Category: Microsoft
Category Archives: Microsoft
Inconsistency of window’s new Date() function returns invalid date in Microsoft Edge
We are facing some browser problem while using React as frontend for initialize new Date() object such that new Date().toLocaleString() gives empty string. As this is not the case with Chrome so raising it here.
Looking forward to get a permanent solution as of now we have added retries for initialize new Date() object for work around.
We are facing some browser problem while using React as frontend for initialize new Date() object such that new Date().toLocaleString() gives empty string. As this is not the case with Chrome so raising it here.Looking forward to get a permanent solution as of now we have added retries for initialize new Date() object for work around. Read More
Defender for Identity PowerShell module update
Hi everyone! I’m excited to announce an update to the PowerShell module we released for Microsoft Defender for Identity earlier this year. These enhancements are designed to add some new functionality and address some of the feedback you provided in the comments. As always, we really appreciate your feedback and engagement with this module!
Now let’s dive into the what and why with this new release:
New MDI Service Account cmdlet:
The service account will be used for remote Security Account Manager (SAM) access and is provisioned in the portal for Defender for Identity Active Directory operations. This account will also used to access the Deleted Objects container in Active Directory, used to query remote forests if configured, and needed for some of the Active Directory Federation Services and Certificate Services configurations.
To create a new GMSA use the following syntax, where you define the name of the service account and the password retrieval group.
This new group, and the Domain Controllers group are added to the PrincipalsAllowedToRetrieveManagedPassword attribute of the GMSA.
New-MDIDSA -Identity my-mdisvc -GmsaGroupName my-mdiGMSAgroup
To create a standard account use the ForceStandardAccount switch
New-MDIDSA -Identity my-mdisvc -ForceStandardAccount
New automatic PDCe detection and usage:
To help further streamline any necessary updates and make the creation of group policy objects (GPO) even easier we have added a new Primary Domain Controller Emulator (PDCe) role detection feature. This feature requires no intervention and means that most Active Directory operations will automatically target the PDCe, which will increase the reliability of Group Policy Object creation, as well as account creation. This is mostly for reliability purposes to ensure that detection of changes won’t fail due to Active Directory replication delays.
Manual Domain Controller Targeting:
If PDC detection fails, or you’re like me and want over everything, we’ve also added a Server parameter to the Get/Set/Test MDIConfiguration cmdlets that will allow you to specify a domain controller to be used for any Active Directory cmdlet.
Get-MDIConfiguration -Mode Domain -Configuration All -Server test-cdc1
Note that this is optional, and things work best when you use the automatic PDCe detection.
User experience enhancements:
The GPOPrefix parameter is now dynamic for the Get/Set/Test MDIConfiguration cmdlets and will only appear if you specify the Domain option for the Mode parameter. This changes nothing in terms of how it works, it just makes the parameter auto complete a little cleaner. The strings files have been updated for accuracy and we added support for Danish language. Please do report any inaccuracies to us! I am a huge believer that words matter and, because of that, I strive to be precise. The portal communication check now uses basic parsing. This should change nothing from a functionality perspective but should make things run a little smoother.
There are also some changes and updates to GPO content setting. This change goes hand in hand with the Server parameter to target the distinct Domain Controller for writes and it should work around some of the issues we were seeing with blank GPO’s.
For more information on this module check out the PowerShell Gallery and reference documentation. That’s it for this release! Thank you all for your continued usage and feedback and please do let us know with any priority changes you want. We’re working on the next version now and can’t wait to get that out.
Microsoft Tech Community – Latest Blogs –Read More
Learn about Automate io’s transactable partner solution in Azure Marketplace
Microsoft partners like Automate io deliver transact-capable offers, which allow you to purchase directly from Azure Marketplace. Learn about this offer below:
QuickBooks Enterprise 2024 Server with Microsoft 365 Applications: This pre-built Microsoft Windows 2022 server from Automate io comes with QuickBooks Enterprise 2024 and Microsoft 365 applications pre-installed. Having a virtual machine makes it simple to manage backups and control your data in a shared environment.
Microsoft Tech Community – Latest Blogs –Read More
How to name or rename the General channel in Teams
You can encourage your users to provide a meaningful name to General channels in their teams.
The General channel can be renamed by the team owners to show up in the teams’ and channels’ list of all members in alphabetical order.
#MicrosoftTeams #Teams #Microsoft365 #Productivity #NewFeatures #MVPbuzz Read More
Need to make users to edit proprieties of the file before saving the document in document library
Need to make users to edit proprieties of the file before saving the document in document library
How do you limit file upload unless the properties are added?
Need to make users to edit proprieties of the file before saving the document in document library How do you limit file upload unless the properties are added? Read More
Filter function to return in columns not rows
I want to return the results from a filter function formula into ongoing columns rather than down rows – this is because I have a large list of over a 2000 rows of data that I want to look them up in another table and return all the possible values for one code. i.e. I have hierachical data that is coded and I want to see the unique codes for a level of code up. My formula is currently:
=FILTER(‘ACNY 2024′!L2:L15979,’ACNY 2024′!I2:I15979=’Parish make up’!AX2)
Or can I do an xlookup that returns multiple answers but the number of answers will vary between 1 and 13? Many thanks
I want to return the results from a filter function formula into ongoing columns rather than down rows – this is because I have a large list of over a 2000 rows of data that I want to look them up in another table and return all the possible values for one code. i.e. I have hierachical data that is coded and I want to see the unique codes for a level of code up. My formula is currently: =FILTER(‘ACNY 2024′!L2:L15979,’ACNY 2024′!I2:I15979=’Parish make up’!AX2) Or can I do an xlookup that returns multiple answers but the number of answers will vary between 1 and 13? Many thanks Read More
Dates format as wrong locale – need to change how it is recognised
Hi,
I have dates that were added to my spreadsheet but it’s in the wrong format (US format rather than UK)
But it thinks they are UK dates so if I use More Number Formats, and change it between US and UK the date just changes to the other format which is still incorrect.
How can I tell Excel that the dates are not the format it thinks it is.
Example:
Date is 5th January 2024 – it displays in UK format as 01-05-24 and US format as 05-01-24
How do I correct the date in the cells?
I’ve tried copying the data to notepad and then copying to excel but it still reads it as the wrong format.
Many thanks,
Emma
Hi,I have dates that were added to my spreadsheet but it’s in the wrong format (US format rather than UK)But it thinks they are UK dates so if I use More Number Formats, and change it between US and UK the date just changes to the other format which is still incorrect.How can I tell Excel that the dates are not the format it thinks it is. Example:Date is 5th January 2024 – it displays in UK format as 01-05-24 and US format as 05-01-24How do I correct the date in the cells? I’ve tried copying the data to notepad and then copying to excel but it still reads it as the wrong format. Many thanks,Emma Read More
team dial by VC device
Hi,
Would it be possible to dial team meeting by VC device, such as cisco sx20 ? How to dial the number? Thanks.
Hi, Would it be possible to dial team meeting by VC device, such as cisco sx20 ? How to dial the number? Thanks. Read More
Stop site ownes and / or Site members form creating document libraries
Hi, had a request from a client who want to restrict site owners and members or maybe just site members from having the ability to create new document libraries on their SharePoint team site. Does anyone know how you would do this?
Hi, had a request from a client who want to restrict site owners and members or maybe just site members from having the ability to create new document libraries on their SharePoint team site. Does anyone know how you would do this? Read More
Active Directory attributes reconnaissance using LDAP alert
Hi Team,
I need to enable alert”Active Directory attributes reconnaissance (LDAP) (external ID 2210)” in MDI. How I can enable it. Please help me where i can find out all alert list.
Hi Team, I need to enable alert”Active Directory attributes reconnaissance (LDAP) (external ID 2210)” in MDI. How I can enable it. Please help me where i can find out all alert list. Read More
Unable to onboard devices in Defender anymore
We have number of AVD’s which are onboarded automatically in Defender, suddenly this process started to fail.
We can see interesting error message:
VERBOSE: [2024-08-21 09:26:11Z][Information] Preparing onboarding package
VERBOSE: [2024-08-21 09:26:11Z][Information] Decoding onboarding script from base64 string
VERBOSE: [2024-08-21 09:26:11Z][Information] Decode onboarding script successfully
VERBOSE: [2024-08-21 09:26:11Z][Information] Verifying JSON signature
VERBOSE: [2024-08-21 09:26:11Z][Information] Signature verification result: True
VERBOSE: [2024-08-21 09:26:11Z][Error] base chain cetificate is not valid because: PartialChain
VERBOSE: [2024-08-21 09:26:11Z][Information] Certificate C=US, S=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Secure Server CA 2011 is valid: True
VERBOSE: [2024-08-21 09:26:11Z][Information] Certificate C=US, S=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011 is valid: True
VERBOSE: [2024-08-21 09:26:11Z][Information] Chain valid: False
VERBOSE: [2024-08-21 09:26:11Z][Information] Certificate chain verification result: False
VERBOSE: [2024-08-21 09:26:11Z][Error] Onboarding blob signature is not valid
It looked a little different in the past – seems like the certificate was not verified:
VERBOSE: [2024-04-10 07:14:35Z][Information] Preparing onboarding package
VERBOSE: [2024-04-10 07:14:35Z][Information] Decoding onboarding script from base64 string
VERBOSE: [2024-04-10 07:14:35Z][Information] Decoding onboarding script from base64 string completed successfully
VERBOSE: [2024-04-10 07:14:35Z][Information] Onboarding package prepared successfully
VERBOSE: [2024-04-10 07:14:35Z][Information] Running onboarding package
VERBOSE: [2024-04-10 07:14:35Z][Information] Successfully started process, waiting to finish with timeout
VERBOSE: [2024-04-10 07:14:54Z][Information] Onboarding package script completed successfully
VERBOSE: [2024-04-10 07:14:54Z][Information] Setting Azure Defender for Server identifiers in registry
VERBOSE: [2024-04-10 07:14:54Z][Information] Path HKLM:SoftwarePoliciesMicrosoftWindows Advanced Threat Protection already exists
VERBOSE: [2024-04-10 07:14:54Z][Information] Registry path HKLM:SoftwarePoliciesMicrosoftWindows Advanced Threat ProtectionDeviceTagging doesn’t exist, creating it
We can see that version of Windows.MDE(?) has change currently it is 1.0.10.3 previously (for onboarded devices) it was 1.0.9.5 – I cant find version history anywhere – this is just the name of the folder where the logs are located.
We’ve checked all the policies we have implemented for these devices but we were unable to find anything which could break this.
Does anyone experience the same? Do you have any ideas what went wrong here?
We have number of AVD’s which are onboarded automatically in Defender, suddenly this process started to fail. We can see interesting error message:VERBOSE: [2024-08-21 09:26:11Z][Information] Preparing onboarding package
VERBOSE: [2024-08-21 09:26:11Z][Information] Decoding onboarding script from base64 string
VERBOSE: [2024-08-21 09:26:11Z][Information] Decode onboarding script successfully
VERBOSE: [2024-08-21 09:26:11Z][Information] Verifying JSON signature
VERBOSE: [2024-08-21 09:26:11Z][Information] Signature verification result: True
VERBOSE: [2024-08-21 09:26:11Z][Error] base chain cetificate is not valid because: PartialChain
VERBOSE: [2024-08-21 09:26:11Z][Information] Certificate C=US, S=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Secure Server CA 2011 is valid: True
VERBOSE: [2024-08-21 09:26:11Z][Information] Certificate C=US, S=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011 is valid: True
VERBOSE: [2024-08-21 09:26:11Z][Information] Chain valid: False
VERBOSE: [2024-08-21 09:26:11Z][Information] Certificate chain verification result: False
VERBOSE: [2024-08-21 09:26:11Z][Error] Onboarding blob signature is not valid It looked a little different in the past – seems like the certificate was not verified:VERBOSE: [2024-04-10 07:14:35Z][Information] Preparing onboarding package
VERBOSE: [2024-04-10 07:14:35Z][Information] Decoding onboarding script from base64 string
VERBOSE: [2024-04-10 07:14:35Z][Information] Decoding onboarding script from base64 string completed successfully
VERBOSE: [2024-04-10 07:14:35Z][Information] Onboarding package prepared successfully
VERBOSE: [2024-04-10 07:14:35Z][Information] Running onboarding package
VERBOSE: [2024-04-10 07:14:35Z][Information] Successfully started process, waiting to finish with timeout
VERBOSE: [2024-04-10 07:14:54Z][Information] Onboarding package script completed successfully
VERBOSE: [2024-04-10 07:14:54Z][Information] Setting Azure Defender for Server identifiers in registry
VERBOSE: [2024-04-10 07:14:54Z][Information] Path HKLM:SoftwarePoliciesMicrosoftWindows Advanced Threat Protection already exists
VERBOSE: [2024-04-10 07:14:54Z][Information] Registry path HKLM:SoftwarePoliciesMicrosoftWindows Advanced Threat ProtectionDeviceTagging doesn’t exist, creating it We can see that version of Windows.MDE(?) has change currently it is 1.0.10.3 previously (for onboarded devices) it was 1.0.9.5 – I cant find version history anywhere – this is just the name of the folder where the logs are located. We’ve checked all the policies we have implemented for these devices but we were unable to find anything which could break this. Does anyone experience the same? Do you have any ideas what went wrong here? Read More
Any rule/query for detecting Dynamic DNS in sentinel
Hi Team,
Sentinel having any table or rule from where we can fetch dynamic DNS details as alert?
Hi Team, Sentinel having any table or rule from where we can fetch dynamic DNS details as alert? Read More
Overlapping numberss
Hi
The attached docx file has a problem: the 2 digits on numbers in the Numberings are overlapping. In this file numbering start from 10; otherwise the problem starts to show after 10 rows. this is a portion of a main docx which has generated by a software.
How can I fix this?
HiThe attached docx file has a problem: the 2 digits on numbers in the Numberings are overlapping. In this file numbering start from 10; otherwise the problem starts to show after 10 rows. this is a portion of a main docx which has generated by a software.attached docx How can I fix this? Read More
Deploying Win32 App and using Env. Variables
Hi,
We are trying to deploy an application as a Win32 app, the script to install (a .cmd) references the env. variable for the Program Files folder – %programfiles% – however when this runs, we get the error that the agent cannot be installed in the C:Program Files (x86), this is expected behaviour for the agent as it must be installed in C:Program Files.
The variable ‘echoes’ out as expected on the PC, so why when installing via Intune does it resolve to the x86 path?
Hi,We are trying to deploy an application as a Win32 app, the script to install (a .cmd) references the env. variable for the Program Files folder – %programfiles% – however when this runs, we get the error that the agent cannot be installed in the C:Program Files (x86), this is expected behaviour for the agent as it must be installed in C:Program Files. The variable ‘echoes’ out as expected on the PC, so why when installing via Intune does it resolve to the x86 path? Read More
Connect Sync vs Cloud Sync vs other?
Hi,
Been going through this comparison: https://learn.microsoft.com/en-us/entra/identity/hybrid/cloud-sync/what-is-cloud-sync#how-is-microsoft-entra-cloud-sync-different-from-microsoft-entra-connect-sync
Both Cloud Sync and Entra Connect, take user and group accounts from On-Prem, and provision (and sync) these to Entra ID (Azure).
Is there, however, a similar free Microsoft tools that would run in the opposite direction? i.e. take existing user and group accounts in Entra ID (Azure) and provision them into an On-Prem Active Directory?
Thanks,
SK
Hi,Been going through this comparison: https://learn.microsoft.com/en-us/entra/identity/hybrid/cloud-sync/what-is-cloud-sync#how-is-microsoft-entra-cloud-sync-different-from-microsoft-entra-connect-sync Both Cloud Sync and Entra Connect, take user and group accounts from On-Prem, and provision (and sync) these to Entra ID (Azure). Is there, however, a similar free Microsoft tools that would run in the opposite direction? i.e. take existing user and group accounts in Entra ID (Azure) and provision them into an On-Prem Active Directory? Thanks,SK Read More
Código de indicação da Kucoin: QBAYT4XB – Melhor código de indicação da Kucoin
O código de indicação oficial da Kucoin Exchange é determinado como QBAYT4XB. Você pode negociar criptomoedas com segurança com o código de indicação da Kucoin QBAYT4XB. Com este código de convite, você pode ganhar 50% de desconto na comissão e um bônus de $ 8.200 para novos usuários.
O código de indicação oficial da Kucoin Exchange é determinado como QBAYT4XB. Você pode negociar criptomoedas com segurança com o código de indicação da Kucoin QBAYT4XB. Com este código de convite, você pode ganhar 50% de desconto na comissão e um bônus de $ 8.200 para novos usuários. Read More
Adding, editing, removing, reading SharePoint list rules programmatically
Hi,
reading the documentation, I couldn’t find a way to manage site list automate rules via any API (REST/graph/CSOM) or framework (PnP). Is there a way to do so?
The only way I managed to find at the moment is adding them to a site creation script as a sub action of the create new site verb, but that will not allow me to alter them in any way in existing sites or lists.
Moreover, they’re not saved at all in .stp list templates.
How can I programmatically manage these automate rules in an existing list?
Thank you
Hi, reading the documentation, I couldn’t find a way to manage site list automate rules via any API (REST/graph/CSOM) or framework (PnP). Is there a way to do so? The only way I managed to find at the moment is adding them to a site creation script as a sub action of the create new site verb, but that will not allow me to alter them in any way in existing sites or lists. Moreover, they’re not saved at all in .stp list templates. How can I programmatically manage these automate rules in an existing list? Thank you Read More
Unable to remove passcode for iPad in Intune
Hello,
One of our users has left the company and I want to factory reset his iPad. There is a passcode on it which I don’t know. So I’ve gone to Intune, Users > Selected User > Devices > Selected the iPad > Manage > Device could not be found error message.
I then searched the serial number in devices but nothing has been found. Does anyone know of a way around this so I can factory reset the iPad?
Thanks in advance!
Paul
Hello, One of our users has left the company and I want to factory reset his iPad. There is a passcode on it which I don’t know. So I’ve gone to Intune, Users > Selected User > Devices > Selected the iPad > Manage > Device could not be found error message. I then searched the serial number in devices but nothing has been found. Does anyone know of a way around this so I can factory reset the iPad? Thanks in advance! Paul Read More
Assistance Needed: Best Practices for Setting Up macOS Devices in Intune
Hi all,
I’m looking for the best way to set up macOS devices in Intune. These devices are already sittting in Intune but currently have no profiles attached. My goal is to configure them so that they are fully ready for users to use right away, without needing to install apps or perform additional setup after logging in.
Could someone please guide me on the correct settings and configurations required to achieve this? Additionally, if anyone has useful links or videos that could assist, I’d greatly appreciate it.
Thank you!
Hi all,I’m looking for the best way to set up macOS devices in Intune. These devices are already sittting in Intune but currently have no profiles attached. My goal is to configure them so that they are fully ready for users to use right away, without needing to install apps or perform additional setup after logging in.Could someone please guide me on the correct settings and configurations required to achieve this? Additionally, if anyone has useful links or videos that could assist, I’d greatly appreciate it.Thank you! Read More
Legal Parameters for Indirect Reseller case in CSP Program
Dear community,
We are an Indirect Provider in CSP, located in EU (CEMA Region). We would like your precious help to resolve a legal question that bothers us.
The case: one of our resellers has numerous subsidiaries with all of them having different legal entities.
The question: does our reseller, as being an indirect reseller in CSP will be able to buy license from us (as his Indirect Provider) and then resell these licenses to the subsidiaries, which in CSP languague will be their end customers (i.e., due to the fact that each one of them has their own legal entity).
Could you please help us understand if there is any confict following the case details? Any link to the appropriate documentation will help us. The one we were reviewing can be found here.
Thank you in advance for your significant support and help!
Warm regards,
Nick
cc @JillArmourMicrosoft @JillArmour
Dear community, We are an Indirect Provider in CSP, located in EU (CEMA Region). We would like your precious help to resolve a legal question that bothers us. The case: one of our resellers has numerous subsidiaries with all of them having different legal entities.The question: does our reseller, as being an indirect reseller in CSP will be able to buy license from us (as his Indirect Provider) and then resell these licenses to the subsidiaries, which in CSP languague will be their end customers (i.e., due to the fact that each one of them has their own legal entity).Could you please help us understand if there is any confict following the case details? Any link to the appropriate documentation will help us. The one we were reviewing can be found here. Thank you in advance for your significant support and help! Warm regards,Nickcc @JillArmourMicrosoft @JillArmour Read More
