + - tier1 description: "Prerequisite steps for migrating from a third-party protection service or device to Microsoft Defender for Office 365 protection." Previously updated : 10/28/2021 Last updated : 1/31/2023 # Migrate to Microsoft Defender for Office 365 - Phase 1: Prepare |
security | Migrate To Defender For Office 365 Setup | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365-setup.md | + - tier1 description: "Take the steps to begin migrating from a third-party protection service or device to Microsoft Defender for Office 365 protection." Previously updated : 10/28/2021 Last updated : 1/31/2023 # Migrate to Microsoft Defender for Office 365 - Phase 2: Setup |
security | Migrate To Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365.md | + - tier1 description: Learn the right way to migrate from third-party protection services or devices like Google Postini, the Barracuda Spam and Virus Firewall, or Cisco IronPort to Microsoft Defender for Office 365 protection. |
security | Office 365 Ti | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/office-365-ti.md | f1.keywords: Previously updated : 12/09/2019 Last updated : 1/31/2023 audience: Admin ms.localizationpriority: medium search.appverid: ms.assetid: 32405da5-bee1-4a4b-82e5-8399df94c512 - m365-security- - m365initiative-defender-office365 + - tier1 - seo-marvel-apr2020 description: Learn about threat investigation and response capabilities in Microsoft Defender for Office 365 Plan. |
security | Outbound Spam High Risk Delivery Pool About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/outbound-spam-high-risk-delivery-pool-about.md | search.appverid: ms.assetid: ac11edd9-2da3-462d-8ea3-bbf9dbc6f948 - m365-security+ - tier2 description: Learn how the delivery pools are used to protect the reputation of email servers in the Microsoft 365 datacenters. |
security | Outbound Spam Policies Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/outbound-spam-policies-configure.md | search.appverid: ms.assetid: a44764e9-a5d2-4c67-8888-e7fb871c17c7 - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn how to view, create, modify, and delete outbound spam policies in Exchange Online Protection (EOP). |
security | Outbound Spam Policies External Email Forwarding | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/outbound-spam-policies-external-email-forwarding.md | Title: Configuring and controlling external email forwarding in Microsoft 365. + Title: Configuring and controlling external email forwarding in Microsoft 365 f1.keywords: - NOCSH +- m365-security +- tier2 ms.localizationpriority: medium ms.assetid: |
security | Outbound Spam Protection About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/outbound-spam-protection-about.md | search.appverid: ms.assetid: 6a601501-a6a8-4559-b2e7-56b59c96a586 - m365-security+ - tier2 - seo-marvel-apr2020 description: Admins can learn about the outbound spam controls in Exchange Online Protection (EOP), and what to do if you need to send mass mailings. |
security | Preset Security Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/preset-security-policies.md | ms.localizationpriority: medium ms.assetid: - m365-security+ - tier1 description: Admins can learn how to apply Standard and Strict policy settings across the protection features of Exchange Online Protection (EOP) and Microsoft Defender for Office 365 search.appverid: met150 Previously updated : 07/21/2020 Last updated : 1/31/2023 # Preset security policies in EOP and Microsoft Defender for Office 365 |
security | Priority Accounts Security Recommendations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/priority-accounts-security-recommendations.md | + - tier1 description: Admins can learn how to elevate the security settings and use reports, alerts, and investigations for priority accounts in their Microsoft 365 organizations. |
security | Priority Accounts Turn On Priority Account Protection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/priority-accounts-turn-on-priority-account-protection.md | f1.keywords: Previously updated : 10/14/2022 Last updated : 1/31/2023 audience: ITPro ms.localizationpriority: medium search.appverid: - MET150 - m365-security+ - tier1 description: Learn how to identify critical people in an organization and add the priority account tag to provide them with extra protection. |
security | Protect Against Threats | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/protect-against-threats.md | - - m365initiative-defender-office365 + - tier1 + - highpri description: Admins can learn about threat protection in Microsoft 365 and configure how to use it for your organization. |
security | Protection Stack Microsoft Defender For Office365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/protection-stack-microsoft-defender-for-office365.md | f1.keywords: Previously updated : 04/05/2021 Last updated : 1/31/2023 audience: ITPro ms.localizationpriority: medium description: Follow the path of an incoming message through the threat filtering stack in Microsoft Defender for Office 365. -++- m365-security +- tier2 search.appverid: met150 |
security | Quarantine About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-about.md | search.appverid: ms.assetid: 4c234874-015e-4768-8495-98fcccfc639b - m365-security- - m365initiative-defender-office365 + - tier1 - seo-marvel-apr2020 description: Admins can learn about quarantine in Exchange Online Protection (EOP) that holds potentially dangerous or unwanted messages. |
security | Quarantine Admin Manage Messages Files | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-admin-manage-messages-files.md | search.appverid: ms.assetid: 065cc2cf-2f3a-47fd-a434-2a20b8f51d0c - m365-security+ - tier1 - seo-marvel-apr2020 description: Admins can learn how to view and manage quarantined messages for all users in Exchange Online Protection (EOP). Admins in organizations with Microsoft Defender for Office 365 can also manage quarantined files in SharePoint Online, OneDrive for Business, and Microsoft Teams. |
security | Quarantine End User | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-end-user.md | search.appverid: ms.assetid: efff08ec-68ff-4099-89b7-266e3c4817be - m365-security+ - tier1 - seo-marvel-apr2020 description: Users can learn how to view and manage quarantined messages in Exchange Online Protection (EOP) that should have been delivered to them. |
security | Quarantine Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-policies.md | search.appverid: ms.assetid: - m365-security+ - tier1 description: Admins can learn how to use quarantine policies to control what users are able to do to quarantined messages. Previously updated : 08/03/2021 Last updated : 1/31/2023 # Quarantine policies |
security | Quarantine Quarantine Notifications | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-quarantine-notifications.md | search.appverid: ms.assetid: 56de4ed5-b0aa-4195-9f46-033d7cc086bc - m365-security+ - tier1 - seo-marvel-apr2020 description: Admins can learn about end-user spam notifications for quarantined messages in Exchange Online Protection (EOP). |
security | Quarantine Shared Mailbox Messages | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/quarantine-shared-mailbox-messages.md | search.appverid: ms.assetid: - m365-security+ - tier1 description: Users can learn how to view and act on quarantined messages that were sent to shared mailboxes that they have permissions to. |
security | Real Time Detections | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/real-time-detections.md | - - m365initiative-defender-office365 + - tier1 + - highpri description: Use Explorer or Real-time detections to investigate and respond to threats efficiently. - seo-marvel-apr2020 |
security | Recommended Settings For Eop And Office365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365.md | ms.assetid: 6f64f2de-d626-48ed-8084-03cc72301aa4 - m365-security - m365initiative-defender-office365+ - highpri + - tier1 description: What are best practices for Exchange Online Protection (EOP) and Defender for Office 365 security settings? What's the current recommendations for standard protection? What should be used if you want to be more strict? And what extras do you get if you also use Defender for Office 365? Previously updated : 01/15/2021 Last updated : 1/31/2023 # Recommended settings for EOP and Microsoft Defender for Office 365 security |
security | Recover From Ransomware | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/recover-from-ransomware.md | + - tier1 description: Microsoft 365 admins can learn how to recover from a ransomware attack. Previously updated : 01/21/2020 Last updated : 1/31/2023 # Recover from a ransomware attack in Microsoft 365 |
security | Reference Policies Practices And Guidelines | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/reference-policies-practices-and-guidelines.md | search.appverid: ms.assetid: ff3f140b-b005-445f-bfe0-7bc3f328aaf0 - m365-security+ - tier2 description: Microsoft has developed various policies, procedures, and adopted several industry best practices to help protect our users from abusive, unwanted, or malicious email. Previously updated : 09/13/2019 Last updated : 1/31/2023 # Reference: Policies, practices, and guidelines |
security | Remediate Malicious Email Delivered Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365.md | +- m365-security +- tier1 audience: admin f1.keywords: - NOCSH search.appverid: MET150 description: Threat remediation Previously updated : 07/10/2020 Last updated : 1/31/2023 # Remediate malicious email delivered in Office 365 |
security | Removing User From Restricted Users Portal After Spam | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/removing-user-from-restricted-users-portal-after-spam.md | search.appverid: ms.assetid: 712cfcc1-31e8-4e51-8561-b64258a8f1e5 - m365-security+ - tier2 description: Admins can learn how to remove users from the Restricted users page in the Microsoft 365 Defender portal. Users are added to the Restricted users portal for sending outbound spam, typically as a result of account compromise. - seo-marvel-apr2020 |
security | Reports Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/reports-defender-for-office-365.md | search.appverid: ms.assetid: e47e838c-d99e-4c0b-b9aa-e66c4fae902f - m365-security- - m365initiative-defender-office365 + - tier2 description: Admins can learn how to find and use the Defender for Office 365 reports that are available in the Microsoft 365 Defender portal. - seo-marvel-apr2020 |
security | Reports Email Security | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/reports-email-security.md | search.appverid: ms.assetid: 3a137e28-1174-42d5-99af-f18868b43e86 - m365-security+ - tier2 description: Admins can learn how to find and use the email security reports that are available in the Microsoft 365 Defender portal. - seo-marvel-apr2020 |
security | Responding To A Compromised Email Account | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/responding-to-a-compromised-email-account.md | + - tier1 - TopSMBIssues - seo-marvel-apr2020 search.appverid: description: Learn how to recognize and respond to a compromised email account using tools available in Microsoft 365. Previously updated : 09/16/2019 Last updated : 1/31/2023 # Responding to a Compromised Email Account |
security | Safe Attachments About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-attachments-about.md | search.appverid: ms.assetid: 6e13311e-92ae-495e-a619-56d770199170 - m365-security- - m365initiative-defender-office365 - - seo-marvel-apr2020 + - tier1 description: Admins can learn about the Safe Attachments feature in Microsoft Defender for Office 365. |
security | Safe Attachments For Spo Odfb Teams About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-about.md | ms.assetid: 26261670-db33-4c53-b125-af0662c34607 - m365-security - SPO_Content- - m365initiative-defender-office365 + - tier2 - seo-marvel-apr2020 - seo-marvel-jun2020 |
security | Safe Attachments For Spo Odfb Teams Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-configure.md | ms.assetid: 07e76024-0c80-40dc-8c48-1dd0d0f863cb - m365-security - SPO_Content+ - tier2 description: Admins can learn how to turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams, including how to set alerts for detected files. - seo-marvel-apr2020 |
security | Safe Attachments Policies Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-attachments-policies-configure.md | search.appverid: ms.assetid: 078eb946-819a-4e13-8673-fe0c0ad3a775 - m365-security+ - tier2 description: Learn about how to define Safe Attachments policies to protect your organization from malicious files in email. |
security | Safe Documents In E5 Plus Security About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-documents-in-e5-plus-security-about.md | search.appverid: ms.assetid: - m365-security+ - tier1 description: Learn about Safe Documents in Microsoft 365 A5 or E5 Security. |
security | Safe Links About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-links-about.md | ms.localizationpriority: medium - Strat_O365_IP - m365-security- - m365initiative-defender-office365 + - tier1 - seo-marvel-apr2020 search.appverid: |
security | Safe Links Policies Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-links-policies-configure.md | search.appverid: ms.assetid: bdd5372d-775e-4442-9c1b-609627b94b5d - m365-security+ - tier1 description: Admins can learn how to view, create, modify, and delete Safe Links policies and global Safe Links settings in Microsoft Defender for Office 365. |
security | Safe Links Policies Global Settings Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/safe-links-policies-global-settings-configure.md | search.appverid: ms.assetid: - m365-security+ - tier1 description: Admins can learn how to view and configure global settings (the 'Block the following URLs' list and protection for Office 365 apps) for Safe Links in Microsoft Defender for Office 365. |
security | Scc Permissions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/scc-permissions.md | audience: Admin f1_keywords: - 'ms.o365.cc.AdminRoleGroups'-++- m365-security +- tier1 ms.localizationpriority: medium search.appverid: - MOE150 |
security | Secure By Default | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/secure-by-default.md | search.appverid: - MOE150 - m365-security+ - tier2 description: Learn more about the secure by default setting in Exchange Online Protection (EOP) |
security | Secure Email Recommended Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/secure-email-recommended-policies.md | Title: Secure email recommended policies - Microsoft 365 for enterprise | Microsoft Docs + Title: Secure email recommended policies description: Describes the policies for Microsoft recommendations about how to apply email policies and configurations. + - tier1 search.appverid: met150 Previously updated : 10/08/2020 Last updated : 1/31/2023 # Policy recommendations for securing email |
security | Sending Mail To Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/sending-mail-to-office-365.md | search.appverid: ms.assetid: f9d4b5b6-8f4c-44df-9b06-2f9b3058ca20 - m365-security+ - tier2 - seo-marvel-apr2020 description: Learn as a guest sender, how can you increase the ability to deliver email to users in Microsoft 365. Also learn how to report junk email & phishing attempts as a guest. Previously updated : 09/13/2019 Last updated : 1/31/2023 # Sending mail to Microsoft 365 |
security | Services For Non Customers | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/services-for-non-customers.md | search.appverid: ms.assetid: 19fd3e0f-8dbf-4049-a810-2c8ee6cefd48 - m365-security+ - tier2 description: To help maintain user trust in the use of email, Microsoft has put in place various policies and technologies to help protect our users. Previously updated : 09/13/2019 Last updated : 1/31/2023 # Services for non-customers sending mail to Microsoft 365 |
security | Sharepoint File Access Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/sharepoint-file-access-policies.md | Title: Recommended secure document policies - Microsoft 365 for enterprise | Microsoft Docs + Title: Recommended secure document policies description: Describes the policies for Microsoft recommendations about how to secure SharePoint file access. + - tier1 search.appverid: met150 Previously updated : 10/08/2020 Last updated : 1/31/2023 # Policy recommendations for securing SharePoint sites and files |
security | Siem Integration With Office 365 Ti | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/siem-integration-with-office-365-ti.md | search.appverid: - MET150 - MOE150 ms.assetid: eb56b69b-3170-4086-82cf-ba40a530fa1b Previously updated : 08/21/2020 Last updated : 1/31/2023 - m365-security+ - tier2 description: Integrate your organization's SIEM server with Microsoft Defender for Office 365 and related threat events in the Office 365 Activity Management API. |
security | Siem Server Integration | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/siem-server-integration.md | Last updated 1/31/2023 ms.localizationpriority: medium - m365-security+ - tier2 - Ent_Solutions - SIEM |
security | Skip Filtering Phishing Simulations Sec Ops Mailboxes | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/skip-filtering-phishing-simulations-sec-ops-mailboxes.md | search.appverid: - MET150 - m365-security+ - tier3 description: Admins can learn how to use the advanced delivery policy in Exchange Online Protection (EOP) to identify messages that should not be filtered in specific supported scenarios (third-party phishing simulations and messages delivered to security operations (SecOps) mailboxes. |
security | Assess The Impact Of Security Configuration Changes With Explorer | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/assess-the-impact-of-security-configuration-changes-with-explorer.md | |
security | Connect Microsoft Defender For Office 365 To Microsoft Sentinel | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/connect-microsoft-defender-for-office-365-to-microsoft-sentinel.md | |
security | Defense In Depth Guide | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/defense-in-depth-guide.md | |
security | Deploy And Configure The Report Message Add In | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/deploy-and-configure-the-report-message-add-in.md | |
security | Ensuring You Always Have The Optimal Security Controls With Preset Security Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/ensuring-you-always-have-the-optimal-security-controls-with-preset-security-policies.md | |
security | How To Configure Quarantine Permissions With Quarantine Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-configure-quarantine-permissions-with-quarantine-policies.md | |
security | How To Enable Dmarc Reporting For Microsoft Online Email Routing Address Moera And Parked Domains | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-enable-dmarc-reporting-for-microsoft-online-email-routing-address-moera-and-parked-domains.md | |
security | How To Handle False Negatives In Microsoft Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-handle-false-negatives-in-microsoft-defender-for-office-365.md | |
security | How To Handle False Positives In Microsoft Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-handle-false-positives-in-microsoft-defender-for-office-365.md | |
security | How To Prioritize And Manage Automated Investigations And Response Air | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-prioritize-and-manage-automated-investigations-and-response-air.md | |
security | How To Prioritize Manage Investigate And Respond To Incidents In Microsoft 365 Defender | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-prioritize-manage-investigate-and-respond-to-incidents-in-microsoft-365-defender.md | |
security | How To Run Attack Simulations For Your Team | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-run-attack-simulations-for-your-team.md | |
security | How To Setup Attack Simulation Training For Automated Attacks And Training | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/how-to-setup-attack-simulation-training-for-automated-attacks-and-training.md | |
security | Optimize And Correct Security Policies With Configuration Analyzer | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/optimize-and-correct-security-policies-with-configuration-analyzer.md | |
security | Protect Your C Suite With Priority Account Protection | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/protect-your-c-suite-with-priority-account-protection.md | |
security | Search For Emails And Remediate Threats | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/search-for-emails-and-remediate-threats.md | |
security | Stay Informed With Message Center | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/stay-informed-with-message-center.md | |
security | Track And Respond To Emerging Threats With Campaigns | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/track-and-respond-to-emerging-threats-with-campaigns.md | |
security | Utilize Microsoft Defender For Office 365 In Sharepoint Online | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/step-by-step-guides/utilize-microsoft-defender-for-office-365-in-sharepoint-online.md | |
security | Submissions Admin | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/submissions-admin.md | search.appverid: - MET150 - m365-security- - m365initiative-defender-office365 + - tier1 description: Admins can learn how to use the Submissions portal in the Microsoft 365 Defender portal to submit legitimate email getting blocked, suspicious email, suspected phishing email, spam, other potentially harmful messages, URLs, and email attachments to Microsoft for rescanning. |
security | Submissions Error Messages | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/submissions-error-messages.md | + - tier1 description: Learn about the errors that admins might encounter when they try to report email, URLs, and email attachments to Microsoft as false positives and false negatives. |
security | Submissions Outlook Report Messages | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/submissions-outlook-report-messages.md | + - tier1 description: Learn how to report false positives and false negatives in Outlook using the Report Message feature. |
security | Submissions Report Messages Files To Microsoft | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/submissions-report-messages-files-to-microsoft.md | search.appverid: ms.assetid: c31406ea-2979-4fac-9288-f835269b9d2f - m365-security+ - tier1 description: How do I report a suspicious email or file to Microsoft? Report messages, URLs, email attachments and files to Microsoft for analysis. Learn to report spam email and phishing emails. |
security | Submissions Submit Files To Microsoft | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/submissions-submit-files-to-microsoft.md | search.appverid: ms.assetid: 12eba50e-661d-44b8-ae94-a34bc47fb84d - m365-security+ - tier1 description: Admins and end-users can learn about submitting undetected malware or mis-identified malware attachments to Microsoft for analysis. |
security | Submissions User Reported Messages Files Custom Mailbox | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/submissions-user-reported-messages-files-custom-mailbox.md | search.appverid: - MET150 - m365-security- - m365initiative-defender-office365 + - tier1 description: "Admins can configure where user reported messages go for analysis: to an internal reporting mailbox, to Microsoft, or to both. Other settings complete the reporting experience for users when they report good or bad messages." |
security | Submissions Users Report Message Add In Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/submissions-users-report-message-add-in-configure.md | search.appverid: ms.assetid: 4250c4bc-6102-420b-9e0a-a95064837676 - m365-security+ - tier2 description: Learn how to enable the Report Message or the Report Phishing add-ins for Outlook and Outlook on the web, for individual users, or for your entire organization. |
security | Teams Access Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/teams-access-policies.md | audience: Admin f1.keywords: - NOCSH Previously updated : 09/30/2020 Last updated : 1/31/2023 - it-pro+ - tier1 search.appverid: met150 |
security | Tenant Allow Block List About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-allow-block-list-about.md | +- tier1 description: Learn how to manage allows and blocks in the Tenant Allow/Block List in the Security portal. |
security | Tenant Allow Block List Email Spoof Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-allow-block-list-email-spoof-configure.md | search.appverid: - MET150 - m365-security+ - tier1 description: Admins can learn how to allow or block email and spoofed sender entries in the Tenant Allow/Block List in the Security portal. |
security | Tenant Allow Block List Files Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-allow-block-list-files-configure.md | search.appverid: - MET150 - m365-security+ - tier1 description: Admins can learn how to allow or block files in the Tenant Allow/Block List in the Security portal. |
security | Tenant Allow Block List Urls Configure | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure.md | search.appverid: - MET150manage-tenant-allows.md - m365-security+ - tier1 description: Admins can learn how to allow or block URLs in the Tenant Allow/Block List in the Security portal. |
security | Threat Explorer About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-explorer-about.md | search.appverid: ms.assetid: 82ac9922-939c-41be-9c8a-7c75b0a4e27d - m365-security- - m365initiative-defender-office365 + - tier1 description: Use Explorer and Real-time detections in the Microsoft 365 Defender portal to investigate and respond to threats efficiently. - seo-marvel-apr2020 |
security | Threat Explorer Threat Hunting | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-explorer-threat-hunting.md | Last updated 1/31/2023 ms.localizationpriority: medium - m365-security- - m365initiative-defender-office365 + - tier1 description: Use Threat Explorer or Real-time detections in the Microsoft 365 Defender portal to investigate and respond to threats efficiently. - seo-marvel-apr2020 |
security | Threat Explorer Views | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-explorer-views.md | f1.keywords: Previously updated : 05/15/2020 Last updated : 1/31/2023 audience: ITPro ms.localizationpriority: medium - m365-security- - m365initiative-defender-office365 + - tier1 description: Learn about how to use Threat Explorer and the real-time detections report to investigate and respond to threats in the Microsoft 365 Defender portal. |
security | Threat Trackers | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/threat-trackers.md | search.appverid: ms.assetid: a097f5ca-eac0-44a4-bbce-365f35b79ed1 - m365-security- - m365initiative-defender-office365 + - tier2 description: Learn about Threat Trackers, including new Noteworthy Trackers, to help your organization stay on top of security concerns. Previously updated : 09/13/2019 Last updated : 1/31/2023 # Threat Trackers - New and Noteworthy |
security | Trial User Guide Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/trial-user-guide-defender-for-office-365.md | Title: "Microsoft Defender for Office 365 trial user guide" + Title: Microsoft Defender for Office 365 trial user guide f1.keywords: - NOCSH +- m365-security +- tier1 ms.localizationpriority: high search.appverid: search.appverid: description: "Microsoft Defender for Office 365 solutions trial user guide." Previously updated : 11/03/2022 Last updated : 1/31/2023 # Trial user guide: Microsoft Defender for Office 365 |
security | Try Microsoft Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/try-microsoft-defender-for-office-365.md | search.appverid: - MOE150 - m365-security+ - tier1 ROBOTS: Previously updated : 03/28/2022 Last updated : 1/31/2023 # Try Microsoft Defender for Office 365 |
security | Use Arc Exceptions To Mark Trusted Arc Senders | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/use-arc-exceptions-to-mark-trusted-arc-senders.md | search.appverid: - MET150 - m365-security- - m365initiative-defender-office365 + - tier2 - seo-marvel-apr2020 description: Authenticated Received Chain (ARC) is email authentication that tries to preserve authentication results across devices and any indirect mailflows that come between the sender and recipient. Here's how to make exceptions for your trusted ARC Senders. |
security | Use Privileged Identity Management In Defender For Office 365 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/use-privileged-identity-management-in-defender-for-office-365.md | f1.keywords: Previously updated : 09/03/2021 Last updated : 1/31/2023 audience: ITPro ms.localizationpriority: high search.appverid: ms.assetid: 56fee1c7-dc37-470e-9b09-33fff6d94617 - m365-security- - m365initiative-defender-office365 + - tier1 - seo-marvel-apr2020 description: Learn to integrate Azure PIM in order to grant just-in-time, time limited access to users to do elevated privilege tasks in Microsoft Defender for Office 365, lowering risk to your data. |
security | Use The Delist Portal To Remove Yourself From The Office 365 Blocked Senders Lis | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/use-the-delist-portal-to-remove-yourself-from-the-office-365-blocked-senders-lis.md | f1.keywords: Previously updated : 04/18/2016 Last updated : 1/31/2023 audience: ITPro search.appverid: ms.assetid: 0bcecdd4-3343-4cc0-9e58-e19d4de515e8 - m365-security- - m365initiative-defender-office365 + - tier3 - seo-marvel-apr2020 description: In this article, you'll learn how to use the delist portal to remove yourself from the Microsoft 365 blocked senders list. This is the best response to address 5.7.511 Access denied errors. |
security | User Tags About | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/user-tags-about.md | search.appverid: - MET150 - m365-security+ - tier2 description: Admins can learn how to identify specific groups of users with user tags in Microsoft Defender for Office 365 Plan 2. Tag filtering is available across alerts, reports, and investigations in Microsoft Defender for Office 365 to quickly identify the tagged users. |
security | Walkthrough Spoof Intelligence Insight | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/walkthrough-spoof-intelligence-insight.md | search.appverid: ms.assetid: 59a3ecaf-15ed-483b-b824-d98961d88bdd - m365-security+ - tier2 description: Admins can learn how to use the spoof intelligence policy and the spoof intelligence insight to allow or block detected spoofed senders. - seo-marvel-apr2020 Previously updated : 09/13/2019 Last updated : 1/31/2023 # Manage spoofed senders using the spoof intelligence policy and spoof intelligence insight in EOP |
security | Zero Hour Auto Purge | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/office-365-security/zero-hour-auto-purge.md | search.appverid: ms.assetid: 96deb75f-64e8-4c10-b570-84c99c674e15 - m365-security+ - tier2 - seo-marvel-apr2020 description: Zero-hour auto purge (ZAP) retroactively moves delivered messages in an Exchange Online mailbox to the Junk Email folder or quarantine that are found to be spam, phishing, or that contain malware after delivery. |
security | Top Security Tasks For Remote Work | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/top-security-tasks-for-remote-work.md | |
syntex | Annotations | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/annotations.md | + + Title: Comment and collaborate using annotations in Microsoft Syntex +++++audience: admin +++search.appverid: ++ - enabler-strategic + - m365initiative-syntex +ms.localizationpriority: medium +description: Learn how to use universal annotations to mark and collaborate on items in SharePoint document libraries using Microsoft Syntex. +++# Comment and collaborate using annotations in Microsoft Syntex ++Use the annotations feature in Microsoft Syntex to add notes and comments to your content in document librariesΓÇöeither for yourself or for collaborating with others. You can use the annotations feature without modifying the original files, so the original records are preserved. ++Annotation tools currently include pen and highlighter, where can choose the colors you want to use, and an eraser for removing ink strokes and previous annotations. The feature is currently available only for .pdf and .tiff file types. More annotation tools and file types will be added in future releases. ++> [!NOTE] +> This feature is available only for users who are licensed for Syntex. ++## To use annotations ++1. From a SharePoint document library, open the file you want to annotate. ++  ++2. On the upper-right side of the document viewer, select the annotation icon (). ++  ++3. On the left side of the document viewer, select the annotation tool you want to use. ++  ++4. To change the color or thickness or the pen or highlighter, double-tap the tool to show the color palette options. ++  ++5. After you annotate a page, you can hide or display the notations by selecting the annotations icon. Other users can also add to, hide, or display any notations that have been added by selecting the annotations icon. ++ > [!NOTE] + > Annotations do not alter or modify the original document. They are added only as an overlay to the page. ++6. If needed, you can also use the zoom and rotate page options when you view annotations. ++  |
syntex | Syntex Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/syntex-overview.md | You build custom models to understand the layout of your files from example docu | Unstructured<br>document processing | Freeform<br>document processing | Structured<br>document processing | | - | - | - | |  |  |  |-| Use this custom model to automatically classify documents and extract information from them. Use the patterns of the text in example documents to train the model. Best for Office files and automatic classification of files. <br>[Learn more](document-understanding-overview.md) | Use this custom model to automatically extract information from unstructured documents. Use the patterns of the text or the layout in example documents to train the model. Best for a mix of both text and layout needs. <br>[Learn more](freeform-document-processing-overview.md) | Use this custom model to automatically identify field and table values from structured or semi-structured documents like forms. Best for most languages and files that include form layouts or tables. <br>[Learn more](form-processing-overview.md) | +| Use this custom model to automatically classify documents and extract information from them. Use the patterns of the text in example documents to train the model. Best for Office files and automatic classification of files. <br>[Learn more about unstructured models.](document-understanding-overview.md) | Use this custom model to automatically extract information from unstructured documents. Use the patterns of the text or the layout in example documents to train the model. Best for a mix of both text and layout needs. <br>[Learn more about freeform models.](freeform-document-processing-overview.md) | Use this custom model to automatically identify field and table values from structured or semi-structured documents like forms. Best for most languages and files that include form layouts or tables. <br>[Learn more about structured models.](form-processing-overview.md) | ### Prebuilt models If you don't need to build a custom model, you can use a [prebuilt model](prebui | Invoice processing | Receipt processing | | - | - | |  |  |-| Use this prebuilt model to save time processing invoices. Automatically extract key information specific to invoices. <br>[Learn more](prebuilt-model-invoice.md) | Use this prebuilt model to save time processing receipts. Automatically extract key information specific to expenses. <br>[Learn more](prebuilt-model-receipt.md) | +| Use this prebuilt model to save time processing invoices. Automatically extract key information specific to invoices. <br>[Learn more about invoice models.](prebuilt-model-invoice.md) | Use this prebuilt model to save time processing receipts. Automatically extract key information specific to expenses. <br>[Learn more about receipt models.](prebuilt-model-receipt.md) | -For more information about custom and prebuilt models, see [Overview of model types in Microsoft Syntex](model-types-overview.md). +[Learn more about custom and prebuilt models in Microsoft Syntex.](model-types-overview.md) ## Content assembly For more information about custom and prebuilt models, see [Overview of model ty This process lets you automatically generate standard repetitive business documents, such as contracts, statements of work, service agreements, letters of consent, and correspondence. You can do all these tasks quicker, more consistently, and with fewer errors in Syntex. -For more information, see [Create documents using content assembly in Microsoft Syntex](content-assembly.md). +[Learn more about how to generate documents using content assembly.](content-assembly.md) -## Advanced metadata search +## Content query :::row::: :::column span="3":::- The advanced metadata search feature in Syntex lets you perform specific metadata-based queries on SharePoint document libraries. + The content query feature in Syntex lets you perform specific metadata-based queries on SharePoint document libraries. You can make faster, more precise queries based on specific metadata column values, rather than just searching for keywords. :::column-end::: For more information, see [Create documents using content assembly in Microsoft This feature is useful when you have a specific piece of information you want to search for, such as when a document was last modified, a specific person associated with a file, or a specific file type. -For more information, see [Search for metadata in document libraries in Microsoft Syntex](metadata-search.md). +[Learn more about how to search for metadata in document libraries in Microsoft Syntex.](metadata-search.md) -## Content compliance +## Annotations :::row::: :::column span="":::-  +  :::column-end::: :::column span="3":::- Understanding your content allows for better compliance control and increases management and governance options for all your data. When content is properly tagged and labeled, you have better control over your data and can follow regulations more easily. Syntex helps you ensure compliance by using retention labels and sensitivity labels to manage your documents. + Use the annotations feature in Syntex to add notes, comment, and collaborate with others on your content in document libraries. You can use annotations without modifying the original files, so the original records are preserved. :::column-end::: :::row-end::: -For more information, see [Apply a retention label to a model in Microsoft Syntex](apply-a-retention-label-to-a-model.md) and [Apply a sensitivity label to a model in Microsoft Syntex](apply-a-sensitivity-label-to-a-model.md). +[Learn more about using annotations in Microsoft Syntex.](annotations.md) -## Premium taxonomy services +## Content compliance :::row::: :::column span="3":::- Having one or more Syntex licenses in your organization enables the following additional term store features for admins:<br><br> - - - [SKOS-based term set import](import-term-set-skos.md), which lets you import a term set using a SKOS-based format. + Understanding your content allows for better compliance control and increases management and governance options for all your data. When content is properly tagged and labeled, you have better control over your data and can follow regulations more easily. Syntex helps you ensure compliance by using retention labels and sensitivity labels to manage your documents. :::column-end:::+ :::column span=""::: +  + :::column-end::: ++Learn more about how to apply [retention labels](apply-a-retention-label-to-a-model.md) and [sensitivity labels](apply-a-sensitivity-label-to-a-model.md) to models in Microsoft Syntex. ++## Premium taxonomy services + :::column span="":::  :::column-end:::+ :::column span="3"::: + Having one or more Syntex licenses in your organization enables the following additional term store features for admins:<br><br> + + :::column-end::: :::row-end::: +- [SKOS-based term set import](import-term-set-skos.md), which lets you import a term set using a SKOS-based format. - [Pushing enterprise content types to a hub site](push-content-type-to-hub.md), which also adds them to the associated sites and any newly created lists or libraries. For more information, see [Apply a retention label to a model in Microsoft Synte ## Scenarios and use cases :::row:::- :::column span=""::: -  - :::column-end::: :::column span="3"::: Syntex can help your organization automate business processes, improve search accuracy, and manage compliance risk. With content AI services and capabilities, you can build content understanding and classification directly into the content management flow. :::column-end:::+ :::column span=""::: +  + :::column-end::: :::row-end::: -To prompt ideas about how you can use Syntex in your organization, see [Scenarios and use cases for Microsoft Syntex](adoption-scenarios.md). -<br><br> +[Learn more about how to use Syntex to streamline processes in your organization.](adoption-scenarios.md) +<!<br><br> > [!div class="nextstepaction"]-> [Learn more about models in Microsoft Syntex](model-types-overview.md) +> [Learn more about model types in Microsoft Syntex](model-types-overview.md) +> |