+> [!IMPORTANT]

+> A minimum of 30 NPS survey submissions is required from your end-users before you can see NPS survey insights.

+ Title: "Bookings in Outlook"

+audience: Admin

+ms.localizationpriority: medium

+ROBOTS: NO INDEX, NO FOLLOW

+description: "Use Bookings in Outlook to let others schedule meetings with you in Outlook."

+# Bookings in Outlook

+Bookings in Outlook is a web-based personal scheduling page that integrates with the free/busy information from your Outlook calendar. Bookings in Outlook lets people schedule a meeting or appointment with you. You can create custom meeting types to share with others so they can easily schedule time with you based on your availability and preferences. You both get an email confirmation and attendees can update or cancel scheduled meetings with you from your Bookings in Outlook page.

+> [!NOTE]

+> Bookings in Outlook is only available in preview.

+Bookings in Outlook has two different views:

+- **Organizer view** A personal booking page where you can create meeting types that others can book with you. Custom meeting types give you the ability to customize when you want to meet and how that meeting type is shared with others. You control whether each meeting type is public to your scheduling page or is private and can only be accessed by a select group of people. You can also choose to add a Teams meeting to all meetings booked through your Bookings in Outlook page. You can access your Bookings in Outlook page through Outlook on the web or by going to [https://outlook.office.com/bookwithme/](https://outlook.office.com/bookwithme/). After you set up your page and publish it, you can share it with others. For example, you can add it to your Outlook signature.

+- **Scheduling view** When you share your Bookings in Outlook page with others, they will see the scheduling view. Which meetings are shown in the scheduling view depends on if you shared the link to your Bookings in Outlook page with public meetings or you shared a private link for an individual meeting.

+ - Public meetings can be viewed and scheduled by anyone that has your Bookings in Outlook page link. You are in control of who you share that link with. All public meeting types will be visible to anyone that has your Bookings in Outlook page link.

+ - Private meetings can only be viewed by people who have the link for that meeting type. The difference between public meetings and private meetings is private meetings can have different links and the links expire after 90 days. You can also set private links to expire after a one-time booking. When accessing the scheduling view for a private meeting, only that meeting type will be visible.

+## Before you begin

+Bookings in Outlook is available in the following subscriptions:

+- Office 365: A3, A5, E1, E3, E5, F1, F3

+- Microsoft 365: A3, A5, E1, E3, E5, F1, F3, Business Basic, Business Standard, Business Premium

+Bookings in Outlook is on by default for users with these subscriptions.

+For more information, see the [Bookings in Outlook Microsoft 365 Roadmap item](https://go.microsoft.com/fwlink/?linkid=328648).

+## Turn Bookings in Outlook on or off

+Bookings in Outlook can be turned on or off for your entire organization or specific users. When Bookings in Outlook is turned on, users can create a Bookings in Outlook page and share links with others inside or outside your organization.

+### Turn Bookings in Outlook on or off for your organization using PowerShell

+You'll need to run the following commands using Exchange Online PowerShell. For more information on running Exchange Online cmdlets, see [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell). To turn Bookings in Outlook on or off for your organization using the PowerShell cmdlet [Set-OrganizationConfig](/powershell/module/exchange/set-organizationconfig), [Connect to Exchange Online PowerShell](/powershell/exchange/connect-to-exchange-online-powershell) and run the following commands.

+Use the **Get-OrganizationConfig** and **Set-OrganizationConfig** commands to find out the status and turn Bookings in Outlook on or off for your organization.

+> [!NOTE]

+> It usually takes about 30 to 60 minutes for Set-OrganizationConfig commands to take effect for your users.

+1. Check EWS control access by running the following command.

+ ```PowerShell

+ Get-Organizationconfig | Format-List EwsEnabled

+ ```

+ If the command returns ΓÇ£EwsEnabled: **$true**" then proceed to Step 2.

+ If the command returns ΓÇ£EwsEnabled:" (empty is default), then enable and proceed to Step 2.

+ ```PowerShell

+ Set-OrganizationConfig -EwsEnabled: $true

+ ```

+2. Check your EwsApplicationAccessPolicy by running the following command:

+ ```PowerShell

+ Get-OrganizationConfig | Format-List EwsApplicationAccessPolicy,Ews*List

+ ```

+ **A**. If the value of **EwsApplicationAccessPolicy** is **EnforceAllowList**, only the applications specified in **EwsAllowList** are allowed to access EWS and REST.

+ - To turn off Bookings in Outlook for your organization, remove **MicrosoftOWSPersonalBookings**, if present, from **EwsAllowList** by running the following command:

+ ```PowerShell

+ Set-OrganizationConfig - EwsAllowList @{Remove="MicrosoftOWSPersonalBookings"}

+ ```

+ - To turn on Bookings in Outlook for your organization, add **MicrosoftOWSPersonalBookings** to **EwsAllowList** by running the following command:

+ ```PowerShell

+ Set-OrganizationConfig - EwsAllowList @{Add="MicrosoftOWSPersonalBookings"}

+ ```

+ **B**. If the value of **EwsApplicationAccessPolicy** is **EnforceBlockList**, all applications are allowed to access EWS and REST, except those specified in **EwsBlockList**.

+ - To turn off Bookings in Outlook for your organization, add **MicrosoftOWSPersonalBookings** by running the following command:

+ ```PowerShell

+ Set-OrganizationConfig -EwsBlockList @{Add="MicrosoftOWSPersonalBookings"}

+ ```

+ - To turn on Bookings in Outlook if blocked, remove **MicrosoftOWSPersonalBookings** by running the following command:

+ ```PowerShell

+ Set-OrganizationConfig -EwsBlockList @{Remove="MicrosoftOWSPersonalBookings"}

+ ```

+ **C**. If the value of **EwsApplicationAccessPolicy** is empty, all applications are allowed to access EWS and REST.

+ - To turn off Bookings in Outlook for your organization set the **EnforceBlockList** policy and add **MicrosoftOWSPersonalBookings** to the block list by running the following command:

+ ```PowerShell

+ Set-OrganizationConfig -EwsApplicationAccessPolicy EnforceBlockList -EwsBlockList @{Add="MicrosoftOWSPersonalBookings"}

+ ```

+### Turn Bookings in Outlook off or on for individual users

+Use the **Get-CASMailbox** and **Set-CASMailbox** commands to check user status and turn Bookings in Outlook on or off for individual users in your organization.

+1. Check individualΓÇÖs EwsApplicationAccessPolicy by running the following command:

+ ```PowerShell

+ Get-CASMailbox -Identity adam@contoso.com | Format-List EwsEnabled

+ ```

+ **A**. If the command returns "**EwsEnabled: $true**", then proceed to Step 2.

+2. Check the individualΓÇÖs **EwsApplicationAccessPolicy** by running the following command:

+ ```PowerShell

+ Get-CASMailbox -Identity adam@contoso.com| Format-List EwsApplicationAccessPolicy,Ews*List

+ ```

+ **A**. If the value of **EwsApplicationAccessPolicy** is **EnforceAllowList**, only the applications specified in EwsAllowList are allowed to access EWS and REST.

+ - To turn off Bookings in Outlook for this user, remove **MicrosoftOWSPersonalBookings**, if present from **EwsAllowList** by running the following command:

+ ```PowerShell

+ Set-CASMailbox -Identity adam@contoso.com - EwsAllowList @{Remove="MicrosoftOWSPersonalBookings"}

+ ```

+ - Turn on Bookings in Outlook for this user, add **MicrosoftOWSPersonalBookings** to **EwsAllowList** by running the following command:

+ ```PowerShell

+ Set-CASMailbox -Identity adam@contoso.com - EwsAllowList @{Add="MicrosoftOWSPersonalBookings"}

+ ```

+ **B**. If the value of **EwsApplicationAccessPolicy** is **EnforceBlockList**, all applications are allowed to access EWS and REST, except those specified in **EwsBlockList**.

+ - To turn off Bookings in Outlook for this user, add **MicrosoftOWSPersonalBookings** to **EnforceBlockList** by running the following command:

+ ```PowerShell

+ Set-CASMailbox -Identity adam@contoso.com -EwsApplicationAccessPolicy  EnforceBlockList @{Add="MicrosoftOWSPersonalBookings"}

+ ```

+ - To turn on Bookings in Outlook for this user, remove **MicrosoftOWSPersonalBookings**, if present from EnforceBlockList by running the following command:

+ ```PowerShell

+ Set-CASMailbox -Identity adam@contoso.com -EwsBlockList @{Remove="MicrosoftOWSPersonalBookings"}

+ ```

+ **C**. If the value of EwsApplicationAccessPolicy is empty, all applications are allowed to access EWS and REST.

+ - To turn off Bookings in Outlook for this user, set the **EnforceBlockList** policy and add **MicrosoftOWSPersonalBookings** to EWSBlockList by running the following command:

+ ```PowerShell

+ Set-CASMailbox -Identity Adam -EwsApplicationAccessPolicyΓÇ» EnforceBlockList -EWSBlockList @{Add="MicrosoftOWSPersonalBookings"}

+ ```

+For more information, see [Set-OwaMailboxPolicy](/powershell/module/exchange/set-owamailboxpolicy).

+- In an Exchange hybrid deployment, you can't use the Content search tool to search emails in on-premises mailboxes. You can only use the tool to search cloud-based mailboxes.

+- In an Exchange hybrid deployment, you can search for Teams chat data in on-premises mailboxes. For more information, see [Teams chat data for on-premises users](/microsoft-365/compliance/search-cloud-based-mailboxes-for-on-premises-users?view=o365-worldwide).

+ - **I want to specify SharePoint sites, sensitivity labels, sensitive information types and/or file extensions as priority content**. Selecting this option will enable detail pages in the wizard to configure these channels.

+11. If you've selected **I want to specify SharePoint sites, sensitivity labels, sensitive information types and/or file extensions as priority content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, *sensitivity labels* and *file extensions*. Use these detail pages to define the SharePoint, sensitive info types, sensitivity labels, and file extensions to prioritize in the policy.

+ - File extensions: Add up to 50 file extensions. You can include or omit the '.' with the file extension. For example, *.py* or *py* would prioritize Python files.

+17. If you've selected **Use custom thresholds for the triggering events**, for each triggering event indicator that you selected in Step 13, choose the appropriate level to generate the desired level of activity alerts. You can use the recommended thresholds, custom thresholds, or thresholds based on anomalous activities (for certain indicators) above the daily norm for users.

+Insider risk management policies support specifying a higher priority for content depending on where it's stored, the type of content, or how it's classified. Specifying content as a priority increases the risk score for any associated activity, which in turn increases the chance of generating a high severity alert. However, some activities won't generate an alert at all unless the related content contains built-in or custom sensitive info types or was specified as a priority in the policy.

+- **File extensions**: Any activity associated with content that has specific file extensions. Users configuring a data theft/leak policy that select **File extensions to prioritize** in the policy wizard can define up to 50 file extensions to prioritize in the policy. Entered extensions can include or omit a '.' as the first character of the prioritized extension.

+11. If you've selected **I want to specify SharePoint sites, sensitivity labels, sensitive information types, and/or file extensions as priority content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, *sensitivity labels* and *file extensions*. Use these detail pages to define the SharePoint, sensitive info types, and sensitivity labels to prioritize in the policy.

+ - **File extensions**: Add up to 50 file extensions. You can include or omit the '.' with the file extension. For example, *.py* or *py* would prioritize Python files.

+ - **I want to specify SharePoint sites, sensitivity labels, sensitive information types, and/or file extensions as priority content**. Selecting this option will enable detail pages in the wizard to configure these channels.

+11. If you've selected **I want to specify SharePoint sites, sensitivity labels, and/or sensitive information types as priority content** in the previous step, you'll see the detail pages for *SharePoint sites*, *sensitive info types*, and *sensitivity labels*. Use these detail pages to define the SharePoint, sensitive info types, and sensitivity labels to prioritize in the policy.

+ - **File extensions**: Add up to 50 file extensions. You can include or omit the '.' with the file extension. For example, *.py* or *py* would prioritize Python files.

+- [Privacy](#privacy)

+- [Indicators](#indicators)

+- [Policy timeframes](#policy-timeframes)

+- [Intelligent detections](#intelligent-detections)

+- [Export alerts](#export-alerts)

+- [Priority user groups (preview)](#priority-user-groups-preview)

+- [Priority physical assets (preview)](#priority-physical-assets-preview)

+- [Power Automate flows (preview)](#power-automate-flows-preview)

+- [Microsoft Teams (preview)](#microsoft-teams-preview)

+- [Analytics](#analytics)

+- [Admin notifications](#admin-notifications)

+- **Device indicators**: These include policy indicators for activity such as sharing files over the network or with devices. Indicators include activities involving all file types, excluding executable (.exe) and dynamic link library (.dll) file activity. If you select *Device indicators*, activity is processed for devices with Windows 10 Build 1809 or higher and macOS (Catalina 10.15 or later) devices. For both Windows and macOS devices, you must first onboard devices to the compliance portal. Device indicators also include browser signal detection to help your organization detect and act on exfiltration signals for non-executable files viewed, copied, shared, or printed in Microsoft Edge and Google Chrome. For more information on configuring Windows devices for integration with insider risk, see the following [Enable device indicators and onboard Windows devices](insider-risk-management-settings.md#OnboardDevices) section in this article. For more information on configuring macOS devices for integration with insider risk, see the following Enable device indicators and onboard macOS devices section in this article. For more information about browser signal detection, see [Learn about and configure insider risk management browser signal detection](insider-risk-management-browser-support.md).

+2. Open the compliance portal settings page and choose **Onboard devices**.

+2. Open the compliance portal settings page and choose **Enable device monitoring**.

+For example, you decide to enable SharePoint indicators in the insider risk policy settings and to **set custom thresholds** for SharePoint events when configuring indicators for a new insider risk *Data leaks* policy. While in the insider risk policy wizard, you configure three different daily event levels for each SharePoint indicator to influence the risk score for alerts associated with these events.

+Another option for policy thresholds is to assign the policy triggering event to activity that is above the usual amount of daily activity for users. Instead of being defined by specific threshold settings, each threshold is dynamically customized for anomalous activities detected for in-scope policy users. If threshold activity for anomalous activities is supported for an individual indicator, you can select **Activity is above user's usual activity for the day** in the policy wizard for that indicator. If this option isn't listed, anomalous activity triggering isn't available for the indicator. If the **Activity is above user's usual activity for the day** option is listed for an indicator, but not selectable, you need to enable this option in **Insider risk settings** > **Policy indicators**.

+- Send a notification email when the first alert is generated for a new policy. Policies are checked every 24 hours for first-time alerts and notifications aren't sent on subsequent alerts for the policy.

+> [!TIP]

+> Looking to map and manage your data across your entire data estate, including multi-cloud, and software-as-a-service (SaaS)? Use [Microsoft Purview Data Map, Microsoft Purview Data Catalog, and Microsoft Purview Data Estate Insights](/azure/purview/overview).

+ > You have to be assigned the appropriate permissions to access the **Import** page in the compliance portal to create an import job. See the **Before you import PST files** section for more information.

+|**Last updated:** 04/28/2022 -  [Change Log subscription](https://endpoints.office.com/version/USGOVDoD?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVDoD?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|

+Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This lets customers who don't yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you're using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.

+Endpoint data below lists requirements for connectivity from a user's machine to Office 365. It doesn't include network connections from Microsoft into a customer network, sometimes called hybrid or inbound network connections. For more information, see [Additional endpoints not included in the web service](additional-office365-ip-addresses-and-urls.md).

+- **Category**: Shows whether the endpoint set is categorized as "Optimize", "Allow", or "Default". You can read about these categories and guidance for management of them at [https://aka.ms/pnc](./microsoft-365-network-connectivity-principles.md). This column also lists which endpoint sets are required to have network connectivity. For endpoint sets that aren't required to have network connectivity, we provide notes in this field to indicate what functionality would be missing if the endpoint set is blocked. If you're excluding an entire service area, the endpoint sets listed as required don't require connectivity.

+|**Last updated:** 04/28/2022 -  [Change Log subscription](https://endpoints.office.com/version/USGOVGCCHigh?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|**Download:** the full list in [JSON format](https://endpoints.office.com/endpoints/USGOVGCCHigh?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)|

+ Start with [Managing Office 365 endpoints](managing-office-365-endpoints.md) to understand our recommendations for managing network connectivity using this data. Endpoints data is updated as needed at the beginning of each month with new IP Addresses and URLs published 30 days in advance of being active. This lets customers who don't yet have automated updates to complete their processes before new connectivity is required. Endpoints may also be updated during the month if needed to address support escalations, security incidents, or other immediate operational requirements. The data shown on this page below is all generated from the REST-based web services. If you're using a script or a network device to access this data, you should go to the [Web service](microsoft-365-ip-web-service.md) directly.

+- **Category**: Shows whether the endpoint set is categorized as ΓÇ£OptimizeΓÇ¥, ΓÇ£AllowΓÇ¥, or ΓÇ£DefaultΓÇ¥. You can read about these categories and guidance for management of them at [https://aka.ms/pnc](./microsoft-365-network-connectivity-principles.md). This column also lists which endpoint sets are required to have network connectivity. For endpoint sets which are not required to have network connectivity, we provide notes in this field to indicate what functionality would be missing if the endpoint set is blocked. If you're excluding an entire service area, the endpoint sets listed as required don't require connectivity.

+- The Security and Compliance Center (SCC) provides support for Azure ExpressRoute for Office 365. The same applies for many features exposed through the SCC such as Reporting, Auditing, eDiscovery (Premium), Unified DLP, and Data Governance. Two specific features, PST Import and eDiscovery Export, currently don't support Azure ExpressRoute with only Office 365 route filters due to their dependency on Azure Blob Storage. To consume those features, you need separate connectivity to Azure Blob Storage using any supportable Azure connectivity options, which include Internet connectivity or Azure ExpressRoute with Azure Public route filters. You have to evaluate establishing such connectivity for both of those features. The Office 365 Information Protection team is aware of this limitation and is actively working to bring support for Azure ExpressRoute for Office 365 as limited to Office 365 route filters for both of those features.

+- There are additional optional endpoints for Microsoft 365 Apps for enterprise that are not listed and are not required for users to launch Microsoft 365 Apps for enterprise applications and edit documents. Optional endpoints are hosted in Microsoft data centers and don't process, transmit, or store customer data. We recommend that user connections to these endpoints be directed to the default Internet egress perimeter.

+**Last updated:** 04/28/2021 -  [Change Log subscription](https://endpoints.office.com/version/China?allversions=true&format=rss&clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7)

+|**Last updated:** 04/28/2022 - |

+[Sign up for Microsoft 365 Lighthouse](m365-lighthouse-sign-up.md) (article)\

+[Overview of the Device compliance page in Microsoft 365 Lighthouse](m365-lighthouse-device-compliance-page-overview.md) (article)\

+Use Microsoft Graph API to access more audit events, if needed. For more information, see [Overview for multi-tenant management using the Microsoft 365 Lighthouse API](/graph/managedtenants-concept-overview).

+ > [!NOTE]

+ > If you have onboarded the master image of your Non-Persistent VDI environment (SENSE service is running), then you must offboard and clear some data before putting the image back into production.

+ > 1. Ensure the sensor is stopped by running the command below in a CMD window:

+ > ```console

+ > sc query sense

+ > ```

+ > 2. Run the below commands using PsExec.exe (which can be downloaded from https://download.sysinternals.com/files/PSTools.zip)

+ >

+ > ```console

+ > PsExec.exe -s cmd.exe

+ > cd "C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Cyber"

+ > del *.* /f /s /q

+ > REG DELETE "HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection" /v senseGuid /f

+ > exit

+ > ```

+Use the [./Vendor/MSFT/Policy/Config/Defender/ControlledFolderAccessAllowedApplications](/windows/client-management/mdm/policy-csp-defender#defender-guardedfoldersallowedapplications) configuration service provider (CSP) to allow apps to make changes to protected folders.

+> Using multiple browser tabs with advanced hunting might cause you to lose your unsaved queries. To prevent this from happening, use the tab feature within advanced hunting instead of separate browser tabs.

+|Classify incidents.|Daily|Classify incidents as true or false. For true alerts, specify the threat type. This classification helps your security team see threat patterns and defend your organization from them.|Security Operations Team|

+|Analyze admin submission details.|Daily|Understand the following factors for the submissions you make to Microsoft: <ul><li>What caused the false positive or false negative.</li><li>The state of your Defender for Office 365 configuration at the time of the submission.</li><li>Whether you need to make changes to your Defender for Office 365 configuration.</li></ul>|Security Operations Team <br/><br/> Security Administration|

+|Review the configuration of Defender for Office 365 policies at <https://security.microsoft.com/configurationAnalyzer>.|Ad-hoc <br/><br/> Monthly|Use the [Configuration analyzer](configuration-analyzer-for-security-policies.md) to compare your existing policy settings to the [recommended Standard or Strict values for Defender for Office 365](recommended-settings-for-eop-and-office365.md). The Configuration analyzer identifies accidental or malicious changes that can lower your organization's security posture. <br/><br/> Or yu can use the PowerShell-based [ORCA tool](https://aka.ms/getorca).|Security Administration <br/><br/> Messaging Team|

+- **Email & collaboration roles**: Roles and role groups that grant permission specific to Microsoft Defender for Office 365. The following roles are not available in Azure AD, but can be important for security teams:

+Security team members can do submissions from multiple locations in the Microsoft 365 Defender portal at <https://security.microsoft.com>:

+For the short-term mitigation of false negatives, security teams can directly manage [block entries](manage-tenant-blocks.md) for files, URLs, and senders in the [Tenant Allow/Block List](tenant-allow-block-list.md).

+For the short-term mitigation of false positives, security teams can't directly manage [allow entries](manage-tenant-allows.md) in the Tenant Allow/Block List. Instead, they need to use [admin submissions](admin-submission.md) and the **Allow messages like this** option.

+## April 2022

+- [Manual email remediation enhancements](/microsoft-365/security/office-365-security/remediate-malicious-email-delivered-office-365): Bringing manual email purge actions taken in Microsoft Defender for Office 365 to the Microsoft 365 Defender (M365D) unified Action Center using a new action-focused investigation.

+

+1. Select **Save** and close the **Inbound access settings** blade.