Category: Microsoft
Category Archives: Microsoft
Facebook ads templates
Hi,
I was about to create a Facebook carusel ad for Microsoft Purview when I though, maybe this does already exist in the partner resource group 🙂 ?
Hi, I was about to create a Facebook carusel ad for Microsoft Purview when I though, maybe this does already exist in the partner resource group 🙂 ? Read More
Video white Tint Glitch issue (still not fixed after all these updates).
Hi. i am facing this weird white tint issue since ages. it can be fixed by disabled hardware/graphics acceleration but i need that GPU acceleration. So why this tint issue never got fixed with GPU drivers..?!
i attached video regarding this issue. look closely. Facing this issue with all video based websites (facebook, youtube, twitter etc etc)
Hi. i am facing this weird white tint issue since ages. it can be fixed by disabled hardware/graphics acceleration but i need that GPU acceleration. So why this tint issue never got fixed with GPU drivers..?! i attached video regarding this issue. look closely. Facing this issue with all video based websites (facebook, youtube, twitter etc etc) Read More
SAP Identity Management to Microsoft Entra ID Migration Guidance Now Available
We’re excited to announce that guidance for SAP Identity Management (IDM) customers planning to migrate their identity management scenarios to Microsoft Entra is now available. In a previous post, we discussed SAP ending maintenance for their identity management solution (SAP IDM) by 2030. We’ve since begun jointly developing documentation to help customers plan a seamless migration to the recommended alternative—Microsoft Entra ID. For many customers, it may be possible to get started immediately, leveraging the subscriptions that they already own with Microsoft 365 suites. Microsoft 365 enterprise suite licenses include Entra ID P1 features that will be the focus of this first round of guidance. In this post, we’ll also outline additional benefits of Microsoft Entra ID and list some key partners who can help you get started.
Continuing collaboration for enterprise security
Microsoft and SAP have a long history of collaborating to keep our customers’ organizations productive and secure—an effort especially important now as more companies have adopted hybrid work arrangements, making it possible to work from office and from home. For example, last year we announced how Microsoft Sentinel is helping organizations bring SOAR threat monitoring capabilities to their SAP environments. We continue to deepen our relationship, and now we’re extending support for SAP customers’ digital transformation and cloud adoption goals with a seamless and secure identity management solution in Microsoft Entra ID.
Today, we’re introducing the first set of guidance to migrate from SAP IDM to Entra ID. SAP customers who are using SAP IDM for cloud and on-premises applications like SuccessFactors, SAP Cloud Identity Services, or Windows Server Active Directory can begin to use Microsoft Entra features such as Conditional Access to enforce Zero Trust access policies, and automatic provisioning that ensures users have the accounts they need for their job role. For SAP IDM customers who want more guidance on advanced IAM integrations, such as with Micosoft Entra ID Governance or external IDs, for example, we’re developing additional in-depth guidance on each of those areas that will be published later this year.
Modernizing your security strategy and moving toward a Zero Trust framework is not an overnight process, so we recommend customers start their journey to adopt cloud services and gain productivity and security benefits. Therefore, we’ve included guidance for migration of the most common scenarios, including:
Authentication and single sign-on
Integrating with SAP HR systems of record
Provisioning for SAP
Provisioning for non-SAP systems
Microsoft and SAP will continue to enhance Microsoft Entra ID and deliver deeper integrations with SAP Cloud Identity Services and SAP Cloud Identity Access Governance. As new scenarios become available, we’ll provide ongoing updates to this guidance, incorporating customer and partner feedback.
Modern identity management is a strategic investment
Progressive organizations are switching to cloud-based identity solutions. Older systems, designed for on-site environments, fail to satisfy the demands of the modern cloud-first, mobile, decentralized workforce. Additionally, they can be expensive, complicated, and susceptible to security risks.
We know that multifactor authentication (MFA) and single sign–on methods can reduce password breaches by 99.9%, but the benefits of a cloud-based solution in Microsoft Entra ID extend beyond just a stronger security posture. Optimized operational efficiency allows identity teams to do more impactful work and an improved user experience makes the entire organization less frustrated. By moving to Microsoft Entra ID, the benefits of your strategic investment continue:
Support for SAP and non-SAP apps and systems—both on-premises and cloud
Rich set of APIs, SDKs, and connectors for customization
Minimized vendor footprint
Reduced costs and complexity
Help meeting identity-related requirements for GDPR, HIPAA, and ISO 27001
Modernizing identity management is key to boosting organizational security and shielding users and assets from the most common security threats. It’s more than just a cybersecurity measure; it also enhances user experience and operational efficiency. Generative AI, Zero Trust security, decentralized identity, and the flexibility to tailor access policies to exactly match your unique needs and demands offer compelling opportunities to better protect your apps and resources.
Partner network ready to help
We’ve also been working with a set of key partners to help organizations begin their migrations, including some with long-term experience in Microsoft/SAP environments.
Here are organizations with whom we’ve shared the guidance and can help get you started:
Microsoft partner
Accenture
Avanade
Campana & Schott
DXC
KPMG
Patecco
Protiviti
PwC
ObjektKultur
IB Solution
SITS
Traxion
Edgile, a Wipro company
Click here to read more about these and more partners who can help you get started.
Irina Nechaeva
General Manager, Identity and Network Access
Read more on this topic
Preparing for SAP Identity Management’s End-of-Maintenance in 2027.
Microsoft and SAP work together to transform identity for SAP customers – Microsoft Community Hub
Learn more about Microsoft Entra
Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds.
Microsoft Entra News and Insights | Microsoft Security Blog
Microsoft Entra blog | Tech Community
Microsoft Entra documentation | Microsoft Learn
Microsoft Entra discussions | Microsoft Community
Microsoft Tech Community – Latest Blogs –Read More
The guide to Microsoft Intune resources
Whether mobile or desktop, virtual or physical, in the office or out in the world, Microsoft Intune can help you secure access to your company resources and keep your workforce productive from a single pane of glass. While this is an awesome capability, it also brings some complexity with it. Customers have asked for a guide that spells out explicitly what they should do to get started with Intune. Here you’ll find the resources you need before, during, and after your Intune deployment.
“I want to…” focus on outcomes
The Intune hub page is divided up into various sections based on the most popular and most recommended activities for IT administrators working with Intune.
If you’re thinking about moving to Intune, the Iearning hub offers:
Click-through demonstrations of:
Device management
App Management
Endpoint security
Instructions on how to set up an Intune trial
Details about supported devices, operating systems, and browsers
For those ready to make a move to Intune, you’ll find:
Detailed planning instructions
Tutorials on enabling co-management for workloads managed with Configuration Manager
An explanation of cloud-native endpoints
A tutorial on building a cloud native endpoint with a virtual or physical machine
“Do this next” demos
If you’re signed up for Intune and have devices enrolled, we have specific “do this next” guides based on Microsoft expert suggestions for what to do first and questions we get most from our customers. These are click-through demonstrations that you can follow, often with the specific recommended values for common settings. These guides include:
How to set up conditional access with Microsoft Entra ID and Intune.
How to package custom Win32 Line of Business applications with Intune.
For many popular apps the process is even easier, see the overview.
How to update Windows with Intune and custom deployment rings.
See how this process can also be automated with Windows Autopatch.
How to enable Universal Print.
How to configure Autopilot for new device delivery.
As we keep adding capabilities to Intune, the list will keep growing, so we recommend you bookmark the guided demo landing page.
Helping you help your end users
Successful Intune adoption doesn’t begin and end in the IT department. To help your users enroll their devices, we’ve also revised and re-launched our Intune Adoption Kit. Customize and send these assets as part of your internal campaign to get users to manage their devices with Intune. In one file you can get:
Two customizable email templates
One customizable enrollment guide
One printable poster
These assets answer frequently asked questions and include links to online videos and demos of exactly what users will need to do to enroll their iOS/iPadOS and Android devices to Intune.
Documentation of all sizes
If you have more questions or use-cases, we have resources for almost any scenario you might come across with Intune. Our library is organized by objective, platform, industry, or scenario and is the standard for reference and in-depth explanation. To view the selection of documentation in the library, visit the Microsoft Intune documentation.
For more help
If you find yourself with a need that can’t be met by the documentation, we’ve got even more resources available to you. Our community pages have blogs and forums where you can get news, updates, and answers from peers and product engineers. The Intune Support Team on X is also a great resource.
Help from fellow professionals
We did some deep-dive interviews with IT pros who made the switch to Intune and asked them to speak to other IT pros. Hear from your peers on what it’s really like to negotiate the personal, organizational, and technical steps involved in moving to Intune—as well as what it’s like on the other side. Each interview is indexed and linked, so you can get right to the questions that matter to you most.
Find the videos on our discussion page at aka.ms/IntuneITPros.
More valuable content to come
Microsoft Intune has a very active Most Valuable Professional (MVP) community. We’re in the process of consolidating the most informative and helpful content from our MVPS and we’ll post it on this page when it’s ready. So be sure to bookmark this post to get updates. To learn more about the MVP program visit the MVP home page.
Help us help you
All these changes are meant to improve your experience in adopting Intune and configuring and managing your endpoints. If we’ve left some vital topics uncovered or you have suggestions about capabilities you’d like to see in Microsoft Intune, share them on our feedback portal. If you’re convinced, but need to make a case to decision makers or business leaders, share one of our YouTube videos with them:
Focus on outcomes with Microsoft Intune
More unified with Microsoft Intune
Microsoft Intune Makes It Possible
You can also share one of our blog series from the Microsoft Intune Blog to show why now is the time to move to cloud-native endpoint management with Intune and how to do it.
Stay up to date! Bookmark the Microsoft Intune Blog and follow us on LinkedIn or @MSIntune on X to continue the conversation.
Microsoft Tech Community – Latest Blogs –Read More
NIST CSF 2.0 – Protect (PR) – Applications for Microsoft 365 (Part 1)
The National Institute of Standards and Technology (NIST) published the first version of its Cybersecurity Framework (CSF) in 2014. Ten years later NIST released the second iteration of CSF, entitled NIST CSF 2.0. Microsoft and its partners have supported organizations in implementing the original CSF guidance, going as far as building and enhancing an assessment in Microsoft Purview Compliance Manager since 2018. This blog and series will look to apply NIST CSF 2.0 to Microsoft 365 and discuss changes from the previous publication.
It is somewhat improper to look at any particular CSF Functions in a vacuum or singular vantage point. NIST CSWP 29 (the primary document) illustrates and describes CSF Functions as “a wheel because all of the Functions relate to one another. For example, an organization will categorize assets under IDENTIFY and take steps to secure those assets under PROTECT. Investments in planning and testing in the GOVERN and IDENTIFY Functions will support timely detection of unexpected events in the DETECT Function, as well as enabling incident response and recovery actions for cybersecurity incidents in the RESPOND and RECOVER Functions. GOVERN is in the center of the wheel because it informs how an organization will implement the other five Functions.”
Therefore, despite the blog title, there will be occasional references to other CSF Functions and Categories, as well as future blogs covering other Functions. This discussion will also endeavor to focus primarily on Microsoft 365 but venture into Azure topics periodically by the nature of each solution. This blog or any subsequent blogs in the series will not be an exhaustive review of all possible applications of NIST CSF 2.0, nor exhaustive of the technologies mentioned and their abilities to manage cybersecurity risks.
As a final caveat, Amy Adams in Talladega Nights once spoke of one of the most talented individuals behind a wheel this way, “Ricky Bobby is not a thinker. Ricky Bobby is a driver.” I want to believe I might be the latter.
NIST CSF 2.0 – Protect (PR)
PR as a function is intended to cover “safeguards to manage the organization’s cybersecurity risks” and contains five Categories. The prior CSF publication included six categories, but two were significantly edited and renamed. PR.MA: Maintenance for example was mostly removed with remnants found elsewhere. Let’s first dive into PR.AA. NOTE: Text in green are excerpts from CSF documentation.
Identity Management, Authentication, and Access Control (PR.AA): Access to physical and logical assets is limited to authorized users, services, and hardware and managed commensurate with the assessed risk of unauthorized access
Identity and access are not just about directories and networks. Organizations of all sizes and industries are challenged with controlling access to digital estates that are often complex and boundaryless because of accelerated technology adoption. Microsoft Entra’s family of solutions shown below employs a variety of measures to manage access to resources limited to authorized users, services, and hardware.
To meet the spirit of NIST CSF 2.0 PR.AA and a multitude of organizational scenarios, access decisions will need to be based upon periodic and real-time risk assessment. Automated and agile solutions are also necessitated for IT and security teams to avoid the manual processes traditionally associated with granting and managing access rights. Lastly, organizations will need to begin implementing some of the lates phishing-resistant multifactor authentication approaches using FIDO2 security keys, passkey technology, and/or certificate-based authentication to meet the barrage of sophisticated identity threats.
PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization
Microsoft Entra ID (fka Azure Active Directory) can serve firstly as the management solution of identities and credentials for “authorized users” in Microsoft 365, along with other infrastructure and platforms. In the Entra ID admin center, you can create and manage user accounts, different types of groups (e.g., security groups, distribution groups), and memberships to groups for enhanced access permissions and group-based policies.
Additionally, Microsoft Entra ID Governance comes with Microsoft Entra ID P2 and enables entitlement management, a feature for managing identity and access lifecycle at scale, automating workflows, assignments, reviews, and expirations. Entitlement management is able to bundle together an “access package” consisting of resources like groups, applications, and SharePoint Online site access that users need to perform their tasks or projects. These access packages can be bound to a department, role type, internal vs external user, newly onboarded employees, etc. Lastly, organizations can automate the creation and removal of identities based on employment status, integrating with HCM or HR systems for efficient governance.
Management of “credentials of authorized users” can also include the management of a self-service password reset (SSPR) process for users. Microsoft Entra’s SSPR allows users to change or reset their password without administrator intervention but reliant on thoughtful policy. This feature is designed to reduce help desk calls and improve productivity by enabling users to unblock themselves if they forget their password or get locked out of their account. Administrators can configure the number of methods required for password reset or unlock, and users are prompted to confirm their registered information periodically.
Microsoft Entra External ID also enables internal users to collaborate with external users (guests) by inviting them to your organization, managing guest accounts in the Microsoft Entra admin center or by PowerShell, and ensuring they have appropriate access while maintaining control over your resources. External ID B2B collaboration is particularly useful for inviting external business partners to access apps and resources using their own credentials. This eliminates the need for managing new credentials, as guests authenticate with their home organization or identity provider. However, it is important to document and enforce least privilege per PR.AA-05 below for these users.
Lastly, Microsoft Entra ID allows for central management of device identities and monitoring, with features like viewing total, stale, noncompliant, and unmanaged devices. By registering and joining devices to Entra ID, organizations can enable Seamless Sign-on to both cloud-based and on-premises resources.
Cross-Function Tip: PR.AA-01 could be included in your organization’s plan for the Detect (DE) Function and Continuous Monitoring (DE.CM) Category. Changes and actions taken by administrators in the management process can be “adverse events” resulting from malicious lateral movement or compromised identities.
PR.AA-02: Identities are proofed and bound to credentials based on the context of interactions
Microsoft Entra ID Conditional Access policies can further prove the authenticity of an authorized user and their access activity, and dynamically adjust the bounds of that identity based upon various conditions. A Conditional Access policy can analyze details of a session or authentication attempt based upon conditions such as the network or location of the session, and the current identity risk of a user (leaked credentials, signs of a password spray attack, etc.) Microsoft Entra also uses industry standard continuous access evaluation (CAE) with token protection features to verify identities and assess based upon context.
During the device registration process in your organization, the user’s identity is also bound to the device based upon Microsoft Entra ID policies. Enrolled Windows devices, for example, will have an encrypted session key issued by Microsoft Entra that ensures token requests are not tampered with when a device is accessed, and subsequently Microsoft 365 applications. Other Microsoft Entra ID mechanisms are in place to prove and bound identities within device interactions, as well as prevent various types of credential theft. You can read more about them here.
For high-risk actions, organizations can require a step up proof of identity in real-time using Microsoft Entra Verified ID.
PR.AA-03: Users, services, and hardware are authenticated
Starting in 2019, Microsoft provides on-by-default multifactor authentication in all new Microsoft 365 tenants. This can be reviewed and controlled in the Microsoft Entra admin center. In addition, Microsoft started automatically rolling out “Microsoft-managed” Conditional Access policies that force an MFA action when an admin signs into the Microsoft 365 admin portal, and when any user attempts a high-risk sign-in.
You can view the policies and their impact using the new policy view user experience in Microsoft Entra. Within the portal, administrators can also review a policy summary, alerts, recommended actions, and an impact summary. Administrators can also create their own custom policies focused on certain users, groups, or roles if scenarios are not covered by the default policies automatically deployed. It is possible to clone a policy and then make changes to an existing templated policy as well to suit these needs.
Cross-Function Tip: PR.AA-03 can be included in your organization’s plan for the Detect (DE) Function and Continuous Monitoring (DE.CM) Category. Security teams can monitor authentication events using sign-in and audit logs with Microsoft Sentinel and reason over them with support from Microsoft Copilot for Security.
PR.AA-04: Identity assertions are protected, conveyed, and verified
For those less familiar with the term “identity assertion(s)”, NIST 800-63C Digital Identity Guidelines gives an explanation of this requirement in greater detail. You can define Microsoft Entra ID as an Identity Provider or IdP that can convey an assertion to a Relying Party (RP), and these “assertions are statements that contain information about a subscriber”. The RP “uses the information in the assertion to identify the subscriber and make authorization decisions about their access to resources controlled by the RP.” In other instances, Microsoft Entra ID could be considered an RP when receiving assertions from an external IdP to grant guest access to Microsoft 365.
Organizations can, as a part of Microsoft Entra ID P1 and P2, configure Microsoft Entra SAML token encryption with RP apps that support SAML assertions. This encryption ensures that the content of the token cannot be intercepted easily, and personal or corporate data remains secure. OpenID Connect (OIDC) alternatively is another method to enable single sign-on with an OAuth-enabled RP app by exchanging ID tokens issued by Microsoft Entra authentication servers. An organization can register an app in the Microsoft Entra admin center to configure both federated SSO scenarios (and others) for conveying, protecting and verifying identity assertions. It’s important to note that even without token encryption, Microsoft Entra ID already requires encrypted HTTPS/TLS channels for token exchanges, adding a layer of security.
As mentioned in PR.AA-01, eternal IdPs or external Microsoft 365 tenants can convey identity assertions to an organization through External ID. A simple invitation and redemption process lets an external party use their own credentials (via their own IdP) to access your company’s resources as the RP. Once the guest redeems their invitation or completes sign-up, they’re represented in your directory as a user object. Below is a sample flow aligned to B2B collaboration guidance, and gates 1-4 & 6 can be configured as allowable or not.
Cross-Function Tip: PR.AA-04 can be included in your organization’s plan for the Govern (GV) Function and Cybersecurity Supply Chain Risk Management (GV.SC) Category. As an organization works with various partners and suppliers, it’s important to ensure “supply chain risk management is integrated into cybersecurity and enterprise risk management”. Compromised identities from a supplier can directly impact external access and identity assertions for example.
PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties
Beyond identity, credential and authentication management covered in other AA subcategories, this subcategory can necessitate more robust written and technical policies. A solution to consider first is role-based access control (RBAC) enabled by Microsoft Intune and Microsoft Entra, which helps your organization manage who has access to internal resources and what they can do with those resources. By assigning roles to your users, you can limit what they can see and change. A built-In or custom role defines the set of permissions granted to users assigned to that role. Organizations can manage role assignments following least privilege principles to define which users are assigned to the role, resources they can see, and resources they can change.
With Microsoft Entra ID P2, Microsoft Privileged Identity Management (PIM) also allows an organization to manage, enforce, review, and incorporate least privilege and separation of duties for important administrative roles and entitlements. PIM supports a similar degree of control with groups and the associated entitlements and authorizations in Microsoft 365. From a management perspective, an approval process can be enforced to justify an elevation of a user/identity to a more privileged role and documented within PIM for later review if necessary.
Access to critical assets like sensitive data or information in Microsoft 365 may be authorize to users that do not have elevated administrative roles discussed in the previous paragraph. A user may be an analyst within a financial department, a human resources coordinator, or a junior engineer for a research and development project. Users in these roles may not have entitlements to export large quantities of data or grant entitlements to other users but are equally governed by defined written policies and technical policies administered in Microsoft Purview and Microsoft Entra.
An organization can develop Microsoft Purview sensitivity labels to manage and enforce access authorizations for files, emails, and meetings across Microsoft 365: SharePoint, Teams, PowerBI, OneDrive and more. Label policies can then restrict which users or groups of users have authorization to access the labeled content.
PR.AA-06: Physical access to assets is managed, monitored, and enforced commensurate with risk
From a Microsoft 365 perspective, there is physical access to two different types of assets:
Physical compute resources (such as servers) and networking components at Azure datacenters across the globe
Endpoints (laptop, mobile device, etc.)
According to the shared responsibility model in the cloud, a PaaS and SaaS offering like Microsoft 365 and it’s comprised solutions alleviate the responsibility of managing monitoring or enforcing access control to physical assets hosted in the Azure data center.
Azure datacenters deploy several safeguards to project physical assets, such as: video surveillance, perimeter fencing, 24×7 security officer postings with background checked personnel, locked server racks and server floors, integrated alarm systems, time and area-bound access granted through a protected ticketing system, and multi-factor access control including biometric scanning. As mentioned in the Category description of PR.AA, “logical access” to Microsoft 365 infrastructure, including customer data, is prohibited from within Microsoft datacenters. For more information about physical access security or to geek out on granular details like the material used to construct perimeter fences (spoiler – it’s steel and concrete), here is your muse.
Beyond the datacenter – laptops, mobile devices, and other endpoints can be considered a physical asset in the sense that unfettered physical access to them could create risk for an organization. The Protect (PR) Function at the highest level is defined as “safeguards to manage the organization’s cybersecurity risks”. Safeguarding endpoints as a physical asset, however, cannot be protected by fences and video surveillance realistically as you would a data center physical asset. Therefore, it is important to evoke other Categories, like Awareness and Training (PR.AT) and Data Security (PR.DS), within the PR Function to train employees to safeguard their endpoints and avoid negative impacts of a lost or stolen device. Organizations can also document this risk in your Organizational Profile and/or System Security plan.
Cross-Function Tip: The Identify (ID) Function contains a Category for Asset Management (ID.AM) that pertains to an organization’s strategy for inventorying and managing physical assets like endpoints. The lifecycle of a hardware component can include wiping and recommissioning/decommissioning previously used devices, as well as a process of remote wiping a lost or stolen machine using Microsoft Intune. Much of ID.AM pertaining to servers and network-related physical assets are managed at the Microsoft datacenter for Microsoft 365 tenants.
“You gotta learn to drive with the fear”
In this blog we covered all of the PR.AA Subcategories, where they apply to Microsoft 365, and how Microsoft solutions address each applicable element. This coverage is not comprehensive of all risk or all strategies; yet, the intent is to prime your organization’s approach. Subsequent blogs will explore other Categories within the Protect Function shown below.
Organizations establishing or reviewing their risk management practices can appreciate the importance of awareness. A proper identity and access control strategy starts by being risk informed, even if the risks presently outweigh the mitigations. Let’s press into the risk to grow as organizations and security practitioners.
Reese Bobby offered sage wisdom to his son Ricky in the theatrical number, Talladega Nights, “You gotta learn to drive with the fear. And there ain’t nothing more frightening than driving with a live cougar in the car.” Drive with the fear. Drive with a live cougar in the car.
Microsoft Tech Community – Latest Blogs –Read More
Excel VBA Rows(#).Calculate not working for cells with circular references
I use Excel for complex iterative calculations that use circular references. These spreadsheets are run with the Options for Manual Calculation and Iterative Calculation on and set to 1 iteration.
To correctly calculate the iterative functionality (ie bypass Excels inheritance calculation order), I use a VBA function to calculate each row in the Worksheet from top to bottom. This used to work correctly with the following simple code:
For i = 3 to 30
Worksheets(“Calculation”).Rows(i).Calculate
Next i
But it appears that this was broken by an update with it working on simple calculations in the row, and cells with circular references are Not calculated.
I have tired using Range(“5:5”).Calculate, and even Range(“B5”).Calculate, but neither work.
A manual Calculation by pressing “F9” updates all cells, but as mentioned the execution order does not give the correct result.
I use Excel for complex iterative calculations that use circular references. These spreadsheets are run with the Options for Manual Calculation and Iterative Calculation on and set to 1 iteration. To correctly calculate the iterative functionality (ie bypass Excels inheritance calculation order), I use a VBA function to calculate each row in the Worksheet from top to bottom. This used to work correctly with the following simple code: For i = 3 to 30 Worksheets(“Calculation”).Rows(i).Calculate Next iBut it appears that this was broken by an update with it working on simple calculations in the row, and cells with circular references are Not calculated. I have tired using Range(“5:5”).Calculate, and even Range(“B5”).Calculate, but neither work.A manual Calculation by pressing “F9” updates all cells, but as mentioned the execution order does not give the correct result. Read More
Whiteboard in New Teams
Hello
Please i need your help on this issue.
One of my client want to be able to draw while sharing in Teams meeting.
The issue is happening on Teams on the MAC.
Hello Please i need your help on this issue. One of my client want to be able to draw while sharing in Teams meeting.The issue is happening on Teams on the MAC. Read More
SSO issues in Word and Excel, but not Outlook
Hi,
Strange issue started a month ago at a customer site. They use RDS with Office 365 installed. Historically this has been working fine, then it randomly stopped signing in properly for all users. We can’t point it down to anything specific however. Network / User / Settings all look good.
What is strange is on first login to Outlook, it says it’s done SSO but says unlicensed. A simple restart then would show it licensed. We have managed to work round that issue by saving the license folder appdatalocalmicrosoftoffice to the UPD.
So for this, a month ago, new and existing users would just sign in and it worked. Then something changed and users were being asked to sign in every time. So we have made this change to include appdatalocal to the UPD – now users only see this problem once (a month). While not as good as it was a month ago, it is acceptable.
However, and this is what I need help with. SSO is NOT working at all from Word / Excel.
Open Word
Blank Micrsoft Sign In box pops up.
You have to type username and hit enter
You then have to type your password and hit Sign In
That popup then goes away, but at the tope right of Word, it still shows “Sign In”.
When you go to Account, it still has a Sign in box.
BUT… if you now close and reopen word, both of those show the signed in user.
The problem here is that this doesn’t persist over the UPD, so happens every time the users open Word or Excel. As this is used by a business app to open docs, it’s actually breaking the process and we need to fix this.
I have been having a look at SSO info, because it feels like something fairly low level has changed with how this works, but can’t find anything helpful, hence posting here after about a month of searching and trying things.
It’s not very helpful when you have MS links like:
How to use Remote Connectivity Analyzer to troubleshoot single sign-on issues for Microsoft 365, Azure, or Intune
https://learn.microsoft.com/en-us/microsoft-365/troubleshoot/active-directory/single-sign-on-issues
How to run Remote Connectivity Analyzer to test SSO authentication
To run Remote Connectivity Analyzer to test SSO authentication, follow these steps:
Open a web browser, and then browse to https://www.testconnectivity.microsoft.com/tests/SingleSignOn/input.
However, that page just hangs with LOADING written on it. Then on the change notes for this page we see that it was removed in 2022!
Version 4.0.15 (October 2022)
Removed the Single Sign-on Test now that basic authentication in Exchange Online is being disabled.
Quick note on the setup.
AD is synced to Entra using Entra Connect, latest version. SSO URLs are added to Internet trusted sites as per setup instructions. Network has been tested and all URLS accessible and working for the user. User is on RDS on fully updated Server 2016 and is on the latest Office 365 app updates.
So I guess my first question is:
1) Does SSO still work for Word and Excel?
Is it a realistic expectation that the user will sign in to the PC and then Word and Excel will automatically sign in for the user (proper seamless single sign on) like it was doing only a month or so ago?
2) What can I do to test and troubleshoot this if it should be working?
I have been trying for a month, so I have already tried a lot of things. But maybe I am missing some tests?
Any info to help get this working again (or that it’s no longer possible and we missed that instruction from MS) would be ideal.
Thanks in advance
Hi, Strange issue started a month ago at a customer site. They use RDS with Office 365 installed. Historically this has been working fine, then it randomly stopped signing in properly for all users. We can’t point it down to anything specific however. Network / User / Settings all look good. What is strange is on first login to Outlook, it says it’s done SSO but says unlicensed. A simple restart then would show it licensed. We have managed to work round that issue by saving the license folder appdatalocalmicrosoftoffice to the UPD. So for this, a month ago, new and existing users would just sign in and it worked. Then something changed and users were being asked to sign in every time. So we have made this change to include appdatalocal to the UPD – now users only see this problem once (a month). While not as good as it was a month ago, it is acceptable. However, and this is what I need help with. SSO is NOT working at all from Word / Excel.Open WordBlank Micrsoft Sign In box pops up.You have to type username and hit enterYou then have to type your password and hit Sign InThat popup then goes away, but at the tope right of Word, it still shows “Sign In”.When you go to Account, it still has a Sign in box.BUT… if you now close and reopen word, both of those show the signed in user. The problem here is that this doesn’t persist over the UPD, so happens every time the users open Word or Excel. As this is used by a business app to open docs, it’s actually breaking the process and we need to fix this. I have been having a look at SSO info, because it feels like something fairly low level has changed with how this works, but can’t find anything helpful, hence posting here after about a month of searching and trying things. It’s not very helpful when you have MS links like: How to use Remote Connectivity Analyzer to troubleshoot single sign-on issues for Microsoft 365, Azure, or Intunehttps://learn.microsoft.com/en-us/microsoft-365/troubleshoot/active-directory/single-sign-on-issues How to run Remote Connectivity Analyzer to test SSO authenticationTo run Remote Connectivity Analyzer to test SSO authentication, follow these steps:Open a web browser, and then browse to https://www.testconnectivity.microsoft.com/tests/SingleSignOn/input. However, that page just hangs with LOADING written on it. Then on the change notes for this page we see that it was removed in 2022! Version 4.0.15 (October 2022)Removed the Single Sign-on Test now that basic authentication in Exchange Online is being disabled. Quick note on the setup. AD is synced to Entra using Entra Connect, latest version. SSO URLs are added to Internet trusted sites as per setup instructions. Network has been tested and all URLS accessible and working for the user. User is on RDS on fully updated Server 2016 and is on the latest Office 365 app updates. So I guess my first question is: 1) Does SSO still work for Word and Excel?Is it a realistic expectation that the user will sign in to the PC and then Word and Excel will automatically sign in for the user (proper seamless single sign on) like it was doing only a month or so ago? 2) What can I do to test and troubleshoot this if it should be working?I have been trying for a month, so I have already tried a lot of things. But maybe I am missing some tests? Any info to help get this working again (or that it’s no longer possible and we missed that instruction from MS) would be ideal. Thanks in advance Read More
How do I solve this IIS permission error?
I need a step by step guide please.
Which of these do I need to change the permissions of to make this error go away?
I need a step by step guide please.Which of these do I need to change the permissions of to make this error go away? Read More
Professional use of Microsoft 365
I intend to write non-fiction and fictional stories for professional publication. That means I will be paid for these stories. What version of Microsoft 365 must professionals use? I installed a professional paid version of Microsoft Office Pro 2021 but it seems to have connected itself to Microsoft 365. So, I am very confused.
I intend to write non-fiction and fictional stories for professional publication. That means I will be paid for these stories. What version of Microsoft 365 must professionals use? I installed a professional paid version of Microsoft Office Pro 2021 but it seems to have connected itself to Microsoft 365. So, I am very confused. Read More
Viva Engage Bulk member CSV Upload error
Hi,
I need help adding bulk csv list of members to my new community on viva engage. I am following the correct instructions here
Hi, I need help adding bulk csv list of members to my new community on viva engage. I am following the correct instructions here https://support.microsoft.com/en-gb/topic/add-community-members-wit…and an error message is constantly coming up. Please help Read More
UTM Parameters – is it possible?
Hi there!
I’m really new to this and not sure if this is the right place to ask, but I currently have a product in the Microsoft Appsource, and wanted to know if its possible to use UTMs to track the traffic and conversions?
Or does it only allow the 2 parameters (src and mktcmpid)?
Any help would be greatly appreciated!
Hi there! I’m really new to this and not sure if this is the right place to ask, but I currently have a product in the Microsoft Appsource, and wanted to know if its possible to use UTMs to track the traffic and conversions? Or does it only allow the 2 parameters (src and mktcmpid)? Any help would be greatly appreciated! Read More
OneDrive for MacOS Nightmare
If anyone from MS is reading this why can’t you actually write some software that actually works for once in your life!
The problem is I am trying to migrate my dad from a Windows 10 laptop to a Macbook Pro with Sanoma 14.5
The issue is that the Backup Tab is missing from the preferences tab. After Googling it there seems to be two versions of the same app once made by Apple in the Appstore and one you can directly download from Microsoft.
If I download version version 24.086.00248.003 and try to install and runt his I get the error:
“Account Already Connected – A different version of the OneDrive App is already connected to this account”
If I then uninstall it and try to re-install from the version in the App store (24.097.0513) which by the way has a score of 2.6 something you guys at MS should be truly ashamed of. It lets me install this however it is missing the Backup tap which makes this app useless!
God know’s why I am paying Microsoft for my Family version of office 365
If anyone from MS is reading this why can’t you actually write some software that actually works for once in your life!The problem is I am trying to migrate my dad from a Windows 10 laptop to a Macbook Pro with Sanoma 14.5 The issue is that the Backup Tab is missing from the preferences tab. After Googling it there seems to be two versions of the same app once made by Apple in the Appstore and one you can directly download from Microsoft. If I download version version 24.086.00248.003 and try to install and runt his I get the error: “Account Already Connected – A different version of the OneDrive App is already connected to this account” If I then uninstall it and try to re-install from the version in the App store (24.097.0513) which by the way has a score of 2.6 something you guys at MS should be truly ashamed of. It lets me install this however it is missing the Backup tap which makes this app useless! God know’s why I am paying Microsoft for my Family version of office 365 Read More
Prompt 101 for images: Crafting detailed visual descriptions
Images are a key part of creating engaging content for communicating your nonprofit’s mission. Social media, presentations, training documentation, diagrams to communicate ideas, email, and more – you can enhance your content with visual storytelling. With AI, you don’t need to be a designer to create compelling images: Copilot can be your collaborator in creating visual stories and elements.
Prompt ingredients for images are similar to how to prompt Copilot for content: Provide a description of what you’re trying to create “as if you were asking a helpful coworker”. Unlike content prompts, you can include lots of stylistic and visual details to build the image you need.
In this blog, we’ll explore how to hone our skills in describing images effectively. We’ll break down the essential ingredients for creating vivid visual descriptions to get the images you want.
Here is an image created using Microsoft Copilot Designer:
Let’s explore the key components of the prompt used to create this image:
Create an image of an excited brown terrier sitting near a tree with a ball. The ball is green and the ground is wet. Create the image in the style of a hyper-realistic drawing.
Prompt ingredients for images
Detailed subject
The detailed subject is the central focus of the image. It’s what captures the viewer’s attention.
For example, consider an image of an excited brown terrier. The terrier’s expression and body language convey its excitement.
Scene or setting
Describe the environment in which the subject exists. What’s the backdrop? What’s the context?
In our example, the scene is outdoors. The terrier is near a tree, suggesting an open space. The ground is wet, indicating recent rain.
Additional elements
These are the details that enhance the overall image. They provide context and add depth.
In our case, the green ball is an additional element. The wet ground reinforces the recent rain.
Specific style
Consider the artistic style you want to convey. Is it realistic, impressionistic, or abstract?
Let’s choose a hyper-realistic drawing style for our terrier image. This means we’ll aim for intricate details.
Crafting the image description
Remember, when describing images, engage the reader’s senses. Make them see, feel, and experience the scene. Whether it’s a playful terrier or a serene landscape, your words should paint a vivid mental picture.
Now, armed with these ingredients, let’s create stunning visual descriptions!
Keep learning
Explore these resources and learning paths to keep building prompt and image design skills.
Microsoft Digital Skills Center for Nonprofits: aka.ms/TechSoup
AI skills for nonprofits collection on Microsoft Learn: aka.ms/AI-for-nonprofits-collection
LinkedIn Learning pathways for digital and AI fluency: aka.ms/MyLearningPathway
Note: This article was created in collaboration between the author and Microsoft Copilot.
This is part two of a three-part series on AI prompts. Get notified when part three is published by hitting the Subscribe button with the in the upper right corner of the Nonprofit Community Blog space.
Continue the conversation by joining us in the Nonprofit Community! Share your prompt examples and the images you created in the comments below.
Microsoft Tech Community – Latest Blogs –Read More
SQL Server 2022 is EAL 2 Common Criteria certified!
In a previous blog post in 2023 we mentioned that two Common Criteria (CC) certifications of SQL Server 2022 were in progress. We are excited to announce that CC EAL2 certifications for SQL Server 2022 on Windows and Linux (including enabled by Azure Arc) have been issued! The certifications are compliant to the newly developed and recently certified DBMS cPP.
After SQL’s first CC certification of version 2005 (Yukon), SQL Server 2022 is the 8th major release that has successfully completed this security attestation. To see an extract of the extensive CC history of SQL Server, please refer to the SQL Server security page (Click on “View our Common Criteria certifications”). Additionally, this document provides important information to understand and use SQL Server 2022 as evaluated and certified.
What CC means
The SQL Server 2022 CC certification consisted of a comprehensive examination conducted by the evaluation facility, based on document reviews for various design representations, independent functional and penetration testing, code analysis, site audits for development sites, data centers and support sites, and a vulnerability assessment. Scope and rigor of this investigation were defined by the newly developed and recently certified DBMS cPP. The results obtained by the evaluation facility were continuously monitored by the certification body to confirm their accuracy and to ensure comparability with other independent evaluations of the same product type. (See SQL Server 2022 on Windows and SQL Server 2022 on Linux).
Since SQL Server 2016, all CC certified versions were “cloud connected”, as their development life cycle (including tooling) has progressed step by step to the cloud through the years. CC for SQL Server 2022 includes an Azure Arc-enabled server configuration (which is shown below and represents an IaaS offering). All these cloud-based tools and techniques are well understood by CC, however, not all hybrid or multi-cloud environment configurations are (yet) supported by CC. Looking forward, Microsoft is contributing to and building on the work performed in the “CC in the Cloud Technical Working Group (TWG)” to support CC for cloud-based services.
About the CC
CC is an international program which is broadly used as a (cyber) security standard (ISO 15408) to test and improve the IT security measures of commercial products for use in National Security Systems (see e.g. EUCSA, NIAP). As such it serves as a world-wide compliance obligation across regulated industries and authorities and can be applied to almost any type of IT product implemented in hardware, firmware, or software. IT security measures in the context of the CC are usually a means to protect information (or in other words ‘assets’) from unauthorized disclosure, modification, or loss of use, covering, for example, areas such as identification and authentication, access control, accountability, audit, object re-use, error recovery. Appropriate confidence in the correct and effective implementation of those measures (expressed in terms of assurance requirements and typically specified in an EAL) is needed to help determine whether IT products fulfill their security needs. A competence-tested and licensed evaluation facility therefore evaluates an IT product against a pre-defined security specification, called (collaborative) Protection Profile (PP). A (collaborative) PP represents the security functional and assurance requirements for technology classes and is developed and maintained by an international Technical Community (iTC), made up of CC and technology area experts such as vendors, certification bodies, evaluation facilities, and consultants (see e.g. DBMS-iTC). Under the international Common Criteria Recognition Arrangement (CCRA) and the European Senior Officials Group Information Systems Security (SOG-IS) agreement, all signatories agree to recognize the CC certificates produced by any certificate-authorizing participant. Each certificate-authorizing member of the CCRA or SOG-IS operates a certification body that oversees evaluations conducted by their licensed commercial evaluation facilities.
Learn more about the CC
Please visit the Common Criteria Portal.
Microsoft Tech Community – Latest Blogs –Read More
Countif Date
I can get the formula to work if I manually type in the date. However, with data validation, I have a dropdown list of the first day of the month. So, since it’s June, it says 06/01/24, and the cell next to it finds the last day of the month. Instead of manually typing the dates in the formula, I want to be able to select the date in the cell instead.
=COUNTIFS(T_LEAVE[START DATE],”>=6/1/24″,T_LEAVE[START DATE],”<=6/30/24″)
I can get the formula to work if I manually type in the date. However, with data validation, I have a dropdown list of the first day of the month. So, since it’s June, it says 06/01/24, and the cell next to it finds the last day of the month. Instead of manually typing the dates in the formula, I want to be able to select the date in the cell instead. =COUNTIFS(T_LEAVE[START DATE],”>=6/1/24″,T_LEAVE[START DATE],”<=6/30/24″) Read More
Formatting Dates
In my SharePoint list I have a column of review dates. I was wanting to create a formatting formula which, I have tried using Co-Pilot to various levels of success I want the standard DD-MM-YY in the following colours
In excess of 30 Days in the future – Black on White background
Less than 30 days into the future – Red on light orange/Yellow background
In the Past – Bold White on Red Background.
Any help would be appreciated
In my SharePoint list I have a column of review dates. I was wanting to create a formatting formula which, I have tried using Co-Pilot to various levels of success I want the standard DD-MM-YY in the following coloursIn excess of 30 Days in the future – Black on White backgroundLess than 30 days into the future – Red on light orange/Yellow backgroundIn the Past – Bold White on Red Background. Any help would be appreciated Read More
Email to a Teams Channel not seen
Dear Community, hope you can help me.
We are at the start of a big project where the whole business will need to get involved but just the core team that are doing the documentation and testing are in the the Microsoft Teams team. However to help ourselves when communicating with the larger business we have tried to use the Teams Chanel e-mail address. When a team member sends the original e-mail out this is seen in the chanel posts but any replys or direct messages to the chanel from other people are not appearing. Also when I go the sharepoint site and look at conversation, not all messages are seen in outlook on line.
Has anyone any idea why this is happening or is it just a microsoft quirk that hasn’t been ironed out?
Dear Community, hope you can help me.We are at the start of a big project where the whole business will need to get involved but just the core team that are doing the documentation and testing are in the the Microsoft Teams team. However to help ourselves when communicating with the larger business we have tried to use the Teams Chanel e-mail address. When a team member sends the original e-mail out this is seen in the chanel posts but any replys or direct messages to the chanel from other people are not appearing. Also when I go the sharepoint site and look at conversation, not all messages are seen in outlook on line.Has anyone any idea why this is happening or is it just a microsoft quirk that hasn’t been ironed out? Read More
Any Year Calendar with Public Holidays Template
Can anyone help, I think the “Any Year Calendar with Public Holidays” template is great, but I want to add a start date and end date to the holiday dates as some that I want to add are more than one day long. Any thoughts on how I do this?
Can anyone help, I think the “Any Year Calendar with Public Holidays” template is great, but I want to add a start date and end date to the holiday dates as some that I want to add are more than one day long. Any thoughts on how I do this? Read More
Full screen splash in .NET MAUI
I have an image , and i want to display my image to entire screen in splash .But currently my images are displaying at the center of my mobile screen , I am targetting android version upto 13.
<ItemGroup>
<MauiSplashScreen Include=”ResourcesSplashsplash.svg” />
</ItemGroup>
I have an image , and i want to display my image to entire screen in splash .But currently my images are displaying at the center of my mobile screen , I am targetting android version upto 13.<ItemGroup><MauiSplashScreen Include=”ResourcesSplashsplash.svg” /></ItemGroup> Read More