Updated 1 hour ago

Essential Microsoft 365 Admin Blog Picks: 2024 Edition

by Praba

9 min read

No Comments
Table of Contents

As we step into 2025, we wanted to take a moment to revisit the blogs that made the most impact throughout 2024. This collection showcases a wide variety of topics, from the latest security enhancements in Microsoft 365 to deep dives into newly released features. Alongside the feature updates, we highlight essential PowerShell scripts and best practices for admins designed to improve your workflow. Whether you’re a Microsoft 365 admin or just interested in learning more, these blogs offer actionable insights you can’t miss! 🎉

Top Microsoft 365 Admin Blogs of 2024

Explore the most popular Microsoft 365 admin blogs from Office 365 Reports in 2024, thoughtfully categorized for easy navigation.

Best Security Practices for Microsoft 365 Admins

1. Find the Essential Settings You Must Block for External Users

External collaboration is essential for modern businesses, but without proper security measures, it can create vulnerabilities. By restricting specific settings for external users in Microsoft 365, such as limiting channel creation, blocking file downloads, or preventing re-sharing of documents, organizations can enhance security. This approach balances the need for collaboration with robust data protection.

Explore the checklist of essential settings you must block for external users across Microsoft 365 services, including Exchange Online, SharePoint Online, OneDrive, MS Teams, and Entra ID.

2. Limit User’s Access to PowerShell and Graph API to Protect Entra ID Data

By default, non-admin users can view sensitive directory details, such as user and group information, through the Entra ID portal, PowerShell, and Graph API Explorer. Although they cannot modify any data, this exposure increases the risk of attackers using compromised low-level accounts to gather information.

So, restrict user access to Graph PowerShell and Azure AD PowerShell to enhance your organization’s security posture.

3. Best Practices for Sharing Files and Folders with Unauthenticated Users

Organizations may need to share non-sensitive files with external parties or distribute public content. While this supports collaboration, it also increases the chances of accidental or intentional data leaks. Simply disabling external sharing doesn’t always address the issue and can impact workflow.

Learn how to securely share files and folders with unauthenticated users by following the best practices that protect your data while ensuring smooth collaboration.

PowerShell scripts for Seamless Administration

1. Audit File Activities in SharePoint Online

Sharing files in the organization drives collaboration, but it’s critical to monitor activities like deletion, downloads, and permission changes to ensure data security. Though native solutions have the capabilities to monitor file activities in SharePoint and OneDrive, getting detailed insights often requires extra effort. You need to navigate to each event to get more detailed information about the activity, which is a time-consuming process too.

To overcome this, we have developed a PowerShell script to audit file activities in SharePoint Online. This script enables admins to save time and enhance security by providing comprehensive reports in a single click, covering file creations, deletions, modifications, access, and all file-related activities.

2. Audit Shared Mailbox Activities

Shared mailboxes simplify email management for tasks like customer inquiries or sales. However, monitoring shared mailbox activities such as soft/hard delete, move, send on behalf, and more is crucial for security. While tools like audit logs and PowerShell are helpful, they can’t filter shared mailbox-specific activities effectively.

To simplify this, we’ve created a PowerShell script to track shared mailbox activities in Microsoft 365 with ease.

3. Get Shared Mailbox Size in Microsoft 365

Shared mailboxes offer centralized access and streamline organization-wide coordination without requiring additional licenses. But exceeding storage limits can lead to the need for extra Exchange licenses. Monitoring mailbox size is key to preventing storage issues and unnecessary costs.

Check out the custom PowerShell script developed to export the shared mailbox size report, for efficient shared mailbox management and capacity planning.

4. Audit and Report Group Membership Changes in Microsoft 365

Tracking group membership changes is essential for security and compliance. Member or owner additions/removals can pose risks, so monitoring these changes helps address suspicious activity and maintain accountability.

Discover the options available to monitor group membership changes and how a comprehensive PowerShell script can generate 10+ detailed reports for efficient auditing.

5. Export the Guest User’s Last Logon Time Report

Effective access management in Microsoft 365 begins with monitoring guest user activity. Tracking the last login of guest users helps identify inactive accounts, minimize unnecessary access, and address potential security risks. However, Microsoft 365 lacks a direct feature to export this information.

To address this limitation, we have crafted a user-friendly PowerShell script to export guest users’ last login times with ease. You can also filter inactive users by specifying inactivity days.

6. Find If the User’s License is Assigned Directly or Inherited from a Group

Microsoft 365 licenses can be assigned directly to individual users or inherited through group memberships. To avoid unnecessary license costs, it’s essential for admins to remove duplicate direct licenses when group-based licenses are already in place.

Understanding these assignment methods is vital for efficient license management and proper access control. Use our PowerShell script to determine Microsoft 365 user’s license assignment path and optimize license usage.

7. Find Inactive Distribution Groups in Microsoft 365

Microsoft 365 distribution lists (DLs) make it easy to email large groups. However, as projects end and teams change, some DLs become inactive, creating unnecessary clutter and potential security concerns. Unfortunately, admins can’t directly identify inactive DLs in Exchange Online.

Relying on the message trace report can be tedious, as it covers all group types and tracks only activity for 90 days. To simplify this, we have created a PowerShell script to find inactive periods of each distribution list.This script will provide you the exact number of inactive days for each DL in the organization.

8. Identify MFA Deployment Source in Microsoft 365

Multi-factor authentication (MFA) is crucial for securing Microsoft 365, but it often leads to challenges like frequent prompts, login failures, and access issues. These problems can be hard to diagnose without knowing the root cause. The key to resolve these challenges lies in understanding the source of MFA deployment.

Execute the PowerShell script to generate MFA deployment source report for getting Microsoft 365 users and other CA policies related information.

9. Get User Registered MFA Methods in Microsoft 365

MFA is a key to secure Microsoft 365 environments, and administrators need to monitor user’s authentication methods to ensure proper configuration. However, Microsoft Entra admin center lacks filtering options for admins or licensed users, and it may time out or fail when downloading data for very large tenants.

To make it easier, we’ve developed a PowerShell script to track users’ registered MFA methods and system-preferred MFA details quickly.

10. Set Up an Email Signature in Microsoft Outlook

Email signatures in Microsoft Outlook are vital for branding, compliance, and professional communication. However, setting up organization-wide email signature via mail flow rule is a time-consuming process as it requires multiple steps.

To address this issue, we offer a PowerShell script that enables admins to create and deploy email signatures for all or specific mailboxes in Outlook easily.

11. Export Enterprise Apps and Their Owners in Microsoft 365

Identifying the owners of enterprise applications in Microsoft Entra is crucial for proper delegation and accountability. Without knowing who’s responsible for each app, admins can struggle to manage permissions, troubleshoot issues, or ensure security compliance.

Traditional methods for checking app owners can be slow, requiring manual checks or running cmdlets for each app. To address this challenge, here comes a PowerShell script where you can export all enterprise applications and their owners in no time.

12. Get Non-Compliant Shared Mailboxes in Microsoft 365

A shared mailbox becomes non-compliant when its direct sign-in is enabled without a proper Exchange Online license. Typically, shared mailboxes don’t require a license unless features such as archiving, storage beyond 50 GB, or retention policies are enabled. However, signing into an unlicensed shared mailbox is a direct violation of Microsoft’s licensing terms.

Identify and address any non-compliant shared mailboxes in your organization to prevent license policy violations.

13. Track Microsoft Teams Meetings Attended by a Specific User

As organizations increasingly rely on Teams for collaboration, understanding how much time team members spend in meetings is crucial for productivity and resource planning. However, native tools like the Teams admin center provide data only for the last 7 days. Audit logs fall short by not showing meeting durations or attendee types.

To get around these limitations, use the custom PowerShell script to retrieve Teams meeting attended by a specific user in the past 180 days or any custom period.

14. Find file Version History in SharePoint Online

File version history in SharePoint allows you to track document changes, see who made updates, and access past versions. Microsoft is actively improving version control features in SharePoint & OneDrive , making document management easier.

Since version history contributes to SharePoint Online storage quota, monitoring its size is crucial to avoid storage-related issues. Use the PowerShell script to quickly export the version history of SPO files within specific sites.


Strategic Free Tools for Microsoft 365 Management

1. Unlock Hassle-Free Microsoft 365 Management with Microsoft365DSC Tool

Managing Microsoft 365 settings, monitoring their changes, and migrating configurations between tenants often feels overwhelming with traditional tools and scripts. Luckily, Microsoft offers the Microsoft365 DSC tool to help you manage settings, monitor setting changes, automate tasks, etc. —the best part? It’s FREE!

Discover how to manage Microsoft settings using the Microsoft365DSC tool now!

2. Monitor Microsoft 365 Security Settings Effectively with Maester

In a world where cyberattacks are constant, merely configuring security settings in Microsoft 365 isn’t enough —it demands proper monitoring! Enter Maester, an open-source, PowerShell-based test automation framework crafted to revolutionize how admins monitor their tenant’s security configurations.

Try Maester to monitor Microsoft 365 security settings better. It’s a free tool born out of extensive research, raised to refurnish the way we monitor crucial security settings.

New Features and Major Updates You Can’t Miss

1. Boost Email Capacity with High Volume Email in Exchange Online

For organizations that need to send large numbers of emails daily, Exchange Online standard limits can be restrictive. High Volume Email (HVE) addresses this by allowing up to 100,000 emails per day—10 times the standard limit. It’s especially essential for businesses handling bulk email communications. Currently in public preview, HVE also lets you send emails to up to 2,000 external participants per day.

Check out the blog on High Volume Email in Exchange Online to learn more about its functionality and rollout dates.

2. Easily Track Changes to Conditional Access Policies with Microsoft Entra ID

Microsoft 365 security relies on Conditional Access (CA) policies to manage access and protect data. Previously, tracking changes to CA policies in Microsoft 365 was complex, with limited insights from audit logs. However, with Microsoft’s new enhancement, admins can now easily monitor these changes and troubleshoot any policy misconfigurations.

Learn how to view changes to Conditional Access policies and resolve the required ones effectively.

3. Get More Control Over Quarantine End User Allow and Block List Management

Exchange Online quarantine feature serves as a protective barrier against harmful emails by keeping them out of their inboxes. Once exclusively managed by admins, users now have more control, including the ability to request releases, preview messages, and block senders to enhance email security. The latest enhancement allows users not only to block suspicious senders but also to approve trusted senders, further strengthening email security.

Explore Microsoft’s updated quarantine end user allow and block list management feature now.

4. Microsoft Entra Suite Became Generally Available

Hybrid work has transformed how teams collaborate, but it also brings increased security challenges like phishing, ransomware, and data breaches. Organizations need a seamless way to protect sensitive data while enabling secured access for authorized users. Microsoft Entra Suite, now generally available, offers a unified security solution to address these challenges.

Combining advanced identity and network protection, learn how Microsoft Entra suite supports secured access across cloud and on-premises applications. It helps verify users, prevent excessive permissions, detect threats, and enforce detailed access controls for all users and resources.

Blogs Preferred by Microsoft 365 Admins

1. Creating a Free Microsoft 365 Dev Tenant is Not Possible

Previously, any user could create free E5 test tenants through the Microsoft 365 Developer Program to explore Microsoft 365 features. However, Microsoft has now restricted this option to Visual Studio Enterprise subscribers due to security concerns. While existing E5 subscriptions remain unaffected, Microsoft recommends using single license plans for new testing purposes.

Discover the details behind why free Microsoft 365 Dev tenant creation is not possible anymore and its implications for developers and organizations.

2. Automate Email Signature Setup in Microsoft Outlook

Email signatures in Microsoft Outlook ensure branding and compliance, but manual overrides by users can disrupt professionalism. To simplify this, we’ve created a PowerShell script that automates signature setup, ensuring uniformity in email communications.

Explore how admins can automate email signature setup in Outlook, saving time while enhancing efficiency and consistency.

As we wrap up our 2024 recap of Microsoft 365 admin blogs, we’re thrilled to share the top-rated insights from o365reports. Your engagement inspires us to continue delivering content that matters.

Stay tuned for more updates on Microsoft 365 features and security enhancements in 2025. Don’t forget to explore o365reports.com and share your thoughts in the comments.

Here’s to another year of collaboration and discovery. Thank you for being part of our journey! 🚀

Share article