Tous les articles par nutcracker

Office 365

GLOSSAIRE O365

http://tran.lien.free.fr/doc/glossaire o365.pdf

glossaire office 365

Exchange online

Boite a lettre partagee : gere par delegation, permet de conserver un historique des messages recus par exemple d’un service support IT , marketing…

Groupe de distribution dynamique : groupe de distribution base sur une requete et regles et attributs , appartenance selon les criteres defini sera calcule a chaque envoi a ce groupe

 

bal d equipe : bal de ressources ex vehicule, video projecteur

contact de courier : contact de entreprise, compte de messagerie en dehors de organisation , pas acces aux ressources

utilisateur de courrier : compte ds organisation pour acces aux ressources interne , pas de bal interne

rapport audite

regles de journal : gestion de la conformite

NDR notification non remis

regle transport : lorsque la règle ajoute un champ d’en-tête à l’en-tête du message, vous devez spécifier le nom et la valeur de l’en-tête

modern authentification :
Using Alternate ID in hybrid environments with Exchange and/or Skype for Business is supported but not recommended. Using the same set of credentials (e.g. the UPN) for on-premises and online provides the best user experience in a hybrid environment. Microsoft recommends customers change their UPNs if possible to avoid the need for Alternate ID. Using alternate ID with Lync or Skype for business requires Lync Server 2013 or later. Customers who use Alternate ID should consider enabling Modern Authentication for Exchange in Office 365 for an improved user experience. In addition, customers using Skype for Business with mobile clients must ensure that the SIP address is identical to the user’s mail address (and alternate ID).

Alternate ID : authentification autre que UPN ex SMTP

SHAREPOINT

Sharepoint user profils – disable one drive access

If some users are licensed to use OneDrive, but you don’t want them to create a OneDrive (perhaps for regulatory reasons), you can prevent them from doing so. Note that if a user already created a OneDrive, changing the following setting won’t delete it.

  1. Sign in to Office 365 as a global admin or SharePoint admin.

  2. Select the app launcher icon The app launcher icon in Office 365 in the upper-left and choose Admin to open the Office 365 admin center. (If you don’t see the Admin tile, you don’t have Office 365 administrator permissions in your organization.)

  3. In the left pane, choose Admin centers > SharePoint.
  4. Click user profiles in the left pane.
  5. Under People, click Manage User Permissions.

    The Manage User Permissions link on the user profiles page

  6. By default, everyone except external users are allowed to create a OneDrive. Remove that group and add specific groups to allow only a subset of licensed users to create a OneDrive.

    The permissions dialog box for controlling who can create a OneDrive

  7. Click OK.
SHAREPOINT

Block or limit access to specific SharePoint site collections or OneDrive accounts

https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices

To block or limit access to specific sites, you must set the organization-wide policy to « Allow full access from desktop apps, mobile apps, and the web. »

 

    • Sign in to Office 365 as a global admin or SharePoint admin.

    • Select the app launcher icon The app launcher icon in Office 365 in the upper-left and choose Admin to open the Office 365 admin center. (If you don’t see the Admin tile, you don’t have Office 365 administrator permissions in your organization.)

    • In the left pane, choose Admin centers > SharePoint.
    • In the SharePoint admin center, click access control.
    • Select Allow full access from desktop apps, mobile apps, and the web.
    • Click OK.The limited access setting on the access control page

Then follow these steps to manually create a policy in the Azure AD admin center and run PowerShell cmdlets.

    1. In the Azure AD admin center, select Conditional access, and then click Add.
    2. Under Users and groups, select whether you want the policy to apply to all users or only specific security groups.
    3. Under Cloud apps, select Office 365 SharePoint Online.
    4. Under Conditions, select both Mobile apps and desktop clients and Browser.
    5. Under Session, select Use app enforced restrictions. This tells Azure to use the settings you’ll specify in SharePoint.
    6. Enable the policy and save it.Creating a policy in the Azure AD admin center to use app-enforced restrictions
    7. Download the latest SharePoint Online Management Shell.
    8. Connect to SharePoint Online as a global admin or SharePoint admin in Office 365. To learn how, see Getting started with SharePoint Online Management Shell.
    9. To block access, run Set-SPOSite -Identity https://<SharePoint online URL>/sites/<name of site collection or OneDrive account> -ConditionalAccessPolicy BlockAccess.
    10. To limit access, run Set-SPOSite -Identity https://<SharePoint online URL>/sites/<name of site collection or OneDrive account> -ConditionalAccessPolicy AllowLimitedAccess.

Policy recommandations
https://docs.microsoft.com/en-us/microsoft-365/enterprise/sharepoint-file-access-policies

POWERSHELL Office365, SHAREPOINT

SharePoint Online Management Shell

Download sharepoint Online Management Shell

https://www.microsoft.com/en-us/download/details.aspx?id=35588

connection
$adminUPN= »<the full email address of a SharePoint administrator account, example: jdoe@contosotoycompany.onmicrosoft.com> »
$orgName= »<name of your Office 365 organization, example: contosotoycompany> »
$userCredential = Get-Credential -UserName $adminUPN -Message « Type the password. »
Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $userCredential

tester Get-SPOSite
Lister commande: Get-Command -Module « online »

cmdlet
https://docs.microsoft.com/en-us/powershell/module/sharepoint-online/index?view=sharepoint-ps

 

SHAREPOINT

Default link – sharing

To change the setting, navigate to the SharePoint Online admin center:

  1. Sign in to Office 365 as a global admin or SharePoint admin.
  2. Select the app launcher icon The app launcher icon in Office 365 in the upper-left and choose Admin to open the Office 365 admin center. (If you don’t see the Admin tile, you don’t have Office 365 administrator permissions in your organization.)
  3. In the left pane, choose Admin centers > SharePoint.
  1. In the left pane, choose sharing.
  2. Under Default link type choose the option you want to show by default when a user gets a link.

    Default link type dialog box

  3. Under Default link permission choose whether you want the default permission to be view or edit.

    Screenshot of default link permissions which are view and edit.

  1. In the left pane, choose site collections.
  2. Select the site collection that you want to change, and then click Sharing.
  3. Under Default link type, clear the Respect default organization setting check box, and then choose the option you want to show by default when a user gets a link.

    Screenshot of default link type settings for a site collection

  4. Under Default link permission, clear the Respect default organization setting check box, and then choose whether you want the default permission to be view or edit.

    Screenshot of default link permissions setting for a site collection

  5. Click Save.