+# Welcome to microsoft-365-copilot!

+## Watch: Delete a user overview

+As the admin of an organization, you may need to add one of your users or contacts to a distribution group. See [Create distribution groups in Microsoft 365](../setup/create-distribution-lists.md). For example, you can add employees or external partners or vendors to an email distribution group.

+## Watch: Add a user to a distribution list

+> [!VIDEO https://www.microsoft.com/videoplayer/embed/ed4e6095-9a6a-4d3d-999d-698c39bb7ec8?autoplay=false]

+## Steps

+1. In the Microsoft 365 admin center, select **Teams and groups** \> **Active teams and groups** \> **Distribution lists**.

+2. On the group page, select the name of the group you want to add a contact to.

+4. On the **View Members** page, select **Add members**, and select the user or contact you want to add to the distribution group.

+ > [!NOTE]

+ > You can also remove a user on this page. Select the user, select the ellipsis symbol and choose **Remove member**.

+In Microsoft 365, you can send email as a distribution list. When a person who is a member of the distribution list replies to a message sent to the distribution list, the email appears to be from the distribution list, not from the individual user.

+1. Open Outlook on the web and go to your inbox.

+2. Open a message that was sent to the distribution list.

+3. Select **Reply**.

+4. At the bottom of the message, select **More** \> **Show from**.

+ 

+5. Right-click on the From address - such as `Ina@weewalter.me` - and choose **Remove**.

+ 

+6. Then type the distribution list address such as support@contoso.com, and send the message. The next time you reply from the distribution list, its address will appear as an option in the **From** list.

+ 

+2. Select **New Email**. Click the **From** field and select **Other email address**. If you do not see the From field, navigate to **Options** and select **From** in the Show fields section.

+In Outlook on the web or other desktop Outlook applications, users may see notifications informing them that they can use Outlook on their mobile device. The administrator can manage these notifications by using Exchange PowerShell. If users choose to send themselves an SMS text message to download the app on their mobile device, a QR code appears on their computer. They'll be able to scan the QR code to log into Outlook on their phone or tablet. This QR code is a short lived token that can only be redeemed once.

+2. The user isn't already using Outlook for iOS and Android.

+3. The user has an empty state at reading pane (doesn't select the option of auto opening the first email).

+4. The user didn't dismiss the notification.

+This feature is on by default. To disable this feature, use the following steps.

+ ```powershell

+ Set-OrganizationConfig -MobileAppEducationEnabled <Boolean>

+ ```

+ Title: Create distribution lists

+Use distribution lists (sometimes called distribution groups) when you want to send email to group of people without having to type each individual recipient's name. Distribution lists can be organized by a particular discussion subject (such as "Marketing") or by users who share common work that requires them to communicate frequently. They also provide a way for you to automatically forward email to multiple email addresses.

+## Create a distribution list (group)

+1. Select **Teams and groups** \> **Active teams and groups** \> **Distribution lists**.

+2. Select **Add a distribution list**.

+3. On the **Set up the basics** page, enter a name, description, and select **Next**.

+4. On the **Assign owners** page, select **Assign owners** and select a user and choose **Add**. Select **Next**.

+5. On the **Edit settings** page, create a group email address for your new group, and choose whether you want people outside your organization to send email to the group. Select **Next**.

+6. On the **Review and finish adding group** page, verify your group information and select **Create group**.

+To add users to your distribution list after you've created it, see [Add a user or contact to a distribution list](../email/add-user-or-contact-to-distribution-list.md).

+Check out how to use group in Outlook 2016 and Outlook on the web in [Use contact groups (formerly distribution lists) in Outlook](https://support.microsoft.com/office/1c97fcb2-0ed4-41e6-b401-58f9d7d40e39).

+Check out [Distribution list issues](/office365/troubleshoot/groups/distribution-list-issues) for help with distribution list issues.

+1. From the Bookings home page, choose your calendar from the homepage.

+2. Go to staff option in left pane and select **Staff**, and then **Add new staff**.

+3. When adding staff from within your organization, type their name in the search field and select them when they appear in the drop-down menu. The other fields will automatically populate.

+ > To add staff from outside of your organization, manually fill in their email and other information. Staff from outside your tenant will not be able to share free/busy information with Bookings.

+4. For each staff member, select a role: Team member, Scheduler, Viewer, or Guest.

+5. Select **Notify all staff via email when a booking assigned to them is created or changed** to enable staff emails. The following is an example email:

+6. Select **Events on Microsoft 365 calendar affect availability** if you want the free/busy information from staff membersΓÇÖ calendars to impact availability for bookings services through Bookings.

+7. Select **Use business hours** to set all bookable times for your staff members to be only within the business hours that you set in the **Business hours** section on the Business Information page.

+You're ready to go. You can get to the Bookings page with this [link](https://outlook.office.com/bookings/onboarding), from the app launcher or from office.com. Use the following topics to continue setting up your Bookings features.

+> The admin controls described in these sections aren't available for Office 365 Operated by 21Vianet (China) customers.

+3. Select Bookings and choose the checkbox for **Allow your organization to use Bookings** to turn on or turn off Bookings for your organization.

+### Allow Microsoft to send SMS messages

+Set up Bookings to send reminders and information customers might need for a meeting or appointment.

+### Disable direct search engine indexing

+Hide your Bookings page from search results on Google, Bing or other search engines.

+>This feature will begin rolling out for public preview in July 2023. If you would like to provide feedback and improve this feature while in preview, please fill out [this form](https://forms.microsoft.com/r/DWaJXA6Dax).

+Team membership is automatically managed over time through the power of dynamic teams. As frontline workers are onboarded, offboarded, or change locations, their membership in these teams are updated accordingly.

+- Users must have a Microsoft 365 F3, F1, E3, or E5 license. If a user doesn't have one of these licenses, they'll need an Azure AD P1 add-on license to use dynamic teams. [Learn more about frontline licensing](flw-licensing-options.md).

+- The admin running the deployment process must have one of the following role combinations:

+ - Teams admin and Global admin

+ - Teams admin and Groups admin

+ - Teams admin and User admin

+ - Teams admin and Intune admin

+Apple has fixed an issue on macOS [Ventura upgrade](<https://developer.apple.com/documentation/macos-release-notes/macos-13_1-release-notes>), which is fixed with the latest OS update. The issue impacts Microsoft Defender for Endpoint security extensions, and might result in losing Full Disk Access Authorization, impacting its ability to function properly.

+**Catalina Deprecation**

+**Sonoma support**

+Microsoft Defender will support macOS Sonoma (14.0) as soon as Apple makes it generally available (September 26th, 2023).

+### Sep-2023 (Build: 101.23072.0025 | Release version: 20.123072.25.0)

+| Build: | **101.23072.0025** |

+|--|--|

+| Release version: | **20.123072.25.0** |

+| Engine version: | **1.1.23050.3** |

+| Signature version: | **1.397.911.0** |

+##### What's new

+- Bug and performance fixes

+- Fix: Security Portal events may have missed ancestors details for short lived processes

+| Build: | **101.23062.0016** |

+| Release version: | **20.123062.16.0** |

+| Signature version: | **1.395.436.0** |

+| Build: | **101.23052.0004** |

+| Release version: | **20.123052.4.0** |

+| Signature version: | **1.391.221.0** |

+> [!NOTE]

+> The **Endpoint Security Policies** page in Microsoft 365 Defender is available only for [users with the security administrator role in Microsoft 365 Defender](/microsoft-365/security/defender-endpoint/assign-portal-access). Any other user role, such as Security Reader, cannot access the portal. When a user has the required permissions to view policies in the Microsoft 365 Defender portal, the data is presented based on Intune permissions. If the user is in scope for Intune role-based access control, it applies to the list of policies presented in the Microsoft 365 Defender portal. We recommend granting security administrators with the [Intune built-in role, ΓÇ£Endpoint Security ManagerΓÇ¥](/mem/intune/fundamentals/role-based-access-control#built-in-roles) to effectively align the level of permissions between Intune and Microsoft 365 Defender.

+- **Disk encryption** - Endpoint security disk encryption profiles focus on only the settings that are relevant for a devices built-in encryption method, like FileVault or BitLocker. This focus makes it easy for security admins to manage disk encryption settings without having to navigate a host of unrelated settings.

+- **Attack surface reduction** - When Microsoft Defender Antivirus is in use on your Windows 10/11 devices, use Intune endpoint security policies for attack surface reduction to manage those settings for your devices.

+ > Running Defender for Endpoint on Linux side by side with other `fanotify`-based security solutions is not supported. It can lead to unpredictable results, including hanging the operating system. If there are any other applications on the system that use `fanotify` in blocking mode, applications are listed in the `conflicting_applications` field of the `mdatp health` command output. The Linux **FAPolicyD** feature uses `fanotify` in blocking mode, and is therefore unsupported when running Defender for Endpoint in active mode. You can still safely take advantage of Defender for Endpoint on Linux EDR functionality after configuring the antivirus functionality Real Time Protection Enabled to [Passive mode](linux-preferences.md#enforcement-level-for-antivirus-engine).

+ > This setting also controls how long messages that were quarantined by **anti-phishing** policies are retained. For more information, see [Quarantine retention](quarantine-about.md#quarantine-retention).

+## Quarantine policies

+> [!TIP]

+> You can create customized [quarantine notifications for different languages](quarantine-policies.md#customize-quarantine-notifications-for-different-languages). You can also [use a custom logo in quarantine notifications](quarantine-policies.md#customize-all-quarantine-notifications).

+ > [!TIP]

+ > For the permissions required to download and release any messages from quarantine, see the permissions entry [here](quarantine-admin-manage-messages-files.md#what-do-you-need-to-know-before-you-begin).

+### Quarantine retention

+- Quarantined messages and files are retained for a default period of time based on why they were quarantined. After the retention period expires, the messages are automatically deleted and aren't recoverable. For more information, see [Quarantine retention](quarantine-about.md#quarantine-retention).

+> [!TIP]

+> - If a message is released from quarantine and then routed to a third party security service or device before delivery to the original recipient, there will be some content loss when the message arrives at the recipient's mailbox.

+> - Admins can use [message trace](message-trace-scc.md) to determine if a released message was delivered to the recipient's Inbox.

+> - Third party anti-virus solutions can prevent a released email message from making it to the recipient's Inbox.

+- How long messages that were quarantined by anti-spam and anti-phishing protection are held before they expire is controlled by the **Retain spam in quarantine for this many days** (_QuarantineRetentionPeriod_) in anti-spam policies. For more information, see the table in [Quarantine retention](quarantine-about.md#quarantine-retention).

+> [!TIP]

+> A custom quarantine notification for a different language is shown to users only when their account/mailbox language matches the language in the custom quarantine notification.

+> Admins can find out who deleted a quarantined message by searching the admin audit log. For instructions, see [Find who deleted a quarantined message](quarantine-admin-manage-messages-files.md#find-who-deleted-a-quarantined-message). Admins can use [message trace](message-trace-scc.md) to find out what happened to a released message if the original recipient can't find it.

+|**Retain spam in quarantine for this many days** (_QuarantineRetentionPeriod_)|15 days|30 days|30 days|This value also affects messages that are quarantined by anti-phishing policies. For more information, see [Quarantine retention](quarantine-about.md#quarantine-retention).|

+|Endpoint |Supported file types |

+|||

+|SharePoint and OneDrive |.bmp, .png, .jpeg, .jpg, .jfif, .arw, .cr2, .crw, .erf, .gif, .mef, .mrw, .nef, .nrw, .orf, .pef, .raw, .rw2, .rw1, .sr2, .tif, .tiff, .heic, .heif, .ari, .bay, .cap, .cr3, .dcs, .dcr, .drf, .eip, .fff, .iiq, .k25, .kdc, .mef, .mos, .ptx, .pxn, .raf, .rwl, .sr2, .srf, .srw, .x3f, and .dng |

+|Teams, Exchange, and Windows devices |.bmp, .png, .jpeg, .jpg, .tiff, and .pdf (image only) |

+ Title: 'Validate apps against a custom image'

+description: This guide will show you how to onboard your own Windows image to Test Base as a baseline for security update or in-place upgrade validation.

+search.appverid: MET150

+audience: Software-Vendor

+ms.localizationpriority: medium

+f1.keywords: NOCSH

+# Validate apps against a custom image

+> [!NOTE]

+> This guide will show you how to onboard your own Windows image to Test Base as a baseline for security update or in-place upgrade validation.

+## Custom Image

+Many enterprises' IT departments have customized Windows builds which contain their tier 0 applications, configurations, and settings. Those images are commonly used for classic image-based deployment for new PCs or Windows updates.

+Test Base supports IT Pros, allowing them to share their custom image directly as a baseline to transfer the validation process to the cloud testing solution where the latest Windows updates can be deployed to their own image just as how they validate in their own environment to gain additional app confidence for monthly Windows updates or major Windows upgrade (e.g. Windows 11 deployment pre-validation).

+To set up your own image-based tests, please follow below guidance:

+* [Prerequisites](#prerequisites)

+* [Upload an image as baseline](#uploadanimageasbaseline)

+* [Create an in-place upgrade test using a custom image as the baseline](#createinplaceupgrade)

+* [Create a security update test using a custom image as the baseline](#createsecurityupgrade)

+## <a name="prerequisites"></a>Prerequisites

+Users need to prepare their own images from working environments (e.g. export from Configure Manager or take snapshots from Hyper-V). Please follow below instructions to ensure the image is prepared in VHD format and compatible for Test Base usage.

+[How to prepare a Windows VHD for Test Base](prepare-testbase-vhd-file.md)

+## <a name="uploadanimageasbaseline"></a>Upload an image as baseline

+Users can upload images exported from their working environments to use as baseline for validation.

+##### Step 1: Upload your VHD file

+1. Visit the 'New image' tab from the navigation bar on the left. Click on the 'Upload VHD' link to direct to the VHD upload page.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_1.png#lightbox)

+2. Click the "Select a VHD file to upload" button.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_2.png#lightbox)

+3. Follow the instructions from the popup to select your VHD image file from local. Once selected, click 'Download' link to generate PowerShell script which would help upload the file from your local path via PowerShell.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_3.png#lightbox)

+4. Launch the PowerShell script from command line and provide the file path of the selected VHD to continue with the upload.

+5. Once uploaded, refreshing the 'Upload VHD to storage blob' page will display your file in Validation/Ready mode.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_4.png#lightbox)

+##### Step 2: Create image from uploaded VHD

+1. Visit the 'New image' tab under the left navigation bar

+2. For the VHD section under 'Image source', select your uploaded VHD from the dropdown and make sure all the basic info for the image is correctly configured before publishing

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_5.png#lightbox)

+3. Image creation might take a while to complete. Please stay on the resource deployment page until the creation process finishes.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_6.png#lightbox)

+4. Access the 'Manage image' tab under the navigation bar. The new image should be under the 'Validation in progress' status with other existing images shown as below.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_7.png#lightbox)

+> [!NOTE]

+> The uploaded VHD files will be automatically deleted in 14 days in accordance to Microsoft's data retention policy. You may upload up to 10 custom images due to storage limitations.

+## <a name="createinplaceupgrade"></a>Create an in-place upgrade test using a custom image as the baseline

+Users can create an in-place upgrade test by choosing an existing custom image as their baseline, allowing the validation to be based on their existing OS settings and configuration.

+##### Step 1: Define custom image as the baseline from the 'Edit package' tab

+1. Either create a new package or open an existing package to edit

+2. Choose 'Flow driven' as in the 'Configure test' step and make the corresponding script changes in the 'Edit package' step.

+3. Continue to the 'Test matrix' step and choose the target custom image from the dropdown list

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_8.png#lightbox)

+4. Toggle on 'Pre-install security update release on baseline OS' if you would like the target security update installed before the base image gets upgraded. Otherwise, the latest available security update will be installed after the base image gets upgraded to the target OS version.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_9.png#lightbox)

+5. Review and publish the package once you have confirmed the Test matrix is properly configured with your desired custom image selected.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_10.png#lightbox)

+##### Step 2: Review the test result once your package has completed execution.

+1. Under the navigation, click on the 'In-place upgrade results' tab and search for the package you created with your custom image as the baseline OS. The test results should be displayed for review.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_11.png#lightbox)

+2. Click the 'See details' link to view the package test results with your custom image as a baseline. There should be a 'Custom Image' tag next to your OS Product at the top to indicate your custom image was used as the baseline.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_12.png#lightbox)

+## <a name="createsecurityupgrade"></a>Create a security update test using a custom image as the baseline

+Users can create a security update test by selecting the desired custom image as the baseline from existing custom images to validation against their existing settings and configuration.

+##### Step 1: Define the custom image as the baseline from the Edit package tab

+1. Create a new package or open an existing package to edit

+2. Choose 'Out of Box' or 'Functional' in the 'Configure test' step and make corresponding script changes in the 'Edit package' step.

+3. Navigate to the 'Test matrix step', choose 'Security update' as the test type, and select the target custom image from the dropdown list of 'OS versions to test'

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_13.png#lightbox)

+4. Review and publish the package once you have confirmed the Test matrix is properly configured with your desired custom image selected.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_14.png#lightbox)

+##### Step 2: Review the test results once the package has completed execution

+1. Under the left navigation bar, click on the 'Security update results' tab and search for the package you created with your custom image as the baseline OS. The test results should be displayed for review.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_15.png#lightbox)

+2. Click the 'See details' link to view the package test results with your custom image as a baseline.

+> [!div class="mx-imgBorder"]

+> [](Media/Validate_apps_against_a_custom_image_16.png#lightbox)