About Groups for Office365

It takes to make new item on blog, I forgot totally to add new one or udpate it, but so as to elevate my ability and interesting stuff, I start again to make new item on this blog.

Anyway when I see around office 365 portal and if I make new distribution group using powershell, I can see introduction office 365 groups on top of powershell execution window, so I have a question what are these differences apparently about Groups.

If we see groups , there are four kinds of groups , for example, Office 365 groups, Distribution groups, Mail enabled security groups, Security groups. On this blog I’ll show you about explanations , differences, how to make it using powershell, it may takes times more than I expected.

If you have a experience of Active Directory , you can notice what is the Security group, this is sort of authorization for resources which we are uisng for example on the oneDrive and Sharpoint, etc., and Mail enabled security groups can be used to control access to OnDrive and Sharepoint as well as to send email to all members of the list. Distribution lists send email to all members of the list. You can even allow people outside to your organization send email to list. But if you make distribution group using powershell, it can use only in the tenant, it is not send from outside. Last thing is Office 365 groups , we may think this is related to groups, but if you make it then see in details, it looks like groups like facebook , this is a great way for teams to collaborate by giving them a group email and a shared workspace for conversations, files and calendar events.

PowerShell

  • Office 365 Groups : New Office 365 groups , use New-UnifiedGroup cmdlet
  • Distribution group : New Distribution group, use New-DistributionGroup cmdlet.
  • Security Group : New Security grooup, use New-MsoleGroup cmdlet, or New-Distribution cmdelet with Type properties with security (New-DistributionGroup -Name “File Server Managers” -Alias fsadmin -Type security)
  • Mail-enabled security groups : it looks no way using powershell, if looks like if we make new security group using new-distributiongroup cmdlet, we can change properties. if you see this link, you can know how it works.

If we make security group, there have two way, one is using New-DistributionGroup and another is new-MsolGroup, I want to know New-MsolGroup cmdlet, but if we go to link , it explained to create security group.

 

Office365 Security group owner change

Sometimes, it needs to change office 365 security group’s owner, normally we use set-distribution cmdlet, but when you try that, you can encounter error ,

when you want to change owner, you need to use parameter basically BypassSecurityGroupManagerCheck , and mangedby ‘s value needs to set samaccount instead of userprincipalanmesetower-securitygrp

if you want to know Set-Distribution cmdlet, you need to click below link.  https://technet.microsoft.com/ko-kr/library/bb124955(v=exchg.160).aspx

 

 

In-place Hold (eDiscovery)

I’ll explain In-place Hold feature on eDiscovery, this commented by Office 365 for IT Pros which I bought.

In-place Hold : This defines how Exchange Online will hold content located by the search criteria. If set, you can hold data indefinitely or for a defined number of days based on the date the item was received or created in the mailbox.

All eDiscovery searches automatically examine deleted items held in the Recoverable Items structure, including those retained to meet in-place or legal holds imposed by this search or other searches. If an item is found in Recoverable items, it can be retrieved when the search is subsequently used to copy items to the discovery mailbox.

When I see that explanation , I see eDiscovery is not a unique place to store all messages, etc , this feature is related user’s hidden Recoverable Items structure, and you must know if Recoverable Items structure exceeds 100gb , deleted items shouldn’t work , so as to use effectively user mailbox under office365 environment, it’s better idea to set online archive to all user mailboxes

Electronic Discovery(EDiscovery)

Sometimes defined as how records managers and litigators discover content stored in electonic format. It means the process by which searches are conducted across online sources so that information meeting the criteria for a legal discovery order can be found and made available for review

Both Exchange Online and SharePoint Online suppor in-place holds. It works by retaining content where is stored when a discovery search is performed. In-place hold is able to include all kinds of content stored in a mailbox or site. If items that come under the scope of an in-place hold are edited or deleted after hold is created, the application ensures the information is retained. For example, if a mailbox owner attempts to delete an item that is on hold, Exchange Online creates a copy of the items in a folder in the Recoverable items structure. The copied items are invisible to users and client but can still be discovered and retrieved by searches. [All coments are gotten by office 365 for IT pros book]

recv1

As I know the Recoverable items structure quota is 100G, if that structure is exceeeded to that quota, there are some odd symptoms such as deleted items folder cannot clean-up even if users are trying to deleted items from user’s folder, so as to use EDiscovery feature for storing and searching data , I think users need to use online archive instead of deleteing items on their folders.

 

Anyone who are reading this EDiscovery feature, you need to know that Recoverable items sturcture, if you see Office 365 for IT Pros mentioned when that structure’s quota is exceeded , it needs to contact to increase or not of that structure, but when I checked to ms engineer, that feature is not use.

 

 

Security and Compliance in office 365 for business (1st)

Today, I’ll study and write down about security and compliance center on office 365, it looks as if to manage stored data for secure as company getting content more than now.

I have a curiosity about what is it eDiscovery and mail retention , so as to understand to be administrator and get certification for it, it needs to know and understand deeply, currently eDiscovery is using to find and hold content rleated to a legal case.

If you want to know in details , please go to this site. https://support.office.com/en-us/article/Security-and-Compliance-in-Office-365-for-business-Admin-Help-7fe448f7-49bd-4d3e-919d-0a6d1cf675bb?ui=en-US&rs=en-US&ad=US

And I’ll introduce it as I read this article and practice on my test tenant to that feature.

Exam 70-346 : Managing Office 365 Identities and Requirements

Hi, I recently have taken exam about 70-346 (Managing Office 365 Identities and Requirements) then one MCP passed it , during taking exam I felt it’s so hard to answer questions, because office 365 product development is so fast to follow, so the exam which I took , it is also reflecting,

In case of me ,  “Plan and Implement Networking and Security in Office” is hard , suddenly I felt it’s good resource to take exam using “Office 365 for IT Pros”, I’m in progress to take another MCP as 70-347 (Enabling Office 365 Services), if I read all contents of this book, apprently it’s so helpful to take exam and understand office 365 more than now.

I’ve already purchased it, I’m reading Chapter4: Migrating to Office 365. I suggest you to read this book before taking exam for office 365 MCP to acquire MCSA for Office 365.

 

 

How to set or edit Email Distribution Group

Hi,

Today I want to take a tip to add owners for mail distribution groups using set-distributionGroup cmdlet.

Option)

-ManagedBy

If you make cmdelt using with that option, it will replace original distribution group owner

Example)  Set-DistributionGroup -Identity $distGroupName -ManagedBy $owner


 

but,  you just want to add owners to lists with no effective original items,  you can use it

 @{Add=”<owner1>”,”<owner2>”…;Remove=”<owner3>”,”<owner4>”…}

Examples)

Set-DistributionGroup -Identity $distGroupName -ManagedBy @{Add=$owner1  }

Then you can achieve it.