Delegate365

We are thrilled to announce the launch of the latest version of our Software-as-a-Service solution, Delegate365 (delegate365.com). This brand-new iteration is designed to provide a faster, more modern, and highly efficient delegated management experience. Available now for testing, Delegate365 is here to transform how you manage and delegate your Microsoft 365 environment. For the past decade, we have consistently updated Delegate365 to ensure it remains at the forefront of IT management solutions. Our commitment to security has been unwavering, with regular updates to protect against emerging threats and vulnerabilities and to enhance the platform’s security and functionality. We have continually introduced new features to meet the evolving needs of our users. From integrating advanced functionalities to improving user experience, our updates have always aimed to make Delegate365 more powerful and user-friendly. This dedication to innovation and security has made Delegate365 a trusted solution for IT management over the years. ...

In today’s digital landscape, managing privileged access to applications is crucial for maintaining security and compliance. Microsoft Entra Privileged Identity Management (PIM) offers a robust solution to manage, control, and monitor access within your organization. In this guide, we’ll walk you through the process of configuring Microsoft Entra PIM for your application, Delegate365, ensuring that only authorized users can access it through a security group. Delegate365 is equipped with robust security features and offers seamless integration with Microsoft Entra Privileged Identity Management right out of the box. This integration ensures that administrators can only access Delegate365 using their standard work accounts when the PIM role is activated. Without activating the PIM role, access to Delegate365 is denied. ...

In Delegate365, there exist two methods to configure Multi Factor Authentication (MFA) for users: the functions “Authentication methods (MFA)”, and “MFA (Legacy)”. See the difference here, and how to disable the “MFA (Legacy)” feature. Authentication Methods (MFA): This is Microsoft’s modern MFA setting method. Delegate365 allows you to remove authentication methods for a user, so the user will have to reconfigure their MFA if they are removed. MFA (Legacy): This method is deprecated, which is why we called it “Legacy.” It requires a service account without MFA to work, and will stop working after March 2025, see Important update: Deprecation of Azure AD PowerShell and MSOnline PowerShell modules. Therefore, this feature is only present for historical reasons. If it is not needed, we recommend disabling it as below. ...

In December and January some features and fixes have been added to Delegate v9.7. In this update, administrators can allow or block sharing settings of SharePoint sites to comply with company policies. Global Sharing settings: In the SharePoint Admin Center, Global Administrators can control the sharing settings for their Microsoft 365 tenant (see more at Manage sharing settings for SharePoint and OneDrive in Microsoft 365). These settings apply to the entire organization in SharePoint and OneDrive. The screenshot below shows a typical setting for organizations that allow external and anonymous sharing to certain SharePoint sites, but want to restrict sharing from the OneDrive personal space. ...

2023 was the year when we finally overcame the pandemic that affected many aspects of our lives. We resumed our normal activities while also applying the lessons we learned from a challenging situation, where we had to limit our travel, social interactions, and work remotely. From a business perspective, the year was very rewarding for us. Our company, atwork, received the Innovation award 2023 from Microsoft Austria for our AI4Good project, which uses AI to assist with sign language communication in various scenarios. ...

The current version of Delegate365 v9.7 comes with some improvements. See the details here. SMTP Authentication in Users / Mailbox settings: A new switch SMTP Authentication has been added to the Mailbox settings of a User. This allows, see Enable or disable authenticated client SMTP submission (SMTP AUTH) in Exchange Online. Usually, Microsoft recommends to disable SMTP AUTH in your Exchange Online organization and to enable it only for the accounts (mailboxes) that still require it. If security defaults is enabled in your organization, SMTP AUTH is already disabled in Exchange Online. However, admins can modify this setting in the Mailbox features section. The SMTP Authentication dropdown allows to set the setting to* On, Off, *and Organization settings. which means that the settings for the user are inherited from the organization´s transportation rules settings. This setting corresponds to the setting in the Microsoft 365 Admin Center, under Users / Active Users / Select a user / Manage Email Apps / Authenticated SMTP switch or with PowerShell. In PowerShell, this setting is set with Set-TransportConfig and Set-CASMailbox with an attribute named SmtpClientAuthenticationDisabled, where the organization settings are equal to $null, On means $false, and Off means $true. This is simplified in Delegate365 to be more understandable. ...

The latest version of Delegate365 v9.6 brings some improvements, fixes, and additional reports with the new Premium feature. See it here. Updating License Name Mappings during Sync: The background sync now checks the hash of a Microsoft service file that contains all M365-friendly license names (SKUs) and plan names. If there is a change in a Microsoft license name, the Delegate635 sync updates it´s database to always show the latest product and plan names in the licenses. With this feature, all Microsoft product names are automatically updated, regardless of what licenses the customer tenant has. If the naming is not consistent, this is unfortunately due to the quality of the data provided by Microsoft. ...

Delegate365 uses two Azure AD applications. They are created through the setup process. Application one is only used for the login process. The second application is used to perform the operations. To change application properties such as branding, terms or settings for multi-tenant apps, you can do this in your own Azure AD. Admins with application management roles such as global admins can change their tenant’s application settings in their Azure portal at Azure AD Active Directory/Registered Apps menu. Search for “Delegate 365”, as shown in the following screenshot. ...

Delegate365 v9.5 brings some improvements for importing users from a list into groups, adding owners to groups, showing user authentication methods and some other benefits. See it here. User authentication methods: In the *Users *module, the panel has been extended and now shows all stored Authentication methods of the user. Select a user, and open the Authentication methods menu on the right. The Authentication methods panel opens and shows a list of all methods. Admins can remove outdated authentication methods here with the x-Icon. The question dialog “Do you really want to delete Password Authentication?” must be confirmed to delete a method. In this sample, we see some outdated authentication methods (without name, from 2017) that could be removed by the admin. *Cancel *closes the panel. Note: Users can modify or add their authentication methods anytime at https://aka.ms/mfasetup. ...

Delegate365 v9.4 brings support for managing dynamic security groups and some small fixes. See the details here. Dynamic Security Groups: In the Groups / Security Groups module, the list shows all security groups that are assigned to the administrator´s OU´s. In the list, there´s a new column Membership Type that shows if the security group is of type Assigned or Dynamic. Assigned means static users, Dynamic means a rule that includes all users whose properties match the condition (as in the M365 admin portal). The Membership Type cannot be changed for existing security groups. It must be defined when a new security group is created. If a security group is of type Dynamic, the menu on the right shows the option Dynamic membership rules. ...