John Yassa's Blog

Home » 2015 » April

Monthly Archives: April 2015

Lync Online is becoming Skype for Business

Changes are coming to Lync Online in Office 365. Lync is joining the Skype family, so in the coming months, Lync will be changing to Skype for Business.

Release date – Skype for Business is generally available since April 14, 2015.

Benefits – After your organization is transitioned to Skype for Business, you and your users will benefit from:

  • Skype-inspired design With the same look and feel of the Skype client, your users will benefit from the same familiar user interface and ease of use with the new Skype for Business clients.
  • Global reach Voice and video connectivity to the entire Skype network.
  • Full Lync feature set Because Skype for Business builds on existing Lync features, no features or functionality will be lost.

What to expect – Everything Lync is becoming Skype for Business.

  • Lync 2013 clients are changing to Skype for Business clients.
  • Lync Web app is changing to Skype for Business web app.
  • Lync admin center is changing to Skype for Business admin center.
  • Lync Online is changing to Skype for Business Online.

How to get it – Just update your office 2013 pro plus to the latest version and you will find that Lync has been changed to Skype for Business online

The interface will be changed as below

1

 

What’s new in the client , Watch the below video 

 

Sources: Office 365 Technet

 

Understand and Control AutoDiscover methods for Outlook

Did you ever ask yourself how Outlook connects to your servers

Outlook uses AutoDiscover service to connect to Exchange online or you on premise Exchange

In some scenarios, you may want to control the methods that are used by Outlook to find the AutoDiscover service. This depends on the client/server topology, but these are the methods that are used by Outlook:

SCP lookup
HTTPS root domain query
HTTPS AutoDiscover domain query
HTTP redirect method
SRV record query

By default, Outlook uses one or more of these methods to reach the AutoDiscover service. For example, for a computer that is not joined to a domain, Outlook tries to connect to the predefined URLs (for example, https://autodiscover.contoso.com/autodiscover/autodiscover.xml) by using DNS. If that fails, Outlook tries the HTTP redirect method. If that does not work, Outlook tries to use the SRV record lookup method. If all lookup methods fail, Outlook cannot obtain “Outlook Anywhere” configuration and URL settings.

 

Lets understand the 5 methods that outlook uses:

SCP lookup
Outlook performs an Active Directory query for Service Connection Point (SCP) objects.

Root domain query 
Outlook uses the root domain of your primary SMTP address to try to locate the AutoDiscover service. Outlook tries to connect to the following URL based on your SMTP address: https://<smtp-address-domain>/autodiscover/autodiscover.xml

AutoDiscover domain Query
Outlook uses the AutoDiscover domain to try to locate the AutoDiscover service. Outlook tries to connect to the following URL based on your SMTP address: https://autodiscover.<smtp-address-domain>/autodiscover/autodiscover.xml
HTTP redirect
Outlook uses HTTP redirection if Outlook cannot reach the AutoDiscover service through either of the secure HTTPS URLS:
https://<smtp-address-domain>/autodiscover/autodiscover.xml
https://autodiscover.<smtp-address-domain>/autodiscover/autodiscover.xml

SRV record query
Outlook uses an SRV record lookup in DNS to try to locate the AutoDiscover service.

 

Now how can you control these methods

You can do this and enable/disable these methods for outlook through registry keys

Outlook 2010 :
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\AutoDiscover

Outlook 2013 :
HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\AutoDiscover

Outlook 2016:
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover

You can change the various options from the registry file as well. They are:

“ExcludeScpLookup”=dword:00000001
“ExcludeHttpsRootDomain”=dword:00000000
“ExcludeHttpsAutoDiscoverDomain”=dword:00000000
“ExcludeHttpRedirect”=dword:00000000
“ExcludeSrvRecord”=dword:00000000

Above the SCP lookup is disabled.

 

Source : Support Article , DISABLE AUTODISCOVER METHODS IN OUTLOOK 2013

 

 

 

Capabilities of Mobile Device Management (MDM) for Office 365

You can use MDM for Office 365 to secure and manage the following types of devices.

  • Windows Phone 8.1
  • iOS 6 or later versions
  • Android 4 or later versions
  • Windows 8.1
  • Windows 8.1 RT

* MDM don’t support any version of Blackberry device

Access Control for Office 365 mail and documents:

The supported apps for the different types of mobile devices in the following table will prompt users to enroll in MDM for Office 365 where there is a new mobile device management policy that applies to a user’s device and the user hasn’t previously enrolled the device. If a user’s device doesn’t comply with a policy, depending on how you set the policy up, a user might be blocked from accessing Office 365 resources in these apps, or they might have access but Office 365 will report a policy violation

Apps on devices Windows Phone 8.1 iOS 6+ Android 4+
Exchange ActiveSync
OneDrive for Business
Office Mobile ✔ On phones

The following diagram shows what happens when a user with a new device signs in to an app that supports access control with MDM for Office 365. The user is blocked from accessing Office 365 resources in the app until they enroll their device.

1

 

Policy Setting for Mobile Devices:

the following diagram shows what happens when a user with an enrolled device isn’t compliant with a security setting in a mobile device management policy that applies to their device. The user signs in to an app that supports access control with MDM for Office 365. They are blocked from accessing Office 365 resources in the app until their device complies with the security setting.

2

The following sections list the policy settings you can use to help secure and manage mobile devices that connect to your organization’s Office 365 resources

1- Security Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Require a password
Prevent simple password
Require an alphanumeric password
Minimum password length
Number of sign-in failures before device is wiped
Minutes of inactivity before device is locked
Password expiration (days)
Remember password history and prevent reuse

 

2- Encryption Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Require data encryption on devices Windows Phone 8.1 is already encrypted and cannot be unencrypted

 

 

3- Jail Broken settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Device cannot be jail broken or rooted

 

4- Manage email profile :

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Email profile is managed

 

5- Cloud Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Require encrypted backup
Block cloud backup
Block document synchronization
Block photo synchronization

 

6- System Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Block screen capture
Block sending diagnostic data from device

 

7- Application Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Block video conferences on device
Block access to application store
Require password when accessing application store

 

8- Device Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
Block connection with removable storage
Block Bluetooth connection

 

9- Additional Settings:

Setting name Windows Phone 8.1 iOS 6+ Android 4+
CameraEnabled
RegionRatings
MoviesRatings
TVShowsRating
AppsRatings
AllowVoiceDialing
AllowVoiceAssistant
AllowAssistantWhileLocked
AllowPassbookWhileLocked
MaxPasswordGracePeriod
PasswordQuality
SystemSecurityTLS
WLANEnabled

 

10- Settings supported by windows 8.1 and windows 8.1 RT:

The following settings are supported for Windows 8.1 devices that are enrolled as mobile devices. These setting won’t block users from accessing Office 365 resources.

Security settings

  • Require an alphanumeric password
  • Minimum password length
  • Number of sign-in failures before device is wiped
  • Minutes of inactivity before device is locked
  • Password expiration (days)
  • Remember password history and prevent reuse

System settings

Block sending diagnostic data from device

Additional settings

You can set the following additional policy settings by using PowerShell cmdlets:

  • AllowConvenienceLogon
  • UserAccountControlStatus
  • FirewallStatus
  • AutoUpdateStatus
  • AntiVirusStatus
  • AntiVirusSignatureStatus
  • SmartScreenEnabled
  • WorkFoldersSyncUrl

 

Source and copied from : Office 365 Technet

 

Mobile Device Management (MDM) for Office 365 is finally here

 

Last year Microsoft has announced the Mobile Device Management for Office 365 Office Blog

2 Days ago Microsoft has finally release the MDM for Office 365 , With MDM for Office 365, you can manage access to Office 365 data across a diverse range of phones and tablets, including iOS, Android and Windows Phone devices. And what makes today’s news even better: the built-in MDM features are included at no additional cost in all Office 365 commercial plans, including Business, Enterprise, EDU and Government plans.

You can use MDM for Office 365 to secure and manage the following types of devices.(will talk about the capabilities for each device in next article)

  • Windows Phone 8.1
  • iOS 6 or later versions
  • Android 4 or later versions
  • Windows 8.1
  • Windows 8.1 RT

This short video explains the key MDM features included in Office 365:

 

Office 365’s MDM capabilities work to keep your data safe in three ways:

1- Conditional Access : You can set up security policies on devices that connect to Office 365 to ensure that Office 365 corporate email and documents can be accessed only on phones and tablets that are managed by your company and are compliant

2- Device management : You can set and manage security policies such as device-level pin lock and jailbreak detection to help prevent unauthorized users from accessing corporate email and data on a device when it is lost or stolen

3- Selective wipe : You can easily remove Office 365 company data from an employee’s device while leaving their personal data in place.

Source : Office Blogs

%d bloggers like this: