#ITPro in a DevOps world, Sr. Site Reliability Eng. @ MSFT. Montanan at ❤️! My tweets are my own & not a reflection of my employer. They are happy about that 👍
666 stories
·
2 followers

Introducing bulk resubmit and cancel for cloud flows

1 Comment
Announcing bulk resubmit and cancel Resubmitting or canceling your flows is easy! All you need to do is to go to the Run history page and select the cloud flows you would like to resubmit or cancel and hit resubmit or cancel in the ribbon. That’s it! Once you have resubmitted or canceled the flow run, you will be able to see your canceled flows and successful resubmitted flow runs. Want to learn more about resubmitting or canceling cloud flows in bulk? Check out our step-by-step guide here. Got ideas for Power Automate? Let us know! Join the Power automate community and submit ideas, get help, and report issues.
Read the whole story
jshoq
1 day ago
reply
I can't wait to use this when my Flows within Power Automate fail for one reason or another.
JS
Seattle, WA
Share this story
Delete

Report: Apple Could Ship First iPhone With USB-C Port in 2023

1 Comment

Apple could be getting ready to replace the Lightning ports on its iPhones with standard USB-C ports starting next year.

The post Report: Apple Could Ship First iPhone With USB-C Port in 2023 appeared first on Thurrott.com.

Read the whole story
jshoq
4 days ago
reply
I will be interested to see if they do fully switch to USB-C. This would be a major step for Apple to give up on their standard for an industry standard. It would make several of my cables obsolete.
JS
Seattle, WA
Share this story
Delete

Microsoft Releases Physical Copies of Windows 11

1 Comment

Microsoft has now released physical copies of Windows 11, a little more than six months after the release of the OS.

The post Microsoft Releases Physical Copies of Windows 11 appeared first on Thurrott.com.

Read the whole story
jshoq
4 days ago
reply
Box product? Ummm ... okay. I guess this is a nice thing to purchase.
JS
Seattle, WA
Share this story
Delete

Fortnite Becomes First Free-to-Play Game on Xbox Cloud Gaming

1 Comment

Microsoft has teamed up with Epic Games to make Fortnite the first free-to-play game available on Xbox Cloud Gaming.

The post Fortnite Becomes First Free-to-Play Game on Xbox Cloud Gaming appeared first on Thurrott.com.

Read the whole story
jshoq
4 days ago
reply
This is pretty cool and a great way for Microsoft to work with Epic on how to work around Apple and Google a bit.
JS
Seattle, WA
Share this story
Delete

Microsoft Confirms May 2022 Patch Tuesday Updates Cause AD Authentication Issues

1 Comment

Microsoft has acknowledged a new issue that causes authentication failures on the server or client machines for some Windows services. The company has confirmed on the Windows Health Dashboard that it’s actively investigating the bug, and a permanent fix would be available in the upcoming release.

The first bug reports started to surface earlier this week, with several Windows Admins reporting that some Network Policy Server (NPS) policies failed to work after installing the May 2022 Patch Tuesday Updates. NPS policies allow IT Pros to create org-wide network access policies for connection request authentication.

The Reddit reports suggest that the authentication fails with the following error message: “Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing account or the password was incorrect.”

Microsoft confirmed that this issue affects Windows Servers machines used as domain controllers. However, it doesn’t impact non-domain controller Windows Servers and client Windows devices.

“After installing updates released May 10, 2022 on your domain controllers, you might see authentication failures on the server or client for services such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). An issue has been found related to how the mapping of certificates to machine accounts is being handled by the domain controller,” the company explained on the Windows Health Dashboard.

Microsoft provides a workaround to fix AD authentication issues

Microsoft has also provided a few workarounds to help IT Admins fix this issue. The company recommends customers to manually map certificates to a machine account in Azure Active Directory. Microsoft has also provided additional mitigations for environments where the aforementioned workaround doesn’t resolve the issue, and you can find more details in the SChannel registry key section of this support page.

Did you encounter any issues after installing the May 2022 Patch Tuesday Updates on your Windows Server devices? Let us know in the comments section below.

Read the whole story
jshoq
4 days ago
reply
This is disheartening. I know IT Pros want to install the updates as fast as possible but when they have issues with security updates, it makes them pause and wait to install the updates. You should use a methodology to test patching and then install into production later. However, not many IT organizations run a separate test AD.
JS
Seattle, WA
Share this story
Delete

Getting Started with Microsoft 365 Business Premium

1 Comment

Microsoft 365 Business Premium, previously known as Microsoft 365 Business, is a subscription service packed with productivity and security management features. It’s designed specifically for organizations with fewer than 300 users, and it is more feature-rich than Microsoft 365 Enterprise E3.

What’s included in Microsoft 365 Business Premium?

The Microsoft 365 business suite of products includes Microsoft 365 Business Basic, Microsoft 365 Business Standard, and Microsoft 365 Business Premium. Each of these offerings targets the small to medium enterprise market, and they’re limited to a maximum of 300 licenses per tenant.

Cost-wise, Microsoft 365 Business Basic is the most affordable subscription priced at $6 per user per month. For approximately double the monthly fee, you can access Microsoft 365 Business Standard for $12.50 per user/month. Nearly double that cost again and you’ve got Microsoft 365 Business premium at $22 per user/month.

You can see a comparison of the three different Microsoft 365 Business plans below:

FeaturesM365 Business Basic M365 Business Standard M365 Business Premium
Microsoft Teams collaborationIncludedIncluded Included
Office Web AppsIncluded Included Included
Office Desktop AppsIncluded Included
Microsoft Defender for BusinessIncluded
Microsoft Defender for Office 365Included
Enterprise Mobility & Security

Azure AD Premium:
– Multi-Factor Authentication
– Conditional Access
– Self-Service Password Reset
Intune:
– Mobile Device Management
– Endpoint Analytics
Included
Windows 10 BusinessIncluded
Microsoft Business Feature Comparison

With the inclusion of Microsoft Defender for Business, Microsoft Defender for Office 365, and Azure Active Directory Premium Plan 1, Microsoft 365 Business Premium offers significantly more features than its cheaper counterparts.

How to sign up for a 30-day trial

It’s really easy to get started with Microsoft 365 Business Premium, as there’s a free 30-day trial that will give you full access to all the features you need.

Initial steps

  1. Open the Microsoft 365 Business Trial signup page.
  2. Scroll to Microsoft 365 Business Premium and choose Try free for one month.
Microsoft 365 Business trial signup page
Microsoft 365 Business trial signup page
  1. On the signup page, enter any email address that does not currently have a Microsoft 365 subscription – this is just used for login verification. You’ll be setting up a new email address as part of the trial.
 Enter any email address that doesn't currently have a Microsoft 365 subscription
Enter any email address that doesn’t currently have a Microsoft 365 subscription
  1. At the Let’s get you started prompt, choose Set up account.
After entering your email address, click on Set up account
After entering your email address, click on Set up account
  1. In the Tell us about yourself section, enter the required details and choose Next.
  2. Verify your information by completing the verification steps.

Specify how you’ll sign in

In the following step, you need to determine the Username and Domain Name that will be used for you to sign into the new environment. The Username portion sits in front of the @ symbol. The Domain Name portion sits after the @ symbol and always ends with “.onmicrosoft.com”.

The Domain Name you choose must be globally unique. Microsoft will provide suggestions, but you’ll be able to change your domain at any time with your own customized domain.

When combined, the Username and Domain Name form a User Principal Name (or UPN), which is often likened to an Email Address. In the example below, my UPN is “Dean@firstcoffee2.onmicrosoft.com.”

You need to choose a User Principal Name (UPN)
You need to choose a User Principal Name (UPN)

Whilst this UPN is the method you, as the administrator, will use to authenticate to the new environment initially, it is not necessarily the format that my users will use to sign-in. As part of the tenant setup, we can configure a Custom Domain such as “firstcoffee.co.uk” to make user sign-ins more friendly.

Once you have settled upon a Username and Domain Name, just choose Save and choose a password.

Adding a payment method

Quantity and Payment is the next section. It’s important to understand that by continuing, you’ll be agreeing to a contract with Microsoft for the provision of the Microsoft 365 Business Premium service. Payment information is required as, unless you cancel the trial, it will convert until a 12 month paid subscription.

The Quantity and Payment selection screen
Quantity and Payment selection screen

In the Quantity and Payment section, choose any number of licenses up to 25. As long as you choose a number up to 25, you’ll be eligible for the trial and no payment is required at this stage.

It’s worth noting that, regardless of the number of licenses specified here, 25 licences are provided for the duration of the 30 day trial.

Complete this section by adding a payment method and choosing Start Trial.

Add a payment method and start the Microsoft 365 Business Premium trial
Add a payment method and start the trial

Remove the payment method from your Trial Subscription

Unless you’re hoping to continue the use of Microsoft 365 Business Premium once the 30-day trial period is over, it’s important to complete a few steps to ensure you won’t be charged or begin a 12-month subscription.

When you reach the Confirmation details step, choose Manage your subscription.

Choose Manage your subscription when you reach the Confirmation details step
Choose Manage your subscription when you reach the Confirmation details step

From the Your Products page, choose the More actions option from the ellipsis menu, then choose Edit recurring billing.

Choose edit recurring billing for your Microsoft 365 Business Premium subscription
Choose edit recurring billing

By default, the recurring billing option is set to On, meaning renewal will be automatic and purchased 30 days from the start of the trial. Select Off at this prompt to ensure the trial will cancel after the initial free period.

Toggle recurring billing to Off for your Microsoft 365 Business Premium subscription
Toggle recurring billing to Off

Next, you need to confirm that the trial will expire by reviewing the updated Your Products page. Take a look at the Purchased Quantity and Subscription Status columns to check the trial quantity and expiration date.

Check the trial quantity and expiration date for your Microsoft 365 Business Premium subscription
Check the trial quantity and expiration date

Configure trial users and assign licenses

With the trial now configured, we can assign licenses for up to 24 additional users in the Microsoft 365 Admin Center, in addition to our Administrative account. We’ll start by creating two test users and assigning licenses to them.

Adding new trial users

Our first test user is Jenny Tester, and the second one is Paige Tester. You can use these examples or create your own, either way, be sure to make a note of the credentials you set for future testing.

  1. Visit the Microsoft 365 Admin Center and browse to the Home screen.
The Microsoft 365 Admin Center Home screen
The Microsoft 365 Admin Center Home screen
  1. Under Your organization, choose Add a user.
Add a user on the Microsoft 365 Admin Center
Add a user on the Microsoft 365 Admin Center
  1. In the Set up the basics screen, enter the information for your first test user including the username and domain.
Enter the information for your first test user including the username and domain
Enter the information for your first test user including the username and domain

When completing the details for our first user, note the available options within the Domains dropdown box. We’re limited to the domain we set up when during the How you’ll sign in step earlier. We will update this once we’ve completed the setup of this user.

  1. Untick Automatically create a password.
  2. Choose a Password and choose Next.
  3. At the Assign product licenses screen, you need to ensure that the correct Location has been set automatically, then tick the box next to Microsoft 365 Business Premium.
Choose the correct location and assign the user a product license
Choose the correct location and assign the user a product license
  1. Complete the remaining wizard screens without making changes to the defaults.

Once complete, our first test user will be available and have a license.

Create a custom domain for easier login

A domain is the portion of an email address after the @ symbol, or after “www.”. They are typically used to make it easier for you or your customers to find your specific web service or app.

You can add a maximum of 5,000 domains to your Microsoft 365 subscription, but you can’t add a domain that you’re already using in another Microsoft 365 or Office 365 service.

Here are the steps you need to follow to use a custom domain with your Microsoft 365 Business Premium subscription:

  1. From the navigation pane, choose Setup.
Choose Setup from the navigation pane in the Microsoft 365 Admin Center
Choose Setup from the navigation pane
  1. Next, scroll to the Sign-in and security actions, then choose Get your custom domain set up.
Choose Get your custom domain set up
Choose Get your custom domain set up
  1. Review the user impact statement:

If you don’t connect your domain to ‎Microsoft 365‎, your users will sign in to their apps and use email with their default “‎yourdomain.onmicrosoft.com‎” domain.

It’s easiest to add a custom domain before you add your users. Otherwise, you’ll need to update your users’ username when you connect your domain.

  1. Choose Get Started.
Choose Get Started to connect your domain to Microsoft 365
  1. At the Add a domain prompt, enter the domain name that you would like to use. It’s important that you already own this domain before entering it here. If you don’t already own a domain, take a look at this guide to learn how to purchase one.
Enter the domain name you would like to use
Enter the domain name you would like to use

It’s possible that your domain registrar may be compatible with the Microsoft 365 domain verification process. GoDaddy, for example, supports automatic verification via the wizard.

When entering your domain, it is checked against the list of supported registrars. If supported, you’ll be asked how do you want to verify your domain.

  1. Choose to Sign in to [your registrar], and complete the wizard steps to verify your domain.
Choose Sign in to your registrar to verify your domain
Choose Sign in to your registrar to verify your domain
  1. Once your domain setup is complete, choose Done.
Domain setup is now complete
Domain setup is now complete

Update the primary email address and username of your users

Now that we configured our custom domain to use with our Microsoft 365 Business Premium subscription, we can change the primary email address and username of our test users.

Here’s how to do it:

  1. From the Microsoft 365 Admin Center home screen, choose Users, then select the user you’d like to modify.
  2. In the flyout menu, choose Manage username and email.
Choose Manage username and email of your user
Choose Manage username and email of your user
  1. Update the Primary email address and username to match your new custom domain.

Note: You don’t need to add an alias here. This will not change the user’s login username and would simply give them an additional address to receive email.

We've now changed the primary email address and username for this user
We’ve now changed the primary email address and username for this user

Understanding default security controls

By default, all Microsoft 365 environments created after 2019 have security controls enabled by… default. Tenants created prior to this date will not have these security controls enabled automatically, though the option is available. The controls are available at no additional cost, and provide a great foundational layer of security.

The following security controls are enabled and managed by IT admins:

Enforcing Azure Multi-Factor Authentication registration for all users

All users in your tenant must register for Multi-Factor Authentication (MFA) in the form of the Azure AD MFA within 14 days. Registration is limited to the Microsoft Authenticator app. After the 14 days have passed, users will be prevented from signing in until they have completed registration.

Forcing Administrators to use Multi-Factor Authentication

Administrators have a greater level of access to the environment and therefore require increased levels of protection. With default security controls, administrators must complete an Azure AD MFA challenge every time they authenticate.

Blocking legacy authentication for all users

Legacy authentication refers to an authentication request from:

  • Clients that don’t use modern authentication.
  • Clients using older mail protocols such as IMAP, SMTP, or POP3.

Legacy authentication methods don’t support Multi-Factor Authentication, therefore they’re often used by attackers to bypass security controls. Default security controls in Microsoft 365 for Business will block all legacy authentication protocols for all users.

Requiring all users to perform Multi-Factor Authentication when appropriate

Whilst administrators are valuable targets for account compromise, attackers frequently target standard or low-privileged users. These are often less protected, but the information that can be gained from them can be valuable to an attacker when preparing for further attack.

Security Defaults will require all users to satisfy an MFA challenge whenever it is deemed necessary – this is determined by a number of risk factors such as location, device, role, and apps.

Enabling Intune

Intune is part of Microsoft’s full-featured Endpoint Management platform, Microsoft Endpoint Manager. It supports the management of Windows, iOS, Android, macOS, and Linux devices via Mobile Device Management.

Azure Active Directory supports multiple Mobile Device Management (MDM) platforms, but Intune is enabled by default. You can verify this by visiting the Mobility (MDM and MAM) blade in the Azure Active Directory Admin Center.

Check the Mobility (MDM and MAM) menu in the Azure Active Directory Admin Center
Check the Mobility (MDM and MAM) menu in the Azure Active Directory Admin Center

The Mobility screen lists Microsoft Intune and Microsoft Intune Enrollment in some cases. Choose Microsoft Intune in this case.

Choose Microsoft Intune in the Mobility (MDM and MAM) screen
Choose Microsoft Intune in the Mobility (MDM and MAM) screen

Confirm that the MDM user scope is set to All.

Check that the MDM user scope is set to All.
Check the MDM user scope

Review Microsoft 365 Business Premium services

As mentioned at the beginning of this article, Microsoft 365 Business Premium is packed full of features – too many to describe them all in detail here.

Of all the features available within Microsoft 365 Business Premium, those that are security-related stand out the most. Features such as Microsoft Defender for Business, which is essentially a slightly more feature-rich version of Microsoft Defender for Endpoint Plan 1, brings enterprise-grade security to the small business market.

Similarly, Microsoft Defender for Office 365 is of great value, giving additional protection for email and collaboration over and above the standard protections built into Exchange Online. Finally, Azure Active Directory Premium Plan 1 brings the Azure AD Multi-Factor authentication capability, along with Conditional Access and Self-Service Password Reset.

Now that we’ve completed trial signup, created users and assigned them licenses, secured the environment, and enabled Intune, we’re ready to begin trying out some of the features of Microsoft 365 Business Premium. From here, it’s a good idea to get familiar with the capabilities of Microsoft Endpoint Manager (Intune) – take a look at our guide which covers Managing Windows Devices with Microsoft Endpoint Manager (Intune).

Read the whole story
jshoq
4 days ago
reply
If you are a small business, you can still get the services that the "big companies" get. Look through here and think about what you need. Microsoft 365 Business Premium is a great offering for small businesses that need that level of tooling.
JS
Seattle, WA
Share this story
Delete
Next Page of Stories