Boston Office 365 User Group December 2016 Oliver
Boston Office 365 User Group – December 2016
Oliver Bartholdson Senior Share. Point Consultant Microsoft PTSP Twitter: @obartholdson Linked. In: linkedin. com/in/obartholdson
What you will get out of this session Prepare for launch Secondary Administrator Storage Quota Governance Plan Pre. Provision One. Drive Retention DLP Policies Protect after launch Sync Client Modern Experience External Sharing End User Activity Reports Data Migration Content Search e. Discovery
What you will NOT get out of this session Prepare for launch Secondary Administrator Storage Quota Governance Plan Pre. Provision One. Drive Retention DLP Policies Protect after launch Sync Client Modern Experience External Sharing End User Activity Reports Data Migration Content Search e. Discovery
One. Drive for Business Overview
Add a Secondary Administrator Global Admin view Secondary Administrator Storage Quota Pre-Provision One. Drive Retention End user view DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Add a Secondary Administrator Automatically add a secondary administrator during the creation process of the One. Drive site (My. Site) Share. Point Admin Center > User Profiles > Setup My. Sites Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Add a Secondary Administrator For existing One. Drive sites, you must: • Sign in to Office 365 as a Global Administrator • Connect to the tenant using Connect-SPOService • Create a list of all One. Drive for Business sites using Get. OD 4 BSites. ps 1 • Assign a user as a site collection administrator across all One. Drive sites using OD 4 BAssign. SCA. ps 1 Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Add a Secondary Administrator Tips • Assign permissions to no more than 2, 500 One. Drive for Business sites per day • Keep a record of the One. Drive sites and administrators • Communicate to users that an administrative account has been assigned as a site collection administrator to One. Drive for Business sites in your organization Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
One. Drive for Business Storage 0 TB 1 TB 2 TB 3 TB 4 TB 5 TB 6 TB 7 TB Unlimited storage included in all Enterprise plans 1 TB limit by default, can be increased to 5 TB Ask Microsoft for more than 5 TB Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Set Storage Quota • Sign in to Office 365 as a Global Administrator • Connect to the tenant using Connect-SPOService • To set a global quota for new One. Drive sites • Set-SPOTenant -One. Drive. Storage. Quota <quota> • To reset an existing One. Drive site to new quota • Set-SPOSite -Identity <site. URL> -Storage. Quota. Reset • To set the storage quota for a specific One. Drive site • Set-SPOSite -Identity <site. URL> -Storage. Quota <quota> Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Pre-Provision One. Drive Why pre-provision? • Migrate data from file server or other repository • Migrate data from On. Prem My. Site to One. Drive for Business • Part of your on-boarding process Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Pre-Provision One. Drive • Configure Secondary Admin and Storage Quota • Set up the Share. Point Online Management Shell • Sign in to Office 365 as a Global Administrator • Connect to the tenant using Connect-SPOService • Run the Request-SPOPersonal. Site cmdlet, or create a CSV file to provision up to 200 One. Drive libraries at once • Your request will be queued through a timer job Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing Be sure to assign a license to the Global Administrator account that will be running this Power. Shell cmdlet. End User Activity Reports Content Search e. Discovery
One. Drive Retention • Account gets deleted in Office 365 Admin Center or removed through Azure AD sync • One. Drive site is marked for deletion through the My. Site Cleanup Timer Job • The Manager in AD gets notified via email and obtains ownership of the One. Drive site • 30 Days later the One. Drive data is deleted Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing 30 Days End User Activity Reports Content Search e. Discovery
My. Site Cleanup Job • Add a secondary owner in case the manager field is not populated in AD • Increase the retention period for the My. Site Cleanup Timer Job to up to 10 years! • Set-SPOTenant –Orphaned. Personal. Sites. Retention. Period <number of days> Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Data Loss Prevention Policies (DLP) • Identify sensitive information across many locations, such as Exchange Online, Share. Point Online, and One. Drive for Business • Prevent the accidental sharing of sensitive information • Get notified or view DLP reports showing content that matches your organization’s DLP policies Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Data Loss Prevention Policies • Security and Compliance > Threat Management > DLP • Protect all One. Drive sites, or just a few • Create your conditions Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Data Loss Prevention Policies • Choose a sensitive information type, or create your own • Create an action when conditions are met Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Data Loss Prevention Policies Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Next Generation Sync Client Original Sync Client (groove. exe) • • • Windows 7, 8, 8. 1, 10 • One. Drive for Business, Share. Point, Groups • 20, 000 item limit • 2 GB file size limit • No Selective Sync • Supports co-authoring from local docs • • Included in Office Pro. Plus 2013 • MFA App Passwords Secondary Administrator Storage Quota Pre-Provision One. Drive Retention • • DLP Policies Next Gen Sync Client (onedrive. exe) Windows 7, 8, 8. 1, 10, Mac OS X 10. 9 One. Drive for Business, One. Drive Consumer, Share. Point, Groups (Preview) No item limit 10 GB file size limit Supports Selective Sync Supports real-time co-authoring in Office 2016 Included in Office Pro. Plus 2016 MFA with Modern Authentication Control bandwidth consumption Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Next Generation Sync Client Previous Sync Client Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing New sync client End User Activity Reports Content Search e. Discovery
Next Generation Sync Client Already have the old groove sync client installed? • The next gen sync client with automatically take over syncing • Groove. exe with stop syncing One. Drive sites • One. Drive. exe starts syncing the same One. Drive site without redownloading the content • Groove. exe stops running and removes itself from automatic startup, unless it’s syncing other content like Share. Point site libraries or On. Prem One. Drive for Business Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Next Generation Sync Client • System Center Configuration Manager (SCCM) or Group Policy can be used to deploy the sync client • Deploy One. Drive. exe to your users • Launch One. Drive. exe to allow users to setup the sync client • Set update cadence (Optional) Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Download the sample SCCM package. Just update the One. Drive. exe path and the application owner. Content Search e. Discovery
Next Generation Sync Client Key Administration Settings via Group Policy • Set the default location for the One. Drive folder • Prevent users from changing the location of their One. Drive folder • Prevent users from synchronizing their personal One. Drive accounts • Set maximum upload bandwidth percentage that One. Drive. exe uses Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing Download the One. Drive Deployment Package to get the adml and admx group policy files End User Activity Reports Content Search e. Discovery
Next Generation Sync Client Set-SPOTenant. Sync. Client. Restriction • Block sync to non-domain joined machines • Control the list of allowed domains • Block Mac sync since they do not support domain join • Block specific file extensions from synching • Prevent users from synchronizing their personal One. Drive accounts • Block the old sync client Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Classic vs. Modern One. Drive Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
External Sharing Tenant level options Site collection sharing cannot be less restrictive than the tenant setting Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
External Sharing All or nothing One. Drive sharing Enable for all, block for some • Set-SPOSite –Identity https: //<yourtenant>my. sharepoint. com – Sharing. Capability Disabled Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
External Sharing You can setup a list of approved domains or blocked domains but not both These settings apply to both Share. Point Online and One. Drive for Business! Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
End User Activity Reports Who has viewed that document? Who is sharing files with external parties? Who deleted those files? Who created an anonymous link to this file? Who is using the sync client to download files? Who deleted the compliance administrator from their One. Drive? Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
End User Activity Reports Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Advanced Alerts Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Content Search Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Content Search Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Content Search Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
e. Discovery Case Management Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Preservation Hold Library Document Library Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
e. Discovery Case Management Preserve Identify Search Analyze Review Identifying Relevant Data Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Advanced e. Discovery Secondary Administrator Storage Quota Pre-Provision One. Drive Retention DLP Policies Sync Client Modern Experience External Sharing End User Activity Reports Content Search e. Discovery
Resources Downloads Data Loss Prevention Policies One. Drive Deployment Package Next Generation Sync Client Overview sample SCCM package Determine Version of Sync Client Get. OD 4 BSites. ps 1 Transition to the Next Gen Sync Client OD 4 BAssign. SCA. ps 1 Deploying the Next Gen Sync Client Administrative Settings for the Next Gen Sync Client References Block Sync From Non-Domain Joined Machines Add a Secondary Administrator Overview of External Sharing Assign e. Discovery Permissions to One. Drive End User Activity Reports One. Drive for Business Storage Advanced Alerts in Office 365 Set One. Drive Storage Quota Run a Compliance Search Pre-Provision One. Drive Sites e. Discovery Case Management Overview of One. Drive Retention and Deletion Advanced e. Discovery One. Drive Retention Power. Shell cmdlet Stay Up to Date with the Sync Client Release Notes
Thank you! Don’t forget to follow me: Twitter: @obartholdson Linked. In: linkedin. com/in/obartholdson
- Slides: 44
