Skip to main content
Version: 1.3.3

Managing policies

EasyLife provides the following policies for Microsoft Exchange Resources:

  • Ownerless resource: this policy is triggered when the EasyLife 365 Mail engine finds a Microsoft Exchange Resource without any owners
  • Minimum owner count: owners of the Microsoft Exchange Resource are requested to add additional owners if the minimum number of owners is not met
  • Confirmation: owners are requested to explicitly confirm the usage of their Microsoft Exchange Resource
  • Access Review: owners are requested to review the membership for a Microsoft Exchange Resource
  • Template: owners are requested to assign a template a Microsoft Exchange Resource
  • Guest: guests members are removed from a Microsoft Exchange Resource

How are policies structured?

Every policy has a trigger event that must be met. The EasyLife 365 Mail engine uses this trigger to verify if the Microsoft Exchange resource is compliant or incompliant. For example, it verifies if the number of owners is still the same (or higher) as required by the policy.

If the EasyLife 365 Mail engine identifies an incompliant rule, it marks the Microsoft Exchange Resource as incompliant and starts the notification workflow to the target audience (for example: the owners of the Microsoft Exchange Resource). You can specify how many reminders are sent to the owners and how many days to wait until a new reminder is sent. If the owners take action to remediate the group's compliance status, no further notifications will be sent.

If the notification period has passed and no feedback was provided by the target audience a policy action will be triggered. Policy actions differ depending on the policy and can be used in combination if required:

ActionDescription
DeleteThe resource will be deleted
NoneKeep the resource as is. Do not delete it. The email notification and webhook will still be triggered
Remove GuestsGuest members will be removed from the resource
Remove Non‑Owner PermissionsAll permissions, except for those of owners, will be removed
Email notificationAn email will be sent to the specified email address
WebhookTrigger an external service to notify that this event occurred, information about the group will be sent in the body of the webhook

Managing a policy

The Details section allows the administrator to define the Policy title and a description. At the bottom of the Details card the Policy can be activated. The EasyLife 365 Mail Engine only processes active policies.

danger

Selecting the Default checkbox applies this policy to all Microsoft 365 Groups without a policy assigned (or with an invalid policy) in the next EasyLife 365 Mail Engine scan.

The Default Policy

The default policy is applied to all resources that are provisioned but don't have an assigned policy. This is useful for all resources that are provisioned outside of EasyLife or resources that had been provisioned before EasyLife was deployed in your organization.

info

ℹ We recommend using templates with associated policies before enabling the default policy. Either manually assign policies to existing Microsoft Exchange Resource or gradually enable the default policy in your organization.

If the default policy is unassigned in EasyLife the policy assignment is not automatically removed from resources that don't have another policy assigned.

What happens with policies of archived or deleted teams?

If a Microsoft Exchange resource is deleted or archived; the EasyLife 365 Mail Engine clears the state of the policies for that resource. If a resource is restored, policies start from scratch. For example, a Shared Mailbox is deleted after 30 days of inactivity because it's owners didn't respond to notification emails. If the owners restore the Shared Mailbox, the confirmation and access review policies will again restart counting.