Smarter AI Workflows in Microsoft 365 Copilot has been announced on the roadmap: Tools, Source Control, and Agents

Tool Selection in Copilot Chat: Making AI Features More Discoverable One of the most helpful updates in my opinion, is the introduction of the new “Tools” button in Copilot Chat. Users will soon see this button directly in the chat prompt box, offering quick access to a curated set of Copilot features such as Researcher, Analyst, Pages, and image generation.  This will hopefully help users with an easier path to the different tools at their disposal. The feature is turned on by default, with no admin configuration required. This feature is associated with Roadmap ID 497298 , and is expected to roll out in the last weeks of August. Source Control in Copilot Chat: Scoped Responses for Greater Relevance Another user-friendly enhancement coming up, is the ability to scope Copilot Chat responses to specific content sources. This feature will allow users to define exactly which documents, folders, or repositories Copilot should reference when generating responses. It’s a subtle but power...

Autumn summary of news related to Exchange

Starting this post with two Exchange Online updates. 

Let me begin with a quick user tip: Finding the perfect time for a meeting with participants outside of the company can sometimes be a challenge. I have been using "Find Time" for a long time. But now that add-in is now being replaced by a native scheduling poll feature. Collaboration just got easier!

As many of you probably already know, Microsoft is starting their selective shut down of Basic Authentication on October the 1st (today) 2022. Working with customers I find that many of them have enabled MFA for their users, and these users will not be affected by the change. However, there are a lot of 3.rd party integrations out there, using EWS and other affected services. And these integrations will stop working once basic authentication is shut down.

I wanted to share two easy ways for an organization to figure out if they have such services running or not. 

The easy one requires licenses for conditional access, and use of  log analytics. Simply create a conditional access rule blocking all legacy authentication, and set it to report only. Within a day or two, you can go to the analytics part of conditional access and see how may "fails" there are. The report will identify any user-id being hit by the report only block.

The other method can be performed by filtering the sign-in logs in Azure AD. Head over to the Entra portal (entra.microsoft.com), open "monitoring and health" and select "sign-in logs". Add a filter called "client app", and use the filter to select on  all or any of the legacy protocols, "pro tip: I also add a filter for successful logins, failure attempts can also be password spraying"