Since Miracast will hit the public profile in Windows Defender firewall, you will encounter issues connecting to a Miracast display (such as a Surface Wireless Display Adapter) if you enable Shielded mode in your Windows Defender firewall policy. This can be checked in MEM (Intune) under Endpoint Security -> Firewall -> Firewall Policy. In the configuration settings, check to ensure that Enable shielded mode is set to No on the public profile.
Microsoft 365 groups are used for many things across Microsoft 365 – Teams, Planner, SharePoint, Stream, etc.
In some cases, you want to hide these groups from the Outlook address book so that people don’t accidentally email the whole group (or the groups might be private in nature). If you are an Exchange Online-Only organization, this can be easily accomplished using the following PowerShell:
Set-UnifiedGroup "<GroupName>" -HiddenFromAddressListsEnabled:$true
However, if you are in an Exchange Hybrid state, you are a bit out of luck for your on-prem mailbox users. The reason is that ADConnect does not write back all group attributes to AD. One of the attributes that is missing is the “msExchHideFromAddressLists” attribute, which is what Exchange Server on-prem will use to generate its GAL for the users that have mailboxes hosted on-prem. This results in the M365 group being hidden from the GAL for Exchange Online users, but it will show up for Exchange On-Prem users.
Want to see this feature get added natively? Vote here:
If you are having extreme slowness with Photoshop Elements (including the latest version, 2020), keep reading.
A user tries to search the posts of a Teams channel (CTRL-F), but no results are returned. The UI displays “No matches found.” The same experience happens in the desktop and web UI for Teams.
Check to be sure that the user is in the Microsoft 365 group’s members list. It is possible in some scenarios (AAD Portal and Teams Admin Center when teams are created) that a user would only be in the group’s owners list.
You may need to wait a few hours before search starts working for the user.
I came across a minor issue in the current build of Microsoft Teams for Android (version 1416/1.0.0.2018121802).
When listening to voicemail, it will only play via the phone’s speaker. It doesn’t matter if you toggle the speakerphone icon on the voicemail playback screen shown below. This can be a bit problematic if you are trying to listen to your voicemail privately.
Rely on the built-in voicemail transcription if privacy is needed until a fix is released. I have already reported this issue to Microsoft and they have ack’d as a bug in the build.
If you try to re-publish your workflow, you will get an error similar to this:
A recent update for .net blocks types and assemblies that are not specifically called out in the config file.
Please see the steps and the script included in this KB:
Issue
You have Active Directory groups being sync’d to Azure AD via Azure AD Connect. These sync’d groups are being used for assigning licenses in your tenant. If you delete one of these groups from your Active Directory, AD Connect throws an error and you get an error alert email.
The error says:
The cause of the error is not clear. This operation will be retried during the next synchronization. If the issue persists, contact Technical Support.
If you open the Azure AD Connect Synchronization Service, you can also see the error there:
AAD Connect Error
If you try to delete the same group via PowerShell, you get the following error:
Remove-AzureADGroup : Error occurred while executing RemoveGroup.
Code: Request_BadRequest
Message: Group deletion is not allowed.
Cause
Azure AD blocks group deletion when the group is being used to assign licenses. This is to help protect you from accidentally removing all of your users’ licenses with a single action.
Resolution
Remove the license assignment from the group and run the sync again. You can kick off the sync from your AAD Connect Server by running:
Start-ADSyncSyncCycle -PolicyType:Delta
References:
Group Based Licensing: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-licensing-group-assignment-azure-portal
When creating Teams in Office 365, you may notice that the files and wiki features (items that depend on access to the back-end SharePoint site collection for the Office 365 group) do not work correctly.
Here is an example of the error In Teams UI
Error Message:
Hang tight, we’re busy making space for your Wiki. Wait a few minutes then try again.
Even after waiting 24 hours, the connection still does not work. Additionally, if you select the “Open in SharePoint” option from the channel menu:
You are given this error message:
We are setting up your file directory.
Lastly, and this is the cause of the issue, you see this error if you try to browse to the underlying SharePoint site collection from off-premises.
Due to organizational policies, you can’t access these resources from this network location.
Your organization has IP restrictions setup in the SharePoint Online tenant to restrict which source IP addresses are allowed to connect to your sites.
These restrictions can be configured in the SharePoint online Admin Portal:
Microsoft teams requires that it (the teams infrastructure) can access your SharePoint tenant. Check with your organization about removing the IP restrictions from SharePoint Online device access policy.
You may experience an error when connecting to SharePoint Online (or other Office 365 services) via PowerShell. All you get back is a generic:
Connect-SPOService : Unexpected response from the server. The content type of the response is “text/html;
charset=UTF8”. The status code is “OK”.
PS C:\Windows\system32] Connect-SPOService -Url https://tenant-admin.sharepoint.com Connect-SPOService : Unexpected response from the server. The content type of the response is "text/html; charset=UTF8". The status code is "OK". At line:1 char:1 + Connect-SPOService -Url https://tenant-admin.sharepoint.com + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (:) [Connect-SPOService], ClientRequestException + FullyQualifiedErrorId : Microsoft.SharePoint.Client.ClientRequestException,Microsoft.Online.SharePoint.PowerShel l.ConnectSPOService
This can happen when your corporate web filter blocks the traffic to your admin URL, such as https://tenant-admin.sharepoint.com. Check the logs on the web filter / proxy to ensure the traffic is being allowed.
Fuzzy / phonetic name searching is not working in people search in SharePoint 2013. For example, if you search for my name as “myree” (which is how it sounds), you would not get my profile as a result.
Here is a good reference on finding if your farm is having this issue (however the fix suggested is no longer the recommended solution): https://blogs.msdn.microsoft.com/ronalg/2015/02/25/sharepoint-2013-fuzzy-and-phonetic-people-search-dont-appear-to-be-working/
Set-SPLogLevel –TraceSeverity:VerboseEx
10/25/2016 13:07:45.13 NodeRunnerQuery2-936ea3ce-afa6- (0x0C0C) 0x270C Search Fuzzy Name Search ajyfa Unexpected CCANameProjector : Exception:Exception : Access to the path ‘E:\Program Files\Microsoft Office Servers\15.0\Data\Office Server\CanonicalResources\ProjectionModels\EN_EN.mdl’ is denied. encountered while attempting to load the Projection Model Catalog E:\Program Files\Microsoft Office Servers\15.0\Data\Office Server\CanonicalResources\ProjectionModels\EN_EN.mdl for Language : en encountered while attempting to load the projection model. 3af3b09d-aa93-906f-2913-467b8e5e0f93
CCANameProjector : Exception:Exception : Access to the path ‘E:\Program Files\Microsoft Office Servers\15.0\Data\Office Server\CanonicalResources\ProjectionModels\EN_EN.mdl’ is denied. encountered while attempting to load the Projection Model Catalog E:\Program Files\Microsoft Office Servers\15.0\Data\Office Server\CanonicalResources\ProjectionModels\EN_EN.mdl for Language : en encountered while attempting to load the projection model.
CCAMetadataProducer : Fuzzy metadata generation failed to load resource for language: en.
CCAMetadataProducer : Fuzzy metadata generation failed for the current record. Check logs for more details.
Clear-SPLogLevel
If you watch the search index directory using procmon while running searches or profile crawls, you will see the access denied messages.
This is a known bug in SharePoint 2013. It has been there since RTM. The good news is that it is finally fixed in the July 2016 CU for SharePoint 2013. This happens in scenarios when you run in the recommended way of having a separate service account (domain account) for the service service. Under this condition, the service account does not have the permissions that the code requires. The fix in the July CU changes the code so that read only access is all that is required on the search index directory.
Upgrade your farm to at least the July 2016 CU. Once this fix has been applied, you will likely need to wait 1 day for all of the indexing / processing to take place before fuzzy / phonetic searches start working.
After waiting a day, test this out using the SharePoint Search Query Tool. Make sure you have nicknames and Phonetic enabled as shown below:
If you can’t upgrade your farm for whatever reason, a temporary workaround would be to add your search service account to WSS_ADMIN_WPG local security group. This change would require a reboot (or a service restart).
Dan Myhre's Blog 