Delegate365 version 3.5 is another major release. There are many new features like support for resources/rooms, contacts, sync-updates, support for restoring soft deleted users, management of members of all OU’s, mailbox delegation, user’s MFA when creating users, new restrictions for licenses for admins and some more updates.
Let’s start with the description of the last changes.
- Delegate365 version 3.5 comes with the new dashboard we updated in version 3.4.
- Users / new user: Now it’s possible to set Multi factor Authentication immediately when creating a new user. Simply set the MFA dropdown and save the new user.
Info: With MFA the user creation can take some seconds.
In previous versions the user needed to be created first and MFA could only be activated later with editing.
- Contacts: have been added and work with the same OU security concept as all other objects in D365. The list shows all contacts within the same OU as the admin.
The edit consists of some contact fields and the OU-assignment.
- Meeting Rooms: The same applies to meeting rooms (Resource Mailboxes):
The edit form looks like in this screenshot:
- Assignments: Since all objects coming from AAD should be assigned to specific OU’s by the portal administrators there now exist menu links for accomplishing these assignments in the administration menu.
- Permissions for Contacts and Meeting Rooms: As before, define the permissions of an administrator in the manage administrators settings. Permissions for “Manage Meeting Rooms” and “Manage Contacts” have been added.
Since these are new features, you have to mark these permissions manually for existing admins if you want them to manage these object types and don’t forget to click Save.
- Manage administrators list cleanup: The list has been cleaned up and now shows no longer all permission checkboxes but just the columns “User Principal Name, OU, Usage Location, Portal Admin” and the menu links.
- Important security change in group membership selections:
There has been an important change in version 3.5: Before this version group members could only be selected from the same OU as the group itself. For example in this following screenshot admins could only assign members from the OU “New York” to the the distribution list “New York Office” – because the filter was strict on the OU of the group.
This behavior has been changed for all groups!
This means that from now on the user picker shows all users from the OU’s of the logged in admin.
In this sample we can select users from all my OU’s (New York, Seattle, …), so we can select Paul (in OU “New York”) AND John (who is in OU “Seattle”).
- New feature: Virtual OU’s
With the above described feature we now can create “virtual OU’s” for group management and use them across different administrators!
This is very helpful when you want that many admins can manage f.e. the same security or distribution groups or shared mailboxes (this applies to all groups).
For example you want admin “A” and admin “B” to manage security group “C”. In that case we simply create a new OU “security” and assign the security group “C” to that OU. Now we assign the OU “security” to admin “A” and “B”, additionally to their existing OU’s.
BOTH admins now can manage security group “C” (they see it in their security groups list) and can assign ONLY THEIR OWN USERS (with the user picker which now shows all users in the own OU’s) into that security group “C”.
We think this (“virtual OU’s” as above) is a very convenient feature which prevents nesting of groups in AAD (this was the way before to solve that). Now portal admins can new OU’s and simply assign it to admins who shall manage the same groups.
- Restore deleted users: Deleted users now can be restored by the portal admin in the new menu administration / deleted users.
Important: It can take some seconds to minutes till deleted users appear in the deleted users list, due to Office365. If you do not see deleted users you deleted just this moment, click the Refresh icon above the list (as in the screenshot below). Repeat this till you see the removed users in the list.
The list shows all users who are deleted in D365 or in Office 365 – the “soft deleted” users – this is default. Soft Deleted users usually can be restored within 30 days after deletion.
To restore users, mark them and click the Restore icon.
If you want to permanently delete (“hard delete”) one or many users, mark them and click the Delete selected user icon.
The quick info of the list icons show the description.
This is a helpful feature available for global admins to restore users who have been deleted by mistake. Also licenses of users will be restored (if there are enough licenses available in that OU).
- New Mailbox delegations: User mailbox permission settings can now be set by an admin.
When editing the mailbox settings there exists a new group “Mailbox delegation”.
In here admins can provide permissions to this user’s mailbox for other users.
Permissions can be set for “Send as”, “Send on behalf” and “Full Access” – the same settings as in the Exchange Admin center.
Add new permissions with the “+” icon or mark users and remove them with the “-“ icon.
The user picker follows the same rules as described above and shows all users within the same OU’s as the logged in admin. If there are permissions set for users outside the own OU’s these users are also visible in the permission list and could be removed.
- Manage administrators licenses: We got some requests that scope admins shall only use special licenses – and not all licenses available in the Office 365 tenant. We developed that feature.
In the administration / manage administrators list the “Licenses” link has been added.
When opening this link the global admin now can define which licenses and which plans this admin shall see – and only these!
With that mechanism scope admins can only see and use this license set which was defined by the portal admins. If no licenses and no plans are selected, the scope admin sees all licenses – that’s default and ensures compatibility with existing versions of D365 and existing administrators.
if this license set is saved, it’s valid for that admin. Of course no plans can be selected, then the admin cannot see and set any license.
Existing D365 tenants can use this feature from now on. If in here are now changes, all admins can use all licenses (as before) – till this is changed and saved here.
- Out-of-Office Design: The form has been redesigned and now does not use as much space as before, see the following screenshot:
- Sync: The sync function (as well as the Auto Sync) has been checked and updated. The new object types have been included in the Sync.
- Azure Active Directory Access: In the previous versions of D365 we used two different versions of Microsoft libraries to communicate with AAD. This has been changed. We updated the methods for communicating with AAD and unified them to the newest version provided by Microsoft (GraphAPI version 2). There is no change in the UI or in the behavior, it’s just an internal change.
All existing versions of D365 have already been updated to the new version 3.5.
Delegate365 version 3.6 with some more enhancements will also be released soon!
Check out our Delegate365 product videos at http://delegate365.com/videos!