Category: Microsoft
Category Archives: Microsoft
Introducing Personal Data Encryption for developers
Personal Data Encryption (PDE) along with BitLocker constitutes Windows data protection on Windows devices. BitLocker is a Windows security feature that provides encryption for entire volumes, addressing the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned devices. However, there are some cases in which BitLocker protection alone might not be sufficient. For example, Trusted Platform Module (TPM) bus sniffing, targeting devices that do not have BitLocker TPM + PIN options set, or trying to get encryption keys by sniffing the unsecured bus between the CPU and TPM can all put BitLocker protected personal data at risk. Direct Memory Access (DMA) based drive-by attacks target devices with unsecured DMA ports and work by bypassing the sign in and getting directly to the end user’s data. Applications and browsers that utilize AI to power recommendation engines capture sensitive user data and also need to be protected.
PDE provides an extra layer of security, in addition to that provided by BitLocker, for when the device is locked and powered on, protecting it from sophisticated physical attacks. PDE uses Windows Hello for Business to link data encryption keys with user credentials. When a user signs in to a device using Windows Hello for Business, decryption keys are released, and encrypted data is accessible to the user. It’s important to note that PDE and BitLocker are not dependent on each other. PDE can be used with or without any other full disk encryption solutions, although it is highly recommended to use both.
PDE API offers a comprehensive and extensible set of low-level APIs for the protection of end-user content. These APIs enable the encryption of end-user data, and the keys used for encryption are protected by the user’s Windows Hello credentials. It is important to note that PDE is exclusively available in Windows Enterprise and Education editions.
Content-generating applications can use the PDE API to protect content for two levels of security:
L1 (AfterFirstUnlock) level of protection: Data protected to this level is accessible only after the first device unlock, and it will continue to be available thereafter.
L2 (WhileUnlocked) level protection: Data protected to this level is only available when the device is unlocked and provides additional protection.
Now let’s look at how an application that generates content can use PDE API to protect files, folders, and buffers.
Use cases for PDE API
PDE API provides a feature set for app developers building Windows applications that generate or modify end-user content on Windows devices.
Industries such as defense, banking, healthcare, and insurance are just some examples of commercial environments that handle a lot of sensitive data and need additional protection to help ensure data security.
Note: PDE is also applied to all content within the known Windows folders such as Documents, Desktop and Pictures that have the L1 level of protection and are available as part of the OS, enabled as a Microsoft Intune policy. This new feature will be available in Windows 11, version 24H2, which is currently available in the Windows Insider Program via the Release Preview Channel.
Using the PDE API
Before getting started, PDE needs to be enabled on the device being used for development using the PDE API. PDE is enabled by policy from a Microsoft Device Management solution like Intune to a group of users in an organization by the IT admin. For more details, see our PDE documentation and our documentation on PDE with the Data Protection API.
Below, we outline a sample application that uses the different functions in the PDE API and the possible scenarios in which they can be used. As shown in the screenshot below, the application walks through protecting folders, files, and text (buffers) with two levels of security as well as unprotecting them. The complete code is available on GitHub.
View of the sample application used to show the PDE API
Packages or libraries to import to start using PDE API in applications
Since PDE API is a Windows Runtime API, integrating it into a project requires some initial steps, as outlined in this article about Windows Runtime APIs. When set up is complete, ensure that Microsoft.Windows.SDK.Contracts package (latest stable version) is installed through the Nuget Package Manager.
The library Microsoft.Windows.SDK.Contracts is installed using the Nuget Package Manager, and then you can import Windows.Security.DataProtection library into code.
Screenshot of references including Microsoft.Windows.SDK.Contracts
<code>
using Windows.Security.DataProtection;
</code>
Windows.Security.DataProtection namespace contains different classes that provide methods to protect/unprotect files and buffers, provide information about availability of the storage item, and provide the status of unprotecting a buffer and callback methods to block/unblock future events.
Global variables in code
Below is the set of global variables that are referenced in code:
UserDataProtectionManager dataProtectionManager;
String selectedFolder = String.Empty;
String selectedFile = String.Empty;
Protecting a folder or file using functions in Windows.Security.DataProtection
The DataProtection namespace provides the UserDataProtectionManager class. When instantiated, this class provides static methods to protect/unprotect folders, files, and buffers.
<code>
dataProtectionManager = UserDataProtectionManager.TryGetDefault();
</code>
The TryGetDefault() method called on the UserDataProtectionManager returns an instance of this class for the current user. The returned instance, if null, means that the PDE policy is not yet enabled on the device or PDE is not supported on the device.
ProtectStorageItemAsync (IStorageItem, UserDataAvailability) is the method used to protect files andfolders. The method takes two parameters: IStorageItem object, which is an encapsulation of a path, and UserDataAvailability object, which is an Enum representing the availability of the protected data. ProtectStorageItemAsync protects one storage item at a time. If the path represents a folder, the onus for recursively protecting all the files and subfolders is on the application. The folder needs to be protected before its contents are. This ensures that any item that is added to the folder later will automatically be protected to the same level as the parent. The code for it could look something like the code snippet below.
Note: It is a security best practice to always encrypt files and folders before data is written to them especially if at startup the OS detects that PDE is available. If PDE is available, the app should protect the folder where it caches its data and protect any file it creates before writing any data if the file isn’t in a folder that is already protected.
Folder or file protection
Please note the call to the ProtectAndLog to protect the folder before protecting all the files in the folder ensures any new additions are automatically protected. The difference between protecting a file or folder is the IStorageItem that gets created. Once an item is created, it is the same ProtectStorageItemSync method that is called for protecting both the file and folder.
<code>
async void ProtectAndLog(IStorageItem item, UserDataAvailability level)
{
try
{
var protectResult = await dataProtectionManager.ProtectStorageItemAsync(item, level);
if (protectResult == UserDataStorageItemProtectionStatus.Succeeded)
{
LogLine(“Protected ” + item.Name + ” to level ” + level);
}
else
{
LogLine(“Protection failed for ” + item.Name + ” to level ” + level + “, status: ” + protectResult);
}
}
catch (NullReferenceException)
{
LogLine(“PDE not enabled on the device, please enable before proceeding!!”);
}
}
async void ProtectFolderRecursively(StorageFolder folder, UserDataAvailability level)
{
// Protect the folder first so new files / folders after this point will
// get protected automatically.
ProtectAndLog(folder, level);
// Protect all sub-folders recursively.
var subFolders = await folder.GetFoldersAsync();
foreach (var subFolder in subFolders)
{
ProtectFolderRecursively(subFolder, level);
}
// Finally protect all existing files in the folder.
var files = await folder.GetFilesAsync();
foreach (var file in files)
{
ProtectAndLog(file, level);
}
}</code>
Folder or file protection status
UserDataStorageItemProtectionStatus is an enum that is populated with the result of the Protect call. This enum is used in the above example to log the appropriate result. The other values in this enum are:
DataUnavailable (2): Requested protection cannot be applied because the data are currently unavailable. For example, changing availability from “WhileUnlocked” to “AfterFirstUnlock” is not possible while the device is locked.
NotProtectable (1): The system does not support protection of the specified storage item.
View of folder protected to L2 and all files within it protected
View of folder before PDE protection is applied
View of folder after PDE protection is applied
Further exploring the properties of a protected file gives the end user a view of the availability level to which the file is PDE protected. It also provides information about the On/Off status of Personal Data Encryption.
View of the properties of a protected file showing PDE protection and protection level
Protecting buffers using functions in Windows.Security.DataProtection
Along with files, systems also store data in buffers as part of processing. If not protected, these buffers can lead to compromises in security. Buffers in scope are the ones that are persisted.
The ProtectBufferAsync method takes as input the buffer object (any object that implements iBuffer interface) and the level (Enum UserDataAvailability) to which the buffer would need to be protected.
Note: PDE doesn’t protect streams directly. The application will have to protect them in chunks.
The text in the sample below represents a string from any source:
<code>
async void ProtectBuffer(String text, UserDataAvailability level)
{
// Empty buffers cannot be protected, please ensure that text length is not zero.
if (text.Length == 0)
{
return;
}
try
{
var buffer = CryptographicBuffer.ConvertStringToBinary(text, BinaryStringEncoding.Utf8);
var protectedContent = await dataProtectionManager.ProtectBufferAsync(buffer, level);
String protectbase64EncodedContent = CryptographicBuffer.EncodeToBase64String(protectedContent);
bufferOutputTextBox.Text = protectbase64EncodedContent;
LogLine(“Protected buffer: ” + protectbase64EncodedContent);
}
catch (NullReferenceException nrex)
{
LogLine(“PDE not enabled on the device, please enable before proceeding!!”);
LogLine(nrex.ToString());
} }
</code>
Unprotecting files and buffers
The UserDataAvailability enum that sets the protection has three levels:
0: User data is unprotected
1: Data is protected until the first device sign in/unlock and will be unprotected after that
2: Data is protected until first device sign in and when the device screen is locked, and available at other times.
Based on these availability levels, a file can be unprotected by changing the UserDataAvailability value to 0. The unprotection method for buffers is explicit because the buffers are not available when protected, so there is a function in the API for unprotecting the buffer.
<code>
async void UnprotectBuffer(String g_protectbase64EncodedContent)
{
var protectedBuffer = CryptographicBuffer.DecodeFromBase64String(protectbase64EncodedContent);
try
{
var result = await dataProtectionManager.UnprotectBufferAsync(protectedBuffer);
if (result.Status == UserDataBufferUnprotectStatus.Succeeded)
{
String unprotectedText = CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf8, result.UnprotectedBuffer);
LogLine(“Result of Unprotecting the buffer:” + unprotectedText
);
bufferOutputTextBox.Text = “”;
bufferOutputTextBox.Text = unprotectedText;
LogLine(“Status of Unprotecting the buffer:” + result.Status);
}
else
{
LogLine(“This protected buffer is currently unavailable for unprotection”);
}
}
catch(NullReferenceException nrex)
{
LogLine(“PDE not enabled on the device, please enable before proceeding!!”);
LogLine(nrex.ToString());
}
catch(Exception ex)
{
LogLine(“Please verify first the input text provided for unprotecting!”);
LogLine(ex.ToString());
} }
</code>
Buffer unprotection statuses
UserDataBufferUnprotectStatus is the enum that carries the status of unprotection performed on the buffer. In the example above, this status is used to log the appropriate status. There are two members in this enum:
Succeeded(0): Unprotecting the provided buffer succeeded and the result buffer is available in UnprotectedBuffer member
Unavailable(1): Unprotecting the provided buffer is not possible as the protected data is currently unavailable.
View of buffer protection and protected to L2 availability.
View of unprotecting buffer and console.
Below is the code snippet on how to listen to the event. In this example, the event is listened to when the form is loaded.
<code>
private void Form2_load(object sender, EventArgs e)
{
dataProtectionManager = UserDataProtectionManager.TryGetDefault();
if (dataProtectionManager == null)
{
LogLine(“Personal Data Encryption is not supported or enabled. Restart this app to check again.”);
}
else
{
LogLine(“Personal Data Encryption is enabled.”);
dataProtectionManager.DataAvailabilityStateChanged += (s, M_udpm_DataAvailabilityStateChanged) => {
LogCurrentDataAvailability();
LogLine(“Listening to DataAvailabilityStateChanged event”);
};
} }
private void M_udpm_DataAvailabilityStateChanged(UserDataProtectionManager sender, UserDataAvailabilityStateChangedEventArgs args)
{
LogLine(“DataAvailabilityStateChanged event received”);
LogCurrentDataAvailability();
}
</code>
This class is earmarked for future updates of the API.
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.
Microsoft Tech Community – Latest Blogs –Read More
SharePoint Online/M365 – backup and restore permissions
Is there a way to create a backup of the entire site permissions, including unique permissions at libraries/lists/items? If so, a way to restore them?
I’ve had users accidentally removing the groups permissions at the site level and re-granting these permissions (manually) at site level don’t really work on some contents with unique permissions, wondering if there’s any easy way to restore the permissions.
Is there a way to create a backup of the entire site permissions, including unique permissions at libraries/lists/items? If so, a way to restore them?I’ve had users accidentally removing the groups permissions at the site level and re-granting these permissions (manually) at site level don’t really work on some contents with unique permissions, wondering if there’s any easy way to restore the permissions. Read More
DPM
Hello – my company is new to the Microsoft Partnership and we were told we should have a DPM. How do we go about getting one assigned to us?
Thanks,
Jess
Hello – my company is new to the Microsoft Partnership and we were told we should have a DPM. How do we go about getting one assigned to us? Thanks,Jess Read More
Discover Steev Innovative Solutions for Modern Challenges
Explore Steev, your go-to source for cutting-edge solutions and innovative approaches to modern challenges. Learn about our services, expertise, and how we can help you achieve your goals with efficiency and creativity. Join the Steev community today and transform your vision into reality.
Explore Steev, your go-to source for cutting-edge solutions and innovative approaches to modern challenges. Learn about our services, expertise, and how we can help you achieve your goals with efficiency and creativity. Join the Steev community today and transform your vision into reality. Read More
External user can not share folder with existing Azure user
Good evening,
We have a situation in which we work with 2 companies on their join-venture entity on a separated tenant.
So we have a joint venture between company A and company B.
Both companies use B2B direct connect to access shared channels in company C (joint venture entity).
External users (from company A and company B) are unable to share folders from company C. They always see a message:
We couldn’t find an exact match.
They are not trying to share externally, we agreed to share files only with existing team members, so they are added at least to one channel in company C (this is done via PowerAutomate and Microsoft Forms – and works).
Internal users (company C) are able to share with internal users (company A and company B) if they are added to at least one channel -> the prompting also suggest external users, which are not members of a specific channel.
External users -> they can write full e-mail address (no prompting – expected behavior), but than they receive a message:
We couldn’t find an exact match.
External users can find only existing channel members of the channel they want to share (what is not sufficient). We have General channel member and want to share something from Slides channel (for example).
Maybe there is a way to enable it for external users? I already tried a few SharePoint Management Shell commands, but it did not work for us.
Thank you for any response.
Good evening,We have a situation in which we work with 2 companies on their join-venture entity on a separated tenant.So we have a joint venture between company A and company B.Both companies use B2B direct connect to access shared channels in company C (joint venture entity). External users (from company A and company B) are unable to share folders from company C. They always see a message:We couldn’t find an exact match. They are not trying to share externally, we agreed to share files only with existing team members, so they are added at least to one channel in company C (this is done via PowerAutomate and Microsoft Forms – and works). Internal users (company C) are able to share with internal users (company A and company B) if they are added to at least one channel -> the prompting also suggest external users, which are not members of a specific channel. External users -> they can write full e-mail address (no prompting – expected behavior), but than they receive a message:We couldn’t find an exact match.External users can find only existing channel members of the channel they want to share (what is not sufficient). We have General channel member and want to share something from Slides channel (for example). Maybe there is a way to enable it for external users? I already tried a few SharePoint Management Shell commands, but it did not work for us. Thank you for any response. Read More
PowerAutomate flow “for a selected item” for external user
Good evening,
I have B2B direct connect users in my SharePoint.
They can access the files and collaborate on them, but are unable to start Automate menu and run the flow.
User, even external, has Power Automate Free license assigned and is added as Run-only user to this flow (flow uses service account to perform all actions).
Is there any way to show the Automate menu for external users?
Thank you,
any answer will be much appreciated.
Good evening,I have B2B direct connect users in my SharePoint.They can access the files and collaborate on them, but are unable to start Automate menu and run the flow. User, even external, has Power Automate Free license assigned and is added as Run-only user to this flow (flow uses service account to perform all actions). Is there any way to show the Automate menu for external users? Thank you,any answer will be much appreciated. Read More
Public Preview: Creating Web App with a Unique Default Hostname
App Service now allows you to create web apps with unique default hostnames to avoid a high-severity threat of subdomain takeover.
This feature is currently in Public Preview and is only available for web apps on multi-tenants. App Service Environment (ASE) resources are not supported. Functions and Logic Apps (Standard) are currently out of scope, but we have plans on supporting them soon, so stay tuned.
This feature would require you to “opt-in” to create a site with a unique default hostname. This means that when you create a site through the portal, you will need to select the option to enable the feature; Azure Portal will be fully deployed by June 7th, 2024. When you create a site through ARM, you will need to provide your deployment templates with new parameters. You will not be able to update pre-existing web apps to create unique default hostnames; unique default hostnames can only be opt-in during web app resource creation.
This article will go over the following:
What are dangling DNS and subdomain takeover
How the unique default hostname feature works
How to create new web app with a unique default hostname
What are dangling DNS and subdomain takeover?
One of the most common scenarios for subdomain takeover is when a customer forgets to clear the DNS entries after deleting a pre-existing web causing dangling DNS. A bad actor could come in and create a web app with the same name and use the pre-existing DNS records to takeover domains because the web app will still have the same default hostname as the previously deleted one. You can learn more about dangling DNS and subdomain takeover here.
How does this feature work?
The unique default hostname will have a different format than the original global default hostname in two ways. The unique default hostname will include:
A random hash appended to the web app name with a dash “-”
A region name
Comparing the format between the global (original) default hostnames and the unique (new) default hostnames, here is how the general format would look like:
Global (Original)
Unique (New)
Default Hostname Format
<AppName>.azurewebsites.net
<AppName>-<RandomHash>.<Region>.azurewebsites.net
SCM Endpoint Format
<AppName>.scm.azurewebsites.net
<AppName>-<RandomHash>.<Region>.scm.azurewebsites.net
As an example, if you create a site called “test” in East US:
Site Name
test
Unique Default Hostname
test-a6gqaeashthkhkeu.eastus-01.azurewebsites.net
SCM Endpoint
test-a6gqae9sh1hkhk8u.scm.eastus-01.azurewebsites.net
How does the hash in the unique default hostname work
The hash used for the unique default hostname would be a 16-character hash. This hash could be configured to a given “scope”, which ensures the degree of how unique you would like default hostname to be.
You can choose to generate the hash based on the following “scopes”:
Tenant Reuse
Subscription Reuse
Resource Group Reuse
No Reuse
So as an example, for my site called “test”, I could choose to generate a hash that could be shared across my subscription if I selected the “Subscription Reuse”. What this means is that anyone in my subscription who tries to create a web app called “test” in any region using the “Subscription Reuse” will end up with the same hash as I would. Anyone else outside of my subscription who tries to create a site name called “test” will not end up with the same hash as I would.
If your team tends to redeploy web apps in different environments for testing, it could be helpful to select a scope that is shared between environments. As an example, I have both Subscription AA (test subscription) and Subscription AB (production subscription) under Tenant A, and I tend to redeploy resources from Subscriptions AA to AB. What I should do is to deploy a site with the unique default hostname that uses the “Tenant Reuse” in Subscription AA because both subscriptions share the same tenant. Then when I need to delete and redeploy in Subscription AB, I should keep using Tenant Reuse. This ensures that the site I create will still have the exact same default hostname. More importantly, during the period that I try to delete and redeploy my resource, no one else outside of my tenant would be able to recreate another site with the exact same default hostname as my own site, which protects me from the threats of subdomain takeovers.
Hash and deployment slots
Your deployment slots will also follow the same format as your production site. However, each of your deployment slots will contain a different set of hashes from the production site and other deployment slots. Your slots will always be created with the same scope as the production site.
Comparing the format for slots between the global (original) default hostnames and the unique (new) default hostnames, here is how the general format would look like:
Global (Original)
Unique (New)
Default Hostname Format
<AppName>-<SlotName>.azurewebsites.net
<AppName>-<SlotName>-<RandomHash>.<Region>.azurewebsites.net
SCM Endpoint Format
<AppName>-<SlotName>.scm.azurewebsites.net
<AppName>-<SlotName>-<RandomHash>.<Region>.scm.azurewebsites.net
As an example, if you create a site called “test” and a slot called “slot” in East US:
Site Name
test (production site)
slot (deployment slot)
Unique Default Hostname
test-a6gqaeashthkhkeu.eastus-01.azurewebsites.net
test-slot-ekcda0qhg9em5yc9.eastus-01.azurewebsites.net
SCM Endpoint
test-a6gqae9sh1hkhk8u.scm.eastus-01.azurewebsites.net
test-slot-ekcda0qhg9em5yc9.scm.eastus-01.azurewebsites.net
You will notice that the hashes from the production site and the deployment slot are different, and this is the expected behavior. If you created site called “test” with “Tenant Reuse” and then created a slot called “slot”, anyone within your tenant who creates the same resources with those names will also get the same hashes that correspond to “test” and “slot”.
How does the region in the unique default hostname work
The region in the unique default hostname would be based on the region where the site is located. Since the unique default hostname is now regionalized, you will be able to create a site called “test” in different regions. The site name however still must be regionally unique, which means that there can only be one site called “test” in East US regardless if they have different hash values.
You will notice that the region name is appended by a number (ie. “-01”). You should expect that this number could change at any time in the future, and you should not have any hard dependencies or hard code the number appended to the region.
How to create a web app with a unique default hostname?
You can create a web app with a unique default hostname through Azure Portal, API, or ARM. CLI is currently not supported. This can only be done during resource creation, meaning that you will not be able to update your pre-existing web apps to have a unique default hostname. You will have to decide during resource creation to create a site with a unique (new) default hostname or a global (original) default hostname format – it’s one or the other.
Azure Portal
Any site created with a unique default hostname through Azure Portal will be created using the “Tenant Reuse” level (for more information, refer to section “How does the hash in the unique default hostname work”). Azure Portal will be fully deployed by June 7th, 2024.
If you would like to create a web app with a different scope for the hash, kindly use ARM or API.
To create a new web app with unique hostname on Azure Portal:
Go to the Web App Create page
Toggle option to enable “unique default hostname”
Fill out the required fields and click “Review + create”
ARM or API
If you are creating a web app using ARM or API, you can use this method to deploy your web app with a unique default hostname. You can also select the scope you would like to create your hash with.
In your API or ARM request, you need to add the following property to your site properties in the payload.
“AutoGeneratedDomainNameLabelScope”: “TenantReuse”
For the different scope level for your hash, you can choose from:
TenantReuse
SubscriptionReuse
ResourceGroupReuse
NoReuse
Sample API Call
PUT https://management.azure.com/subscriptions/<SUBSCRIPTIONID>/resourceGroups/<RGNAME>/providers/Microsoft.Web/sites/<SITENAME>?api-version=2022-03-01
{
“location”: “Central US”,
“kind”: “app”,
“properties”: {
“serverFarmId”: “<AppServicePlan”,
“AutoGeneratedDomainNameLabelScope”: “TenantReuse”,
…
…
}
}
Ending Note
We will continue to support pre-existing web apps that were created with the original global default hostnames. However, we highly encourage all customers to start creating web apps with the unique default hostnames to protect your organization from the threats of subdomain takeovers.
Microsoft Tech Community – Latest Blogs –Read More
How to fix windows update error: “Error ecountered, We couldn’t connect to the update service …”
I have tried all the “fixes” suggested here, here, and here, to no avail.
Specifically, I have attempted the following:
Disabling all third-party antivirus/antimalware software (in my case, MalwareBytes and CCleaner. I ran full scans with both products first before disabling them and rebooting, just to make sure a virus wasn’t causing my problems).I also disabled the Windows firewall and rebooted but that did not workRunning the Windows Update Troubleshooter did not work – I was even transferred to an agent who was unable to help me and suggested coming here to see if I could get it fixedI tried resetting windows update components and restarting but this did not work either.Changing my DNS settings to point to 8.8.8.8 and 8.8.4.4 for primary and secondary DNS servers, respectively.Deleting everything inside the C:WindowsSoftwareDistribution after stopping wuauserv, cryptSvc, bits, and msiserver (and starting them again after rebooting my PC).Running sfc /scannow (which indicated that there were no corrupted system files).Running the batch file Reset_Reregister_Windows_Update_Components_for_Windows11.bat, which I downloaded from here.While running the command line app as administrator, I also tried the following command DISM /Online /Cleanup-Image /RestoreHealth and it did not work.I also tried deleting the group policy and restarting and that did not workI checked the time and date settings and everything looks fine thereI run the network troubleshooter and everything seems fine there
I have tried everything I could find on Google to no avail. I attached the Windows update log to see if anyone can help me here. WindowsUpdate.log
In the Windows update log attached above, I noted the following error messages with corresponding codes:
2024/05/30 01:15:33.3272490 11192 11216 DataStore DS: JetAttachDatabase failed. Database file was not found.
…
…
…
2024/05/30 01:15:33.7967348 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1030
2024/05/30 01:15:33.7967367 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1068
…
…
…
2024/05/30 01:15:33.8226919 11192 9744 SLS Making request with URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ and send SLS events, cV=LDEDIm+/GECTvKjD.1.0.0.2.
2024/05/30 01:15:34.7058700 11192 9744 Misc *FAILED* [80072F8F] WinHttp: SendRequestWithAuthRetry using proxy failed for <HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++>
2024/05/30 01:15:34.7058782 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibDownloadFileDownloadSession.cpp @853
2024/05/30 01:15:34.7059155 11192 9744 SLS Complete the request URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ with [80072F8F] and http status code[0] and send SLS events.
2024/05/30 01:15:34.7059269 11192 9744 SLS *FAILED* [80072F8F] GetDownloadedOnWeakSSLCert
2024/05/30 01:15:34.7069919 11192 9744 SLS *FAILED* [80072F8F] Method failed [CSLSClient::GetResponse:660]
2024/05/30 01:15:34.7070022 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1842
2024/05/30 01:15:34.7070062 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1387
2024/05/30 01:15:34.7070107 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1398
2024/05/30 01:15:34.7070131 11192 9744 Agent *FAILED* [80072F8F] Method failed [CAgentServiceManager::DetectAndToggleServiceState:3020]
2024/05/30 01:15:34.7070151 11192 9744 Agent *FAILED* [80072F8F] SLS sync failed during service registration (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160785 11192 9744 Agent Total possible federated services: 1 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160829 11192 9744 Agent Candidate federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160888 11192 9744 Agent Federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 is not added due to an associated SLS registration failure (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160901 11192 9744 Agent Total allowed federated services: 0 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160941 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientEngineAgentRegisteredServiceUtil.cpp @3484
2024/05/30 01:15:34.7160985 11192 9744 Agent *FAILED* [80072F8F] Failed to execute service registration call {C7171C38-18A1-4626-9EA4-4A7328477514} (cV: LDEDIm+/GECTvKjD.1.0.1)
2024/05/30 01:15:34.7161306 11192 9744 Reporter OS Product Type = 0x00000030
2024/05/30 01:15:34.7284776 11192 9744 IdleTimer WU operation (SR.Device Driver Retrieval Client ID 1, operation # 3) stopped; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7336610 1176 11100 ComApi * END * Federated Search failed to process service registration, hr=0x80072F8F (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7338401 1176 11180 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7339160 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiXxxJob.cpp @372
2024/05/30 01:15:34.7339181 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiUpdateSearcher.cpp @343
2024/05/30 01:15:35.0160911 1176 11108 ComApi * START * SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0170264 11192 11228 IdleTimer WU operation (CDiscoveryCall::Init.{124B2C8C-ABC9-4FF9-8309-D790A2C090F2} ID 2) started; operation # 8; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171267 1176 11108 ComApi *QUEUED* SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171284 1176 11108 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0172085 11192 11328 Agent CDiscoveryCall::Execute – Invoking SLSClient (cv = LDEDIm+/GECTvKjD.2.1)
2024/05/30 01:15:35.0259499 11192 11328 SLS Get response for service 2B81F1BF-356C-4FA1-90F1-7581A62C6764 – forceExpire[False] asyncRefreshOnExpiry[True] (cV = LDEDIm+/GECTvKjD.2.2)
2024/05/30 01:15:35.0259552 11192 11328 SLS path used for cache lookup: /SLS/{2B81F1BF-356C-4FA1-90F1-7581A62C6764}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++
2024/05/30 01:15:35.0260299 11192 11328 SLS Retrieving SLS response from server…
2024/05/30 01:15:35.0263472 11192 11328 SLS MS-CV header: MS-CV: LDEDIm+/GECTvKjD.2.3
I also checked on error code 80070002 and realized I had to restart my router and run the network troubleshooter, but that did not solve the issue.
When I checked on error code 80072F8F I realized that I had to check if TLS 1.2 was enabled on my system but I am not sure how to go about it, including checking .NET frameworks and editing WinHTTP DefaultProtocol (DWORD) registry edits according to this link here. That’s where I got confused trying to figure things out since I am not sure how to go about it exactly and what to do or change.
I would appreciate any thoughts or help on this.
To solve this issue, I recently upgraded from Windows 11 Pro 23H2 to 24H2 x64 version 10.0.26100 build 26100, hardware abstraction layer 10.0.26100.1. Before the upgrade and even still after the upgrade, when I try to run Windows Update, I get the following error:I have tried all the “fixes” suggested here, here, and here, to no avail.Specifically, I have attempted the following:Disabling all third-party antivirus/antimalware software (in my case, MalwareBytes and CCleaner. I ran full scans with both products first before disabling them and rebooting, just to make sure a virus wasn’t causing my problems).I also disabled the Windows firewall and rebooted but that did not workRunning the Windows Update Troubleshooter did not work – I was even transferred to an agent who was unable to help me and suggested coming here to see if I could get it fixedI tried resetting windows update components and restarting but this did not work either.Changing my DNS settings to point to 8.8.8.8 and 8.8.4.4 for primary and secondary DNS servers, respectively.Deleting everything inside the C:WindowsSoftwareDistribution after stopping wuauserv, cryptSvc, bits, and msiserver (and starting them again after rebooting my PC).Running sfc /scannow (which indicated that there were no corrupted system files).Running the batch file Reset_Reregister_Windows_Update_Components_for_Windows11.bat, which I downloaded from here.While running the command line app as administrator, I also tried the following command DISM /Online /Cleanup-Image /RestoreHealth and it did not work.I also tried deleting the group policy and restarting and that did not workI checked the time and date settings and everything looks fine thereI run the network troubleshooter and everything seems fine thereI have tried everything I could find on Google to no avail. I attached the Windows update log to see if anyone can help me here. WindowsUpdate.logIn the Windows update log attached above, I noted the following error messages with corresponding codes: 2024/05/30 01:15:33.3272490 11192 11216 DataStore DS: JetAttachDatabase failed. Database file was not found.
…
…
…
2024/05/30 01:15:33.7967348 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1030
2024/05/30 01:15:33.7967367 11192 11216 Agent *FAILED* [80070002] wuauengcore.dll, C:__w1ssrcClientlibutilfileutil.cpp @1068
…
…
…
2024/05/30 01:15:33.8226919 11192 9744 SLS Making request with URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ and send SLS events, cV=LDEDIm+/GECTvKjD.1.0.0.2.
2024/05/30 01:15:34.7058700 11192 9744 Misc *FAILED* [80072F8F] WinHttp: SendRequestWithAuthRetry using proxy failed for <HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++>
2024/05/30 01:15:34.7058782 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibDownloadFileDownloadSession.cpp @853
2024/05/30 01:15:34.7059155 11192 9744 SLS Complete the request URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++ with [80072F8F] and http status code[0] and send SLS events.
2024/05/30 01:15:34.7059269 11192 9744 SLS *FAILED* [80072F8F] GetDownloadedOnWeakSSLCert
2024/05/30 01:15:34.7069919 11192 9744 SLS *FAILED* [80072F8F] Method failed [CSLSClient::GetResponse:660]
2024/05/30 01:15:34.7070022 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1842
2024/05/30 01:15:34.7070062 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1387
2024/05/30 01:15:34.7070107 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientlibEndpointProvidersEndpointProviders.cpp @1398
2024/05/30 01:15:34.7070131 11192 9744 Agent *FAILED* [80072F8F] Method failed [CAgentServiceManager::DetectAndToggleServiceState:3020]
2024/05/30 01:15:34.7070151 11192 9744 Agent *FAILED* [80072F8F] SLS sync failed during service registration (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160785 11192 9744 Agent Total possible federated services: 1 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160829 11192 9744 Agent Candidate federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160888 11192 9744 Agent Federated service 9482F4B4-E343-43B6-B170-9A65BC822C77 is not added due to an associated SLS registration failure (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160901 11192 9744 Agent Total allowed federated services: 0 (cV: LDEDIm+/GECTvKjD.1.0.0.)
2024/05/30 01:15:34.7160941 11192 9744 Agent *FAILED* [80072F8F] wuauengcore.dll, C:__w1ssrcClientEngineAgentRegisteredServiceUtil.cpp @3484
2024/05/30 01:15:34.7160985 11192 9744 Agent *FAILED* [80072F8F] Failed to execute service registration call {C7171C38-18A1-4626-9EA4-4A7328477514} (cV: LDEDIm+/GECTvKjD.1.0.1)
2024/05/30 01:15:34.7161306 11192 9744 Reporter OS Product Type = 0x00000030
2024/05/30 01:15:34.7284776 11192 9744 IdleTimer WU operation (SR.Device Driver Retrieval Client ID 1, operation # 3) stopped; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7336610 1176 11100 ComApi * END * Federated Search failed to process service registration, hr=0x80072F8F (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7338401 1176 11180 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.1.0)
2024/05/30 01:15:34.7339160 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiXxxJob.cpp @372
2024/05/30 01:15:34.7339181 1176 11180 ComApi *FAILED* [80072F8F] wuapicore.dll, C:__w1ssrcClientcomapiUpdateSearcher.cpp @343
2024/05/30 01:15:35.0160911 1176 11108 ComApi * START * SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0170264 11192 11228 IdleTimer WU operation (CDiscoveryCall::Init.{124B2C8C-ABC9-4FF9-8309-D790A2C090F2} ID 2) started; operation # 8; does use network; is not at background priority (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171267 1176 11108 ComApi *QUEUED* SLS Discovery (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0171284 1176 11108 ComApi XxxJobImpl: _EndXxx invoked (cV = LDEDIm+/GECTvKjD.2.0)
2024/05/30 01:15:35.0172085 11192 11328 Agent CDiscoveryCall::Execute – Invoking SLSClient (cv = LDEDIm+/GECTvKjD.2.1)
2024/05/30 01:15:35.0259499 11192 11328 SLS Get response for service 2B81F1BF-356C-4FA1-90F1-7581A62C6764 – forceExpire[False] asyncRefreshOnExpiry[True] (cV = LDEDIm+/GECTvKjD.2.2)
2024/05/30 01:15:35.0259552 11192 11328 SLS path used for cache lookup: /SLS/{2B81F1BF-356C-4FA1-90F1-7581A62C6764}/x64/10.0.26100.712/0?CH=115&L=en-US;de-DE&P=RingExternal;WUMUDCat&PT=0x30&WUA=1305.2404.25012.0&MK=Notebook++++++++++++++++++++++++&MD=N95TP6+++++++++++++++++++++++++
2024/05/30 01:15:35.0260299 11192 11328 SLS Retrieving SLS response from server…
2024/05/30 01:15:35.0263472 11192 11328 SLS MS-CV header: MS-CV: LDEDIm+/GECTvKjD.2.3 I also checked on error code 80070002 and realized I had to restart my router and run the network troubleshooter, but that did not solve the issue.When I checked on error code 80072F8F I realized that I had to check if TLS 1.2 was enabled on my system but I am not sure how to go about it, including checking .NET frameworks and editing WinHTTP DefaultProtocol (DWORD) registry edits according to this link here. That’s where I got confused trying to figure things out since I am not sure how to go about it exactly and what to do or change.I would appreciate any thoughts or help on this. Read More
Equation Question
The following is a formula that I have in my spreadsheet:
=-SUM(SUMIF(INDIRECT({“k2″,”k7″,”k11″,”k15″,”k19″,”k23″,”k27″,”k31″,”k35″,”k39″,”k43″,”k47″,”k51″,”k55″}),”>0″))
I would like to drag, or copy the formula to column L and have all references to column K change to column L. What is the easiest way to do this. I’m currently using Word and doing a search and replace for K and changing to L.
Thanks in advance…John
The following is a formula that I have in my spreadsheet:=-SUM(SUMIF(INDIRECT({“k2″,”k7″,”k11″,”k15″,”k19″,”k23″,”k27″,”k31″,”k35″,”k39″,”k43″,”k47″,”k51″,”k55″}),”>0″)) I would like to drag, or copy the formula to column L and have all references to column K change to column L. What is the easiest way to do this. I’m currently using Word and doing a search and replace for K and changing to L. Thanks in advance…John Read More
Copilot in Word – use web content and citations
I want to use Copilot in Word to write a summary about information from the web. I want Copilot to add references for the information it wrote, so I can cross-check if the generated information is correct and validate sources.
An example prompt in Copilot in Word for instance: “Write recent news events from last week, add citations”.
However, I noticed that Copilot in Word doesn’t seem to have recent web information, instead it writes old-dated content. Also, it adds a template for the URL but doesn’t fill in the URL. Instead, it writes a pattern such as: “[URL: [URL]]” but not the actual URL.
How can I ensure Copilot in Word uses web search content, as well as adds all reference URLs for the summarized information (similar to Bing Chat Enterprise)?
I want to use Copilot in Word to write a summary about information from the web. I want Copilot to add references for the information it wrote, so I can cross-check if the generated information is correct and validate sources. An example prompt in Copilot in Word for instance: “Write recent news events from last week, add citations”. However, I noticed that Copilot in Word doesn’t seem to have recent web information, instead it writes old-dated content. Also, it adds a template for the URL but doesn’t fill in the URL. Instead, it writes a pattern such as: “[URL: [URL]]” but not the actual URL. How can I ensure Copilot in Word uses web search content, as well as adds all reference URLs for the summarized information (similar to Bing Chat Enterprise)? Read More
Office365 sharing calendar between desktop and mobile
I’m a paying 365 subscriber, and recently had to get a whole new iPhone and telephone number. I was easily able to also get Outlook mobile receiving my personal emails, but my calendar is not shared between the desktop and mobile versions of Outlook.
I’ve done my due diligence searching, but every response I see references settings that don’t exist in my Outlook. I presume they were older posts, while I likely have the very latest version(s).
This must be pretty basic, but I am clearly missing something.
I’m a paying 365 subscriber, and recently had to get a whole new iPhone and telephone number. I was easily able to also get Outlook mobile receiving my personal emails, but my calendar is not shared between the desktop and mobile versions of Outlook.I’ve done my due diligence searching, but every response I see references settings that don’t exist in my Outlook. I presume they were older posts, while I likely have the very latest version(s). This must be pretty basic, but I am clearly missing something. Read More
Link from Drop Down List to first blank cell on a specific worksheet (same WB)
Hello! I’m have a workbook with many data entry tables, each in a separate worksheet in the workbook. I need to set up a directory with a list of each of the ‘Tabs’ that will function as a hyperlink which sends the user to the last open cell in the table of the specified worksheet.
I’ve tried one suggestion that I couldn’t get to work correctly. Namely, by creating a ‘dummy’ named range pointing to a cell on order to get the hyperlink established, and then using the following formula to return the correct worksheet. I’ve tried using the INDIRECT(ADDRESS(XMATCH formulas without any success. Any assistance would be helpful. Thank you!
Hello! I’m have a workbook with many data entry tables, each in a separate worksheet in the workbook. I need to set up a directory with a list of each of the ‘Tabs’ that will function as a hyperlink which sends the user to the last open cell in the table of the specified worksheet. I’ve tried one suggestion that I couldn’t get to work correctly. Namely, by creating a ‘dummy’ named range pointing to a cell on order to get the hyperlink established, and then using the following formula to return the correct worksheet. I’ve tried using the INDIRECT(ADDRESS(XMATCH formulas without any success. Any assistance would be helpful. Thank you! Read More
I would like to understand the ease of integration between Entra ID and Atom C2
We are using Atom C2 as our ticketing platform to submit various types of requests, including access request, and would like to keep using C2 while making our transition to Entra ID, I am trying to understand the ease of integration between C2 and Entra ID. How would I go about doing it, could someone point me in the right direction?
We are using Atom C2 as our ticketing platform to submit various types of requests, including access request, and would like to keep using C2 while making our transition to Entra ID, I am trying to understand the ease of integration between C2 and Entra ID. How would I go about doing it, could someone point me in the right direction? Read More
Data Base Integration with Sentinel
Hi All,
I am quite new to Sentinel platform but not new to SIEM.
How to integrate Data Base (any like Oracle, MsSql etc) audit or application logs which is in different table other than audit whether it is on-prem or Azure or other cloud, with Sentinel.
As I do not see official Data connectors for data bases as like in Splunk, ArcSight etc.
Hi All, I am quite new to Sentinel platform but not new to SIEM. How to integrate Data Base (any like Oracle, MsSql etc) audit or application logs which is in different table other than audit whether it is on-prem or Azure or other cloud, with Sentinel. As I do not see official Data connectors for data bases as like in Splunk, ArcSight etc. Read More
Migrate data to Azure Managed Lustre retaining POSIX attributes
Introduction
This blog will utilize manual steps on for exporting data to blob storage in order to retain specific POSIX attributes. The exporting of data is achieved using the Lustre HSM (Hierarchical Storage Management) interface. The Managed Lustre system will need to have HSM enabled and setup in advance. See this article: Blob integration
For more information around setting up automatic synchronization to Azure BLOB Storage for Azure Managed Lustre refer to this blob post: Automatic Synchronization to Azure BLOB Storage.
Connect client to the Lustre file system
Client machines running Linux can access Azure Managed Lustre directly. See the following article that details the client prerequisites: Connect client to the file system
To mount lustre:
sudo mount -t lustre -o noatime,flock <MGS_IP>@tcp:/lustrefs /<client_path>
Migrate data retaining POSIX attributes
Once you have a client that is connected to the file system you can now copy data directly into that file system.
Assuming the source location is /mydata and the destination lustre file system is /lustredata
The -a option preserves all POSIX attributes, such as ownership, permissions, timestamps, symlinks, etc. See the rsync manual page for more details.
To copy data into lustre:
Note: When migrating data to AMLFS, ensure that the total storage used does not exceed the system’s allowed capacity. If migrating more storage than allowed by the file system capacity then files will need to be archived and released to blob storage as needed before continuing the data migration.
Export data and attributes to blob storage
Once the files have been copied into the Lustre File system, now utilize the export job process in order to write those files as well as the POSIX attributes as metadata to the blob storage container. This process includes using the export jobs with archive process.
Which POSIX attributes are retained during an export job?
When you export files from your Azure Managed Lustre system to blob storage there are additional attributes that are saved as metadata inside the blob storage as shown here: Metadata for exported files. The following attributes may be written as metadata to each object in blob storage depending on the type of object:
Parameter
Description
modtime
The last modification time of the file
owner
The owner of the file
group
The group owner of the file
permissions
The existing permissions of the file
hdi_isfolder
If object is a folder, this value is set to true. Name corresponds with folder name.
The metadata will appear in the blob attributes in storage as shown here:
Restoring data into a new Azure Managed Lustre File System:
Now that the blob storage contains the attributes for each blob object including permissions and ownership of each file and directory, this data can be imported into any new Azure Managed Lustre file system and retain those attributes as it does. Follow these steps in order to import data using import jobs.
Note: This step is only required when setting up a new Azure Managed Lustre File System. This is not required for utilizing the existing AMLFS the data was originally copied to.
References
Azure Managed Lustre File System Documentation
Azure Managed Lustre with Automatic Synchronisation to Azure BLOB Storage
GitHub repositories
Microsoft Tech Community – Latest Blogs –Read More
Calculations off–what am I doing wrong?
The calculations on my excel spreadsheet are off. It is a simple calculation. I am simply multiplying 2 columns.
The value of column e30 is $3.48 is being multiplied by column f30 1198. In column g30 it give me a sum of $4,174.95. The formula reads =SUM(E30*F30). However the correct answer is $4169.04. Other calculations on spread sheet check out. What am I doing wrong.
The calculations on my excel spreadsheet are off. It is a simple calculation. I am simply multiplying 2 columns. The value of column e30 is $3.48 is being multiplied by column f30 1198. In column g30 it give me a sum of $4,174.95. The formula reads =SUM(E30*F30). However the correct answer is $4169.04. Other calculations on spread sheet check out. What am I doing wrong. Read More
Identification and highlighting of interdependent materials within a bill of materials (BOM)
I am seeking assistance with a Bill of Materials (BOM) dataset that includes columns for Level, Pegged Requirement, and Material. In this dataset, a material number that has sub-materials appears as the Pegged Requirement, and these sub-materials can also have their own sub-materials, continuing this hierarchy down to the last level.
Is there a macro that can identify and highlight all rows that are dependent on a specific material number? This would assist in comprehending the complete dependency chain of any material, including all sub-levels.
Thank you in advance for your support!
I am seeking assistance with a Bill of Materials (BOM) dataset that includes columns for Level, Pegged Requirement, and Material. In this dataset, a material number that has sub-materials appears as the Pegged Requirement, and these sub-materials can also have their own sub-materials, continuing this hierarchy down to the last level.Is there a macro that can identify and highlight all rows that are dependent on a specific material number? This would assist in comprehending the complete dependency chain of any material, including all sub-levels. Thank you in advance for your support! Read More
Sharing folders with external users (not guest users)
When sharing a folder in SharePoint online with an external user (not a guest user), we are seeing that the subfolders are not also shared. External sharing is allowed at the tenant level. The subfolders are inheriting permissions from the parent which is the top folder. The external users can see the folder, but not the subfolders. Is this the expected result of sharing with external users?
TYIA
When sharing a folder in SharePoint online with an external user (not a guest user), we are seeing that the subfolders are not also shared. External sharing is allowed at the tenant level. The subfolders are inheriting permissions from the parent which is the top folder. The external users can see the folder, but not the subfolders. Is this the expected result of sharing with external users?TYIA Read More
Is/will Copilot in Teams able to follow/process shared content in Teams Meetings?
My team frequently uses Teams meetings for code reviews and discussions to share screen and view each other’s work. Is Copilot in Teams able to see/process shared content along with spoken audio to provide a wholistic summary of meeting content? This may also be useful in the case of shared files or live collaboration on M365 files like Word documents or PowerPoint presentations.
My team frequently uses Teams meetings for code reviews and discussions to share screen and view each other’s work. Is Copilot in Teams able to see/process shared content along with spoken audio to provide a wholistic summary of meeting content? This may also be useful in the case of shared files or live collaboration on M365 files like Word documents or PowerPoint presentations. Read More
How to pull data from multiple workbooks
I am trying to pull data from the same cell in multiple work sheets. All these files are labeled by date. There is a file for every day of the year. These files are massive with lots of data and can not be combined. The master where I would like to pull data and store here to use as a template to measure performance. This has a row for every single day and displays the average, max, and low.
I would like to match the row to match the file on where to pull the data from. Is there any way to do this without going back and forth between worksheets? I would like to continue to use this template year after year.
I am trying to pull data from the same cell in multiple work sheets. All these files are labeled by date. There is a file for every day of the year. These files are massive with lots of data and can not be combined. The master where I would like to pull data and store here to use as a template to measure performance. This has a row for every single day and displays the average, max, and low.I would like to match the row to match the file on where to pull the data from. Is there any way to do this without going back and forth between worksheets? I would like to continue to use this template year after year. Read More
