Updates from: 04/29/2021 03:30:45
Category Microsoft Docs article Related commit history on GitHub Change details
admin Get Started With Office 365 https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/admin-overview/get-started-with-office-365.md
- Title: "Get started with Microsoft 365 for business"-- NOCSH-----
-localization_priority: Normal
--- M365-subscription-management-- Adm_O365-- Adm_TOC-- Adm_O365_Setup--- MSStore_Link-- AdminSurgePortfolio-- MET150-- MOE150-- GEA150
-description: "Learn how to set up and use Microsoft 365 on your computer, phone, and tablet."
--
-# Get started
-
-Your organization recently got Microsoft 365, and now you need to use it so you can start reading email, sharing documents, and more. Learn how to set up and use Microsoft 365 on your computer, phone, and tablet.
-
-## Training resources for your users
---- [Employee quick start](../../business-video/employee-quick-setup.md)--- [Office Training Center](https://support.microsoft.com/office/b8f02f81-ec85-4493-a39b-4c48e6bc4bfb)
-
-- [Where to sign in](https://support.microsoft.com/office/e9eb7d51-5430-4929-91ab-6157c5a050b4)
-
-- [Install Office on your PC or Mac](https://support.microsoft.com/office/4414eaaf-0478-48be-9c42-23adc4716658)
-
-- [Mobile setup](https://support.microsoft.com/office/7dabb6cb-0046-40b6-81fe-767e0b1f014f)
-
-## Training resources for you, the admin
-
-Here are some resources to help you get started.
-
-- [Training for admins](../index.yml): Get links to free online classes for admins.
-
-- [Admin Help](https://docs.microsoft.com/microsoft-365/business-video/admin-center-overview): Get info about top tasks, getting started with admin tools, and troubleshooting problems.
-
-- [Contact support - Admin Help](../contact-support-for-business-products.md) : Call us, open an online request, or let the community help.
-
-## Related articles
-
-[Set up Microsoft 365 for business - Admin Help](../setup/setup.md)
admin Manage Messages https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/manage-messages.md
- Title: "Manage messages in Message center"-- NOCSH-----
-localization_priority: Normal
--- M365-subscription-management -- Adm_O365-- Adm_TOC--- BCS160-- MET150-- MOE150
-description: "Learn to manage Message center messages to help with change management."
--
-# Manage messages in Message center
-
-Message center posts are important announcements about new and changed features. This article provides more information about the things you can do with messages to help with change management in your organization.
-
-## Read a message
-
-To go to the Message center, go to the [admin center](https://go.microsoft.com/fwlink/p/?linkid=2024339), and select **Health** > **Message center**.
-
-Select a message title to open it in the reading pane. Every message contains a summary of the change, a statement of how the change may affect you, information about how you can prepare your organization for the change, and (in most cases) an additional information link where you can learn more. The additional information continues to be available, even after a message expires.
-
-## Filter and sort
--
-Use the **Service**, **Tag**, and **Message state** drop-down menus to select a filtered view of messages. For example, in this diagram the messages are tagged with the **Admin impact** tag.
-
-You can select any column heading, except **Service** and **Tag**, to sort messages in ascending or descending order.
----
-Use the **Views** drop-down menu to select a filtered view of messages.
-
-You can select any column heading to sort messages in ascending or descending order. For example, in this illustration the messages are sorted on the **Act by** date.
-
-![Message center view sorted by Admin impact tag](../../media/message-center-filter-act-by.png)
---
-Use the **Service**, **Tag**, and **Message state** drop-down menus to select a filtered view of messages. For example, in this diagram the messages are tagged with the **Admin impact**.
-
-You can select any column heading, except **Service** and **Tags**, to sort messages in ascending or descending order.
--
-## Give feedback on a post
-
-In the Message center, you can select a message to see details.
-
-If you want to provide feedback on the message, in the details pane, select either the **Like** or **Dislike** icon on the bottom of the message details pane, and provide optional feedback in the text box that appears. Do not provide any personal information. You can optionally select **It's OK to contact me about this feedback** and then select **Send**.
-
-## Share a message
-
-See a message that someone else needs to act on? You can share the contents of the message with any user by email:
-
-1. Select the message to open it, and then select **Share**.
-
-2. To share the message, enter up to two email addresses separated by a colon. You can send to individual and to group email addresses. Optionally, you can choose to receive a copy of the message in email (the message will go to your primary email address) or add a personal message to provide recipients with more context.
-
-3. Select **Share** to send the email.
-
-## Get a link
-
-Need to follow up with another admin to make sure they're aware of a change and taking action? You can generate a link to share in email or instant messaging, for example, that will connect the user directly to that message. The person you share the link with has to have access to Message center. See [admin roles that don't have access to the Message center](message-center.md#admin-roles-that-dont-have-access-to-the-message-center) for more information.
--
-1. Select the message to open it.
-
-2. Select **Copy link**.
-
-3. Use Ctrl+V or right-click and select **Paste** to insert the link to whatever document you wish.
---
-1. Select the message to open it.
-
-2. Choose **More** \> **Get a link** from the action bar.
-
-3. Allow the webpage to access your Clipboard. A direct link is copied to your Clipboard.
-
-4. Use Ctrl+V or right-click and select **Paste** to insert the link.
---
-1. Select the message to open it.
-
-2. Select **Copy link**.
-
-3. Use Ctrl+V or right-click and select **Paste** to insert the link to whatever document you wish.
--
-## Read and unread states
-
-Any message in Message center that is unread will appear in bold. Opening a message marks it as read. You can mark a message as unread.
---- On the main page of the message center, select the **More options** ellipses next to a message, and then select **Mark as unread**.-
-You can also open a message and mark it as unread in the details panel.
-
--
-1. Select the message to open it.
-
-2. Select **More** \> **Mark as unread**.
-
-3. Close the message.
----- On the main page of the message center, select the **More options** ellipses next to a message, and then select **Mark as unread**.--
-## Archive and restore
-
-If you see a message that doesn't pertain to you, or maybe you've already acted on it, you can archive the message to remove it from Inbox. The view that you see in the Message center is specific to your user account, so archiving it from your view doesn't affect other admins. There are two ways to archive a message.
--- On the main page of the Message center, select a message, and then select **Archive** above the list of messages.--- Open the message, and then select **Archive** on the top of the message pane.-
-Need to get an archived message back? No problem.
-
-1. Select the **Archive** tab at the top of the Message center. A list of archived messages appears.
-
-2. Select the message, select **Restore**, and the message is restored to Inbox.
-
-## Favorite messages
-
-To mark a message as a favorite, hover over the message title and you will see a **Favorite** :::image type="icon" source="../../media/favorite-star.png" border="false"::: star you can select right after the **More options** ellipses. Once you have marked messages as favorite you can also sort and filter them.
-
-## Scroll messages in the message pane
-
-When you open a message in a reading pane, you can use the **Up** and **Down** :::image type="icon" source="../../media/updownarrows.png" border="false"::: arrows on the top of the pane to move to the next, or the previous message in the list.
-
-## Track your message center tasks in Planner
-
-A lot of actionable information about changes to Microsoft 365 services arrives in the Microsoft 365 message center. It can be difficult to keep track of which changes require tasks to be done, when, and by whom, and to track each task to completion. You also might want to make a note of something and tag it to check on later. You can do all this and more when you sync your messages from the Microsoft 365 admin center to Microsoft Planner. For more information, see [Track your message center tasks in Planner](/office365/planner/track-message-center-tasks-planner).
-
-For an overview of Message center, see [Message center in Microsoft 365](message-center.md). Or, to learn how to set your language preferences to enable machine translation for Message center posts, see [Language translation for Message center posts](language-translation-for-message-center-posts.md). If you'd like to program an alternative way to get real-time service health information and Message Center communications, please reference [Microsoft 365 Service Communications API Overview](/previous-versions/office/developer/o365-enterprise-developers/jj984343(v=office.15)).
admin Message Center https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/message-center.md
To open Message center:
::: moniker-end You can also use the [Microsoft 365 Admin app](https://go.microsoft.com/fwlink/p/?linkid=627216) on your mobile device to view Message center, which is a great way to stay current with push notifications.+
+To unsubscribe from Message center emails, see [Unsubscribe from Message center emails](#unsubscribe-from-message-center-emails) in this article.
+
-### Frequently asked questions
+## Frequently asked questions
|**Question**|**Answer**| |:--|:--|
You can also use the [Microsoft 365 Admin app](https://go.microsoft.com/fwlink/p
|How can I ensure data privacy notifications are received by the right contacts in my organization? <br/> |As a global admin you will receive data privacy messages for your organization. Additionally, you can assign the Message Center Privacy reader role to people who should see data privacy messages. Other admin roles with access to Message Center cannot view data privacy messages. <br/><br/>For more info, see [Preferences](#preferences) in this article.<br/> | |Why canΓÇÖt I see a message that was previously there? <br/> |To manage the number of messages within Message center, each message will expire and be removed after a period of time. Generally, messages expire 30 days post the time period outlined in the message body. <br/> |
-### Messages
+## Filter messages
Message center presents a view of all active messages in a table format. By default, it shows the most recent message at the top of the list. You can select **Service** to see messages for various services, such as Microsoft 365 Apps, SharePoint Online, etc. Under **Tag** you can select **Admin impact**, **Data privacy**, **Feature update**, **Major update**, **New feature**, **Retirement**, or **User impact** messages. Under **Message state** you can select **Favorites**, **Unread**, or **Updated** messages. The Archive tab shows the messages you have archived. To archive a message, in the message pane, Select **Archive**.
-### Choose columns
-To choose columns, on the **Message center** page, on the far right, select **Choose columns**, and in the **Choose columns** pane, select the ones you want displayed.
+Use the **Service**, **Tag**, and **Message state** drop-down menus to select a filtered view of messages. For example, in this diagram the messages are tagged with the **Admin impact** tag.
-Here's a quick overview of the information you'll see in each column.
+You can select any column heading, except **Service** and **Tag**, to sort messages in ascending or descending order.
-#### Column information
-|**Column**|**Description**|
-|:--|:--|
-|Check mark <br/> |Selecting the check mark in the column heading row will select all messages currently displayed. Selecting the check mark next to one or more messages lets you take action on those messages. <br/> |
-|Message title <br/> |Message titles are brief descriptions of upcoming changes. If the full title doesn't display, hover your cursor over it and the entire title will appear in a pop-up box. <br/> |
-|Service <br/> |Icons indicate the application to which the message applies.<br/> |
-|More options <br/> |More options lets you dismiss a message, mark it as read or unread, or share it with another admin. To restore an archived message, select the **Archive** tab, select the check mark next to the message, and select **Restore**. <br/> |
-|Tags <br/> |You can choose tags from the **Tag** drop-down to filter messages. The available tags are: **Admin impact**, **Major update**, **Data Privacy**, **Feature update**, **New feature**, **Retirement**, and **User impact**. <br/> |
-|Category <br/> | This is not shown by default, but can be specified in the **Choose columns** panel. Messages are identified by one of the following three categories: <br/><br/> **Prevent or fix issues**: Informs you of known issues affecting your organization and may require that you take action to avoid disruptions in service. Prevent or fix issues are different than Service health messages because they prompt you to be proactive to avoid issues. <br/> <br/> **Plan for change**: Informs you of changes to Microsoft 365 that may require you to act to avoid disruptions in service. For example, we'll let you know about changes to system requirements or about features that are being removed. We try to provide at least 30 days' notice of any change that requires an admin to act to keep the service running normally. <br/> <br/> **Stay informed**: Tells you about new or updated features we are turning on in your organization. The features are usually announced first in the [Microsoft 365 Roadmap](https://go.microsoft.com/fwlink/?linkid=2070821). <br/><br/>May also let you know about planned maintenance in accordance with our Service Level Agreement. Planned maintenance may result in down time, where you or your users can't access Microsoft 365, a specific feature, or a service such as email or OneDrive for Business. <br/> |
-|Act by <br/> |We'll only have dates here if we're making a change that requires you to take an action by a certain deadline. Since we rarely use the **Act by** column, if you see something here, you should pay extra attention to it. <br/> |
-|Last updated <br/> |Date that the message was published or last updated. <br/> |
-|Message ID <br/> |Microsoft tracks our Message center posts by message ID. You can refer to this ID if you want to give feedback or if you call Support about a particular message. <br/> |
++
+Use the **Views** drop-down menu to select a filtered view of messages.
+
+You can select any column heading to sort messages in ascending or descending order. For example, in this illustration the messages are sorted on the **Act by** date.
+
+![Message center view sorted by Admin impact tag](../../media/message-center-filter-act-by.png)
+++
+Use the **Service**, **Tag**, and **Message state** drop-down menus to select a filtered view of messages. For example, in this diagram the messages are tagged with the **Admin impact**.
+
+You can select any column heading, except **Service** and **Tags**, to sort messages in ascending or descending order.
+
-Head over to [Manage messages in Message center](manage-messages.md) to get more information on the things you can do with messages.
-
### Major updates Major updates can be reviewed by selecting the **Major update** from the **Tags** drop-down.
If administration is distributed across your organization, you may not want or n
::: moniker-end
-#### Display messages in your preferred language
+### Display messages in your preferred language
We use machine translation to automatically display messages in your preferred language. Read [Language translation for Message center posts](language-translation-for-message-center-posts.md) for more information on how to set your language. > [!NOTE] > The weekly digest and any posts that are emailed are sent in English-only. Recipients can use [Translator for Outlook](https://support.microsoft.com/office/3d7e12ed-99d6-406e-a453-b9db0d9653fa) to read the message in their preferred language.
-
+
+## Choose columns
+
+To choose columns, on the **Message center** page, on the far right, select **Choose columns**, and in the **Choose columns** pane, select the ones you want displayed.
+
+Here's a quick overview of the information you'll see in each column.
+
+### Column information
+
+|**Column**|**Description**|
+|:--|:--|
+|Check mark <br/> |Selecting the check mark in the column heading row will select all messages currently displayed. Selecting the check mark next to one or more messages lets you take action on those messages. <br/> |
+|Message title <br/> |Message titles are brief descriptions of upcoming changes. If the full title doesn't display, hover your cursor over it and the entire title will appear in a pop-up box. <br/> |
+|Service <br/> |Icons indicate the application to which the message applies.<br/> |
+|More options <br/> |More options lets you dismiss a message, mark it as read or unread, or share it with another admin. To restore an archived message, select the **Archive** tab, select the check mark next to the message, and select **Restore**. <br/> |
+|Tags <br/> |You can choose tags from the **Tag** drop-down to filter messages. The available tags are: **Admin impact**, **Major update**, **Data Privacy**, **Feature update**, **New feature**, **Retirement**, and **User impact**. <br/> |
+|Category <br/> | This is not shown by default, but can be specified in the **Choose columns** panel. Messages are identified by one of the following three categories: <br/><br/> **Prevent or fix issues**: Informs you of known issues affecting your organization and may require that you take action to avoid disruptions in service. Prevent or fix issues are different than Service health messages because they prompt you to be proactive to avoid issues. <br/> <br/> **Plan for change**: Informs you of changes to Microsoft 365 that may require you to act to avoid disruptions in service. For example, we'll let you know about changes to system requirements or about features that are being removed. We try to provide at least 30 days' notice of any change that requires an admin to act to keep the service running normally. <br/> <br/> **Stay informed**: Tells you about new or updated features we are turning on in your organization. The features are usually announced first in the [Microsoft 365 Roadmap](https://go.microsoft.com/fwlink/?linkid=2070821). <br/><br/>May also let you know about planned maintenance in accordance with our Service Level Agreement. Planned maintenance may result in down time, where you or your users can't access Microsoft 365, a specific feature, or a service such as email or OneDrive for Business. <br/> |
+|Act by <br/> |We'll only have dates here if we're making a change that requires you to take an action by a certain deadline. Since we rarely use the **Act by** column, if you see something here, you should pay extra attention to it. <br/> |
+|Last updated <br/> |Date that the message was published or last updated. <br/> |
+|Message ID <br/> |Microsoft tracks our Message center posts by message ID. You can refer to this ID if you want to give feedback or if you call Support about a particular message. <br/> |
+ ### Admin roles that don't have access to the Message center - Compliance administrator
We use machine translation to automatically display messages in your preferred l
- Privileged role administrator - Reports reader
+## Give feedback on a post
+
+In the Message center, you can select a message to see details.
+
+If you want to provide feedback on the message, in the details pane, select either the **Like** or **Dislike** icon on the bottom of the message details pane, and provide optional feedback in the text box that appears. Do not provide any personal information. You can optionally select **It's OK to contact me about this feedback** and then select **Send**.
+
+## Share a message
+
+See a message that someone else needs to act on? You can share the contents of the message with any user by email:
+
+1. Select the message to open it, and then select **Share**.
+
+2. To share the message, enter up to two email addresses separated by a colon. You can send to individual and to group email addresses. Optionally, you can choose to receive a copy of the message in email (the message will go to your primary email address) or add a personal message to provide recipients with more context.
+
+3. Select **Share** to send the email.
+
+## Get a link
+
+Need to follow up with another admin to make sure they're aware of a change and taking action? You can generate a link to share in email or instant messaging, for example, that will connect the user directly to that message. The person you share the link with has to have access to Message center. See [admin roles that don't have access to the Message center](message-center.md#admin-roles-that-dont-have-access-to-the-message-center) for more information.
++
+1. Select the message to open it.
+
+2. Select **Copy link**.
+
+3. Use Ctrl+V or right-click and select **Paste** to insert the link to whatever document you wish.
+++
+1. Select the message to open it.
+
+2. Choose **More** \> **Get a link** from the action bar.
+
+3. Allow the webpage to access your Clipboard. A direct link is copied to your Clipboard.
+
+4. Use Ctrl+V or right-click and select **Paste** to insert the link.
+++
+1. Select the message to open it.
+
+2. Select **Copy link**.
+
+3. Use Ctrl+V or right-click and select **Paste** to insert the link to whatever document you wish.
++
+## Read and unread states
+
+Any message in Message center that is unread will appear in bold. Opening a message marks it as read. You can mark a message as unread.
++
+- On the main page of the message center, select the **More options** ellipses next to a message, and then select **Mark as unread**.
+
+You can also open a message and mark it as unread in the details panel.
+
++
+1. Select the message to open it.
+
+2. Select **More** \> **Mark as unread**.
+
+3. Close the message.
+++
+- On the main page of the message center, select the **More options** ellipses next to a message, and then select **Mark as unread**.
++
+## Archive and restore
+
+If you see a message that doesn't pertain to you, or maybe you've already acted on it, you can archive the message to remove it from Inbox. The view that you see in the Message center is specific to your user account, so archiving it from your view doesn't affect other admins. There are two ways to archive a message.
+
+- On the main page of the Message center, select a message, and then select **Archive** above the list of messages.
+
+- Open the message, and then select **Archive** on the top of the message pane.
+
+Need to get an archived message back? No problem.
+
+1. Select the **Archive** tab at the top of the Message center. A list of archived messages appears.
+
+2. Select the message, select **Restore**, and the message is restored to Inbox.
+
+## Favorite messages
+
+To mark a message as a favorite, hover over the message title and you will see a **Favorite** :::image type="icon" source="../../media/favorite-star.png" border="false"::: star you can select right after the **More options** ellipses. Once you have marked messages as favorite you can also sort and filter them.
+
+## Scroll messages in the message pane
+
+When you open a message in a reading pane, you can use the **Up** and **Down** :::image type="icon" source="../../media/updownarrows.png" border="false"::: arrows on the top of the pane to move to the next, or the previous message in the list.
+
+## Track your message center tasks in Planner
+
+A lot of actionable information about changes to Microsoft 365 services arrives in the Microsoft 365 message center. It can be difficult to keep track of which changes require tasks to be done, when, and by whom, and to track each task to completion. You also might want to make a note of something and tag it to check on later. You can do all this and more when you sync your messages from the Microsoft 365 admin center to Microsoft Planner. For more information, see [Track your message center tasks in Planner](/office365/planner/track-message-center-tasks-planner).
+
+For an overview of Message center, see [Message center in Microsoft 365](message-center.md). Or, to learn how to set your language preferences to enable machine translation for Message center posts, see [Language translation for Message center posts](language-translation-for-message-center-posts.md). If you'd like to program an alternative way to get real-time service health information and Message Center communications, please reference [Microsoft 365 Service Communications API Overview](/previous-versions/office/developer/o365-enterprise-developers/jj984343(v=office.15)).
+ ## Unsubscribe from Message center emails 1. Digest emails are turned on by default and are sent to your primary email address. To stop receiving the weekly digest, select **Preferences** and then **Email**.
We use machine translation to automatically display messages in your preferred l
- Email notification for major updates is a separate control. If you don't want to receive email notices about major updates, verify that **Send me emails for major updates** checkbox is not selected. - To stop receiving email notices about data privacy messages, verify that **Send me emails for data privacy messages** checkbox is not selected. (Data privacy messages are not included in the weekly digest.)
-2. Select **Save** to keep your changes.<br/>
+2. Select **Save** to keep your changes.<br/>
+
+## Related content
+
+[Set up the Standard or Targeted release options](../manage/release-options-in-office-365.md) (article)
+
+[Manage which Office features appear in What's New](../manage/show-hide-new-features.md) (article)
+
+[Business subscriptions and billing documentation](../../commerce/index.yml) (links)
admin Share Sites With External Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/share-sites-with-external-users.md
- Title: "Share sites and files with guest users"-----
-localization_priority: Normal
--- M365-subscription-management-- Adm_O365-- Adm_TOC-- SPO_Content--- BCS160-- MET150-- MOE150-
-description: "Learn how to share sites and files with people outside the organization. "
--
-# Share sites and files with guest users
-
-To collaborate with people outside your organization, you can share entire sites or specific files externally. If you want to get straight to setting up sharing, choose the scenario you want to enable:
--- [Collaborate with guests on a document](../../solutions/collaborate-on-documents.md)-- [Collaborate with guests in a site](../../solutions/collaborate-in-site.md)-- [Collaborate with guests in a team](../../solutions/collaborate-as-team.md)
-
-## Deciding how to share your content
-
-When considering if and how you want to share content externally, think about the following:
-
-- To whom do you want to grant access to content on the site and any subsites, and what do you want them to be able to do?
-
-- To whom in your organization do you want to grant permission to share content externally?
-
-- Is there content you want to ensure is never available to be viewed by people external to your organization?
-
-The answers to these questions will help you plan your strategy for content sharing.
-
-|**Try this:**|**If you need to…**|
-|:--|:--|
-|Add a guest to a group <br/> |Provide someone outside your organization with ongoing access to information and content on a team site. They need the ability to perform like a full user of your site and create, edit, and view content. <br/> |
-|Share a document and require guests to authenticate. <br/> |Provide specific people outside your organization with secure access to a document for review or collaboration, but these people do not require access to other content on the site. <br/> |
-|Share a document, but don't require authentication. <br/> |Share a link to a non-sensitive or non-confidential document with people outside your organization so that they can either view it or update it with feedback. These people do not require access to content on the site. <br/> |
-
-> [!IMPORTANT]
-> When you disable external sharing, people outside the organization who currently have access will no longer have access. If you later turn external sharing back on, access will be restored for these people. To prevent a user from accessing a shared content, [remove them from the Microsoft 365 group](/office365/admin/create-groups/add-or-remove-members-from-groups), remove their permissions from the site, or [stop sharing the file or folder with them](https://support.microsoft.com/office/0a36470f-d7fe-40a0-bd74-0ac6c1e13323).
-
-## Enable external sharing at the organization level
-
-External sharing is turned on by default at the organization level, but not for all new sites. For info, see [External sharing overview](/sharepoint/external-sharing-overview).
-
-> [!NOTE]
-> To allow external sharing for any site, you need to allow it at the organization level.
-
-1. In the [admin center](https://go.microsoft.com/fwlink/p/?linkid=2024339), type "external" in the search box on the Home page, and choose **Sites external sharing**.
-
-2. On the page that opens, choose whether users can share with existing guests only, new and existing guests, or anyone.
-
-3. Select **Save**.
-
-After you enable external sharing at the organization level, you can fine tune your sharing settings to disable external sharing for particular sites. For info, see [Turn external sharing on or off for a site](/sharepoint/change-external-sharing-site).
-
-
-
-
admin Update Phone Number And Email Address https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/update-phone-number-and-email-address.md
description: "Update your administrator phone number and email address in the ad
This article explains how you, the admin, can change your business phone and email address in Microsoft 365. If you're looking for how to change your company's profile information, such as company name and address, company phone number, and technical contact information, see [Change your organization's address, technical contact email, and other information](change-address-contact-and-more.md).+
+For more information about changing user contact information or removing former employees, see [Related content](#related-content).
## To update your phone number and email address
For answers to billing questions, see:
- [Change your billing addresses for Microsoft 365 for business](../../commerce/billing-and-payments/change-your-billing-addresses.md) -- [Manage payment methods](../../commerce/billing-and-payments/manage-payment-methods.md)
+- [Manage payment methods](../../commerce/billing-and-payments/manage-payment-methods.md)
+
+## Related content
+
+[Change a user name and email address](../add-users/change-a-user-name-and-email-address.md) (video)
+
+[Add a new employee](../add-users/add-new-employee.md) (video)
+
+[Remove a former employee](../add-users/remove-former-employee.md) (video)
+
+[Access and back up a former user's data](../add-users/get-access-to-and-back-up-a-former-user-s-data.md) (article)
admin Customize Help Desk https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/customize-help-desk.md
- Title: "Add customized help desk info to the help pane"-- CSH-----
-localization_priority: Normal
--- M365-subscription-management -- Adm_O365-- Adm_NonTOC--- BCS160-- MET150-- MOE150-- GEA150
-description: "Create custom help desk card in the admin center and add customized support contact info to the help pane."
--
-# Add customized help desk info to the help pane
-
-As an admin, you can streamline user support by adding customized contact information to the help pane. Users in need of help will be able to access your organization's custom support contact info with the help icon.
-
-To create a custom help desk card, you must be a global admin for Microsoft 365 and have a license to Exchange Online. Learn how to [assign licenses in Microsoft 365 for business](../manage/assign-licenses-to-users.md).
-
-> [!NOTE]
-> If you are an admin looking for technical or billing support from Microsoft, see [Contact Microsoft 365 for business support](../contact-support-for-business-products.md).
-
-
-### Create the custom help desk card in the admin center
-<a name="BKMK_HelpDeskPreview"> </a>
-
-1. In the admin center, go to the **Settings** > **Org Settings** and choose **Help desk information** tab.
-
-2. On the **Organization profile** tab, choose **Custom app launcher tiles**.
-
-3. Turn on the **Add your help desk contact information**.
-
-4. As an admin, you decide what kind of contact information you want to give users. The title and at least one form of contact information are required. Select what you want to display, and fill out the appropriate info.
-
- - **Title**: Enter a title that clearly indicates your intent, like "Contoso help desk" or "Need help?"
-
- - **Phone**: Enter the phone number users should call to talk to a tech support agent at your organization. Be sure to include any prefixes that may be needed to complete the call.
-
- - **Email**: Enter the email address for your support department.
-
- - **URL**: If your support department has an internal or public website with helpful tools and resources, enter its name and the associated URL.
-
-5. Select **Save changes**.
-
- To see your new customized help desk card, sign out and back in again. We recommend you test the links on the card as soon as you sign back in. Your users will be able to see the card the next time they sign in.
-
-
admin Password Policy Recommendations https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/password-policy-recommendations.md
As the admin of an organization, you're responsible for setting password policy
To determine how often Microsoft 365 passwords expire in your organization, see [Set password expiration policy for Microsoft 365](../manage/set-password-expiration-policy.md).
-For more information about Microsoft 365 passwords, see these [related articles](#related-articles).
+For more information about Microsoft 365 passwords, see:
+
+[Reset passwords](../add-users/reset-passwords.md) (article)
+
+[Set an individual user's password to never expire](../add-users/set-password-to-never-expire.md) (artice)
+
+[Let users reset their own passwords](../add-users/let-users-reset-passwords.md) (article)
+
+[Resend a user's password - Admin Help](../add-users/resend-user-password.md) (article)
## Understanding password recommendations
Risk-based multi-factor authentication ensures that when our system detects susp
- [Worst Passwords of 2015](https://go.microsoft.com/fwlink/p/?linkid=861020)
-## Related articles
+## Related content
-[Reset passwords](../add-users/reset-passwords.md)
+[Reset passwords](../add-users/reset-passwords.md) (article)
-[Set an individual user's password to never expire](../add-users/set-password-to-never-expire.md)
+[Set an individual user's password to never expire](../add-users/set-password-to-never-expire.md) (article)
-[Let users reset their own passwords](../add-users/let-users-reset-passwords.md)
+[Let users reset their own passwords](../add-users/let-users-reset-passwords.md) (article)
-[Resend a user's password - Admin Help](../add-users/resend-user-password.md)
+[Resend a user's password - Admin Help](../add-users/resend-user-password.md) (article)
admin Types Of Users https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/misc/types-of-users.md
- Title: "Quick help Types of users"-- NOCSH-----
-localization_priority: Normal
--- M365-subscription-management -- Adm_O365-- Adm_NonTOC--- AdminSurgePortfolio-- BCS160-- MET150-- MOE150-
-description: "Learn about types of users in the admin center. "
--
-# Quick help: Types of users
-
-On the **Active users** page in the Microsoft 365 admin center, you can filter by the following types of users.
-
-|||
-|:--|:--|
-|**Type of user** <br/> |**Definition** <br/> |
-|Licensed users <br/> |These users have been assigned a Microsoft 365 license, such as Microsoft 365 Business Standard or Office 365 Enterprise E3, so they can use Microsoft 365 services. <br/> |
-|Sign-in allowed <br/> |These users can sign into Microsoft 365 to create documents, check email, and so forth. Most of your users should be able to sign in at any given time. <br/> |
-|Sign-in blocked <br/> |These users cannot sign into Microsoft 365. An example of this is a user who left the company and you blocked their access to Microsoft 365. <br/> |
-|Unlicensed users <br/> |These users have no Microsoft 365 license, like Microsoft 365 Business Standard or Office 365 Enterprise E3, so they can't use Microsoft 365 features. Examples are administrators who only need to manage Microsoft 365, employees who have left the company, or shared and resource mailboxes that aren't associated with people. <br/> |
-|Users with errors <br/> |These users have errors associated with their account that need to be resolved. <br/> |
-|Billing admins <br/> |These users can make purchases, manage subscriptions, manage support tickets, and monitor service health on your behalf. <br/> |
-|Global admins <br/> |These users have access to all administrative features. The person who signs up for Microsoft 365 becomes a global admin but you can have more than one if you like. Global admins are the only admins who can assign admin roles to others. <br/> |
-|Password admins <br/> |These users can reset passwords, manage service requests, and monitor service health on your behalf. <br/> |
-|Service admins <br/> |These users can manage service requests and monitor service health on your behalf. <br/> |
-|User management admins <br/> |These users can reset passwords, monitor service health, manage user accounts, user groups, and service requests. They can't delete a global admin, create other admin roles, or reset passwords for billing, global, and service admins. <br/> |
-|Add custom filter <br/> |With this option, you can create a custom filter to view only certain types of users of your preference, such as which users are on the Microsoft 365 Apps for business plan. [Quick help: Filter users](../add-users/create-edit-or-delete-a-custom-user-view.md). <br/> |
-
-## Related articles
-
-[Add users and assign licenses at the same time](../add-users/add-users.md)
-
-[Assign licenses to users in Microsoft 365 for business](../manage/assign-licenses-to-users.md)
-
-[Remove licenses from users in Microsoft 365 for business](../manage/remove-licenses-from-users.md)
-
-[Assigning admin roles in Microsoft 365](../add-users/assign-admin-roles.md)
admin Bangladesh https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/support/bangladesh.md
After dialing, enter
-877 857 3235
++1877 857 3235 ## Hours ### Billing Support:
admin Whats New In Preview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/whats-new-in-preview.md
WeΓÇÖve revamped the Message center to help you discover relevant messages and a
:::image type="content" source="../media/message-center.png" alt-text="Screenshot: Message center home page showing inbox and messages":::
-To learn more about the new features, check out [Manage messages in Message center](manage/manage-messages.md).
+To learn more about the new features, check out [Message center](manage/message-center.md).
### What's new features
compliance Archive Android Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-android-archiver-data.md
The following overview explains the process of using a connector to archive Andr
1. Your organization works with TeleMessage to set up an Android Archiver connector. For more information, see [Android Archiver](https://www.telemessage.com/office365-activation-for-android-archiver/).
-2. Once every 24 hours, SMS, MMS, voice calls, and call logs from your organization's Android mobile phones are copied to the TeleMessage site.
+2. In real time, SMS, MMS, voice calls, and call logs from your organization's Android mobile phones are copied to the TeleMessage site.
-3. The Android Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the Android data from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the Android data to an email message format.
+3. The Android Archiver connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the Android data from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the Android data to an email message format.
-4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Android Archiver is created in the specific user's mailbox and the items are imported to it. The connector does mapping by using the value of the *UserΓÇÖs Email address* property. Every email message contains this property, which is populated with the email address of every participant of the email message. In addition to automatic user mapping using the value of the *UserΓÇÖs Email address* property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file should contain UserΓÇÖs mobile Number and the corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every email item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's mobile number, the connector will use the User ΓÇÿs email address property of the email item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the *userΓÇÖs email address* property of the email item, the item won't be imported.
+4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named Android Archiver is created in the specific user's mailbox and the items are imported to it. The connector does mapping by using the value of the *User's Email address* property. Every email message contains this property, which is populated with the email address of every participant of the email message. In addition to automatic user mapping using the value of the *User's Email address* property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file should contain the mobile number and corresponding Microsoft 365 mailbox address for each user. If you enable automatic user mapping and provide a custom mapping, for every email item the connector will first look at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's mobile number, the connector will use the user's email address property of the email item. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or the *User's email address* property of the email item, the item won't be imported.
## Before you begin
The last step is to create an Android Archiver connector in the Microsoft 365 co
## Known issues -- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
+- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
compliance Archive Att Network Archiver Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-att-network-archiver-data.md
The following overview explains the process of using a connector to archive AT&T
1. Your organization works with TeleMessage to set up an AT&T Network connector. For information, see [AT&T Network Archiver](https://www.telemessage.com/office365-activation-for-atnt-network-archiver/).
-2. Once every 24 hours, SMS and MMS messages from your organizationΓÇÖs AT&T Network are copied to the TeleMessage site.
+2. In real time, SMS and MMS messages from your organization's AT&T Network are copied to the TeleMessage site.
-3. The AT&T Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the content of SMS and MMS messages to an email message format.
+3. The AT&T Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format.
-4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named **AT&T SMS/MMS Network Archiver** is created in the user's mailbox and the items are imported to it. The connector does this mapping by using the value of the *UserΓÇÖs Email address* property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message.
+4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named **AT&T SMS/MMS Network Archiver** is created in the user's mailbox and the items are imported to it. The connector does this mapping by using the value of the *User's Email address* property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message.
In addition to automatic user mapping using the value of the *UserΓÇÖs Email address* property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file contains the mobile phone number and corresponding Microsoft 365 email address for users in your organization. If you enable both automatic user mapping and custom mapping, for every email item the connector first looks at the custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a mobile phone number, the connector uses the values in the email address property of the item it's trying to import. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or in the email address property of the email item, the item won't be imported.
After you've completed the prerequisites described in the previous section, you
## Known issues -- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
+- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
compliance Archive Bell Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-bell-network-data.md
The following overview explains the process of using a connector to archive Bell
1. Your organization works with TeleMessage and Bell to set up a Bell Network connector. For more information, see [Bell Network Archiver](https://www.telemessage.com/office365-activation-for-bell-network-archiver).
-2. Once every 24 hours, SMS and MMS messages from your organizationΓÇÖs Bell Network are copied to the TeleMessage site.
+2. In real time, SMS and MMS messages from your organization's Bell Network are copied to the TeleMessage site.
-3. The Bell Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the content of SMS and MMS messages to an email message format.
+3. The Bell Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format.
-4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named **Bell SMS/MMS Network Archiver** is created in a specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the *UserΓÇÖs Email address* property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message.
+4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named **Bell SMS/MMS Network Archiver** is created in a specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the *User's Email address* property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message.
In addition to automatic user mapping using the value of the *UserΓÇÖs Email address* property, you can also define a custom mapping by uploading a CSV mapping file. This mapping file contains the mobile phone number and corresponding Microsoft 365 email address for users in your organization. If you enable both automatic user mapping and custom mapping, for every Bell Network item the connector first looks at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's mobile phone number, the connector will use the values in the email address property of the item it's trying to import. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or in the email address property of the Bell Network item, the item won't be imported.
The last step is to create a Bell Network connector in the Microsoft 365 complia
## Known issues -- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
+- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
compliance Archive Icechat Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-icechat-data.md
The following overview explains the process of using a connector to archive ICE
2. Once every 24 hours, chat messages from ICE Chat are copied to your ICE Chat SFTP site.
-3. The ICE Chat connector that you create in the Microsoft 365 compliance center connects to the ICE Chat SFTP site every day and transfers the chat messages from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the content of a chat massage to an email message format.
+3. The ICE Chat connector that you create in the Microsoft 365 compliance center connects to the ICE Chat SFTP site every day and transfers the chat messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of a chat massage to an email message format.
4. The connector imports chat message items to the mailboxes of specific users. A new folder named **ICE Chat** is created in the user mailboxes and the chat message items are imported to that folder. The connector does by using the value of the *SenderEmail* and *RecipientEmail* properties. Every chat message contains these properties, which are populated with email address of the sender and every recipient/participant of the chat message.
compliance Archive O2 Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-o2-network-data.md
The following overview explains the process of using a connector to archive O2 N
2. Once every 24 hours, SMS messages and voice calls from your organizationΓÇÖs O2 Network are copied to the TeleMessage site.
-3. The O2 Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS messages and voice calls from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the content of SMS messages and voice calls to an email message format.
+3. The O2 Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS messages and voice calls from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS messages and voice calls to an email message format.
4. The connector imports the mobile communication items to the mailbox of specific users. A new folder named **O2 SMS and Voice Network Archiver** is created in a specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the *UserΓÇÖs Email address* property. Every SMS message and voice call contains this property, which is populated with the email address of every participant of the message.
compliance Archive Telus Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-telus-network-data.md
The following overview explains the process of using a connector to archive TELU
1. Your organization works with TeleMessage and TELUS to set up a TELUS Network connector. For more information, see [TELUS Network Archiver](https://www.telemessage.com/office365-activation-for-telus-network-archiver/).
-2. Once every 24 hours, SMS messages from your organizationΓÇÖs TELUS Network are copied to the TeleMessage site.
+2. In real time, SMS messages from your organization's TELUS Network are copied to the TeleMessage site.
-3. The TELUS Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the content of SMS messages to an email message format.
+3. The TELUS Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS messages to an email message format.
-4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named **TELUS SMS Network Archiver** is created in the specific user's mailbox and the items are imported to it. The connector does mapping by using the value of the *UserΓÇÖs Email address* property. Every SMS message contains this property, which is populated with the email address of every participant of the SMS message.
+4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named **TELUS SMS Network Archiver** is created in the specific user's mailbox and the items are imported to it. The connector does mapping by using the value of the *User's Email address* property. Every SMS message contains this property, which is populated with the email address of every participant of the SMS message.
In addition to automatic user mapping using the value of the *UserΓÇÖs Email address* property, you can also implement custom mapping by uploading a CSV mapping file. This mapping file contains the mobile phone number and corresponding Microsoft 365 email address for users in your organization. If you enable both automatic user mapping and custom mapping, for every TELUS item the connector first looks at custom mapping file. If it doesn't find a valid Microsoft 365 user that corresponds to a user's mobile phone number, the connector will use the values in the email address property of the item it's trying to import. If the connector doesn't find a valid Microsoft 365 user in either the custom mapping file or in the email address property of the TELUS item, the item won't be imported.
After you've completed the prerequisites described in the previous section, you
## Known issues -- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
+- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
compliance Archive Verizon Network Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-verizon-network-data.md
The following overview explains the process of using a connector to archive Veri
2. Once every 24 hours, SMS and MMS messages from your organizationΓÇÖs Verizon Network are copied to the TeleMessage site.
-3. The Verizon Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the content of SMS and MMS messages to an email message format.
+3. The Verizon Network connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers the SMS and MMS messages from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content of SMS and MMS messages to an email message format.
4. The connector imports the mobile communication items to the mailbox of a specific user. A new folder named **Verizon SMS/MMS Network Archiver** is created in the specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the *UserΓÇÖs Email address* property. Every SMS and MMS message contains this property, which is populated with the email address of every participant of the message.
compliance Archive Whatsapp Data https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/archive-whatsapp-data.md
The following overview explains the process of using a connector to archive What
1. Your organization works with TeleMessage to set up a WhatsApp Archiver connector. For more information, see [WhatsApp Archiver](https://www.telemessage.com/office365-activation-for-whatsapp-archiver).
-2. Once every 24 hours, your organizationΓÇÖs WhatsApp data is copied to the TeleMessage site.
+2. In real time, your organization's WhatsApp data is copied to the TeleMessage site.
-3. The WhatsApp connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers WhatsApp data from the previous 24 hours to a secure Azure Storage location in the Microsoft Cloud. The connector also converts the content WhatsApp data to an email message format.
+3. The WhatsApp connector that you create in the Microsoft 365 compliance center connects to the TeleMessage site every day and transfers WhatsApp data from the previous 24 hours to a secure Azure Storage location in the Microsoft cloud. The connector also converts the content WhatsApp data to an email message format.
4. The connector imports WhatsApp data to the mailbox of a specific user. A new folder named **WhatsApp Archiver** is created in the specific user's mailbox and the items are imported to it. The connector does this mapping by using the value of the *UserΓÇÖs Email address* property. Every WhatsApp message contains this property, which is populated with the email address of every participant of the message.
After you've completed the prerequisites described in the previous section, you
## Known issues -- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
+- At this time, we don't support importing attachments or items that are larger than 10 MB. Support for larger items will be available at a later date.
compliance Communication Compliance Configure https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/communication-compliance-configure.md
For more information about configuring Yammer in Native Mode, see:
- Choose if you'd like to enable classifiers. Classifiers can detect inappropriate language and images sent or received in the body of email messages or other types of text. You can choose the following built-in classifiers: *Threat*, *Profanity*, *Targeted harassment*, *Adult images*, *Racy images*, and *Gory images*.
- > [!CAUTION]
- > We are deprecating the **Offensive Language** built-in classifier because it has been producing a high number of false positives. Don't use it and if you are currently using it, you should move your business processes off of it. We recommend using the **Threat**, **Profanity**, and **Targeted harassment** built-in classifiers instead.
- - Enable [optical character recognition (OCR)](communication-compliance-feature-reference.md#optical-character-recognition-ocr-preview) to scan embedded or attached images in messages for printed or handwritten text that match policy conditions. For custom policies, one or more conditional settings associated with text, keywords, classifiers, or sensitive info types must be configured in the policy to enable the selection of optical character recognition scanning. - Define the percentage of communications to review.
compliance Encryption Sensitivity Labels https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/encryption-sensitivity-labels.md
You can use the following options to let users assign permissions when they manu
The Do Not Forward option is supported by all email clients that support sensitivity labels. However, applying the **Encrypt-Only** option with a sensitivity label is a recent release that's supported only by built-in labeling and not the Azure Information Protection unified labeling client. For email clients that don't support this capability, the label won't be visible.
- To check which Outlook apps that use built-in labeling support applying the Encrypt-Only option with a sensitivity label, use the [capabilities table for Outlook](sensitivity-labels-office-apps.md#sensitivity-label-capabilities-in-outlook) and the row **Let users assign permissions: - Encrypt-Only**.
+ To check the minimum versions of Outlook apps that use built-in labeling to support applying the Encrypt-Only option with a sensitivity label, use the [capabilities table for Outlook](sensitivity-labels-office-apps.md#sensitivity-label-capabilities-in-outlook) and the row **Let users assign permissions: - Encrypt-Only**.
- In Word, PowerPoint, and Excel, a user is prompted to select their own permissions for specific users, groups, or organizations.
compliance Sensitive Information Type Learn About https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitive-information-type-learn-about.md
Sensitive information types are pattern-based classifiers. They detect sensitive
- [Data loss prevention policies](data-loss-prevention-policies.md) - [Sensitivity labels](sensitivity-labels.md) - [Retention labels](retention.md)
+- [Insider risk management](insider-risk-management.md)
- [Communication compliance](communication-compliance.md) - [Auto-labelling policies](apply-sensitivity-label-automatically.md#how-to-configure-auto-labeling-for-office-apps)
compliance Sensitivity Labels Office Apps https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/sensitivity-labels-office-apps.md
The numbers listed are the minimum Office application version required for each
|[Dynamic markings with variables](#dynamic-markings-with-variables) | 1910+ | 16.21+ | 4.7.1+ | 4.0.39+ | Yes | |[Assign permissions now](encryption-sensitivity-labels.md#assign-permissions-now) | 1910+ | 16.21+ | 4.7.1+ | 4.0.39+ | Yes | |[Let users assign permissions: <br /> - Do Not Forward](encryption-sensitivity-labels.md#let-users-assign-permissions) | 1910+ | 16.21+ | 4.7.1+ | 4.0.39+ | Yes |
-|[Let users assign permissions: <br /> - Encrypt-Only](encryption-sensitivity-labels.md#let-users-assign-permissions) |2011+ | Rolling out: 16.48+ | Rolling out: 4.2112.0+ | Rolling out: 4.2112.0+ | Yes |
-|[Require users to apply a label to their email and documents](#require-users-to-apply-a-label-to-their-email-and-documents) | Rolling out: 2101+ | 16.43+ <sup>\*</sup> | Under review | Under review | Yes |
+|[Let users assign permissions: <br /> - Encrypt-Only](encryption-sensitivity-labels.md#let-users-assign-permissions) |2011+ | 16.48+ | 4.2112.0+ | 4.2112.0+ | Yes |
+|[Require users to apply a label to their email and documents](#require-users-to-apply-a-label-to-their-email-and-documents) | 2101+ | 16.43+ <sup>\*</sup> | Rolling out: 4.2111+ | Rolling out: 4.2111+ | Yes |
|[Audit label-related user activity](data-classification-activity-explorer.md) | 2011+ | Under review | Under review | Under review | Under review | |[Apply a sensitivity label to content automatically](apply-sensitivity-label-automatically.md) | 2009+ | 16.44+ <sup>\*</sup> | Under review | Under review | Yes |
-|[Different settings for default label and mandatory labeling](#outlook-specific-options-for-default-label-and-mandatory-labeling) | Under review | Rolling out: 16.43.1108+ | Rolling out: 4.2111+ | Rolling out: 4.2111+ | Rolling out |
+|[Different settings for default label and mandatory labeling](#outlook-specific-options-for-default-label-and-mandatory-labeling) | Rolling out in Preview: [Beta Channel](https://office.com/insider) | 16.43.1108+ | 4.2111+ | 4.2111+ | Yes |
| **Footnotes:**
Examples:
## Require users to apply a label to their email and documents > [!IMPORTANT]
-> Also known as mandatory labeling, not all apps on all platforms currently support the policy setting of **Require users to apply a label to their email and documents**.
>
-> The [Azure Information Protection unified labeling client](/azure/information-protection/rms-client/install-unifiedlabelingclient-app) supports mandatory labeling and for labeling built in to Office apps, see the tables in the [capabilities](#support-for-sensitivity-label-capabilities-in-apps) section on this page.
+> The [Azure Information Protection unified labeling client](/azure/information-protection/rms-client/install-unifiedlabelingclient-app) supports this configuration that's also known as mandatory labeling. For labeling built in to Office apps, see the tables in the [capabilities](#support-for-sensitivity-label-capabilities-in-apps) section on this page for minimum versions.
+>
+> To use mandatory labeling for documents but not emails, see the instructions in the next section that explains how to configure Outlook-specific options.
-When this policy setting is selected, users assigned the policy must select and apply a sensitivity label under the following scenarios:
+When the policy setting **Require users to apply a label to their email and documents** is selected, users assigned the policy must select and apply a sensitivity label under the following scenarios:
- For the Azure Information Protection unified labeling client: - For documents (Word, Excel, PowerPoint): When an unlabeled document is saved or users close the document.
Set-LabelPolicy -Identity Global -AdvancedSettings @{OutlookDefaultLabel=""}
## End-user documentation -- [Apply sensitivity labels to your documents and email within Office](https://support.microsoft.com/en-us/office/apply-sensitivity-labels-to-your-files-and-email-in-office-2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9)
+- [Apply sensitivity labels to your files and email in Office](https://support.microsoft.com/en-us/office/apply-sensitivity-labels-to-your-files-and-email-in-office-2f96e7cd-d5a4-403b-8bd7-4cc636bae0f9)
+ - [Known issues with sensitivity labels in Office](https://support.microsoft.com/en-us/office/known-issues-with-sensitivity-labels-in-office-b169d687-2bbd-4e21-a440-7da1b2743edc)
-- [Known issues when you apply sensitivity labels to your Office files](https://support.microsoft.com/en-us/office/known-issues-with-sensitivity-labels-in-office-b169d687-2bbd-4e21-a440-7da1b2743edc)
+- [Automatically apply or recommend sensitivity labels to your files and emails in Office](https://support.office.com/article/automatically-apply-or-recommend-sensitivity-labels-to-your-files-and-emails-in-office-622e0d9c-f38c-470a-bcdb-9e90b24d71a1)
+ - [Known issues with automatically applying or recommending sensitivity labels](https://support.office.com/article/known-issues-with-automatically-applying-or-recommending-sensitivity-labels-451698ae-311b-4d28-83aa-a839a66f6efc)
enterprise Azure Expressroute https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/azure-expressroute.md
Still want more information? Learn how to [manage your network traffic with Azur
The following table lists the Office 365 services that are supported over ExpressRoute. Please review the [Office 365 endpoints article](./urls-and-ip-address-ranges.md) to understand which network requests for these applications require internet connectivity.
-|**Applications included**|
+| Applications included |
|:--| |Exchange Online<sup>1</sup> <br/> Exchange Online Protection<sup>1</sup> <br/> Delve<sup>1</sup> <br/> | |Skype for Business Online<sup>1</sup> <br/> Microsoft Teams <sup>1</sup> <br/> |
enterprise Ms Cloud Germany Transition Add Pre Work https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/ms-cloud-germany-transition-add-pre-work.md
If you're using
- **Office 365 in Microsoft Cloud Deutschland**, do [these steps](#general-tenant-migration-considerations). - **Custom Domains**, do [this step](#dns-entries-for-custom-domains).-
+- **Office Apps**, consider [this step](#office-apps).
- **SharePoint Online**, do [this step](#sharepoint-online). - **Exchange Online** or **Exchange Hybrid**, do [this step](#exchange-online). - **Skype for Business Online**, do [this step](#skype-for-business-online).
If the command line returns a DNS record, remove the _msoid_ CNAME from your dom
> [!NOTE] > If you are using a custom domain for Exchange Online, you'll need to have access to your DNS hosting provider. Please make sure you can access and edit your DNS settings, you'll be modifying DNS records during the migration.
+## Office Apps
+
+**Applies to**: Customers using Office Apps, especially on Windows clients <br>
+**When applied**: Any time before phase 9 starts
+
+Office 365 tenants transitioning to the region "Germany" require all users to close, sign out from Office 365 and back in for all Office desktop applications (Word, Excel, PowerPoint, Outlook, etc.) and OneDrive for Business client after the tenant migration has reached phase 9. Signing out and in, allows the Office services to obtain new authentication tokens from the global Azure AD service.
+
+This is required for all clients. To ensure a smooth migration experience, it is strongly recommended to inform and instruct all affected users in advance and at an early stage about this forthcoming activity.
+
+Customers with managed Windows clients can prepare Windows machines with the [Office Client Cutover Tool (OCCT)](https://github.com/microsoft/OCCT). The OCCT is designed to run periodically on Windows clients until the tenant reached phase 9 of the migration. When phase 9 has been reached, the OCCT will perform all necessary changes on the machine automatically without user interaction.
+
+The OCCT can be deployed on Windows clients at any time before phase 9. If the OCCT shall support the migration experience, we recommend starting the deployment as soon as possible to equip a maximum number of clients.
+ ## Active Directory Federation Services (AD FS) <!-- before phase 4 -->
enterprise Ms Cloud Germany Transition Phases https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/ms-cloud-germany-transition-phases.md
Customers with Dynamics 365 require additional engagement to migrate the organiz
## Phase 9: Office Apps
-**Applies to:** All customers using Office desktop applications (Word, Excel, PowerPoint, Outlook, ...)
+**Applies to:** All customers using Office desktop applications (Word, Excel, PowerPoint, Outlook, OneDrive ...)
+
+In this phase, all client applications and Office Online are performing the client cutover. Azure AD finalizes the tenant scope to point to the Office 365 services and the related endpoints.
Office 365 tenants transitioning to the region "Germany" require all users to close, sign out from Office 365 and back in for all Office desktop applications (Word, Excel, PowerPoint, Outlook, etc.) and OneDrive for Business client after the tenant migration has reached phase 9. Signing out and in, allows the Office services to obtain new authentication tokens from the global Azure AD service.
+In case the Office desktop applications will not work after performing signing out and signing in from the applications, we strongly recommend running the [Office Client Cutover Tool (OCCT)](https://github.com/microsoft/OCCT) on the affected machine to fix the problem.
+
+If the [Office Client Cutover Tool (OCCT)](https://github.com/microsoft/OCCT) has been deployed and scheduled on Windows clients in advance, the sign-out/sign-in procedure is not required.
+ The best user experience can be ensured by using most recent Office applications. Enterprises should consider using the Monthly Enterprise Channel. Make sure you have completed the [prework for mobile devices](ms-cloud-germany-transition-add-pre-work.md#mobile-device-management) procedure.
-| Step(s) | Description | Impact |
-|:-|:-|:-|
-| Clients, Office Online during Office client cutover, Azure AD finalizes the tenant scope to point to the Office 365 services. | This configuration change enables Office clients to update and point to the Office 365 services endpoints. | <ul><li>Notify users to close _all_ Office apps and then sign back in (or force clients to restart and users to sign in) to enable Office clients to pick up the change. </li><li>Notify users and help desk staff that users *may* see an Office banner that prompts them to reactivate Office apps within 72 hours of the cutover. </li><li>All Office applications on personal machines must be closed, and users must sign out then sign in again. In the Yellow activation bar, sign in to reactivate against Office 365 services.</li><li>Shared machines will require actions that are similar to personal machines, and won't require a special procedure. </li><li>On mobile devices, users must sign out of apps, close them, and then sign in again.</li></ul>|
-||||
+Additional considerations:
+- Notify users to close all Office apps and then sign back in (or force clients to restart and users to sign in) to enable Office clients to pick up the change.
+- Notify users and help desk staff that users may see an Office banner that prompts them to reactivate Office apps within 72 hours of the cutover.
+- All Office applications on personal machines must be closed, and users must sign out then sign in again. In the Yellow activation bar, sign in to reactivate against Office 365 services.
+- Shared machines will require actions that are similar to personal machines, and won't require a special procedure.
+- On mobile devices, users must sign out of apps, close them, and then sign in again.
## Phase 9: Line-of-business apps
managed-desktop Company Portal https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/managed-desktop/get-started/company-portal.md
This topic provides info on how to:
- Verify active sync between Intune and Microsoft Store for Business ## Step 2 - Assign Company Portal to your users
-Following your enrollment in Microsoft Managed Desktop, Microsoft Managed Desktop Operations will automatically deploy Company Portal to your tenant and install the app on Microsoft Managed Desktop devices in your organization.
+Following your enrollment in Microsoft Managed Desktop, we will automatically deploy Company Portal to your tenant and install the app on Microsoft Managed Desktop devices in your organization.
## Step 3 - Communicate change to your users As the IT administrator for your organization, itΓÇÖs important to let your users know how to use Company Portal in your organization. Microsoft Managed Desktop recommends:
As the IT administrator for your organization, itΓÇÖs important to let your user
5. [Enable Enterprise State Roaming](enterprise-state-roaming.md) 6. [Set up devices](set-up-devices.md) 7. [Get your users ready to use devices](get-started-devices.md)
-8. [Deploy apps](deploy-apps.md)
+8. [Deploy apps](deploy-apps.md)
security TOC https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/TOC.md
####### [List machines by recommendation](get-recommendation-machines.md) ####### [List vulnerabilities by recommendation](get-recommendation-vulnerabilities.md)
-###### [Remediation Activity]()
-####### [Remediation activity methods and properties](get-remediation-methods-properties.md)
-####### [Get one remediation activity by Id](get-remediation-one-activity.md)
-####### [List all remediation activities](get-remediation-all-activities.md)
-####### [List exposed devices of one remediation activity](get-remediation-exposed-devices-activities.md)
- ###### [Score]() ####### [Score methods and properties](score.md) ####### [List exposure score by machine group](get-machine-group-exposure-score.md)
security Api Release Notes https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/api-release-notes.md
The following information lists the updates made to the Microsoft Defender for E
> https://docs.microsoft.com/api/search/rss?search=%22Release+notes+for+updates+made+to+the+Microsoft+Defender+for+Endpoint+set+of+APIs%22&locale=en-us&facet=&%24filter=scopes%2Fany%28t%3A+t+eq+%27Windows+10%27%29 > ``` - ## Release notes - newest to oldest
-### 23.04.2021
--- Added new API: [Remediation activity methods and properties](get-remediation-methods-properties.md).- ### 10.02.2021 - Added new API: [Batch update alerts](batch-update-alerts.md).
security Configure Block At First Sight Microsoft Defender Antivirus https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus.md
Title: Enable block at first sight to detect malware in seconds description: Turn on the block at first sight feature to detect and block malware within seconds.
-keywords: scan, BAFS, malware, first seen, first sight, cloud, defender
+keywords: scan, block at first sight, malware, first sight, cloud, defender, antivirus
search.product: eADQiWindows 10XVcnh ms.prod: m365-security ms.mktglfcycl: manage
ms.sitesec: library
localization_priority: priority -+ Previously updated : 10/22/2020 Last updated : 04/28/2021 ms.technology: mde
ms.technology: mde
- [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/)
-Block at first sight provides a way to detect and block new malware within seconds. This protection is enabled by default when certain prerequisite settings are enabled. These settings include cloud-delivered protection, a specified sample submission timeout (such as 50 seconds), and a file-blocking level of high. In most enterprise organizations, these settings are enabled by default with Microsoft Defender Antivirus deployments.
+This article describes an antivirus/antimalware feature known as "block at first sight", and describes how to enable block at first sight for your organization.
-You can [specify how long a file should be prevented from running](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](/windows/security/threat-protection//windows-defender-security-center/wdsc-customize-contact-information.md) when a file is blocked. You can change the company name, contact information, and message URL.
+> [!TIP]
+> This article is intended for enterprise admins and IT Pros who manage security settings for organizations. If you are not an enteprise admin or IT Pro but you have questions about block at first sight, see [Not an enterprise admin or IT Pro?](#not-an-enterprise-admin-or-it-pro).
+
+## What is "block at first sight"?
+
+Block at first sight is a threat protection feature of next-generation protection that detects new malware and blocks it within seconds. Block at first sight is enabled when certain security settings are enabled. These settings include:
->[!TIP]
->Visit the Microsoft Defender for Endpoint demo website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
+- Cloud-delivered protection;
+- A specified sample submission timeout (such as 50 seconds); and
+- A file-blocking level of high.
+
+In most enterprise organizations, the settings needed to enable block at first sight are configured with Microsoft Defender Antivirus deployments.
## How it works When Microsoft Defender Antivirus encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend applies heuristics, machine learning, and automated analysis of the file to determine whether the files are malicious or not a threat.
-Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, intelligent, and real-time protection. To learn more, see this blog: [Get to know the advanced technologies at the core of Microsoft Defender for Endpoint next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
+Microsoft Defender Antivirus uses multiple detection and prevention technologies to deliver accurate, intelligent, and real-time protection.
+ ![List of Microsoft Defender AV engines](images/microsoft-defender-atp-next-generation-protection-engines.png)
-In Windows 10, version 1803 or later, block at first sight can block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
+> [!TIP]
+> To learn more, see this blog: [Get to know the advanced technologies at the core of Microsoft Defender for Endpoint next-generation protection](https://www.microsoft.com/security/blog/2019/06/24/inside-out-get-to-know-the-advanced-technologies-at-the-core-of-microsoft-defender-atp-next-generation-protection/).
-Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if the file is a previously undetected file.
+## A few things to know about block at first sight
-If the cloud backend is unable to make a determination, Microsoft Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs additional analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or safe.
+- In Windows 10, version 1803 or later, block at first sight can block non-portable executable files (such as JS, VBS, or macros) and executable files.
-In many cases, this process can reduce the response time for new malware from hours to seconds.
+- Block at first sight only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or that originate from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if the file is a previously undetected file.
+
+- If the cloud backend is unable to make a determination, Microsoft Defender Antivirus locks the file and uploads a copy to the cloud. The cloud performs more analysis to reach a determination before it either allows the file to run or blocks it in all future encounters, depending on whether it determines the file to be malicious or not a threat.
+
+- In many cases, this process can reduce the response time for new malware from hours to seconds.
+
+- You can [specify how long a file should be prevented from running](configure-cloud-block-timeout-period-microsoft-defender-antivirus.md) while the cloud-based protection service analyzes the file. And, you can [customize the message displayed on users' desktops](/windows/security/threat-protection//windows-defender-security-center/wdsc-customize-contact-information.md) when a file is blocked. You can change the company name, contact information, and message URL.
## Turn on block at first sight with Microsoft Intune
In many cases, this process can reduce the response time for new malware from ho
4. Save your settings. > [!TIP]
-> - Setting the file blocking level to **High** applies a strong level of detection. In the unlikely event that file blocking causes a false positive detection of legitimate files, you can [restore quarantined files](./restore-quarantined-files-microsoft-defender-antivirus.md).
+> - Setting the file blocking level to **High** applies a strong level of detection. In the unlikely event that file blocking causes a false positive detection of legitimate files, your security operations team can [restore quarantined files](./restore-quarantined-files-microsoft-defender-antivirus.md).
> - For more information about configuring Microsoft Defender Antivirus device restrictions in Intune, see [Configure device restriction settings in Microsoft Intune](/intune/device-restrictions-configure). > - For a list of Microsoft Defender Antivirus device restrictions in Intune, see [Device restriction for Windows 10 (and newer) settings in Intune](/intune/device-restrictions-windows-10#microsoft-defender-antivirus).
In many cases, this process can reduce the response time for new malware from ho
> [!IMPORTANT] > Setting to **Always prompt (0)** will lower the protection state of the device. Setting to **Never send (2)** means block at first sight will not function.
-4. In the MAPS section, double-click **Send file samples when further analysis is required**, and set it to **Enabled**. Under **Send file samples when further analysis is required**, select **Send all samples**, and then click **OK**.
+4. In the MAPS section, double-click **Send file samples when further analysis is required**, and set it to **Enabled**. Under **Send file samples when further analysis is required**, select **Send all samples**, and then select **OK**.
-5. If you changed any settings, redeploy the Group Policy Object across your network to ensure all endpoints are covered.
+5. Redeploy your Group Policy Object across your network as you usually do.
-## Confirm block at first sight is enabled on individual clients
+## Confirm block at first sight is enabled on individual client devices
-You can confirm that block at first sight is enabled on individual clients using Windows security settings.
-
-Block at first sight is automatically enabled as long as **Cloud-delivered protection** and **Automatic sample submission** are both turned on.
+You can confirm that block at first sight is enabled on individual client devices using the Windows Security app. Block at first sight is automatically enabled as long as **Cloud-delivered protection** and **Automatic sample submission** are both turned on.
1. Open the Windows Security app.
To validate that the feature is working, follow the guidance in [Validate connec
> [!CAUTION] > Turning off block at first sight will lower the protection state of your device(s) and your network.
-You might choose to disable block at first sight if you want to retain the prerequisite settings without actually using block at first sight protection. You might do temporarily turn block at first sight off if you are experiencing latency issues or you want to test the feature's impact on your network. However, we do not recommend disabling block at first sight protection permanently.
+You might choose to disable block at first sight if you want to retain the prerequisite settings without actually using block at first sight protection. You might temporarily turn block at first sight off to see how this feature affects your network. However, we do not recommend disabling block at first sight protection permanently.
### Turn off block at first sight with Microsoft Endpoint Manager
You might choose to disable block at first sight if you want to retain the prere
- Set **Turn on cloud-delivered protection** to **No** or **Not configured**. - Set **Cloud-delivered protection level** to **Not configured**.
- - Clear the **Defender Cloud Extended Timeout In Seconds** box.
+ - Clear the check box for **Defender Cloud Extended Timeout In Seconds**.
6. Review and save your settings. ### Turn off block at first sight with Group Policy
-1. On your Group Policy management computer, open the [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), right-click the Group Policy Object you want to configure, and then click **Edit**.
+1. On your Group Policy management computer, open the [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), right-click the Group Policy Object you want to configure, and then select **Edit**.
-2. Using the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
+2. Using the **Group Policy Management Editor** go to **Computer configuration** and select **Administrative templates**.
3. Expand the tree through **Windows components** > **Microsoft Defender Antivirus** > **MAPS**.
You might choose to disable block at first sight if you want to retain the prere
> [!NOTE] > Disabling block at first sight does not disable or alter the prerequisite group policies.
+## Not an enterprise admin or IT Pro?
+
+If you are not an enterprise admin or IT Pro, but you have questions about block at first sight, this section is for you. Block at first sight is a threat protection feature that detects and blocks malware within seconds. Although there isn't a specific setting called "Block at first sight," the feature is enabled when certain settings are configured on your device.
+
+### How to manage block at first sight on or off on your own device
+
+If you have a personal device that is not managed by an organization, you might be wondering how to turn block at first sight on or off. You can use the Windows Security app to manage block at first sight.
+
+1. On your Windows 10 computer, open the Windows Security app.
+
+2. Select **Virus & threat protection**.
+
+3. Under **Virus & threat protection settings**, select **Manage settings**.
+
+4. Take one of the following steps:
+
+ - To enable block at first sight, make sure that both **Cloud-delivered protection** and **Automatic sample submission** are both turned on.
+
+ - To disable block at first sight, turn off **Cloud-delivered protection** or **Automatic sample submission**. <br/>
+
+ > [!CAUTION]
+ > Turning off block at first sight lowers the level of protection for your device. We do not recommend permanently disabling block at first sight.
++ ## See also - [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md)--- [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md)
+- [Enable cloud-delivered protection](enable-cloud-protection-microsoft-defender-antivirus.md)
+- [Stay protected with Windows Security](https://support.microsoft.com/windows/stay-protected-with-windows-security-2ae0363d-0ada-c064-8b56-6a39afb6a963)
security Exposed Apis List https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/exposed-apis-list.md
Topic | Description
[Machine methods and properties](machine.md) | Run API calls such as \- get devices, get devices by ID, information about logged on users, edit tags and more. [Machine Action methods and properties](machineaction.md) | Run API call such as \- Isolation, Run anti-virus scan and more. [Recommendation methods and properties](recommendation.md) | Run API calls such as \- get recommendation by ID.
-[Remediation activity methods and properties](get-remediation-methods-properties.md) | Run API call such as \- get all remediation tasks, get exposed devices remediation task and get one remediation task by id.
[Score methods and properties](score.md) | Run API calls such as \- get exposure score or get device secure score. [Software methods and properties](software.md) | Run API calls such as \- list vulnerabilities by software. [User methods](user.md) | Run API calls such as \- get user-related alerts and user-related devices.
security Advanced Hunting Overview https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/advanced-hunting-overview.md
ms.technology: m365d
> Advanced hunting is a query-based threat-hunting tool that lets you explore up to 30 days of raw data. You can proactively inspect events in your network to locate threat indicators and entities. The flexible access to data enables unconstrained hunting for both known and potential threats.
-<p></p>
+<br><br>
> [!VIDEO https://www.microsoft.com/videoplayer/embed/RE4Bp7O]
This capability is similar to [advanced hunting in Microsoft Defender for Endpoi
To use advanced hunting, [turn on Microsoft 365 Defender](m365d-enable.md).
-### Before you begin
-
-Users need one of the following levels of permissions to access Microsoft Defender:
--- Full access (read and write)-- Read-only access-
-**Full access**:
-Users with full access can save, modify, and share a query. Assigning full access rights requires adding the users to the "Security Administrator" or "Global Administrator" built-in roles in Azure Active Directory (AAD).
-
-**Read-only access**:
-Users with read-only access can log in and view all alerts and related information. They will not be able to save, modify, or share a query. Assigning read-only access rights requires adding the users to the "Security Reader" built-in role in AAD.
- ## Get started with advanced hunting We recommend going through several steps to quickly get started with advanced hunting.
We recommend going through several steps to quickly get started with advanced hu
| Learning goal | Description | Resource | |--|--|--| | **Learn the language** | Advanced hunting is based on [Kusto query language](/azure/kusto/query/), supporting the same syntax and operators. Start learning the query language by running your first query. | [Query language overview](advanced-hunting-query-language.md) |
-| **Learn how to use the query results** | Learn about charts and various ways you can view or export your results. Explore how you can quickly tweak queries, drill down to get richer information, and take response actions. | - [Work with query results](advanced-hunting-query-results.md)<br>- [Take action on query results](advanced-hunting-take-action.md) |
-| **Understand the schema** | Get a good, high-level understanding of the tables in the schema and their columns. Learn where to look for data when constructing your queries. | - [Schema reference](advanced-hunting-schema-tables.md)<br>- [Transition from Microsoft Defender for Endpoint](advanced-hunting-migrate-from-mde.md) |
-| **Get expert tips and examples** | Train for free with guides from Microsoft experts. Explore collections of predefined queries covering different threat hunting scenarios. | - [Get expert training](advanced-hunting-expert-training.md)<br>- [Use shared queries](advanced-hunting-shared-queries.md)<br>- [Go hunt](advanced-hunting-go-hunt.md)<br>- [Hunt for threats across devices, emails, apps, and identities](advanced-hunting-query-emails-devices.md) |
-| **Optimize queries and handle errors** | Understand how to create efficient and error-free queries. | - [Query best practices](advanced-hunting-best-practices.md)<br>- [Handle errors](advanced-hunting-errors.md) |
-| **Create custom detection rules** | Understand how you can use advanced hunting queries to trigger alerts and take response actions automatically. | - [Custom detections overview](custom-detections-overview.md)<br>- [Custom detection rules](custom-detection-rules.md) |
+| **Learn how to use the query results** | Learn about charts and various ways you can view or export your results. Explore how you can quickly tweak queries, drill down to get richer information, and take response actions. | - [Work with query results](advanced-hunting-query-results.md)<br /> - [Take action on query results](advanced-hunting-take-action.md) |
+| **Understand the schema** | Get a good, high-level understanding of the tables in the schema and their columns. Learn where to look for data when constructing your queries. | - [Schema reference](advanced-hunting-schema-tables.md) <br />- [Transition from Microsoft Defender for Endpoint](advanced-hunting-migrate-from-mde.md) |
+| **Get expert tips and examples** | Train for free with guides from Microsoft experts. Explore collections of predefined queries covering different threat hunting scenarios. | - [Get expert training](advanced-hunting-expert-training.md) <br />- [Use shared queries](advanced-hunting-shared-queries.md) <br />- [Go hunt](advanced-hunting-go-hunt.md) <br />- [Hunt for threats across devices, emails, apps, and identities](advanced-hunting-query-emails-devices.md) |
+| **Optimize queries and handle errors** | Understand how to create efficient and error-free queries. | - [Query best practices](advanced-hunting-best-practices.md)<br />- [Handle errors](advanced-hunting-errors.md) |
+| **Create custom detection rules** | Understand how you can use advanced hunting queries to trigger alerts and take response actions automatically. | - [Custom detections overview](custom-detections-overview.md) <br />- [Custom detection rules](custom-detection-rules.md) |
## Get access
-To use advanced hunting or other [Microsoft 365 Defender](microsoft-365-defender.md) capabilities, you need an appropriate role in Azure Active Directory. Also, your access to endpoint data is determined by role-based access control (RBAC) settings in Microsoft Defender for Endpoint. [Read about managing access to Microsoft 365 Defender](m365d-permissions.md)
+To use advanced hunting or other [Microsoft 365 Defender](microsoft-365-defender.md) capabilities, you need an appropriate role in Azure Active Directory. [Read about required roles and permissions for advanced hunting](custom-roles.md).
+
+Also, your access to endpoint data is determined by role-based access control (RBAC) settings in Microsoft Defender for Endpoint. [Read about managing access to Microsoft 365 Defender](m365d-permissions.md).
+ ## Data freshness and update frequency Advanced hunting data can be categorized into two distinct types, each consolidated differently.