Tech Guru

Trusted Source Technology

Challenges with Microsoft Teams Administration

Challenges with Microsoft Teams Administration

Microsoft Teams is the darling of the Microsoft 365 suite, with really much every application in the ecosystem pushing for their share of user authentic estate.

And with far more than 270 million active users – it’s not really hard to realize why.

However, this continued force for almost everything to be in Microsoft Teams produces rather of a obstacle for the ongoing administration of the platform.

For starters, how do we outline what is administration of Microsoft Teams? The item sits on major of the Microsoft 365 platform, leveraging important workloads these as Exchange, Azure Lively Directory, and SharePoint, however is also a system unto itself.

Some time ago I sat in a place with a bunch of fellow MVPs and Microsoft personnel to style the MS-700 “Managing Microsoft Teams” exam. We had a number of debates about what a Microsoft Groups administrator should know, and what their career ought to consist of.

When the examination blueprint was sent out to evaluate, a quantity of complaints have been built about the deficiency of voice-related inquiries included. Other issues said that there ended up too quite a few protection and compliance issues, and others claimed that the exam merely included also numerous aspects of the system.

When I say some time ago, I necessarily mean mid-2019, when Microsoft Groups was hardly 2 many years aged. Due to the fact then, the system has grown noticeably both in capabilities as properly as complexity.

However, the problem nonetheless stays – what is a Microsoft Groups administrator, and what must they know in get to do their occupation properly?

The response, as in several similar instances, is “it depends”.

Take into consideration this circumstance: Contoso has deployed Microsoft Groups to its workforce. Team report that when they do the job remotely, they are not able to accessibility the Data files tab from any Group. However, they also report that this difficulty does not come about when doing work in the business office or related via VPN.

The answer in this scenario, is that Contoso has a conditional access coverage utilized to accessing SharePoint, and a distinct policy for accessing Microsoft Groups.

So, who is dependable for addressing that? Is it the stability team who defined the conditional entry plan? Is it the intranet crew who are responsible for handling entry to SharePoint? No matter, who, is this a little something that can be tackled with the flick of a switch, or should really there be a security overview to ascertain danger and influence?

And is the Microsoft Teams administrator expected to be equipped to remediate this on their own? And what are the assistance employees intended to say to people who are influenced? “Sorry, we need to have to carry out a stability review – it’ll be about two weeks until finally our upcoming Taxi conference, so most likely you can talk to your peers to electronic mail you the required files as attachments.”

Although you may perhaps examine this and think that this challenge shouldn’t have transpired if factors ended up performed appropriately – that’s just the point. Define “properly”. Define who should have been included in the conferences.

The actuality is that administering the Microsoft Teams platform comes with a whole lot of strings hooked up – anything that have to be taken very seriously, with owing consideration supplied to innumerable eventualities. Let us get a glance at but a compact sampling of the troubles.

Can I see your license remember to?

Within just Microsoft 365 there are numerous distinctive licensing selections and scenarios. Even in just the a variety of licenses, you can pick what functions of Microsoft 365 are enabled and which are not.

The pursuing table presents an instance of some of the items incorporated in Office environment 365 E3, and what element of Microsoft Teams is affected when they are not allotted to the consumer:


It is not uncommon for administrators to not give end users entire entry to the Microsoft 365 merchandise suite as they are not completely ready to guidance them, are attempting to stage the launch of functionality, or in some situations – do not entirely comprehend them and as a result never recognize the worth they provide consumers.

In these eventualities, buyers can have distinctive encounters centered on their license allocation. A single user may well be able to use Planner and as this kind of assigns responsibilities to their peers, but some of them may perhaps not be equipped to obtain those responsibilities as they have a unique license build.

And I’m not even finding into the aspects of why the organisation emblem appears in the assembly lobby for some buyers and not other folks (hint: it comes down to whether or not they are certified for Innovative Communications).

Administrator != whole obtain

If an organisation has in place great safety and administration methods, they could use Privileged Identity Supervisor – a component of Azure Active Listing Program P2 (I imagined we were carried out talking about licensing!?). And with this in brain, directors should only be elevating to the required authorization amount to carry out the process.

So you have elevated to be a Groups Administrator due to the fact you want to control the applications available to users? No sorry, you can not do that.

Want to glimpse at the audit log to see which person invited a visitor into the Group? Nope, can not do that both.

Regrettably, currently being a Teams Administrator does not give you every little thing you require to administer Microsoft Teams. Instead, admins will have to elevate up to be a International Administrator – some thing that ought to in principle be a very last resort.

Outline “inactive”

A prevalent process essential when administering Microsoft Teams is to clean up inactive Groups. There are a several ways to carry out this functionality, on the other hand the matter of this specific segment is about defining what is inactive.

As defined in the Microsoft Groups utilization report, exercise is measured by people and channels – and the mix of activities carried out by one, in the other.

So, it makes perception that an administrator could look at the report and dependent on ranges of inactivity, identify which Groups can be archived or even deleted, correct? Wrong.

As talked about previously, Microsoft Groups is equally a platform unto by itself, as perfectly as a system on prime of other platforms. So we can not basically figure out a Team’s exercise level by the Team itself. Instead, we can appear to SharePoint and see no matter if the underlying workforce internet site (indeed, “team site” is a SharePoint phrase from the early 00’s) has any activity. It does not have any action? Excellent, we can archive/delete it. Let’s move to the up coming section…

A Crew is more than what you see in Microsoft Groups

Some thing I have heard several admins tell me is that when they “archive” off the content of a, they ordinarily just get the files from the Documents tab of the channels and shift them into a unique place.

The issue with this solution, is that a Crew is A lot much more than just the channel content material you see right before you. It may perhaps also be wiki content (*shudder*), Lists in the SharePoint internet site, Varieties associated with the M365 Group, email in the affiliated Exchange mailbox, info in Forms linked to the M365 Team, notes in the OneNote notebook, and so on. (You can study the specifics on this in an write-up I wrote for Microsoft a few of many years ago: Teams companies interactions | Microsoft Docs.)

And sadly, a whole lot of this details is not conveniently noticeable to administrators – generally because there are no out of the box experiences, and in some circumstances no APIs to even get to the data (I’m search at you Types).

This lends alone to the former segment, in that, because admins are not able to see the articles, admins are also not able to see the exercise. Which can quite possibly signify that admins are archiving or deleting Groups which basically have activity in other workloads. (Some fantastic guidance and factors comes in the sort of a different complex short article I authored for Microsoft: Stop of lifecycle options for teams, groups, and Yammer | Microsoft Docs.)

Which report to use when

Something that eventually can make all of this a lot more complicated for directors is the numerous stories offered that deliver diverse concentrations of information.

The crucial reports administrators require to use are:

The problem right here, is that it doesn’t stop there. Administrators need to have to make investments in customised and 3rd-party report solutions in buy to get a greater understanding of how their atmosphere is staying utilized. And we haven’t even touched on some of the previously worries about protection, compliance, accessibility, and other regions related to Microsoft Groups.

Pleased administering!




Exchange Hybrid and Office environment 365 Checking and Reporting

On-premises parts, this kind of as Advert FS, PTA, and Trade Hybrid are significant for Business 365 close person experience. In addition, a little something as trivial as expiring Exchange or Advertisement FS certificates can definitely lead to unanticipated outages. By proactively checking hybrid elements, ENow offers you early warnings where by hybrid parts are achieving a important point out, or even for an future expiring certificate. Recognizing quickly when a challenge happens, exactly where the fault lies, and why the difficulty has transpired, assures that any outages are detected and solved as immediately as probable.

Entry your cost-free 14-day demo of ENow’s Exchange Hybrid and Place of work 365 Checking and Reporting now!