Categories
Endpoint Manager Intune MAM Microsoft 365 security

Intune MAM Exemptions – Discovering URL Protocols

In Microsoft Intune you can create a secure container where the data in your apps cannot leak outside of. That is, you can restrict copy/paste outside of the supported apps and restrict opening the data in a different app.

But sometimes you need to open the data in a different app and with the Intune Mobile Application Management (MAM) policy (also known as App Protection Policy, APP) in place you are restricted from doing so.

On Android adding the exception for apps is easy – its part of the URL to the app in the Google Play Store. For example to allow data to be sent to Google Maps you would look up the app URL (https://play.google.com/store/apps/details?id=com.google.android.apps.maps&hl=en&gl=us) and exempt the app in Intune MAM policy by using the ID value, so com.google.android.apps.maps in this case.

On iOS this is next to impossible. Microsoft in their article on this subject at iOS/iPadOS app protection policy settings – Microsoft Intune | Microsoft Docs and Data transfer policy exceptions for apps – Microsoft Intune | Microsoft Docs suggest this is done by contacting the app developer. I have had no success doing this, as often the app first line support has no idea what you are asking.

So here is how to get the URL Protocol, or more correctly speaking, the URL Scheme for the app. I think the first battle is in working out the correct terminology!

To get the information you need you have to have access to the ipa file that is the app on the iOS device. I use iMazing for this and my steps here are for the PC, but a Mac version is also available. iMazing is available for purchase on a per device basis but works on a short trial basis which might be enough time to do this for some of your obvious apps – buying a license to allow you do this as new apps get used or older apps change their schemes is a good investment.

Once iMazing is installed you need to plug in your iPhone/iPad to your PC. Ensure the apps you need are installed on the device.

An iPhone Displayed in the iMazing App

In the middle-right column there is an option called Manage Apps. This lists the library of apps you have on the device and the option to download the app to your PC. I am going to work through the process of getting the URL Scheme for Cisco WebEx Meet, which is the app Microsoft have in their documentation as well, as you can see from my app library below there appears to be two apps called “Webex Meet” – so lets see what is going on.

Viewing apps in iMazing

For each app you need to determine the URL Scheme/URL Protocol for, download the app by clicking the “cloud + down arrow” icon to the right of the app.

Downloading an app in iMazing

You will need to login to the Apple account ID used by the iOS device to complete this step.

Once I have downloaded the app the version number is displayed. I had previously downloaded Webex Meet 41.3.2 and the new download is version 41.3.3. So this is why I see multiple versions. The trashcan icon can be used to clean up your download folder. The arrow icon bottom right will give you an option to update all the downloaded apps to their latest version is new versions are available as well.

Once you have downloaded the app you can export the .ipa file for the app. This is done via the same arrow button bottom right. It will export the .ipa file for the selected app to a folder of your choosing.

Exporting the .ipa file for the selected app

Choose the folder to export to and then open that folder in Windows Explorer

The downloaded .ipa files in Windows Explorer

You can see the exported Webex Meet 41.3.3.ipa file in this folder, and the previously downloaded, and renamed, file as well. This rename is the next step. The .ipa file is just a ZIP compressed file, so add .zip to the end of the file name and open the compressed file. Don’t extract the contents of the file, as we are only looking for a single file in all the contents.

Inside the compressed file, navigate into Payload > AppName.app and find info.plist. Copy this file only out of the compressed file.

Inside the compressed .ipa file looking for info.plist

Once you have the info.plist file outside of the compressed folder, open this file in Notepad.

info.plist in Notepad

Now to search for the URL Scheme in this file. Search for CFBundleURLSchemes, and unfortunately you may see more than one of these. We know from the Microsoft documentation that they say the URL Protocol for WebEx is wbx and we see this value as a <string> under <array> under <dict> where <key> is CFBundleURLSchemes

CFBundleURLSchemes in the info.plist file

The <string> value is the URL Scheme, and so for WebEx is is wbx. The value is found under Key=CFBundleURLName, Key=CFBundleURLSchemes, String=. At this point it is all down to testing on the device. So add the most likely string to Intune MAM policy exceptions and wait for that to sync to the phone (browse to about:intunehelp in Edge Browser on the device) and click View Intune App Status

Then select an app, for example Outlook, from the scroller at the top and scroll down to ProtocolExclusions near the bottom – once your new addition is listed here you can test to see if you can open the new app from a link in the source app:

For example, in the above I have the following URL Schemes added as well as some I am still testing:

  • zoomus = Zoom
  • gmeet = Google Meet
  • bjn (or bjn-intunemam or bjn-a2m) = BlueJeans
  • mobilepassplus = Mobile Pass+ from Thales
  • com.mimecast.mobile.saml = Mimecast
  • pdfe-callback (or pdfe2int1 or pdfefile) = PDF Expert

It is still a bit hit and miss once you have info.plist, but you have a list of values for the URL Protocol that you can test against now.

Categories
AIP Microsoft 365 Office 365 sensitivity labels

Removing a Default Sensitivity Label

In Microsoft 365 Sensitivity Labels you can have a label policy that requires that all content is labelled. If you enable this and then later decide this is not for you, you can republish your label policy and disable the default label and the require label policies.

That is, your settings start like this:

Policy settings before change

And then you change the settings in the label policy and you end up with these settings, which are published to the end users upon you saving the changes to the policy:

Policy settings after the change

As you can see from the before/after screenshots, the label required by default on documents has gone from Confidential to None.

But I have found sometimes this changes does not take full effect! You can only see it though if you look in PowerShell for this policy. The PowerShell module to use is the Exchange Online Management module (Install-Module ExchangeOnlineManagement if you don’t have it already) and then run Connect-IPPSSession to connect to the Microsoft 365 Protection Center. Once connected run Get-LabelPolicy and then (Get-LabelPolicy <name_of_your_policy>).Settings to return the settings.

If I get the settings as above before I remove the mandatory requirement for a label I see:

[requiredowngradejustification, true]
[mandatory, true]
[defaultlabelid, be5e9727-67cc-4056-a87b-1dbbf67b7b9b]

Where the DefaultLabelID matches the GUID for the default label (Get-Label GUID should return the label that is the default).

But, once I remove the mandatory label and the default label, the “mandatory” setting should change to false and the “defaultlabelid” should be removed.

If the defaultlabelid does not get removed and the users do not see the policy change pushed out then it time for PowerShell to the rescue.

Set-LabelPolicy <Name> -AdvancedSettings @{defaultlabelid=""}

The above cmdlet changes the named policy label to remove the defaultlabelid value. Once you have run this, (Get-LabelPolicy <name>).Settings should not show the requirement for a default label.

Categories
Azure Active Directory AzureAD exchange exchange online EXO Microsoft 365 Uncategorized

Why Do Comments In Microsoft 365 Planner Disappear?

So first you need an Exchange Online mailbox for comments to work. Comments to the tasks of Plans are stored in the Microsoft 365 Group mailbox, and you need an Exchange Online mailbox to access the M365 Group mailbox.

Behind the scenes, or actually not that behind the scenes, the process for comments is as follows.

  1. Create task
  2. Add comment to task – this places a new message in the Microsoft 365 Group that underlies the Planner.
  3. You can add more comments – the underlying message in the group is modified – this is where the comments are stored.
  4. You can reply to the message in the Microsoft 365 Group, and this adds a new comment
  5. You can add a new comment to the message in the Microsoft 365 Group. This adds a new comment.
  6. You can reply to the message you are sent in your inbox when someone replies to your comment – this adds a comment
  7. You can click the Green box in the group thread or the link in the notification email and this opens up the planner task in a new browser window and then you can reply. This adds the reply to the message in the Microsoft 365 Group.

Whatever you do though, you must not delete the underlying message in the Microsoft 365 Group as this is where the comments are stored. If you delete the message all the comments disappear. The next comment you add after deleting the message creates a new message and this then stores the entire new thread of future comments – the old thread is gone and so are the old comments in Planner.

Replies to notifications based of the old thread are not added to the task. The old comments are still visible in the notification emails, just not in the Plan!

This might be hard to explain, so lets also try it in pictures:

  1. I have two tasks in the Element Plan (which means I have an Microsoft 365 Group/Team called Element). The Plan is called “Test For Comments” and the two tasks are “Task 1 For Adding Comments” and “Task Two”
  1. Inside Outlook I open the Groups > Element group
  1. I have three messages here – this is because I deleted the message that originally appeared for “Comments on task ‘Test 1 for Adding Comments’”. If all the correct though I should have ONE MESSAGE PER PLAN. I can now only reply to the working thread. If I reply to the thread belonging to a previous delete it will not update the comments.
  2. If I reply to “Task Two” it works – this thread was never deleted
  3. If I reply to one of the “Task 1…” threads it gets added to the plan
  1. Note – no #8 visible here, but #8 appears in the top message thread in the Outlook screenshot
    Only if I reply to the other thread do I get a new comment.
  2. How did I end up with two threads? One was deleted in Outlook and then later I replied to the notification belonging to that conversation from my inbox. In the interim I had added a new comment in Planner and generated a new thread.

Lets intentionally break it!

  1. I have this in Planner:

    This contains replies numbered 4, 6, 7 and 9.
  2. In Outlook I delete the thread that shows #7
    1. Before
    2. Deletion warning – I cannot get this message back
    3. Item gone

  3. What does Planner look like

    Comments are gone! I deleted them and I confirmed the “permanently deleted” prompt. The data is lost.
  4. If I go into my Inbox and find a notification AND CLICK THE LINK in the notification, Planner opens and I can add a comment – a new message is created. I have edited the Plan directly in the browser

  5. If though I REPLY TO THE OLD EMAIL NOTIFICATION IN MY INBOX I get a reply to the old thread (which was deleted). As this old thread is NOT now the master for comments, any reply to this thread is out of date and though I can see the old comments here, if I reply to it the Plan will not be updated.

Comments with “From:” or “Sent:” will also fail – this is covered in the Planner support article at Comment on tasks in Microsoft Planner – Office 365

Other reasons, though more complex than the above, for comments disappearing in Plans is that the email routing for the comment is being sent to the wrong place. For example if you have a mail flow rule for hybrid or an external system (for example cloud signature software) and the messages to the group are being routed outside of Exchange Online then they will fail to deliver. You can check this in the Message Trace functionality and see if the messages are being routed outside of the service and then you need to fix your mail flow rules.

Categories
exchange exchange online Microsoft 365 Office Office 365 Raspberry Pi

Microsoft 365 From A Raspberry Pi 400 Personal Computer

So my new computer arrived today, its a keyboard and a few cables, and as my first computer was a ZX Spectrum when I was 14, this brings back a few memories.

New boxed Raspberry Pi 400 PC kit

But, is it usable today with services such as Microsoft 365? Lets see…

First, the actual computer is in the keyboard, but its smaller than a standard PC sized keyboard. Indeed the manual the comes with it! is almost as big and heavier than the computer.

The manual, the Pi Keyboard (white) and a standard PC keyboard (black)

Plugging it in was easy, and once connected to the monitor and powered on it runs through a first use series of steps. With all that out of the way and the latest updates downloaded and installed the device rebooted and I logged in.

Cables everywhere. It supports WiFi as well so I could have avoided the purple Ethernet cable

Starting the web browser is easy – there is an icon top left and Chromium opens. Logging into Office 365 via https://office.com is as you would expect, though some of the fonts used are not present and so the login screen looks slightly wrong.

From Office homepage I clicked Teams icon and it presented me with the below – an offer to install the Teams Linux client and two choices, Linux DEB or Linux RPM.

Teams on Pi and an offer of two installers though neither of these work on an ARM processor

Neither of these work with ARM based Raspberry Pi computers though, so need to use the web application. Also from the Teams perspective, there is no built in camera or microphone, but it did only cost £95 for the entire kit. A Bluetooth microphone might connect, but I don’t have one to hand to test with. Any USB microphone would work and a USB camera, with a microphone, can be enabled with a few commands run at the prompt.

Enabling video with the fswebcam installer

Chromium comes with the uBlock Origin extension enabled, which blocks some functionality in Teams such as notifications. I just turned off the EasyPrivacy list for the rest of my introductory testing and not a lot was blocked after that.

Outlook Web App, Word etc all worked efficiently though slightly slow for my preference, but again – its a sub £100 computer.

When using Office in Chromium it offers to add a link to the desktop – this adds the Office icon and then Office appears like an app, though its only Chromium. This is a nice feature akin to Chromebooks.

Office icon on the desktop and Office open and not looking like its really a browser

This functionality is not limited to Office, for example in Outlook Web App I can choose to “Install Outlook” from the three dots icon top right of the browser. This opens Outlook as a separate web app and adds an icon to the desktop like Office got when I opted to “pin” Office when prompted to do so in that web page.

Install Outlook menu item in Chromium when OWA is the open tab
Install App confirmation
Outlook – on the Raspberry Pi

So that will do for now – everything else I can do in the Raspberry Pi for Microsoft 365 is generally as I can do it in any of the web apps on any platform.

Categories
Microsoft 365 Office Office 365 Outlook

Deploying Zoom Add-In To All Outlook Users

With the sudden change in working practices, a (large) number of companies has start to use Zoom as their video conferencing software. Though this software is not from Microsoft, that does not stop an Office 365 or Exchange Server administrator helping their users out in terms of scheduling Zoom meetings via an add-in in Outlook.

On the Zoom website the user can download and install their own add-in and the Zoom application, but the steps below will push the Outlook add-in to all users (or all Zoom users if you have a group containing just these users).

These steps are run from the Office 365 Admin Center and not from Zoom, and they push the add-in to Outlook without end end-user interaction

To deploy an add-in, and in this case the Zoom Outlook add-in, first go to the Microsoft 365 Admin Center at https://admin.microsoft.com/.

Click Show All on the left and then select Settings > Add-ins from the expanded menu.

In the Add-In main page click + Deploy Add-In.

Deploy Add-In Screen
Deploy Add-In Screen

This screen outlines the Centralized Deployement service for Office Web add-ins. These add-ins work across the web version of the application, the desktop versions (PC and Mac) and in some cases the mobile version as well. The important thing to learn here is that they are not just for the web version, so not just for OWA. In the context of the Zoom add-in, on the Zoom website it says the add-in only works in Outlook for the Web (OWA), and this is not correct.

Click Next and click Choose from the Store as shown:

Choose from the Store
Deploy A New Add-In Screen

You will now see a list of all the add-ins in the Microsoft Store (once you have logged into the Store if you needed to do this).

Add-In Store
Select Add-In From Store

As we are discussing the Zoom for Outlook add-in at this point, type Zoom in the Search box.

Zoom for Outlook Add-in In the Add-In Store

Click Add next to the Zoom for Outlook add-in. Then accept the licence terms and privacy policy shown to you as shown below. If you click on the title of the add-in then you see a description of the add-in and can complete deployment from that screen.

Zoom Add-In Terms and Conditions
Zoom for Outlook License Terms and Privacy Policy
Zoom for Outlook Details
Zoom for Outlook Details

If after clicking Add and accepting the licence you get a correlation error similar to that shown, it means the add-in was already deployed. There is a bug in the new Admin Center that does not show existing deployed add-ins and you need to go to the old old Office 365 admin center (switch the slider top right) and search for the add-in:

Configure Add-In Error
Configure Add-In Error
Add-In Shown in Old Admin Center
Zoom for Outlook Add-In Shown in Old Admin Center

If you had no error on deploying the add-in, then you will be asked who to deploy the add-in to. The options are to Assign Users and choose all or some of the organization and also the Deployment Method and Fixed, Available or Optional. This last option controls whether the add-in is deployed for the user to the ribbon in the Office application and they cannot remove it (Fixed), where the user can choose to add the add-in to the office app (Available), or where the add-in appears on the application ribbon, but the user can remove it (Optional). This is shown below:

Configure Zoom for Outlook Add-In
Configure Zoom for Outlook Add-In

Select your user and deployment options. For users, any group cannot be a nested group and the requirements for groups is covered in the documentation. For this blog post I selected Everyone and Fixed. Click Deploy to start the deployment to the users.

Deploy Zoom for Outlook
Deploy Zoom for Outlook

The listed time is dependent upon the number of users in your deployment scope or your Office 365 tenant. You will get an email upon completion.

Once completed the add-in appears in the Office application. In this particular case, Zoom for Outlook appears in the New Appointment window in Outlook.

If you deployed the add-in as Available then the user needs to click the Get Add-In button in Outlook to install Zoom as shown:

Admin Add-Ins
Admin Add-Ins

Once the add-in is deployed, it will appear in the New Appointment screen as shown (on the right):

Zoom for Outlook New Appointment
Zoom for Outlook Add-In in New Appointment

Clicking the Add a Zoom Meeting button will present a dialog box where you can login with your Zoom account or if you have set up Zoom as an Enterprise Application then click the Sign in with SSO button.

Zoom for Outlook Add-In Login

In the below screenshot, Outlook Appointment shows the Zoom meeting details automatically added. The HTML view for the meeting details is an option available in your Zoom account settings, as is the location for your audio dial in settings (here shown as UK) as you don’t get to choose these options per meeting as you can do when meetings are made via the web browser on the Zoom site.

Zoom Meeting Created

The Settings button on the tool bar allows you to control other meeting settings such as Meeting ID (personal or auto-generated), password or not!, and video and audio settings for the meeting.

Zoom for Outlook Settings
Zoom for Outlook Settings

To edit the Add-In deployment you need to visit the old Microsoft 365 Admin Center (switch off “Try new admin center” to top right of admin center). From here you can adjust the status of the add-in and who it is deployed to, as well as removing the add-in.

Zoom for Outlook Add-In Settings
Zoom for Outlook Add-In Settings (old Office 365 Admin Center)

Finally, for info, the Teams Add-in to do the same thing in Teams is automatically added to Outlook if you have the Teams client installed and your deployment option is not Skype for meetings – for example if you are in Islands Mode you will be able to see both Skype and Teams buttons in Outlook!

Categories
Live Event Microsoft 365 Microsoft Teams Stream Teams

Microsoft Teams Live Events For Running a Church Service

Or, how to run a Microsoft Teams Live Event with average technical capability presenters, or how to run a Microsoft Teams Live Event for events that you would not normally consider this service for!

So with this title and alternative titles in mind we are going to look at how I set up and ran a Microsoft Teams Live Event for a weekly church service because access to the church building was closed due to social distancing because of the SARS-CoV-2 (Covid-19 Coronavirus global outbreak). The previous week at church we ran a YouTube live streaming event as we could get access to the church building and we needed five people to put the service together (preacher, piano player, camera operator, sound desk and computer [for hymn words] operator). The second week of self isolation, government rules made this method of live broadcast impossible. So we turned to Microsoft Teams Live Events.

Microsoft Teams Live Events requires an Office 365 E3 or higher licence. The other requirements are that the producer(s) role and the presenters need to install Microsoft Teams and have a login to your tenant, but the attendees do not need a licence at all (as this particular Live Event will be open to anonymous attendees).

So how do we put this together:

  1. Set up the live event and a practice live event (as you cannot reuse a live event twice, so set up at least one practice event as well)
  2. Publish your event on your church website, and if interested use a URL shortening service that you can update (we use https://rebrand.ly) as this gives you click count and geo-location of the audience. Our first live event had attendees in India, northern Africa, and North and South America (as well as the UK where the church is based).
  3. Have all presenters arrive early to the live event (we went for 30 minutes) and aim to go live around 10 minutes before the actual event
  4. Have a collection of presenters for different roles – in social isolation it is of great benefit to see many different people taking part in the church event rather than it being run by one preacher
  5. Audio is open from all presenters unless they are muted – this allows the attendee to hear more than one person in different locations at the same time – this allowed us to have a pianist 15 miles from the person displaying the hymn words on the screen.

Create a Teams Live Event

To create a live event open the Teams app or website and go to the Calendar component.

To the top right, click the down arrow next to New Meeting and choose Live Event:
image

Fill in the details for the Live Event. This will include a title, a location (which we will leave blank due to self isolation!) and a start and end time. The start time should not include the pre-show preparation by the presenters and does not need to include time for the pre-event greeting which we will discuss below. So in our example here, church starts at 10:30am on a Sunday so that is the start time for the event.

Also invite the presenters. You can come back and edit this information later and add and remove presenters as the event information changes regarding what and who is going to be involved in the event.

image

Click Next and then select your audience. In our case this is an anonymous audience:

image

Scroll down in the New Live Event dialog and ensure that you select Recording available to all attendees (this allows attendees to watch the event at a later time on the Teams Live Event URL). Ensure that you pick the translations that support your expected audience and choose the Audience Engagement Report to be able to download a list of attendees who signed in after the event.

image

Click Schedule to create the Live Event. This sends the invitation to your other presenters and producers.

You then see the following dialog:

image

From the above you grab the attendee URL, which we will use in the next section and also from here you can edit the live event. You can return to this dialog box if you open the event later from your calendar in Teams (remember to show “Whole Week” from the calendar view as it just shows “Working Week” by default).

URL Shortening

Your live event is now created and its time to tell the audience how to get to the event. The below is what the Teams Live Event URL looks like (this below will not work):

https://teams.microsoft.com/l/meetup-join/19%3ameeting_ZDA5OWZhNDYtYzdlMS00ZWXxXxXxXjYtZTc4NzJjNDc1NDJk%40thread.v2/0?context=%7b%22Tid%22%3a%22046f8910-0ef6-412a-xxxx-yyyyyyyyyyyy%22%2c%22Oid%22%3a%224bd86ae6-7fa8-470e-8578-59214991d892%22%2c%22IsBroadcastMeeting%22%3atrue%7d

We used a URL shortening service where we could send the attendees a single URL that we updated the target of each Friday or Saturday. We do not update the URL shortener link earlier in the week as the attendee can click the link after the Sunday and watch the event again or maybe for the first time. We did not use Bitly for link shortening as we could not update the link target without buying an expensive package.

So our church service can be reached at https://rebrand.ly/wrbcliveevent. We also placed this link on our website and wrote instructions on how to connect to the event and this is at https://wrbc.org.uk/live/ so that the user has some advice on how to connect as well (for example, mobile apps need the Teams app installed, but PCs can view the event in a modern browser).

Presenter Practice

I highly recommend running a presenter practice. In our example of a church service we wanted the ability to play music via a keyboard and to wire that keyboard into the PC that was running Teams. During practice for the first week we were unable to do this because of a suspicious device driver that impacted the ability to connect in a audio source via Line In. So in practice we decided just to place the PC near the piano and audio quality was acceptable but not great. We left this to fix for the second week!

Presenter practice also allows each presenter to get familiar with the application and what they see on the screen. For example in our case I as the producer was also sharing my second monitor to show the hymn words in our projection software (not PowerPoint). Each presenter could see my second monitor image large and the live view quite small (as can be seen below) which caused some questions during the rehearsal, and I as the producer could see something else (producers can see the live screen and the queued video image).Screen Shot 2020-03-26 at 17.05.16

Above is an example of what a presenter can see when the producer is sharing content. You can see the minature video streams for the other presenters and the yellow “pre-live” notice. Once the session goes live (again this was a practice session), the presenters can see the following:

Screen Shot 2020-03-26 at 17.37.22

Now there is a red “live” notice on the control bar and the image that is live is shown boxed in red.

On the producers screen they can see each video feed at the bottom and have the ability to share an app or desktop. During practice we shared the second desktop with the plan to run our hymn projection software (Zionworx) but as this has a control application on screen one and display on screen two it was too busy to try and do that and the Teams live meeting production – so during rehearsal we decided to have all the hymns and other slides (welcome, sermon, notices, reading and exit slide) as a single PowerPoint with presentation viewer option turned off (so running only on the second screen and press enter to move to next slide). This is what the producer could see:

image

Here you can see we are pre-live (yellow) and we can see the final attendee view to the bottom right as well as each video feed and the mute status of each presenter – the producer can mute (but not unmute) presenters. The content (producers second screen) can be seen on the right of the video feed screens.

Going Live

The plan for the live event was that all presenters would be online 30 minutes before the service start time, and that at 10:20 (10 minutes before start time) we would “go live”. At this point all presenters where muted and ensured the holding slide in PowerPoint was displayed on the right-hand view. It looks like this:

image

To get the PowerPoint presentation as a valid source of data you click the Share button on the bottom row and choose the application to share. We decided during the practice that we would share only PowerPoint and have a single slide desk for the whole service rather than sharing individual different presentations. The slides where structured in order, notices and hymns as required. We did not use PowerPoint Presenter View, as that would appear on the monitor that Teams Live Event controller was running on. So in turning off Presentation View all I needed to do was Alt+Tab between the Live Event (Teams app) and PowerPoint and press Enter to move to the next slide in time with the pre-planned order of service.

At five minutes to the start the pianist unmuted her Teams client and started to play some music. This ensured that attendees could both see and hear audio – we briefly swapped video feed to the pianist so that people knew they should be hearing something. This meant that attendees could be sure they were looking at the pre-start notice and that their volume was up.

At 10:29am we went live (there is about a minutes delay to the attendees but real time between the presenters, so this meant we started on time!)

To go live we clicked the Content option on the bottom row – this added it to the Queue (left larger video window) and we clicked “Send live” to place it on the right. We then clicked the video feed of the service leader and this added him to the Queue – this is what you can see above. At the start time we just clicked “Send live” – the pianist stopped and muted herself, the leader was unmuted in advance (but kept quite) and the producer (my role) used hand signals to indicate they were live – the leader and I were about a mile apart, the preacher was eight miles away and the pianist 15 miles away – hand signals via my video feed worked great as a way to communicate.

As each part of the service progressed, I added the next video or PowerPoint content to the queue on the left and sent it live as I needed to.

Finishing and Downloading Recordings

The service went fine, a few people had issues connecting that we later worked out to be issues installing apps on phones (no Apple account set up or credit card saved with Google, and both of these stop you installing any app) and one person had issues with Internet Safety software blocking the Rebrandly URL shortner service! We recommend that you get people to attempt to join the service in the days before Sunday so that they can follow up issues that they have rather than trying one device at the start time on the Sunday and giving up disappointed that it did not work for them.

Once the service finished we placed the final thank you slide on the screen and stayed muted for about 1 minute and then clicked “End”. This finishes the live event and after this point it cannot be restarted – so you need to confirm you really want to end the event. Don’t click Leave at the top as that pauses the event if there are no producers online.

The automatic recording is stopped and all the presenters can talk freely. We each left the meeting and a few hours later I came back and downloaded the recording along with the attendance engagement report. This showed the times people connected and who had a dodgy connection and kept needing to reconnect. If the user is logged into Teams it shows the username as well.

The video stream was then uploaded to our YouTube channel so that anyone who could not connect still had a way to listen to the service, though not in real time.

Now all ready to repeat this next week! And each week until self-isolation in the UK is lifted…