Basics of deploying Windows Defender Application Control (WDAC) using Intune

Windows Defender Application Control (WDAC) is the more modern approach to application white listing on a windows 10 device when compared to AppLocker. It is however, just as easy to deploy using Intune as this video shows:

https://www.youtube.com/watch?v=M2cZrV-mRlo

You firstly need to create your WDAC policy as an XML file. Then you use the PowerShell command:

ConvertFrom-CIPolicy

to ‘compile’ it into a .bin file. You upload this .bin file into an Intune device configuration policy and apply that to all the desired machine.

Remember, unlike AppLocker, WDAC applies to the whole machine, not individual users of that machine.

Remember, WDAC is already part of Windows 10 so there is no additional cost and using Intune, it will work with both Windows 10 Enterprise and Professional to help you secure your environment.


Basics of deploying AppLocker using Intune

One of the great things about deploying Windows AppLocker via Microsoft Intune is that it supports both Windows 10 Enterprise and Professional. It is also quite straight forward to deploy as I hope the video conveys.

Once you have your base policies, you create a custom Windows 10 device Configuration policy with Intune and deploy it to your device fleet. Once that process is complete you’ll have the same application control you had on a single device but now across as many machines as you wish.

Remember, that Windows AppLocker is free with Windows 10 and easily deployed to machined from the cloud using Microsoft Intune.

Power Platform product release

pexels-clem-onojeghuo-175711 (1)

I am please to announce the inaugural product release from the CIAOPS Patron Power Platform Community:

Power Automate Drink Ordering System

This is a PDF document that takes your step by step through creating an automated process for bulk ordering of drinks. This solution was developed to solve the challenge or ordering many drinks at events, however it could be used for much more mundane things such as preparing complimentary drinks when guests attend a business.

This project can also be seen as a great way to start learning the Microsoft Power Platform by creating a real world process using Power Automate (Microsoft Flow). The information provided run to over 130 pages and includes screen shots and easy to follow instructions.

To celebrate the release of this inaugural product, it is being offered at a special 75% discount which you can take advantage of here:

https://directorcia.gumroad.com/l/lDekX/foundation

This special offer is available for the first 25 purchases! So if you are interested in getting your hands dirty with the Microsoft Power Platform, here’s a great opportunity to get started.

Look out for more projects coming soon from the CIAOPS Patron Power Platform Community.

CIAOPS Secwerks 1 is now totally virtual

In the face of continued COVID uncertainty locally I have decided to move the whole Secwerks 1 event online. The event will now be conducted fully using Microsoft Teams. Registrations are still open for the event starting on August the 5th, but now spread over 4 half day sessions to lower fatigue levels. You can register now and find a link to more details at:

www.ciaops.com

The event times will be during Thursday and Friday afternoons here in east coast Australia (GMT+10) and may not suit other locations. However, every business that registers will receive a copy of the recordings as well as the training materials. Registration is also now per business not per individual.

The Secwerks event is focused on giving you actionable information around Microsoft 365 as well as best practices, automations and understandings about how to improve the security of these environments. If you manage an Office 365 or Microsoft 365 environment, this, now, virtual event is for you.

I am working hard to add some unique sessions to the agenda and will be confirming those soon. Thanks to those who have already registered for being so accommodating in the face of this unexpected pivot but I look forward to seeing you at the event from the 5th of August 2021.

Creating a file location with unique permissions in Microsoft Teams

I wrote and article about:

Creating unique file permissions with Microsoft Teams

but I thought I’d also do a video:

https://www.youtube.com/watch?v=13BifpwKTt4

as I do get this question a lot about having a different set of file permissions for users inside a Microsoft Team. Best practice is NOT to alter any of the existing permissions that are provisioned by channel creation. Instead, create a separate area, with the permissions you want, and then link that back into your team.

That provides a lot more flexibility and doesn’t ‘break’ any of the standard settings.

Getting Message Center information into Teams

Recently, I wrote the following article:

Syncing M365 Message Center to Microsoft Planner

which took you through the process of getting Message Center information into Microsoft Planner. as good as that it is, the best place for that information should really be in Teams. The reason? With Teams people can ‘chat’ about the topics which adds far more value for an organisation in my opinion.

The good news is that it is very easy to not only sync messages with Microsoft Planner but also have them displayed in Microsoft Teams. It is all accomplished using Power Automate.

image

Create a new Flow and use the When a new task is created trigger as shown above. You’ll then need to configure this trigger action to point to the same Microsoft Plan into which you have already set up to sync with the Microsoft Message Center.

image

The next action should Get task details as shown above. You’ll need this to actually read the notes from each task, which contains the details of each item from the Message Center.

image

In my case, I save the Description field from the task into a string variable using the Initialize variable action as shown. I then use a number of separate Compose actions to search and replace text inside that variable to tidy up and format the Description field for posting into a Teams chat.

For example I remove the /r/n characters and replace them with the HTML line feed tag </br> using the following expression:

replace(variables(‘description’),decodeUriComponent(‘%0D%0A’),'</br>’)

image

Once I have the Description field formatted the way I want it then I use the Post a message (V3) action as seen above. The Title of the new task from Planner is the subject of the thread and the body is my now nicely formatted Description field, which is the data from the Message Center item.

SNAGHTML210e1093

You can see the result in a channel in Microsoft Teams above. Now others can easily add their reactions, comments and generally collaborate far easier than within Microsoft Planner.

I think having the Message center information delivered to Microsoft Teams make a lot of sense since it is a place more people will be spending more of their time generally. However, getting the Message Center information into Microsoft Teams still requires the sync configuration to a Plan first. However, once that is done, Power Automate allows you to achieve just about anything!

Need to Know podcast–Episode 270

Join me for this episode with Microsoft MVP James Arber who’ll spend some time with us talk about Teams Voice. In short, he’ll help us demystify what it takes to get Microsoft Teams connected to the plain old telephone system. Microsoft’s world wide partner conference, Inspire is this week, and I’ll be tuning in to catch all the announcements from the event. I’ll bring you all those in the next episode, but not to be be outdone, I have a few handy links and news from the Microsoft Cloud to tide you over till then.

This episode was recorded using Microsoft Teams and produced with Camtasia 2020.

Brought to you by www.ciaopspatron.com

Take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-270-james-arber/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

James Arber – Twitter, Linkedin

UCMadScientist.com

Teams and Skype for Business tools

@directorcia

Getting started with Microsoft Endpoint Manager

Three new voice features for Outlook mobile—now on iOS, and coming soon to Android

What’s new for admins in Microsoft 365 Apps for enterprise – June 2021

Enabling automation with Microsoft 365 Apps for enterprise

Get nostalgic with new Microsoft Teams backgrounds

New updates to the SharePoint admin center in Microsoft 365

Syncing M365 Message Center to Microsoft Planner

image

If you want to stay up to date with what Microsoft is developing and implementing with Microsoft 365, then you should be paying attention to information from the Microsoft 365 Message Center. You’ll find this in the Microsoft 365 Admin Center as shown above.

One of the options with this information is to have it delivered via email. To do this, select the Preferences cog as shown above.

image

Doing so will then display a number of configuration options on the right. Select the Email option from the menu at the top as shown.

image

You can now select whether to deliver these messages to the original tenant admin account, which is selected by default, but also up to two email addresses, which need to be separated by a semicolon. You can then select what emails you wish to received. Be warned, there are options for all Microsoft 365 services (like Exchange, SharePoint, Teams, etc) as well as major updates and privacy. Be careful of information overload here!

Select the Save button at the bottom of this dialog to update your preferences.

image

Another very handy option is to sync these messages with Microsoft Planner. To enable this option, select the Planner syncing menu item as shown above.

image

A dialog will now appear on the right, as shown above, that allows you to set up this process using a wizard. Simply select the Set up syncing button at the bottom of the page to commence this process off.

image

You’ll need to have a Microsoft Plan into which the Message Center will sync. If you don’t already have one, you can select the link on the page as shown to create one.

image

Your destination Microsoft Plan doesn’t need to be anything special. You need at least one bucket into which all the Message Center items will end up. In this case, that bucket will be the standard ‘To-do’ bucket.

image

Select the appropriate Microsoft Plan and the destination plan bucket, or select to create a new one.

Select the Next button at the bottom of the page to continue.

image

Like the email option, you now need to select which messages you wish to receive.

Select the Next button at the bottom of the page to continue.

image

You can now elect to import messages from a previous period i.e. messages already in the Message Center from the last X days.

Select the Next button at the bottom of the page to continue.

image

Review the settings.

Select the Next button at the bottom of the page to continue.

image

If you wish to set up an automatic process to sync the Message Center messages on a recurring basis, set the desired update time options and select the Create Flow with Power Automate button as shown.

image

Select the Continue button.

image

You’ll also need to sign in to allow access to the Message Center connector. Simply select the ‘+’ icon and the current account you are logged in with will be used. Ensure that a green check appears to the right of the Microsoft 365 message center as shown above.

image

Review the configuration and automatic syncing if enabled, and select the Done button to complete the process.

image

If you now visit the Power Automate service and look My Flows and Shared with me, you should see a Sync Microsoft 365 message center to Planner flow as shown above.

image

If you edit that Flow, you should see it simply has a recurrence trigger and a Sync messages to planner (preview) action, as shown above. The owners of this Flow will be the group associated with the Microsoft Plan you selected as your destination as well as the user who configured this process. You can always add more owners if you wish to this Flow. The Microsoft 365 message center connection will be authorised by the account you used to set up this process. This can also be altered if needed.

image

When Message Center data is synced to Planner it will look like the above, with all messages being delivered to the bucket that you nominated in the setup as individual tasks.

image

If you select any of these new Message Center tasks in Planner, they will appear as shown above, with details about the notification in the Notes of the task. These can now be used as any task would be inside Microsoft Planner.

As good as delivering Message Center information to Planner is, I feel that a better destination or this is actually Microsoft Teams. I’ll be covering off how to deliver it to a Microsoft Teams channel in an upcoming post, so stay tuned for that.