AvePoint Cloud Governance June 2023
General Availability Date for the Commercial Environment: June 11, 2023
General Availability Date for the U.S. Government Environment: June 18, 2023
What’s New in the New Cloud Governance Admin Center?
General Updates
- AvePoint Cloud Governance now provides the **Groups report** and **Shared mailbox** report entrance for IT administrators to go to the corresponding report in AvePoint Entrust.
- IT administrators can now configure text validation rules in **Management** > **Profiles & templates** > **Text validation rules**. The configured regular expressions and blocked words will be used to validate entered metadata values on the request page.
- IT administrators can now configure whether to enable the welcome email for Microsoft 365 Groups, Microsoft Teams, or Yammer communities respectively.
- When configuring the group filters in people picker filter profiles, IT administrators can now add the **Group** **types** condition to specify Microsoft 365 Groups, distribution groups, security groups, and/or mail-enabled security groups as the people picker scope.
- After IT administrators edit the **Choice** metadata and select to update the metadata changes, they can now choose to keep the current default value and assignment that are configured in existing services or profiles.
- In **Workspace report**, IT administrators can now search for desired views.
- An email address is now displayed for person or group metadata in the workspace report and guest user report.
- IT administrators can now choose to show the **Site template** column on the workspace report page to view the site template of the object.
- The escalation profile is no longer a required setting in automatic import profiles.
Microsoft 365 Group/Microsoft Team Management
- A new Profile model now supports automated escalation profiles for Microsoft 365 Groups and Microsoft Teams.
- The Create Microsoft 365 Group and Team lifecycle management services are now available in dynamic services.
- Shared channel renewal can now be enabled in a team renewal profile.
- When configuring a Change private channel settings service, IT administrators can now enable the **Change private channel site storage** setting.
Distribution Group/Security Group/Mail-enabled Security Group/Shared Mailbox Management
- Common escalation profiles and contact election profiles can now be configured for distribution groups, security groups, mail-enabled security groups, and shared mailboxes.
- Azure AD group and shared mailbox automatic import profiles can now be configured to discover and automatically import new distribution groups, security groups, and mail-enabled security groups in a defined schedule.
- Renewal profiles can now be configured and applied to distribution groups, security groups, and mail-enabled security groups, and shared mailboxes to determine the schedule and governance details that must be confirmed when a group or mailbox goes through the renewal process.
- The Azure AD group lifecycle management service is now available in dynamic services to delete distribution groups, security groups, and mail-enabled security groups.
- The Change Azure AD group ownership or membership service is now available in dynamic services to update ownership or membership of distribution groups, security groups, and mail-enabled security groups.
- When configuring a Create distribution group, Create security group, Create mail-enabled security group, or Create shared mailbox service, IT administrators can now define a contact election profile for the service.
- When configuring a Create distribution group service, IT administrators can now define the following settings for the service:
- Group renewal
- Group contact election
- Message approval
- Send as
- Send on behalf
- When configuring a Create shared mailbox service, IT administrators can now define the following settings for the service:
- Send as
- Send on behalf
- Shared mailbox contact election
- Shared mailbox renewal
- The support account can now access the AvePoint Cloud Governance new admin center to help troubleshoot issues.
What’s New in the Classic Cloud Governance Admin Center?
- The Manage Permissions service can now be configured to manage permissions of group team sites.
What’s New in the End User Portal?
- In **Workspaces**, business users can now view and manage the Power Apps they own or they are responsible for.
- Business users can now request to delete or archive the locked site collections when managing automatic lifecycle management tasks for the site collections.
- The removed users are now greyed out when business users review the sharing links in a Microsoft 365 Group/team renewal task.
General Updates
- AvePoint Cloud Governance now follows the session timeout setting configured in AvePoint Online Services.
- AvePoint Online Services now provides the following services apps for AvePoint Cloud Governance:
- Cloud Governance for Microsoft 365
- Cloud Governance for Exchange
- Cloud Governance for Power Platform
- Cloud Governance delegated app
- Yammer
- Cloud Governance supports AvePoint Online Services single sign-on (SSO) whether users sign in to Cloud Governance by clicking the Cloud Governance app in AvePoint Online Services or via URL. Currently, with the trusted IP address setting enabled in AvePoint Online Services, if the IP address of the user who signs in to Cloud Governance web portal (both of the end user portal and admin center) is not a trusted IP address, the sign-in process will fail.
Additionally, after the June 2023 release date, if the IT administrator has never consented the AvePoint Online Services app on behalf of business users yet, business users may fail to sign in to the Cloud Governance web portal (both of the end user portal and admin center). As an IT administrator, please re-authorize the AvePoint Online Services app, referring to the instructions in [What If Your Tenant Does Not Allow Users to Consent to Apps?](https://cdn.avepoint.com/assets/webhelp/avepoint-online-services/index.htm#!Documents/whatifyourtenantdoesnotallowuserstoconsenttoapps.htm).
- Microsoft announced that as of July 1st, 2023 Remote PowerShell (RPS) connections to Exchange Online PowerShell will be deprecated. AvePoint Cloud Governance will switch from RPS to Exchange Online PowerShell V3 to prevent potential service impacts. If you use any of the following settings as part of Teams/Groups creation service, you need to ensure you consent the Cloud Governance for Exchange app. The specific settings are:
- Outlook Experience
- Welcome Email
- Team ID
You can go to AvePoint Online Services > **App management** to add this app to your tenant. If you are using a custom Azure AD App, you need to add the **Exchange.ManageAsApp** permission and assign the **Exchange Administrator** role to the app to ensure these settings can be managed by Cloud Governance. For detailed instructions on how to assign the role, refer to [How to Assign the Exchange Administrator Role to an App?](https://avepointcdn.azureedge.net/assets/webhelp/avepoint-online-services/index.htm#!Documents/howtoassigntheexchangeadministratorroletoanapp.htm)
Power Automate Update
- The Cloud Governance connector in Power Automate now supports OAuth, and users can choose **Azure Active Directory** or **Client Secret** as the **Authentication Type** to be used for authentication. The user account used for authentication must be a Cloud Governance application administrator.
Cloud Governance API Improvement
The following tables detail the Cloud Governance API updates, resource updates, and property updates accordingly:
| Change Type | API Name | Route |
|---|
| Addition | UpdateDenyAddAndCustomizePagesStatus | /admin/settings/office365/updatedenyaddandcustomizepagesstatus |
| Change Type | Resource Name | Description |
|---|
| Addition | ChangePrivateChannelQuotaModel | |
| Addition | GroupLifecycleValidateResult | Added the approvalProcessHasManagerRole property. |
| Addition | Int64ChangedProperty | |
| Addition | MyExchangeResource | Added the following properties:- hasSubmitted- hasPendingApprovalTask |
| Change | ChangePrivateChannelRequest | Added the following properties:- enableChangePrivateChannelQuota- quotaStorage- quotaStorageUsed |
| Change | ChangePrivateChannelService | Added the changePrivateChannelQuotaSetting property. |
| Change | MySharedMailbox | Added the following properties:- alias- hasSubmitted- hasPendingApprovalTask |
| Change | SiteLifecycleValidateResult | Added the approvalProcessHasManagerRole property. |
| Change | TextValidationRuleRef | Added the following properties:- type- modifiedBy- blockWord |
| Change | WorkspaceList | Added the webLink property. |
| Change | TaskReport | Added the taskTypeDescription property. |
| Change | WorkspaceGridModel | Added the following properties:- siteTemplate- siteTemplateTitle |
| Change Type | Property Type | Property Name | Description |
|---|
| Addition | Enum | ChangePrivateChannelQuotaType | |
| Addition | Enum | TextValidationType | |
| Change | Enum | TaskResult | Added the UnknownChannelTaskStatus property value. |
| Change | Enum | ServiceType | Added the following property values: - RenewSharedChannel- DeleteGenericRenewalProfile- DeleteSharedMailboxRenewalProfile- AutoImportSecurityGroup- AutoImportSharedMaibox- RenewSecurityGroup- RenewSharedMailbox- ApplyGenericProfile- RestartGenericRenewal- ApplySharedMailboxProfile- RestartSharedMailboxRenewal- RenewMailEnabledGroup- RenewDistributionList- SecurityGroupLifecycle- DistributionListLifecycle- MailEnabledGroupLifecycle- SharedMailboxLifecycle- SecurityGroupElection- MailEnabledSecurityGroupElection- DistributionListElection- SharedMailboxElection- AutoImportMailEnabledGroup- AutoImportDistributionList- SpecifyExchangeResourceContacts- ExchangeResourceReassignRenewalTask- ApplyGenericInformation- ApplySharedMailboxInformation- SyncPowerApp- RemovePowerApp |
| Change | Enum | TaskType | Added the following property values: - RenewGeneric- RenewSharedMailbox- AutoImportSharedMailbox- RenewSharedChannel- AutoImportGeneric |
| Change | Enum | ApiUserType | ● Added the AzureADGroup property value. |
| Change | Enum | MessageCode | Added the following property values: - ExchangeResourceNotInAos- ExchangeResourceNotInScope- TeamLifecycleNoAvaliableAction- GroupNotExistInAzureAD |
| Change | Enum | ExternalSharingOptions | ● Added the CrossTenantUser property value. |
| Change | Enum | TreeNodeType | Added the following property values: - SecurityGroup- DistributionList- MailEnableGroup- SharedMailbox- SharedChannel |
| Change | Enum | PrincipalType | ● Added the AzureADGroup property value. |
| Change | Enum | RequestProgressStatus | Added the following property values: - UpdateGroupOwners- UpdateGroupMembers |
| Change | Enum | WorkerObjectType | Added the following property values: - SecurityGroup- DistributionList- MailEnableGroup- SharedMailbox |
| Change | Enum | WorkspaceStatus | ● Added the Quarantined property value. |
