Managing Microsoft Teams [Exam MS-700] Full Course

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
collaboration platforms like slack zoom and microsoft teams have become so popular in the last couple of years because of the wide adoption of these collaboration platforms there are new jobs created in this industry to support and manage these collaboration platforms the responsibility of a microsoft teams administrator is to plan configure deploy these team services on an enterprise scale teams administrators are the knowledge expert in a particular company who knows everything about microsoft teams they have to be really well worth with chat channels apps video audio conferencing live events configuring microsoft teams with microsoft teams certified devices integrating microsoft teams with workloads like sharepoint onedrive exchange online power platform or other microsoft or third-party services on top of it microsoft teams administrators need to collaborate with network engineers and system engineers to effectively deploy and continuously manage their teams environment in that particular organization if you are a newbie to microsoft teams don't worry about it this course i will teach you from the basics and then we will learn about how we can configure and manage microsoft teams on an enterprise scale i hope you enjoyed this course and i wish you all the very best for your continued career success so without wasting any more time let's get into it i have prepared this course with a mix of content demonstrations hands-on labs and reference links this course includes six modules the first module is all about teams overview you will get an overview of microsoft teams including teams architecture and related office 365 workloads in the second module we will learn about implementing governance security and compliance for microsoft teams in the third module you will learn how to plan and upgrade from skype for business to microsoft teams by evaluating upgrade path with coexistence and upgrade modes in the fourth module you will learn how to create and manage teams manage memberships and access for both internal and external users in the fifth module this is where you will learn how to manage chat and collaboration experience such as team settings or private channel creation policies and finally on the sixth module you will learn how to manage live events meeting experience manage phone number and phone systems for microsoft teams and finally how to troubleshoot audio video and client issues in this lesson we're going to talk about overview of microsoft teams microsoft teams is a cloud-based communications platform that combines different services for collaboration such as chat meetings calling and files teams is tightly integrated into office 365 and combines multiple workloads into a unified communication and collaboration system in addition themes offers integration capabilities for additional tools and third-party products as well microsoft teams is the hub of teamwork in microsoft 365 that brings people together in a shared workspace where they can chat meet collaborate on files and automate workflows microsoft teams is also built on security and compliance tools of microsoft 365 which enables you to join modern collaboration and communication together with today's complex legal and regulatory needs for your businesses teams meet the communication needs of diverse workforce by providing a complete meeting and calling solution including chat voice and video let's look at how teams help you collaborate the deep integration of teams with office 365 enables today's workforce to use the office apps they're familiar with the apps such as word excel powerpoint onenote sharepoint planner and even power bi right within the context of teams teams bring all of the office 365 services together so that you can easily share and call all their files let's find out how teams help you customize these services teams enable users to integrate their different everyday work apps into a single place for a unified work experience users no longer need to jump between office 365 apps clients and services because teams integrated them all both native and third-party apps and connectors and finally how is teams helping you work with confidence microsoft teams comes with an enterprise great security compliance and manageability that is already well known from existing office 365 services by using teams administrators can comply with modern business requirement and closely control how internal and external users work together so what are teams a team is a collection of people content and tools surrounding different projects and outcomes within an organization a team can either be private which consists of only of invited users or public which are open to anyone within the organization to achieve its goal of efficiency through a flat hierarchy themes only provides two user roles which consist of owners and members so what are channels teams are made up of channels channels enable users to organize a team into dedicated subsections for their purpose for keeping the communications and conversation organized channels are where you hold meetings have conversation and work on files together there are two types of channels can be maintained within a team the first one is called standard channels standard channels are visible to all team members therefore they are available for conversation that anyone on a team can participate in private channels are similar to standard channels but they restrict access to conversations files and apps to a limited subset of team members this enables private collaboration within a project and department please note that private channels currently supports only connectors and tabs but without stream planner or forms tabs and they do not support messaging extensions and bots this picture shows the structure of channels in teams of an organization let's look at what is chat themes provide an instant messaging feature that enables team members to send messages in real time for live collaboration chat is possible between single user and with multiple participants of a team or even with external users in addition a simple chat can be instantly be extended with a desktop sharing and voice communication as well when users join a chat they can send messages that include files links emojis stickers and gifs there are many formatting options for chat messages including options for highlighting font size list and more guests can also participate in conversation but with limited access there are private chat and channel chat in summary microsoft teams provides all the benefits of office 365 services and tools in one single application in this lesson we're going to talk about microsoft teams integration with microsoft 365 services so out of the box microsoft teams brings together the most common task that employees need under a single roof such as chats meetings calls and productivity suite of microsoft 365. by combining these together into a sole product employees can avoid having to constantly switch between various contexts instead they can spend their time within a single team or channel that effortlessly bring together all the relevant information in context there are multiple ways to leverage microsoft 365 apps and services in microsoft teams the most common scenario is to add a new tab to a team's channel users can also add the content to a chat from microsoft 365 services as well so let's look at our first example of integrating outlook with microsoft teams the integration between outlook and teams make it easy to collaborate no matter where the conversation is taking place the first option is share to outlook users can share chats or channel conversation to outlook without leaving the teams by selecting on the share to outlook second option is share to teams users can move an email conversation from outlook including attachments into a teams chat or channel conversation by selecting on share to themes in outlook and the third option is actionable missed activity emails users can set the notification for missed activity emails to stay on top of missed conversations in teams the missed activity emails show the latest replies from the conversation and allows users to respond directly from within outlook let's understand how microsoft teams integration work well with sharepoint in microsoft teams users can add publish sharepoint pages or list as tabs in teams channel sharepoint pages let users share ideas using images video links and documents sharepoint lists are a great way to collaborate on content and data team members can view pages edit lists and add comments to the teams tab add the sharepoint tab in teams to quickly paste in a page new post or list from a published sharepoint site let's understand how microsoft teams integration work with yammer users are able to add a yama page to a channel in themes or install then pin the yammer app this allow team members to follow and share conversation in yammer without having to leave teams the team members can participate in the yama conversation right from the teams or discuss a yama conversation in teams before posting a reply to the wider yama group when a team's member goes to a yammer tab they can authenticate it again by yammer so that they only see yammer content that they have access to let's go and explore how microsoft teams integration with forms users can access microsoft forms directly from microsoft teams then they will be able to easily set up forms tabs create a new form to collect responses and add an existing form to collect responses or show survey results then you can use that to collaborate with your team on a form create notification for your form or conduct a quick poll just for your team as well so what about teams integration with planner and task microsoft planner is a task management tool that small teams of individuals can use to manage their work and associated tasks visually and openly with the rest of the team having planner as a tab in microsoft teams enabled the team to work more collaboratively and closer together without any added effort task in teams is a cohesive task management experience that consolidate personal tasks from to-do and team task from planner into a single comprehensive view in teams for users of to-do and planner it is a great way to access tasks while communicating within a team without having to switch apps so how about streams now stream integrated with microsoft teams absolutely yes microsoft stream is an enterprise video service where people in your organization can upload view and share videos securely users can collaborate using video by adding a microsoft stream channel or video as a tab in microsoft teams so let's look at some of the examples on how users can interact with the apps in teams the first one is chat with a bot bots provide answers updates and assistance in a channel users can chat with them one-on-one or in a channel they can help with task management scheduling and more then you would be able to share content on a tab these tabs help users to share content and functionality from their services in a channel they can connect microsoft services like excel or sharepoint and other services like youtube or zendesk or to custom websites as well then you would be able to get updates from a connector so these connectors send update and information directly to a channel to get dynamic update from services such as trello jira twitter rss feed github and more and these apps find content from different services and send it straight to a message users can share things like weather reports daily news images and videos with anyone they are talking to messages sometimes include buttons for interacting with the app for example a daily weather report could include an option to download the forecast for the entire week so now that we have understood how microsoft teams integrate with outlook yammer sharepoint etc in the next lesson we're going to learn how microsoft teams integration work with power platform microsoft teams is the hub for teamwork the microsoft power platform can augment this hub microsoft teams groups all the information that users need for a particular context within various tabs in a channel however not all tasks can come fully formed out of the box there will always be business or operational process that are unique to an organization that require tailored solution this is where the power platform can come in to fill those gaps organization can streamline business processes with power platform with tools like powerapps and power automate powerapps is a high productivity application development platform from microsoft the platform can be used to customize everything from a simple sharepoint forms to immersive end-to-end solutions combined with microsoft teams powerapps can be used to build modern workplace through custom tabs and apps in an app bar all with little to no code so what about power automator our automate enables employees to complete routine tasks with less efforts and spend more time on more creative and innovative tasks the integration of power automate and teams streamlines the process to make the work in teams even more efficient users can use pre-built template to easily automate common business processes some of the examples to leverage power automate in microsoft teams are to create and manage workflow automations directly from teams you can quickly trigger schedule flows using flow bot in teams and you can trigger for specific actions when someone new joins a team as well you can streamline approvals by aggregating and automating all teams approval process in teams let's understand how to leverage power bi within microsoft teams rbi enables users to connect and transform data into accessible visualization seamlessly measuring and tracking results is essential for teams to achieve their objectives users can visualize insights with power bi in teams and discuss data effortlessly to enable data driven decisions some of the common examples on how to leverage power bi in microsoft teams are you can create power bi tab in microsoft teams to make data driven decisions quickly and confidently and you would be able to create a power bi interactive cards in teams by pasting the link to a particular power bi report this experience will help users quickly find and take actions on their data now that we have understood how microsoft teams integrated with the power platform in this lesson we're going to talk about microsoft teams architecture multiple office 365 services have been combined together to provide this unified communication and collaboration hub experience of microsoft teams before diving deep into architecture we need to understand the basics the basics is microsoft 365 groups formerly known as office 365 groups microsoft 365 group is the cross platform membership service in office 365. microsoft 365 groups are related to traditional active directory groups but while ad group serve permission management and message distribution purpose microsoft resistive groups are built for collaboration of teams and not suited for granular permission management microsoft 365 groups support two types of members owners and members owners can manage the group settings and membership while members can participate with the group resources and subscribe to updates some of the resources which are included in microsoft 365 groups are a shared outlook inbox a shared calendar a sharepoint document library a power bi workspace a team a planner yammer roadmap etc teams provide features to enhance the existing collaboration services and features of microsoft 365 group with additional communication services such as persistent chat based workspace and voice you can create a new team which also creates a microsoft 365 group or you can enable a microsoft 365 group with microsoft teams as well and teams add several new features to microsoft 365 group such as chat capabilities for one on one and one too many instant messaging standard channels for open communication and collaboration between all team members private channels for secure communication and collaboration for subgroup of team members a dedicated sharepoint document library for any standard and private channel a tab integration to a unified client experience integration of apps native third-party and line of business application into a unified client and activity feeds for easy access to your notification etc let's look at the dependencies of microsoft teams teams utilizes the services of microsoft office 365 to provide collaboration and communication capabilities that were already well known before teams existed when you create a team on the back end you are creating a microsoft 365 group and the associated sharepoint document library and onenote notebook as well for example themes uses exchange online to send and receive distributed emails it stores data processed by the chat services that is built into your skype for business voice services such as conferencing and meetings so this diagram shows the existing dependencies from teams to the traditional office 365 services these complex dependencies result in different types of data produced by different workloads because not all types of data are efficiently stored in a single storage location teams uses the most effective storage location depending on your user data that is produced by each service the following diagram provides an overview of types of data produced by using themes and where they are stored if you look at files files are stored either in themes files on sharepoint and chat files on onedrive for business if you look at contacts it's on exchange meeting information on individual mailbox in an exchange database voicemail on your mailbox in exchange as well let's understand the governance security and compliance for teams themes not only enables users to consume different office 365 services and stores user data at the most efficient location it also provides a strict approach to ensure governance security and compliance with regards to your consumption and processing of business data this is done by applying the complex security compliance features in dedicated base on all the data that teams produce this protect against leakage and loss of business data by supporting compliant business processes when discovering sensitive business data now that we have understood the high level teams architecture we started with microsoft 365 groups and we we learned about how it is integrated with microsoft 365 groups in the next lesson we're going to talk about microsoft teams integration with sharepoint online and onedrive for business one of the core features of microsoft teams is the collaboration service it provides through sharepoint online and onedrive for business when a new team is created a new sharepoint site is provisioned including subsides for your public channel created in the teams if a team is added to an existing microsoft 365 group the public channels are added to an existing sharepoint set as well files shared in public channel are automatically added to the document library and permissions and file security options set in sharepoint online are automatically reflected within teams as well so let's go and understand bit more details about sharepoint site structure how the site permissions work and how you can measure the team's utilization for sharepoint and understand the difference between public and private channels any tenant has two unique name spaces when a new microsoft 365 group or team is created a new sharepoint site is provisioned so you can go under your teams and you can click on this ellipsis and click on open the sharepoint to view the sharepoint site so when a new channel is created a folder in shared documents is automatically provisioned so the following diagram shows another example of how teams and public channels rely on sharepoint site collections and document libraries when it comes to sharepoint site permissions like regular sharepoint sites the team sharepoint resources contain the three default permission groups members owners and visitors in contrast to pure sharepoint site collection these permission groups on team site cannot be edited or changed when assigning a team owner or members through one of the clients or through the team's admin center the users are also added into a respective permission group to view the permission of who got what access to a teams this is where you can find out who is the owner and who is the member of a particular group let's understand teams utilization of sharepoint so teams is not only supports the manual upload of files to its document library it also supports storing the following resources in the sharepoint online and onedrive for business so the file shared in the private chats is stored in the senders onedrive for business any sort of pictures and the files sent as a conversation it will be in the channel's document library any sort of emails into the channel is going to be in the sub folder called email messages so now we have understood the public channels let's understand the details about the private channels so when a team member create a new private channel instead of creating a new site in the theme site collection a whole new site collection is created and the creator of the channel is added as a site collection owner so this following diagram shows how every private channel data is stored in an independent sharepoint online site collection please note that the sharepoint online site collections of private channels of teams are not visible in sharepoint online admin center but can be seen via a sharepoint online professional module let's understand the site permission for private channels if a member leaves or is removed from a team that user will also be removed from all private channels in the team changes to the team like this that also affect the private channels that are synchronized within four hours automatically please note that all private channels need an owner a private channel owner can't be removed through the team's client if they are the last owner of one or more private channels if a private channel owner leaves your organization or if they are removed from your microsoft resist effect group a member of the private channel is automatically promoted to the private channel owner now that we have understood the sharepoint site structure and permissions for public and private channels in this lesson we're going to understand how microsoft teams is integrated with exchange one of the core services of microsoft teams is exchange online when you create a team a corresponding microsoft 365 group which was formerly known as office 365 group is automatically created behind the scenes this group mailbox provides messaging capabilities and a mail-based storage location for data processed and created in teams for each additional microsoft 365 group that is created and associated with a team a corresponding group mailbox is automatically created in exchange online as well every microsoft 365 group that is associated with the team has a corresponding group mailbox in exchange online that provides resources to use messaging and a calendar for planning meetings data created in teams is stored in different exchange locations when email is sent to the address of microsoft 365 group it is stored in the microsoft 365 group mailbox and a copy is distributed to the user's mailbox for all subscribers chat messages and users chat history are stored in their user mailboxes messages posted into channel conversation are stored in a hidden folder in the microsoft 365 group mailbox meeting information when planning meetings for a team the meetings are stored as meeting element in microsoft 365 group mailbox when a user changes his or her profile picture in themes the picture is also stored in the user's mailbox call history and voicemail messages are delivered to the associated user's mailbox and finally the configuration data for connectors is stored in the microsoft 365 group mailbox an example would be the connected data required to subscribe to rss feeds so these exchange locations support the security and compliance tools provided by office 365 such as retention policies e-discovery legal holds legal holds and data loss prevention teams can be deployed in an exchange hybrid model as well where either some or all mailboxes are hosted on an on-premises server or servers in a hybrid deployment exchange must be deployed so that it's ready to use the supported teams feature for storing and discovering data from on-premises exchange locations so how teams work in hybrid deployment in detail is covered on later lessons now that we have understood how teams work with exchange online and how teams work with exchange in a hybrid exchange deployment in this lesson we're going to go through overview of microsoft telephony solutions the telephony features of microsoft teams have been developed to achieve feature parity to skype for business online the first step in the feature development process was completed in august 2018 since then microsoft teams has updated to provide a full featured communication service for voice communication into and from a wired telephony network so the voice communication service that is implemented with microsoft teams incorporates the following communication components the endpoints of the pbx phone system the calling plan or direct routing trunk and the pst in our public switch telephone network as well let's go and see on a high level what all these components are pstn or the public switched telephone network is the complete global telephone network operated by national regional and local telephone companies pstn provides the infrastructure and services for public telecommunications including all telephone lines fiber optic cables microwave transmission links mobile networks communication satellites and underwater telephone cables all of which are interconnected with switching centers so what is private branch exchange or pbx a private branch exchange is a telephone exchange or switching system that serves a private organization it enables sharing of central office trunks between internally installed telephones and it provides intercommunication between these internal telephones within the organization without the use of external lines the central office lines provide connection to the pstn and the pbx permits the shared use of these lines between all stations in the organization so let's understand what is phone system in office 365 so phone system is the microsoft technology for enabling call control and pbx capabilities in microsoft office 365 which is specifically for microsoft teams or skype for business online the phone system works with teams or skype for business online clients and certified devices with phone systems users can use kai for business online and microsoft teams to place and receive calls transfer calls and mute or unmute calls phone systems allow you to replace your existing pbx systems with a set of features directly delivered from office 365. to connect phone system to your public switch telephone network or pstn you can choose microsoft calling plan or your own telephony carrier let's understand what is session initiation protocol or sip trunks a sip trunk enables an endpoint pbx phone system to send and receive calls through the internet sip trunking is a service offered by communication service provider that uses the session initiation protocol to provision streaming media services and voice or ip voip connectivity between your on-premises phone system and the pstn sip trunks enable internet telephony service providers to deliver telephone services and unified communication to customers equipped with sip based ippbx and unified communication facilities so what is direct routing direct routing is a capability of phone system in office 365 to help customers connect their sip trunks to microsoft teams in the simplest deployment model customers starts with sip trunks from their telecommunication provider next customers will use and configure a supported session broader controller spc from one of microsoft certified partners finally they will connect the sbc to microsoft teams and phone system so what are the operational modes for teams voice communication microsoft teams provide different features and functionalities for broadcasting conferencing and communication to pstn throughout its licensing options and deployment variants for example a call to other skype for business and microsoft team users are free however if you want your users to be able to call regular phones but you don't have the service provider for voice call then you will need to buy a calling plan so let's explore some of the general deployment options available for voice communication with teams the first one is phone systems with calling plan licensed users can call out to numbers located in the country or region where the office 365 license is assigned to the user based on their user's location and to the international number in 196 countries or regions phone systems with their own carrier through skype for business server or cloud connector edition this connect your own supported spc to microsoft phone system through skype for business server in hybrid deployment or skype for business cloud connected edition deployment on premises enterprise voice in skype business server with own carrier this connect your own supported spc to the enterprise voice system in skype for business on premises server this is the most complex option to deploy and maintain so let's explore the interoperation with sky for business if your organization uses sky for business and you are starting to use teams alongside your skype for business or you you're starting to upgrade to teams it's important to understand how the two application coexist let's look at few of the options teams only option this is the final stage of being upgraded it also the default for new tenants you can use teams for calling and chat you can use teams for meeting scheduling and you can use teams for channels as well so what is island mode so in an island mode for calling and chat you either use teams or skype for business for meeting and scheduling you can either use skype for business or teams for teams channel you can only use teams this allows a single user to evaluate both clients side by side chat and calls can land in either client so users must always run both clients in island mode all messages and calls from people outside your organization are delivered to skype for business after upgrading to teams only mode all messages from calls from outside your organization are delivered to teams so what is skype for business with teams collab and meetings mode in this mode calling and chat goes to skype for business meeting scheduling goes to teams teams channel is available under teams so the use case scenario is it's also known as meeting first primarily for on-premises organization that are not yet ready to move to calling to the cloud but they want to benefit the team's meeting functionality so the skype for business with teams collab mode calling and chat goes to skype for business meeting scheduling happen under skype for business the use case scenario is this is an alternate starting point for complex organization that need tighter administrative control and the final option is skype for business only in this mode calling and chat happens under skype for business made scheduling happen under skype for business and there is no teams channel available this is a specialized scenario for organization with strict requirement around data control themes is only used to join meeting schedule by others now that we have understood the overview of microsoft telephony solutions in this lesson we're going to talk about overview of microsoft teams admin roles microsoft 365 provides a variety of pre-configured administrative role groups so that selected users can receive elevated access to administrative tasks within the office 365 services the role groups are assigned through different portals such as microsoft 365 admin center the security and compliance center the azure portal and powershell several administrative roles have full control to all the team services and settings such as the global administrator and the team's admin other roles only provide access to certain power of microsoft teams for performing recurring tasks such as troubleshooting call quality problems and managing telephony settings the specialized teams admin roles are teams admin teams communication administrator teams communications support engineer and teams communications support specialist please note that if the team consists of different workload from office 365 the team specific administrator role does not grant permission to other services such as exchange online or sharepoint online so let's look into the task that each role can perform as well as the tools the administrators can use in the microsoft teams admin center and in powershell so the team's admin formerly known as team service administrator can manage the team service and manage and create microsoft 365 group so everything microsoft teams admin center and associated powershell controls including manage meetings manage voice manage messaging and all org-wide settings can be managed by this user wherein teams communication administrator can manage calling and meeting features within the team service teams communication support engineer can troubleshoot communication issues within the teams by using advanced tools this user will be able to view user profile page and troubleshoot user call quality problems using advanced troubleshooting tool sets and finally the team's communication support specialist can troubleshoot communication issues within teams by using basic tools so that means access user profile page for troubleshooting call in-call analysis can only view user information for a specific user been searched for please note that the team service administrator role in the azure portal is the same role as teams admin in the microsoft 365 admin center so if you assign the role to a member in the azure portal you can also see that it is in the microsoft 365 admin center as well and vice versa now that we have understood the various types of teams admin roles in this lesson we're going to learn about overview of azure active directory for teams azure active directory is the cloud-based identity and access management service for your office 365 as such it's a vital part of microsoft teams because teams leverages identities stored in azure ad for collaboration and communication the license required for using azure id identities and for accessing teams are included in a large number of different licensing bundles such as small business plans like office 365 business enterprise plans like office 365 enterprise e1 education plans like office 365 education and developer plans like office 365 developer as well so let's look at azure ad access review because azure ad enables you to collaborate internally within your organization and with users from external organizations such as partners it is essential that organizations regularly review users access to ensure that only the right people have access to the cloud resources this can be accomplished through an azure ad feature called azure access reviews access reviews enables organizations to effectively manage group membership access to enterprise applications and role assignments users access can be reviewed on a regular basis to make sure only the right people have continued access and that no orphan permissions provide users with unintended access to cloud resources so let's explore some of the common scenarios in the azure ad access review too many users in privileged roles it's a good idea to check how many users have administrative access how many of them are global administrators and if there are any invited guests or partners that are not being removed after being assigned to do an administrative task what if the automation is infeasible you can create rules and reviews for dynamic membership on security groups or microsoft 365 groups formerly known as office 365 groups this ensures that those users who still need access continue to have access if you have a group that is going to be synced to azure ad or if you plan to enable an application for everyone in a specific group it would be useful to ask the group owner to review the group membership prior to the group being used in a different risk content for a certain resource it might be required to ask people outside of it to regularly sign out and give a justification on why they need access for auditing purposes so why do you maintain a policy exception list in an ideal world all users would follow the access policies to secure access to your organization's resources however sometimes there are business cases that require you to make exceptions employees access might be automated without some on-prem identity access management tool but not invited guests if a group gives guest access to business sensitive content then it's the group owner's responsibility to confirm that the guests still have a legitimate business need for access have reviews record periodically you can set up recurring access reviews of users at a set frequencies such as weekly monthly quarterly or annually and the reviewers will be notified at start of each review reviewers can approve or deny access with a friendly interface and with the help of smart recommendations as well please note using the azure ad access reviews feature require an azure ad premium p2 license let's look at conditional access conditional access is the set of rules for access control based on various specifications such as client service registration procedure location compliance status and so on this is used to decide whether the user's access to the company data is possible by using conditional access policies you can apply the right access control when needed to keep your organization secure and to stay out of your users way when not needed let's look at microsoft teams group naming policy organization use a group naming policy to enforce a consistent naming strategy for groups created by users in your organization you can use the policy to block specific word from being used in group names and aliases the naming policy is applied to groups that are created across all group workloads like outlook microsoft teams sharepoint planner yammer and so on the group naming policy consists of two features prefix suffix naming policy and custom block words in prefix suffix naming policy you can use prefixes or suffix to define the naming convention of group the prefixes suffixes can either be fixed string like department or user attributes that will get substituted based on users who is creating the group in custom block words you can upload a set of blocked words specific to your organization that will be blocked in the group name that are created by users for example salary statement human resources etc and finally let's look at guest taxes guest taxes allows teams in your organization to collaborate with people outside of your organization by granting them access to existing teams and channels on one or more of your tenants anyone with a business or consumer email account such as outlook gmail or others can participate as a guest in teams with full access to your team's chats meetings and files guest access is an org wide settings in new teams and is turned off by default guest access is subject to azure id and office 365 service limits don't worry i have a demonstration prepared later which i will take you through the demonstration on how to set that or wide settings there is so much more to azure id but in the context of microsoft themes i'm limiting azure ad here but you can definitely check out other videos on ms 900 and az 900 where i have explained azure ad in bit more details with demonstrations as well so now that we have learned about overview of azure ready in this lesson we're going to talk about overview of microsoft 365 group a microsoft 365 group formerly known as office 365 groups let you choose a set of people with which you wish to collaborate and easily set up a collection of resources for those people to share manually assigning permission to the resources is a thing of the past because adding members to the group automatically grants the needed permission to all assets provided by the group when creating a microsoft 365 group you must decide if you want it to be a private group or a public group let's understand what is a public group any user in your organization can join public groups without the need of an administrator or owner to add or approve them therefore content in a public group can be seen by anybody in your organization as soon as they join the group where in private groups content in a private group can only be seen by the members of the group people who want to join private group must be approved by a group owner private groups are separated into discoverable and non-discoverable private groups so let's explore what is discoverable and non-discoverable private groups private group our types of group can be seen by all users of a tenant and users can file a request to join this group where in non-discoverable private group these groups are only visible for users that are already members of the group so there are different types of microsoft 365 group let's explore one by one first one is microsoft 365 groups so microsoft 365 groups are used for collaboration between users both inside and outside your company these are used when a collaborative workspace for a group of users is required such as a department or users working on a common project distribution group is used for sending notification to a group of people distribution groups are used when sending email communication to a defined group of users such as people in a building a or everyone at a particular company etc security groups are used when granular permissions are required on sharepoint resources for example shared file repositories a different team site etc and finally mail enable security groups so mail enabled security groups works same as security groups but includes email distribution to members mail-enabled security groups are used to give granular permission to sharepoint resources and message distribution to members is required please note that mail-enabled security group membership cannot be dynamic and cannot contain devices now that we have understand what is microsoft groups and what are the different types of microsoft 365 groups available in this lesson we're going to talk about overview of security and compliance in microsoft teams microsoft 365 provides comprehensive security and compliance tools and services to help organizations to comply with multitude of legal and regulatory requirements let's look at data loss prevention or dlp first data loss prevention policy is used to identify monitor and automatically protect sensitive information across office 365 including financial data custom search patterns simple keywords and pii such as credit card numbers social security numbers and health care records recently data loss prevention capabilities are extended to include microsoft teams chat and channel messages if an organization already has configured dlp policies they can now add teams channels and chat sessions as location to existing policies or new policies this enables the organization to prevent people from sharing sensitive information with participants who did not have permission to view the information please note that in contrast to dlp policies for other workloads dlp for microsoft teams is an advanced feature that requires you to have an e5 license let's look at retention policies for most organizations the volume and complexity of data increases daily from email to documents to instant messages and more efficiently managing or governing this information is important a retention policy can help organization either retail data for compliance for a specific period or remove data if it is considered a liability after a specific period retention policies are available in security and compliance center and they work across different workload and data types such as exchange email sharepoint document libraries onedrive files etc teams compensations are persistent and rated by default with the introduction of retention policies administrators can now configure retention policies to both preservation and deletion and security center for theme chat and channel messages so let's look at e-discovery rotating content from accidental or intended deletion is only effective when there are ways to retrieve them without violating legal and regulatory restrictions e-discovery feature is for placing a hold on counted locations relevant to a legal case and using content search tool to search the location on hold for content that might be responsive to your case you can use e-discovery in office 365 to search for content in exchange online mailboxes microsoft 365 group microsoft teams sharepoint online and onedrive for business site all teams one-on-one or groups chats are journal through to the respective users mailbox all channel messages are journaled through to the group of mailbox representing to the tab information barriers in themes are used to prevent individuals or group from communicating with each other they also prevent lookups and discovery this means that if restricted users attempt to communicate with each other they will not find that other user in the people picker microsoft exchanging load information barrier known as ethical wall that can be applied to the email communication through mail flow rules in contrast to these ethical walls in exchange information barriers also apply to chat voice and sharing services across different office 365 workloads users or teams can put on legal hold to preserve all business data and communication when a user or a group is placed on hold all message copies are rated please note that placing a user on hold does not automatically place a group on hold or vice versa due to the complex workload architecture of teams it can be difficult to understand what to put on hold when data must be preserved for legal case or investigation this following table identifies some of the examples that may help with this situation supervision policies in office 365 allow you to create employee communications for examination by designated reviewers these policies can also help you overcome many compliance challenges such as monitoring increasing types of communication channels increasing volume of message data regulatory enforcement and the risk of fines alert policies built on and expand the functionality of activity alerts by adding a categorization feature to alert policies alert events are collected in a view alert page in security and compliance center this page provides an improved summary of suspicious activity in tenets where an alert can be viewed and filtered and where alert can be acknowledged or dismissed as well and finally rights management services rmbus is the prediction technology used by azure information protection this cloud-based protection service uses encryption identity and authorization policies help secure your files and emails and it works across multiple devices including phones tablets and pcs because information protection remains with the data even when it leaves your organization boundaries information can be protected both with it and outside of your organization in the next lesson we are going to learn about managing microsoft teams the first part is how to roll out teams when deploying microsoft teams you should create a rollout path that describes the high level steps required to deploy teams as a collaboration and communication hub for your company rollout paths typically provide a macro view of steps required for deployment rather than a detailed micro view microsoft recommends paths for rolling out teams including these following steps so this is the starting point for any teams deployment beginning with familiarization with stakeholders with their new collaboration and communication client second step is chat teams channels and apps this will help drive user adoption for teams you should look for a quick win in the deployment process third process is meeting and conferencing although voice communication and confidencing is used by basically every employee in a company most legacy solutions cannot be integrated into tips therefore implementing meeting and conferencing in teams deployment is typically performed in the later process of rollout finally voice the last step in a rollout is a full voice integration of pstn calling into teams so before you begin your rollout you should ensure that all prerequisites are met such as environmental and network readiness only then you should start your deployment you should perform the following step to roll out your initial set of teams and channels so the early adopters can begin chatting sharing files and collaborating step one is to create your first team's channel then onboard early adopters uh you could monitor usage and feedback and finally get resources to plan an organization-wide rollout in the recommended path you should plan and roll out different team features to additional pilot users you start by rolling out chat teams channels and apps because they are the most simplest workload of course depending on organizational needs it is possible to deploy them at all at once this is where planning is so important to addressing your organizational requirements what about migrating from existing skype for business to teams when rolling out teams in an organization that already uses skype for business you must consider initially implementing both systems simultaneously in a coexistent state and then eventually migrate from skype for business to teams please note that skype for business online will be retired on july 31st 2021 after which it will no longer be accessible or supported let's understand what is microsoft fast track with the fast track program microsoft provides guidance for planning deployment and adoption including reward access to microsoft engineering expertise best practices tools and resources for successful deployment of microsoft teams and other microsoft 365 services in organizations fast track for microsoft 365 help organizations and their partners accelerate deployment and gain end user adoption at no additional cost when planning rollout path you should also consider using fast track offers in your deployments in the next lesson we are going to explore teams adoption plan the following is a recommended list of high-level steps that organizations should pursue to implement teams and drive positive user adoption these steps which can be altered depending on the size of your organization and will help you ensure a sustained level of communication with stakeholders it administrators and users to land a successful deployment for microsoft teams so the first rule of a successful adoption is to create a dynamic team comprised of key stakeholders and the right people who can drive and affect change in others the team should consist of committed individuals representing a cross section of your organization these key stakeholder roles include an executive sponsor service honors i.t professionals and champions let's look at who are executive sponsors these individuals are key leaders within your organization and their participation is essential for driving employee adoption they have the greatest influence on the company culture and can actively communicate the value and benefits of new technology and business processes service owners are individuals responsible for ensuring people use the service and get value from it defining service orders within your organization is important to ensure the business goals set for office 365 are realized gaining buy-in from every user across your organization is challenging professionals and champions can help elevate this challenge and play an important role in the adoption of office 365. they are knowledgeable committed to furthering their expertise and willing to provide peer coaching and assistance they help translate office 365 into the reality of their department or team it is very important to understand the types of users throughout your organization do you have users who are primarily mobile are they in constant meetings or giving presentations do you know which of your users have the most difficulty with your existing collaboration solution this following table identifies some of the typical user profiles office users who work pay lead office who need to create meetings and calls sales reps who are the one who works externally who uses chats a lot and management or c-level people who works on sensitive data therefore you need an increased security requirements it is essential that organizations initiate a champions program the purpose of such a program is to recruit early microsoft teams enthusiasts and provide them with both resources and reason to train their fellow users and evangelize the benefits of teams within the group and organization they could influence in this lesson we're going to learn about teams licensing microsoft teams is available in different licensing model from a team's free license over the team's commercial cloud trail offer up to subscriptions that include teams and additional calling and voice and add-on licenses at the user level access to microsoft tips can be enabled or disabled on a per-user basis by assigning or removing microsoft teams product license there are two main differentiation when choosing the desired license the core functionalities are available in all office 365 education business enterprise and developer subscription plans advanced features require an e5 plan and additional add-on on licenses some of the common services which include e3 are dlp teams taping policy teams classification teams creation etc he would require e5 licenses for information barrier for teams audio conferencing phone system etc so for audio conferencing organization we need to buy and assign an audio conferencing license to each user who will set up dial in meetings for calling plans each user will lead a phone system plus a domestic or domestic and international calling plan this table lists the add-on licenses available for teams there are add-ons for audio conferencing toll-free numbers four system calling clients teams rooms and communication credits it is important to know the licensing of other microsoft 365 services as well please note that if users aren't assigned to sharepoint online and exchange online licenses correctly some teams features will not work for additional telephony features teams administrators should recognize from these examples starting on jan 1st 2020 teams users will be able to send urgent messages with priority notification according to their terms of their subscription when this new feature is available some licensed team users will only be able to set up to 5 priority messages per month while users with higher subscription like e3 or e5 will be able to send unlimited priority messages virtual users such as auto attendants with an assigned phone number do not require licenses to obtain the calling feature these can be either a phone system or paid phone system user license to resource accounts beside licensing for organization there are two special licensing models called teams free and teams commercial cloud offer let's explore those two in detail the team's free offer is in fact free of charge and it did for small businesses and consumers with a microsoft account this offer has the smallest feature set available and does not contain scheduled meetings conferencing custom email domain or pstn or admin tools microsoft teams commercial cloud trail offer is a fully functional but time limited trial offer each commercial cloud trial offered license include a set of 12 different standalone licenses such as exchange foundation and sharepoint online kiosk with 2gb of storage in sharepoint online now that we have understood the team's licensing model the next lesson we are going to explore planning for teams governance microsoft teams provide a rich set of tools to implement governance capabilities for organization when planning for governments you should consider the following areas group and team creation maybe classification and guest access how do you manage teams feature management and how are you going to manage group and teams exploration retention and archiving etc to quickly implement governance in themes organizations should focus on these areas who can create the group within your organization what sort of a navy conversion you want to set as a template for your organization what meeting capabilities you would like to provide for your users do you want to include any sort of external third-party apps to be approved or do you want to enable guest access or external user access within your team's collaboration platform and how are you going to manage and maintain your data security within your teams organization often times implement strict controls on how teams are named and classified whether guests can be added as team member and who can create teams etc you can configure each of these area by using azure active directory this is the following table which includes some of the questions you should consider when planning for group and tenant creation policies thus your organization require a specific navy conversion do team creators need the ability to assign organization specific classification to teams does your organization require limiting who can create teams or do you need to restrict the ability to add guest teams on per team's basis as well please note that limiting groups and team creation can slow your users productivity because many office 365 services require that groups to be created for services to function so after you have determined your requirements you can implement that by using azure ad controls then organizations might have additional requirements for setting policies for exploration retention and archiving teams and teams data group exploration policies can be configured to automatically manage the life cycle of a group and retention policies to preserve or delete information as needed themes can also be archived to preserve a point in time view of teams that no longer actively require you to use so some of the things you need to consider are listed down in this table some of the questions you need to ask are do you require specifying an expiration date for teams do you require specific date retention policies to be applied to teams does organizations expect to require the ability to archive inactive teams to preserve the content in their read only state another important aspect of governing and life cycle management for teams is the ability to control what features users will have access to messaging meeting and calling features can be managed either at office 365 theory level or per user level as well so some of the things you need to consider are do you require limiting teams features to your users tell it do you require limited teams features for a specific user as well once you have identified your team's governance topic you should consider the following steps to develop a governance roadmap for your team's rollout project things like document your organizational requirement plan to implement your specific requirement and communicating and publishing your policies to inform your team's users and behavior they can expect planning for life cycle management is essential for organization to get the most out of microsoft teams like most projects creation and management of teams passes through beginning middle and end stages however teams has such a variety of users that it may not always be obvious which stage a project is in having a plan for life cycle management will help track an organization's project as they go through these stages in teams individual users have its own life cycle within the following sequence initiate active and sunset the key decision points to consider the beginning stages include what's the team's purpose who belongs on the team will the team be private or public who will have permission to create channels what initial channel will be added to the teams etc the decision points that should be considered in the stage of middle stage include who will monitor usage to identify problems what metrics will be used to determine team's health identifying any teams that have reached the end of their useful life and important decisions point related to the end stage include defining what the end of teams life look like documenting best practices in lessons learned archiving data if necessary etc you can configure and manage the team's life cycle through the team's admin center the office 365 admin center and azure admin center as well if you wish to automate specific management tasks throughout the team's life cycle you can do so by using powershell and graph api automation tools as well so this is the diagram which shows you about all the type of automation you can enable during different life cycle within themes now that we have learned about how to govern tips and what are the life cycle stages of teams in the next lesson we're going to explore teams management tools managing the various aspects of microsoft teams can be performed using variety of tools basic tasks such as creating and editing team settings and adding or removing members and adding or removing and configuring app all can be performed by users within the team's client app administrators tasks can be performed using teams admin center and team's partial module or graph api so what is teams admin center the microsoft teams administrator is available from your microsoft 365 admin center or navigating to admin.teams.microsoft.com the microsoft teams admin center provides a dashboard that shows teams usage and user activity in your organization the team's admin center enables administrators to manage and create teams to create teams policies manage for devices telephony numbers location and emergency addresses and meeting settings and policies such as live event settings and policies messaging policies teams app settings etc the portal also provides link to legacy portal for call quality dashboard and troubleshooting to access the team admin center users must be assigned to one of the following administrative role the user has to be either global administrator teams admin teams communication admin or skype for business admin you can use teams powershell modules to manage teams as well to use windows powershell to run teams related commands you must first install the theme's powershell module by running the following compat which is install module name microsoft teams after installing the module it is loaded into all new commercial sessions and the commandlets are available for configuring policies and settings such as creating and managing teams before you can work with the team's powershell module you must establish a connection to the tenant by running the following commandlets which is connect dash microsoft teams please note that the team's powershell module is still under development and transitioning from skype for business partial module to the team's phone so what is team's graph api microsoft teams also provides management capabilities through microsoft graph where teams is represented by a group resource the graph api can be used for various tasks regarding managing team settings members and resources the primary use of graph api is its automation because graph api calls can be embedded into tabs pages and easily called from other resources now that we have explored various types of teams management tools in this lesson we're going to talk about teams clients microsoft teams has clients available for desktop which is windows mac and linux web and mobile which is android and ios it's integrated with communications and bidding rooms devices for frictionless experience no matter which device user work from all clients require an active internet connection and do not support an offline mode let's explore the desktop clients the microsoft teams desktop client provides a fully featured experience including real-time communication support for teams meetings group colleagues and private one-on-one calls as well advantages of teams desktop client include auto start which ensures that you will always stay signed in and won't miss any border notification these desktop clients can be installed either individually by users or rolled out by it administrator in a batch deployment the microsoft is desktop client for windows is available on 32-bit and 64-bit architecture and this can be installed on windows 8.1 or later and windows server 2012 or later additionally themes required.net framework 4.5 or later mac users can install themes by using pkg installation file for mac computers any mac operating system version which is above 10.10 or later administrative access is required to install backline the mac operating system client is installed to the application folder microsoft tips is now available for linux users as a public preview themes on linux enables high quality collaboration experience for the open source community you can download the native linux package in dot deb and dot rpm formats what about web client the web client is a fully functional client that can be used from a variety of browsers the browser must be configured to accept third party cookies there is no plugin or download required to run themes in a web browser this web client performs a browser verification and if an unsupported browser version is detected it will block access to the web interface some of the browsing capabilities for themes include like if you are using internet explorer 11 calling and audio video sharing is not supported if you if you use edge it supports all functionalities if you use google chrome everything is fully supported firefox the calling and audio and video calling is not supported and safari also calling and audio and video sharing is not supported so the fully supported browsers are edge and chrome let's explore the mobile clients microsoft teams mobile app are available for android and ios platform they are targeted to the on-go users who participate in chat based composition and they enable peer-to-peer audio calls mobile app can be downloaded directly from their respective vendor mobile stores such as google play store and apple app store android support is limited to the last four major versions of android when a new major version of android is released the new version and the previous three versions are officially supported ios support is limited to the two major recent major versions of ios when a new major version of ios was released the new version of ios and the previous version are officially supported in this lesson we're going to learn about how to plan for governance in microsoft 365 group microsoft 365 groups which was formerly known as office 365 group is a cross application membership service in office 365. it's an object in azure active directory so organizations can add or remove people from the group just as any other group based service object in active directory with microsoft 365 group organizations can give a group of people access to collection of collaboration resources including shared outlook inbox shared calendar sharepoint document library etc a microsoft 365 group can be created directly from your microsoft 365 admin center or indirectly from other associated workload such as planner or a team and office 365 has a rich set of tools to manage and govern microsoft 365 group at scale some of the capabilities of microsoft 365 groups are group naming policy group classification group guest taxes group creation hidden membership and expiration policies there are many ways to create microsoft 365 group i will take you through a double walkthrough of the next video to exactly show you how to create a microsoft 365 group so when you create a microsoft 365 group there are few other things which is created along with that there is going to be an associated sharepoint document library you will get a onenote notebook and connection to other office 365 cloud applications as well administrators in your office 365 credit can also create and manage microsoft 365 group in their specific admin center now that we have learned on a high level on what is microsoft 365 group in this lesson we are going to go through a demonstration on how to create and manage microsoft 365 groups for teams there are a few tasks we are going to go through in this demonstration the first is how to create a microsoft 365 group in the admin portal then how to update a distribution list and strategies for microsoft 365 group creation and how do you manage a microsoft 365 group so to create a microsoft 365 group we have to go to microsoft 365 admin center you can go to the portal called admin.microsoft365.com and on the left hand side you can find users groups roles resources etc so click on groups and you would be able to find all the available groups within your subscription you can click on type to find out what types of groups it's available like security group microsoft 365 group distribution list etc so to create a new group click on add a group and select the type as microsoft 365 this allows teams to collaborate by giving them a group email and shared workspace for conversation files and calendars give a name to your group i'm gonna call this group as ms 700 microsoft 365 group click next you would have to assign an order ideally two orders so i'm gonna assign one order i assigned rick as the owner of the group you have options like do you want to make this a public group where anyone can see the group and content or you can create as a private as well additionally you have an option to add a microsoft teams to your group as well so i'm going to select yes if you want to have an email address for your group you can create that as well so i'm going to give a date and i'm going to make it a public group click next you can review the details like group type group name and description who is the owner of the group does it have an email address what's the privacy setting is it public or private and do you need a teams site created for this as well and hit on create a group so now that we have created our group i can click on close or i can go and create another group as well so let's close it and go refresh now that we have created the group let's go and add a member to the group so before that i'm going to change the mode to dark so let's go and search for the group we just created [Music] select the group click on members as you can see that there is no member as of now view all and manage member so this is where you would be able to search for a member so i'm going to add a new member to the group so i'm going to search for body [Music] and save and close now you can see that there is an order and there is a member to the group as well so this is how you can create a microsoft 365 group and assign an owner and a member for the group the next task is to upgrade a distribution list to a microsoft 365 group to upgrade a distribution list we have to go to exchange admin center so we can go to microsoft 365 admin center under the admin center you can click on exchange this takes you to the exchange admin center you need to be a global administrator to perform this activity under the exchange admin center you can go under recipients and go click on groups so let me yeah under recipients you need to click on groups under groups you will see a notice indicating that you have distribution list and also called distribution groups that are eligible to be upgraded to microsoft 365 group so you can select one or more distribution list from this group page below and after you select a group you can click on start upgrade so the process begins immediately depending on the size and the number of deals this process can take several minutes or up to some hours as well if the distribution list can't be upgraded a dialog box appears with a notification if you are upgrading multiple distribution lists use the drop down list to filter which distribution list you want to be upgraded the third task is strategies for microsoft 365 group creation so organizations may have specific requirements about who can create microsoft 365 group some of the provisioning models are open it led and controlled most of it can be controlled via powershell so i'm not going to demonstrate that we're going to move on to the fourth task which is called manage a microsoft 365 group to manage a microsoft 365 group you go back to your admin.microsoft.com under the admin center just find groups and under the groups you would be able to find all the groups available the biology group select a group you would like to manage and this is where you can see information like basic information like what's the group name description you can modify over here if you go on the email this is where you can add a new alias for your existing group under members tab where you can find who's the owner of the group who is the member of the group etc this is where you can add or remove new orders and new members under settings is where you can define the settings permissions for these groups like would you like to allow external sender access to the email would you like to get a copy of this group conversation would you like to hide it from the organizational group address etc and finally you can enable private or public with this control pane the last option is if you do happen to have a group you can create a microsoft teams within that group as well so that's how you create and manage a microsoft 365 group so i hope the information provided in this demo was useful in the next video we're going to talk about microsoft 365 groups classification so when creating microsoft 365 groups you might want to add information about the group's purpose for example you might want to inform the users what type of documents are stored within the group this types of group functionality is called group classification you can configure group classification so that when users in your company create a group they can choose a classification express you can configure group classification so that when users in your company create the group they can choose a classification as well for example when a user create a group the user can choose from classification from standard internal and confidential group classification does not exist by default so administrators will need to create this group classification so that users can use when they create a group so how do you enable and configure microsoft 365 group classification before users can use classification on microsoft 365 groups and administrator need to define classification by using azure active directory powershell command lens you need to install the latest version of azure id preview commandlet and then next you need to associate a description to each classification by using settings attribute and classification descriptions it might take up to an hour until the classification settings are available for all users and once the microsoft 365 groups classification has enabled you can configure the classification to a group from outlook or themes client you can see all the image below so this is where you can go and modify and select the right classification in this lesson we're going to go through a demonstration on how to configure microsoft 365 groups exploration policy typically people in the organizations work on different projects and collaborate with different departments it is common that users are added to many microsoft 365 groups sometimes the projects are finished but the microsoft 365 group still exists regarding this the administrators and users need a way to clean up the unused groups the most optimal solution for this is to set an expiration policy which helps to remove inactive groups from the system the expiration is turned off by default the administrators have to enable the feature in the terence and specify the expiration period for the group when approaching group expiration an email notification will be sent to the group orders if renewal is needed for additional period if the group is not renewed the group will be deleted automatically if the administrator changes the expiration policy the office 365 expiration period will be recalculated for the groups it is very important to know that when a group expires all the groups associated content will be deleted including outlook planner and sharepoint however there is an option to recover content up to 30 days from the expiration period so let's go and see how to configure microsoft 365 group expiration policy to configure microsoft 365 group expiration policy you will have to log into azure ad admin center as a global administrator so i'm going to go under my azure active directory click on groups on the left hand side under settings for groups you can find there is something called expiration so click on expiration and by default this is turned off so this is where you can select the lifetime in days so i'm going to put 180 days so you have by default 180 and 365 days or you can have a custom data as well so i'm going to select 180 then there is email contact for groups with no orders so this is where you can specify an email address where the renewal and expiration notification should be said when a group has no order if the group does not have an order the expiration email will go to the specified administrator so i'm going to provide my tenant administrator email address here and finally enable expiration for these microsoft 365 groups you have options like all selected and done so select the microsoft 365 groups which you would like to configure this expiration policy for so let's suppose you would like to enable this option to this group you can select that and select so the policy will be set for this particular group we selected to finish the settings you can click on save and that finishes the setting let's understand who can configure and use the microsoft 365 groups expiration policy group expiration is a feature that is included in an azure ad premium subscription this license is required for the administrator who needs to configure the settings and the members of the affected groups they will need to have azure ad premium licenses assigned to them there are typically two types of roles within an organization which has different privileges when it comes to expiration policies office 365 global admin and user administrator now that we have learned about how to create an expiration policy in this demonstration we are going to go through how to configure microsoft 365 groups debit policy so organization can use a group naming policy to enforce consistent naming strategy for groups created by users a navy policy can help users identify the function of the group membership geographic region or the person who created the group the debit policy is applied to groups that are created across all office 365 apps such as outlook teams sharepoint planner yammer and it applies for the group name and group aliases as well so the group naming policy consists of the following feature prefix suffix debit policy and custom blocked words you can use prefixes or suffixes to define the navy convention of groups for example if you configure grp as prefix this will create the marketing group as grp marketing custom block words you can also specify a variety of words that will be blocked in groups created by users such as gm billing payment hr etc so let's go and see how to configure microsoft 365 groups maybe policy from an azure admin center so i logged into my azure portal using my global administrator select the azure active directory and right under the manage select groups under settings for the group there is baby policy select that so under block words this is where you would be able to upload a list of words you wish to block or prevent from microsoft 365 group so first step is you can download the csv of block words as of now this is empty this is where you would be able to add all the block words like hr [Music] and you can add up to 5000 word and you can you can't go and basically select the file and upload the file or you can save it the next option is group debug policy so this microsoft 365 group naming policy is the one which is going to allow you to add a specific prefix or suffix to the group name and aliases for the microsoft 365 group day so you can add a prefix by going and selecting your prefix by selecting an attribute or a string i'm going to select as an attribute i'm going to select as department or a string called hr [Music] and as a suffix again an attribute this type i'm going to select a good country or region this trick is using it and you can save that so this is how you can create a prefix and suffix and a block word for your microsoft 365 group the total prefixes and suffixes string length is restricted to maximum of 53 characters and prefixes and suffixes can contain special characters in the group name as well if you are using yammer office 365 connected groups avoid using following characters in your gaming policy like add the rate hash brackets if these characters are there in your arabic policy regular yama users will not be able to create these groups now that we have learned about teams david policy and block words in this demo walkthrough we're going to see how to access teams reports in order to access teams usage report you need to have one of the following roles assigned office 365 global admin eep service admin keeps communication admin or skype for business admin you can access this report by going into microsoft teams admin center and some of the reports you can access from the team's admin center are usage activity device usage themes usage live event usage pstn usage and psja block usage etc i'm now in my team's admin center you can access teams admin center by going into admin.teams.microsoft.com on the left hand side when you scroll down you will be able to find analytics and reports so click on usage reports this is where you would be able to see different types of report so let's go and explore few of the different types of reports available the first one is teams usage report this gives you details like active users active users in themes and channel active channel messages privacy settings for teams guested in a team etc let's explore deep's user activity report so i'm gonna click on one this is gonna give me a report on teams activity so i'm gonna change the date to last seven days as you can see that there is not so much information i'm going to go back to 90 days to see some report within the within the status so this report gives you one-on-one chat a user participated in messages a user posted in h tips chat and message is a user posted in a private chat as well and you would be able to get details like last activity date of a user as well let's explore thieves device usage report as you can see i don't have many usage report from other devices like mac ios android chrome operating system windows phone or relay linux i only use one device to access teams which is windows so this gives details like is it a windows user mac user ios user android 4 user etc let's explore what teams live even usage is all about so you can select days click on run report i have not run any teams live even so i really highlight unlikely to see any report but this is where you would be able to see total views start time even status organizer presenter producer recording settings production type etc all sort of live event usage report will be visible over here then there are other couple of important reports like pstn blocked user psg minute and sms pstn and sms preview reports as well these report will give you a timestamp user information related to your themes and psg and details etc please note that the themes reports display the data for the users and channels which have been active for example if the user in your organization isn't active in teams during the date range specified for a report data for that user will not be included in that report another functionality is you can download or export this report to a csv file for offline analysis so you can select export to excel or dead on the downloads tab select download to download the report when it's ready then there is microsoft 365 usage report for that you have to go to microsoft 365 admin center click on usage microsoft 365 usage analytics provide you with a better view of how your organization is adopting various services within microsoft 365. at a glance activity widgets gives you a cross-product view of how users communicate and collaborate using other various services of microsoft 365 and the microsoft 365 usage analytics content represent a dashboard that provides a cross-product view of last 7 days 30 days 90 days and 180 days this data would exist for all reporting periods right away the report becomes available within 48 hours now that we have learned about how to access teams report and microsoft 365 usage report microsoft 365 includes multiple technologies that provide security and user identity protection there are multiple tools which are built into microsoft 365 services so the administrators can choose how to predict the identity of the users using the platform and applications identity boards supported in themes are cloud identity synchronized identity and federated identities in cloud identity a user is created and managed in office 365 and stored in azure active directory and the password is verified by azure active directory in the synchronized identity model the user identity is managed in the the user id is managed in an on-premises server and the account and password hashes are synchronized to the cloud the user enters the same password on premises as they do in the cloud and at the sign in the password is verifiable by azure active directory this model uses the microsoft azure active directory connect tool the third one federated identity in this model a synchronized identity with the user password is verified by the on-premises identity provider the password hash does not need to be synchronized to azure ad and azure active directory federation services or adfs or a third-party identity provider is used to authenticate users against the on-premises azure active directory multi-factor authentication to increase the user security during the office 365 sign-in process microsoft teams support multi-factor authentication or mfa which is a two-step verification process with mfa the user is selecting it to the office 365 account after correctly entering the password is required to choose the second option such as a phone call text message an app notification or their smart phone in order to verify the login there are two supported authentication methods which differ from one another by identity model cloud only and hybrid setup in the cloud only model you can use phone call text messages mobile app notification and mobile app verification code in the hybrid setup which is a synchronized or federated model offers these are the following second factor options which is mfa for office 365 azure mfa module or adfs integrated or physical or virtual smart card which is again adfs integrated as well modern authentication is a process which provides the team's application with verification that you have already entered your credentials your work email and password on some other app in office 365 there are two options one is windows user scenario and apple back user scenario when you assign it to other office 365 apps through your office 365 enterprise account and you start microsoft teams you're going to be taken directly to the app no need to enter the password if an apple back computer user tries to start teams the computer will not be able to use your credentials from your office 365 enterprise account or from any other application of office 365 application the user will be requested for mfa then when the user enters the credentials he will not request sign it again at that point whenever the user is working on the same computer the microsoft live will automatically start in order to sign out of microsoft teams the user can click the profile picture which can be found at the upper right corner of the application now that we have learned about the team's authentication mode in the next demonstration we are going to learn about how to configure conditional access and mfa for microsoft teams organizations are in a constant changing security threat environment employees often need to access the company resources as well as communication channels from different locations organizations face a challenge when protecting the company data and at the same time providing the employees with access to the workplace resources they need additional access policies apply actions to users who sign into apps from their devices depending on multiple conditions these conditions might include a user or a group membership ip location information device and application real-time risk detection or microsoft cloud app security information conditional access policy that is set for these cloud apps apply to microsoft teams when a user directly signs into microsoft teams or ad client microsoft team is supported separately as a cloud app in azure active directory conditional access policies let me go and show you in the azure portal where you can apply these settings for your organization i'm on my azure portal on the left hand side i'm gonna go to my azure active directory under action active directory if you scroll down to security this is where you can find the conditional access policies so click on azure ad conditional access on the conditional access policies page you can see there are few baseline policies available you can click on new policy to create a new conditional access policy the name field i'm going to type keeps policy [Music] under users at group i'm going to select all users i have an option to add all guest and external users as well under cloud apps is where i am going to select microsoft teams search for microsoft tips [Music] and you can select that application and the condition is this is where you can select what sort of a condition you would like to apply devices location device state device platform etc access control is where you will either block or grant access so i'm going to grant access but after requiring multi-factor authentication control and after you select that you basically can't go and turn on the feature or turn off or you can use report only that will give you a report based on the user signing it and what response they are getting in this is how you can set up mfa for microsoft teams now that we have learned about how to configure conditional access for microsoft teams in this lesson we are going to learn about overview of themes admin roles as a global administrator you can access azure active directory and configure additional administrators which require different levels of access for managing microsoft teams these administrators can manage the entire team's implementation or you can choose and assign them permissions just for a segment of microsoft teams there are four main types of teams admin roles available let's go and see detail what are those the first one is team service administrator team service administrator manage the team service manage and create microsoft 365 groups this type of admin can access everything in microsoft teams admin center and associated powershell commands where teams communications administrator manage calling and meeting features within the team service including meeting policies managed meetings configurations voice calling policies and phone number inventory and assignment this user can access monitor and troubleshoot tenant call quality and view users profile page and troubleshoot user call quality problems as well thieves communication support engineer can troubleshoot communication issues with the teams by using advanced tools including call analytics and call quality dashboard teams communication support specialists can troubleshoot communications issue within the team by basic tools including call analytics and call quality dashboards you can assign teams admin roles by using azure ready or powershell the global admin role is needed to assign teams admin role to users now that we have understood different types of teams admit roles in this demonstration i'm gonna walk you through how to assign microsoft themes admin roles within microsoft 365 center and azure ad portal as well so like we discussed so far there are multiple ways you can assign teams admin roles you can go to microsoft 365 admin center or azure portal or you can assign via powershell as well so let's head back to the microsoft 365 admin center to see how to assign teams at bitro so i'm with my microsoft 365 admin center once you expand users you can click on active users basically what we are trying to find is how to assign a teams admin draw so i'm going to pick a regular user and once you select a user you can go under roles select manage roles and you can expand show by category so i'm going to go and enable admin center access so as you can see here there is teams service admin role available over here as well this will give full access to teams and other skype admin center so we want to see other teams role as well so if you scroll down towards the bottom you can see other three roles so there is teams communication admin teams communication support engineer teams communication support specialist and team service admin you can click on this information button or hover your mouse to see what these role it titles to what a user can do or cannot do so that's how you can assign a role in microsoft 365 center now let's go to the azure portal and see how you can assign a role in the azure portal so i logged into my azure portal using my global administrator username and password i go under my azure id and the manage that i users i'm gonna pick a user this time i'm to pick jerry and right under the profile there is a side rules so click on a side rule and on top of the assigned role you can see that there is add assignments and select a role so i'm going to search for thieves as you can see that there are four themes roles available so i could basically pick up a role if that is what i want to do or assign to this user i select the role and click text and basically i can make it available as an eligible role or an active role because i have configured azure ready privileged identity for this particular account so that's how you can assign a role for a user under azure portal as well so now we have learned about how to assign a team's admin role for a user in this demonstration i'm going to teach you how to implement threat management for microsoft teams so once deployed microsoft teams will become the hub for organizational collaboration where multiple documents will be shared and accessed therefore you must ensure that all documents that are used and shared within your microsoft teams are protected from potential threats such as malware office 365 advanced threat protection helps your organization protect against malicious threat which may be posed by email messages links as well as through your collaboration tools you are using it includes threat protection policies reports threat investigation and response capabilities as well to configure and assign atp policies you must have one of the following roles you need to have either office 365 global administrator or security administrator so i have been my microsoft 365 admin center to access security portal all i have to do is either go to security.microsoft.com or i can click on this admin center it takes me to security.microsoft.com as well so once i have in my security portal this is a one stop shop for all sort of security policies i can define dlp policies information coverage threat management up search policies etc a lot of things i can do over here so what we are after is we are going to select a policy and then select an atp safe attachment so i'm going to go under threat management click on policy and you can find atp safe attachment policy over here so download atp safe attachment policy and this is where i can turn on atp for sharepoint onedrive and microsoft teams once i do that atp is going to protect all the information within your sharepoint onedrive and teams you can create a new policy or you can basically modify an existing policy elsewhere so how does atp work so office 365 advanced protection provide the users within your company with safe environment so office 365 advanced threat protection provides the users within your company with a safe environment for collaboration and communication and helps the malicious files to be detected and blocked in team site and document libraries if a document that is stored in microsoft teams sharepoint online and onedrive business has been identified as malicious atp directly worked with the file stores to lock that files even though the user can still see the blocked file in the document library and web mobile and desktop application it cannot be opened copied moved or shared however the malicious files can be deleted now that we have learned about how the atp work and how to implement atp in this demonstration i'm going to teach you how to access security reports and alerts for microsoft teams microsoft 365 security center provides report that allow you to monitor potential security threats in your organization even though threat security reports may not be directly related to microsoft teams they might alert you to suspicious activity that is threatening security for your organization microsoft 365 security center contains a dashboard that displays reports from different sources including following categories identities data devices and apps let's closely look at all of this in detail this category of reports provide data from azure 80 risky users report and global azure ad admin roles reports are related to microsoft teams because of cited activity to microsoft teams from different types of devices data category of reports provide data from multiple sources such as users with the most shared files dlp policy matches false positive and overrides reports are related to teams because of data shared and accessed by teams users under devices category these reports provide data from microsoft intune or devices at risk device threat analytics device compliance malware on devices and users with malware detection reports are related to microsoft teams because of large number of mobile devices where teams is installed under apps category of reports provide data from cloud app security on threads from different apps such as privileged or odd apps suspicious admin activity in personalizations and cloud activity geographical locations reports are related to microsoft teams because of different apps that are integrated with themes let's go and view few of these reports i am in microsoft security and compliance portal you can access this portal by going into protection.office.com to access this report you can go right at the bottom of the left hand corner click on reports and then select dashboard you would see much data on my portal but right under threat partition status report this is this is where you can get a single view about malicious content and malicious email detected and blocked by exchange online protection this report can display detection up to 90 days explorer is a near real-time tool used to investigate and respond to threats in office 365. explorer displays information about suspected malware and fish in emails and files in office 365 as well as other security threats and risk to your organization and security admins can create alert policies that will inform them when a shared document in sharepoint online onedrive business or microsoft teams has been identified as malicious to create an alert you can perform these following settings from here on the create alert settings page choose the alert activity for example detection malware in file and you can choose the thresholds for example every time an activity matches to the rule and you can set your recipients in the next page as well that's how you set up reports and alerts for microsoft teams in microsoft 365 admin center the next lesson we're going to learn about labels in today's modern workplace most organizations use email chat services collaboration tools storage platforms to share information and documentation inside and outside the organization this makes the data no longer located behind a perimeter firewall it flows everywhere across devices apps and services microsoft 365 addresses these challenges with sensitivity and retention labels let's look at sensitivity label and retention label in detail sensitivity labels can help the users to classify documents and protect sensitivity content in their files these sensitivity labels are based on rights management services or rms which is available in azure rms and on-premises adr bus these sensitivity labels are used to classify and protect documents with encryption and central management capabilities to monitor access and even revoke access to documents sensitivity labels can be applied manually by end users are automatically based on search patterns in short sensitivity labels protect the content of the document even if the storage on which the data is saved is opened for collaboration even with external participants so what is retention label in some organizational working environment files contain data which need different action for example you might store invoices that you need to retain for certain period in this case retention policies in office 365 are used in order to make a classification and enforce the content to be automatically deleted or preserved after a certain period so unified labeling describes the centralized management of labels that can have retention and sensitivity settings applied please note that any item can have both a sensitivity label and a retention label applied now that we have learned on a high level what is sensitivity label and retention label in this lesson we're going to learn about how to create and manage sensitivity labels you can create and manage both sensitivity and retention labels in microsoft office 365 security and compliance center you can find that under classification don't worry i will take you to the exact place where you can configure that in the later part microsoft 365 compliance center which includes information protection records management and information components and all are part of microsoft 365 security center when creating labels in a productive environment you should consider these high-level steps things like define the label you need to pick a fitting name that describes its purpose then define what each label can do things such as information protection retention or deletion and you would have to define who gets these labels like which departments project teams or single user after creating and configuring labels you need to publish them to make them available to people in your organization and these labels can be applied manually or it can be applied automatically as well automatic labeling is a feature that require azure information protection or aip plan 2 licenses now i am logged into my microsoft 365 admin center i have to go to microsoft 365 compliance center so i'm gonna go to different portal which is right under admit center you can directly go by going to compliance.microsoft.com so sensitivity labels can be created under information protection which can be found under solutions so go to information protection as you can see that there are few labels created already if you want to create a new one click on create a new label provide a name description you have you have an option to turn on the encryption or remove so i'm going to select that i'm going to keep it as none content marking is where you can set up the headers folders what am i content with the label so you can add a watermark a header and a footer and then if you would like to customize what the watermark takes this is where you would be able to add those details again if you look at it you can change the color the font size and the way it is displayed on the document as well this activates automatic classification with labels this is where you can apply some conditions so when the content matches these conditions table will be applied automatically next and this is how you create a label so this is how you create an information protection classification label the next one is how to create a retention label so to create a retention label we have to go under solutions this time this is placed under records management so click on records management under records management you can go to file plan as you can see there are a few file plans labels created already create a new retention label give a name [Music] this is where you can give details like file plan descriptors reference id is a unique id for further processing and documentation which business function or department are these documents referred to which category do these documents fit into which types of requirement is met with this label which regulatory requirement is this label referred to so once you provide these details click next this is where you would be able to turn on which activates retention for label documents when this label is applied to the content you would be able to add details like how long would you like to keep this retention for would you like to delete this content automatically or do the thing but do you want to retake this content etc so all of these policy changes can be made all of these policy changes can be made over here and finally you can re you can review the details and click on create a retention label now that we have created a classification label and a retention label let's go and find out how to assign labels to these label policies so for that i'm going to go back under solutions this time i'm going to go back to information prediction go under label policies this is where i will be able to see all the policies available let's pick one of these policy and you can click on you can either edit the policy and view the details of the policy this time what i'm going to do is i'm going to select the policy i'm going to select publish labels and i can choose which label i want to select from i'm going to select the sample one which we created click add done next and you can select where would be where would you like to apply so i can choose like all location or i can go back and choose a specific app i can remove a particular microsoft 365 service or i can make changes to the sites or recipients or accounts etc all of these changes can be done over here okay dave the policy give the description and review the policy before applying it read it and it it will take up to one day for label to appear to the users so don't expect this label to be published and take effect immediately and once you complete it you can click on publish labels similarly for the retention label i'm going to go back to record management go under label policies click on publish labels and this is where you can find the label you just created for the retention label the process is pretty similar click next you can choose a location or you can select all microsoft 365 services and review the policy and hit on publish labels this is how you create a classification label and a retention label and then once you have these labels create a policy and publish it now that we have learned about how to create and manage sensitivity labels and retention policy in this lesson we're going to learn about how to create and manage dlp policies many organizations today are concerned with protection of sensitive information and being compliant with their internal business standards when we mentioned sensitive data we made the information which can include financial data or personally or pii or personally identifiable information such as credit card numbers social security numbers and health records with data loss prevention policies organizations can identify monitor and automatically protect sensitive information across the office 365 environment including microsoft teams so some of the benefits of dlp is listed down over here so for most organization which have the dlp for teams license policies can be configured that prevent people from sharing sensitive information in a microsoft team's channel or chat session with these policies the admin can protect sensitive information in messages sensitive information in documents as well so when you create and apply the dlp policy there is an action taken in microsoft teams which conflicts with that policy the user will get policy tip as showed in this particular image so let's go and see where you can create a dlp policy for teams i'm on my microsoft 365 admin center go to compliance center right under solutions you can find data loss prevention so within data loss prevention what we're going to do is we're going to create a new policy so we can either pick an existing policy for financial medical health privacy custom etc so i'm going to go with a custom policy click next i'm going to leave it as custom policy here you go you can see that this cuts across multiple microsoft 365 solutions including exchange sharepoint onedrive devices etc and you can turn on for teams chat and channel messages as well this is where you can review and create and customize and advise dlp rules and to create a new rule give a name for the room [Music] as you can see there are conditions exceptions actions user notification so you would be able to go through each of this based audio requirement i can add australia pass passport number as a condition if you would like to accept anything you would be able to add that over here what sort of an action you want to perform would you like to restrict access or do you want to get notification on audit or restrict activities on windows devices so if you would like to audit and restrict access this is where you can modify these in detail you can further go ahead go ahead and add more conditions as well if you like to use notifications to inform users you can help them educate them on proper use of sensitive info this is where you can configure that how do how would you like to notify them email or policy tips you can mention the policy we can mention the policy tip over here then we have overrides and some additional options like priority etc once you create your policy click next and you have options to test it which shows the policy tip in the test mode or you can turn on right away or keep it off and turn on later so click next and submit this is how you would create a dlp policy for microsoft tips please note that dlp policies can contain teams and non-teams location at the same time in this lesson we're going to learn about creating and managing a e-discovery case organizations have many reasons to respond to legal cases involving certain executives or other employees in their organization this might involve quickly finding and retaining for further investigation specific information in email documents instant messaging conversation and other content location used by people in their day-to-day work task these are the three types of e-discoveries available content searches e-discovery cases and advanced e-discovery cases content searches to perform fast searches for contents saved in one of the office 365 services e-discovery cases you add holds and perform content searches in an organized case management structure and advanced e-discovery cases to analyze large set of unstructured data that needs additional automation through relevance recognition let's go and find out how to create a new e-discovery case i'm on my microsoft 365 admin center under admin center go to security you can directly go to security by going into protection.office.com once you are in the security and compliance center scroll down on the left hand side you can find e-discovery so click on e-discovery this is where you would be able to find any existing case you can click on open an existing case or you can click and create a new case as well advanced topics related to e-discovery is not related to this examination but i will happily take you through this e-discovery process when we go through ms-500 now that we have learned about what is e-discovery and how to create a new e-discovery case in this lesson we're going to go through a demonstration to find out how to create and manage a supervision policy for many compliance requirements you may need to take samples from user communication to see if they comply with all policies and regulations because e-discovery is an inadequate tools for taking random samples you can use supervision policies to analyze only a certain amount of data from supervised users and groups you can define policies that capture internal and external email microsoft themes or third-party communication reviewers can then examine the messages to make sure that they are compliant with your organization's message standards and resolve them with a classification type some of the supported communication types of supervision policies include exchange email microsoft teams skype for business online and third-party sources so let's look at the licensing requirement for supervision policy supervision policy is an advanced compliance feature and all users in scope of supervision policies need one of the following licenses options microsoft 365 e5 compliance office 365 e3 with an advanced compliance add-on or office 365 e5 developed by microsoft 365 admin center white enter admin center i can go to security under security and compliance portal click on permissions and scroll down to find supervisor review or you can search for that as well so this is where you can go and see the members of this group i'm gonna edit the membership and i'm gonna choose a member and add a user [Music] so let's go to the supervision so i don't have much data over here but this is where you can create a new supervision policy and please note that when adding groups to supervised users dynamic distribution groups are not supported on choosing reviewers either distribution group or dynamic distribution groups are supported now that we have learned about supervision policy in this lesson we're going to learn about you scoped discovery search with microsoft team scope discovery search the administrator can create virtual boundaries that control how users communicate with each other within the organization microsoft teams provide custom views of this discovery to the company users once the policy have been enabled the results returned by searches for other users will be scoped according to the configured policies user will not be able to search or discover themes when scope search is in an effect note that in case of exchange hybrid environments this feature will not work note that in case of exchange hybrid environment this feature will only work with exchange online mailboxes not with on-prem boxes so when should you use scope discovery searches you may use the scope discovery searches when your organization has multiple companies within a single tenant and you want to segment searches by companies or you would like to limit chat between faculty and students or different departments so let's go and find out how to turn on scope discovery search to turn on scope discovery search you need to do it in teams admin center so i'm gonna go to teams admin center so under org wide settings select team settings scroll down till you find search by name so when you turn this on this is how you will turn on scope discovery search using an exchange using an exchange address book policy you need to wait at least 24 hours after enabling scope discovery search before you can set up or define information barrier policies now that we have learned about what is scope discovery search and how to turn on scope discovery search in this lesson we're going to talk about managing gdpr data subject request personal data is defined in detail under the gdpr on general data protection regulation it refers to any data which relates to an identified or identifiable natural person that is a resident of a european union the gdpr defines the rights and restrictions on how to manage the personal data that has been collected by an employer or other organization office 365 administrative tools have implemented features which can assist in searching and finding as well as acting on personal data in order to respond to data subject requests or dsr to manage investigations in response to a dsr submitted by a person you can use dsr case 2 in security and compliance center to find the content stored any user mailbox any mailbox associated with microsoft 365 group all sharepoint online sites all teams and microsoft 365 groups and all public folders in exchange online as well please note that the dsr case tool is based on e-discovery but modified to find personal data of users so let's go and find out how to create a dsr case so i am on my microsoft 365 admin center i'm going to security and compliance center you can directly go to the portal by going into portal.office.com to create a data subject request we need to navigate to data privacy under data privacy click on data subject request you can see that there is one data subject request case created already to open it i just need to click on just open or you can click on new dsr case to open a new case as well now that we have learned about what is gdpr and how to create a dsr case in this lesson we're going to learn about information barrier policy information barrier policies are created when an administrator want to restrict the communication between certain individuals or groups for example an r d department is working on highly confidential project which are not allowed to share with peoples outside the organization for example an r d department is working on a highly confidential project which are not allowed to share with people outside the department the administrator needs to prevent or isolate people in r d department from communicating with anyone outside of that group and information barrier can prevent the following type of communication between user and teams searching for a user adding a member to the team starting a chat with someone starting a group chat inviting someone to group inviting someone to join a meeting sharing a screen or placing a call please note that information barriers require the scope direct research in teams if you didn't activate it already you need to activate it and wait for 24 hours to use this feature information barrier is an advanced compliance feature and require some licenses this feature is available for users with microsoft 365 e5 office 365 e5 office 365 advanced compliance and microsoft 365 e5 information protection and compliance license holders there are three main phases to define policies for information barrier the first part is to segment users in your organization this will ensure you to comply with regulatory requirements you need to plan which users are allowed to communicate and which are not allowed to do so part two is defining the information barrier policies after creating segments you can create the policies that restrict the segments from communication remember that any policy restricts only one way and if you want to restrict the communication between two segments you need at least two policies and part three is apply information barrier policies after creating segments and policies for communication the information barrier policy still needs to be applied now that we have learned on a high level what is information barrier policy all about in this lesson we're going to learn about security and compliance alert for microsoft teams alert policies help administrators identify events in their tenants that could indicate a security breach an abuse of administrative privileges or other activities that require monitoring alert policies said email notification and track recognized events on an alert dashboard in security and compliance center to keep track of events in a tenant so how does the alert policy work this following diagram shows the basic workflow of how a alert policy work administrators create new or modify existing policies in security and compliance center user or administrator performs actions which match the conditions that trigger the alert policy an alert is generated and the accounting alert action is triggered such as sending an email to a global administrator etc finally administrators review alerts in alerts dashboard and decide to acknowledge or dismiss their alert please note that there are currently up to 22 default alert policies available an alert policy consists of a set of rules and conditions that define the user or admin activity that generates an alert a list of users who are in scope of triggering the alert if they perform the activity a threshold that defines how many times the activity may occur before an alert is triggered all of these alerts are categorized into one of these six categories which helps with tracking and managing the alerts generated by a policy you can assign one of the following categories to your policy that's a quick high level overview on create security and compliance alerts in this lesson we're going to evaluate a great path with coexistence and upgrade modes when you are upgrading from skype for business to microsoft teams either online or on premises there are only two approaches direct upgrade journey or gradual upgrade journey in direct upgrade journey you first deploy teams alongside skype for business in islands mode as part of evaluation the goal is to quickly retire skype for business from environment for all users in the organization it is the recommended journey for skype for business online customers in direct upgrade journey teams are deployed to all users in the organization and configured in islands mode you can see the direct upgrade journey illustrated in this diagram in case your organization is currently a skype for business on premises deployment only you need to start planning to implement skype for business hybrid before upgrading your users to teams only mode a gradual upgrade journey offers coexistence and individual upgrade modes for different groups of users also called cohorts in this path teams is deployed for the organization in islands mode for evaluation and then move on to the different coexistence board for different groups of users you can see the gradual upgrade journey illustrated in this following diagram now that we have learned about the two upgrade journeys direct and gradual in this lesson we're going to learn about management migration meeting migration service provides updates for existing meetings when a user is migrated from on-prem to the cloud when an admin makes a change to a user's audio conferencing settings when an online user is upgraded to teams only when you use powershell to trigger mms as well in each one of these cases the mms is automatically triggered when meeting migration service has been triggered for a user a migration request for that user is placed in a queue once the mms processes this request it will perform these tasks tasks such as it searches user's mailbox for all existing and future meetings organized by that user it updates or schedules new meetings in either teams or skype for business online in the email message it replaced the online meeting block in the meeting detail it sends the updated version of that meeting to all meeting recipients on behalf of the meeting organizer please note that if an error occurs during the migration process mms will periodically retry up to 9 times during the 24 hours when the mms is triggered for a user there are few things we need to understand the user is migrated from on premises to the cloud admin makes a change to the user audio conferencing settings upgrading meetings with assigning teams upgrade policy and admin uses the powershell commands now that we have learned on a high level what is mms and what kind of offers mms provides in this lesson we're going to learn about how to configure coexistence and upgrade settings for microsoft teams when planning your transition from skype for business to teams you will need to choose appropriate upgrade path and coexistent modes for a smooth transition to microsoft teams in your organization you can choose the same coexistence mode for all users and upgrade to microsoft teams all at once or you may need to do the migration batch by batch configuring different coexistent modes for different groups of users let's go and explore how to upgrade options for all users from teams admin center i signed into my team's admin center you can go directly to teams admin center by going into admin.teams.microsoft.com once you are in the portal click on org wide settings and select teams upgrade this is the page where you will have option to upgrade to island skype for business skype for business with teams collaboration skype for business with teams collaboration and meeting and teams only board since my tenant is a brand new cloud only subscription i'm not able to see that if i go back to my presentation ideally if you are in a coexistent environment you will see these options basically when you go to the coexistence board you would be able to choose between these different boards so that's how you set up your coexistence and upgrade settings for teams in this lesson we're going to learn about teams networking requirements microsoft teams utilizes three types of network traffic directions data traffic between the office 365 online environment and the team's client peer-to-peer real-time communication traffic conferencing real-time communication traffic this impacts the network data flow in two levels the traffic flow between the team's client directly in peer-to-peer situations and between the office 365 environment and the team's clients for meetings therefore to ensure optimal traffic flow traffic must be allowed to flow between the internal network segments such as between sites over the wide area network as well as between the network sites and office 365. not opening the correct ports or actively blocking specific ports will lead to a degraded experience when analyzing the existing network capabilities consider the following areas in your network access when analyzing existing network capabilities you need to consider things like connectivity to your office 365 quality of your network connectivity available bandwidth clients connected over wireless net pool size network health determination vpn wi-fi proxy servers etc when evaluating the existing network environment hard limitations such as blocked ip addresses faulty name resolution through dns and block ports are fast to support because certain teams features will simply not work all when ip address or ports are closed discovering bandwidth latency or packet loss issues is more complicated because they may appear only under special circumstances for example if a high number of users are using voice communication at the same time therefore when planning the network requirements for teams deployment you must calculate the maximum number of concurrent users including a reasonable buffer this following table shows the recommended network capabilities in package transmission quality network planner is a tool in teams admin center which is designed to assist the admin to determine and organize network requirements for connecting microsoft teams users across the whole organization you can access the tool by going to microsoft teams admin center under planning and select network planner after providing the network details and teams usage network planner calculates the network requirements for deploying teams and cloud voice across the organizational physical locations with the network planner you can create representations for your organizations using site and microsoft recommended personas generate reports and calculate bandwidth requirements for teams usage in order to use the network planner you must have one of the following rules you have to be either global administrator teams admin or teams communication administrator the network testing companion provides results for exporting and sharing with other network administrators or partners the companion also helps discover potential issues related to the organization's network and connectivity to teams this tool can also be used during the assessment and planning process of microsoft teams deployment if you are using teams now you can also use this tool to troubleshoot voice quality issues or analyze the network connection before users make make a call for teams to function correctly you must open tcp 480 and 443 and udp port 3478-3481 the tcp ports are used to connect to web-based content such as sharepoint online exchange online and teams chat services plugins and connectives also connect over these tcp ports the four udp ports are used for media such as audio and video to ensure they flow correctly the report labels and locations data you provide is a single data structure to configure the table of subnets and location you need to go under locations and reporting labels and upload the locations data please note a predictive data file should not contain column headers example network network name etc quality of service or qos is a mechanism you use to prioritize certain types of network traffic qos is a way to allow real-time network traffic like voice or video streams that is sensitive to network delays to cut in line ahead of traffic that is less sensitive like downloading a new app where an extra second to download is negligible qos identifies and marks all packets in real time streams using windows group policy objects and a routing feature called port-based access control list in most cases the implementation of qos is considered either during the planning and assessment phase or during the deployment of microsoft teams voice communication now that we have learned about teams networking requirement in this lesson we're going to learn about deploy microsoft teams clients to devices the desktop client is available for the following operating systems windows 8.1 or later on windows server 2012 r2 or later 32-bit and 64-bit versions mac operating system 10.10 or later linux.dev and rpm formats virtual desktop infrastructure or vdi is virtualization technology that hosts a desktop operating system and application or a centralized server in a data center by using vdi users can enjoy a full personalized desktop experience with a fully secured and applied centralized source using teams in their virtualized environment may be somewhat different from using teams on a non-virtualized environment it is recommended that you consult your virtualization solution provider to ensure the minimum requirements are met you can deploy the teams desktop app for vdi using a per machine installation or per user installation using an msi package the team's mobile app are available for android and ios in order to download the mobile app users can go to their mobile app store via google play or apple app store there are two supported mobile platforms for microsoft teams and mobile apps android support is limited to the last four major versions of android ios support is limited to the two most recent major versions of ios the team's webclight is available for a variety of different browsers including edge chrome and safy the web client performs browser version detection upon connecting to themes.microsoft.com if an unsupported browser version is detected it will block access to the web interface and recommend that the user download the desktop client or mobile app now that we have learned about the different types of themes client options in this lesson we're going to learn about how to manage device settings and firmware managed devices is performed with microsoft teams admin center after you sign it to the team's admin portal select devices and select phones this is where you can find all the devices as you can see that i don't have any devices but if you have devices this is where you will manage all the devices enrolled in teams within your organization some of the management tasks you can perform in teams are listed here you can change device information you would be able to manage software update restart a device view a device history and view diagnostics as well now that we have learned about how to manage devices in this lesson we're going to learn about managed configuration profiles to manage settings and features for teams devices in your organization you can use configuration profiles as an administrator you can create or upload configuration profiles to include settings and features which you would like to enable or disable and then assign your profile to your group or devices of your choice let's go and explore how to do this i'm in my team's admin portal under devices i'm gonna go to phones within the fords page you can select the configuration profiles and you would be able to add the name to the profile and you can go through all the settings available within the profile page under device settings you would be able to choose or enable display screen saver brightness backlight contrast silent mode office hours power saving and screen capture under network settings you will be able to enable dhcp login or you can configure host name domain name ip address subnet mask network pc port etc once you complete you can hit out save once the configuration policy have been created you will need to assign them to an appropriate device your sign a configuration profile you can go to the team's admin center on the phones page select the configuration profile and you can assign to a device in this case i don't have any device within my subscription but this is how will you but this is how you will create a profile and assign to your device now that we have learned about how to manage and configure the profiles in this lesson we're going to learn about how to configure microsoft teams rooms microsoft teams groups provide a complete meeting experience that brings hd video audio and content sharing to beating of all sizes from small huddle areas to large conference rooms microsoft teams room system can be purchased in several configurations bundled as a system with separate components or as an integrated unit as well when you want to deploy microsoft teams room in your organization you must go through a detailed planning phase including evaluating testing to find the best feeding conference experience for your users the following diagram shows the common required steps to prepare deploy and maintain microsoft teams room in your organization configuration and deployment of microsoft team groups include following steps starts with account provisioning then device software installation device deployment microsoft teams room application and peripheral device configuration testing and asset management so now that we have learned on a high level what microsoft meeting groups are on microsoft teams groups in this demo walkthrough we're going to learn how to create and manage teams by default all users can create teams using the team's client and invite members unless you restrict the creation of teams to global administrators or team service administrators administrators can also create themes in the team's admin center or powershell there are multiple ways you can create themes either by going to teams admin center teams client or powershell or graph api so let me take you to the team's admin center and show you how to create teams there so i am on my microsoft teams admin center under teams you can click on manage tips this is where you would be able to see all the themes within your team's environment to create a new themes click on add give a name to the team description you can set a team's order define what type of team it is is it a public or private team and you can select a classification if you have set a classification already and then hit apply that will simply go ahead and create it heaps now let me go and show you how to create a tips on the teams client app so now i bought my team's client app as you can see that the sample team i just created is already turned up here to create a new tips click on join or create a team click on create team two options build a team from scratch or create from an office 365 group so we're gonna build a theme from scratch we have three options here a private public ed or guide the org wide group when you create it everyone within your organization will be automatically joined so let's click create that and i'm going to leave the name like that and hit on create so now this is creating an odd yt if i go and look within the team you can see that there are 88 members already part of this group that's because this is an org wide team so please note that whenever you create a tip it is best practice to configure at least two orders for self-service needs for the team if a group owner leaves your company the group could be fined itself without an order the content in the group is unaffected by this but not having a group order means that there is nobody with permission to manage the group anytime the single order is not available and modification of the teams are not required the members will have to contact the team's administrator this problem can be resolved by any administrator within your organization teams templates are pre-built definition of a team structure designed around a business need or project you can use themes template to quickly create rich collaboration spaces which channels for different topics and pre-installed apps to pull a mission-critical content and services themes templates provide a predefined team structure that can help you easily create consistent team across your organization some of the capabilities of teams templates are you would be able to define a team name description visibility auto favorite channel installed app pin tabs team membership etc there are two ways to create heaps of the template use an existing team asset template or create a team from base template and then there are several options to create a team from an existing resource you can upgrade a sharepoint team site or a microsoft 365 group to a team directly you also can convert a distribution list to your microsoft 365 group then you can convert it to a team with this intermediate step this also works if a group was created as part of a plan in planner remember when creating a team the underlying group cannot have more than 5 000 members and we have seen an example just before on how to create an org-wide team an org-wide team provides an automatic way for everyone in a small or medium-sized environment to be part of a single team for collaborations or announcement as an admit you may need to view or update the teams that your organization set up for collaboration or you might need to perform remediation actions such as assigning orders or orderless teams you can manage the teams used in your organization using either the microsoft teams admin center or microsoft teams powershell module as well these channels are dedicated sections within the team to keep conversations organized by specific topic projects disciplines etc each channel could be different unit in a department or a project group in a larger group within a different group before you create channel you first need to decide which channel you need and if they shall be standard or private you can create a channel by going into a team and click on add a channel give a name for your channel and within the privacy you have two options standard and private at some point when managing teams it will become necessary to retain or delete themes that are no longer actively used you can archive or delete teams both options stop users from modifying teams content and using that team for further collaboration policy packages in microsoft teams let you control teams features that you want to allow or restrict for specific set of people across your organization these policy packages simply streamline and help provide consistency when managing policies for group of users across your organization view the settings of each policy in a policy package before you assign a package make sure that you understand each settings and then decide whether the predefined values are appropriate for your organization or whether you need to change them to be more restrictive or lenient based on your organization's need in this lesson we're gonna learn how to manage membership in teams within microsoft teams there are two user roles owner and member by default a user who creates a team is granted the order access or the order status and owners can promote other members to become additional orders orders can add members to their team if the team is public then members are also allowed to add members to the team in private team members can request additional new best to the team the owners will be informed of the request and they can act accordingly please note that orders can make other members as owners in the view teams option a team can have up to 100 orders it's recommended that you have at least a few owners to help manage the team this will also prevent offered groups if a sole owner leaves your organization let's go to the themes admin center and find out how to manage users in team using teams admin center so i'm inside the themes admin center i'm going to go under teams and click on manage teams this is where i will be able to select a team and manage teams membership so i clicked or selected a tip i can see that who is the member of the team and who are the owners and who are the members i can simply click on a user and i can make that member and order as well as long as i logged in as a global administrator and have access to that particular teams as an order rights so i logged it as this user called rick and rick is the owner of that particular group microsoft teams support dynamic membership of team members by leveraging the dynamic membership feature in azure active directory dynamic membership enables you to define members of a team by one or more rules that check for certain user attributes in azure active directory users are automatically removed or added to the designated team as user attribute change or user joins or leave the tenant with dynamic membership you can set up teams for certain cohorts of users in your organization let's go and find out how to turn on dynamic membership in the azure portal i'm in my azure portal let's go to azure active directory on the left hand side under manage you can click on groups under groups you can see there are many groups available so let's select a dynamic group for example it's called enroll devices if i go to properties this is where you would be able to see what type of group it is as you can see that it's a dynamic device group similarly let's find out a dynamic user group i'm going to select an existing group go to properties and change the assign type to assign to dynamic user and this is where you can add a dynamic user member query in this query page this is where you can add configuration rule or validate rules you can add expressions to find out how you would like to add an operator to select the value to add a particular user to this group once you provide the value and save it based on the syntax what you provide the query is going to fetch all the users existing within your turret or anytime a new user joins your terence based on the attribute that user can be automatically part of the group as well azure active directory access reviews enable organizations to efficiently manage group membership without needing administrative oversight you can create access reviews for different types of scenarios you can use access reviews for orders to evaluate team members and guests or for members and guests to review if they still need access for teams they are member of let's go to the azure portal and see how it has been done added by azure portal let's go to azure active directory under bandage you would be able to find something called idt governance let's go to identity governance and under settings or access reviews you can click on access reviews right now i don't have any access reviews you can simply create a new access review by click on new access review give a name provide a description the start and end date and the frequency where you would like to activate the review once you create this access review you can apply to a group and you can enable the group orders and the program which you want to apply this access review to now that we have learned about different types of membership management and access review in this lesson you're gonna learn how to manage access for external users there are two ways to collaborate and communicate with people outside of your organization when using teams you can add them as guest user in your tenant or you can enable external access so let's learn what's the main difference between external access versus guest access you use external access when you have users in different domain in your business you want the people in your organization to use teams to contact people in specific businesses outside of your organization and you use external access when you want anyone else in the world who uses teams to be able to find and contact you using your email addresses external access allow external users to find call and send you instant messages as well as set up meetings with you so what is guest taxes a team owner in microsoft can add and manage guests in their teams via the web mobile or desktop clients anyone with a business or consumer email account such as outlook gmail and others can participate as a guest in teams people outside of your organization such as partners or consultants can be added as guests and people from within your organization can join as regular team members some of the functionalities are not available for guest users services such as onedrive for business calendar schedule meetings and meeting details psc and colleague organizational charts etc external users are guest users that get invited to collaborate inside your tenant this differs from users you can communicate with using external access in azure active directory guest access in microsoft teams relies on azure ad business to business platform this authorization level controls the guest experience at the directory third and application level microsoft teams group control the guest experience in microsoft 365 groups and microsoft teams sharepoint online and onedrive for business controls the gex experience in sharepoint online and onedrive for business and microsoft teams controls the guest experience in microsoft teams only because guest invitations create guest object in your azure ad tenant the external collaboration settings in azure id are the most restrictive and control the guest experience for the tenant and all applications let's go and explore how to configure those settings in azure portal amid by azure portal to configure the guest access we need to go to azure active directory under manage you can find users under users you can find user settings just scroll down till you find external users so click on manage external collaboration settings this is where you will find all the options where you can turn on and turn off to allow or not allow guest users permission to your tenant you can enable this external access for organization in your themes admin portal as well let's go and find out how to do that i am in my team's admin portal i'm on my microsoft teams admin center on the left hand side you can find all dwight settings and under that you can find external access and guest access so this is where you can turn on to allow an external user access and you can add a debate and for the guest users you can turn on or turn off and you can decide which services you would like to add and allow these guest users to access from your tenant that concludes module 4. in this lesson we're going to learn about how to manage messaging policies messaging policies are used to control chat and channel messaging features for users they can provide and deny messaging actions for users such as the possibility to delete send message stickers giffies or the ability of users to remove other users from the group chat all users are assigned to the global policy by default additional custom policies can be created and assigned to individual users but any users but any user can only be assigned to one messaging policy at a time messaging policies are managed from teams admin center on the left hand side you can see the messaging policies i can go and view or modify the existing global org-wide default policy and this is where you can see all the policy options available so the first option will give an ability to control whether owners can delete messages sent by other other users and similarly there are plenty of policies which enable owners to edit message would you like to read recipes by a user control or do you want to turn off for everyone if you don't want to use gifs in composition you can turn this on it says again this again is a org wide setting so it applies to the whole tenant then there are policies like removing user from group chats suggested replies etc you can click on the information button to see more information related to the policy click on learn more this takes you to the microsoft documentation which gives you plenty of explanation on what this policy all about similarly you would be able to create a new policy for a new set of users all you have to do is go to add and create a new policy and you can modify it and apply once you have multiple policies you can group them and you can rank these policies as well now that we have learned about teams messaging policies in this demo we're going to go through and learn about how to manage teams policies for channels teams policies control how users can interact with teams and channels this includes the availability of features for teams for example whether private teams are discovered in search result and whether users can create private teams if users are not assigned a custom policy by default if users are not assigned a custom policy the default global policy controls the available features a user can only be assigned to one team policy at a time please note that the policy changes can take up to 24 hours to take effect these teams policies are managed from microsoft teams admin center and through sharepoint online and commandlets using powershell these teams policy can be controlled by the following settings the first one is discover private teams these settings control whether users can see private teams in a gallery view which enables users to request access to a team create private channel settings controls whether users can create private channels or not restrict the creation of all white teams these settings control whether users are restricted from creating organizations wide teams this settings is only available through powershell let's go to the themes admin center where i can show you how to apply this policy or create this policy for the users so i'm on my team's admin center now so let's navigate to teams and under themes select teams policies you can either modify the global or white default policy or you can add anyone give a name for a user for example alex create a public channel after a new team's policy is created it must be assigned to a user assigning a new teams policy to a user replaces either the existing default policy or existing custom policy for that user so let's find out how to assign a user to a policy you can select a policy and you can click on manage users this is where you will be able to search for a user and add a user so any sort of settings you applied for this policy is assigned to a particular user in this lesson we're going to learn about how to manage team settings managing team settings includes several options to control basic features of microsoft teams including notifications and feeds email integration cloud storage options and devices these settings are organizational wide settings and apply to all users and teams in an organization let me go and show you how and where you can find these options in the team's admin center so now i am on my team's admin center go to the or wired settings and click on theme settings this is where you can find all the org-wide team settings for your teams so there are policies which the first one which let you control whether users can be notified about activities of other users in teams this email integration area lets you control if the setting is turned on teams users can retrieve an email address to send email messages that the file area will let you control the availability of citrix files as third-party storage provider in teams similarly for dropbox box google drive etc the organizational area this is where it shows or hide the organization tab in chat that shows additional data about a chat partner devices area will let you control things like where the users must provide a second form of authentication before entering a meeting this setting is especially useful when using surface hub devices where users can possibly join a meeting with the identity of a different user who is already logged on search by name allows you of scope directory searches from teams using exchange address books now that we have learned about team settings in this lesson we're going to learn about manage private channel creation policies for microsoft teams one way to restrict the creation of private channel is to let an administrator create a team policy that restricts private channel creation but team owners can also restrict the private channel creation on a per team level basis themselves this can be handy when team owners want to retain full control of their team activity which includes restricting members from creating private channels which team owners in turn cannot control to restrict team members from creating private channels a team owner must open the team from one of the microsoft teams client and manage the team so let's go and find out how to restrict anyone from creating a private channel within teams so i am in my team's app right now so i'm gonna go to a particular teams and click on manage themes within manage team i can click on settings and expand the member permissions the second option under members permission is to allow members to create private channel so right now i have enabled anyone to create private channel within this particular team i can go ahead and simply remove this that will prevent anyone from creating a private channel within this team's app so now that we have learned about how to restrict anyone from creating a private channel using policy in this lesson we're going to learn about managing teams email integration when integrating microsoft teams into existing messaging workflows to provide information through email to team members it is possible to retrieve email address for any individual channels within a team let me quickly show you how to find an email address within a team so now i am inside my team's app if i go to this mark 8 project team i go to my design channel and within this channel if i want to get the email address of the channel all i have to do is click on this ellipsis and click on get email address this would give me the email address for the teams any member can retrieve the email address of the channel by selecting the ellipsis icon to the right of the channel's name and then select get email address owners and users can remove the email address or they can modify advanced settings to restrict message delivery to team members and certain domains only please note that users can remove and reactivate channel email addresses in which case a new user is generated and old address cannot be reused please note that users can remove or reactivate a channel's email address in which case a new address is generated and all address cannot be reused now that we have learned about email integration in microsoft teams in this lesson we're going to learn about how to manage file sharing for microsoft teams sharing files is a basic operation in office 365 and microsoft teams when collaborating with internal and external participants the different operations in themes result in different file handling operation to provide file access to one or many chat participants or all members of a single channel including external guest access there are different behavior related to sharing files depending on the sharing operation the first one is what about user shares a file in a one-on-one group chat in this behavior the file is uploaded to users onedrive into the folder microsoft teams chat files and all participants are granted permission on the single file second operation is user shares a file in a conversation in this operation the expected behavior is the file is uploaded to the team's documents library where the team sharepoint permission groups grant access to all members and external participants and the third operation is users copy the link to a file from teams in this operation the expected behavior is the user can decide to copy a themes or sharepoint link while the team's link opens teams to access the file the sharepoint links opens directly in the browser recipient of the link must either have a sharepoint permission or he or she must be a member of teams to access the file content so let me go and show you where is this settings in your sharepoint admin center or onedrive admin center i'm on my microsoft 365 admin center under admin center you can either go to sharepoint admin center or onedrive administrator as well so i'm going to go to sharepoint under sharepoint you can go to settix under sharepoint you can go to policies and click on sharing this is where you can find the sharing and external sharing options for both sharepoint and onedrive you would be able to modify it to give access to anyone only new and existing guests or existing guests or only people in your organization you can independently change the settings as well so let me explain these policies one by one under anyone users can create link that can be freely shared they can also select to require sign in when they share items under new and existing guests users can send invitation to anyone unless you choose to restrict domains invitation to access files can be redeemed only once the next option is existing guests users can send sharing invitation to any external users who has been added to your azure active directory invitation to access files can be redeemed only once and finally only people in your organization in this case external sharing is not allowed now that we have learned about microsoft teams sharing options in this lesson we're going to learn about how to manage channel moderation channel moderation allows team owners to control how users can participate in channel conversation it is a useful feature to keep channel conversation under control within large channels where for example only selected users shall post update on a price on a project or a schedule so here are the list of channel moderations restrict in channels why for the last sentence so what channel moderators restrict in channels the first one is starting new post in a channel when this moderation is turned on for a channel only moderators can start a new post in that channel let's go and see where you can see the channel moderation so i'm in my teams app i'm going to select a channel and click on manage channel under permission this is where you can set the channel moderation permissions anyone can post show alert that posting will notify everyone or only owners can post messages now that we have learned about channel moderation in this lesson we're going to learn about how to manage settings for themes apps themes apps let you do more in teams think about the tools files and dashboards your organizations already use many of them can be added right into teams teams apps provide out-of-box tools that enable your organization to maximize its teams experience in the context of channel in a team a group chat or an individual user alone these apps combine the functionality of tabs messaging extensions connectors and bots provided by microsoft built in or by a third party or by a developer in your organization there are several ways you can interact with the app services in teams first one is share content on a tab when you work with different people you want different information and different tools on hand you can add relevant files and apps as tabs to any team's conversation tabs help you add tabs help you share content and functionality from your favorite services in a channel they can connect you in microsoft services like excel sharepoint powerapps or other services like asana youtube zendesk etc or to your website of your choice as well second option is to get update from a connector connectors keep your team current by delivering content and updates directly to your channel from services you frequently use with connectors team users can receive update from popular services such as twitter trailer wunderlist github and azure devops services in their teams chats another option is to allow rich content another option is to add rich content to your messages these apps can find content from different services and send it straight to a message you can share things like weather reports daily news images and videos with anyone you are talking to messages sometimes include buttons for interacting with the app for example a daily weather report could include an option to download the forecast for the entire week another option is to chat with a bot these bots provide answers updates and assistance in private chats or channels you can chat with them one on one or in a channel bots allow you to interact with cloud services such as task management scheduling and polling in teams chat as well teams apps are a way to aggregate one or more capabilities into app packages that can be installed upgraded and uninstalled in the teams app section of the microsoft teams admin center you can set policies to manage apps for your organization for example you can allow or block apps at an arc level set policies to control what apps are available to teams users and customize teams by building the apps that are most important for your users use the manage apps page to view and manage all teams app in your organization's app catalog you can see the org level status and properties of the apps block or allow apps at an org level upload new custom apps to the tenant catalog and manage org wide app settings as well with app permission policies you can control what apps are available to specific users in your organization you can allow or block all apps or specific apps published by microsoft third parties and your organization for example you can use app permission policy to gradually roll out a new third party or custom build apps to specific users or simplify the user experience especially when you start rolling out teams across your organization admins and team owners can control whether a team allows for custom apps to be added to it this allows members to upload custom app settings together with user custom apps policy determines who can add custom apps to a particular team turn on the allow interaction with custom app settings in microsoft teams admin center for all wide settings for the team level turn off the allowed members to upload custom apps for every team to which you want to restrict access now that we have learned about teams apps in this lesson we're going to learn about microsoft teams meetings and conferencing once you have set up teams channels and application within microsoft teams the next step you can take is to add and customize the meeting settings and policies for audio conferencing video and sharing there are different types of meetings that you can create in microsoft teams depending on the nature of the meeting private meeting channel meeting and adhoc meeting or meet now in private meeting is when you want to have a meeting with individual people but you do not want the meeting to be visible to others channel meetings are scheduled in teams team all team members are automatically invited and will have access to discussion and recording adopt meeting is when you want to meet immediately at the current point in time without previously scheduling a meeting let's explore meeting policies with meeting policies you can permit and or restrict features that will be available to users during the meeting and audio conferencing you must first decide if you are going to customize the initial meeting policies and whether you need multiple meeting policies then you must determine which group of users receive which meeting policies finally you must determine whether your organization must purchase and deploy room system devices for your conference rooms let's understand the licensing concepts audio conferencing licenses are available part of office 365 is audio conferencing licenses are available as part of office 365 e5 subscription or add on licenses to an existing subscriptions as you plan for audio conference licensing you must determine whether your organization is going to use microsoft teams live events if the answer is yes then you must determine who will be responsible for reporting and monitor usage with teams live events policies you can manage even settings for groups of users according to your organizational requirement you can either continue to use the default policy or you can create additional policies that can be assigned to users who hold live events within your organization let's understand transcription service during a meeting users can optionally record the meeting and group calls as well as capture audio video and screen sharing activity in addition recording can be automatically transcribed which will enable the users to play back meeting recordings with closed captions and search for important discussion points in the transcript to automatically transcribe a recording you must turn on leading transcription service now that we have understood from a high level point of view meeting and conferencing in microsoft teams in this lesson we're going to learn about how to configure confidence bridge within microsoft teams confusing bridges allow users to dial into meetings through their phones when configuring audio conferencing in your office 365 environment you will receive four numbers for your users from what is called an audio conferencing bridge these phone numbers are used when the user dial into a meeting as an admin you can choose to continue using the default settings for your conference bridge or you can change the phone numbers and other settings however you must first decide if you need to add a new conferencing bridge number which number should you use by default if you need to modify the bridge settings and whether you must port numbers to use with audio conferencing let's go and explore how to add additional conference bridges in the microsoft teams admin center so i'm in my team's admin center on the left hand navigation pane select meetings and then select conference bridges on the conference bridges page this is where you can see all the available conference bridge number available if you would like to add a new toll-free number you can click on add and select a toll-free number or a total number to define a default conference bridge all you have to do is select a number and make this a default by selecting the stick box if i want to change another default if you if you notice if i change it to more score ratio i can set as a default by going into set as a default you can configure conference bridge settings in teams admin center by going into bridge settings this is where you would be able to add and modify bridge settings details for meeting entry and exit notification entry exit announcement type ask caller to record their names before joining the meeting pin length etc now that we have learned about conferencing bridge settings in this lesson we're going to learn about managed meeting policies and settings in many organizations teams admins must control the features of meetings which the users within their organizations are scheduling many features are controlled by creating and managing meeting policies which are then assigned to users you can manage meeting policies within the team's admin center or by using windows powershell meeting policies can be applied in three different ways per organizer per user and per organizer and per user in the per organizer mode all meeting participants inherit the policy of the organizer only the per user policy applies to restrict certain features for the organizer and or meeting participants per organizer and per user certain features are restricted for meeting participants based on their policy and the organizers policy let's go and find out how to create a new meeting policy i am in my team's admin center on the left-hand navigation page you can go to meetings and find meeting policies there you can click on add to create a new meeting policy enter your meeting policy name under general you have four options allow meeting allow meet now in channels allow the outlook added allow channel building scheduling and allow scheduling private meetings then you have settings for your audio video content sharing and participants and guests as well microsoft teams provides meeting settings that determine whether anonymous users can join teams baiting customers meeting customized meeting invitations and if you want to enable quality of service if you change any of these meeting settings the changes will be applied to all team meetings some of the meeting settings are participants email invitation and network settings let me go let me quickly go and show you where to find this meeting settings under teams admin center within meetings you can go to mailing settings this is where you can find settings for participants email invitation and inbox settings participants with this option you define whether anonymous participants can join a meeting with email invitation if your organization have specific meeting needs and requirements concerning the meeting invitation you can customize them here if you are using quality of service to prioritize network traffic you can enable qos and set port ranges for each type of media traffic now that we have learned about meeting settings in this lesson we're going to learn about live events in microsoft microsoft teams offers uses chat based collaboration calling meetings and live events a live event is created for one too many communication where the host of the event leads the interactions and audience participation is primarily geared to viewing the content shared by the host the attendees can watch the live or recorded event in yammer themes or stream and they can also interact with the presenters using moderated q a or yammer composition for live events microsoft teams provides an option that enables users to expand their meeting audience by broadcasting video and meeting content online to large audiences of up to 10 000 attendees enterprise content delivery network enables you to take video content from the internet and distribute it through your enterprise without impacting network performance the most important aspect of using live events in microsoft teams is to provide the attendees a great user experience without having to deal with any issues the attendee experience uses azure media player for events produced in teams and stream player for events produce an external app or device in microsoft teams admin center the tenant admins can view real-time usage analytics or live events the live event usage report provides an overview of live event activities held in an organization now that we have learned on a high level what is live events in this lesson we're going to learn about how to manage live event policies i'm on my microsoft teams admin center to manage live event policy go to meetings tab expand it and select live event policies you can modify an existing policy or you would be able to create a new policy give a name for your policy and select would you like to allow scheduling allow transcription for attendees who can join schedule event everyone within your organization or a specific user or group who can record an event or you can keep it as always record so you can view it in streams as well settings for live event that are held within your company can be configured in microsoft teams admin center the administrator can set up a support url and configure a third-party video distribution provider let's go and explore how to do that i'm in my team's admin center to modify live event settings at the meetings go to live event settings this is where you would be able to customize the url or use a third-party distribution program then you can select the provider over here as of now you have to provide a hive and collect it once you pick a provider you can enter the provider by using provider date it is the license id which you have received from your provider contact and enter the api template url which you have received from your provider contact as well using live events in yammer can provide your office 365 users with the ability to produce live events directly in the yammer live events support up to 10 000 entities in the same moment from anywhere using the entities device or computer if you decide to record the live event you can make the video available after the event so the people who cannot attend at the scheduled time can still participate now that we have learned about the live event settings and policies in this lesson we're going to learn about managed phone numbers microsoft teams includes cloud voice capabilities that are delivered from office 365 and provide private branch exchange or pbx functionality phone system in microsoft teams allow users to place and receive calls transfer calls and mute or unmute calls within microsoft phone system calls between users in your organization are handled internally however to enable calls to landlines and mobile phones phone system must be connected to the pstn and pstn connection can be established in two ways calling plan and direct routing establish and receive calls directly through your office 365 phone system as a telephony provider by purchasing microsoft calling plan this include both domestic or domestic and international for office 365. in direct routing you can connect your current on-premises pbx infrastructure with the office 365 phone system by using direct routing license users can call out to numbers located in the country or region where they are assigned in their office 36 under domestic and international calling plan license users can call out numbers located in the country or region where their office resisted for license is assigned to the user based on the user location add to the international number in the supported country or regions you must meet these following infrastructure requirements to deploy a direct routing solution in your organization before you can assign phone numbers to the users or services in your organization you must first get the phone numbers there are three ways you can get the phone number using the microsoft teams admin center port your existing number and user request form for new numbers for some countries or regions you can get numbers for your users using the microsoft teams admin center you can pour or transfer existing numbers from your current service provider or phone carrier finally depending on your country or region you may not be able to get your new number using microsoft insight center or you will need a specific phone number or area codes in either case you will need to download a form complete it and return it to microsoft there are two types of phone number user number and service number user numbers can be assigned to users in your organization for calling purposes service numbers are assigned to services such as audio conferencing auto attentions and call queues let's go to the team's admin center and find out how to get new phone numbers in the themes admin center you can go under voice and click on phone numbers if you have added any number you would be able to see over here or you can click on port to pour a new number or you can simply add and select the country region number type call queue auto edited dedicated conference bridge and provide the rest of the details to add a new number within your phone system an emergency location may be referred to as a civic address street address or physical address an emergency location is associated with a place to give you a more exact location within a building a place is typically a floor building wing or office number where the user is located when adding emergency location for your organization it is recommended that you follow the steps like plan for emergency location add emergency location and get phone number and finally assign phone numbers please note that take extra care when configuring and maintaining your organizational emergency location as they can literally impact the life or depth of your employees several countries or regions have strict law that require company to ensure the availability of an emergency phone number in the event of an accident let's go and show you how to add emergency address at the microsoft teams admin center so i am in my team's admin center go under locations click on emergency address this is where you would be able to add a new emergency address for your tenant your country and fill out the details with all the valid information after you have finished setting up a calling plan in your organization you must assign phone numbers to your users you can also manage and remove user's phone number if need be let me show you where you can add phone numbers for your users i'm in my team's admin center go under voice and this time you're going to select phone numbers i don't have any number added for a user but this is where you can come and add a user phone number and you can find out who you assigned to and once you have assigned a number then you can go back to a user and click on a particular user and under the account tab this is where you would be able to see the information and you can modify the number as well boys sitting for users include call sharing and group call pickup feature for microsoft teams which let users share their incoming calls with colleagues so that their colleagues can answer calls and occur while the user is unavailable you can modify the voice settings and you can view the details over here in the team's admin center in this lesson we're going to learn about how to manage phone system for microsoft team a resource account is disabled user object in azure active directory it is used to represent objects other than users for example in exchange it can represent conference rooms and in teams it allows each conference group to have a phone number phone system called queues and auto item date must have at least one associated resource account in microsoft teams let me show you how to create resource account in microsoft teams admin center so you can go under microsoft teams admin center go to onward settings click on resource accounts as of now i don't have any details but this is where you can come and create a new resource account and you can select is it a call queue or auto attended with cloud call queues you can add different feature for calling such as a greeting message music while playing music while people are waiting on hold redirecting calls to call agents in mail enable distribution list and security groups setting different parameters such as queue maximum size timeout and call handling options let me quickly show you where you can configure that i'm in my team's admin center go under voice and click on call queues as you can see that i don't have any call queues available at the moment click on add give a name and you can add an account or a resource account select the language and you can select do you want to add a greeting or would you like to upload a audio file you want to play music on hold or play an audio file all of the queue related items can be modified and updated in this particular auto attendants enable both external and internal callers to use menu system to locate and place calls to users or departments in your organization when people call a number that is associated with an auto attendant their choices can redirect the call to a user or locate someone else in your organization and then connect to that user let me quickly go and show you where you would be able to add auto attended with an existing resource account i'm in my team's admin center under voice you can click on auto attendance click on add give a name and select the details like who is the operator a person in organization voice app or an external phone number what time zone and what sort of language it is the advanced settings this is where you can add details like grading information and where would you like to route the call next call flow will give you option to set your business hours set up after our call flow and then route the call details as well this is where you would be able to upload your holiday call settings you can add a resource account and assign phone number to the resource account here call park which is available in teams only mode enables a user to place a call on hold in team service in the cloud for example a user phone is running out of battery so the user decide so the user decides to park a call and then retrieve the call from team's desk phone to park and retrieve calls a user must be an enterprise voice user and an administrator must grant the user a call part policy so let me quickly show you how to enable a call park policy in teams admin center serve in my team's admin center on the left hand side under voice you can find call park policies you can edit an existing policy or you can create a new policy this will give you an option to allow car allow call park option call pick up start rate and in time and park timeout options as well calling policies in microsoft teams help you determine which calling and call forwarding feature will be available to your users let's go and explore how to enable a call calling policy i'm on my team's admin center under voice you can find calling policies i'm going to modify an existing policy to show you what are the options available you have option to you have an option available to make private calls call forwarding voicemail on call router inbound call routing busy on busy psg calling etc caller id policies in microsoft teams can help you change or block the caller it is set up by default so that when a team's user calls a psc and phone their phone number is visible caller id policies are managed in microsoft teams admin center in voice section let's go and find out how to do that so i'm in my team's admin center under voice you can click on caller id policies i'm going to modify an existing caller id policy this is where you have options like block incoming caller id override the caller id policies replace the caller id and replace the caller id with a service number the direct routing health dashboard can help you monitor the connection between your session border the connection between your sbc and direct routing interface this can give you details like your overall health detail information about your sbc and network effectiveness ratio in this lesson we're going to learn about microsoft teams add-on licensing and on licensing for voice capabilities and phone system features provide additional teams features to users with an active subscription plan for example if a user is licensed with microsoft 365 e3 and wants to use calling features for voice communication you can purchase a phone system add-on license and a calling plan license to provide usage rights for the phone system of your office 365 and credits to perform your phone calls depending on which plan you already have the following android license are available to provide microsoft teams and voice calling features audio conferencing enables users to provide dial in phone number for teams meetings toll free numbers enables users to add regional toll-free dial-in phone number for conferencing phone system options enables users to use themes with traditional on-premises and cloud pbx phone system solutions that provide calling to pstn calling plans enable users to call any phone number outside of your business their domestic calling plans and domestic and international calling plans microsoft teams rooms enable you to use capable devices for connecting video audio and content sharing features to conference room in this lesson we're going to learn about how to troubleshoot audio video and client issues troubleshooting problems within microsoft teams may include a wide array of possible areas that you need to investigate starting from the team's client up to the co-existing mode settings configured by your team's administrator most issues discovered with microsoft teams client can be tracked back to firewall or proxy connectivity verifying the necessary urls ip address and ports are opened in your firewall or proxy will minimize unnecessary troubleshooting clearing the microsoft teams client cache is the recommended first step to troubleshoot if you discover any information mismatches such as incorrect display name there are three types of log files that are automatically produced by client that can be leveraged to assist troubleshoot microsoft teams debug or diagnostic logs media logs and desktop or bootstrapper logs troubleshooting teams and skype for business users is a very complex process that require you to understand the concepts of that require you to understand the concept of coexistence for microsoft teams namely themes coexistence mode and federation call analytics can help you troubleshoot call and connection problems with microsoft teams call analytics show detailed information about devices networks connectivity for the calls and meetings of each user in your office 365 account where call analytics is designed to help admits and help desk agents troubleshoot the call quality problems with specific calls the call quality dashboard or cqd is designed to help teams admins and network engineers optimize a network cqd shift focus from specific user and instance look to aggregate information for an entire team's organization microsoft call quality power bi connector enable you to build your own custom reports you can use customizable power bi templates predefined by microsoft as a starting point for your new report layout data models and queries all right so that's the end of this course please do remember to use microsoft learn content to complement this lecture content and thank you so much for taking time to learn this course i will see you on the next one until then take care
Info
Channel: Susanth Sutheesh
Views: 109,030
Rating: undefined out of 5
Keywords: ms700, ms-700, teams administrators, managing microsoft teams, ms teams, full course, training, microsoft teams training, collaboration platform, certification course, free training, exam ms-700
Id: -Gs3dmS-jnE
Channel Id: undefined
Length: 236min 15sec (14175 seconds)
Published: Mon Jan 03 2022
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.