Wednesday, January 31, 2018

HBUDS Bluetooth Headphone review

Full disclosure - I was provided a unit for review


I was impressed with the unit even before I opened it. The packaging was high quality, even with a magnet grab to seal on the container. The packaging was not the usual flimsy or plastic style container of so many similar products. In fact, the outer box is so nice I'm going to keep it! So a 10 out of 10 for the packaging.


Inside the packaging are the earphones themselves, a range of different ear buds (to suit different people) which is really handy. How many times have I had a set of earphone and lost one earpiece only to have to throw out the whole thing out and get a new one. It is really nice to be provided with some spare earpieces. Inside you'll also find a USB charging cable, a handy pouch to carry everything in while travelling (big bonus for me) as well a set of instructions. So a 10 out of 10 for the contents with everything required actually inside.


Normally, the instructions you receive are typically too small to read, have all the languages mashed together so you have to find the ones you understand and basically lack simple pictures to show you how to get started. Not here. The manual contains simple and straightforward instructions with lots and lots of picture to help you work out how to get everything working. 10 out of 10 again for the manual, which is easy to read, detailed and contains plenty of pictures.

With the unit now free from its packaging it was simple matter of hooking it up to a USB with the cable provided to charge it up prior to use. Again, the manual provides excellent clear instructions on how to make all of this happen.

After a short period of time the headset was charged and I paired to my phone. Now Bluetooth pairing can be tricky at times, given two different devices and one without a screen. I found it best to wear the headset so I could hear the commands and then do a manual find on my phone. Although not 100% seamless it was pretty close and the fault could have been mine or my phone so no deductions for the headset.

With the headset now fired up and connected I proceeded to listen to podcasts, music and take phone calls. The sounds quality was excellent and the reduction in ambient noise was good. The unit fitted snuggly and around my ear and provided enough distance from my ear to avoid any interference or irritation. The unit is light yet attaches quite sturdily and at no time did I feel it was going to fall off.

Working with headset on is always a bit of challenge to remember what all the buttons do and how long you need to hold them down for to perform their function. The main functions like volume, on/off, accept/decline calls are pretty straight forward but things like redial I'll need to memorise. The main button give a nice click to indicate on/off as it is easy to determine whether it is being pressed. Likewise, the volume button are easy to find and large enough to work with fat fingers like mine, unlike some other units I have used. So 10 out of 10 here as well, especially when compared to other headsets.

It is hard to fault this unit. From the packaging to the instructions to the setup and use, it really is a high quality products that a lot of thought has clearly been invested. I thoroughly recommend this if you are in the market for such a device and am now happily using it to listen to music, podcast and take calls no matter where I am. My only ask would be perhaps a small container, separate from the packaging in which I could store the spare ear buds, however this is a minor issue on what is a really top quality unit. Highly recommended.

These headphones are currently on sale and the current price is really a bargain, so act fast!

Here are the links to the different versions on Amazon:




Thursday, January 25, 2018

Create a Safe Attachment policy with Office 365 ATP


When you have Office 365 Advanced Threat Protection (ATP) you should ensure that you actually go in a create a Safe Attachments policy because I don’t believe one is created by default.

You’ll need to login to your Office 365 portal as an appropriate administrator and then navigate to the Security and Compliance portal as shown above.

From the menu on the left select Threat management. This should reveal a number of additional options. From those that appear, select Policy.

You should now see a number of options on the right hand side as shown above. Locate and select the ATP safe attachments option.


You should now be in the Safe attachments area as shown above.


Starting at the top of the page, ensure you have the Turn on ATP for SharePoint OneDrive and Microsoft Teams checked as shown.


In the lower area you will see that no policies exist. To create a policy select the + (plus) icon.


Give the new policy a name and select the action that will be taken from the options below. In this case I have selected the Replace option.


You can enable redirection if you wish.


You now need to create the rules for this policy. if you want everything checked select the option The recipient domain is and then all the domains you have in your Office 365 tenant.

Save the configuration by using the button at the bottom of the screen.


The update will be processed and applied.


When you look at the Safe attachments page now you should the policy as shown in place.

To read more about safe attachments in Office 365 Advanced Threat Protection see:

Office 365 ATP safe attachments

January Azure Webinar resources

Slides from my January Azure webinar are now available at:

CIAOPS Need to Know Azure Webinar - January 2018

The recording is also available at:

which CIAOPS patrons get free access to as part of their subscription.

This webinar set the ground work for upcoming monthly webinars that will go deeper into Azure features and abilities.

So make sure you sign up for next month’s webinar.

January Office 365 Webinar Resources

The first webinar for the new year. Thanks to anyone who attended.

Slides from this months webinar are now available at:

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

We looked at user management in this session.

Watch out for next month’s webinar.

Wednesday, January 24, 2018

My Tech Books - 2018

As much as business books are the mainstay of helping you grow a business, I would assert that there is a place for good fiction and non fiction as a way of expanding what is possible and what we may see with technology in the future. From such ideas, opportunities flow and in this ever changing world of technology, what is fiction today becomes fact tomorrow.

Below is a list of tech (both fiction and non-fiction) that I have really enjoyed and recommend to anyone interested in technology and the impact it may play in our lives down the track. Many books are ‘hacker’ style stories about the security challenges our technology creates thanks to it’s intersection with humanity. I think that technology simply magnifies the good and the bad. What do you think?

You can follow all the books, tech, business, non-fiction I read and want to read over at Goodreads where I have an account. You can also view my activity via:

or just follow me on Facebook:

1. Daemon – Daniel Suarez [Fiction]

A glimpse into the future of where drones and augmented reality may take us. That may not necessarily be a good place either.

2. Freedom TM – Daniel Suarez [Fiction]

A follow up to Daemon. What happens when technology dominates the world? Who benefits?

3. Ready Player One – Ernest Cline [Fiction]

Much like the Matrix. What is life like if you live inside the machine? You can be just about anyone you choose. I also love this book for all the retro technology that was part of my life. TRS-80 anyone?

4. Future Crimes: Inside the Digital Underground and the Battle for our Connected World – Marc Goodman [Non-fiction]

Technology will ultimately doom us all I believe because we are building our world on stuff that unfortunately places a low regard for security and privacy. This book will show you why that is a road to ruination.

5. Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon – Kim Zetter [Non-Fiction]

If you don’t believe cyber warfare is real then read this book to understand how software is now a weapon as potentially devastating as any nuclear device.

6. Beyond Fear: Thinking Sensibly about Security in an Uncertain World – Bruce Schneier [Non-Fiction]

Security is important but it is important in context. We need to be rational when we consider our security not emotional. A great level headed approach to how we need to be secure.

7. American Kingpin: The Epic Hunt or the Criminal Mastermind Behind the Silk Road – Nick Bilton [Non-Fiction]

An amazingly detailed book on the rise and fall of Ross Ulbricht, the creator of the Silk Road web site. In here are asked to think about whether technology plays something more than a neutral role in today’s world.

8. The Cuckoos Egg – Clifford Stoll [Non-Fiction]

Before the Internet was in the public sphere it existed in the world of academia. This is the story of how one man’s search for the source of an accounting error uncovered something are more sinister.

9. Takedown – John Markoff and Tsutomu Shimomura [Non-Fiction]

The pursuit and eventual capture of notorious hacker Kevin Mitnick makes for great reading.

10. Hackers: Heroes of the Computer Revolution – Steven Levy [Non-Fiction]

Ah, the good ole days when it was more about proving how smart you were than trying to actually cause harm. If you think hacking is something new, then you’re in for a surprise with this book

Saturday, January 20, 2018

Windows Autopilot Deployment heading to Azure portal


If you go to Intune in the Azure Portal, then select Device enrollment, then Windows enrollment, you see some new options for Windows Autopilot deployment as shown above.

If you need a refresher on where the settings where originally check out my previous article:

Introduction to Windows Autopilot


The above is what the deployment profiles option look like when you go there.

Here’s what it looks like in the original Business portal.


There isn’t a place to upload the machine identification file as yet in Azure as you can see here:


However, I would assume that it is coming.

So, keep your eyes posted to the Azure portal for more additions for Windows Autopilot.

Friday, January 19, 2018

Adding Apple MDM push certificate to Intune

When you start using Intune with services like Microsoft 365 Enterprise or stand alone you’ll need to add an Apple MDM push certificate to allow iOS devices to be managed by Intune. If you don’t, you’ll get errors when you try and add these devices.

Here’s how you create and add an Apple certificate to Intune.


When you initially go into Intune via the Azure portal you’ll need to set the Mobile Device Management Authority as shown above. Simply select the option for Intune MDM Authority and the Choose button to save the choice.


In the list of Intune options, under the Manage heading, select Device enrollment.


From the blade that appears, select Apple enrollment from the menu and the right side will then show a number of boxes.


Select the box in the top left that should have the heading Apple MDM Push Certificate.


Another blade will open. Under Step 1, select the Download your CSR hyperlink.

This will prompt you to save a file called IntuneCSR.csr to your computer.


In Step 2, select the hyperlink Create your own MDM push certificate.


This will open a new tab in your browser and take you to the above Apple site. You’ll need to have or create an Apple ID to login here.


You’ll need to accept the Terms of Use.


You’ll need to create a new certificate. To do so, select the option to Browse at the bottom of the window as shown above.

Navigate to the certificate file you downloaded from the Intune portal previously.

Then select Upload.


Next, select to Download the certificate created by the Apple site.


Return to the Intune portal and insert the Apple ID you used to create the certificate in Step 3.

In Step 4, upload the Apple certificate.

When complete, select the Upload button at the bottom of the page.


When you now look at the Intune portal the Apple MDM Push Certificates should now show a green tick, as shown above. This will now allow you to place iOS devices under Intune management.


Tuesday, January 16, 2018

Office 365 Cloud App Discovery

In today’s security environment it is really no longer possible for human beings to manage security, it typically needs to be out sourced to software. Signature based security is too slow to keep up with constantly changing attacks and the best way is to look for anomalies in behaviour patterns.

Office 365 Cloud App Security is service that is included in E5 licenses but also available as a separate stand alone purchase (called Microsoft Cloud App Security in the store). Unfortunately, you can’t add Office 365 Cloud App Security to Business plans only Enterprise plans.

Basically, Office 365 Cloud App Security allows you to configure policies that trigger alerts for specific activity as well as suspending accounts exhibiting suspicious activity. Let’s see how.


To get to Office 365 Cloud App Security you need to navigate to the Security & Compliance Center as an Office 365 administrator. Open the Alerts heading on the left and select Manage advanced alerts from the options that appear.

On the right you will see a check box to Turn on Office 365 Cloud App Security.


Once this has been selected you will be able to select the button to Go to Office 365 App Security.


On this page you may see a number of policies in place already. Here, I’m going add a new policy. To get to this page again I select the Control option from the menu across the top of the page and then Policies from the items that appear.

To add a policy I now select the Create Policy button on the right as shown above, and then Activity policy from the items that appear. You may have less items in this list, it depends on what licenses you have in place for your tenant.


For the Policy Template option I am going to select from a list of pre existing templates and use the Logon from a risky IP address which is described as:

Alert when a user logs on to your sanctioned apps from a risky IP address. By default, the Risky IP address category contains addresses that have IP address tags of Anonymous proxy, TOR or Botnet. You can add more IP addresses to this category in the IP address ranges settings page. 


You can see the list of existing policy templates above and of course, you can create your own custom one.


Once I have selected the policy I scroll down to the actual rules which appear in the Create filters for the policy section as shown above.

Basically you’ll see in this case that the rule looks at whether an IP is “risky” and the activity equals logon.

You can of course edit or define your own rules here if you want.


If you are wondering where the “risky” IP range is defined you’ll find these sorts of things in the upper left under the COG icon as shown above. In this case, look under the IP address ranges.


Once you save the settings you’ll be returned to the Policies page where you should now see the new policy as shown above.


To test this policy, I’m going to fire up a Tor browser and login to Office 365.


As expected, in a very short space of time (note it isn’t immediate. It may take a moment or two to appear) I get an alert and can view these by selecting the Alert option from the menu across the top of the page.


If I then click to open one of these alerts and select the General option in the middle of the page I get more information as shown above. You’ll see on the right that the IP category = “Risky” and this is because of a match to Tor and Anonymous proxy.


If I now select the User option in the middle of the page I get further information as to which user triggered this as shown above.


Likewise if I select the IP address option I get information about the networking in detail.

From here you can take actions on the alerts such as dismissing or digging deeper into the logs.


My advice would therefore be to enable all the default policy templates for your tenant as I have done for mine as shown above.

You’ll notice that I also have some custom policies in place as well. One of these is to provide an alert for repeated failed login attempts by a user.


Another policy is the one above that monitors logins by global administrators. You’ll see that I also restrict that policy to only apply when I am not on a corporate (i.e. office LAN) IP address.

My advice with custom policies is to start simply and broadly and tighten the rules up over time. There is nothing worse than setting a policy and getting deluged with alerts, so take it slow and increase restrictions over time to ensure you don’t overload yourself with false positives.

As I dig deeper into what is possible more I’m sure I’ll be adding additional policies to keep my tenant secure and provide a level of monitoring that no human could do. However, in today’s environment of increased attached I’d really recommend you look at adding Office 365 Cloud App Security to your tenant for enhanced protection.

Monday, January 15, 2018

Need to Know Podcast–Episode 173

A solo-cast from me this episode as Marc is busy doing his day job. A bit lonely for the first episode of 2018 but I'll manage somehow. A quick episode to bring you up to date with what's happening in the Microsoft Cloud as well as to introduce Microsoft 365 and what that is all about.

Take a listen and let us know what you think

You can listen directly to this episode at

Subscribe via iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.




Outlook for Mac support creation of Office 365 Groups

Submit feedback request to Microsoft

SharePoint updates rolling out

Office customisation tool

Availability of Microsoft SharePoint Migration Tool

Azure site to site VPN

Azure Essentials

Apply labels to sensitive files

PowerShell V6 now available

American Kingpin by Nick Bilton

Introduction to Microsoft 365

Friday, January 12, 2018

Free legacy SharePoint Documentation and training


About 3 years ago I opened sourced all my SharePoint on premises documentation that used to be part of my Windows SharePoint Operations (WSSOPS) Guide as I details here:

and is made available under Creative Commons Attribution-Non Commercial-ShareAlike-4.0 Internation license. In essence means it free to distribute but can’t be resold.

Initially it lived on my web site, then I moved to Unfortunately, has now been fully retired so I need to find a new home for this.

I have decided to move everything to the CIAOPS Academy and you can find it here:

All the information remains free to access and download but thanks to the platform I now use I can start adding additional training material, like my YouTube videos, into the curriculum hopefully adding some more value.

Please remember, that all the information here is provided ‘as is’ and is no longer maintained. It remains free to download and re-distribute, so if you want to put it somewhere else on the Internet, be my guest. However, remember it can’t be changed if you do and I’d also appreciate a heads up on where you have placed it just so I can monitor any comments or feedback.

I’ll keep adding to what’s up there but it isn’t a priority so please use it of you need to and let other know who still may require this information.

Thursday, January 11, 2018

My Business Books - 2018

With so many great books out there I’ve updated my list of recommended business books. Don’t worry, there is an upcoming post on other book topics, but these are ones I recommend from a business or professional point of view.

You can follow all the books I read and want to read over at Goodreads where I have an account. You can also view my activity via:

or just follow me on Facebook:

Here’s my current top business books in order:

1. The Art of War – Sun Tzu

The all time classic on strategy. As relevant today as it ever was. A very short read but very deep.

2. The Millionaire Fastlane – M.J. DeMarco

I love the brutal honesty of this book. It doesn’t mince words about what it takes to shift from a pay check to actually living the life you want.

3. The Tipping Point – Malcolm Gladwell

The world is all about not what you know but who you know. This book explains exactly how this works and how to use it to your advantage.

4. The Four Hour Work Week - Tim Ferriss

Many people believe this book is about shirking responsibility. It is in fact a blueprint for how to free up your time to do things you want and enjoy. It will challenge the way you look at your career.

5. Secrets of the Millionaire Mind: Mastering the Inner Game of Wealth - T. Harv Eker

The successful are defined by a different mindset. This mindset can be learned. It can be trained. This is a great book to show you how to do just that.

6. Talent is over rated: What Really Separates World-Class Performers from Everyone Else – Geoff Colvin

Demonstrates that the best comes from implementing a system. Having a system allows you to focus on the right thing and do that work that is required. If you want to take yourself to an elite level, beyond just good, then read this book.

7. Book Yourself Solid: The Fastest, Easiest, and Most Reliable System for Getting More Clients Than You Can Handle Even If You Hate Marketing and Selling - Michael Port, Tim Sanders

You can’t survive in business without a steady flow of customers. Selling to people is the wrong approach, you instead need to attract them to your business. This book helps you achieve exactly that.

8. Profit First: A Simple System To Transform Any Business From A Cash-Eating Monster To A Money-Making Machine - Mike Michalowicz

Business is about making a profit. This then gives you the freedom to do what you want with that profit. This book helps you focus on profit and setting up systems to make the most of the profit you generate.

9. Unbeatable Mind: Forge Resiliency and Mental Toughness to Succeed at an Elite Level - Mark Divine

Another mindset book. Business is not always going to be easy or take the intended route. This is when you need to have the determination to see your plans through to success. This book shows you how to develop the mental toughness to make this happen.

10. The E-Myth – Michael Gerber

The classic on ‘procedurising’ your business and creating a structure that doesn’t need you to survive. The simple secrets inside this book can transform any business from hardship to joy.

11. Tools of Titans – Tim Ferriss

There are few books that take the learnings for so many exceptional people and puts them at your fingertips. This is one such book that packs a lot of business and life learnings between the covers.

12. Predictably irrational: The Hidden Forces that Shape our Decisions – Dan Ariley

Although we like to think logic and rationality rule our world emotion is by far the more powerful influence. Understand this in the context of business and you are well on your way to understanding why people make the decisions they do and how to best profit from them.

13. Extreme Ownership – Jocko Willink and Lief Babin

Moving beyond blame is tough. This book illustrates the ownership of the problem and the environment is a key to success in the military or in business. It is a path few will elect to take voluntarily, however more may do so after reading this.

14. Peak Performance: Elevate your game, avoid burnout and thrive with the science of success – Brad Stulberg

Success is largely about developing a winning system. This book show you how to approach that pragmatically. If you want to see results use this book to help you build the system.

15. Blink: The Power of Thinking Without Thinking – Malcolm Gladwell

The older you get the more experience you get. This experience is aggregated in your ‘gut feel’. Trusting your ‘gut’ may not appear rational but this book will help you understand why it is in fact your best option in many cases.

16. The Now Habit: A Strategic Program for Overcoming Procrastination and Enjoying Guilt-Free Play – Neil A. Fiore

Plenty of great productivity learnings in here that help you take action. It shows you how to focus on the right stuff in the right priority. Even if you are not a major procrastinator there is plenty in this book that you can take away.

There are plenty more that I would recommend people read but the above are all 5 out of 5 in my books. I revisit all these titles on a regular basis and continue to extract value after every read.

Let me know what you think. Do these work for you? What’s your top business reads? I’d love to hear.

Wednesday, January 10, 2018

Location of chat history in Microsoft Teams


I have a Microsoft Team in my tenant called “Patrons”. In there is a channel called “Social”. In this area CIAOPS Patrons chat about things such a cryptocurrency as you can see.

As an administrator what I want to do is find out how I can view information that is shared by others in this chat location. In short, how do I see chat history in Microsoft Teams?


As an example, let’s say I want to find the term ‘kodak’ in these chats. You’ll see from the above that it is part of a link that was pasted into the chat.


All the chat history from Microsoft Teams is saved into a mailbox with the name of the Team. So I’m looking for a mailbox called “Patrons”.

Easiest way is to fire up trusty PowerShell and run:


and as you can see from the results above, I only see user mailboxes.


but if I run:

get-mailbox –groupmailbox

I see all the shared mailboxes in my tenant.

As you can see I find one called “Patrons” as shown above.


To get the details I run:

get-mailbox –groupmailbox

and you can see that I again get all the information but just for that mailbox. So this is the one that is linked to my Microsoft Team.


If I now run:

get-mailbox –groupmailbox | get-mailboxstatistics | select-object identity, itemsinfolder, foldersize

I basically get a report of what is inside that Teams mailbox. In there I can see a folder:

\conversation history\team chat

this is indeed where the chats are located. You can see there is currently 344 items of 4.38 MB in size.


Now I can actually add this mailbox to my Outlook Web Access and view the contents as you can see above. However, I can’t get the folder \Conversation History\Team Chat because it is hidden and probably has other permissions associated with it.


I can’t add this shared mailbox to Outlook 2016 on my desktop as you can see above.


So now if I try to view/change the permissions on the mailbox using:

get-mailbox –groupmailbox | get-mailfolderpermission

I get the message that the mailbox doesn’t exist.


If I now try:

get-mailfolderpermission –identity\inbox

I again get the message that the mailbox doesn’t exist.


If I use that same command on another ‘standard’ shared mailbox the command works. So I know my command does work, it just doesn’t work with a Microsoft Teams mailbox.


Again, just changing mailbox identity confirms that the command can’t even see the mailbox.


The way to actually see what the contents of the Teams chats are is to use the Content Discovery component of the Security & Compliance center in Office 365 which you’ll find under the Search & Investigation heading on left hand side. You need to be an administrator with appropriate rights to access this area.

You start by creating a new Content Search by pressing the + icon as shown above.


Give the new Content Search a title and select the locations where you wish to search. In this case I’ll simply look through all email data.


Next, I enter what I want to search for. Here, I’m only looking for the word ‘kodak’.


After I finish my configuration, the search commences and I need to wait a few moments while it searches all the nominated locations and generates the results.


When the process is complete I select the Preview search results hyperlink on the right as shown above.


Another window opens and I can locate the item I’m after as the type is ‘IM’ as shown above. When I select that item on the left I see the full context on the right. I confirm that the search does display the link that is the Microsoft Team chat.


If I elect to download the item, it does so as an .EML file which I can open in any mail client as shown above. This indicates that each chat message appears to be a separate email in a sub folder in a shared mailbox in Exchange Online effectively.


So I went back in and changed the content search terms to make it broader to encompass more chats.


I ran the search and exported the data from the Security & Compliance center into a .PST file and then imported that into Outlook.

Thus, as you can see above, I can now view all the chats that match my search criteria as an administrator.

The problem with this is, from a pure ‘overwatch’ point of view, it is a very manual process to get to the information and secondly you can only look at things you specify in your content search. It would be nice to have the ability for an administrator to export the whole chat content from a Microsoft Teams channel into a single document that could then be viewed.

However, at the end of the day, rest assure that your Microsoft Teams chats are being saved and you can access them if you need to. Hopefully, the above has shown you how to do exactly that.