Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

In recent weeks, Microsoft has started making clearer its intentions around what ultimately will be major changes to its client-management portfolio. Some of these are imminent; others are still likely years away. In any case, it’s not too soon to start making a plan for Microsoft’s inevitable move to cloud-based management.

Earlier this month, Microsoft announced (in a typical bad-news drop on a Friday) that it is deprecating its Windows Server Update Services (WSUS) updating mechanism. “Deprecated,” as Microsoft uses the term, “refers to the stage in the product lifecycle when a feature or functionality is no longer in active development and may be removed in future releases.”

This new phase for WSUS shouldn’t be surprising to anyone who follows Microsoft, as WSUS hasn’t received noticeable new features in years. However, WSUS is still part of how a number of Microsoft business customers use Configuration Manager to update Windows clients.

In its September 20 blog post, Microsoft notes the WSUS deprecation does not (yet) impact support for Configuration Manager, and that the WSUS role will remain in Windows Server 2025, which is slated to ship later in 2024. However, Microsoft’s guidance to customers who are willing to stick with Microsoft’s products and services is to begin transitioning to Windows Autopatch and Intune for client update management and Azure Update Manager for server update management.

None of Microsoft’s suggested replacements is entirely free (but neither is WSUS, if you take Client Access Licenses and other prerequisites into consideration). Intune, Windows Autopatch and Azure Update Manager all require subscriptions and Internet connections — something that a number of commentators on Microsoft’s blog post pointed out angrily and repeatedly.

Microsoft isn’t yet providing guidance on precisely when it will discontinue WSUS. However, given it will be part of Windows Server 2025, it seems fairly safe to assume that Microsoft will continue to support it for years, since Windows Server 2025 gets five years of mainstream and five years of extended support.

Speaking of Windows Autopatch…

Microsoft also is making changes to its Windows Autopatch service — specifically, merging the Windows Update for Business (WuFB) deployment service into it. This change is slated to roll out between mid-September and mid-October 2024.

Windows Autopatch is one of a number of ways for customers to manage updates for Windows, Microsoft 365 Apps for Enterprise, Microsoft Edge and Teams. Microsoft officials say by merging Autopatch with the WuFB deployment service, it is creating “a more cohesive and streamlined update experience” for enterprises. Customers can access the new unified Autopatch via the Intune admin center to update policies, groups, status and reports.

However, existing WuFB customers have a lot of questions about exactly what this merger means. Based on responses to Microsoft’s September blog post about the change, it sounds as though existing Windows Update for Business enterprise customers will start configuring their mobile-device management under the Autopatch brand, but they won’t automatically get all the current Autopatch capabilities without having Windows 10/11 Enterprise E3, E5, or F3 included as part of their Microsoft 365 E3, E5, or F3 licenses.

When ‘Customer Feedback’ Wins

While negative customer feedback didn’t shift Microsoft’s plans around WSUS and the Windows Update for Business deployment service, it did impact another client-management change Microsoft announced recently with not much heads-up.

Microsoft’s Intune team blogged on September 16 that Microsoft had decided to change the Windows mobile-device-management (MDM) “enrollment experience” so that security fixes, plus updates to existing features would be automatically downloaded and installed on Windows 11 devices running 22H2 and higher that were connected to an MDM service like Intune.

Microsoft officials said at that time that this would start happening with “the coming October Windows update” whether devices were pre-registered with Windows Autopilot or not. They also said there would be no option to control or disable the updates applied during the set-up experience, and that the new process would lead to longer initial set up times as various updates were applied.

But on September 20, Microsoft updated the original announcement blog post to note that, based on customer feedback, this change will not happen until the team finds a way to make sure IT admins would be in control of the new experience.

“Customers need to stay mindful of Microsoft announcements — particularly heading into weekend news dump time — as Microsoft is clearly trying to begin clearing the decks of some legacy technology in favor of cloud-based services that have been gradually replacing them,” advised Directions on Microsoft analyst Wes Miller.

Related Resources

WSUS Deprecation Announced

Microsoft Deprecated WSUS: Should You Care?

Windows Update for Business is merging with Windows Autopatch

Windows Autopatch Prerequisites and Licensing

Important changes to the Windows enrollment experience coming ‘soon’

Microsoft has quietly relented and added Power BI Report Server dual-use rights for high-end Fabric deployments, restoring a right that was initially removed when the company announced the retirement of Power BI Premium licensing. The reversal will help customers using the dual-use rights avoid a significant budget increase when the migrate to Fabric.

What Is Power BI Report Server?

Before we start, let’s talk about Power BI Report Server. This is a special edition of SQL Server Reporting Services that can host Power BI report alongside the usual Reporting Services reports. Yes, it’s the same Reporting Services product orgs have used for years and could help a company that wants to use Power BI technology but needs to keep some reports close to home for regulatory or performance reasons. Power BI Report Server can even replace an existing SQL Server Reporting Services deployment as long as the customer is willing to accept Power BI Report Server’s quarterly updates.

How It All Started

In Mar. 2024, I wrote about how Power BI customers are being forced into Fabric licensing. At the time Microsoft had just announced the retirement of several Power BI licensing and purchasing options by the end of the year, retirements that will require customers to purchase new Fabric licensing and migrate existing workspaces. (The announcement is here https://powerbi.microsoft.com/blog/important-update-coming-to-power-bi-premium-licensing/; however, Microsoft has changed the wording and removed various sections, along with all comments.)

As part of that announcement, the company said it planned to drop a dual-use right that allowed customers to use a Premium P subscription for both a cloud deployment and to cover the licensing of an on-premises Power BI Report Server. Dropping dual-use rights had a big impact on customers already using the benefit. It meant that when Premium P customers migrated to Fabric, they would have to purchase expensive SQL Server Enterprise edition core licenses with Software Assurance to license their existing Power BI Report Server deployments back. 

For a Power BI Report Server licensed for eight vCores that would be an upfront cost of US$60,492 for SQL Server Enterprise and an annual SA subscription of US$15,123. Considering the licenses were already included in a Premium P1 subscription that cost customers US$60,000 per year, this would result in costs more than doubling for the first year and a 25% increase for subsequent years. Not a minor change.

A Bogus Claim

In the original announcement, Microsoft justified the removal of dual-use rights by saying “Fabric capacity is not compatible with Power BI Report Server.” The incompatibility claim was always suspicious because licensing Power BI Report Server with the dual-use right was just a matter of paperwork, not technology. The server never required a connection to the Power BI service, exchanged data, or had any other technical dependency or limitation.

Perhaps Microsoft was trying to claim that Fabric Capacity Units (CUs) were not compatible with Power BI Report Server core counts, but that does not make sense either. Microsoft officials went out of their way to show how Fabric CUs map to Power BI Premium vCores so that customers could understand which Fabric SKU to purchase. https://learn.microsoft.com/en-us/fabric/enterprise/licenses#capacity

Regardless of the original justification, it appears enough customers called foul that Microsoft quietly changed its position. 

Going Forward

The way Power BI Report Server dual-use rights are implemented for Fabric appears to be the same as for Power BI Premium P with some nuances added to address the way Fabric is purchased. I say appears, because some of the licensing details are still incomplete.

What we do know is that high-end Fabric capacities (F64 and higher) that are purchased using capacity reservations have dual-use rights, and customers can use the equivalent vCore counts to cover Power BI Report Server deployments. The number of vCores provided with each Fabric SKU are not specified in the licensing details; however, it seems logical that the number of vCores will be based on the Fabric CU to Power BI vCore table I mentioned above, which coincides to how Premium P provided dual-use rights:

Customers currently using the dual-use rights contact their Microsoft representative before migrating to Fabric and get the specific vCore count details in writing to ensure they are covered for the duration of their volume licensing agreement.

Related Resources

Power BI Report Server licensing in Licensing Reference Set (Directions members only)

Fabric in the Database, Analytics, and AI/ML Roadmap (Directions members only)

Power BI in the Database, Analytics, and AI/ML Roadmap (Directions members only)

On October 14, 2025, Microsoft will no longer support Windows 10. Despite the rapidly approaching deadline, far fewer than half of all Windows users are running Windows 11, according to various metrics.

Microsoft is counting on new, primarily consumer-focused Copilot features to attract customers to Windows 11 24H2 —which begins rolling out today, October 1. Along with its PC maker partners, Microsoft is trying to convince organizations that Copilot+ PCs, which are PCs with dedicated neural processing units (NPUs) designed to help with AI tasks, are a good reason to make the move to the latest Windows release.

But for commercial customers, there are a few other capabilities under the hood that might get them more interested.

For example, the promised Windows 11 Enterprise Long Term Servicing Channel (LTSC) 24H2 edition is available as of today. The LTSC release is meant for special-purpose, locked-down systems but some customers still do prefer it to the constantly updated Windows releases – a position that neither Microsoft nor Directions on Microsoft endorses. (Windows 11 IoT Enterprise LTSC 2024 is available starting today, as well.)

When running on Qualcomm Snapdragon X and certain qualifying Intel and AMD processors, Windows 11 24H2 also has substantially better battery life in real-life scenarios (not just watching videos), according to early adopters and testers. And the 24H2 release includes some potentially useful security enhancements, such as SHA-3 cryptographic support; a protected Windows print mode; Local Administrator Password Solution (LAPS) policy improvements; and Server Message Block (SMB) changes.

For those developers interested in using Windows to create AI-infused Windows apps, the Windows Copilot runtime layer is also available. The runtime integrates 40 different AI models and the Windows Copilot Library of programming interfaces that can be integrated into apps.

However, Microsoft is downplaying these features and instead is focusing on its revamped Copilot (the Copilot formerly known as Bing Chat, for those confused by the myriad things labeled “Copilot”) as well as Copilot “experiences” (meaning apps) like its Recall application that Microsoft recently revised so that it provides a level of security and privacy guardrails missing when it was first announced earlier this year.

Talk to the Copilot

Starting this month, Windows Insider testers who have Arm-based Copilot+ PCs will be able to start testing a preview of Recall. Those who have Intel Core Ultra 200V Series and AMD Ryzen AI 300 Series systems will need to download and install free updates available for these Copilot+ PCs to be able to start testing the Recall preview via the Insider program in November. Microsoft has not yet shared a date when it will make Recall generally available to Copilot+ PC customers.

Recall, for those needing a refresher, is an app designed to help customers find information stored on their PCs during previous work by taking constant snapshots of the user’s desktop. Microsoft has said Recall will be off by default and able to be uninstalled permanently. Microsoft updated Recall so it leverages Windows Hello Enhanced Sign-in Security to authorize Recall-related operations. Within Recall, the services that operate on screenshots and associated data or perform decryption operations reside within a secure VBS Enclave, officials said.

There are other apps and features Microsoft is adding for Windows 11 24H2 customers with Copilot+ PCs. The previously announced Windows Studio Effects and Voice Clarity features remain Copilot+ PC-exclusive. Microsoft also announced today some potentially useful updates to Windows Search, which will enable natural-language searches across File Explorer, Settings and other Windows components. Microsoft officials said these Windows Search improvements will be limited to Copilot+ PCs because the new search models will be downloaded to Copilot+ PCs and will leverage the NPU.

Microsoft has made some big changes to Copilot in Windows since it was originally announced earlier this year. Copilot in Windows is now an installable app, not an integrated part of the operating system. Copilot in Windows no longer will take action on behalf of users by performing tasks such as turning on Dark Mode when requested. Instead, Copilot in Windows now just provides customers with suggestions and steps and does little, if anything, more than the base Copilot. In a nod to the diminished feature set of Copilot in Windows, Microsoft is enabling customers to configure the Copilot key so that it automatically opens any Store app packaged as an MSIX package.

The updated Copilot also is starting to make use of voice as an input and output (similar to what OpenAI’s ChatGPT does). Even though very few Windows users seem to be interested in talking to their PCs, the Copilot iOS and Android apps and the copilot.microsoft.com web site also now can use voice input/output, which might be of more interest to those accustomed to asking questions on their phones via voice.

The Copilot voice feature can’t help with tasks like reading Outlook email messages back to users (something that Microsoft’s discontinued Outlook mobile “Play My Emails” feature used to offer via Cortana) and there’s no indication if or when it will. Instead it is designed to be more like a chatty companion. (Microsoft says the new Voice preview in Copilot will provide “not only information but encouragement, feedback, and advice as you navigate life’s everyday challenges – no matter how big or small.”)

Microsoft also is adding a “Vision” feature to Copilot, which allows customers to chat with it using voice about content on users’ screens. Microsoft officials say they are starting slow and limiting this preview feature to work only with a subset of popular websites (and not sensitive or paywalled content). This also feels more gimmicky than useful to me, but your mileage may vary….

The Windows 11 24H2 Fine Print

The Enterprise and Education editions of Windows 11 24H2 get 36 months of support, starting today. (Home, Pro, and other editions get 24 months.) Windows 11 24H2 is available through Windows Server Update Services (including Configuration Manager), Windows Update for Business, and the Microsoft 365 Admin Center. Microsoft recommends commercial organizations do targeted, controlled deployments at this time to make sure apps and devices work with the new release.

Windows 11 24H2 is not an enablement-package release, which means it does require a full OS swap and not a smaller update. Devices must be running Windows 11 23H2 or 22H2 with the May 2024 non-security preview update installed in order to update to version 24H2. Customers also can upgrade directly from Windows 10 to Windows 11 24H2 by using the target-version capability in the Windows Update for Business Deployment service and feature update deployments in Windows Autopatch.

Windows 11 Enterprise LTSC 2024, which is supported for five years, is available as a per user or per device license model depending on the Volume Licensing program through which it is acquired. Windows 11 IoT Enterprise LTSC 2024, supported for 10 years, is available through OEMs and directly from Microsoft through Volume Licensing.

Related Resources

What’s New for IT Pros in Windows 11 24H2

What’s New in Windows 11 Enterprise LTSC 2024

Microsoft Recall, Take 2

New experiences coming to Copilot+ PCs and Windows 11

It’s no secret that Microsoft developed its own Linux distribution, originally named “CBL-Mariner,” which it made generally available in 2023 as “Azure Linux.” Microsoft has touted Azure Linux as a lightweight distro, tuned for performance and security, which is meant for Microsoft internal use in its own first-party services and edge-computing appliances.

But I’m increasingly wondering whether that positioning is about to change. Right now, commercial customers can get access to Azure Linux as part of the Azure Kubernetes Service (AKS), where it functions as a container host OS, supporting both x86 and Arm. The code for Azure Linux is also publicly available under an MIT license on GitHub.

But what if Microsoft made Azure Linux available to customers for use directly in their own VMs and/or on bare-metal servers — basically making it an alternative to commercial Linux distros like Red Hat, Ubuntu and SUSE?

Until recently, I didn’t think this would happen because, as I and others have mused: “Does the world really need yet another Linux distro?” (And especially one from Microsoft?)

Consider the clues

Here are a few of the growing number of clues that lead me to think this actually might happen:

More than 60 percent of Microsoft customer cores run Linux workloads in VMs and containers on Azure (as of May 2024, according to Microsoft). In other words, more customer compute in Azure is running Linux on Azure than Windows Server on Azure. Distributions supported by Microsoft include Ubuntu, Debian, Kinvolk/Flatcar, Oracle Linux, Red Hat and SUSE. Microsoft also offers hundreds of preconfigured images and Linux workloads in Azure Marketplace.

Microsoft currently has no direct competitor to Amazon Linux. Amazon Linux 2023 (AL2023) enables customers to “develop and run cloud and enterprise applications in a secure, stable, and high-performance runtime environment. Also, you get an application environment that offers long-term support with access to the latest innovations in Linux,” according to the AWS site. AL2023 is provided at no additional charge. In addition to running directly on Amazon EC2, Amazon Linux can also be run as a virtualized guest in KVM, VMware and Hyper-V.

Microsoft has no immediate plans to release a version of Windows Server on Arm. Internally, Microsoft does run Windows Server on Arm, officials have said. But recently, a company representative went public saying the Windows Server 2025 release will not include a version for Arm, though the company continues to evaluate future directions. Having an Azure Linux release available on Arm would give Microsoft a way to keep its finger in the commercial Arm server pie.

LinkedIn recently deployed Azure Linux internally as a replacement for Red Hat’s CentOS7, which is no longer supported as of June 2024. As of April 2024, Azure Linux is running “nearly all of LinkedIn’s servers, virtual machines, and containers,” according to a recent LinkedIn blog post. Yes, LinkedIn is technically part of Microsoft. But both Microsoft and LinkedIn continue to act as if LinkedIn is a separate company (except when it comes to earnings time). And the LinkedIn Azure Linux effort, on which teams from other parts of Microsoft and LinkedIn have collaborated for the past year, includes Azure Linux deployed on bare-metal servers.

Microsoft isn’t denying this could happen. After reading the LinkedIn post on the move to Azure Linux, I asked Microsoft about my theory. The response from a company spokesperson: “Azure Linux for VM or bare metal use is not available as a commercially supported offering today. Support is limited to AKS as the host OS.” Note the key word: “Today.”

If and when Microsoft does remove the current constraints on running Azure Linux commercially, it won’t be doing so to try to make money from Linux. Instead, it will try to skate to the puck. Microsoft wants to attract more customers to Azure and needs to offer what those customers want to use. Azure Linux could attract more of those customers who want to see more explicit support and commitment from Microsoft for those uses.

But the question remains: Will a vendor — that a long time ago (in a Steve Ballmer galaxy far, far away) tried to kill Linux — be considered a good steward for a Linux distribution? Given how much has changed in recent years at Microsoft, my vote is yes. But I’m curious what customers think….

Related Resources

Adopting Azure Linux as LinkedIn’s operating system

What is the Azure Linux Container Host for AKS?

What is Amazon Linux 2023?

Windows Server 2025 coming to Arm? Nope

In a podcast with my good friend Mary Jo Foley a few weeks ago, I made the perhaps outrageous claim that Microsoft’s increased support of computing at the edge may turn out to be more strategic than its embrace of AI. 

Really.

Don’t believe me? Read on.

Why “Edge Computing” Anyway?

Five years ago, the enterprise computing zeitgeist was “migrate all your IT systems to the cloud,” and in that time, well, most did. 

But there were some nagging problems. One size, as we came to learn, did not fit all.

Cloud Computing Implies Unpredictable Latency

Those factory IoT devices, for example, require what we call deterministic latency, which very simply means that you have run that drill press that punches out quarter panels every three seconds precisely, or maybe you’ll turn a worker’s arm into a car part. That precision means that it’s not such a good idea to control the press from a cloud application thousands of miles away sending commands over the open internet — where messages may take a different route, with varying numbers of hops –  every time.

Not All Systems Are Always Connected

Last year my wife and I enjoyed a Mediterranean cruise aboard the ultra-modern Celebrity Beyondand, being a geeky kind of guy, I signed up for the “behind the scenes” tour. Entering the engine control room, I expected to see a grimy, noisy compartment with grease-covered sailors manning the controls – something out of the movie Titanic, I suppose. Instead I saw rows and rows of keyboards and screens – and just one crewman running the whole thing. (I snapped the photo to the right.) 

Everything on the ship was connected: arranging tours and excursions, dinner reservations, shows and events. Because of course the ship spent most of its time at sea, all this processing had to be performed on board. 

And this “occasionally connected” scenario is quite common. In a remote location like a mine, for example, or an oil platform, connectivity may be unreliable. But the apps must still run.

Regulatory Compliance

Many countries require that data about their citizens be stored locally, and not in a public cloud elsewhere. That translates to the technical requirement that data be processed at its source; and that it must be anonymized or minimized before it or any part of it is sent to the cloud – and all that means organizations must have secure and sophisticated systems in those localities. 

Thus, as David Linthicum very correctly points out, more and more governments are considering so-called “sovereign” clouds, that is, “semipublic” data centers hosting cloud services just for those countries. (Of course, Azure’s GCC offerings provides a sovereign cloud for the US.) 

Putting All the Pieces Together

These scenarios – and there are countless more like them (retail stores, oil platforms and refineries, wind farms, hospitals, and so on) – add up to a common definition of the edge: computing systems that run in any location, that have predictable latency, and can support complex and varied application scenarios.

Nearly all edge systems will be connected, if occasionally or even rarely, to the cloud, so we’d like a common programming architecture and a common, centralized management model.

Microsoft at the Edge

Over the past few years Microsoft has rolled out a series of products and services which, in my opinion, position them ahead – way ahead – of their competitors when it comes to edge computing. 

Of these, several are especially significant:

Arc, which my colleague Jim Gaynor covers in depth in a forthcoming report (entitled “Azure Arc Has Tangible Benefits But Tethers Customers to Microsoft”), lets administrators deploy and manage Azure-connected edge resources from a single pane of glass. Arc can manage remote Linux, Windows, Kubernetes, SQL Server, Logic Apps, Container Apps, Functions, VMware vSphere – and many (many) others running at the edge, with more coming (for example, public preview for Azure Container Storage enabled by Arc Edge Volumes was announced just last week, enabling fault-tolerance, failover, and storage observability). 

Container Apps lets developers write containerized applications and run them in a serverless environment on the edge. And recently Microsoft announced that Logic Apps will be supported at the edge as containers running on Container Apps, so we can expect enterprise-class workflows like EDI/X.12 at the edge: perhaps useful for warehouse applications. Indeed: as more and more Azure services are containerized, we can expect to see them appear on the edge.

That’s a big deal.

Azure IoT Operations targets large-scale IoT applications. IoT Ops comes with OPC UA and MQTT interfaces (and supports others via Kubernetes Akri) and provides a data pipeline that lets developers process and filter IoT messages at the edge. Using Azure IoT Ops means your apps no longer have to send every message to Event Hubs in the Azure cloud – and thus you can get that deterministic latency we talked about earlier. (But a caveat: it’s been in preview now for almost a year, so perhaps approach with caution.) 

And by the way, all of these run on Linux as well as Windows. 

Let’s summarize.  At the edge (anywhere in the world, almost literally), using the aforementioned Microsoft products and technologies,  you can:

That’s pretty cool.

The Strategic Importance of the Edge

So why do I think edge computing is more strategic than AI for Microsoft? Because, as we look around, the enterprise computing market is saturated with AI, from not just every cloud vendor but from hundreds of smaller companies and startups as well. Switching costs are minimal: if you don’t like the answer from one of the copilots, go to any of the other LLMs. 

But edge systems are entrenched. Once a system is deployed, say, in a factory, it’s very difficult – and disruptive to operations — to rip it out and replace it, which is why there are still OLE for Process Control (OPC) Classic-based industrial automation systems (based on Windows DCOM!) still out there in the world. 

As customers seek to modernize their remote systems, they’ll find Microsoft’s edge story pretty compelling; and as they build applications that are connected and managed from Azure, that deeply embed Microsoft technologies like Azure IoT Ops and Arc, not to mention both local data analytics and filtering backed by Azure AI, they’ll ever more deeply establish the Microsoft edge in their environments. 

That’s pretty darned strategic and differentiating.

Disagree? Think I should be relegated to the edge? Drop me a line at bbriggs@directionsonmicrosoft.com.

 

 

 

On September 16, Microsoft provided an update on its Microsoft 365 Copilot deliverables via its “Microsoft Copilot Wave 2” virtual event. Some of the announcements it made today were rebrandings. Others were reminders about various Copilot features announced last year and earlier this year.

A primary focus of Wave 2 is on making Microsoft’s Copilots more collaborative, which, in Microsoft land, means Teams, SharePoint, and Loop are all involved. “Agents” — the favorite new buzzword of all tech companies looking for a piece of the AI pie — also are part of this next Microsoft Copilot wave.

Cutting Through Copilot Complexity

Because cutting through Copilot complexity is a team sport here at Directions on Microsoft, we created a cheat sheet for deciphering Microsoft’s Copilot Wave 2.

Our top callouts:

Microsoft 365 Copilot: In a rare moment of naming clarity, Microsoft officially is rebranding the product known as “Microsoft Copilot for Microsoft 365” to Microsoft 365 Copilot. This is not trivial. Up to this point, Microsoft officials have tried to make the case that there is a single Microsoft Copilot that lights up via different experiences across its personal and commercial products — which is a stretch. Microsoft is finally acknowledging that the Microsoft 365 Copilot family is not the same as GitHub Copilot, Dynamics 365 Copilot or any of the other Copilots.

Copilot in Excel: Copilot in Excel is, finally, officially GA (generally available) as of today. Microsoft officials said last year that Microsoft 365 Copilot was generally available as of November 1. They didn’t make it clear (though we at Directions did) that the Excel Copilot was not ready. Microsoft re-announced today that Copilot in Excel is going to be integrated with Python for advanced analysis (original announcement was September 2023) and a public preview of this is available now.

BizChat: The technology Microsoft is now calling “BizChat” in Microsoft 365 Copilot is not new. This capability, which allows the various Microsoft 365 Copilots to work together, along with customers’ data and web search results, was first announced over a year ago as “Business Chat.” Microsoft later changed its name to “Microsoft 365 Chat.” Now it is “Microsoft 365 Copilot BizChat” (not to be confused with Microsoft’s BizTalk Server integration solution.)

Copilot Pages: Copilot Pages — which Microsoft describes as a dynamic, persistent canvas in BizChat designed for multiplayer AI collaboration — actually is all about Microsoft’s Loop collaboration application. Copilot Pages are .loop files and share the same capabilities as Loop pages. When someone shares a page link to others from Copilot chat, recipients of the page link will open the Copilot page in the Loop app. Copilot Pages stay in sync, just like Loop pages, and up-to-date across the locations where they are shared, Microsoft says.

Copilot in SharePoint: Copilot in SharePoint, which is considered by Microsoft as part of Microsoft 365 Copilot, is now rolling out to customers. Microsoft is touting Copilot in SharePoint as being able to use natural language to edit and create sites and pages. It’s still missing a number of promised features, but Microsoft officials said many of these will come “later this year.” Microsoft originally announced Copilot in SharePoint back in May 2023.

Copilot in OneDrive: Copilot in OneDrive, plans for which Microsoft announced in October 2023, is also just now deemed as generally available and rolling out to customers. Copilot in OneDrive will allow customers to summarize files faster, generate FAQs from a document, and compare documents more easily, according to Microsoft.

Copilot Agents: Copilot Agents, which are assistants for automating and executing business processes, also is not brand-new. Microsoft officials talked up plans for agents at the company’s Build 2024 conference in May, and said there would be an early access program for customers interested in building their own autonomous agents in Copilot Studio. Agents built in Copilot Studio (the low-code product formerly known as Power Virtual Agents), can be published directly into Microsoft 365 Copilot. Microsoft says Copilot Studio developers will be able to create agents from within BizChat and SharePoint in the coming weeks. Today, Microsoft is re-introducing what it previously called “custom copilots in SharePoint” as Copilot agents. Copilot agents in SharePoint will be available in public preview in early October, officials said.

More AI goodies for the M365 Apps

Microsoft also used today’s Wave 2 event to provide an update on some of the Copilot-related capabilities coming to the apps in the Microsoft 365 suite. Copilot in Teams later this month will be able to reason over both the meeting transcript and the meeting chat. Copilot in Outlook is getting a “Prioritize My Inbox” feature (which sounds to me a lot like Focused Inbox); a preview is coming later this year.

Microsoft hasn’t released any real numbers on how many paying Microsoft 365 Copilot customers it has won to date. But company officials have been sharing lots of tips designed to improve adoption and use. Will adding collaboration to the Microsoft 365 Copilot equation help with uptake? We’ll see….

Related Resources

Microsoft Copilot Wave 2: Pages, Agents and More

Unveiling Copilot agents built with Microsoft Copilot Studio

10 Things You Need To Know Before Buying M365 Copilot

CIO Talk: ‘Agentic’ AI: More than just smarter workflows?

May 2023: Introducing Copilot in SharePoint

October 2023: Microsoft says Copilot in OneDrive coming in December

Directions on Microsoft’s Copilot tracker (downloadable reference sheet)

These days a lot of AI hype is centered around what is being called “agentic” AI, which is the first time I’ve encountered the adjective form of the word “agent.” The idea seems to involve using LLM-powered “agents” to autonomously perform tasks, typically as part of some larger business process (a workflow).

As an example, Microsoft Research’s Project Autogen suggests that workflows can consist of “multiple agents [that] can converse with one another,” that is, LLM-powered agents negotiate, connect to software tools, write code, and so on, to accomplish business goals.

Is this abstraction useful? Maybe…

What’s really new here?

Now for anyone who’s been in the enterprise software business for a while, like me, there’s a lot to be skeptical about. And I’ll admit that my eyebrows furrowed a bit when I heard the term “agentic,” because:

Agents have been around forever. In the early ’90s (for example) we created a whole platform for server-based agents in Lotus Notes that could do things like automagically categorize email, and things like that. Lots of other systems have deployed agents in similar ways for similar tasks.

Workflows have been around also forever. In fact, as I have argued, businesses are nothing more than collections of business processes, i.e., workflows. So what’s a workflow? As I wrote some years ago in an article entitled “The Laws of Business Process,” it’s just a stepwise set of activities that accomplish a business goal, starting with an event of some sort (“order received”), followed by some number of tasks (“check inventory,” “send email to customer,” etc.) and often including some sort of decision logic (“if out-of-stock, then…else…”). You can assign attributes to these – cost, human or automated task, and so on, to do prediction and analysis. But I digress.

And while Microsoft was slow to the workflow game in the 2000s, with Power Automate and Logic Apps they now have compelling offerings (arguably one too many, but that’s for a different post).

But let’s think for a second about the canonical business process:

On order received for product
Check inventory on product
If product in stock
Ship product
Decrement inventory

So why do you need AI for a process like this?

Maybe you don’t. Here we have a process which is very deterministic, does not have any particular dependence on natural language processing, and is highly automated, that is, requires almost no human interaction. A lot of processes are like that; in fact, for financial workflows, like SWIFT, which moves literally trillions of dollars every day, you absolutely want the determinism good old-fashioned code gives you — and not the probabilistic behavior of an LLM.

So … What, exactly, is ‘Agentic’ AI?

Other types of processes, however, have uses for natural language. So perhaps we should think of LLMs not as replacing current notions of business process, but as enhancing them.

For example, one use case in which an LLM-powered “agent” would be extremely useful is in customer service, in which a customer calls or writes with a question. As implemented in Dynamics 365 Customer Service, an LLM can help reps distill incoming questions to their essential elements to quickly find an answer. And of course, an LLM could power an Interactive Voice Response (IVR) system with much more satisfying and pleasing results than today’s typical “press 1 to repeat these options” systems (in theory, as I have yet to experience this).

Not only that: LLMs, as a friend at Microsoft told me, are also exceedingly — maybe even surprisingly — good at decoding error messages, say, from software or data center hardware or IoT devices. And they can often determine remediation faster, my friend claimed, than a human Site Reliability Engineer (SRE).

The point of all this is that there may well be a place for LLM-powered agents. Are they a panacea? Do they replace everything we’ve ever done with agents and workflow? Certainly not. But we can get some improved functionality, which is all we can ask of our software. We’ve all seen this phenomenon before: A new technology is accompanied by massive hype, then after the dust settles, it finds its rightful place in the technology ecosystem.

What do you think? Is there more than hype when it comes to Agentic AI? Drop me a line at bbriggs@directionsonmicrosoft.com.

Related Resources

Microsoft Project Autogen: Multi-Agent Conversation Framework

Dynamics 365 Contact Center Leverages Copilot, Consolidates Offerings (Directions members only)

Directions on Microsoft Deep Dive: What Is The Power Platform?

Microsoft is making changes to how customers of its Copilot with Data Protection (the Copilot formerly known as Bing Chat Enterprise) will use and access its AI service starting in mid-September. The most notable change will happen around prompt retention and discoverability. Until now, Microsoft officials touted that Microsoft didn’t retain chat prompts and responses with this Copilot. But beginning in September, Microsoft will start to do so, in the name of compliance, auditing, and discovery.

The Bing Chat Enterprise version of Copilot — which is accessible to those who sign in with their Entra ID accounts — has included Commercial Data Protection since November 2023. Microsoft officials said in an August 15, 2024, blog post that this Copilot version will now include “Enterprise Data Protection” starting this September.

Directions on Microsoft asked Microsoft if there’s a difference between Commercial and Enterprise Data Protection (and if so, what it is) but have not yet received a response.

Microsoft’s Frequently Asked Questions (FAQ) page doesn’t offer any further clues about what’s changing from Commercial Data Protection beyond this:

“Enterprise data protection (EDP) refers to controls and commitments, under the Data Protection Addendum (DPA) and the Product Terms, that apply to customer data for users of Copilot for Microsoft 365 and Microsoft Copilot. The use of the term EDP is not meant to limit the benefits offered under the DPA and Product Terms.”

However, there are some answers buried in a comment on Microsoft’s August 15 blog post about the differences between Commercial Data Protection and Enterprise Data Protection, courtesy of a Microsoft representative. According to that person, Enterprise Data Protection adds the following to the list of privacy and security features already in Commercial Data Protection:

Commercial Data Protection already delivers several of the benefits Microsoft is highlighting as being included in Enterprise Data Protection. For example, chat data sent to and from copilot with Commercial Data Protection is encrypted. And chat data isn’t used to train the underlying large language models with Commercial Data Protection.

As noted by the company representative and in a footnote on Microsoft’s blogpost: “Microsoft Copilot for Microsoft 365 runs on the ISO 27018 certified Microsoft 365 platform. Microsoft Copilot will start rolling out to the same platform in the second half of September 2024 for users signed in with a Microsoft Entra account.” I’d assume this means that Copilot Bing Chat Enterprise has been running on the Bing platform to date.

Microsoft To Admins: Put a Pin on It

As explained in more detail in a message in the Microsoft 365 admin center (MC862983), Microsoft also is updating the interface for this version of Microsoft Copilot for work and education customers. (Government cloud customers and students under 18 are not yet eligible to use Copilot with Data Protection.)

Beginning in mid-September, once eligible Copilot users are logged in with their Entra accounts, they will be redirected to a new, centralized Microsoft.com/copilot site if they are accessing Copilot via the Web. Windows users signed in with their Entra accounts will be redirected to the Microsoft 365 app and can access Microsoft Copilot there. Mobile users who have been using the Copilot mobile app with their Entra accounts will be redirected to the Microsoft 365 Mobile app and given the option to access Copilot there instead. The Copilot mobile apps are being discontinued and replaced by the Microsoft 365 app.

Microsoft also is using this redirection — which officials said will be complete by mid-October 2024 — to try to get administrators to pin Microsoft Copilot to users’ task bars and/or in the Microsoft 365 app. (Those who have licenses for Copilot for Microsoft 365 already see Copilot pinned in these ways.)

Microsoft is planning to make the Bing Chat Enterprise Copilot pinning option part of Outlook and Teams at some point in the future, according to the Message Center post. If admins do not make a pinning selection by mid-September, Microsoft will prompt their users to pin Copilot for themselves (though admins can disable this from happening.)

Related Resources

Updates to Microsoft Copilot to bring enterprise data protection to more organizations

FAQ: Microsoft Copilot updates and enterprise data protection

Microsoft: What is Copilot with Commercial Data Protection?

Microsoft: What is Enterprise Data Protection?

Earlier this month, Berit Anderson of the Strategic News Service wrote, persuasively, that “we have already reached maximum LLM utility.” She rests her argument on the increasingly clear and evident fragility and error-prone nature of LLMs. As often as not they get things wrong: they “hallucinate” to use the term currently in vogue. Given that Microsoft has made enormous bets on AI — not only is it the foundation of their technology strategy but it’s at the core of everything marketing (which worries me, because I think they may be ignoring other products)…is the AI (and Microsoft’s) bubble about to burst?

As Elon Might Say, “Concerning…”

I recently downloaded Meta’s much hyped Llama 3.1. Running it on my desktop using Ollama (if you haven’t tried this, you really must), I conducted a test in which I asked it a single question then shut it down, restarted the app, then asked it again. I did this three separate times.

The question: “Who is Barry Briggs who used to work at Microsoft?”

In July, Microsoft announced via a message on the Microsoft 365 Admin Message Center, that it planned to change its archival policies around unlicensed OneDrive for Business accounts. Coincidentally (or maybe not), it has an app to help with that: Microsoft 365 Archive, where unlicensed account data will go if admins don’t act.

Unlicensed accounts are not associated with a Microsoft 365 or Office 365 user subscription license. These accounts can become unlicensed when licensing isn’t activated or is expired, Microsoft says.

Microsoft charges for unlicensed One Drive for Business cloud accounts now. The storage comes out of the tenant’s SharePoint Online quota. When customers hit the limits on that quota, they need to buy more. What’s changing, come next year, is that Microsoft is going to take the data from unlicensed accounts offline by moving it into its archive service and could eventually delete it completely if customers do nothing.

According to an article on Microsoft Learn, “Beginning January 27, 2025, any OneDrive user account that has been unlicensed for longer than 90 days becomes inaccessible to admins and end users. The unlicensed account is automatically archived, viewable via admin tools, but remains inaccessible until administrators take action on them.”

“Taking action” means assigning licenses to unlicensed OneDrive accounts, deleting the accounts, or archiving them. Microsoft is charging US$0.05 per month per gigabyte for storage in Microsoft 365 Archive and US$0.60 per gigabyte per month for retrieval.

If Microsoft automatically moves an unlicensed account from SharePoint to Microsoft Archive and customers haven’t set up Archive, Microsoft will delete those unlicensed accounts after 180 days. (Note: None of these changes in how OneDrive for Business accounts will be handled apply to education, Government Community Cloud or Department of Defense customers, Microsoft says.)

The risks of doing nothing

“If you do nothing, a former employee’s data will go offline and then disappear completely when you take back their license, not just when you take them out of the directory” says Rob Helm, Managing Vice President of Research at Directions on Microsoft. “That could make it tough to hand over the role to someone else, and in the worst case could create trouble from courts and regulators.”

As of late August 2024, SharePoint admins were set to access reports identifying their unlicensed OneDrive for Business accounts via the SharePoint Admin Center. The reports show how many unlicensed OneDrive for Business accounts exist in an org and the reasons they are unlicensed.

Microsoft officials point out that even if an account is archived, its content is still discoverable with Microsoft Purview eDiscovery and Content Search.

“Archived OneDrive accounts fully honor retention policies, settings, and litigation holds,” the Microsoft Learn article says. And if an account is retained because of a retention policy, setting or hold, customers will still be required to pay the monthly archive storage costs.

“We recommend reviewing your retention procedures for former employee data. They might work fine despite the change. But it’s better to know now than to find out suddenly next January,” says Helm.

Related Resources

Microsoft 365 Admin Center: Microsoft OneDrive: Update for unlicensed accounts

Microsoft Learn: Manage unlicensed OneDrive user accounts

Report Detailing Unlicensed OneDrive for Business Accounts Available

Microsoft 365 Archive Stores Retired SharePoint Sites (Directions members only)

It wasn’t a massive global cyberattack, but it definitely felt like one. Late last week, a faulty update from security vendor CrowdStrike hit an estimated 8.5 million Windows devices worldwide, according to Microsoft estimates. Airlines, hospitals, banks, trains, broadcast stations, retail shops, and more got stuck in a blue-screen reboot loop, the results of which likely won’t be fully cleaned up for weeks or even months.

Whether or not you’re part of the clean-up crew, there are some important lessons to be learned from the CrowdStrike meltdown.

“Customers should take steps to minimize risk of endpoint failure due to potential bad updates or other incidents,” said Directions on Microsoft analyst Jim Gaynor. “However, failure is inevitable, so customers should also optimize their endpoint recovery processes to minimize impact of failure. And the resources spent on each should be based on rigorous risk assessment, and not reactionary decisions made out of fear.”

Four ways enterprise customers can take action

The Directions on Microsoft analyst team put our heads together to come up with some actionable items based on the CrowdStrike incident. Here are our top four:

1. Stage updates. Microsoft isn’t the only company that pushes out bad patches and updates; its partners do, too. That’s why it’s key to use deployment rings, applying updates to a select few devices first, to check whether it’s all systems go before rolling them out everywhere.

If you do stage updates, “don’t set auto-update and forget,” cautioned Directions analyst Michael Cherry. “I was a CrowdStrike customer and the last time I worked with their product they used to release their updates to Falcon in a preview mode, but I never bothered to look at them, like most people, because CrowdStrike had never had a problem. Until they do. You also need to know how to pause updates when you see things going bad.”

2. Make sure your systems hygiene processes are in order, so when (not if) another similar outage happens, you’ll be ready to take action.

“Ensure you have easy access to BitLocker keys. Confirm recovery partitions. Establish backups and, in the case of VMs, have snapshots for fallback. Test your imaging/deployment processes and ensure they’re current, documented, and streamlined. For distributed companies, have dedicated regional points of contact. The list goes on,” said Directions’ Gaynor.

BitLocker is especially key here. “Companies need to treat their BitLocker recovery keys like a part of their recovery plan, and if they can’t roll out or repair systems en masse, using BitLocker recovery properly, you’re in for a painful, one-by-one repair process,” Directions analyst Wes Miller noted.

3. Don’t overuse Windows in embedded or Long Term Service Channel (LTSC) and infrastructure scenarios. Does your check-in kiosk really need to be running Windows inside? Does your ad billboard? (Looking at you, Times Square!) When an embedded version of Windows goes south, IT likely will be required to fix devices manually. And while restore points exist for many cloud services and virtual machines, they aren’t always or even often there for servers and embedded devices.

4. Remember: You’re at the mercy of your most rapid-fire vendor. You may have sound testing policies and procedures, but do all of your vendors — or all of Microsoft’s ISV partners? You may not be able to influence much or at all with which vendors Microsoft partners, but at least you’ll be more alert for potential issues.

Counting on the CloudStrike incident to cause Microsoft to change its policy which allows certain software vendors access to the Windows kernel is not a good bet. Microsoft execs have said they legally cannot close off Windows the way that Apple does due to a 2009 agreement with the European Commission which requires Microsoft to provide security software companies with the same access to Windows that Microsoft itself gets.

Update (July 26): A July 25 Microsoft blog post entitled “Windows resiliency: Best practices and the path forward,” raises the possibility that Microsoft may, at some point, stop allowing third parties to have Windows kernel access. From that post:

“This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience. These improvements must go hand in hand with ongoing improvements in security and be in close cooperation with our many partners, who also care deeply about the security of the Windows ecosystem.

“Examples of innovation include the recently announced VBS enclaves, which provide an isolated compute environment that does not require kernel mode drivers to be tamper resistant, and the Microsoft Azure Attestation service, which can help determine boot path security posture. These examples use modern Zero Trust approaches and show what can be done to encourage development practices that do not rely on kernel access. We will continue to develop these capabilities, harden our platform, and do even more to improve the resiliency of the Windows ecosystem, working openly and collaboratively with the broad security community.”

Related Resources

Microsoft: What we’re doing about CrowdStrike

CrowdStrike’s Remediation and Guidance Hub

Microsoft Recovery Tool for Helping Remediate CrowdStrike Issue

Microsoft: Recovery options for Azure VMs affected by CrowdStrike’s Falcon agent

Microsoft’s Customers Must Monitor Its Security Shortcomings (Directions members only)

One of the most common customer questions we get at Directions on Microsoft is when we expect Microsoft to introduce a new high-end tier of Microsoft 365 enterprise suites (likely an “E7”). As was true last year, there’s still no tangible evidence Microsoft is ready to introduce such a suite any time soon. Microsoft officials continue to emphasize that Microsoft 365 E5 adoption is key to Office’s continued enterprise growth and leave it at that.

There is, however, a noteworthy change in how Microsoft is rolling out key new services to its enterprise subscription customers. In the not-so-distant past, Microsoft would have been expected to deliver these new services as additions to existing Microsoft E3 and/or E5 plans for no additional cost. But instead, Microsoft increasingly is introducing these kinds of services in the form of pricey add-ons, and sometimes add-ons in the form of their own “mini suite” bundles.

The Entra Suite, the Intune Suite, Defender Vulnerability Management tier of service, and Teams Premium are all examples of add-ons which previously would have been likely to be folded into E3 and/or E5.

“These add-ons each share three characteristics. They each require a service included in one of the Microsoft 365 enterprise suites (E3 or E5); each has reasonably broad appeal to knowledge workers; and each would likely have been added for no additional cost to existing Microsoft enterprise suites, based on past trends,” said Directions on Microsoft analyst Wes Miller.

The recently added Entra Suite, for example, includes (with each piece also available separately) Entra ID Governance, Entra Internet Access, Entra Private Access, as well as premium face check capabilities, on top of the otherwise free Entra Verified ID service. Entra ID Governance is US$4 per user when added to Entra ID Plan 2, US$7 per user when added to Entra ID Plan 1. The Entra Suite is US$9 per user when added to Entra ID P2, US$12 per user when added to Entra ID P1.

A new top shelf?

The release of so many new core services as add-ons could be interpreted as a sign that Microsoft is gearing up to release an E7 subscription. Such a move wouldn’t be too surprising, as Microsoft execs have said that the best way for the company to grow Office average revenue per user (ARPU) is to migrate customers to more expensive Microsoft 365 suites.

“Microsoft is always ready to displace the current top-shelf tequila with a new top-shelf,” said Directions’ Miller. Bundling together some of the more compelling new services into a comprehensive E7, priced somewhere under $100 per user per month, would give Microsoft a new, very premium subscription offering.

But there’s an alternative possibility. Perhaps Microsoft has done the math and calculated that add-ons will generate more money than suites. Although Microsoft didn’t provide any dollar figures for Microsoft 365 Copilot sales during its Q4 FY’24 earnings call on July 30, officials did say the number of customers for this $30 per user per month add-on grew 60% from FY’24 Q3 to Q4.

Two years ago, Microsoft disclosed that only 12 percent of its Office 365/Microsoft 365 installed base were E5 subscribers. (As of Microsoft’s Q2 FY2024, there were more than 400 million paid Office 365/Microsoft 365 subscribers, according to Microsoft.) The company has not provided an updated figure since then, but officials have said that the E5 base is growing at a good clip — which isn’t too surprising, given various incentives Microsoft has provided to help move more customers to E5, such as holding its price constant at $57 per user per month while increasing the prices of Microsoft 365 E3 and all other Office 365 suites.

Microsoft 365 E7: What might be inside

If Microsoft ever does decide to create an E7, what’s likely to be included that’s not in E5?

Any or all of the four previously mentioned mini-suite add-ons would be good candidates, meaning Entra Suite/Entra ID Governance; Intune Suite and/or Intune Plan 2; Microsoft Defender Vulnerability Management, and Teams Premium.

Other strong possibilities include:

Regardless of which path Microsoft takes, customers should be prepared to negotiate at their next Enterprise Agreement (EA) renewal to consider the price increases they’ll incur and to avoid overspending on immature and still evolving features.

Related Resources

From 2023: Is Microsoft 365 E7 waiting in the wings?

Paid add-ons to Microsoft 365 are multiplying rapidly. What’s a customer to do?

Services Increasingly Expanding Beyond Microsoft 365 Suites (Directions members only)

Microsoft FY24 Fourth Quarter Earnings Conference Call Transcript

As announced last month, August 1 was the day Microsoft deemed the new Outlook for Windows as generally available (GA) for commercial customers. In its blog post touting the GA milestone, Microsoft officials reiterated there are no configuration changes being forced on organizations at this time; instead, the GA marker signifies that Microsoft now offers support via all of its support channels for the new Outlook as a way to help customers start planning migrations.

Microsoft’s blog post also mentions again that “existing installations of classic Outlook through perpetual licensing will continue to be supported until at least 2029.” (“Classic Outlook” is the new way Microsoft is referring to the existing Win32 Outlook app for Windows.)

The next perpetual release of Office is Office 2024, due to ship this fall and which will be supported until some point in 2029. Microsoft plans to make classic Outlook part of Office 2024 Professional Plus and Standard. The company has not said whether it also will include classic Outlook in the promised perpetual Office release that will follow Office 2024, but our bet at Directions on Microsoft is by the time Office 2027 (or whatever the next perpetual release is called) ships, it will include new Outlook, not Classic.

It’s beginning to look a lot like … OneNote

There is yet another way for those who really do not want to or cannot move to the new Outlook on Microsoft’s schedule to keep using the existing classic Outlook for Windows client. Microsoft is not publicly touting this option, and we at Directions on Microsoft didn’t know about it, either, until we asked.

Directions asked Microsoft recently whether enterprise customers with Microsoft 365 subscriptions which include downloadable apps will be able to continue to get Outlook Classic and for how long. A spokesperson told us:

“For customers with Microsoft 365 subscription that includes desktop apps, new Outlook will be available to download for free and classic Outlook is available for download and will need to be downloaded separately. Customers will need a Microsoft 365 subscription (or license) that includes desktop apps.”

We verified with Microsoft that there will not be any extra licensing or fees required by qualifying enterprises to download classic Outlook until at least 2029.

As long as customers have Microsoft 365 suites which include rights to the downloadable Office apps, they will be able to get classic Outlook until at least 2029. However, they will have to get classic Outlook by downloading it separately, since Microsoft will replace classic Outlook with the new Outlook in Microsoft 365 E3/E5, Office 365 E3/E5, Business Standard, Business Premium (plus other consumer, education and government subscriptions) in the coming months.

“This takes time pressure off Microsoft 365 Apps for enterprise customers,” said Rob Helm, who tracks Outlook and Exchange for Directions. “If they can continue to redistribute classic Outlook to their Microsoft 365 Apps users, they get more time to get rid of plug-ins that don’t work with new Outlook, and more time to find workarounds for classic features that new Outlook doesn’t have.”

“Microsoft 365 Apps customers still will want to assess their risk for the day that classic Outlook is no longer available to them. But that day is some years further away than we thought,” Helm added.

If this situation reminds you of what happened with OneNote, you are not alone. After releasing a Universal Windows Platform (UWP) version of OneNote as the planned replacement for the existing OneNote for Windows app, Microsoft met with so much resistance that it ended up continuing to make classic OneNote (originally called “OneNote 2016” and later “OneNote for Windows 10”) available as a separate downloadable app — which is still supported through October 2025 — alongside its “OneNote for Windows” app.

The New Outlook Roadmap Revisited

Back to Outlook.

For now, the new Outlook is considered at the opt-in stage. Sometime in the future — Microsoft won’t say when but did say it won’t happen without at least 12 months of notice beforehand — Microsoft will move to the opt-out stage. And some time after that (again, not without at least 12 months’ heads-up), Microsoft will move to the “cutover stage,”

At the cutover stage, users will no longer be able to switch back to classic Outlook. New deployments of Outlook with Microsoft 365 subscriptions will come with new Outlook for Windows, not classic Outlook. But as we mentioned above, those with Microsoft 365 subscriptions with licenses for downloadable Office apps still will be able to get classic Outlook as long as they download it separately through at least 2029.

As to what happens with classic Outlook after 2029, right now, there’s no word. If Microsoft adds back some of the key missing features to the new Outlook for Windows app, maybe customer outcry will subside, and Microsoft will discontinue making classic Outlook available. For now, however, there is still a substantial gap between what’s in classic Outlook and what’s still not available in the new Outlook. Some features like COM/VSTO/VBA add-in support will not be added. And support for on-premises Exchange Server with the new Outlook is still just a maybe.

Related Resources

Microsoft says the new Outlook for Windows is ready for GA. Is it?

Microsoft Aug. 1 blog post: The new Outlook for Windows is ready when you are

Microsoft’s subscription-free, ‘perpetual’ Office LTSC 2024 to ship this year

Microsoft chart: New and classic Outlook for Windows feature comparison

The day before the start of the July 4 holiday in the U.S., Microsoft quietly announced via a blog post that the Teams Office 365 Connectors feature will be phased out between August 15 and January 1, 2025. To say that decision has been unpopular is an understatement.

In hundreds of angry comments on the blog post outlining the coming change — which impacts the way that updates from Microsoft and third-part services are integrated into Teams channels — customers are taking Microsoft to task about everything from super short notice, to lack of migration documentation, to potentially much higher bills if they use Microsoft’s suggested replacement (Power Automate workflows).

Update (July 26): Microsoft bowed (a bit) to customer “feedback” and extended the Office 365 connector phase-out deadline to give customers more time to move to “Power Automate, an app within Microsoft Teams, or Microsoft Graph.”

Just a year or two ago, it would be next-to-impossible to imagine Microsoft allowing this kind of situation to happen, given Teams’ exalted status in the company.

But it’s a new era for Microsoft Teams; it is no longer the favorite child. Teams has been pushed aside by the almighty Copilot. And making matters worse, for both Microsoft and its customers, Teams is at the crux of a major antitrust case in Europe which is looking unlikely to go Microsoft’s way.

Teams had a heady start. In 2018, just a year after it launched Teams, Microsoft proclaimed it the fastest growing business app in Microsoft history. During the COVID-19 pandemic, Microsoft officials trumpeted how quickly Teams’ user base and adoption was growing. Every week, Microsoft announced a slew of significant new Teams features, most of which were added to the product for no additional cost.

But Teams’ growth started to slow. In 2021, Microsoft shifted its publicly reported Teams metric from daily active users to monthly active users, seemingly to try to hide the fact Teams adoption was starting to plateau. Around the same time, an antitrust suit launched by Slack against Microsoft over Teams bundling practices started to gain momentum.

Reading the lifecycle tea leaves

When a Microsoft product hits the point in its lifecycle where it’s no longer the newest, shiniest jewel, Microsoft typically shifts its strategy around it. Execs become tasked with finding ways to ensure that product keeps generating more average revenue per user (ARPU), which almost always spells price increases, new monetization methods (such as turning features that would have been added for no additional cost into paid add-ons), or both.

“Teams has very much left the high-growth strategic-market ‘golden child’ category within Microsoft. And, as such, it’s been sent off to the ‘cash cow’ mines of widely-adopted products and services (joining Office, Windows, and others) to use its market position to generate more revenue and to help boost the profile of the newest cadre of golden children,” explained Directions on Microsoft analyst Jim Gaynor.

Teams also faces regulatory complications, which impact not just public perception, but also portends potential (and costly) licensing changes.

In late June, the European Commission issued its initial findings that Microsoft illegally bundled Teams with Microsoft 365 and Office 365 subscriptions. Microsoft had attempted to head off the EC’s case by making Teams available as a separately priced, unbundled product for “net new” customers worldwide earlier this year, but antitrust regulators seem to have found that move insufficient. If Microsoft and the EC can’t come to terms, Microsoft could face a fine of up to 10 percent of the company’s annual worldwide revenues plus possible additional remedies crafted by the EC.

Looking back to predict ahead

Independent of what Microsoft is required to do by European regulators in the Teams case, there are still some likely pricing and licensing patterns customers should expect based on history.

Microsoft’s push to continue to wring profits out of products, regardless of how far along they are on the adoption curve results in more and more features being released as separately priced add-ons. We’ve already seen the start of this with Teams Premium, a collection of AI, security and advanced meeting features, which costs $10 per user per month. And customers who want to take advantage of Copilot in Teams must pony up an additional $30 per user per month for the privilege.

“The message for customers is that these new products that Microsoft was heavily promoting a handful of years ago, that you wove into your business, are now entering the ARPU-focused phase,” said Directions’ Gaynor. “So, you’re going to see prices increase, the pace of new features not tied to add-ons drop off precipitously, interoperation with things outside the Microsoft ecosystem dry up, and previously included capabilities cut in favor of similar-but-different things that boost other initiatives.”

Teams is likely still a way away from joining the club shared by the on-premises versions of SharePoint, Project, Exchange, Skype for Business servers — products much further along in their lifecycles. (But all of which still have enough customers willing to pay to justify the Subscription Edition, or SE, variants.) But before Teams gets to that point, customers should be looking for ways to reduce investing in it — or any other products in which Microsoft is no longer investing, for that matter.

Related Resources

July 3: Get ready for the retirement of Office 365 Connectors in Teams

What to know before you go Teams-less

Paid add-ons to Microsoft 365 are rapidly multiplying: What’s a customer to do?

Podcast: When should you walk away from a Microsoft product?

Microsoft is pushing ahead with its plan to launch its new Outlook in a way that might be a bit more aggressive than many expected. On July 11, company officials posted to the Microsoft 365 Message Center an update on the timing for the rollout of the new Outlook. As of August 1, 2024, Microsoft plans to designate the new Outlook as generally available (GA) and no longer in public preview for commercial customers. (GA is not yet happening for Government Cloud, Department of Defense or Sovereign Cloud customers.)

The GA milestone is not going to have immediate impact, Microsoft is assuring organizations. The MC810420 entry says there will be “no automatic changes for current users.” Organizations will be able to control its availability and are “encouraged” to start planning for migration, since Microsoft will be offering full support for the product as of August 1. Microsoft’s note says the current Outlook Windows app, now called “classic Outlook,” will continue to be supported and available and “any Microsoft-driven migration steps in managed environments” will not happen without a 12-month notice.

Is it panic time?

Microsoft has been working on consolidating its Outlook mail and calendar client apps for Windows and the Web since 2021, if not longer. The planned replacement, which was formerly codenamed “Project Monarch,” looks and feels a lot like the current Outlook web client for Windows.

Microsoft officials have said the Mail and Calendar apps built into Windows 11 will be replaced with the new Outlook by the end of calendar 2024. But they’ve continued to claim that the new Outlook will remain an opt-in experience for other customers while it fills in gaps in the feature matrix.

Earlier this year, Microsoft officials said publicly that the next milestone on its roadmap would be GA for the new Outlook but did not provide a date when that would likely occur. Sometime after GA, Microsoft officials said, there will be an “opt-out” milestone, during which the new Outlook will be on by default, but customers can still roll back. The “cutover” stage, during which the switch back to classic Outlook will no longer be available for new deployments of Outlook from Microsoft 365 subscriptions, is slated for some time after that. During cutover, customers with perpetual (non-subscription) Office — specifically, Office 2021 and Office 2024, which is due later this year — will still be able to use classic Outlook.

“Microsoft’s next step is to hide the current Outlook and make the new one the default for Microsoft 365 Office users. We didn’t get the 12-month notice for that, so IT managers have at least that long before they have to either block new Outlook, wave it through, or let the user decide,” explained Directions on Microsoft analyst Rob Helm.

Based on Microsoft’s clues, Directions on Microsoft estimates that customers who license the Outlook Windows app with Microsoft 365 Apps for enterprise will have to adopt the new Outlook possibly as early as the second half of 2026.

No Exchange Server or COM support on the horizon

There remain a considerable number of features available in classic Outlook that are still missing or only partially implemented in currently circulating commercial previews. A major trouble spot is Exchange Server: Microsoft has not announced any plans to support it with new Outlook. Unless Microsoft relents (which is unlikely), on-premises and third-party hosters will not be able to host Exchange with the latest client.

Another problem is COM add-ins and related extension technologies including .NET add-ins (also called “VSTO” add-ins after the Visual Studio Tools for Office tool set), and Visual Basic for Applications (VBA) macros. Many of these were developed by Microsoft, partners, and some customers to integrate Outlook into other applications. Customers moving to new Outlook will have to do without or replace them with new JavaScript add-ins, some of which are already available for Salesforce and Microsoft customer relationship management (CRM) applications.

Additionally, some key, basic features aren’t slated to arrive until after GA. The initial version of PST support in the new Outlook for Windows isn’t slated to start rolling out until March 2025, according to Microsoft’s M365 Roadmap. Support for S/MIME is slated to start rolling out in September 2024.

Customers also need to be aware that the new Outlook will add new features through service-based flighting, not through build updates. “Features will be listed on the Microsoft 365 Roadmap, and then released into the Targeted Release ring for 30 days before beginning General Availability release,” Microsoft says.

“GA’s only direct impact on IT managers is that you can get support for new Outlook. However, we project new Outlook will permanently displace classic Outlook from Microsoft 365 Office suites in as little as 24 months after GA. So treat GA as a reminder: Get new Outlook rollout into your technology roadmaps and budgets,” advised Helm.

Related Resources

New Outlook to GA August 1, 2024

Microsoft’s Roadmap for the New Outlook

Microsoft to Support Classic Outlook for Windows for Some Until At Least 2029

New Outlook: Two Years to Breaking Changes in M365 (Directions members only)

Last week’s settlement between Microsoft and the Cloud Infrastructure Services Providers in Europe (CISPE) won’t do anything to cut the higher prices Microsoft is charging organizations to run its software on its biggest rival’s clouds. The settlement — which allegedly involved Microsoft paying CISPE $22 million — blocks CISPE and its member companies from lodging new or supporting similar antitrust cases in this matter against Microsoft. The settlement also excludes AWS, Google and Alibaba cloud platforms.

“At the end of the day, the settlement is nothing. It won’t affect so-called listed providers and just promises to give a few Azure exclusives to the smaller ‘authorized outsourcers,’” said Directions on Microsoft analyst Wes Miller. “It’s unclear what this settlement actually resolves other than a legal threat.”

Microsoft introduced outsourcing restrictions in 2019, resulting in customers paying more to run Microsoft software in non-Microsoft cloud environments. Customers who had been using AWS and Google Cloud as dedicated hosts for running Windows Server and clients were affected directly, but some of them didn’t realize the extent of the impact until years later when their licensing contracts with Microsoft were up for renewal.

CISPE launched its competition complaint against Microsoft with the European Commission in November 2022. Microsoft responded with a set of “European Cloud Principles”, which officials said would level the playing field for partners and customers who wanted to run Microsoft software on certain non-Microsoft cloud infrastructures.

What those principles didn’t include was what many customers cared most about: The ability to run Microsoft software on Amazon Web Services, Google and Alibaba. They focused on customers who wanted to move their software licenses to other clouds outside of those “Listed Providers.”

Azure Stack HCI for Hosters is Born

In addition to agreeing to cover CISPE’s three years of legal costs in this matter, Microsoft also said it would release within the next nine months “an enhanced version” of its Azure Stack HCI platform for European cloud providers, known as Azure HCI Stack for Hosters, that will provide features that Microsoft customers using regular Azure Stack HCI have today. Those enhanced features include multi-session virtual desktop infrastructure based on Windows 11; free Extended Security Updates (ESUs); and Pay-as-you-go licensing for SQL Server.

Microsoft and CISPE also agreed to the establishment by CISPE of a European Cloud Observatory to monitor development and evaluation of the coming product, with members of the observatory including cloud infrastructure vendors in Europe, European customer associations and Microsoft.

It’s unclear if there are other hidden terms in the agreement, given a report this week indicating CISPE could have gotten a bigger payday by going a different route.

This week Bloomberg reported that Google, which is not a member of CISPE, tried to get CISPE to refrain from taking the Microsoft deal by offering a reported $500 million for more than five years of software licenses and another $15 million in cash. But CISPE didn’t take Google’s offer, which Bloomberg claimed was made just days before the Microsoft settlement was announced last week. And Google officials said they will continue to explore “other options to continue to fight against Microsoft’s anti-competitive licensing.”

Related Resources

CISPE and Microsoft agree on settlement in Fair Software Licensing case

Microsoft pays $22 million to settle cloud complaint in Europe

Podcast: Microsoft licensing for non-Microsoft clouds

Changes for cloud vendors don’t help with AWS or GCP (Directions members only)

Bloomberg: Google offered cloud Firms $512 million to fight Microsoft

It’s becoming increasingly apparent that Microsoft is forging ahead with its plan to move more of its customers off Enterprise Agreements (EAs) and onto Microsoft Customer Agreements (MCAs). Recently, Directions on Microsoft shared details about Microsoft’s plans to move EA Level A customers to MCAs. Now we also hear Microsoft is aiming to have new Microsoft Azure Consumption Commitment (MACC) agreements signed under MCAs, with no more options under an EA.

An MCA is a relatively new Microsoft licensing agreement that, up to this point, had been primarily for smaller and mid-size customers. MACC is an agreement via which enterprises commit to spend a set amount on Azure and other cloud services over three years. It is one tool customers can use to try to manage their cloud spending and maximize their savings if their usage is well understood.

This MCA-MACC change is part of a growing push by Microsoft to make EAs available only for its largest customers. Microsoft’s not-so-secret strategy is to move more of its smaller and mid-size enterprise customers to resellers and integrators and deal directly with the most lucrative, biggest customers itself.

However, this MCA-for-MACC shift isn’t impacting only smaller companies. In fact, the change already has begun impacting some larger companies over the past four to five months, our contacts tell us. Directions hears that even some 50,000-employee-size customers have been told that MACC is placed under MCA or nothing.

MCA for MACC: It’s not just about money

Microsoft has other, somewhat less obvious reasons for getting more customers to go with MCAs. The back-end systems associated with EAs are old and difficult to maintain. Microsoft wants to move more customers off of these systems, and is starting with smaller customers first, as they tend to be less complex organizations with simpler needs (and tend to be in less of a position to push back).

Larger organizations are the next target, and it’s no doubt easier to try to get them to go the MCA route more slowly. From Microsoft’s perspective, Azure doesn’t bring along with it the licensing rule complexity and license entitlement data integrity issues that other Microsoft products typically do. That makes it a good place for Microsoft to start the slow march toward the ultimate destination: MCAs everywhere.

We asked Microsoft if the new MACC via MCAs is considered a requirement and when it will become official. A company spokesperson said the company had “nothing to share.”

MCA doesn’t necessarily mean less complexity

Commercial customers currently have a variety of ways to purchase Microsoft cloud services including:

In 2019, Microsoft made Azure available via the MCA. Starting that year, new and renewing corporate customers were no longer able to purchase Azure Services through an Azure only Server & Cloud Enrollment (SCE) under an EA. Over the next few years, Microsoft made Microsoft 365, Dynamics 365, the Power Platform, and Windows 365 available via the MCA, as well.

Microsoft has been encouraging customers who purchase through EAs to consider the Microsoft Customer Agreement for Enterprise (MCA-E). The pitch: Buy through Microsoft via an MCA and get access to “enhanced benefits” under an MCA-E. Among the kinds of MCA-E benefits Microsoft touts are things like one streamlined digital agreement, flexible billing account structure, “intuitive” and customizable invoices, and simplified tenant management via the Microsoft Admin Center.

However, some of these benefits are seemingly temporary. For example, the existing Azure Support offer for EA and MCA-E customers ended as of June 30, 2024. Beginning July 1, 2024, all customers who do not already have a paid support plan, such as Microsoft Unified, ProDirect support, etc., must purchase a support plan if they wish to maintain technical support coverage.

Besides possibly losing “enhanced benefits,” what’s the downside of moving from complex, lengthy EAs to far more succinct and simple MCAs? Under an MCA, customers cannot purchase or renew Software Assurance for perpetual (non-subscription) licenses for products like Windows Server and SQL Server. Under an MCA, customers lose the ability to purchase certain Microsoft 365 User and Device Subscription Licenses (User SLs and Device SLs, respectively).

There are also inconsistencies between the EA stack and MCAs that can drive some legal departments crazy. Trying to maintain “parallel” contracts can create ambiguities as to which and what applies when and make it more difficult for organizations to understand exactly to what they’re committing.

If and when Microsoft makes its MACC via MCA policy official, customers should be prepared to have to cobble together more purchasing programs (such as Open Value plus MCA) if they want to maintain at least some of the same licensing benefits they’ve got currently.

Related Resources

Mid-size orgs: Your EA days are numbered

Azure Licensing: One Phrase, Many Meanings (Directions members only)

Take advantage of your Microsoft Azure Consumption Commitment (MACC) benefit

Azure Support Plan benefit terminated June 30, 2024

Microsoft’s announcement that Copilot in Fabric is generally available (GA), made at its Build conference in mid-May 2024, was misleading and incomplete. Attendees left Build under the impression that Copilot in Fabric was GA across the board, when, in reality, only one Copilot feature in the Power BI experience made it to GA. All other Copilot features in Power BI were still in preview as of the end of May 2024. And more importantly, Copilot in all the other Fabric experiences (Data Factory, Data Engineering, Data Warehouse, Data Science, and Real-Time Intelligence) remain in preview. None of them is GA.

(Update: June 3, 2024, the ability to generate a narrative in response to user questions about a Power BI report’s data is now GA.)

Now, don’t get me wrong, I’m a big fan of Copilot and think it will be a great productivity and analytic tool that helps data analysts, developers, and end-users. But organizations need to make decisions about when they adopt tools and how they spend their time. Customers often review features in preview, but never deploy them to production. And that’s my problem with Microsoft’s false announcement. Customers could be making bad decisions about evaluating and deploying Copilot in Fabric.

Following the blog trail

At the 43:35 point of the “Microsoft Fabric: What’s new and what’s next” presentation, delivered by Fabric Chief Technical Officer Amir Netz, he announced that Copilot in Fabric is generally available. And even strengthened the announcement with a slide dedicated to the GA announcement.

At first, I was excited and looked at my calendar to find time to delve into the various Copilots in Fabric. But then… I started reading through the Microsoft blog post that came out on the same day, entitled “Copilot in Microsoft Fabric is now generally available in the Power BI experience.” As an analyst, the long title was the first clue. Long titles like that are almost always a marketing technique to try to make a little announcement sound big. The blog post clarified the key points that Netz didn’t cover. Notably, “While the report creation experience is now generally available, there are other Copilot experiences in Power BI that are available in preview.” In the same section, the blog post further stated, “The Copilot in Fabric experiences for Data Factory, Data Engineering, Data Science, Data Warehouse, and Real-Time Intelligence are also all still available in preview.”

There’s one more thing: There was another important announcement in the blog post that wasn’t discussed at Build. “Copilot in Fabric is also now enabled on-by-default for all eligible tenants, including the preview experiences.” By eligible tenant, Microsoft means “customers with a paid Fabric capacity (F64 or higher) or Power BI Premium capacity (P1 or higher) have access to Copilot.”

Currently, the ability to use Copilot preview features is either on or off for everyone. There’s no setting that allows customers to limit use during evaluation. A new feature is expected to limit its use by capacity, but that has not arrived yet. For more details, take a look at this support post.

My Recommendation

I, personally, plan to use Copilot in Fabric extensively when it really hits GA. But these features are not GA, so please don’t use them in production. Preview features are not supported by Microsoft, and the features will likely change before they reach GA. This means if customers aren’t careful, they could end up spending a lot more than they expected simply evaluating preview features.

Related Resources

May 2024: Microsoft says Copilot in Fabric is now GA

June 2024: Microsoft says GA of Copilot for Power BI is rolling out starting today

Azure Roadmap: Microsoft Fabric (Directions on Microsoft members only)

Deep Dive: What is Power BI?

For years, Microsoft has been nudging smaller and mid-size enterprise customers towards a new type of licensing agreement, known as a Microsoft Customer Agreement (MCA). But 2024 might be the year when this MCA requirement for this group of customers begins to roll out officially. For organizations accustomed to buying Microsoft products through an Enterprise Agreement (EA), there could be some big changes — both positive and negative — when moving from an EA to an MCA (or adding an MCA in addition to an EA).

Microsoft currently offers its EA customers different programmatic (built in) discount levels, depending on how many users and how many client devices they want to license. The more users/devices, typically the greater the discount.

The official minimum number of users/devices a customer currently needs to qualify for an EA is 500 to 2,399, a segment which is known as Level A. But Directions on Microsoft is hearing increasing chatter that Microsoft plans to phase out Level A completely and move those customers at this level to MCA-based licensing. And if that happens, the new minimum user/devices requirement for an EA officially may rise to 2,400 (which is now the entry point for the EA Level B discount tier).

It’s worth noting this coming change is the most recent step in a long, gradual phase-out process. A few years ago, Microsoft eliminated the programmatic discount for level A, which resulted in Level A getting pricing based on an estimated retail price, not pre-ordained discounting. A few years before that, Microsoft increased the official minimum to qualify for Level A from 250 to 500 users/devices.

We asked Microsoft if the rumors about Level A going away this year are true. A company spokesperson said that at this time the company had “nothing to share.”

What to expect when you’re expecting an MCA

If this change does happen, what should EA customers at Level A anticipate? An immediate price increase? More licensing complexity? Fewer negotiation levers?

As we like to say at Directions: It depends.

One thing is for sure, however: Level A customers currently on an EA need to start preparing now for a new volume-level construct, which will likely include an MCA and possibly a Cloud Solution Provider (CSP) reseller partner. If you’ve renewed your EA recently, you’re unlikely to feel the impact until the end of your current contract. If you haven’t, your pending EA renewal could be the event that triggers the EA-to-MCA change.

Microsoft unsurprisingly paints the MCA as nothing but goodness. On its Microsoft Licensing web site, the company describes an MCA as providing a “consistent and simplified purchase experience, with greater flexibility in how and where you buy.”

MCA contracts are shorter than EA contracts (around 9 pages vs. 30 for a typical EA) and renew automatically, where EAs must be manually renewed, typically involving a complex negotiation phase. All Microsoft cloud products and services are available via the MCA and all licensed products and services can be viewed and managed via a single portal. MCAs are available in most countries and can be purchased through CSP resellers or directly from Microsoft.

In terms of pricing, customers who are required to go with an MCA instead of an EA could end up paying the same or even somewhat less than they do for similar products and services today, for a few reasons. First, CSPs tend to have some pricing wiggle room. Additionally, the ability to buy month-to-month via MCA (without longer contract obligations) could help customers save on temporary summer employees, for example.

However, there is a chance that your overall price and overall spend for the entire agreement could end up being higher. Customers may lose some EA benefits, such as favorable terms when licensing on-premises products with Software Assurance. They may end up having to patch together multiple contracts handled by multiple resellers, which could result in not just more hassle, but higher costs overall. And having to engage in an entirely new contract review process could be a pain — even when compared to the many hoops though which an org typically must jump when renewing an existing EA contract.

Let the MCA buyer beware

“There may or may not be a direct price increase,” said Directions on Microsoft‘s head of Advisory Services and negotiation expert Dean Bedwell, “but there are ways you could pay more because of special terms.”

For example: Under an MCA, customers cannot purchase or renew Software Assurance for perpetual (non-subscription) licenses for products like Windows Server and SQL Server. As a result, customers may have to move some workloads to MCA-based server subscriptions at a higher cost or use the Open Value (OV) program, which provides the option to renew SA on perpetual licenses but does result in managing purchases through two programs, often at higher cost.

In the case of Microsoft 365, customers who are moving from an EA to an MCA will need to reassess how they license Microsoft 365 subscriptions. EA contracts typically offer organizations a larger set of choices when it comes to Microsoft 365-related license types and, in some cases, preferential use rights.

Under an MCA, customers lose the ability to purchase certain Microsoft 365 User and Device Subscription Licenses (User SLs and Device SLs, respectively), for instance. While some workarounds are possible, they’ll likely cost companies more. Customers may need to use two purchasing programs — MCA plus something like the aforementioned Open Value — to get the same coverage.

Another gotcha: Teams-less Teams

Another new worry: There’s the strong possibility that moving from an EA to an MCA could result in Microsoft categorizing a company as a “net new customer,” which would mean that customer would be no longer eligible to buy Microsoft 365 suites that bundle Teams. This could result in orgs having to repurchase Teams separately, which will cost more due to the increased costs of the split Teams licensing that is now required for net-new customers.

Directions asked Microsoft whether this would be the case and we received a “nothing to share” from a company spokesperson. But in a PowerPoint deck for partners, there’s a clause which seemingly confirms an EA-to-MCA move will trigger the net-new customer issue. That clause:

“Due to systems limitations, customers will also not be recognized as existing customers if they change their purchasing channel except when moving to EA/EAS or moving to/from MCA-E and to/from Buy Online (Direct).”

Customers at Level A may have little or no recourse if they’re pushed out of the EA bucket into the MCA one. But they should at least know possible licensing issues they may face and try to mitigate when possible.

Related Resources

Microsoft: How to Buy an MCA

Transitioning Microsoft 365 from an EA to an MCA (Directions members only)

Transitioning Windows Server from an EA to an MCA (Directions members only)

Going Teams-less: What you need to Know

The push for Power BI customers to adopt Microsoft Fabric quickly marches onward, whether customers (or features) are ready or not. Along with forcing high-end Power BI customers to switch to Fabric licensing, Microsoft is now retiring high-end Power BI features with Fabric as the only replacement option. Microsoft wants you to move to Fabric now and they’ll use any tactic they can to make that a reality.

Power BI Premium customers can theoretically remain on Power BI until the end of their agreements, which could be three years from now. However, unless their Power BI deployment is purely reporting, that’s not likely to happen. It’s evident that any Power BI feature that can be replaced by a Fabric experience (like machine learning or data marts or streaming datasets) will be. This means customers who need those features will be forced to migrate to Fabric (with short notice) either by redeploying their Power BI workloads in Fabric or creating a separate Fabric deployment that runs alongside Power BI, just to perform those activities.

Here’s what happened

Last month I wrote about how Power BI customers are being forced into Fabric licensing. On March 14, 2024, Microsoft announced the retirement of several Power BI licensing and purchasing options by the end of the year, retirements that will require customers to purchase new Fabric licensing and migrate existing workspaces. Officials from Microsoft claim the change will give Power BI customers more benefits, but they glossed over the fact that on-premises customers and those use Power BI to embed reports in their applications will see higher costs.

And now we’re seeing the retirement of Power BI features where the suggested replacement option is in… Fabric, of course.

The most recent is the quick retirement of AutoML in Power BI Dataflows, which went from announcement to retirement in three months! Customers are advised to move to AutoML in Fabric Data Science, which is a great offering and ultimately is the right place to create machine learning models. But I can’t understand why customers were only given three months to make the change.

The two offerings are not the same and migration is not a quick lift-and-shift. AutoML in Power BI was an integrated solution, designed to work with Power BI components, whereas AutoML in Fabric Data Science uses OneLake and Fabric tools. Power BI customers had to learn a new environment, move their models over, move training data over, retest and revalidate models, and then connect existing Power BI Dataflows and queries to the models now hosted in Fabric. All this in just three months? And did I mention that AutoML in Fabric Data Science is still in preview, so it’s not actually supported for production use? That last point is interesting, because I know lots of customers who have policies preventing the use of preview features for production.

Sidenote: I don’t know who made this decision, but it can’t be someone who has deployed and supported real-life workloads. To make an announcement in February that a significant feature would be retired in three months shows a lack of respect for customers who already have budgets and project plans established for the year. This change took people away from efforts that are more important to their organizations and made them focus on an unplanned migration project to a solution that is still in preview. Sorry, but that’s not nice.

More retirements coming

I don’t think this will be the end of retiring Power BI features, as there are several features in danger, whether Microsoft has publicly admitted it or not. The way I see it, any Power BI feature that is not part of visualization and can be replaced by a Fabric feature will be replaced, and probably with very little notice.

Here’s a quick list of the Power BI features in danger:

Power BI Dataflows Gen1was marked for retirement the moment they started calling it Gen1. The replacement is Dataflows Gen2, a feature that resides in Fabric Data Factory, of course. (Note: FDF is a great solution and where integration pipelines should reside). Gen2 is a hybrid of pipeline features from Azure Data Factory and data query features from Power BI Dataflows, so it’s not a direct migration for anyone.

Power BI Datamarts is still in preview after more than a year, and I think it’ll be retired in favor of Lakehouse features in Fabric Data Engineering. Datamarts uses the Azure SQL Database service and it’s obvious that the Power BI team prefers Fabric’s OneLake environment. They’ve also released a connector called DirectLake that allows Power BI models and reports to query Lakehouses directly.

Streaming data has always been a challenge for Power BI with several failed solutions over the years. The latest, Streaming Datasets, uses other Azure components in the backend and I suspect it will be retired in favor of Fabric Real-time Analytics, which itself is based on Azure Data Explorer. To be honest, this is a replacement that will finally deliver a good streaming data solutions.

Data compliance features are already being replaced with Purview, which makes a lot of sense, but Purview is also the data compliance solution for Fabric’s OneLake offering. I think most of the new Purview features for Power BI will only be available for Power BI inside Fabric deployments.

Desktop Developer mode is a new development option with version control and code sharing. The original goal of supporting repositories remains; however, it appears the features will now be made to work with repositories that support other Fabric experiences. Desktop Developer mode has been in preview for over a year, so the influence of Fabric is obviously causing some changes.

My recommendations

Power BI’s roadmap is no longer its own. It is now a part of Fabric and Microsoft will pursue an agenda that focuses heavily on Power BI being reliant on Fabric for as many features as possible. While this is a reasonable long-term objective, customers shouldn’t expect that they will have years to make the migration. If you have deployments that depend on Power BI/Fabric overlapping features, make plans to migrate them to Fabric soon.

Throughout 2024 and 2025, I believe Microsoft will continue to retire Power BI features that have counterparts in Fabric, pushing customers to adopt Fabric even before their agreements end. In the near term, have developers and administrators start testing and learning how to use Fabric.

Ultimately, I’m not sure there will an option to have a Power BI–only environment.

Related Resources

Microsoft Fabric takes control of Power BI licensing

Understanding Microsoft Fabric Licensing (Directions members only)

Power BI Roadmap 2024, Wrapped in Fabric (Directions members only)

Microsoft Power BI In-Depth Guide

Microsoft has spent more than a decade trying to find a way to get Windows on Arm devices to catch on. On May 20, Microsoft and many of its big PC partners took another swing at igniting the Windows-on-Arm PC market, and a reason for customers to buy new machines. This time, unsurprisingly, AI is being touted as the “killer” app/use case.

The coming wave of new Windows on Arm devices, running Qualcomm’s latest Snapdragon X series of processors, are going to be branded “Copilot+.” (Intel and AMD-based Copilot+ PCs are coming, too, but possibly not until later this year or early next. They will be based on new AMD and Intel systems on a chip (SoCs) that are expected to be announced this summer.)

No PCs currently in market qualify as Copilot+ devices. The baseline specs for Copilot+ PCs are NPUs delivering 40-plus TOPS (trillions of operations per second), Microsoft’s Pluton security processor (which must be enabled by default), 16GB of RAM, and 256GB of storage. Microsoft is requiring PC makers to include a Copilot key on the keyboard for this new class of devices. These Copilot+ PCs will be running Windows 11 24H2. They will be available in all kinds of configurations. Pricing starts at $1,000 and they’ll be generally available beginning June 18.

If at first you don’t succeed…

Microsoft and PC makers have been trying to capitalize on Arm’s promised benefits, including better battery life and lower power and cooling requirements, for more than a decade to no avail.

Microsoft’s first foray into Windows on Arm, in 2012, centered around its own Surface RT tablets running a modified version of Windows for Arm. The devices were so unsuccessful that Microsoft ended up taking a $900 million charge due to having to slash the price of the Surface RT tablets.

Microsoft tried again with its Surface Pro X, featuring the Microsoft SQ1 Arm processor, which was a modified version of the Qualcomm Snapdragon 8cx Arm chip. These devices — and Windows on Arm — didn’t offer the battery life or performance vendors promised. Emulation was required to get popular apps to work on Microsoft’s and other PC makers’ devices running 8cx, and emulated apps ran far slower than native ones.

(Near) total Recall

Microsoft’s Surface unit, along with top PC makers — including Acer, ASUS, Dell, HP, Lenovo and Samsung -— are looking to AI features to whet Windows PC buyers’ interest. The new Surface Laptop and Surface Pro announced on May 20, both feature the Snapdragon X Arm processors and will be marketed as Copilot+ PCs.

With the so-called “Recall” application (part of the set of features first reported by Windows Central as “”AI Explorer”), which will soon be available in preview, customers will be able to more easily find anything they’ve seen on their PCs by describing things they remember. A timeline interface will help them scroll back in time to return to apps, documents, messages which they used previously.

Live Captions with live translation will deliver automatic captions and handle translations in real time of any live or prerecorded videos in a variety of languages. PC makers are playing up “Cocreator” a feature that enables sketches to be filled out using AI. And the new Copilot+ PCs will take advantage of additional new Windows Studio Effects, which can improve video conferencing with filters that adjust lighting, and noise cancellation.

Windows 11 on Arm can run x86 and x64 applications via emulation, which helps with performance and compatibility. But Microsoft finally seems to be convincing ISVs to build native Arm versions of their apps for these devices. Microsoft’s own major Microsoft 365 apps have been available as native Arm apps for several years. Google recently delivered an Arm64 version of Chrome. Adobe Photoshop, Lightroom, and Express are all available natively, and Illustrator is coming this summer, according to Microsoft.

Microsoft officials claim 90% of users’ application minutes on these PCs will be spent in native apps. But for enterprises, the real test will be in the line-of-business and other non-consumer apps that they will need to just work, either in emulation or natively.

Microsoft is adding a new “Copilot Runtime” layer to Windows 11 to infuse the OS with AI capabilities, rather than making them add-ons. Microsoft execs also said that the Windows 11 tools organizations use to deploy, manage and secure existing PCs also will work with Copilot+ ones. Windows Autopatch, Intune and Windows Autopilot will all work with Copilot+ PCs, they said.

Related Resources

Microsoft blog: Introducing Copilot+ PCs

What admins need to know about Copilot+ PCs

Podcast: Windows on Macs

Microsoft guidance on running Windows 11 on Macs

On May 14, Microsoft posted a blog which stated that multifactor authentication (MFA) would be required for “all” Azure users starting in July 2024. The post, which was very light on details, did highlight why (Do security!) Microsoft is making this change, but failed to provide anything about possible exemptions, implementation and other important information.

Deep in the rapidly growing number of comments on the blog post, Naj Shahid, Principal Product Manager for Azure, added a few of the missing details about the edict.

Shahid explained that Microsoft won’t actually require all Azure users to use MFA.

“Students, guest users and other end-users will only be affected if they are signing into Azure portal, CLI, PowerShell or Terraform to administer Azure resources. This enforcement policy does not extend to apps, websites or services hosted on Azure. The authentication policy for those will still be controlled by the app, website or service owners,” Shahid noted.

In addition, service accounts, managed identities, workload identities and other token-based automation accounts will be excluded from the MFA requirement, he said. For cases where no workaround is available, there will be an exception process, which Microsoft will detail via official notifications.

Starting in July, Microsoft will be gradually enforcing the MFA sign-in policy for portal. Once that’s completed, a similar gradual rollout will kick off for CLI, PowerShell and Terraform, Shahid said. Each step of the way, Microsoft will send customers information through emails and notifications, to let them know what is happening when.

“We understand the impact this enforcement could have on automated scripts using user identities and thus are prioritizing enforcement for Azure portal to provide additional time to adapt if needed,” he added.

Microsoft’s guidance is for admins not to wait to set up MFA with the MFA Wizard for Microsoft Entra. Entra ID supports various MFA methods, such as the Microsoft Authenticator app, SMS, voice call, and hardware tokens. Admins can also use Entra ID Conditional Access policies to tune when MFA is required based on signals such as the user’s location, device, role, or risk level, as Microsoft noted in the original blog post.

“Microsoft recommends examining which Entra IDs are used with dev ops and API access to Azure Resource Manager. As needed, learn how to replace user identities with service principals and managed identities,” Shahid advised.

Related Resources

May 14: Microsoft will require MFA for all Azure users

Customers Must Prepare for MFA Unification (Directions members only)

Microsoft Causes Fuss Around Azure MFA Announcement

No more amount of digital ink has been spilled about any feature announced at Microsoft’s Build 2024 conference than Recall, which purports to record everything you do on your computer by taking screenshots every few seconds. Microsoft claims that Recall is a better AI-enabled (of course) way to search your computer, to find that great bon mot you used in an email a few days ago, or the name of that Korean restaurant someone recommended.

How It Works

Recall saves the screenshots it takes in a local, encrypted database, saving up to three months of data. According to Microsoft, specialized software called “screenray” and hardware called a Neural Processing Unit (NPU) – which requires PCs that aren’t yet available – then analyzes the image, extracts text, and creates a “semantic index” so that you can go back and find the name of that restaurant your friend was so excited about. What’s a “semantic index?” It seems to be a local LLM and vector database (perhaps leveraging Silica ) similar to what’s used by language models like Microsoft’s Phi3 and Meta’s Llama. Vector databases are useful for capturing relationships between words and thus can help infer meaning. (Creating a vector database is a math-intensive process, which explains the need for an NPU.) Users are presented with a conventional-looking search bar to query for results, which can be filtered by the application in which the terms were mentioned.

Wait—What?

Privacy and cybersecurity experts have raced to point out the dangers of Recall, some of which are real, and some perhaps overblown. Recall, according to Microsoft, does not capture Edge’s InPrivate or Chrome’s Incognito windows, or content protected by digital rights management (DRM). Users can pause and resume Recall (assuming they remember to do so) and can exclude apps from recording. Its database, as we mentioned, is encrypted, and Microsoft assures us that the content is never sent to the cloud. And there are, or will be, group policies and end-user options made available to turn it off.

Nevertheless, as any number of commentators have mentioned, Recall will record sensitive interactions – such as, for example, the browser screen from your bank, the Monday Night Football game you were furtively watching during a late meeting (who, me?), or other content you perhaps might not want captured. Whether or not Recall records passwords such that they can be extracted isn’t yet clear – but maybe, or maybe in some cases.

All this seems very scary indeed and I for one will waste no time turning Recall off.

Recall, Purview, and Compliance

There may be more to worry about. As IT and compliance administrators know, Microsoft has made huge, if quiet, investments in Purview, its family of regulatory compliance services. One of the services that has grown significantly over the past few years is a service called Insider Risk Management, which includes capabilities for compliance teams to manage and monitor employee activities: one called Communication Compliance can “watch” email and Teams conversations for offensive, illegal, or policy-violating talk. An add-on called Forensic Evidence can literally watch, in real time, what an employee is doing, in order to collect evidence for an investigation. Sound familiar?

Perhaps, in fact, compliance administrators will have the ability to override the group policy or end user setting and remotely turn on Recall without the user’s knowledge! Indeed, it’s hard to imagine that the data Recall collects will be immune to eDiscovery requests from lawful authorities, which means that Microsoft will find itself in the unenviable position of having to decrypt, or provide keys, to the database – again, with or without the user’s and/or organization’s knowledge.

Worse, it’s even harder to imagine that bad guys, such as well-funded and well-trained foreign actors, won’t expend a ton of energy working to break the code. Will they be successful? Who knows, but Recall has presented them with yet another target.

Finally: Why?

It’s hard to deny, at least on the surface, that Recall’s a cool-looking feature.

But I have to ask: why? As I wrote a year or so ago in a post called “Has Microsoft Forgotten About Windows?” Microsoft has neglected what was once its prize offering. Instead of introducing a new privacy worry, the company could have fixed Windows Search, for example (I still can’t understand why Google, which searches orders of magnitude more content than is on my PC, is orders of magnitude faster than Windows Search.)

Even worse: the UI for Recall would be dandy for a first-class, local Windows Backup a la the Mac’s wonderful Time Machine.

Of course, we all know why. AI rules these days, it’s driving Microsoft’s stock price, not to mention those of all the tech vendors. Not only that, Recall gives Microsoft (and Qualcomm) a justification for a whole new chip – the NPU – in the new Copilot+ PCs.

Does any of this add real value for users or enterprises?

Color me skeptical.

What do you think? Is Recall valuable or a huge risk? Drop me a line at bbriggs@directionsonmicrosoft.com.

UPDATE (June 12): Since this blog post was first published, Microsoft has reconsidered Recall. While not exactly “recalling” it, the company has chosen to make the feature “opt-in” rather than on by default on Copilot+ PCs. An extensive blog post by Pavan Davaluri, CVP for Windows + Devices, dives deep into the additional safeguards and guardrails being implemented. Are they enough? What do you think?

Related Resources

Accelerating ML: CPU, GPU, TPU, NPU, and Oh, My (Directions members only)

Purview’s Insider Risk Management Expands Reach, Simplifies (Directions members only)

Big Brother Is Watching: Communication Compliance Updates (Directions members only)

The Future of Purview eDiscovery Is Premium (Directions members only)

As a novice CTO for one of Microsoft’s divisions, I remember the first time the risk management team came to my office to visit. I have to admit that I dreaded the conversation. How interesting can regulatory compliance possibly be?

I discovered it’s actually really interesting, both from a technological and from a business standpoint.

The Regulation Explosion

Businesses have a profound need for ever more sophisticated regulatory compliance technologies: According to Thomson Reuters, companies can expect around 234 regulatory changes of one sort or another — per day. Regulations affect nearly every aspect of normal business operations (commerce, reporting, customer and employee privacy, safety). Highly regulated industries such as healthcare, pharmaceuticals, and finance face, with mostly good reason, higher bars. More daunting is that regulations covering the same activities can vary from country to country, state to state. (And, as I’ve often said to my teams, compliance really means two things: complying, and proving you’re compliant, through reporting and other means.)

The penalties for non-compliance can be draconian: violations of Europe’s General Data Protection Regulation (GDPR) can result in fines of up to 4% of annual revenues; of the EU’s new AI Act, designed to regulate the use of artificial intelligence technologies, up to 7%!

Is all this bad for business? Some will say that the expense of compliance is onerous. Personally, I disagree: as someone once said, one person’s “regulation” is another’s “protection.”

Microsoft is answering these challenges with an array (in my opinion, industry-leading) of compliance services, many quite innovative, often powered by AI. The downside? To get the features your organization will likely require, you’ll need E5, the highest tier of Microsoft 365.

Microsoft’s Regulatory Purview

In my view, Microsoft is way ahead of its competitors (AWS, Google) in the regulatory compliance space. Unlike those others, whose stance seems to be “talk to our partners,” Microsoft has made and is continuing to make very substantial investments in compliance, which have resulted in some pretty compelling innovations, including some clever uses of AI.

The downside, of course, is you have to pay for them.

Compliance is a many-splendored thing, covering many different use cases; in 2022 Microsoft folded all of them under the umbrella brand “Purview.”

Almost everything to do with compliance has to do with content: what you have, where you have it, who can access it, when you can delete it. Purview’s core content-search services technologies use metadata (author, date, etc.), keywords. More advanced capabilities leverage pattern-matching (for example: three numbers, a hyphen, two numbers, another hyphen, four numbers: a Social Security number). Even more advanced features use AI (this document looks like a contract). Content search forms the basis many compliance activities.

Let’s walk through the different services and describe what’s in E3 and why you’ll probably need E5.

Compliance assessments report the current state of sensitive data in your tenant: where it is, how much there is, who owns it. In E3, assessments are based on a Microsoft amalgam of various regulations (such as GDPR). E5 allows much more specificity, with support for over 200 individual regulations; administrators can pick and choose what they need. When the assessment is complete, administrators are given a “score” and a list of actions they can take to improve it.

Data classification. Every organization should have a data classification strategy: what’s sensitive, what needs to be protected from unauthorized exposure, and what’s not. With E3 you can create labels and manually apply them to content. E5, however, enables much more automation, including sophisticated pattern matching and “trainable classifiers” where administrators can feed the system sample documents – such as contracts – and it will learn to recognize and classify them automatically.

Data Loss Prevention (DLP) uses similar underlying capabilities (such as pattern matching) to prevent exfiltration of sensitive content. E3 supports DLP for email and files; E5 adds DLP for endpoints (client machines, using an agent) and Teams chat, and who doesn’t use Teams these days?

eDiscovery supports investigations usually as a result of litigation. With E3 administrators can search for content based on criteria (author, topic, keywords, etc.) and place legal holds on content. With E5, however, administrators receive support for much broader range of features, including data custodians, customizable legal notifications, searching in Teams conversations and Copilot interactions, and AI-driven deduplication of content, to name a few – all features required by modern enterprises. And of course the mantra that anyone who gets the benefit of E5 — such as a custodian — must have an E5 license.

Data retention. Say you’re in litigation and you’re ordered to produce a document, but it’s been deleted. As often as not, the judge will assume you’re hiding something. Thus, most companies have policies around data retention. E3 supports creation and assignment of retention labels – but most will need the more advanced features in E5, which include automated retention labeling (using the same types of technologies we’ve seen earlier) and so-called “regulatory labels” which can be applied to content that can never be deleted (even over SharePoint site rebuilds, Microsoft claims).

Audit. The Audit log tracks events, such as who last edited a file or accessed a mailbox. As such Audit is essential for forensic investigations. Until recently, however, Audit entries in E3 were only retained for 90 days – hardly enough for a thorough investigation. After a breach, however, Microsoft extended E3 Audit retention to 180 days — but E5’s retention period is by default a full year, and can be extended to 10 years. Additionally, which events are captured differs in E3 and E5; make sure you know before you buy!

Insider Risk Management. Insider trading. Harassment. Policy violations. Any of these can have unpleasant consequences up to and including legal action. Purview’s Insider Risk Management can help administrators monitor email and Teams conversations for potential issues and can even prevent different departments from communicating altogether (which may be required for regulatory reasons). Insider Risk Management is only available with E5.

It’s worth noting that it’s possible to “boost” an E3 license with E5 compliance features via add-ons, such as the E5 eDiscovery and Audit Add-on, the E5 Information Protection Add-on, the E5 Insider Risk Management Add-on, or the E5 Compliance Add-on. Be careful though: a la carte may result in costs higher than a simple E5 license. Also, you may have good reason to have a mixed E3/E5 tenancy, but be cautious. Anyone (such as a data custodian) who gets the benefit of an E5 feature must have an E5 license.

Phew!

Microsoft is investing heavily in compliance. But the overwhelming focus of innovation is in E5, and I suspect the requirements of any large organization will mandate an E5 purchase, expensive as it is.

Is Microsoft missing things? Have an interesting compliance issue or story? Drop me a line at bbriggs@directionsonmicrosoft.com.

Related Resources

Microsoft rebrands its compliance and data governance offerings as ‘Purview’

Microsoft broadens access to its cloud security logs for more Purview customers

The Future of Purview eDiscovery Is Premium (Directions members only)

In late 2023, VMware’s new owner Broadcom announced the phase-out of perpetual licenses in favor of subscriptions, leaving many of its customers unhappy. But it wasn’t until May 1, with its announcement of the “VMware Rapid Migration Plan,” that Microsoft attempted to capitalize on VMware customer angst.

Microsoft’s new migration plan centers around its Azure VMware Solution. Azure VMware Solution is a service for new or existing VMware virtual machines (VMs), including those running Microsoft software, within Microsoft’s Azure cloud.

Microsoft’s VMware Rapid Migration Plan includes the following “carrots”:

While Microsoft’s offer makes these incentives look unique, few are. And even the ones that are new may not be as shiny as they first appear, as Directions on Microsoft analyst Wes Miller noted.

The hosted Windows Server/SQL Server carrot is the existing Azure Hybrid Benefit, which already is included in Microsoft’s Azure VMware Solution. Extended Security Updates (ESUs) for no additional cost is something Microsoft offers all customers of Windows Server and SQL Server as long as they are running these products on Azure.

The five-year Reserved Instance may entice some customers who are interested in locking down a good price, but what happens after those five years are up, Miller wondered aloud. The other quantifiable benefit in the new VMware Migration Plan is the $120,000 in credits, which gives organizations six months of Azure services for free.

In short, “this migration plan isn’t nearly the windfall it’s being promoted to be,” Miller said.

Broadcom, which purchased VMware last year, announced in Dec. 2023 that once customers’ VMware licenses for their perpetual contracts end, they will no longer be able to stay with that model. Broadcom said it would provide customers with upgrade pricing incentives if they move to their new subscription plans. Microsoft and Broadcom are partners.

Related Resources

Microsoft announces the VMware Rapid Migration Plan

Broadcom kills VMware perpetual license

Azure VMware Solution offers licensing benefits (Directions members only)

It’s been quite a while since Microsoft provided an update on its plans for the next release of on-premises Exchange Server. But on May 7, in a blog post entitled “Exchange Server Roadmap Update,” Microsoft broke its two-year silence.

Microsoft officials said the coming next release will be named Exchange Server Subscription Edition, or Exchange Server SE. It will be generally available “early in the third quarter of calendar year 2025,” they added. And the first Cumulative Update for Exchange Server SE will be out in late 2025.

In 2020, Microsoft officials said the next versions of its on-premises Exchange Server, SharePoint Server, Skype for Business Server and Project Server would be available in the second half of 2021. But the only two of these that materialized as planned were SharePoint Server SE and Project Server SE. (Microsoft has not provided any information about when and whether there still will be another on-premises Skype for Business Server release.)

In 2022, Microsoft officials said they had decided to hold off on a new version of Exchange Server until sometime in 2025 in the name of getting its security house in order. In the interim, the company said it would offer more new features for Exchange Server 2019 and advised customers to move to the 2019 version of Exchange Server as soon as possible.

Microsoft is planning to end support for Exchange Server (both the 2016 and 2019 versions) on October 14, 2025. Officials said today they are not going to extend the end-of-life date or offer Extended Security Updates for either version. That doesn’t give organizations much time to move to the coming Exchange Server SE release in Q3 2025.

Ready, set, upgrade

In today’s blog post, officials described the process they are planning “to allow for rapid adoption and deployment” of the next on-premises release of Exchange Server. They said Exchange Server SE will be “code equivalent to (e.g., the same exact code as) Exchange Server 2019 CU15,” except for the following:

Additionally, Microsoft will support two types of upgrades to Exchange Server SE from previous versions: An in-place upgrade and a legacy upgrade. The fastest and easiest will be the in-place upgrade, which Microsoft officials said will be “identical to installing a CU.” A legacy upgrade will require customers to build out a new infrastructure and move namespaces and mailboxes to the new infrastructure. Microsoft recommends customers still on Exchange Server 2016 do a legacy upgrade to Exchange Server 2019 soon to prepare for the coming new release.

Exchange Server SE CU1: October 2025

Going forward, Microsoft plans to continue releasing two CUs per year for Exchange Server SE. The first CU, due in October next year, will include the following changes:

Officials said that Exchange Server SE will initially support the same supported clients as Exchange Server 2019. Support for the new Outlook for Windows (“Monarch”) won’t happen until Exchange Server SE CU1 or later, they added.

Licensing: Think SharePoint SE

Microsoft did not release any specific pricing information today for Exchange Server SE. Officials did say that Exchange Server SE will be available for download from the Microsoft 365 admin center (previously the Microsoft Volume License Service Center) in the early part of Q3 of 2025.

The licensing model used by Exchange Server SE will be the same as SharePoint Server Subscription Edition, which requires subscription licenses or licenses with active Software Assurance for server and user licenses. The hardware and operating system requirements for Exchange Server SE are the same as Exchange 2019 CU15, which adds support for Windows Server 2025.

The required subscriptions for SharePoint Server SE and Exchange Server SE give customers access to support, security, and product updates and patches while customers are current on their payments.

“My interpretation is that the Exchange Subscription Edition is essentially Extended Security Updates (ESUs), which is actually favorable for the customer. ESU annual subs cost about the same as a new perpetual server license whereas continuing Software Assurance (SA), which gets you Subscription Edition, costs one quarter of that amount,” said Directions on Microsoft analyst Rob Horwitz.

Related Resources

Exchange Server Roadmap Update

From 2022: Next version of Exchange Server not until 2025

SharePoint Server SE Adopts New Release Schedule (Directions members only)

Microsoft to support classic Outlook for Windows (for some) until at least 2029

In 2022, Microsoft announced plans for a work-scheduling app called Microsoft Places. That app was slated to be available in private preview in 2023. After going quiet about Places for the past year-plus, on May 13, 2024, Microsoft re-announced the Places app, which is now in public preview and will be getting a Copilot-integration boost later this year.

Places is intended to help employees optimize their in-office time for collaboration with coworkers and find work and meeting spaces, while providing employers with analytics to optimize facility usage

As Microsoft originally announced in 2022, the Places app is designed to work together with Teams and Teams Rooms Pro to provide occupancy and utilization insights. It also will work with Outlook and other Microsoft 365 apps to help customers schedule events, see who is close by and chat with people who are in proximity.

Microsoft officials said they plan to integrate Microsoft Places data with “Microsoft Copilot.” (I asked Microsoft to which of the many Microsoft Copilots they are referring, and a spokesperson verified that it’s Microsoft 365 Copilot.)

This Copilot integration will enable users to do things like understand which days are best for coming into the office; adjusting schedules based on this information; finding the best spaces for meetings, etc. Places Finder will be accessible from Outlook Calendar to help users search for rooms and desks and get other booking information. Places also will be able to use Teams’ bookable desk features so they can connect laptops to monitors and reserve work spots automatically.

Microsoft Places also will feature intended and actual occupancy pattern capabilities, which could help IT admins and real estate and facilities professionals to understand how their physical spaces are being used and help with space planning.

Places will be a Teams Premium feature

Microsoft Places will be generally available by the second half of calendar 2024, a spokesperson said when I asked. Microsoft officials said they plan to sell Places as part of Teams Premium, a subscription available for $10 USD per user per month which adds a variety of “premium” features to Teams that focus mostly on meetings and webinars. (Through June 30, 2024, Teams Premium is available for a promotional price for many customers for $7 per user per month.)

“Several customers have been asking ‘Where’s Places?’ and some have already gone to third-party facilities management solutions,” said Directions on Microsoft analyst Jim Gaynor. “But organizations that want this will need it for all their staff to make it effective. But making it part of Teams Premium at $10 per user per month — and even more with Copilot — is going to be steep for company-wide deployments.”

When Places was announced in late 2022, hybrid work solutions were a strategic focus for Microsoft as organizations began return-to-office efforts as the pandemic waned. The delay and lack of new information about Places until now is likely due to Microsoft’s change in focus to Copilot and generative AI.

Related Resources

May 2024: Introducing Microsoft Places

October 2022: Original introduction of Microsoft Places

More information on the Places public preview

Places Is Behind Closed Doors, for Now (Directions members only)

Proof that Microsoft Fabric, the new data and analytics offering, is now wearing the Microsoft BI crown was confirmed last week when Microsoft announced that existing Power BI customers will have to switch from Power BI licensing to Fabric licensing, many by the end of the year.

Update (Jan. 2025): Microsoft has quietly changed direction with Fabric and Power BI licensing and is now deprecating only Power BI Premium P subscriptions at the end of 2024, reducing the number of Power BI deployments that must migrate to Fabric. Originally, Microsoft planned to retire the popular Power BI embedded SKUs (known as A and Premium EM), which support embedding Power BI reports into custom applications, such as thick-client and Web applications. Without the change, Power BI embedded customers were faced with a significant cost increase after Dec. 2024.

There are lots of ways to promote a new service. Good marketing, enticements, and perhaps finished components, but forcing customers to relicense and migrate to a new service seems a little extreme. Maybe Microsoft is preparing for next year’s financial analyst call next year: “Our investment is paying off! Fabric adoption is through the roof!”

What Happened?

On March 14, 2024, Microsoft announced plans to retire several Power BI licensing and purchasing options by the end of 2024, which will require customers to purchase new Fabric licensing and migrate existing workspaces. Officials claim the change will give Power BI customers more benefits, but what I see is a situation with less flexibility, fewer benefits, and for some customers, much higher cost.

(Note: The licensing change only affects customers using Premium P, Premium EM, and Azure Power BI Embedded A SKUs. Customers using Power BI Pro, Premium Per-User, or Power BI in sovereign government clouds are not affected by this change.)

Migration Is Required

All customers, using the affected Power BI SKUs will have to migrate at some point, but the timing is dependent on their agreement. The Power BI SKUs (P, EM, and A) are retiring on Jan. 1, 2025. EA customers can wait until the end of their agreement, while all other customers must migrate by the end of their subscription date, which could be December of this year (2024).

Migration is not complicated, but it is disruptive. Customers must purchase and deploy new Fabric capacities, migrate existing Power BI workspaces, and recreate scheduled jobs. Not risky, but it does require testing and takes users away from other priorities, all for the sake of relicensing.

Who is affected by these changes and how?

Power BI Premium P

These are customers using Premium P1 through P5 SKUs, which are equivalent to Fabric F64 through F1024 SKUs.

The major licensing change for these customers is the loss of dual-use rights for Power BI Report Server on-premises. This is a special benefit of Premium P subscriptions where customers can use a Premium P subscription for both a Premium P deployment in the cloud and to cover an on-premises Power BI Report Server deployment. It’s a nice solution for customers with on-premises and cloud requirements.

But the dual-use benefit is going away. Customers using this benefit will need to cover their on-premises deployments with SQL Server Enterprise edition per-core licenses and maintain Software Assurance. Those licenses are not cheap.

So, why is Microsoft doing this? Microsoft justifies removing the benefit by saying, “Microsoft Fabric capacity is not compatible with Power BI Report Server.” But covering an on-premises deployment was always just paperwork. It never required an actual connection to Power BI, so there’s no technical compatibility problem and Microsoft has gone out of their way to explain how Fabric SKUs map to Power BI Premium.

Power BI Premium EM and Azure Power BI Embedded

These are customers using EM or A SKUs: Premium EM1 through EM3 SKUs or Azure Power BI Embedded A1 through A5 SKUs.

EM SKUs are equivalent in performance and price to Fabric F8 through F32 SKUs.

A SKUs are equivalent in performance and cost to Fabric F8 through F128 SKUs.

The major impact here is that the lower Fabric F SKUs (F32 and lower) do NOT cover Power BI read-only users. This means embedded customers who migrate to a Fabric F32 (or lower SKU) will need to license their Power BI read-only users with Power BI Pro licenses. Alternatively, customers will need to upgrade to an F64 (or higher SKU) that does include read-only rights. Both options represent a significant increase in cost.

I’ve asked Microsoft to clarify the story for embedded customers, because this seems like they’re just not interested in keeping these customers. The response: They are “determining a plan for the EM SKUs, we will share more when we are able.” I’m hoping there are changes to the rules before this goes live, because I know customers who will shut down usage and look for an alternative solution if not.

Benefits?

There have to be some benefits here, right?

Power BI SKUs are purchased through Microsoft 365, so moving to Fabric licensing will help customers meet Microsoft Azure Consumption Commitment (MACC). If they are Azure customers. (I’m not into conspiracies, but now I’m wondering if this change might be a push to improve Azure sales numbers as well.)

Fabric has more purchasing options than Power BI, including a flexible pay-as-you-go (PAYG) option and a reserved capacity option that provides the same pricing as Power BI licensing. The PAYG option is appealing to me because it means I can scale my deployment as needed and for customers who can scale down at night and on weekends, the math says I can have lower overall cost than before. However, the one concern I do have is for larger customers using reserved capacity, because it requires an annual commitment, whereas the Power BI Premium purchases could be adjusted mostly. This means to get the best prices you’ll need to commit to a minimum level for the entire year.

The announcement also highlighted that Fabric capacities have exclusive features not in Power BI Premium (P or EM) capacities, such as better security when using OneLake and Spark. These are nice features, but this assumes I am using or plan to use the new Fabric service. In other words, I don’t see that they apply to many long-standing Power BI customers.

What’s Next?

I understand what Microsoft is doing and it’s not entirely a bad thing, but I do hope they provide a plan for embedded customers and extend the deadline out for all customers. A nine-month notice on a migration project is just not nice.

Now, I’m off to update my licensing WIKI entries and training materials….

Related Resources

Microsoft blog post: Important update coming to Power BI Premium licensing

Power BI Roadmap 2024, Wrapped in Fabric (Directions members only)

Understanding Microsoft Fabric Licensing (Directions members only)

It’s not just customers in the European Economic Area (EEA) and Switzerland who can buy cheaper versions of Microsoft 365/Office 365 without Teams bundled as part of their subscriptions. On April 1, 2024, Microsoft announced it is making this Teams-less option available to customers globally.

Microsoft is making these unbundling moves to try to head off European antitrust regulators investigating the impact of Microsoft bundling Teams with other Microsoft products. (The official Microsoft line is “globally consistent licensing helps ensure clarity for customers and streamline decision making and negotiations.”)

Just as it has done in the EEA, Microsoft is allowing commercial customers who already are subscribed to M365/O365 to keep the plans they have, with Teams bundled for no additional charge. Existing customers can still buy more of the “Teams bundled” licenses if they want, and also have the option of buying no-Teams SKUs for $2.25 USD less than their Microsoft 365/Office 365 subs cost normally. And existing customers also have the option to switch to Teams-less subscriptions on their contract anniversary or renewal.

“Net-new” Office 365/Microsoft 365 customers — meaning those who don’t have an existing M365/O365 subscription that includes Teams (or proof of intent to purchase such a sub) as of April 1 — will need to purchase the new no-Teams M365 or O365 subscriptions plus a separate “Teams Enterprise” SKU in order to get Teams. Or they can buy the no-Teams subscriptions without the Teams Enterprise add-on if they don’t want or need Teams.

Teams Enterprise provides meetings, chat, calling (VOIP), and collaboration without any limitation on seat numbers, and a 1000-seat cap on meeting attendees, and will cost $5.25 per user per month. It’s worth noting Teams Enterprise does not include Teams Phone Standard, which lets users replace their PBX systems for making and receiving calls with Teams.

These changes announced April 1 won’t impact customers in the EEA and Switzerland (who already got the Teams-less option); those customers continue with the same SKUs announced last year. Then newly announced unbundling changes also do not affect U.S. government, non-profit, academic or consumer customers; they only affect commercial customers.

Doing the Math

If an organization realizes not every M365/O365 subscriber at the company needs Teams, switching those users to a Teams-less plan might make sense. Why not save a few dollars per user per month if Teams isn’t part of your company’s or division’s workflow?

Office 365 E5 No Teams will cost $35.75 USD per user per month, vs. Office 365 E5 with Teams already bundled, which goes for $38 per user per month. Microsoft 365 E5 with No Teams costs $54.75 USD vs. Microsoft 365 E5 with Teams bundled, at $57 per user per month.

However, customers must think through when and whether dropping some of their subscriptions with Teams already bundled actually adds up.

If a M365 E3 user paying $36 USD per user per month for a subscription with Teams bundled as part of it gets moved to the M365 E3 No Teams SKU for $33.75 per user per month, but later needs the Teams Enterprise add-on for $5.25 per user per month, that customer is now paying $39 per user per month, or $3 per more per month, for the same set of features.

Directions on Microsoft analyst Jim Gaynor says the way to think about this is that seven users with the old “Teams bundled” licenses cost the same as four “no Teams” users and three “Teams Enterprise” users combined. In other words, unless your organization will have more than four out of seven users without Teams, the new SKUs aren’t saving any money. (If an organization decides to supplant Teams with Zoom or Slack or another paid add-on solution, or mix-and-match old and new licenses in the same subscription, all that math goes out the window.)

Because so many Microsoft and third-party products are integrated with Teams these days or use Teams-based apps as their main user interfaces, axing Teams might not be a simple decision. Many of those using Microsoft 365 Copilot claim the most useful piece is Teams Copilot. And Teams Copilot acts as the anchor for Microsoft 365 Chat (now confusingly known as the Microsoft Copilot for Microsoft 365 Copilot).

Planning for the long(er) term

An unknown in the brave, new, Teams-less world is how long Microsoft will continue to allow existing M365/O365 customers to stick with their current subscriptions with Teams bundled for free. Microsoft has not addressed this issue, but there’s no guarantee it couldn’t opt to remove this allowance the next time a customer’s licensing contract is up for renewal.

Microsoft officials have made no bones about their plan to try to continue to grow company revenues — and especially the revenues of its Office group — by making more features available as paid and premium add-ons.

Directions on Microsoft has been tracking these proliferating add-ons and the trajectory for them continues to climb. In December 2019, Directions counted 14 such available add-ons. By March 2024, Directions found 65. With this global Teams unbundling policy, there are even more. Microsoft now has 12 different “no Teams” Microsoft 365/Office SKUs listed in its April 1, 2024, Product Terms, plus the new Teams Enterprise one.

“In the end, this move is about Microsoft trying to stay ahead of regulatory scrutiny, not about offering customers a way to reduce costs,” said Gaynor.

Related Resource

April 2024: Microsoft unbundles Teams globally

August 2023: Microsoft unbundles Teams in EEA, Switzerland

Paid add-ons to M365/O365 are multiplying rapidly

Paid add-ons to M365/O365 are multiplying rapidly

In a perfect world, Microsoft would take security seriously again. It would be transparent about breaches. Its execs would stop gloating about increasing security service revenue at a time when Microsoft can’t secure its own employees, let alone customers, against incidents that are happening with increasing frequency. And Microsoft would include must-have security capabilities as part of existing subscriptions instead of selling them as add-ons.

Selling security as a premium offering helped Microsoft build security into a self-proclaimed $20 billion USD per year business (as of January 2023). Making Microsoft 365 E5 a prerequisite to obtain core security tools is one part of Microsoft’s security growth strategy. Another is to make certain security tools available only as add-ons on top of its Microsoft 365 E5 subscription.

“Customers need the tools to keep their organizations secure without having to pay more and more every year for Microsoft’s latest top-shelf security services — which keep moving to higher and higher shelves,” according to Directions on Microsoft analyst Wes Miller.

The easiest but priciest option: Go all Microsoft 365 E5

Until Microsoft concedes, if it ever does, and makes more core security components part of the base Microsoft 365 subscriptions, what should customers do?

Some organizations are choosing to license all of their knowledge workers with Microsoft 365 E5, which costs $57 USD per user per month, because E5 includes all the capabilities of E3 and adds most (but not all) of Microsoft’s top-shelf security and compliance service. There is risk in only partially licensing an organization for E5, since security and compliance tools are typically enabled across the entire Microsoft 365 tenancy and rarely perform license enforcement at a per-user level.

Other customers try to get around going all E5 by cobbling together a bunch of a la carte security and compliance pieces and adding them to less expensive Microsoft 365 E3 or Office 365 E3 subscriptions.

This approach may have made financial sense for some orgs but doesn’t add up now. For several years, Microsoft offered two add-ons, Microsoft 365 E5 Security and Microsoft 365 E5 Compliance ($12 USD each), as a way for organizations to bring E3 users into license compliance without paying the full price of E5. But due to price increases implemented in 2022 for almost all Office 365 and Microsoft 365 suites, it is now more expensive to license users for the security and compliance capabilities via the two legacy add-ons instead of just licensing Microsoft 365 E5, which has not changed price in some time.

Microsoft takes a baby step

It’s not completely out of the question that Microsoft could make core security features part of more of its subscriptions. It did make a couple of concessions on that front after a couple of much-publicized attacks last year.

OAuth, a protocol for authorizing applications, was a key component used by Midnight Blizzard to attack Microsoft in 2023. While OAuth-based applications have become more common and are now increasingly being exploited to breach organizations, Microsoft has offered limited tools to help with oversight, and has been requiring Microsoft 365 E5 to use any of them.

After the Storm-0558 email hack which hit Microsoft and some of its key government customers last year, Microsoft’s faced complaints about some of its security-upselling practices. Logging information that would have allowed detection of the incident was only available to those Microsoft 365 customers who purchased the premium E5 plan. Those running E3 were unable to see the required logging information.

Microsoft officials pledged to make logging more broadly available, and in Oct., 2023, increased audit logging for Purview Audit (Standard) to 180 days from the original 90 days. For customers generally licensed with Microsoft 365 E3 (or less), this means that once logs are optimally configured, customers have 180 days to analyze the logged events for malicious actors before those events are lost entirely. But if customers want a longer period of logging, they still need to add Purview Audit (Premium) for one year of retention, and the 10-year Audit Log Retention add-on for up to 10 years of retention.

Will Microsoft bend further and make security core to more of its cloud subscriptions to help lessen the impact of attacks, not to mention bad publicity? We’ll be watching….

Related Resources

It’s high time for another sweeping Microsoft security initiative… Or is it?

Microsoft pledges to broaden access to cloud security logs following China e-mail hack

Microsoft ups audit log retention in Microsoft Purview

Cross-shopping Microsoft 365 (Directions members only)

Investigating OAuth applications requires E5 (Directions members only)

Microsoft’s Security Copilot, its generative AI assistant for security professionals, will reach general availability (GA) on April 1. It will be available in multiple languages and all major geographies starting on that date and will be priced as a capacity-based service. Security Copilot customers will be billed monthly via a new Security Compute Unit (SCU) at the rate of $4 USD per hour.

Security Copilot is trained on 78 trillion security signals processed by Microsoft every day, as well as with information from external security agencies like the National Security Agency. Customers can train Security Copilot on their own data, too.

Originally announced in March 2023, Security Copilot has been in paid, private testing via Microsoft’s Early Access Program since October 2023. At release next month, Microsoft officials say, they expect Security Copilot to be most useful when it comes to incident summarization; impact analysis; reverse engineering of scripts; and guided incident response.

Security Copilot will be available via an immersive standalone portal and embedded experiences surfaced through various Microsoft security products, including Defender XDR, Sentinel, and Defender Threat Intelligence. Pricing will be the same for both the standalone and embedded experiences.

The only prerequisite for Security Copilot is Azure. Organizations will be able to provision Azure capacity to support their Security Copilot workloads. Security Copilot can work with as many or few Microsoft security offerings as a company has. Microsoft is working with third-party security providers — along with its own Entra ID, Intune management and Purview compliance teams — to integrate Security Copilot into their products.

Security Copilot: Pricing expectations

How much should a customer expect to spend on Security Copilot? Microsoft officials said it’s hard to project. A spokesperson sent the following when I asked for more pricing particulars:

“Depending on Copilot for Security usage, customers may need to provision more or less SCUs. There is no simplified mapping between an SCU and number of queries run by the customer because every prompt is different, workflows are of different sizes, scripts that need to be reverse engineered are of different lengths, so they are all going to utilize and burn SCU capacity differently. Customers should leverage the in-product dashboard to observe their usage patterns and adjust provisioned SCUs over time.

“In general, Microsoft recommends provisioning 3 SCUs per hour to start your Copilot for Security exploration.”

As a capacity-based service, Security Copilot’s pricing is different from that of many, but not all, of the existing Microsoft Copilots. Copilot for Microsoft 365 is available for a flat fee (prior to any negotiated discounts) for $30 per user per month.

Microsoft officials noted that “Microsoft is finalizing the pricing strategy for Microsoft Copilot for Security.”

“Security Copilot is an interesting starting point but will need to continue to evolve and expand to help organizations manage Microsoft’s expanding security footprint effectively,” said Directions on Microsoft analyst Wes Miller. “I also think that many customers expect this type of feature to be built in, since Microsoft typically charges extra for top-shelf security capabilities already.”

Related Resources

Security Copilot to be generally available April 1

March 2023: Microsoft adds a ‘Security Copilot’ to its AI assistant line-up

Understanding Security Copilot (Directions members only)

Copilot for Intune preview coming April 1

New licensing text, which I found through a link in the March 2024 Dynamics 365 Licensing Guide, seem to limit when users of Power Apps applications may be covered with lower-cost Power Apps subscriptions, rather than more-expensive Dynamics 365 subscriptions. If real, this is a significant change that will make it more expensive to use Power Apps applications that work with Dynamics 365 CRM and ERP applications, and it could severely increase budgets for customers how have already written and deployed Power Apps applications that work with Dynamics 365 data.

I’ve contacted Microsoft about these changes. They said they are looking into it, but it’s been a couple of weeks, and we need to let our customers prepare for the impact. Over the years, I’ve occasionally found buried information like this that Microsoft has not wanted to talk about yet. That could be what I’ve discovered here. If they do reply, I’ll update this article with the new information.

Update: March 20, 2024

Microsoft responded to my blog post, stating, “We have not introduced changes or updates to our licensing requirements to Dynamics 365 or Power Apps solutions. To clarify on the new solution checker, it specifically addresses adherence to the most common Dynamics 365 Sales license requirements when building custom Power Apps applications.”

You say “clarifications.” I say “changes.”

Here’s what I think is really happening.

As Dynamics 365 and Power Apps continue to grow, customers have increased their use of Power Apps to write various custom applications. Why not? It’s a great tool and works well with Dynamics, so it’s a logical choice.

But… I think during contract renewals, Microsoft is facing difficult conversations with customers who have been licensing users with Power Apps licenses, based on the following guidance that has been in both Dynamics 365 and Power Apps Licensing Guides for years:

“Power Apps users who have a Power Apps license may use custom applications to access (that is, create, read, update or delete) any Dynamics 365 non-restricted table in the Dataverse. However, Power Apps users and devices that need to create, update, or delete data in Dynamics 365 restricted tables must be properly licensed for Dynamics 365.”

I suspect customers are being told that they need more expensive Dynamics 365 licenses for their Power Apps, because those apps are going beyond the “restricted” table guidance and performing actions and updating tables that Microsoft says require Dynamics 365 licenses. So, in response, Microsoft added new text in the March 2024 Licensing Guide to “clarify” the rules. Clarifications that have been missing for several years.

I also think Microsoft should be more direct and include text in the section that discusses Power Apps licensing. If it were up to me, and it is for our readers, I would like to offer this additional paragraph to “clarify” when customers can use and cannot use Power Apps licensing:

Additionally, there are several other conditions that limit the use of Power Apps licensing. Power Apps applications that perform specific Dynamics 365 application actions, perform CRUD operations on certain tables, or use Dynamics 365 application components may require Dynamics 365 licenses. The lists of specific actions, operations, and components are in the respective Dynamics 365 application Use-Rights tables, and some are available by using the Solution Checker. Also, in some cases a Power Apps application may update non-restricted tables that will result in the database automatically calling an operation that requires a Dynamics 365 license, even though the Power Apps application is designed to follow all the rules for Power Apps licensing.

I leave you with more takeaways:

1. Using Power Apps licensing is not as beneficial as developers thought, and I know several customers who will need to rethink their use of Power Apps and Dynamics 365.

2. The Solution Checker will hopefully be a nice tool to help customers understand compliance requirements, if it covers all the possible compliance issues and is kept up to date. However, it also feels very much like an audit tool to me.

3. Finally, I was also informed that the “restricted” table list can grow and change, to reflect changes to the application; however, those changes are a clarification of current requirements and are not licensing changes. The same can be said for anything in the application Use-Rights tables.

Honestly, I’m just glad to know I’m not losing my mind, which I hear is a common occurrence when dealing with licensing.

The rest of my original blog post from March 14, 2024

The Rules We’ve All Been Following

Power Apps is a great tool for writing custom applications to augment Dynamics 365, because it uses the same back-end platform and Dataverse environment as the Dynamics 365 CRM applications. We have numerous clients who have written custom Power Apps applications to address unique requirements. They have created specialized stock-room inventory apps, case routing apps that are driven by potential refund amounts, and even a custom front-end to the Sales application that pulls data from other internal systems.

In all these cases, the users are licensed with Power Apps subscriptions, rather than Dynamics 365 subscriptions. This is because Power Apps subscriptions provide rights for users to create/read/update/delete (CRUD) most Dynamics 365 data. The only limitation is the Power Apps application cannot modify data in “restricted” tables, reading “restricted” table data is fine. If a Power Apps application does need to modify data in “restricted” tables, then the users need a full Dynamics 365 subscription. (As an example, in Sales application the only restricted table to date has been the Goal table.)

The reason many customers use Power Apps subscriptions is they provide a mid-way licensing option between Dynamics 365 Team Member and Dynamics 365 Enterprise level subscriptions and are more flexible than Enterprise level subscriptions. (For the sake of this discussion, I am limiting the comparison to Dynamics 365 CRM applications: Sales, Customer Service, and Field Service):

Now, the question of how to license users has always comes down to understanding the list of “restricted” tables, which has been located at this Website for several years and has not been updated in almost two years.

Our customers (and others) have used these licensing rules for years to determine if using Dynamics 365 and building a custom Power Apps application makes financial sense. Think about it: if the cost analysis is based on 1,000 users with Power Apps subscriptions at US$20 per month ($240K per year), that cost is much lower than 1,000 users with Dynamics 365 Enterprise licenses at US$95 per month ($1.14M per year).

New licensing limitations?

Now, the first week of every month, I sit down with a cup of tea and read through the latest Dynamics 365 Licensing Guide, looking for the inevitable changes. It may come as a shock, but I actually enjoy this process.

But imagine my surprise (and initial delight) when I started reading the March 2024 Dynamics 365 Licensing Guide and came across new text in the footnotes on pages 27, 57, and 58. Buried in those footnotes was new help for customers to “verify license compliance” when using Power Apps applications. The footnotes even included a link to a “solution checker” that developers can run against their Power Apps solution to determine what kind of license (Power Apps or Dynamics 365) the users will need.

However, I was immediately concerned because the text mentioned “tables, operations, messages, and controls.” For years, the only licensing rule was based on when a Power Apps application modified data in “restricted” tables. So why is this solution checker talking about anything other than “restricted” tables?

It turns out that the solution checker (which currently only works on Sales data) can go through a Power Apps solution and check for the presence of restricted tables, as well as a list of operations and controls that it says require a full Dynamics 365 Sales license. It refers to these as “restricted operations” and “restricted controls”.

Now, if Microsoft goes forward with what I have seen in the solution checker, then here are the changes customers need to be ready for:

For our customers, these are major rule changes that will impact numerous existing Power Apps deployments, as well as current plans for new applications and potentially whether they purchase Dynamics 365.

What I came away with was a feeling of disappointment. I was hoping the solution checker would be a step forward in helping customers understand what licenses they needed. Instead, it looks like Microsoft is using it as an opportunity to further limit Power Apps subscription rights and increase cost for customers who deployed Power Apps solutions in good faith.

I don’t like ending on a sour note, but I’m not sure there’s anything else I can do, except provide a few more (unhappy) thoughts:

Related Resources

Power Platform Licensing: Power Apps (Directions members only)

Kit: Power Platform (Directions members only)

Microsoft Power Platform In-Depth Guide

In 2021, Microsoft officials said to expect at least one more subscription-free, “perpetual” version of Office beyond Office LTSC 2021. Last week, they made it official by announcing that a commercial preview of Office Long Term Servicing Channel (LTSC) 2024 would be available in April and reach general availability before the end of calendar 2024.

Microsoft officials pre-announced a few more related tidbits last week, as well. Microsoft also is planning to deliver a consumer-focused Office 2024 perpetual product this year. The Office LTSC 2024 versions — Office LTSC Professional Plus, Standard, and Embedded, as well as the individual apps in the suite — will be up to 10 percent more expensive than the 2021 version. Microsoft is not planning to increase the price for the consumer Office 2024 release and will share a list of new features closer to general availability.

In addition, Microsoft is committing to yet another perpetual Office release after the 2024 one, likely around 2027, if Microsoft sticks to its current Office development schedule.

Office LTSC 2024 will be covered under a device-based perpetual license and supported for five years. Office 2024 for consumers also will get five years of support. Both Office LTSC 2024 and Office 2024 will be available as Windows and Mac apps. In addition to supporting Windows 11, Office LTSC 20204 will work on Windows 10 and Windows 10 LTSC devices (other than Arm devices, which will require Windows 11).

Only a subset of features and no M365 Copilot

The Office LTSC 2024 release, as is typical with perpetual releases, will include only a subset of the functionality in the Microsoft 365 apps. This particular release will include new meeting creation options and search enhancements in Outlook; “dozens” of new Excel features and functions including Dynamic Charts and Arrays; and improved performance, security, and accessibility, Microsoft officials said. Office 2024 LTSC and Office 2024 will not support any features that require cloud connectivity, which means no Microsoft 365 Copilot and other integrated AI-related services will work with this release.

Office LTSC 2024 will not ship with Microsoft Publisher, which is being retired, or with the Microsoft Teams app, which is available to download separately. Microsoft did not call out Outlook in its post on Office 2024, but we do know that the new Outlook for Windows, currently in preview, is going to support perpetual Office through at least 2029.

Just a reminder: Microsoft does not advocate that customers deploy LTSC Windows and Office releases to avoid regular feature updates. LTSC is designed for “regulated devices that cannot accept feature updates for years at a time, process control devices on the manufacturing floor that are not connected to the internet, and specialty systems like medical testing equipment that run embedded apps that must stay locked in time,” officials reiterated.

Related Resources

Upcoming preview of Office LTSC 2024

Microsoft to support classic Outlook for Windows (for some) until at least 2029

Microsoft offers Service Level Agreements (SLAs) on many of its online services, including Azure, Microsoft 365/Office 365, Dynamics 365, and Intune. There are separate SLAs published by Microsoft for more than 130 Azure services, but most use similar percentage thresholds, calculation formulas, and service credit tiers. SLAs are Microsoft promises of uptime and other qualities for these services. If specified levels are not met, customers can submit claims to the company and potentially receive credits (but not monetary compensation) toward future service usage.

Sounds relatively straightforward? Not really. Here’s what customers need to know about Azure SLAs, in particular.

There are many limitations on the type of service interruptions that can be claimed against Azure SLAs. There also are quite a few hoops that customers should be aware they need to jump through in order to make a claim for an unmet SLA.

“Customers often assume SLAs guarantee uptime for some ‘number of nines’ and when that uptime is interrupted, you aren’t charged, analogous to when your electric goes out, the meter stops running, and you aren’t billed during the outage. The reality of Azure SLAs is quite different: it’s up to the customer to determine whether SLAs are met, submit claims if not, and then at best, receive some future free usage of the same service,” explained Directions on Microsoft analyst Rob Sanfilippo. “Furthermore, some Azure SLAs only provide maximum service credits of 25% of the amount charged, even if the service never worked. “

Not every ‘outage’ qualifies

Not too surprisingly, Microsoft does not proactively notify customers when their SLAs have not been met. It’s up to customers to figure this out for themselves.

Not every “outage” qualifies as an unmet SLA. For example, Microsoft-planned maintenance time for services and downtime caused by non-Microsoft factors, such as network providers and equipment do not qualify. If an issue is caused by a customer’s own systems, processes, configurations, or methods of implementation or deployment, it also does not qualify.

Also outside the scope of what qualifies as an unmet SLA: Downtime caused by security breaches that could have been mitigated by the customer; natural disasters and government actions; downtimes in a single Microsoft datacenter where geo-resiliency could have headed off the problem.

Microsoft does not provide any services, tools, or automated processes that specifically track whether SLAs are met or to generate claims. Some customers deem it worth the time to try to keep tabs on historical Azure health data and health events and generate their own alerts.

However, organizations can end up facing costs for processes they use to track SLA adherence. For example, using a heartbeat monitor on a service could increase charges for the service depending on the heartbeat frequency.

There’s also the time factor. Customers have two months after an incident occurs to determine that an SLA was not met and submit a claim — and Microsoft has 45 days after that to process the claim. Even if customers do end up qualifying for service credits for unmet SLAs, service fees still accrue during downtimes, and Microsoft does not refund them.

It’s good that Azure SLAs exist. They vary considerably across Azure services (see the SLA for Cosmos DB, which is a major selling point for the service), and mostly don’t exist for preview services. If you’re trying to decide which of several overlapping Microsoft services to use in a system, SLAs could be a factor, as they indicate in which services Microsoft itself is most confident.

But customers should be aware SLAs don’t mean every Azure outage will mean money — or service credits — in their pockets.

Related Resources

Microsoft’s Azure SLA documents (published monthly)

Azure SLAs promise robustness, bring burden and limits (Directions members only)

Azure roadmap (Directions members only)

Cosmos DB has the most comprehensive SLA (Directions members only)

Microsoft is continuing its relatively slow march toward delivering the new Outlook for Windows. Last year, officials said the rollout would be gradual, taking years to go from preview to the final phase-out of the existing Outlook for Windows client. As of last week, we now know some commercial customers with classic Outlook will be able to hang onto the existing version of the app until at least 2029.

Microsoft has been working on consolidating its Outlook mail and calendar client apps for Windows since 2021, if not longer. The planned replacement, which was formerly codenamed “Project Monarch,” looks and feels a lot like the current Outlook web client for Windows.

Many features that are in the existing classic Outlook still are missing from the new Outlook for Windows. A lot of the public feedback on social media and various web sites about the new Outlook preview has been critical and negative, which makes the final phase-out date for classic Outlook being at least five years away not too surprising.

To date, Microsoft has released very few tangible dates as to when customers should expect the current Outlook app to be replaced by the new updated Outlook client. Last year, officials did say they planned to replace the Mail and Calendar apps built into Windows 11 with the new Outlook by the end of calendar 2024.

As of last week, we also know that Microsoft will “continue to honor published support timelines for existing version of classic Outlook for Windows until at least 2029,” according to “A Guide to Product Availability” blog post from the company. There are no other delivery dates in the post aside from the 2029 reference. Instead, officials reiterated the steps toward delivery they are planning.

On the new Outlook roadmap

Currently, new Outlook customers are only at the opt-in preview stage. The next planned milestone — for which the company still is not providing a date — is general availability. At GA, feature development will still be ongoing, but customers who are ready to move to the new Outlook will be “fully supported” by Microsoft.

Sometime after GA, Microsoft will hit the “opt-out” milestone, during which the new Outlook will be “on by default,” but customers can still roll back. The “cutover” stage, during which the switch back to classic Outlook will no longer be available for new deployments of Outlook from Microsoft 365 subscriptions, is slated for some time after that.

During cutover, “existing installations of classic Outlook for Windows through perpetual licensing will continue to be supported,” officials said. Microsoft has yet to publicly announce its next promised perpetual (non-subscription) release of Outlook and Office. In 2021, officials did say there would be at least one more perpetual Office release, and there have been sightings of what seemingly is Office 2024, which would be supported until 2029 if Microsoft offers a five-year support window.

Update (March 19): Microsoft announced that Office LTSC 2024 and Office 2024 will be available later this calendar year and both will get five years of support. Officials also said there will be at least one more perpetual version of Office after 2024.

“Outlook classic could disappear from Microsoft 365 Apps for Enterprise — the one you get with Microsoft 365 and Office 365 subscriptions — any time. Versions of that only live around 14 months, so that could be your lead time for migrating off classic Outlook,” warned Directions on Microsoft analyst Rob Helm.

Last fall, Microsoft officials said that while there was no exact cutover date for dropping the current classic Outlook client, the likely cutover milestone was roughly two years out (which would have put it at 2025) and ultimately would be determined by readiness of the product, as assessed by customers and Microsoft.

New Outlook still missing features

Over the past year, Microsoft has added to the new Outlook for Windows some of the missing features customers consider “must-haves,” including Gmail, Yahoo, iCloud and iMAP account support; ICS file support; Quick steps; sort by sender or subject line; and find related messages.

However, there are still a lot of gaps. Microsoft updated its list of “things we have in the works” for the new Outlook in late February 2024. At that time, the company listed offline support and Teams Chat in Outlook as starting to roll out in March. But still missing with no published ETA: POP3 account support, PST file support, S/MIME, and more.

A reminder: One feature from classic Outlook which will not be available at all with the new Outlook is COM add-in support. Microsoft officials said these add-ins are often unstable and don’t work cross-platform.

To try to appease customers who are dependent on tools and line-of-business apps that require legacy COM add-ins, Microsoft officials said they are “actively expanding” the capabilities of the web add-ins platform. They also said they will work directly with customers to figure out which add-ins are not supported. Microsoft officials maintain that most great add-ins are not just COM-based and exist in other formats, but not all customers seem to buy that claim.

“Some companies might want the new Outlook. I believe Microsoft is going to use it to quickly shim in newer collaboration technologies like Loop and Teams for the huge base of Outlook users, and some of Microsoft’s customers see those technologies as the long-term replacement for e-mail. But Microsoft’s announcement shows it sees that as a _very_ long term plan,” said Directions’ Helm.

“I hope that means it won’t mangle Outlook the way it did OneNote as it tries to drag it into the future,” he added.

Related Resources

Microsoft blog: New Outlook for Windows: A Guide to Product Availability

Microsoft’s updated list of features coming to the new Outlook for Windows

From 2023: Ready or Not: Microsoft’s new Outlook for Windows forges ahead

M365 Roadmap publishes some of the coming new Outlook features

Office 2024 is out there (somewhere)

Most people familiar with Microsoft’s Azure platform know about its services such as Azure VMs, virtual networks, App Service, SQL Database, and Storage. Many also know about Cosmos DB, Azure Kubernetes Service, Monitor, Policy, Arc, and the AI services (which have recently been rebranded from Applied AI Services and Cognitive Services to just AI Services). Those that work more closely with Azure might know about Bastion, Front Door, Cache for Redis, HDInsight, Key Vault, and Logic Apps.

But wait. There are more Azure services. Lots more.

Fewer individuals have likely heard of Azure Lighthouse, Private MEC, SignalR Service,, System Center Operations Manager Managed Instance, Chaos Studio, Load Testing, and Web PubSub. And deep in the Azure crannies are services such as API Center (not API Management, but API Center), Spring Apps, Genomics, CycleCloud, Playwright Testing, Managed Confidential Consortium Framework, and Managed Lustre. By the time this column is published, there will likely be even more additions to the list.

Azure consists of lots of services. There isn’t a clear definition of service — some are subservices or features of other services. There are at least 60, and by some counts, more than 200. New services regularly arrive, and some depart, heading to deprecation and discontinuation.

Keeping up with the Azure services

How can orgs find out about Azure services in order to evaluate them and uncover new development opportunities or improve on current deployments? There are several ways.

You can refer to Directions on Microsoft, where we analyze and report on the Azure landscape extensively, especially in our semi-annual Azure Roadmap. You can scour Microsoft’s Azure products list for new entries (which aren’t easily spotted). You can keep tabs on Microsoft’s Azure updates feed or follow the company’s numerous blogs. You can watch Microsoft conference sessions. You can have a conversation about the topic with Copilot, ChatGPT, or your favorite AI.

A few less-talked-about Azure services

Even with all these tools, you still might not discover all the new Azure additions. Here are a few examples of what you could miss. (These aren’t all recent arrivals, further demonstrating that some Azure offerings live in stealth mode.)

API Center

Azure API Center, in preview, is a service that catalogs customer APIs for tracking, discoverability, inventory, and other governance. API Center gives organizations a central database of all their APIs, regardless of hosting location. This helps administrators audit APIs to, for example, ensure they are secure and compliant, and it helps development teams advertise and discover available APIs. The service does not publish APIs like Azure API Management, a separate service that could be confused with API Center.

Spring Apps

Azure Spring Apps is a service that allows deployment of Java Spring Boot applications on Azure. Spring Boot is an open-source framework often used for implementing microservices. Azure Spring Apps includes preview support for ASP.NET Core Steeltoe, which also focuses on microservices.

Genomics

Azure Genomics can help with genome research by performing analysis using the Genome Analysis Toolkit (GATK), which is a third-party tool for studying DNA. It also provides an implementation of the Burrows-Wheeler Aligner (BWA), which helps identify DNA variations for studying diseases and ancestry. Azure compute scalability speeds the performance of these solutions.

CycleCloud

Azure CycleCloud creates and manages high-performance computing (HPC) clusters. It offers flexibility for how jobs are performed, such as support for hybrid clusters and compatibility with third-party schedulers.

Playwright Testing

Microsoft Playwright Testing, in preview, is a managed implementation of the Playwright Node.js library, which can do cross-browser, cross-OS Web application testing. It can help development teams build automated tests, reducing manual efforts.

Managed Confidential Consortium Framework (CCF)

CCF is used to create blockchain networks. It uses confidential computing for transactions, which is processor hardware security that protects data “in use,” that is, the data remains encrypted in memory and is only decrypted as it is loaded into the CPU.

Managed Lustre

Lustre is an open-source parallel file system optimized for high performance computing (HPC) and AI workloads. Azure Managed Lustre leverages managed disks to offer Lustre as a managed service. The service integrates with Azure blob storage for data tiering to reduce costs when the Lustre system is not in use.

It pays to always be on the lookout for new (and old) stuff that has crept into Azure. Your organization may benefit with improved or novel ways to use the platform.

Related Resources

Microsoft: Azure Updates

Azure Roadmap Report (Directions members only)

Kit: Migrating Compute Workloads to Azure VMs (Directions members only)

A while back, as an experiment, I took an extract of all the Directions on Microsoft content, indexed it using a separate instance of Azure AI Search, and then fed it to the Azure OpenAI service. The initial results proved promising, even exciting: I could ask it simple questions like “What is Microsoft Priva?” and more complex licensing questions like, “Explain the differences in E3 and E5 license tiers for eDiscovery” and I’d get concise, accurate answers.

Then I began to ask myself, “Is this the future of IT?” After all, a big part of any organization’s IT mission is to be able to answer questions: about business performance, about customer desires, about likely future outcomes, and so on.

More precisely, is the future of IT to take all the data in all the disparate IT systems, smoosh it all together so that a large language model (LLM) can crunch it, digest it, and then spit out answers in well-constructed sentences?

Well, maybe. But I don’t think so.

Back to the future (of IT)

As important as LLMs are (and it goes without saying they are transformational), we cannot and should not forget the fundamentals of IT — principles and practices established over decades.

Let’s remember:

Trustworthy data underpins everything you do. Many years ago (decades, now that I think about it) I led a project in Microsoft IT to create a single customer master database, that is, the authoritative source for Microsoft enterprise customer information: company name, address, billing and technical contacts, etc. With many different lines of business (Office, Windows, gaming, and so on) it was important all the various line-of-business (LOB) transactional systems used absolutely and verifiably correct information when communicating with customers.

Since companies relocate, get absorbed in M&A, change names, and so on, we had to ensure that the data was carefully structured, curated, and safeguarded, through both technical and governance processes. (Much easier said than done, incidentally.)

The point: This core, authoritative data underpinned businesses across Microsoft.

Data models, ultimately, define your business. Every organization — company, department, governmental agency — has an information architecture (whether they know it or not, and many don’t, somewhat horrifyingly). The building blocks for the information architecture are data models. How, precisely, do you define “customer?” Or “product?” Within these models — whether they are explicitly defined via Entity Relationship Diagrams (ERDs) or are in people’s heads (for the love of IT, document them formally!) — are the details and the semantics that define what makes a customer valuable to you, and what makes your products valuable to them.

For example, many retailers track a Customer Lifetime Value, that is, the projected worth of a customer over time and correlate buying habits and history to try to maximize their value. In essence, that’s the company’s business model. But it’s not the only one: other retailers base revenues on annual subscriptions, which drives different sorts of business behaviors.

Data models ultimately reflect a business’ competitive differentiation. The more precisely defined the data model, the more finely tuned the business strategy.

Care and feeding of mission-critical relational databases is as important as ever. I doubt any right-thinking CFO would want to base a 10-K on anything but a database with rigorously enforced relational integrity constraints, that has high availability, robust backup with well-defined recovery time objective (RTO) and recovery point objective (RPO) parameters — along with a periodically tested restore function and disaster recovery capabilities.

It’s here where the effort put into data models yields enormous value. Microsoft 365 Copilot could generate some of the boilerplate text in a 10-K, and otherwise enrich it with data from other sources, but the core data must be rock-solid, accurate, and defensibly so. No CFO wants a restatement that can have both reputational and possibly legal consequences.

Your data estate is a living ecosystem. All this does not diminish the need for or value of different data management architectures such as NoSQL databases: it’s not efficient or cost-effective to maintain, say, clickstream data or IoT telemetry in Azure SQL when Cosmos DB might be a more scalable and cheaper option. These sorts of data, when joined with data from relational systems to connect clickstream history with purchases to predict future buying habits, or to predict when an IoT device needs replacing, are hugely valuable. Fabric and Power BI give us the opportunity to query immense amounts of data of different types to give insights on-demand visualizations which can speed decision making and predict the future.

Scaffolding matters

But to get the most value from your data, remember that all these new capabilities don’t replace the systems upon which we’ve built our businesses. Rather, AI, data lakes and lakehouses, and visualizations depend upon, and scaffold upon, the trustworthy data and systems that represent the core of IT.

Disagree? Will Large Language Models utterly sweep away the old and usher in an entirely new era of IT? Drop me a line at bbriggs@directionsonmicrosoft.com and tell me what you think.

Related Resources

Directions on Microsoft podcast: A deep dive into all things data

Use Your Own Data with Azure OpenAI (Directions members only)

In the early days of any given technology, such as PCs, the risk for buyers is that they will pay too much, particularly when there is the chance they will buy the wrong technology or technology from a company that won’t be around in the future.

Until recently, the risk of paying too much or buying the wrong PC was low, regardless of whether one was buying a desktop, laptop, or tablet, or which vendor supplied the processor, RAM, or solid-state memory. Therefore, buyers could think about the PCs they wanted in terms of the device’s speeds and feeds. How fast is the processor? How much RAM is there? A simple rule of thumb was to err on the side of more RAM versus more processor power, and to favor solid state memory over spinning disks.

Today’s Risk: Buying the Wrong Technology

Now, the risk when buying a PC is swinging back to high. For possibly the next year, you might again buy the wrong technology. It all started with Windows 11. Here, the risk increased when Microsoft changed the specification significantly so it could use hardware to enforce a level of security. No more 32-bit processors; it is now a 64-bit only world. A Trusted Platform Module (TPM) became a requirement rather than a nice-to-have option. These changed requirements created risk by suddenly obsoleting many devices and introducing the possibility of buying a new or replacement device that was still capable of running Windows 10 but was incapable of running Windows 11. Although there were hacks to trick Windows 11 to install on hardware that didn’t meet the requirements, this was never a good idea.

With Windows taking the first steps toward a future based on AI/machine-learning (ML), the risk of buying a device that is obsolete before you get it in the door is higher than it has been in a long time. Microsoft has already demonstrated Windows features that use locally installed Neural Processing Units (NPUs) to cancel noise and provide camera effects (background blurring and natural eye contact) for collaboration software such as Teams. At the time of these feature demos there was only one device capable of running Windows that could benefit from these features and it was ARM-processor based: Surface Pro 9.

Since then, Microsoft has announced the “Voice Clarity” feature that was unique to NPU-based Surfaces is now coming to all Windows 11 devices — no NPU required. And several Windows PC makers have announced plans to ship PCs with various types of NPUs this year.

Think Local

Now, large-language model (LLM) generative AI is here. Microsoft is bombarding us with Copilots and users can create their own copilots. Today, much of the heavy lifting for these LLM-based services is done in data centers and they can be accessed by any device from a smartphone to a tablet or laptop. But it is likely that soon users will wish to train AI on, or at least focus their AI prompts at data stored locally and to process such data locally on their device. But which NPU will speed this work up?

Microsoft and others are particularly silent on this point, even though lots of machines demonstrated at CES in January are promoting their NPUs. But an NPU from Qualcomm is not the same as one from Intel or AMD or Nvidia. This means we need something like DirectX for AI. DirectX in Windows allowed software — especially games — to work directly with a devices video and audio hardware. When games use DirectX, they efficiently utilize multimedia accelerator features built into hardware to enhance the overall multimedia experience.

Is a future or enhanced version of DirectML going to play a similar role for NPUs? Microsoft announced in early February a developer preview for DirectML 1.13.1, which supports Intel AI Boost NPUs. But until it is clear which vendors support some APIs such as DirectML, or some other standard there is a risk when buying an expensive NPU-enabled processor-based PC. And there is risk to continuing to buy PCs without an NPU — at least for those users who are really using LLMs or other ML.

Rather than simple speeds and feeds, what buyers looking at hardware today really need to think about are standards. Buyers need to determine what standards they think are going to be necessary to exploit the hardware in their devices. Maybe not everyone will need an NPU in their device, but who knows?

For example, instead of thinking about whether a device needs a TPM, one needs to know what version of a TPM is needed. One needs to know what biometric standards for authentication are needed so the device has the appropriate cameras or fingerprint readers to support Windows Hello or other authentication services. And the big stumbling block is whether developers are going to support DirectML or some other AI-, ML- or LLM-API standard? Or will there be different standards for different AI features?

On a related front, one needs to be aware of two other standards that affect printing. Mopria- and Universal Print-compatible printers are going to be needed.

Caveat Emptor

Ignoring standards and just buying a Windows device with Windows 11 installed on it, or any off-the-shelf printer will mean the device is obsolete as you walk in the door. This is especially true for organizations who are still working to upgrade hardware as they retire Windows 10 devices and replace them with devices capable of running Windows 11 but possibly not optimized for versions of Windows that may become generally available soon.

“Let the buyer beware” when selecting PC hardware has seldom been more in effect.

Related Resources

Microsoft blog: Developer preview of DirectML support for Intel AI boost

Before you buy a Windows 11 ‘AI PC’ in 2024, read this

Windows 10 vs. Windows 11 hardware requirements (Directions members only)

Accelerating ML: CPU, GPU, TPU, NPU, and Oh, My (Directions members only)

When your company shells out more than $700 per user per year for Microsoft’s top-of-the-line E5 subscription, you would assume it would include everything you’d need. If you did, you’d likely be wrong.

Microsoft is making more and more new features and apps available as paid add-ons for Microsoft 365 customers. And like many parents and kids discover the hard way, when the expected batteries aren’t included with your new, pricey toy, no one is happy.

Directions on Microsoft has long tracked all the extra-cost add-ons to Microsoft 365 plans. These add-ons include features, apps, and licenses that may be needed above and beyond what’s standard in the $36 (USD) per user per month Microsoft 365 E3 and $57 per user per month Microsoft 365 E5 subscriptions. Examples of the some of these add-ons:

In December 2019, Directions counted 14 such available add-ons. By December 2023, we found 61.

Add-ons: More than just per-user costs

These add-on services are not cheap, especially when purchased by customers who need hundreds or thousands of seats.

Copilot for Microsoft 365 is $30 per user per month. Teams Premium is $10 per user per month. The Intune Suite add-on to Plan 1 that includes all Plan 2 features, and all existing and forthcoming à la carte features, is $10 per user per month. Defender Vulnerability Management costs $2 per user per month on top of Microsoft Defender Endpoint P2 or $3 per user per month when licensed alone to use with a third-party endpoint detection and response product.

Plus, there are additional costs beyond just the add-ons themselves.

In the case of security add-ons, for instance, “Microsoft has created a dilemma no one is talking about: Who’s going to evaluate, implement, and manage all these new security tools inside Microsoft customer organizations?” noted Directions on Microsoft analyst Michael Cherry.

“Microsoft and other cloud vendors promised the cloud would help reduce IT costs, not just in terms of on-premises hardware and software, but also in terms of IT headcount. It now seems that the cloud is the cause of significant new costs, at least for security. The main cost will likely be to acquire the expertise, either through training or new hires of people with the necessary skills to understand how-to use these tools effectively,”

With Entra, the service formerly known as Azure Active Directory, organizations may encounter other issues they hadn’t anticipated.

“With the identity governance add-ons, it’s almost impossible to describe what each does,” said Directions on Microsoft analyst Wes Miller. “But CxOs are still gonna buy them.”

Will E7 save the day?

Some of the Directions on Microsoft analysts believe the current growth trajectory for Microsoft 365 is unsustainable and Microsoft may soon release a new high-end Microsoft 365 subscription tier — something like an “E7” which would include some of the extra-cost features. At the very least, a new tier that includes Microsoft 365 Copilot bundled in, seems almost inevitable, given Microsoft’s current obsession with all things AI and Copilots.

But other Directions analysts believe that Microsoft may stay the course with E5 as the Microsoft 365 high-end for a while longer. Last time Microsoft released an official number, Microsoft 365 E5 was deployed by only 12 percent of the Microsoft 365 installed base.

By holding the price line with E5 and continuing to roll out more optional add-ons, Microsoft officials may believe they can maximize average revenue per user while publicly claiming they are trying to help customers “do more with less.” In January 2024, for example, Microsoft added several new add-on Entra and Defender SKUs targeted specifically at frontline workers, which could save some companies money by enabling them to deploy feature-specific add-ons, rather than having to buy the full P1/P2 SKUs.

Related Resources

Is Microsoft 365 E7 waiting in the wings?

Services Increasingly Expanding Beyond Microsoft 365 Suites (Directions members only)

Microsoft provides a frontline-worker price break

Directions on Microsoft’s virtual and in-person licensing bootcamps (where M365 add-ons are covered extensively)

The hype around all the Microsoft Copilots is truly deafening, and it’s hard to know what to make of it. They can write code, prose, do presentations, analyze security logs, write emails, all automagically, all on your behalf. Microsoft (admittedly anything but an objective commentator) boasts that 70 percent of Copilot users claimed to be more productive.

Are Copilots all they’re cracked up to be? Even here, gathered at the Round Table at lofty Directions on Microsoft headquarters, our analysts express a very diverse set of views ranging from “Copilots are just the next Siri/Cortana/Alexa” to “they’ll revolutionize computing.”

But as a prudent, risk-averse, and cost-conscious executive you’re probably wondering: just how much should you invest in technologies which, on the one hand, may provide remarkable advances in productivity, and on the other, like all new technologies, come with risks?

The Promise

It’s seductive, isn’t it? Just open up Microsoft Word and it’s ready to help you write (incidentally, I did not use Copilot to write this blog post, so you know). It’s almost undeniable that Copilots could, in the best case, “amplify” your employees’ activities, to use the words of OpenAI’s CEO Sam Altman.

At minimum, Copilots can give you and your users a head start in drafting and organizing content. (How many times have you sat in front of Outlook trying to organize your thoughts for that organization-wide email? Tell Copilot to do it!)

Eyes Wide Open, Look Before You Leap (Etc.)

No doubt at least some of your employees are asking for Copilot licenses, and with their “real” general availability, it’s as easy as throwing a switch in the Microsoft 365 portal.

Before you do though, consider a few things.

Analyze the costs. Copilots aren’t cheap. $30 per month per user. If you have, say, three thousand knowledge workers in your organization, that’s around a million dollars per year, which, frankly, you could use to hire 3-4 FTEs. What’s the better use of your budget?

Train your employees. Artificial intelligence can get things wrong (insist to ChatGPT that “3+4=8” and eventually it’ll agree with you). It can plagiarize. While Microsoft has stated that it will indemnify Copilot customers against lawsuits, this has yet to be tested in court.

I always advise organizations to treat AI like junior workers right out of college: you have to check their work! Don’t put GitHub Copilot code directly into production, proofread and verify text that Copilot for Word generates before putting it on your website, etc. Consider creating a requirement that employees take training before giving them Copilot licenses.

Prepare your data. A Microsoft employee I know once said half-jokingly, “don’t give Copilot to your SharePoint admin.” He had a point. Copilots can ingest organizational data (like documents in SharePoint, email in Exchange Online, and so on) to formulate answers. Therefore, your data must be properly protected — permissions assigned, tagged with sensitivity labels, encrypted if necessary, and so on — so that a user’s Copilot can only see the data it’s allowed to. Given all the documents, emails, spreadsheets, presentations, and so on your organization undoubtedly possesses, ensuring they’re all protected can be a very big, and possibly labor-intensive, deal. (Microsoft states that it does not use your data in public training sets.)

Get your risk management teams involved. Copilots open up new ways to create and access content which means that users can inadvertently violate policies – or the law. Consider an employee who, for example, asks a Copilot to write a step-by-step approach to selling stock during a quiet period, or an employee who, perhaps without thinking, includes Personally Identifiable Information (PII) in a prompt. Your compliance organization needs to know about that!

The good news here is that Microsoft has recently implemented a ton of new features in Purview, its regulatory compliance suite, to cover Copilot activities. But your teams need to know how to use these features (and if they’re enough for your requirements).

What’s CIO To Do?

As an executive, you want to get the most business value (with the least risk) for your investment. Planning your Copilot deployment can help you and your teams get the productivity advances Copilot promises while avoiding possible pitfalls. And helping your teams understand how Copilot can be best be used – for example (remember that training I mentioned before?), teaching them how to craft effective prompts – can jumpstart your deployments, and your productivity.

Bottom line: It’s early days for Copilot. There’s still a lot to learn. While the promise is huge, tread carefully.

I’d love to hear about your experiences: drop me a line at bbriggs@directionsonmicrosoft.com.

Related Resources

Microsoft: What Copilot’s earliest users teach us about generative AI at work

Microsoft makes Copilot generally available to enterprise, SMB and consumer customers

Podcast: Generative AI – Where customers need to look before they leap

Copilot prerequisites: Proper data hygiene and controls are essential (Directions members only)