news and know-how about microsoft, technology, cloud and more.

Delegate365 changelog version 5.2-Dynamic Groups and new configuration rules

Delegate365 version 5.2 is here. We skipped version 5.1 because of many new features (which would have been version 5.1) and the OpenID Connect authentication update (which we changed in version 5.2). So we combined both updates in version 5.2 to minimize the effort. If you are coming from D365 version 5.0 you have not missed anything. See the new features of version 5.2 described in here.

Important: For the update of your existing D365 tenant, it is necessary to run the Delegate365 Setup again. Please see Delegate365 now uses OpenID Connect - or how to run setup to update to version 5.2 for the step-by-step details.

  • New Authentication system, new Setup: The authentication system of D365 has changed to OpenID Connect based on the OAuth 2.0 specifications which is now the de facto industry standard. There is no direct user impact except that the D365 Admin needs to rerun the setup again. Get more infos here.
  • New Administrator Dashboard: Portal Admins can see the Delegate365 licenses in the administration / administrator dashboard. In this sample 20 Delegate365 licenses are used out of 50. Find more information about the licensing in D365 here. The licenses have been extended with the thy "Type" section per OU. So Portal Admins get a quick overview which OU uses how many licenses and what types of objects.
  • Is Portal Admin: As cosmetic change is that in administration / manage administrators in the admin's settings, the switch "Self Service Portal Admin" was renamed to "Is Portal Admin" which describes this role in a better way (see screenshot below in the next bullet point). Portal Admins can manage all features in D365 and see the "administration" menu. Scope Admins have this switch set to No, only the D365 Portal Admins have this set to Yes.
  • Another new switch is "Hide SSPR settings". This controls if the Self Service Password Reset section is shown in the user's settings in D365 or not. By default the Hide SSPR settings-switch is set to No, so that SSPR is visible for the admins.
  • Support for Dynamic Groups: This is really a cool and new feature to Office 365. Users can be put into a dynamic group by specific properties automatically. D365 now supports this scenario as well!
    The details ("Edit group") enable to set all properties of a dynamic group.
    In "General" the Name, Alias and Notes can be set and it can be controlled if this dynamic group will show up in the address list or not.
    In "ownership" the owner of the group can be defined or changed. There can be only one owner selected.
    In "membership" the rules can be defined for finding users for that group. "add rule" creates a new line, the "x" icon removes an existing rule. This is the "key section" in the dynamic groups, since this defines who are members of that group by the defined rules, for example here all users who have their property "department" set to "Corporate Affairs" are member of that dynamic group.
    "delivery management" defines how messages to the dynamic group are handled.
    In "message approval" group moderators can be defined or changed.
    The "email options" allow to set Alias addresses for the dynamic group.
    "mail tip" can be set in here.
    Finally, the "group delegation" can be set in this section.
    Remember to click "Save" in each section if you want to persist any changes.
  • Logfiles Export fix: An issue has been fixed with long logfile names. D365 now is using "long" logfile names to ensure that the files are not locked in multiple instances. When exporting multiple logfiles to Excel, the sheet names were to long (maximum is 31 characters). This has been fixed by using short sheet names.
  • Exporting assigned licenses: Now it's possible to export all users with their assigned Office 365 licenses inclusive the license name. There is a new column "Assigned Licenses" additionally to the column "Assigned Plans". This was available in former versions as well when exporting the list to a CSV or Excel file, but not visible in the shown list. This is helpful for further reporting or analysis filtered by license name.
    The Export is using the same filters as the list and shows all user data.
  • Unassign: In administration / unassign the CSV and Excel file export was extended.
    When exporting, now all available user properties are exported as shown here.
  • New configuration rules: In administration / configuration there are new sections for helping Portal Admins to restrict specific naming conventions for their scope admins. The new sections are "User Auto Formatting", "Security Group" and "OU name prefix for groups" and are described below.
  • User Auto Formatting: This new section enables Portal Admins to define how UPN and Display Name of new users must look like (if manually created in D365). As shown in the screenshot below, each rule can be switched on and off. If a switch is set to Yes, the user create form will use the rules defined here.

    For Display Name these options are available:
    Firstname Lastname - f.e. John Doe
    Lastname Firstname - f.e. Doe John
    Lastname, Firstname - f.e. Doe, John
    Firstname, Lastname - f.e. John, Doe

    There's a switch which enables Admins to overwrite the generated Display Name if desired: "Admins can change DisplayName (if yes, the DisplayName can be overwritten manually, otherwise the field is read only)."

    For User Principal Name (UPN) these formats are available:
  • firstname.lastname - john.doe@...
    lastname.firstname - doe.john@...
    firstname-lastname - john-doe@...
    lastname-firstname - doe-john@...
    firstnamelastname - johndoe@...
    lastnamefirstname - doejohn@...
    firstname.lastname (without space and hyphen) - John Max Doe-Miller = johnmax.doemiller@...
    lastname.firstname (without space and hyphen) - John Max Doe-Miller = doemiller.johnmax@...

    Tip: Spaces are generally replaced by a dash to ensure that the UPN is valid in Office 365, f.e. "John Max" will be changed to "John-Max" etc.
    The generated UPN can also be set to be overwritten by setting this switch to Yes: "Admins can change UPN (if yes, the UPN can be overwritten manually, otherwise the field is read only)."

    Clicking "Save" to set these naming conventions.
    If an Admin now creates a new user in D365 this looks like here (depending on the settings defined)Open-mouthed smile:
    Display Name and UPN are automatically generated by the input of the First name and Last name fields and can (or can't) be overwritten by the admin. This feature enables that user naming conventions are enforced uniformly in the Office 365 tenant. The settings are valid immediately for the whole D365 tenant.

  • New Security Group rules: In administration / configuration Portal Admins now can define additional settings when creating new security groups in D365. There are two switches for "Check for duplicate security groups". If the first switch is set to Yes, D365 checks if a new security group name is already existing in the Office 365 tenant to avoid that the same name is used twice.
    The second switch changes to scope of the check: "Check within OU" or "Check within tenant" (this is the default setting).
    "Check within tenant": f.e. a security group "New York" cannot be created if another security group "New York" is already existing in the Office 365 tenant.
    "Check within OU": means that no duplicate security groups may be created within the same OU, so f.e. in OU "East US" a security group "New York" could be existing and a new group "New York" could be created in any other OU like "US".
    This feature enables Portal Admins to prevent that admins create duplicate security groups if they are already existing.
  • OU name prefix for groups: These settings control if the OU name shall be used automatically as prefix for groups. This works for all kind of groups: security group, distribution group, dynamic group, shared mailbox and resources as well. Simply set the switch to Yes.
    So if we now create a new security group "SharePoint" in OU "New York"...
    ...the result is a new security group "New York_SharePoint".
    Info: The group name can be renamed afterwards to enable Admins to be flexible with the naming conventions. Group renaming is also a new feature of D365 version 5.2.
  • Some smaller fixes in distribution groups and in exports.

We think the update to version 5.2 is worth running the Delegate365 setup once again. Some of the new features were requested by our customers, so we hope you find them helpful for your daily business with D365!

We kindly ask all customers who have not updated to version 5.2 yet to make a remote appointment with atwork to plan the update. You can see the current D365 version in the footer line in the D365 portal. All new D365 customers and all trials are automatically receiving the newest version of Delegate365.

Pingbacks and trackbacks (1)+