Category: Microsoft
Category Archives: Microsoft
Balancing “Car Simulator 2” and Outlook: Tips for Productivity on and off the Road
Hey everyone,
While I’ve been diving into “Car Simulator 2” for some relaxation, I’m also knee-deep in Outlook for work. It got me thinking, how do you all balance gaming and productivity tools like Outlook? Any neat tricks for managing both efficiently? I’d love to hear your thoughts on staying organized whether you’re behind the wheel in the virtual world or tackling your inbox in the real one!
Looking forward to your insights!
Hey everyone,While I’ve been diving into “Car Simulator 2” for some relaxation, I’m also knee-deep in Outlook for work. It got me thinking, how do you all balance gaming and productivity tools like Outlook? Any neat tricks for managing both efficiently? I’d love to hear your thoughts on staying organized whether you’re behind the wheel in the virtual world or tackling your inbox in the real one!Looking forward to your insights! Read More
Header background is being applied intermittently using Site Script in communication site
Hello All,
The problem is that while I am using some of the verbs in conjunction with the “setSiteBranding” in the site script, the header background color is not always set.
I’ve noticed that the site template functions flawlessly when I apply it to an already-existing site, but it only occasionally—not always—works when I use it to create a new site.
Can anyone please assist me on this?
Hello All, The problem is that while I am using some of the verbs in conjunction with the “setSiteBranding” in the site script, the header background color is not always set. I’ve noticed that the site template functions flawlessly when I apply it to an already-existing site, but it only occasionally—not always—works when I use it to create a new site. Can anyone please assist me on this? Read More
Pivot Table SubTotal does not agree with simple SUM operation
I have created a pivot table using one table and a calculated column using Power Pivot. Field “Three+” is displaying correctly but the sub total is incorrect. The other fields are displaying correct subtotals.
What am I missing?
Thanks
Brad
I have created a pivot table using one table and a calculated column using Power Pivot. Field “Three+” is displaying correctly but the sub total is incorrect. The other fields are displaying correct subtotals.What am I missing?ThanksBrad Read More
Embed pdf from SharePoint library with default zoom level
I want to embed a PDF file from a SharePoint site into my website. I have a link like https://etechua.sharepoint.com/sites/edocsrc/_layouts/15/embed.aspx?UniqueId=c385aa46-5a4a-4113-bc1b-e7d5768bab2d. Is it possible to set a default zoom level?
Currently, if we don’t specify it, the zoom level is set to fit page. I need it to be fit width.
I want to embed a PDF file from a SharePoint site into my website. I have a link like https://etechua.sharepoint.com/sites/edocsrc/_layouts/15/embed.aspx?UniqueId=c385aa46-5a4a-4113-bc1b-e7d5768bab2d. Is it possible to set a default zoom level?Currently, if we don’t specify it, the zoom level is set to fit page. I need it to be fit width. Read More
Condition Formula
Hello..
Pls. help me to apply formula if i want to get a profit Value of Customer X in region 5 for the month of May. how to get that this by using formula.
Hello.. Pls. help me to apply formula if i want to get a profit Value of Customer X in region 5 for the month of May. how to get that this by using formula. Read More
A feature request in edge
It would be really helpful if the edge app on startup shows the list of all edge profiles segregating them by personal and work, like the chrome’s startup screen.
It would be really helpful if the edge app on startup shows the list of all edge profiles segregating them by personal and work, like the chrome’s startup screen. Read More
OneDrive for MacOS – can’t search files in Spotlight
Hi
When using OneDrive on MacOS I can’t search my OneDrive files in Spotlight, making file access more cumbersome. I tried to edit the Spotlight search settings, but I don’t see my OneDrive folder there.
I checekd the SpotLight settings under preferences – and the “Folders” and “Documents” options are both set. Is this a OneDrive Limitation ?
Environment: MacBook Pro (Intel), Ventura 13.6.6
HiWhen using OneDrive on MacOS I can’t search my OneDrive files in Spotlight, making file access more cumbersome. I tried to edit the Spotlight search settings, but I don’t see my OneDrive folder there.I checekd the SpotLight settings under preferences – and the “Folders” and “Documents” options are both set. Is this a OneDrive Limitation ? Environment: MacBook Pro (Intel), Ventura 13.6.6 Read More
Insert the number of rows from a word table in the title
I have a Table and want to display in the Titel-row the number of colums the table has. How can I do this? please step by step advise since I am 68!
Example:
Title Column: This Table contains xx Entries
Row 1
Row 2
…
Row x
I have a Table and want to display in the Titel-row the number of colums the table has. How can I do this? please step by step advise since I am 68!Example: Title Column: This Table contains xx EntriesRow 1Row 2…Row x Read More
Excel Formula help needed
Hi, sorry a real beginner here trying to be better!! I want to add certain column’s together but the formula adds the last column twice and I don’t know why.
I am using this formula =SUM(D11:D14:D19) D19 has been calculated twice, can anyone advise please?
Hi, sorry a real beginner here trying to be better!! I want to add certain column’s together but the formula adds the last column twice and I don’t know why. I am using this formula =SUM(D11:D14:D19) D19 has been calculated twice, can anyone advise please? Read More
Missing teams recordings
Hello every body
when I finished my lecture I noticed that it was saved in recording file but unfortunately there were no other recordings from the previous sessions I made;
I checked in one drive and I found the same thing only the last lecture was there.
thanx for your respond.
Hello every bodywhen I finished my lecture I noticed that it was saved in recording file but unfortunately there were no other recordings from the previous sessions I made;I checked in one drive and I found the same thing only the last lecture was there. thanx for your respond. Read More
To Do Crashing on iPhone
Hi,
I have been using To Do on my iphone for few years and just recently started crashing and becoming annoying.
I tried many things such as deleting the app and reinstalling it, restarting my iphone, etc. but with no luck. I have been doing that for at least 3 weeks.
I am using the latest To Do version and iOS 17.5
Any help or Microsoft contact for To Do?
Thanks
Hi,I have been using To Do on my iphone for few years and just recently started crashing and becoming annoying. I tried many things such as deleting the app and reinstalling it, restarting my iphone, etc. but with no luck. I have been doing that for at least 3 weeks. I am using the latest To Do version and iOS 17.5 Any help or Microsoft contact for To Do?Thanks Read More
Renumber specific footnote
Hello
I would like my footnote numbering to skip numbers 71-75 and go from 70 to 76.
Footnote 76 is not in a different chapter; Actually my document is consisted of extracts of a single chapter text (hence the omission of several footnotes) but I still want the original footnote numbering kept.
Thanks
Hello I would like my footnote numbering to skip numbers 71-75 and go from 70 to 76. Footnote 76 is not in a different chapter; Actually my document is consisted of extracts of a single chapter text (hence the omission of several footnotes) but I still want the original footnote numbering kept. Thanks Read More
Partner Blog | What’s new for Microsoft partners: April 2024 edition
Over the past few months, we have continued to add benefits and resources to the Microsoft AI Cloud Partner Program to help you and your customers realize the most from our latest technology. These changes have been informed by partner feedback and developed with the diversity of the partner community in mind.
In this blog, you’ll find links to expert insights, redesigned learning materials, and updated benefits to accelerate your growth in the coming year.
Announcements
State of the Partner Ecosystem: Chief Partner Officer Nicole Dezen showcased the latest Microsoft partner business news, changes, updates, and momentum in her annual State of the Partner Ecosystem post on the Official Microsoft Blog. Learn about program updates, including new designations and certifications for partners. Find out how we are equipping partners through AI skilling, and read about partners delivering AI solutions around the world.
New benefits packages: In January, we launched three new benefits packages designed to help partners at various stages of growth to develop their business. Find out which package is right for you by reading more on the partner blog.
Realigning global licensing for Microsoft 365: Last year Microsoft updated the way Microsoft 365, Office 365, and Teams were licensed in the European Economic Area (EEA) and Switzerland. We have recently announced our plan to extend that approach worldwide to ensure globally consistent licensing. Learn more.
Continue reading here
Microsoft Tech Community – Latest Blogs –Read More
Protect Against OWASP API Top 10 Security Risks Using Defender for APIs
Overview
The Open Web Application Security Project (OWASP) Foundation is a nonprofit foundation dedicated to improving software security through community-led open-source projects, education, and transparency. The OWASP API Security Project focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of APIs. In this post, we’ll dive into how Defender for APIs (a plan provided by Microsoft Defender for Cloud) provides security coverage for the OWASP API Top 10 security risks.
Defender for APIs offers full lifecycle protection, detection, and response coverage for APIs. Defender for APIs helps you to gain visibility into business-critical APIs. You can investigate and improve your API security posture, prioritize vulnerability fixes, and quickly detect active real-time threats.
Concepts
Security recommendations – Recommendations in Defender for Cloud are based on the Microsoft cloud security benchmark. The Microsoft cloud security benchmark is the Microsoft-authored set of guidelines for security and compliance best practices based on common compliance frameworks. This widely respected benchmark builds on the controls from the Center for Internet Security (CIS) and the National Institute of Standards and Technology (NIST) with a focus on cloud-centric security. For a complete list of API security recommendations, see Security recommendations – a reference guide
Security alerts – Security alerts are the notifications generated by Defender for Cloud’s workload protection plans when runtime threats are identified in your Azure, hybrid, or multi-cloud environments. For a complete list of API security alerts, see Security alerts – a reference guide
Attack path analysis – Defender for Cloud uses environment context to perform a risk assessment of your security issues and subsequently identifies the biggest security risk issues. Defender for Cloud then analyzes which security issues are part of potential attack paths that attackers could use to breach your environment. To learn more, see Identify and remediate attack paths
Defender for APIs – OWASP API Security Coverage Mapping
OWASP API Risk
Defender for APIs Security Coverage
Broken Object Level Authorization (API1:2023)
(Security alert) Parameter enumeration on an API endpoint – A single IP was observed enumerating parameters when accessing one of the API endpoints
(Security alert) Distributed parameter enumeration on an API endpoint – The aggregate user population (all IPs) was observed enumerating parameters when accessing one of the API endpoints.
Broken Authentication (API2:2023)
(Security recommendation) API endpoints in Azure API Management should be authenticated – API endpoints published within Azure API Management should enforce authentication to help minimize security risk.
(Security recommendation) API Management calls to API backends should be authenticated – Calls from API Management to backends should use some form of authentication, whether via certificates or credentials.
Broken Object Property Level Authorization (API3:2023)
(Security alert) Previously unseen parameter used in an API call – A single IP was observed accessing one of the API endpoints using a previously unseen parameter in the request.
(Security alert) Unusually large response payload transmitted between a single IP address and an API endpoint – A suspicious spike in API response payload size was observed for traffic between a single IP and one of the API endpoints.
Unrestricted Resource Consumption (API4:2023)
(Security alert) Suspicious population-level spike in API traffic to an API endpoint – A suspicious spike in API traffic was detected at one of the API endpoints.
(Security alert) Suspicious spike in API traffic from a single IP address to an API endpoint – A suspicious spike in API traffic was detected from a client IP to the API endpoint.
(Security alert) Unusually large request body transmitted between a single IP address and an API endpoint – A suspicious spike in API request body size was observed for traffic between a single IP and one of the API endpoints.
(Security alert) Suspicious spike in latency for traffic between a single IP address and an API endpoint – A suspicious spike in latency was observed for traffic between a single IP and one of the API endpoints.
(Security alert) API requests spray from a single IP address to an unusually large number of distinct API endpoints – A single IP was observed making API calls to an unusually large number of distinct endpoints.
(Security recommendation) API Management direct management endpoint should not be enabled – The direct management REST API in Azure API Management bypasses Azure Resource Manager role-based access control, authorization, and throttling mechanisms, thus increasing the vulnerability of your service.
Broken Function Level Authorization (API5:2023)
No coverage
Unrestricted Access to Sensitive Business Flows (API6:2023)
(Attack path analysis) Internet exposed APIs that are unauthenticated carry sensitive data
(Security alert) Suspicious spike in API traffic from a single IP address to an API endpoint – A suspicious spike in API traffic was detected from a client IP to the API endpoint.
Server-Side Request Forgery (API7:2023)
No coverage
Security Misconfiguration (API8:2023)
(Security recommendation) API endpoints that are unused should be disabled and removed from the Azure API Management service – As a security best practice, API endpoints that haven’t received traffic for 30 days are considered unused and should be removed from the Azure API Management service.
(Security recommendation) API Management APIs should use only encrypted protocols – APIs should be available only through encrypted protocols, like HTTPS or WSS. Avoid using unsecured protocols, such as HTTP or WS to ensure security of data in transit.
(Security recommendation) API Management secret named values should be stored in Azure Key Vault – Named values are a collection of name and value pairs in each API Management service.
(Security recommendation) API Management should disable public network access to the service configuration endpoints – To improve the security of API Management services, restrict connectivity to service configuration endpoints, like direct access management API, Git configuration management endpoint, or self-hosted gateways configuration endpoint.
(Security recommendation) API Management calls to API backends should be authenticated – Calls from API Management to backends should use some form of authentication, whether via certificates or credentials. Does not apply to Service Fabric backends.
Improper Inventory Management (API9:2023)
Inventory dashboard – Centralized inventory of all managed APIs and related API security findings.
External exposure – Classify which API endpoints are exposed externally.
Sensitive data classification – Classify APIs that receive or respond with sensitive data, to support risk prioritization, including integration support with Microsoft MIP Purview.
Unsafe Consumption of APIs (API10:2023)
No coverage
API Security Testing
Microsoft Defender for Cloud supports third-party tools to help enhance the existing runtime security capabilities that are provided by Defender for APIs. Defender for Cloud supports proactive API security testing capabilities in early stages of the development lifecycle (including DevOps pipelines). The support for third-party solutions helps to further streamline, integrate, and orchestrate security findings from other vendors with Microsoft Defender for Cloud.
This support enables full lifecycle API security (extending to OWASP API top 10 risks), and the ability for security teams to effectively discover and remediate API security vulnerabilities before they are deployed in production. To learn more, see the following: Partner applications in Microsoft Defender for Cloud for API security testing (preview)
Next Steps
To learn more about how Defender for APIs augments the security offered by Azure Web Application Firewall (Azure WAF) and Azure API Management, see the following: Defender for APIs Better Together with Azure Web Application Firewall and Azure API Management.
To learn more about how Azure API Management helps mitigate risks against the OWASP API risks, see the following: Recommendations to mitigate OWASP API Security Top 10 threats using API Management
Microsoft Tech Community – Latest Blogs –Read More
App Service *.azurewebsites.net TLS Cert Renewal for Web Apps, Functions, and Logic Apps (Standard)
This blog contains information about *.azurewebsites.net TLS certificate changes for Web Apps, Functions, and Logic Apps (Standard). Customers should not be impacted by this change. The scope of services affected includes Web Apps, Functions, and Logic Apps (Standard); Logic Apps (Consumption) and resources hosted on an ASE are not impacted. This change is limited to public Azure cloud; government clouds are not affected.
Every Web Apps, Functions, and Logic Apps (Standard) has its own default hostname that goes by “<resource-name>.azurewebsites.net” where App Service secures it with a wildcard *.azurewebsites.net TLS certificate. The current intermediate Microsoft PKI Subordinate CA certificates were set to expire on June 27th, 2024. App Service used these intermediate certificates in the default TLS certificate *.azurewebsites.net. On March 13th, 2024, App Service renewed the TLS certificate and used a new set of Subordinate CAs while the root certificate remained the same. Due to the distributed asynchronous nature of the renewal process, there isn’t an exact date when the new TLS certificate will be visible to individual Web Apps, Functions, and Logic Apps (Standard).
Terminology and Concepts
Certificate Authority: (CA) An entity that is responsible for the creation, issuance, revocation, and management of certificates. The term applies equally to both Roots CAs and Subordinate CAs.
Root CA: The top level Certification Authority whose Root Certificate is distributed by Application Software Suppliers and that issues Subordinate CA Certificates.
Root Certificate: The self‐signed certificate issued by the Root CA to identify itself and to facilitate verification of certificates issued to its Subordinate CAs.
Subordinate CA: (Sub CA) A Certification Authority whose certificate is signed by the Root CA or another Subordinate CA.
We expect that this change will be a non-event and will not impact customers. However, you may be impacted if an application has incorrectly taken a hard dependency on the *.azurewebsites.net TLS certificate, for example by way of “certificate pinning”. Certificate pinning is a practice where an application only allows a specific list of acceptable Certificate Authorities (CAs), public keys, thumbprints, etc. Applications should never pin to the *.azurewebsites.net TLS certificate. Applications requiring certificate stability should use custom domains in conjunction with custom TLS certificates for those domains. You can refer to the recommended best practices section of this article for more information.
Recommended best practices
Certificate pinning of *.azurewebsites.net TLS certificates is not recommended because the *.azurewebsites.net TLS certificate could be rotated anytime given the nature of App Service as a Platform as a Service (PaaS). In the event that the service rotates the App Service default wildcard TLS certificate, certificate pinned applications will break and disrupt the connectivity for applications that are hardcoded to a specific set of certificate attributes. The periodicity with which the *.azurewebsites.net TLS certificate is rotated is also not guaranteed since the rotation frequency can change at any time.
If an application needs to rely on certificate pinning behavior, it is recommended to add a custom domain to a Web Apps, Functions, and Logic Apps (Standard) and provide a custom TLS certificate for the domain which can then be relied on for certificate pinning.
Note that applications which rely on certificate pinning should also not have a hard dependency on an App Service Managed Certificate. App Service Managed Certificates could be rotated anytime, leading to similar problems for applications that rely on stable certificate properties. It is best practice to provide a custom TLS certificate for applications that rely on certificate pinning.
Refer to our documentation for best practices for Azure App Service for more information.
Microsoft Tech Community – Latest Blogs –Read More
FAQ: Marketplace private offers through CSP?
Q: is it possible for a customer procuring Azure via a CSP (Cloud Solution Provider) to make Marketplace purchases? If so, can this also be a private offer from the ISV (even if it’s likely the CSP managing the subscriptions/billing ID for the end customer)?
I am particularly interested in how the customer will get the ISV SaaS solution deployed at their end (in this case through the CSP who own the subscription).
A: It really depends on the CSP –> customer agreement. Some CSPs charge for purchasing from the marketplace, for others it is free. There are two common scenarios:
1- The customer creates a separate subscription/billing account as “pay as you go” and did the purchase of a private offer
2- The CSP purchased the offer on the behalf of the customer and here they can choose to overcharge or not
Assumed the following:
1- In order to receive a private offer, you need to “own” the billing accountID – usually in this scenario, it belongs to the CSP
2- You still need to be an Enterprise Admin or Billing Account owner to purchase (it is not always allowed by the CSP)
Overall:
The customer should get in contact with the CSP, either getting the right setup or agreeing on the “overcharge”
You should also refer to the following documentation related to this topic:
Video tutorials
Private Offers for CSP Partners Overview
Private Offer Creation by ISVs for CSP Partners
The CSP Partner Private Offer Purchase Process
Q: is it possible for a customer procuring Azure via a CSP (Cloud Solution Provider) to make Marketplace purchases? If so, can this also be a private offer from the ISV (even if it’s likely the CSP managing the subscriptions/billing ID for the end customer)?
I am particularly interested in how the customer will get the ISV SaaS solution deployed at their end (in this case through the CSP who own the subscription).
A: It really depends on the CSP –> customer agreement. Some CSPs charge for purchasing from the marketplace, for others it is free. There are two common scenarios:
1- The customer creates a separate subscription/billing account as “pay as you go” and did the purchase of a private offer
2- The CSP purchased the offer on the behalf of the customer and here they can choose to overcharge or not
Assumed the following:
1- In order to receive a private offer, you need to “own” the billing accountID – usually in this scenario, it belongs to the CSP
2- You still need to be an Enterprise Admin or Billing Account owner to purchase (it is not always allowed by the CSP)
Overall:
The customer should get in contact with the CSP, either getting the right setup or agreeing on the “overcharge”
You should also refer to the following documentation related to this topic:
Configure ISV to CSP partner private offers in Microsoft Partner Center – Marketplace publisher | Microsoft Learn
Video tutorials
Private Offers for CSP Partners Overview
Private Offer Creation by ISVs for CSP Partners
The CSP Partner Private Offer Purchase Process Read More
Running python/flask app on IIS using ASP.Net Core Module handler
Looking for insight into running/flask app using a modern/maintained method.
wfastcgi is essentially deprecated (version 3.0.0 was released 7 years ago).
HttpPlatform handler was replaced by the asp.net core module even before that (2016).
I’ve made some progress using the ASP.Net Core Module handler – but when I try to launch the app I get an error:
Application ‘/LM/W3SVC/1/ROOT’ with physical root ‘C:inetpubwwwroot’ failed to start process with commandline ‘“C:Python312python.exe” C:inetpubwwwrootapp.py’ with multiple retries. Failed to bind to port ‘11905’. First 30KB characters of captured stdout and stderr logs from multiple retries:
Nothing in the python log.
Any feedback appreciated.
Looking for insight into running/flask app using a modern/maintained method. wfastcgi is essentially deprecated (version 3.0.0 was released 7 years ago).HttpPlatform handler was replaced by the asp.net core module even before that (2016). I’ve made some progress using the ASP.Net Core Module handler – but when I try to launch the app I get an error:Application ‘/LM/W3SVC/1/ROOT’ with physical root ‘C:inetpubwwwroot’ failed to start process with commandline ‘“C:Python312python.exe” C:inetpubwwwrootapp.py’ with multiple retries. Failed to bind to port ‘11905’. First 30KB characters of captured stdout and stderr logs from multiple retries:Nothing in the python log. Any feedback appreciated. Read More
Stakeholders AI
amMicrosoft Legal international Organisation and Stakeholders partners for Cloud business.
amMicrosoft Legal international Organisation and Stakeholders partners for Cloud business. Read More
pnp Modern Search – People – Search Source Scope
Hi everyone,
I’m looking for some advice from anyone that has experience of the SharePoint ‘pnp Modern Search’ (v4) tool.
We have a requirement to build a people search which does not search across the tenant ‘GAL’, but instead would search to a more localised scope, for example a SharePoint list within the scope of the site hosting the pnp Modern Search page.
I had a look at the documentation (Create a useful People Search – PnP Modern Search (v4) (microsoft-search.github.io)) and in the section ‘Configure Search Results’ there is mention of a ‘Result Source ID’ which appears to be where the scope is defined. Unfortunately I can’t find more detail than this in the documentation, IE to specify what other sources would be acceptable and if these include a local SharePoint list.
I would like to try and determine the answer for this before configuring and deploying only to find the required functionality is not available.
Thanks very much for your help!
Hi everyone, I’m looking for some advice from anyone that has experience of the SharePoint ‘pnp Modern Search’ (v4) tool.We have a requirement to build a people search which does not search across the tenant ‘GAL’, but instead would search to a more localised scope, for example a SharePoint list within the scope of the site hosting the pnp Modern Search page. I had a look at the documentation (Create a useful People Search – PnP Modern Search (v4) (microsoft-search.github.io)) and in the section ‘Configure Search Results’ there is mention of a ‘Result Source ID’ which appears to be where the scope is defined. Unfortunately I can’t find more detail than this in the documentation, IE to specify what other sources would be acceptable and if these include a local SharePoint list. I would like to try and determine the answer for this before configuring and deploying only to find the required functionality is not available. Thanks very much for your help! Read More
