Are you ready to enhance the way your frontline workforce operates with Microsoft's suite of tools? Join us for Microsoft Frontline Fridays, a series of expert-led sessions designed to help organizations maximize productivity, security, and efficiency for frontline employees. Register for the session here.   Why attend Microsoft Frontline Fridays? This series is tailored for organizations looking to explore or optimize their use of Microsoft’s frontline solutions. Key benefits include: * Comprehensive Insights: Gain an in-depth understanding of Microsoft’s solutions for frontline workers. * Expert Guidance: Learn best practices from Microsoft specialists to maximize the impact of these tools. * Interactive Q&A: Get real-time answers from product experts to address your specific challenges. * Hands-On Experience: Participate in live demos and interactive activities to build confidence with the platform. What to expect These engaging sessions will provide expert insights, interactive learning, and practical resources to help you deploy and optimize Microsoft’s frontline solutions. Recordings and materials will be shared after each session, and you can choose to attend all or just the ones that interest you. Session Schedule: 1. Microsoft Frontline Solutions: Overview & Deployment Best Practices and Strategies Learn what Microsoft has to offer in the frontline space and how to successfully deploy Microsoft’s frontline solutions with a structured approach. This session covers planning, pilot deployment, environment setup, and app set up to ensure a smooth rollout. Also, learn how to protect frontline workers and organizational data with identity management, secure access controls, device management and secure & compliant solutions that lay the foundation for your tailored frontline environments. 2. Driving successful adoption & delivering value for frontline employees Whether you are shifting from an existing employee engagement solution to Microsoft 365 or expanding M365 experiences to new frontline users or scenarios, managing change in how employees get work done can be the most challenging aspect of technology implementations. In this session, we'll discuss best practices and key considerations related to enabling faster, more successful end user adoption to help your organization get the most from your investments. We'll share real-world learnings and patterns of success based on direct engagement with hundreds of customers across every industry (and we expect we'll learn new things from you too!). 3. Streamlining Operational and Corporate Communication Discover how Teams supports both top-down communications—like community announcements and leadership updates—and local frontline coordination using tools like chat, channels and Walkie Talkie, keeping everyone connected in real time without relying on non-compliant consumer apps. 4. Optimizing Operational Efficiency - How to do more with less, at scale Discover how Microsoft's Frontline solutions can help meaningfully re-engineer your existing business processes to be more efficient, easier to use, and measurable for a digital first and emerging AI world. Learn about everything from off-the-shelf schedule and task management to learning in the flow of work, along with integrating with third party systems of record like your workforce management, inventory and ticketing systems. 5. Turbocharging your Employee Home Experience through Customization Explore rich integrations with third party applications, unique and complex task flows, and home-grown apps, all presented in a single pane of glass. 6. Adding agents to your workforce: Transforming frontline efficiency with AI Learn about how to leverage Microsoft Copilot Chat and agents to optimize frontline workflows - such as relevant, reliable information retrieval, automating repetitive tasks and orchestrating multi-step actions. By participating in Microsoft Frontline Fridays, you’ll gain the tools and insights needed to empower your frontline workforce, enhance efficiency, and secure business operations. Register for the session here.  

We are thrilled to announce the release of Exchange Web Services (EWS) Usage reports in the Microsoft 365 Admin Center—a feature designed to simplify and enhance administrative oversight for tenants in their effort to remove EWS dependencies. This marks another milestone in our commitment to providing actionable insights and tools for our administrators, ensuring they have everything they need to manage the retirement of EWS. Why is this relevant to you? Exchange Web Services (EWS) will be deprecated starting October 2026, a decision announced some time ago to encourage users' transition to modern, secure solutions like Microsoft Graph. This retirement reflects Microsoft's commitment to scalability, security, and compliance while phasing out outdated technologies. To help administrators assess their dependence on EWS, the Microsoft 365 Admin Center now offers EWS Usage Reports. These reports provide key insights into usage trends, enabling proactive adjustments and smooth transitions ahead of deprecation. You can also download the data for further analysis and archival. How to Access EWS Usage Reports The reports are accessible to WW tenants via the Microsoft 365 Admin Center. To view them: * Log into the Microsoft 365 Admin Center * Navigate to the "Reports" section * Select "Usage" and from the Overview page select Exchange > EWS Usage. A dedicated guide with step-by-step instructions is available here: Microsoft 365 Reports in the admin center – EWS usage - Microsoft 365 admin | Microsoft Learn Who can access those reports? Microsoft 365 Admin Center reports are available exclusively to out Worldwide (WW) customers. If you need to understand EWS usage in government or other sovereign clouds, please refer to this project, which provides a self-service tool to retrieve usage data. The Exchange Team

It’s hard to believe it has been a few months already since we launched the new SlimCore-based optimization for Microsoft Teams in VDI, and with the adoption growing at light speed, we think it is a good time to have a checkpoint of where we are today, and where are we heading. When Microsoft embarked on this Teams re-architecture, there was one main principle: make VDI a first-class citizen and bring it to parity with native Teams. As mentioned in previous blogs, the new optimization is where all innovation will be delivered. So, in this article, I want to give you an overview of all the feature we have delivered after GA.   Why migrate to the new SlimCore-based optimization? Before we go down the feature rabbit hole, let us emphasize WHY you should be all-in with the new optimization. Having now demonstrated the solution at scale with large customers, we have received positive feedback from a variety of demanding user bases (e.g., day traders in the Financial vertical) that can help you convince your organization is time to upgrade.  Call setup times are reduced drastically; quality and performance improvements are noticeable to the naked eye, and a myriad of new features are now available (larger Gallery views, newer codecs, HID headsets, noise suppression, and the list goes on). If you did not start your journey, make sure you give it a try today!   New Features Custom Backgrounds: long awaited feature! Look like a hero to your users. Now they can upload corporate backgrounds or pictures of their cat to their background effects. A true user-delight, great for company branding too.   VDI Status Indicator: my favorite feature – no more guessing or clicking around Settings/About in order to find if you are optimized or not. We put it in front of your users, in prime UI real estate. A simple mouse hover even tells you if you are on SlimCore or WebRTC.  If things fail, we put a warning sign alerting the users, so they can even attempt self-repairs. If that also fails, we put in the error code so they can relay to IT Help Desks. This five-digit code should suffice for further troubleshooting, no logs required!   Restart Dialogue: as we add support for other platforms like MAC, or users roam between different endpoints that support / don’t support SlimCore, it is sometimes necessary to restart Teams to either upgrade the user from WebRTC to SlimCore, or downgrade from SlimCore to WebRTC.  Having said that, we know nobody likes to restart apps – so …  spoiler alert: we are working on a seamless stack transition, on-the-fly. No more restarts. Stay tuned.   Monitoring API: Do you like to customize? This feature is for you. Create a custom script on the VM that processes a json file that is updated in real time. Now your script knows if the user is optimized or not, the peripherals they are using, versions of all the components (e.g. Citrix Workspace app or Microsoft Windows App, plugin, SlimCore, etc.), and create your own warning/alerts (e.g. “You are using a non-corporate peripheral. Audio quality might be impacted”).   Call Quality Dashboard/Teams Admin Center: If you have not been using these 2 dashboards(a.k.a CQD and TAC) in the past, it is time you demand role-based access from your organization! You are able to monitor, in real time, optimized calls/meetings with a plethora of session information. Bad home Wi-Fi causing robotic audio? Not VDI’s fault – now you have proof. Built-in PowerBI templates provide even more visibility into your deployment.   Cross Cloud: users on SlimCore can now join optimized meetings hosted in other Clouds (like GCC, GCCH, DOD). Cross Cloud Anonymous join, Guest Access and Authenticated Meeting joins are now supported.   Screen Capture Protection: Azure Virtual Desktops and Windows 365 customers can now utilize this feature with the new optimization. Share your screen   Citrix Remote PC: we added additional logic in Teams to better handle roaming scenarios (console to HDX, HDX to console). Now, when users connect via Console, their Teams session is identified as a ‘non-VDI’ connection, making the experience equivalent to native Teams on Windows.   GigaOM: a third party report on new Teams plus SlimCore optimization performance that quantifies why you should move to the new optimization stack. TLDR; 20% reduction on client-side RAM and CPU, a better user experience under constrained networks, 30% faster meeting join times. These improvements are achieved by introducing newer codecs with hardware acceleration, and by moving the signaling agent to SlimCore (instead of relaying back from WebRTC to Teams in the virtual machine). Windows 365 Link: a simple, secure, purpose-built device for Windows 365. An affordable thin client that boots a persistent VDI fast, with full peripheral support and of course out of the box SlimCore-based optimization.   Next Steps And that’s a wrap up. As you can see, all innovations are now delivered on the new SlimCore-based optimization. While we have not yet announced WebRTC deprecation,  we encourage every Azure Virtual Desktops/Windows 365 and Citrix customer to start the adoption as soon as possible, so you can delight your users with the best experience Teams has to offer in Virtual Desktops. For the next steps to start using the new SlimCore-based optimization for Microsoft Teams in VDI, please check the system requirements and full documentation.

High Volume Email (HVE) for Microsoft 365 enables customers to send large volumes of email to internal recipients without recipient rate limits. The public preview of HVE was released on April 1, 2024, with general availability targeted for September 2025.  This announcement provides important updates for High Volume Email, including the continued support for Basic Authentication until September 2028, a focus on exclusively internal recipients and changes to the current Public Preview limitations.   Continued Support for Basic Authentication  Today, we are announcing continued support for Basic Authentication in High Volume Email until September 2028. This decision comes as part of our ongoing commitment to support your current authentication needs while ensuring a smooth transition to modern authentication methods.  While we strongly recommend using modern authentication (OAuth) for a more secure security footprint, we recognize that certain line-of-business (LOB) applications and devices may not support modern authentication yet.   We will continue to provide support and guidance during this transition period. Regular reminders and updates will be shared to ensure a smooth migration process, leading to the ultimate end of extended support for Basic Authentication with HVE in September 2028.   Why Modern Authentication?  As part of our last Public Preview update in October, OAuth support for HVE was added, and we encourage you to start planning your migration to OAuth to benefit from its enhanced security features.  Modern authentication methods (such as OAuth) provide a more secure and robust authentication mechanism compared to Basic Authentication. They provide stronger protection against various security threats and ensure a safer environment for your email communication. Some key security benefits include:  * Enhanced security & protection against credential theft: Modern authentication provides multiple layers of protection beyond simple username and password combinations. It uses tokens that are specific to the applications and resources for which they are issued, significantly reducing the risk of credential theft and re-use.  * Dynamic token management: These short-lived access tokens expire quickly and can be instantly revoked if compromised.  * Conditional access policies: Modern authentication enables intelligent decisions about who is trying to access what, from where, and on which device, providing more precise and granular access controls.  Learn more about the security risks of Basic Authentication and why it is being deprecated step-by-step across Exchange Online here.  Focus on exclusively internal recipients  Moving forward, HVE will support exclusively internal (within the tenant) messaging capabilities. As a result, the ability to send email to external recipients will be removed.  Customers will be able to send high volumes of email to internal recipients without any recipient rate limits.   This change is intended to simplify our email offerings and clearly define HVE’s purpose within the Microsoft 365 ecosystem.  For scenarios requiring high-volume email to external recipients, we recommend using Azure Communication Services (ACS) for email.  External sending capabilities will be removed from HVE later in June 2025.  Removal of Public Preview Limits  We are pleased to announce the removal of public preview limitations for HVE. Once these changes roll out, you will be able to create up to 100 HVE accounts, and internal recipient rate limits will be eliminated.   These changes will be implemented over the coming weeks, allowing you to fully leverage and explore the capabilities of HVE for your internal communication needs.  Feature  Previous Limit  New Limit   Number of HVE Accounts   20  100  Recipient rate limit  100,000 recipients per day (per tenant)  No limit  External recipient rate limit  2,000 per day  (per tenant)  0 (not supported)  For sending large email volumes to external recipients, please consider   Azure Communication Services (ACS) for email  Thank you for your interest in HVE! We’d love to get your feedback!    Feel free to leave your comments and feedback below.  Microsoft 365 Messaging Team 

The world is experiencing rapid changes, with artificial intelligence (AI) significantly transforming businesses and lifestyles. Additionally, it is impacting cybersecurity, as attackers leverage AI to refine their techniques. Microsoft is committed to ensuring that its AI-powered tools are secure and reliable for business applications. The security of AI remains a primary focus. M365 Copilot Chat Copilot serves as the user interface for AI, beginning with Copilot Chat. It is the chat experience utilized daily, powered by extensive knowledge from the web and designed to ensure safety and security for business applications. This platform signifies a fundamental change in our work methods, allowing individuals to operate more intelligently, efficiently, and collaboratively. While Copilot Chat is a powerful new on-ramp for everyone in your organization to build the AI habit, Microsoft 365 Copilot remains our best-in-class personal AI assistant for work. It includes everything in Copilot Chat and more.    M365 Copilot Chat Enhancing Security of M365 Copilot Chat with SafeLinks  We are excited to announce some important updates to M365 Copilot Chat that will enhance security and user experience: 1. SafeLinks protection at Time-of-Click of URL:   Microsoft Defender for Office 365's SafeLinks protection has been successfully released worldwide for Copilot Chat on Desktop, Web, Outlook Mobile, Teams Mobile and Microsoft 365 Copilot Mobile app (iOS and Android)!  * M365 Copilot Chat has integrated with SafeLinks in Defender for Office 365 to provide time-of-click URL protection for the hyperlinks included in its chat responses. User with MDO license clicks on a malicious link in Copilot ChatUser with MDO license clicks on a malicious link in Copilot Chat on Mobile * This functionality applies to users with Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. No policy configuration is needed within the SafeLinks policy.  * Within Microsoft Defender for Office 365 Security Center, the URL protection report will show the relevant summary and trend views for threats detected and actions taken on URL clicks generated from within M365 Copilot Chat. URL threat protection report showing clicks on a malicious link from Copilot Chat * Moreover, Security Operations Center analysts will be able to see the source of the originating URL clicks in the investigation and hunting experiences within Microsoft Defender for Office 365.   2. Native Time-of-Click URL Reputation Check: * For users without SafeLinks protection (which is available as part of Microsoft Defender for Office 365), M365 Copilot Chat will natively enable time-of-click URL reputation check for the hyperlinks returned in its chat responses.   User without MDO license clicks on a malicious link in Copilot ChatUser without MDO license clicks on a malicious link in Copilot Chat on Mobile 3. Hyperlink Display Changes: * M365 Copilot Chat no longer redacts hyperlinks in its chat responses if they are found in the grounding data used to generate the responses.  These updates ensure that M365 Copilot Chat remains a secure and reliable tool for your organization, helping you navigate the complexities of modern cybersecurity.  What’s Next? Following this release, SafeLinks protection will be available to Copilot App Chats for Word, PowerPoint and Excel.   Conclusion  As AI continues to evolve, so do the threats that come with it. At Microsoft, we are dedicated to staying ahead of these threats and providing our customers with the tools they need to stay secure. With the integration of SafeLinks, M365 Copilot Chat is poised to be a game-changer in the world of business AI.  Note: This blog post is associated with Message Center post MC1013453.  Learn more  Microsoft Defender for Office 365 SafeLinks protection M365 Copilot Chat 

The new chat and channels experience is now available to all Teams users in commercial as announced previously and will be rolling out to customers in GCC and other clouds over the coming  weeks. We’ve been listening to customers’ evolving needs, which call for efficient tools to help keep up with the pace of work. When designing the new experience, we had two main goals: 1. Help users catch-up and stay on top of all their collaboration efficiently in one place 2. Help users collaborate better in fewer places and reduce fragmentation The new experience is designed to be simple by default, enabling everyone to stay on top of what matters, and it’s powerful on demand, allowing you to organize information and communicate your way. Through the extensive private and public preview program with millions of users over the last six months, we observed that users are visiting more of their teams and channels and reading more messages targeted at them compared to before the new experience. We’re just getting started, and we’re committed to making Teams more streamlined and simpler with enhancements like threaded conversations coming soon. To make the most of the new chat and channels experience, here are some best practices to consider.   Efficiently triage all your incoming messages Effective message triage is crucial for maintaining clear and responsive communication, especially in environments with high volumes of messages. It helps prevent important messages from being missed and ensures that all communications are handled appropriately. Below are some best practices to help you manage your conversation list. * Mentions view: Mentions are used to call your attention to essential messages and ensure that these messages don’t slip through the cracks. This view helps you prioritize what needs your immediate attention. Click on each message to view the additional context of a channel or chat in a side pane and react or reply directly before proceeding to the next mention.   * View all unread messages: When returning from a meeting or a break, filter your conversations to show only unread messages. Now you can see in one view all the messages that you haven’t yet reviewed. If you need to further narrow the results by conversation type, select Chat, Channels or Meeting chats filter. Select Unread at the top of the chat and channels list.   * View channels as a list, instead of grouped by team: To efficiently catch up on the latest in your channels, you can organize your Teams and channels list to show only channels, instead of grouping them by team. Go to the Teams and channels section, click on the ellipsis, select Channels only from the Display section, and then choose to sort your channels by Recent, Unread only, or A-Z. This way, you can stay updated on channels with new messages easily, or order channels across teams in alphabetical order. * Stay on top of new messages: To manage your communications effectively, you can rearrange the order of your sections and sort your conversation list to show unread messages only. Setting a section to "Unread only" ensures that previously read conversations do not clutter your chat list. New messages will automatically become visible, helping you address them promptly and prioritize essential information. This feature is especially useful when combined with the shortcut Ctrl/Cmd + G for quick navigation.   Organize your chat and channels list Navigating and finding specific information can be challenging in a cluttered work environment. The new chat and channels experience provides tools to structure your conversations, streamline access to important information, and reduce the cognitive load associated with navigating a cluttered workspace. * Sections: group all relevant 1:1, group chat and channels by project or topic, to help you find conversations easily and reduce the time you spend searching for conversations. We recommend starting with 1-3 sections of your most important topics or projects.   * Keep your digital workspace tidy: Periodically cleaning up your workspace makes it easier to find what you need. As top-of mind topics change, remove chats and channels that are no longer needed from your favorites and delete sections after projects are completed for a cleaner and easy-to-manage environment.   * Keep your Chat app and Teams app separated: if you prefer to keep your chat and channels separate, you can easily do so without needing IT assistance. Select the ellipsis next to the Chat header, select Customize view from the drop-down menu, and choose the Separate view.   * Get a comprehensive overview of your conversations: When you need a complete view of your chat and channels list, use the expand and collapse all feature. From the Chat ellipsis drop-down menu, select collapse all sections. Use this view to sort and organize your sections as needed.   Navigate quickly Finding a specific conversation can take time as you scroll through chats and channels or search. The new chat and channels experience helps you navigate efficiently without switching contexts. * Access your channels quicky: You don't need to scroll through all chats to find your channel conversations. When in the unified chat and channels list, simply click on the Teams and channels quick navigation bar to jump to your channels list. If a channel requires your attention, the navigation bar will change to reflect it. For example, if you were mentioned in a channel, the text on the bar will become bold and a ‘@’ icon will appear.    * Go-To: Use the go-to search bar to jump directly to any chat or channel conversation with a new keyboard shortcut Ctrl+G (Cmd+G on Mac).   * New message: a streamlined new message experience, enables an easy way to send a new message to both chats or channels. Use Ctrl+N on Windows or CMD+N on Mac to start composing your message, you can search for and find people, chats, as well as channels from the same place.   Be productive on-the-go Our work preferences shift when using mobile devices due to being on-the-go and viewing messages on smaller screens. The new chat and channels experience offers enhanced settings, allowing you to customize your mobile use and stay efficient anywhere. * Mobile-specific settings: You can choose to have a different layout for your chat and channels list on mobile versus desktop. Customize your layout to suit your preferences, deciding whether to separate or combine the chat and channels list, and whether to show message previews. This makes it easier to navigate and manage communications on a smaller screen. * Message previews: Triaging your conversations on small mobile screen can be challenging. With message previews, on by default in mobile, you can quickly and efficiently manage your conversations on the go, by getting a glimpse of incoming messages without needing to open each one.   * Mobile notifications: You can customize the type of notifications you receive on your mobile device, whether it is for all calls, chats, just mentions and more. This helps you stay informed about the messages that matter most to you. * View all conversations by most recent: To stay updated with the latest conversations, sort all chats and channels into one list by most recent. This allows you to catch up quickly on the latest updates, ensuring you don't miss any important messages while on a smaller screen. On your mobile device, simply tap the toggle button, which is left to the filters at the top of your chat list. Tap the toggle button again to return to your sections layout.   What’s next The new chat and channels experience is now generally available. If you want to learn more about the experience, visit the adoption page, watch Meet the Makers, Ask Microsoft Anything (AMA) and this Ignite session. If you have your own best practice, please share it with us in the comments.

We wanted to share information about the upcoming change to the Get-FederationInformation Cmdlet in Exchange Online.  

Welcome to the April edition of “What’s new in Teams.” Last month, we shared a TON of news about the Teams features leading the future of collaboration that were announced at Enterprise Connect. Some that we highlighted in March weren’t generally available yet, but are now, so we’re sharing them again here. Like the valuable Teams Phone feature “Queues app: barge/whisper/monitor/takeover”, which helps team leads and supervisors manage and coach agents effectively, and “DVR support for town halls” that enables event attendees to pause, rewind, or fast-forward a live streaming town hall just like a recorded piece of content. There are some brand new features to check out as well, like enhanced OneDrive navigation, and the ability edit your display name in meetings. Take a look at the full list below. And don’t miss our post next month, where we’ll announce a ton of new features in our Microsoft Build focused edition! Chat and Collaboration Meetings, Webinars, Town Halls, and Immersive Teams Phone Workplace: Places and Teams Rooms Fundamentals and Security Frontline Worker Solutions   Chat and Collaboration Enhanced OneDrive navigation in Teams Users can now seamlessly return to the exact spot they left off within the OneDrive application when navigating across Teams. This feature enhances user experience by saving the last location for easy retrieval of content, ensuring continuity and reducing the time spent searching for files or information. By automatically displaying the last known state upon return, OneDrive provides more efficient navigation and access to content within the Teams desktop client, significantly improving productivity and collaboration.    Custom file download location for Mac Mac users now have more control over their file management process and can customize the file download location when saving files shared in a Teams chat or channel. Personalize your file download process, reducing the need to move files post-download. To get started, navigate to Settings and select Files. From there you can choose a default file location for your downloads, and toggle on/off  the option to always ask where to save downloaded file.   Improved Microsoft Lists links in Teams messages Links to Lists, list items, and Lists forms in Teams will automatically unfurl for greater visibility, making it simpler to locate and access these links within both Teams messages and the 'Shared' tab of chats. Additionally, the links include details like title and path, helping users identify specific List link types and find pertinent information with ease.   Forward messages with app cards You can now forward messages containing app cards in chats and channels. Previously, forwarding app cards was restricted, but now you can simply navigate to the “more actions menu of any message containing an app card, and select "Forward".   Tag Mentions filter in Activity To view all your tag mentions, select the tag mentions filter in your activity feed. The ‘@Mentions’ filter allows you to catch up quickly on personal mentions, while the ‘Tag mentions’ filter helps you catch up on the Tag mentions you are part of.   Increased drop zone for chats when uploading files The drop zone in chat is now larger, making it easier to share local files easily. This update will soon be added to channels as well.      Meetings, Webinars, and Town Halls IT administrators can upload multiple themes for branded meetings [Premium] Visual branding is essential for creating a memorable experience. Whether it’s a professional client meeting, an internal meeting, or a festive seasonal event, the right theme sets the tone and strengthens your brand’s presence.  Now, IT administrators can create and upload up to five brand themes to a customization policy in Teams admin center. Meeting organizers who have the policy assigned to them will be able to choose from different brand theme options when scheduling their meetings, offering flexibility to customize their brand theme for every occasion. This capability is available with a Teams Premium license.   Admins can disable ability to send messages in meeting chat before and after the meeting We are expanding the existing ‘Meeting chat’ control in Teams admin center so admins can control who can send messages during and after meetings. Admins can select the “In-meeting only” value to disable participants’ ability to send messages in the meeting chat before or after the meeting, for meetings organized by specific users in their tenant. Learn more: Manage chat in Teams meetings - Microsoft Teams | Microsoft Learn   Information barriers moderated meetings With this feature, organizations with information barrier policies are now able to hold meetings with participants who have conflicting policies, in the presence of an approved moderator. Meeting attendees will remain in the lobby until the moderator joins, unless the moderator has specified the ability to bypass the lobby. This feature is ideal for regulated industries, ensuring compliance while facilitating necessary communication.   Edit display name in meetings Teams meeting participants will be able to edit their display name, enabling more flexibility in their meeting presence, regardless of their tenant set display name. Users can make this change during the meeting and it will persist only throughout the duration of the meeting.   Notification that intelligent recap is ready for calls from chat and ‘Meet now’ meetings Notifications for Intelligent recap for calls from chat and ‘Meet now’ meetings are now available. You will receive a notification in your Teams Activity feed and on the banner when an intelligent meeting recap is ready. Clicking on the notification in Activity feed will take you right to the recap. You can configure the notification settings to control where the notification is surfaced, as well as which meetings have notifications enabled.   Set chat notification preference via meeting RSVP Teams now helps you manage your notifications more effectively by integrating chat notifications with meeting RSVP status. If you decline a meeting, you won't receive notifications or see the chat in your list, while accepting a meeting ensures you receive all relevant notifications.   Bi-directional calendar syncing between Google Workspace and Teams Businesses using Google Workspace for email and calendaring can now enable bi-directional synchronization with Teams through the Teams Admin app. This update ensures that events created in either platform are seamlessly reflected in both improving scheduling efficiency and minimizing the risk of missed meetings. With this update, all calendar events - incoming, outgoing, existing, and new - are fully synchronized. This feature is currently available for Teams Essentials customers. It will be available to all Teams customers soon. Learn more here.   Graph APIs to access Teams Meeting AI Insights Graph APIs for AI Meeting Insights will enable app developers to leverage the AI capabilities of Microsoft Teams & provide insights and recommendations to meeting participants and organizers, without the overhead of owning & managing their own AI pipeline. Currently, we provide APIs for apps to fetch Transcript & Recording content. A common use case for partners using these APIs, is where they download the transcript & feed it to their own AI/LLM models to generate meeting insights. However, this is limited to only larger ISVs who have bandwidth & capability to manage their own LLM/AI engines. APIs that provide AI generated meeting insights directly will allow small-medium ISVs and LOB developers to surface automated meeting insights in their user’s workflow.   DVR support in Town hall Digital Video Recording (DVR) functionality in town halls now enables event attendees to interact with an instance of a live streaming town hall instance in the same way they would a recorded piece of content, when viewing via desktop or web. This makes it easier to digest the content being presented, giving viewers the ability to pause and move forward or back within a town hall, navigate to any previously-streamed timestamp, and interact in other ways that make viewing a town hall more convenient. This feature is available for all town halls regardless of license assigned to the organizers.   Post and reply to questions as an organizer Town hall and webinar organizers now have the ability to post and reply to questions using the title “organizer” in the Q&A experience, instead of their individual names. This feature allows instance organizers to present a unified and official voice when responding to attendee questions.   Teams Phone Teams Phone extensibility for Microsoft Dynamics 365 Contact Center We introduced at Enterprise Connect Teams Phone extensibility for Dynamics 365 Contact Center and certified ISV solutions to help customers benefit from and extend their existing telephony investment with Teams Phone into the contact center. Beginning this month in public preview, customers with Teams Phone and Dynamics 365 Contact Center will be able to leverage Teams Phone as a single, integrated solution to power calling across their unified communications as a service (UCaaS) and contact center as a service (CCaaS) solutions—streamlining the deployment, management, and billing of their telephony infrastructure. Teams Phone extensibility will also be supported by ISV solutions in the future that leverage Azure Communication Services (ACS) for this integration, offering customers a wide range of options to bring Teams Phone to their preferred contact center app of choice. Learn more.   Queues app: barge/whisper/monitor/takeover The "Queues app: barge/whisper/monitor/takeover" feature in Teams Phone helps team leads and supervisors manage and coach agents effectively. This feature allows supervisors to: * Monitor: Listen to the conversations agents are having with callers without being heard * Whisper: Provide assistance to agents during a call without the caller hearing * Barge: Join a call in-progress to assist both the agent and the caller * Takeover: Remove an agent from a call and take over the conversation, if necessary These capabilities are particularly useful for  teams that have to manage a lot of inbound calls to serve internal or external customers - such as IT help desk center environments –  and where supervisors need to provide oversight in helping agents follow the right procedures when handling customer calls. The feature is part of the Queues app, which is available with a Teams Premium license.     More seamless migration from on-premises Direct Routing phone numbers to online phone numbers Teams now supports more seamless migration of on-premises synced Direct Routing (DR) phone numbers to online options - including Direct Routing, Operator Connect, and Teams Calling Plans - without the need to unassign numbers from users or resource accounts. This enhancement enables administrators to make changes to on-premises DR numbers directly via Teams admin center or PowerShell, ensuring all assignment data remains intact. Operator Connect partners leveraging the Transfer API can streamline migrations while preserving user assignments.   Direct Routing Call Troubleshooting via SIP Ladder We are launching the SIP Ladder diagram tool in Teams admin center to enable admins to troubleshoot their Direct Routing calls in a self-serve way. This feature will be available via the Usage reports page under Teams admin center. It will also enable admins to view the SIP requests, responses and associated SDP data between Microsoft teams proxy and the SBC through which the call was routed. This data will be available for all calls made more than 30 minutes and less than 30 days ago.     Workplace: Places and Teams Rooms Find certified for Teams devices for all types of spaces and uses at aka.ms/teamsdevices.       Book an individual desk by plugging into a peripheral Instantly reserve a desk and automatically update your workplace presence just by plugging into a peripheral on a shared desk, enabling a more streamlined workplace experience for employees. IT admins also benefit from access to desk utilization data in the Teams Rooms Pro Management portal. Learn more.   Live transcription and controls on Teams Rooms on Windows You can control live transcription (start, stop, show) during a meeting from a Teams Rooms on Windows device. The real-time transcript includes each speaker's name, including those in a room that have enrolled their voice profile in Teams, and timestamp. You can also change settings including the spoken language, the translated language, and whether the original and translated transcript would show side by side. This feature is available in Teams Rooms Pro. Learn more.   Live captions translation in Teams Rooms on Windows While live captions display in the spoken language by default, on a Teams Rooms on Windows device, meeting participants around the world can choose their preferred translation language for real-time translation without affecting what other meeting participants see, ensuring a more inclusive experience for everyone. Admins have controls for system default captions enablement and profanity filtering in captions and transcripts with settings from Teams Rooms Pro Management portal. This feature is available in Teams Rooms Pro. Learn more.   Updates to gallery view in Teams Rooms on Windows You can experience a consistent meeting experience across the Teams desktop and Teams Rooms with the updated gallery view in Teams Rooms on Windows. The gallery view will automatically arrange all participants in consistent tile sizes, prioritize video on the meeting stage, offer additional layout options, and increase the number of participants shown on single and dual displays. Admins have controls to set default views, and in-room users can adjust views during the meeting. Learn more.   Occupancy status on Teams panels Teams panels can now utilize signals from Teams Rooms devices or occupancy sensors that have been paired with the panels to indicate when a room is in use (e.g. LED glow). These signals mean you’re no longer surprised to find an available room is actually occupied. Requires a Teams Rooms Pro or Shared Devices license for the room. Learn more.     Fundamentals and Security Admins can choose automatic or manual adjustment of meeting sensitivity based on the sensitivity level of shared files in Teams meetings [Premium] Microsoft 365 E5 and Teams Premium customers can now leverage sensitivity labels from Microsoft Purview Information Protection to help set the right data protection settings in meetings. Admins can choose either an automatic label inheritance policy for meetings, or a label recommendation notification. When an attendee shares a file in meeting chat or via Live share that has a higher sensitivity than the meeting: * If the admin has enabled the automatic label option, the meeting's sensitivity will be updated automatically to match the sensitivity of the shared file. * If the admin has enabled label recommendation, the organizer will receive a notification that recommends the organizer upgrade the meeting’s sensitivity to match the shared file. Both options help to keep a meeting’s sensitivity level aligned with the content shared.   Brand impersonation phishing protection for GCC, GCC-H and DoD This feature first launched for commercial users in January, and now is available for the GCC, GCC-H, and DoD audiences. If an initial contact in a chat message with an external user is identified as potential spam or a phishing attempt, the user targeted will be notified. IT admins will also be notified that  an external user is targeting their enterprise using brand-impersonation-based phishing attacks.   Background blur, virtual and user uploaded backgrounds the new VDI solution With this new feature, users on the new VDI solution for Teams can blur their background, choose a Teams virtual background, or replace their background entirely with any image they want by uploading it through the "Video effects and Settings" option.   AVD Screen Capture Protection and Microsoft Teams compatibility Users who have Screen Capture Protection (SCP) enabled to block screen capture on the remote desktop client (Block screen capture on client) can still share their screen and apps while using the new SlimCore-based optimization for Microsoft Teams.   Cross cloud support for the new optimizations for VDI Users on the new optimizations for VDI can now access and interact with resources across different cloud environments. This includes enabling features like Cross Cloud Authentication, Management, and Guest Access, along with various improvements in user experience and functionality. VDI users can join optimized meetings with people in other Microsoft 365 cloud environments (e.g., a user in GCC-H joining a meeting in commercial, GCC, or DOD) through three options: authenticated access via cross-cloud meeting connection, authenticated access using a guest account, or anonymous access. These scenarios require Slimcore-based optimization.   Manage location sharing in Teams Microsoft is updating its policies regarding the sharing of user location data to enhance privacy, improve data security, and ensure compliance with evolving regulatory standards.  To enhance transparency and user control, Teams is introducing a new app location consent experience that gives users the choice of when and how Teams can use their location data (specifically SSID & BSSID).  All new and existing Teams users on Windows, Mac, and Mobile will be prompted to specify if they want to keep location detection on for emergency calls only, or if they consent to allow location access used for IT Admin Insights or troubleshooting. Learn more here.   Monitor Teams client updates in Teams admin center IT Administrators can now monitor Teams client version update adoption and access detailed adoption information. This feature enables administrators to proactively understand version adoption, assess version health, and access granular details about devices and users who are on the latest client versions. Additionally, it provides visibility on recency of client versions. Administrators can now proactively view insights and address issues preventing users from automatically updating to the latest and most secure version of the Teams client.   Teams client health dashboards in Teams admin center IT Administrators can view and monitor the health of Teams desktop clients on both Windows and Mac platforms. This feature offers comprehensive admin-actionable insights into client health metrics, including client crashes and launch failures. With these dashboards, administrators are equipped with detailed information on issues, insights, and mitigation tools to promptly and effectively address any potential client health problems. Remote contact management for Teams Phone devices in Teams admin center IT admins can now remotely manage contacts to ensure crucial contacts are available for users on their Teams Phone devices. Admins can push a set of contacts from the Teams Admin Center (TAC) to Teams Android-based devices as speed dial contacts.     Frontline Worker Solutions Wired headset support to Walkie Talkie on iOS Wired headsets are now supported in the Walkie Talkie app for iOS, providing greater flexibility and convenience for frontline workers. Users can connect generic wired headsets with a play/pause button to enable toggle-to-talk mode, allowing hands-free operation with a single tap. Specialized push-to-talk (PTT) headsets are also supported, enabling traditional push-to-talk functionality. This feature ensures workers can stay connected without needing to pull out their devices.   Storyline in Teams Storyline provides a centralized place for corporate communications to foster better communication and alignment across the organization. It enables leaders to connect directly with their workforce through targeted posts, like sharing policy changes or celebrating company milestones. Learn more about Storyline capabilities.   Engage in Teams mobile The Engage app is now available on the Teams mobile app, delivering a full communities experience directly into Teams. This feature empowers organizations to drive news delivery, strengthen leadership connections, foster relationships, all from a single platform. Learn more.     Flexible membership for deploying Teams at scale This new feature empowers IT admins to create location-based teams quickly while giving frontline managers the ability to make manual adjustments, like adding or removing an employee, as needed. This additional capability provides greater control for frontline workforce management and is now generally available.

Optimizing the utilization of PowerShell processing through multi-threading techniques such as runspaces and multiple jobs can be done in several ways. These techniques can often be intricate and demand significant effort to implement, particularly for individuals new to PowerShell. This blog post will present an alternative approach to multi-threading utilizing a simple parameter, without the complexities generally associated with creating and managing of runspaces and multiple jobs in PowerShell. What is the switch? The “Parallel” switch, introduced in PowerShell 7, allows script blocks to execute concurrently for each piped input object. This feature is particularly advantageous for bulk operations where tasks can be performed simultaneously. By utilizing this capability, one can significantly reduce processing time and improve efficiency. This functionality requires PowerShell 7. You can follow this article to upgrade to PS v7. Older versions of PowerShell, such as version 5, do not support the Parallel switch. How to use this? The Parallel switch is available only when you write a ForEach-Object loop. The ‘foreach’ which is an alias of the ForEach-Object loop is not supported currently. For example:  $data | ForEach-Object -Parallel { script block } The Parallel switch will open PowerShell instances hidden in the background but connected to the currently open instance and run the script block simultaneously in those instances. Any errors or outputs will be displayed in the currently open parent instance. The number of parallel instances to be opened can be defined with the ThrottleLimit switch trailing behind the script block. The default ThrottleLimit is 5 and the PowerShell will open 5 parallel session if the ThrottleLimit switch is not defined. $data | ForEach-Object -Parallel { script block } -ThrottleLimit 5 Considerations * Please note that Parallel sessions run in their own isolated spaces and do not share dependencies amongst themselves. Therefore, you will need to define all necessary elements, such as authentication tokens, and modules (if required), inside the script block. * Each parallel session will use the available system resources and thus the throttle limit should be set to the number of available cores on the system. * Bear in mind that this parallelising feature in PowerShell reduces the overall time taken for a script to run serially. Thus, this it is useful for tasks that are independent of previous executions, such as bulk operations, specially as it reduces overall time and effort taken for the bulk operation. A real-life example Problem: A colleague requested assistance in adding trusted domains and email addresses to 15,000 mailboxes. Processing of each object takes ~5 seconds to complete, resulting in a total of ~75,000 seconds (~20.8 hours). Solution: The following code was provided to complete the task in less than 5 hours: * $users = ipcsv C:\input_file_location.csv $users | ForEach-Object -Parallel { $conn = Get-Mailbox -Identity [email protected] if ($conn -eq $null) { Connect-ExchangeOnline -UserPrincipalName [email protected] -UseMultithreading:$true } Set-MailboxJunkEmailConfiguration -Identity $_.identity -TrustedSendersAndDomains @{Add="[email protected]","[email protected]",”[email protected]” } -ThrottleLimit 5 Disconnect-ExchangeOnline -Confirm:$false Script explanation: The following line would create a variable called $users and import the data from csv file located at the location “C:\input_file_location.csv”: * $users = ipcsv C:\input_file_location.csv About the following block... As parallel sessions are opened independently, the Auth token from one session cannot be transferred to another session due to the token’s secure design. Therefore, the command to connect to Exchange Online (EXO) must be placed within the parallel loop so that the loop gets logged in to EXO. However, this approach will initiate as many PowerShell connections to EXO as there are users in the $users variable. This can result in the account being flagged in Risky Sign-Ins, with subsequent connections after the first ten being blocked. An effective way to address this is to implement a conditional login to check if the session is already connected and connect only if it is not. By using a simple Get-Mailbox command for any test user in the environment to verify that the session is connected, and storing the result in $conn, the parallel session will only connect to EXO if $conn is null. This approach ensures that only one connection is made for each parallel session and addresses the risk of the account being flagged for Risky Sign-Ins. Further, using the SkipLoadingCmdletHelp switch prevents the help file to be downloaded and occupy memory resources which can overburden the system. This is an optional switch and is required only if using Exchange Online PowerShell module older than version 3.7. This switch is not available in module ver. 3.7 and above. See this post for more information. * $users | ForEach-Object -Parallel { $conn = Get-Mailbox -Identity [email protected] if ($conn -eq $null) { Connect-ExchangeOnline -UserPrincipalName [email protected] -SkipLoadingCmdletHelp} Sharing data between the parent loop and the parallel sessions can be achieved using the $using technique; however, this will be covered in the next blog post! Thank you for reading! Abhijeet Kowale and Indraneel Roy

Direct Send is a method used to send emails directly to an Exchange Online customer’s hosted mailboxes from on-premises devices, applications, or third-party cloud services using the customer’s own accepted domain. This method does not require any form of authentication because, by its nature, it mimics incoming anonymous emails from the internet, apart from the sender domain. The Direct Send method assumes that customers have properly configured SPF, DKIM, and DMARC for their tenants. It is critical that an administrator updates their SPF record by adding the source IP address where the device, application, or third-party service will send from to prevent emails from being flagged as spam. If SPF is not properly configured, any email sent using Direct Send will likely be flagged as spam. While SPF provides protection from spoofing of your domains, we recommend customers use a Soft Fail SPF configuration due to the possibility of valid routing scenarios falling foul of SPF failures. As such, no feature existed to block Direct Send traffic for the many customers who have no need to use it. To this end we have developed the Reject Direct Send setting for Exchange Online and are announcing the Public Preview for this feature today.   Reject Direct Send Feature By its definition, Direct Send covers anonymous messages sent from your own domain to your organization’s mailboxes. Enabling this setting will block any traffic that meets those conditions. The sending domain being an accepted domain in your tenant is a straightforward and easy condition to evaluate. “Anonymous” in this context means that the messages are not attributed to any mail flow connector when they are sent to Exchange Online. Direct Send traffic may include 3rd party services that you have given permission to use your domain or one of your own email applications hosted on-premises. To avoid having these messages rejected when this feature is enabled, they need to be authenticated.  This is done by creating a partner mail flow connector that matches the certificate (recommended) or IPs used to send the messages.  Learn more about partner connectors here: Configure mail flow using connectors in Exchange Online. Admins may currently not be tracking all senders who currently use Direct Send, but a good place to start would be the with your domain’s SPF record. Any senders using Direct Send without being a part of the accepted domain’s SPF record will already be having a tough time getting messages delivered successfully into recipients’ inboxes. How to enable this feature By default, the new opt-in RejectDirectSend setting is set to False.  To enable the Reject Direct Send feature, Exchange Online administrators can run the following PowerShell cmdlet: Set-OrganizationConfig -RejectDirectSend $true The change should propagate out to our entire service within 30 minutes. With the feature enabled, any received Direct Send messages will see the following message: 550 5.7.68 TenantInboundAttribution; Direct Send not allowed for this organization from unauthorized sources Unless Direct Send is re-enabled again, any messages that hit this error will need a partner connector created to authenticate their source as an approved sender. Public Preview and Release Roadmap This feature is being released as a Public Preview for admins to test and provide feedback. Some customers may not have the confidence to enable it due to a lack of tracking of Direct Send senders to their organization. Feedback including feature requests and bug reports may be sent to the follow address: directsend-feedback[AT]microsoft.com. Note: Feedback submitted here will not receive a reply. If you need to engage us with questions or issues regarding the feature, please comment below or go through the regular support channels. You can also use the Exchange Online Feedback Portal to submit feature requests that other customers can then vote on. This avenue provides us with an extra layer of information to help make decisions on features. We are working on delivering features to provide optics for what Direct Send traffic is coming into your organizations. This will make it easier for admins to identify and act on any legitimate traffic and enable the feature with confidence. We will provide updates here for that work. There is no fixed date for General Availability (GA) of this feature as it will depend on the feedback received. A separate communication will be sent out to announce GA. We also plan to enable this feature in the future for new tenants by default. This is part of our effort to make your organizations more secure by default. Note that the plan includes new tenants being unable to disable this feature as we move to deter use of unauthenticated Direct Send traffic. Known Issues There is a forwarding scenario that could be affected by this feature. It is possible that someone in your organization sends a message to a 3rd party and they in turn forward it to another mailbox in your organization. If the 3rd party’s email provider does not support Sender Rewriting Scheme (SRS), the message will return with the original sender’s address. Prior to this feature being enabled, those messages will already be punished by SPF failing but could still end up in inboxes. Enabling the Reject Direct Send feature without a partner mail flow connector being set up will lead to these messages being rejected outright. Conclusion We invite Exchange admins to try out the feature and provide feedback that we can use to validate it and proceed to offering this feature for General Availability. Microsoft 365 Messaging Team

We know you love Microsoft Teams.  Come and meet the experts inside and outside of the community who continue to drive innovation on your hub for collaboration.  Join us via this special discount at the Microsoft 365 Community Conference is happening May 6-8 in Vegas.   We’re excited to announce a special last chance offer that provides the best discount yet, ensuring an unbeatable experience for you and your team. Use the code LASTCHANCE and choose your savings:  * 1 attendee: $1,597 (save $402)  * 2 attendees: $1,547 per person (save $452 each)  * 3-4 attendees: $1,447 per person (save $552 each)  * 5+ attendees: $1,347 per person (save $652 each)  💡 Pro Tip: Connect with colleagues across departments who might be interested in attending. Larger groups mean bigger savings, and you’ll maximize learning by bringing cross-functional expertise!  Why Attend M365Con 2025?  * Discover how Microsoft is redefining the future of work for the better—learn about how our latest innovations can power your success.  * Learn what’s possible with Microsoft 365 and Microsoft 365 Copilot, and build tangible skills you can use immediately.  * Connect with and learn from a community of product engineers and experts, including insights into our AI product roadmap.  * Explore 100+ Microsoft-led sessions, keynotes, AMAs, and workshops.  * Choose from 200+ sessions in total, and hear from partners, community leaders, and customers.  * Experience expert-led demos of our latest products and features at the Microsoft booth.  This year, the conference is offering an unparalleled chance to get hands-on experiences and delve deeper into Microsoft’s AI products such as Microsoft 365 Copilot, Copilot Studio, and other AI agents. Don’t miss this opportunity to witness cutting-edge technology first-hand and network with the best global community in tech.  Register Now  Don't miss this opportunity to join us in Las Vegas. Register now to secure your spot and take advantage of the best offer available with the LASTCHANCE discount code.   For more details on the event, check out our event guide.

Enterprise Connect 2025 (March 17-20, 2025), is the premier conference for enterprise communications and collaboration in North America, and we were excited to attend to highlight some of our newest Microsoft Teams innovations. Ilya Bukshteyn, CVP of Microsoft Teams Calling, Devices, and Premium Experiences, delivered a keynote address  to introduce and demonstrate some of these advancements. The features he highlighted and others announced during the event represent different areas of Teams, including Places, chat and collaboration, meetings, events, Teams Phone, Teams Rooms, fundamentals, and security. All of these features are designed to highlight how Microsoft Teams is transforming the future of work. From seamless communication to advanced AI-driven features, these new capabilities can be instrumental in helping businesses thrive in a hybrid work environment.  Let’s take a look at what we introduced. Chat and Collaboration Meetings, Webinars and Town halls Teams Phone Workplace: Places and Teams Rooms Teams Devices Fundamentals and Security Frontline workers   Chat and Collaboration The new chat and channels experience: Generally available in early 2025 (Q1) The new chat and channels experience is designed to help you collaborate more efficiently and effectively. It’s simple by default, enabling everyone to stay on top of what matters, and it’s powerful on demand, allowing you to organize information and communicate your way. Catch up on chat, channels and teams in one place, use filters to triage messages, create custom sections to organize conversations by topics, and more. Learn more here. We’re committed to making Teams more streamlined with enhancements like threaded conversations, coming to broad availability in mid-2025.   Chat @nearby: Available in public preview in April   You can now connect with colleagues who are physically nearby via Teams chat using @nearby. By showing which colleagues are nearby, this feature can help to spur impromptu in-person connections, such as scheduling a spontaneous lunch or meeting up for a quick chat.   Resize Teams windows and panes: Available now in public preview Teams now offers more options to arrange your Teams app window across your screen real estate, allowing you to keep your communication in context, tailoring it to your needs. Learn more here. * Resize Teams app: snap and resize the Teams app with Windows 11 Snap layouts to efficiently multitask by viewing multiple applications side by side. Enabling access to chat, channel, and meetings functions at smaller window sizes ensures that you can work across all aspects of Teams, alongside other apps. * Resize Teams panes: adjust the size of your Teams panes to prioritize what is currently most important to you, and Teams' fluid experience will instantly adapt to fit the new layout. For instance, you can expand the meeting chat pane during a meeting. Simply hover over the edge of the chat, channels, meetings or activity panes, and drag the arrows to resize the panes * Zoom levels: Teams now offers additional zoom levels to help you find the size that works best for you. Whether you're using a 6k display or have low vision and need larger text, icons, and controls, you can zoom in without sacrificing functionality or needing to scroll in two directions to read the text.   Shared collaborative space in channels: Available in public preview in April A new collaborative space is now available directly from channels, enabling real-time collaboration, organization of key information, and streamlined communications. You will be able to add a Loop workspace tab to standard channels, allowing your team to brainstorm, co-create, collect, and organize content together in real-time. Everyone in the Team gets access to the Loop workspace, even as Team membership changes, and the workspace adheres to the governance, lifecycle, and compliance standards set by the Microsoft 365 Group backing the team. To get started, click the plus sign (+) at the top of the channel and select Loop from the app list. This will be generally available in April.   Live chat: Generally available now in the US, rest of world by end of March Live chat in Microsoft Teams enables small businesses to provide quick and helpful customer service by allowing website visitors to chat directly with their team in Teams. This feature includes notifications for incoming chat requests, a dashboard for managing conversations, and the ability to view previous customer interactions. To use Live chat, companies are limited to a maximum of 25 users. This is generally available in the US now and will be available worldwide in March. Learn more about how to set up live chat.    Share file (forward): Available in Public preview in March You will be able to directly share a file from chat or channel conversation to other chat or channels, making sharing easier with fewer clicks. To share a file, select the file’s ellipsis menu and choose ‘share’. You can add additional content to the message to provide context and clarity for the recipient. You can share in 1:1 chats, group chats or channels.    Improvements to “Shared” tab in chat: Generally available now Filter files by keywords: locate previously shared files or links by entering keywords to the Shared tab’s search bar. Type name, file title, the person who shared it, or even the time when it was shared, and find the file you need.     Go-to-chat: Select the go-to-chat icon to quickly navigate to the specific message in which the file or link was shared.    Storylines integrated into Teams: Generally available in early 2025 (Q1) Employee communications are often scattered across multiple locations, leading to frustration, delays, and overload. Storyline in Teams empowers leaders to share updates and vision with all of employees and simplifies the ways that people share and connect. The storyline integration brings the same communication benefits from Viva Engage right into Teams, providing a new way for employees to stay on top of company initiatives, discover what leaders are talking about, and contribute ideas and perspectives.   Meetings, Webinars and Town halls Intelligent meeting recap for Events [Premium]: Generally available now Intelligent recap is now available for town hall and webinar event instances, just like the intelligent recap experience you are used to in meetings. Event organizers, co-organizers, and presenters can now easily explore the meeting recording by speakers and topics, and access AI-generated meeting notes, AI-generated tasks, and name mentions. In addition to availability with a Teams Premium license, intelligent event recap features are available with a Microsoft 365 Copilot license.   End the Session for attendees and presenters return to green room: Generally available now Organizers and presenters can now end the session with this new "End Event" button for town halls, webinars, and structured meetings. After selecting this button, attendees will see a message on stage stating that the session has concluded, and presenters will return to the Green Room.   Post and reply to questions as an organizer: Generally available in early 2025 (Q2) Town hall and webinar organizers now have the ability to post and reply to questions using the title “organizer” in the Q&A experience, instead of their individual names. This feature allows instance organizers to present a unified and official voice when responding to attendee questions.   DVR Support for Town hall: Generally available in April Digital Video Recording (DVR) functionality in town halls now enables event attendees to interact with an instance of a live streaming town hall instance in the same way they would a recorded piece of content, when viewing via desktop or web. This makes it easier to digest the content being presented, giving viewers the ability to pause and move forward or back within a town hall, navigate to any previously-streamed timestamp, and interact in other ways that make viewing a town hall more convenient. This feature is available for all town halls regardless of license assigned to the organizers.   Town hall concurrent attendee increase to 50K: Generally available in March Organizers of town hall instances can now reach wider audience in a single event with an expansion to a maximum of 50,000 simultaneous attendees. This increase serves as a significant jump from the previous attendee cap of 20,000 for organizers with a Teams Premium license. The quality and stability of town halls up to this new limit will remain constant, providing high-quality and reliable content to participants. For events with more than 20,000 concurrent attendees, some interactivity features are disabled for all attendees. Organizations can get support for audiences up to 50,000 concurrent attendees by reaching out to the Microsoft 365 Live Event Assistance Program (LEAP) for assistance (Microsoft 365 Live Event Assistance Program – Microsoft Adoption). ).    Pop out meetings panels: Generally available in April  When you are in meetings or calls, you can now pop out, drag, and resize your meeting panes from the meeting window. With this feature, you’ll be able to view multiple meeting features at the same time, so you don’t miss anything in the chat while monitoring meeting notes. The ability to pop out and move/resize is available for Chat, Copilot, and Notes side panes.   Town hall Attendee/Presenter email dial in details: Generally available now With the release of this feature, the Townhall attendee and presenter invites will have dial in details available in the body of the email. This provides an additional level of convenience, giving attendees easy access to important event information.    Separate policies to control transcription and recording for Town halls and Webinars: Generally available now Town halls and webinars now have separate policies from meetings to allow or disable transcription and recording in instances. Previously, the transcription and recording policies for town halls and webinars automatically inherited the transcription and recording policy set for meetings. Town hall and webinars can now also have distinct transcription and recording policies from each other. This option to implement different policies for town hall and webinars is available for users on all licenses.   Ability to separate out the Townhall attendee invites: Generally available now Organizers can now maintain separate invites for Townhall attendees, distinct from the events crew. This feature helps manage large-scale events more efficiently by ensuring that only intended participants receive the necessary information   Teams Phone Teams Phone extensibility for Microsoft Dynamics 365 Contact Center and certified ISVs solutions: Available in public preview in April We’re introducing Teams Phone extensibility for Dynamics 365 Contact Center and certified ISV solutions to help customers benefit from and extend their existing telephony investment with Teams Phone into the contact center. Beginning next month customers with Teams Phone and Dynamics 365 Contact Center will be able to leverage Teams Phone as a single, integrated solution to power calling across their unified communications as a service (UCaaS) and contact center as a service (CCaaS) solutions—streamlining the deployment, management, and billing of their telephony infrastructure. Teams Phone extensibility is also supported by ISV solutions that leverage Azure Communication Services (ACS) for this integration, offering customers a wide range of options to bring Teams Phone to their preferred contact center app of choice. Learn more.   Copilot in Teams Phone: Use Copilot during Teams calls without turning on transcription or recording : Available now in public preview This new feature allows users to leverage Copilot's capabilities during live call sessions without retaining transcripts or an audio recording afterward. This ensures that users can benefit from Copilot during sensitive conversations where a persistent record is not desired. f Once the admin has enabled this option, users can initiate Copilot without transcription or recording simply through clicking the Copilot button in the header menu. Copilot in Teams Phone helps automate important administrative tasks of a call, such as capturing key points, task owners, and next steps, allowing users to stay focused on the content of the call.   Copilot in Teams Phone: Copilot summary for transferred calls: Available in public preview in April Use AI to facilitate seamless call transfers. When a call is forwarded/transferred to another colleague, users can prompt Copilot to automatically create AI notes for the call as a briefing for the receiving colleague. This feature ensures that the recipient is well-informed about the previous conversations related to the transferred call, enhancing their understanding and preparedness. By providing this context, the Copilot summary helps streamline communication and reduce the need for repetitive explanations. Copilot summary for transferred calls will also be supported for certified Teams Phone certified devices.   Queues app: barge/whisper/monitor/takeover: available in public preview in April The "Queues app: barge/whisper/monitor/takeover" feature in Teams Phone helps team leads and supervisors manage and train junior agents effectively. This feature allows supervisors to: * Monitor: Listen to the conversations their agents are having with callers without being heard. * Whisper: Provide assistance to agents during a call without the caller hearing. * Barge: Join a call in progress to assist both the agent and the caller. * Takeover: Remove an agent from a call and take over the conversation, if necessary. These capabilities are particularly useful for  teams that have to manage a lot of inbound calls to serve internal or external customers - such as IT help desk center environments –  and where supervisors need to provide oversight in helping agents follow the right procedures when handling customer calls. The feature is part of the Queues app, which is available with a Teams Premium license.   SMS for Teams Calling Plans in US & CA: Generally available in US and Canada Teams Calling Plans customers in US & Canada can now send and receive SMS messages directly from the Teams app on desktop or mobile, making it easy to connect with individuals outside of their organizations who are not using Teams. Registration with The Campaign Registry (TCR), which Microsoft helps facilitate during the setup process, is required before Microsoft Teams Calling Plan numbers can be enabled for SMS in Teams Admin Center. Users can then simply open the Teams app, create a new chat, enter the phone number they want to send a message to, then type and send their message. The message will be sent from the user’s phone number, not a generic number. Learn more.   Peripherals: Unified call control across multiple Bluetooth audio devices: Generally available now  When multiple peripheral devices are connected to Teams, the device used to answer a call will temporarily become the primary device that synchronizes with Teams for button functions. Post-call, the original device selected in Teams Settings will resume its role. Initially, this feature was exclusive to USB devices; however, it now extends to native Bluetooth devices. Users can confidently operate multiple Bluetooth devices, ensuring correct call control functionality. This feature is currently available on Windows, with MacOS support anticipated in the future.   Phone devices: Shared call history for call delegates: Generally available now Call delegates can now have access to the call history of the delegator's shared line. This feature allows delegates to view and manage calls made or received on behalf of the delegator, ensuring seamless communication and collaboration.   Phone devices: Line keys on phone devices with touch screens: Generally available now Line keys allow you to set up custom contacts and speed dial on the line key buttons of your Teams-certified phone devices with touch screens. They enable one-touch dialing capabilities, making it easier to quickly access frequently dialed contacts and improve productivity.   Phone devices: Line key support for shared line and call transfers: Available in public preview in April This feature will enable you to assign shared lines to a line key and view the boss and delegates of the line along with their presence on Teams Phone devices with touch screens. This feature allows delegates to pick up calls on behalf of the boss by pressing the line key and join active calls. Additionally, users will be able to assign the transfer action to the line key, enabling them to transfer active calls by simply pressing that line key.   Teams Phone Mobile is now generally available with several new operators, including Bell Canada, Odido (Netherlands), Vodafone UK, and Vodafone Germany.  Teams Phone Mobile enables end-users to make and receive calls using a single number across their mobile phone and all their Teams endpoints. This expanding set of mobile operators providing Teams Phone Mobile allows more and more customers, such as Maternal and Family Health Services, to enjoy seamless mobile and Teams integration with unified a calling experience for enhanced flexibility. This feature will be available with additional operators and markets in the future.   PSTN call extensibility: Generally available now PSTN Call Extensibility in Microsoft Teams allows third-party application developers to extend the PSTN calling experience with contextual information. Third-party apps can open within the calling interface, allowing end-users to access customer contact information during calls, streamline workflows, and improve customer interaction.    Workplace: Places and Teams Rooms Room recommender: Generally available in April 2025  Room recommender makes it easy to collaborate in-person by suggesting suitable meeting rooms. If no room is booked for a meeting, this feature recommends rooms in the meeting chat an hour before the start time when two or more attendees are in the same building. It considers participants’ locations, room availability, and capacity to find the best meeting space. Users can reserve the suggested room with one click and update the meeting invite for everyone. Room recommender will be available on Teams mobile (iOS) to Teams Premium license holders.   Ad-hoc individual desk booking: Generally available in April   Instantly reserve a desk by plugging into a peripheral on a shared desk, enabling a more streamlined workplace experience for employees. IT admins also benefit from a streamlined backend experience, with automatic peripheral association based on desk booking data and access to desk utilization data in the Teams Rooms Pro Management portal.    Auto-update workplace presence with Wi-Fi: Public preview in April   A user's work location can automatically be updated to "office" when their device connects to the onsite corporate Wi-Fi. This feature helps colleagues easily see who is in the office, facilitating in-person connections and collaboration, and enables chat @nearby.    Facilitator agent support in Teams Rooms: public preview available now The Facilitator agent support in Teams Rooms provides real-time AI-generated notes and action items during both scheduled hybrid and impromptu in-person meetings. The Facilitator agent appears in the notes panel for hybrid meetings and can be activated via a QR code for in-person meetings, enhancing collaboration and productivity for all. The feature is available to preview in Teams Rooms on Windows and coming to rooms with Android devices in April. Learn more.   Occupancy status on Teams panels: Generally available early next quarter Teams panels can now smartly utilize signals from Teams Rooms devices (Windows or Android) or occupancy sensors paired with panels to indicate when a room is in use (e.g., LED glow), so you’re not surprised to find an available room is actually occupied. Learn more.   Teams Rooms on Windows app release: Generally available early next quarter In addition to the presenter support in Teams Rooms on Windows for town halls and webinars recently rolled out (See the February WNIT blog), there are exciting features coming in the first 2025 app release for Teams Rooms on Windows. Updates include support for live transcription controls during a meeting from the console, additional language support, and real-time translation for captions, making meetings more inclusive and accessible for multilingual participants. And, with the updated gallery view which arranges participants in consistent tile sizes, prioritizes those with video, offers additional layout options, and optimizes for single and dual displays, users get a consistent meeting experience whether meeting from their desktop or in a room. Learn more.   Teams Rooms on Android app release: Generally available early next quarter As in Teams Rooms on Windows, rooms with Android devices are able to identify speakers during live transcription, ensuring clear and precise voice capture for every participant. Cloud services bring intelligent speaker functionalities to existing speakers, offering intelligent meeting recaps and enhanced M365 Copilot value by attributing content and actions to individuals. Additionally, it provides AI-enhanced audio and video experiences in meetings. Additionally, users benefit from enhanced room availability information with real-time calendar updates. And with a first to Android feature, users can control the Pan-Tilt-Zoom (PTZ) of the active camera to keep the focus where they want it. Learn more.   Teams Rooms Pro Management portal update: Generally available early next quarter Admins now have expanded device health signals with sign-on, Teams Rooms app heartbeat, and network status for Android devices, offering consistency across operating systems. You’ll also get poor call quality signals which help identity root causes and create tickets saving time and effort for IT. In April, GCC-H customers can take advantage of the Pro Management service with assurance that their high security and privacy needs are met.  In response to customer demand for consolidation of admin portals, IT admins will have a unified device management experience, for all Teams Rooms on Windows, through the Pro Management portal. Access is being expanded to Basic and Standard licensed rooms, providing the same functionality found in Teams admin center for that license type. These devices will be in the Pro Management portal May 1st, and will no longer be available in Teams admin center (TAC) after June 1, 2025. First focusing on Windows, the unified experience will include Teams Rooms on Android in the future. And, lastly, IT admins can manage rooms more effectively with the AI assistant in the Pro Management portal. It’s designed to quickly provide product help and information specific to your device environment, it’s available for public preview in the coming weeks. You’ll want to be sure to explore this feature. Learn more.   Teams Devices Logitech Zone Wireless 2 (Native Bluetooth certification ): Generally available now This dongle-free headset is the first headset to earn Microsoft Teams certification. It brings a host of benefits, including the convenience of one less thing to carry (or lose!) as people switch work environments from home, in the office, or on the go, while also freeing up a USB port. Logitech's dongle-free headset features AI noise suppression, noise-canceling mics, hybrid ANC, and premium stereo sound. Advanced Call Clarity (enabled with Logi Tune) suppresses far-end ambient noise so employees can hear colleagues better. Four noise-canceling mics elevate the user’s voice above background conversations. Hybrid ANC makes it easy to concentrate in noisy environments. Personal EQ (enabled with Logi Tune) automatically adjusts to the wearer’s hearing range and the headset features interchangeable earpads and a replaceable battery for longevity.   Yealink SkySound CM50 Dante Audio Kit: Generally available now Certified for Teams, the Yealink SkySound CM50 Dante Audio Kit is perfect for large rooms. It includes a CM50 Ceiling Mic, CS10-D Ceiling Speaker, and AP08 DSP. With 127 wide-range mics, advanced beamforming, customizable pickup zones, and AI-based sound optimization, it ensures premium audio coverage and an immersive sound experience, making it a comprehensive solution for Teams Rooms. Learn more.   Logitech Rally Bar No-Radio: Generally available now Certified for Teams, the Rally Bar No-Radio transforms any mid-sized room into a Microsoft Teams Room. It features a motorized PTZ camera, room-filling speakers, and a sensitive microphone array for a premium user experience. With premium materials, thoughtful cable management, and a range of mounts, it ensures a professional appearance and outstanding coverage for various room shapes and layouts. Learn more.     AudioCodes RXVCam50M Camera: Generally available now  Certified for Teams, the AudioCodes RXVCam50M camera is ideal for medium meeting rooms and conference rooms. It delivers vivid image quality with HD 4K resolution for exceptional video conferencing. Smart zoom and face detection enable auto framing, adjusting the camera’s ePTZ to ensure every participant is clearly seen without user intervention. Easily configure settings via the AudioCodes RX-PAD or Teams client Settings menu. Learn more.   AudioCodes RXVCam70 Dual-Lens PTZ Camera: Generally available now  Certified for Teams, the RXVCam70 delivers an optimal audio and video meeting experience for all participants. It features a 12x optical zoom close-up lens, a 119º DFOV panoramic lens, and a built-in mic array. Advanced AI features, including auto-framing, speaker tracking, and smart gallery, ensure every moment is captured automatically. Included in AudioCodes solution bundles for medium-large Android and Windows Microsoft Teams Rooms, it creates an optimized environment for hybrid Teams meetings. Learn more.   Fundamentals and Security Auto-upgrade meeting protection based on shared file: sensitivity label inheritance [Premium]: Generally available in April Now Microsoft Teams can automatically upgrade the sensitivity level of a meeting based on the sensitivity of files shared during the meeting. When an attendee shares a file with a higher sensitivity label, the meeting's protection settings are enhanced to match the file's sensitivity. This feature helps ensure that sensitive information is adequately protected throughout the meeting. It requires an Microsoft 365 E5 and Teams Premium license with Purview enabled.   Message safety – URL and file protection: Generally available next quarter (Q2)  This feature will enhance security for Teams messaging by blocking weaponizable file types and warning users of harmful URLs sent in Teams messages. The File and URL detection components are embedded in the Teams messaging layers providing comprehensive and robust protection across internal and external one-on-one chats, group chats, meeting chats and channels, to all Teams users. These protections will integrate with Microsoft Defender for Office to enable end-to-end security operations for Teams messaging.    Active meeting protection: detect sensitive content while screensharing and notify [Premium]: Generally available next quarter (Q2) This new feature enhances security during meetings by using AI to automatically detect potentially sensitive information, such as social security numbers and credit card numbers, during screen sharing. When such content is detected, the feature alerts both the presenter and the meeting organizer to prevent unintentional sharing. This helps mitigate the risk of exposing sensitive information and ensures a more secure and private meeting experience. This feature is available to meeting organizers who have Teams Premium. All other participants in a meeting can benefit from this feature while in a meeting, however this feature is enabled when the meeting is scheduled by the meeting organizer.   iPad split window: Generally available in next quarter (Q2) The iPad Split Window feature in Microsoft Teams supports multiple windows on iPad, allowing users to effortlessly switch between meetings and chats without losing context. Customize your split view for the perfect setup, enhancing multitasking and productivity.   Frontline workers QR Code Authentication: Generally available in June 2025 Multiple frontline workers often share the same device across shifts throughout the day. Manual sign-in processes are time consuming and decrease productivity, especially on shared devices. This new, highly requested feature enables sign-in with the scan of a unique QR code and entry of a personal PIN number, significantly decreasing time to log in without affecting security.   Shared Device Mode – iOS support for Jamf: Generally available Shared Device Mode now enables more efficient and secure device sharing for Frontline workers. Microsoft's Shared Device Mode (SDM) allows frontline workers, whose device may be shared among multiple users, to login once to access the device and every app on the device and sign out across apps so the device is ready for the next user. In addition, SDM enables conditional access policies to enable customized security policies. Jamf support for Shared Device Mode is now generally available. Customers with iOS Jamf-managed devices can now enable Shared Device Mode at scale with zero-touch provisioning and leverage device compliance conditional access.   Open shifts across locations: Generally available The Open shifts across locations feature in Microsoft Teams allows frontline managers to offer open shifts across multiple locations, making it easier to balance workforce needs and fill last-minute gaps. This feature provides flexibility for frontline workers, enabling them to pick up shifts at different locations that suit their schedules. By optimizing staffing and improving customer satisfaction, this feature ensures that businesses are always fully staffed and ready to serve

As a part of Microsoft's Secure Future Initiative (SFI), security remains our top priority. In alignment with SFI, Exchange Server is implementing several changes to enhance the security of Exchange Server hybrid deployments. This blog post outlines the current and upcoming changes that apply specifically to Exchange Server hybrid deployments. If your organization does not have any form of Exchange hybrid configured, this post does not apply to you. Change 1: Transitioning to a dedicated Exchange hybrid application To enable Exchange hybrid deployment features such as calendar Free/Busy, MailTips, and user profile picture sharing (we call this “rich coexistence”), Exchange Server currently uses a shared service principal with the same application as Exchange Online. The name of this application is Office 365 Exchange Online, and it has the application ID 00000002-0000-0ff1-ce00-000000000000. This configuration is put in place by initial run of Hybrid Configuration Wizard (HCW) and is used to authenticate and secure the communication between Exchange Server and Exchange Online. Beginning with the April 2025 HU release, Exchange Server is starting the transition to using a dedicated Exchange hybrid application in your tenant’s Entra ID. By October 2025, all current and new Exchange Server hybrid deployments that require rich coexistence features must move to using the dedicated Exchange hybrid app, as Exchange Online service will no longer allow the use of shared service principals beyond that date. There are changes that administrators will need to make to enable and use the dedicated Exchange hybrid app. Please refer to the documentation for more information. Change 2: Deprecation of EWS calls and switch to REST-based Microsoft Graph API calls for Exchange hybrid The retirement of Exchange Web Services (EWS) in Exchange Online is coming. To maintain Exchange hybrid features, Exchange Server will (later this year) start supporting Microsoft Graph API as a replacement for EWS calls from Exchange Server to Exchange Online. This feature will release through an update for Exchange Server 2019 and Exchange Server 2016 in Q3 2025. In line with the transition to Microsoft Graph, the API permissions of the dedicated Exchange hybrid application will be revised to utilize more granular Graph API permissions. A blog post and documentation containing additional information will be published once that release is available. Important: Microsoft Graph for Exchange Server hybrid requires the dedicated Exchange hybrid app (see Change 1 above) and will not use the current shared service principal approach. This change doesn’t affect the EWS API availability in Exchange Server (on-premises) and will only replace EWS calls from Exchange Server to Exchange Online with REST-based Microsoft Graph API calls. Who needs to take action, and when? If your organization uses the following Exchange hybrid functionality… The action you should take is… Customers who require rich coexistence between users with on-premises mailboxes and users who have Exchange Online mailboxes (specific features: Free/Busy lookups, MailTips and profile picture sharing). You MUST take the steps outlined in the documentation and switch to using the dedicated hybrid app (before October 2025) and then switch your hybrid to using Graph API (when available but before October 2026), or else rich coexistence features will break. After all servers are updated and are using the dedicated app, run “Service Principal Clean-Up Mode”. Customers using any other hybrid features only (migrations, SMTP relay, recipient management etc.) – but no rich coexistence required To help harden your hybrid configuration, we recommend that you use the provided script now, to remove the organization certificate from the shared “Office 365 Exchange Online” application. See “Service Principal Clean-Up Mode” in the documentation. You do not need to create the dedicated hybrid app if you don’t need rich coexistence features. Exchange Hybrid customers who require rich coexistence must act Step 1 – Switching your Exchange hybrid from using the shared service principal to using the dedicated Exchange hybrid app, before October 2025. This change can be done in two different ways: * Option 1 (recommended): configure the dedicated Exchange hybrid app by installing April 2025 HU (or later) and running the ConfigureExchangeHybridApplication.ps1 script to switch Exchange hybrid from current “shared principal” configuration to using the dedicated Exchange hybrid app. Please see documentation. * Option 2: In Q2 2025, we will release an updated version of the Hybrid Configuration Wizard (HCW). Once available, re-run HCW to configure the dedicated Exchange hybrid app. We recommend that Exchange hybrid customers do not wait and instead configure the feature by using the PowerShell script (see Option 1). Step 2 – Changing Exchange hybrid to use Graph API calls and updating dedicated app permissions to a more granular Graph permission model, before October 2026: * In Q3 2025, when Graph API update for Exchange Server is made available, all customers who require rich coexistence (even those who already performed the above Step 1) will need to install an Exchange 2016/2019 update and switch the dedicated Exchange hybrid app permissions to a more granular Graph API permission model. This must be done before October 2026. Documentation will be provided at release. The following illustration shows what will be needed for organizations that use rich hybrid coexistence and when, related to Changes 1 and 2 mentioned above: Exchange hybrid customers who require rich coexistence with Exchange Online must act between April 2025 HU release and October 2025. Unless you follow the steps to update to dedicated Exchange hybrid app (before October 2025) and then update it to Graph permission model (before October 2026), some Exchange hybrid functionality will break (Free/Busy sharing between on-premises and Exchange Online users, MailTips, profile picture sharing). Frequently Asked Questions How can we configure, roll back or change the dedicated Exchange hybrid app? What permissions are required? Please refer to the documentation for detailed instructions. What is the deadline for migrating to the new dedicated Exchange hybrid app and Exchange hybrid using Graph permissions for hybrid customers who need rich coexistence features? Please see the following table for related milestones: Milestone Timeline Impact Release of Exchange Server April 2025 HU and dedicated app configuration script Now Exchange Server supports creation of dedicated Exchange hybrid application using the script. Once dedicated app is configured, servers updated to this version of Exchange (or newer) can use it. Release of updated HCW that supports creation of dedicated Exchange hybrid app Q2 2025 Use HCW to configure the dedicated Exchange hybrid app (if not yet done using the script). Release of an update for Exchange Server supporting Graph API calls for rich hybrid coexistence Q3 2025 Exchange Server using this update (or newer) supports using hybrid Graph API calls. Switch the dedicated Exchange hybrid app to more granular Graph permissions (instructions will be provided when released). Retirement of Exchange Online support for shared service principal using EWS October 2025 Organizations using Exchange hybrid who need rich coexistence features (Free/Busy, MailTips and profile picture sharing) must switch to dedicated Exchange hybrid application (using EWS or Graph). Retirement of EWS in Exchange Online October 2026 Organizations using Exchange hybrid who need rich coexistence feature (Free/Busy, MailTips and profile picture sharing) must switch to using dedicated Exchange hybrid application with Graph API permissions model (EWS does not work anymore). Can we configure the dedicated Exchange hybrid app even if not all our servers are updated to the version that support it? Yes, you can still configure and enable dedicated Exchange hybrid app. Servers on older versions of Exchange will continue using the previous shared service principal workflow. Update all your servers before the new configuration becomes a requirement (October 2025). Once the dedicated app is created and enabled, as new servers are updated, they will automatically start using the dedicated hybrid app. What happens if we re-run the Hybrid Configuration Wizard (HCW) after configuring the new dedicated Exchange hybrid app but before HCW is updated to configure the dedicated application? If you re-run HCW after configuring the dedicated application but before the updated HCW is released, the Auth Certificate will be uploaded to the Exchange Online service principal of the shared Office 365 Exchange Online application, but your environment will continue using the dedicated application created by the script because HCW does not modify the server settings override. If, however, you’ve used the script to “clean up” the key credentials of the shared service principal after configuring the dedicated Exchange hybrid app, re-running the HCW will reverse the change, and your need to run the “clean up” again. We have many Exchange servers in our organization. Does every server need a separate dedicated Exchange hybrid app? Dedicated Exchange hybrid app is created in your tenant’s Entra ID and needs to be configured only once per tenant. All your on-premises servers will be able to use the same dedicated application (once they are updated to April 2025 HU or later). Does this change impact migration of mailboxes between Exchange Server and Exchange Online? This change does not impact either onboarding or offboarding mailbox moves between Exchange Online and Exchange Server. Does this change impact any third-party applications connecting to Exchange Online mailboxes using EWS protocol? This change impacts only Exchange hybrid EWS calls from on-premises servers to Exchange Online. Please remember that there is a October 2026 deadline for retirement of EWS protocol in Exchange Online. We have a multi-tenant hybrid organization (a single on-premises AD forest connected to multiple Exchange Online tenants). What do we have to do? The script to switch to a dedicated Exchange hybrid app needs to be run once per tenant as it needs to update the corresponding Auth Server object and has to create the application in each of the tenants. The best approach is running the script in split execution mode to do all the configuration except creating the setting override (which will enable Exchange Server to start using the new application). When all the tenants have the dedicated Exchange hybrid app created, run the script again to create the override and enable your on-premises Exchange servers to use the feature. More information can be found in the documentation. We have concerns with the dedicated Exchange hybrid app script assigning too many EWS permissions to the new dedicated application. Once Exchange Server is updated to support Graph API calls for Exchange Hybrid (expected in Q3 2025) - we will update the script and direct our customers to re-run the script to remove the more permissive EWS permissions and replace them with more granular Graph API permissions. Please note that the EWS permissions assigned in the first stage (creation of dedicated Exchange hybrid app before on-premises Graph support is available) are the same as permissions that the shared security principal already has today. Why has Microsoft taken the direction of making customers create their own dedicated hybrid application instead of publishing a new application that is managed by Microsoft? The approach of using a dedicated application in customer tenant gives customers more flexibility for future changes that may require modifications to the app. Consider the upcoming shift from EWS to Graph API calls: adjustments to the application will be necessary (for example, updating API permissions). A dedicated customer application allows customers to choose when they want to transition from EWS API permissions to Graph API permissions. Since the dedicated application is automatically created and configured by the PowerShell script or (later this year) Hybrid Configuration Wizard, there is no added benefit for customers using a Microsoft managed application. Will the experience to configure the new dedicated Exchange hybrid app be available in the Hybrid Configuration Wizard (HCW)? An update to include this in HCW is expected in Q2 2025. Instead of running the script, can we wait for this change to be enabled via HCW? By waiting, you do not give yourself the extra time to roll out the dedicated app in a slower manner (and confirm that all rich coexistence hybrid functionality works as expected). We recommend that our customers take the script route. We also expect that many of our customers would not want to re-run HCW for this change anyway. Does it matter if an organization uses Modern or Classic Exchange hybrid configuration? Changes mentioned in this blog post apply to both Modern (Hybrid Agent) or Classic Exchange hybrid. We’ve created the dedicated Exchange hybrid application and set the permissions as per the documentation. We then finished our migration and do not host any mailboxes on-premises so rich-coexistence is not required anymore. Anything we should do? If you do not require the rich coexistence features anymore, you can run the script in “Delete Application Mode” to delete the dedicated Exchange hybrid application and keep using Exchange on-premises for management or SMTP relay scenarios only. Note that deleting the dedicated Exchange hybrid application doesn’t revert the configuration changes done on the Exchange Server (on-premises) side. Follow the steps outlined in the documentation if you want to revert the configuration, too. We use Hybrid Modern Authentication (HMA). What is the guidance for us? Currently, HMA uses the first-party (shared) service principal. Since it is not required to upload the Auth Certificate to the shared service principal when setting up HMA, this scenario remains unaffected by the change and will continue functioning as before. Therefore, it is safe to remove the Auth Certificate from the shared service principal after switching to the dedicated Exchange hybrid application. We use Microsoft Entra Connect (previously Azure AD Connect) for directory synchronization. All our mailboxes are hosted on-premises. Is it necessary to create the dedicated Exchange hybrid application? If you’ve never ran the Hybrid Configuration Wizard (HCW), there is no need to configure the dedicated Exchange hybrid application. However, if you ran HCW and intend to use hybrid features such as Free/Busy, MailTips, and profile picture sharing, creating the dedicated Exchange hybrid application is required. We have an Exchange hybrid setup but no on-premises mailboxes. We only use the server as an SMTP relay or recipient management. Do we need to create the dedicated Exchange hybrid application? Creating the dedicated Exchange hybrid application is not required if you do not utilize hybrid features such as Free/Busy, MailTips, and profile picture sharing. To enable these hybrid features in the future, you will need to configure the dedicated Exchange hybrid application. We have Exchange hybrid setup for Microsoft Teams integration with on-premises mailboxes. Do we need to create a dedicated Exchange hybrid application or take any other action? Creating the dedicated Exchange hybrid application is not required if all mailboxes are hosted on-premises. However, for environments where some mailboxes are hosted on-premises and others are hosted in Exchange Online, it's recommended to create the dedicated Exchange hybrid application. This ensures that hybrid features such as Free/Busy, MailTips, and profile picture sharing continue to function properly. The Exchange Team

Microsoft has released Hotfix Updates (HUs) that enables support for new functionality and address issues in earlier updates. * Exchange Server 2019 * Exchange Server 2016 HUs are available for the following specific versions of Exchange Server: * Exchange Server 2019 CU14 and 2019 CU15 * Exchange Server 2016 CU23 The April 2025 HUs do not contain any new Exchange Server security updates. We wanted to call out the following feature from this update: Announcing Dedicated Exchange Hybrid Application As a part of our Secure Future Initiative (SFI) we are making changes to improve the security of your Exchange Hybrid configuration. One of the steps toward this goal is to separate the identities of Exchange Server and Exchange Online by creating a dedicated Exchange hybrid application in Microsoft Entra ID. This is a part of our overall effort to deprecate legacy Exchange Web Services (EWS) API from Exchange Online and switch to using Graph API calls with granular Graph API permissions. With the release of April 2025 HUs, we are ready to start the first step in this transition. Note / banner: Exchange hybrid customers who require rich coexistence with Exchange Online must act between April 2025 HU release and October 2025. Unless you follow the steps to update to dedicated Exchange hybrid app (before October 2025) and then update it to Graph permission model (before October 2026), some Exchange hybrid functionality will break (Free/Busy sharing between on-premises and Exchange Online users, MailTips, profile picture sharing). Please see the dedicated Exchange Server Security Changes for Hybrid Deployments blog post, the documentation and the FAQ related to the dedicated Exchange hybrid application and other related changes. Known issues with this update * Edge Transport service (EdgeTransport.exe) stops responding and then restarts when Exchanger Server attempts to decrypt the messages, sent from an external source protected by Azure Rights Management (Azure RMS). Update installation The following update paths are available: * Inventory your Exchange Servers to determine which updates are needed using the Exchange Server Health Checker script. Running this script will tell you if any of your Exchange Servers are behind on updates (CUs, SUs, or manual actions). * Install the latest CU. Use the Exchange Update Wizard to choose your current CU and your target CU to get directions. * Re-run the Health Checker after you install an update to see if any further actions are needed. * If you encounter errors during or after installation of Exchange Server, run the SetupAssist script. If something does not work properly after updates, see Repair failed installations of Exchange Cumulative and Security updates. Also please see File version error when you try to install Exchange Server updates. Hotfix Update FAQs We installed the last Security Update. Should we install the later Hotfix Update? Exchange Server HUs are optional updates, but they might introduce features or fixes that your organization can benefit from. Please see the release KB article for more details. We did not yet install the earlier Security Update. Do we have to install the last available SU first before installing the later HU? All of Exchange updates (HUs or SUs) are cumulative. Therefore, a newer HU will contain all the changes that a previous, older SU has. If you have not installed the older SU yet, you can install the newer HU directly and skip the older SU. Our Exchange servers update automatically through Windows / Microsoft Update. Will our servers automatically install the HU update? HUs will appear as an optional update for your servers. The update will also be available on the Microsoft Update Catalog after a few days of delay. Will the new features and fixes released in the HU also be rolled into future updates, or must we install this specific HU to get them? Content of this HU will be included in subsequent updates for Exchange Server. Can HUs be uninstalled (if the need arises)? Yes. HUs, like SUs, can be uninstalled. Documentation may not be fully available at the time this post is published. This post might receive future updates; they will be listed here (if available). The Exchange Server Team

Questo modulo presenta PowerShell, una shell della riga di comando e un linguaggio di scripting multipiattaforma creato per l'automazione delle attività e la gestione della configurazione.

We are retiring a feature in Exchange Online that previously enabled users with a primary mailbox hosted on Exchange Server (on-premises) to access their archive mailbox, hosted in Exchange Online, via Outlook on the Web (OWA). This change will solely impact OWA usage and does not affect access to the archive mailbox using other supported Outlook clients. Imagine the following situation: An Exchange Server hybrid environment is in place, with some mailboxes hosted on Exchange Server. Among these, certain mailboxes have activated a cloud archive, meaning their archive mailboxes are hosted in Exchange Online. Up until now, users could access these archive mailboxes via Outlook on the Web (OWA). However, starting May 12, 2025, this access will no longer be available. Users will still be able to access their archive mailboxes through Outlook Desktop. We’ve identified all customers who have used this workflow in the last 30 days. If your organization is affected by this change, you should see a Message Center post MC1053644 posted in your Microsoft 365 admin center. If you’re using this workflow but don’t see the message center post, please reach out to us via exchonpremfeedback[AT]microsoft.com and let us know. The Exchange Team

To meet customers’ needs for a one-stop destination to configure, monitor, and manage Teams rooms devices, we will be transitioning all Teams Rooms on...

Since October 2024, Microsoft Defender Experts has observed and helped multiple customers address campaigns leveraging Node.js to deliver malware and other payloads that ultimately lead to information theft and data exfiltration. The post Threat actors misuse Node.js to deliver malware and other malicious payloads appeared first on Microsoft Security Blog.

Microsoft Secure Score is important, but the increasing sophistication of security requirements has driven the development of more comprehensive security initiatives using Microsoft Security Exposure Management. The post ​​Transforming security​ with Microsoft Security Exposure Management initiatives​  appeared first on Microsoft Security Blog.

On October 14, 2025, 6 months from today, Exchange Server 2016 and Exchange Server 2019 reach end of support.  

To meet customers’ needs for a one-stop destination to configure, monitor, and manage Teams rooms devices, we will be transitioning all Teams Rooms on Windows devices, irrespective of their licenses, to the Teams Rooms Pro Management portal on May 1, 2025. This change delivers a unified device management and admin portal experience. Teams Rooms on Windows devices will no longer be available in Teams admin center (TAC) after June 1, 2025. As of May 1, 2025, all Teams Rooms on Windows devices with Standard or Basic licenses will be visible in the Teams Rooms Pro Management portal. Customers who have Teams Rooms Basic or Standard-licensed rooms and are currently using the TAC will now have device management functionalities within the Teams Rooms Pro Management portal and will retain access to a subset of features equivalent to those in the TAC. To take advantage of the full suite of device management and space analytics in the portal, a Teams Rooms Pro license is required. For organizations who have never used the Teams Rooms Pro Management portal, those with Teams or Teams Device administrator roles will be able to access the Pro Management portal by that date via https://portal.rooms.microsoft.com if URLs have been allowlisted per instructions at https://learn.microsoft.com/microsoftteams/rooms/enroll-a-device. Please see these resources for more information: * See Microsoft 365 Roadmap ID 482539 * Review MC1041960 post in the Microsoft 365 admin center for more details * Learn more about Teams Rooms Pro Management in this video * Find product documentation here: Microsoft Teams Rooms Pro management Frequently asked questions Q: Which Teams Rooms on Windows customers will be impacted? A: This change impacts all Teams Rooms on Windows customers with commercial, GCC, and GCC-H tenants. Those licensed with Standard and Basic will have the greatest impact. For those that have used only Teams admin center and are unfamiliar with the capabilities of Teams Rooms Pro Management, we encourage you to view the short videos on  Teams Rooms Pro Management - YouTube and product documentation on Microsoft Teams Rooms Pro management - Microsoft Teams | Microsoft Learn. Q: I’ve never accessed the Pro Management Portal before; do I need to add any license to access it because of this change? A: There is no need to purchase any additional license to access the Teams Rooms Pro Management portal. After May 1, 2025, the Pro Management portal can be accessed at https://portal.rooms.microsoft.com after whitelisting the URLs provided at aka.ms/PMPenroll. Customers who want the full multi-OS, multi-brand device health monitoring, management, and space analytics capabilities of Teams Rooms Pro Management, should license rooms for Teams Rooms Pro. Q: Will Teams Rooms on Android devices transition from the Teams admin center to the Pro Management portal as well? A: Our goal is to provide a one-stop admin portal for all Teams Rooms, whether they are on Windows or Android. Because capabilities can vary due to the operating system of the device, we are first focusing on transitioning device management on Windows-based devices. Q: With the transition to manage Teams Rooms on Windows devices in the Pro Management portal, do we still manage Teams panels in the Teams admin center (TAC)? A: Yes, for now, you will still need to use the Teams admin center to manage Teams panels. Q: Teams Rooms Pro Management has been included in the cost of a Teams Rooms Pro license. Are you now providing that for free to customers who have only Basic or Standard rooms? A: No. Basic and Standard Teams Rooms licensed customers have access to a sub-set of features that equate to what they had in the Teams admin center. They will not have all the device and updates management, or space analytics features that come with a Teams Rooms Pro license. Q: Can an organization's IT team override the change and keep using the Teams admin center? A: No. This is a mandatory transition as the Teams admin center (TAC) agent running on the Teams Rooms on Windows device will be decommissioned.

We are pleased to announce that if you are using third-party report message solutions in Microsoft Outlook, such as Knowbe4, Hoxhunt, and Cofense, you can...