Microsoft M365 F3 licensing Limitations and Confusion

 If you are working in regulated environment you could be dealing with F3 license for some of your users and I am sure you have read MS license agreement making below bold statement on numerous articles about F3 license features.

From MS license agreement, ⁶F3 includes Office for Web and mobile apps only.

Office mobile limited to devices with integrated screens 10.1” diagonally or less”. ⁷F3 includes 2GB inbox only, No Outlook Integration, no Voicemail

Above statement is incorrect/misleading and needs to be corrected. PG needs to make sure, the information pertaining for license agreement does have clear wording on the licensing documentation explaining the difference Volume license version or MAK keys and Office web versions behavior so that customers can continue to prepare M365 migrations with correct business needs/requirements.

If you have volume license Outlook and OneDrive tick clients your F3 licensed users will be able to use them and there is no reason to force them to use OWA or OneDrive Web versions, until your organization is ready to transition to use Office apps that are being provided to your tenant part of your organization M365 subscription.

License agreement

https://www.microsoft.com/en-us/microsoft-365/enterprise/f3?activetab=pivot%3aoverviewtab

 

Azure Solutions Architect
AWS Certified Cloud Practitioner
Azure Certified Security Engineer Associate
https://simplepowershell.blogspot.com
https://cloudsec365.blogspot.com
https://msazure365.blogspot.com
https://twitter.com/Message_Talk

 

One Drive For Business Best Practices for Enterprise Environments.

One Drive For Business Best Practices for Enterprise Environments.

ODFB (One Drive For Business) Group policy settings. Most the business moving into M365 and its offered services for known reasons over the years. For large enterprises process of course will take time and correct Engineering and deep design to make sure your business is getting the most out of such services. One of the services offered is ODFB, and I assume you are reading this because you would like to perhaps revisit your design or plan it correctly.

I will list available GPO settings for ODFB and which ones you must deploy without any hesitation from get go.

 

Order	List of policies
1	Allow OneDrive to disable Windows permission  inheritance in folders synced read-only
2	Allow syncing OneDrive accounts for only specific organizations
3	Allow users to choose how to handle Office file sync conflicts
4	Block file downloads when users are low on disk space
5	Block syncing OneDrive accounts for specific organizations
6	Coauthor and share in Office desktop apps
7	Configure team site libraries to sync automatically
8	Continue syncing on metered networks
9	Continue syncing when devices have battery saver mode turned on
10	Convert synced team site files to online-only files
11	Disable the tutorial that appears at the end of OneDrive Setup
12	Enable automatic upload bandwidth management for OneDrive
13	Limit the sync app download speed to a fixed rate
14	Limit the sync app upload rate to a percentage of throughput
15	Limit the sync app upload speed to a fixed rate
16	Prevent the sync app from generating network traffic until users sign in
17	Prevent users from changing the location of their OneDrive folder
18	Prevent users from fetching files remotely
19	Prevent users from moving their Windows known folders to OneDrive
20	Prevent users from redirecting their Windows known folders to their PC
21	Prevent users from syncing libraries and folders shared from other organizations
22	Prevent users from syncing personal OneDrive accounts
23	Prompt users to move Windows known folders to OneDrive
24	Prompt users when they delete multiple OneDrive files on their local computer
25	Receive OneDrive sync app updates on the Deferred ring
26	Require users to confirm large delete operations
27	Set the default location for the OneDrive folder
28	Set the maximum size of a user's OneDrive that can download automatically
29	Set the sync app update ring
30	Silently move Windows known folders to OneDrive
31	Silently sign in users to the OneDrive sync app with their Windows credentials
32	Use OneDrive Files On-Demand
33	Warn users who are low on disk space

 

Following link will provide details for above GPOs

https://docs.microsoft.com/en-us/onedrive/use-group-policy#list-of-policies

 

Now which GPO set you need to use get go? Invest time to understand below policies, most polices listed below makes the most sense for most of the organizations. GPO # 1 and GPO# 9 would be two most critical GPO you would want to deploy at the least for obvious reasons.

GPO Order	List of policies
1	Allow syncing OneDrive accounts for only specific organizations
2	Enable automatic upload bandwidth management for OneDrive
3	Prevent users from changing the location of their OneDrive folder
4	Prevent users from syncing personal OneDrive accounts
5	Prompt users to move Windows known folders to OneDrive
6	Prompt users when they delete multiple OneDrive files on their local computer
7	Require users to confirm large delete operations
8	Silently sign in users to the OneDrive sync app with their Windows credentials
9	Use OneDrive Files On-Demand
10	Warn users who are low on disk space

 

Good luck with your deployment and if you need any assistance fell free to reach out.

Azure Solutions Architect
AWS Certified Cloud Practitioner
Azure Certified Security Engineer Associate
https://simplepowershell.blogspot.com
https://cloudsec365.blogspot.com
https://msazure365.blogspot.com
https://twitter.com/Message_Talk

Robocopy files from source to destination;

Robocopy files from source to destination;

In times, you might need to move folders/files from location A to location B. Following server will be perfect fit for the mission. When running the script you will need to adjust two variables

 

#(1)_. Add vars, surce and destination $dataSouce   = '\\SourceServer\d$\Scripts\' $dataDestin  = '\\DestinServer\d$\'

 

The Function I have created called “Function-RoboCopy.ps1” will use following variables.

Function-RoboCopy -SourcePath $dataSouce -DestinationPath $dataDestin -LogPath $LogFile

 

Rest of the script is also pretty easy to read. I will be adding few other functions to make sure source exist, , script will stop is it does not. Destination folder will also be created, assuming path is accessible.

Here it comes;

 

#(1)_. Add vars, surce and destination $dataSouce   = '\\SourceServer\d$\Scripts\' $dataDestin  = '\\DestinServer\d$\'   #(2)_.Construct Log file $timestamp = (Get-Date -format 'dd-MMM-yyyy-HH-mm-ss-') $fileName  = 'RoboCopy.LOG' $logname   = $timestamp+$Filename  $LogFile   = ($dataDestin +$logname )     #(3)_.Function-Check-Source if does not exist, stop    Function Function-Check-Source{     [CmdletBinding()]   param(     [parameter(      Mandatory         = $true,      ValueFromPipeline = $true)]       [string]$SourcePath)   Try{     If (!(Test-Path $dataSource)){      Write-Host 'CANNOT locate file' -ForegroundColor White -BackgroundColor Red      Write-Host 'Script will stop' -ForegroundColor Yellow      break;      }     }catch{        $errormessage = $($PSItem.ToString())     Write-Warning 'Error has occoured'     Write-host 'Problem FOUND:' $errormessage -ForegroundColor Red -BackgroundColor Black    } }

 

#(4)_.Function to check/create destination folder    Function Function-create-ReportFolder{     [CmdletBinding()]   param(     [parameter(      Mandatory         = $true,      ValueFromPipeline = $true)]       [string]$ReportPath)   Try{   if (!(Test-Path -Path $ReportPath)) {   New-Item -Type Directory -Path $ReportPath -ErrorAction Stop | Out-Null }   }catch{        $errormessage = $($PSItem.ToString())     Write-Warning 'Error has occoured'     Write-host 'Problem FOUND:' $errormessage -ForegroundColor Red -BackgroundColor Black    } }

 

 

 

#(5)_.Function-Copy-Scripts source/Destination    function Function-RoboCopy{     [CmdletBinding()]   param(   [Parameter(Mandatory=$True)]   [String]$SourcePath,   [String]$DestinationPath,   [String]$LogPath     )       $Options   = ("/B","/MIR", "/XJ", "/FFT", "/R:0", "/LOG:$LogFile")        Try{           Write-host 'Starting RoboCopy now' -fore Green         robocopy $SourcePath $DestinationPath $Options           }Catch{             $errorcode = $($PSItem.ToString())           Write-Warning 'Error has occoured'           Write-host "Problem FOUND: $errorcode" -f red -b White         }   }

 

 

 

#(6)_.Run function check source    Function-Check-Source -SourcePath $dataSour1e   #(7)_.Run Function-create-ReportFolder     Function-create-ReportFolder -ReportPath $Destin   #(8)_.Function-RoboCopy    Function-RoboCopy -SourcePath $dataSouce -DestinationPath $dataDestin -LogPath $LogFile

 

 

 

Azure Solutions Architect
AWS Certified Cloud Practitioner
Azure Certified Security Engineer Associate
https://simplepowershell.blogspot.com
https://cloudsec365.blogspot.com
https://msazure365.blogspot.com
https://twitter.com/Message_Talk