2023 CW 13 Microsoft 365 Message Center changes

Note: This change will only impact sharing of sites. Users who share files or folders will continue to receive the same experience they have today.

If Edge is not installed, they will have the option to download it.

We are working on a configuration for you to turn this off if there is a browser your workplace already uses, and will provide an update when it is released.

If Edge is not installed, they will have the option to download it.

We are working on a configuration for you to manage this feature if there is a browser your workplace already uses and will provide an update, via Message center, in the coming weeks.

In December 2021, a new section was added to the service health page in the Microsoft 365 admin center, featuring "Issues in your environment that require action." These types of issues are not caused by Microsoft services being unhealthy, but by something specific to your organization that require an admin to take action.

To ensure that these notifications successfully reach you, an email will now be sent automatically each time a new issue is posted.

If you do not want to receive these email notifications, you can adjust your email preferences by clicking the "Customize" button on the service health page.

This message is associated with Microsoft 365 Roadmap ID 103631

[When this will happen:]

Targeted Release: We will begin rolling out early March and expect to complete by mid-March.

Standard Release: We will begin rolling out mid-March and expect to complete by late March.

In December 2021, a new section was added to the service health page in the Microsoft 365 admin center, featuring "Issues in your environment that require action." These types of issues are not caused by Microsoft services being unhealthy, but by something specific to your organization that require an admin to take action.

To ensure that these notifications successfully reach you, an email will now be sent automatically each time a new issue is posted.

If you do not want to receive these email notifications, you can adjust your email preferences by clicking the "Customize" button on the service health page.

This message is associated with Microsoft 365 Roadmap ID 103631

[When this will happen:]

Targeted Release: We will begin rolling out early May (previously early March) and expect to complete by mid-May (previously mid-March).

Standard Release: We will begin rolling out late May (previously mid-March) and expect to complete by mid-June (previously late March).

Starting this month, waves of customers will begin to be automatically directed to entra.microsoft.com from Microsoft 365 in place of the Azure AD admin center (aad.portal.azure.com).

You will still be able to complete all your Azure AD management tasks from the Microsoft Entra admin center – all the capabilities are available under the Azure AD tab in the navigation. Also, you’ll be able to return to the Azure AD admin center from a link on the Entra admin center.

[When this will happen:]

We will begin rollout in December 2022 and expect rollout to be completed in March 2023.

Will I still be able to access my Azure AD admin portal after April 1st, 2023?

The Azure AD admin center (https://aad.portal.azure.com) will continue to function until May 2023.

The Azure portal at https://portal.azure.com will also continue to offer Azure AD for Azure customers.

Learn more at New Admin Center Unifies Azure AD with Other Identity and Access Products - Microsoft Community Hub

Microsoft Entra documentation | Microsoft Learn

Microsoft Entra admin center gives customers an entire toolset to secure access for everyone and everything in multicloud and multiplatform environments. The entire Microsoft Entra product family is available at this new admin center, including Azure Active Directory (Azure AD) and Microsoft Entra Permissions Management, formerly known as CloudKnox.

Starting this month, waves of customers will begin to be automatically directed to entra.microsoft.com from Microsoft 365 in place of the Azure AD admin center (aad.portal.azure.com).

You will still be able to complete all your Azure AD management tasks from the Microsoft Entra admin center – all the capabilities are available under the Azure AD tab in the navigation. Also, you’ll be able to return to the Azure AD admin center from a link on the Entra admin center.

[When this will happen:]

We will begin rollout in December 2022 and expect rollout to be completed in March 2023.

Beginning in March, users in your organization will be able to use expanded views of the profile card in Teams. The expanded view is already available in Outlook and includes more information, like an overview of the profile, contact information, organizational chart, and LinkedIn tab.

This message is associated with Microsoft 365 Roadmap ID 109526.

[When will this happen:]

We will begin rolling out this feature in early March (previously February) and expect to complete the rollout in late April.

Beginning in March, users in your organization will be able to use expanded views of the profile card in Teams. The expanded view is already available in Outlook and includes more information, like an overview of the profile, contact information, organizational chart, and LinkedIn tab.

This message is associated with Microsoft 365 Roadmap ID 109526.

[When will this happen:]

We will begin rolling out this feature in late March (previously early March) and expect to complete the rollout in late June (previously late April).

With the growing adoption and support of IPv6 across enterprise networks, service providers, and devices, many customers are wondering if their users can continue to access their services and applications from IPv6 clients and IPv6 networks.

Today, we’re excited to announce our plan to bring IPv6 support to Microsoft Azure Active Directory (Azure AD). This will allow customers to reach the Azure AD services over both IPv4 and IPv6 network protocols (dual stack).

For most customers, IPv4 won't completely disappear from their digital landscape, so we aren't planning to require IPv6 or to de-prioritize IPv4 in any Azure Active Directory features or services.

[When this will happen:]

We’ve been gradually rolling out IPv6 for some of our services for a while. Starting in late March 2023 we'll begin enabling IPv6 for Azure AD authentication. We will introduce IPv6 support into Azure AD authentication in a phased approach, beginning late March 2023.

If your networks don’t support IPv6, you don’t need to take any action to change your configurations or policies. For most customers, IPv4 won't completely disappear from their digital landscape, so we aren't planning to require IPv6 or to de-prioritize IPv4 in any Azure AD features or services. We will continue to share additional guidance on IPv6 enablement in Azure AD at this easy to remember link https://aka.ms/azureadipv6.

With the growing adoption and support of IPv6 across enterprise networks, service providers, and devices, many customers are wondering if their users can continue to access their services and applications from IPv6 clients and IPv6 networks.

Today, we’re excited to announce our plan to bring IPv6 support to Microsoft Azure Active Directory (Azure AD). This will allow customers to reach the Azure AD services over both IPv4 and IPv6 network protocols (dual stack).

For most customers, IPv4 won't completely disappear from their digital landscape, so we aren't planning to require IPv6 or to de-prioritize IPv4 in any Azure Active Directory features or services.

[When this will happen:]

We’ve been gradually rolling out IPv6 for some of our services for a while. Starting in late March 2023 we'll begin enabling IPv6 for Azure AD authentication. We will introduce IPv6 support into Azure AD authentication in a phased approach, beginning late March 2023.

[When will this happen?]

Targeted Release: We will be rolling out beginning in late January.

Standard Release: We will be rolling out in early February and expect to complete rollout by late February.

We have refreshed the OneDrive Commercial Web landing experience to help you get to the files you’re working on quickly and easily. The new OneDrive Home experience surfaces your most recently used files, along with relevant file activity, so you can see everything at a glance and quickly prioritize where to start working.

[When will this happen?]

Targeted Release: We will be rolling out beginning in late January.

Standard Release: We will be rolling out in early February and expect to complete rollout by late March (previously late February).

We are updating the recommended quarantine notification policy in the Standard and Strict preset security policies.

PolicyQuarantine PolicyStandardDelivery locationStrictDelivery location

Anti-SpamSpamQuarantineTag DefaultFullAccessPolicy*Junk folderDefaultFullAccessWithNotificationPolicyQuarantine

Anti-SpamHighConfidenceSpamQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-SpamPhishQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-SpamHighConfidencePhishQuarantineTag AdminOnlyAccessPolicy QuarantineAdminOnlyAccessPolicy Quarantine

Anti-SpamBulkQuarantineTag DefaultFullAccessPolicy* Junk flolderDefaultFullAccessPolicy Quarantine

Anti-PhishSpoofQuarantineTag DefaultFullAccessPolicy* Junk flolderDefaultFullAccessWithNotificationPolicyQuarantine

Anti-Phish TargetedUserQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-Phish TargetedDomainQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-Phish MailboxIntelligenceQuarantineTag DefaultFullAccessPolicy Junk folderDefaultFullAccessPolicy Quarantine

Anti-malware QuarantineTag AdminOnlyAccessPolicy QuarantineAdminOnlyAccessPolicy Quarantine

Safe AttachmentsQuarantineTag AdminOnlyAccessPolicy QuarantineAdminOnlyAccessPolicy Quarantine

With the DefaultFullAccessWithNotificationPolicy, Users will receive quarantine notifications for emails quarantined due to the corresponding threat policy.

*Note that the Quarantine policy assigned here is ineffective since the delivery location is Junk folder

Here is what the quarantine notification looks like:

[When this will happen:]

We will begin rolling this out in mid-February 2023 and complete rolling out by mid-March 2023.

We are updating the recommended quarantine notification policy in the Standard and Strict preset security policies.

PolicyQuarantine PolicyStandardDelivery locationStrictDelivery location

Anti-SpamSpamQuarantineTag DefaultFullAccessPolicy*Junk folderDefaultFullAccessWithNotificationPolicyQuarantine

Anti-SpamHighConfidenceSpamQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-SpamPhishQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-SpamHighConfidencePhishQuarantineTag AdminOnlyAccessPolicy QuarantineAdminOnlyAccessPolicy Quarantine

Anti-SpamBulkQuarantineTag DefaultFullAccessPolicy* Junk flolderDefaultFullAccessPolicy Quarantine

Anti-PhishSpoofQuarantineTag DefaultFullAccessPolicy* Junk flolderDefaultFullAccessWithNotificationPolicyQuarantine

Anti-Phish TargetedUserQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-Phish TargetedDomainQuarantineTag DefaultFullAccessWithNotificationPolicyQuarantineDefaultFullAccessWithNotificationPolicyQuarantine

Anti-Phish MailboxIntelligenceQuarantineTag DefaultFullAccessPolicy Junk folderDefaultFullAccessPolicy Quarantine

Anti-malware QuarantineTag AdminOnlyAccessPolicy QuarantineAdminOnlyAccessPolicy Quarantine

Safe AttachmentsQuarantineTag AdminOnlyAccessPolicy QuarantineAdminOnlyAccessPolicy Quarantine

With the DefaultFullAccessWithNotificationPolicy, Users will receive quarantine notifications for emails quarantined due to the corresponding threat policy.

*Note that the Quarantine policy assigned here is ineffective since the delivery location is Junk folder

Here is what the quarantine notification looks like:

[When this will happen:]

We will begin rolling this out in mid-February 2023 and complete rolling out by mid-April 2023 (previously mid-March).

Public preview is enabled on a per-user basis, and the option to turn on Public Preview is controlled via Teams admin policy as described here: Microsoft Teams Public Preview

Today, when admins enable this policy for an end user, that user needs to opt-in via Teams app to get into Public Preview. We are adding a new value named ‘Forced’ for this policy that will allow IT admins to move users to Public Preview without having users to opt-in to Public Preview via Teams app.

[When this will happen:]

We will begin rolling out early March and expect to complete by the mid-March 2023

Microsoft Teams Public Preview provides early access to pre-release features for product quality, internal planning, adoption & training readiness before they roll out to the rest of their company.

Public preview is enabled on a per-user basis, and the option to turn on Public Preview is controlled via Teams admin policy as described here: Microsoft Teams Public Preview

Today, when admins enable this policy for an end user, that user needs to opt-in via Teams app to get into Public Preview. We are adding a new value named ‘Forced’ for this policy that will allow IT admins to move users to Public Preview without having users to opt-in to Public Preview via Teams app.

[When this will happen:]

We will begin rolling out early March and expect to complete by the late March (previously mid-March).

As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535

[When this will happen:]

Standard Release: We will begin rolling out mid-March (previously mid-February) and expect to complete by late March.

As part of the DMARC (Domain-based Message Authentication Reporting & Conformance) standard, the owner of the domain whose MX is pointed to Office 365 can request DMARC aggregate reports through the RUA of the DMARC record. This will help the domain owner to monitor their domain's traffic passing through Office 365 and adjust their sender authentication configurations to reach an actionable DMARC policy.

This message is associated with Microsoft 365 Roadmap ID 109535

[When this will happen:]

Standard Release: We will begin rolling out mid-March (previously mid-February) and expect to complete by late March.

This message is associated with Microsoft 365 Roadmap ID 117542

[When this will happen:]

Send to Kindle will be rolling out on mid-March and expect to complete by mid-April.

We will be adding the ability for users to send documents from Microsoft Word (Win32, Web, Mac) to the Kindle e-reader device or Kindle app.

This message is associated with Microsoft 365 Roadmap ID 117542

[When this will happen:]

Send to Kindle will be rolling out on mid-April (previously mid-March) and expect to complete by mid-May (previously mid-April).

This message is associated with Microsoft 365 Roadmap ID 94692

[When this will happen:]

General Availability: We will begin rolling out early March and expect to complete by mid-March.

This feature would allow users to easily get location recommendations for emergency location. Confirming the location via the autosuggest will mark the location as an assist driving emergency call directly to PSAP. We will still allow manual location confirmations.

This message is associated with Microsoft 365 Roadmap ID 94692

[When this will happen:]

General Availability: We will begin rolling out early March and expect to complete by mid-March.

We are introducing a default change for Excel Windows desktop apps that run XLL add-ins: XLL add-ins from untrusted locations will now be blocked by default.

For XLL add-ins in files from untrusted locations, you will no longer be able to enable content with a click of a button. A message will appear notifying you of the risk and a link to get more information about possible workarounds and support. This change will help you stay more secure by blocking popular attack techniques.

This message is associated with Microsoft 365 Roadmap ID 115485

[When this will happen:]

Preview: We have already completed rolling out to Insiders preview.

Standard Release: We will begin rolling out early March 2023 and expect to complete by late March 2023.

The policy is located under Administrative Templates > Microsoft Excel 2016 > Excel Options > Security > Trust Center > Block Excel XLL Add-ins that come from an untrusted source.

The new Administrative Template files and details are available at Microsoft Download Center.

We are introducing a default change for Excel Windows desktop apps that run XLL add-ins: XLL add-ins from untrusted locations will now be blocked by default.

For XLL add-ins in files from untrusted locations, you will no longer be able to enable content with a click of a button. A message will appear notifying you of the risk and a link to get more information about possible workarounds and support. This change will help you stay more secure by blocking popular attack techniques.

This message is associated with Microsoft 365 Roadmap ID 115485

[When this will happen:]

Preview: We have already completed rolling out to Insiders preview.

Standard Release: We will begin rolling out early March and expect to complete by late March.

You can learn more about Loop here: https://loop.microsoft.com/.

[When this will happen:]

The Loop app will be released to Public Preview late March 2023!

Microsoft Loop is a web and mobile co-creation app. It is designed for your team to think, plan, and create together. The Loop App will be disabled by default for your organization. If you wish to enable the Loop App in your tenant, please follow the steps outlined below.

You can learn more about Loop here: https://loop.microsoft.com/.

[When this will happen:]

The Loop app will be released to Public Preview late March 2023!

We are updating the SharePoint Online Site Sharing backend to use Azure B2B Invitation Manager instead of the legacy SharePoint Invitation Manager.

This message is associated with Microsoft 365 Roadmap ID 117557

[When this will happen:]

This change will begin rolling out in late March, and complete rollout by late May (previously late April).

We are updating the SharePoint Online Site Sharing backend to use Azure B2B Invitation Manager instead of the legacy SharePoint Invitation Manager.

This message is associated with Microsoft 365 Roadmap ID 117557

[When this will happen:]

This change will begin rolling out in late March, and complete rollout by late May (previously late April).

This message is associated with Microsoft 365 Roadmap ID 116739

[When this will happen:]

Preview: We will begin rolling out in late March and expect to complete rollout by early April.

Standard Release: We will begin rolling out in mid-April and expect to complete rollout by late April.

Changing business conditions often require adjustments to call queue/auto attendant greetings and announcements. However, it can be difficult to identify the right Teams admin to make these changes, and addressing high request volumes can be time-consuming for the responsible admins. With the introduction of user managed CQ/AA greetings for Teams Phone, authorized users (as identified by Teams tenant admins) can change greetings and announcements for their respective call queues and auto attendant directly from the user’s Teams settings, in the “Calls” settings. To implement this capability, tenant admins must select permissible greetings/announcement changes for a voice policy, and then authorize specific users in the Teams Admin Center.

This message is associated with Microsoft 365 Roadmap ID 116739

[When this will happen:]

Preview: We will begin rolling out in mid-April (previously late March) and expect to complete rollout by early May (previously early April).

Standard Release: We will begin rolling out in mid-May (previously mid-April) and expect to complete rollout by early June (previously late April).

We will continue sending message center alerts and provide details and resources to help your organization understand, prepare, and communicate these changes. We are excited to make available a rebranding kit that includes templates, logos and more that can help you communicate the change. These assets can be download - here

Yammer mobile apps (iOS/Android)

To help inform end users about this rebrand we have started rolling out an in-app banner messaging the upcoming change. The banner is simple, with no additional links provided in this banner.

No banner on the web surface will be displayed talking about this change.

The mobile app rebrand will start to rollout on April 3rd; all Yammer references in the app will be updated to Viva Engage. We will update the installed apps to the “Viva Engage” name and icon, updates may be automatic depending on your mobile phone settings.

iOS update on the left, Android on the right

The app name in the Google Play and App Store will be updated to “Viva Engage (Yammer)” and the icon will be updated to the Viva Engage icon. Search by “Yammer” will continue to display the app as the top result.

App Store update on the left, Google Play on the right

Once users see the mobile rebranded experience and launch the Viva Engage app, they will be greeted by an in-app pop up informing them of the brand change as well as the banner described above.

Yammer Communities app in Outlook

On March 31st the Viva Engage app in Outlook will start to be deployed for Current Channel users using Outlook for Windows, and targeted release users using Outlook on the web, where the Yammer Communities app is currently available. The Viva Engage app will simply replace the Yammer Communities app in the Outlook navigation bar. The experience will mirror the change in the Viva Engage app in Microsoft Teams delivered in August 2022.

Once users have the rebranded experience available, a popup will be displayed to announce the change.

Email notifications from Yammer and the Yammer Office 365 Connector will not be rebranded in this moment.

Yammer web, SharePoint integration and embed

Between the end of June and the beginning of July, the rebranding of the remaining Yammer surfaces will take place. We will be sending out additional communication regarding the final date and in-product announcements for the web rebranding soon. We understand the importance of giving our customers ample time to plan their communication campaigns around this change and our priority is to make the transition as seamless as possible while keeping our customers' needs at the forefront.

As announced last month in the MC514981, Yammer will be rebranding to Viva Engage this year to provide a consistent and delightful experience to our customers. We want to provide an update around dates and the in-product changes you can expect. As a reminder, the Yammer Communities app for Teams has already been rebranded to Viva Engage. We are now turning our attention to the mobile app (iOS & Android) and the Communities app for Outlook rebrand including their app icons and name.

We will continue sending message center alerts and provide details and resources to help your organization understand, prepare, and communicate these changes. We are excited to make available a rebranding kit that includes templates, logos and more that can help you communicate the change. These assets can be download - here

Yammer mobile apps (iOS/Android)

To help inform end users about this rebrand we have started rolling out an in-app banner messaging the upcoming change. The banner is simple, with no additional links provided in this banner.

No banner on the web surface will be displayed talking about this change.

The mobile app rebrand will start to rollout on April 3rd; all Yammer references in the app will be updated to Viva Engage. We will update the installed apps to the “Viva Engage” name and icon, updates may be automatic depending on your mobile phone settings.

iOS update on the left, Android on the right

The app name in the Google Play and App Store will be updated to “Viva Engage (Yammer)” and the icon will be updated to the Viva Engage icon. Search by “Yammer” will continue to display the app as the top result.

App Store update on the left, Google Play on the right

Once users see the mobile rebranded experience and launch the Viva Engage app, they will be greeted by an in-app pop up informing them of the brand change as well as the banner described above.

Yammer Communities app in Outlook

On March 31st the Viva Engage app in Outlook will start to be deployed for Current Channel users using Outlook for Windows, and targeted release users using Outlook on the web, where the Yammer Communities app is currently available. The Viva Engage app will simply replace the Yammer Communities app in the Outlook navigation bar. The experience will mirror the change in the Viva Engage app in Microsoft Teams delivered in August 2022.

Once users have the rebranded experience available, a popup will be displayed to announce the change.

Email notifications from Yammer and the Yammer Office 365 Connector will not be rebranded in this moment.

Yammer web, SharePoint integration and embed

Between the end of June and the beginning of July, the rebranding of the remaining Yammer surfaces will take place. We will be sending out additional communication regarding the final date and in-product announcements for the web rebranding soon. We understand the importance of giving our customers ample time to plan their communication campaigns around this change and our priority is to make the transition as seamless as possible while keeping our customers' needs at the forefront.

The Microsoft Entra admin center is available today at http://entra.microsoft.com, and we encourage you to explore it in preparation for the full migration.

The Microsoft Entra admin center is available today at http://entra.microsoft.com, and we encourage you to explore it in preparation for the full migration.

https://learn.microsoft.com/en-us/entra/

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/new-admin-center-unifies-azure-ad-with-other-identity-and-access/ba-p/2792595

If you have public IPv6 addresses representing your network, take the actions that are described in the following sections as soon as possible.

Customers who use named locations to identify specific network boundaries in their organization, need to:

Conduct an audit of existing named locations to anticipate potential impact;

Work with your network partner to identify egress IPv6 addresses in use in your environment.;

Review and update existing named locations to include the identified IPv6 ranges.

Customers who use Conditional Access location based policies, to restrict and secure access to their apps from specific networks, need to:

Conduct an audit of existing Conditional Access policies to identify use of named locations as a condition to anticipate potential impact;

Review and update existing Conditional Access location based policies to ensure they continue to meet your organization’s security requirements.

Failing to follow these steps might result in the following impact:

Users of IPv6 addresses may be blocked, depending on your organization's Conditional Access policies and Identity Protection configurations.

False positive detections due to 'Mark as trust location' not being checked for your internal networks and VPN’s can result in users being marked as risky.

We will continue to share additional guidance on IPv6 enablement in Azure AD here: IPv6 Support in Azure Active Directory.

Learn more about Microsoft identity:

Get to know Microsoft Entra – a comprehensive identity and access product family

Return to the Microsoft Entra (Azure AD) blog home

Share product suggestions on the Entra (Azure AD) forum

https://aka.ms/azureadipv6

https://feedback.azure.com/d365community/forum/22920db1-ad25-ec11-b6e6-000d3a4f0789

https://learn.microsoft.com/azure/active-directory/conditional-access/location-condition

https://learn.microsoft.com/azure/active-directory/conditional-access/location-condition#ip-address-ranges

https://techcommunity.microsoft.com/t5/azure-active-directory-identity/bg-p/Identity

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/introducing-microsoft-entra-modern-identity-and-access-solutions/ba-p/2520440

If you have public IPv6 addresses representing your network, take the actions that are described in the following sections as soon as possible.

Customers who use named locations to identify specific network boundaries in their organization, need to:

Conduct an audit of existing named locations to anticipate potential impact;

Work with your network partner to identify egress IPv6 addresses in use in your environment.;

Review and update existing named locations to include the identified IPv6 ranges.

Customers who use Conditional Access location based policies, to restrict and secure access to their apps from specific networks, need to:

Conduct an audit of existing Conditional Access policies to identify use of named locations as a condition to anticipate potential impact;

Review and update existing Conditional Access location based policies to ensure they continue to meet your organization’s security requirements.

Failing to follow these steps might result in the following impact:

Users of IPv6 addresses may be blocked, depending on your organization's Conditional Access policies and Identity Protection configurations.

False positive detections due to 'Mark as trust location' not being checked for your internal networks and VPN’s can result in users being marked as risky.

We will continue to share additional guidance on IPv6 enablement in Azure AD here: IPv6 Support in Azure Active Directory.

Learn more about Microsoft identity:

Get to know Microsoft Entra – a comprehensive identity and access product family

Return to the Microsoft Entra (Azure AD) blog home

Share product suggestions on the Entra (Azure AD) forum

https://aka.ms/azureadipv6

https://feedback.azure.com/d365community/forum/22920db1-ad25-ec11-b6e6-000d3a4f0789

https://learn.microsoft.com/azure/active-directory/conditional-access/location-condition

https://learn.microsoft.com/azure/active-directory/conditional-access/location-condition#ip-address-ranges

https://techcommunity.microsoft.com/t5/azure-active-directory-identity/bg-p/Identity

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/introducing-microsoft-entra-modern-identity-and-access-solutions/ba-p/2520440

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/ipv6-coming-to-azure-ad/ba-p/2967451

For example, you have mailboxes with the recipient domain contoso.com, which domain has it's MX record pointed directly to Office 365. (contoso-com.mail.protection.outlook.com). In this scenario Office 365 will automatically send DMARC aggregate reports to all email sender domain owners which has a valid RUA address defined in their domain DMARC record.

If contoso.com MX record pointed to a different email security solution in front of Office 365, Office 365 will not send DMARC aggregate reports to any sender domains RUA address configured in their DMARC record as the information we see about the sending infrastructure is likely to have been affected by the complex mail flow routing.

You can learn more about DMARC here

https://learn.microsoft.com/microsoft-365/security/office-365-security/email-authentication-dmarc-configure?view=o365-worldwide

https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=109535

For example, you have mailboxes with the recipient domain contoso.com, which domain has it's MX record pointed directly to Office 365. (contoso-com.mail.protection.outlook.com). In this scenario Office 365 will automatically send DMARC aggregate reports to all email sender domain owners which has a valid RUA address defined in their domain DMARC record.

If contoso.com MX record pointed to a different email security solution in front of Office 365, Office 365 will not send DMARC aggregate reports to any sender domains RUA address configured in their DMARC record as the information we see about the sending infrastructure is likely to have been affected by the complex mail flow routing.

You can learn more about DMARC here

https://learn.microsoft.com/microsoft-365/security/office-365-security/email-authentication-dmarc-configure?view=o365-worldwide

https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters=&searchterms=109535

Excel is blocking untrusted XLL add-ins by default

https://support.microsoft.com/topic/excel-is-blocking-untrusted-xll-add-ins-by-default-1e3752e2-1177-4444-a807-7b700266a6fb

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=115485

Excel is blocking untrusted XLL add-ins by default

https://support.microsoft.com/topic/excel-is-blocking-untrusted-xll-add-ins-by-default-1e3752e2-1177-4444-a807-7b700266a6fb

https://www.microsoft.com/en-us/download/details.aspx?id=49030

https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=115485

If you choose to enable the Loop app:

To prepare for the Loop App's release, you can start by enabling it for your organization today, which will make it available the moment the public preview begins. The Loop app availability is controlled via Microsoft Cloud Policy. You can learn more about Cloud Policy here: Overview of Cloud Policy service for Microsoft 365

Target your audience by first creating a Security Group:

Cloud Policy requires you to first create a Security Group for all the users you want to deploy your settings to, then define the settings. See this article if you want to create a dynamic Security Group to include every person in your organization: Dynamic groups and B2B collaboration

Use Cloud Policy to deploy the Loop setting to that Security Group:

If you're not already familiar, here's an article that helps you get onboarded quickly to Cloud Policy: How to secure your remote workers with Office Cloud Policy Service (microsoft.com)

Follow these steps for the Loop app in this administrator article: Manage Loop experiences (Loop app and Loop components) in SharePoint.

You can learn more about Loop here: https://loop.microsoft.com/. The Loop app itself comes with a rich onboarding workspace that teaches you about the capabilities and suggests ways to get started quickly.

Note: Loop components in the Microsoft 365 ecosystem such as Teams, Outlook, Word, are administrator controlled separately from the Loop app. These additional settings are covered in the same administrator article as the Loop app settings here: Manage Loop experiences (Loop app and Loop components) in SharePoint.

https://learn.microsoft.com/azure/active-directory/external-identities/use-dynamic-groups

https://learn.microsoft.com/deployoffice/admincenter/overview-cloud-policy

https://learn.microsoft.com/sharepoint/manage-loop-components

https://learn.microsoft.com/sharepoint/manage-loop-components#settings-management-for-loop-app

https://techcommunity.microsoft.com/t5/microsoft-365-blog/how-to-secure-your-remote-workers-with-office-cloud-policy/ba-p/1308579

If you choose to enable the Loop app:

To prepare for the Loop App's release, you can start by enabling it for your organization today, which will make it available the moment the public preview begins. The Loop app availability is controlled via Microsoft Cloud Policy. You can learn more about Cloud Policy here: Overview of Cloud Policy service for Microsoft 365

Target your audience by first creating a Security Group:

Cloud Policy requires you to first create a Security Group for all the users you want to deploy your settings to, then define the settings. See this article if you want to create a dynamic Security Group to include every person in your organization: Dynamic groups and B2B collaboration

Use Cloud Policy to deploy the Loop setting to that Security Group:

If you're not already familiar, here's an article that helps you get onboarded quickly to Cloud Policy: How to secure your remote workers with Office Cloud Policy Service (microsoft.com)

Follow these steps for the Loop app in this administrator article: Manage Loop experiences (Loop app and Loop components) in SharePoint.

You can learn more about Loop here: https://loop.microsoft.com/. The Loop app itself comes with a rich onboarding workspace that teaches you about the capabilities and suggests ways to get started quickly. The Loop App is free during public preview. Pricing and licensing requirements for the Loop App post-preview are yet to be determined.

Note: Loop components in the Microsoft 365 ecosystem such as Teams, Outlook, Word, are administrator controlled separately from the Loop app. These additional settings are covered in the same administrator article as the Loop app settings here: Manage Loop experiences (Loop app and Loop components) in SharePoint.

https://learn.microsoft.com/azure/active-directory/external-identities/use-dynamic-groups

https://learn.microsoft.com/deployoffice/admincenter/overview-cloud-policy

https://learn.microsoft.com/sharepoint/manage-loop-components

https://learn.microsoft.com/sharepoint/manage-loop-components#settings-management-for-loop-app

https://techcommunity.microsoft.com/t5/microsoft-365-blog/how-to-secure-your-remote-workers-with-office-cloud-policy/ba-p/1308579