Tag Archives: microsoft
Export DLP Policies, Rules and Settings using PowerShell
This blog outlines the steps to export the DLP policies, rules and settings in bulk.
Here’s a summary of the items covered:
Exporting DLP policies, rules and settings: The document explains how to use PowerShell cmdlets to export the DLP policies, rules and settings in bulk from the Security and Compliance Center PowerShell.
Viewing the value of switches: The document shows how to view the value of switches that are parsed by the cmdlets, such as the groups or users that are scoped or excluded from a policy.
Exporting as a CSV file: The document provides examples of how to export the policy scoping or exclusion details as a CSV file by using the Select -ExpandProperty parameter.
Exporting as a JSON file: The document demonstrates how to export all the policies and their attributes or sub-attributes as a JSON file by using the ConvertTo-Json cmdlet.
We have cmdlets to export the DLP Policies rules and settings however one of the main issues we come across is the inability to view the value of those switches since the data is parsed.
Consider a scenario where you want a list of all the groups/users scoped or excluded in a particular policy along with the Display Names, Email and Immutable ID’s.
When you run the cmdlet to you would see that the content is enclosed with braces { }. Braces are normally indicative of a hash table.
Get-DlpCompliancePolicy “Credit Card Policy – Audit” | Select EndpointDLPLocation
EndpointDlpLocation
——————-
{Tailspin, Traders, Contoso, contosoteam…}
Considering there are hundreds of entries, you can use the below cmdlet to expand the property and export it as a csv.
Get-DlpCompliancePolicy “Credit Card Policy – Audit” | Select -ExpandProperty EndpointDLPLocation | Export-Csv c:tempPolicyscoping.csv -NoTypeInformation
Similarly, you can use the below to export the list of users/groups that are excluded from the policy.
Get-DlpCompliancePolicy “Credit Card Policy – Audit” | Select -ExpandProperty EndpointDLPLocationException | Export-Csv c:tempPolicyExclusion.csv -NoTypeInformation
You can also choose to export all the policies and their attributes/sub-attributes as a JSON file using the below command.
You can then use a Parser or import the json file into PowerQuery/PowerBI to parse the data and view all the policies and it’s details.
$dlppolicy = Get-DlpCompliancePolicy
$dlppolicy | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:policy.json
You can also choose to Export a single policy or rule info to JSON and view the details by using the below cmdlet.
$dlppolicy = Get-DlpCompliancePolicy “Credit Card Policy – Audit”
$dlppolicy | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:CCpolicy.json
$dlprule = Get-DlpComplianceRule
$dlprule | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:rule.json
In-order to export the Policy Configuration, you can use the below.
$config = Get-PolicyConfig
$config | ConvertTo-Json -Depth 100 | Out-File -Encoding UTF8 -FilePath c:policyconfig.json
Hope this article helps in your DLP journey!
Microsoft Tech Community – Latest Blogs –Read More
Tenant health transparency and observability
In previous resilience blog posts, we’ve shared updates about the continuous improvements we’re making to resilience and reliability, including our most recent update on regionally isolated authentication endpoints and an announcement last year of our industry-leading and first of its kind backup authentication service. These and other innovations behind the scenes enable us to deliver consistently very high rates of availability globally each month.
In this post, we’ll outline what we’re doing to help customers see how available and resilient Microsoft Entra really is for them, to not only hold us accountable when issues arise, but also better understand what actions to take within their tenant to improve its health. At the global level, you see it in the form of retrospective SLA reporting, which shows authentication availability exceeding our 4 9s promise (launched in spring 2021) by a wide margin and reaching 5 9s in most months. But it becomes more compelling and actionable at the tenant level: what is the uptime experience of my users on my organization’s apps and devices? Is my tenant handling surges in sign-in demand?
We often hear from customers about the effect on resilience insights when they move to the cloud. In the on-prem world, identity health monitoring occurred onsite and with tight control; operational awareness happened entirely within a company’s first-party IT department. Now, we need to achieve that same transparency or better in an outsourced, cloud-based identity service and with a federated set of dependencies.
IT departments and developers are working hard to ensure each of their users maintains seamless, uninterrupted access that doesn’t compromise security. Enabling access for the right users with minimal friction while stopping intrusions and risk is critical to keep the world running. When an organization outsources their identity service to Microsoft, they expect us to acknowledge degradations when they happen, then take accountability to learn and continuously improve from those events. We also recognize that human-driven communication can only take us so far.
To meet these challenges, we’re increasingly embracing granular monitoring and automation. We start from the assumption that the unexpected will find a way of happening in any complex system, no matter how resilient it is. Beyond resilience, we must detect incidents, respond to them effectively, and improve as we go—and help our customers do the same. You see examples of this approach both in our rollout of in-tenant health monitoring and in our investments behind the scenes aimed at fast incident detection and communication.
Let’s start with out-of-the-box automated health monitoring in premium tenants. Tenant-level health monitoring empowers customers to independently understand the quality of their users’ experiences with authentication and access. It also sets the stage to prompt tenant administrators with actions they can take to investigate and reduce disruptions, all from Microsoft Entra admin center or using MS Graph API calls.
We’ve taken a step in this direction by introducing a group of precomputed health metric streams that enable our premium customers to watch key authentication scenarios, an early milestone in our investments to enhance transparent visibility into tenant health and service resilience. These new health metrics isolate relevant signals from activity logs and provide pre-computed, low-latency aggregates every 15 minutes for specific high-value observability scenarios.
With their granularity and scenario-specific focus, health metrics go a step beyond the monthly tenant-level SLA reporting we released in 2023. Precomputed health metrics also supplement the activity log data that we’ve been providing and continue to improve on. With sign-in logs, customers can build their own computed metrics to monitor, like isolating a specific sign-in method to watch for increases in success and failure. With our new precomputed streams, customers can snap to Microsoft-defined indicators of health, take advantage of features we’re developing at scale, and dive into activity logs for deeper investigations. We encourage customers to make use of both options to get a full picture.
During the initial public preview offering, we’re releasing health metric streams related to maintaining highly available:
Multifactor authentication (MFA)
Sign-ins for devices that are managed under Conditional Access policies
Sign-ins for devices that are compliant with Conditional Access policies
Security Assertion Markup Language (SAML) sign-ins
We’re starting with authentication-related scenarios because they are mission critical to all our customers, but other scenarios in areas like entitlement management, directory configuration, and app health will be added in time along with intelligent alerting capabilities in response to anomalous patterns in the data. We’re publishing the health metrics in Microsoft Entra admin center, Azure Portal, and M365 admin center, as well as in Microsoft Graph for programmatic access and integration into other monitoring pipelines.
For more information about how to access the health monitoring metrics, visit the Microsoft Learn documentation.
Even as in-tenant observability improves, customers will still rely on traditional incident communications when Microsoft-side issues happen. Like all service providers, we push messages about incidents to affected customers and post service health announcements to a website and communications feed in Azure. However, when this approach relies solely on hand-crafted service monitors and human-driven communications, it has limitations. Customers are right to have concerns about the timeliness of communication and the monitoring coverage itself.
To address this challenge, we’re building increasingly sophisticated default monitoring packages attached to automated communications. The early results are promising. We’ve been able to bring times to notify customers about incidents down significantly, with service degradations and downtime being communicated within about 10 minutes of auto-detection. We’re also catching service degradations increasingly early by investing in monitoring, the results of which we track by watching customer-reported incident volumes.
The best incidents are the ones that never happen. Our goal is to find and mitigate problems before they impact our customers. So, in addition to advances, we continue to prioritize building systematic resilience measures to prevent service degradations and outages or auto-mitigate them before they affect a customer environment. We will share more on this in a future blog.
To continuously improve our services in partnership with our customers, we’re combining improvements in our service-level safety net with tenant-level monitoring. We’re also expanding our monitored scenarios, boosting our out-of-the-box monitoring intelligence, and speeding up our communication. Plus, integration with Azure, M365, and Microsoft Graph ensures that Microsoft Entra observability can happen wherever it’s needed. Together, we’re making sure everyone can work securely and seamlessly.
With our already strong foundation of availability and resilience, security-enhancing recommendations, and mature service monitoring and incident communications, we’re excited to see these new capabilities take Entra health transparency to the next level.
Igor Sakhnov
CVP, Microsoft Identity & Network Access Engineering
Read more on this topic
Microsoft Entra resilience update: Workload identity authentication – Microsoft Community Hub
Learn more about Microsoft Entra
Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds.
Microsoft Entra News and Insights | Microsoft Security Blog
Microsoft Entra blog | Tech Community
Microsoft Entra documentation | Microsoft Learn
Microsoft Entra discussions | Microsoft Community
Microsoft Tech Community – Latest Blogs –Read More
Defender for Cloud Apps delivers new in-browser protection capabilities via Microsoft Edge
In today’s increasingly online and hybrid work environment, facilitating seamless work from any location and device is crucial, especially with the growing necessity to share data externally for enhanced collaboration. On the other hand, protecting your organization’s data and resources remains important. Additionally, the rising reliance on web browsers for enterprise tasks introduces new security challenges that require careful attention to keep data and apps secure.
To address these needs effectively, it is vital to provide centralized yet flexible solutions that empower users to control how their organization’s data is accessed, balancing protection with productivity. We are excited to deliver a new way to manage secure session access for SaaS apps. Microsoft Defender for Cloud Apps now provides new in-browser protection capabilities via Microsoft Edge to enable security teams to seamlessly manage how a user can interact with in-app data based on their risk profile. The in-browser protection removes the need for proxies, improving both security and productivity, based on session policies that are applied directly to the browser.
Depending on the risk associated with the user, such as when they are logging in from an unmanaged device, admins can restrict app access or create granular policies that prevent downloads, uploads, copying, cutting, or printing actions during a session. More importantly, protected users enjoy a smooth experience when using cloud apps without any impact on their productivity — through native integration with Edge, there are no latency or app compatibility issues, providing more flexibility in protecting your valuable data across SaaS apps.
Protect data across SaaS apps directly within Edge for Business
Microsoft Defender for Cloud Apps now enables session policies to protect data in motion within the Edge for Business browser as it traverses trust boundaries with detailed visibility into cloud app usage with real-time, session-level monitoring. This functionality is crucial for protecting data from SaaS apps such as SharePoint, Box, or Dropbox as it moves to managed or unmanaged devices within an organization.
Session policies can be configured within the Microsoft Defender portal. Security admins can follow these steps to create a new session policy:
After you have created a conditional access policy that applies Defender for Cloud Apps session control, navigate to Cloud Apps -> Policies -> Policy management in the Microsoft Defender portal. Then select the Conditional access tab.
Click on Create policy and select Session policy.
In the Session policy window, assign a name for your policy, such as Block Download of Sensitive Documents in Box for Marketing Users.
Under the Session control type field, choose from the following options:
Select Monitor only if you only want to monitor activities by users. This selection creates a Monitor only policy for the apps you selected were all sign-ins.
Select Control file download (with inspection) if you want to monitor user activities. You can take more actions like block or protect downloads for users.
Select Block activities to block specific activities, which you can select using the Activity type filter.
Seamless experience for both end users and admins
The integration of Defender for Cloud Apps with Edge for Business delivers smooth and fast experience for both end users and admins, leveraging robust security controls from an enterprise-grade browser while streamlining workflows. The deployment is seamless for the users as this functionality is natively built into the Edge browser installed by default on the users’ Windows PC.
Once the admin establishes session policies, these policies are directly applied to browser. For instance, admins can create session policies based on user risk profiles to prevent actions such as downloads, uploads, copying, cutting, or printing files. Specifically, when a user attempts to download a file containing sensitive credit card information from a SharePoint site via the Edge for Business browser, Defender for Cloud App will enforce the session policy to block this action. These restrictions are implemented seamlessly for users without affecting their productivity.
Additionally, for admins, the experience is equally seamless, requiring no additional configurations as it automatically utilizes the built-in controls of Edge for Business. If you are already using session policies today, there is no need to define new ones. The integration will work seamlessly and continue to serve 3rd party browsers through proxy while automatically using Edge after a user is signed into the work profile.
Users can identify that they’re using in-browser protection in Microsoft Edge for Business by the additional “lock” icon in the browser address bar as shown in the example below, indicating protection by Defender for Cloud Apps. Unlike standard conditional access app control, the .mcas.ms suffix does not appear in the browser address bar with in-browser protection, indicating that the Edge for Business browser is implementing security measures directly on the user’s device, which can provide reduced latency, tighter control, and better security.
The seamless integration of Microsoft Defender for Cloud Apps with an enterprise-grade browser ensures a safer, latency-free experience for end users. Simultaneously, security admins can effortlessly manage in-app access to SaaS applications and control user interactions with in-app data based on individual risk profiles. This integration strikes a crucial balance between protection and productivity in today’s dynamic workplace.
Learn more:
Read our documentation to get started with in-browser protection
Explore session policy in Defender for Cloud Apps documentation
Microsoft Tech Community – Latest Blogs –Read More
Retrieving more than 30,000 records from Log Analytics Workspace using Azure Data Explorer
Introduction:
In the ever-evolving landscape of cloud computing, Log Analytics Workspace is used as a tool in Azure to collect logs, edit/run log queries and interactively analyze query results.
As organizations scale their infrastructure and applications, the volume of observability data naturally increases.
A query running in Log Analytics workspace can return a maximum of 30,000 records. However, there are several instances where huge amount of data needs to be extracted and analyzed. Some of the scenarios are:
Data over a long period of time: Organization needs several months of data which is high in volume and number of records.
Monitoring Solution Design: Sometimes there is a need to capture all logs under one workspace for Security/Compliance team to review. Hence, some organizations monitor all their subscriptions under one tenant in one workspace. This causes causing centralization of a huge volume of data in one workspace.
Larger Scope while querying data: Some organizations have monitoring data spread across several workspaces. A query can be run to fetch the data across workspaces. This results in large number of records.
This limitation of the 30,000 records in the workspace leads to writing the same query in a shorter time range, running it multiple times to get the data in batches and combining that data at the end. Hence causing re-running/re-writing query with additional efforts and taking more time than expected to fetch logs.
To address this challenge and to empower customers with the ability to query and fetch data in one go, Azure Data explorer service in Azure can be utilized.
What is Azure Data Explorer?
Azure Data Explorer is a platform for high-performance which helps to analyze high volumes of data in near real time. The Azure Data Explorer provides an end-to-end solution for data ingestion, query, visualization, and management. Azure Data Explorer is ideal for enabling interactive analytics capabilities over high velocity, diverse raw data.
Getting Started: Query data in Azure Monitor using Azure Data Explorer
Open https://dataexplorer.azure.com and click on “Query” from left pane.
Then click on “Add+” and select “Connection”.
2. You will see an option to add a Connection. Put the following values in:
Connection URI: Put Log Analytics Workspace URI in the format of
Note: You will find the above details in under Log Analytics Workspace -> Properties -> Resource ID
Display Name: Name of the workspace or anything as per convenience
Click on Add to establish the connection between Azure Data explorer and the workspace.
Once the connection is established, you can run a query and fetch the records. You need to select the database from the left pane before running the query.
Advantages:
Fetch records in one go thus saving time and manual efforts of re-writing/re-running query.
No overhead of creating a data cluster in Azure Data explorer thus reducing cost and complex setup.
Delivers high performance along with variety and volume of data.
Larger query scope and time range.
Microsoft Tech Community – Latest Blogs –Read More
Teams Task Dialogs – page displays OK, embedded link problem
Hello All,
We have an application that renders FAQs into a Teams task dialog. The initial rendering works fine. In many cases, the FAQs reference other content (i.e. see also).
However, if the FAQ includes additional links, then when the users clicks on these additional links, the task dialog displays a blank page.
Is this by design (i.e. can’t follow links in task dialog)?
Thanks
Peyton
Hello All, We have an application that renders FAQs into a Teams task dialog. The initial rendering works fine. In many cases, the FAQs reference other content (i.e. see also). However, if the FAQ includes additional links, then when the users clicks on these additional links, the task dialog displays a blank page. Is this by design (i.e. can’t follow links in task dialog)?ThanksPeyton Read More
Prompt engineering 101: Create content in 3 simple steps with ASK AI
Prompt engineering is an easy-to-learn skill that can help you ask AI tools for the information you need in natural language by providing context, tone, and source for queries. Learning how to ask the right questions when you “talk” to AI will help you improve the quality and relevance of the AI responses.
But first—prompt engineering in a bit of misnomer: The best part about AI for everyone and Microsoft Copilot is that you don’t need any engineering skills at all. AI tools are increasingly user-friendly and use simple natural language interactions to return powerful results. Prompt engineering is just learning how to ask AI the right questions to get the results you want. In the words of this tip sheet: “When creating a prompt, think of it as if you were talking to a helpful coworker – no need to stress over order, formatting, or structure; just keep it conversational.”
You can get the best results from AI in 3 simple steps: ASK.
Action
Explain what you want Copilot to do.
Style
Describe the format you want the response presented in.
Key Details
Set the stage with more context about your situation.
Let’s dive into each of these steps for creating some common nonprofit content.
Action
Explain what you are trying to do. A few examples might be:
“Write a thank you email to our donors for their support for our auction on Saturday.”
“Summarize our mission statement.”
“Write a social post boosting our upcoming digital skills workshop for senior citizens.”
Style
Microsoft Copilot can write in a variety of styles and formats. You can specify what tone you want, formatting preferences, or length of the content. Examples:
“Write a thank you email to our donors for their support for our auction on Saturday. The email should be short, friendly, and casual.”
“Summarize the Microsoft Accessibility mission statement. Create bullet points and keep the sentences short.”
“Write a social post boosting our upcoming digital skills workshop for senior citizens. Make the tone fun and creative.”
Key details
Now add the details that will help the AI assistant incorporate context. Examples:
“Write a thank you email to our donors for their support for our auction on Saturday. The email should be short, friendly, and casual. The auction raised over $100,000, exceeding our goal of $90,000, and all funds will benefit our Food for Families program.”
“Summarize the Microsoft Accessibility mission statement. Create bullet points and keep the sentences short. Use https://www.microsoft.com/en-us/accessibility/ as source material.”
“Write a social post boosting our upcoming cybersecurity workshop for senior citizens. Make the tone fun and easy. The free workshop is on Saturday, May 18, at the Springfield Library.”
Ask again!
AI is conversational: It’s easy to iterate and refine the response by asking follow-up questions. After you get your response back, try refining to with prompts like:
“Make the summary shorter.”
“Make the tone more serious.”
“Can you write another option?”
Let’s see what Microsoft Copilot creates based on this approach:
Prompt: Write a thank you email to our donors for their support for our auction on Saturday. The email should be short, friendly, and casual. The auction raised over $100,000, exceeding our goal of $90,000, and all funds will benefit our Food for Families program.
Response from Microsoft Copilot:
Subject: Thank You for Your Generosity!
Dear Donors,
We hope this email finds you well!
Wow! Our auction on Saturday was an incredible success, thanks to your unwavering support. Together, we raised over $100,000, surpassing our initial goal of $90,000.
Your contributions will make a huge difference in our Food for Families program. With your help, we’ll continue to provide nourishment and support to those who need it most.
From the bottom of our hearts, thank you for being part of this wonderful community effort. Your kindness and generosity truly inspire us.
Wishing you all the best,
The [Organization Name] Team
Iteration: If I want to try another approach, I could follow up with a prompt like, “Make the tone more formal.”
Subject: Heartfelt Gratitude for Your Remarkable Support
Dear Esteemed Donors,
We extend our deepest appreciation for your unwavering generosity during our recent Saturday auction. The event exceeded all expectations, raising an impressive $100,000, surpassing our initial goal of $90,000.
These funds will have a profound impact on our Food for Families program, ensuring that more individuals in need receive essential nourishment and care.
From the entire [Organization Name] team, we express our heartfelt gratitude. Your kindness illuminates our community.
Warm regards,
[Your Name] [Your Title] [Organization Name]
When I’m happy with the Copilot results, I can edit to bring in my own voice and message as needed. Copilot co-creates with you to get creativity and productivity started – but I’m still in control of the final product.
Try it now
The best way to get started with prompt design is to simply practice and play. You can start at copilot.microsoft.com, our free web-based AI assistant. The more you use AI, the more your prompting confidence and familiarity will grow.
Start with our other two prompt examples from earlier:
“Summarize the Microsoft Accessibility mission statement. Create bullet points and keep the sentences short. Use https://www.microsoft.com/en-us/accessibility/ as source material.”
“Write a social post boosting our upcoming cybersecurity workshop for senior citizens. Make the tone fun and easy. The free workshop is on Saturday, May 18, at the Springfield Library.”
Copy and paste each sample prompt into copilot.microsoft.com and share your responses in the comments!
To learn more about prompt design, explore these resources:
Check out the interactive prompt walkthrough on how to prompt with Copilot.
Watch this demo from Jared Spataro at the Global Nonprofit Leaders Summit. Jared shows the back and forth of natural language interaction with Copilot for Microsoft 365. And he shares how it never hurts to say please and thank you.
Watch the AI prompting Demo Day recording showing how prompt design works. If you want to learn more AI skills, make sure to also register for the full Demo Days series!
Read about prompt ingredients in Copilot for Microsoft 365 using Goal, Context, Source, and Expectations for each query. We like the simple tip here: “When creating a prompt, think of it as if you were talking to a helpful coworker – no need to stress over order, formatting, or structure; just keep it conversational.”
Continue the conversation by joining us in the Nonprofit Community! Want to share best practices or join community events? Become a member by “Joining” the Nonprofit Community. To stay up to date on the latest nonprofit news, make sure to Follow or Subscribe to the Nonprofit Community Blog space!
Microsoft Tech Community – Latest Blogs –Read More
How to Resolve QuickBooks Desktop Installation Error 1328?
Troubleshooting Solutions: QuickBooks Desktop Installation Error 1328
QuickBooks Desktop Installation Error 1328 typically occurs when there are issues with the installation or update process. This error can be frustrating, but several troubleshooting steps can help resolve it.
Verify System Requirements: Ensure that your system meets the minimum requirements for installing QuickBooks Desktop. Check the official QuickBooks website for the specific requirements based on your version of QuickBooks.Disable Antivirus and Firewall: Sometimes, security software like antivirus or firewall can interfere with the installation process. Temporarily disable these programs and attempt to install QuickBooks again.Rename Config.msi Folder: Navigate to the installation directory of QuickBooks and locate the Config.msi folder. Rename this folder to Config.msi.old. This step allows QuickBooks to recreate the folder during the installation process, potentially resolving the error.Use QuickBooks Install Diagnostic Tool: Intuit provides a diagnostic tool specifically designed to troubleshoot installation issues. Download and run the QuickBooks Install Diagnostic Tool from the official Intuit website. Follow the on-screen instructions to scan and repair any issues.Update Windows: Ensure that your Windows operating system is up to date. Go to Settings > Update & Security > Windows Update, and check for any available updates. Install any pending updates and restart your computer before attempting to install QuickBooks again.Install QuickBooks in Selective Startup Mode: Sometimes, third-party applications or services running in the background can interfere with the installation process. Boot your computer in Selective Startup mode by following these steps: Press Windows + R to open the Run dialog box.Type msconfig and press Enter.In the System Configuration window, navigate to the Services tab.Check the box next to Hide all Microsoft services, then click Disable all.Go to the Startup tab and click Open Task Manager.Disable all startup items, then close the Task Manager.Click OK in the System Configuration window and restart your computer. After restarting, attempt to install QuickBooks again.
7. Repair QuickBooks Installation: If you have a previously installed version of QuickBooks, you can try repairing the installation. Go to Control Panel > Programs > Programs and Features. Find QuickBooks in the list, select it, and click on Repair. Follow the on-screen prompts to complete the repair process.
8. Perform Clean Install of QuickBooks: If none of the above solutions work, performing a clean install of QuickBooks may resolve the issue. Uninstall QuickBooks from your system, delete any remaining QuickBooks-related files or folders, and then reinstall QuickBooks from scratch.
By following these troubleshooting steps, you should be able to resolve QuickBooks Desktop Installation Error 1328 and successfully install or update QuickBooks Desktop on your system. If the issue persists, consider reaching out to QuickBooks support for further assistance.
Troubleshooting Solutions: QuickBooks Desktop Installation Error 1328QuickBooks Desktop Installation Error 1328 typically occurs when there are issues with the installation or update process. This error can be frustrating, but several troubleshooting steps can help resolve it.Verify System Requirements: Ensure that your system meets the minimum requirements for installing QuickBooks Desktop. Check the official QuickBooks website for the specific requirements based on your version of QuickBooks.Disable Antivirus and Firewall: Sometimes, security software like antivirus or firewall can interfere with the installation process. Temporarily disable these programs and attempt to install QuickBooks again.Rename Config.msi Folder: Navigate to the installation directory of QuickBooks and locate the Config.msi folder. Rename this folder to Config.msi.old. This step allows QuickBooks to recreate the folder during the installation process, potentially resolving the error.Use QuickBooks Install Diagnostic Tool: Intuit provides a diagnostic tool specifically designed to troubleshoot installation issues. Download and run the QuickBooks Install Diagnostic Tool from the official Intuit website. Follow the on-screen instructions to scan and repair any issues.Update Windows: Ensure that your Windows operating system is up to date. Go to Settings > Update & Security > Windows Update, and check for any available updates. Install any pending updates and restart your computer before attempting to install QuickBooks again.Install QuickBooks in Selective Startup Mode: Sometimes, third-party applications or services running in the background can interfere with the installation process. Boot your computer in Selective Startup mode by following these steps: Press Windows + R to open the Run dialog box.Type msconfig and press Enter.In the System Configuration window, navigate to the Services tab.Check the box next to Hide all Microsoft services, then click Disable all.Go to the Startup tab and click Open Task Manager.Disable all startup items, then close the Task Manager.Click OK in the System Configuration window and restart your computer. After restarting, attempt to install QuickBooks again. 7. Repair QuickBooks Installation: If you have a previously installed version of QuickBooks, you can try repairing the installation. Go to Control Panel > Programs > Programs and Features. Find QuickBooks in the list, select it, and click on Repair. Follow the on-screen prompts to complete the repair process. 8. Perform Clean Install of QuickBooks: If none of the above solutions work, performing a clean install of QuickBooks may resolve the issue. Uninstall QuickBooks from your system, delete any remaining QuickBooks-related files or folders, and then reinstall QuickBooks from scratch.By following these troubleshooting steps, you should be able to resolve QuickBooks Desktop Installation Error 1328 and successfully install or update QuickBooks Desktop on your system. If the issue persists, consider reaching out to QuickBooks support for further assistance. Read More
Access denied message keeps popping up in Outlook
Hi,
I’ve an app protection policy for all users but one of the users is reporting every time he opens Outlook or searches for an email a message “access denied this app must be protected with an Intune policy before you can access company” keeps popping up he can click OK to by pass it but it’s annoying for the customer. He had gone through the initial registration and applied a pin to the app as per the policy and i can see in the app protection status that his phone is protected. He has his 2 emails accounts setup in Outlook.
What would be causing that message to keep popping up?
Hi,I’ve an app protection policy for all users but one of the users is reporting every time he opens Outlook or searches for an email a message “access denied this app must be protected with an Intune policy before you can access company” keeps popping up he can click OK to by pass it but it’s annoying for the customer. He had gone through the initial registration and applied a pin to the app as per the policy and i can see in the app protection status that his phone is protected. He has his 2 emails accounts setup in Outlook.What would be causing that message to keep popping up? Read More
How to get application of win32 distribution to a group of users?
Is there any api on graph API microsoft to get application of win32 distribution to a specific group
Is there any api on graph API microsoft to get application of win32 distribution to a specific group Read More
Migrating from Get-AzureADUser to Get-MgUser
I am attempting to replicate a Get-AzureADUser command using Get-MgUser. The previous command (Get-AzureADUser -Top 5000 | Where-Object {($.AccountEnabled -eq “True”) -and (($.CompanyName -eq “CompA” -or $.CompanyName -eq “CompB” -or $.CompanyName -eq “CompC” -or $_.CompanyName -eq “CompD”))} | Select UserPrincipalName) selected the desired accounts. I have gotten this far with the replacement: Get-MgUser -All -Filter “AccountEnabled eq true” -Search “CompanyName:CompA” -ConsistencyLevel: eventual | Select UserPrincipalName
I have been unsuccessful in adding more search options for the CompanyName field. How do I use the -Search option to search for multiple values?
I noticed another discrepancy between the output of the two commands. Why does ‘Get-AzureADUser -ObjectID email address removed for privacy reasons’ display data for MailNickname but ‘Get-MgUser -UserID email address removed for privacy reasons’ shows the field as blank?
Since Microsoft is forcing us to rewrite all our scripts, it would be useful to have some assistance.
I am attempting to replicate a Get-AzureADUser command using Get-MgUser. The previous command (Get-AzureADUser -Top 5000 | Where-Object {($.AccountEnabled -eq “True”) -and (($.CompanyName -eq “CompA” -or $.CompanyName -eq “CompB” -or $.CompanyName -eq “CompC” -or $_.CompanyName -eq “CompD”))} | Select UserPrincipalName) selected the desired accounts. I have gotten this far with the replacement: Get-MgUser -All -Filter “AccountEnabled eq true” -Search “CompanyName:CompA” -ConsistencyLevel: eventual | Select UserPrincipalNameI have been unsuccessful in adding more search options for the CompanyName field. How do I use the -Search option to search for multiple values?I noticed another discrepancy between the output of the two commands. Why does ‘Get-AzureADUser -ObjectID email address removed for privacy reasons’ display data for MailNickname but ‘Get-MgUser -UserID email address removed for privacy reasons’ shows the field as blank?Since Microsoft is forcing us to rewrite all our scripts, it would be useful to have some assistance. Read More
Entra Cloud Sync agents skipping local AD config
Some of our VMs that contained Cloud Sync agents were lost. We recreated the VMs and reinstalled the Cloud Sync provisioning agent. The provisioning agent wizard is skipping the on-premises AD configuration part and going straight to the Azure AD connection configuration. This way, the cloud sync agents are in the “not configured for xxx domain” state, so we can’t add new agents for redundancy. There’s any way to force “local AD” connection or at least configure new agents for an already configured domain?
We are relying on a single agent. We did a test of killing this agent and reinstalling it and we were left with no agent and no possibility to create new ones. We had to restore the VM to get our synchrony back. Any help would be awesome.
Some of our VMs that contained Cloud Sync agents were lost. We recreated the VMs and reinstalled the Cloud Sync provisioning agent. The provisioning agent wizard is skipping the on-premises AD configuration part and going straight to the Azure AD connection configuration. This way, the cloud sync agents are in the “not configured for xxx domain” state, so we can’t add new agents for redundancy. There’s any way to force “local AD” connection or at least configure new agents for an already configured domain?We are relying on a single agent. We did a test of killing this agent and reinstalling it and we were left with no agent and no possibility to create new ones. We had to restore the VM to get our synchrony back. Any help would be awesome. Read More
MDI Health Issue “Auditing on the Configuration container is not enabled as required”
Hi,
I have tried to resolve this MDI Health Issue “Auditing on the Configuration container is not enabled as required”, but sadly without sucess.
I have followed the instructions posted here https://aka.ms/mdi/ExchangeAuditing, but still the issue is displayed. I have to say I have found the instructions quite useful on other Health issues, but this one proved to be tricky.
I tried to search the net for this issue, but did not come up with anything usefull.
Can you please advise on how to possibly resolve this issue?
Best regards,
Robert
Hi, I have tried to resolve this MDI Health Issue “Auditing on the Configuration container is not enabled as required”, but sadly without sucess. I have followed the instructions posted here https://aka.ms/mdi/ExchangeAuditing, but still the issue is displayed. I have to say I have found the instructions quite useful on other Health issues, but this one proved to be tricky. I tried to search the net for this issue, but did not come up with anything usefull. Can you please advise on how to possibly resolve this issue? Best regards,Robert Read More
How do I create a quarterly calendar that populates data from a table for each team?
I have 9 subordinate teams that each consist of ~5-7 cities along with directorates within our headquarters. Each team and directorate populates a shared sharepoint list of the events that they are conducting with a start date and end date. The list can be exported to either excel, CSV, or powerBI.
I would like to have the events from the exported sharepoint list populate onto a quarterly calendar where columns are dates and rows are cities grouped in their respective teams. When a city is conducting an event it would show what event on the respective dates (start date & end date).
Any help would be greatly appreciated.
link to excel template (mock calendar and exported data on the export data tab)
I have 9 subordinate teams that each consist of ~5-7 cities along with directorates within our headquarters. Each team and directorate populates a shared sharepoint list of the events that they are conducting with a start date and end date. The list can be exported to either excel, CSV, or powerBI. I would like to have the events from the exported sharepoint list populate onto a quarterly calendar where columns are dates and rows are cities grouped in their respective teams. When a city is conducting an event it would show what event on the respective dates (start date & end date). Any help would be greatly appreciated. link to excel template (mock calendar and exported data on the export data tab) Read More
Need help ordering duplicated values in table
Hello! I have a table with thousands of duplicate IDs and I am trying to create an sequential order to show how many times the IDs are listed. The CountIF function gives me the total count listed on each row and that is not what I am looking for. Any help is much appreciated. Thank you!
MBR_CONTR_EXT_IDCountIfWhat I want800117684-0011800117800-0021800117800-0022800117805-0021800117818-0021800117921-0011800117979-0011800118080-0021800118080-0022800118207-0011800118291-0011800118294-0011800118308-0041800118308-0042800118528-0011800118627-0011800118730-0021800118746-0031800118747-0051800118747-0052800118747-0053800118797-0051800118797-0052800118797-0053800118797-0054800118797-0055
Hello! I have a table with thousands of duplicate IDs and I am trying to create an sequential order to show how many times the IDs are listed. The CountIF function gives me the total count listed on each row and that is not what I am looking for. Any help is much appreciated. Thank you! MBR_CONTR_EXT_IDCountIfWhat I want800117684-0011800117800-0021800117800-0022800117805-0021800117818-0021800117921-0011800117979-0011800118080-0021800118080-0022800118207-0011800118291-0011800118294-0011800118308-0041800118308-0042800118528-0011800118627-0011800118730-0021800118746-0031800118747-0051800118747-0052800118747-0053800118797-0051800118797-0052800118797-0053800118797-0054800118797-0055 Read More
Get File Attachments in Teams Message Extension Plugin.
Hi,
Is it possible to get the attached file content / file url or Can we define parameters with input type as a file in Teams Message Extension. My requirement is I need to upload the attached file in SharePoint document library and perform some other operations.
Hi,Is it possible to get the attached file content / file url or Can we define parameters with input type as a file in Teams Message Extension. My requirement is I need to upload the attached file in SharePoint document library and perform some other operations. Read More
Username showing incorrectly in MS Bookings
Hello,
I have created a new tenant for a customer and during the initial setup I spelt a username wrong. I have since corrected the spelling of the username in Admin Center but on the bookings page, specifically the Book With Me page is still showing the mis spelt name, any ideas how to resolve this ?
Hello, I have created a new tenant for a customer and during the initial setup I spelt a username wrong. I have since corrected the spelling of the username in Admin Center but on the bookings page, specifically the Book With Me page is still showing the mis spelt name, any ideas how to resolve this ? Read More
Copilot for M365 Chat (Graph and Web-grounding) and data processing in States
Hey,
Web plugin in Copilot for M365 Graph-grounded Chat will be ON by default in near future. Copilot in other applications also uses web-grounding (and cannot be turned of without tenant level restriction).
Microsoft documentation states that Copilot (Commercial data protection) chat might process data in States.
Does the statement also apply in Copilot for M365 Web-grounded chat and other applications?
“To provide chat responses, Copilot uses global data centers for processing and may process data in the United States. Optional, Bing-backed connected experiences don’t fall under Microsoft’s EU Data Boundary (EUDB) commitment.” (Copilot Privacy and Protections | Microsoft Learn).
Some companys dont want any of their data leaving EU data Boundary. Is this something we must be conserned?
Thanks for your reply in advance!
Hey,Web plugin in Copilot for M365 Graph-grounded Chat will be ON by default in near future. Copilot in other applications also uses web-grounding (and cannot be turned of without tenant level restriction). Microsoft documentation states that Copilot (Commercial data protection) chat might process data in States.Does the statement also apply in Copilot for M365 Web-grounded chat and other applications? “To provide chat responses, Copilot uses global data centers for processing and may process data in the United States. Optional, Bing-backed connected experiences don’t fall under Microsoft’s EU Data Boundary (EUDB) commitment.” (Copilot Privacy and Protections | Microsoft Learn). Some companys dont want any of their data leaving EU data Boundary. Is this something we must be conserned? Thanks for your reply in advance! Read More
VBA – Retrieve emails Attachment & Download
Hi Everyone,
I have a big task and I don’t know if this can be done through VBA. Let me explain what I need to be done.
1. I have several clients that I setup an email address through Exchange server (not my personal outlook). with a password.
2. Then I have several customers that sending email attachment for that particular client. Let say one of the client’s name Troy Corporation and the email will be email address removed for privacy reasons.
The customer’s name is: Daybreak Fast, FedEx Freight, R&L Carriers, and TRN Logistics. All the customers are sending email attachment into Troy Corporation mailbox. Side Note: (sometimes I have different customer send the attached file. Let say this I have this week Mr. email address removed for privacy reasons and next week I have Mrs. email address removed for privacy reasons I need the program to check for both emails to see if one of them send me a file.
What I need is to do is login to mailbox (Troy Corporation) retrieve each email with the attached file for each customer, then download them to my network folder. If I did not receive an attachment for any of the customer to send them a second request with a note on the body “we did not receive your file” something like that.
3. So, when I login for second time to retrieve the remaining attached file. But if I did receive the email attachment either on the first or the second attempt, the customer SHOULD NOT RECEIVE a second request because I did receive their file.
I do have more after all the files are download to my network folder. But I want to know if this can be done through VBA. OR if cannot be done through VBA, which program do you think is the best to be done with?
Thank you an advanced!
Hi Everyone,I have a big task and I don’t know if this can be done through VBA. Let me explain what I need to be done.1. I have several clients that I setup an email address through Exchange server (not my personal outlook). with a password.2. Then I have several customers that sending email attachment for that particular client. Let say one of the client’s name Troy Corporation and the email will be email address removed for privacy reasons. The customer’s name is: Daybreak Fast, FedEx Freight, R&L Carriers, and TRN Logistics. All the customers are sending email attachment into Troy Corporation mailbox. Side Note: (sometimes I have different customer send the attached file. Let say this I have this week Mr. email address removed for privacy reasons and next week I have Mrs. email address removed for privacy reasons I need the program to check for both emails to see if one of them send me a file.What I need is to do is login to mailbox (Troy Corporation) retrieve each email with the attached file for each customer, then download them to my network folder. If I did not receive an attachment for any of the customer to send them a second request with a note on the body “we did not receive your file” something like that.3. So, when I login for second time to retrieve the remaining attached file. But if I did receive the email attachment either on the first or the second attempt, the customer SHOULD NOT RECEIVE a second request because I did receive their file.I do have more after all the files are download to my network folder. But I want to know if this can be done through VBA. OR if cannot be done through VBA, which program do you think is the best to be done with?Thank you an advanced! Read More
Why I am Getting QuickBooks Desktop Error 6000?
Troubleshooting Solutions: QuickBooks Desktop Error 6000
QuickBooks error 6000 series typically relates to issues with company file access, and error 6000 is a common one that users encounter. This error can stem from various causes, such as network issues, file corruption, or improper folder permissions. However, resolving this error is essential to continue working smoothly with QuickBooks Desktop. Here are some troubleshooting steps to help resolve QuickBooks desktop error 6000:
Verify File Location: Start by ensuring that the company file is stored in the correct location. It should ideally be saved on a local drive rather than a network location. If it’s on a network, copy it to a local drive and attempt to open it from there.Rename .ND and .TLG Files: .ND (Network Data) and .TLG (Transaction Log) files are configuration files that QuickBooks uses to access the company file. Renaming these files can sometimes resolve connectivity issues. Locate these files in the folder containing the company file and add “.old” at the end of each file name (e.g., company_file.qbw.nd.old).Use QuickBooks File Doctor: QuickBooks File Doctor is a tool designed to diagnose and repair various company file-related issues. Download and install the tool from the Intuit website, then run it to scan for and fix errors related to error 6000.Check Folder Permissions: Ensure that the folder containing the company file has the correct permissions set for all users. QuickBooks requires read/write access to the folder and file. Right-click on the folder, select Properties, and navigate to the Security tab to adjust permissions if necessary.Disable Hosting on Workstations: If QuickBooks is being used in a multi-user environment, ensure that hosting is disabled on workstations. Only the server or host computer should have hosting enabled. Open QuickBooks, go to File > Utilities, and select Stop Hosting Multi-User Access on each workstation.Configure Firewall and Antivirus Settings: Firewalls and antivirus software can sometimes block QuickBooks from accessing the company file, leading to error 6000. Configure your firewall and antivirus settings to allow QuickBooks through. You may need to add QuickBooks as an exception or whitelist it.Restore a Backup: If none of the above solutions work, restoring a backup of the company file may be necessary. Ensure that you have a recent backup available and restore it using the File > Open or Restore Company option in QuickBooks.Seek Professional Help: If you’re unable to resolve QuickBooks error 6000 on your own, it may be time to seek assistance from a QuickBooks expert or Intuit support. They can provide advanced troubleshooting steps or tools specific to your situation.
By following these troubleshooting solutions, you should be able to resolve QuickBooks desktop error 6000 and regain access to your company file without further disruption to your workflow.
Troubleshooting Solutions: QuickBooks Desktop Error 6000QuickBooks error 6000 series typically relates to issues with company file access, and error 6000 is a common one that users encounter. This error can stem from various causes, such as network issues, file corruption, or improper folder permissions. However, resolving this error is essential to continue working smoothly with QuickBooks Desktop. Here are some troubleshooting steps to help resolve QuickBooks desktop error 6000:Verify File Location: Start by ensuring that the company file is stored in the correct location. It should ideally be saved on a local drive rather than a network location. If it’s on a network, copy it to a local drive and attempt to open it from there.Rename .ND and .TLG Files: .ND (Network Data) and .TLG (Transaction Log) files are configuration files that QuickBooks uses to access the company file. Renaming these files can sometimes resolve connectivity issues. Locate these files in the folder containing the company file and add “.old” at the end of each file name (e.g., company_file.qbw.nd.old).Use QuickBooks File Doctor: QuickBooks File Doctor is a tool designed to diagnose and repair various company file-related issues. Download and install the tool from the Intuit website, then run it to scan for and fix errors related to error 6000.Check Folder Permissions: Ensure that the folder containing the company file has the correct permissions set for all users. QuickBooks requires read/write access to the folder and file. Right-click on the folder, select Properties, and navigate to the Security tab to adjust permissions if necessary.Disable Hosting on Workstations: If QuickBooks is being used in a multi-user environment, ensure that hosting is disabled on workstations. Only the server or host computer should have hosting enabled. Open QuickBooks, go to File > Utilities, and select Stop Hosting Multi-User Access on each workstation.Configure Firewall and Antivirus Settings: Firewalls and antivirus software can sometimes block QuickBooks from accessing the company file, leading to error 6000. Configure your firewall and antivirus settings to allow QuickBooks through. You may need to add QuickBooks as an exception or whitelist it.Restore a Backup: If none of the above solutions work, restoring a backup of the company file may be necessary. Ensure that you have a recent backup available and restore it using the File > Open or Restore Company option in QuickBooks.Seek Professional Help: If you’re unable to resolve QuickBooks error 6000 on your own, it may be time to seek assistance from a QuickBooks expert or Intuit support. They can provide advanced troubleshooting steps or tools specific to your situation.By following these troubleshooting solutions, you should be able to resolve QuickBooks desktop error 6000 and regain access to your company file without further disruption to your workflow. Read More
Outlook for Mac: Unable to send message immediately
Hi,
Since this morning, Outlook (Microsoft 365 version updated to the latest version) no longer allows me to send email messages immediately, but only offers the “schedule sending” option. Furthermore, it doesn’t allow me to schedule the sending for today, but only for tomorrow.
The version of Outlook used is the Legacy version.
This problem does not occur on the “current” version.
I have already tried restarting both outlook and the entire system, but the situation has not changed.
The problem does not occur using the web version of Outlook.
Hi, Since this morning, Outlook (Microsoft 365 version updated to the latest version) no longer allows me to send email messages immediately, but only offers the “schedule sending” option. Furthermore, it doesn’t allow me to schedule the sending for today, but only for tomorrow.The version of Outlook used is the Legacy version.This problem does not occur on the “current” version.I have already tried restarting both outlook and the entire system, but the situation has not changed.The problem does not occur using the web version of Outlook. Read More