AWS

A banner image with text: "Microsoft 365 Admin Digest: Your monthly IT admin blog for all things Microsoft 365.” Spring is upon us in Redmond, and everything is starting to bloom—including artificial intelligence (AI). Just like the season, AI is bringing new beginnings and growth to organizations and their IT departments. In this month’s Microsoft 365 Admin Digest issue, we’ll dive into Microsoft’s latest AI research, a new case study about change management with Microsoft 365, Microsoft's latest AI research, show you where to find relevant trainings for your users, and share details about important changes coming to Exchange Online. Microsoft 365 change communications, a case study Change management is a constant and critical aspect of IT that affects every IT pro—including those of us at Microsoft. Our latest case study reflects on Microsoft’s own internal processes for supporting change management across the company, especially in the context of rapid development. “In 2014, Microsoft published a new roadmap every six weeks with about 30 items. Today, it publishes daily with more than 100 new items added per month, with the full roadmap rarely covering less than 1,600 items at any given time.” The case study focuses on how Microsoft 365 manages its roadmap to provide visibility and drive alignment across engineering and product marketing teams. It also dives into the process for new feature submissions, which initiates a sequence for roadmap operations teams to coordinate with internal stakeholders across Microsoft to develop the change communications necessary for launch. “Because every change is intended to improve customers’ experiences, Microsoft encourages customers to test and provide feedback on updates before rolling them out for general availability.” Microsoft 365 admins and IT pros are critical to our innovation cadence. Since those roles are often the first to receive notifications of upcoming changes in the Message center, their feedback through the Microsoft 365 admin center can influence future roadmap items. Ultimately, Microsoft wants maximum customer transparency when rolling out any update, change, product, service, or feature, whether that customer is a commercial enterprise, small or midsize business, or government entity. To help achieve this, Microsoft built a streamlined process for innovation and product development, and its coordinated approach to the roadmap can help organizations prepare for change and offer feedback. Any organization can take inspiration from the Microsoft 365 Roadmap as a model for bringing new features and services to their user base, removing much of the uncertainty and complexity inherent in change. Read the full case study on change management here. Take a bigger role in driving productivity and engagement The WorkLab team just published a special report last week on, “The New Performance Equation in the Age of AI,” and it's worth reading. Our research shows that employee engagement is key to organizational success. Moreover, productivity and employee engagement are not only key to performance, but each actually multiplies the other. And that makes sense; after all, when you’re engaged in your work, you’re more productive. The WorkLab report goes deep, offering actionable tips to business leaders, and by extension, IT pros for boosting performance through greater employee engagement and productivity. Employee engagement matters both to organizations and its bottom line—especially amid economic uncertainty. Organizations should: Measure and report on employee engagement as you do financial metrics—in town halls, at board meetings, and in annual reports. Adopt an organization-wide management framework that helps leaders develop skills and adopt a growth mindset around engagement. Communicate that engagement is a business imperative—for instance, by creating an engagement-related goal for managers. Give managers access to data to help them take action on improving communication, employee engagement, and productivity. Adopt a digital employee experience that leverages next-generation AI and data-driven insights. [*]Clear communications and goals unlock employee engagement. Create clear priorities at the leadership level and use goal-setting frameworks like OKRs to help everyone focus on those priorities. Equip leaders with modern communication tools that meet employees where they are in the flow of work. Use AI and data-driven analytics to increase communication effectiveness. [*]To sustain engagement, build a feedback flywheel. Make sure your listening strategy is comprehensive—incorporate relevant direct and indirect signals. Use AI to analyze collected data, increase your understanding of patterns, and accelerate your time to action. Empower managers to create their own feedback flywheels to drive meaningful change within their teams, and to help ensure key metrics are in place to measure impact. Set accountability measures that help employees trust that action will be taken. Be transparent about how feedback will be used and provide clear next steps. There are lots of opportunities for IT pros to help their organizations increase productivity and engagement. We’ve already covered some of the tools in the Microsoft 365 admin center that can support this, like Adoption Score and Experience Insights, through greater insights into productivity. Your toolbox should also include next-generation AI, which will affect both the IT department and individual IT pros. The technical upskilling and Microsoft certifications in last month’s Admin Digest blog post can help the latter determine the best ways to use AI for their orgs. Find relevant trainings for your users Suggested training can help your organization by providing insights into the Microsoft 365 help and training articles being read by your signed-in users on support.microsoft.com, and in-app help panels with these three insights: Top viewed articles across organizations shows you help and training articles that have been getting the most views. Trending across organizations shows you the help and training topics that are trending, which can help reveal topics of new interest and emerging issues. Commonly viewed together provides insight into the articles being read by all users in all Microsoft 365 organizations, along with the top viewed and top trending articles. You can use these insights to create and deliver training packages for your users. For more information, check out Microsoft 365 Experience Insights dashboard. Protect Exchange Online from Persistently Vulnerable Exchange Servers Last month, Microsoft announced a new enforcement system in Exchange Online that is designed to deal with the problem of unsupported and unpatched Exchange servers that send email to or through Exchange Online. There are many risks associated with running unsupported or unpatched software, but by far the biggest risk is security. Microsoft uses the Zero Trust security model for its cloud services, which requires connecting devices and servers to be provably healthy and managed. Servers that are unsupported or remain unpatched are persistently vulnerable and cannot be trusted, and therefore email messages sent from them cannot be trusted. Persistently vulnerable servers significantly increase the risk of security breaches, malware, hacking, data exfiltration, and other attacks. To address this problem, Microsoft is enabling a transport-based enforcement system in Exchange Online that has three primary functions: reporting, throttling, and blocking. The system is designed to alert an admin about unsupported or unpatched Exchange servers in their on-premises environment that need remediation (upgrading or patching). The system also has throttling and blocking capabilities, so if a server is not remediated, mail flow from that server will be throttled (delayed) and eventually blocked. To learn more about the new enforcement system, as well as when and how your organization may be affected by it, be sure to check out the announcement, and join a live discussion on this topic for an Exchange AMA event on Wednesday, May 10th at 9:00 AM Pacific. Simplify domain allow list management Last week Microsoft announced the introduction of the cloud.microsoft domain that will bring authenticated, user-facing Microsoft 365 apps and services onto a single, consistent and cohesive domain. This move is set to bring several benefits to customers and admins. It will drastically reduce the complexity of the allow-lists required to help your tenant stay secure while enabling users to access the apps and services they need to do their work. Exclusive ownership of the .microsoft top-level domain enables enhanced security protocols and governance controls, and the value of security investments done at the top-level domain to seamlessly accrue to the apps. All experiences hosted on the .microsoft domain can be assumed to be legitimate and authentic. Initially, only net-new services will be deployed in the cloud.microsoft domain. Existing workloads have a broader range of implications to consider and will transition at a slower pace. In most cases, no customer action will be needed to continue using Microsoft 365 workloads the same way you do today. Admins seeking to update their allow lists will find that *.cloud.microsoft has already been added to the official list of Office 365 URLs and IP address ranges. Before changing the domain for any existing service which requires customer network configuration, we will notify you at least 30 days in advance as specified in Microsoft’s standard network update cadence. For more information read the blog introducing the cloud.microsoft domain. Join the Microsoft 365 Conference We are just days away from the Microsoft 365 Conference in Las Vegas and we're excited to meet the attendees. We have a session track dedicated to delivering content relevant to Microsoft 365 admins and IT pros that provide with a wealth of knowledge from a roster of experts. The complete session list is on the conference website, but here are a few of the sessions that cover topics of interest for Microsoft 365 admins: What’s New and What’s Coming in Microsoft 365 Administration Microsoft 365 admins: Lessons Learned and Leading Practices Tools for End-User Learning and Adoption Simplifying Change Management awareness in Microsoft 365 There will also be plenty of opportunities to engage and network with Microsoft employees and attendees, and to hear about all the exciting things happening across Microsoft 365, like Copilot. Stay updated While we continue share IT admin highlights and insights in this blog series, consider also subscribing to Microsoft 365 admin center updates from the Microsoft 365 Roadmap. Keep an eye out for communications published in the Message center, too. We also highlight new feature releases and enhancements released each month in our What's new in the Microsoft 365 admin center article. Comment below if there are IT admin or change management topics that you’d like us to explore in the future! Continue the conversation by joining us in the Microsoft 365 community! Want to share best practices or join community events? Become a member by "Joining" the Microsoft 365 community. For tips & tricks or to stay up to date on the latest news and announcements directly from the product teams, make sure to Follow or Subscribe to the Microsoft 365 Blog space! Footnotes: In addition to special reports like this, the WorkLab team also publishes an annual Work Trend Index (WTI) report that draws insights from over 30,000 people, 31 countries, and trillions of productivity signals: Work Trend Index Continue reading...

How do you manage the password of a specified local administrator account to help keep your organization secure? By regularly rotating the password and backing it up with Local Administrator Password Solution (LAPS). With the legacy solution, you could only do this with Active Directory (AD) on premises, but new capabilities make it easy to manage cloud and hybrid environments, too. For cloud environments, we're excited to introduce new ways to leverage LAPS with Intune and Azure Active Directory (Azure AD). Which one's your cup of tea? Time to learn: 84 minutes [attachment=38736:name]READ Windows LAPS overview Start here to learn about LAPS. Get the overview of supported platforms, benefits, key scenarios, restrictions, policies, management, and main differences between the new and legacy solutions. A lot has changed with the April 11, 2023 update! (5 mins) LAPS + AD + AAD + Windows 10 + Windows 11 + Server + DSRM + CSP + Group Policy + Legacy [attachment=38737:name]WATCH Managing local admin account passwords in AD and Azure AD Look inside at the design and implementation of the new and improved LAPS on premises and in the cloud. See the new Configuration Service Provider (CSP), Windows Server Active Directory new features, new Group Policy Object (GPO), automatic password reset, and more. (21 mins) Admin + Passwords + MDM + AD + AAD + SCP + GPO + ADUC + PowerShell + Intune [attachment=38738:name]READ By popular demand: Windows LAPS available now! Read the announcement of new features and capabilities available on premises with the April 11, 2023 security update. Get a sneak peek at the cloud management capabilities coming soon. Check out the steps and screenshots of the improved experience. (6 mins) AD + AAD + Legacy + Native + Microsoft Graph + Intune + CSP + Group Policy + Hybrid + Pro + EDU + Enterprise + Server [attachment=38739:name]READ LAPS configuration service provider (CSP) Manage backup of local administrator account passwords with LAPS CSP. Consult a list of all LAPS configuration service provider nodes. Find actions and descriptions of framework properties with easy copy-paste code. (17 mins) CSP + GPO + Device + Pro + Enterprise + Education + Windows SE + AD + AAD + AADJ [attachment=38740:name]READ Windows LAPS management through Microsoft Intune Find prerequisites and a walkthrough of several key LAPS experiences in Intune. Specifically, learn to manage Windows LAPS policies, view the local admin password for a specific device, rotate a local admin password, and audit logs. (7 mins) Intune + Endpoint Security + Account Protection + AAD + GPO + Audit + Logs [attachment=38741:name]READ Manage Windows LAPS with Microsoft Intune policies Use Microsoft Intune endpoint security policies for account protection to manage LAPS on devices enrolled in Intune. See all capabilities, prerequisites, permissions, and frequently asked questions in this official documentation. (9 mins) Intune + AAD + AADJ + HAADJ + CSP + RBAC + Admin + Password + Backup + Rotate + Windows 11 + Windows 10 [attachment=38742:name]PREVIEW Use Windows Local Administrator Password Solution (LAPS) with Azure AD (preview) Azure Active Directory (Azure AD) support for Windows LAPS is in public preview! Read about the requirements, how to enable LAPS with Azure AD, recover local admin passwords, list all Windows LAPS enabled devices, audit password update and recovery, and manage Conditional Access policies, among other tips. (8 mins) AAD + PtH + RBAC + Conditional Access + CSP + GPO + AADJ + HAADJ + MS Graph + API + PowerShell + MDM [attachment=38743:name]READ Introducing Windows Local Administrator Password Solution with Microsoft Entra (Azure AD) Learn how to secure your devices joined to Azure AD with LAPS. This also applies to hybrid-joined devices. Walk through the screenshots of setting up LAPS, as well as recovering, resetting, and auditing local administrator passwords. (6 mins) AAD + Entra + Intune + CSP + MS Graph + API + PowerShell + RBAC + PtH + Conditional Access + Endpoint Security [attachment=38744:name]EXPERIENCE Legacy LAPS at Official Microsoft Download Center Interested in the legacy on-premises solution? See details, system requirements, and installation instructions. Hit that Download button when you're ready! (5 mins) That's a wrap for legacy LAPS, new and improved LAPS for on-premises management, and cloud-ready LAPS. Try out the public preview of LAPS with Azure Active Directory and Microsoft Intune support today! Leave us a comment below and visit our growing library of bite-sized learning at Windows skilling snacks: bite-sized learning for IT pros! Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

We realize that a clear Windows client roadmap update helps consumers and organizations with planning their Windows release activities. Today we'll provide a brief update on the latest version of Windows 10, as well as share more on the time frame for the next Long-Term Servicing Channel (LTSC) release of Windows 11. Windows 10 support lifecycle As documented on the Windows 10 Enterprise and Education and Windows 10 Home and Pro lifecycle pages, Windows 10 will reach end of support on October 14, 2025. The current version, 22H2, will be the final version of Windows 10, and all editions will remain in support with monthly security update releases through that date. Existing LTSC releases will continue to receive updates beyond that date based on their specific lifecycles. Recommendation We highly encourage you to transition to Windows 11 now as there won't be any additional Windows 10 feature updates. If you and/or your organization must remain on Windows 10 for now, please update to Windows 10, version 22H2 to continue receiving monthly security update releases through October 14, 2025. See how you can quickly do this via a servicing enablement package in How to get the Windows 10 2022 Update. The final end of support date for Windows 10 does not change with this announcement; these dates can be found on the Windows 10 Lifecycle page. Windows 11 LTSC It's important for organizations to have adequate time to plan for adopting Windows 11. Today we're announcing that the next Windows LTSC releases will be available in the second half of 2024: Windows 11 Enterprise LTSC Windows 11 IoT Enterprise LTSC We'll provide more details as we get closer to availability. Recommendation If you're waiting for a Windows 11 LTSC release, you can begin planning and testing your applications and hardware on the current GA channel release, Windows 11, version 22H2. Check out App confidence: Optimize app validation with Test Base for more tips on how to test your applications. Stay informed In the future, we will add more information here and to the Windows release health page, which offers information about the General Availability Channel and LTSC under release information for appropriate versions. The Windows release health page lists release information for different versions of Windows. Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

We are thrilled to share that our Developer Technologies MVP in Sweden, Jessica Engström, was selected as one of Women Who Code's Top 100 Technologists to Watch in 2023. Congratulations, Jessica! In this blog, we share her achievements in her own words. Let’s learn her story. Tell us about your community activities and how you help community members. “Apart from cats, my biggest passions are teaching, giving back to the community, and enabling others to strive. It started with my husband and me founding Coding After Work user group, where we provided a place for anyone with a love for code to join us, bring their own projects, and get help and inspiration from others in the user group. It led to me starting to speak at conferences and events, and I got to meet so many incredible people and have such interesting conversations. We wanted to share our interesting conversations with other people who are not so lucky to be able to travel the world meeting them, and that’s how Coding After Work Podcast was born. Organizing conferences is so much fun, I’m one of the organizers of Sweden’s largest .NET conference Swetugg. When the pandemic hit, we (Daniel Hindrikes, my husband, and I) started an online conference, .NET Frontend Day, focusing on frontend technologies for .NET. This year I was part of organizing a new conference, .NET Castle conference, which was set in a castle, so not only did we have a bunch of attendees, but we also had (paintings of) Swedish kings and queens in the audience. Coding After Work moved to be online on Twitch and YouTube. We went into a hardware store, ordered the greenest wall color we could find, and painted the entire wall in chroma key green. Let me tell you, that’s a lot of green!” How did you start your career as a technologist? “I started out studying programming, but I quickly realized that my passion was all about the user, and how we can improve our user experience and include more people with accessibility. Microsoft Sweden Developer Experience saw what I was doing in the community and approached me to consult as an audience coordinator / Marketing specialist (read community manager or developer relations). After that, I started teaching and doing workshops about everything from holographic computers to AI with cognitive services but mostly UX for developers & Agile methodologies/Scrum. I think having an understanding of code helps a lot when it comes to improving your UX and accessibility, and especially teaching developers how to think about it.” How did you feel when you heard the news about you became one of women who codes top 100 technologist to watch in 2023? “It was very unexpected, and I feel so honored and thankful to be on that list of amazing women worldwide!” Message to women who pursue careers in technology “A message to other women or underrepresented people is to try to see your worth! I have been struggling with that myself, and I have a major case of impostor syndrome, and that, unfortunately, can open up possibilities for people to step on you and even use you. Reach out to other people in the industry and ask them questions like what fair compensation for the kind of work you do or want to get into is. Ask not only other women or underrepresented people, but ask men, ask people who have been in the industry longer, and use the MVP community. I’m so thankful I got around to asking a fellow MVP about that because it turned out that I was taken advantage of and could increase my consultant fee 10-fold. Nobody even batted an eye about the higher cost because it was more aligned with my expertise and experience!” Visit her LinkedIn post to find her excitement about being the Women Who Code's Top 100 Technologists to Watch in 2023 We close this blog with her additional message to all technologists. “Don’t be afraid to reach out to your community. Most of us are happy to help if we can, and I dare to say nobody will be angry about you asking a question. You might be surprised how many of us have or have had impostor syndrome, anxiety, are introverts, and so on. We’ve all been there, and we want to pay it forward.” Continue reading...

As Microsoft cloud services have grown over the years, the domain space they live on has grown as well – into the hundreds. Over time, this fragmentation has created increasing challenges for end user navigation, administrative simplicity, and the development of cross-app experiences. An image depicting a word cloud of dozens of different URLs on several different domains, all for existing Microsoft apps and services. That’s why today we’re excited to announce that Microsoft is beginning to reduce this fragmentation by bringing authenticated, user-facing Microsoft 365 apps and services onto a single, consistent and cohesive domain: cloud.microsoft. Animated image of a browser address bar rotating through several app URLs on the cloud.microsoft domain: outlook.cloud.microsoft, status.cloud.microsoft, loop.cloud.microsoft, onedrive.cloud.microsoft, teams.cloud.microsoft, sway.cloud.microsoft and viva.cloud.microsoft. Benefits of a unified domain Consolidating authenticated user-facing Microsoft 365 experiences onto a single domain will benefit customers in several ways. For end users, it will streamline the overall experience by reducing sign-in prompts, redirects, and delays when navigating across apps. For admins, it will drastically reduce the complexity of the allow-lists required to help your tenant stay secure while enabling users to access the apps and services they need to do their work. And for all our customers – and our developers – it will lay a foundation for better and tighter integration across the Microsoft 365 ecosystem by streamlining development and improving performance of cross-app experiences. Why cloud.microsoft? ‘Dot brand’ top-level domains like .microsoft are an established method for enhancing the security, trustworthiness, and integrity of an organization’s web offerings. Similar to how the US government has exclusive rights to the .gov top-level domain (TLD), Microsoft has exclusive rights to the .microsoft TLD. Exclusive ownership enables enhanced security protocols and governance controls, and the value of security investments done at the top-level domain seamlessly accrue to the apps. And all experiences hosted on the .microsoft domain can be assumed to be legitimate and authentic: anyone attempting domain spoofing would have to go through Microsoft itself, as we are both the registry operator and sole registrant for this exclusive, trusted namespace[1]. A common term before the “dot” is also necessary in order to realize the full benefits of a unified domain. “Cloud” was selected as a durable, extensible, neutral term with a meaningful relationship to the wide range of services that will come under its umbrella, starting with Microsoft 365. What to expect Initially, only net-new services will be deployed on the cloud.microsoft domain. Existing workloads have a broader range of implications to consider and will transition at a slower pace. In most cases, no customer action will be needed to continue using Microsoft 365 workloads the same way you do today. Admins seeking to update their allow lists will find that *.cloud.microsoft has already been added to the official list of Office 365 URLs and IP address ranges, and end users will find that existing links and bookmarks will eventually redirect them automatically to the new domain. Microsoft is committed to making this transition as seamless as possible for our customers. Before changing the domain for any existing service which requires customer network configuration, we will notify you at least 30 days in advance as specified in our standard network update cadence. For domain changes to our apps and services that require deeper customer actions (such as updates to customer applications), we will provide targeted communications and give ample time for you to adjust. We will also implement long-term redirects to help ensure that legacy bookmarks, hyperlinks, and connections continue to function with old domains. To learn more, visit Managing Microsoft 365 endpoints, and be sure to join us for an Ask Microsoft Anything (AMA) on Wednesday, May 24th at 8:00 AM Pacific time to chat further with the leaders of this initiative about what to expect. FAQ What about workloads beyond Microsoft 365? The current announcement is limited to Microsoft 365. We will share plans for other services in the future. Why not microsoft.com? The microsoft.com domain currently hosts a wide variety of content: not just Software as a service (SaaS) apps, but also marketing, support, e-commerce, and more. Keeping SaaS experiences isolated in their own domain space establishes a clean security boundary for our compliant authenticated experiences and enables simplified endpoint allow-list management for admins. There are also anti-spoofing and integrity benefits to hosting such experiences on an exclusive, purposefully-managed TLD like .microsoft vs. a generic TLD like .com. Is microsoft.com going away? No. Microsoft.com will continue to be used for non-product experiences such as marketing, support, and e-commerce. Only authenticated, user-facing product experiences will be hosted on cloud.microsoft. Continue the conversation by joining us in the Microsoft 365 community! Want to share best practices or join community events? Become a member by "Joining" the Microsoft 365 community. For tips & tricks or to stay up to date on the latest news and announcements directly from the product teams, make sure to Follow or Subscribe to the Microsoft 365 Blog space! Footnotes: [1] Please see the .microsoft registry agreement on the ICANN site for more background. Continue reading...

As we observe and honor Earth Day on April 22, we're mindful of the importance of meeting our customers’ needs alongside responsible environmental stewardship. And here on the Surface team, we’re committed to producing devices with as little impact on the planet as possible. Our commitment to sustainability goes back years and has evolved into : reducing carbon impact, designing with circularity in mind, and having integrity built in. These elements make up the design language of every major product we launch. Reducing carbon impact Microsoft Surface devices are integral to achieving the company's commitment to be carbon negative by 2030. We're also delivering technology to help our customers measure and manage their Surface carbon emissions more effectively. Launched earlier this year, the Surface Emissions Estimator is a tool that helps you calculate the carbon footprint of your Surface devices1. It provides an estimate of the carbon emissions associated with the production, use, and disposal of your device. You can use this tool to calculate the carbon footprint of your Surface devices by entering information about your device, such as its model, usage, and power settings. The calculator can even recommend ways of reducing your carbon footprint. Sample results showing estimated carbon emissions for three devices Ocean plastic One of the more promising advances in device manufacturing is the use of ocean-bound plastic, recovered from plastic waste. First, it’s cleaned and processed into recycled plastic resin pellets and then blended in with virgin plastic during manufacturing. Two years ago, we launched the with a shell made with 20% recycled ocean plastic, the first consumer electronics application of this material. Going beyond ocean-bound plastic (plastic collected within 50 km of shorelines), each mouse contains recycled resin derived from recycled water bottles taken directly from oceans, beaches, and waterways. We’ve since carried this innovation to our newest accessory, Surface Thunderbolt 4 Dock for Business. The dock and power supply unit enclosures (excluding the AC cable) are attributed to 20% ocean-bound plastic2 and feature lighter materials than our previous docks. Single-use plastics have been removed from its packaging, making the packaging about 99% recyclable in OECD countries.3 Design for circularity The traditional “take, make and waste” model of electronics is becoming unviable. That's why, at Surface, we design products with the circular economy in mind, meaning we follow a reduce, reuse and recover model. By 2025, our goal is for our packaging to contain zero single-use plastics and by 2030 will be 100% recyclable. We continue to integrate innovations from our most recyclable products into the rest of our products. We also make recycling convenient and secure with global recycling programs and data-wiping. Designing for circularity minimizes waste and extends the lifespan of our devices for as long as possible, thanks to a modular design that lets commercial customers replace parts rather than throw away their devices. Surface Pro 9, for example, comes with 14 modular components, including the display, hard drive, motherboard, and battery. 4 Integrity in manufacturing Our design process focuses on building products of the highest craftsmanship with a responsible supply chain that meets higher ethical and environmental standards. Integrity also reflects our commitment to transparency on the impact of our products and supply chain, which is why we produce eco profiles for all our major devices. As the EPEAT requirements become more rigorous, our products and operations are evolving to meet more stringent standards. We plan for our products to meet the new EPEAT requirements at the Gold level.5 Surface registered products can be found on the EPEAT Registry. Crafting for longevity is vital to long-term sustainability across all three focus areas, as it can reduce emissions and increase circularity by keeping materials in use for longer. It's why our latest Surface products are the most repairable devices in their product lines. This is also where our material innovation can shine as we weave in recycled materials. You'll see it in our packaging, made of sustainably forested material that's 99% recyclable6 for Surface Laptop 5. We're also excited for our latest products to continue to bring hardware and software together to optimize energy performance. All Surface laptop and tablet devices are ENERGY STAR certified with a focus on energy efficiency and battery life. And our Surface Laptop 5 and Pro 9 devices are over twice as energy efficient as the Energy Star recommended limits. They can all also take advantage of new sustainability features in Windows 11, the first PC operating system to offer a carbon-aware feature.7 Ready for a new device? There are multiple ways to responsibly recycle your device or give it new life. Trade it in: The Microsoft Store Trade-In Program8 offers cash back for certain used devices suitable for refurbishment or reuse. See aka.ms/tradein. Sell or donate: Consider selling or donating your used device to an authorized refurbisher to give it a potential second life for a new user. See aka.ms/refurbishers. Recycle: Microsoft and other device manufacturers offer free mail-back recycling programs for used devices. See aka.ms/recycle. Learn more 2021 Environmental Sustainability Report | Microsoft CSR Energy efficiency | Microsoft Legal Product environmental and safety documents | Microsoft Legal References 1. Emissions Estimator report provided for informational purposes only. You should not interpret the report you receive to be a commitment on the part of Microsoft; actual emissions may vary based on your location, purchase method, usage, and other factors. 2. Ocean-bound plastic is plastic waste recovered from oceans and waterways, cleaned, and processed into recycled plastic resin pellets. These recycled pellets are blended in with virgin plastic during the manufacturing process. To learn more, see Sustainable Products & Solutions | Microsoft CSR. 3. In OECD countries, Microsoft operates recycling programs either independently or through third parties covering Microsoft Devices. In addition, check local recycling programs for availability. 4. Customer Replaceable Units (CRUs) are components available for purchase through your Surface Commercial Authorized Device Reseller. Components can be replaced on-site by a skilled technician following Microsoft’s Service Guide. Opening and/or repairing your device can present electric shock, fire and personal injury risks and other hazards. Use caution if undertaking do-it-yourself repairs. Device damage caused during repair will not be covered under Microsoft’s Hardware Warranty or protection plans. Components will be available shortly after initial launch; timing of availability varies by component and market. 5. EPEAT rating availability may differ by market. 6. Recyclability dependent on recycling options in markets where products are discarded. Check local recycling programs for availability. Learn more at aka.ms/recycle 7. See Windows Update is now carbon aware 8. Available in select countries only. Continue reading...

Welcome to the “Director’s cut” of the 2022 Windows Server Summit. I am going through and posting each of the sessions (and my comments) that were part of the event that took place December 6th, 2022. Now we're into some meat and potatoes kinda stuff with Sonia and Orin taking you on a whirlwind tour of how to modernize you Windows File Server. Things they cover include: Migrating file shares with Storage Migration Service, Securing your server with Connection Security Rules and how to keep things orderly by implementing File screens. They've got demos, some practical advice and a tip of the hat to some things you might have forgotten are possible on Windows File Servers. This is a mini breakout session that keeps you engaged for the full 16 minutes. Click on the video below to start your File Server modernization journey. Speakers: Sonia Cuff, Principal Cloud Advocate Team Lead Orin Thomas, Principal Cloud Advocate Resources: What's New With Windows Server 2022 (Grab an Azure Edition ISO) What's new in Windows Server 2022 Learn more: try Windows Server 2022 and Windows Server on Azure Windows Server 2022 | Microsoft Licensing Changes with Azure Hybrid Benefit https://aka.ms/WSSAHB Information on Extended Security Updates (ESUs) SQL & Windows Server 2012 End of Support | Microsoft Invest in your skills with the Windows Server Hybrid Administrator Associate Microsoft Certified: Windows Server Hybrid Administrator Associate - Certifications To watch more sessions from the 4th annual Windows Server Summit – check out the playlist https://aka.ms/WSS2022Playlist Continue reading...

As mentioned in previous posts, 11/11/2021 and on 11/15/2022, Office 2013 reached the end of the Extended Support lifecycle on April 11, 2023. Continuing to use Office 2013 could increase your organization’s exposure to security risks, impact your ability to meet compliance obligations, and/or affect end user productivity. Additionally, support for other Microsoft Office products is also coming to an end in the next months. Please review the following list and act before the end of the product’s lifecycle: Office 2019 for Mac reaches end of support on October 10, 2023. This means Office 2019 for Mac will no longer receive security updates, bug fixes, technical support, or online technical content support. Connecting Office 2016 and Office 2019 to Microsoft 365 reaches end of support on October 10, 2023. After this end date we won’t block these Office versions from connecting to Microsoft 365 services if they are kept up to date. But after October 10, 2023, improvements to Microsoft 365 services will no longer be tested with these Office versions, so, users could experience performance or reliability issues. Read more about this in our Microsoft Learn article. If you're running a version affected by any of the end of support dates, we recommend upgrading to Microsoft 365 E3, which comes with Microsoft 365 Apps – the apps you're familiar with (e.g., Word, Excel, PowerPoint, Outlook, etc.). It falls under the Modern Lifecycle Policy, so it’s continuously supported. Here are some resources to help plan the move: Review a summary of the Microsoft 365 Apps and Office support configuration matrix. Read the Office 2013 upgrade guidance for an overview of how to move from Office 2013 to Microsoft 365 Apps. Consider engaging Microsoft FastTrack – a Microsoft support service for moving to Microsoft 365 E3. Please visit our Office End of Support community for more information and resources about end of support for Office. Thanks again for being a Microsoft customer! Continue reading...

Two years ago, we shared that “It's Time to Hang Up on Phone Transports for Authentication.” Today, we’re adding the public preview of Authenticator Lite to the tools we are offering to help you move from text message (SMS) and voice-based authentication. Our priority is getting every user to sign in with modern strong authentication – passwordless, hardened against phishing, easy to use and adaptable to evolving attacks. Our top recommendation for modern strong authentication is the Authenticator, which offers the most robust security features, updated the most frequently, for free. Microsoft Authenticator app has over 100 million users worldwide who trust it as a secure and easy way to authenticate, making it the most popular way to sign in with strong authentication in Azure. Because modern strong authentication is so important, we're making it even more accessible by embedding it right into the Outlook client! We call this embedded experience Authenticator Lite - and we're excited to announce it is now in public preview! For users that haven’t yet downloaded Authenticator, they can now complete MFA for their work or school account for free using the Outlook app on their iOS or Android devices. Users can approve authentication requests and receive TOTP codes, bringing the security of Authenticator to a convenient location while simplifying users’ move off phone transports for authentication. During public preview, admins can choose to enable or disable this capability for a group of users or to leave the feature in a Microsoft managed state. Enabling a group for Authenticator Lite is possible from the Entra portal via the Authenticator configuration page. It’s also possible to enable the feature through MS Graph. Authenticator Lite, as the name suggests, will extend a subset of the Authenticator’s capabilities into Outlook. Each verification notification will include a number matching prompt and biometric or pin verification if enabled on the device. More information on the Authenticator Lite notification configurations can be found here. Once enabled for Authenticator Lite, users on the latest version of Outlook without the Authenticator app will be prompted to register Outlook as an MFA method when they launch the app on their device. Once users are registered, during their next authentication, users will be prompted to authenticate using a push notification in their Outlook app. Registered users will also have access to a TOTP code found in their Outlook settings under Authenticator. For more information on enabling this feature for your users, see here. Rollout to support this feature in Outlook is currently underway. This feature will roll out to tenants in the state ‘Microsoft managed’. For the duration of public preview, leaving the feature set to ‘Microsoft managed’ will have no impact on your users and the feature will remain turned off unless you explicitly change the state to enabled. In late April 2023, we will remove preview tags and enter general availability. On May 26, 2023, if the feature is left set to ‘Microsoft managed,’ your tenant will be enabled for Authenticator Lite by Microsoft. If you do not wish for this feature to be enabled on May 26, set the state to ‘disabled’ or assign users to include and exclude groups prior to May 26. We hope you and your users enjoy this new feature, and, as always, please let us know of any questions or feedback by leaving comments down below or reaching out to us at aka.ms/AzureADFeedback. Regards, Alex Weinert VP Director of Identity Security, Microsoft Microsoft Identity Division Learn more about Microsoft identity: Get to know Microsoft Entra – a comprehensive identity and access product family Return to the Microsoft Entra (Azure AD) blog home  Join the conversation on Twitter and LinkedIn Share product suggestions on the Entra (Azure AD) forum Continue reading...

Servicing refers to maintaining your devices up to date with security, quality, and feature updates. In Windows, it's part of the optimal lifecycle that preserves functionality and security of our products and your peace of mind. Check out our policies below, take training on our servicing model and channels, browse frequently asked questions, and find detailed release information for your versions of Windows! Time to learn: 122 minutes [attachment=37633:name]READ Overview - Product End of Support and Retirements - Microsoft Lifecycle Learn about modern and fixed policies for Microsoft products. From there, search end-of-support (EOS) and retirement details by year or product. (2 mins) EOS + Retirement + Support + ESU [attachment=37634:name]READ Explore the Windows servicing model - Training Review your options of Windows servicing channels, including the Windows Insider Program, the General Availability Channel, and the long-term servicing channel (LTSC). If you're a beginner IT admin, claim your 700XP-award for completing this introductory learning module! (18 mins) WaaS + Servicing + Insider + GA + LTSC [attachment=37635:name]WATCH Windows Insider LIVE: March 2023 If you're part of the Windows Insider Program, watch this discussion of what's coming in 2023, including new and improved channels! Try a new Canary Channel or the rebooted Dev Channel and learn how to switch channels based on your needs. Not an insider yet? Scroll down and register under Experience! (53 mins) WIP + Canary + Dev + Beta + Release Preview + Continuous Innovation [attachment=37636:name]READ Lifecycle FAQ - Windows Have a question? See if it's already been asked and answered! Find information on general Microsoft lifecycle policies, feature and product lifecycles, and servicing timelines for versions of Windows. (14 mins) Windows 11 + Windows 10 + Windows Server + WSUS + Embedded + IoT + Hardware + OEM + Edge + LTSC [attachment=37637:name]READ Windows 11 - release information Consult servicing information by version, as well as release history of Windows 11. Learn how we service our latest versions of Windows currently in the General Availability Channel. (2 mins) 22H2 + 21H2 + Home + Pro + Pro for Workstations + Education + IoT + Pro Education + Enterprise + EOS [attachment=37638:name]READ Windows 10 - release information Consult servicing information by version, as well as release history of Windows 10. Find servicing options, dates, and KB articles for each build. (33 mins) 22H2 + 21H2 + 20H2 + Enterprise + IoT + LTSB + LTSC + extended support + EOS [attachment=37639:name]EXPERIENCE Search Product and Services Lifecycle Information - Microsoft Lifecycle Search for the lifecycle information by product. Lifecycle data export - Microsoft Lifecycle Export lifecycle data by product, family, group, or date. The Windows Insider Program Be the first to see what's next for Windows in the Windows Insider Program. Register today! (time varies) You can bookmark Windows release health for updated release and lifecycle information. And when your devices do reach that retirement time, find our End-of-life management and recycling stance and tips. Have another snackable topic in mind? Let us know in the comments below! Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

Last month we took a deep dive into the update powers available to IT teams from Microsoft – including to explain the differences between the solutions on offer. This month we're back to talk about what's new in the service. New Windows Autopatch tenant health status The new ‘Inactive Status' feature is intended to make IT admins' lives easier. To help administrators recognize critically urgent issues that require immediate action, the status of their Windows Autopatch instance will be set to ‘inactive.' This will limit administrator access to only the Windows Autopatch blades and controls that need attention. Examples include misconfigured tenant access settings that would prevent the service from operating properly or software licensing issues. All other Intune features will remain accessible, and tenants that are in good health won't experience any changes. Independent insights into the impact of Windows Autopatch from Forrester Forrester has just released a study that features real Windows Autopatch customers talking about the impact the service has had on their organization and has prepared some projections so you can gauge what real value you might expect from enrolling your devices. The executive summary is a great starting point, but if you're looking for the full Forrester Consulting Total Economic Impact™ Study Commissioned by Microsoft, read New Technology: The Projected Total Economic Impact™ Of Windows Autopatch. We think these real customer quotes will make you want to read more: "By making sure that our software is current, there are fewer vulnerabilities and threats for those devices. It reduces that security gap for us." - CISO and chief data protection officer, digital services "We want to make sure that we are hitting full compliance each month, and we want to be able to get this stuff out as quickly as we can. [Windows] Autopatch gives us that visibility and the reliability of getting better patch results than we've had before." - Manager of computing solutions, chemicals The value of keeping security up-to-date New security technology was the hot topic at Microsoft Secure, but The Microsoft Digital Defense Report 2022, released late last year, shared an important finding: 98% of cyber-attacks can be prevented with ‘basic security hygiene' of which ‘Keep up to date' is a key component. The Microsoft Digital Defense Report 2022 shows that basic security hygiene still protects against 98% of attacks While this statement alone should encourage all security-minded decision makers to take a keen interest in patching, there's even more to the security value of Windows Autopatch. We dive into that story in this episode of our YouTube series and in some exciting assets you'll see soon, especially if you subscribe to this blog. New feature in public preview: customize quality updates deployment cadence with Windows Autopatch Windows Autopatch now allows you to set custom schedules for the deployment of quality updates for each of your rings. While we recommend the default settings, we acknowledge that some organizations have unique needs. With the public preview release of this feature this month, we hope you'll test the ability for this feature to meet those needs. Offer your feedback via our community page. Custom cadence types In short, Admins will now be able to define when updates are released to rings with custom deadline-driven or scheduled install settings from the Devices > Windows Autopatch > Release management blade in Microsoft Intune. Screenshot of Microsoft Intune admin center with the Deployment cadence settings opened Deadline-driven customizations allow customers to change deferrals and deadlines (within a 14- day window) and grace periods (within a 7-day window) for each deployment ring. Scheduled install customizations prevent forced restarts or interruptions, and allow admins to specify when an update is applied—either outside Active hours (if defined) or at a defined occurrence. For an in-depth explanation of how these features work, see the documentation here. Now in general availability: the ability to opt-out of updates for Microsoft 365 Apps Announced last month, and now generally available, Intune Administrators can now block Windows Autopatch from offering Microsoft 365 apps updates. Since Windows Autopatch currently sets enrolled devices to Microsoft 365 App updates via the Monthly Enterprise Channel, this feature allows organizations subscribed to different channels to still take advantage of Windows Autopatch. Autopatch is turning 1! Major milestones are often a time for looking back, but the Windows Autopatch team is instead moving full steam ahead to make the next year one to remember. Currently enrolled customers have seen some message center posts that hint at features that are coming soon to public preview. For those still waiting to enroll their tenants, here's a peek at what's coming: Custom ring configurations, and a new 5-ring default Autopatch groups to apply different cadences and ring configurations to discrete populations of devices Update to Windows 11 with Windows Autopatch New reports with more granular detail, including feature updates New guardrails and controls to keep policies and configurations working smoothly Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

Introduction: As the ERP world continues to evolve and becomes more complex, businesses are constantly seeking new ways to enhance efficiency, improve processes, and unlock valuable insights. At Microsoft, we are constantly discovering new ways to unleash creativity, unlock productivity, and uplevel skills so that more people can benefit from using AI with enterprise applications. This is allowing our customers to build the future faster and more responsibly by powering their apps using large-scale AI models. Our collaboration with OpenAI, along with the power of Azure have been core to our journey. Integrating OpenAI's cutting-edge AI capabilities and Microsoft Azure's powerful cloud infrastructure into SAP S/4HANA can be a huge game-changer for organizations aiming to stay ahead of the curve. This technical post delves into seven innovative scenarios that demonstrate the potential of Azure OpenAI (AOAI), Azure Logic Apps, Azure Functions, Azure Automate to revolutionize various aspects of SAP S/4HANA, and other ERPs from financial automation to system monitoring and regular SAP Basis related tasks. Technically speaking, Azure OpenAI utilizes GPT-4, an advanced AI language model capable of comprehending and generating human-like responses. This makes it perfect for automating tasks, enhancing data accuracy, and uncovering valuable insights. Microsoft Azure provides cloud-based services, such as Logic Apps and Functions, which facilitate seamless integration between SAP systems and AI capabilities. The amalgamation of these technologies paves the way for transforming SAP S/4HANA into a more intelligent, efficient, and powerful platform for businesses. whiteboard session with AI + SAP Importance of Understanding OpenAI and Azure Integration with SAP S/4HANA: With generative AI technologies, we are unlocking new efficiencies for businesses in every industry and getting into more how Azure OpenAI can be integrated with SAP S/4HANA for modern SAP consultants, as it can help organizations unlock new levels of efficiency and effectiveness in their SAP systems. By leveraging AI capabilities and cloud-based integration tools, businesses can automate repetitive tasks, optimize processes, and harness valuable insights to drive better decision-making and stay ahead of the competition. In this blog, we will run seven technical Whiteboard 'challenging' (and innovative too!) scenarios that highlight the potential of generative AI technology and Azure integration with SAP S/4HANA across a range of functional areas. Let’s glimpse these scenarios in detail! Whiteboard Scenario 1: Automating Sales Order Creation from Email Requests In this scenario, a company receives sales order requests from customers via email. Azure OpenAI natural language processing capabilities can be used to extract relevant information from emails and create corresponding sales orders in SAP S/4HANA. Steps: Set up an Azure Logic App with a trigger to monitor the company's email inbox. Configure an Azure Data Factory and Azure datalake to utilize Azure OpenAI to extract relevant information (e.g., customer details, product, quantity in Json/csv format) from the email body. Use an SAP connector to create a sales order in SAP S/4HANA using the extracted information. Send an email confirmation to the customer with sales order details. (see below flow diagram) Whiteboard Scenario 2: Automating Invoice Data Validation and Approval In this scenario, a company wants to automate the process of validating and approving invoices received from vendors. Azure OpenAI can be used to extract and validate data from invoice documents, and then update the corresponding purchase order status in SAP S/4HANA. Steps: Set up an Azure Logic App trigger to monitor a designated folder where invoice documents are uploaded. Configure an Azure Function to utilize Azure OpenAI to extract relevant information (e.g., vendor details, invoice number, total amount) from the invoice documents. Use a custom connector to validate the extracted invoice data against purchase order data in SAP S/4HANA. If the invoice data is valid, update the purchase order status in SAP S/4HANA to "Approved" and send an approval email to the vendor. If the invoice data is not valid, send an email to the accounts payable team with the discrepancies highlighted for manual review and repeat! (See below flow diagram) Whiteboard Scenario 3: Automating Customer Support Query Resolution In this scenario, a company wants to use Azure OpenAI to automatically resolve customer support queries by providing relevant information from SAP S/4HANA. Steps: Set up an Azure Logic App with a trigger to monitor incoming customer support requests. Configure an Azure Function to utilize OpenAI to understand the customer query and identify the required information. Use an SAP connector to fetch the relevant information from SAP S/4HANA based on the query. Use Azure OpenAI to generate a human-like response with the requested information. Send the generated response to the customer. (see below flow diagram) flowchart Whiteboard Scenario 4: Automating Material Requirement Planning (MRP) Data Analysis One of my favorite scenarios is related to data analysis. In this scenario, a company wants to use OpenAI to analyze MRP data in SAP S/4HANA and generate actionable insights to optimize inventory levels, production planning, and procurement processes. Steps: Set up an Azure Logic App with a scheduled trigger to initiate the MRP data analysis process. Use a custom connector to fetch MRP data from SAP S/4HANA, including material stock levels, demand forecasts, and production schedules. Configure an Azure Function to utilize Azure OpenAI to analyze the MRP data and identify trends, potential stockouts, and procurement opportunities. Generate actionable insights and recommendations based on the analysis. Share the insights with relevant stakeholders (e.g., supply chain managers) via email or a custom dashboard or a chatbot on Microsoft Teams (see below flow diagram) Whiteboard Scenario 5: Automating Financial Reporting and Analysis In this scenario, a company wants to use OpenAI to automatically generate financial reports (e.g., balance sheets, income statements) and provide analysis and commentary on key financial metrics, leveraging data from SAP S/4HANA. Steps: Set up an Azure Logic App with a scheduled trigger to initiate the financial reporting and analysis process. Use a custom connector to fetch financial data from SAP S/4HANA, including general ledger accounts, financial statements, and transactional data. Configure an Azure Function to utilize OpenAI to process the financial data, generate the required financial reports, and calculate key financial metrics. Use OpenAI to generate natural language analysis and commentary on the financial metrics, highlighting trends and potential areas of concern. Compile the generated financial reports, analysis, and commentary into a comprehensive document, and share it with relevant stakeholders (e.g., finance managers, executives) via email or a custom dashboard or a chatbot on Microsoft Teams. (see below flow diagram) Whiteboard Scenario 6: Automating Quality Control in Production Processes In this scenario, a company wants to use OpenAI's computer vision capabilities to automate quality control checks in its production processes. The AI system will analyze images of finished products to identify defects and update the corresponding inspection records in SAP S/4HANA. Steps: Set up an Azure Logic App with a trigger to initiate the quality control process when new production images are uploaded to a designated folder. Configure an Azure Function to utilize OpenAI's computer vision capabilities to analyze the production images and identify any defects or abnormalities. Based on the AI analysis, update the inspection records in SAP S/4HANA using a custom connector, marking the products as "Passed" or "Failed" based on the presence of defects. If a defect is detected, notify the production team and quality control personnel via email or an integrated notification system for further investigation and corrective action. Whiteboard Scenario 7: Automating Bank Statement Reconciliation In this scenario, a company wants to use OpenAI to automate the process of reconciling bank statements with their financial records in SAP S/4HANA. Steps: Set up an Azure Logic App with a trigger to initiate the reconciliation process when a new bank statement is received or uploaded to a designated folder. Configure an Azure Function to utilize OpenAI to extract transaction details (e.g., transaction date, amount, description) from the bank statement. Use a custom connector to fetch financial transactions from SAP S/4HANA for the corresponding time-period. Configure another Azure Function to match the extracted bank statement transactions with the financial transactions in SAP S/4HANA. Update the reconciliation status of the matched transactions in SAP S/4HANA using a custom connector. Generate a reconciliation report highlighting any discrepancies or unmatched transactions and share them with relevant stakeholders (e.g., finance managers, accountants) via email or a custom dashboard or a chatbot on Microsoft Teams. (See below flow diagram) By implementing these scenarios, companies can leverage Azure OpenAI features to automate repetitive tasks, reduce manual effort, and improve data reading accuracy in SAP S/4HANA using Azure Logic Apps, Azure Functions, Teams & Power Automate. Each scenario will provide high-level whiteboarding steps for implementing the integration, highlighting the key components and processes involved. Conclusion: As the SAP landscape becomes more complex to leverage the power of digital transformation, SAP consultants are constantly looking for innovative ways to optimize and automate their operations. OpenAI, when combined with Azure and SAP S/4HANA, offers a unique opportunity to achieve this goal, transforming how businesses manage their processes and make data-driven decisions. This blog has explored 7 powerful use cases that demonstrate the potential of integrating OpenAI with Azure and SAP S/4HANA to automate various tasks and deliver valuable insights. Embracing this innovative approach will not only help you stay ahead of the competition but also improve overall business efficiency, reduce manual efforts, and provide a better experience for your end-users. By integrating Azure OpenAI and SAP S/4HANA, you can unlock the true potential of your ERP systems and drive your organization towards digital excellence. As you consider implementing these scenarios in your organization, it's important to ensure that all security and GDPR compliance requirements are met. Before testing, make sure to conduct thorough security and privacy assessments to avoid potential risks. In conclusion, the power of Azure OpenAI and SAP S/4HANA integration can transform the way you manage your ERP operations. We encourage you to explore these scenarios and harness the benefits of this cutting-edge technology. Good luck on your journey towards a smarter and more efficient SAP landscape! Let's us know your thoughts and feedback on these scenarios crafted! There could be endless possibilities in coming years with Azure OpenAI advancement! Useful links Azure OpenAI Service frequently asked questions - Azure Cognitive Services | Microsoft Learn Create a cloud flow from a description - Power Automate | Microsoft Learn Request Access to Azure OpenAI Service (microsoft.com) AzureOpenAIExamples (github.com) Check out our Introduction to Azure OpenAI training course #AzureOpenAI #PowerAutomate #SAPonAzure #Azurefunctions Disclaimer: The scenarios mentioned in this blog post should be tested while adhering to proper security and GDPR compliance checks. Azure OpenAI and SAP S/4HANA integration should be executed within the boundaries of your organization's security and privacy policies. Continue reading...

File management might be tedious, but it is sometimes required, especially when storage space is limited. PowerShell is an excellent tool for automating most activities, and identifying duplicate files on your computer is an excellent application of the tool. The script below will detect and report (rather than delete) all files in the directory and subdirectories, group them by size, filter out groups with only one file, and report on the duplicate files with their full path and creation time. # Get all files in a directory and subdirectories $files = Get-ChildItem -Recurse -File # Group files by size $groups = $files | Group-Object Length # Filter groups with more than one item $duplicates = $groups | Where-Object {$_.Count -gt 1} # Output duplicate files foreach ($duplicate in $duplicates) { Write-Host "Duplicate files of size $($duplicate.Name):" $duplicate.Group | Select-Object FullName, CreationTime | Sort-Object CreationTime | Format-Table -AutoSize } This script may be run in PowerShell by saving it as a.ps1 file and then running it from the PowerShell command prompt. Please keep in mind that if you have a large number of files on your computer, this script may take some time to run. How to detect duplicate files on your computer via PowerShell As always, please share your PowerShell automation scripts in the comments section below so that they can be added to or improved upon the script published above. Continue reading...

Windows monthly updates come in several shapes and forms, but they are all here to keep organizations and individuals protected and productive. Take a 5-minute break to brush up on the assortment of releases or block out 41 minutes to take deeper training on managing them. In the other quarter-hour chunks, you can learn about new ways we help you manage updates, how cumulative updates have improved with Windows 11, and how to know when your devices will update. Time to learn: 117 minutes [attachment=36177:name]READ Windows monthly updates explained Start with this easy reference guide that simplifies the different types of updates. What’s the difference between security and optional non-security updates? What’s special about out-of-band (OOB) updates and continuous innovation? See our simple guide to keeping you protected and productive. (5 mins) Security Release + Non-Security Release + OOB + Continuous Innovation + SUVP + Release Notes + Release Health [attachment=36178:name]READ Manage Windows updates in the cloud Complete this learning module for up to 1000 experience points. Review what you’ve learned about feature update management and dive deeper into quality or security updates. (41 mins) Deadlines + User Experience + DO + Group Policy + MDM + Intune [attachment=36179:name]READ + WATCH Update power: Microsoft management solutions for your scenario(s) Which update solution is right for your scenario? This guide describes and shows cloud-based and on-premises solutions, including Windows Update for Business, Windows Update for Business deployment service, Windows Autopatch, and Windows Server Update Services (WSUS). (24 mins) MDM + WUfB + WUfB DS + Autopatch + WSUS + Intune + Microsoft Graph + Enterprise + Education + Pro + On-Prem [attachment=36180:name]READ Use Intune to expedite Windows quality updates If needed, expedite the installation of the most recent Windows 10/11 security updates with Intune. Start with how expedited updates work (with examples!) and whether you meet the prerequisites. Then learn how to create and assign an expedited update, manage relevant policies, then monitor, and report on them. (14 mins) Intune + Windows Update + WUfB DS + Azure AD + Deferral Period + Deadline + Microsoft 365 + VDA + Group Policy [attachment=36181:name]WATCH Windows 11 cumulative update overview Review how the Latest Cumulative Updates (LCUs) for Windows 11 have become smaller, faster, and easier to manage. Jump behind the scenes of package and download size reduction, improved installation orchestration, increased servicing of new language packs, and improved language and features on demand supplemental media. (17 mins) CU + Language Packs + FODs + CPU + WU + WUfB + WSUS + Dynamic Update [attachment=36182:name]WATCH When is my device going to update? In this video recording, hear from the developers who wrote the code behind when your devices are going to scan, download, and install Windows updates, and when they reboot. Learn about the logic that goes into the “intelligent” decisions around when to update. (16 mins) Windows Update + WUfB + Intune + Update Rings + OOB + Deferrals + Policies + Active Hours + Notifications Great to see you on the other side of the 117 minutes! If you have room for dessert, check out Get current and stay current with Windows Autopatch (16 minutes to read and watch) about one of the popular solutions for enterprises that leverage Windows Update for Business or Windows Server Update Services. Can’t get enough of this or another topic? Let us know in the comments below! In the meantime, a happy two-month anniversary to all those who have been with us through these Windows skilling snacks: bite-sized learning for IT pros! Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

Welcome to the March 2023 update. This month, we are excited to announce several new features across web, Windows, and Mac. For web users, speed up large workbooks with Check Performance, insert and edit formulas with Formula Argument Assistance, and enhance your query organization with Drag & Drop in Queries Pane. Block untrusted XLL Add-Ins has launched to all Windows users, while Assign a Task with @mentions is now available for Windows and Mac users. Also, now that college basketball excitement is in full swing, check out this College Basketball Random Bracket - try them with family and friends. Excel for the web: Check Performance Formula Argument Assistance Drag & Drop in Queries Pane #FIA Excel for Windows: Block untrusted XLL Add-Ins Assign a Task with @mentions Excel for Mac Assign a Task with @mentions Excel for the web Check Performance When you open your workbook, Excel can detect whether your workbook contains unwanted formatted cells that can slow down your workbook. If so, Excel suggests launching “Check Performance.“ You can also manually launch the feature from Review > Check Performance. Read the blog article, and see it in action Check Performance Formula Argument Assistance Formula Argument Assistance card accompanies you while writing a formula, and helps you insert or edit the arguments. You no longer need to reach out to external sources for help when you are typing your formula! The Argument Assistance card will help you write formulas more efficiently and reduce errors. Read more > Formula Argument Assistance #FIA! Drag & Drop in Queries Pane Drag & Drop in the Queries pane enhances your ability to organize your queries - you can easily sort queries or move them between folders. Drag & Drop in Queries Pane Excel for Windows Block untrusted XLL Add-Ins This feature adds a layer of security to your worksheets. It protects you from potential attacks coming through XLL add-ins, a particular type of add-in that is being used to distribute malware to unsuspecting victims. Read more > Block untrusted XLL Add-Ins Assign a Task with @mentions Assign a Task allows users to collaborate more effectively with their teams by creating and assigning tasks within their Excel worksheets and Word documents using @mentions in comments and tagging a team member. Once a team member is assigned the task (by selecting the ‘Assign to’ check box to the comment to convert to a task and then clicking the blue arrow), they receive an email notification to let them know they have tasks to action. Read more > Assign a Task Excel for Mac Assign a Task with @mentions Assign a Task allows users to collaborate more effectively with their teams by creating and assigning tasks within their Excel worksheets and Word documents using @mentions in comments and tagging a team member. Once a team member is assigned the task (by selecting the ‘Assign to’ check box to the comment to convert to a task and then clicking the blue arrow), they receive an email notification to let them know they have tasks to action. Read more > Assign a Task Check if a specific feature is in your version of Excel Click here to open in a new browser tab Your feedback helps shape the future of Excel. Please let us know how you like a particular feature and what we can improve upon—send us a smile or frown.  You can also submit new ideas or vote for other ideas via Microsoft Feedback. Subscribe to our Excel Blog and the Insiders Blog to get the latest updates. Stay connected with us and other Excel fans around the world – join our Excel Community and follow us on Twitter. Continue reading...

Since introducing Microsoft Defender Threat Intelligence (Defender TI) in August, our customers have made their organizations safer by proactively addressing threats with its array of raw intelligence and having unparalleled insight into the threat ecosystem with its extensive library of finished intelligence. Today, we are excited to announce several new features and capabilities that put more threat actor insights at our customers' fingertips and enhance SIEM and XDR capabilities in their existing tools and workflows, including the integration of Defender TI into Microsoft 365 Defender. M365 Defender Integration Threat Intelligence is a foundational component of any security operations platform. Defender TI is now available to licensed customers directly within the Microsoft 365 Defender portal to deliver powerful intelligence that helps analysts correlate information and provides immediate context about threats during their investigations, all within a unified experience. Licensed users will see the following: A new threat intelligence navigation tab and threat analytics merged with Defender TI articles, Intel Profiles, and IOCs. Threat Analytics merged with Defender TI articles and IoCs written and compiled by Microsoft's award-winning threat researchers. An Intel Explorer tab enables pivots on Internet data to launch advanced investigations across Microsoft's continuously updated map of the entire internet. Intel Profiles Intel Profiles are a form of finished intelligence putting the wealth of information collected from the award-winning Microsoft Threat Intelligence team about threat actors and their tools all in one place. Intel profiles are updated daily with analyses of threat actor tools, tactics, and procedures (TTPS) mapped to the MITRE framework and industry-specific guidance, target profile information, and indicators of compromise (IOCs) related to threat groups or tooling. Microsoft 365 Defender and Microsoft Sentinel customers can quickly access this information to analyze, investigate, and hunt threats. Profiles are updated whenever new information is discovered. Intel Profiles focus on three key areas: Actors: Threat actors Microsoft has previously publicly disclosed. Tools: Analysis of the capabilities of specific tools leveraged by actor groups. Activity: Original research around actors, campaigns, and vulnerabilities. API Defender TI now has an API to boost interoperability and help the SOC punch above its weight by responding to threats at scale. The Defender TI API allows organizations to query Defender TI data to operationalize intelligence gleaned from threat actors, tools, and vulnerabilities. Security teams can enrich their understanding of entities inside security incidents, automate triage efforts, and integrate with a broad ecosystem of security tools, including Microsoft Sentinel. New Sentinel playbooks will leverage the API to enable defenders to query Defender TI's raw and finished intelligence at scale to quickly boost their understanding of threats. These playbooks evaluate indicators in an incident with Defender TI's reputation data—everything we know about a piece of online infrastructure—to mark its severity and automatically triage it accordingly. Playbooks will also automatically enrich incidents with Defender TI's web component data, leveraging Microsoft's map of the internet to show the makeup of a webpage or the technology and services driving a specific piece of infrastructure. These show the extent of an actor's infrastructure or additional sites that have been compromised so teams can understand the full extent of a threat. Sentinel Solutions IOCs from Defender TI finished intelligence are already natively integrated with Microsoft Sentinel, but now there are new ways to leverage them. Via a Microsoft Sentinel Data Connector and Microsoft Threat Intelligence Analytics rule, customers can leverage IOCs surfaced in Microsoft Threat Intelligence to ensure their organizations are protected from the latest threats. Microsoft Sentinel Data Connector: Microsoft researchers will continually add all publicly available indicators of compromise (IOCs) from Defender TI finished intelligence to the Microsoft Sentinel TI blade. Microsoft Sentinel users can access these valuable IOCs for free to drive analytics, hunting, and investigations. Microsoft Defender Threat Intelligence Analytics Rule: When enabled in Microsoft Sentinel, this built-in rule takes URLs, domains, and IPs from a customer environment via log data and checks them against a dynamic list of known bad IOCs from Defender TI. When a match occurs, an incident is automatically created, and the data is written to the Microsoft Sentinel TI blade. By enabling this rule, Microsoft Sentinel users know they have detections in place for threats known to Microsoft. We want to hear from you! Be sure to join our fast-growing community of security pros and experts to provide product feedback and suggestions and start conversations about how Defender TI is helping your team stay on top of threats. With an open dialogue, we can create a safer internet together. Learn more about Defender TI: aka.ms/mdti, and try it today: security.microsoft.com Continue reading...

Have you ever been in a situation where a Windows device takes an update that is not compatible with the system or causes an issue that prevents user productivity? In this scenario, it can be frustrating to determine the best way to get the device(s) back to a protected and productive state. Using Microsoft Intune, here are a few ways to address the situation. If the update you want to uninstall is a Windows feature update that replaced the previous version of the operating system (OS) on the device, you can roll back the feature update using Intune and by leveraging the Update CSP. Screenshot of the Overview page in the Intune admin center, showing the Uninstall options for update rings for Windows 10 and later To use the Uninstall option for feature updates (Rollback/FeatureUpdate in the Update CSP) in Intune, the device must be running Windows 10, version 1803 and above, have feature updates paused, and be within the uninstall period. Intune also provides the ability to uninstall quality updates installed on a device. Again, to leverage this capability, the device must be running Windows 10, version 1803 and above, have quality updates paused, and be running the latest quality update available to the device based on quality update deferral settings. To uninstall other types of updates, including Windows feature updates delivered via enablement package, you can leverage PowerShell scripts in Intune. *An enablement package, sometimes referred to as an eKB, is a small, quick-to-install "master switch" that activates features already present on a device but in an inactive and dormant state. Enablement packages are available for feature updates that share the same core operating system (OS) as the version of Windows prior to them (e.g. Windows 10, version 21H2 and Windows 10, version 22H2). PowerShell Once you are ready to use PowerShell scripts on Windows 10/11 devices in Intune, run the following two PowerShell scripts: First, to get the full list of updates installed on the device run: get-windowspackage -online -PackageName "*KB*" Then, to uninstall a specific update that was present in the list of installed updates, run: Remove-WindowsPackage -Online -PackageName "Package_for_KB5015684~31bf3856ad364e35~amd64~~19041.1799.1.2" You will need to swap the package information above with the package that you wish to uninstall. Note: You will want to run both scripts under the system account. This means you should choose "No" as the default for "Run this script using the logged on credentials". Once the uninstallation is complete, restart the system. Deployment Image Servicing and Management (DISM) Alternatively, you can use the DISM tool directly: dism /online /remove-package /PackageName:Package_for_KB5015684~31bf3856ad364e35~amd64~~19041.1799.1.2 You will need to swap the package information above with the package that you wish to uninstall. As above, once uninstallation is complete, restart the system. I hope you find this brief guide to uninstalling updates helpful. May you never need this information! As always, please feel free to reach out to me on Twitter @AriaUpdated or here on the Tech Community with questions, comments, and feedback. Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

I just finished writing up the release notes for Azure Data Studio 1.42, and I cannot get over the amount of work the engineering team has completed since January. Go big or go home. For regular users of Azure Data Studio, we hope you are starting to experience the improvements we have been making in the application. This continues with the 1.42 release, though we also found time to introduce new functionality as well. Group by Schema One of the original feature requests for Azure Data Studio was the ability to view objects by schema in Object Explorer (OE). Finally, that functionality is available in this release for the MSSQL provider: Screenshot of group by schema enabled The default behavior shows the objects grouped by type (Tables, Views, etc.) and can be quickly toggled by clicking the branching icon in the Servers View. The configuration persists through restarts of Azure Data Studio, and it applies across all MSSQL connections; it is not selective to instance or database. We have also given users more control in terms of server timeouts for Object Explorer (OE). The default value is 45 seconds, and you can customize the OE option within Settings ( CTRL/CMD + , ) by changing Mssql > Object Explorer: Expand Timeout. For Azure SQL Database serverless and slower connections, more time might be needed for a response from the server, and increasing this value may reduce timeouts in those scenarios. User Management We are working on our roadmap for the coming year, and now seems like a fine time to mention that we are adding User Management capabilities. The feature is currently in Preview, but if you’re looking to create a server login, simply right-click on the Logins node and select New Login. Screenshot of New Login menu option User management is available for both traditional, on-prem instances (SQL and Windows authentication), and for Azure SQL DB (SQL and Azure Active Directory). Database users can also be created from the User node, (under the Security node in the database), and schema and role membership can be assigned or updated. We will continue to expand this functionality over the next couple releases as we bring it to GA, and would love to hear more about how you interact with SQL logins and users. Feel free to peruse the Azure Data Studio issues for the user management workstream, or drop into a discussion and share your feedback. Connectivity There are two significant changes related to connections to which we want to draw your attention. The first is an update to the Encrypt property for the MSSQL provider connections. In the November release (1.40) you may remember that the default value for the Encrypt property changed to True. In this release, we have completed support for all three encryption options: Strict, Mandatory (True), and Optional (False). New connections still default to Mandatory (True), but you now have the additional capability to enable Strict encryption for full support of TLS 1.3 with SQL Server 2022. On the topic of the connection dialog, there is a new property, Host name in certificate, on the Advanced tab under Security. For servers that have a certificate configured, you must enter the Subject or DnsName used in the certificate in the Host name in certificate property. Also on the Advanced tab, under Initialization, there now exists Command timeout. The default is 30 seconds, but for those of you with Azure SQL DB serverless you may find that increasing this timeout for those connections reduces timeout occurrences, as it allows the database additional time to come online if it’s been paused. Screenshot of options in Advanced Properties for connections The second significant change is the new setting Mssql Enable Sql Authentication Provider, which can be enabled in Settings (CTRL/CMD + , ). For those that connect to Azure SQL with Azure Active Directory and Multi-Factor Authentication (AAD + MFA), enabling this option allows connections to be maintained without the concern of losing access token lifetime or getting dropped by the server. Access tokens will be refreshed internally by the SqlClient driver whenever they are found to be expired. We expect this should benefit those who have previously reported issues related to loss of connectivity. But that’s not all…the 1.42 release also adds support for connections to Microsoft Dataverse using the TDS endpoint, it has additional error reporting for Azure connections, and we introduced support for change password. Additional Improvements Those of you using arm64 Windows and macOS may notice that the application runs a little faster, as we have completed backend work to make the SqlToolsService (on which Azure Data Studio runs) support native arm64. You may notice a few minor changes in the UI; we added New Deployment under the File menu: Screenshot of New Deployment... menu option and we changed the Add an account icon in the Linked Accounts pane (accessed by adding a new Azure account) to make it more consistent with our add action elsewhere. Finally, in this release we have removed Big Data Cluster (BDC) support, as originally planned. There exists a separate download of ADS 1.41 that BDC customers can continue to use. Wrap up The complete list of improvements and bug fixes can be found on the release notes page, and please continue to report issues in GitHub. For those of you that like to keep pace and are willing to try out changes as we make them available, we encourage you download the Insiders build. New Insider builds are released daily and updates can be initiated by selecting Check for Updates… in the Help menu. The Insider release can run side-by-side with the stable release on your machine. We again thank the users that report issues, log feedback, and work with us to uncover the root problem. You are helping to make Azure Data Studio a better and more complete tool for managing data in Azure, and we appreciate your support. Continue reading...

Windows updates keep you protected and productive in different ways, and we continue to optimize the update experience. Whether you're an IT administrator or a general user, Windows monthly updates provide you with the security fixes to help keep your devices protected—as well as enhancements based on your feedback. Monthly updates are cumulative and include all previously released fixes to guard against fragmentation of the operating system (OS). This contributes to the reliability and quality of the Windows platform. This post summarizes the different types of monthly updates and shares insights on how we've optimized our approach to Windows servicing and delivery. Monthly security update release For many of you, Update Tuesday (also referred to as "Patch Tuesday") is a regular part of Windows servicing. Published on the second Tuesday of each month, our security update releases are cumulative. That is, they include both new and previously released security fixes along with non-security content introduced in the prior month's optional non-security preview release (see below). These updates help keep Windows devices secure and compliant by deploying stability fixes and addressing security vulnerabilities. Note: People tend to use "B release," quality update, security update, and LCU interchangeably. Monthly security updates are mandatory and are available through our standard channels, which include Windows Update, Windows Update for Business, Microsoft Intune, Microsoft Configuration Manager, Windows Server Update Services (WSUS), and the Microsoft Update Catalog. Optional non-security preview release You've got options with optional non-security preview releases. Available the fourth week of the month, these production-quality updates are released ahead of the planned security update release for the following month. In addition, new features, like Search highlights, may initially be deployed in the prior month's optional non-security preview release, then ship broadly in the following month's security release. Note: The term “optional non-security preview release” now replaces what we used to call either a “C” or “D” release to align with the current process. Optional non-security preview releases are also cumulative and are only offered for the most recent supported versions of Windows. Starting in April 2023, we now target optional non-security preview releases for the fourth week of the month. We have found this to be the optimal time for us to publish and for you to consume these updates. That's two weeks after your latest monthly security update and about two weeks before you'll see these features become part of the next mandatory cumulative update. We're excited for this improvement as it is meant to optimize the validation of payloads, improve consistency, and enhance the predictability of your testing, update, and upgrade experience. To access optional non-security preview releases, navigate to Settings > Windows Update > Advanced options > Optional updates, select from the available updates, and click Download and install. Out-of-band releases Out-of-band (OOB) releases may be provided to fix a recently identified issue or vulnerability. They are used in atypical cases, such as security vulnerabilities or a quality issue, when devices should be updated immediately instead of waiting for the next monthly quality update release. Out-of-band releases are cumulative, meaning that they include the updates from the previous security and/or non-security release, as well as the additional fix. Continuous innovation in Windows 11 Beginning with Windows 11, version 22H2, new features and enhancements are delivered to the most recently released in-market version of Windows 11 more frequently using servicing technology. As with all updates, we utilize a phased and measured approach in rolling out continuous innovation to the Windows 11 ecosystem. Experiences may be introduced in an optional non-security preview release prior to being made available broadly via a monthly security update or via Controlled Feature Rollout (CFR) technology. For more information on how to control when select features introduced via servicing are released to the devices you manage, see Commercial control for continuous innovation. Recommendations As a general practice, we recommend that you update your devices as soon as possible, whether you're a general user or an IT professional. For IT admins, we also recommend taking advantage of the optional non-security preview releases to internally validate releases ahead of the following month's security update release. To help manage updates across your organization, bookmark these resources: Windows 11 update history and release notes Windows 10 update history and release notes Windows release health on Microsoft Learn (also available in the Microsoft 365 admin center) These pages are available in multiple languages and refer to each release by a unique KB number. IT admins may validate fixes and features in a preview release by leveraging the Windows Insider Program for Business or via the Microsoft Update Catalog. If you are a Microsoft Partner or registered commercial customer, you can also take advantage of the Security Update Validation Program (SUVP). It's a quality assurance testing program designed for the monthly security update release. As a SUVP partner, you can start testing these security updates three weeks prior to Update Tuesday and provide us with feedback regarding usability, bug reports, test reports, etc. For additional tips, read Ensuring a successful Windows quality update experience. Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

Create, customize, and deploy your own portfolio website in minutes without installing any tools. All you need is a GitHub account and a few minutes to get started. We will use GitHub Codespaces and Blazor to build the website and Azure Static Web Apps or GitHub Pages to deploy it. You can find all these instructions and more in our GitHub Codespaces Repository. GitHub Codespaces Now, with GitHub Codespaces you can create your own portfolio website in minutes without any extra tools or lengthy environment setup! All you need is a GitHub account. Follow these instructions to create your free GitHub account. GitHub Codespaces is a development environment that is hosted in the cloud. This means that you can get started coding right away in your browser – we set everything up for you ahead of time! You do not need to worry about setting up the right coding editor or tools. .NET Portfolio Site with GitHub Codespaces With the .NET Blazor Portfolio Site project template, all you need to do is launch your Codespace then follow the README instructions to customize your website. The goal is to give you a template you can immediately utilize to create your own website through GitHub Codespaces. This template shows you how to build your website using Blazor. Blazor is a UI Framework that lets you build frontend web applications with C#. The template is within the GitHub Student Developer pack, but anyone can access and use it! Who is this for? Anyone looking to create a portfolio site, learn web development, or test out Codespaces. How much experience do you need? Zero. You decide how much you want to customize based on your experience, and time available. Tools needed: None. No need to install anything! All you need is a GitHub account and web browser. Prerequisites: None. This template includes your development environment and deployable web app for you to create your own site. Get Started with the .NET Portfolio Website Template Go to the template in GitHub: GitHub - education/codespaces-project-template-dotnet: Codespaces template for building a .NET project Click Use this template Create a copy of the repository in your GitHub account. You can keep the repository name the same or change it if you would like. At the top of the README, click on the Open in GitHub Codespaces button You should now be in a GitHub Codespace! Notice that it has the same layout as VS Code. Follow the readme on how to run a simple command to start up your website. In your terminal, you will need to run swa start. Congratulations! You just ran your portfolio website!! Next Steps: Customize and Deploy From here, you can continue to follow the instructions in the README to customize your portfolio website and deploy it! This project is built to be easily customizable. Each section of the site is a separate component, and your information needs to be set in only one spot. For each step, open the project in Codespaces, then you can make and commit your changes while within your Codespaces. To deploy your website, you can use Azure Static Web Apps or GitHub Pages. The README includes instructions for both deployment options. Learn More Check out our learning resources and coding curriculums to take these learnings to the next level! Learn to Program using C# Curriculum Build Web Applications with Blazor Curriculum Introduction to Web Development Projects How to Create Your Own Portfolio Website in Minutes with GitHub Codespaces and Blazor Continue reading...

Small and large businesses today need a productive and secure cloud virtualization space. Windows 365 Cloud PCs and Azure Virtual Desktop VDI resources are that! Whether your organization has already chosen a solution or not, quench your appetite for the latest best practices with this week’s selection. Start at the top for side-by-side comparisons of Azure Virtual Desktop and Windows 365 or jump right into the solution that fits your interest. Time to learn: 101 minutes [attachment=34612:name]READ Manage Cloud PCs and Virtual Desktops - Training Explore the differences between Azure Virtual Desktop and Windows 365 so you better understand how to configure and provision both solutions. Learn how to use Intune to manage Azure Virtual Desktops and Windows 365 cloud PCs. (18 mins) AVD + Windows 365 + MEM + Intune + ConfigMgr + Administrator + VM + Device Image + Provisioning + Resize [attachment=34613:name]WATCH Understanding Azure Virtual Desktop and Windows 365 for hybrid work How can Azure Virtual Desktop and Windows 365 Cloud PCs meet your organizational needs? Dive into the IT admin experience of each product and the choices you’ll need to make before, during, and after deployment. (21 mins) AVD + Windows 365 + VM + VDI + AADJ + HAADJ + Intune + SaaS [attachment=34614:name]WATCH Azure Virtual Desktop Essentials | Intro and Full Tour Take a tour of the essentials for Azure Virtual Desktop! See what it is, how it works, and your options for configuring the service as an administrator to meet your organization's needs. (7 mins) AVD + VM + Remote Apps + UX + Azure Monitor + Diagnostics + Azure AD + Security + Mac + iOS + Android [attachment=34615:name]READ Deploy Azure Virtual Desktop with the getting started feature Quickly deploy Azure Virtual Desktop with the getting started feature in the Azure portal. Review the prerequisites, deployment steps, connection guidance, the resources that are deployed, clean-up resources, and next steps in this official documentation. (24 mins) AVD + AD DS + UPN + ARM [attachment=34616:name]WATCH Windows 365, your Cloud PC | What it is, how it works, and how to set it up Visualize the end-user and IT experience with Windows 365. As a fully managed service, assign and configure Cloud PCs using familiar tools like Microsoft Intune. (14 mins) Cloud PC + Connection Speed + MEM + Azure AD + Provisioning Policies + Analytics + MFA + Security Baselines [attachment=34617:name]WATCH What's new and how to deploy Windows 365 Business Learn how to quickly create and enroll Windows 365 Business Cloud PCs into Intune for advanced device management. Learn about the various internal feedback channels to stay in touch. (17 mins) Cloud PC + SMB + MEM + AADJ + M365 Admin Center + Feedback Hope you enjoyed this latest installment of skilling snacks. Watch out for more thematic care packages weekly and let us know what you think in the comments below! Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A. Continue reading...

One of the most rewarding aspects of being at Microsoft is the opportunity to work on long-term initiatives with the potential to change the very nature of computing. More than a decade after we launched our first Arm-based device, it’s exciting to witness how the Arm® processor has evolved from powering embedded devices in the Internet of Things (IoT) to the very thing everyone is talking about now. Not just because Arm processors like Microsoft SQ®3 can deliver up to 19 hours of battery life[1] on Surface Pro 9 with 5G. Or that our latest Surface 2-in-1 runs cool and quiet, doesn’t need a fan, and consumes less power than the equivalent Intel Surface Pro 9. This isn’t just about your personal device. It’s bigger than that. Arm processors are making inroads into Microsoft datacenters, helping them become more energy efficient by taking advantage of “dense, low-cost, energy-efficient servers with a small footprint, low power and performant compute silicon.”[2] Carbon emissions of hyperscale cloud services are fast becoming a significant factor in cloud purchase decisions. [3] From garage door opener to game changer Around the same time Windows RT launched in 2012 on the first Surface device, Arm introduced the concept of creating CPUs that could work fast and hard when needed, using only the high-efficiency cores for tasks that didn’t need lots of horsepower. Arm processors combine high-power & high-wattage cores with low-power & high-efficiency cores to create highly versatile multicore CPUs. If you’re checking your email or shopping online, the “little” cores can handle it without using much power. But if you’re playing games or streaming movies, the big cores kick in with more performance. We saw how the Arm architecture enabled smartphones to run for days on a single charge and took the same concept into the Windows framework. With their highly efficient energy, processing power, and heat ratios, Arm is rapidly cutting into the desktop and server landscape. With every iteration of the Windows support for Arm, we build Surface hardware to complement the software capabilities. Over time, we added more and more capabilities into Arm, such as : Emulation: With Windows 11, both x64 and x86 applications can run in emulation. Support for Modern management: Arm devices are built for the modern user who uses modern applications with deployments powered by Autopilot for a seamless IT workflow. Native Arm app support: The number of apps supported natively on Arm has rapidly increased over the last two years, including Adobe Photoshop®, Adobe Lightroom®, VLC, Netflix®, and many more. Latest highlights Surface Pro 9 with 5G. Featuring the Microsoft SQ3 Arm processor built in partnership with Qualcomm, Surface Pro 9 with 5G comes with a Neural Processing Unit (NPU) providing AI-enabled enhanced camera and audio effects. The Native Arm64 version of Visual Studio® 2022, announced at last year’s BUILD developer conference, is the first version of Visual Studio with native support for building and debugging Arm64 apps on Arm-based processors. Windows Dev Kit 2023 (code name “Project Volterra”) is the latest Arm device built for Windows developers with a Neural Processing Unit (NPU) that provides best-in-class AI computing capacity, multiple ports, and a stackable design for desktops and rack deployment. Purpose-built with everything you need to develop, debug, and test native Windows apps for Arm. Looking forward: ecosystem expansion Surface is implementing new features to support modern work via AI, NPU, and machine learning functionality to enable better hybrid work scenarios. References [1] Battery life varies significantly with settings, usage, and other factors. See aka.ms/SurfaceBatteryPerformance for details. [2] New Arm-based cloud services from Microsoft highlight the power of choice in computing – Arm®. [3] Report: By 2025 carbon emissions of cloud services will be main factor in purchasing | VentureBeat Continue reading...

Microsoft 365 Defender Monthly news March 2023 Edition [attachment=34051:name] This is our monthly "What's new" blog post, summarizing product updates and various new assets we released over the past month across our Defender products. In this edition, we are looking at all the goodness from February 2023. Legend: [attachment=34052:name] Product videos [attachment=34053:name] Webcast (recordings) [attachment=34054:name] Docs on Microsoft [attachment=34055:name] Blogs on Microsoft [attachment=34056:name] GitHub [attachment=34057:name] External [attachment=34058:name] Product improvements [attachment=34059:name] Previews / Announcements Microsoft 365 Defender [attachment=34060:name] The virtual Ninja Show is back with Season 3. Check out the show schedule and add the episodes to your calendar, so you don't miss them. [attachment=34061:name] Automatic disruption of Ransomware and BEC attacks with Microsoft 365 Defender. We are excited to announce the expansion of the automatic attack disruption public preview to cover new attack scenarios including business email compromise (BEC) campaigns and human-operated ransomware (HumOR) attacks. [attachment=34062:name] Automate your alert response actions. Learn how to set up automatic response actions for any built-in alerts in Microsoft 365 Defender to take quick, decisive, and automatic actions on impacted entities while staying ahead of potential threats in your organization. [attachment=34063:name] Get to the Microsoft Tech community directly via your search. You can now search your questions directly in the top bar and click on the community section to find answers in the Tech Community (public preview). [attachment=34064:name] Query resource report in advanced hunting. Now generally available, the query resources report shows your organization's consumption of CPU resources for hunting based on queries that ran in the last 30 days using any of the hunting interfaces. [attachment=34065:name] Microsoft 365 Defender incidents, alerts and advanced hunting in MS Graph are now generally available. Try the new incidents, alerts and advanced hunting APIs in MS Graph security. Microsoft Defender for Endpoint [attachment=34066:name] 2022 Gartner:registered: Magic Quadrant™ for Endpoint Protection Platforms. Gartner has again recognized Microsoft as a Leader in the 2022 Gartner® Magic QuadrantTM for Endpoint Protection Platforms, positioned highest on the Ability to Execute. Read blog and full report here. [attachment=34067:name] Push ASR rules with Security Settings Management on Microsoft Defender for Endpoint managed devices. Now in public preview, Microsoft Defender for Endpoint expands Security Settings Management support to push ASR rules on managed devices. [attachment=34068:name] Defender for Endpoint and disconnected environments. Which proxy configuration wins? This article is a follow-up to a previous one discussing conflicting proxy configurations and how Microsoft Defender for Endpoint behaves in these situations. The first article can be found in here. [attachment=34069:name] Announcing device isolation for Linux. Now in public preview, Microsoft Defender for Endpoint releases device isolation support for Linux. [attachment=34070:name] Live Response support for macOS and Linux. Live Response capabilities are now Generally Available for macOS and Linux. This also includes the Live Response API and Library API capabilities for macOS and Linux. [attachment=34071:name] Network and Web Protection capabilities for macOS are now Generally Available. Microsoft is incrementally rolling out this functionality for all macOS devices to enable Network Protection with target completion, subject to change, by 3/24/23. [attachment=34072:name] Deploy Microsoft Defender for Endpoint on Linux using Saltstack. This article helps guide users who wish to deploy Microsoft Defender for Endpoint on Linux using Saltstack. Microsoft Defender for Cloud Apps [attachment=34073:name] Malware detection policy governance actions now available in public preview. Automatic actions for files detected by the malware detection policy are now available as part of the policy configuration. The actions differ from app to app. [attachment=34074:name] Improve your app posture and hygiene using Microsoft Defender for Cloud Apps. We are excited to share that our expanded SaaS Security Posture Management (SSPM) capabilities in Defender for Cloud Apps are now in public preview. In this post, we will also allow a peak into the new App Hygiene features which will be rolling out in the coming weeks. [attachment=34075:name] Microsoft shifts to a comprehensive SaaS Security solution. Learn how Microsoft Security is transforming its cloud access security broker to a software as a service security solution, empowering organizations to adopt a modern approach to protecting cloud apps. [attachment=34076:name] Defender for Cloud Apps SaaS Security Ask Me Anything (AMA). If you missed the LIVE AMA on Feb 21st, you can read through the many questions and answers here. [attachment=34077:name] App Governance app hygiene features are in public preview. Microsoft Defender for Cloud Apps - App Governance's app hygiene features are now in public preview! This release provides insights and controls on unused apps, unused credentials, and expiring credentials. [attachment=34078:name] Webinar recording from February 1st: Protect, Detect, and Respond to Malicious OAuth Applications Abusing Cloud E-mail Services. You can also access the deck presented here. Microsoft Defender for Identity [attachment=34079:name] Defender for Identity now detects suspicious certificate usage. Many of the techniques for abusing Active Directory Certificate Services (AD CS) involve the use of a certificate in some phase of the attack. Learn more about it and the new detection in this blog post. [attachment=34080:name] Defender for Identity honeytoken alert improvement: now Defender for Identity detects if the honeytoken was involved in a domain queries, if their attributes were modified, if their group membership was changed or any authentication activity was preformed [attachment=34081:name] POC Mode. When enabled, every alert that is based on learning or profiling will be triggered instantly. [attachment=34082:name] Sending alerts directly to Microsoft 365 Defender. We have switched our primary way of sending alerts to Microsoft 365 Defender: From now on, every Defender for Identity alert will be sent directly to Microsoft 365 Defender (and not through Defender for Cloud Apps) this should reduce any latency customer experienced. Microsoft Defender for Office 365 [attachment=34083:name] Best email security service of 2023 award by SE Labs. For this award, Microsoft Defender for Office 365 was evaluated on a combination of quantitative and qualitative factors alongside other cybersecurity vendors. Based on these results Defender for Office 365 received the highest levels of customer satisfaction, compared to other vendors in the evaluation. [attachment=34084:name] Introducing the New Post-delivery Activities Report in Defender for Office 365. This new report highlights messages that have been acted upon or moved by Microsoft after they have been delivered to the inbox. Microsoft Defender Vulnerability Management [attachment=34085:name] Mitigate risks with application block in Defender Vulnerability Management. To help with risk mitigation, Defender Vulnerability Management users can leverage the application block feature to take immediate action to block all currently known vulnerable versions of applications. [attachment=34086:name] New security posture solution published. A new solution to help you strengthen your organization's security posture using capabilities available in Microsoft 365 Defender and other Microsoft security products, such as Defender for Endpoint and Defender Vulnerability Management. Continue reading...

The global market for data security solutions is growing rapidly. The increasing volume of sensitive data, multi-cloud hybrid environments, and the growing threat of cyber-attacks and internal data breaches primarily drives it. Of organizations surveyed in 2022, 83% have experienced more than one data breach, and internal actors within the organization caused 20% of those breaches. The average cost of one data breach was approximately 4.2 million dollars. How can organizations minimize these risks? This month's episode of Uncovering Hidden Risks will discuss how customers can plan a comprehensive data protection strategy as they continue their digital transformation efforts. We will cover how to balance data security and productivity and create an end-to-end protection strategy. Raman Kaylan, Director of Product Marketing for Microsoft Security and a former host of this Uncovering Hidden Risks podcast, joins current host Erica Toelle as the episode guest. Our guest host is Liz Willets, a Sr. Product Marketing Manager on the Microsoft Purview team who leads the cross-suite efforts around data security solutions. Together, we'll explore how comprehensive data security can protect your organization. In this episode, we'll cover the following: Why a comprehensive data security approach is an important consideration for companies today. How you can implement comprehensive data security without hindering employee productivity. How teams can get started on their data security strategy. What steps teams and companies can take to implement an effective data security strategy. Listen to this episode on your favorite podcast platform: Main show page Apple Podcasts Spotify Google Podcasts Amazon RSS Feed Please see this blog for more information about how Adaptive Protection in Microsoft Purview helps provide people-centric data protection for a multiplatform world. To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity. Continue reading...

Welcome to Bash for Beginners https://aka.ms/bashforbeginners What is Bash? Bash is a command-line shell that is widely used in many operating systems, including Linux, macOS, and Windows (with the Windows Subsystem for Linux). Bash is considered a universal language when it comes to cloud computing and programming. About the course https://aka.ms/bashforbeginners Many languages support Bash commands to pass data and information and when it comes to the Cloud, all platforms support using it to interact with your environment. Even though we won't cover everything there is to know about this language in the course, we want to make sure we give you the foundation on scripting in Bash. Students and command line skills Learning command line skills such bash can be beneficial for students in several ways: Improve technical skills: Students who learn bash gain valuable technical skills in operating systems and command-line interfaces, which can be useful in fields such as computer science, data science, and cybersecurity. Automate tasks: Bash scripting can be used to automate repetitive tasks, which can save time and reduce errors. Students can use this skill to streamline their workflow, manage large datasets, or run simulations. Enhance problem-solving abilities: Bash requires students to think logically and systematically, which can improve their problem-solving abilities. By breaking down problems into smaller steps and executing them in a structured manner, students can develop a systematic approach to problem-solving. Facilitate collaboration: Bash is a widely used tool in the technology industry, particularly in software development. By learning bash, students can collaborate more effectively with developers and system administrators and be better prepared for roles in technology-focused organizations. Foster a growth mindset: Learning a new skill like bash requires perseverance and patience. By working through challenges and making progress, students can develop a growth mindset that can be applied to other areas of their lives. Overall, learning bash can equip students with technical skills, problem-solving abilities, and a growth mindset that can help them succeed in a variety of fields and with Microsoft Learn we provide a number of hands-on labs and exercises Get started with the Linux command line and the Shell - Training via Microsoft Learn. Why use/try bash Here are some reasons why learning bash can be beneficial: Automation: With bash, you can write scripts to automate repetitive tasks and streamline your workflow. This can save you time and reduce errors. System Administration: As a powerful tool, bash is often used in system administration tasks, such as managing users, configuring networks, and monitoring system resources. Compatibility: Bash is installed by default on most Unix-like systems, which means you can use the same scripts across different platforms. Accessibility: With a basic understanding of bash, you can access and manage your computer through the command line, which can be helpful in situations where a graphical interface is not available. Collaboration: Many software development projects rely on bash scripts for building and testing their software, so learning bash can help you contribute to open-source projects and collaborate with others. Conclusion Overall, learning bash can help you become more proficient in system administration, programming, and automation, making you a more effective and efficient use scripts and command line interactions. At the end of the course, you'll be able to create your own scripts and automate tasks with the help of Bash. Additional Resources Student Hub Overview - Microsoft Learn Student Hub Microsoft Azure for Student $100 of Cloud Credit for Student Control Azure services with the CLI - Training Get started with Windows Subsystem for Linux (WSL). - Training Continue reading...