Category: Microsoft
Category Archives: Microsoft
Generate Now! AI Vodcast w/James Caton
Microsoft partners and customers around the globe have been doing incredible things with #Azure #OpenAI Service #ChatGPT and #MicrosoftCopilot. In his new vodcast, “Generate Now!” @James Caton, Microsoft Lead of GSI Portfolio (Analytics & AI Solution Areas), highlights the transformative power of this technology and shares various use cases across industries.
To kick off the series, James explores the #GenAI adoption process from start to finish with @Endeavour Energy (NSW) and @TCS. Catch their expert insights on the following channels:
Website: https://aka.ms/GenerateNow
YouTube: https://aka.ms/GenerateNowYouTube
Spotify: https://aka.ms/GenerateNowSpotify
Apple Music: https://aka.ms/GenerateNowApple
Amazon Music: https://aka.ms/GenerateNowAmazon
Microsoft Tech Community – Latest Blogs –Read More
Virtual career fairs match employers with skilled job seekers
When the Microsoft Learn Career Connected team realized that it was in a key position to connect two groups in need of an introduction—newly skilled job seekers and employers needing credentialed talent—the idea for virtual career fairs was born. The first Microsoft Learn Career Connected Career Fair was held in the United States in February 2024. This was initially a small pilot program, and now the team is rolling out career fairs worldwide to connect more employers and individuals skilled in Microsoft’s AI apps and services, Azure, and other emerging technologies. Attendees are members of the program’s talent coalition, a free-to-join community that connects job seekers, employers in need of talent, and organizations that provide skill-building and training opportunities. And the community is always looking for new members.
In kicking off the inaugural career fair, Holly Bilyeu, Microsoft Business Program Manager, quoted Jean-Philippe Courtois, Executive Vice President and President, National Transformation Partnerships at Microsoft, who has pointed out how the skills-first economy is reshaping the global workforce. “Tech skills have become an essential asset in the job market, especially as we enter an exciting new era driven by AI. This is why we must invest in skilling people right now and connecting them to meaningful jobs and career paths.”
A field of ‘up-and-coming talent’
Virtual career fairs are one more way that Microsoft is helping to bridge the gap between skills and opportunity. The day-long virtual event enabled employers to meet individuals who hold or are earning Microsoft Credentials—Certifications or Applied Skills. These validations are a helpful filter for employers, shining a spotlight on the next generation of skilled workers. As one recruiter points out, “We met with lots of up-and-coming talent.”
“Our ultimate goal is to enable our customers and partners to achieve more by finding skilled talent that meets their needs and to help learners get connected with job opportunities of the future,” explains Bilyeu. “Microsoft is not a recruitment company. But we know that our customers and partners are seeking skilled individuals, and we know the academic institutions that are producing valuable technical talent. We can now bring them together through these virtual career fairs.”
Employers at the event participate in the Microsoft Learn Career Connected talent coalition. Through this group, they get help addressing their immediate and future talent needs. They also get the opportunity to expand their talent pipeline—with workforce development partners, nonprofits, and the colleges and universities in the Microsoft Learn for Educators program. Plus, they can amplify their organization as an employer of choice.
After the career fair, participants shared valuable feedback that will be used to improve future events, but the virtual setup was an overall success. As one hiring manager comments, “We gained a lot of qualified candidates and look forward to the next event.”
A place where new skills get noticed
For job seekers, the career fair was a way to showcase their newly acquired skills, learn about available opportunities, and make an impression on hiring managers. The event offered a new way for these job seekers to get noticed. Attendees could make appointments to meet virtually with recruiters, apply for open positions and internships, and follow up on those connections. They could create virtual profiles, résumés, and business cards to show off newly minted credentials, such as the Microsoft Certified: Azure AI Fundamentals or Microsoft Certified: Azure AI Engineer Associate certifications. Other job seekers chose to demonstrate their proficiency in scenario-based Microsoft Applied Skills learning paths, including in-demand scenarios, like Build a natural language processing solution with Azure AI Language, Develop generative AI solutions with Azure OpenAI Service, and Build an Azure AI Vision solution.
In addition, the career fair introduced job seekers to business leaders and experts on a range of topics. Through webinars at the event, attendees learned about generative AI with Copilot in Bing, earning Applied Skills credentials, successful careers in Dynamics 365 Business Central, and building a stronger LinkedIn profile.
“The audience was thrilled with the webinars,” Bilyeu reports. “Microsoft’s goal was to open job seekers’ eyes to other avenues that are available.”
A community of opportunity
The Microsoft Learn Career Connected team is using the learnings from the first fair in the United States to enrich the experience for participants in the upcoming fairs (dates to be determined) in Canada, Germany, Italy, Spain, Sweden, and the United Arab Emirates.
Job seekers, including students finishing up college, recent graduates, and workers looking for a career change or reentering the work force, can go to the Microsoft Learn Career Connected site to get more information and join the LinkedIn group. There they can find support as they start learning about Microsoft’s AI apps and services, Azure, cybersecurity, Microsoft 365, Dynamics 365, or Microsoft Power Platform, among other technologies. Job seekers can also find information there about the next virtual career fair.
If you’re an employer looking to connect with skilled talent at job fairs and beyond, sign up for the Microsoft Learn Career Connected talent coalition. The program is always open to new members, and there’s no fee to join. Employers who have signed up for the talent coalition and want to join future fairs can fill out the Microsoft Learn Career Connected Career Fairs Exhibitor Request Application.
“Everyone’s looking for great resources,” Bilyeu adds. “We hope these virtual career fairs help organizations proactively find new talent.”
Learn more
For employers, sign up for the Microsoft Learn Career Connected talent coalition, and find resources to build relationships and hire the right people for the right roles.
For job seekers, discover Microsoft Learn Career Connected, including steps to your new or next career—career paths, preparation resources, LinkedIn profile tips, and community connections.
Explore the Microsoft Learn AI learning hub, to get skilled up and ready to power AI transformation with the Microsoft Cloud and to chart your AI learning journey.
Learn more about Microsoft Credentials—Microsoft Certifications and Applied Skills—to build and validate skills in Microsoft’s AI apps and services, Azure, cybersecurity, and more in-demand technologies.
Microsoft Tech Community – Latest Blogs –Read More
Database Schema Compare Tool
Introduction
Customers migrating and modernizing to Azure SQL (Azure SQL DB / Azure SQL MI / Azure SQL VM) can benefit from multiple salient functionalities as well as fundamental capabilities like security, scalability, that comes with a fully managed database offerings in Azure. It supports different deployment choices, service levels, language SDKs, data types, and more. Azure SQL also provides high reliability, disaster recovery, performance, and availability, as well as advanced features such as intelligent query processing, automatic performance tuning, serverless compute, and copilot for query generation.
A key step in migrating the data tier to Azure SQL is to validate the consistency and accuracy of the schema / metadata between the source database and target Azure SQL databases. This can be a difficult and prone to error task if done manually, especially when working with large and complex databases. To make this process easier and faster, you can utilize this tool that can perform a thorough metadata comparison between the source and target database on SQL. The tool can verify the names of tables, column names, ordering of columns, data types of columns, view names, function names, indexes, constraints, triggers, and other objects, as well as their properties and definitions. The tool generates a detailed report that shows the differences and similarities between the two databases. This technical blog will explain the features and functionalities of Db2 and Azure SQL database Schema comparison Tool that can help you compare schema from Db2 to Azure SQL with ease.
The tool currently supports Db2 z/OS and Db2 LUW as source databases and SQL as target database
Microsoft SQL Server Migration Assistant (SSMA) for Db2 is a tool to automate migration from IBM Db2 database to SQL Server, Azure SQL Database and Azure SQL Database Managed Instance. By migrating from Db2 to Azure SQL, customers can increase their agility and innovation, and improve their data security and compliance with ease.
Comparing Schema between Db2 and Azure SQL database
How does the Schema comparison tool work?
Below steps provides details about important part of the schema comparison process followed in the Tool.
1a. Connect to Source Db2 : Schema comparison tool connects to source Db2 database. It fetches all the meta data for the given schema.
The tool supports Db2 z/OS and Db2 LUW currently.
1b. Connect to Target Sql : Tool in parallel also connects to SQL database (SQL DB / SQL MI / SQL VM to fetch all meta data for the given schema.
2a and 2b. Store Object Metadata details: Metadata information across 25+ parameters is collected which includes (not complete list) Table names, Column names, Column order, Column data type, Column default value, View names, Function names, Stores procedure names, Indexes, Index order, Index Type, Primary Key / Foreign key constraints etc.
3a and 3b. Write meta data to Azure SQL : Meta data collected from Db2 and SQL Catalogue tables is stored in staging table in target Azure SQL.
4. Schema comparison Process : Db2 and SQL Schema differences identification process runs on the top of the meta data stored in Azure SQL.
5. Write differences to Azure SQL: This process writes details about mismatches in Db2 and SQL Schema into Azure SQL differences table. Example: Table Table1 present in Db2 and not in SQL, Column Order for Col1 is different in Db2 and SQL etc.
6. Power BI or Excel connection to Azure SQL: Power BI connects to Azure SQL in Direct Query mode to access differences data.
7. Schema comparison report for Db2 and Azure SQL: Power BI Tool is used to create a report on the schema differences between Db2 and Azure SQL. Alternatively, Excel can be used to view the report.
Db2 and Azure SQL Sample Schema differences report
Below is a sample differences report generated to compare schema SCHEMACOMPARE01 present on Db2 LUW and Azure SQL Database. Numbers marked in red circle are used for annotation and are explained below:
1. Schema Name SCHEMACOMPARE01 for which meta data differences is shown.
2. The total number of differences found between source and target schema.
3. X – axis represents Object categories for which differences are found.
4. Y – axis represents Total number of differences for a given Object category.
5. It shows four differences that were found for Column Order Id in which Order of Column in Db2 and Azure SQL was different.
Tool also has the capability to drill down and show exact difference between source and target object as shown below where column names PRSTAFF and PRSTDATE present in PROJ Table on Db2 but not in target Azure SQL Database.
Db2 and Azure SQL example valid differences which should be ignored.
The following table shows some examples of how Db2 and Azure SQL have some inherent differences which are expected and hence accepted by the Tool when it compares them. This list is not exhaustive and only illustrates some differences.
Sr. No.
Difference Category
Db2
Azure SQL
1
Data Type
Blob
Varbinary
2
Data Type
Clob
Varchar
3
Data Type
Timestamp
Datetime2(6)
4
Data Type
Char varying
Varchar
How to get access to this tool?
You can request setting up this Tool for your use case by emailing at alias: datasqlninja@microsoft.com
Summary
This tool is beneficial to customers to perform automatic schema comparison between Db2 and Azure SQL and ease the migration from Db2 to Azure SQL. Using this tool before testing / migrating / cut-over can help you to minimize any issues related to schema differences while performing data migration or application execution.
We will incrementally update the supported databases based on customer feedback.
Feedback and suggestions
If you have feedback or suggestions for improving this data migration asset, please send an email to Databases SQL Engineering Team.
Microsoft Tech Community – Latest Blogs –Read More
Getting Started – Generative AI with Phi-3-mini: A Guide to Inference and Deployment
Or maybe you were still paying attention to the Meta Llama 3 released last week, but today Microsoft did something different and released a new Phi-3 series of models. The first wave of releases on Hugging face is the Phi-3-mini version with a parameter size of 3.8B. Phi-3-mini can not only run on traditional computing devices, but also on edge devices such as mobile devices and IoT devices. The Phi-3-mini release covers the traditional Pytorch model format, the quantized version of the gguf format, and the onnx-based quantized version. This also brings convenience to developers in different application scenarios. The content of this blog hopes to allow different developers to explore different model formats released by Phi-3-mini combined with different technical frameworks, so that everyone can inference Phi-3-mini first.
Use Semantic Kernel to access Phi-3-mini
In the Copilot application, we create applications through Semantic Kernel / LangChain. This type of application framework is generally compatible with Azure OpenAI Service / OpenAI models, and can also support open source models on Hugging face and local models. What should we do if we want to use Semantic Kernel to access Phi-3-mini? Using .NET as an example, we can combine it with the Hugging face Connector in Semantic Kernel. By default, it can correspond to the model id on Hugging face (the first time you use it, the model will be downloaded from Hugging face, which takes a long time). You can also connect to the built local service. Compared with the two, I recommend using the latter because it has a higher degree of autonomy, especially in enterprise applications.
From the figure accessing local services through Semantic Kernel can easily connect to the self-built Phi-3-mini model server. Here is the running result.
Sample Code https://github.com/Azure-Samples/Phi-3MiniSamples/tree/main/semantickernel
Call quantized models with Ollama or LlamaEdge
More users prefer to use quantized models to run models locally. Through Ollama/LM Studio, individual users can call different quantized models at will. I will first show how to use Ollama to call the Phi-3-mini quantization model
Create a Modelfile
FROM {Add your gguf file path}
TEMPLATE “””<|user|>
{{.Prompt}}<|end|>
<|assistant|>”””
PARAMETER stop <|end|>
PARAMETER num_ctx 4096
Running in terminal
ollama create phi3mini -f Modelfile
ollama run phi3mini
Here is the running result.
Sample Code https://github.com/Azure-Samples/Phi-3MiniSamples/tree/main/ollama
I have always been a supporter of cross-platform applications. If you want to use gguf in the cloud and edge devices at the same time, LlamaEdge can be your choice. LlamaEdge can be understood as WasmEdge (WasmEdge is a lightweight, high-performance, scalable WebAssembly runtime suitable for cloud native, edge and decentralized applications. It supports serverless applications, embedded functions, microservices, smart contracts and IoT devices. You can deploy gguf’s quantitative model to edge devices and the cloud through LlamaEdge.
Here are the steps to use
Install and download related libraries and files.
curl -sSf https://raw.githubusercontent.com/WasmEdge/WasmEdge/master/utils/install.sh | bash -s — –plugin wasi_nn-ggml
curl -LO https://github.com/LlamaEdge/LlamaEdge/releases/latest/download/llama-api-server.wasm
curl -LO https://github.com/LlamaEdge/chatbot-ui/releases/latest/download/chatbot-ui.tar.gz
tar xzf chatbot-ui.tar.gz
Note: llama-api-server.wasm and chatbot-ui need to be in the same directory
Run scripts in terminal
wasmedge —dir .:. –nn-preload default:GGML:AUTO:{Your gguf path} llama-api-server.wasm -p phi-3-chat
Here is the running result.
Sample code https://github.com/Azure-Samples/Phi-3MiniSamples/tree/main/wasm
Run an ONNX quantized model
ONNX Runtime is an efficient runtime library for ONNX models. It supports multiple operating systems and hardware platforms, including CPU, GPU, etc. The key advantages of ONNX Runtime are its efficient performance and ease of deployment. Through ONNX Runtime, developers can easily deploy trained models to production environments without caring about the underlying inference framework. In the era of large models, ONNX Runtime has released an interface (Python/.NET/C/C++) based on generative AI. We can use this interface to call the Phi-3-mini model. Next we try to call the Phi-3-mini model through Python (when using ONNX Runtime Generative AI, you need to compile the environment first, please refer to https://github.com/microsoft/onnxruntime-genai/blob/main/examples/python/phi-3-tutorial.md)
Sample Code https://github.com/Azure-Samples/Phi-3MiniSamples/tree/main/onnx
Summary
The release of Phi-3-mini allows individuals and enterprises to deploy SLM on different hardware devices, especially mobile devices and industrial IoT devices that can complete simple intelligent tasks under limited computing power. Combining LLMs can open up a new era of Generative AI. Inference is only the first step. I hope you will continue to pay attention to the content of this series.
Resources
Phi-3 Azure blog https://aka.ms/phi3blog-april
Phi-3 technical report https://aka.ms/phi3-tech-report
Learn about ONNX Runtime Generative AI https://github.com/microsoft/onnxruntime-genai
Learn about Semantic Kernel https://aka.ms/SemanticKernel
Read Semantic Kernel Cookbook https://aka.ms/SemanticKernelCookBook
Learn about LlamaEdge https://github.com/LlamaEdge/LlamaEdge
Learn about Ollama https://ollama.com/
Microsoft Tech Community – Latest Blogs –Read More
Partner Case Study Series | DevOpsGroup: Migration to Azure DevOps
DevOpsGroup empowers organizations through IT modernization
DevOpsGroup is a Microsoft gold partner that empowers enterprises and scale-up organizations to achieve more in the digital economy by modernizing IT. The Cardiff, Wales, UK-based company’s team is 90 members strong, and its cloud and DevOps engineers have vast experience working with cloud platforms and DevOps toolchains.
SureView Systems, a multinational software company with headquarters in Tampa, Florida, and Swansea, Wales, specializes in physical security monitoring software for central stations and command centers. The company’s flagship product, Immix, integrates with more than 500 security products and systems. SureView Systems wanted to move Immix from TFS to Azure DevOps to accelerate software delivery and move toward a Software-as-a-Service (SaaS) model. Azure DevOps enables collaboration and modern DevOps services via its boards, pipelines, repositories, testing tools, and extensions marketplace.
“A key driver for the migration to Azure DevOps was the need to keep pace with the latest development and deployment tools as we migrated toward a continuous delivery/continuous integration DevOps model,” said Simon Morgan, Chief Technology Officer, SureView Systems.
Continue reading here
**Explore all case studies or submit your own**
Microsoft Tech Community – Latest Blogs –Read More
Textjoin or simple “&” returns duplicate results when used on Table
I’ve used Textjoin on multiple occasions without problem, or its simple equivalent, the humble ampersand. If we use the below example:
Cell A1: 10
Cell B1: James
Cell C1: ()
Let’s say I use the “,” delimiter in Textjoin or add that criteria in a simple “&”. In all cases I shold end up with: 10,James,()
But for some reason, when applying either of these solutions to a named Table in desktop Excel app, I keep getting this result: 10,James,()10,James,() minus the colors obviously.
In other words, the results of either formula are completely duplicated, only omitting the middle “,”. Doesn’t even matter which approach I choose, and there aren’t any formulas running in the cells that I am referencing.
Has anyone experienced anything similar?
I’ve used Textjoin on multiple occasions without problem, or its simple equivalent, the humble ampersand. If we use the below example: Cell A1: 10Cell B1: JamesCell C1: () Let’s say I use the “,” delimiter in Textjoin or add that criteria in a simple “&”. In all cases I shold end up with: 10,James,() But for some reason, when applying either of these solutions to a named Table in desktop Excel app, I keep getting this result: 10,James,()10,James,() minus the colors obviously. In other words, the results of either formula are completely duplicated, only omitting the middle “,”. Doesn’t even matter which approach I choose, and there aren’t any formulas running in the cells that I am referencing. Has anyone experienced anything similar? Read More
911 Emergency address and iphone Teams app
Testing 911 with Teams app (via 933) using Teams and Operator connect. I have user emergecny calling policy enabled to use external location lookup. On the iPhone (15), I also have location services for Teams enabled and precise location “on”.
When I open the Teams app, the map correctly shows the location; I allow it to be used. I dial 933 and the address it determined is indeed correct, but it says “low confidence” and would have gone to screening center.
I’ve tried a few different things and from a few locations with same result – the address/location is identified correctly, but 933 test call still says it was low confidence. I can’t figure out why or how to get it to be recognized as a “valid” address to not go to screening center.
Testing 911 with Teams app (via 933) using Teams and Operator connect. I have user emergecny calling policy enabled to use external location lookup. On the iPhone (15), I also have location services for Teams enabled and precise location “on”. When I open the Teams app, the map correctly shows the location; I allow it to be used. I dial 933 and the address it determined is indeed correct, but it says “low confidence” and would have gone to screening center. I’ve tried a few different things and from a few locations with same result – the address/location is identified correctly, but 933 test call still says it was low confidence. I can’t figure out why or how to get it to be recognized as a “valid” address to not go to screening center. Read More
Cannot export powerpoint recordings.
Hi,
I tried to record a powerpoint video and was successful. However, I cannot download or share the video since the “export video” option does not appear. I am using a Mac. Pls help.
Cheers!
Chrishain
Hi, I tried to record a powerpoint video and was successful. However, I cannot download or share the video since the “export video” option does not appear. I am using a Mac. Pls help. Cheers!Chrishain Read More
Stop a group of users communicating with each other
Hi all,
What is the best way to stop a specific group of users communicating with each other?
Hi all, What is the best way to stop a specific group of users communicating with each other? Read More
Outlook Login Boot Loop problem?
Hello, I have a very strange issue when logging into Outlook for windows I get several attempts to login per second or any interaction within the app to try and establish an account but it always fails I’ve tried deleting certificates refreshing user accounts tied to outlook via windows settings and I’ve tried scanpst.exe all to no avail any help would be greatly appreciated!
Hello, I have a very strange issue when logging into Outlook for windows I get several attempts to login per second or any interaction within the app to try and establish an account but it always fails I’ve tried deleting certificates refreshing user accounts tied to outlook via windows settings and I’ve tried scanpst.exe all to no avail any help would be greatly appreciated! Read More
Defender for Endpoint licensing within Azure Virtual Desktop
Hi all,
I would like to have an official confirmation of the current status. Can we use Microsoft Defender for Endpoint (per user), Windows Enterprise E5, Microsoft 365 E5 Security, or Microsoft 365 E5 for all of these use cases:
– Windows 10/11 session hosts?
– Windows Server (2016/2019/2022/2025) session hosts? This would be a server OS, so maybe not possible to do per user licensing?
– Personal vs. pooled session hosts?
Can we, as an alternative, choose licensing based on Microsoft Defender for Servers Plan 1 or Plan 2 (as part of the Defender for Cloud) offering or Microsoft Defender for Endpoint for Servers in all the same use cases? I guess it would not be possible or wise to make any combinations of these two licensing scenario’s for a single Azure Virtual Desktop environment?
In that second scenario and for a nonprofit organization, would it be recommended to use Microsoft Defender for Endpoint for Servers licenses? As they are often eligible for a considerable discount that they will not receive when using (PAYG) Microsoft Defender for Servers Plan 1 or Plan 2?
Many thanks for your response!
Sources:
Onboard Windows devices in Azure Virtual Desktop | Microsoft Learn
Minimum requirements for Microsoft Defender for Endpoint | Microsoft Learn
Hi all, I would like to have an official confirmation of the current status. Can we use Microsoft Defender for Endpoint (per user), Windows Enterprise E5, Microsoft 365 E5 Security, or Microsoft 365 E5 for all of these use cases:- Windows 10/11 session hosts?- Windows Server (2016/2019/2022/2025) session hosts? This would be a server OS, so maybe not possible to do per user licensing?- Personal vs. pooled session hosts? Can we, as an alternative, choose licensing based on Microsoft Defender for Servers Plan 1 or Plan 2 (as part of the Defender for Cloud) offering or Microsoft Defender for Endpoint for Servers in all the same use cases? I guess it would not be possible or wise to make any combinations of these two licensing scenario’s for a single Azure Virtual Desktop environment? In that second scenario and for a nonprofit organization, would it be recommended to use Microsoft Defender for Endpoint for Servers licenses? As they are often eligible for a considerable discount that they will not receive when using (PAYG) Microsoft Defender for Servers Plan 1 or Plan 2? Many thanks for your response! Sources:Onboard Windows devices in Azure Virtual Desktop | Microsoft LearnMinimum requirements for Microsoft Defender for Endpoint | Microsoft Learn Read More
consume salesforce dataset through ADF
Hi everyone,
I am trying to build ADF to connect to salesforce. I am able to connect to the salesforce objects but not the salesforce analytics datasets. Can you please help how can I connect to the salesforce dataset (not object) from ADF. added screenshot of a dataset from salesforce
Hi everyone, I am trying to build ADF to connect to salesforce. I am able to connect to the salesforce objects but not the salesforce analytics datasets. Can you please help how can I connect to the salesforce dataset (not object) from ADF. added screenshot of a dataset from salesforce Read More
Share your feedback on Microsoft’s certification renewal experience!!
We are trying to gather some feedback on the certification renewal process. If you’ve renewed a certification in the last 6 months, please complete this very short survey: https://forms.office.com/r/9jtvW1x8JV by May 2.
Please share this with anyone who may be eligible to share their feedback. This is your chance to share your thoughts and feedback and help us improve the experience.
We are trying to gather some feedback on the certification renewal process. If you’ve renewed a certification in the last 6 months, please complete this very short survey: https://forms.office.com/r/9jtvW1x8JV by May 2.
Please share this with anyone who may be eligible to share their feedback. This is your chance to share your thoughts and feedback and help us improve the experience. Read More
Disabling authentication methods in Entra having no effect
Fairly new to MS365 here and we’re trying to restrict which MFA methods our users can use. We want our users to be able to either use the Authenticator app or a FIDO2 key depending on their role, in addition to a TAP to do the initial login.
We’re testing disabling various methods via the Authentication methods page in Entra. As a representative test we set TAP to disabled and it gave an error when I attempted to issue a TAP for a user via the user’s Authentication methods page in Intune.
However we don’t get consistent results with other auth methods: Authenticator, Security key (FIDO2) and SMS. I put a specific group in the ‘Enable and target’ > ‘Exclude’ section for all 3 and was still able to configure Authenticator and a phone for SMS. When viewing the methods configured for the user, only the security key was listed under ‘unusable methods’; hence the policies for Authenticator and SMS appear to have no effect. Similar tests with just one auth method yield the same result.
Is there something we’re doing or understanding wrongly about how these policies work?
Fairly new to MS365 here and we’re trying to restrict which MFA methods our users can use. We want our users to be able to either use the Authenticator app or a FIDO2 key depending on their role, in addition to a TAP to do the initial login. We’re testing disabling various methods via the Authentication methods page in Entra. As a representative test we set TAP to disabled and it gave an error when I attempted to issue a TAP for a user via the user’s Authentication methods page in Intune. However we don’t get consistent results with other auth methods: Authenticator, Security key (FIDO2) and SMS. I put a specific group in the ‘Enable and target’ > ‘Exclude’ section for all 3 and was still able to configure Authenticator and a phone for SMS. When viewing the methods configured for the user, only the security key was listed under ‘unusable methods’; hence the policies for Authenticator and SMS appear to have no effect. Similar tests with just one auth method yield the same result. Is there something we’re doing or understanding wrongly about how these policies work? Read More
Reporting-Task Field
Hi,
I renamed Board Status in the ribbon to PMO STATUS REPORT as follows:
When I run my reports, I see “Board Status” not the new revised name.
Thus, can you go to the task field under reporting and make this change! Is it possible?
Thanks.
Hi,I renamed Board Status in the ribbon to PMO STATUS REPORT as follows:When I run my reports, I see “Board Status” not the new revised name.Thus, can you go to the task field under reporting and make this change! Is it possible? Thanks. Read More
NTLM vs Kerberos
Reposting – This article was originally written and posted by Nuno Tavares in 2018 .
In this post, we will go through the basics of NTLM and Kerberos. We will explain using the three Ws, covering what the main differences between them are, how to identify when a protocol is being used over the other, and why one is safer than the other.
So, without further ado. Here is the story…
Chapter 1: The What
What is NTLM?
NTLM is an authentication protocol. It was the default protocol used in old windows versions, but it’s still used today. If for any reason Kerberos fails, NTLM will be used instead.
NTLM has a challenge/response mechanism.
Here is how the NTLM flow works:
A user accesses a client computer and provides a domain name, user name, and a password.
The client computes a cryptographic hash of the password and discards the actual password. The client sends the user name to the server (in plaintext).
The server generates a 16-byte random number, called a challenge, and sends it back to the client.
The client encrypts this challenge with the hash of the user’s password and returns the result to the server. This is called the response.
The server sends the following three items to the domain controller:
– User Name
– Challenge sent to the client
– Response received from the client
The domain controller uses the user name to retrieve the hash of the user’s password. It compares the encrypted challenge with the response by the client (in step 4). If they are identical, authentication is successful, and the domain controller notifies the server.
The server then sends the appropriated response back to the client.
What is Kerberos?
Kerberos is an authentication protocol. It’s the default authentication protocol on Windows versions above W2k, replacing the NTLM authentication protocol.
Here is how the Kerberos flow works:
A user login to the client machine. The client does a plaintext request (TGT). The message contains: (ID of the user; ID of the requested service (TGT); The Client Net address (IP); validation lifetime)
The Authentication Server will check if the user exists in the KDC database.
a. If the user is found, it will randomly generate a key (session key) for use between the user and the Ticket Granting Server (TGS).
b. The Authentication Server will then send two messages back to the client:
– One is encrypted with the TGS secret key.
– One is encrypted with the Client secret key.
Note: The TGS Session Key is the shared key between the client and the TGS. The Client secret key is the hash of the user credentials (username+password).
The client decrypts the key and can logon, caching it locally. It also stores the encrypted TGT in his cache. When accessing a network resource, the client sends a request to the TGS with the resource name he wants to access, the user ID/timestamp and the cached TGT.
The TGS decrypts the user information and provides a service ticket and a service session key for accessing the service and sends it back to the Client once encrypted.
The client sends the request to the server (encrypted with the service ticket and the session-key)
The server decrypts the request and if its genuine, it provides service access.
Chapter 2: The When
How can we identify when we are using NTLM or Kerberos?
We can confirm the authentication being used by collecting a fiddler trace.
In the fiddler trace, we can see the requests being made in the Inspectors/Headers:
Kerberos:
NTLM:
If the request starts with Kerberos and fails, NTLM will be used instead. We can see the reply in the Headers as well:
Kerberos Dependencies:
Both the client and the server need to be running W2k or latter versions and be on the same, or trusted domain.
A SPN needs to exist in the AD for the domain account in use to run the service in which the client is authenticating.
Chapter 3: The Why
Why is Kerberos preferred?
NTLMv1 hashes could be cracked in seconds with today’s computing since they are always the same length and are not salted. NTLMv2 is an improvement, since its length varies and the hash is salted, however it’s still not very secure. Even though the hash is salted before it’s sent, it’s saved unsalted in a machine’s memory.
Furthermore, when we talk about NTLM, we talk about a challenge/response mechanism, which exposes its password to offline cracking when responding to the challenge.
Kerberos provides several advantages over NTLM:
More secure: No password stored locally or sent over the net.
Best performance: Improved performance over NTLM authentication.
Delegation support: Servers can impersonate clients and use the client’s security context to access a resource.
Simpler trust management: Avoids the need to have p2p trust relationships on multiple domains environment.
Supports MFA (Multi Factor Authentication)
The End
Microsoft Tech Community – Latest Blogs –Read More
Microsoft at TechCon365 and PWRCON – Seattle, WA (June 3-7, 2024)
“The thing I enjoyed most about the event was being around like-minded individuals discussing things that I deal with daily.”
– Previous TechCon365 attendee
What: TechCon365 & PWRCON – Seattle
Register today |Use the MSCMTY discount code to save $200 USD off registration.
Content: 2 Microsoft keynotes + 8 general sessions || 185+ overall sessions – 50 Microsoft-led sessions| 25+ full-day workshops
Microsoft is sending over 45+ product makers to present and engage.
Review all sessions + agenda view, workshops, and their full speaker lineup.
When & where: June 3-7, 2024
In-person: Seattle, WA – Seattle Convention Center
Twitter & hashtag: @TechCon365 | #TechCon365
Cost: $850 – $2,775 (Learn more about ticket pricing options)
At TechCon365 & PWRCON Seattle, a Microsoft 365 Conference & Power Platform Conference, the subject matter is divided into tracks and each session is designated for beginner, intermediate, advanced or expert. Tracks are offered for the following subjects: Microsoft 365 Apps, SharePoint, Azure / 365 Development, Microsoft Teams, Power Apps, Content Management, Power Users, Business Value, Implementation/Administration, Power Automate (Flow)/Workflow, Power BI – Business Intelligence, SharePoint Development, and more. Choose one complete learning track or mix and match based on what content best meets you and your organization’s current needs!
With 2 optional days of workshops and a 3-day conference, you can choose from over 130 sessions in multiple tracks and 25 workshops presented by Microsoft 365, SharePoint, Power Platform, Microsoft Teams, Viva, Azure, Copilot & AI’s top experts! Whether you are new to Microsoft 365, Power Platform and SharePoint or an experienced power user, admin or developer, TechCon365 has content designed to fit your experience level and area of interest.
See how the Microsoft 365, SharePoint Power Platform, Azure, and AI ecosystem is growing and evolving by speaking with technical experts from the local Microsoft field and diverse channels within the Microsoft Partner Network – all in our exhibit hall.
Microsoft keynotes, sessions, and workshops: Copilot/AI, SharePoint, OneDrive, Teams, Viva, Power Platform, D&I, and related technology
Microsoft keynotes and AMA
Hear from Microsoft leadership revealing the latest innovations shaping the flexible, innovative, and secure business environments of the future. [all times listed in PDT]
Microsoft 365 keynote: “Thriving in the era of AI”
Presenters: Omar Shahine (CVP), Adam Harmetz (VP), Karuana Gatimu (Principal PM Manager), and Dan Holme (Principal GPM)
Date/Time/Location: Wednesday, June 5th, 8:30am – 9:40am PDT | Room: 6E
Power Platform keynote: “Empowering transformation: Power Platform and Dataverse in the age of AI”
Presenter: Nirav Shah (CVP)
Date/Time/Location: Thursday, June 6th, 8:30am – 9:40am PDT | Room: 6E
Microsoft AMA + SharePint: Wednesday, June 3-7, 5:00pm – 7:00pm PDT | Room 6C – Collab Stage
Register today | Note: Use the MSCMTY discount code to save $200 USD off registration.
Take the opportunity to select the sessions best suited for your role and interests. All breakouts bring product updates, demos, customer stories, best practices, and insights into product and solution strategy – including guidance on the future.
And find us in the Community Lounge – A place to connect with Microsoft MVPs, MCM, Microsoft Regional Directors, and user group leaders via Ask the Experts tables and in the Community Lounge when you can pick up some laptop stickers and learn more about community programs in the Exhibit Hall.
TechCon365 (Microsoft 365) | Microsoft-led general and breakout sessions
It is crucial to ensure your organization is technically ready for the full potential of Copilot for Microsoft 365. The sessions below focus on technical readiness and ensuring you have the latest guidance. Our experts will share best practices and provide guidance on how to leverage AI and to maximize the benefits of Copilot within your organization.
TechCon365 general sessions
“Creating an AI-powered organization – User satisfaction & adoption practices for Copilot” with Karuana Gatimu | Room 609
“Getting ready for Copilot for Microsoft 365” | with Karuana Gatimu | Room 615:616
“SharePoint Premium – Intelligent content for everyone” with Sesha Mani, Chris McNulty, and Jaclynn Hiranaka | Room 608
“What’s new and next for Microsoft Viva” with Michael Holste and Kristi Kelly | Room 619:620
TechCon365 breakout sessions + workshop
“Copilot to Enhance the Employee Experience” with Jay Leask | Room 604
“The art of prompt engineering in Copilot for Microsoft 365” with Michelle Gilbert | Room 613:614
“Driving rollout & adoption of Microsoft 365 and Copilot with Microsoft Viva” with Heather Cook and Karuana Gatimu | Room 608
“The Future of Your Intranet: Beautiful, flexible and AI-ready powered by SharePoint” Denise Trabona and Dave Cohen | Room 619:620
“Introducing SharePoint Premium: AI-powered content management for Microsoft 365” with Chris McNulty | Room 615:616
“Unlock SharePoint Premium content services by connecting Azure Pay-as-you-go billing” with Tom Resing | Room 612
“Automatically capture information about incoming files in Microsoft 365” with Tom Resing | Room 612
“The Ins and Outs of Microsoft 365 Backup & Archiving” with Trent Green, Brad Gussin, and Jaclynn Hiranaka | Room 608
“Teams Premium unveiled: Navigating Teams Premium for optimal productivity” with Margi Desai and Mansoor Malik | Room 619:620
“Empowering frontline workers with Microsoft Teams and next-generation AI” with Tulsi Keshkamat | Room 615:616
“Microsoft Teams in a regulated environment” with Max Fritz | Room 602:603
“What’s new in Teams for Education” with Max Fritz | Room 607
“Cultivating trust and leadership excellence: Strategies for respect and empathy in the workplace” with Heather Cook | Room 613:614
“Getting started with Viva Amplify” with Michael Holste and Naomi Moneypenny | Room 608
“Viva Underground: An outcome-based route to success with Microsoft Viva” with Joy Apple and Jay Leask | Room 615:616
“OneDrive: Collaboration and AI at your fingertips” with Ben Truelove | Room 619:620
“New Planner: Unifying task management in Microsoft Teams” with Biatrice Ambrosa | Room 609
“Mastering Microsoft Lists” with Miceile Barrett and Mark Kashman | Room 619:620
“How Microsoft Does IT: Governance and Administration in the Era of Copilot” | Room 615:616
“Managing change in a Microsoft world! Office 365 governance and change management” with Max Fritz and Michelle Gilbert | Room 612
“Top 10 best practices every admin should be doing in Microsoft 365” with Michelle Gilbert | Room 607
“Governance, Information Management, and Teams – What you need to know” with Joy Apple and Jay Leask | Room 606
“Secure collaboration in Microsoft 365 within a zero-trust lens” with Jay Leask | Room 613:614
WORKSHOP | “Ultimate guide to administering Microsoft 365 and Teams” with Max Fritz and Michelle Gilbert | Room 609
TechCon365 developer sessions
“Introduction to extending Copilot for Microsoft 365” with Jeremy Thake | Room 604
“Developing Graph Connector to ground your business data in Copilot for Microsoft 365” with Jeremy Thake | Room 608
“Copilot extensibility with Microsoft Graph Connectors made easy” with Fabian Williams | Room 608
“Introduction to Microsoft Graph” with Fabian Williams | Room 604
“Building Copilot experiences in SharePoint Embedded applications” with Marc Windle | Room 608
“Improve your users’ productivity with custom Viva Connections cards” with Alex Terentiev | Room 607
“Expanding SharePoint Framework Web Parts in Teams, Office and Outlook” with Alex Terentiev | Room 606
“Viva Connections: Create bot-powered adaptive card extensions” with Alex Terentiev | Room 602:603
PWRCON (Power Platform & Microsoft Fabric) | Microsoft-led sessions
Discover more AI innovation and learn about other core investments that help us deliver powerful business applications for your organization. Power Platform and Fabric help you leap ahead in the Age of AI. From keynote to breakouts to workshops, PWRCON provides insights on how the Power Platform, Dataverse, and Fabric leverage existing enterprise data and business processes to unlock the benefits of Copilot. Get up to speed on the latest product updates and turn up your skills dial on real-world solution design and deployment. Drive your digital transformation, learning from the best subject matter experts in the business.
PWRCON general sessions
“Power Automate and automation in the Age of AI: strategy & roadmap” with Ashvini Sharma | Room 619:620
“Power Platform Architecture” with Ilya Grebnov | Room 615:616
“What’s new in Dataverse & AI Builder: How to easily build generative AI business applications” with Yogi Naik | Room 612
“Building the apps of the future today with Power Platform and Copilot” with Leon Welicki | Room 608
PWRCON breakout sessions + workshop
“Copilot is beside me along my RPA journey” with Taiki Yoshida and Chris Garty | Room 615:616
“What’s New with Copilot Studio” with Dewain Robinson and Pawan Taparia | Room 615:616
“Extending Microsoft Copilot products using Copilot Studio” with Dewain Robinson and Pawan Taparia | Room 609
“Deep dive into building Copilots with Copilot Studio” with Dewain Robinson and Pawan Taparia | Room 606
“Extend Copilot Studio with intelligent actions, workflows from Power Automate” with Matt Townsend and Harysh Menon | Room 619:620
“Extend Copilot for Sales using Copilot Studio to empower sales teams with data and insights” with Bharath Varadarajan | Room 609
“Process mining with Copilot and AI: A new frontier for business intelligence” with Heather Orta-Olmo and Derah Onuorah | Room 615:616
“Dataverse: Safeguard AI-enabled Enterprise Applications and Copilots” with Mihaela Blendea | Room 619:620
“Power Pages overview and roadmap” with Meera Mahabala | Room 619:620
“Using your enterprise knowledge for building Q&A experiences in Copilot” with Julie Koesmarno | Room 604
“Securing and governing the Power Platform at scale” with Zohar Raz | Room 609
Microsoft Fabric and Power BI sessions + workshop
“Unlocking insights with Power BI Copilot” with Shannon Lindsay and Alex Powers | Room 609
“Building a modern Data Lake with OneLake: The OneDrive for data” with Josh Caplan | Room 611
“Driving productivity and a data-driven culture with Power BI in Microsoft 365” with Alex Powers and Shannon Lindsay | Room 619:620
“Transform Your Power BI data in Microsoft Fabric” with John White and Jason Himmelstein | Room 611
“Source Control with Power BI and Microsoft Fabric” with John White and Jason Himmelstein | Room 609
“Deep Dive on Power BI, Teams and SharePoint” with John White and Jason Himmelstein | Room 609
“From SQL developer to business analyst: Harnessing Fabric’s innovations” with Charles Webb | Room 612
WORKSHOP | “Everything You Wanted to Know About Power BI… but were afraid to ask!” with John White and Jason Himmelstein | Room 607
Register today | Note: Use the MSCMTY discount code to save $200 USD off registration.
Get the most out of TechCon365: Our top five tips while attending
Introduce yourself | Unique perspectives await, including yours.
Attend as much as you can | Laptops down, eyes open – depth learning, tips, and tricks abound.
Share what you know |Your knowledge saves time – pay it forward.
Ask questions, share feedback | Your issues and ideas Inform us and influence the roadmap.
Hydrate and dress for steps | Keep the brain healthy and mind active.
BONUS | Update your LinkedIn profile and photo | Best reflect your professional experience and growing technical aptitude.
Learn more
Visit TechCon365.com/Seattle and follow the action on X/Twitter: @TechCon365, @Microsoft365, @MSFTCopilot, @SharePoint, @OneDrive, @MicrosoftTeams, @MSPowerPlat, @Microsoft365Dev, and @MSFTAdoption.
I hope you will join us in Seattle, WA for what will be a fantastic week in the PNW! We’re looking forward to the action alongside the community, MVPs, and Microsoft product members from Copilot, Teams, Office, SharePoint, OneDrive, Loop, Viva, Power Platform, Lists, Planner, and more.
Remember, use the discount code MSCMTY discount code to save $200 USD off your conference registration. Register today!
Last, a glimpse of the TechCon365/PWRCON event experience:
Cheers and see you there,
Mark Kashman, Senior product manager – Microsoft
Microsoft Tech Community – Latest Blogs –Read More
Windows Server 2012 manual patching
Hello Team,
I have 2 new servers – Windows Server 2016 standard and Windows 2012 R2 standard.
I need to install security patches manualy(download from interenet, copy and install) as there is no access to internet and we don’t have any patching tool.
For Windows 2016 standard I will install latest Cumulative Update and the latest Service Stack Update. I think it is enough.
But what about Windows Server 2012 R2 standard? Which security patches should I install to have this server up-to-date?
Thank you in advance for help.
Hello Team,I have 2 new servers – Windows Server 2016 standard and Windows 2012 R2 standard.I need to install security patches manualy(download from interenet, copy and install) as there is no access to internet and we don’t have any patching tool.For Windows 2016 standard I will install latest Cumulative Update and the latest Service Stack Update. I think it is enough.But what about Windows Server 2012 R2 standard? Which security patches should I install to have this server up-to-date?Thank you in advance for help. Read More
Copilot for 3rd party system – Advice needed
I am currently working on creating a Copilot intended to be used as a tool for employees to access and retrieve information about customers and the insurances they have in a 3rd party, non-Microsoft, system.
I’m struggling with finding information about some functionalities and best practices and would greatly appreciate your advice:
The insurances, customer, and claims are queryable via an API and events on a service bus upon changes – we do not have access to the databaseThe insurances need to be correlated with the corresponding terms & conditions, which are available in PDFs in a blob-store or Sharepoint.Depending on if it is a customer, or a internal administrator, only the relevant insurances/claims-data should be part of the dataset included in the responseIf an insurance is created for a customer, it should be part of the dataset “near realtime”.
A quick response time is crucial, which means pre-indexing data is a necessity.
Ideally, the Copilot should operate swiftly and accurately, but I am also tasked with creating a solution that is easy to set up and maintain. We’re deciding between using Copilot and AI Studio.
What would be the easiest way to implement this, and what would be the best way?
Thank you,
Malin
I am currently working on creating a Copilot intended to be used as a tool for employees to access and retrieve information about customers and the insurances they have in a 3rd party, non-Microsoft, system. I’m struggling with finding information about some functionalities and best practices and would greatly appreciate your advice: The insurances, customer, and claims are queryable via an API and events on a service bus upon changes – we do not have access to the databaseThe insurances need to be correlated with the corresponding terms & conditions, which are available in PDFs in a blob-store or Sharepoint.Depending on if it is a customer, or a internal administrator, only the relevant insurances/claims-data should be part of the dataset included in the responseIf an insurance is created for a customer, it should be part of the dataset “near realtime”.A quick response time is crucial, which means pre-indexing data is a necessity. Ideally, the Copilot should operate swiftly and accurately, but I am also tasked with creating a solution that is easy to set up and maintain. We’re deciding between using Copilot and AI Studio.What would be the easiest way to implement this, and what would be the best way?Thank you,Malin Read More
Unable to fetch more than 5000 records from filtered view
I have a SharePoint List and created filtered views of the list which contains more than 5000 records . I tried to retrieve the records and getting an error like “The attempted operation is prohibited because it exceeds the list view threshold”. Can anyone help me to get data using pagination like batch by batch in loop? If possible share the code snippet for python.
I have a SharePoint List and created filtered views of the list which contains more than 5000 records . I tried to retrieve the records and getting an error like “The attempted operation is prohibited because it exceeds the list view threshold”. Can anyone help me to get data using pagination like batch by batch in loop? If possible share the code snippet for python. Read More