With Delegate365 version 7.3 a new reporting engine was introduced. With this update, additional reports are available in Delegate365 version 7.4. The new reports deliver a new report category with risk events, as for example impossible travel risk events or suspicious IP risk events, new Microsoft Teams statistics reports and more. Also, OneDrive usage per user and Shared-With information is now available as a report. Mail Enabled Security Groups can now be assigned with permissions in Resources (rooms and equipment mailboxes) and Shared Mailboxes. See the details and descriptions of all reports here.
- Important: Since the new reports require additional permissions in the Office 365 tenant, a Global Administrator needs to run a new Delegate365 setup once. Please see Delegate365-(Re)run the setup for a step-by-step manual. This step is necessary after the update to Delegate365 v7.4 was done.
You need to have a Global Administrator without MFA enabled to run the setup and to accept the new Delegate365 consent:
So, after the setup, login with the Global Administrator and accept the new consent for all users in your tenant – otherwise no one can sign-in and use the Delegate365 app.
- Additional reports "Risk events": The list of available reports now offers six new reports showing threads to the Office 365 tenants – filtered just for the entitled OU’s of the signed-in administrator.
See Azure Active Directory risk events for info about the protocolled risk events in an Office 365 tenant.
- Additional reports "Microsoft Teams": This is a new group offering two reports from Microsoft Teams.
- Available reports: With Delegate365 version 7.4, the following reports are available. (NEW) indicates new reports compared to v7.3. See all reports with a short description and a sample output summarized here (click on the image to enlarge it).
- Risk Events (NEW)
- Anonymous IP Risk Events (NEW)
This report shows successful logins from anonymous proxy IP address that could be used to hide the real device’s IP address for malicious intent.
- Impossible Travel Risk Events (NEW)
This report shows sign-ins from geographically distant locations, that are also atypical for the user, given past behavior.
- Leaked Credentials Risk Events (NEW)
The Microsoft leaked credentials service acquires username and password pairs by monitoring public and dark web sites and reports stolen credentials in that report.
- Malware Risk Events (NEW)
This report shows sign-ins from devices infected with malware, that are known to actively communicate with a bot server by IP address comparisons.
- Suspicious IP Risk Events (NEW)
This reports shows IP addresses from which a high number of failed sign-in attempts were seen, across multiple user accounts, over a short period of time.
- Unfamiliar Location Risk Events (NEW)
After an initial learning period of 30 days,this reports shows user logins from unfamiliar locations not close to known, familiar locations.
- Anonymous IP Risk Events (NEW)
- Office 365
- Office 365 active user detail
This reports shows all users that are active (not deleted) and their current licenses status and the last activity date per service.
- Office 365 groups activity detail
This report shows the usage of the Office 365 groups, the storage size in SharePoint, number of messages in Exchange, last activity date and more – all you need to know about your Office 365 groups.
- Office 365 activations user detail
This report delivers activated Office 365 licenses per user. If more information is existing, the license activation date and installed clients are shown.
- Office 365 active user detail
- Microsoft Teams (NEW)
- Teams device usage user detail (NEW)
Shows the devices used for accessing Microsoft Teams per user for the selected time period.
- Teams user activity user detail (NEW)
This report delivers the users and when they last accessed Microsoft Teams. Additionally, the assigned user licenses are shown.
- Skype for Business
- Skype for business activity user detail
This reports shows Skype for Business statistics per user, for example the number of conferences, the sum of minutes consumed, the number and date of the last participations and much more.
- Yammer activity user detail
This report shows the last activity date per user and the number of posts written, read and liked in the selected time period.
- SharePoint activity user detail
This report shows the last activity date per user and the number of files and pages visited in the selected time period in SharePoint Online.
- OneDrive activity user detail
This report shows the last activity date per user and the number of files accessed and how many files have been shared in the selected time period in OneDrive for Business.
- Outlook activity user detail
This report shows the last activity date per user and the number emails sent and received and read in the selected time period in Exchange Online.
- Outlook app usage user detail
This report delivers which apps users are using for accessing their mailbox, including clients, Web, IMAP, SMTP and POP3.
- Outlook usage detail
This reports delivers detailed information about mailbox usage as the mailbox size and number of items, the quota and warning limits per user in the selected time period.
- OneDrive files report generation: In the users list, a new menu is available for the selected user: Report OneDrive files generates a report about all files of the user that are existing in the personal OneDrive for Business storage and what files are shared with whom. A use case for this report is that if a user leaves the organization, the admin can see what files have been shared with other users. Then, these common files could be transferred to another user’s OneDrive, SharePoint site or similar. So, the report shows these shared files as well.
A pane opens asking for a notification email address. The signed-in admin is automatically existing in the email field. The generation of the report can take a longer time, if the user has thousands files stored, each file must be checked and looked up, if it was shared or not. So, a notification makes sense in most cases to see the report, when it’s available.
When clicking Submit, the report engine gets a new job and the OneDrive files report task is visible in the reports menu in the Scheduled reports box.
Once generated, the report can be found in the Finished reports box where it can be downloaded.
- OneDrive files report result: The OneDrive files generated reports delivers all files of the user’s OneDrive storage. The report shows one (or more) line(s) per file with name, path, size, and modified date and with whom the file is shared with.
Basically, SharedWith always shows the file owner, in this sample, AdeleV. If the file is shared with other users, there is a line for each user with his Roles is added to the report as seen here.
The WebURL allows to open a file directly with the Office Web apps to have a quick look at the file (if the user has permissions). ParentPath shows the location of the file in the folder structure to find it easily. So, this report delivers all files and their status of a user’s OneDrive storage.
In Excel, filtering is simple: If you want to see all shared with, filter the Roles for all other roles as "owner", here only "read":
Then Excel shows just the other users and the files they have access to. Excel provides more methods for summarizing, grouping and pivoting if needed.
- Support for group membership: In Office 365, it’s possible to add a Mail Enabled Security Group as member to user’s mailboxes, as delegated user in Resources (rooms and equipment mailboxes) and Shared Mailboxes. This does not work for other group types (see Working with Exchange Mailboxes and Groups as members), but for Mail Enabled Security Group only. So, this feature has been added to Delegate365. With this update, it’s possible to select a Mail Enabled Security Group from the people picker as well.
- Using group membership: You can create a new Mail Enabled Security Group in Delegate365 in groups / distribution groups (basically, a Mail Enabled Security Group is a Distribution Group in Office 365). Ensure that the "Mail enabled security group" switch is set to Yes.
Tip: Since this is an Exchange object, it can take some minutes, until the new group is visible.
Then, the (new) Mail Enabled Security Group can be added as member for a user’s mailbox delegation. In this sample, we assign the group "MailEnabledSecurityGroup1" with the permission Full Access to AdeleV’s mailbox. All members of that group have access to that mailbox.
The same functionality is available for Resources and Shared Mailboxes as well.
This new group-as-member feature is compliant with Office 365 and simplifies management and allows all members of the assigned group to access the mailboxes.
- Fixes: Some labels and descriptions have been updated and the CSV and Excel download icons have been changed.
Delegate365 version 7.4 provides additional reports and new features. The update time will be planned accordingly with our customers. New Delegate365 tenants will get this version automatically starting by end of February.