Office 365 Report / Auditing

Office365

Office 365 is continually evolving, expanding and improving – meaning new capabilities and opportunities, alongside the need to support adoption and manage change on an ongoing basis. Over the years I have been asked to do lots of On Premise current state assesments to help customers plan and check to ensure that their infrastructure is running optimally and meets current, and future, requirements. Recently however I have noticed an incline in requests from customers who want the same current state assesment for Office 365.

Whilst doing a bit of googling to see if there were any reporting tools that could ensure I capture key information on our customers tenant I was amazed at what I found, the following tool can be downloaded for FREE from Microsoft Technet and it ticks all the boxes:

To get your copy of the tool follow the link here: https://gallery.technet.microsoft.com/office/Office-365-Reporting-Tool-7987b4c2

Below are some screenshot from within the reporting tool:azure-overall-dashboard exchange-audit-overall-dashboard

sharepoint-overall-dashboardAdminDroid MFA Dashboard

What Can the Tool Do?

The tool provides detail reports on the following areas of Office 365

  • Azure Active Directory (43 reports)
  • Security Reports (22 Reports)
  • Exchange Online (99 reports)
  • SharePoint Online (35 reports)
  • OneDrive for Business  (11 reports)
  • Skype for Business (22 reports)
  • Yammer (20 reports)
  • Microsoft Teams (16 reports)
  • General Office 365 Reports (9 reports)

Reporting Capabilities Highlights

This Office 365 Reporting tool comes with advanced reporting capabilities which make tedious reporting task to an easier one.
  • Automatic Schedule –  Schedule one or more reports to run automatically at the configured time and delivered straight to your preferred mail-ids.
  • Rich Filters – Apply filter on any columns to see only the required information and save the filter for future use.
  • Easy Customization – Allow you to easily customize the reports by rearranging, adding or removing the columns and its size.
  • Report Export – Ability to export the reports to CSV, PDF, HTML, XLS or XLSX.

 

For me this tool will help me put together usefull documentation that we can present to customers and hopefully help plan a way forward with something that customers have aready invested in, I believe this FREE tool will help customers decide on a stratagy to develop their Office 365 utilisation for the better.

Advertisements

Do I need to backup Office 365?

Office365

As a consultant I visit many different businesses with different solution requirements, but there is one question I get asked a lot and that is, Do I still need to ensure that my data in Office 365 is backed up?

There is a widespread misconception that data created and stored in the cloud does not need to be backed up. When data is deleted or corrupted, companies face three major problems: Lost data, lost time and lost revenue.

Data loss is often a major concern for Office 365 customers because Microsoft’s backup policies cannot guarantee a complete and speedy restore of lost data. Even when data is retrievable, the process is long and complicated, and retention policies vary for each application included in the cloud platform.

Below is an image that should hopefully help you identify who is responsible for the different aspects of Office 365

o365 backuo

Reasons to use a third party backup provider

Ransomware attacks

Companies need to consider a multi-layered approach when it comes to security against cyber-attacks. Office 365 data is not invulnerable—without sufficient backup, companies stand to risk losing all of their files. -The WannaCry Virus is a prime example of this, we had numerous customers who’s data got encrypted and then synchronised to OneDrive, the only way around this was using 3rd party tools we already had in place protecting the businesses data. – if we did not then the data that was encrypted would have been lost.

Additional costs & data loss due to inactive licenses

As one would expect, an active Office 365 license is required to access O365 data. Unfortunately inactive or deprovisioned user data is permanently deleted, and retaining licenses of departed employees can be expensive.

Data loss due to Permanent deletion

When a SharePoint Online administrator deletes a site collection, all data will be placed in the Recycle Bin where it is deleted after 90 days. After it is automatically deleted, there is no rollback option.

Data loss when Restoring files

When restoring older files from a SharePoint backup, the restore is targeted at the same URL. This means a restore overwrites whatever data currently exists in the site collection – not the individual file or folder.

Business downtime

Contacting Microsoft Support for assistance with possible data loss after identifying the proper document version can be very time consuming.

Depending on the size of your business there are a number of Cloud backup solutions that are available to you, ones that I have used previously are:

backupify

Datto Backupify: https://www.backupify.com/ 

cloudally

Cloud Ally: https://www.cloudally.com/

I know that there are solutions from Veeam and NetAPP as below:

netapp

NetAPP Software as a Service Backup: https://www.netapp.com/us/products/cloud-storage/saas-backup.aspx

veeam

Veeam: https://go.veeam.com/backup-office-365

 

For security reasons DTD is prohibited in this XML document

sharepoint

I am working on a large data migration project at the moment working with SharePoint Online and just had to share this issue.. it kinda got me stumped for a while…

Using SharePoint Online Management Shell I got the following error:

pshellerror

Now the error sent me off looking at my O365 permissions, I am a global admin for the tenant. I am basically trying to configure user interpretation so I can move users OneDrive data out to another tenant, so I have also checked permissions for eDiscovery etc. But thinking about it all I am trying to do at this stage is connect to the SharePoint Admin site.. and it is giving me this error.. This is odd, I have done this loads of times before…

After about an hour of banging my head against a brick wall, I managed to resolve the problem. The solution was simple, I changed my DNS servers on my client machine to point to Google DNS (8.8.8.8 and 8.8.4.4) and that was it. – it turns out the error is actually my ISP trying to offer a “DNS Help” page which is omitting the error.

Here are my findings when trying to sort out this issue that may help to explain why it happened in the first place.

  1. http://asp.net-hacker.rocks/2016/01/15/XML-parsing-problem-because-of-your-ISP.html
  2. https://stackoverflow.com/questions/13854068/dtd-prohibited-in-xml-document-exception
  3. https://blogs.technet.microsoft.com/marios_mo_betta_blog/2016/06/05/o365-powershell-error-dtd-is-prohibited-in-this-xml-document/

The 3rd option did it for me as I use Virgin Media, so thought well if I use Googles DNS this may resolve my problem.. and it did.

 

 

 

 

Exchange Online Delegation Rights

exchange-online

Managing Exchange Calendars with PowerShell.

Some companies I deployed Exchange or Office 365 would like to be able to view readable information in everyone’s calendar by default you only get Free or Busy information. The following script changes the default calendar permissions for ALL Users folders to Reviewer – This gives you readable / not editable information.

foreach($user in Get-Mailbox  -RecipientTypeDetails UserMailbox) {
$cal = $user.alias+":\Calendar"
Set-MailboxFolderPermission -Identity $cal -User Default -AccessRights Reviewer
}

Senior management sometimes have PA’s that will need delegate access to their calendar, this this will include view calendar items that are marked as private.

To Set the delegate to view private items in the calendar

Add-MailboxFolderPermission –Identity <delegates mailbox>:\Calendar 
–User <delegated mailbox> -AccessRights Editor -SharingPermissionFlags 
Delegate,CanViewPrivateItems

To Set the delegate to not view private items in the calendar

Add-MailboxFolderPermission -Identity <delegates mailbox>:\Calendar 
-User <delegated mailbox> -AccessRights Editor -SharingPermissionFlags 
Delegate

To remove any individual calendar permission

Remove-MailboxFolderPermission -Identity "delegates mailbox:\Calendar" 
-user "delegated mailbox"