Monday, September 25, 2017

An introduction to Microsoft 365

image

At the Microsoft Inspire conference back in July 2017 Microsoft 365 was announced. In essence, it is a combination of 3 core products – Office 365, Windows 10 and part of the Enterprise Mobility Suite.

Microsoft 365 will come in two flavours – Business and Enterprise with different capabilities an inclusions as you can see from the following table.

image

The Microsoft 365 Enterprise plans are further broken up to an Microsoft 365 Enterprise E3 and Enterprise E5 offering. The prices shown in this table are US$.

Currently, the Microsoft 365 Enterprise offerings are available for purchase while it is expected the Microsoft 365 Business plans will be available before calendar (2017) year’s end. You can however, apply to obtain a trial of Microsoft 365 Business and you should do so through your distributor.

The power of Microsoft 365 is that it extends the functionality of Office 365 to environments that are moving more and more to the cloud. Doing so means many of the devices that access information are no longer inside or connected to a traditional network. This means a different set of tools and capabilities needs to be adopted to manage and secure this environment.

Likewise, customers expectations are to be up and running quickly with the latest software, no matter where they are and no matter what device they are all on. IT also expects to be able to manage and secure these devices and information from a single location. These are the benefits Microsoft 365 brings users and IT.

Technology is no longer about single monolithic solutions loosely coupled together. It is about making life easier and more productive for users and IT. It means being able to do all this via a single login and from a single console. That is what Microsoft 365 provides.

You’ll still get all the flexibility of Office 365, like the ability to mix and matches licenses with Microsoft 365. You’ll also get access to the latest updates and features of the products now and into the future and if you are a reseller you’ll also get the opportunity to help your customers solver more business challenges from within the Microsoft stack. This means more opportunity for your business.

I really like that Microsoft 365 brings together the best of Office 365 and Azure for customers. It does all this via a single identity and a feature set that continues to improve. If you haven’t as yet, take a look at Microsoft 365.

The history of BItcoin

I recently posted that CIAOPS was now accepting Bitcoin. The reasons behind this are to help better understand the blockchain technology on which Bitcoin is built. The best way to learn about something is to get involved, and that’s what I’ve done.

In that post I asked people to make a small bitcoin transfer to me to get things rolling. I am happy to say that I did receive one small payment, which is an indication that the underlying technology does work as expected. I’ll detail how all the transfer technology works and how to actually do it soon. If what I write here does provide you some value I’d appreciate a small donation via bitcoin. My bitcoin information appears on the right.

I am not expecting to be flooded with bitcoin transfers (although that would be nice) and the main reason for that is a lack of knowledge about what bitcoin is and how it works.

https://www.youtube.com/watch?v=QlvFg4NQYEQ

One of the places that you can start to learn more about bitcoin is to study it’s history. A great place to start this is the video Banking on Bitcoin (above). It doesn’t take you into the actual blockchain technology behind bitcoin, it looks at where the bitcoin currency came from, the main players and their involvement and how we got to where we are today.

I think that it is important here to understand that at it’s most basic bitcoin is a system of value transfer (i.e. currency) that is implemented using blockchain technology. I’ll get more into the actual blockchain technology down the track, as it is really the more interesting aspect of the story but think of blockchain as a open and distributed way to verify transactions. At the moment, most people use a credit card to transfer value. One of major differences between say a credit card and bitcoin is that all credit card transactions go through multiple agencies but are typically overseen by banks. The blockchain is effectively peer to peer with no one in the middle and done in such a way that all transactions are verified using cryptography. So extremely strong and secure cryptography takes the place of banks and intermediates when it comes to transferring value.

So bitcoin is a currency that is build on top of blockchain technology. It was one of the first to do this (now there are many) and this is why is probably has grabbed the majority of the mindset out there. Bitcoin has also been something that proves that the concept of blockchain technology does actually work. It shows that people can transfer real money between each other seamlessly.

However, as with any innovative technology, there is still a long for way to come, and many hurdles for it jump before it becomes mainstream. The documentary helps you understand this and shows you how bitcoin became linked to major crimes thanks to its involvement as a preferred payment method for the Silk Road (an illicit and obscure market place for contraband).

The financing of illegal activities has been part of humanity before bitcoin and will continue long after as well. Bitcoin was simply a method, a good method without doubt, for keeping payments secretive but this shouldn’t mean that it should be banned or even demonised. Unfortunately, today’s mainstream media did exactly this and tainted a lot of people’s concept of what bitcoin is all about. This may ultimately limit its growth but the more you understand about bitcoin the more you appreciate that much of the negative press it is receiving in the media is largely unjustified and misdirected.

Another negative challenge bitcoin has encountered over its history is the collapse of the Mt Gox exchange. You need someone to transfer bitcoin to and from dollar currency and this is the tasks of bitcoin exchanges. The Mt Gox collapse was a situation where the exchange itself either was hacked or failed due to poor business decision. It was not, as has been sensationalised a failure or vulnerability in the bitcoin and blockchain technology. However, because of its close association with bitcoin, the Mt Gox failure once again provided mainstream media an opportunity to sensationalise and misdirect people from what actually transpired.

So bitcoin has had a tumultuous history which is really worth understanding if you are at all interested in its potential. It also leaves some interesting questions unanswered. The major one is who was Satoshi Nakamoto, the creator of bitcoin? No one really knows for sure but the consensus is that was a group of people working together to give birth to the blockchain technology.

Another interesting fact is that bitcoin was released within a few weeks of the Lehman Brothers collapse, an event that accelerated the GFC. At a point at which the world had almost completely lost faith in the global banking and monetary system a potentially new a revolutionary system arose. One that was very akin to the distributed technology we see with the Internet. One that moved the control away from centralised institutions and into the control of individuals. Co-incidence?

From these early days, bitcoin has been adopted by the technology savvy who sees its potential to the point now where it is beginning to break into the mainstream consciousness and also coming onto the radar of governments and regulators.

I could go on for much longer but recommend you take a look at the documentary and form your own opinions. Let me know what you think in the comments as I’ll be posting up more information and opinions on bitcoin and blockchain as time goes along. I don’t claim to be an expert in these technologies at all, I am in the process of learning and understand the ramifications to economic and technology, so please share your thoughts and any resources you have found worthwhile as I am also doing.

Look out for more information on bitcoin and blockchain coming soon and of course, don’t forget to throw some bitcoin my way if you like what you read.      

Friday, September 22, 2017

Office 365 Cloud Self Service Password Resets

One thing that many may not realise with Office 365 is that you can enable users to reset their own passwords.

There are some conditions here when enabling this. If your environment does not have Azure AD Connect synchronizing users from on-premises to the cloud (i.e. what is known as ‘cloud only’ users) then you need no additions. If however, you do have a synchronized environment you will need to purchase Azure AD Premium, configure password write back and assign licenses to each user you wish to have self service password resets enabled for. This is because with an synchronized environment, the on premises domain controller is the source of all user details and from here it is hashed, encrypted and sync’ed to Office 365. Thus, if a user does change their password, using this cloud process, in a matter of moments that change is overwritten with what is on premises thanks to the synchronization configuration. However, Azure AD Premium provides two way password sync (on-prem to cloud and cloud to on prem). Thus, with Azure AD Premium in place, when a user resets their password in the cloud it gets sync’ed back to on premises. Without Azure AD Premium it doesn’t.

To enable self service password resets navigate to the Azure portal for that tenant using an Office 365 global administrator account.

image

You navigate there from the Office 365 Admin center by selecting Azure AD under the Admin centers option as shown above.

image

Locate the option Azure Active Directory from the list of options in the Azure portal on the left and select that.

image

image

From the blade that appears select Password Reset as shown above.

image

The Properties option allows you to enable password resets for selected or all users. Don’t forget to  press the Save button at the top when you have made your selection.

image

The Authentication methods allows you to determine how users will verify their identity when requesting their password to be reset.

They can be required for one or two forms of identity and there are four methods available – email, mobile phone, office phone and security questions.

In the case of security questions, you can select from 3 – 5 to be part of the registration process and 3 – 5 as being required to verify identity.

image

When you go to select security questions you are able to select a number of pre-defined or custom questions as well as mix of both as shown above.

Again, make sure that you Save your selections before continuing.

image

The Registration option allows you to force users to have to register their recovery options at next login or complete them manually.

image

The Notifications option allows you to set whether users are notified via email when their password is reset and whether all administrators are notified when any administrator resets their password.

image

The Customization option allow you to set a custom link users can refer to if they need further assistance with this process.

image

With all these options in place, and with users being forced to set their recovery options, the next time they login successfully they will see the above message prompting them to commence the recovery process.

Users should select Next to continue.

image

Users will now see the list of verification options that you set for them to complete. They need to work through all of these individually.

image

For example, with the mobile phone option, they enter their number and receive a code to verify.

image

With an email address verification they will receive a code that they need to verify.

Once the user has completed all the verification methods they will proceed to their Office 365 portal as normal.

image

When a user needs to reset their password they can select the link Can’t access your account? at the bottom of the login area.

They then be prompted to select a personal or work account. Normally, they will then select a work account to proceed.

image

To verify that the process requesting the password reset is not an automated bot, the user will need to complete a captcha as shown above.

image

They will then be taken to a screen where they can select from the methods available to verify their identity. These were set up previously by each individual user and should be unique for that user.

image

Once the user successfully completes the verification process they will be request to reset their password,

image

which when complete, will allow them to access their Office 365 account again.

The main benefit of enabling user self service password resets in Office 365 is that it allows users to manage their own passwords immediately and without having to contact an administrator to complete the reset. It is important that you ensure that you have enough verification methods for your environment and all users complete the registration process.

Again remember, that out of the box, Office 365 self service password resets work with cloud only identities. If you are using synchronized identities you will need to purchase Azure AD Premium and configure password write back to your on premises environment.

Thursday, September 21, 2017

CIAOPS now accepts Bitcoin

For some time now I’ve been looking into cryptocurrency and can report that I have learned much. I am vey excited about the potential that the underlying technology they are built on, known as blockchain.

I hope to soon start publishing some insights and opinions about this brave new world of payments and currencies but to the best way to get the ball rolling is to dive in head first. I therefore went ahead and set myself up with a bitcoin wallet which is here:

1Q48VMiR152XNuDEkfV3khFdiYoBPGH4V4

I have also added that information to my blog with the idea that if something I publish there is of benefit to someone they can ‘almost’ immediately make a small donation directly using bitcoin. This maybe one of the ways that things like bitcoins function well at in the future economy, via micro payments. That is, to make say a $1 donation is simply uneconomic given normal transfer and other fees if you chose to use a normal forms of payment. However, with bitcoin it is simple and easy to do exactly that. Just whip out your device, scan the QR code and make a small donation as way of appreciation.

Now to grease the wheels of commerce here a little I’m going to offer an incentive to be the first person to send me some bitcoin. So, if you are indeed the first person to send me some bitcoin (over say $1) I’ll send you free one of my publications Getting Started with Skype for Business Online or Beyond the Basics with SharePoint Online in PDF format.

So once you have sent me some coin, send me an email (director@ciaops.com) and tell me exactly how many bitcoin you sent to verify it was you, as well as which publication you’d like to receive in exchange. The best way to ensure someone else doesn't guess the amount is to send me a random amount of bitcoin (say $1.27 or the like). Once I’ve verified your transfer, I’ll send you a PDF copy of the choice of your publication.

The offer is now out there and the clock is ticking. Let’s see how long it takes for someone to win the prize.

Azure VM host machines are being updated

All those VMs that you use in Azure have to run on a host. At the moment, the majority of these hosts are running Windows Server 2012 R2. With Server 2016 now being available that include a range of additional features and functionality Microsoft is going to up updating the host machines in its datacenters to Server 2016 over the coming months.

This video will give you some good guidance on what to expect during the process for you VMs currently hosted in Azure. Chances are it will mean a reboot of your VMs but you’ll get plenty of notice beforehand and it is something that you should undertake manually anyway to complete the migration process.

The video has lots of great info, so if you have VMs running in Azure, consider this a heads up for upcoming host maintenance for your machines.

Need to Know podcast–Episode 165

Marc travels to Adelaide AU to speak with MVP Adam Fowler about his road to being an MVP as well his IT resources. They also cover off the local IT community in Adelaide as well as the upcoming cloud migration projects that Adam is involved with. Marc and I cover off the latest Microsoft Cloud news for Azure and Office 365.

Take a listen and let us know what you think -feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-165-adam-fowler/

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@marckean

@directorcia

@adamfowler_it

Adam Fowler IT Blog

Marc's Azure news

Expand your collaboration with guest access in Microsoft Teams

How external access for Microsoft Teams

Shared status indicator in OneDrive

The SharePoint and OneDrive guide to Microsoft Ignite 2017

New Office 365 App Launcher

This program is brought to you by:

image

Tuesday, September 19, 2017

Azure Nested Virtualization

One of the things that Azure VMs currently don’t seem to allow is the ability to login to machines using just Azure AD credentials. So, how to overcome this issue but remain totally cloud based?

The solution is to use nested virtualisation in Azure which Microsoft recently announced here:

Nested Virtualization in Azure

Nested virtualization is only available on specific machines (See above link for details). One of these is the E_V3 series, which are currently not available in every region.

image image

Just for comparison, I looked at my usual ‘go to’ machine (a DS2_v2) and the supported E2S_V3. As you can see from the above the E2S_V3 is far better value, being cheaper and having more RAM.

This made me think that perhaps I should convert some of my stand alone test VMs into guest VMs in a nested arrangement. As long as I only use these machines together the compute cost would only be for the single host VM on which the multiple guests are running rather than multiple individual Azure VMs. Hmm…something to consider down the track.

image

So I ran up a E2S_V3 out of the West US 2 datacenter with Windows Server 2016 datacenter in the standard manner.

Once the server I up I simply went in and added the Hyper V role as you would with any Windows Server.

image

The feature installed and when complete I rebooted the server as required.

image

After the reboot I had access to the Hyper V Manager as you can see above, as with any Windows Server.

image

I now needed to create a new Hyper V Virtual Switch that would support NAT that my guests could connect to and then get access to the Internet.

To do this I needed to run 3 lines of PowerShell:

New-VMSwitch -SwitchName “NATSwitch” -SwitchType Internal

New-NetIPAddress -IPAddress 192.168.0.1 -PrefixLength 24 -InterfaceAlias “vEthernet (NATSwitch)”

New-NetNAT -Name “NATNetwork” -InternalIPInterfaceAddressPrefix 192.168.0.0/24

You can alter the IP addresses to suit.

image

Once this is complete if I now look in my Hyper V Manager I see a new virtual switch as shown above. I’ll use this to connect the network card of my VMs to.

At this point I’ll need to assign the IP addresses to my virtual machines manually. I can configure an appropriate DHCP server if I want but I’ll leave that for a future article.

image

So now I just create a VM on this server as I would normally. In this case I chose a Windows 10 Preview edition.

image

When complete I need to set a static IP until I get the DHCP server operating.

image

Voila, a nested VM in Azure connected to the Internet and ready for further testing.

I can’t tell you how much flexibility this is going to provide me. Not only can I now login to machines using Azure AD account but I can run up things like Windows 10S and (shock, horror) maybe even get SBS working as a guest. Now that would be really cool to achieve and I have added that to my ‘to do’ list. Watch for and article real soon!

Till then, all I can say is that Azure Nested Virtualization is super cool and really super cheap! Love the cloud!