Syskit Point
Schedule a DemoStart a Free TrialContact UsProduct Site
  • Syskit Point
  • Releases
    • Syskit Point Cloud
      • May 27, 2025
      • May 13, 2025
      • May 06, 2025
      • April 29, 2025
      • April 22, 2025
      • April 08, 2025
      • April 01, 2025
      • March 25, 2025
      • March 18, 2025
      • March 11, 2025
      • March 04, 2025
      • February 25, 2025
      • February 18, 2025
      • February 11, 2025
      • February 06, 2025
      • January 28, 2025
      • January 22, 2025
      • January 14, 2025
      • January 02, 2025
      • December 17, 2024
      • December 10, 2024
      • December 03, 2024
      • November 26, 2024
      • November 19, 2024
      • November 05, 2024
      • October 29, 2024
      • October 22, 2024
      • October 15, 2024
      • October 08, 2024
      • October 01, 2024
      • September 24, 2024
      • September 18, 2024
      • September 02, 2024
      • August 26, 2024
      • August 20, 2024
      • August 12, 2024
      • August 06, 2024
      • July 29, 2024
      • July 23, 2024
      • July 02, 2024
      • June 18, 2024
      • June 04, 2024
      • May 21, 2024
      • May 09, 2024
      • April 23, 2024
      • April 9, 2024
      • March 26, 2024
      • March 12, 2024
      • February 22, 2024
      • February 06, 2024
      • January 19, 2024
      • January 18, 2024
      • December 19, 2023
      • November 30, 2023
      • November 15, 2023
      • November 2, 2023
      • November 2, 2023 - Announcement
      • October 17, 2023
      • October 3, 2023
      • September 21, 2023
      • September 14, 2023
      • September 7, 2023
      • August 23, 2023
      • August 9, 2023
      • July 26, 2023
      • July 12, 2023
      • May 16, 2023
    • Syskit Point Data Center
      • Syskit Point 2025.2
        • Syskit Point 2025.2.91
        • Syskit Point 2025.2.90
        • Syskit Point 2025.2.86
        • Syskit Point 2025.2.82
        • Syskit Point 2025.2.78
      • Syskit Point 2024.6
        • Syskit Point 2024.6.73
        • Syskit Point 2024.6.71
        • Syskit Point 2024.6.70
      • Syskit Point 2024.5
        • Syskit Point 2024.5.67
        • Syskit Point 2024.5.65
      • Syskit Point 2024.4
        • Syskit Point 2024.4.60
        • Syskit Point 2024.4.54
        • Syskit Point 2024.4.52
      • Syskit Point 2024.3
        • Syskit Point 2024.3.48
      • Syskit Point 2024.2
        • Syskit Point 2024.2.45
      • Syskit Point 2024.1
        • Syskit Point 2024.1.43
        • Syskit Point 2024.1.41
      • Syskit Point 2023.5
        • Syskit Point 2023.5.39
      • Syskit Point 2023.4
        • Syskit Point 2023.4.1
        • Syskit Point 2023.4.0
      • Syskit Point 2023.3
      • Syskit Point 2023.2
      • Syskit Point 2023.1
        • Syskit Point 2023.1.3
        • Syskit Point 2023.1.2
        • Syskit Point 2023.1.1
        • Syskit Point 2023.1.0
      • Syskit Point 2022.5
        • Syskit Point 2022.5.1
        • Syskit Point 2022.5.0
      • Syskit Point 2022.4
        • Syskit Point 2022.4.1
        • Syskit Point 2022.4.0
      • Syskit Point 2022.3
        • Syskit Point 2022.3.1
        • Syskit Point 2022.3.0
      • Syskit Point 2022.2
        • Syskit Point 2022.2.3
        • Syskit Point 2022.2.2
        • Syskit Point 2022.2.1
        • Syskit Point 2022.2.0
      • Syskit Point 2021.12
      • Syskit Point 2021.11
      • Syskit Point 2021.10
      • Syskit Point 20
      • Syskit Point 19
        • Syskit Point 19.0.2
        • Syskit Point 19.0.1
        • Syskit Point 19.0.0
  • Requirements
    • Permission Requirements
    • Change Log
  • Set Up Point Cloud
    • Overview
    • Free Trial
    • Free Trial Limits
    • Manage Syskit Point Subscriptions
  • Set Up Point Data Center
    • Deployment
      • Overview
      • System Requirements
      • Deploy Syskit Point
      • Connect to Microsoft 365 Tenant
      • Set Up Custom Domain and SSL Certificate
      • Upgrade Syskit Point
      • Azure Networking
    • Activation
      • Activate Syskit Point
      • Free Trial Data Center
  • Licensing & Activation
    • Licensed Users Count
    • Activation Privacy Statement
  • Get to Know Syskit Point
    • The Syskit Point Starter Kit
    • Navigate Through Syskit Point
    • Collect Microsoft 365 Data
  • Microsoft 365 Inventory
    • Microsoft 365 Inventory Overview
    • Explore Your Microsoft 365 Dashboard
    • Sites
    • Microsoft Teams & Groups
    • Users
    • Copilot Readiness
    • Power Platform Reports
  • Configuration
    • Syskit Point Configuration Guide
    • Assign and Manage Access to Syskit Point
    • Enable Microsoft Teams Activity Tracking
    • Configure Storage Management in Syskit Point
    • Set Up E-Mail
    • Connect Service Account
    • Customize Audit Logs Collection
    • Upgrade SQL to Managed Identity Authentication
    • Enable Power Platform Data Collection
    • Enable Power BI Data Collection
    • Ignore Service Account Activity Tracking
    • Customize License Reports
    • Customize E-Mails
    • Report Data Limits
    • Turn On Auditing
    • Exclude Users from Receiving Governance Tasks
    • Customize Dashboard
    • Customize Syskit Point Appearance
    • Configure Your Environment for Storage Management
    • Save Custom Views
    • Audit for Syskit Point Settings
    • Manage Connection
  • Reporting
    • Overview
    • External Sharing Reports
    • Access Reports
    • Audit Reports
    • Cleanup & Health Reports
    • Licenses Reports
    • Analytics Reports
    • Sensitivity Labels Reports
    • Power Platform Reports
    • Power BI Reports
  • Storage Management
    • Storage Management Overview
    • Free Up Storage
    • Storage Reports
    • Limit Storage Usage
    • Storage Versioning Limits
  • Governance & Automation
    • Syskit Point Tasks
    • Access Review
      • Enable Automated Access Review
      • Create and Apply Access Review Policies
      • Modify Access Review Options
      • Monitor Access Review in Syskit Point
      • Manually Request Access Review in Syskit Point
    • Lifecycle Management
      • Lifecycle Management - Deprecated
      • Identify Inactive Workspaces
      • Enable Lifecycle Management Automation
      • Monitor Lifecycle Management Tasks in Syskit Point
      • Run Lifecycle Management Actions in Syskit Point
    • Policies
      • Set Up Policies
      • Rules
      • Blocked Users with Assigned Licenses
      • Inactive Guest Users
      • Inactive Workspaces
      • Minimum Number of Owners
      • Maximum Number of Owners
      • Orphaned Workspaces
      • Orphaned Users
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
      • Apply Policies
      • Upgrade to Rules
    • Security and Compliance Checks
      • Security and Compliance Checks
      • Inactive Workspaces
      • Orphaned Workspaces
      • Inactive Guest Users
      • Blocked Users with Assigned Licenses
      • Workspaces with Not Enough Owners
      • Orphaned Users
      • Workspaces with Too Many Owners
      • Tenant Storage Limit
      • Workspaces with Too Many Members
      • Workspaces with Shadow Users
      • Private Workspaces Shared with Everyone
      • Workspaces Without a Sensitivity Label
    • Provisioning
      • Set Up Provisioning
      • Enable or Disable Provisioning
      • Register Yammer App
      • Enable Sensitivity Labels
      • Restrict Microsoft 365 Groups Creation
      • Templates
      • Content & Structure
      • Configure Provisioning Failure Notifications
      • Approval Processes
      • Approve/Reject Requests
      • Manage Requests
      • Hide Workspace Name
    • Access Requests
      • Set Up Access Requests
      • Create Access Requests
      • Apply Access Requests
      • Approval Process
    • Metadata
      • Manage Custom Metadata
      • Request Metadata Review
      • Monitor Metadata Review
    • Sensitivity Review
      • Request Sensitivity Review
      • Monitor Sensitivity Review
    • Privacy Review
      • Request Privacy Review
      • Monitor Privacy Review
    • Syskit Point Teams App
    • Schedule Reports
    • Configure Alerts
    • Manage Sensitivity Labels
  • Access Management
    • Track Microsoft 365 External Users and Their Activities
    • Check Access for Specific Microsoft 365 User
    • Copy User Permissions
    • Delete and Restore Users
    • View Permission Changes in Microsoft 365
    • Supervise Microsoft Teams Private Channels
    • Manage Private Channels Access
    • Complete Power Platform Actions
  • Integrations
    • Overview
    • Syskit Point API
    • Webhooks
    • Examples
      • Webhooks
      • ServiceNow
      • Jira
  • FAQ
    • Security
    • Security Self Assessment Questionnaire
    • Storage Management
    • Free Trial
    • Licensing
    • Activation
    • Purchasing and Discounts
    • Customer Terms
    • Privacy and Compliance
    • Partner Program
    • Site Storage Limits
    • Orphaned Users
    • Inactive Users Detection
    • Provisioning - Content & Structure
  • Troubleshooting
    • Export Diagnostic Logs
    • Setup Diagnostic Logs Export
    • Analytics and Usage Report Issues
  • Explore Syskit Point for Site Owners/Collaborators
    • Syskit Point for Collaborators
    • Resolve Governance Tasks
      • My Tasks
      • Complete Access Review Tasks
      • Complete Metadata Review Tasks
      • Complete Privacy Review Tasks
      • Complete Sensitivity Review Tasks
      • Resolve Inactive Workspaces Tasks
      • Resolve Lifecycle Management Tasks
      • Resolve Inactive Guest Users Tasks
      • Resolve Minimum Number of Owners Tasks
      • Resolve Maximum Number of Owners Tasks
      • Resolve Orphaned Workspaces Tasks
      • Resolve Tenant Storage Limit Task
    • Manage Access
      • Manage External Sharing
      • Manage Users
    • Manage Workspaces
      • Request New Workspace
      • Request Workspace Access
      • Manage Workspaces
      • Manage Custom Metadata
    • Reporting
      • Syskit Icons Glossary
      • Inventory Reports
      • Schedule Reports
      • Alerts
      • Cleanup & Health Reports
      • External Sharing Reports
      • Access Reports
Powered by GitBook
On this page
  • Specific Users Assign New Owners
  • Policy Vulnerability E-Mail
  • Policy Vulnerability Task
  • Policy Vulnerability Resolved
  • Members Suggest New Owners
  • Members’ Policy Vulnerability E-Mail
  • Members’ Policy Vulnerability Task
  • Members’ Policy Vulnerability Task Resolved
  • Approvers’ Policy vulnerability Task
  • Policy Vulnerability Resolved
  • Syskit Point Automatically Assigns New Owners
  • Automatically Assign New Owners

Was this helpful?

  1. Explore Syskit Point for Site Owners/Collaborators
  2. Resolve Governance Tasks

Resolve Orphaned Workspaces Tasks

This article explains how to resolve the Orphaned Workspaces policy vulnerability in Syskit Point.

PreviousResolve Maximum Number of Owners TasksNextResolve Tenant Storage Limit Task

Last updated 9 months ago

Was this helpful?

This article shows how you can resolve the Orphaned Workspaces policy vulnerability when Syskit Point detects that Microsoft Teams and Microsoft 365 Groups don’t have active owners.

When a team no longer has an active owner, there is no longer a person on the other end of an automated governance policy which means the site could potentially have shared files that are outdated and pose a serious security risk.

When configuring the Orphaned Workspaces policy, Syskit Point Administrators can . There are 3 options available:

  • Specific users are asked to assign new owners

    • A 1-stage process where the policy vulnerability is resolved when you promote members to owners or add new owners

  • Existing team/group members receive a task to suggest new owners

    • A 2-stage process where, after the members suggest new owners, an additional step is required from defined users to approve the suggestion

  • Syskit Point automatically assigns new owners

    • The last owner's manager is assigned as the new group owner

    • In case the manager is not found, a defined user gets a task to resolve the vulnerability

In all cases, Syskit Point will send you an e-mail that will guide you through resolving the policy vulnerability, or notify you if you were assigned as a workspace owner.

Below, all cases are explained in more detail.

Specific Users Assign New Owners

Policy Vulnerability E-Mail

Syskit Point sends you an e-mail that includes all of the workspaces where the policy vulnerability was detected, asking you to assign new owners to Microsoft Teams or Microsoft 36 Groups that have no active owners assigned.

You can find the following information in the e-mail:

  • Due date to resolve the policy vulnerability (1); you have 15 workdays to resolve the policy vulnerability

  • Microsoft Teams or Microsoft 365 Group where the policy vulnerability was detected (2)

  • Resolve button (3) that takes you to Syskit Point, where you can resolve the policy vulnerability

Policy Vulnerability Task

Along with the e-mail, Syskit Point creates a policy vulnerability task that provides you with all the information and actions needed to resolve the policy vulnerability. The following are available on the task screen if you were selected to assign new owners:

  • List of current members along with Search to help you filter out specific ones (1)

  • Promote to Owner action (2); once clicked, an appropriate message appears next to the promoted user along with the Undo action (3)

  • Add New Owner action (4); to add a new owner, start typing the user's name in the input field; once you select a user, confirm your addition by clicking the Add New Owner link; once clicked, an appropriate message is displayed for the user, along with the Undo action (5)

  • Archive button (6) that enables you to Archive the Microsoft Team or Microsoft 365 Group

  • Delete button (7) that enables you to Delete the Microsoft Team or Microsoft 365 Group

  • Resolve button (8) that gets enabled when you promote members to owners or add new ones to comply with the company policy; once clicked, a dialog opens, enabling you to input a comment and resolve the policy vulnerability

Please note! When you click an action within the policy vulnerability task, think of it as a preview of what will happen after resolving the policy vulnerability. All actions that change users' access are performed after you click the Resolve button.

Policy Vulnerability Resolved

After you resolve the policy vulnerability, the History screen opens, giving you an overview of all actions performed within the workflow.

After you resolve the policy vulnerability, a confirmation e-mail is sent to all users that were assigned with the task, showing the following information:

  • Microsoft Teams or Microsoft 365 Group where the policy vulnerability was resolved

  • Who and when resolved the policy vulnerability

  • View Details button that opens the History screen in Syskit Point showing all the activities that were performed within the workflow

Members Suggest New Owners

Members’ Policy Vulnerability E-Mail

In the first stage, if you are a member of the team/group that has no owners, you will receive an e-mail asking you to suggest new owners.

You can find the following information in the e-mail:

  • Microsoft Teams or Microsoft 365 Group where the policy vulnerability was detected (1)

  • Due date to resolve the policy vulnerability (2); you have 15 workdays to resolve the policy vulnerability

  • Resolve button (3) that takes you to Syskit Point, where you can resolve the policy vulnerability

Click the Resolve button to open the policy vulnerability task in Syskit Point.

Members’ Policy Vulnerability Task

Along with the e-mail, Syskit Point creates a policy vulnerability task that provides you with all the information and actions needed to resolve it within Syskit Point. The following are available on the task screen:

  • List of current members along with Search to help you filter out specific ones (1)

  • Suggest action (2); once clicked, an appropriate message appears next to the suggested user along with the Undo action (3)

  • Suggest New Owner action (4); to suggest a new owner, start typing the user's name in the input field; once you select a user, confirm your addition by clicking the Suggest New Owner link; once clicked, an appropriate message is displayed for the user, along with the Undo action

  • Suggest Archive button (5) that enables you to suggest archiving the Microsoft Team or Microsoft 365 Group

  • Suggest Delete button (6) that enables you to suggest deleting the Microsoft Team or Microsoft 365 Group

  • Resolve button (7) that gets enabled when you suggest what to do with the team/group to comply with the company policy; once clicked, a dialog opens, enabling you to input a comment and resolve the policy vulnerability

Please note! When you suggest a new owner or the team/group to be archived or deleted, your suggestion is forwarded to the approvers along with suggestions from other members. The approvers will finalize the actions and resolve the policy vulnerability based on the suggestions.

Members’ Policy Vulnerability Task Resolved

After you resolve your task, the History screen opens, giving you an overview of all actions performed within the workflow.

In the second stage of the process, if you are defined to approve members' suggestions for the team/group having no owners, you will receive an e-mail asking you to assign new owners and resolve the policy vulnerability.

Please note! You will receive the e-mail after all members suggest what to do with the team/group or the due date for the first stage is reached.

You can find the following information in the e-mail:

  • Microsoft Teams or Microsoft 365 Group where the policy vulnerability was detected (1)

  • Due date to resolve the policy vulnerability (2); you have 15 workdays to resolve the policy vulnerability

  • Resolve button (3) that takes you to Syskit Point, where you can resolve the policy vulnerability

Click the Resolve button to open the policy vulnerability task in Syskit Point.

Approvers’ Policy vulnerability Task

Along with the e-mail, Syskit Point creates a policy vulnerability task that provides you with all the information and actions needed to resolve the policy vulnerability. The following are available on the task screen:

  • Number of votes from members for each option (1)

  • Promote to Owner action; once clicked, an appropriate message appears next to the promoted user along with the Undo action (2)

  • Add New Owner action (3); to add a new owner, start typing the user's name in the input field; once you select a user, confirm your addition by clicking the Add New Owner link; once clicked, an appropriate message is displayed for the user, along with the Undo action

  • Archive action (4) that enables you to archive the Microsoft Team or Microsoft 365 Group

  • Delete action (5) that enables you to delete the Microsoft Team or Microsoft 365 Group

  • Accept Risk Policy button (6) that enables you to disregard the company policy in case there is a valid reason to do so; if the risk is accepted, no further e-mails will be sent or tasks created for the number of days you select

  • Resolve button (7) that gets enabled when you promote members to owners or add new ones to comply with the company policy; once clicked, a dialog opens, enabling you to input a comment and resolve the policy vulnerability

Policy Vulnerability Resolved

After you resolve the policy vulnerability, the History screen opens, giving you an overview of all actions performed within the workflow.

After you resolve the policy vulnerability, a confirmation e-mail is also sent to all users that were assigned with the task, showing the following information:

  • Microsoft Teams or Microsoft 365 Group where the policy vulnerability was resolved

  • Who and when resolved the policy vulnerability

  • View Details button that opens the History screen in Syskit Point, showing all the activities that were performed within the workflow

Please note: The Orphaned Workspaces policy vulnerability is detected when there are 0 active owners assigned to a workspace.

Syskit Point Automatically Assigns New Owners

Automatically Assign New Owners

This option automatically assigns a new owner to an Orphaned Workspace.

Once a workspace is detected as without any active owners, the following situations are possible:

  • When the owners of a workspace have been deleted or have blocked sign-in

    • The manager of one of these disabled or deleted owners is assigned as the new owner.

      • This can happen only if the manager is not deleted and does not have blocked sign-in.

    • If there are two inactive owners and they both have an active manager, the role of workspace owner is assigned to the manager having the most recent sign-in date.

      • An e-mail notification is sent to notify this user

    • If the manager of the deleted user (or user with blocked sign-in), also has their sign-in blocked, had been deleted, or has not been recently active , the Orphaned Workspaces task is assigned to the specific resolver as defined when setting up the policy.

      • An e-mail notification is sent to notify this user

  • If a new owner was located, however, the action of assigning them as the new owner of the workspace ends in failure, the task is assigned to Syskit Point Administrators.

    • In this case, an e-mail notification is not sent to Syskit Point Administrators.

Please note: The Orphaned Workspaces policy vulnerability is detected when there are 0 active owners assigned to a workspace.

If 1 owner is assigned to a workspace when resolving the Orphaned Workspaces vulnerability, Syskit Point will detect the vulnerability, as the default requirement is to have at least 2 owners per workspace.

If 1 owner is assigned to a workspace when resolving the Orphaned Workspaces vulnerability, Syskit Point will detect the vulnerability, as the default requirement is to have at least 2 owners per workspace.

decide how the process of assigning owners to orphaned workspaces will look like
Minimum Number of Owners policy
Minimum Number of Owners policy
Policy Vulnerability E-mail
Policy Vulnerability Task
Policy Vulnerability History Screen
Policy Vulnerability E-mail
Policy Vulnerability Task
Policy Vulnerability - History Screen
Policy vulnerability E-mail
Policy vulnerability Task
Automatically Assign New Owner E-mail