Hi All,

I am taking over IT responsibilites for a mid-size company.  Currently, we are dealing with a roque MSP who has admin credentials for everything including our M365 tenant. No internal employees of the company, including owner, have been provided admin rights.  

I should add that this MSP is a one-man shop, I seriously doubt he has any formal partner relationship with Microsoft, but I may be wrong about that.

My feeling is that he has not registered the tenant the correct way and ownership shows his name rather than the company, but I can’t prove that.

due to conflicts, there is an eminent possibility that he will begin deleting accounts, removing licenses or otherwise interrupting business.

Is anyone aware of a method for contacting Microsoft to deal with these sorts of disputes?  without an admin account, I don’t even have the option to raise a support case with them right now.

We may be in a tough situation given that we pay him directly for services, so the invoice and payments will probably be in his name.

any thoughts or suggestions are appreciated!

​Hi All, I am taking over IT responsibilites for a mid-size company.  Currently, we are dealing with a roque MSP who has admin credentials for everything including our M365 tenant. No internal employees of the company, including owner, have been provided admin rights.   I should add that this MSP is a one-man shop, I seriously doubt he has any formal partner relationship with Microsoft, but I may be wrong about that. My feeling is that he has not registered the tenant the correct way and ownership shows his name rather than the company, but I can’t prove that. due to conflicts, there is an eminent possibility that he will begin deleting accounts, removing licenses or otherwise interrupting business. Is anyone aware of a method for contacting Microsoft to deal with these sorts of disputes?  without an admin account, I don’t even have the option to raise a support case with them right now. We may be in a tough situation given that we pay him directly for services, so the invoice and payments will probably be in his name. any thoughts or suggestions are appreciated!  Read More

​

Hello microsoft,

Yesterday I faced issues to download the update as it always stopped at 8%, today i was able to update to Windows 11 Insider Preview 10.0.26120.1542 (ge_release_svc_betaflt_upr) but as of today my nvidia geforce rtx 3080 is not visable and detectable anymore.

I have an acer predator triton 300 nvidia geforce rtx 3080

I tried: 
windows x –> device management (show hidden ) -> analyze for changes – but not shown
checked for bios updates
tried to install latest drivers from nvidia but keep the error of not detected

out of options, seems to be the error related to the latest insiders update as it started after 20th of august *came back from holiday and updated to latest and issues started

not able to detect my dell external monitor via hdmi – even bought a new cable, error still there but not when other pc’s connected)

please help me to fix as i am nowhere w/o my rtx 

​Hello microsoft, Yesterday I faced issues to download the update as it always stopped at 8%, today i was able to update to Windows 11 Insider Preview 10.0.26120.1542 (ge_release_svc_betaflt_upr) but as of today my nvidia geforce rtx 3080 is not visable and detectable anymore.I have an acer predator triton 300 nvidia geforce rtx 3080I tried: windows x –> device management (show hidden ) -> analyze for changes – but not shownchecked for bios updatestried to install latest drivers from nvidia but keep the error of not detectedout of options, seems to be the error related to the latest insiders update as it started after 20th of august *came back from holiday and updated to latest and issues startednot able to detect my dell external monitor via hdmi – even bought a new cable, error still there but not when other pc’s connected)please help me to fix as i am nowhere w/o my rtx   Read More

​

We have an environment where there are machines available for public use (a public library). Users should be able to create documents and the like on the machine, and save them to locally attached storage, or e-mail/cloud storage, etc.

When a user logs out, the machine should completely reset; all changes made, documents created, history, and the like should be erased and the machine should automatically reset to the base image.

Everything in the MS documentation I can find that mentions non-persistent machines just means pooled machines, which doesn’t do this. If I want to set up an AVD pool that does this, how would I accomplish that?

​We have an environment where there are machines available for public use (a public library). Users should be able to create documents and the like on the machine, and save them to locally attached storage, or e-mail/cloud storage, etc. When a user logs out, the machine should completely reset; all changes made, documents created, history, and the like should be erased and the machine should automatically reset to the base image. Everything in the MS documentation I can find that mentions non-persistent machines just means pooled machines, which doesn’t do this. If I want to set up an AVD pool that does this, how would I accomplish that?  Read More

​

Dear team,

    While implementing this action in logic app, I need to pass the connection string for map to refer the assemblies from integration account that needs to be secured. Instead of key vault, please suggest how to implement this connection string parameter in this action

Thanks and regards,

MH

​Dear team,    While implementing this action in logic app, I need to pass the connection string for map to refer the assemblies from integration account that needs to be secured. Instead of key vault, please suggest how to implement this connection string parameter in this action Thanks and regards,MH  Read More

​

To support our CSP Partners driving Copilot usage with their customers, we are happy to announce that on September 16th, Microsoft will be hosting a 2.5-hour Copilot training workshop for end users in 5 different languages across multiple time zones. The workshop includes an overview of Copilot for Microsoft 365, hands-on prompt training, Demos across roles in HR, Marketing, Sales, and other disciplines, real time support, and Q&A.

For Partners that are interested and have the capacity to deliver adoption training themselves, we offer Train the Trainer sessions and the content for delivery.  

Sign up for the Train the Trainer session

Download email template to invite your customers

​Microsoft Tech Community – Latest Blogs –Read More 

When I create a new calendar event in Outlook, and sync it to Google Calendar, it shows up in Coordnated Universal Time instead of Eastern Time. I was wondering if this could be changed. Thanks!

​When I create a new calendar event in Outlook, and sync it to Google Calendar, it shows up in Coordnated Universal Time instead of Eastern Time. I was wondering if this could be changed. Thanks!  Read More

​

I’ve been modifying an Excel workbook for our employees as it stopped calculating properly. I copied and pasted the data from the original workbook to a fresh one to work with and got it to calculate and function properly (the issue appears to be that the original workbook was calling upon a URL that no longer works to get data for some of the calculations).

However, even though the workbook now works properly on my device, when I send it to a colleague, they are no longer able to use the picklists that are contained in the workbook. I’ve tried this out and encountered the same problem when opening on a different device. How can I ensure that the picklists work properly? I’ve attached the error that occurs for one such picklist.

All devices that have been involved so far are Windows devices.

​I’ve been modifying an Excel workbook for our employees as it stopped calculating properly. I copied and pasted the data from the original workbook to a fresh one to work with and got it to calculate and function properly (the issue appears to be that the original workbook was calling upon a URL that no longer works to get data for some of the calculations). However, even though the workbook now works properly on my device, when I send it to a colleague, they are no longer able to use the picklists that are contained in the workbook. I’ve tried this out and encountered the same problem when opening on a different device. How can I ensure that the picklists work properly? I’ve attached the error that occurs for one such picklist. All devices that have been involved so far are Windows devices.   Read More

​

I just recently installed the new update and my computer doesn’t have any of the features that should have come with the update, even signed in for the insider program incase it was available there, but nothing.

​I just recently installed the new update and my computer doesn’t have any of the features that should have come with the update, even signed in for the insider program incase it was available there, but nothing.  Read More

​

We’re thrilled to share with you that WordPress on App Service now supports Managed Identity. This means your WordPress site can securely access other Azure resources, like Azure Database for MySQL Flexible Server and Azure Communication Service Email, without the hassle of managing connection strings and secrets.

What is a managed Identity and why should you implement it for WordPress on App Service?

A frequent issue developers face is handling secrets, credentials, certificates, and keys needed for secure communication between services. Managed identities remove the necessity for developers to oversee these credentials.

Even though developers can securely store secrets in Azure Key Vault, services still require a method to access it. Managed identities offer an automatically managed identity in Microsoft Entra ID that applications can use to connect to resources supporting Microsoft Entra authentication. Using managed identities, applications can acquire Microsoft Entra tokens without needing to manage any credentials.

Managed identities are an excellent way to enhance the security of your WordPress application. They eliminate the need to manage credentials, as they integrate seamlessly with various Azure services, providing secure access without explicit credentials. Best of all, you can use managed identities at no additional cost.

There are two types of managed identities: System-assigned and User-assigned. To learn more about managed identities and its types visit https://learn.microsoft.com/entra/identity/managed-identities-azure-resources/overview

How does WordPress on App Service use a managed Identity?

WordPress on App Service now uses a user-assigned managed identity configured with App Service. This managed identity allows access to other Azure resources, such as the Azure Database for MySQL flexible server or Azure Communication Services Email, without needing to store credentials in Application settings as we did before. https://github.com/Azure/wordpress-linux-appservice/blob/main/WordPress/wordpress_application_settings.md

This approach also eliminates the need for connection strings and storing secrets in Key Vault. Moving forward, this will be the default behavior for WordPress on App Service. We recommend adopting this approach. For new websites created on or after September 9, 2024, managed identities will be configured by default if the Managed Identity checkbox in the Add-ins tab is checked during the creation process. https://portal.azure.com/#create/WordPress.WordPress

How to configure managed identity for WordPress on App Service?

For new website deployments (on or after 9 September 2024), managed identity is configured by default. In the creation experience, navigate to the Add-ons tab, where you will see that managed identity is enabled by default. We highly recommend following this approach. However, you can disable this feature if you need to manually set up managed identities or if your policies require a different approach.

For older websites, we need to follow the steps below to configure Managed Identity for WordPress on App Service.

Step 1. Create a user assigned managed identity resource.

Follow the steps here: https://learn.microsoft.com/entra/identity/managed-identities-azure-resources/how-manage-user-assigned-managed-identities?pivots=identity-mi-methods-azp#create-a-user-assigned-managed-identity to create a new user assigned managed identity.

Or you can directly go to the create flow here: https://portal.azure.com/#create/Microsoft.ManagedIdentity

We recommend that you select the same Resource group and Region for your managed identity as with other resources of WordPress on App Service. This will make it easier for you to manage these resources together.

Step 2. Configure managed identity for App Service

Follow the steps here: https://learn.microsoft.com/azure/app-service/overview-managed-identity?tabs=portal%2Chttp#add-a-user-assigned-identity

Step 3. Enable managed identity authentication for Azure Database for MySQL flexible server

This step has two parts:

Part 1: Enable MySQL database authentication using managed identity

Go to Azure database for MySQL resource. Go to Security > Authentication.

Select ‘Microsoft Entra authentical only’ option in the authentication section. The allows authentication only using Microsoft Entra account and disables MySQL native password-based authentication. We highly recommend this approach. Although you could select ‘MySQL and Microsoft Entra authentication’ to enable authentication using both methods.’
In the Select Identity section, select the user assigned managed identity you had crated in Step1.

In the ‘Microsoft Entra Admins’ section click on ‘Select’. In the search option search for the Managed Identity name, and you will find an Admin with the same name of type ‘Enterprise application’. Select that option and click on ‘Select’.

Now Azure database for MySQL has been configured to authenticate with the managed Identity. For more details, visit: https://learn.microsoft.com/azure/mysql/flexible-server/how-to-azure-ad#configure-the-microsoft-entra-admin

Part 2: Update application settings: Go to App Service Resource > Settings > Environment variables.

Add these settings:

ENTRA_CLIENT_ID

<Client ID of managed identity>

ENABLE_MYSQL_MANAGED_IDENTITY

true

You can find the client ID of the managed Identity in the overview section of the managed identity resource.

Edit these settings:

DATABASE_USERNAME

<Microsoft Entra Admin>

This is the Microsoft Entra Admin we added in Part 1 earlier. This is usually same as the name of the managed identity.

Step 4. Enable managed identity authentication for Azure Communication Services Email

Go to App Service resource > Settings > Environment variables.
Add this application setting:

ENABLE_EMAIL_MANAGED_IDENTITY

true

Step 5. Make code level changes.

Next you need to make code level changes to make sure that WordPress is able to access the database and email server. This includes making changes to wp-config.php and the email plugin.

We have created a script to help you make this code changes faster. Go to Kudu SSH and run this script:

/usr/local/bin/managed-identity-setup.sh

Now you have successfully enabled WordPress on App Service to use managed identity.

Note: You can log in to phpMyAdmin by using the value from DATABASE_USERNAME environment variable as the username and the token as the password. To find the token use your Kudu SSH to run the following command:

/usr/local/bin/fetch-mysql-access-token.sh

Support and Feedback

Did you like this article? Please click on like if you do. Also, leave your comments, and help us to make this article better.

If you need any assistance, feel free to open a support request through the Microsoft Azure portal.

You can also report an issue on our GitHub repository Issues

For more details about our offering, check out the announcement on the General Availability of WordPress on Azure App Service.

Also, you can find here all articles related to WordPress on App Service.

You can share your thoughts and suggestions on our community page.

Would love to know about your experience & issues you are facing, and you can start a conversation with us by emailing to wordpressonazure@microsoft.com

​Microsoft Tech Community – Latest Blogs –Read More 

Hello, 

anyone knows if and when there will be an API available for the new planner? 

I did some tests with the current graph api (1.0) for planner, but it seems it is only working for “classic” planner plans, not for plans of a premium plan. 

​Hello,  anyone knows if and when there will be an API available for the new planner? I did some tests with the current graph api (1.0) for planner, but it seems it is only working for “classic” planner plans, not for plans of a premium plan.   Read More

​