Merry Christmas to the community!

The year is coming to an end and we pause for a moment. Thank you for being part of our community. Your loyalty was our best compliment again this year and the reason why we do what we do.

We are already looking forward enthusiastically:
We are really looking forward to being there for you again in 2026. With charged batteries, fresh impulses and the same heart and soul as before, we will do everything we can to support you in the best possible way in the new year.

Enjoy the holidays, recharge your batteries and spend a wonderful time with your favorite people.

Merry Christmas!

Articles | Year 2025

• Exchange Online | EWS shutdown May 20277. February 2026
  The end of Exchange Web Services (EWS) in Exchange Online is no longer a theoretical scenario, but a timed process that must dominate your infrastructure planning from now on. Microsoft has released the final timeline for disabling and completely removing EWS, turning migration to the Microsoft Graph API from a recommendation to an acute necessity. EWS comes … [Weiterlesen]
• Microsoft Purview DLP | Browser & Web Protection7. February 2026
  In the current IT security landscape, a fundamental erosion of the classic network perimeter has taken place. The web browser is no longer just a tool for retrieving information, but has become the primary operating system for enterprise applications and thus the most critical point of egress for sensitive data. While traditional endpoint data loss prevention (DLP) … [Weiterlesen]
• Dynamic M365 groupsets without Entra P12. February 2026
  Microsoft Entra ID P1 licenses are a hurdle for many SMBs and IT departments when it comes to just one feature: dynamic groups. While Microsoft charges monthly fees per user for automated group memberships, the same logic can be mapped with on-board tools, some PowerShell and Azure Automation. The goal is a “pseudo-dynamic group” that maintains itself … [Weiterlesen]
• Purview eDiscovery | Advanced Review Set Explorer from February 2026!26. January 2026
  Today, when it comes to forensic analysis of terabyte-sized eDiscovery cases in Microsoft Purview, you’re hitting hard architectural limits. The current search standard, the Keyword Query Language (KeyQL), is optimized for full-text searches, but becomes a massive bottleneck when it comes to metadata aggregation and pattern recognition. The previous workaround – the export of case data to … [Weiterlesen]
• SharePoint | RCD Delegation: Securely control Copilot access26. January 2026
  Microsoft 365 Copilot is a double-edged sword: it massively increases productivity, but at the same time increases the risk of uncontrolled data leakage (oversharing). The technical answer to this problem is Restricted Content Discovery (RCD). For a long time, this feature was a purely administrative tool that was centrally controlled, which inevitably leads to an operational bottleneck … [Weiterlesen]
• SharePoint Online | December 2026: Smart Tagging for eSignature24. January 2026
  Until now, contracts that have been released via eSignature usually end up in SharePoint as unstructured PDF files. To automatically track their legal validity or conduct compliance audits, you previously had to connect external Power Automate workflows to the APIs of signature providers (such as DocuSign or Adobe). Starting in December 2026 , Microsoft will pull this … [Weiterlesen]
• Entra ID “Role Bloat” | Ignore the new Teams role!19. January 2026
  Microsoft has announced another administrative role with the Message Center Update MC1215071 (from January 8, 2026): the Teams External Collaboration Administrator. This brings the number of available built-in roles in Entra ID to 134. On paper, this sounds like granular security and the “least privilege” principle. In practice, however, this fragmentation often leads to the opposite: role … [Weiterlesen]
• Microsoft 365 Group Types: Identity & Collaboration Decision16. January 2026
  Choosing the wrong group type in Microsoft 365 is comparable to a foundation error when building a house: You only notice it when the walls are standing and cracking. What starts as a quick fix for “We need an email address” often ends up in redundant objects, unclear permission structures, and an administrative nightmare. A clean identity … [Weiterlesen]
• Microsoft Entra ID | Focus on Synced Passkeys & Account Recovery14. January 2026
  The acceptance of multi-factor authentication (MFA) often stagnates at one point: usability. While nearly 50% of Entra users now use MFA, operational costs remain high due to help desk tickets and lost productivity. At Ignite 2025, Microsoft presented two architecture components, the public preview for Synced Passkeys and High-Assurance Account Recovery , that solve this problem not … [Weiterlesen]
• Microsoft Purview DLP | Browser & Web Protection14. January 2026
  In the past, data security was simple: You put a firewall or proxy at the perimeter and blocked URLs like dropbox.com or wetransfer.com . When the traffic left the corporate tunnel, it was controlled. This model is architecturally dead today. Why? In a world of “work from anywhere”, your clients are often located outside the company network. … [Weiterlesen]
• Microsoft 365 | Admin Center Links & Knowledge13. January 2026
  Time is the one resource you can’t scale as an admin. If you manage Microsoft 365 professionally, you know the problem: Microsoft renames portals, moves menu items or hides essential functions behind new URLs. Yesterday it was the Azure AD Portal, today it’s the Entra admin center. Tomorrow it may be called differently again. To shorten your … [Weiterlesen]
• Microsoft Teams | Chat by email: The danger of the “shadow guests”!12. January 2026
  Microsoft is rolling out the “Start Chat with Email Address” feature in February 2026. On paper, this sounds harmless … a Teams user types in an email address, and communication begins. Technically, however, a significant architectural shift is taking place here, which directly attacks your identity governance if you’re not careful. Learn more -> https://www.microsoft.com/en-IE/microsoft-365/roadmap?filters=&searchterms=513271 The problem … [Weiterlesen]
• Microsoft Entra ID | New Revoke Sessions Button from February 202611. January 2026
  No more guesswork in the incident response case. Microsoft is finally cleaning up the Entra Admin Center and eliminating a historical legacy that has been annoying admins for years: The distinction between “Revoke sessions” and “Revoke multifactor authentication sessions”. From February 2026 , there will be only one button. This sounds like a cosmetic UI change, but … [Weiterlesen]
• Microsoft Purview DLP | Secure Teams, SharePoint & OneDrive without an E5 license9. January 2026
  You’ve defined your Mail DLP strategy in the last guide “Exchange Online: Blocking, Encrypting & Approving” and the basic foundation of your rules is in place. Now let’s focus on the central data stores in modern work environments: Microsoft SharePoint Online and OneDrive for Business. Why this focus on the storage backend? Because these two services form … [Weiterlesen]
• Exchange Online | Microsoft overturns the External Recipient Limit!8. January 2026
  On January 06, 2026, the Exchange team surprisingly put on the brakes. The planned introduction of the Mailbox External Recipient Rate Limit (MERR) has been officially canceled indefinitely. Originally, this technical restriction was intended to cap the sending of e-mails to external recipients at 2,000 pieces per 24 hours (rolling window). The limit, which was originally planned … [Weiterlesen]
• Disable Microsoft 365 Copilot in the Office apps: Registry, GPO & Intune5. January 2026
  The integration of Microsoft 365 Copilot does not take place via a single “off switch”, but is deeply anchored in the DNA of Office applications. An administrator who wants to keep control here must understand that we are dealing with a Hydra problem : A head is cut off (e.g. by license revocation), but the “teaser” button … [Weiterlesen]
• Microsoft Purview DLP | Lifecycle: Understanding, Evaluating and Automating Signals4. January 2026
  DLP Incident Lifecycle Anyone who activates DLP policies but ignores the alerts is engaging in compliance theater. A DLP system is not a static shield, but a sensor network that requires permanent calibration. When sensitive data leaves the tenant, the quality of your triage processes determines the damage, not just the block action. The architecture of Microsoft … [Weiterlesen]
• Windows 11 | Disable Copilot, Recall & AI via GPO3. January 2026
  What began as an optional feature in 2024 is now deeply anchored in the system’s core: the Copilot is omnipresent. On modern hardware (Copilot+ PCs), Windows Recall is also available to store snapshots of user behavior – a feature that we must proactively prevent before a user (or an update) ticks the wrong box and activates it. … [Weiterlesen]
• Microsoft Purview DLP | Exchange Online: Block, Encrypt & Approve3. January 2026
  Email is the dinosaur of digital communication – and despite Teams or Slack, it’s still the number one gateway for data loss. Whether it’s a wrong recipient in the “Cc”, a thoughtless “Reply All” or the well-intentioned sending of an Excel list to your private address to continue working on the weekend: As soon as an email … [Weiterlesen]
• Microsoft Purview DLP | Architecture & Strategy Guide1. January 2026
  In the articles “Sensitivity Labels: Architecture & Practice” and “Automated Application of Sensitivity Labels“, we looked at how you can classify data using sensitivity labels (tagging). That’s the “what”. Now let’s take care of the “what then“. Data is volatile today. They no longer remain static behind the company firewall, but diffuse via Microsoft Teams, land on … [Weiterlesen]
• Comes across well! Here’s to a successful year 2026!31. December 2025
  The year is coming to an end and the perfect moment has come to pause for a moment. Behind us are 12 months full of exciting IT topics, new AI features and many blog posts. Before we turn our attention to the new Microsoft strategies again in January, we would simply like to say thank you. Thank … [Weiterlesen]
• Microsoft 365 Price History | A chronology of costs (2011–2026)31. December 2025
  Anyone who looks at Microsoft invoices today and compares them with 2021 often rubs their eyes in amazement. For more than a decade, Microsoft knew only one direction when it came to cloud prices: sideways. But since 2022, we have been experiencing a real “staircase effect”. We have analyzed the price development of the two main plans, … [Weiterlesen]
• Exchange Online | Blocking of old ActiveSync clients (<16.1) from 03.202629. December 2025
  Deadline March 1, 2026: What administrators need to know about Exchange ActiveSync (EAS) now. Microsoft continues to clean up the legacy protocols. A recent announcement confirmed that from March 1, 2026 , Exchange Online will no longer allow connections from email clients that use outdated versions of the Exchange ActiveSync (EAS) protocol. For companies, this means that … [Weiterlesen]
• Microsoft Copilot | What the “Temporary Chat” can do – and what it can’t do28. December 2025
  You may have already noticed the new switch in Microsoft 365 Copilot. Microsoft has retrofitted a function that many users already know from ChatGPT or Perplexity: Temporary Chat. But while end users are happy about more privacy, alarm bells should ring for you as an admin, or at least questions should arise. What does “temporary” really mean … [Weiterlesen]
• Microsoft Copilot | License comparison27. December 2025
  Do you feel the same way? You open Microsoft Edge or Word, and it says “Copilot” everywhere. But not all co-pilots are the same. Microsoft has combined completely different products under the same brand name, which differ drastically in function, privacy and price. For IT admins and decision-makers, this confusion is dangerous. Anyone who uses the free … [Weiterlesen]
• Microsoft Purview | Data Lifecycle Management: Data Lifecycle Management26. December 2025
  Data has an expiration date, or an eternity obligation. The trick is to manage both automatically. Hand on heart: Can you guarantee that every business email from the last 10 years is available in an audit-proof manner, even if an employee deleted it from the trash yesterday? Many administrators mistakenly rely on the backup here. However, a … [Weiterlesen]
• Exchange Online Hardening | Security & Privacy Best Practices25. December 2025
  As soon as the first mailbox is set up in the Microsoft Cloud, it is accessible worldwide. But be careful: Microsoft’s default settings are primarily designed for maximum compatibility, not maximum security. Before you migrate the bulk of your users, work through this guide to harden your environment against data leakage and attacks. Here are the most … [Weiterlesen]
• Microsoft Purview | Securing Copilot: DLP Strategy & the Browser Trap25. December 2025
  Security in the age of generative AI often resembles an endless hare and hedgehog race. As soon as the storage locations are secured, data finds new, creative ways into the models. Microsoft is now reacting to exactly this scenario and is currently rolling out (in preview status since the end of 2025) a crucial extension for Microsoft … [Weiterlesen]
• MS365 | Device Security Policies24. December 2025
  In our digital era, security is hotter than ever! Have you ever wondered how not to lose track of the jungle of cyber dangers? It’s simple: with strong device security policies in Microsoft 365. Here I’ll show you how it works – step by step! Why are device security policies so important in Microsoft 365? Data protection: … [Weiterlesen]
• Merry Christmas to the community!24. December 2025
  The year is coming to an end and we pause for a moment. Thank you for being part of our community. Your loyalty was our best compliment again this year and the reason why we do what we do. We are already looking forward enthusiastically: We are really looking forward to being there for you again in … [Weiterlesen]
• MS365 Entra ID | Enterprise Apps – Disable User Consent & Audit via PowerShell24. December 2025
  “Sign in with Microsoft” – as convenient as it is for users, it quickly becomes a nightmare for administrators. Over the years, countless “enterprise applications” accumulate in almost every Microsoft 365 tenant. Often we don’t even know where they come from or what permissions they actually have. In this article, I’ll show you why freely adding apps … [Weiterlesen]
• MS365 | Fix “LogonDenied” error on IMAP & OAuth – PowerShell Fix23. December 2025
  You know the game: The deactivation of Basic Authentication forces us all to act. Your DMS, ticket system or archive should finally access Exchange Online via OAuth2. In Azure, everything looks green, the token comes, but access pops. Why this happens and how to fix the “LogonDenied” error. The switch to the so-called “Client Credentials Flow” is … [Weiterlesen]
• Microsoft 365 | Privacy Guide21. December 2025
  Your guide to security, compliance, and governance Here you can find out how to configure your tenant not only productively, but also securely and GDPR-compliant. We’ll walk you through the latest best practices, from global organization settings to the depth of each service. 🆕 Last update on 25.12.2025 | As the cloud is constantly changing, we are … [Weiterlesen]
• Microsoft 365 EntraID | Monitoring and integrity20. December 2025
  – EntraID Monitoring: Protocols, Diagnosis & Health in Detail “My login doesn’t work.” – When this sentence is uttered, the detective work begins for you as an administrator. Is it the password? Does a conditional access policy apply? Or is the account blocked? The Monitoring & Health in Microsoft Entra is your cockpit for responses. It’s the … [Weiterlesen]
• Microsoft Purview | Automated application of sensitivity labels19. December 2025
  – with PowerShell and Microsoft Graph Previous article: Microsoft Purview Sensitivity Labels: Architecture & Practice Guide Manually maintaining sensitivity labels is feasible in small environments, but a Sisyphean task in enterprise environments. If you have thousands of SharePoint sites and Microsoft Teams to manage, the GUI (Graphical User Interface) is too slow, too error-prone, and simply not … [Weiterlesen]
• Microsoft Purview | Sensitivity Labels: Architecture & Practice Guide19. December 2025
  – Architecture, application, and best practices for IT administrators The amount of sensitive data in companies is growing exponentially – and with it the risk. In a modern world of work, where data constantly crosses the boundaries of firewalls and networks, classic perimeter-based security models or pure NTFS permissions are no longer enough. Here we change the … [Weiterlesen]
• Windows Server Hardening | The Ultimate Blueprint for Maximum Security14. December 2025
  Windows Server is at the heart and often the crown jewel of your enterprise infrastructure. However, its central role makes it a preferred target. Hardening is not just a checklist, it’s a strategic necessity. It means systematically decimating the attack surface and configuring security mechanisms in such a way that even complex attacks come to nothing. Hardening: … [Weiterlesen]
• Microsoft 365 Copilot | GPT-5.2 & new analysis modes13. December 2025
  Microsoft is ushering in the next era of AI-powered productivity. The company has started the rollout of OpenAI’s GPT-5.2 into Microsoft 365 Copilot , while introducing three revolutionary operating modes: Instant, Thinking , and Auto Analysis. The update, which began on December 11 , promises not only higher speed, but above all a massive leap in the … [Weiterlesen]
• Microsoft 365 Roadmap 2026 | From assistance to autonomy12. December 2025
  The IT world as we know it is just saying goodbye. We are not facing a simple version jump, but a fundamental reorganization of the system architecture. So far, your task has been clearly defined: You have provided infrastructures that were highly available and waiting for a human to operate them. However, the Microsoft 365 Roadmap 2026 … [Weiterlesen]
• Microsoft 365 Copilot | brings order – or chaos! You decide!9. December 2025
  The introduction of Microsoft 365 Copilot is not a simple licensing project, but a fundamental intervention in your organization’s security architecture. The current state of many companies is characterized by historically grown authorizations, unstructured data storage and the deceptive protection provided by “security by obscurity”. In this old model, sensitive data was often protected only because no … [Weiterlesen]
• Microsoft 365 Price Increase | more expensive from July 20266. December 2025
  Microsoft has announced a major global price increase for its commercial subscriptions, which will take effect from July 01, 2026. The price adjustment affects both Microsoft 365 Business and Enterprise licenses . This article focuses on the business licenses. Note that the Enterprise licenses not covered here are also affected by a price increase of up to … [Weiterlesen]
• PowerShell – SharePoint Online | App-Only Authentication3. December 2025
  Managing SharePoint Online via PowerShell has been an integral part of administrative routines for years. But until now, authentication has been heavily tied to user accounts, which has caused problems in environments with multi-factor authentication (MFA) enabled or strict security policies. With the introduction of App-Only Authentication, i.e. certificate-based login for the SharePoint Online PowerShell module, Microsoft … [Weiterlesen]
• Windows Server CA: RPC Error 1722 & “Invalid Pointer” (0x80004003)28. November 2025
  In former Small Business Server (SBS) environments, many administrators encounter a seemingly mysterious problem: A freshly installed Certificate Authority (CA) on a new Windows Server refuses to issue certificates, even though the installation and setup went through without errors. Especially in scenarios in which the old SBS structures still “reverberate” in Active Directory, the modern architecture of … [Weiterlesen]
• Privacy in Microsoft Entra ID27. November 2025
  Microsoft Entra is much more than just the successor to the classic directory service (formerly Azure AD). In the uniform administration portal, you have full control: Here you control identities, authorizations and access rights centrally in one place. For you as an administrator, this means one thing above all: maximum transparency and a massive gain in security … [Weiterlesen]
• Privacy in Microsoft SharePoint Online26. November 2025
  SharePoint Online and OneDrive for Business are central building blocks for collaboration in Microsoft 365. But “out of the box”, many tenants are configured for maximum openness to make sharing content as easy as possible. From a GDPR and corporate security perspective, this is often problematic. As an administrator, you are faced with the challenge of balancing … [Weiterlesen]
• Data protection in Microsoft Teams25. November 2025
  Microsoft Teams has become the heart of modern collaboration – whether in the office, in the home office or in hybrid models. But in order for you to be able to use the various functions safely, a clean configuration of the settings and policies is mandatory. This is the only way to guarantee that the protection of … [Weiterlesen]
• Microsoft Teams | Settings – Advanced Encryption25. November 2025
  First of all, for peace of mind: Microsoft Teams always encrypts all data (TLS and SRTP), whether in transit or at rest. So your data is safe by default. But for certain scenarios – think of the conversation between the CEO and the CFO about a planned takeover or research results in the pharmaceutical industry – “certainly” … [Weiterlesen]
• Microsoft Teams | Settings – Emergency25. November 2025
  Many admins like to put this topic on the back burner. But if your company uses Microsoft Teams as a full-fledged phone system (Teams Phone), you have a legal and moral obligation to ensure that emergency calls (110/112) work. And not only that: the ambulance must also know where to go. 1. Emergency call (What happens when … [Weiterlesen]
• Microsoft Teams | Settings – Messages25. November 2025
  Under the menu item “Messaging Settings” you define globally what is technically possible in chats and channels. Here you make the decision between a casual WhatsApp atmosphere and a strictly regulated compliance environment. Compliance & Control (Delete & Edit) Right above you will find the settings that often trigger discussions between the works council, IT and compliance … [Weiterlesen]
• Microsoft Teams | Settings – Apps25. November 2025
  The “Settings – Apps” menu item (often called “Teams apps”) is huge, but one sub-area is particularly crucial for the daily comfort of your users: the app setup policies. Here, you don’t decide which apps are generally allowed (that’s what the permission policies do), but where and how these apps are visible to the user. Think of … [Weiterlesen]
• Microsoft Teams | Settings – External Collaboration25. November 2025
  The “External Collaboration” area is one of the most critical points in your tenant. Here you decide on the balance between efficient cooperation with external parties and the protection of your company data – in short: how permeable your digital boundaries are. In the new interface, Microsoft has provided clarity here. Instead of mixed settings, a clear … [Weiterlesen]
• Microsoft Teams | Settings – Teams Channels25. November 2025
  Microsoft has cleaned up a lot with the new interface of the Microsoft Teams admin center. The navigation looks fresher, and shots that used to be scattered are now grouped thematically much more logically. The first is the “Teams and Channels” area. This is the hub for your collaboration environment: it’s where you’ll find all the tools … [Weiterlesen]
• Microsoft Ignite 2025: The most important things at a glance21. November 2025
  {:d e} From November 18 to 21, 2025, Microsoft Ignite took place in San Francisco and Microsoft presented over 70 new features, products and updates. With over 200,000 participants (including 17,000 on site) and more than 400 sessions, the conference was a clear statement: the era of simple chatbots is over, the era of autonomous AI agents … [Weiterlesen]
• Microsoft 365 | Copilot Settings9. November 2025
  After we have dealt with the basic dashboard in the first part (data protection in Copilot), we now get down to the nitty-gritty: The Copilot settings. While the overview shows us who is using Copilot, here we define how the AI handles data and where your tenant’s boundaries are. For IT administrators, this area is the most … [Weiterlesen]
• Privacy in Microsoft 365 Copilot9. November 2025
  Microsoft 365 Copilot is an AI-powered tool that is directly integrated into the Microsoft ecosystem. Technically, it’s based on large language models (LLMs) that are linked to your company data in the Microsoft Graph . Copilot accesses content such as emails, documents, chats, calendars, and contacts to provide contextual support in Office applications (Word, Excel, Teams, etc.). … [Weiterlesen]
• Microsoft Teams | Automatic “Home Office / Office” Status26. October 2025
  Microsoft is announcing a Teams update for the end of 2025 that will automatically set your work location as soon as your device is connected to the company Wi-Fi. For many, this sounds like convenience. For others, more control. For admins, it means: clean planning, transparent information and technically correct implementation. Abstract What exactly is coming Teams … [Weiterlesen]
• AI Transcription | The legal pitfalls!20. October 2025
  Do you use AI transcription via Otter.ai, Fireflies, Zoom transcription, Teams Premium or Copilot in meetings? Then, depending on the setup, you quickly find yourself in a legal gray area. What helps great with notes can lead to fines, warnings and stress with the works council, customers and data protection without a clean procedure. Why transcription is … [Weiterlesen]
• Data protection with Microsoft Purview15. October 2025
  – The command center for your data protection Data is the new gold – and it’s everywhere: in Teams chats, emails, SharePoint lists, and on local devices. The challenge for administrators is no longer just to secure access (that’s what Entra ID does), but to protect the data itself , no matter where it goes. That’s where … [Weiterlesen]
• new MS365 icons in October 202514. October 2025
  Microsoft rolled out a comprehensive icon redesign for the MS365 suite in October 2025. Main applications from Word, Excel to Teams have received new icons, which represent a clear departure from the previous design. What has changed? The new design follows Microsoft’s “Fluid Design” philosophy and brings with it much more modern, colorful icons. The icons now … [Weiterlesen]
• Restore function for Conditional Access Policies?12. October 2025
  The management of conditional access policies in Microsoft Entra ID is a central component of modern security architectures. Until now, anyone who deletes a policy must be aware of the consequences, because restoration was not possible. With the introduction of a new restore function via the Microsoft Graph API, this paradigm is fundamentally changing. The goal is … [Weiterlesen]
• Microsoft OneDrive | Employee offboarding even easier6. October 2025
  Microsoft will soon improve the transfer of OneDrive data when employees leave – with optimized notifications, smart filters and bulk export. Do you know this? An employee leaves your company, and suddenly the big data chaos begins: What files are still in their OneDrive? Who needs access? And how do you make sure that nothing important is … [Weiterlesen]
• Windows 10 End of Support | Act now and get free updates!2. October 2025
  On October 14, 2025, support for Windows 10 will end. But with a Microsoft account, you can get another year of free security updates. How do I activate the free updates? For the first time, Microsoft is offering a Consumer ESU (Extended Security Updates) program for private users. You have three ways to register: Microsoft account Simplified … [Weiterlesen]
• Colocation | Is it worth outsourcing?22. September 2025
  Digitization is driving up the demands on the IT infrastructure. Higher bandwidths, stricter security requirements and exploding energy costs are confronting IT managers with a fundamental decision: Do I continue to expand my own data center (on-premises), do I go completely into the public cloud (AWS/Azure) or do I choose the middle ground? This is where colocation … [Weiterlesen]
• Microsoft 365: GPT-5 in Copilot, Exchange Vulnerability & Teams Unbundling21. September 2025
  Late summer 2025 marks a turning point for Microsoft 365 with far-reaching updates that fundamentally improve both the security and productivity of businesses and users. With the integration of GPT-5 into Copilot, a critical security update for Exchange, and the shutdown of legacy services such as Microsoft Lens, Microsoft is embracing a combination of AI innovation, security … [Weiterlesen]
• Update Entra ID Apps for Teams PowerShell21. September 2025
  Microsoft announced a change in August 2025 that is relevant for administrators who use Teams PowerShell in automated processes. Specifically, it affects Entra ID apps that run Teams cmdlets without user login. The goal of this adjustment is clear: to strengthen security and compliance with guidelines for administrative units. For you as an administrator, this means reviewing … [Weiterlesen]
• Microsoft 365: CSP Changes October 202510. September 2025
  The summer break is over and Microsoft is starting the fall with full force. There will be a fundamental reform of the Cloud Solution Provider (CSP) program that will turn everything upside down from October 2025 . Let’s summarize what awaits us and what we need to know now. Microsoft 365 in October 2025: These CSP Changes … [Weiterlesen]
• MS365 | ENTRA ID – Admin Center Overview4. September 2025
  Microsoft Entra ID is the central platform that organizations use to manage their identities and access rights. As soon as you log in to the Entra Admin Center , you will encounter two central views: the personal dashboard (home page) and the client’s technical overview. Both provide essential information, but have different focuses. The Home Page (Dashboard) … [Weiterlesen]
• Microsoft 365 EntraID | ENTERPRISE APPLICATIONS – Consent and Permissions3. September 2025
  One of the biggest gateways for data loss is not always the hacker who cracks a password, but the gullible employee who gives an app access to his data. “This app wants to read your contacts and send emails” – a quick click on “Accept” and the data will flow out. To minimize this risk (“Illicit Consent … [Weiterlesen]
• MS365 EntraID | Authentication – Settings & Policies1. September 2025
  In modern identity management, multi-factor authentication (MFA) is the gold standard. But attackers don’t sleep: Techniques such as MFA fatigue aim to bombard users with push notifications until they agree in annoyance. Microsoft Entra ID offers specific toggles in the admin center to prevent this from happening. In this article, we’ll show you how to correctly set … [Weiterlesen]
• MS365 EntraID | Authentication Methods – Password Protection1. September 2025
  In modern IT security, identity is the new firewall. For administrators, this means that protecting user accounts in Microsoft Entra ID (formerly Azure AD) is a top priority. But default settings are often not enough. In this article, we’ll take a look at the native security features of Entra ID, the authentication methods – password protection, that … [Weiterlesen]
• Microsoft 365 EntraID | Authentication Methods1. September 2025
  If Conditional Access is the bouncer, then the authentication methods are the badges and keys that your users show. The days when a simple password was enough are over. But not every MFA method is equally secure. In this section, we’ll configure how your users are allowed to sign in. We rely on modern, phishing-resistant methods and … [Weiterlesen]
• Microsoft 365 EntraID | DEVICES – Device Settings and Security1. September 2025
  Devices are now the new security perimeter. Whether it’s a company laptop or a private smartphone (BYOD), as soon as a device accesses your data, it needs to be managed. Effective management in Microsoft Entra goes a long way towards security and GDPR compliance. In this section, we’ll harden the “join” of devices and ensure that users … [Weiterlesen]
• Microsoft 365 EntraID | GROUPS – Group Settings1. September 2025
  Effective controls are essential when managing groups in Microsoft Entra. A “group” is rarely just a list of names, but often includes teams, SharePoint pages, and entire file repositories. Without maintenance, massive data protection risks arise here (shadow IT, orphaned data). We configure three things here: The creation (Who may?), the end (When will it be deleted?) … [Weiterlesen]
• Microsoft 365 EntraID | USER – User Settings1. September 2025
  Managing user permissions is often a balancing act: If you share too much, security gaps arise. If you restrict too much, productivity suffers and your mailbox is overflowing with tickets. In this section, we configure the three main areas: The internal permissions, the external collaboration (guests) and the user features. 1. Settings for internal users Here you … [Weiterlesen]
• Microsoft 365 EntraID | Conditional Access1. September 2025
  Conditional Access provides precise control over access conditions to resources, ensuring compliance with data privacy regulations and protecting sensitive data. It’s at the heart of your Zero Trust strategy: Instead of blindly trusting every login from the internal network, every request is reviewed in real time. When it comes to password protection, robust policies are essential. The … [Weiterlesen]
• Remove members from Microsoft 365 groups using PowerShell20. August 2025
  Managing group memberships in Microsoft 365 is a core part of any modern cloud environment. Groups not only control access to resources, but are also the basis for Teams, SharePoint sites, and other collaborative services. Removing members sounds trivial at first, but the reality is more complex. Different types of groups require different approaches, and the reliance … [Weiterlesen]
• Microsoft 365 Profile Card: New Admin Features & Pitfalls7. August 2025
  For a long time, customizing the Microsoft 365 Profile Card – the small window that pops up when you click on a name in Outlook or Teams – was a PowerShell or Graph Explorer task. If you wanted to display additional information such as the personnel number or cost center, you had to dive deep into the … [Weiterlesen]
• Microsoft 365 in July 202530. July 2025
  July 2025 will bring massive challenges and fundamental changes to the Microsoft 365 ecosystem for IT administrators. From critical security vulnerabilities to recurring Exchange Online outages to the final end of the Classic Teams client. Here’s everything you need to know. Massive Exchange Online disruptions mark July July 2025 will go down in history as the month … [Weiterlesen]
• PowerShell 2.0 removed – What does this mean for you as an administrator?26. July 2025
  The decision has been made: PowerShell 2.0 is history. With Windows 11 (version 24H2) and Windows Server 2025, Microsoft has completely removed the old engine. For you as an administrator, this is not a cosmetic update, but a security-related turning point. For decades, PowerShell 2.0 slumbered in many systems as a compatibility anchor for legacy scripts. Now … [Weiterlesen]
• Server upgrade or scaling? When you need to expand hardware15. July 2025
  A server that does its job is invisible. But as soon as websites throw timeouts, database queries hang or the SSH login becomes a test of patience, alarm bells ring for you as an admin. The knee-jerk reaction is often: “We need more sheet metal!” But is hardware scaling always the right answer? Often the problems lie … [Weiterlesen]
• Microsoft Purview | eDiscovery & Content Search12. July 2025
  In the modern world of work, data volumes are exploding. What used to be “just” a well-sorted email inbox is now a complex web of Teams chats, OneDrive documents, SharePoint lists and Exchange messages. For IT administrators and compliance officers, this is a growing challenge. Imagine the following scenario: The legal department is at your desk. There … [Weiterlesen]
• Microsoft 365 Device Code Phishing Policy | Exceptions2. July 2025
  One thing in advance! Since May 2025, Microsoft has automatically rolled out a “Block device code flow” conditional access policy to all Microsoft 365 tenants. This means that device code phishing is blocked by default without administrators having to take any action themselves. What is Device Code Phishing? Device code phishing is a sophisticated attack method that … [Weiterlesen]
• Microsoft 365 | Security & Compliance Update6. June 2025
  – Audit logs, Defender SIEM & DLP notifications in June 2025 Microsoft is once again tightening the screws around Security & Compliance. In the current month, administrators are affected by three changes in Exchange Online, Microsoft Defender and the Purview DLP workloads of SharePoint and OneDrive. All of them affect either classic cmdlets or integrations that many … [Weiterlesen]
• Microsoft Purview | Data Lifecycle Management: Retention Labels5. June 2025
  So far, we have worked with the “watering can”: A retention policy always applies to the whole container (the whole mailbox, the whole SharePoint site). Everything in it is treated equally. But what if you have to differentiate? This is where retention labels come into play. They stick directly to the individual file or email like a … [Weiterlesen]
• Microsoft Purview | Data Lifecycle Management: Publish labels (Label Policy)4. June 2025
  We painted the “sign” (created the label), but currently it is still in the basement. No one can see it. Now we have to hang it up in the company. This process is called Label Policy and many administrators stumble upon understanding this: Only by linking both elements in a policy does the label appear in the … [Weiterlesen]
• Microsoft Purview | Data Lifecycle Management: Establishing a Retention Policy4. June 2025
  In the first part of our practical series, we flip the switch and configure the global retention policy. It forms the indispensable foundation of your compliance strategy. Remember the principle of the “watering can” here: Our goal is an invisible safety net that protects the entire tenant across the board without a user having to click on … [Weiterlesen]
• Microsoft 365: Overview of all apps18. April 2025
  Microsoft 365 has developed into a powerful platform that goes far beyond the classic Office applications. In addition to Word, Excel, and PowerPoint, the suite now includes a comprehensive set of cloud-based tools for communication, collaboration, automation, and security. With a variety of applications to increase productivity, teamwork, and security management, Microsoft 365 offers a modern and … [Weiterlesen]
• Conditional Access Templates 202518. April 2025
  Why we need to talk about Conditional Access (again) Within Microsoft 365, the focus is currently shifting noticeably away from classic perimeter protection concepts to identity-based security. With the March/April 2025 updates at the latest, Microsoft is holding up a mirror to companies: New Microsoft-managed conditional access policies limit device code flows and automatically block outdated authentication … [Weiterlesen]
• PowerShell 7: Modules and WPF GUIs – A Practical Guide6. April 2025
  PowerShell 7 has long since emancipated itself from its image as a pure “scripting tool”. Thanks to open source, the leap to .NET Core and now .NET 9 (since version 7.5), you now get a cross-platform automation, scripting and even development environment in one package. For us system integrators, this opens up two highly exciting playgrounds: The … [Weiterlesen]

This post is also available in: Deutsch English