| Category | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| microsoft-365-copilot-privacy | Microsoft 365 Copilot Privacy | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/microsoft-365-copilot-privacy.md | description: "Learn how Microsoft Copilot for Microsoft 365 uses data and how it -+ ms.localizationpriority: high |
| admin | Compare Groups | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/create-groups/compare-groups.md | Title: Compare types of groups in Microsoft 365 Previously updated : 07/18/2023 Last updated : 05/22/2024 f1.keywords: CSH |
| admin | Manage Plugins For Copilot In Integrated Apps | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/manage/manage-plugins-for-copilot-in-integrated-apps.md | Microsoft Copilot for Microsoft 365 is a new experience inside Microsoft 365 tha ## Overview -Extensions or plugins enhance the functionality of Copilot by adding search capabilities, custom actions, connectors, and APIs. GPTs are custom versions of Copilot that combine instructions, knowledge, and skills to perform specific tasks or scenarios. +Extensions enhance the functionality of Copilot by adding search capabilities, custom actions, connectors, and APIs. *Declarative copilots* are custom versions of Copilot for Microsoft 365 that combine instructions, knowledge, and skills to perform specific tasks or scenarios. -Microsoft Copilot Studio (MCS) is a low code development platform that offers a graphical environment to build GPTs and extensions tailored to the internal needs of an organization. Copilot Studio enables developers and makers to create and test their applications in a user-friendly interface. +Microsoft Copilot Studio (MCS) is a low code development platform that offers a graphical environment to build declarative copilots and other extensions tailored to the internal needs of an organization. Copilot Studio enables developers and makers to create and test their applications in a user-friendly interface. However, before these applications can become accessible to end users, they need to undergo a streamlined process of submission and approval. To learn more, see [Publish extensions for Copilot](#publish-extensions-for-copilot). |
| bookings | Custom Domain Support | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/custom-domain-support.md | Title: "Custom domain support in Shared Bookings" Previously updated : 11/21/2022 Last updated : 05/23/2024 audience: Admin |
| bookings | Delete Calendar | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/delete-calendar.md | Title: "Delete a Shared Booking page" Previously updated : 06/18/2020 Last updated : 05/23/2024 audience: Admin |
| bookings | Granular Controls Shared Bookings | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/granular-controls-shared-bookings.md | + + Title: "Manage granular controls for Shared Bookings" +++ Last updated : 05/23/2024+audience: Admin ++++ms.localizationpriority: medium ++- Tier1 +- scotvorg +- essentials-manage +description: "Configure settings to control who can use Shared Bookings." +++# Manage granular controls for Shared Bookings ++Shared Bookings offers granular controls, which allows administrators to manage various aspects of bookings. This article guides you on how to configure settings to control who can use Shared Bookings and decide what information is shared. You can also set staff approval requirements, and enforce naming policies. ++## Accessing Shared Bookings Settings ++Access the granular controls for Shared Bookings. ++1. Go to the Microsoft 365 admin center and go to **Settings** \> **Org settings** \> **Bookings**. ++> [!NOTE] +> Changes to tenant settings may take up to four hours to apply. ++## Configuring Shared Bookings Settings ++Here are the different settings you can configure: ++1. **Block shared bookings from outside your organization:** This setting restricts bookings to only authenticated users within your organization. +2. **Block social sharing options:** Control how booking pages are shared on social networks. +3. **Block sharing staff details with customers:** Prevent staff contact information from being sent to customers via email or other communication methods. +4. **Require staff approvals before sharing free/busy information:** Enable this setting to require employees to opt-in before their availability information is shared through Bookings and before they can be bookable through a shared booking page. Staff receives an email with a link to approve or reject the request. +5. **Allow Microsoft to send SMS messages:** Set up shared booking pages to send reminders and information customers might need for a meeting or appointment. +6. **Disable direct search engine indexing:** Hide your shared booking page from search results on Google, Bing, or other search engines. +7. **Enforce naming policy for shared booking pages alias:** This setting allows administrators to define a Prefix and Suffix for all calendars. When enabled, these rules are enforced across all calendars. Enforcement won't impact existing shared booking pages unless their business information is modified. SMTP addresses of existing calendars won't be affected. +8. **Restrict collection of customer data:** For compliance reasons, you may not want to collect some customer information. Select the checkboxes for any options you want to restrict, and these fields won't be included on any forms shown to your clients or customers. ++By configuring the granular controls for Shared Bookings, you can enhance the security and privacy of your organization's booking pages. Make sure to review and adjust these settings periodically to ensure that they align with your organization's requirements and policies. |
| bookings | Reporting Info | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/reporting-info.md | Title: "View Bookings calendar information" + Title: "Reporting information for Shared Bookings" -# Reporting info for Bookings +# Reporting information for Shared Bookings -You can now see a four month view of your Bookings calendar in a TSV file. The TSV file will show you four months of data, but you can select different four month periods over the course of a year. +You can now see a four month view of your shared booking page in a TSV file. The TSV file will show you four months of data, but you can select different four month periods over the course of a year. -This appointment level information can be used to visualize the customer activity around your Bookings calendar. TSV files are tab separated value files. You can view or edit a file like this with any text editor or spreadsheet program, such as Excel. +This appointment level information can be used to visualize the customer activity around your shared booking page. TSV files are tab separated value files. You can view or edit a file like this with any text editor or spreadsheet program, such as Excel. -## See four months of Booking activity +## See four months of Shared Bookings activity 1. In Microsoft 365, select the App launcher, and then select **Bookings**. -1. On the Bookings home page, select **Export**. +1. On the Shared Bookings home page, select **Export**. 1. On the **Export recent data** page, select your date range and select **Export**. 1. Save the file with a new name, and specify .xls or xlsx format. -1. Open the file to see the four month view of your Bookings calendar. +1. Open the file to see the four month view of your shared booking page. 1. Choose the date for your report and select **Export**. |
| bookings | Turn Bookings On Or Off | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/turn-bookings-on-or-off.md | Title: "Turn on or off Shared Bookings for organization" Previously updated : 09/13/2023 Last updated : 05/23/2024 audience: Admin |
| enterprise | Microsoft 365 Network Connectivity Principles | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/microsoft-365-network-connectivity-principles.md | Title: Microsoft 365 network connectivity principles Previously updated : 10/26/2023 Last updated : 05/23/2024 audience: Admin In this article, you'll learn about: ## Microsoft 365 architecture <a name="BKMK_Architecture"> </a> -Microsoft 365 is a distributed Software-as-a-Service (SaaS) cloud that provides productivity and collaboration scenarios through a diverse set of micro-services and applications. Examples include Exchange Online, SharePoint Online, Skype for Business Online, Microsoft Teams, Exchange Online Protection, Office in a browser, and many others. While specific Microsoft 365 applications might have their unique features as it applies to customer network and connectivity to the cloud, they all share some key principals, goals, and architecture patterns. These principles and architecture patterns for connectivity are typical for many other SaaS clouds. At the same time, they're different from the typical deployment models of Platform-as-a-Service and Infrastructure-as-a-Service clouds, such as Microsoft Azure. - +Microsoft 365 is a distributed Software-as-a-Service (SaaS) cloud that provides productivity and collaboration scenarios through a diverse set of micro-services and applications. Examples include Exchange Online, SharePoint Online, Microsoft Teams, Exchange Online Protection, Office in a browser, and many others. While specific Microsoft 365 applications might have their unique features as it applies to customer network and connectivity to the cloud, they all share some key principals, goals, and architecture patterns. These principles and architecture patterns for connectivity are typical for many other SaaS clouds. At the same time, they're different from the typical deployment models of Platform-as-a-Service and Infrastructure-as-a-Service clouds, such as Microsoft Azure. + One of the most significant architectural features of Microsoft 365 (that is often missed or misinterpreted by network architects) is that it's a truly global distributed service, in the context of how users connect to it. The location of the target Microsoft 365 tenant is important to understand the locality of where customer data is stored within the cloud. However, the user experience with Microsoft 365 doesn't involve connecting directly to disks containing the data. The user experience with Microsoft 365 (including performance, reliability, and other important quality characteristics) involves connectivity through highly distributed service front doors that are scaled out across hundreds of Microsoft locations worldwide. In most cases, the best user experience is achieved by allowing the customer network to route user requests to the closest Microsoft 365 service entry point. This is preferable rather than connecting to Microsoft 365 through an egress point in a central location or region. For most customers, Microsoft 365 users are distributed across many locations. To achieve the best results, the principles outlined in this document should be looked at from the scale-out (not scale-up) point of view. While also focusing on optimizing connectivity to the nearest point of presence in the Microsoft Global Network, not to the geographic location of the Microsoft 365 tenant. In essence, this means that even though Microsoft 365 tenant data might be stored in a specific geographic location, Microsoft 365 experience for that tenant remains distributed. It can be present in very close (network) proximity to every end-user location that the tenant has. Microsoft 365 administrators can create PAC (Proxy Automatic Configuration) scri #### Microsoft 365 security features <a name="BKMK_WebSvc"> </a> -Microsoft is transparent about datacenter security, operational security, and risk reduction around Microsoft 365 servers and the network endpoints that they represent. Microsoft 365 built-in security features are available for reducing network security risk, such as Microsoft Purview Data Loss Prevention, Anti-Virus, multifactor authentication, Customer Lockbox, Defender for Office 365, Microsoft 365 Threat Intelligence, Microsoft 365 Secure Score, Exchange Online Protection, and Network DDOS Security. - +Microsoft is transparent about datacenter security, operational security, and risk reduction around Microsoft 365 servers and the network endpoints that they represent. Microsoft 365 built-in security features are available for reducing network security risk, such as Microsoft Purview Data Loss Prevention, antivirus, Multifactor Authentication, Customer Lockbox, Defender for Office 365, Microsoft 365 Threat Intelligence, Microsoft 365 Secure Score, Exchange Online Protection, and Network DDOS Security. + For more information on Microsoft datacenter and Global Network security, see the [Microsoft Trust Center](https://www.microsoft.com/trustcenter/security). ## Optimizing connectivity to Microsoft 365 services <a name="BKMK_OptmizeConnectivity"> </a> Microsoft 365 services are a collection of dynamic, interdependent, and deeply integrated products, applications, and services. When configuring and optimizing connectivity to Microsoft 365 services, it is not feasible to link specific endpoints (domains) with a few Microsoft 365 scenarios to implement allow-listing at the network level. Microsoft does not support selective allow-listing as it causes connectivity and service incidents for users. Network administrators should therefore always apply Microsoft 365 guidelines for network allow-listing and common network optimizations to the full set of required network endpoints (domains) that are [published](microsoft-365-ip-web-service.md) and updated regularly. While we are simplifying Microsoft 365 network endpoints in response to customer feedback, network administrators should be aware of the following core patterns in the existing set of endpoints today: - - Where possible, the published domain endpoints will include wildcards to significantly lower the network configuration effort for customers. +- Where possible, the published domain endpoints will include wildcards to significantly lower the network configuration effort for customers. - Microsoft 365 announced a domain consolidation initiative (cloud.microsoft), providing customers a way to simplify their network configurations and automatically accrue network optimizations for this domain to many current and future Microsoft 365 services. - Exclusive use of cloud.microsoft root domain for security isolation and specific functions. This enables customer network and security teams to trust Microsoft 365 domains, while improving connectivity to those endpoints and avoiding unnecessary network security processing. - Certain endpoint definitions specify unique IP prefixes corresponding to their domains. This feature supports customers with intricate network structures, enabling them to apply precise network optimizations by utilizing IP prefix details. The following network configurations are recommended for all **ΓÇ£RequiredΓÇ¥** Microsoft 365 network endpoints (domains) and categories:- - Explicitly permitting Microsoft 365 network endpoints in the network devices and services that user connections go through (e.g., network perimeter security devices like proxies, firewalls, DNS, cloud-based network security solutions, etc.) +- Explicitly permitting Microsoft 365 network endpoints in the network devices and services that user connections go through (e.g., network perimeter security devices like proxies, firewalls, DNS, cloud-based network security solutions, etc.) - Bypass Microsoft 365 domains from TLS decryption, traffic interception, deep packet inspection, and network packet and content filtering. Note that many outcomes that customers are using these network technologies for in the context of untrusted/unmanaged applications can be achieved by Microsoft 365 security features natively. - Direct internet access should be prioritized for the Microsoft 365 domains by reducing reliance on wide area network (WAN) backhauling, avoiding network hairpins, and enabling a more efficient internet egress local to the users and directly to the Microsoft network. - Ensure that DNS name resolution occurs close to the network egress to ensure that connections are served through the most optimal Microsoft 365 front door. Customers with complex network topologies, implementing network optimizations li ### Additional network considerations When optimizing connectivity to Microsoft 365, certain network configurations may have a negative impact on Microsoft 365 availability, interoperability, performance, and user experience. Microsoft has not tested the following network scenarios with our services, and they are known to cause connectivity issues.- - TLS termination or deep packet inspection of any M365 domains with customer proxies or other types of network devices or services. +- TLS termination or deep packet inspection of any M365 domains with customer proxies or other types of network devices or services. - Blocking specific protocols or protocol versions such as QUIC, WebSocketΓÇÖs, etc. by intermediate network infrastructure or service. - Forcing downgrade or failover of protocols (such as UDP --> TCP, TLS1.3 --> TLS1.2 --> TLS1.1) used between client applications and Microsoft 365 services. - Routing connections through network infrastructure applying its own authentication such as proxy authentication. Microsoft offers a wide range of Microsoft 365 security features and provides pr - **Use Customer Lockbox** As a Microsoft 365 admin, you can use Customer Lockbox to control how a Microsoft support engineer accesses your data during a help session. In cases where the engineer requires access to your data to troubleshoot and fix an issue, Customer Lockbox allows you to approve or reject the access request. -- **Use Office 365 Secure Score**- A security analytics tool that recommends what you can do to further reduce risk. Secure Score looks at your Microsoft 365 settings and activities and compares them to a baseline established by Microsoft. You get a score based on how aligned you are with best security practices. +- **Use Secure Score** +A security analytics tool that recommends what you can do to further reduce risk. Secure Score looks at your Microsoft 365 settings and activities and compares them to a baseline established by Microsoft. You get a score based on how aligned you are with best security practices. A holistic approach to enhanced security should include consideration of the following: The methods you'll use to optimize Microsoft 365 traffic varies depending on you You can approach optimization as an incremental process, applying each method successively. The following table lists key optimization methods in order of their effect on latency and reliability for the largest number of users. -|**Optimization method**|**Description**|**Impact**| +| Optimization method | Description | Impact | |:--|:--|:--|-|Local DNS resolution and Internet egress <br/> |Provision local DNS servers in each location and ensure that Microsoft 365 connections egress to the Internet as close as possible to the user's location. <br/> | Minimize latency <br/> Improve reliable connectivity to the closest Microsoft 365 entry point <br/> | -|Add regional egress points <br/> |If your corporate network has multiple locations but only one egress point, add regional egress points to enable users to connect to the closest Microsoft 365 entry point. <br/> | Minimize latency <br/> Improve reliable connectivity to the closest Microsoft 365 entry point <br/> | -|Bypass proxies and inspection devices <br/> |Configure browsers with PAC files that send Microsoft 365 requests directly to egress points. <br/> Configure edge routers and firewalls to permit Microsoft 365 traffic without inspection. <br/> | Minimize latency <br/> Reduce load on network devices <br/> | -|Enable direct connection for VPN users <br/> |For VPN users, enable Microsoft 365 connections to connect directly from the user's network rather than over the VPN tunnel by implementing split tunneling. <br/> | Minimize latency <br/> Improve reliable connectivity to the closest Microsoft 365 entry point <br/> | -|Migrate from traditional WAN to SD-WAN <br/> |SD-WANs (Software Defined Wide Area Networks) simplify WAN management and improve performance by replacing traditional WAN routers with virtual appliances, similar to the virtualization of compute resources using virtual machines (VMs). <br/> | Improve performance and manageability of WAN traffic <br/> Reduce load on network devices <br/> | +|Local DNS resolution and Internet egress |Provision local DNS servers in each location and ensure that Microsoft 365 connections egress to the Internet as close as possible to the user's location. | Minimize latency <br/> Improve reliable connectivity to the closest Microsoft 365 entry point | +|Add regional egress points |If your corporate network has multiple locations but only one egress point, add regional egress points to enable users to connect to the closest Microsoft 365 entry point. | Minimize latency <br/> Improve reliable connectivity to the closest Microsoft 365 entry point | +|Bypass proxies and inspection devices |Configure browsers with PAC files that send Microsoft 365 requests directly to egress points. <br/> Configure edge routers and firewalls to permit Microsoft 365 traffic without inspection. | Minimize latency <br/> Reduce load on network devices | +|Enable direct connection for VPN users |For VPN users, enable Microsoft 365 connections to connect directly from the user's network rather than over the VPN tunnel by implementing split tunneling. | Minimize latency <br/> Improve reliable connectivity to the closest Microsoft 365 entry point | +|Migrate from traditional WAN to SD-WAN |SD-WANs (Software Defined Wide Area Networks) simplify WAN management and improve performance by replacing traditional WAN routers with virtual appliances, similar to the virtualization of compute resources using virtual machines (VMs). | Improve performance and manageability of WAN traffic <br/> Reduce load on network devices | ## Related articles |