Category: Skype for Business

November 26th, 2020 by Author

When enrolling new or existing Windows 10 devices into Microsoft Endpoint Manager, the user may not be able to see the available straight away as shown below;

Screenshot of no device shown.

The resolution for this is a very simple one from the Company Portal

http://portal.manage.microsoft.com go to ‘Devices’

Select Tap here.

Screenshot of my devices.

On the next screen, select your device to enroll it.

Screenshot of selecting which device.

You are returned to My Devices. The device should show a green check, as shown in the following screenshot.

Screenshot of my devices.

Return to the Apps screen. The applications should now be visible.

Screenshot of apps displayed.

Regards
The Author – Blogabout.Cloud

Posted in Skype for Business

November 26th, 2020 by Rudy Mens

One of the most requested features on the Office 365 Uservoice is the support for Office 365 Plus Addressing, also known as subaddressing. Plus addressing allows users to dynamically create recipient email addresses, that can be used as disposable email addresses or for filtering in ... Read moreOffice 365 Plus Addressing – How To enable it

The post Office 365 Plus Addressing – How To enable it appeared first on LazyAdmin.

Posted in Skype for Business

November 26th, 2020 by Brent Middleton

Note: This is an excerpt from “Automation in Records Management and Information Governance,” a collaborative report we released with AIIM. The report is available to view at no charge and is based on data from over 220 surveyees with contributions from a panel of industry experts.  


For three out of every four organizations (76%), change management is a challenge when it comes to planning governance initiatives. Interestingly, the results are roughly the same for both Experienced Users and Potential Users.

“Change management” is one of those terms that is used constantly in discussions of the perils facing information management implementations. But what exactly is it? AIIM’s CIP Study Guide notes, “Change management is the application of the set of tools, processes, skills, and principles for managing the people side of change to achieve the required outcomes of a change project or initiative…

Changing the habits, priorities and day-to-day activities of information workers is also part of meeting deployment objectives. A program and dedicated plan to manage the change in employee behaviors to parallel the changes in tools or procedures is essential to success.” The AIIM Confident Change Management course provides a good baseline in understanding these issues.

change management

The specific change management issues cited vary from organization to organization, but they are usually drawn from this list:

  • Poor communication from senior executives
  • Those who say, “We’ve always done it this way”
  • Lack of timely user input and participation in system design
  • Change that occurs faster than employees can handle
  • Concern about potential job loss from automation
  • Ineffective or poorly timed training
  • Poor follow-through on change management initiatives
  • Poor process documentation

It is important when starting a governance automation initiative to get a solid change management foundation in place during the early stages of your potential implementation: 1) When you are building the vision and 2) During your initial inventory of capabilities and stakeholders. Too often, organizations rush forward without putting these basic elements in place.

In following these steps, organizations can “bake” change management into the project in its earliest stages:

1. Identify a core cross-functional group to drive the initiative and get AIIM training to establish a common language and framework.

2. Use this framework to understand “why” your organization should consider a governance automation initiative – not generally, but in the specific business and competitive context of your organization.

3. Develop a process automation strategy document – e.g., a document laying out a vision, key performance indicators, critical success factors, success measures.

change management

4. Identify an executive sponsor for the initiative and get buy-in on the strategy document.

5. Evaluate which processes are initially best suited for the initiative.

6. Within the context of the targets, identify the roles and responsibilities required for change – e.g., sponsors, champions, management, specialists, business users, legal, and others.

7. Conduct an initial assessment of the current state of the process targets and the systems that support them.

8. Identify the expected benefits from automating these processes – customer, risk, compliance, financial, consistency, and prioritize initial process targets.

What the panel thinks:

“You need everyone at the table – records people, content, people, knowledge people, data people – and they all need to get along and understand how they all are a part of the success of driving the decision engine of your organization.”

“Change management needs to start when you build your initial strategy, when you build your initial proposals. You need to build change management into it from the start.”

To learn what our full panel of seven industry experts has to say about this topic, download the full AIIM report here.


Subscribe to our blog to keep up with all of AvePoint’s latest resources.

Posted in Skype for Business

November 26th, 2020 by Waldek Mastykarz

Handle app button events in Microsoft Teams tabs

Did you know that you can respond to user clicking on the app button of your Microsoft Teams personal app?

Embed web apps in Microsoft Teams through custom tabs

If you have a custom web app, you can expose it in Microsoft Teams as a custom tab. This is a great way to bring your app to where your users are and let them access important information in the context of their work.

By embedding your app in Teams, you lower the threshold for users to work with your app. What's more, if you expose your app as a personal app, users will be able to access it directly from the left rail no matter where in Teams they are.

Build full-page tabs in Microsoft Teams

In my recent article, I showed you how you can remove the tab-header bar in your Microsoft Teams personal app to provide users with a more tailored experience.

Microsoft Teams app without the tab-header bar

Taking it a step further, did you know that you can interact with users clicking on your app's button in the left rail and for example, show a menu of your application?

Animated gif showing user clicking on the app button in the left rail and the tab showing a sliding panel with some menu options

Handle app button events in Microsoft Teams tabs

In version 1.8 of Microsoft Teams JS SDK, Microsoft introduced three new handlers for responding to users interacting with the app button: registerAppButtonClickHandler, registerAppButtonHoverEnterHandler and registerAppButtonHoverLeaveHandler. These handlers allow you to respond to users respectively clicking, hovering over and hovering away from the app button of your app when pinned in the left rail.

On the first interaction with the app button, your app opens, just as usual.

Animated gif showing user opening a personal app pinned in the left rail in Microsoft Teams

Once your app is open though, if user clicks on the app button again, it will trigger your event handler, showing for example a menu panel.

Animated gif showing user clicking on the app button in the left rail and the tab showing a sliding panel with some menu options

Following code snippets are based on tab code scaffolded using yo teams.

To implement this behavior, you'd start with registering a handler for one or more app button events in the componentWillMount method of your component:

export class OverviewTab extends TeamsBaseComponent<IOverviewTabProps, IOverviewTabState> {
    // [...] trimmed for brevity

    public async componentWillMount() {
        this.updateTheme(this.getQueryVariable("theme"));

        if (await this.inTeams()) {
            microsoftTeams.initialize();
            microsoftTeams.registerOnThemeChangeHandler(this.updateTheme);
            microsoftTeams.registerAppButtonClickHandler(() => this.handleAppButtonClick());
            microsoftTeams.getContext((context) => {
                microsoftTeams.appInitialization.notifySuccess();
                this.setState({
                    entityId: context.entityId
                });
                this.updateTheme(context.theme);
            });
        } else {
            this.setState({
                entityId: "This is not hosted in Microsoft Teams"
            });
        }
    }

    // [...] trimmed for brevity
}

If you wanted to show a panel with some options, the handleAppButtonClick method, could be similar to:

// [...] trimmed for brevity
import { teamsTheme } from "@fluentui/react-northstar";

export interface IOverviewTabState extends ITeamsBaseComponentState {
    entityId?: string;
    appMenuVisible: boolean;
}

// [...] trimmed for brevity

export class OverviewTab extends TeamsBaseComponent<IOverviewTabProps, IOverviewTabState> {
    constructor(props: IOverviewTabProps) {
        super(props);

        this.state = {
            appMenuVisible: false,
            theme: teamsTheme
        };
    }

    // [...] trimmed for brevity

    private handleAppButtonClick() {
        this.setState((prevState, props) => {
            return {
                appMenuVisible: !prevState.appMenuVisible
            };
        });
    }
}

Finally, in the render method, you'd display the panel:

import { Panel, PanelType } from "@fluentui/react/lib/Panel";

// [...] trimmed for brevity

export class OverviewTab extends TeamsBaseComponent<IOverviewTabProps, IOverviewTabState> {
    // [...] trimmed for brevity

    /**
     * The render() method to create the UI of the tab
     */
    public render() {
        return (
            <Provider theme={this.state.theme}>
                <Panel
                    isLightDismiss
                    headerText="Menu"
                    isOpen={this.state.appMenuVisible}
                    onDismiss={() => this.setState({appMenuVisible: false})}
                    type={PanelType.smallFixedNear}>
                    <p>Options</p>
                </Panel>
                {/* [...] trimmed for brevity */}
            </Provider>
        );
    }

    private handleAppButtonClick() {
        this.setState((prevState, props) => {
            return {
                appMenuVisible: !prevState.appMenuVisible
            };
        });
    }
}

At this moment, Fluent UI Northstar, used by default in code scaffolded by yo teams, doesn't offer a panel component. Instead, you'd need to install @fluentui/react and load it from there.

While this example illustrates using the click-event to show a side-panel with navigation, the possibilities are endless and limited only by your creativity.

For more information about these new event handlers see the documentation.

Posted in Skype for Business

November 26th, 2020 by Rudy Mens

The Outlook PST files are a great way to import and export mail and are often used for making backups of your mail. OST files, on the other hand, can’t be imported, but they do contain all your mail items. So how can we convert ... Read moreHow to Convert from OST to PST

The post How to Convert from OST to PST appeared first on LazyAdmin.

Posted in Skype for Business

November 26th, 2020 by SPDev_Support

Seems creating O365 Group sites via CSOM not working. We have to use Graph API and this sample should help get started. ROPC authentication is used. Delegated authentication should also work but not tested.

 

Setup Steps:
1] Setup Native App in AAD.
2] Copy the App Id as you will need to provide it later in the code.
3] Provide following Delegated Graph API permissions.

Groups.ReadWite.All, Directory.ReadWrite.All, openid, Team.Create, User.Read 
4] Grant Admin consent.
5] See screenshot below:

SPDev_Support_0-1606358317055.png

 

6] Sample C# code to Create O365 Group site with Teams:

 

 

 

using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Collections.Generic;
using System.Threading.Tasks;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;
using System.Text;

namespace CreateGroupMultiGeo
{
    class Program
    {
        static async Task Main(string[] args)
        {
            string clientId = "50168119-04dd-0000-0000-000000000000";
            string email = "someuser@spotenant.onmicrosoft.com";
            string passwordStr = "password

            var req = new HttpRequestMessage(HttpMethod.Post, "https://login.microsoftonline.com/bc8dcd4c-0d60-0000-0000-000000000000/oauth2/token")
            {
                Content = new FormUrlEncodedContent(new Dictionary<string, string>
                {
                    ["resource"] = "https://graph.microsoft.com",
                    ["grant_type"] = "password",
                    ["client_id"] = clientId,
                    ["username"] = email,
                    ["password"] = passwordStr,
                    ["scope"] = "openid"
                })
            };

            HttpClient httpClient = new HttpClient();

            var res = await httpClient.SendAsync(req);

            string json = await res.Content.ReadAsStringAsync();

            if (!res.IsSuccessStatusCode)
            {
                throw new Exception("Failed to acquire token: " + json);
            }
            var result = (JObject)JsonConvert.DeserializeObject(json);
            //create a group

            HttpClient httpClientGroup = new HttpClient();

            httpClientGroup.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.Value<string>("access_token"));

            // Create a string variable and get user input from the keyboard and store it in the variable
            string grpName = "MultiGeoGraphAPIGrp1";

            string contentGroup = @"{
              'displayName': '" + grpName + @"',"
              + @"'groupTypes': ['Unified'],
              'mailEnabled': true,
              'mailNickname': '" + grpName + @"',"
              + @"'securityEnabled': false,
              'visibility':'Public',
              'preferredDataLocation':'GBR',
              'owners@odata.bind': ['https://graph.microsoft.com/v1.0/users/ecc0fc81-244b-0000-0000-000000000000']
            }";

            var httpContentGroup = new StringContent(contentGroup, Encoding.GetEncoding("utf-8"), "application/json");

            var responseGroup = httpClientGroup.PostAsync("https://graph.microsoft.com/v1.0/groups", httpContentGroup).Result;

            var content = await responseGroup.Content.ReadAsStringAsync();

            dynamic grp = JsonConvert.DeserializeObject<object>(content);

            Console.WriteLine(responseGroup.Content.ReadAsStringAsync().Result);

            System.Threading.Thread.Sleep(3000);

            //create a Team

            HttpClient httpClientTeam = new HttpClient();

            httpClientTeam.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", result.Value<string>("access_token"));

            //create a team

            string contentTeam = @"{ 
                'memberSettings': { 
                    'allowCreateUpdateChannels': true
                }, 
                'messagingSettings': { 
                    'allowUserEditMessages': true, 
                    'allowUserDeleteMessages': true 
                }, 
                'funSettings': { 
                    'allowGiphy': true, 
                    'giphyContentRating': 'strict' 
                }
            }";

            var httpContentTeam = new StringContent(contentTeam, Encoding.GetEncoding("utf-8"), "application/json");

            ////Refere: https://docs.microsoft.com/en-us/graph/api/team-put-teams?view=graph-rest-1.0&tabs=http
            var responseTeam = httpClientTeam.PutAsync(@"https://graph.microsoft.com/v1.0/groups/" + grp.id + @"/team", httpContentTeam).Result;

            Console.WriteLine(responseTeam.Content.ReadAsStringAsync().Result);

            Console.ReadKey();
        }
    }
}

 

 

 

 

 

 

 

 

 

 

 

Posted in Skype for Business

November 25th, 2020 by johnacook

https://docs.microsoft.com/en-us/MicrosoftTeams/teams-powershell-release-notes

Posted in Skype for Business

November 25th, 2020 by Teri Seals-Dormer

In 2020, the move toward digital transformation and Industry 4.0 took on new urgency with manufacturing and other critical infrastructure sectors under pressure to increase operational efficiency and reduce costs. But the cybersecurity model for operational technology (OT) was already shown to be lacking before the pandemic. A series of major cyberattacks across industries served as a wake-up call that the traditional “air-gapped” model for OT cybersecurity had become outdated in the era of IT/OT convergence and initiatives such as Smart Manufacturing and Smart Buildings. And the IoT and Industrial Internet of things (IIoT) are only getting bigger. Analysts predict we’ll have billions of IoT devices connected worldwide in a few years, drastically increasing the surface area for attacks.

Company boards and management teams are understandably concerned about increased safety and corporate liability risks as well as the financial impact of crippling downtime posed by IoT/OT breaches. They’re also concerned about losing sensitive IP such as proprietary formulas and product designs, since manufacturers are eight times more likely to be attacked for cyberespionage than other sectors, according to the 2020 Verizon DBIR.1

In my recent Microsoft Ignite presentation, Azure Defender for IoT including CyberX, I was joined by Nir Krumer, Principal PM Manager at Microsoft, to examine how the new Azure Defender for IoT incorporates CyberX’s agentless technology and IoT/OT-aware behavioral analytics, minimizing those risks by providing IT teams with continuous IoT/OT visibility into their industrial and critical infrastructure networks. You’re invited to view the full presentation and review some highlights below.

IT versus OT

Unlike information technology (IT) security, OT security is focused on securing physical processes and assets rather than digital assets like containers and SQL databases. Physical assets include devices like turbines, mixing tanks, HVAC systems in smart buildings and data centers, factory-floor machines, and more. In OT, the top focus is always on safety and availability. Availability means that your production facilities must be resilient and keep operating, because that’s where the revenue comes from. However, the biggest difference from IT security is that most chief information security officers (CISOs) and SOC teams today have little or no visibility into their OT risk, because they don’t have the multiple layers of controls and telemetry as we have in IT environments. And OT risk translates directly into business risk.

As recent history shows, attacks on OT are already underway. The TRITON attack on the safety controllers in a Middle East petrochemical facility was intended to cause major structural damage to the facility and possible loss of life. The attackers got their initial foothold in the IT network but subsequently used living-off-the-land (LOTL) tactics to gain remote access to the OT network, where they deployed their purpose-built malware. As this attack demonstrated, increased connectivity between IT and OT networks gives adversaries new ways of compromising unmanaged OT devices, which historically haven’t supported agents and are typically invisible to IT teams.

Purdue Model traversal in TRITON attack

Figure 1: Purdue Model traversal in TRITON attack.

How Azure Defender for IoT works for you

By incorporating agentless technology from Microsoft’s recent acquisition of CyberX, Azure Defender for IoT enables IT and OT teams to identify critical vulnerabilities and detect threats using IoT/OT-aware behavioral analytics and machine learning—all without impacting availability or performance.

In our Ignite presentation, we broke down five key capabilities provided by the product’s agentless security for unmanaged IoT/OT devices:

  • Asset discovery: Because you cannot protect what you do not know you have, Azure Defender tells you what IoT/OT devices are in your network and how they’re communicating with each other. Also, if you’re implementing a Zero Trust policy, you need to know how these devices are connected so you can segment them onto their own network and manage granular access to them.
  • Risk and vulnerability management: Azure Defender helps you identify vulnerabilities such as unauthorized devices, unpatched systems, unauthorized internet connections, and devices with unused open ports—so you can take a prioritized approach to mitigating IoT/OT risk for your crown jewel assets. These are the critical devices whose compromise would have a major impact on your organization, such as a safety incident, loss of revenue, or theft of sensitive IP.
  • Continuous IoT threat monitoring and response: Azure Defender continuously monitors the OT network using Layer 7 Deep Packet Inspection (DPI), informing you immediately when there has been unusual or unauthorized behavior, and empowering you to mitigate an attack before it causes a production failure or safety incident. It incorporates a deep understanding of all major industrial protocols (including Modbus, DNP3, Siemens S7, Ethernet/IP CIP, GE-SRTP, and Yokogawa) and patented, IoT/OT-aware behavioral analytics to detect threats faster and more accurately, with a far shorter learning period than generic baselining algorithms.
  • Operational efficiency: When you have malfunctioning or misconfigured equipment, you need to quickly figure out what went wrong. By providing deep visibility into what’s going on in the network—such as a misconfigured engineering workstation that’s constantly scanning the network—you can help your IoT/OT engineers quickly identify and address the root cause of those issues.
  • Unified IT/OT security monitoring and governance: Azure Defender for IoT is deeply integrated with Azure Sentinel and also supports third-party tools such as Splunk, IBM QRadar, and ServiceNow. This helps break down silos that slow communication between IT and OT teams, and creates a common language between them to quickly resolve issues. It also enables you to quickly address attacks that cross IT/OT boundaries (like TRITON), as well as leverage the workflows and training you spent years building in your security operations center (SOC)—so you can apply them to IoT and OT security as well.

Deployment Architecture

So, how does this system get deployed? Azure Defender for IoT uses a network sensor to capture a copy of the network traffic through the switch port analyzer (SPAN). It uses a technique called passive monitoring or network traffic analysis (NTA) to identify assets, vulnerabilities, and threats without impacting the performance or reliability of the IoT/OT network. The solution can be 100 percent on-premises, connected to Azure, or a hybrid of the two (for example, by forwarding alerts to Azure Sentinel).

Azure Defender for IoT uses an on-premises network sensor to capture and analyze all OT traffic. The solution can be deployed on-premises, connected to Azure, or in hybrid environments where the SIEM is cloud-based, as with Azure Sentinel.

Figure 2: Azure Defender for IoT uses an on-premises network sensor to capture and analyze all IoT/OT traffic. The solution can be deployed fully on-premises, or connected to Azure, or in hybrid environments where the SIEM is cloud-based, as with Azure Sentinel.

Azure Sentinel integration

To enable rapid detection and response for attacks that cross IT/OT boundaries, Azure Defender is deeply integrated with Azure Sentinel—Microsoft’s cloud-native SIEM/SOAR platform. As a SaaS-based solution, Azure Sentinel delivers reduced complexity, built-in scalability, lower total cost of ownership (TCO), and continuous threat intelligence and software updates. It also provides built-in IoT/OT security capabilities, including:

  • Deep integration with Azure Defender for IoT: Azure Sentinel provides rich contextual information about specialized OT devices and behaviors detected by Azure Defender—enabling your SOC teams to correlate and detect modern kill-chains that move laterally across IT/OT boundaries.
  • IoT/OT-specific SOAR playbooks: Sample playbooks enable automated actions to swiftly remediate IoT/OT threats.
  • IoT/OT-specific threat intelligence: In addition to the trillions of signals collected daily, Azure Sentinel now incorporates IoT/OT-specific threat intelligence provided by Section 52, our specialized security research team focused on IoT/OT malware, campaigns, and adversaries.

You are invited to watch our Microsoft Ignite presentation to learn more about Azure Defender for IoT, including a live demo of how deep integration with Azure Sentinel can be used to investigate multistage IT/OT attacks like TRITON.

Visit the Azure Defender for IoT website to learn more and try it for free during Public Preview. You can also learn more about Microsoft Security solutions by visiting our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

 


12020 Verizon DBIR, pages 36 and 59.

The post Go inside the new Azure Defender for IoT including CyberX appeared first on Microsoft Security.

Posted in Skype for Business

November 25th, 2020 by Author

In this post, we will detail how to deploy Win32 Apps with Endpoint Manager. We’ll deploy GitHub with the MSI installer as an example.

Win32 Apps Endpoint Manager Prerequisites

Intune Win32 Application

Prepare Endpoint Manager Win32 application

First, you need to “wrap” all the required files into an Endpoint Manager (Intune) format. To do so, Microsoft has a tool that will “convert” your application into a .intunewin file at the end of the process. The generated .intunewin file contains all compressed and encrypted source setup files and the encryption information to decrypt it.

Important Info
  • To view help, run IntuneWinAppUtil.exe -h.
  • Download the Microsoft Win32 Content Prep Tool and have the desired application source files.
  • Open a command prompt as admin and browse to the folder of IntuneWinAppUtil.exe
  • Run the following command line
    • IntuneWinAppUtil.exe -c <source folder> -s <source setup file> -o <output folder>
    • In this example we used an HP Driver: IntuneWinAppUtil.exe -c D:Intune -s GitHubDesktopSetup.msi -o d:intune

Create Microsoft Endpoint Manager Win32 Application

Endpoint Manager Win32 Apps
  • Select Windows app (Win32) from the App type drop list
  • On the App Information pane click Select App package file and select the previously created .intunewin file and click Ok
  • Complete the missing App Information. Click Next
  • Depending on the application format, install and uninstall command lines will be auto-completed. Adjust the parameter if needed. Click Next
  • On the Requirement pane, OS architecture and minimum OS are required. Click Next
Endpoint Manager Win32 Apps
  • Detection rules work the same way as in ConfigMgr application model. In the case of an MSI, it is simple. Select Manually configure detection rule, select rule type MSI and the MSI Product Code should be auto-populated. Click Next
  • On the Dependencies tab: Software dependencies are applications that must be installed before this application can be installed. Adjust if needed. Click Next
  • On the Assignment tab, select the group of users or computer to deploy the Win32 App
Endpoint Manager Win32 Apps
  • Review your Win32 App setting and click Create
  • At this point, it will upload the.IntuneWin file and soon after, a notification will display to say it’s ready to go!

Regards
The Author – Blogabout.Cloud

Posted in Skype for Business

November 25th, 2020 by Author

Additions : 3
Updates : 1

New FeaturesCurrent Status
Microsoft To Do: New sharing experience – Invite-Less SharingIn Development
Forms: Text Formatting (Bold, Italicize, and Underline) in Forms and QuizzesIn Development
Azure Active Directory: Application Proxy – Header-based authentication appsIn Development
Updated FeaturesCurrent StatusUpdate Type
Microsoft Teams: Live Event Presenters can now present from their iPad to the audienceIn DevelopmentTitle, Description

Regards
The Author – Blogabout.Cloud

Posted in Skype for Business