Need to Know podcast–Episode 169

I’m joined by newly minted MVP Kirsty McGrath to talk about Office 365 adoption. We talk about the Office 365 product wheel Kirsty created and how it helps users understand the full breadth of what Office 365 has to offer. We also cover off the importance of implementing an adoption strategy and having a long term vision when it comes to getting the most from Office 365 in any business.

There is of course the usual cloud updates on Office 365 and Azure from Marc and myself as well as reflection on the recent Microsoft Summit in Sydney.

Take a listen and let us know what you think –feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-169-kirsty-mcgrath/

Resources

Kirsty McGarth on Linked in

Kirsty’s Office 365 product wheel

Sydney Office 365 Business User Group

Azure new from Marc

Microsoft 365 Business now available worldwide

Write your best resume in Word with help from Linkedin

Microsoft Flow integration with OneDrive for Business

Planner Ignite review and roadmap

Compliance Manager Preview

Microsoft Cloud Update–November 2017

Microsoft Cloud Updates – November 2017 from Robert Crane

All the latest news from the Microsoft Cloud including updates on Office 365 and Azure.

CIAOPS Need to Know Office 365 Webinar–November 2017

laptop-eyes-technology-computer

November is once again super busy but I’m still going to give my monthly webinar focused on Office 365. I am scheduling this month’s free Office 365 webinar on Friday the 1st of December from 11am – 12pm. There is lots of news to cover (especially from the upcoming Microsoft Summit in Sydney) and we’ll also be doing a deep dive into SharePoint best practices. Not a session to miss.

You can register for free at:

November Webinar Registrations

The details are:

CIAOPS Need to Know Webinar – November 2017
Friday 1st of December 2017
11am – 12am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

There of course will also be open Q and A so make sure you bring your questions for me and I’ll do my best to answer them.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session.

Pitching Microsoft 365

Pitching Microsoft 365 from Robert Crane

Here is a recording of a presentation I recently gave that focused on how to successfully pitch Microsoft 365.

In short, you need to build on the benefits provided by Office 365, then standardise the business on Windows 10 and finally bring all devices under management using the Enterprise Mobility Suite (EMS).

Microsoft 365 Windows 10 Device configuration mappings

Microsoft 365 Business allows you to configure Windows 10 devices that are connected. This management is typically done by Intune at the back end while Microsoft 365 Business provides a simplified interface over these settings. However, what settings in Microsoft 365 map to Intune?

The best place to start to understand this mapping is the following document from Microsoft:

How do protection features in Microsoft 365 Business map to Intune settings

Start by navigating to the Admin center in your Microsoft 365 for Business tenant.

Locate the Device policies tile and select it.

You may see a number of policies here but one should be named Windows 10 device configuration as shown above. Select this.

You should be taken to the Edit policy dialog as shown above.

Select the Edit hyperlink at the right of the Windows 10 protection line (the second option from the top).

If you expand the display you should see a list of all the options and their status as shown above.

The question now is, how do these map to settings in Intune?

To view the settings in Intune you’ll need to login to the Azure portal for that tenant and then navigate to the Intune option.

The easiest way to find the Intune settings is to do a search in the top right and then select Intune from the results.

You should see the Intune console displayed as shown above.

From the available options, select Device Configuration. From the blade that appears then select Policies. You should then see a policy that matches the one in the Microsoft 365 for Business console (here Windows 10 device configuration).

Select the policy name.

From the new blade that appears select Properties.

This should open another blade like shown above. The last option on this blade should be Settings. Select this.

This will open a Device restrictions blade with lots of different settings as you can see above. This is where most the mapped settings from Microsoft 365 are.

Working from the top, the Help protect PCs from web-based threats using Windows Defender Antivirus maps to Windows Defender Antivirus as shown.

However, only 3 of the 28 options are set and they are:

Next in Microsoft 365 Business is Help protect PCs from web-based threats in Microsoft Edge,

This maps to SmartScreen for Microsoft Edge in Windows Defender Smart Screen.

The next option is Turn off device screen when idle for:

which maps to Maximum minutes of inactivity until screen locks in Password.

The option Allow users to download apps from Windows store maps to a Custom URI that I haven’t been able to locate in Intune.

I’m still researching what that actually maps to. More soon.

Next is Allow users to access Cortana

maps to Cortana in General in Intune.

Next, Allow users to receive Windows tips and advertisements from Microsoft.

which maps to Windows spotlight in Intune.

Finally, Keep Windows 10 devices up to date automatically

is actually configured from the Software updates option in Intune.

From the main Intune blade select Software updates. From the blade that then appears select Windows 10 Update rings. Then form the new blade select Update policy for Windows 10 devices.

Select the policy and then Properties from the blade that appears.

At the bottom of the Properties page select Settings. This should then show a blade like that shown above.

If the Microsoft 365 Business setting is ON the Service Branch will be set to Semi-Annual Channel (Targeted) like so:

If the Microsoft 365 Business setting is OFF, the Service Branch will be set to Semi-Annual like so:

You can review these update channels here:

Assign devices to servicing channels for Windows 10 updates

So making any changes in the Microsoft 365 Business console will be reflected in the Intune console. However, if you change these settings in Intune and then try and update them you seem to get an error like so

I would have thought that I could change the settings in any console but that doesn’t appear to be the case. I currently can’t find any confirmation of this but I will publish anything I find. So for now the guidance is – only make changes in the Microsoft 365 Business Admin Center.

There are a number of other policies in Microsoft 365 Business that I’ll cover in upcoming posts.

When good Flows go rogue

At about 2.15am local time this morning, two Microsoft Flows in my Office 365 tenant went rogue and started blasting select email addresses with continual emails.

The two Flows in question I used to handle registrations for my regular monthly webinars. You can read more about how I created these here:

Using Microsoft Flow for event confirmations

Basically, they are triggered by a submission from Typeform. They then send the registrant a confirmation email as well as writing the details to a SharePoint list. These Flows are linear and incorporate no looping. These Flows had run successfully for over 12 months and had not been edited, changed or even viewed in a few weeks.

However, at approximately 2.15am local time, both of these Flows started to execute repeatedly sending hundreds of emails to a select group of people who had previously registered for the webinars.

The above shows a very small sample of the the sent items from the mailbox in question.

The mailbox sending out the emails from the rogue Flows was not my production mailbox so when I checked my production inbox just before 6 am local time when I awoke, I was quickly made aware of the issue from various people.

I immediately logged into the tenant with the rogue Flows and disabled the Flows but emails continued to be sent. I then went in and deleted the Flows but email continued to be sent. I therefore went in and created an Exchange transport rule to prevent that mailbox from sending anything further.

At that point the emails stopped being sent. In hindsight, that could have been from exhaustion of emails queued to be sent upon disabling the Flows. Whatever the reason, outbound emails had apparently stopped.

I immediately then logged a support request with Microsoft to confirm that the rogue Flows where not still running in the background, even though I had deleted them.

My request was escalated to the SharePoint Team who look after Flow. All the details of my situation were recorded and verified via a screen sharing session.

With the Exchange transport rule still in place I looked at the Flow Admin and found:

I then downloaded the CSV file to get more details and found:

The two rogue Flows had each run almost 5,000 times. Clearly an issue.

At this stage Microsoft is still investigating the issue behind the scenes and I have removed the Exchange transport rule and confirmed emails are not being sent. Thus, it appears the rogue Flows have ceased.

What is interesting here is that the Flows that went rogue were only designed to run once someone completed the online Typeform. However, overnight they decided to run over and over again obviously caught in some sort of loop.

My guess as to the cause is that the Typeform connector used with Microsoft Flow received some type of update causing it to replay previous registrations over and over. The strange part is the fact that it kept repeating even though it was never designed to loop.

I am sorry to those people who received over 600 emails from me due to this issue and if it keeps happening or reoccurs please contact me asap and let me know.

With both Flows now deleted I am going to have to rebuild them but the question is how (can?) I prevent something like this happening again?

My current thinking is that I move the registrations to their own dedicated email box that I can, in the worst situation, completely delete if needed. I also need to work out some sort of rule that prevents constant email being sent if they exceed a threshold (say 10 emails in 10 seconds) and take appropriate action.

I’ll have to have a think about how (or if) I can do this and how I go about creating and monitoring any new Flows I create. I welcome any suggestions people might have on how I can prevent a recurrence.

A painful example of what happens when automation breaks.

Need to Know podcast–Episode 168

In this episode I talk with Benjamin Elias from Ideocial about on of my favourite Office 365 service – Yammer. We follow up on some of the announcements from the recent Microsoft Ignite and how they will impact the product going forward. Of course, there is also news from Marc and myself on Office 365 and Azure to keep you up to date.

Take a listen and let us know what you think –feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-168-ben-elias/