Sunday, November 18, 2018

SharePoint customisation code will bite you

A very common thing I see when working with many businesses implementing collaboration solutions in Office 365, is their rigid desire to implement customisations via code to SharePoint immediately.

Many have a pre-conceived idea of what they believe an ‘intranet’ should be and operate. Thus, they want to force SharePoint to fit that model. The only way to achieve this typically is to use custom code on the site. They want lots of changes made to not only the look and feel but also the functionality prior to implementing it across the business.

I warn them strongly, that the more you customise with code the more it is likely to break and the more issues you will have down the track. A much better option, at least to start with, is to go with what Microsoft provides you out of the box. Only once you have exhausted all in the out of box options, then look at custom code. Then and only then, and when you do be prepared to continually maintain it.

As further evidence for this stance, if you take a look at this video from the recent Microsoft 2018 Ignite from 47:03

https://www.youtube.com/watch?v=rhYHdYn5jdQ&t=2928s

and listen to what Tracey Haun, Director, IT Collaboration and Privacy from Dupont says:

When we set up SharePoint we were so proud of ourselves for only customizing less than 5% of the environment and that less than 5% customization has come back to bite us time and time again. Every time we upgrade, every time we migrate we have to deal with these customizations. I just want to say that we were so rigid in the way that we in way we wanted to -- and this is specifically around our records management and the way we classify the security classification of our sites, we were so rigid and so set in our ways on how we wanted to do that. So I highly recommend, if you are just getting started, go with the industry standard. Don’t force your business model into SharePoint. Let the it adapt to the Microsoft way.

Thus, if you want to make major changes to the way SharePoint Online works out of the box you firstly need to find a developer who is specifically experienced with SharePoint Online. Even after the job is complete, you are going to need to have someone on tap to maintain that code, because sooner or later it will break. Why? Because Microsoft makes changes and improvements to the underlying SharePoint base that will affect the code.

When that happens, and you won’t know when it will, the more you have used custom code the more catastrophic the failure of your site is going to be. If the site has become a critical part of your business, then it means that system will be down until a developer can be found to rectify the problems. That could be quite a while.

Putting your business in that situation, to me, is increasing your risk which is not something you want to do. Going with what Microsoft give you out of the box may not be “exactly” what you want but it is going to keep on working as SharePoint is updated, unlike custom code.

Of late, Microsoft has added many improvements to SharePoint and collaboration in Office 365, that really make me question why you would want custom code at all? Is it really worth the risk and costs involved?

So my STRONGEST advice when it comes to SharePoint is to use what you are given out of the box to it’s fullest. After that, if you still want changes, make sure you FULLY understand the indications and increased risk this places your business under.

I’m sure people would love desktop applications like Excel to do more but they generally don’t go making wholesale customisations via code. They tend to work with what they are given out of the box. So too, it should be with SharePoint.

Saturday, November 17, 2018

Ignite 2018 sessions on YouTube

With Microsoft Ignite 2018 now over for 2018 I wanted to let people know that like last year:

Ignite 2017 sessions on YouTube

I’m maintaining a list of links directly to the sessions on Github.

image

The list is maintained at:

https://github.com/directorcia/general/blob/master/ignite2018.txt

and I will be updating it throughout the year as I find links to new sessions.

Of course, if you have a link to a session that I don’t have up there yet, please send it along so I can add it and we can all benefit.

All the sessions are not there as yet. I add them when I find them and the update this file, so make sure you check back regularly to get the latest list.

Thanks again to Microsoft for doing this and uploading the sessions to YouTube. They are a great source of learning and allows people like me would couldn’t get to Ignite the ability to work through the content.

Thursday, November 15, 2018

Enrolling an iOS device into Intune

Before you can actually enrol an iOS device into Intune you typically need to complete the following preliminary steps:

Add an Apple management certificate to Intune

Set up an iOS Intune device compliance policy

Set up an iOS Intune device configuration policy

With all this done, you can now actually configure the device to be managed by Intune.

image

We’ll be using a newly wiped and configured iPhone as shown above in this walk through.

image

Note here, that this phone has both Facetime and the Safari browser on the device and available. After the device has been enrolled in Intune they will both be removed as part of the configuration policies that gets applied.

image

To do Mobile Device Management (MDM) for the device with Intune the user will need to download the Company Portal app and then run it.

image

There will be a prompt for a user login. This will be the user’s Office 365 credentials typically.

image

The device will also need to be connected to the Internet so it can verify these credentials and continue.

image

The user will now be prompted to put the device under management by selecting the Begin as shown above.

image

The user will then receive notification about what putting a device under management will mean as seen above.

In this scenario, we are assuming it is a bring your own device (BYOD).

image

The user will be given further instructions and then be required to press the Continue button.

image

The process will now try and open the Microsoft Intune portal in a browser. The user will need to select Allow to continue.

image

They will now be taken to a screen and prompted to install a new management profile by selecting the Install button in the top right.

This profile is the one that will be controlled by Intune and provide security over company data on this device.

image

The user will need to select Install again to continue.

image

They will then receive a warning about a third party certificate being installed as shown. This a certificate from Intune so the user should select Install in the top right to continue.

image

The user will be prompted to confirm that they wish their phone to be enabled for remote management.

They should select Trust to continue.

image

The management profile will complete installation. To finish this process select Done in the top right corner.

image

The user will be taken back to the Intune Company Portal app, where they will be prompted to continue. They should also now see that the device is now managed.

Select the Continue option.

image

The device settings will be checked. This is effectively running the compliance policy from Intune over the device to ensure it can be enrolled and meets the requirements to be considered to have the appropriate settings enabled and configured.

image

The process should complete without warnings or errors. This then indicates that the device is compliant and now has the configuration policies applied to it from Intune.

Select Done to continue.

image

The user will now see the Apps menu of the Company Portal app as shown above. They can return and use some of the other functionality in the app at any time but for now, simply close the app.

image

If you now look closely at the home page of the enrolled device now above, you will see, per the Intune Configuration policies that have been applied, both Facetime and Safari are no longer available on the device.

image

If an administrator now looks in the Intune portal they will see the device that has just been enrolled.

Select it to get more details.

image

They should see a summary of the device as well as a number of controls for the device across the top on the right.

image

If they select the Device compliance option from the menu on the left they will see the compliance policies that have been applied to the device and their state.

image

If they select Device configuration, they’ll see all the configuration policies that have been applied to this device and their current state.

You can select any of these policies on the right to get more information.

image

When you do you’ll see all the settings that have been applied as part of that policy. Here, you’ll see the policies for Facetime and Safari have been successfully applied (i.e. to be made unavailable on the device).

So, that’s how you put an iOS device under management using Intune. Doing so give you greater control over what is done on the and also the ability to do things like remotely wipe that device if required. A future article will show you how these management task can be accomplished on the the device.

Wednesday, November 14, 2018

Posting code snippets to Microsoft Teams

image

If you want to post a snippet of code to Microsoft Teams go to the Conversations tab and then select the Format text icon as shown above.

image

From this expanded dialog box select the Code icon as shown.

image

This should display a new dialog like shown above.

image

If you select the options in the top right you will see a huge range of code selections displayed as shown.

image

In the above case, I have select PowerShell and you can see that it formats and colours the code snippet for me automatically making it much easier to read.

image

You can now post the result and that will be added to the Teams Conversations as shown above. You will see that it even automatically add line numbers, which is very handy.

Thus, if you are going to post code into Microsoft Teams Conversations, make sure you do it via the Format Text option so that it is formatted in a way that makes it more readable.

Tuesday, November 13, 2018

Update to SharePoint Online PowerShell module

Since the beginning of working with SharePoint Online with PowerShell you have had to download and install a stand alone MSI for access to the SharePoint Online cmdlets as I have detailed here:

Connecting PowerShell to SharePoint Online

Well no more! Yeah! Now you can install the module directly from PowerShell using the command:

Install-Module -Name Microsoft.Online.SharePoint.PowerShell

You should uninstall the old MSI version if you have it first.

Whee you run this command you should see the modules being installed like so:

image

and then you should be good to go.

image

This will make working with SharePoint Online via PowerShell so much easier!

The current version is 16.0.8212.0 and can be found here:

https://www.powershellgallery.com/packages/Microsoft.Online.SharePoint.PowerShell/16.0.8029.0


Need to Know podcast–Episode 195

Troy Hunt makes a return to the podcast to talk about the power of serverless compute. We discuss how Troy has been successfully using serverless compute to run his website haveibeenpwned. Troy also shares with us some insights as to the practical day to day operations of running a site with 5 billion breach records. Brenton and I also update you on the latest Microsoft Cloud news including a raft of updates to Microsoft Teams.

Take a listen and let us know what you think -feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-195-troy-hunt/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@troyhunt

@contactbrenton

@directorcia

haveibeenpwned

Azure serverless compute

CIAOPS Patron program

Skype for Business is moving to Teams

What's new in Microsoft Teams - November round up

Top scoring in industry AV tests

How can I get started with machine learning

Monday, November 12, 2018

CIAOPS Need to Know Office 365 Webinar–November

laptop-eyes-technology-computer

This month we are going to look at one of my favourite applications – OneNote. OneNote is a digital notebook and can be used for a variety of tasks and has many, many benefits which I’ll dive you. OneNote will truly change the way you work and help you to be better organised, more productive and use less paper across everywhere you work and play. I’ll also cover off all the latest Microsoft Cloud news and update to make you even MORE productive!

You can register for the regular monthly webinar here:

November Webinar Registrations

The details are:

CIAOPS Need to Know Webinar – November 2018
Thursday 22nd of November 2018
11am – 12am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

There of course will also be open Q and A so make sure you bring your questions for me and I’ll do my best to answer them.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session.

Get started with Office 365 on the front page

image

When most users access Office 365 they start on the front page as shown above. There is lots of really great and helpful stuff on this page but many people in my experience don’t take a moment to actually see what is here and understand how it can make their lives easier.

The first of these benefits is Search which you'll find in the upper right corner of the page as shown. This will find information for you across all of Office 365.

image

Then there is the ability to down and install a local version of Office via the Install Office button also on the right. Remember that you get 5 installs of Office on PC’s and Macs, 5 on tablets and 5 on phones.

image

Hopefully most people are familiar with the Apps in the middle of the page that give you access to your Office 365 services simply by selecting them.

image

Of course, if you don’t see the app that you are after then you can select the Expand all your apps option to see all the Office 365 services you have access to.

image

If you now scroll down you’ll see that you can Upload documents directly from this page,

image

as well as create a New Office document.

image

A little further down you’ll see Recommended documents. These recommendations come from the Office Graph and are files you make not have seen but have access two. These recommendations are typically files that your peers are working on.

image

Further down you’ll find a number of categories of your files as shown above, including Recent files that you have been working on, which is handy.

image

Here again, you’ll find the Discover option to view files that the Office Graph finds relevant for you.

image

Right at the bottom you’ll find access and information about your OneDrive for Business and SharePoint sites.

So, this start page is a great summary for a user of all the stuff that they need access to. Take a moment and have a look at what it says for you and you may find that it is indeed the best way to get to your information in Office 365.

Sunday, November 11, 2018

Teams resource information from SharePoint site

image

Hopefully you know that when you create a Microsoft Team you get a range of resources automatically provisioned, including a SharePoint Site, group mailbox and calendar, Planner and more.

If you mouse over the icon for the Microsoft Team in the SharePoint that was created as part of that Team you’ll see a nice summary of the Team’s resources as shown. Clicking on this small icon will take you direct to the Team, the Team inbox, calendar, notebook, SharePoint site, Planner, etc.

image

If you leave your mouse there for a little longer a more extensive card will appear, as shown above. You will notice the option to Follow in inbox at the the top.

image

If you scroll right to the bottom of this card you’ll find a Show more option which, when selected, will display even more information about the Team as shown above.

So to get some handy short cuts to all your Microsoft Teams resources, just roll your mouse over the icon.

Lest We Forget

Today marks the 100th anniversary of the end of the First World War. It represented the industrialisation of warfare and a taste of what was to come.

Australia’s role in the war was significant. Some have said it is really the only war where Australia has fought the major enemy on the major front. That being the Germans across northern France.

Australia’s role in the war wrought over 215,00 casualties.

In the 4 years of War approximately 416,809 had joined up and of these 313,814 had embarked for duty overseas. 65% of these were killed or wounded compared to 51% for Britain, 50% for Canada and 59% for New Zealand. Nearly 40% of all Australian males 18 - 44 voluntarily enlisted. One in five or 63,163 died on active service during the war.

313,814 embarked from Australia of which approximately 295,000 served on the Western Front. 53,000 died in France and Belgium, 18,000 have no known grave, 152,171 wounded. Between 27 March and 5th October 1918, the AIF made up less than 10% of British forces but captured 23% of the prisoners, 23.5% of the enemy guns and 21.5% of the ground taken from the Germans. 52 Victoria Crosses were awarded to Australians who fought on the Western Front. Many did not survive and live to receive their honour.

Over 13 million people were killed during the war and it would prove not to be the war to end all wars unfortunately.

So on this 100th anniversary we pause, remembering those who died and never returned, those who served and did return and the many other who continued to serve when this country called. All we can do is say thank you and promise never to forget.

Lest We Forget

For more information on the Australian battlefields of World War One wish my website www.anzacsinfrance.com.

Wednesday, November 7, 2018

Setting up an iOS Intune device configuration policy

Before you set up any iOS device configuration policy in Intune it is best practice to ensure:

You have added an Apple management certificate to Intune

and

You have set up an iOS Intune device compliance policy

with those two tasks complete you can now create an iOS device configuration policy. A configuration policy applies settings and configurations to the iOS device joined to this environment.

image

Open the Azure portal as an administrator and navigate to Intune. From the menu that appears on the left select Device configuration as shown above.

image

Next select Profiles from the menu on the left as shown above.

image

Here you will see any profiles that already exist. To create a new policy simply select Create policy from the menu bar across the top as shown.

image

Gove the policy a Name and Description. Select iOS as the platform.

image

You’ll see that there are lots of different configuration types you can select to create configuration policies for. In this case we’ll select Device restrictions as an example of how to configure a policy, but remember there at least 9 options here you need to consider.

Remember, you can have multiple policies if you desire as well a number of the different configuration type policies if you want.

image

If you now select Settings towards the bottom of the window as shown above, you will see the numerous range of configuration options you can set for devices.

image

In this case I’ll simply illustrate changing one setting by selecting Built-in Apps and then Blocking Facetime as shown above.

Make sure you select OK at the bottom of any screen on which you make changes.

image

The final step once you have made all your selections and Saved the policy, is to assign the policy. Here I have assigned it to All Users & Devices as shown.

image

You can revisit and make changes to your policy at any time by navigating to it and selecting it.

The options at the bottom of the menu on the left above: Device status, User Status and Per-setting status will again give you a summary of how this policy has been applied to devices.

Once we have all this in place we can now start joining actual devices to this environment so they can be manged. When we do that, they will be checked against the compliance policy and then have any configuration policies applied.

I’ll cover the process of adding devices to this environment in an upcoming article.