This book and its accompanying online resources are designed to be a complete preparation tool for your MS-102 exam.

The book is written in a way that you can apply everything you’ve learned here even after your certification. The online practice resources that come with this book (Figure 1.1) are designed to improve your test-taking skills. They are loaded with timed mock exams, interactive flashcards, and exam tips, to help you work on your exam readiness from now till your test day.

Before You Proceed

You need to unlock these resources before you start using them. Unlocking takes less than 10 minutes, can be done from any device, and needs to be done only once. Head over to the start of Chapter 7, Managing Security Reports and Alerts by Using the Microsoft 365 Defender Portal in this book for instructions on how to unlock them.

Figure 1.1 – Dashboard Interface Of MS-102 Practice Resources

Here are some tips on how to make the most out of this book so that you can clear your certification and retain your knowledge beyond your exam:

1. Read each section thoroughly.
2. Make ample notes: You can use your favorite online note-taking tool or use a physical notebook. The free online resources also give you access to an online version of this book. Click the BACK TO THE BOOK link from the Dashboard to access the book in Packt Reader. You can highlight specific sections of the book there.
3. Chapter Review Questions: At the end of this chapter, you’ll find a link to review questions for this chapter. These are designed to test your knowledge of the chapter. Aim to score at least 75% before moving on to the next chapter. You’ll find detailed instructions on how to make the most of these questions at the end of this chapter in the Exam Readiness Drill - Chapter Review Questions section. That way, you’re improving your exam-taking skills after each chapter, rather than doing it at the end.
4. Flashcards: After you’ve gone through the book and scored 75% more in each of the chapter review questions, start reviewing the online flashcards. They will help you memorize key concepts.
5. Mock Exams: Solve the mock exams that come with the book till your exam day. If you get some answers wrong, go back to the book and revisit the concepts you’re weak in.
6. Exam Tips: Review these from time to time to improve your exam readiness even further.

The Microsoft 365 tenant is the security and content boundary for your organization. While deploying a tenant is a simple task of entering contact and payment details, there are many considerations that go into designing and implementing a tenant. These considerations will be used to securely provide access to an organization’s data.

In this chapter, you’ll explore the core components of planning your Microsoft 365 experience as it pertains to the MS-102 exam. The objectives and skills covered in this chapter include the following:

• Creating a tenant
• Implementing and managing domains
• Configuring organizational settings
• Identifying and responding to service health issues
• Configuring notifications for service health
• Monitoring adoption and usage

By the end of this chapter, you should be able to articulate the core concepts around planning and implementing a Microsoft 365 tenant successfully.

A tenant, from a Microsoft 365 perspective, is the top-level structure that identifies your organization. It’s a boundary that separates your users and data from those of other organizations that use the Microsoft 365 service. Creating the tenant is the primary prerequisite step to working with Microsoft 365. The first step in creating a tenant is to plan a tenant, followed by provisioning a tenant.

Planning a Tenant

There are a number of early planning stages for creating a Microsoft 365 tenant, but the one you’ll carry out first will be deciding which kind of tenant to acquire. Tenants are available for organizations of different sizes as well as different industry verticals. Many of these early planning choices can’t be changed later, so you want to make sure you have a thorough understanding of all of the options before hastily clicking through selection screens.

Selecting a Tenant Type

Microsoft has made a variety of packages available, targeting different types of organizations, as shown in Figure 1.2:

Figure 1.2 – Types of tenants

Table 1.1 below lists the types of tenants available for customers to choose from:

Table 1.1 – Tenant types and target customers

For the purposes of the MS-102 exam, you’ll focus on the Microsoft 365 Enterprise service plans.

Tenant Type Deep Dive

The MS-102 exam focuses on the feature set and product, or service bundles, available in Microsoft 365 Enterprise plans, though the technologies available are largely the same across all plans. Microsoft 365 for US Government is available only for local, state, and federal government customers (and their partners or suppliers) and has a subset of the currently commercially available features, trailing by anywhere from 6 months to 2 years, depending on the certification level of the environment. Microsoft 365 for Education has the same feature set as the commercial enterprise set, with a few added features targeted to educational institutions. Microsoft 365 for Education is only available to schools and universities.

Selecting a Managed Domain

After choosing what type of tenant you’ll acquire, one of the next steps you’ll be faced with is naming your tenant. When you sign up for a Microsoft 365 subscription, you are prompted to choose a name from Microsoft’s onmicrosoft.com managed namespace. The name you select will need to be unique across all other Microsoft 365 customers.

Tenant Name Considerations

The tenant name (or managed domain name) cannot be changed after it has been selected. As such, it’s important to select one that is appropriate for your organization. The tenant name is visible in a handful of locations, so be sure to select a name that doesn’t reveal any privacy information and looks professionally appropriate for the type of organization you’re representing.

Provisioning a Tenant

The act of provisioning a tenant is a relatively simple affair, requiring you to fill out a basic contact form and choose a tenant name. Microsoft periodically changes what plans are available for new trial subscriptions. As of the time of writing, Office 365 E3 is available for a trial subscription. Currently, the available public trial subscriptions require the addition of payment information, which will cause a trial to roll over into a fully paid subscription after the trial period ends. See Figure 1.3:

Figure 1.3 – Starting a trial subscription

The signup process may prompt for a phone number to be used during verification (either a text/SMS or call) to help ensure that you’re a valid potential customer and not an automated system.

After verifying your status as a human, you’ll be prompted to select your managed domain, as shown in Figure 1.4:

Figure 1.4 – Choosing a managed domain

In the Domain name field, you’ll be prompted to enter a domain name. If the domain name value you select is already taken, you’ll receive an error and be prompted to select a new name.

Region Selection

Microsoft automatically provisions your tenant based on a combination of your source IP address and what type of tenant (enterprise, government, or personal) you’re selecting. You need to ensure that you’re not using any external VPN services that mask your location. Region selection determines not only where your tenant data is located physically but also, in some cases, what services are available. Once your tenant is provisioned into a region, it can’t be changed.

After you’ve finished, you can enter payment information for a trial subscription. Note the end date of the trial; if you fail to cancel by that time, you’ll be automatically billed for the number of licenses you have configured during your trial!

The managed domain is a part of the Microsoft 365 tenant for its entire life cycle. While it is a fully functioning domain namespace (complete with its own Microsoft-managed publicly available domain namespace), most organizations will want to use their organization’s domain name—especially when it comes to sending and receiving email or communicating via Microsoft Teams. You cannot add custom DNS records to the managed namespace.

Organizations can use any public domain name with Microsoft 365. Microsoft supports configuring up to 900 domains in a tenant; you can configure both top-level domains (such as contoso.com) as well as subdomains (such as businessunit.contoso.com) with your Microsoft 365 tenant.

Acquiring a Domain Name

Many organizations begin their Microsoft 365 journey with an existing domain name. In addition, you can purchase new domain names to be associated with your tenant.

Third-party Registrar

Most large organizations have existing relationships with third-party domain registrars, such as Network Solutions or GoDaddy. You can use any ICANN-accredited registrar in your region to purchase domain names.

About ICANN

The Internet Corporation for Assigned Names and Numbers (ICANN) is a non-profit organization tasked with providing guidance and policy around the internet’s unique identifiers (domains). It was chartered in 1998. Prior to 1998, Network Solutions operated the global Domain Name System (DNS) registry under a subcontract from the United States Defense Information Systems Agency.

You can search a list of domain registrars here: https://www.icann.org/en/accredited-registrars.

Microsoft

In addition to choosing a third-party registrar, organizations may also wish to use Microsoft as the registrar. Depending on your subscription, you may be able to directly purchase domain names from within the Microsoft 365 admin center, as shown in Figure 1.5:

Figure 1.5 – Purchasing a domain through the Microsoft 365 admin center

When purchasing a domain through Microsoft, you can select from the following top-level domains:

• .biz
• .com
• .info
• .me
• .mobi
• .net
• .org
• .tv
• .co.uk
• .org.uk

Domain purchases will be billed separately from your Microsoft 365 subscription services. When purchasing a domain from Microsoft, you’ll have limited ability to manage the DNS records. If you require custom configuration (such as configuring an MX record to point to a non-Microsoft 365 server), you’ll want to purchase a domain separately.

Configuring a Domain Name

Configuring a domain for your tenant is a simple procedure and requires access to your organization’s public DNS service provider. Many large organizations may host DNS themselves, while other organizations choose to pay service providers (such as the domain registrar) to host the services.

In order to be compatible with Microsoft 365, a DNS service must support configuring the following types of records:

• Canonical Name (CNAME): CNAME records are alias records for a domain, allowing a name to point to another name as a reference. For example, let’s say you have a website named www.contoso.com that resolves to an IP address of 1.2.3.4. Later, you want to start building websites for na.contoso.com and eu.contoso.com on the same web server. You might implement a CNAME record for na.contoso.com to point to www.contoso.com.
• Text (TXT): A TXT record is a DNS record used to store unstructured information. Request for Comments (RFC) 1035 (https://tools.ietf.org/html/rfc1035) specifies that the value must be text strings and gives no specific format for the value data. Over the years, Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and other authentication and verification data have been published as TXT records. In addition to SPF and DKIM, the Microsoft 365 domain addition process requires the administrator to place a certain value in a TXT record to confirm ownership of the domain.
• Service Locator (SRV): An SRV record is used to specify a combination of a host in addition to a port for a particular internet protocol or service.
• Mail Exchanger (MX): The MX record is used to identify which hosts (servers or other devices) are responsible for handling mail for a domain.

In order to use a custom domain (sometimes referred to as a vanity domain) with Microsoft 365, you’ll need to add it to your tenant.

To add a custom domain, follow these steps:

1. Navigate to the Microsoft 365 admin center (https://admin.microsoft.com) and log in.
2. Expand Settings and select Domains.

Figure 1.6 – Domains page of the Microsoft 365 admin center

3. Click Add domain.
4. On the Add domain page, enter the custom domain name you wish to add to your Microsoft 365 tenant. Select Use this domain to continue.

Figure 1.7 – Add domain page

5. If your domain is registered at a host that supports Domain Connect, you can provide your credentials to the Microsoft 365 Add domain wizard and click Verify. Microsoft will automatically configure the necessary domain records and complete the entire DNS setup for you. You can also select More options to see all of the potential verification methods available, as shown in Figure 1.8:

Figure 1.8 – Verify domain ownership

If you choose any of the additional verification options (such as Add a TXT record to the domain’s DNS records), you’ll need to manually add DNS records at your DNS service provider. Microsoft provides the value configuration parameters necessary for you to configure with your own service provider. After entering the values in your service provider’s DNS console, you can come back to the wizard and select Verify, as shown in Figure 1.9:

Figure 1.9 – Completing verification records manually

6. If using a registrar that supports Domain Connect, enter the credentials for your registrar. When ready, click Connect. See Figure 1.10:

Figure 1.10 – Authorizing Domain Connect with GoDaddy to update DNS records

7. Select Let Microsoft add your DNS records (recommended) to have the Microsoft 365 wizard update your organization’s DNS records at the registrar; however, if you are going to be configuring advanced scenarios such as Exchange Hybrid for mail coexistence and migration or have other complex requirements, you may want to consider managing the DNS records manually or opting out of select services. Click Continue.

Figure 1.11 – Connecting domain to Microsoft 365

8. Choose whether to allow Microsoft to add DNS records. Expand the Advanced options dropdown:
   1. The first checkbox, Exchange and Exchange Online Protection, manages DNS settings for Outlook and email delivery. If you have an existing Exchange Server deployment on-premises (or another mail service solution), you should clear this checkbox before continuing. You’ll need to come back to configure DNS settings to establish hybrid connectivity correctly. The default selected option means that Microsoft will make the following updates to your organization’s DNS:
      1. Your organization’s MX record will be updated to point to Exchange Online Protection.
      2. The Exchange Autodiscover record will be updated to point to autodiscover.outlook.com.
      3. Microsoft will update your organization’s SPF record with v=spf1 include:spf.protection.outlook.com -all.

Figure 1.12 – Adding DNS records

2. The second setting, Skype for Business, will configure DNS settings for Skype for Business. If you have an existing Skype for Business Online deployment or you’re using Skype for Business on-premises, you may need to clear this box until you verify your configuration:
   1. Microsoft will add two SRV records: _sip._tls.@<domain> and _sipfederationtls._tcp@<domain>.
   2. Microsoft will also add two CNAMEs for Lync: sip.<domain> to point to sipdir.online.lync.com and lyncdiscover.<domain> to point to webdir.online.lync.com.
3. The third checkbox, Intune and Mobile Device Management for Microsoft 365, configures applicable DNS settings for device registration. It is recommended to leave this enabled:
   1. Microsoft will add the following CNAME entries to support mobile device registration and management: enterpriseenrollment.<domain> to enterpriseenrollment.manage.microsoft.com and enterpriseregistration.<domain> to enterpriseregistration.windows.net.

9. Click Add DNS records.
10. If prompted, click Connect to authorize Microsoft to update your registrar’s DNS settings.
11. Click Done to exit the wizard or View all domains to go back to the Domains page if you need to add more domains.

You can continue adding as many domains as you need (up to the tenant maximum of 900 domains).

Adding a Domain Deep Dive

To review alternative steps and more information about the domain addition process, see https://learn.microsoft.com/en-us/microsoft-365/admin/setup/add-domain.

Managing DNS Records Manually

If you’ve opted to manage DNS records manually, you may need to go back to the Microsoft 365 admin center and view the settings. To do this, you can navigate to the Domains page, select your domain, and then select Manage DNS, as shown in Figure 1.13:

Figure 1.13 – Managing DNS settings for a domain

On the Connect domain page, click More options to expand the options, and then select Add your own DNS records. From here, you can view the specific DNS settings necessary per service by record type. You can also download a CSV file or a zone file that can be uploaded to your own DNS server. See Figure 1.14:

Figure 1.14 – Viewing DNS settings

The CSV output is formatted as columns, while the zone file output is formatted for use with standard DNS services and can be imported or appended to BIND or Microsoft DNS server zone files.

Configuring a Default Domain

After adding a domain, Microsoft 365 automatically sets the first custom domain as the default domain that will be used when creating new users. However, if you have additional domains, you may choose to select a different domain to be used as the default domain when creating objects.

To manage which domain will be set as your primary domain, select the domain from the Domains page and then click Set as default to update the setting, as shown in Figure 1.15:

Figure 1.15 – Setting the default domain

The default domain will be selected automatically when creating cloud-based users and groups, though it can be changed.

Custom Domains and Synchronization

When creating new cloud-based objects, you can select from any of the domains available in your tenant. However, when synchronizing from an on-premises directory, objects will be configured with the same domain configured with the on-premises object. If the corresponding domain hasn’t been verified in the tenant, synchronized objects will be set to use the tenant-managed domain.

Next, you’ll look at the core organizational settings in a tenant.

Organizational settings, as the name implies, are configuration options that apply to the entire tenant. They are used to enable or disable features at the service or tenant level. In many instances, organizational settings are coarse controls that can be further refined by the configuration settings inside each individual service.

To access the organizational settings, follow these steps:

1. Navigate to the Microsoft 365 admin center (https://admin.microsoft.com).
2. In the navigation pane, expand Settings and select Org settings.

Figure 1.16 – Org settings in the Microsoft 365 admin center

The Org settings page has three tabs, as shown in Figure 1.16:

• Services
• Security & privacy
• Organizational profile

In the next section, each of these settings will be explained in detail.

Services

The Services tab displays settings available for workloads, services, and features available in the Microsoft 365 tenant. Table 1.2 lists the services that have configurable options in the tenant:

Table 1.2 – Organizational service settings

You should spend time exploring the options for the services in the Microsoft 365 admin center.

Security & Privacy

The Security & privacy tab houses settings that govern various security controls for the organization. On this page, you’ll find access to the settings listed in Table 1.3:

Table 1.3 – Security & privacy settings

These options can be used to broadly configure security and privacy settings for your organization. As with the settings on the Services tab, these are coarse controls. Fine-grained control is available for some of these items inside their respective admin centers.

Organization Profile

Settings on the Organization profile tab are largely informational or used to manage certain aspects of the user experience. On this tab, you’ll find the settings listed in Table 1.4:

Table 1.4 – Organization profile settings

Like the other Org settings tabs, the settings on this page will be used infrequently—typically when just setting up your tenant and customizing the experience. As with the other Organization profile setting areas, you should spend some time in a test environment navigating the tenant to view these settings and updating them to see their effects.

Service health information is available from the Microsoft 365 admin center (https://admin.microsoft.com). Microsoft provides health information for a variety of services and features, including SaaS services such as Exchange Online and SharePoint Online, the health of the directory synchronization environment, as well as Windows operating system feature issues and service health.

You can check the overall service health by navigating to the health dashboard (Health | Dashboard), as shown in Figure 1.17:

Figure 1.17 – Service health dashboard

The health dashboard contains the current health status of all Microsoft 365 services. Normally, services will appear as healthy, though this status will be updated when a service is experiencing an issue.

The Service health page (Health | Service health or https://aka.ms/servicehealth) will display the most detailed and comprehensive information on any ongoing or resolved issues. See Figure 1.18.

Figure 1.18 – Service health page

If a service has an advisory or incident, you can expand the issue item under Active issues to display relevant events, as shown in Figure 1.19:

Figure 1.19 – Service health active issues

Selecting an individual item reveals expanded information about the particular issue. See Figure 1.20 for an example:

Figure 1.20 – Expanded active issue

Each service incident will display a status. Possible statuses include the following:

• Normal service: This status indicates that the service is available and has no current incidents or incidents during the reporting period.
• Extended recovery: This status indicates that while steps have been completed to resolve the incident, it may take a period of time for operations to return to normal. During an extended recovery period, some service operations might be deleted or take longer to complete.
• Investigating: This status indicates that a potential service incident is being reviewed.
• Service restored: This status indicates that an incident was active earlier in the day, but service was restored.
• Service interruption: This status indicates the service isn’t functioning and that affected users are unable to access the service.
• Additional information: This status indicates the presence of information regarding a recent incident from a previous day.
• Service degradation: This status indicates the service is slow or is occasionally appearing unresponsive for brief periods.
• PIR published: This status indicates that a post-incident report of the service incident has been published.
• Restoring service: This status indicates the service incident is being resolved.

As an administrator, it’s important to frequently check the service health dashboard to stay informed of alerts or incidents. If a service issue is affecting the Microsoft 365 admin center, you can also try the Office 365 status page (https://status.office.com) and the Azure status page (https://status.azure.com).

In addition to viewing service health information in the Microsoft 365 admin center, you can also configure email-based notifications for services.

To configure email notifications for service health, follow these steps.

1. Navigate to the Service health page (https://aka.ms/servicehealth) and click Customize. See Figure 1.21:

Figure 1.21 – Service health page with Customize highlighted

2. On the Customize flyout, select the Email tab.
3. Select the Send me email notifications about service health checkbox.
4. Enter up to two email addresses to be notified of issues.
5. Scroll the flyout to enable or disable email notifications for issue types and Microsoft 365 services, as shown in Figure 1.22.

Figure 1.22 – Enabling notifications

6. Click Save to update commit changes.

You will be notified of future service issues for the selected services. You can update the selections at any time.

Next, you’ll look at tracking Microsoft 365 service adoption across the enterprise.

In order for your organization to get the most benefit from a Microsoft 365 investment, it’s important that users adopt the services and features. You can monitor end user adoption and consumption metrics through a variety of tools, including Microsoft 365 usage metrics, Viva Insights (formerly known as Workplace Analytics), and the Adoption Score (formerly known as the Productivity Score).

Microsoft 365 Usage Reports

The Microsoft 365 usage reports are available inside the Microsoft 365 admin center. They are broad reports that can be used to get a high-level snapshot of how your organization is using the Microsoft 365 platform. Report data includes statistics such as how many files are stored in SharePoint, how many Exchange mailboxes were active during the reporting period, and engagement with other products such as Viva Engage (formerly Yammer) or Forms.

Figure 1.23 – Microsoft 365 usage reports

Usage reports can be accessed by navigating to the Microsoft 365 admin center (https://admin.microsoft.com), expanding Reports, and selecting Usage.

Viva Insights

Formerly known as Workplace Analytics, Viva Insights provides recommendations about personal and teamwork habits. Viva Insights has four core areas:

• Personal insights
• Teamwork habits
• Organization trends
• Advanced insights

Each of these areas has unique features that are part of the Viva story.

Personal Insights

As the name suggests, personal insights are tailored to an individual. Personal insights are private and are only visible to the individual for whom they are intended. Personal insights are best viewed using the Viva Insights app in Microsoft Teams, as shown in Figure 1.24:

Figure 1.24 – Viva Insights app in Microsoft Teams

The Viva Insights app has functions to allow you to make a focus plan (sometimes referred to as the protect time feature), send praise to your colleagues either publicly or privately, and stay connected through AI-based task suggestions and meeting assistance.

The Viva Insights app also features Headspace guided meditation and mindfulness exercises as well as prompts to take a break and reflect on your personal feelings. Using the reflection activity card, you can even set daily reminders to check in with yourself. See Figure 1.25:

Figure 1.25 – Reflection activity card

Viva Insights also has a daily ramp-up and wind-down micro-app called Virtual Commute, which lets users review upcoming meetings and tasks, block focus time, and initiate a variety of mini-break, meditative, and reflective activities. See Figure 1.26:

Figure 1.26 – Virtual commute activity card

Together, these insight features can help users manage both their productivity and personal well-being.

Teamwork Habits

Viva Insights Teamwork habits, which is part of the premium Viva Insights experience, allows managers to gain additional recommendations for managing people. Teamwork habits helps managers identify regular after-hours work, meeting overload conditions, and lack of dedicated focus time.

Managers can set up teams by manually adding users, or can use the suggested list if the manager property has been populated in Azure Active Directory. See Figure 1.27:

Figure 1.27 – Confirming team members

Three additional core features of Teamwork habits are the following:

• Scheduling recurring 1:1 times with managed employees
• Analyzing quiet hours impact to determine how work habits impact employees outside of their configured working hours
• Configuring shared plans for no-meeting days and shared focus times

Organizations that utilize the Teamwork habits tools can improve their employees’ well-being and work-life balance. The Teamwork habits feature requires a premium Microsoft Viva Insights license.

Organization Trends

The My organization tab shows organization trends as well as business leader and manager insights to help understand how to effectively manage your teams. Insights include such as identifying work patterns and suggestions for boosting employee engagement. See Figure 1.28:

Figure 1.28 – Organization trends

Organization trends data is privacy-oriented, requiring a minimum of 10 people (including the manager) to be in the management chain, either directly or indirectly. In addition, access to Organization trends requires granting access to manager insights through the Viva setup.

Advanced Insights

Microsoft Viva advanced insights is a reporting tool that provides research-based behavioral insights into organizational work patterns, such as hybrid work, work-life balance, and employee well-being.

The advanced insights reporting tools come with a number of built-in templates and analysis tools to really help organizations understand everything from meeting effectiveness to employee performance trends correlated to 1:1 manager meetings. The Manager coaching report, which is part of Viva Insights, is shown in Figure 1.29:

Figure 1.29 – Viva Insights Manager coaching report

With large organizational changes such as hybrid and remote work scenarios, it can be important to understand how those work patterns affect performance, including interesting data points such as how much time is spent during meetings multitasking or how much work is getting done outside normal business hours.

Information about working hours is available in the Work-life balance and flex work report (part of the Hybrid workforce experience reporting section), shown in Figure 1.30:

Figure 1.30 – Advanced insights working hour details

The advanced insights Power BI report templates provide an analysis of employee engagement and work patterns. The reports include the following:

• Business resilience: Overall business report highlighting performance and employee well-being.
• Hybrid workforce experience: This report highlights how different work modes (onsite, hybrid, and remote) affect workers.
• Manager effectiveness: Provides insight into patterns exhibited by people managers.
• Meeting effectiveness: These reports capture and display information on meeting statistics such as how many meetings happen on short notice or how much multitasking occurs during meetings.
• Ways of working: This data helps answer questions such as are employees receiving enough 1:1 coaching time? and who generates the most work by organizing meetings?
• Wellbeing – balance and flexibility: Reporting data used to identify whether employees have enough time to focus on core priorities and can balance that with breaks and time away from work.
• For more information on the advanced insights templates and their reporting capabilities, see https://learn.microsoft.com/en-us/viva/insights/advanced/analyst/templates/introduction-to-templates.

Adoption Score

Formerly known as Productivity Score, Adoption Score is a metric that is used to help measure the success of an organization’s use of the Microsoft 365 platform. Before Adoption Score can be used, it must be enabled in the Microsoft 365 admin center under Reports, as shown in Figure 1.31:

Figure 1.31 – Enabling Adoption Score

Adoption Score provides insights that are broken up into three categories: people experiences, technology experiences, and special reports. When enabling the score, you can select how to calculate insights into people experiences:

• Include all users
• Exclude specific users by group
• Don’t calculate for any users

Insights into technology experiences are shown automatically when you enable Adoption Score. If you don’t want to collect that data, you can disable Endpoint analytics scope in the Intune data collection policy,

If you are performing a staged rollout of services using a pilot program, it may be beneficial to limit the reporting scope to groups of users that are part of the pilot.

People Experiences

The insights into people experiences focus on five categories that show how your users and organization are using the tools in the Microsoft 365 platform. These insight areas are as follows:

• Communication: This area measures how people are communicating with each other, such as sending emails or instant messages or posting on communities in Viva Engage (or Yammer). This area highlights important practices such as using @mentions in emails and marking responses as answers in Yammer. Users need to be licensed for Yammer, Exchange Online, or Teams to be counted in this metric.
• Content collaboration: This area measures how people use files in your organization, such as creating or sharing files in OneDrive for Business and SharePoint Online or how email attachments are being used (attached files versus a cloud attachment—a link to a file shared in OneDrive or SharePoint). It also captures data about the number of files shared and whether the collaborators are internal or external to the organization. Users need to be licensed for OneDrive for Business, SharePoint, or Exchange Online to be counted in this metric.
• Mobility: This measures what devices and interfaces people are using to accomplish their work. For example, a user sending an email from the Outlook desktop app and the Outlook mobile app would be regarded as an individual using the Microsoft 365 apps across multiple platforms. This measurement area also reports on what locations people are working from—whether they are onsite in one of your organization’s offices or remotely. In order to be counted in this metric, users need to be licensed for Teams, Exchange Online, or Microsoft 365 apps.
• Meetings: This area measures how effectively meetings are used across your organization. Meetings are evaluated against practices such as scheduling meetings at least 24 hours in advance, sharing agendas, and the percentage of invitees that actually show up to the meetings. Other features include measuring interactivity (hand-raising, chat, reactions, or sharing content) during the meeting as well as whether or not attendees are participating via audio or video. Users must be licensed for Microsoft Teams to be included in this metric.
• Teamwork: This area is used to measure how people are collaborating in Teams and using shared workspaces (such as teams, channels, Microsoft 365 groups, and SharePoint sites). In order to be counted for this metric, users must be licensed for Exchange Online, SharePoint, or Microsoft Teams.

In addition to users requiring licenses to be assigned, they also need to be active in a service at least once every 28 days to get counted for that service. You can use Adoption Score to review how people are using the Microsoft 365 service and provide coaching on best practices to get the most out of the platform.

Technology Experiences

The technology experiences category focuses on areas relating to the devices that people are using to access Microsoft 365 services:

• Endpoint analytics: This area provides insights into the overall performance data of devices that are enrolled in Intune or Configuration Manager with tenant attach. The performance metrics include things such as boot time, how long it takes to sign in and get to a responsive desktop, how much time is spent processing Group Policy, how often applications hang or crash, and the number of active devices that have launched a particular app during the past 14 days. The endpoint analytics reporting has special requirements, such as particular versions of endpoints and being either Azure AD joined or hybrid Azure AD joined, as well as licensed for Intune or Microsoft Endpoint Configuration Manager.
• Network connectivity: These metrics provide insights into factors involving network communication between your endpoints and the Microsoft 365 platform. Specific network requirements must be met, such as configuring networks in the Microsoft 365 admin center and enabling location data collection features. For more information on the prerequisites for enabling network connectivity reporting, see https://learn.microsoft.com/en-us/microsoft-365/enterprise/office-365-network-mac-perf-overview?view=o365-worldwide.
• Microsoft 365 Apps: View insights on how many devices across your organization are up to date with their Microsoft 365 app deployments.

The technology experiences score reports can be helpful in gaining insight into how devices may be affecting the overall adoption and user satisfaction with Microsoft 365 services.

Special Reports

Finally, there is a lightweight version of the Business Resilience report (from Viva Insights) that is available to organizations that have at least 100 active Exchange and Viva Insights licenses. This report helps organizational leaders understand how to utilize remote work and maintain a work-life balance, the effectiveness of virtual meetings, and participation in Yammer communities.

In this chapter, you learned about the fundamental aspects and terminology of configuring a Microsoft 365 tenant, such as selecting a tenant type, adding domains, and configuring the basic organization settings. In Chapter 2, Managing Users and Groups, you will begin to learn how to manage the life cycle of an identity.

Benchmark Score: 75%

Apart from a solid understanding of key concepts, being able to think quickly under time pressure is a skill that will help you ace your certification exam. That’s why, working on these skills early on in your learning journey is key.

Chapter review questions are designed to improve your test-taking skills progressively with each chapter you learn and review your understanding of key concepts in the chapter at the same time. You’ll find these at the end of each chapter.

Before You Proceed

You need to unlock these resources before you start using them. Unlocking takes less than 10 minutes, can be done from any device, and needs to be done only once. Head over to the start of Chapter 7, Managing Security Reports and Alerts by Using the Microsoft 365 Defender Portal in this book for instructions on how to unlock them.

To open the Chapter Review Questions for this chapter, click the following link: https://packt.link/MS102E1_CH01. Or, you can scan the following QR code:

Figure 1.32 – QR code that opens Chapter Review Questions for logged-in users

Once you login, you’ll see a page similar to what is shown in Figure 1.33:

Figure 1.33 – Chapter Review Questions for Chapter 1

Once ready, start the following practice drills, re-attempting the quiz multiple times:

Exam Readiness Drill

For the first 3 attempts, don’t worry about the time limit.

ATTEMPT 1

The first time, aim for at least 40%. Look at the answers you got wrong and read the relevant sections in the chapter again to fix your learning gaps.

ATTEMPT 2

The second time, aim for at least 60%. Look at the answers you got wrong and read the relevant sections in the chapter again to fix any remaining learning gaps.

ATTEMPT 3

The third time, aim for at least 75%. Once you score 75% or more, you start working on your timing.

Tip

You may take more than 3 attempts to reach 75%. That’s okay. Just review the relevant sections in the chapter till you get there.

Working On Timing

Target: Your aim is to keep the score the same while trying to answer these questions as quickly as possible. Here’s an example of how your next attempts should look like:

Table 1.5 – Sample timing practice drills on the online platform

Note

The time limits shown in the above table are just examples. Set your own time limits with each attempt based on the time limit of the quiz on the website.

With each new attempt, your score should stay above 75% while your time taken to complete should decrease. Repeat as many attempts as you want till you feel confident dealing with the time pressure.