MFA with Guest Access and different tenants settings

There is an update regarding MFA Multi Factor Authentication.

If you are guest with a different Tenant, the MFA Settings are now reflecting the settings of all tenants in a different way.
Each MFA setting is reflected and you can setup your MFA device as per tenant and the admin settings allow.

Login to your Profile in Office 365/ Azure AD:

Go to your PROFILE:

Sign in to
Select your account name in the top right, then select profile.
Select Additional security verification.

If might be happen, your admin hast configured MFA, so you wouldn't see this menu.
Simply switch the tenant to the guest tenant where you need to configure MFA.

Once you go back to your profile and you will find the MFA device and other settings a usual:

MFA User cannot access Mobile Phone e.g. lost phone (work around)

One-time bypass  is the solution:
The one-time bypass feature allows a user to authenticate a single time without performing two-step verification. The bypass is temporary and expires after a specified number of seconds.
In situations where the mobile app or phone is not receiving a notification or phone call, you can allow a one-time bypass so the user can access the desired resource.

Create a one-time bypass

Sign in to the Azure portal as an administrator.

Browse to Azure Active Directory > MFA Server > One-time bypass.
Select Add.
If necessary, select the replication group for the bypass.
Enter the username as
Enter the number of seconds that the bypass should last.
Enter the reason for the bypass.
Select Add.
The time limit goes into effect immediately.
The user needs to sign in before the one-time bypass expires.

View the one-time bypass reportSign in to the Azure portal.
Browse to Active Directory > MFA Server > One-time bypass.


Microsoft Phone System Voicemail with Teams

Recently Microsoft started changing their Office 365 environment utilizing more Azure based service. One of the first services moved into an Azure model was the Exchange Voicemail service. It now resides in Azure.
This service as a product is now named Microsoft Phone System Voicemail.
The works with Skype for Business and Teams in the following setups with either PSTN Calling (Microsoft cloud based PSTN) or PSTN Hybrid Voice (PSTN On-Premise)

Calling Plan Hybrid Voice (PSTN On-Prem) Skype for Business YES YES Teams YES NO

Next, we need to consider the correlation with Exchange UM and Phone System Voice Mail.
Voicemail Option with Skype for Business and Teams
Exchange UM Phone System Voicemail
Exch UM On-Premise Exch UM online User Mbx homed Exch On-Premise

Active Directory Object missing (AAD) with Teams/ Skype for Business online

This reported issue "Active Directory Object missing" is most likely happen if your run an Office 365 Tenant smaller than RING 4. Mainly TAP Tenant. 
Else if you experience those issues within your Customer Tenant, simply follow the same procedure.
It can be with any objects, which have a correlated AAD object. (AAD = Azure Active Directory)

The problem occurs, if there are any inconsistence between the AAD and CMS objects. Saving the configuration from CMS into the AAD object is what’s happening in the background and will therefore solve the issue.

First login to you Office 365 Tenant and navigate to Skype for Business Admin Center (later Communication) and locate the object having this issue...

 Next open the object and press "Edit"

Once the object configuration opens, don't change anything and click "Save"

Now the object configuration will be saved to AAD 
If a message like this "Active Directory object for location the xxx requires re-provisioning&quo…

Change Authentication Code Phone Number if Teams ask for verification

If you setup your MFA, make sure you provide a 2nd phone number for recovery!

If you are switching to one of your guest tenants or in some other cases, Teams ask for a Microsoft Secure Code, sending those digit to your registered phone number.

This feature for securing your account is part of the your Azure AD user settings, which requires you committing changes there.

You have 4 options, you can chose from receiving the Microsoft Authenticator Token:
- Authentication Phone
- Office Phone
- Alternate authentication phone
- Authenticator app

Either one or multiple Authenticators you might have set and need to change them according to your need.

Sign in to your account name in the top right, then select profile. Select Additional security verification.
It is important to configure a secondary authentication phone number. Because your primary phone number and your mobile app are probably on the same phone, the…

Focused Mailbox not shown - solution

You might have experienced two issues related with not having the FOCUSED MAILBOX shown on your Outlook client.

- Either its not shown on all client
- or its shown one one client but on another not

First you need to have activated Outlook with an account related to a dedicated Office 365 tenant where focused mailbox is enabled on a Organization Level.
Even if one client shows up focused mailbox and another not, simply changing the accounts to the same subscription account will not activate the focused mailbox.

It all comes back to the same solution:

To check whether your focused inbox is turned on, please run powershell commands referring to the steps below and send us a screenshot. Please be informed that you need to involve your admin to perform this.

1. Connect to Exchange Online PowerShell.

2. Run the following commands:
Get-FocusedInbox –Identity “ email address” Get-OrganizationConfig | fl *focus*

You must activate it on your Exchange Org:
Get-OrganizationConfig -FocusedInbox…

Office 365 Group Calendar in Teams

I stepped over an interesting possibility, making TEAMS more to your prefered Modern Workplace Team Tool.

You are able to add your Teams Calendar (from Office 365 Groups) into a Apps Tab.

This enables you to seeing your related appointment faster.

Disadvantage is, you can navigate through Outlook Web App as usual. This is generally not an issue an further more, it allows you also writing emails from within TEAMS!
Not, you only see in OWA the content from the user you logged in with.

Ok, lets start:

Got to Outlook Web App

go to your Group Calendar related to your TEAM. Copy the entire URL...

Open TEAMS and click "add" new App

Chose "Website"

Name the Tab "Calendar" Paste the URL Click Save

You are ready and will see the Teams Calendar now within teams

Hope you find this helpful and experiment with more possible Tabs/ Apps in Teams.