Cloud-based policy management service for Office 365 ProPlus

Capture

Earlier today, Microsoft released a preview of the Office client policy service to help manage policies for all Office 365 ProPlus users in an organization, this has previsoly only been a solveable trough the use Group Policy or ADMX backed policies using Intune or any other type of MDM solution. The good thing about this service is that it can push policies without the use of MDM (Intune) or traditional services (Such as Group Policy) to handle the policies.

policies.png

Now there are also some other requirements besides having Office ProPlus.

  • At least Version 1808 of Office 365 ProPlus.
  • User accounts created in Azure Active Directory (AAD). The user must be signed into Office 365 ProPlus with an AAD-based account.
  • Security groups created in Azure Active Directory (AAD), with the appropriate users added to those groups.

The service allows us to define policies and assign these policies to users via Azure Active Directory security groups.  Once defined, policies are automatically enforced as users sign in and use Office 365 ProPlus. This can be either Azure AD only based users or Azure AD Synced Groups.

NOTE: There are 1636 Policies available, but currently the UI is missing a good way of filtering based upon application

office client

So you can define policies from the list, ufortunetly there is no way to filter based upon applications, you just need to search based upon the list that is available in the ADMX file here https://www.microsoft.com/en-us/download/details.aspx?id=49030 and find the different settings you need.

office client 2

Once a policy is configured, it will trigger once being signed into just one of the Office 365 ProPlus apps which will trigger the policy sync which will sync all policies assigned for that user.  OneDrive is excluded as it is not part of the Office 365 ProPlus activation process.

This service is now available as a preview for all organizations with Office 365 ProPlus (Such as Office 365 E3).  If you are an administrator, you can start using this service by signing into the Office client management portal

It is important to understand that this feature is only aimed at user-based policies for Office 365 ProPlus. Group Policy can manage both user-based and machine-based policies and is limited to a subset of the user based policies. Now the good thing about this service is that as new user-based policy settings will be made available for Office, the  service will automatically add them, which means that we don’t need to download any new updated Administrative Templates files (ADMX/ADML).

You can read more on the documentation page here –> https://docs.microsoft.com/nb-no/DeployOffice/overview-office-client-policy-service

You May Also Like

About the Author: Marius Sandbu

Leave a Reply

Your email address will not be published. Required fields are marked *