Portal – Sentry Release


The Sentry Portal release was implemented as planned on the evening of 21/04/2021 with new functionality and bug fixes.

New Functionality

44400- EXO :: Update hangfire job for Security group

The implementation of the PBI allows an organisations calendar permission security group to be updated correctly, accounting for Exchange Online users. Where this is active for an organisation after implementation group membership will now be successful for Exchange Online users.

Note: This hangfire job is currently disabled, meaning the functionality of this PBI will not be available currently.  This is due to performance issues observed in Model Office.

44613 – EXO :: Add M365 E3 licence to the NHSmail portal

This PBI facilitates, M365 Licence should be available under base licences to assign through the NHSmail portal. The application mappings and toggles will behave in the same way as an E3 licence. The portal will be able to assign an M365 licence to a user successfully in accordance with the toggles in the user policy. When assigning an M365 licence the larger mailbox setting if turned on will give the user a 99GB mailbox size.

45378 – EXO : Update AUP Sync Job to better handle errors

The AUP Sync job currently batches changes and executes a batch of 250 at a time. However, when a failure within a batch occurs the batch as a whole fails and the rest of the users and not processed. As per this PBI the logic needs to be updated so that when a user fails within a batch, the user is removed from the batch and the rest of the users are then processed.


35674-Enforce MFA via AD Security Group

New AD security groups are created, and users will be added to those groups according to their roles assigned in the portal. Below are the new groups added. A hangfire job will be there to update the groups when users are added to the roes.






All_ATP_Local_Admin – All users with ATP Admin roles


All_ATP_SOCReporter (including X26)

All_ATP_Controller (including X26)

All_ATP_Manager (including X26)



There is a new AD Security group added to include all users enabled with WVD (Windows Virtual Desktop). The new AD Security group is MFA_WVD, it will be child of the parent MFA_Required group. All users in this group will be managed via Service request (post initial sync) until the feature via Portal is released into Production (#47647).

40521-Add an ability for guest inviter role to delete/restore guest users via Portal

This PBI facilitates guest inviters to have an ability via Portal to remove guest users from guest users view screen. Also, there needs to be an ability to restore such users from recycle bin

42763-Self-Enrol for MFA

This PBI is to give user a functionality to enable MFA for himself. The ‘Self enrol MFA’ button will be available to user in the profile page when he is not already part of any other roles where MFA is enabled.

18066-Expose Teams Creation to non-admin Portal Users

This new functionality provides Non-admin users on the NHSmail portal the ability to create a Team through the portal. This flow includes creating a Teams request and approval from LA of organisation, once approved, Teams will be successfully created.

40133-Teams usage report

Teams usage report is a new Office 365 usage report which will be available at local org as well as platform wide to report Teams user activity aggregated over a period.

43455-MFA Consumed Licenses exceeds Organisation’s MFA Licence Limit

This PBI is to remove the MFA limit from org properties so that this no longer gets applied on any of the existing organisation/users. Also, any restrictions related to the MFA limit is also removed.

43470-Hide Teams Email Addresses by Default

This PBI is the extended functionality to the pbi 18066 where the email address for that team will be marked as hidden with the Exchange address list during the creation of the teams.

47508-Increase ATP Group membership limit to 250

This PBI aims at increasing the ATP Group membership limit from 25 to 250. This will be applicable for all local and national (SOC) ATP groups.

Bug Fixes

42605 – Prod : EXO users going into a status of ‘Deleting’

This will apply to users going forward, once the azure sync job is run the user in deleting status should be moved to Delete state.

42964 – Prod : EXO users going into a status of ‘restoring’

This will apply to users going forward, once the azure sync job is run the user in restoring status should be moved to Active state.

43217 – Prod : If an organisation has more than one O365 subscription of the same licence type, user policy fails to create if any subscription of that licence type is selected

After the bug fix, when a user policy is created where an Organisation has more than one of the same licence types, the user policy should not error out.

45162 – Sprint 152 : MO: Row selection not working on User Details> User Policy selection page.

After the bug fix, as admin when try changing policy for a user via User details page row selection should be possible on policy selection page, the way it is on any other pages e.g. user picker pages for adding users into DL, policy etc.

45429 – Alias not captured on User rename if error encountered

After the bug fix, upon a MS error, the user is updated, however there should have audit entry and their old address should get added as an alias

46252 – Apps for Enterprise Add-on Licence app not being applied

After the bug fix, the AfE licence should be successfully being applied after any action performed like user policy update or a blank user update.

43411 – Prod :: Unable to update E1 policy with Apps for Enterprise

After the bug fix, user should be able to update a user policy when the policy has an E1 licence along with the Apps for enterprise top up licence.

41518 – No audit record is given when a team is deleted via the Teams Account Status Sync job

A fix is given to capture audit when the teams is deleted via teams account sync job and will be available in the audit tab in the portal.

41564 – Office Phone Number Allowing to bypass validation on update

The validation present for Portal UI for the phone number field is implemented for updates through API as well.

46204 – User Policy Won’t Open Within Portal

Few user policies were not loading in the Portal, a fix has been put to rectify that.

45592 – Production: Account is active in Portal but disabled in AD and in deleted user in Azure AD

A fix has been put in to maintain the same status of the users throughout all the places – Portal, Azure AD and AD.

46357 – Production- Admin is allowed to load shared mailbox details in edit user page and perform updates

Users were able to edit SMB when directly loaded through URL by giving SMB name, a fix has been given to avoid that edit.

46404 – Sprint 155: 42763: When a Admin role is added to Self-enrolled MFA user, the user is not getting added to Admin’s AD group

Fix given for an internal bug raised as part of sprint related to 42763

45223 – Rangoon Prod: OneDrive consumption report is giving error

In Production OneDrive consumption report is throwing an error. A fix has been given to rectify that error.

back to top