Category: Microsoft
Category Archives: Microsoft
Azure Database Migration Service consistent snapshot without locks (Preview)
Azure Database Migration Service (DMS) now offers preview support for consistent snapshot without locks, which can help businesses migrate their databases to Azure while the databases remain operational. With this feature, users can take a consistent snapshot of a MySQL server without losing data integrity at source.
When MySQL Consistent Snapshot without locks is enabled, after the initial load, a reconciliation phase occurs to ensure that the data written to the target is transactionally consistent with the source server from a specific position in the binary log.
Using this feature, there’s no need to take a read lock on the server, as tables are read at different points in time as the different binlog positions of each table are tracked. As a result, it’s possible to reconcile the tables near the end of the initial load by performing replication in catchup mode to ensure a consistent snapshot.
For more information about feature benefits and limitations, see the blog post Public Preview announcement – Azure DMS consistent snapshot without locks.
Thank you!
Microsoft Tech Community – Latest Blogs –Read More
Monthly news – June 2024
Microsoft Defender XDR
Monthly news
June 2024 Edition
This is our monthly “What’s new” blog post, summarizing product updates and various new assets we released over the past month across our Defender products. In this edition, we are looking at all the goodness from May 2024.
Legend:
Product videos
Webcast (recordings)
Docs on Microsoft
Blogs on Microsoft
GitHub
External
Improvements
Previews / Announcements
Unified Security Operations Platform: Microsoft Defender XDR & Microsoft Sentinel
Host Microsoft Defender data locally in Switzerland. We are pleased to announce that local data residency support in Switzerland is now generally available for Defender for Endpoint and Defender for Identity.
Create custom detections that include both Microsoft Sentinel and Defender XDR data. With the Unified Security Operations Platform, you are now able to create a customizable detection to look across both Microsoft Sentinel and Defender XDR data, without requiring any additional ingestion, via Custom detections. You will no longer have to duplicate data across both environments to ensure you are capturing what is necessary. Analytics rules will continue to work on any data ingested into Microsoft Sentinel. Learn more in our documentation.
Advanced hunting query API via Graph API is now available for log analytics data!
A new optional parameter “timespan” for the Graph API was added and allows you to query your log analytics data for any lookback time, not only for 30 days. This new parameter is not yet documented, but will get added to this link.
SOC optimization: unlock the power of precision-driven security management.
A new experience and API is currently in public preview – Microsoft Sentinel’s SOC Optimization, designed to empower security teams with precision-driven management capabilities. Read the announcement blog, and watch the webinar with a live demo.
New Ninja show episodes:
New Defender XDR Copilot for Security Capabilities: Tune into this episode to learn the latest advancements, now available in the April release of Copilot for Security GA. We dive into the notable enhancements and new features, such as Guided Response for all incident types, comprehensive device and file summaries, end-user communications, and much more.
Answering Your Questions: Attack Disruption Explained: Attack Disruption is an automated response feature, designed to contain an ongoing attack quickly and effectively by leveraging high-confidence signals from both Microsoft Defender and non-Microsoft products. This episode addressees the most frequently asked questions about Attack Disruption and shares clarifications on its functionality.
Microsoft Security Exposure Management
Respond to trending threats and adopt zero-trust with Exposure Management.
This blog post shares updates to Security Initiatives and also gives a heads up about a few updates to attack path analysis.
Microsoft Security Experts
A BlackByte Ransomware intrusion case study.
This blog details an investigation into a ransomware event. During this intrusion the threat actor progressed through the full attack chain, from initial access through to impact, in less than five days, causing significant business disruption for the victim organization.
Recover an Active Directory Certificate Services (ADCS) platform from compromise.
This blog describes comprehensive backup and restore strategies for ensuring swift recovery and restoration of essential certificate services following a cyberattack or data breach.
Hunting for MFA manipulations in Entra ID tenants using KQL.
This blog describes how to use Kusto Query Language (KQL) to parse and hunt for MFA modifications in Microsoft Entra audit logs. By the end of this blog, you will have a better understanding of how to track MFA changes in compromised tenants using KQL queries and how to improve your cloud security posture.
Microsoft Defender Experts Services Expanded Coverage Upcoming Preview.
The upcoming preview of our Defender Experts services expanded coverage scheduled for June 2024 extends the capabilities to include customers’ cloud estates with servers and virtual machines running in Microsoft Azure and on-premises via Defender for Servers in Microsoft Defender for Cloud. In addition, our coverage will utilize third-party network signals to enhance investigations, create more avenues to generate leads for comprehensive threat hunting, and accelerate response earlier in the attack chain.
Microsoft Defender for Endpoint
Simplify triage with the new Alert Timeline.
This blog introduces the latest feature to our rich reporting feature set – the alert timeline – a new view that minimizes the time needed for triage and investigation without compromising the quality of analysis.
Offline Security Intelligence Update is now generally available.
Organizations can now update security intelligence (also referred to as “signatures”) on Linux endpoints with limited or no exposure to the internet using a local hosting server. Details in this blog.
Update: The Microsoft Defender for Endpoint plug-in for Windows Subsystem for Linux (WSL) is generally available as of 05/23/2024. Details in this blog.
Update: The streamlined device connectivity experience is generally available as of 5/8/2024. Details in this blog.
Microsoft Defender for Identity
Easily detect CVE-2024-21427 with Defender for Identity.
This blog details the new activity added to the Advanced Hunting experience in the Defender portal which can help you spot potential attempts to exploit this vulnerability.
Microsoft Defender for Cloud Apps
App Governance capabilities are now available in GCCH & DoD. App Governance capabilities in Defender for Cloud Apps are now available to opt-in in GCCH& DoD – go ahead and enable it to increase your app protection.
Defender for Cloud Apps now provides new in-browser protection capabilities via Microsoft Edge to enable security teams to seamlessly manage how a user can interact with in-app data based on their risk profile. The in-browser protection removes the need for proxies, improving both security and productivity, based on session policies that are applied directly to the browser. Details in this blog.
Microsoft Defender for Office 365
Automated responses to users via Automated Investigation and Response (AIR) is now generally available. Details in this blog.
Enhanced Response Action Experience from Threat Explorer.
You can now take multiple actions at the same time on messages via Threat Explorer. This feature makes it easier and faster for SecOps to deal with email threats by giving you logical grouping of actions, contextual availability of actions, and support for tenant level block URLs and files. Details in this blog.
Email Protection Basics in Microsoft 365 Part Five: Mastering Overrides.
This blog is the fifth and final part of the “email protection basics” blog series, and it covers the different overrides, why you may need them, and why it isn’t a good idea to keep them permanently.
Microsoft Security Blogs
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps.
Microsoft discovered a high impact vulnerability pattern found in popular Android applications that a malicious app can leverage along with an advanced & previously to compromise vulnerable apps on the same device, potentially leading to account credentials, tokens, sensitive data.
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware.
Microsoft Threat Intelligence has observed Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks that led to malware like Qakbot followed by Black Basta ransomware deployment.
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks.
Moonstone Sleet is observed to set up fake companies and job opportunities to engage with potential targets, employ trojanized versions of legitimate tools, create a malicious game, and deliver a new custom ransomware.
Microsoft Tech Community – Latest Blogs –Read More
Create Dynamic User Group from Dynamic Device Group
Our organization has both Corporate and Personal devices within Intune. When setting up Apps, the Managed App section of the device shows too many of the same app since they are assigned to All Users. (iOS store app vs iOS volume purchase program app)
Is there a way that when a user enrolls their device, they can be added to a dynamic user group based on the device group the device is enrolled in?
Our organization has both Corporate and Personal devices within Intune. When setting up Apps, the Managed App section of the device shows too many of the same app since they are assigned to All Users. (iOS store app vs iOS volume purchase program app) Is there a way that when a user enrolls their device, they can be added to a dynamic user group based on the device group the device is enrolled in? Read More
transition customer M365 E5 subscription from PAGY (annual term) to CSP NCE
Hi, we are looking to onboard a customer in CSP (we are direct CSP). Currently they are transacting via PAYG and recently bought M365 E5 licenses on annual term (monthly pay). If we were to migrate their subscription to CSP NCE, I think customer may need to cancel the PAYG terms. Question is whether customer will incur any penalty for cancelling the PAYG early with MS, as they would like to migrate to CSP.
Hi, we are looking to onboard a customer in CSP (we are direct CSP). Currently they are transacting via PAYG and recently bought M365 E5 licenses on annual term (monthly pay). If we were to migrate their subscription to CSP NCE, I think customer may need to cancel the PAYG terms. Question is whether customer will incur any penalty for cancelling the PAYG early with MS, as they would like to migrate to CSP. Read More
Wrap single line text in the Title Column so that it breaks while maintaining hover/single click.
Initial ask:
Currently, my “Title” column is clickable. The double click of the item in that column allows my powerapp to open and all functions correctly. Is it possible to use a single click rather than a double click to open the powerapp from clicking the item (in the Title Column)?
More details:
When you add any kind of text wrapping in the Title column it loses the “hover to show underline” and single click capabilities. As soon as I add any kind of text wrapping JSON in my Column format settings the items in that Column can still be clicked, but it doesn’t hover and underline, and it only opens on a double click.
Is there a way to maintain the hover over title of item (becomes underlined) and then a single click to open the PowerApp? If it is wrapped I can still double click to get into the PowerApp details, but this is problematic for the functionality of my users. Not having the rollover to show the user that it is “clickable” and then having it retain it’s “single click” ability is a bit of a deal breaker for me with this App. Do you know of any SharePoint list formatting tricks I can use to have both the text wrapping functionality and the rollover/single click capabilities as well?
Initial ask:Currently, my “Title” column is clickable. The double click of the item in that column allows my powerapp to open and all functions correctly. Is it possible to use a single click rather than a double click to open the powerapp from clicking the item (in the Title Column)? More details:When you add any kind of text wrapping in the Title column it loses the “hover to show underline” and single click capabilities. As soon as I add any kind of text wrapping JSON in my Column format settings the items in that Column can still be clicked, but it doesn’t hover and underline, and it only opens on a double click. Is there a way to maintain the hover over title of item (becomes underlined) and then a single click to open the PowerApp? If it is wrapped I can still double click to get into the PowerApp details, but this is problematic for the functionality of my users. Not having the rollover to show the user that it is “clickable” and then having it retain it’s “single click” ability is a bit of a deal breaker for me with this App. Do you know of any SharePoint list formatting tricks I can use to have both the text wrapping functionality and the rollover/single click capabilities as well?@MarkBAndR Read More
Unable to promote virtual machine to domain controller
Hello,
We had a pre-existing physical server, which was a domain controller (10.0.0.250). I was able to promote a different physical server (10.0.0.241) to a domain controller on my network. 10.0.0.241 is now my only domain controller. It is also our only DNS server. Both of these servers are/were Server 2016 standard. 10.0.0.250 is no longer on our network. It seems 10.0.0.241 is working great.
I have purchased a new server (Server 2022 standard) and gave it an IP address of 10.0.0.240. I installed Hyper-V on it and created a virtual machine.
My virtual machine is also running Server 2022 standard and has an IP address of 10.0.0.242. Whenever I try to promote this server to a domain controller, I receive an error. I will paste this error below. It seems like I only receive this error on my virtual machine. I have reviewed my DNS settings for all of my servers and have made sure they’re set to point at 10.0.0.241. I will also attach the logs mentioned in the error message below. I can send the entire adprep log to anyone who needs it and I will provide any other information needed.
Old DC: 10.0.0.250 (Server 2016 standard – No longer on our network)
Current DC: 10.0.0.241 (Server 2016 standard)
Current hypervisor: 10.0.0.240 (Server 2022 standard)
Current VM I am trying to promote to a domain controller: 10.0.0.242 (Server 2022 standard)
*All server adapters DNS settings set to point at 10.0.0.241
*I can ping 10.0.0.241 from 10.0.0.242
*I was able to test the NPS role on 10.0.0.242. It worked without issue. It seems like all devices are talking on the network.
Failure to promote to domain controller error:
ADPrep execution failed –> Microsoft.DirectoryServices.Deployment.ADPrepLdapException: No Such Object. Server extended error: 8333. Server extended message: 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of:
‘DC=contoso,DC=com’
.
Adprep was unable to modify the security descriptor on object CN=Keys,DC=contoso,DC=com.
[Status/Consequence]
ADPREP was unable to merge the existing security descriptor with the new access control entry (ACE).
[User Action]
Check the log file ADPrep.log in the C:Windowsdebugadpreplogs20240531093839 directory for more information..
Check the log files in the C:Windowsdebugadpreplogs20240531093839 directory for detailed information.
Here is a small sample of the adprep log:
Hello, We had a pre-existing physical server, which was a domain controller (10.0.0.250). I was able to promote a different physical server (10.0.0.241) to a domain controller on my network. 10.0.0.241 is now my only domain controller. It is also our only DNS server. Both of these servers are/were Server 2016 standard. 10.0.0.250 is no longer on our network. It seems 10.0.0.241 is working great. I have purchased a new server (Server 2022 standard) and gave it an IP address of 10.0.0.240. I installed Hyper-V on it and created a virtual machine.My virtual machine is also running Server 2022 standard and has an IP address of 10.0.0.242. Whenever I try to promote this server to a domain controller, I receive an error. I will paste this error below. It seems like I only receive this error on my virtual machine. I have reviewed my DNS settings for all of my servers and have made sure they’re set to point at 10.0.0.241. I will also attach the logs mentioned in the error message below. I can send the entire adprep log to anyone who needs it and I will provide any other information needed. Old DC: 10.0.0.250 (Server 2016 standard – No longer on our network)Current DC: 10.0.0.241 (Server 2016 standard)Current hypervisor: 10.0.0.240 (Server 2022 standard)Current VM I am trying to promote to a domain controller: 10.0.0.242 (Server 2022 standard) *All server adapters DNS settings set to point at 10.0.0.241*I can ping 10.0.0.241 from 10.0.0.242*I was able to test the NPS role on 10.0.0.242. It worked without issue. It seems like all devices are talking on the network. Failure to promote to domain controller error: ADPrep execution failed –> Microsoft.DirectoryServices.Deployment.ADPrepLdapException: No Such Object. Server extended error: 8333. Server extended message: 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of:’DC=contoso,DC=com’.Adprep was unable to modify the security descriptor on object CN=Keys,DC=contoso,DC=com.[Status/Consequence]ADPREP was unable to merge the existing security descriptor with the new access control entry (ACE).[User Action]Check the log file ADPrep.log in the C:Windowsdebugadpreplogs20240531093839 directory for more information..Check the log files in the C:Windowsdebugadpreplogs20240531093839 directory for detailed information. Here is a small sample of the adprep log: The operation GUID already exists so Adprep did not attempt to rerun this operation but is continuing.[2024/05/31:09:38:40.404]Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is cn=c81fc9cc-0130-f4d1-b272-634d74818133,cn=Operations,cn=DomainUpdates,cn=System,DC=contoso,DC=com.[2024/05/31:09:38:40.405]LDAP API ldap_search_s() finished, return code is 0x20 [2024/05/31:09:38:40.405]Adprep verified the state of operation cn=c81fc9cc-0130-f4d1-b272-634d74818133,cn=Operations,cn=DomainUpdates,cn=System,DC=contoso,DC=com. [Status/Consequence]The operation has not run or is not currently running. It will be run next.[2024/05/31:09:38:40.405]Adprep was about to call the following LDAP API. ldap_search_s(). The base entry to start the search is CN=Keys,DC=contoso,DC=com.[2024/05/31:09:38:40.406]LDAP API ldap_search_s() finished, return code is 0x20 [2024/05/31:09:38:40.406]Adprep was unable to modify the security descriptor on object CN=Keys,DC=contoso,DC=com.[Status/Consequence]ADPREP was unable to merge the existing security descriptor with the new access control entry (ACE).[User Action]Check the log file ADPrep.log in the C:Windowsdebugadpreplogs20240531093839 directory for more information.[2024/05/31:09:38:40.406]Adprep encountered an LDAP error. Error code: 0x20. Server extended error code: 0x208d, Server error message: 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of:’DC=contoso,DC=com’ DSID Info:DSID: 0x180e0a0aldap error = 0x20NT BUILD: 20348NT BUILD: 2461 Read More
EXCEL SPREADSHEET TO FORM CONTACT LIST IN EMAIL
I HAVE EXCEL SPREAD SHEET WITH NAMES AND EMAIL ADDRESSES. I WANT TO MOVE THEM YO A GROUP IN MY EMAIL ACCOUNT. HOW CAN THIS BE DONE ?
I HAVE EXCEL SPREAD SHEET WITH NAMES AND EMAIL ADDRESSES. I WANT TO MOVE THEM YO A GROUP IN MY EMAIL ACCOUNT. HOW CAN THIS BE DONE ? Read More
CoPilot in everything BUT Teams!
I upgraded my business license, with the intention of getting CoPilot for Teams to help me with meeting notes and summaries. That was the big thing I wanted it for.
Of COURSE, I have Copilot in every single app EXCEPT Teams. I have attempted to update my license, ensured it’s allowed, but every time I even try the web versions of “try it on Teams” there is no CoPilot to be found. Yes, I’ve searched apps (only CP for Sales/etc show up), made sure the Admin settings allow it, and have it on every other program and Windows – but nada – nothing – in Teams, which is the ONE app I really needed it in.
It’s been over a week.
Anyone else found a solution that didn’t involve it just randomly showing up one day?
I upgraded my business license, with the intention of getting CoPilot for Teams to help me with meeting notes and summaries. That was the big thing I wanted it for. Of COURSE, I have Copilot in every single app EXCEPT Teams. I have attempted to update my license, ensured it’s allowed, but every time I even try the web versions of “try it on Teams” there is no CoPilot to be found. Yes, I’ve searched apps (only CP for Sales/etc show up), made sure the Admin settings allow it, and have it on every other program and Windows – but nada – nothing – in Teams, which is the ONE app I really needed it in. It’s been over a week. Anyone else found a solution that didn’t involve it just randomly showing up one day? Read More
Bookings not honoring existing “busy” time in staff member’s Outlook calendar
We have a user who is having difficulty with a group bookings calendar. When users make reservations where she is the “staff” member, it is not honoring her personal Outlook calendar’s busy times. We have verified that beyond a shadow of a doubt that the “Events on Office calendar affect availability” setting is enabled for her. We have tried disabling/re-enabling the setting, and it’s simply not honoring the setting. Her personal events are marked as “Busy” on her calendar, and Microsoft has already confirmed that “something is wrong” because it’s not doing what it should be. Basically, there’s no argument from Microsoft’s end that something is wrong.
However, we’ve had this open ticket with Microsoft for nearly a month now, and as usual I’m/we’re experiencing the usual “Tier 1 Support Runaround” awesomeness that I know and love from Microsoft support. The end user has been on several support calls now where they’re doing the exact same troubleshooting each time (loading the page, generating a .HAR log) and it’s going nowhere. An engineer was supposed to be on the last two calls that were scheduled and they had to cancel each one, and frankly I can’t subject the end user to any more of this as she’s extremely busy and it doesn’t seem to be specific to her anyway. This is clearly a backend issue so I don’t know what more they want from us or what they expect to see just looking at the interface / the same logs over and over.
So that’s why I’m here. Has anyone experienced this issue with Bookings and what did you do to fix it, because Microsoft appears to be out of ideas?!
We have a user who is having difficulty with a group bookings calendar. When users make reservations where she is the “staff” member, it is not honoring her personal Outlook calendar’s busy times. We have verified that beyond a shadow of a doubt that the “Events on Office calendar affect availability” setting is enabled for her. We have tried disabling/re-enabling the setting, and it’s simply not honoring the setting. Her personal events are marked as “Busy” on her calendar, and Microsoft has already confirmed that “something is wrong” because it’s not doing what it should be. Basically, there’s no argument from Microsoft’s end that something is wrong. However, we’ve had this open ticket with Microsoft for nearly a month now, and as usual I’m/we’re experiencing the usual “Tier 1 Support Runaround” awesomeness that I know and love from Microsoft support. The end user has been on several support calls now where they’re doing the exact same troubleshooting each time (loading the page, generating a .HAR log) and it’s going nowhere. An engineer was supposed to be on the last two calls that were scheduled and they had to cancel each one, and frankly I can’t subject the end user to any more of this as she’s extremely busy and it doesn’t seem to be specific to her anyway. This is clearly a backend issue so I don’t know what more they want from us or what they expect to see just looking at the interface / the same logs over and over. So that’s why I’m here. Has anyone experienced this issue with Bookings and what did you do to fix it, because Microsoft appears to be out of ideas?! Read More
MVP’s Favorite Content: MS Learn Plan, Blogs, SQL, Windows
In this blog series dedicated to Microsoft’s technical articles, we’ll highlight our MVPs’ favorite article along with their personal insights.
Masayuki Mokudai (もくだいさん), M365 MVP, Japan
Overview of Plans on Microsoft Learn | Microsoft Learn
“When you want to share the knowledge you’ve gained from your actual work with your colleagues or juniors, you might feel that “The learning modules designed for Microsoft’s MCP preparation lack certain things and contain unnecessary information.” You can resolve the gap between the exam prep learning modules and the knowledge required for your company’s tasks by creating your own learning modules. Combine existing [modules] to clearly identify the learning outcomes needed for your learners and create a learning plan by combining modules into the smallest possible units to enhance the learners’ sense of accomplishment.”
(In Japanese: 実業務で得た知識を同僚や後輩に伝えたい場合に「マイクロソフトのMCP対策用の学習モジュールだと、アレも足りない、これは不要」と感じたことがあると思います。試験対策の学習モジュールと自社の業務に必要な知識のズレは自分で学習モジュールを作成することで解決することができます。既存の [モジュール] を組み合わせて学習者に必要な学習成果を明確にし、できるだけ小さい単元でモジュールを組み合わせることで、学習者の達成感を高めるための学習プランをあなたが作成してください。)
*Relevant Blog: 学習支援者向け、Microsoft Learn の Plan を使って学習コンテンツをまとめよう – もくだいさんのOffice365至高のレシピ (mokudai.jp)
James van den Berg, Cloud and Datacenter Management MVP, Netherlands
Blogs – Microsoft Community Hub
“I like to read the Microsoft Tech community Blog every day and read about all the New Microsoft features for the community made by Microsoft. Learning but also trying the new features yourself.
I like Azure Hybrid and working with Azure Arc services for Hybrid IT Management.”
*Relevant Blog: Add Kubernetes Cluster to Microsoft Azure Arc #Containers #AzureHybrid | Cloud and Datacenter Management Blog (wordpress.com)
Sergio Govoni, Data Platform MVP, Italy
Introducing data virtualization with PolyBase – SQL Server | Microsoft Learn
“Recently I had the opportunity to configure a maintenance plan for a SQL Server database with external tables and external data source for PolyBase queries. The maintenance plan has been completed with the error “The object Update Statistics isn’t supported on External Table”. I decided to developed the stored procedure sp_drop_create_stats_external_table that can generate all the T-SQL statements for drop and create statistics that can be used in the maintenance plan. From the maintenance plan prospective, CREATE and DROP STATISTICS statements can be stored on a temporary table or working table and executed separately. DROP STATISTICS statements can be executed before the maintenance statistics task and afterward the CREATE STATISTICS statements.”
*Relevant Blog:
– English:
How to maintain SQL Server statistics on PolyBase external table | by Sergio Govoni | CodeX | Medium
– Italian: Aggiornamento statistiche SQL per database che contengono External Table PolyBase – UGISS
Tomokazu Kizawa, Windows and Devices MVP, Japan
Update release cycle for Windows clients – Windows Deployment | Microsoft Learn
“The Windows 11 release cycle has been adjusted several times to ensure efficient and timely delivery to the market. There are various update patterns and methods, ranging from monthly security patches to major annual updates. Additionally, technical terms like “‘A’ release” and “‘C’ release” are often used, which can sometimes be confusing. This article provides a detailed explanation of when and what updates are released for Windows clients. It’s beneficial for both corporate IT administrators and individual users.”
(In Japanese: Windows 11のリリースサイクルは、市場への効率的かつタイムリーな提供を目指して何度か変更されています。毎月リリースされるセキュリティパッチの適用から、年に一度の大規模更新まで、様々なパターンの更新タイミングや方法が存在します。また、一般的に「Aリリース」や「Cリリース」などの専門的な用語が使われることもあり、理解が難しくなることがあります。この記事では、Windowsクライアントにおいて、どのタイミングでどのようなアップデートがリリースされるかを詳しく解説しています。企業のIT管理者だけでなく、個人ユーザーにとっても非常に有益な内容です。)
*Relevant Video: 第728回 これでわかった!Windows 11のリリースサイクル (2024/4/29) (youtube.com)
Microsoft Tech Community – Latest Blogs –Read More
New Learning Paths Released for Marketplace and Partner Center
We have released 3 new learning paths to help you better support your partners and customers with their Partner Center and marketplace needs:
Mastering the Marketplace Fundamentals This learning path provides what you need to get started publishing offers to the Azure Marketplace or helping your partners get their offers onto the marketplace. Learn everything from how the marketplace can drive business for both ISVs and Microsoft to getting started publishing an offer.
Courses include:
Azure Marketplace QuickStart
Getting Started in the Microsoft Commercial Marketplace
Azure Marketplace Incentive Programs
Choosing your Azure Marketplace offer type
Setting up a new marketplace offer
Marketplace Billing and Payouts
Mastering the Marketplace for Developers This technology-focused Learning Path covers all offer types relevant to the Azure Marketplace. Each course takes you through a specific offer type from start to finish, giving you the skills needed to advise ISVs on technical implementation.
Courses include:
Developing SaaS offers for the Azure Marketplace
Developing SaaS offers with the SaaS Accelerator
Developing Virtual Machine offers for the Azure Marketplace
Developing Container offers for the Azure Marketplace
Developing Managed Applications for the Azure Marketplace
Mastering Partner Center The Partner Center portal is where publishers start, manage, and grow their marketplace experience. This course offers an introduction to the portal and covers foundational topics to get you started on a path to successfully using the tool.
Courses include:
Getting started with Partner Center
Navigating Partner Center accounts and identifiers
Verifying account details in Partner Center
Setting up a tax profile in Partner Center
Setting up a payout profile in Partner Center
Role-based access control in Partner Center
Providing information common to all offer types in Partner Center
Creating SaaS offers in Partner Center
We have released 3 new learning paths to help you better support your partners and customers with their Partner Center and marketplace needs:
Mastering the Marketplace Fundamentals This learning path provides what you need to get started publishing offers to the Azure Marketplace or helping your partners get their offers onto the marketplace. Learn everything from how the marketplace can drive business for both ISVs and Microsoft to getting started publishing an offer.
Courses include:
Azure Marketplace QuickStart
Getting Started in the Microsoft Commercial Marketplace
Azure Marketplace Incentive Programs
Choosing your Azure Marketplace offer type
Setting up a new marketplace offer
Marketplace Billing and Payouts
Mastering the Marketplace for Developers This technology-focused Learning Path covers all offer types relevant to the Azure Marketplace. Each course takes you through a specific offer type from start to finish, giving you the skills needed to advise ISVs on technical implementation.
Courses include:
Developing SaaS offers for the Azure Marketplace
Developing SaaS offers with the SaaS Accelerator
Developing Virtual Machine offers for the Azure Marketplace
Developing Container offers for the Azure Marketplace
Developing Managed Applications for the Azure Marketplace
Mastering Partner Center The Partner Center portal is where publishers start, manage, and grow their marketplace experience. This course offers an introduction to the portal and covers foundational topics to get you started on a path to successfully using the tool.
Courses include:
Getting started with Partner Center
Navigating Partner Center accounts and identifiers
Verifying account details in Partner Center
Setting up a tax profile in Partner Center
Setting up a payout profile in Partner Center
Role-based access control in Partner Center
Providing information common to all offer types in Partner Center
Creating SaaS offers in Partner Center Read More
search text inside multiple opened documents
I opened 10 different MS word documents
Now I’m searching some text to get on that point
but MS word does not allow to search text on all opened files together (Ctrl+F)
So how do i work on this task.
I opened 10 different MS word documentsNow I’m searching some text to get on that pointbut MS word does not allow to search text on all opened files together (Ctrl+F)So how do i work on this task. Read More
New Outlook: MAPI / Exchange
Can anyone help please?
I’ve recently updated to Windows 11 and installed Outlook New 365. I was previously using Outlook 2013 on Windows 10 but it stopped working one day.
Outlook New is great but I’m missing the syncronising of Contacts and Calendar (and Notes) with my iPhone. I’ve imported contacts from my iPhone using a csv file. I use webmail for calendar. Thgis is neither elegant or ideal.
Researching this on Google I find this is becauase I am connecting to my Giacom Exchange server via MAPI. My understanding is this is the only way I can connect to this service.
So the first question is when will Outlook New / Microsoft allow connection via my Exchange providor? Giacom do not have an answer to this.
The second question is there any sort of workaround?
BTW, in case you can’t detect from the language I’m not high tech. So simple language replies would be appreciated. Thanks in advance.
Can anyone help please? I’ve recently updated to Windows 11 and installed Outlook New 365. I was previously using Outlook 2013 on Windows 10 but it stopped working one day. Outlook New is great but I’m missing the syncronising of Contacts and Calendar (and Notes) with my iPhone. I’ve imported contacts from my iPhone using a csv file. I use webmail for calendar. Thgis is neither elegant or ideal. Researching this on Google I find this is becauase I am connecting to my Giacom Exchange server via MAPI. My understanding is this is the only way I can connect to this service. So the first question is when will Outlook New / Microsoft allow connection via my Exchange providor? Giacom do not have an answer to this. The second question is there any sort of workaround? BTW, in case you can’t detect from the language I’m not high tech. So simple language replies would be appreciated. Thanks in advance. Read More
Can not use ADFS Extranet Smart Lockout with non-claims-aware application
Based on my tests, ADFS does not register the original client IP, if the client logs on to a non-claims-aware application published by the Web Application Proxy.
In this case, the AD FS Auditing event ID 1200 shows only the WAP server’s IP:
<Component xsi:type=”RequestAuditComponent”>
<Server>http://<adfs server fqdn>/adfs/services/trust</Server>
<AuthProtocol>MSISActive</AuthProtocol>
<NetworkLocation>Extranet</NetworkLocation>
<IpAddress>10.9.40.84</IpAddress>
<ForwardedIpAddress />
<ProxyIpAddress>N/A</ProxyIpAddress>
<NetworkIpAddress>N/A</NetworkIpAddress>
<ProxyServer>WAP</ProxyServer>
<UserAgentString>N/A</UserAgentString>
<Endpoint>/adfs/proxy/relyingpartytoken</Endpoint>
</Component>
If a client from the same IP logs on to a claims aware way published application the IpAddress and ForwardedIpAddress fields are containing the original client IP and the load balancer’s IP sitting before the WAP:
<Component xsi:type=”RequestAuditComponent”>
<Server>http://<adfs server fqdn>/adfs/services/trust</Server>
<AuthProtocol>WSFederation</AuthProtocol>
<NetworkLocation>Extranet</NetworkLocation>
<IpAddress>93.33.65.135,10.9.40.40</IpAddress>
<ForwardedIpAddress>93.33.65.135,10.9.40.40</ForwardedIpAddress>
<ProxyIpAddress>N/A</ProxyIpAddress>
<NetworkIpAddress>N/A</NetworkIpAddress>
<ProxyServer>ORFK-WAP02</ProxyServer>
<UserAgentString>Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0</UserAgentString>
<Endpoint>/adfs/ls/</Endpoint>
</Component>
Consequently, after a successful logon to this non-claims-aware application the WAP IP will be registered as a FamiliarIp in ADFS, and any further logon attempt will be counted as a familiar authentication even if it’s coming from an attackers IP, since the original client IP remains hided for the ADFS ESL service.
Maybe I misconfigured something, or should it be by design?
Any help appreciated.
Best Regards, Mike
Based on my tests, ADFS does not register the original client IP, if the client logs on to a non-claims-aware application published by the Web Application Proxy.In this case, the AD FS Auditing event ID 1200 shows only the WAP server’s IP: <Component xsi:type=”RequestAuditComponent”> <Server>http://<adfs server fqdn>/adfs/services/trust</Server> <AuthProtocol>MSISActive</AuthProtocol> <NetworkLocation>Extranet</NetworkLocation> <IpAddress>10.9.40.84</IpAddress> <ForwardedIpAddress /> <ProxyIpAddress>N/A</ProxyIpAddress> <NetworkIpAddress>N/A</NetworkIpAddress> <ProxyServer>WAP</ProxyServer> <UserAgentString>N/A</UserAgentString> <Endpoint>/adfs/proxy/relyingpartytoken</Endpoint> </Component>If a client from the same IP logs on to a claims aware way published application the IpAddress and ForwardedIpAddress fields are containing the original client IP and the load balancer’s IP sitting before the WAP: <Component xsi:type=”RequestAuditComponent”> <Server>http://<adfs server fqdn>/adfs/services/trust</Server> <AuthProtocol>WSFederation</AuthProtocol> <NetworkLocation>Extranet</NetworkLocation> <IpAddress>93.33.65.135,10.9.40.40</IpAddress> <ForwardedIpAddress>93.33.65.135,10.9.40.40</ForwardedIpAddress> <ProxyIpAddress>N/A</ProxyIpAddress> <NetworkIpAddress>N/A</NetworkIpAddress> <ProxyServer>ORFK-WAP02</ProxyServer> <UserAgentString>Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0</UserAgentString> <Endpoint>/adfs/ls/</Endpoint> </Component>Consequently, after a successful logon to this non-claims-aware application the WAP IP will be registered as a FamiliarIp in ADFS, and any further logon attempt will be counted as a familiar authentication even if it’s coming from an attackers IP, since the original client IP remains hided for the ADFS ESL service.Maybe I misconfigured something, or should it be by design?Any help appreciated.Best Regards, Mike Read More
Conditional formatting across multiple columns
Hi
Is there a way that you can do conditional formatting across 4 columns but 1 row?
I have got a spreadsheet that has got 4 different projects on, with date columns, and I want to highlight if any of the projects in the same row have got the same date:
I have tried doing the COUNTIF, CONCAT formulas etc, and they are not what I need. I need exactly what is on the screen here. Just to show duplicate dates that are in the same row.
I would be very grateful if someone has got an answer!
Thanks in advance.
Maggie
Hi Is there a way that you can do conditional formatting across 4 columns but 1 row?I have got a spreadsheet that has got 4 different projects on, with date columns, and I want to highlight if any of the projects in the same row have got the same date: I have tried doing the COUNTIF, CONCAT formulas etc, and they are not what I need. I need exactly what is on the screen here. Just to show duplicate dates that are in the same row. I would be very grateful if someone has got an answer! Thanks in advance.Maggie Read More
Nested 23H2 cluster deployment stuck in “Resolve requirement”
Hi all,
I’m breaking my head over this. Every time I deploy new cluster it’s always stuck in Resolve requirement. It was fine before but there is no way now to move from it. Host 1 restarts after 15min of deployment and then all goes quiet and finally cluster deployment fails. Anybody any idea?
Hi all,I’m breaking my head over this. Every time I deploy new cluster it’s always stuck in Resolve requirement. It was fine before but there is no way now to move from it. Host 1 restarts after 15min of deployment and then all goes quiet and finally cluster deployment fails. Anybody any idea? Read More
Limited-access user permission lockdown mode disabling impact on SharePoint online site function?
Hi,
On one site, user unable to share folders because of “Limited-access user permission lockdown mode” feature is enabled.
And I do see “SharePoint Server Publishing Infrastructure” enabled hence “Limited-access user permission lockdown mode” is also enabled.
So, if now I disable “Limited-access user permission lockdown mode” feature then what would be the actual impact on the SharePoint online site.
Please suggest.
Hi,On one site, user unable to share folders because of “Limited-access user permission lockdown mode” feature is enabled.And I do see “SharePoint Server Publishing Infrastructure” enabled hence “Limited-access user permission lockdown mode” is also enabled. So, if now I disable “Limited-access user permission lockdown mode” feature then what would be the actual impact on the SharePoint online site.Please suggest. Read More
Purview Glossary Template – Custom template selection always includes default template attributes
I created a glossary. for the glossary term, I create a new custom template in purview. I also create a few attributes in it. I have a csv file with details for these attributes.
When I try to upload the csv the default template is selected by default and the selection includes all default template attributes. is this the default behavior or can i select just the custom template and its attributes. do I have to have a csv that has the default template attributes along with the custom template attributes that i created ?
the picture below shows both selected, i am not able to unselect or deselect the default template.
Hope my description makes sense. can someone shed some light and provide any documentation.
I created a glossary. for the glossary term, I create a new custom template in purview. I also create a few attributes in it. I have a csv file with details for these attributes. When I try to upload the csv the default template is selected by default and the selection includes all default template attributes. is this the default behavior or can i select just the custom template and its attributes. do I have to have a csv that has the default template attributes along with the custom template attributes that i created ? the picture below shows both selected, i am not able to unselect or deselect the default template. Hope my description makes sense. can someone shed some light and provide any documentation. Read More
FAQ: “Resell through CSPs” and option to change after publishing
Q: If a partner chooses the option to “Resell through CSPs” – can they switch to another option after publishing?
A: Once an offer is made available to all/any CSPs, ISVs cannot opt-out or scope it down to specific CSPs. If the offer opted-out or is made available to specific CSPs, ISVs can always expand it to all CSPs.
Here are the supported switches:
(1) No CSP –> Specific CSPs
(2) No CSP –> Any/All CSPs
(3) Specific CSPs –> Any/All CSPs
These are not supported:
(1) Any/All CSPs –> No CSPs
(2) Any/All CSPs –> Specific CSPs.
Q: If a partner chooses the option to “Resell through CSPs” – can they switch to another option after publishing?
A: Once an offer is made available to all/any CSPs, ISVs cannot opt-out or scope it down to specific CSPs. If the offer opted-out or is made available to specific CSPs, ISVs can always expand it to all CSPs.
Here are the supported switches:
(1) No CSP –> Specific CSPs
(2) No CSP –> Any/All CSPs
(3) Specific CSPs –> Any/All CSPs
These are not supported:
(1) Any/All CSPs –> No CSPs
(2) Any/All CSPs –> Specific CSPs.
How do I Monitor my LLM Chatbot?
Earlier posts in this series:
Part 1: Is my Chatbot Ready for Production? – A 10,000 foot overview to LLMOps
Part 2: How do I Evaluate my LLM Chatbot? – A guide to different LLM chatbot evaluation techniques and how to implement them
The LLMOps journey does not end when an application is deployed to Production. Continuous monitoring is needed to ensure security and performance and is crucial to a successful LLM powered app. For this blog, think of monitoring as visibility into application and user behavior in near real-time while the application is in Production.
Foremost, monitoring is an important mechanism in application defense. There are many common attacks that an adversary or even an unassuming user can leverage to coax an AI into doing something outside of its guardrails. Attacks such as prompt injection and jailbreaking can lead to data leaks or other unplanned chatbot behaviors. Screening for these events (and taking action) in near-real time is the most effective way to prevent these behaviors.
Another reason to implement a robust monitoring system is to improve customer experience. Among other things, a monitoring system can be used to identify bottlenecks causing latency, compare actual usage to expected usage, and log user inputs and generated outputs for future analysis (Be on the lookout for Part 4 in this series – a deeper dive on Feedback!).
Monitor for Security
Monitoring for security for your LLM powered chatbot can be as simple as adding a step or two to your orchestration. Whether using LangChain, Semantic Kernel, Promptflow, or something else entirely, executing an intelligent and fast method before revealing responses to users could make all the difference.
For example, Azure Content Safety is a free, lightweight, and constantly updated tool to use in these situations. Specifically, PromptShield uses a custom language model to detect adversarial user inputs or documents with hidden embedded instructions. Check out this sample repository that uses Promptflow + PromptShield to identify attacks… adding only 145 ms to the workflow! On top of PromptShield, Content Safety also allows for implementation of custom Blocklists for custom text moderation and levers to for screening generative output in additional categories. (Read more about Content Safety here)
Profile stats for a Sample RAG Chatbot, with PromptShield as the final step
Another potential area to monitor is model output hallucinations. Incorporating a call to RAGAS’s faithfulness metrics or Vectara’s Hughes Hallucination Detection model is a low latency way to identify potential hallucinations as they happen. This unlocks the ability to warn a user of a potential inaccuracy or hide the output from the user altogether, then log the pattern and take corrective action to improve the model.
Monitor for Performance
Techniques for monitoring performance vary slightly depending on the setup of the LLM powering the chatbot. However, the core goal remains the same – ensuring high end user satisfaction by delivering a low latency solution and collecting production input and output data to drive future improvement.
If using a Model-as-a-Service type architecture, (such as Azure OpenAI) using an API Manager to direct traffic is important to avoid dreaded 429 errors. At scale, a Circuit Breaker architecture is the best way to ensure good user experience. For data collection, logging inputs and outputs to a NoSQL datastore such as CosmosDB, or to a storage bucket is a good way to save results for analysis.
Circuit Breaker Architecture in the Context of APIM + AOAI
If using a Model-as-a-Platform type architecture (i.e. Running the model on VMs in your own environment) Azure Machine Learning Managed Online Endpoints can take care of data collection out of the box. Model Data Collection will monitor inputs, outputs, and other metadata for each request, then write that data to a bucket for cheap storage until the data is used later.
In both cases, plugging the solutions into Azure Monitor + Metrics is the most effective way to track standard metrics such as Requests per minute, CPU/GPU utilization, CPU/GPU Memory utilization, errors, disk utilization, and others.
Azure Monitor Sample Reference Architecture
In summary, monitoring is an important part of the LLMOPs process, but it does not need to be overbearing. The right amount of monitoring will strike a perfect balance between securing the application and enabling a positive user experience.
Microsoft Tech Community – Latest Blogs –Read More