Tag Archives: microsoft
How to Fix QuickBook𝘀 Crashes on Startup in Windows 11
I’m facing a frustrating issue with QuickBook𝘀 that I hope someone can help me with. Every time I try to launch QuickBook𝘀, it crashes immediately on startup, and I’m unable to access any of my financial data.
I’m facing a frustrating issue with QuickBook𝘀 that I hope someone can help me with. Every time I try to launch QuickBook𝘀, it crashes immediately on startup, and I’m unable to access any of my financial data. Read More
Excel Chess Games Viewer 2.1
Excel Chess Games Viewer 2.1 is a slightly upgraded version of my Excel Chess Games Viewer 2.0, which now includes an option to flip the chessboard, and 77 of the most famous chess games ever.
Can you guess the brilliant move 29 for Black, in the game below?
Happy International Chess Day!
Excel Chess Games Viewer 2.1 is a slightly upgraded version of my Excel Chess Games Viewer 2.0, which now includes an option to flip the chessboard, and 77 of the most famous chess games ever. Can you guess the brilliant move 29 for Black, in the game below? Happy International Chess Day! Read More
New Blog | Leveraging insider risk visibility to strengthen your data security
Recent research reveals that insider risks are surging more each day. Over the past year, an alarming 63%[1] of data breaches were traced back to insiders, whether through inadvertent errors or malicious intent. These internal threats call for innovative solutions that can dynamically adapt to data security risks, instead of the widely available fragmented and one-size-fits-all solutions, where rigid controls can stymie legitimate business activities and lenient policies might leave the door open to data loss.
Striking the right balance between productivity and data security is critical, and that’s where the user visibility of Microsoft Purview Insider Risk Management, combined with the dynamic controls of Adaptive Protection, can help. These solutions enable organizations to tailor data protection strategies by integrating insider risk levels, determined by user activities, with different policy engines, allowing for automatic adjustments of policies as insider risk levels change.
Microsoft Purview Insider Risk Management correlates various signals, such as unusual access patterns and data exfiltration, to identify potential malicious or inadvertent insider risks, including IP theft, data leakage, and security violations. Insider Risk Management enables customers to create data handling policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
The evolution of dynamic controls with Adaptive Protection within access management
This week we’re thrilled to announce the general availability of the integration between Adaptive Protection in Microsoft Purview and Microsoft Entra Conditional Access. Organizations frequently struggle to implement effective data security and access management because they rely on fragmented and siloed solutions. These disjointed approaches hinder the consistent rollout of new security controls and can create exploitable gaps. Microsoft’s integration of Adaptive Protection and Conditional Access, however, offers a streamlined and integrated solution that seamlessly automates access controls for users based on their insider risk levels, thereby reducing the complexity of managing multiple disparate systems.
Consider a scenario where an employee at an organization is flagged as a potential insider risk; they are working on a sensitive project and they start to demonstrate risky activity detected in Insider Risk Management. With the integration of Adaptive Protection and Conditional Access, the organization can swiftly apply access policies to this employee if needed, and these policy controls can increase as the employee’s activities become riskier. The policy will then automatically ramp up controls and can restrict access to critical applications and systems without manual involvement of the data security admin, thus adding a protective layer against insider risks.
In Conditional Access, admins can now combine insights on insider and sign-in risks, to protect data against both external and internal threats with a comprehensive and multi-layered security strategy against unauthorized access, data leaks, and theft. With Conditional Access now being used to tackle both external and insider threats, your data remains secure, thereby bolstering your organization’s resilience against evolving cyber threats.
Figure 1: New ‘insider risk’ condition in Conditional Access
Read the full post here: Leveraging insider risk visibility to strengthen your data security
By Nathalia Borges
Recent research reveals that insider risks are surging more each day. Over the past year, an alarming 63%[1] of data breaches were traced back to insiders, whether through inadvertent errors or malicious intent. These internal threats call for innovative solutions that can dynamically adapt to data security risks, instead of the widely available fragmented and one-size-fits-all solutions, where rigid controls can stymie legitimate business activities and lenient policies might leave the door open to data loss.
Striking the right balance between productivity and data security is critical, and that’s where the user visibility of Microsoft Purview Insider Risk Management, combined with the dynamic controls of Adaptive Protection, can help. These solutions enable organizations to tailor data protection strategies by integrating insider risk levels, determined by user activities, with different policy engines, allowing for automatic adjustments of policies as insider risk levels change.
Microsoft Purview Insider Risk Management correlates various signals, such as unusual access patterns and data exfiltration, to identify potential malicious or inadvertent insider risks, including IP theft, data leakage, and security violations. Insider Risk Management enables customers to create data handling policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
The evolution of dynamic controls with Adaptive Protection within access management
This week we’re thrilled to announce the general availability of the integration between Adaptive Protection in Microsoft Purview and Microsoft Entra Conditional Access. Organizations frequently struggle to implement effective data security and access management because they rely on fragmented and siloed solutions. These disjointed approaches hinder the consistent rollout of new security controls and can create exploitable gaps. Microsoft’s integration of Adaptive Protection and Conditional Access, however, offers a streamlined and integrated solution that seamlessly automates access controls for users based on their insider risk levels, thereby reducing the complexity of managing multiple disparate systems.
Consider a scenario where an employee at an organization is flagged as a potential insider risk; they are working on a sensitive project and they start to demonstrate risky activity detected in Insider Risk Management. With the integration of Adaptive Protection and Conditional Access, the organization can swiftly apply access policies to this employee if needed, and these policy controls can increase as the employee’s activities become riskier. The policy will then automatically ramp up controls and can restrict access to critical applications and systems without manual involvement of the data security admin, thus adding a protective layer against insider risks.
In Conditional Access, admins can now combine insights on insider and sign-in risks, to protect data against both external and internal threats with a comprehensive and multi-layered security strategy against unauthorized access, data leaks, and theft. With Conditional Access now being used to tackle both external and insider threats, your data remains secure, thereby bolstering your organization’s resilience against evolving cyber threats.
Figure 1: New ‘insider risk’ condition in Conditional Access
Read the full post here: Leveraging insider risk visibility to strengthen your data security Read More
Windows Update Error 0x800f0983 Cumulative Update for Windows 11 Insider Preview (10.0.26120.1252)
Hi,
I can’t install the Cumulative Update for Windows 11 Insider Preview (10.0.26120.1252) (KB5038603) on Windows Update, it shows the error 0x800f0983. I’m Brazilian and I’m deaf too… The English language is very hard for me… I have the Insider Preview, Dev Channel, installed on my Windows 11 PRO.
The Diagnostics Tools for Repair the Windows Update doesn’t works, and I already try the REM command to change the CatRoot2 folder name, but its fails due to banned permission rights.
I need help, please…
Hi, I can’t install the Cumulative Update for Windows 11 Insider Preview (10.0.26120.1252) (KB5038603) on Windows Update, it shows the error 0x800f0983. I’m Brazilian and I’m deaf too… The English language is very hard for me… I have the Insider Preview, Dev Channel, installed on my Windows 11 PRO. The Diagnostics Tools for Repair the Windows Update doesn’t works, and I already try the REM command to change the CatRoot2 folder name, but its fails due to banned permission rights. I need help, please… Read More
Project for Web – Project Access issues
Hi, We have all our projects on Project for Web. All of a sudden since a couple of days ago the project managers and also resources are not able to access some of their projects. I am not able to pinpoint a pattern to which projects. It is happening to multiple projects and every person has access limits to one or more projects. For example PM1 has access to his Project1 but not to Project2. The resource1 who is assigned to both of these projects can not open either of them. Also this started last week. So until last week they were all able to access all their projects!
How can I troubleshoot this?
This is the error they get on Microsoft Project Web:
this is the error they get when trying to open the app on Project Model Driven App:
Hi, We have all our projects on Project for Web. All of a sudden since a couple of days ago the project managers and also resources are not able to access some of their projects. I am not able to pinpoint a pattern to which projects. It is happening to multiple projects and every person has access limits to one or more projects. For example PM1 has access to his Project1 but not to Project2. The resource1 who is assigned to both of these projects can not open either of them. Also this started last week. So until last week they were all able to access all their projects! How can I troubleshoot this? This is the error they get on Microsoft Project Web: this is the error they get when trying to open the app on Project Model Driven App: Read More
iOS Personal Not Installing Required Applications
I configured Intune to setup BYOD iOS personal devices.
Everything was working. I retired my phone from Intune so that I could document the process. After documenting the process, I noticed that the required applications were not installing even after several days. While my phone shows Compliant in Intune, I did noticed that the Serial and Phone numbers of the phone were not being populated in the Overview.
Also I check the help & support page. After running my email address, this came up:
Any help would be appreciated.
I configured Intune to setup BYOD iOS personal devices. Everything was working. I retired my phone from Intune so that I could document the process. After documenting the process, I noticed that the required applications were not installing even after several days. While my phone shows Compliant in Intune, I did noticed that the Serial and Phone numbers of the phone were not being populated in the Overview. Also I check the help & support page. After running my email address, this came up: Any help would be appreciated. Read More
Copy rows from one set of sheets to another set of sheets, based on a condition
Hey all!
Newbie, and could use some help, as I am not sure of the best way to achieve what I’m hoping to do :grinning_face:
Effectively, various focus areas for a company have been identified (IT, HR, FINANCE, COMMS, SALES). One sheet for each.
Each focus area has tasks assigned there.
Each of these tasks is assigned to a specific region (South, North, West, East, Central). One sheet per each.
There are five focus areas, and five regions
So, looking at the ‘IT” sheet, I want all the tasks taking place in the SOUTH to be copied to a ‘SOUTH’ sheet
Then, still looking at the ‘ IT’ sheet, I want all the tasks taking place in the “NORTH’ to be copied to NORTH’ sheet.
You’d make your way through all the IT tasks, then HR then finance, then comms, then sales, with tasks for each copied to a new sheet correlating with the region.
Basically, every task that’s assigned to a focus area will be copied to its respective region tab.
I’ve seen examples of copying one or even two to another tab, but really not sure how it operates with multiples!
Pls note, the other columns (C to E) are blank now, but will have data later. I also cannot lump all the focus areas into a single sheet 🙁
Graphics below!
Thank you!
Hey all!Newbie, and could use some help, as I am not sure of the best way to achieve what I’m hoping to do :grinning_face: Effectively, various focus areas for a company have been identified (IT, HR, FINANCE, COMMS, SALES). One sheet for each. Each focus area has tasks assigned there. Each of these tasks is assigned to a specific region (South, North, West, East, Central). One sheet per each. There are five focus areas, and five regions So, looking at the ‘IT” sheet, I want all the tasks taking place in the SOUTH to be copied to a ‘SOUTH’ sheet Then, still looking at the ‘ IT’ sheet, I want all the tasks taking place in the “NORTH’ to be copied to NORTH’ sheet. You’d make your way through all the IT tasks, then HR then finance, then comms, then sales, with tasks for each copied to a new sheet correlating with the region. Basically, every task that’s assigned to a focus area will be copied to its respective region tab. I’ve seen examples of copying one or even two to another tab, but really not sure how it operates with multiples! Pls note, the other columns (C to E) are blank now, but will have data later. I also cannot lump all the focus areas into a single sheet 🙁 Graphics below! Thank you! Read More
Update booking events to individual staff member’s office 365 calendar
How to update individual staff member’s calendar with the booking events?
How to update individual staff member’s calendar with the booking events? Read More
VBA
Need to find errors in this excel VBA Code
Private Sub Worksheet_Change(ByVal Target As Range)
Dim ws As Worksheet
Set ws = Me
Dim selectedQueue As String
Dim col As Integer
Dim cell As Range
Dim queueFound As Boolean
Dim i As Long
‘ Handle queue selection in cell A1
If Not Intersect(Target, Range(“A1”)) Is Nothing Then
selectedQueue = ws.Range(“A1”).Value
queueFound = False
‘ Unhide/hide columns based on queue selection
On Error GoTo ErrorHandler
Application.ScreenUpdating = False
‘ Loop through columns G to CZ
For col = 7 To 104
If ws.Cells(5, col).MergeCells Then
Set cell = ws.Cells(5, col).MergeArea
If Not IsError(cell.Cells(1, 1).Value) And Not IsEmpty(cell.Cells(1, 1).Value) Then
If Trim(CStr(cell.Cells(1, 1).Value)) = Trim(selectedQueue) Or Trim(selectedQueue) = “All Queues” Then
‘ Unhide the columns if they are hidden
If cell.Columns.Hidden Then
cell.Columns.Hidden = False
End If
‘ Select the first cell of the unhidden merged area
cell.Cells(1, 1).Select
queueFound = True
Else
‘ Hide the columns if they are not the selected queue
cell.Columns.Hidden = True
End If
End If
Else
‘ If the column is blank, hide it
ws.Columns(col).Hidden = True
End If
Next col
‘ If “All Queues” is selected, show all queues data
If selectedQueue = “All Queues” Then
For col = 7 To 104
ws.Columns(col).Hidden = False
Next col
queueFound = True
End If
‘ If the queue is not found, show a message
If Not queueFound Then
MsgBox “Queue not found in row 5.”
End If
Application.ScreenUpdating = True
Exit Sub
ErrorHandler:
MsgBox “An error occurred: ” & Err.Description
Application.ScreenUpdating = True
End If
‘ Handle status changes and timestamping
If Not Intersect(Target, Range(“G6:G1000”)) Is Nothing Then
If Not IsEmpty(Target) Then
‘ Define headers and their corresponding columns
Dim headers As Variant
headers = Array(“Status”, “Commence”, “Awaiting”, “Re-Picked”, “Completed”)
Dim headerCol As Integer
Dim statusCol As Integer
Dim timestampCol As Integer
‘ Find the header columns
For i = LBound(headers) To UBound(headers)
headerCol = Application.Match(headers(i), ws.Rows(6), 0)
If headers(i) = “Status” Then statusCol = headerCol
If Target.Column = statusCol Then
‘ Get corresponding timestamp column
Select Case Target.Value
Case “Commence”
timestampCol = Application.Match(“Commence”, ws.Rows(6), 0)
Case “Awaiting”
timestampCol = Application.Match(“Awaiting”, ws.Rows(6), 0)
Case “Re-Picked”
timestampCol = Application.Match(“Re-Picked”, ws.Rows(6), 0)
Case “Completed”
timestampCol = Application.Match(“Completed”, ws.Rows(6), 0)
End Select
‘ Insert timestamp
If timestampCol > 0 Then
ws.Cells(Target.Row, timestampCol).Value = Now
End If
End If
Next i
End If
End If
End Sub
Need to find errors in this excel VBA Code Private Sub Worksheet_Change(ByVal Target As Range)Dim ws As WorksheetSet ws = MeDim selectedQueue As StringDim col As IntegerDim cell As RangeDim queueFound As BooleanDim i As Long’ Handle queue selection in cell A1If Not Intersect(Target, Range(“A1”)) Is Nothing ThenselectedQueue = ws.Range(“A1”).ValuequeueFound = False’ Unhide/hide columns based on queue selectionOn Error GoTo ErrorHandlerApplication.ScreenUpdating = False’ Loop through columns G to CZFor col = 7 To 104If ws.Cells(5, col).MergeCells ThenSet cell = ws.Cells(5, col).MergeAreaIf Not IsError(cell.Cells(1, 1).Value) And Not IsEmpty(cell.Cells(1, 1).Value) ThenIf Trim(CStr(cell.Cells(1, 1).Value)) = Trim(selectedQueue) Or Trim(selectedQueue) = “All Queues” Then’ Unhide the columns if they are hiddenIf cell.Columns.Hidden Thencell.Columns.Hidden = FalseEnd If’ Select the first cell of the unhidden merged areacell.Cells(1, 1).SelectqueueFound = TrueElse’ Hide the columns if they are not the selected queuecell.Columns.Hidden = TrueEnd IfEnd IfElse’ If the column is blank, hide itws.Columns(col).Hidden = TrueEnd IfNext col’ If “All Queues” is selected, show all queues dataIf selectedQueue = “All Queues” ThenFor col = 7 To 104ws.Columns(col).Hidden = FalseNext colqueueFound = TrueEnd If’ If the queue is not found, show a messageIf Not queueFound ThenMsgBox “Queue not found in row 5.”End IfApplication.ScreenUpdating = TrueExit SubErrorHandler:MsgBox “An error occurred: ” & Err.DescriptionApplication.ScreenUpdating = TrueEnd If’ Handle status changes and timestampingIf Not Intersect(Target, Range(“G6:G1000”)) Is Nothing ThenIf Not IsEmpty(Target) Then’ Define headers and their corresponding columnsDim headers As Variantheaders = Array(“Status”, “Commence”, “Awaiting”, “Re-Picked”, “Completed”)Dim headerCol As IntegerDim statusCol As IntegerDim timestampCol As Integer’ Find the header columnsFor i = LBound(headers) To UBound(headers)headerCol = Application.Match(headers(i), ws.Rows(6), 0)If headers(i) = “Status” Then statusCol = headerColIf Target.Column = statusCol Then’ Get corresponding timestamp columnSelect Case Target.ValueCase “Commence”timestampCol = Application.Match(“Commence”, ws.Rows(6), 0)Case “Awaiting”timestampCol = Application.Match(“Awaiting”, ws.Rows(6), 0)Case “Re-Picked”timestampCol = Application.Match(“Re-Picked”, ws.Rows(6), 0)Case “Completed”timestampCol = Application.Match(“Completed”, ws.Rows(6), 0)End Select’ Insert timestampIf timestampCol > 0 Thenws.Cells(Target.Row, timestampCol).Value = NowEnd IfEnd IfNext iEnd IfEnd IfEnd Sub Read More
Assistance Needed: SQL Server 2019 Log Shipping for SharePoint SQL FCI Database
I hope this message finds you well.
I need some information regarding SQL Server 2019. Our client requires a Disaster Recovery (DR) solution for their SharePoint SQL Failover Cluster Instance (FCI) database. As they do not have an enterprise license, we need to use the standard edition, which necessitates an FCI for High Availability (HA).
We are considering configuring log shipping for DR purposes. However, I have come across some information suggesting that log shipping may not be supported with an FCI. Could anyone confirm whether this is the case? If it is supported, are there any specific considerations or best practices we should be aware of?
I hope this message finds you well.I need some information regarding SQL Server 2019. Our client requires a Disaster Recovery (DR) solution for their SharePoint SQL Failover Cluster Instance (FCI) database. As they do not have an enterprise license, we need to use the standard edition, which necessitates an FCI for High Availability (HA).We are considering configuring log shipping for DR purposes. However, I have come across some information suggesting that log shipping may not be supported with an FCI. Could anyone confirm whether this is the case? If it is supported, are there any specific considerations or best practices we should be aware of? Read More
Where does Windows 11 store File History
I had File History running in Windows for a while, probably staring under WIndows 10. I could go the the drive where History was stored and browse through the versions of files there with File Explorer. I recently discovered, to my horror, that File History was NOT running on my machine. I started it up, and it is now running. However when I go to the drive where the files are to be copied, I can”t find them. I find old ones from last year, with the date & time added to each version, but nothing new. When I use the built in restore feature I can see a few recent versions of a file that is updated every weekday. But I can NOT find anything using File Explorer. Google has let me down, Microsoft Help has let me down. I have found nothing about WHERE the files are stored.
(I’m no Windows expert but I’ve been using it since the Windows NT days, when I was a Microsoft SQL Server MVP. I’m long retired, but not a complete newby.)
I had File History running in Windows for a while, probably staring under WIndows 10. I could go the the drive where History was stored and browse through the versions of files there with File Explorer. I recently discovered, to my horror, that File History was NOT running on my machine. I started it up, and it is now running. However when I go to the drive where the files are to be copied, I can”t find them. I find old ones from last year, with the date & time added to each version, but nothing new. When I use the built in restore feature I can see a few recent versions of a file that is updated every weekday. But I can NOT find anything using File Explorer. Google has let me down, Microsoft Help has let me down. I have found nothing about WHERE the files are stored.(I’m no Windows expert but I’ve been using it since the Windows NT days, when I was a Microsoft SQL Server MVP. I’m long retired, but not a complete newby.) Read More
Attachment Column from List not showing up in Forms
I am trying to build a List to feed my forms, and I’m hoping to allow those who fill out the form to be able to add an attachment. Is this possible? I was able to add an attachments column in my list, but it’s not showing up as a field option when I create the form.
I am trying to build a List to feed my forms, and I’m hoping to allow those who fill out the form to be able to add an attachment. Is this possible? I was able to add an attachments column in my list, but it’s not showing up as a field option when I create the form. Read More
Company portal says rooted device but it’s not – Android
Hi everyone,
We came across a situation where one of our Android user is not able to access Outlook and Teams due to rooted device. We configured only App protection (MAM) policy in Intune and blocked access from Jailbroken/rooted devices. Only the MAM policy as been applied on the device and the device is not enrolled with Intune. So far, we have followed below troubleshooting,
Rejoined the device again, however after sometime, the error will be appeared again.Check whether the device is rooted or not (Go to Settings > About phone > Status Information > Phone Status). Phone status says official. I believe this means not a rooted device.
Below is the error message from the company portal
Device Status in Azure AD (Not enroll with Intune)
I would appreciate if anyone can help me whether I have anything else try out before I create a support case with Microsoft.
Thanks,
Dilan
Hi everyone, We came across a situation where one of our Android user is not able to access Outlook and Teams due to rooted device. We configured only App protection (MAM) policy in Intune and blocked access from Jailbroken/rooted devices. Only the MAM policy as been applied on the device and the device is not enrolled with Intune. So far, we have followed below troubleshooting, Rejoined the device again, however after sometime, the error will be appeared again.Check whether the device is rooted or not (Go to Settings > About phone > Status Information > Phone Status). Phone status says official. I believe this means not a rooted device.Below is the error message from the company portal Device Status in Azure AD (Not enroll with Intune) I would appreciate if anyone can help me whether I have anything else try out before I create a support case with Microsoft. Thanks,Dilan Read More
GPT-4o mini: now available on Azure AI
GPT-4o mini by OpenAI is now available on Azure AI. This new model is touted to be smarter and more cost-effective than its predecessor, GPT-3.5 Turbo, boasting an 82% score on the MMLU compared to 70%, and offering a 60% cost reduction. It features a 128K context window and improved multilingual capabilities, enhancing quality across various languages.
GPT-4o mini supports text processing on Azure AI with image, audio, and video capabilities to be added later. It is particularly beneficial for streaming scenarios like assistants, code interpreters, and retrieval services due to its speed and efficiency. The model’s integration with GitHub Copilot has demonstrated remarkable speed, providing code completion suggestions almost instantaneously.
Azure AI has also introduced updates to the Azure OpenAI Service, focusing on safety, data residency, and pay-as-you-go availability. Safety features such as prompt shields and protected material detection are now enabled by default. The service now offers data residency in all 27 regions, including the newly launched region in Spain, ensuring compliance with customers’ unique requirements.
The global pay-as-you-go deployment option for GPT-4o mini is now generally available, offering competitive pricing and high throughput limits. Customers can upgrade to newer models without changing regions, and the service promises 99.99% availability with industry-leading speed.
Finally, Azure AI is investing in efficiencies for AI workloads, introducing fine-tuning for GPT-4o mini and reduced hosting charges.
Check out this blog to learn more: OpenAI’s fastest model, GPT-4o mini is now available on Azure AI | Microsoft Azure Blog
Are you already Azure AI in your app development? Comment below to let us know what additional resources would be helpful on your AI journey!
GPT-4o mini by OpenAI is now available on Azure AI. This new model is touted to be smarter and more cost-effective than its predecessor, GPT-3.5 Turbo, boasting an 82% score on the MMLU compared to 70%, and offering a 60% cost reduction. It features a 128K context window and improved multilingual capabilities, enhancing quality across various languages.
GPT-4o mini supports text processing on Azure AI with image, audio, and video capabilities to be added later. It is particularly beneficial for streaming scenarios like assistants, code interpreters, and retrieval services due to its speed and efficiency. The model’s integration with GitHub Copilot has demonstrated remarkable speed, providing code completion suggestions almost instantaneously.
Azure AI has also introduced updates to the Azure OpenAI Service, focusing on safety, data residency, and pay-as-you-go availability. Safety features such as prompt shields and protected material detection are now enabled by default. The service now offers data residency in all 27 regions, including the newly launched region in Spain, ensuring compliance with customers’ unique requirements.
The global pay-as-you-go deployment option for GPT-4o mini is now generally available, offering competitive pricing and high throughput limits. Customers can upgrade to newer models without changing regions, and the service promises 99.99% availability with industry-leading speed.
Finally, Azure AI is investing in efficiencies for AI workloads, introducing fine-tuning for GPT-4o mini and reduced hosting charges.
Check out this blog to learn more: OpenAI’s fastest model, GPT-4o mini is now available on Azure AI | Microsoft Azure Blog
Are you already Azure AI in your app development? Comment below to let us know what additional resources would be helpful on your AI journey! Read More
FSLogix is now part of the Microsoft Management Customer Connection Program (MM CCP)!
FSLogix is a complex tool that is used in a wide range of environments. Testing and validating these environments is extremely challenging as an engineering team and we rely on customers like you to help us test, validate and ensure our product is meeting the needs of all our customers.
FSLogix is partnering with the Microsoft Management Customer Connection Program (MM CCP) to provide customers and professionals with a forum to join exclusive conversations, feedback and access to future versions of the product. FSLogix is part of the Windows Cloud Experience (WCX) organization where you can find AVD, Windows 365, and the new ‘FSLogix and user profile discussion‘ channels.
Join the MM CCP today!
MM CCP is a mutually beneficial program where members have engagement opportunities and access to member exclusive information and other benefits with participating MM CCP Communities like:
Data Security and Privacy Customer Connection Program
Microsoft Purview products: Information Protection, Data Loss Prevention, Insider Risk Management, Microsoft Purview Data Governance, eDiscovery, Audit, Data Lifecycle Management, Records Management and Microsoft Priva
Security Connection Program
SIEM & XDR, CNAPP (Defender for Cloud), & Network Security
Management Customer Connection Program
Microsoft Intune product family, Windows and Windows Cloud Experiences (WCX)
Microsoft Entra Advisors
Microsoft Entra Permissions Management, Microsoft Verified ID, Identity Advisors, Identity Developer Advisors, Identity in Education, Azure B2C Advisors
Copilot for Security Customer Connection Program
Participation in MCCP is voluntary. To opt-out of MCCP at any time, visit: https://aka.ms/CCPOptOut
Microsoft Tech Community – Latest Blogs –Read More
Use cases of Advanced Network Observability for your Azure Kubernetes Service clusters
Introduction
Advanced Network Observability is the inaugural feature of the Advanced Container Networking Services (ACNS) suite bringing the power of Hubble’s control plane to both Cilium and Non-Cilium Linux data planes. It unlocks Hubble metrics, Hubble’s command line interface (CLI) and the Hubble user interface (UI) on your AKS clusters providing deep insights into your containerized workloads. Advanced Network Observability empowers customers to precisely detect and root-cause network related issues in a Kubernetes cluster.
Prerequisites
This blog will focus on ACNS enabled on Azure Kubernetes Service cluster with Azure Managed Prometheus and Grafana enabled.
Before setting up AKS, ensure that you have an Azure account and subscription, with permissions that allow you to create resource groups and deploy AKS clusters. Follow instructions in this guide to setup an AKS cluster and run the scenarios below.
High level steps:
Create AKS Cluster
Enable Advanced Container Networking Services on this cluster
Create and attach Azure managed Prometheus and Grafana
Install Hubble CLI on your local machine following these instructions.
Deploy Hubble UI Component on this cluster following these instructions.
Concepts
Cilium: Cilium is an open source, cloud native solution for providing, securing, and observing network connectivity between workloads, fueled by the revolutionary Kernel technology eBPF.
Hubble: Hubble is a fully distributed networking and security observability platform. It is built on top of Cilium and eBPF to enable deep visibility into the communication and behavior of services as well as the networking infrastructure in a completely transparent manner.
Retina: Retina is a cloud-agnostic, open-source eBPF based Kubernetes Network Observability platform, it is the technology behind advanced network observability in non-Cilium Linux nodes.
Customer Scenario 1: Domain Name Server (DNS) intermittent failures
Ruling out Domain Name Server (DNS) issues is the first step for any major network issue. Having powerful visibility into Domain Name Server (DNS) requests/responses at a detailed pod level enables faster incident resolution and cloud cost optimization. With Advanced Observability, customers can not only view requests and responses by type and fully qualified domain name (FQDN), but they can also see error codes returned to requests, IP addresses returned in response for a given request and much more.
Retina uses eBPF programs to examine every DNS request and response packet in the Linux kernel and pass the packet and its metadata to the user space program. Here, the metadata is further processed to extract returned IPs in DNS response packets. All this metadata is used to produce relevant metrics that show status both at node level and pod level.
This is an example of how Advanced metrics can help you. DNS latency, errors and timeouts are hard to troubleshoot and can cause severe application issues. But our dashboards make it easier for DevOps engineers to detect and fix DNS problems. The dashboard panel below shows a sudden rise in missing DNS responses within the cluster, the most common DNS errors, and which nodes have the most errors.
The dashboard shows a summary of all DNS activities in the cluster – what kinds of queries lack responses, what’s the most common query and most common response. All this information can help administrators prevent possible problems with usage and security, and act to reduce them.
Customer Scenario 2: Network Policy Drops at Pod level
Debugging network policies in large, intricate clusters with multiple namespaces can be a daunting task, especially when there are numerous network policies per namespace. To address this challenge, the network policy addon leverages eBPF in Linux to collect crucial information about dropped packets. By attaching kprobes at various critical locations in the Linux kernel, such as the netfilter drop function and the netfilter nat function, the network policy addon effectively determines if a packet is being dropped.
When a dropped packet is detected, the associated eBPF programs generate an event that includes packet metadata, along with the drop reason and location. This event is then processed by a userspace program, which parses the data and converts it into Prometheus metrics. These metrics offer valuable insights into the dropped packets, aiding in the identification and resolution of network policy configuration issues.
Let’s walk through an example and see how pod-level metrics and flows can help debug packet drops in a cluster. Below is a snapshot of a workload running in AKS cluster. The panel shows a heatmap of the pods running as part of a deployment, and the number of packets originating from those pods being dropped. This panel is very useful, because this lets administrations know there is a problem in real-time, and the pod being impacted. The panel also immediately shows the reason for the drop – “policy_denied”, indicating the drops are happening because of a networking policy applied in the cluster.
To dig deeper, we can leverage the Hubble CLI tool to inspect flows in real time. The below snapshot shows how we can filter traffic using namespace and type. Hubble cli will show the source and destination pods of the packets being dropped, helping us narrow down the policy even further.
Another tool user can use is the Hubble UI, which shows traffic flows occurring for a namespace. Below, we see the pods in agnhost namespace interacting with other pods in the same namespace as well as pods in different namespaces. Also, it’s receiving packets from outside the cluster. The UI also shows which packets are getting dropped, and the details include source and destination pod names, as well as pod and namespace labels. Using this information, we can dig through network policies applied in the cluster and identify the offending policy quickly.
Customer Scenario 3: Imbalance of traffic for pods within a workload
Pods fronted by a service expects an even distribution of traffic when a request reaches the service. However, that may not always be the case. Faulty settings can introduce subtle distribution bugs, and this may only manifest when the application performance degrades even when scaling up the workload.
Retina deploys eBPF programs that attaches itself at various interfaces in the Linux kernel and observes all TCP/UDP packets flowing through the node. This allows Retina to generate rich pod level L4 metrics which can show, among other things, traffic distribution amongst all the pods under a workload (deployment for example).
The panel below shows the heatmap of incoming and outgoing traffic of pods under a workload. As evident, one of the three pods is receiving a higher volume of traffic that the other two. Administrators can be proactive and help mitigate this issue before application performance degrades and impacts end users.
Conclusion:
ACNS with advanced network observability enables deep insights into container networks and enhances the operability of AKS. This blog has explored its capabilities through real-world customer scenarios, demonstrating its capabilities in tackling common network challenges. We’d also love to hear how enhanced observability can help make your deployment scenarios easier in a comment below.
Resources:
For more info about ACNS please visit (https://learn.microsoft.com/en-us/azure/aks/advanced-container-networking-services-overview).
To set up Advanced Network Observability visit (https://learn.microsoft.com/en-us/azure/aks/advanced-network-observability-cli?tabs=non-cilium).
Pricing for ACNS is here (https://azure.microsoft.com/en-us/pricing/details/azure-container-networking-services/ ).
Microsoft Tech Community – Latest Blogs –Read More
Changing No of days for sending email to end users caused re-generating notification again.
Hi All,
We have couple of compliance polices setup in Intune and we required to increase “Send email to end user” under actions for noncompliance from 1 day to 3 days temporarily. However, it caused to resend notification to all non-complaint devices at the moment and as a result it has opened duplicate IT service tickets as we setup open a new case whenever end user get a notification.
Now, I am wondering how we could bypass regenerating this notification when we change the notification setting back to 1 day again.
I would appreciate the help if anyone come across this or know this behavior in Intune.
Below is the image for notification setting we changed:
Thanks in advance,
Dilan
Hi All, We have couple of compliance polices setup in Intune and we required to increase “Send email to end user” under actions for noncompliance from 1 day to 3 days temporarily. However, it caused to resend notification to all non-complaint devices at the moment and as a result it has opened duplicate IT service tickets as we setup open a new case whenever end user get a notification. Now, I am wondering how we could bypass regenerating this notification when we change the notification setting back to 1 day again. I would appreciate the help if anyone come across this or know this behavior in Intune. Below is the image for notification setting we changed: Thanks in advance,Dilan Read More
Limiting Team invitations to specific members
Dear Microsoft,
Within our organization, the ability to limit teams invites is a must for meetings. When we create a meeting, without doing so, optional members are added to the teams meeting. You can imagine that when a team meeting is created and 200 people are a member of a team but only 5 are invited, that a meeting can quickly become unproductive.
We’ve also noted that using private channels does not allow you to create meetings. And, in fact, using a private channel would be ideal when you don’t want 200+ personnel invited to a meeting that don’t belong.
Can we suggest two feature updates?
1. Prevent Teams from broadcasting to the whole team. Only invite the required personnel. Optional members should be just that, only receive the invite if you were included on the Optional field. Users would be able to see if they’re optional or not.
2. Allow Teams to utilize private channels for more meeting control or to allow for meetings which require extreme privacy (i.e., investigations, meetings about personal health discussions, etc.).
Thank you,
TC
Dear Microsoft,Within our organization, the ability to limit teams invites is a must for meetings. When we create a meeting, without doing so, optional members are added to the teams meeting. You can imagine that when a team meeting is created and 200 people are a member of a team but only 5 are invited, that a meeting can quickly become unproductive. We’ve also noted that using private channels does not allow you to create meetings. And, in fact, using a private channel would be ideal when you don’t want 200+ personnel invited to a meeting that don’t belong. Can we suggest two feature updates?1. Prevent Teams from broadcasting to the whole team. Only invite the required personnel. Optional members should be just that, only receive the invite if you were included on the Optional field. Users would be able to see if they’re optional or not.2. Allow Teams to utilize private channels for more meeting control or to allow for meetings which require extreme privacy (i.e., investigations, meetings about personal health discussions, etc.). Thank you, TC Read More
MS Teams Connector end of support clarification
We have Teams integration setup for our app and have a couple questions about the recent announcement of the end of support for Teams connectors:
– Are teams tab apps affected by this? Or only connector use that posts into teams channels and conversations?
– Is the use of the https://teams.microsoft.com/share URL to post into channels affected by this?
We have Teams integration setup for our app and have a couple questions about the recent announcement of the end of support for Teams connectors: – Are teams tab apps affected by this? Or only connector use that posts into teams channels and conversations?– Is the use of the https://teams.microsoft.com/share URL to post into channels affected by this? Read More
