Lifeline or Liability: Managing Emergency Accounts in Hybrid Environments

• Post author:By Brandon Colley

In this blog, we explore why break-glass accounts are your lifeline when identity systems fail. Microsoft’s updated guidance calls for two cloud-only Entra ID accounts with phishing-resistant MFA and restricted AD Administrator accounts limited to domain controllers. Excluding them from Conditional Access, storing credentials offline, and testing regularly ensures your emergency access is a lifeline — not a liability.

• Entra ID

December 3, 2025

How to Use the Exchange Admin API

• Post author:By Tony Redmond

On November 17, Microsoft announced the Exchange Admin API, a REST-based method of interacting with Exchange Online administrative functions. Having a new API sounds exciting, but in reality the Exchange Admin API is a limited tool to help Exchange Web Services (EWS) developers migrate their apps before Microsoft retires EWS in October 2026. That being said, here's how the API works.

• Exchange Online

December 1, 2025

Microsoft Ignite 2025 Copilot Updates, Agent 365 & SharePoint Turns 25 – Practical 365 Podcast S04E46

• Post author:By Steve Goodman

On this episode of the Practical 365 Podcast, we cover the biggest announcements from Microsoft Ignite, New Copilot Capabilities, Agent 365, SharePoint turning 25, and more!

• Podcasts

November 24, 2025

Extending SharePoint Enterprise Search with Microsoft Graph Connectors

• Post author:By Mezba Uddin

This article describes the steps to configure Microsoft 365 Copilot connectors to extend SharePoint Enterprise Search with Microsoft Graph.

• Blog

November 19, 2025

2 Comments

Practical Graph: Creating a Service Principal Analysis for a Microsoft 365 Tenant

• Post author:By Tony Redmond

Understanding the set of registered and enterprise apps active in a Microsoft 365 tenant is important. Attackers can sneak in and plant an app to exfiltrate or otherwise steal data. This article explains how to use PowerShell to create a service principal analysis report that highlights common problems and gives tenant administrators the data needed to manage apps.

• Entra ID

November 17, 2025

Practical Protection: The 2025 Microsoft Digital Defense Report

• Post author:By Paul Robichaux

In this blog, we review Microsoft’s 2025 Digital Defense Report and highlight the trends you need to know. From a surge in ransomware targeting hybrid environments to identity-based attacks at record levels, the report makes one thing clear: resilience and strong identity protection are critical.

• Security

November 13, 2025

Practical Graph: How to Delegate Device Management in Entra ID

• Post author:By Marvin Dickhaus

Managing devices across large organizations can be complex. Administrative Units (AUs) help scope admin rights, but what about newly registered devices? In this article, we explain how to automate adding devices to the correct AU using Microsoft Graph and Azure Automation runbooks with managed identities—eliminating manual steps and improving security.

• Blog

November 12, 2025

Practical Graph: How to Check Unexpected Sign-Ins Against Utility Accounts

• Post author:By Tony Redmond

Utility accounts exist in every Microsoft 365 tenant. These accounts are not intended for normal user activity and include accounts used for Exchange room and shared mailboxes and the break-glass or emergency accounts intended to allow administrators to sign-in if their usual accounts are blocked. This article shows how to use PowerShell and the Microsoft Graph to check sign-in events to ensure that the accounts aren't being accessed.

• Exchange Online

November 11, 2025

Approaching Inventory for Agents Published in Microsoft 365

• Post author:By Lewis Baybutt

Microsoft 365 now runs on agentic AI, but tracking custom, shared, and ISV agents isn’t simple. This post breaks down where agents live, how the Admin Center inventory works, and why scalable management remains a challenge. Plus, what’s next with Graph API.

• Copilot

November 10, 2025

Finding Unused Proxy Addresses for Exchange Online Mail-Enabled Objects

• Post author:By Tony Redmond

A request came in about how to find unused proxy addresses for Exchange Online mail-enabled objects. There's no out-of-the-box report available for proxy address usage, but we can solve the problem by using a PowerShell script to download historical message trace data to check every proxy address for all mailboxes against. The question then is what to do with the unused proxy addresses?

• Exchange Online

November 5, 2025

One comment

Farewell Last Exchange Server, Copilot Memory Rolls Out, and Agentic AI Improvements – Practical 365 Podcast S04E44

• Post author:By Steve Goodman

In this episode of the Practical 365 Podcast, Steve Goodman and Paul Robichaux discuss major Exchange updates – including the fallout from a recent AWS outage, Microsoft’s new tools to finally remove your last on-premises Exchange server, the final patches for Exchange 2016/2019, Copilot’s upcoming memory & personalization upgrade, and more!

• Podcasts

November 3, 2025

5 Comments

Practical AI: AI Exploration of Microsoft Graph with Lokka

• Post author:By Paul Robichaux

In this episode of Practical AI, we dive into using Lokka, a free tool for working with the Microsoft Graph, built by Microsoft’s Merill Fernando. Lokka lets you query and manage your Microsoft 365 tenant using natural language, removing the need for complex scripting.

• Microsoft 365

October 28, 2025