Connecting Technology and Business.

Outlook.com - Recent Improvements

​When it comes to getting organized, Outlook.com has users covered. Microsoft has released  Advanced Rules and three other features, all to help users keep their inbox in top shape and make it even easier to see the email that matters to them.

The average person has 184 emails in their inbox, and receives 28 emails each day according to a recent survey. This can be a lot to handle, so helping users get to the email they care about is one of the top priorities. Outlook.com already has a number of features to help users do this. For example, Sweep - one of the most popular features, helps users quickly delete multiple unwanted emails.

The following new features, build on MS's commitment to give the inbox new and better ways to do the heavy lifting and help users save time.

Advanced Rules

With Advanced Rules, users now have more control over how their emails are sorted, filed or bumped to the top of their inbox. Users can create multi-condition and multi-action rules and set their inbox to organize itself automatically. Advanced rules allow users to combine their existing rules together and customize them to suit them. Microsoft has included a number of optional conditions that are unique to Outlook.com, including time constraints, email tallying, checking read/unread state of emails, and checking if the sender is a contact the users know.

Here's an example of an Advanced Rule:

If an unread email is older than 3 days and is from one of your contacts, mark it as important and flag it.

This rule brings any emails you might have missed, from real people you know, to the top of your inbox.

Outlook advance rules.jpg 


Billions of emails in Outlook.com are moved from one folder to another every week. Occasionally, the user will drop an email into the wrong folder or hit Delete by accident. Now it's even easier to undo mistakes in range of commands—delete, categorize, flag, mark as junk, or move—for one email or a whole group. Just clicking the undo button, or typing Ctrl+Z, will bring them right back.

Outlook undo.jpg 

In-line reply

Outlook.com customers use the Reply button almost 8 million times a day. With in-line reply, users can directly respond to an email thread without launching a new view. In-line reply can help users save time, and track their conversations more easily.

Outlook inline reply.jpg 

More personal messaging

Earlier, starting a chat session with friends wasn't as easy to find as it could be, so Microsoft has made several improvements to the experience:

  • Find recent conversations and other contacts a user can chat with in the bottom left of the inbox. One click will launch the user straight into a conversation with them.
  • If the users is chatting with a friend on one service, but want to continue the talk on another service, now they can switch over from right inside the chat session.

Outlook personal messaging.jpg 

- Microsoft Outlook Blog Team

Admins, Give Only What Matters In O365 ProPlus

Depending on the software or services you have in place, many organizations want to disable certain components of the Office suite. The common ones are Access and InfoPath, sometimes the Exchange team in a company controls the version of Outlook on the desktop, an in-place communications system might make it difficult to use Lync, etc. In the traditional Office MSI packages, you could use the Office Customization Tool or a configuration file to control which apps your users received and now using the new Office Deployment Tool for Click-to-Run and May 2014 or newer builds of Office, you can do this now as well.

After downloading the Office Deployment Tool, you can edit the default configuration.xml file to exclude the apps you don't want using the "ExcludeApp ID" control. The naming conventions tend to follow the executable names closely or are slightly abbreviated in the case of names like MSACCESS vs. Access.

If you install an Office Click-to-Run build using the configuration.xml, it will install the entire suite minus Access, InfoPath and OneDrive for Business. You could use similar configuration files to install as few as one Office application as well. If you're wondering if the Office Deployment Tool will work to install other Office products in addition to Office 365 ProPlus, yes it works for all Click-to-Run versions of Office. The MSI versions are only available for Volume License versions of Office Professional Plus 2013 and Office Standard 2013, every other Office 2013 version uses Click-to-Run.

Remote Desktop Services Support for Office 365 ProPlus

Microsoft has announced that support is on the way for organizations using Remote Desktop Services (RDS) or shared computers. Shared Computer Activation for Office 365 ProPlus is targeted to release in the second half of 2014 and will support Office 365 ProPlus installation on Windows Server 2008 R2 or newer with the RDS enabled. It will also work in cases where users share computers with unique Windows user profiles.

If you use RDS (aka "Terminal Services" before the name was changed in 2008) or have shared workstations, it can be difficult to use the current Office 365 ProPlus subscription activation model. With RDS, there are technical blocks preventing admins from installing or running Office 365 ProPlus on a Windows Server with the RDS role enabled. For shared physical or virtual clients, because subscription activation assumes and assigns a PC/Mac to a primary user it can become challenging to manage as users enter or leave an organization.

Shared Computer Activation will be enabled during the installation of Office 365 ProPlus using the Office Deployment Tool. Once enabled, Office installs without being activated. When a user signs in to a computer with Office installed via Share Computer Activation, Office will check to see if the user has been provisioned for Office 365 ProPlus and temporarily activate Office 365 ProPlus until that user logs out. If a second user signs in to the same computer, the activation does not persist from the first user and the process is repeated. This is effectively how Office on Demand activation works today, but using Shared Computer Activation the Office installation is permanent and can be updated. Because this uses the same activation logic as Office on Demand, it does not count against a user's five total installations of Office 365 ProPlus or Office for Mac.

Signing in to O365 - three identity models

​The three identity models you can use with Office 365 range from the very simple with no installation required to the very capable with support for many usage scenarios. By starting with the simplest identity model that meets your needs, you can quickly and easily get your users on-boarded with Office 365.

Identity Models in O365.png 

In the diagram above the three identity models are shown in order of increasing amount of effort to implement from left to right. Microsoft's recommendation for successful Office 365 on-boarding is to start with the simplest identity model that meets a business's needs so that users can start using Office 365 right away. Then, as the business determines additional necessary business requirements, they can move to a more capable identity model over time. The way to think about these is that the Cloud Identity model is the simplest to implement, the Federated Identity model is the most capable, and the Synchronized Identity model is the one we expect most customers to end up with.

Cloud Identity model

In this model a user is created and managed in Office 365 and stored in Azure Active Directory, and the password is verified by Azure Active Directory. Azure Active Directory is the cloud directory that is used by Office 365. There is no equivalent user account on-premises, and there is nothing that needs to be configured to use this other than to create users in the Office 365 admin center.

Synchronized Identity model

In this model the user identity is managed in an on-premises server and the accounts and password hashes are synchronized to the cloud. The user enters the same password on-premises as they do in the cloud, and at sign-in the password is verified by Azure Active Directory. This model uses the Microsoft Azure Active Directory Sync Tool (DirSync).

Federated Identity

This model requires a synchronized identity but with one change to that model: the user password is verified by the on-premises identity provider. This means that the password hash does not need to be synchronized to Azure Active Directory. This model uses Active Directory Federation Services (AD FS) or a third- party identity provider.

Enterprises using O365 can switch between models depending on the changing needs of the business.

-Office Blogs - Andy O'Donald

Heartbeat stopped by Heartbleed?

Heartbleed was so named because the vulnerability results from a missing bounds check in the handling of the Transport Layer Security (TLS) Heartbeat extension, within the open-source OpenSSL cryptography library, used by approximately 500,000 secure web servers (close to 20 percent) around the world. These servers were believed to be vulnerable to an attack, which would allow theft of the servers' private keys and users' session cookies and passwords. Extensive research showed that no attacks had taken place up to the time the patched version of OpenSSL was released. That means no passwords were compromised up to that point. Still, those passwords remained vulnerable until the patch was applied. But if you changed your password before the patch was applied, then the new password (along with all associated data necessary for the change) was now vulnerable.

  • Download the extensions for Chrome and Firefox that check websites' vulnerability to Heartbleed, which you can find out about in this recent article.
  • Whenever you use HTTPS to view a website, use the browser tool to see if the site is vulnerable or has been patched (or doesn't need to be patched). If it's vulnerable, Get Out of There -- right away. If it's been patched, log in then immediately change your password.

There's no telling what bugs or exploits will turn up in the future, so rather than urge you to slavishly change passwords every 30-60-90 days, the best advice is to use different passwords for every site you log into. That way, if anyone is compromised it's only that one site - and one account - that's vulnerable.
-inputs from Dave Kearns, Dark Reading, InfromationWeek