Updates from: 05/23/2024 04:31:21
Service Microsoft Docs article Related commit history on GitHub Change details
SharePoint Advanced Management https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/advanced-management.md
Previously updated : 04/10/2024 Title: "Microsoft Syntex - SharePoint Advanced Management overview" Last updated : 05/20/2024
+ Title: "Microsoft SharePoint Premium - SharePoint Advanced Management overview"
ms.localizationpriority: medium - Highpri-- Tier1
+- Tier2
- M365-sam - M365-collaboration - ContentEnagagementFY24 search.appverid: - MET150 recommendations: false
-description: "Learn about Microsoft Syntex - SharePoint Advanced Management and how you can use it in your organization."
+description: "Learn about Microsoft SharePoint Premium - SharePoint Advanced Management and how you can use it in your organization."
-# Microsoft Syntex - SharePoint Advanced Management overview
+# Microsoft SharePoint Premium - SharePoint Advanced Management overview
-Microsoft Syntex - SharePoint Advanced Management is a Microsoft 365 add-on that provides a suite of features that can help you:
+Microsoft SharePoint Premium - SharePoint Advanced Management is a Microsoft 365 add-on that provides a suite of features that can help you:
- Manage and govern SharePoint and OneDrive - Enhance Microsoft 365 secure collaboration capabilities
SharePoint Authentication Context Example https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/authentication-context-example.md
Previously updated : 08/30/2023 Last updated : 05/20/2024 Title: "Conditional access policy for SharePoint sites and OneDrive"
ms.localizationpriority: medium - Highpri-- Tier1
+- Tier2
- M365-sam - M365-collaboration search.appverid:
description: "Learn about how to use Microsoft Entra Conditional Access and auth
[!INCLUDE[Advanced Management](includes/advanced-management.md)]
-With [Microsoft Entra authentication context](/azure/active-directory/conditional-access/concept-conditional-access-cloud-apps#configure-authentication-contexts), you can enforce more stringent access conditions when users access SharePoint sites.
+With [Microsoft Entra authentication context](/azure/active-directory/conditional-access/concept-conditional-access-cloud-apps#configure-authentication-contexts), you can enforce more stringent access conditions when users access SharePoint sites.
You can use authentication contexts to connect an [Microsoft Entra Conditional Access policy](/azure/active-directory/conditional-access/overview) to a SharePoint site. Policies can be applied directly to the site or via a sensitivity label.
-Note that this capability can't be applied to the root site in SharePoint (for example, https://contoso.sharepoint.com).
+This capability can't be applied to the root site in SharePoint (for example, <https://contoso.sharepoint.com>).
## Requirements Using authentication context with SharePoint sites requires one of the following licenses: -- Microsoft Syntex - SharePoint Advanced Management
+- Microsoft SharePoint Premium - SharePoint Advanced Management
- Microsoft 365 E5/A5/G5 - Microsoft 365 E5/A5 Compliance - Microsoft 365 E5 Information Protection and Governance
The following apps and scenarios don't work with authentication contexts:
- Teams webinar scheduling fails if OneDrive has an authentication context. - Third-party apps - The OneDrive sync app won't sync sites with an authentication context.-- Associating an authentication context to the enterprise application catalog site collection is not supported.-- The ΓÇ£Visualize SharePoint List in Power BIΓÇ¥ feature does not currently support authentication context.-- Outlook on Windows, Mac, Android and iOS do not support communication with SharePoint sites protected by an Authentication Context.
+- Associating an authentication context to the enterprise application catalog site collection isn't supported.
+- The ΓÇ£Visualize SharePoint List in Power BIΓÇ¥ feature doesn't currently support authentication context.
+- Outlook on Windows, Mac, Android, and iOS don't support communication with SharePoint sites protected by an Authentication Context.
## Setting up an authentication context
Setting up an authentication context for labeled sites requires these basic step
1. Set a sensitivity label to apply the authentication context to labeled sites. 1. Apply the authentication context directly to a site
-In this article, we'll look at the example of requiring guests to agree to a [terms of use](/azure/active-directory/conditional-access/terms-of-use) before gaining access to a sensitive SharePoint site. You can also use any of the other conditional access conditions and access controls that you might need for your organization.
+In this article, we look at the example of requiring guests to agree to a [terms of use](/azure/active-directory/conditional-access/terms-of-use) before gaining access to a sensitive SharePoint site. You can also use any of the other conditional access conditions and access controls that you might need for your organization.
### Add an authentication context
First, add an authentication context in Microsoft Entra ID.
To add an authentication context:
-1. In [Microsoft Entra Conditional Access](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade), under **Manage**, click **Authentication context**.
+1. In [Microsoft Entra Conditional Access](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade), under **Manage**, select **Authentication context**.
-2. Click **New authentication context**.
+2. Select **New authentication context**.
3. Type a name and description and select the **Publish to apps** check box. ![Screenshot of add authentication context UI](media/aad-add-authentication-context.png)
-4. Click **Save**.
+4. Select **Save**.
### Create a conditional access policy
Next, create a conditional access policy that applies to that authentication con
To create a conditional access policy:
-1. In [Microsoft Entra Conditional Access](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade), click **New policy**.
+1. In [Microsoft Entra Conditional Access](https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade), select **New policy**.
1. Type a name for the policy.
To create a conditional access policy:
![Screenshot of authentication context options in cloud apps or actions settings for a conditional access policy.](media/aad-authentication-context-ca-policy-apps.png)
-1. On the **Grant** tab, select the check box for the terms of use that you want to use, and then click **Select**.
+1. On the **Grant** tab, select the check box for the terms of use that you want to use, and then select **Select**.
-1. Choose if you want to enable the policy, and then click **Create**.
+1. Choose if you want to enable the policy, and then select **Create**.
### Apply the authentication context directly to a site You can directly apply an authentication context to a SharePoint site by using the [Set-SPOSite](/powershell/module/sharepoint-online/set-sposite) PowerShell cmdlet. > [!NOTE]
-> This capability requires a Microsoft 365 E5 or Microsoft Syntex - SharePoint Advanced Management license.
+> This capability requires a Microsoft 365 E5 or Microsoft SharePoint Premium - SharePoint Advanced Management license.
In the following example, we apply the authentication context we created above to a site called "research."
If you want to use a sensitivity label to apply the authentication context, upda
> Sensitivity labels require Microsoft 365 E5 or Microsoft 365 E3 plus the Advanced Compliance license. To update a sensitivity label
-1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com/informationprotection), on the **Information protection** tab, click the label that you want to update and then click **Edit label**.
-2. Click **Next** until you are on the **Define protection settings for groups and sites** page.
+1. In the [Microsoft Purview compliance portal](https://compliance.microsoft.com/informationprotection), on the **Information protection** tab, select the label that you want to update and then select **Edit label**.
-3. Ensure that the **External sharing and Conditional Access settings** check box is selected, and then click **Next**.
+2. Select **Next** until you are on the **Define protection settings for groups and sites** page.
+
+3. Ensure that the **External sharing and Conditional Access settings** check box is selected, and then select **Next**.
4. On the **Define external sharing and device access settings page**, select the **Use Microsoft Entra Conditional Access to protect labeled SharePoint sites** check box.
To update a sensitivity label
![Screenshot of Microsoft Entra authentication context sensitivity label settings](media/aad-authentication-context-label-setting.png)
-7. Click **Next** until you are on the **Review your settings and finish** page, and then click **Save label**.
+7. Select **Next** until you are on the **Review your settings and finish** page, and then select **Save label**.
Once the label has been updated, guests accessing a SharePoint site (or the **Files** tab in a team) with that label will be required to agree to the terms of use before gaining access to that site. ## Blocking background apps (rolling out in preview)
-If authentication context is set on a site, admins can choose to prevent background apps from accessing that site for the apps assigned with that authentication context in a conditional access policy. You can configure a conditional access policy such that a specific authentication context can be assigned to chosen application principles (non-Microsoft applications). You'll need to explicitly turn this feature on via the following cmdlet. Note that you should have at least one conditional access policy with an application principle configured.
+If authentication context is set on a site, admins can choose to prevent background apps from accessing that site for the apps assigned with that authentication context in a conditional access policy. You can configure a conditional access policy such that a specific authentication context can be assigned to chosen application principles (non-Microsoft applications). You need to explicitly turn on this feature via the following cmdlet. You should have at least one conditional access policy with an application principle configured.
```PowerShell
-Set-SPOTenant -BlockAPPAccessToSitesWithAuthentcationContext $false/$true (default false)
+Set-SPOTenant -BlockAPPAccessToSitesWithAuthenticationContext $false/$true (default false)
``` ## See also
SharePoint Block Download From Sites https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/block-download-from-sites.md
Previously updated : 1/19/2024 Last updated : 05/21/2024 Title: Block download policy for SharePoint sites and OneDrive
ms.localizationpriority: medium
- Strat_SP_admin - Highpri-- Tier1
+- Tier2
- M365-sam - M365-collaboration search.appverid:
description: Learn how administrators can block download of files from a SharePo
[!INCLUDE[Advanced Management](includes/advanced-management.md)]
-As a SharePoint Administrator or Global Administrator in Microsoft 365, you can block download of files from SharePoint sites or OneDrive. This feature does not need Microsoft Entra Conditional Access policies. This feature can be set for individual sites and cannot be set at the organization level.
+As a SharePoint Administrator or Global Administrator in Microsoft 365, you can block download of files from SharePoint sites or OneDrive. This feature doesn't need Microsoft Entra Conditional Access policies. This feature can be set for individual sites and can't be set at the organization level.
-Blocking download of files allows users to remain productive while addressing the risk of accidental data loss. Users have browser-only access with no ability to download, print, or sync files. They also won't be able to access content through apps, including the Microsoft Office desktop apps. When web access is limited, users will see this message at the top of sites, "Your organization doesn't allow you to download, print, or sync from this site. For help contact your It department."
+Blocking download of files allows users to remain productive while addressing the risk of accidental data loss. Users have browser-only access with no ability to download, print, or sync files. They also won't be able to access content through apps, including the Microsoft Office desktop apps. When web access is limited, users see this message at the top of sites, "Your organization doesn't allow you to download, print, or sync from this site. For help, contact your It department."
-Note that you can block the download of Teams meeting recording files specifically if you need to. For more information, see [Block the download of Teams meeting recording files from SharePoint or OneDrive](/microsoftteams/block-download-meeting-recording).
+You can block the download of Teams meeting recording files specifically if you need to. For more information, see [Block the download of Teams meeting recording files from SharePoint or OneDrive](/microsoftteams/block-download-meeting-recording).
## Requirements
-This feature requires [Microsoft Syntex - SharePoint Advanced Management](advanced-management.md).
+This feature requires [Microsoft SharePoint Premium - SharePoint Advanced Management](advanced-management.md).
## How to set this policy for a SharePoint site
This feature requires [Microsoft Syntex - SharePoint Advanced Management](advanc
2. Connect to SharePoint as a [Global Administrator or SharePoint Administrator](./sharepoint-admin-role.md) in Microsoft 365. To learn how, see [Getting started with SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online).
-3. Run the following command.
+3. Run the following command.
```PowerShell Set-SPOSite -Identity <SiteURL> -BlockDownloadPolicy $true ```
- For example, `Set-SPOSite -Identity https://contoso.sharepoint.com/sites/research -BlockDownloadPolicy $true`. You can apply this cmdlet to OneDrive as well by changing the URL to `https://contoso-my.sharepoint.com/personal/John`.
+
+ For example, `Set-SPOSite -Identity https://contoso.sharepoint.com/sites/research -BlockDownloadPolicy $true`. You can apply this cmdlet to OneDrive as well by changing the URL to `https://contoso-my.sharepoint.com/personal/John`.
The following parameters can be used with this cmdlet to fine-tune it:
The following parameters can be used with this cmdlet to fine-tune it:
- `-ExcludeBlockDownloadSharePointGroups <comma separated group IDs>`<br/>Exempts users from the mentioned SharePoint groups from this policy and they can fully download any content for the site. -- `-ReadOnlyForBlockDownloadPolicy $true`<br/>Marks the site as read-only in addition to preventing downloads.
+- `-ReadOnlyForBlockDownloadPolicy $true`<br/>Marks the site as read-only in addition to preventing downloads.
You also can attach a block download policy to a site sensitivity label.
Set-Label -Identity 'Internal' -AdvancedSettings @{ExcludedBlockDownloadGroupIds
## App impact
-Blocking download might impact the user experience in some apps, including some Office apps. We recommend that you turn the policy on for some users and test the experience with the apps used in your organization. In Office, make sure to check the behavior in Power Apps and Power Automate when your policy is on.
+Blocking download might impact the user experience in some apps, including some Office apps. We recommend that you turn on the policy for some users and test the experience with the apps used in your organization. In Office, make sure to check the behavior in Power Apps and Power Automate when your policy is on.
> [!NOTE] > Apps that run in "app-only" mode in the service, like antivirus apps and search crawlers, are exempted from the policy.
SharePoint Change History Report https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/change-history-report.md
Previously updated : 04/10/2024 Last updated : 05/21/2024 Title: "Create change history reports"
ms.localizationpriority: medium
- M365-collaboration - Highpri-- Tier1
+- Tier2
description: "Learn how to create and view SharePoint site change history reports in SharePoint admin center."
Create up to 10 reports that track what changed, when it happened, and who initi
To access and use this feature, your organization must have the following subscription: -- [Microsoft Syntex - SharePoint Advanced Management](advanced-management.md)
+- [Microsoft SharePoint Premium - SharePoint Advanced Management](advanced-management.md)
## Create a change history report
The following table lists the latest set of supported settings found in **Sharin
## Related topics
-[Microsoft Syntex - SharePoint Advanced Management overview](advanced-management.md)
+[Microsoft SharePoint Premium - SharePoint Advanced Management overview](advanced-management.md)
SharePoint Change Site Address https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/change-site-address.md
Previously updated : 03/28/2024 Last updated : 05/22/2024 Title: "Change a site address"
description: Learn how global and SharePoint admins can change the URL of a Shar
# Change a site address > [!NOTE]
-> This feature isn't supported for Microsoft 365 Government cloud customers, including GCC, GCC High or DoD.
+> This feature isn't supported for Microsoft 365 GCC High or DoD customers.
As a Global Administrator or SharePoint Administrator in your organization, you can change the URL for the following types of SharePoint sites (previously called "site collections"):
SharePoint Data Access Governance Reports https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/data-access-governance-reports.md
Previously updated : 01/22/2024 Last updated : 05/20/2024 Title: "Data access governance reports for SharePoint sites"
ms.localizationpriority: medium
- Strat_SP_admin - Highpri-- Tier1
+- Tier2
- M365-sam - M365-collaboration
As sprawl and oversharing of SharePoint sites increase with exponential
## Requirements
-This feature requires either Microsoft 365 E5 or Microsoft Syntex - SharePoint Advanced Management.
+This feature requires either Microsoft 365 E5 or Microsoft SharePoint Premium - SharePoint Advanced Management.
While admins with Microsoft 365 E5 licensing can access Data access governance reporting, they are not able to view or utilize the other [SharePoint Advanced Management features](advanced-management.md).
SharePoint Limit Access https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/limit-access.md
Previously updated : 04/11/2024 Last updated : 05/20/2024 Title: "Restrict OneDrive access by security group"
ms.localizationpriority: medium
- Strat_OD_admin - Highpri-- Tier1
+- Tier2
- M365-sam - M365-collaboration - essentials-compliance
Note that you can also restrict access to an individual user's OneDrive to peopl
To access and use this feature, your organization must have one of the following subscriptions: -- Microsoft Syntex - SharePoint Advanced Management
+- Microsoft SharePoint Premium - SharePoint Advanced Management
- Office 365 E5/A5 - Microsoft 365 E5/A5
SharePoint Make Site Content Searchable https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/make-site-content-searchable.md
recommendations: true Previously updated : 6/29/2018 Last updated : 5/22/2024 audience: End User f1.keywords: - NOCSH
As a site owner you can control whether the content in specific columns in lists
1. On the site that contains the list or library, select **Settings** ![Settings icon.](media/a47a06c3-83fb-46b2-9c52-d1bad63e3e60.png), and then select **Site settings**. If you don't see **Site settings**, select **Site information**, and then select **View all site settings**. 2. Under **Search**, click **Searchable columns**.+
+ The option is only visible for sites with the classic [publishing feature](publishing-sites-classic-to-modern-experience.md) enabled. If the option is not visible navigate directly to `<Site URL>>/_layouts/15/NoCrawlSettings.aspx`.
3. In the **Excluded Columns from Search Indexing** section, under **Excluded**, check the box next to the Column Name for the column you want to exclude in search results.
SharePoint Onedrive Site Access Restriction https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/onedrive-site-access-restriction.md
Previously updated : 04/11/2024 Last updated : 05/20/2024 Title: Restrict access to a user's OneDrive content to people in a group
ms.localizationpriority: medium
- Strat_OD_admin - Highpri-- Tier1
+- Tier2
- M365-sam - M365-collaboration - essentials-compliance
You can also restrict access to the OneDrive service itself to people in a secur
## Requirements
-The OneDrive access restriction policy requires [Microsoft Syntex - SharePoint Advanced Management](advanced-management.md).
+The OneDrive access restriction policy requires [Microsoft SharePoint Premium - SharePoint Advanced Management](advanced-management.md).
## Enable site access restriction for your organization
SharePoint Recent Actions Panel https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/recent-actions-panel.md
Previously updated : 04/10/2024 Last updated : 05/21/2024 Title: "Review your recent changes to SharePoint site properties"
- M365-collaboration - M365-sam - Highpri-- Tier1
+- Tier2
description: "Learn how to review your recent changes to SharePoint site properties." # Review your recent changes to SharePoint site properties
The recent actions panel lets you review and monitor the last 30 changes you've
## Requirements
-To access the recent actions panel and the following features, your organization must have a [Microsoft Syntex - SharePoint Advanced Management subscription.](advanced-management.md)
+To access the recent actions panel and the following features, your organization must have a [Microsoft SharePoint Premium - SharePoint Advanced Management subscription.](advanced-management.md)
- Review the last 30 actions made within the last 30 days in the recent actions panel. - View more details such as previous and current value of the settings changed and directly access the site details panel to review the change. - Export and download CSV files detailing all your changes made within the last 30 days. > [!IMPORTANT]
-> Without Microsoft Syntex - SharePoint Advanced Management, you can only view actions made in the current session. Once you close the browser or sign out, the recent actions panel will clear the history.
+> Without Microsoft SharePoint Premium - SharePoint Advanced Management, you can only view actions made in the current session. Once you close the browser or sign out, the recent actions panel will clear the history.
## View recent actions of a site
You deleted 4 SharePoint sites on May 21 at 12:10 AM. The bulk edit shows as one
## Related articles
-[Microsoft Syntex Advanced Management overview](advanced-management.md)
+[Microsoft SharePoint Premium - SharePoint Advanced Management overview](advanced-management.md)
SharePoint Restricted Access Control https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/restricted-access-control.md
Previously updated : 02/06/2024 Last updated : 05/20/2024 Title: "Restrict SharePoint site access with Microsoft 365 groups and Entra security groups"
- M365-collaboration - M365-SAM - Highpri-- Tier1
+- Tier2
- ContentEngagementFY24 search.appverid: description: "Learn how to restrict access to SharePoint sites to members of a Microsoft 365 or Entra security group."
Restricting site access via group membership can minimize the risk of oversharin
## Prerequisites
-The site access restriction policy requires [Microsoft Syntex - SharePoint Advanced Management](advanced-management.md).
+The site access restriction policy requires [Microsoft SharePoint Premium - SharePoint Advanced Management](advanced-management.md).
## Enable site-level access restriction for your organization
SharePoint Site Lifecycle Management https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/public/SharePoint/SharePointOnline/site-lifecycle-management.md
Previously updated : 02/14/2024 Last updated : 05/21/2024 Title: "Manage site lifecycle policies"
ms.localizationpriority: medium - Highpri-- Tier1
+- Tier2
- M365-sam - M365-collaboration - essentials-manage
description: "Learn how to manage site lifecycle policies for SharePoint sites."
## Site lifecycle management
-The site lifecycle management feature from Microsoft Syntex- SharePoint Advanced Management lets you manage inactive sites across your tenant from the [SharePoint admin center](get-started-new-admin-center.md).
+The site lifecycle management feature from Microsoft SharePoint Premium - SharePoint Advanced Management lets you manage inactive sites across your tenant from the [SharePoint admin center](get-started-new-admin-center.md).
You can set up an inactive site policy to automatically detect inactive sites and send notifications to site owners via email. The owners can then confirm whether the site is still active. When you're setting up a site lifecycle policy, you can choose between a simulation policy and an active policy. The simulation policy runs once and generates a report based on the set parameters. If the policy fails, you need to delete it and create a new simulation policy. You can also convert a simulation policy to an active policy.
If a site falls under multiple inactive site policies, notification emails aren'
## Requirements
-Site lifecycle management requires [Microsoft Syntex - SharePoint Advanced Management](advanced-management.md).
+Site lifecycle management requires [Microsoft SharePoint Premium - SharePoint Advanced Management](advanced-management.md).
## Create an inactive site policy