Today, we’re going to explore two relatively new sharing controls in SharePoint Online (and, by extension, OneDrive for Business). The two options we’re going to look at are located inside the SharePoint Admin Center (https://<tenant>-admin.sharepoint.com) under Sharing:
To test both of these functions out (as well as how other users are affected), I’m going to work with 3 test users and two security groups.… [ Continue reading ]
Yes, Hell has frozen over. The cows have come home. The lady of size has sung.
I have come up with a “best case” solution for the Office 365 hybrid group write-back problem.
For the long(er) background, you’ll probably want to go see this post.… [ Continue reading ]
I have created a more detailed example of how to do this here: https://www.undocumented-features.com/2018/09/14/fixing-office-365-anonymous-group-write-back-and-external-delivery/
Office 365 Groups are glorious creations. There are, however, some instances where they don’t work as you anticipate (or hope). One of those scenarios is when you are configured in hybrid coexistence with the following scenario:
- Office 365 Group Writeback is enabled (for configuring permissions, see this script)
- RequireSenderAuthenticationEnabled is set to False for an Office 365 group
- Your organization’s MX record is configured to point on-premises
In this scenario, external emails sent to Office 365 groups (via your organization’s MX record pointing on-premises) will be returned with one of our favorite NDRs:
“You do not have permission to send to this recipient.”
This happens because the RequireSenderAuthentication attribute (which maps to msExchRequireAuthToSendTo) written to the synced group object is set to the constant True inside of AAD Connect (as shown in the rule “Out to AD – Group SOAInAAD”):
Which translates to this on written-back group objects:
In order to fix this, you need to either update the rule (Edit | Disable and Make a Copy) or update the msExchRequireAuthToSendTo attribute on the synced group objects if you are keeping your MX pointed on-premises, or update the MX to point to Office 365.… [ Continue reading ]
While working with a partner this weekend on a tenant to tenant migration, we had the need to migrate Office 365 groups. There’s not really a lot of information around on recreating groups and memberships, so I decided to put together a tool to help the effort.… [ Continue reading ]
Update: I posted roll-back steps at the bottom of the article.
Several months ago, I wrote a blog on Disabling Office 365 Groups. It seems as though we couldn’t leave well enough alone. Such is a price of progress.
I got a new laptop a few weeks ago, and then found myself in the position of helping out a few colleagues this week. … [ Continue reading ]
Update: There are new cmdlets available for this task. This blog is for historical reference only. A new, updated process is available here (https://www.undocumented-features.com/2017/04/29/disable-office-365-groups-creation-redux/).
Office 365 Groups are a (somewhat) new feature that act both like a distribution list and a public folder or shared mailbox. … [ Continue reading ]