2020 Update for Surface Hub v1 available via Windows Update

by Contributed | Feb 24, 2021 | Technology

This article is contributed. See the original author and article here.

We’re pleased to announce the Windows 10 Team 2020 Update will be available via Windows Update & Windows Update for Business to first-generation Surface Hub 55” and 84” devices, beginning February 24.

We will initially be making Windows 10 Team 2020 available over the coming weeks, as noted below, to help ensure the highest quality update experience:

• Feb 24: Surface Hub v1 with full telemetry enabled in Australia, New Zealand, Japan, Canada, Mexico, Belgium, Italy, Germany, the Netherlands, Switzerland, and UK.


• March 2: Surface Hub v1 with full telemetry enabled in all global markets.

Note: If the Windows 10 Team 2020 Update does not appear in the list of available Windows Updates, you can temporarily turn on full telemetry (aka Windows diagnostics). After enabling full telemetry and restarting the device, it may take 24 hours or more before the update appears. To check, login to Surface Hub v1 as Admin, select Settings > Update & Security > Check for updates.

Please also read the known issues list before updating your devices to Windows 10 Team 2020.

Updating via Surface Hub Recovery Tool

As an alternative to Windows Update, all first-generation Surface Hubs can be updated from Windows 10 Team, version 1703 (RS2)¹ to the new Windows 10 Team 2020 Update with the Surface Hub Recovery Tool (SHRT)² available for download (select SurfaceHub_Recovery_v2.7.139.0.msi). When you run the SHRT tool, you will be prompted to select the 2020 Update image – aka 20H2 – as shown in the following screenshot:

For more information about using the SHRT tool including step-by-step instructions, refer to Using the Surface Hub Recovery Tool.

References

1. Windows 10 Team, version 1703 (RS2), will remain supported through March 16, 2021.

2. Any first-generation Surface Hub impacted by the Windows 10 Team 2020 Update may be restored and updated via the Surface Hub Recovery Tool (SHRT).

Create and add a OneNote tab to your Microsoft Teams team channel using Power Automate + Graph API

by Contributed | Feb 24, 2021 | Technology

This article is contributed. See the original author and article here.

I was asked to share how I have been adding new OneNote tabs to a team channel in Microsoft Teams using Power Automate + Graph API. If you look at the documentation it shows you this:

Of course I never believed that but found earlier a way to hack OneNote into a channel as tab but also updated my methods when it became much simpler than before. In this blog post I show you the simple way how to add OneNote book as a tab.

1. You need t use a Premium licensing if you are using Power Automate since this is done using Graph API calls.


2. Set up Azure AD App Registration with application id and client secret with required permissions for OneNote and to adding a tab to create OneNote books and adding them to tabs.


3. You need a team id and a channel id you want to put the OneNote book into as a tab

Adding a new notebook is done directly to the team. The creation is quite simple – I used the team name as part of the Notebook’s name.

Once you have created the notebook you need to parse the body for some important variabled.

I created the schema based on one creation body to retrieve essential info about notebook ID and also it’s weburl.

{
     "type": "object",
     "properties": {
         "@@odata.context": {
             "type": "string"
         },
         "id": {
             "type": "string"
         },
         "self": {
             "type": "string"
         },
         "createdDateTime": {
             "type": "string"
         },
         "displayName": {
             "type": "string"
         },
         "lastModifiedDateTime": {
             "type": "string"
         },
         "isDefault": {
             "type": "boolean"
         },
         "userRole": {
             "type": "string"
         },
         "isShared": {
             "type": "boolean"
         },
         "sectionsUrl": {
             "type": "string"
         },
         "sectionGroupsUrl": {
             "type": "string"
         },
         "createdBy": {
             "type": "object",
             "properties": {
                 "user": {
                     "type": "object",
                     "properties": {
                         "id": {
                             "type": "string"
                         },
                         "displayName": {
                             "type": "string"
                         }
                     }
                 }
             }
         },
         "lastModifiedBy": {
             "type": "object",
             "properties": {
                 "user": {
                     "type": "object",
                     "properties": {
                         "id": {
                             "type": "string"
                         },
                         "displayName": {
                             "type": "string"
                         }
                     }
                 }
             }
         },
         "links": {
             "type": "object",
             "properties": {
                 "oneNoteClientUrl": {
                     "type": "object",
                     "properties": {
                         "href": {
                             "type": "string"
                         }
                     }
                 },
                 "oneNoteWebUrl": {
                     "type": "object",
                     "properties": {
                         "href": {
                             "type": "string"
                         }
                     }
                 }
             }
         }
     }
 } 

The final piece is to use this information to add OneNote as a tab to a channel. For this you need the notebook id, the channel id along with the team id.

And that’s that.

Of course we could take this further by adding new sections and pages to the OneNote – or even content. But even as this is now this is very useful when doing a custom team provisioning. If you have premium licenses for Power Automate.

Instead of using Power Automate Premium this could be very well done with Azure Logic Apps, which can provide a cost-effective way to use occasional Graph API calls (it always depends): do the ROI calculation for your situation/platform.

This article is a repost from my blog.

Send email reminders from Microsoft Lists using Power Automate

by Contributed | Feb 24, 2021 | Technology

This article is contributed. See the original author and article here.

In this blog post, I will show how to send email reminders for Microsoft Lists items based on a date column using Power Automate. I am using the Microsoft Lists Issue Tracker template for this blog. 

Automated email reminders give users time and opportunity to intervene in the business process prior to expiration or end dates. In this demo, we will base our Power Automate Flow on the “Due Date” column and will send reminders 30 days in advance of the date.

Issue Tracker setup

You can get started with the Issue Tracker by navigating to Microsoft Lists, click “New list” and then select “Issue tracker”.

Review the sample and click “Use template”.

Provide a name, color, icon and storage location (OneDrive aka “My lists” or SharePoint) and then click “Create”. I am using “My lists” in this example.

We will add a Due Date column to connect our reminders to. From Issue Tracker to the right of the Date reported column select + Add column or + and select “Date and Time”. 

Set Name to Due Date and click “Save”.

Flow build

Create a new Flow by clicking “Automate” > “Power Automate” > “See your flows”.

Click “New” > “Scheduled-from blank”.

Provide a Flow name, I.e. Issue Tracker – Daily, set “Starting” to “10:00 AM”, “Repeat every” to “1”, “Day” and click “Create”.

Tip: Use the advanced options to set your target time zone.

Click “New step”, search for “Variable” and select the “Initialize variable” action. 

Set the “Name” to varNumDays; “Type” to “Integer” and “Value” to “30”.

Click “New step”, search for “Variable” and select the “Initialize variable” action.  

Set the “Name” to varReminderDate; “Type” to “String” and “Value” to the following expression:

addDays(utcNow(), variables(‘varNumDays’), ‘yyyy-MM-dd’)

Note: Click “Add dynamic content” > “Expression” to access the expression editor.

Click “New step”, search for “SharePoint” and select the “Get items” action. Note: Microsoft Lists is really SharePoint, so that is why we are using the Power Automate SharePoint actions. 

Set the “Site Address” and “List Name” to your Issue Tracker site and list. 

Use the “Advanced options” to set “Filter query” to the following ODATA filter query:

DueDate eq ‘@{variables(‘varReminderDate’)}’

Where “@{variables(‘varReminderDate’)}” is the varReminderDate variable. 

Note: pay attention to the single quotes used in the ODATA filter query.

Click “New step”, search for “Office 365 Outlook” and select the “Send an email (V2)” action.

Set “To” to Person or group the issue is assigned to Email (from the SharePoint Get items action). Power Automate will put this into a “Apply to each” loop so it can send multiple emails based on the previous “Get items” action.

Set “Subject” and “Body” to something similar to the image below.

My completed Flow looks like the image below.

Save and test the Flow. If you have items due in 30 days the owner will receive a reminder email.

This Flow is relatively simplistic in design and function but illustrates how value can be added to existing business processes by automating tasks and giving users an opportunity to act prior to a due date.

Thanks for reading.

NY

Adapted from normyoung.ca 

Manage and deploy Microsoft 365 Apps from partners in the Microsoft 365 admin center

by Contributed | Feb 24, 2021 | Technology

This article is contributed. See the original author and article here.

Since we introduced Microsoft 365 Apps at Microsoft Ignite 2019, we’ve made investments to further enhance the deployment and management experience for Microsoft 365 Apps from the Microsoft 365 admin center. We introduced the unified deployment experience to SMB customers in March 2020, and now we’re bringing it to enterprise customers as well. The new experience is rolling out in phases and will be available to all customers by February 2021. The experience started with web apps, Teams apps, and Office Add-ins that integrate with Microsoft Graph, then expanded to include SharePoint apps built on the SharePoint Framework.  

When this feature is rolled out to your tenant, you will see Integrated apps on the left nav under the Settings section in the Microsoft 365 admin center. 

Discover Microsoft 365 Apps 

To discover Microsoft 365 Apps, sign-in to the Microsoft 365 admin center, and under Settings, go to Integrated apps. All Microsoft 365 Apps provided by partners that have been deployed in your organization are displayed, including information about existing solutions, and the option to deploy more apps. 

You can search for more apps via the Settings -> Integrated apps -> Get apps option. This opens Microsoft AppSource in a popup window. You can then search by the publisher or app name. 

Acquire/purchase Microsoft 365 Apps 

After searching Microsoft AppSource, you can either acquire or purchase more apps. If your organization already has a license for the app, you can acquire it by choosing Deploy now. Otherwise, you can buy a license directly. 

When you choose Buy it, you go to a Purchase page where you can enter payment information. 

Deploy Microsoft 365 Apps to multiple workloads 

After selecting the app, you are redirected to the Integrated apps page, where you can: 

• Deploy Microsoft 365 Apps or choose which app to deploy. 


• Deploy to the entire organization or choose specific users or groups to deploy to. 


• Test the app by deploying it to your own tenant. 

We recommend that you deploy Microsoft 365 Apps from partners, including both web apps and add-ins, to maximize the value to your organization. 

Manage Microsoft 365 Apps 

When new add-ins are made available for Microsoft 365 Apps that can be deployed, you will see More apps available in the UI and you can choose to deploy the new add-in. 

For details about deploying and managing Microsoft 365 Apps, see Test and deploy Microsoft 365 Apps in the Microsoft 365 admin center. 

Going forward 

We are continuously building capabilities that will meet the needs of specialist and global admins for enterprise customers. We are also making ongoing improvements to help you complete tasks faster and more easily, so that you can bring greater value to your organization and business stakeholders. 

Continue the conversation by joining us in the Microsoft 365 Tech Community! Whether you have product questions or just want to stay informed with the latest updates on new releases, tools, and blogs, Microsoft 365 Tech Community is your go-to resource to stay connected!

Microsoft Defender for Identity Ninja Training

by Contributed | Feb 24, 2021 | Technology

This article is contributed. See the original author and article here.

Microsoft Defender for Identity Ninja Training

Welcome to the Microsoft Defender for Identity Ninja Training!

Microsoft Defender for Identity (renamed from Azure Advanced Threat Protection or Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.  This Ninja blog covers the features, detentions, and functions of Microsoft Defender for Identity.

Short Link:  aka.ms/MDINinja

In terms of overall structuring, the training sessions are split into three different knowledge levels:

Note: Threat protection product names from Microsoft are changing. Read more about this and other updates here. We’ll be updating names in products and in the docs soon.

• Microsoft 365 Defender (previously Microsoft Threat Protection)


• Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection)


• Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection)


• Microsoft Defender for Identity (previously Azure Advanced Threat Protection)

Fundamentals:

In this module you will familiarize yourself with Microsoft Defender for Identity and its detection capabilities. You will also learn about Microsoft Defender for Identity architecture, deployment options, licensing and the Microsoft Defender for Identity community.

• What is Microsoft Defender for Identity? (V)


• Understanding Microsoft Defender for Identity Licensing and Privacy (D)


• Microsoft 365 Defender enriches the Microsoft Defender for Identity experience (B)


• Defender for Identity Community (D)
  
  
  
  • This is a Microsoft Defender for Identity Tech Community space that provides an opportunity to connect and discuss the latest news, updates, and best practices with Microsoft professionals and peers.
  
  
  
  


• Defender for Identity Security Lab and Playbooks (D)

The purpose of the Microsoft Defender for Identity Security Alert lab tutorial is to illustrate Defender for Identity‘s capabilities in identifying and detecting suspicious activities and potential attacks against your network. 

• Lab Setup (D)


• Reconnaissance Playbook (D)


• Lateral Movement Playbook (D)


• Domain Dominance Playbook (D)

Planning your Microsoft Defender for Identity Deployment

• Microsoft Defender for Identity Architecture (D)


• Microsoft Defender for Identity Prerequisites (D)


• Microsoft Defender for identity FAQs (D)

Deploying Microsoft Defender for Identity Deployment

• Microsoft Defender for Identity Installation Overview (V)


• Create your Azure ATP instance (D)


• Connect to Active Directory (D)


• Configuring the Microsoft Defender for Identity Sensor (D)


• Excluding entities from detection’s (D)


• Working with sensitive accounts (D)

Intermediate:

In this module you will familiarize yourself with Microsoft Defender for Identity Security Posture Assessments, identifying indicators of compromise, suspicious activities and attacks, and lateral movement paths. 

Identity Security Posture Assessments

• Identity Security Posture Assessments Overview (V)


• Bolster your security posture with Identity Security Posture Assessments (V)


• Identity Security Posture Assessments Documentation (D)

Identify Suspicious Activities and Advanced Attacks

• Microsoft Defender for Identity Detection’s – Part 1 (V)


• Microsoft Defender for Identity Detection’s – Part 2 (V)


• Reconnaissance Alerts (D)


• Compromised Credential Alerts (D)


• Lateral Movement Alerts (D)


• Domain Dominance Alerts (D)


• Exfiltration Alerts (D)

Investigate Lateral Movement Paths
In this module we will learn what Lateral Movement Paths are, and how to investigate.

• What is a Lateral Movement Path? (D)


• Tutorial: Use Lateral Movement Paths (LMPs) (D)

Indicators of Compromise

In this module we will investigate users, computers, and entities.  This module includes gathering information around users, computers, and entities.  Investigating activities and resources that may have been accessed.  

• Incident investigation with Microsoft Defender for identity (V)


• Tutorial: Investigate a user (D)


• Tutorial: Investigate a computer (D)


• Tutorial: Investigate an entity (D)

Interactive Guides

• Detect suspicious activity w/Defender for Identity (G)
  
  
  
  
  • In this interactive guide, you’ll learn how to detect suspicious activities and potential attacks on your network with Microsoft Defender for Identity. You’ll see how Defender for Identity can help you identify reconnaissance attacks, investigate attacker behavior inside your network, and provide recommendations on reducing domain vulnerabilities.
  
  
  
  


• Attack Response: Microsoft Defender for Identity (G)
  
  
  
  
  • In this interactive guide, you’ll learn how to investigate and respond to attacks with Microsoft Defender for Identity. You’ll see how Microsoft Defender for Identity can help you examine suspicious activities, trace lateral movement, and prevent future breaches.
  
  
  
  

Advanced:

In this module you will familiarize yourself with Microsoft Defender for Identity Advanced Hunting within the Microsoft 365 Defender portal.

Advanced Hunting with Microsoft 365 Defender
In this module you will create advanced KQL threat-hunting queries.  This module includes Microsoft Defender for Identity advanced KQL threat-hunting queries, and the creation of custom detection rules.

• Microsoft Defender for Identity advanced KQL threat-hunting queries