Category: Microsoft
Category Archives: Microsoft
Monitoring FSLogix User Profile Container Size w/ Azure Files
The default maximum profile size for FSLogix containers is 30GB by default. We want to setup alerts to let us know when profile containers are reaching the capacity, so we can be proactive instead of reactive in these situations. We are storing our users’ FSLogix profiles in an Azure Files file share.
Are there any alerts that can be created to monitor these VHD(x) file sizes in the Azure Files File Share?
I’ve seen some scripts that create alerting at the OS level, but this is not ideal.
The default maximum profile size for FSLogix containers is 30GB by default. We want to setup alerts to let us know when profile containers are reaching the capacity, so we can be proactive instead of reactive in these situations. We are storing our users’ FSLogix profiles in an Azure Files file share. Are there any alerts that can be created to monitor these VHD(x) file sizes in the Azure Files File Share? I’ve seen some scripts that create alerting at the OS level, but this is not ideal. Read More
Continuous Threat Monitoring for GitHub Connector setup broken
Hi,
i tried today to deploy the Continuous Threat Monitoring for GitHub Connector and it looks broken.
Error Data Connector Not Found.
Already reproted here:
What is the workarround or how is the right way to deploy?
Hi, i tried today to deploy the Continuous Threat Monitoring for GitHub Connector and it looks broken.Error Data Connector Not Found.Already reproted here: https://azuremarketplace.microsoft.com/en-us/marketplace/apps/microsoftcorporation1622712991604.sentinel4github?tab=Overview What is the workarround or how is the right way to deploy? Read More
AI business
AI has foundational model and many people trying to fine-tune it based on their needs. Eventually, this will become a new business opportunity for any startup to teach/fine tune, optimize, create new data sets. I hope anybody can provide data to the AI like take a photo of new species, crops growing stages, fertilizers, historical monuments, ancient literature, etc and update the existing label or create new label. More data, more accuracy for the AI output.. how to start a startup business to collect the data from the public and pay them for unique data to GenAI? Like Youtube is paying for the number of viewers.
AI has foundational model and many people trying to fine-tune it based on their needs. Eventually, this will become a new business opportunity for any startup to teach/fine tune, optimize, create new data sets. I hope anybody can provide data to the AI like take a photo of new species, crops growing stages, fertilizers, historical monuments, ancient literature, etc and update the existing label or create new label. More data, more accuracy for the AI output.. how to start a startup business to collect the data from the public and pay them for unique data to GenAI? Like Youtube is paying for the number of viewers. Read More
Tech Talks Presents: X-In-A-Day Program & Complex Data Structures with Power Apps Copilot!
Join us on Thursday, August 8th at 8am PT as Alisha Dranitsaris, Partner Enablement Program Manager, presents X-In-A-Day Program Overview and April Dunnam, Principal Cloud Advocate, presents Unlock the Power of Complex Data Structures with Power Apps Copilot!
Call to Action:
Click on the link to save the calendar invite: https://aka.ms/TechTalksInvite
View past recordings (sign in required): https://aka.ms/TechTalksRecording
Join us on Thursday, August 8th at 8am PT as Alisha Dranitsaris, Partner Enablement Program Manager, presents X-In-A-Day Program Overview and April Dunnam, Principal Cloud Advocate, presents Unlock the Power of Complex Data Structures with Power Apps Copilot!
Call to Action:
Click on the link to save the calendar invite: https://aka.ms/TechTalksInvite
View past recordings (sign in required): https://aka.ms/TechTalksRecording Read More
Logic Apps Aviators Newsletter – August 2024
In this issue:
Ace Aviator of the Month
Customer Corner
News from our product group
News from our community
Ace Aviator of the Month
August’s Ace Aviator: Adnane Dalhi
What is your role and title? What are your responsibilities associated with your position?
I am a Dynamics 365 Technical and Cloud Solution Architect at HSO France. In my role, I am responsible for architecting and designing Dynamics 365 For Finance and Operations solutions that meet client requirements. Design cloud architectures with Azure cloud integration Services, I translate business requirements into technology requirements. My responsibilities also include providing advice, high-level and detailed designs during project delivery engagements, ensuring quality oversight at various stages of the project lifecycle, creating solution proposals and cost models for projects, producing responses to request for proposals (RFPs), acting as the design authority and technical escalation point for projects, collaborating with the project delivery team to develop customer account plans and roadmaps, and managing projects through the entire project lifecycle to ensure high customer satisfaction.
Can you provide some insights into your day-to-day activities and what a typical day in your role looks like?
A typical day for me starts with reviewing project updates and prioritizing tasks for the day. I spend a significant portion of my time designing and developing Architectures , and automated workflows to meet our clients’ specific needs using azure cloud integration services. I work closely with clients to understand their business requirements and translate these into technical solutions. Collaboration is key in my role, so I frequently meet with team members and stakeholders to discuss project progress and address any challenges. I also ensure quality oversight at various project stages and act as a technical escalation point when necessary. Additionally, I dedicate time to staying updated with the latest advancements in Dynamics 365, Power Platform and Cloud integration services and other related technologies to ensure we are leveraging the best practices and features available.
What motivates and inspires you to be an active member of the Aviators/Microsoft community?
I am inspired by the opportunity to learn from and collaborate with other experts. The community provides valuable support and resources that help me grow professionally. Sharing knowledge and seeing the positive impact it has on others motivates me to stay active and contribute more. The continuous innovation in Microsoft technologies, especially Azure, keeps me excited and engaged.
Looking back, what advice do you wish you would have been told earlier on that you would give to individuals looking to become involved in STEM/technology?
My advice is to never stop learning and connect with professionals in the field. Building a strong network and staying curious about new technologies can open many doors and help your career grow.
What has helped you grow professionally?
Commitment to lifelong learning, seeking mentorship, and actively participating in community forums and events have been crucial for my growth. Embracing challenges as opportunities to learn and staying adaptable have also helped. I share my insights through my blog, Dynvision365.com, where I discuss cloud solutions, enterprise architecture, and emerging technologies.
Imagine you had a magic wand that could create a feature in Logic Apps. What would this feature be and why?
As someone coming from the academic world and the R&D domain, and as a blockchain enthusiast, I would love to see a “Blockchain-AI Integrated Workflow Engine” in Logic Apps. This feature would seamlessly integrate blockchain technology with AI to create smart, secure, and highly efficient workflows and simple smart contracts. The blockchain component would ensure the integrity and transparency of data, providing a tamper-proof ledger for all transactions and processes
Customer Corner:
Commercial Bank of Dubai: innovating a future proof banking platform with Microsoft Azure
Discover how Commercial Bank of Dubai is transforming its operations with Microsoft Azure in this compelling customer success story. By leveraging Azure’s cutting-edge banking and capital markets solutions, the bank is enhancing its digital infrastructure to deliver more efficient, secure, and innovative financial services. With Azure’s advanced cloud capabilities, the Commercial Bank of Dubai is streamlining its processes, boosting operational efficiency, and elevating the customer experience.
News from our product group:
Automate responses to StackOverflow queries using OpenAI and Logic Apps
Read about this powerful solution for automating responses to questions using the new AI Search and OpenAI Connectors in Logic Apps Standard.
The Rising Significance of APIs – Azure API Management & API Center
Read about the differences and use cases between Azure API Management and the recently GA Azure API Center in this article.
Azure Integration Services Quarterly Highlights and Insights 2024’Q2
Catch up with the quarterly blog that has the latest updates and highlights from AIS over the past few months.
News from our community:
Logic Apps Consumption vs Logic Apps Standard
Video by Sebastian Meyer
Check out this video about the differences between Consumption vs. Standard in the first of Sebastian’s new video series.
Post by Sandro Pereira
Having trouble deploying your SAP connector? Check out Sandro’s article for help.
Azure Logic Apps: Automated Testing Framework Feature
Video by Michael Stephenson
Watch this video featuring Wagner Silveira as he talks with Michael about our upcoming Automated Testing Framework feature.
Friday Fact: You can debatch XML messages with Logic Apps
Post by Sandro Pereira
Learn how to debatch XML content similarly to how you handle JSON inputs in Sandro’s post.
Friday Fact: You Can Protect Your Logic Apps from Accidental Changes with Read-Only Locks
Post by Luís Rigueira
Learn how to prevent accidental modifications or deletions with Read-Only Locks in this post and video by Luis
Post by Sandro Pereira
Learn how to apply workflow Locks to Logic App Consumption in Visual Studio Logic App projects in this post by Sandro.
Shared Connectors vs. In-App Connectors
Post by Sebastian Meyer
Don’t miss the second of Sebastian’s video series where he discusses the differences between shared vs. in-app connectors.
Post by Sandro Pereira
Configuring your SAP Connector? Read Sandro’s article to learn how to properly configure the SAP Connector’s System Number property.
Microsoft Tech Community – Latest Blogs –Read More
SQL 2022 Remote Blob Storage installation file
Hi, Please let me know from where i can download msi for Remote Blob Storage (RBS) ?
I am trying to test SharePoint Subscription with SQL 2022 RBS.
Hi, Please let me know from where i can download msi for Remote Blob Storage (RBS) ? I am trying to test SharePoint Subscription with SQL 2022 RBS. Read More
Adding iCloud account to Outlook
I have an iCloud account where I get a few e-mails. I was attempting to add my iCloud account to Outlook but I can’t get it to work. I have followed all of the instructions multiple times in both New Outlook and Classic Outlook. When I do troubleshooting I see Error code: INVALIDCREDENTIALS INTERACTIONREQUIRED. I have followed all of the trouble shooting documents that I have found but nothing seems to work. I am using the app password from iCloud and still nothing. What am I missing?
I have an iCloud account where I get a few e-mails. I was attempting to add my iCloud account to Outlook but I can’t get it to work. I have followed all of the instructions multiple times in both New Outlook and Classic Outlook. When I do troubleshooting I see Error code: INVALIDCREDENTIALS INTERACTIONREQUIRED. I have followed all of the trouble shooting documents that I have found but nothing seems to work. I am using the app password from iCloud and still nothing. What am I missing? Read More
Why do I get name printed 3 times instead of 2?
Hi , here’s my code:
Add-Type -AssemblyName System.Web
$fileInGpx = “b.gpx”
[hashtable]$wptsUnique = @{}
[xml]$xml = Get-Content -Path $fileInGpx -Encoding UTF8
function trySetWptColor($wpti, $wptExisting)
{
Write-Host $wpti.name
}
$nsManager = New-Object System.Xml.XmlNamespaceManager($xml.NameTable)
$nsManager.AddNamespace(“osmand”, “https://osmand.net”)
$nsManager.AddNamespace(“gpx”, “http://www.topografix.com/GPX/1/1”)
$XPath = “//gpx:wpt”
$wpts = $xml.selectNodes($XPath, $nsManager)
foreach($wpt in $wpts)
{
$wpt2 = $null
$lat2 = $wpt.lat -as [double]
$lon2 = $wpt.lon -as [double]
$key = $lat2 + ” + $lon2
if ($wptsUnique.ContainsKey($key))
{
$wptExisting = $wptsUnique[$key]
Write-Host $wpt.name
trySetWptColor($wpt, $wptExisting)
}
else
{
$wpt2 = @{
lat = 1
lon = 2
name = $wpt.name
extensions = “qqq”
}
$wptsUnique.add($key, $wpt2)
}
}
Here’s the file it’s supposed to read:
<?xml version=’1.0′ encoding=’UTF-8′ standalone=’yes’ ?>
<gpx
xmlns=’http://www.topografix.com/GPX/1/1′
xmlns:osmand=’https://osmand.net’
>
<metadata>
<name>MOSTIKI</name>
</metadata>
<wpt lat=”55.9840704″ lon=”36.6401806″>
<name>AAAAAA</name>
<type>MOSTIKI</type>
<extensions>
<osmand:address>BBBBBB</osmand:address>
<osmand:icon>special_star</osmand:icon>
<osmand:background>circle</osmand:background>
<osmand:color>#eecc22</osmand:color>
</extensions>
</wpt>
<wpt lat=”55.98407″ lon=”36.640181″>
<name>CCCCC</name>
<type>MOSTIKI</type>
<extensions>
<osmand:address>DDDDD</osmand:address>
<osmand:icon>bridge_structure_suspension</osmand:icon>
<osmand:background>circle</osmand:background>
<osmand:color>#eecc22</osmand:color>
</extensions>
</wpt>
</gpx>
As a result of running I get this:
CCCCC
CCCCC AAAAAA
Why do I get CCCC AAAAA instead of just CCCCC
Hi , here’s my code: Add-Type -AssemblyName System.Web
$fileInGpx = “b.gpx”
[hashtable]$wptsUnique = @{}
[xml]$xml = Get-Content -Path $fileInGpx -Encoding UTF8
function trySetWptColor($wpti, $wptExisting)
{
Write-Host $wpti.name
}
$nsManager = New-Object System.Xml.XmlNamespaceManager($xml.NameTable)
$nsManager.AddNamespace(“osmand”, “https://osmand.net”)
$nsManager.AddNamespace(“gpx”, “http://www.topografix.com/GPX/1/1”)
$XPath = “//gpx:wpt”
$wpts = $xml.selectNodes($XPath, $nsManager)
foreach($wpt in $wpts)
{
$wpt2 = $null
$lat2 = $wpt.lat -as [double]
$lon2 = $wpt.lon -as [double]
$key = $lat2 + ” + $lon2
if ($wptsUnique.ContainsKey($key))
{
$wptExisting = $wptsUnique[$key]
Write-Host $wpt.name
trySetWptColor($wpt, $wptExisting)
}
else
{
$wpt2 = @{
lat = 1
lon = 2
name = $wpt.name
extensions = “qqq”
}
$wptsUnique.add($key, $wpt2)
}
}
Here’s the file it’s supposed to read: <?xml version=’1.0′ encoding=’UTF-8′ standalone=’yes’ ?>
<gpx
xmlns=’http://www.topografix.com/GPX/1/1′
xmlns:osmand=’https://osmand.net’
>
<metadata>
<name>MOSTIKI</name>
</metadata>
<wpt lat=”55.9840704″ lon=”36.6401806″>
<name>AAAAAA</name>
<type>MOSTIKI</type>
<extensions>
<osmand:address>BBBBBB</osmand:address>
<osmand:icon>special_star</osmand:icon>
<osmand:background>circle</osmand:background>
<osmand:color>#eecc22</osmand:color>
</extensions>
</wpt>
<wpt lat=”55.98407″ lon=”36.640181″>
<name>CCCCC</name>
<type>MOSTIKI</type>
<extensions>
<osmand:address>DDDDD</osmand:address>
<osmand:icon>bridge_structure_suspension</osmand:icon>
<osmand:background>circle</osmand:background>
<osmand:color>#eecc22</osmand:color>
</extensions>
</wpt>
</gpx> As a result of running I get this:CCCCCCCCCC AAAAAA Why do I get CCCC AAAAA instead of just CCCCC Read More
Two virtual machines can’t talk to each other in Same Azure Subnet
Hello
I’m trying to perform a Disaster Recovery Failover test. When the domain controller and several member servers are turned on, the member servers report the domain is not contactable.
These VMs are all on the same subnet. What more do I have to ensure? The only NSGs are for RDP inbound to the one member server “CTXCON.”
Hello I’m trying to perform a Disaster Recovery Failover test. When the domain controller and several member servers are turned on, the member servers report the domain is not contactable. These VMs are all on the same subnet. What more do I have to ensure? The only NSGs are for RDP inbound to the one member server “CTXCON.” Read More
Installation of Freshservice probe fails at starting service
BLUF: My background is desktop administration. New job and trying to learn as I go in regard to servers.
According to inventory reports from our Freshservice ticketing system, the Freshservice probe was installed on one of our DCs and reporting back in November of last year. No real evidence of it now. When trying to install the probe on Windows Server 2019, it gets all the way to starting services and it fails. Message saying to verify that you have sufficient privileges.
BLUF: My background is desktop administration. New job and trying to learn as I go in regard to servers.According to inventory reports from our Freshservice ticketing system, the Freshservice probe was installed on one of our DCs and reporting back in November of last year. No real evidence of it now. When trying to install the probe on Windows Server 2019, it gets all the way to starting services and it fails. Message saying to verify that you have sufficient privileges. Read More
Getting error ‘Error code: 30182-27 (53)’ while trying to update Office 365
Hello All,
we have configured Auto update for office apps in Intune. we noticed that the auto update is not working for some of the devices (not all) and when we take remote and try manual update on those machines, it gives the error ‘Error code: 30182-27 (53)‘ (Screenshot attached). We did some basic check and would like to get further advice from the community.
Hello All, we have configured Auto update for office apps in Intune. we noticed that the auto update is not working for some of the devices (not all) and when we take remote and try manual update on those machines, it gives the error ‘Error code: 30182-27 (53)’ (Screenshot attached). We did some basic check and would like to get further advice from the community. Read More
Formulas across multiple workbooks
I have 3 Excel Workbooks
One called PO Number System
One called Marc
One called Kyle
The workbook called PO Number System has 2 sheets, one called customer list and one called PO. There is an existing formula in the sheet called PO (column B) that will automatically assign a PO number once the Customer name is filled in. We will then manually enter the remainder of the info on this sheet.
What I would like is to be able to enter the information on the PO Sheet of the PO Number System Workbook and for that information to copy over to the individual salesman’s workbooks called Marc and Kyle. This is indicated by the first column of the PO Number System. The Marc and Kyle workbooks have lots of other information on them, but the columns from the PO number workbook I would like to automatically populate once filled in. The key to all of this is that the PO number and formula transfer as well. Therefore, if Marc and Kyle both have a customer name Kroger, the system doesn’t assign them the same PO number just because they are in 2 different worksheets.
I have 3 Excel WorkbooksOne called PO Number SystemOne called MarcOne called KyleThe workbook called PO Number System has 2 sheets, one called customer list and one called PO. There is an existing formula in the sheet called PO (column B) that will automatically assign a PO number once the Customer name is filled in. We will then manually enter the remainder of the info on this sheet.What I would like is to be able to enter the information on the PO Sheet of the PO Number System Workbook and for that information to copy over to the individual salesman’s workbooks called Marc and Kyle. This is indicated by the first column of the PO Number System. The Marc and Kyle workbooks have lots of other information on them, but the columns from the PO number workbook I would like to automatically populate once filled in. The key to all of this is that the PO number and formula transfer as well. Therefore, if Marc and Kyle both have a customer name Kroger, the system doesn’t assign them the same PO number just because they are in 2 different worksheets. Read More
Troubleshooting managed installer deployments in Microsoft Intune
By: Luke Ramsdale – Sr. Customer Escalation Engineer | Microsoft Intune
In Microsoft Intune, admins can deploy application control policies to Windows devices to help prevent unauthorized applications from running. They deploy these policies using the Windows ApplicationControl CSP, however, to deploy Win32 apps via Intune after deploying these policies, you need to add the Intune management extension as a managed installer. Once you configure the Intune management extension as a managed installer, the apps that are subsequently deployed via Intune are tagged by the installer and identified as safe applications.
Note: Enabling the Intune management extension for managed installer is an Intune tenant-wide configuration, so it targets all Windows devices at once.
For more information on using application control policies and configuring Intune management extension as a managed installer review:
Manage approved apps for Windows devices with App Control for Business policy and Managed Installers in Intune.
Monitoring the configuration of managed installer
Once you configure the Intune management extension, you can track the progress of the configuration using the App Control for Business blade by navigating to the Microsoft Intune admin center > Endpoint security > App Control for Business (Preview) > Managed installer. The overview shows the success and error state.
You can then drill in further by clicking on the managed installer policy where you can see an overview of the deployment.
A detailed view of the deployment status is available in Device status which shows the success and failure for each individual device. You can add an additional column “Last run message” to get a detailed description of the error on the client side.
The last run message will contain the reason enabling the Intune management extension has failed to be enabled as a managed installer and will mirror what is logged in the AgentExecutor.log on the device.
Troubleshooting failures enabling Intune Mangement Extension as managed installer
The mechanism used to enable the Intune management extension as a managed installer is a detection and remediation PowerShell script that leverages the Get-AppLockerPolicy and Set-AppLockerPolicy cmdlets.
The Intune management extension executes these PowerShell scripts, and you can be track them using the Agentexecutor.log located in C:ProgramDataMicrosoftIntuneManagementExtensionLogs. You can remotely collect the Intune management extension logs via the device action “Collect diagnostics” in the Microsoft Intune admin center.
The AgentExecutor will first run the detection script, detect.ps1. If the Intune management extension needs to be configured as a managed installer, it will then run the SET remediation script remediation.ps1 and subsequently confirm this has worked by running the detection script again. So, a GET, SET, GET leveraging the PowerShell cmdlets mentioned above.
Detection (first GET)
All Intune tenants will use the same policy id for the detection and remediation script, d78c1822-e082-491a-b3a7-4a701836481e. The detection process will attempt to do the following once a day:
It will call the Get-AppLockerPolicy -Effective -Xml PowerShell cmdlet to get the current policy.
Search for the <RuleCollection Type=”ManagedInstaller” EnforcementMode=”AuditOnly”> XML node.
If this XML node is found, then it will attempt to match the publisher, file and version of the current policy with the embedded XML in the script.
You can see the detection process in the AgentExector.log:
Here, you can see the detect.ps1 running and returning an exit code of 1 highlighted in yellow. The write output text, highlighted in red, is where the error message is written to.
In this example we can see the Intune management extension is not set as managed installer which is expected if the device has just been enrolled or the managed installer feature has just been enabled:
Info detect.ps1 VerifyCompliance returned False
Info detect.ps1 Check if the registry value is there and remove it if it is there
Info detect.ps1 Intune management extension is not set as a managed installer
Intune management extension is NOT set as the managed installer.
You can manually test the detection process by running the following PowerShell command on a device:
Get-AppLockerPolicy -Effective -Xml
This will return the XML that is effective on the device and you can inspect it to see if this includes the Intune management agent.
Remediation (SET)
The Agent Executor will now attempt to remediate the device and set the Intune management extension as managed installer.
During remediation, the script will:
Attempt to start all the relevant services.
Call the Set-AppLockerPolicy -Merge PowerShell cmdlet.
The script will then wait for 5 minutes for the C:WindowsSystem32AppLockerManagedInstaller.AppLocker file to be created or updated.
In this example the remediation.ps1 exits with code 1 (highlighted in yellow), and the reason is contained in the write output (highlighted in red).
The remediate script will attempt to set the AppLocker policy for Intune management extension and merge with any existing policies on the device, there’s a 5-minute timeout window for this operation to complete, during which the script will attempt to set the policy 16 times.
Here’s a snippet from the output:
remediate.ps1 Calling MergeAppLockerPolicy
MergeAppLockerPolicy Merging and setting AppLocker policy
MergeAppLockerPolicy Trying to set app locker policy
remediate.ps1 Calling WaitForPolicyUpdate
WaitForPolicyUpdate Waiting for policy to be updated
WaitForPolicyUpdate Waiting a maximum of 300 seconds for the policy to be updated
Error MergeAppLockerPolicy Failed 1
At C:WindowsIMECacheHealthScriptsd78c1822-e082-491a-b3a7-4a701836481e_8remediate.ps1:108 char:13
+ LogLine -functionName $MyInvocation.MyCommand -logLine “F …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,LogLine
MergeAppLockerPolicy The local policy cannot be obtained. Reason: Error HRESULT
E_FAIL has been returned from a call to a COM component.
In this case, there has been an issue running the Set-ApplockerPolicy -XMLPolicy. To try and isolate this issue further, try running the Set-AppLockerPolicy cmdlet within PowerShell manually. To do this, follow these steps:
On the device download psexec from: PsExec – Sysinternals
Run the following command to launch PowerShell in the system context from the command line:
psexec -i -d -s C:WindowsSystem32WindowsPowerShellv1.0powershell.exe
Type: whoami to confirm the user is system
Run the following PowerShell cmdlet to backup the existing policy:
Get-AppLockerPolicy -Effective -Xml | Out-File -FilePath “c:applocker_policy.xml”
Create a text file and paste in the following:
<AppLockerPolicy Version=”1″ />
Rename the text file to policy.xml and save this on the local drive
Run the following Powershell cmdlet
Set-AppLockerPolicy -XMLPolicy “C:policy.xml”
Note: This will delete the existing AppLocker policy as described in the following article. If the managed installer is not disabled in the Intune admin center the script will attempt to run again 24 hours later.
If Step 7 fails using the basic XML file, then it is likely that there are some permissions issues which can be investigated further using procmon.
If Step 7 works without any issue, then it is likely that there’s a problem with merging with the existing AppLocker policy, try running Step 7 again but use the applocker_policy.xml created in Step 4 to see if there’s an error related to the XML formatting.
Support for managed installer in Hybrid scenarios
When deploying managed installer for Microsoft Entra hybrid joined devices, please consider the following limitations:
The Set-ApplockerPolicy cmdlet used in the remediation.ps1 has a dependency on group policy updating on domain joined devices, if the device is not connected to the domain or if there are delays when updating group policy then this could cause this cmdlet to fail, and managed installer will not be enabled for the Intune management extension.
The group policy update dependency for enabling the Intune management extension as a managed installer impacts Windows Autopilot deployments for Entra hybrid joined devices in the following scenarios:
If you use a Win32 application to configure a VPN during Autopilot for Entra hybrid joined devices and have enabled Intune management extension as a managed installer then the VPN application will never be installed, it won’t have connectivity to the domain which will prevent the Intune management extension from being enabled as a managed installer. The Win32 app will fail to install because it’s not tagged as safe, and the Intune management extension won’t be enabled as a managed installer because there’s no domain connectivity.
Simply, without the domain connectivity the remediation script will fail and without Intune management extension being enabled as a managed installer the VPN application will never install.
If the device has line of sight to a domain controller during Autopilot and there are delays updating group policy, then this can also prevent the Set-AppLockerPolicy from completing and cause the configuration of the Intune management extension as a managed installer to fail. This will cause any Win32 applications to fail that are deployed during the Autopilot Enrollment Status Page (ESP) phases.
This is documented in: “What considerations should I have for Entra Hybrid Join (HAADJ) devices within my organization that want to use Managed Installer?”
If you’re using or wanting to use application control policies and encounter any issues with configuring Intune management extension as a managed installer, hopefully the troubleshooting steps and guidance in this post helps you diagnose and resolve them quickly.
If you have a question or feedback, leave a comment below or reach out on X @IntuneSuppTeam.
Microsoft Tech Community – Latest Blogs –Read More
How can I complain on Zomato?
How can I complain on Zomato? Open the Zomato app and go to the “Support” team contact 09358-98*90~17./ section. Select the order for which you want to file a complaint. Gfd
How can I complain on Zomato? Open the Zomato app and go to the “Support” team contact 09358-98*90~17./ section. Select the order for which you want to file a complaint. Gfd Read More
Microsoft GDK Store Association Account Privilege Requirements
Howdy all,
Using the GDK store association tool, I‘m getting a 403 forbidden response when trying to link my config file with my MS Store game. Steps I‘ve taken (The goal here is building to Microsoft Store):
Created our app (Status is In the Microsoft Store)Can verify we have proper settings in the Xbox Settings tab in the partner centerCreated dev sandboxesSwitched and verified sandbox exists with the GDK toolsetHave attempted with Developer Mode toggled on/off.Have whitelisted recommended domains, and have the recommended ports forwarded from the gdk documentation.When trying to associate with either my partner login or my sandbox test account, I’m getting a rejection.
This feels like a privilege issue I need to kick up to the account owner, but unsure what setting needs to change. Dev context: Using Unity and the Microsoft GDK package. (I‘ve used the 2207 github release, and the 1.0, and 1.1 official Unity released packages to make sure this isn‘t a one off.) Screenshot is what I‘m returning.
TL-DR: What partner account privilege access is necessary to ensure the GDK association tool should work as intended?
Howdy all, Using the GDK store association tool, I’m getting a 403 forbidden response when trying to link my config file with my MS Store game. Steps I’ve taken (The goal here is building to Microsoft Store): Created our app (Status is In the Microsoft Store)Can verify we have proper settings in the Xbox Settings tab in the partner centerCreated dev sandboxesSwitched and verified sandbox exists with the GDK toolsetHave attempted with Developer Mode toggled on/off.Have whitelisted recommended domains, and have the recommended ports forwarded from the gdk documentation.When trying to associate with either my partner login or my sandbox test account, I’m getting a rejection. This feels like a privilege issue I need to kick up to the account owner, but unsure what setting needs to change. Dev context: Using Unity and the Microsoft GDK package. (I’ve used the 2207 github release, and the 1.0, and 1.1 official Unity released packages to make sure this isn’t a one off.) Screenshot is what I’m returning. TL-DR: What partner account privilege access is necessary to ensure the GDK association tool should work as intended? Read More
Possible Array Formula?
I have a set of data:
Rows = Job Titles
Columns = Months
Values = Budgeted hours within the month
The hours are per month and per job title which means they can be quite high as we have more than one person in certain roles.
I want to get this data into a format to import into our time and attendance software as a budget – for ease I was importing all entries on the 1st of the month. (The day of the month is irrelevant as we will be looking at this data in monthly views). To import you have to enter start date and start time, it auto calcs the end time and date, however, the system does not handle values over 24 hours as it cannot auto calc that the end date is in a different day.
I want to find a way in excel to read my core data and if its over 24 hours add an extra line to the import file for that job title.
It has been mentioned that possibly an array formula can do this but I wouldn’t know where to start with this…..Any suggestions would be much appreciated please.
The first screenshot is the core data. The second is the import example – the one in red is the one that will fail.
I have a set of data:Rows = Job TitlesColumns = MonthsValues = Budgeted hours within the monthThe hours are per month and per job title which means they can be quite high as we have more than one person in certain roles.I want to get this data into a format to import into our time and attendance software as a budget – for ease I was importing all entries on the 1st of the month. (The day of the month is irrelevant as we will be looking at this data in monthly views). To import you have to enter start date and start time, it auto calcs the end time and date, however, the system does not handle values over 24 hours as it cannot auto calc that the end date is in a different day. I want to find a way in excel to read my core data and if its over 24 hours add an extra line to the import file for that job title.It has been mentioned that possibly an array formula can do this but I wouldn’t know where to start with this…..Any suggestions would be much appreciated please.The first screenshot is the core data. The second is the import example – the one in red is the one that will fail. Read More
معالج روحاني سوبر / 849264 00.966555 / لمحبة قلب الحبيب معالج100%
معالج روحاني سوبر / 849264 00.966555 / لمحبة قلب الحبيب معالج100%
100%
معالج روحاني سوبر / 849264 00.966555 / لمحبة قلب الحبيب معالج100%100% Read More
Checking availability of functionality of LAMBDA etc. between editions/versions
After seeing desirable additions to functionality in LAMBDA under Windows, for example using BYROW(array, OR) instead of BYROW(array, LAMBDA(row_, OR(row_)), I switched to the insider’s edition on Mac. But when answering posts, I would like check what is available in the current versions and include a caveat note if necessary.
Where can I find such subtle changes in functionality documented?
After seeing desirable additions to functionality in LAMBDA under Windows, for example using BYROW(array, OR) instead of BYROW(array, LAMBDA(row_, OR(row_)), I switched to the insider’s edition on Mac. But when answering posts, I would like check what is available in the current versions and include a caveat note if necessary. Where can I find such subtle changes in functionality documented? Read More
Custom Shortpath settings for host pools now available
We are excited to announce the general availability of custom Shortpath settings at the host pool level. Now you can granularly control how RDP Shortpath is used by configuring the networking settings of a host pool through the Microsoft Azure portal or Azure PowerShell.
Benefits of updating Custom Shortpath setup at hostpool
By configuring RDP Shortpath on the host pool, you can specify which RDP Shortpath options to apply, in addition to the session host configuration. In cases where there is a conflict between the host pool and session host settings, the most restrictive setting will be enforced. For instance, if RDP Shortpath for managed networks is enabled on the session host but disabled at the host pool level, RDP Shortpath for managed networks will not function.
This enhanced granular control allows you to optimize network setup at the host pool level without making changes to the network setup. It also makes it so you no longer need to set the RDP Shortpath using Group Policy or Microsoft Intune policy at the session host level. By fine-tuning these settings, you can ensure smoother remote desktop sessions and better utilization of your network resources, leading to increased productivity and satisfaction for your end users.
How do I update the settings?
Let’s look at how to configure RDP Shortpath in the host pool networking settings using the Azure portal or PowerShell.
Note: These settings can only be configured after provisioning of the host pool. The settings will then take effect immediately for all new connections to the host pool.
In the Azure portal
Sign in to the Azure portal, then select Azure Virtual Desktop > Host pools > Your host pool > Networking > RDP Shortpath.
In PowerShell
If you don’t want to use the Azure portal, you can configure RDP Shortpath in the host pool networking settings using the Az.DesktopVirtualization PowerShell module.
To get the current RDP Shortpath settings for a host pool, run the following commands:
$parameters = @{
HostPoolName = “<HostPoolName>”
ResourceGroupName = “<ResourceGroupName>”
}
Get-AzWvdHostPool @parameters | FL ManagedPrivateUdp, DirectUdp, PublicUdp, RelayUdp
To configure RDP Shortpath, use the Update-AzWvdHostPool cdmlet. Here are some examples of commands you can run.
To leave RDP Shortpath for managed networks as the default but disable all options that use STUN or TURN, run the following commands:
$parameters = @{
Name = “<HostPoolName>”
ResourceGroupName = “<ResourceGroupName>”
ManagedPrivateUdp = “Default”
DirectUdp = “Disabled”
PublicUdp = “Disabled”
RelayUdp = “Disabled”
}
Update-AzWvdHostPool @parameters
To enable the two options for RDP Shortpath for public networks and disable the other options, run the following commands:
$parameters = @{
Name = “<HostPoolName>”
ResourceGroupName = “<ResourceGroupName>”
ManagedPrivateUdp = “Disabled”
DirectUdp = “Disabled”
PublicUdp = “Enabled”
RelayUdp = “Enabled”
}
Update-AzWvdHostPool @parameters
Helpful resources
To learn more about RDP Shortpath, see RDP Shortpath for Azure Virtual Desktop. For additional information on custom shortpath settings and configuration, see Configure RDP Shortpath for Azure Virtual Desktop.
Share your thoughts
We’ve love to hear your thoughts on custom Shortpath settings for host pools. Please leave a comment below!
Stay up to date! Bookmark the Azure Virtual Desktop Tech Community.
Microsoft Tech Community – Latest Blogs –Read More
Display row of unique values based on data validation list?
I have 2 columns (Picture provided) Column A being the starting Week Of (Date of every monday). Column B being the dates of the 7 days that account for the Week of column. So 7 duplicated date values in column A, and Column B with 7 unique date values.
Within that I have a reference for data validation of all ‘Week Of’ Dates. The goal is to have a transposed (column by column) unique identifier that whenever I select a new Week Of Date from my list, it will display the 7 days from say Column F to Column L.
So far I’ve used the TRANSPOSE & UNIQUE functions to just get a foundation of what I want to create but am not sure how to utilize a VLOOKUP or IF statement to bring this formula together.
I have 2 columns (Picture provided) Column A being the starting Week Of (Date of every monday). Column B being the dates of the 7 days that account for the Week of column. So 7 duplicated date values in column A, and Column B with 7 unique date values. Within that I have a reference for data validation of all ‘Week Of’ Dates. The goal is to have a transposed (column by column) unique identifier that whenever I select a new Week Of Date from my list, it will display the 7 days from say Column F to Column L. So far I’ve used the TRANSPOSE & UNIQUE functions to just get a foundation of what I want to create but am not sure how to utilize a VLOOKUP or IF statement to bring this formula together. Read More