English

In today’s rapidly evolving digital landscape, maintaining visibility and control over your organization’s M365 Power Platform environment is crucial. The Center of Excellence (CoE) for the Microsoft 365 Power Platform serves as a vital tool for organizations to monitor, manage, and optimize your Power Platform resources effectively. In this article, we will guide you through the process of setting up the current version of the CoE Core solution using Azure Key Vault for secure and efficient Audit Log access. ...

When working with files in SharePoint document libraries, there are many ways to filter files. Since I keep forgetting the syntax for the search queries, I have summarized the most important filter expressions here. Here are some useful filter expressions for Microsoft 365 Search: Upper and lower case letters are not taken into account (except the operators, these must be capitalized). Wildcard * is supported for searching for a part of a word. ...

In my use of Azure Key Vault with code and flows with Managed Identities, I moved to role-based access control (RBAC) to manage access to secrets and certificates. However, I encountered a problem when using the “Key Vault Reader” role as it denied me the required access to secret content. This experience highlighted the importance of understanding the specific roles within Azure Key Vault, and I want to share this insight to help others avoid similar pitfalls. ...

In today’s digital landscape, managing privileged access to applications is crucial for maintaining security and compliance. Microsoft Entra Privileged Identity Management (PIM) offers a robust solution to manage, control, and monitor access within your organization. In this guide, we’ll walk you through the process of configuring Microsoft Entra PIM for your application, Delegate365, ensuring that only authorized users can access it through a security group. Delegate365 is equipped with robust security features and offers seamless integration with Microsoft Entra Privileged Identity Management right out of the box. This integration ensures that administrators can only access Delegate365 using their standard work accounts when the PIM role is activated. Without activating the PIM role, access to Delegate365 is denied. ...

Sensitivity labels in Microsoft 365 are a crucial feature for organizations to protect and manage their data. These labels allow organizations to classify and safeguard sensitive information based on its level of confidentiality. By applying sensitivity labels, organizations can control access, encrypt data, apply policies, and track and monitor on sensitive information. Users can apply sensitivity labels to classify and protect their data. However, applications unfortunately cannot currently assign sensitivity labels. ...

Our Governance Toolkit 365 (GT365) provides information and automation solutions for a Microsoft 365 tenant. In order to use the functions, this app must be approved by an administrator. In addition, new solutions are constantly being added. Some of these also require new permissions. You can find out how you as an administrator can grant and renew these permissions here. GT365 requires an app “Governance Toolkit 365” that reads the data from the M365 tenant and collects it for further actions. An administrator must approve this app so that the functions can be used. There are the following functions that administrators can perform: ...

Microsoft Entra Privileged Identity Management (PIM) allows administrators to manage role assignments efficiently, ensuring that users have the necessary permissions only when needed. By following a few simple steps, administrators can make users eligible for specific roles, activate roles as required, and manage both built-in and custom roles. This process enhances security by minimizing the duration and scope of privileged access, making it a crucial tool for maintaining a secure and compliant environment. In this article, we explore how to read a user’s Microsoft Entra roles and history using PIM and the Microsoft Graph REST API. ...

In Delegate365, there exist two methods to configure Multi Factor Authentication (MFA) for users: the functions “Authentication methods (MFA)”, and “MFA (Legacy)”. See the difference here, and how to disable the “MFA (Legacy)” feature. Authentication Methods (MFA): This is Microsoft’s modern MFA setting method. Delegate365 allows you to remove authentication methods for a user, so the user will have to reconfigure their MFA if they are removed. MFA (Legacy): This method is deprecated, which is why we called it “Legacy.” It requires a service account without MFA to work, and will stop working after March 2025, see Important update: Deprecation of Azure AD PowerShell and MSOnline PowerShell modules. Therefore, this feature is only present for historical reasons. If it is not needed, we recommend disabling it as below. ...

As reported in most media, we would like to inform you about a global outage caused by a erroneous software update from cybersecurity company CrowdStrike today, on July 19th. This Endpoint security solution is used in many organizations, from hospitals to tech companies, education, airports and many other industries. Crowdstrike rolled out an update to its customers that caused Windows 10 computers to crash, see the CrowdStrike Statement on Falcon Content Update for Windows Hosts. The affected computers no longer start correctly, but instead produce a Windows BSOD (Blue Screen Of Death). Such computers are getting stuck at the “Recovery” screen. See how to resolve this if your Windows computer is affected by the CrowdStrike update. ...

A year ago, Microsoft announced the “Transition to List Flows as Admin V2 action from deprecated List Flows as Admin action” for Power Automate. Well, we were using the old API endpoint for working with flows in our own software until it stopped working recently. It took some time until we found workarounds or a successor. Also the PnP modules still are using the old API, and the endpoint address is currently not documented on any Microsoft website. Find it here! ...