Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog


Channel Description:

Resources for IT Professionals

older | 1 | .... | 840 | 841 | (Page 842) | 843 | 844 | .... | 889 | newer

    0 0

    Today’s Tip…

    If you have a scenario where you need to map OneDrive to a drive letter, here is the steps to do that…

    Note: While WebDav is supported this will work. If at any time OneDrive for Business no longer supports WebDav, this will no longer work.

    1. Within File Explorer, right click on your OneDrive for Business, select OneDrive for Business, then select Copy link. clip_image001
    2. Within File Explorer, right click on Network and select Map a network drive.  clip_image002
    3. In the Folder field, right click and paste
    4. Make sure that Reconnect at sign-in  is selected                                 clip_image003
    5. Click Finish

    Your OneDrive will now show up as a mapped drive.


    0 0

    Partner of the Year Awards are presented each year at WPC based on a self-nominating process by partners.

    Winners are celebrated at the Worldwide Partner Conference (WPC) in Toronto, Canada from July 10-14, 2016.

    We have exclusive early access to the awards guide, to help you prepare your nominations for 19th February, when you can submit your entry. Download the guide today.

    Join our webinar  on Tuesday 23rd Feb to find out our top hints and tips for writing your nomination and how you can maximise your chances of winning an award.

    While at WPC, award winners will be recognised during the main stage keynote, executive photo opportunities, and invite-only events to meet and network with top Microsoft executives and other award winners. Register for your all access pass WPC today.


    0 0

    Today our partners are doing amazing things with Microsoft Azure to secure, accelerate and grow their business. They are taking advantage of the wealth of relevant industry and technical solutions that Microsoft’s application builder community provide. These solutions allow quick and easy resolution of short-term and strategic concerns around ‘the cloud’ as the pace of today’s business climate challenges the way we think about how technology delivers a competitive advantage.

    Join this webinar series, designed to show you the best Azure solutions for your business to take advantage of. You will learn the value a solution will bring to your business, the ease of implementation & delivery and what you need to do benefit.


    0 0

    anitarchProtecting your customers servers, whether it is on-premises, physical, virtual or cloud is vital to making sure you keep your customers safe and secure.   A good friend of mine, Yuri Diogenes, just published a fantastic article on the Microsoft Antimalware for Azure Cloud Services and Virtual Machines is a real-time protection capability that helps identify and remove viruses, spyware, and other malicious software, with configurable alerts when known malicious or unwanted software attempts to install itself or run on your Azure systems.

    He discusses the capabilities, the architecture, the functionality of the service and much more take a look here for the full article:  Microsoft Antimalware for Azure Cloud Services and Virtual Machines 

    Here is an overview of what features are available when you deploy and enable Microsoft Antimalware for Azure for your applications:

    • Real-time protection - monitors activity in Cloud Services and on Virtual Machines to detect and block malware execution.
    • Scheduled scanning - periodically performs targeted scanning to detect malware, including actively running programs.
    • Malware remediation - automatically takes action on detected malware, such as deleting or quarantining malicious files and cleaning up malicious registry entries.
    • Signature updates - automatically installs the latest protection signatures (virus definitions) to ensure protection is up-to-date on a pre-determined frequency.
    • Antimalware Engine updates– automatically updates the Microsoft Antimalware engine.
    • Antimalware Platform updates– automatically updates the Microsoft Antimalware platform.
    • Active protection - reports telemetry metadata about detected threats and suspicious resources to Microsoft Azure to ensure rapid response to the evolving threat landscape, as well as enabling real-time synchronous signature delivery through the Microsoft Active Protection System (MAPS).
    • Samples reporting - provides and reports samples to the Microsoft Antimalware service to help refine the service and enable troubleshooting.
    • Exclusions– allows application and service administrators to configure certain files, processes, and drives to exclude them from protection and scanning for performance and/or other reasons.
    • Antimalware event collection - records the antimalware service health, suspicious activities, and remediation actions taken in the operating system event log and collects them into the customer’s Azure Storage account.

    Take a look at the full article here:  Microsoft Antimalware for Azure Cloud Services and Virtual Machines 

    Hester_Matt-5330



    Matt Hester
    Sr. Partner Technology Strategist


    0 0

    Publicado a 9 de Fevereiro de 2016 por Jacqueline Beauchere 

    Chefe responsável pela segurança da Microsoft Online 

    Dia 9 de Fevereiro de 2016 foi  o  “Safer Internet Day”, ou o dia da Internet Segura.Um dia internacional para promover a utilização mais segura e responsável de tecnologia e serviços, especialmente entre as crianças e jovens.  A partir da última década, a Microsoft tem tomando parte em numerosas atividades como esta em vários continentes.

    Nos Estados Unidos, foi dada largada a uma série de eventos na Lojas Microsoft  para indivíduos e famílias com informações importantes sobre a prevenção de fraudes online.

    Os workshops são projetados para ajudar as pessoas a aprender o que fazer se eles forem contactados por alguém de “software de segurança e serviços” e alegando ser de uma empresa como a Microsoft. Esses golpes nada mais são do que tentativas de roubo do seu dinheiro, números de cartão de crédito e outras valiosas informações pessoais. Lembramos que você nunca deve fornecer dados confidenciais para pessoas que lhe telefonam. Relate imediatamente qualquer informação sobre o truque para as autoridades locais. Você também pode alertar a Microsoft sobre estas operações fraudulentas que usam o nome da Microsoft através do Report a Scam.

    Seja qual for o tópico relacionado à segurança, o Dia da Internet Segura é o momento ideal para se fazer um balanço dos hábitos e práticas online e a garantir nossa segurança. O objetivo da Microsoft é ajudar a educar, engajar e inspirar as pessoas para melhor proteger a si mesmo e aos outros online – todos temas decorrentes do Dia da Internet Segura.

    Aqui estão algumas dicas gerais para ter certeza de que você está se mantendo atualizado digitalmente:

      • Para defender o seu computador, tablet e telefone, reforçe as defesas do seu dispositivo. Mantenha todos os softwares atualizados com atualização automática. Não seja enganado por download de software mal-intencionado e pense antes de abrir anexos ou clicar em links em mensagens de email, IM ou em uma rede social - mesmo que você conheça o remetente.
      • Proteger informações pessoais. Nunca forneça informações sensíveis (por exemplo, números de conta ou senhas) ou chamar um número em resposta a um email, IM ou solicitação de rede social. Pense antes de responder a pedidos de dinheiro de "membros da família", vendas que soe bom demais para ser verdade ou outros golpes.
      • Criar senhas fortes e as mantenha secretas. Crie senhas longas e fortes, como frases ou sentenças que misture letras, números e símbolos. Use senhas diferentes para contas diferentes e sites, sobretudo aquelas que envolvem informações financeiras.
      • Assuma o controle de sua reputação online. Descubra o que há na Internet sobre você digitando seu nome no Bing e outros motores de pesquisa. Periodicamente reavalie o que você encontrar e nos esforçamos para cultivar uma verdadeira reputação positiva.

      • Tome medidas adicionais para manter seus filhos seguros online. Torne a segurança online um esforço em família com uma mistura de orientação e acompanhamento. Negocie regras de casa para a Web e o uso de jogos online que se adaptam ao seu nível de maturidade da criança e os valores da sua família. Preste atenção ao que as crianças fazem e ao que eles atendem online.

    Construimos nossa histórico com experiência de mais de 20 anos de segurança online, a Microsoft continua comprometida a fazer a sua parte para ajudar a crescer e dar forma a uma melhor e mais segura para a juventude e a Internet e efetivamente para todos. Para saber mais sobre ser um bom cidadão digital , visite o nosso site (www.microsoft.com/saferonline); página através da nossa grande coleção de recursos, e compartilhar com a família e amigos. Você também pode nos encontrar no Facebook e siga-nos no Twitter.

    Sobre o Autor

    Jacqueline Beauchere

    Microsoft chefe responsável pela segurança online

     

    Original: http://blogs.microsoft.com/on-the-issues/2016/02/09/safer-internet-day-2016-the-perfect-time-to-take-stock-of-our-online-habits-and-practices/


    0 0

    Con el surgimiento del big data y del Internet de las Cosas, las tecnologías de visualización de datos se han comenzado a convertir en la principal prioridad para que los responsables de las organizaciones puedan tener la información ordenada en tiempo y forma. Esta tendencia se ve reflejada en cualquier tipo de empresas con diferentes objetivos de negocio. Un ejemplo de ello es un sistema de predicción, basado en la nube, de la Universidad de Washington (UW) y Microsoft Research que ayuda a la industria...(read more)

    0 0

    Publicado el 9 de febrero de 2016 por Jacqueline Beauchere– Directora de Seguridad en línea de Microsoft

    Hoy es el Día de Internet Seguro, un día internacional de acción para promover el uso más seguro y más responsable de la tecnología y los servicios, particularmente entre los niños y los jóvenes. En 2016, al igual que con la última década de Días de Internet Seguro, Microsoft participa en numerosas actividades en varios continentes.

    En los EE.UU., vamos a iniciar una serie de eventos de capacitación en las tiendas de Microsoft  para ofrecer a las personas y a las familias información importante sobre cómo prevenir el fraude en línea. Los talleres están diseñados para ayudar a las personas a aprender qué hacer si son contactadas por alguien que pretende vender software y servicios de seguridad, y dice ser de una empresa como Microsoft. Estas estafas no son más que esquemas de confianza que tienen como objetivo despojar a las personas de su dinero ganado con gran esfuerzo, obtener números de tarjetas de crédito y otra información personal valiosa. Le recordamos que nunca proporcione datos confidenciales a llamadas o correos de anuncios publicitarios no solicitados, e informar inmediatamente cualquier información acerca de la estafa a las autoridades locales. También puede alertar a Microsoft de engaños que invocan nuestro nombre a través de Informe de una estafa.

    Cualquiera que sea el tema relacionado con la seguridad en línea, el Día de Internet Seguro es el momento perfecto para hacer un balance de los hábitos y prácticas en línea, y asegurar que cada uno de nosotros hacemos lo mejor para el futuro. El objetivo de Microsoft es ayudar a educar, comprometer e inspirar a la gente para protegerse mejor a sí mismos y a otros en línea – todo derivado del tema del Día de Internet Seguro de este año, "Ponga su granito de arena para un mejor Internet". He aquí algunos consejos generales para asegurarse de que está al día digitalmente:

      • Defienda su PC, tableta y teléfono. Fortalezca  las defensas de su dispositivo. Mantenga todo el software al día con la actualización automática. No se deje engañar para descargar software malicioso, y piénselo dos veces antes de abrir archivos adjuntos o hacer clic en enlaces de correo electrónico, mensajería instantánea o en una red social - incluso si conoce al remitente.
      • Proteja la información personal. Nunca dé información sensible (por ejemplo, números de cuenta o contraseñas) o llame a un número en respuesta a un correo electrónico, mensajería instantánea o solicitud de red social. Piénselo dos veces antes de responder a solicitudes de dinero por "miembros de la familia", ofertas que suenan demasiado buenas para ser ciertas u otras estafas.
      • Cree contraseñas difíciles y manténgalas en secreto. Hágalas largas y difíciles, como frases u oraciones que mezclan letras, números y símbolos. Utilice diferentes contraseñas para diferentes cuentas y sitios web, especialmente las que implican información financiera.
      • Tome las riendas de su reputación en línea. Descubra lo que hay en Internet sobre usted introduciendo su nombre en Bing y otros motores de búsqueda. Periódicamente reevalúe lo que encuentra, y haga un esfuerzo por cultivar una reputación precisa y positiva.
      • Tome medidas adicionales para proteger a los niños en línea. Haga de la seguridad en línea un esfuerzo familiar con una mezcla de orientación y monitoreo. Negocie las reglas de la casa para el Web y el uso de juegos en línea de manera que se ajusten al nivel de madurez de su hijo y valores de su familia. Preste atención a lo que los niños hacen y con quién se encuentran en línea.

    Sobre la base de nuestra historia de más de 20 años en la seguridad en línea, Microsoft mantiene su compromiso de hacer su parte para ayudar a crecer y dar forma a un Internet mejor y más seguro para los jóvenes y, de hecho, para todo el mundo. Para aprender más sobre cómo ser un buen ciudadano digital , visite nuestro sitio Web (www.microsoft.com/saferonline); navegue a través de nuestra gran colección de recursos, y compártalos con la familia y los amigos. Obtenga más información acerca de los próximos talleres en las tiendas relacionados con el Día de Internet Seguro, así como del calendario durante todo el año en microsoftstore.com/locations. También puede darnos “Me gusta” en Facebook y seguirnos en Twitter.

    Sobre la autora

    Jacqueline Beauchere

    Directora de Seguridad en línea de Microsoft

    http://blogs.microsoft.com/on-the-issues/2016/02/09/safer-internet-day-2016-the-perfect-time-to-take-stock-of-our-online-habits-and-practices/


    0 0

    If you’re running Exchange 2013 and you’ve configured a hybrid deployment with Office 365, this post contains important information that might impact you. Please evaluate this information and take any necessary action before April 15, 2016.

    On April 15 2016, the Office 365 TLS certificate will be renewed. This certificate is used by Office 365 to provide TLS encryption between Office 365 and external SMTP servers. The new certificate, which will help improve the security of mail sent to and from Office 365, will be issued by a new Certificate Authority and it will have a new Issuer and Subject.

    This change has the potential to stop hybrid mailflow between Office 365 and your on-premises Exchange servers if one of the following conditions applies to you:

    • Your on-premises Exchange servers are running Exchange 2013 Cumulative Update 8 (CU8) or lower.
    • You’ve upgraded the Exchange 2013 servers that handle hybrid mailflow to Exchange 2013 CU9 or higher. However, since upgrading to CU9, you HAVE NOT re-run the Hybrid Configuration wizard (either from the Exchange Admin Center or via the direct download link).

    If one of the previous conditions applies to your organization, hybrid mailflow between Office 365 and your organization will stop working after April 15, 2016 unless you complete the steps below.

    Note: This only affects hybrid mailflow. Regular mailflow and TLS encryption is NOT affected.

    How to keep hybrid mail flowing (MUST be completed before 4/15/2016)

    Let the new Hybrid Configuration wizard do it for you

    You can use the latest Hybrid Configuration wizard (HCW) to configure your Exchange 2013 servers to work with the new TLS certificate. Just follow these steps:

    1. If the Exchange 2013 servers handling hybrid mailflow are running Exchange 2013 CU8 or lower, follow the instructions in Updates for Exchange 2013 to install the latest cumulative update on at least one server.
    2. After you install the latest cumulative update, download the new HCW application and run the wizard following the instructions here .

    Note: For information on which releases of Exchange are supported with Office 365, see Hybrid deployment prerequisites.

    Manual update

    If you can’t upgrade Exchange 2013 to latest cumulative update right now (although we would like to remind you of our support policy), you can manually configure your servers to work with the new TLS certificate. On each Exchange 2013 server that’s used for hybrid mailflow, open the Exchange Management Shell, and run the following commands:

    $rc=Get-ReceiveConnector |where {$_.TlsDomainCapabilities -like "*<I>*"}

    Set-ReceiveConnector -Identity $rc.Identity -TlsDomainCapabilities "mail.protection.outlook.com:AcceptCloudServicesMail

    Office 365 Hybrid Team


    0 0

    App-V 5.1 Hotfix 2 and 5.0 SP3 Hotfix 3 are available now and referenced in the same KB article: https://support.microsoft.com/en-us/kb/3139245

    Full details, download and testing recommendations are available at the link above.

    For Microsoft Application Virtualization 5.1 RTM, this hotfix package fixes the following issues:

    • Issue 1
      The lock on the VFS folder was not getting released when the user logs off from the client service
    • Issue 2
      Microsoft Office Click-to-Run apps can't be opened from SharePoint in Internet Explorer. Embedded Office Click-to-Run apps may crash
    • Issue 3
      Press and hold (or right-click) app on taskbar, the app icon becomes blank.
    • Issue 4
      Provide mitigation for apps which don't handle long paths correctly.
    • Issue 5
      Enable users to create multiple instances of Office 2016 Click-to-Run apps.
    • Issue 6
      Re-enable APP-V 5.1 Management server address "http://localhost:<port>/packages" and "http://localhost:<port>/packagesummary"
    • Issue 7
      The Confirmparameter is ignored when the Groupsparameter is null for Grant-AppvServerPackage command. Use the newly added Forceparameter to avoid the "Confirm Action" dialog.

    For Microsoft Application Virtualization 5.0 SP3, this hotfix package fixes the following issue:

    • Issue 1
      Microsoft Office Click-to-Run apps can't be opened from SharePoint in Internet Explorer. Embedded Office Click-to-Run apps may crash.


    0 0

    このポストは、2016 年 2 月 17 日に投稿された Cloud Platform Release Announcements for February 17, 2016 の翻訳です。 こちらのブログでは、クラウド プラットフォーム チームが進める一連の新しい更新をまとめて紹介します。 マイクロソフトは、現在の "モバイル ファースト、クラウド ファースト" の世界で、エンタープライズでのクラウド文化の採用を可能にするテクノロジとツールを提供します。当社の差別化されたイノベーション、包括的モバイル ソリューション、および開発者ツールが、クラウド ファースト時代の真の可能性を実現する上で、すべてのお客様を支援します。 クラウドでの迅速なイノベーションを期待されるお客様にお応えして、マイクロソフトは幅広い クラウド プラットフォーム製品ポートフォリオ を提供しています。お客様に最新情報を提供するため、以下の一覧に当社の最新リリースをまとめました。また、より多くの情報を必要とされるお客様のために、詳細情報へのリンクも示しています。今回の更新内容は次のとおりです...(read more)

    0 0

    For a particular folder you synced with the OneDrive for Business client, you see the following symptoms:

    • A red x indicator sometimes appears on the folder structure that contains the files (this indicator may not show up each time)
    • When you store files or folders in a folder in the document library, they may move to the root location instead.

    For example, as you go down the layers of the subfolders it may look similar to this:

    When you right click on OneDrive for Business cloud icon in the notification area, and then select view sync problems, you may see errors like these:

    Why this happens

    This behavior indicates that files or folders were shared with you, but you do not have permissions to the library. When you are in a SharePoint Online document library, you can Share either files or folders.  This will set unique permissions for those files or folders. For users that access the library only through the browser, the customized permissions on Shared files or folders will work.  However, they may not be sufficient for all operations of the client application, which needs to be able to find information on the folder tree. The most common issue occurs when the OneDrive for Business sync client cannot find the target folder for an uploaded item. In this case, it will save it to the root folder to prevent data loss.

    In general, people with permissions to only a file or folder in a SharePoint library should not sync that library with OneDrive for Business. However, it can be made to work with further manual customization.

    Solutions

    If you want to continue syncing with the OneDrive for Business app, then you have following three options to resolve this:

    • Use Browser access and Explorer View (Open with Explorer)
    • Use a separate Document library
    • Provide adequate permissions throughout the folder structure

    Details follow.

    Use a separate Document library

    To avoid this issue, do not use folder permissions to provide access to a limited set of files. Instead, create a new document library for each folder that requires unique permissions. You will need to give access permissions at the document library level so that the folders and files inherit the permissions from the parent level. 

    See this TechNet article for more details: Create a document library

    Example

     Document Library <<<<<<<<<<<< give permissions here

    ParentFolder0 (PF0)

     Subfolder0 (SF0)

     SF1

    PF1

     SF0

     SF1

    PF3

     SF0

     SF1

    Provide adequate permissions throughout the folder structure

    All the folders and files above the target location need ‘View only’ or better permissions.

    See this TechNet article for more details: Understanding permission levels

    Example:

    Give permissions at the root parent folder and have those permissions inherit to everything below.

    Document Library

    ParentFolder0 (PF0) << give permissions here

     Subfolder0 (SF)

     SF1

    PF1 <<<<<<<<<<<< give permissions here

     SF0

     SF1

    PF2 <<<<<<<<<<<< give permissions here

     SF0

     SF1


    0 0

    For many application packagers, virtual application sequencers, and general IT pros, the concept of actual “debugging” can take on many meanings. Often the words “troubleshooting” and “debugging” are interspersed – especially when reading articles and blogs dealing with the topic of trying to dissect what may be occurring when a virtual application is not functioning as expected. When we speak of the word “debugging” in the context of its meaning with regards to programming and compiled software code, it is simply the dissection and reverse engineering of binaries to determine the root cause of an issue or basically “find the bug” in the code.

    The level of depth may vary depending on the tools being leveraged and the amount of access to code or symbols. For example, open-sourced code projects on the web are very easy to debug because – well – the code is distributed alongside of the binaries. In addition, special files called “symbols” are also often available if need be. This is especially helpful in the world of Windows debugging. For Closed-Source binaries – like Windows, access is limited to what API’s are exposed and documented within MSDN, the SDK’s, and publically available symbol files. Still, this tremendously aids our ISV partners when they are troubleshooting issues with their own code running on top of the Windows platform.

    Enter the Virtual Application

    What makes this especially complex in the world of virtual applications is that the surface area expands to not only include the original application but also the virtualization engine that is maintaining its sandbox – specifically its isolation and/or state separation mechanisms. With this, you have essentially increased your variables for issues. Whereas a native application involves one vendor; running on top of another vendor’s operations system, a virtual application now deals with potentially three different vendors (not even counting the potentially amount of 3rd-party vendors that could also be hooked into the kernel via filter and device drivers.) In the case of Microsoft and App-V, if the application being virtualized is a Microsoft application, there are unlimited resources internally to work on that application. In most cases, that represents less than one-hundredth of one percent of the applications out there in the ecosystem – at best. Most cases, the application is external. When that is the case, the debugger must determine the following:

    Is the application open sourced or closed source?

    If the application is open-sourced, the application can be easily investigated alongside the virtualization subsystems and likely debugged pending that the individual doing the debugging understand the source code and has the proper tools to debug the application from within the share operating system (in the case of App-V – that would be Windows.)

    If the application is closed source, what resources are available from the vendor?

    This is where it can be challenging. When you are debugging a closed source application running virtually, it requires significant insight into the application – especially if the application is running in native code. While Microsoft makes public symbols available for ISV’s to help with debugging, often the opposite is not true. As a result, the debugging is “best-effort” at best and is usually limited to basic reverse engineering tools like Process Monitor, API Monitor, or DbgView. One exception to this - that I have encountered - have been situations where the application encounters specific issues when virtualized – and those issues cannot be reproduced on a natively installed instance of the application. In those cases, the focus can shift to the virtualization engine however, even in these situations, working in triangulation with the application vendor yields more success – much quicker.

    Is the application using a 3rd-party application virtualization engine by a vendor different from the vendor of the underlying operating system?

    In this scenario, the application is written by one vendor, running on top of an operating system by a different vendor, and then sandboxed using an application virtualization by yet another vendor. In the case of Windows, the application is using a non-Microsoft virtualization solution. There have been many times where I was working support for App-V and a customer would call in with an issue they were having virtualizing a version of Office or Visual Studio on a non-Microsoft platform. I would always re-direct the customer to the vendor of the app virt stack – even though we were the vendor of the application being virtualized as well as the underlying operating system. I would then direct the customer to reach out to the Office or Visual Studio team as well to work in triangulation.

    Relationships of Application to Support Vendors

    When debating the best source for debugging virtual applications, please feel free to leverage the following matrix I constructed to assist you in reaching out to the most likely resources that will be able to help resolve the issue.

     

    Application Vendor

    Operating System Vendor

    AppVirt Stack Vendor

    Best Vendor(s) for Virt Debugging

    Best Case Scenario

    Vendor A

    Vendor A

    Vendor A

    Vendor A

    Rare in the Windows World

    Vendor A

    Vendor B

    Vendor A

    Vendor A

    Typical 3rd-party AppVirt Scenario

    Vendor A

    Vendor B

    Vendor C

    Vendor C first & Vendor A optional

    Most Common at Microsoft

    Vendor A

    Vendor B

    Vendor B

    Vendor B first & Vendor A optional

     

     

     

     

     

     

     

     

     



    The reason I make the above recommendations is because at some point the application, the application virtualization engine, or even perhaps the operating system may require some debugging – especially if there is a potential bug. If the resources troubleshooting the issue do not have access to the resources and tools needed to debug the issue – then you are essential throwing darts against the wall – and it will lead you potentially down a rabbit hole.

    Why Discuss Debugging?

    I have decided to start discussing the topic of virtual application debugging to serve the following purposes:

    1. To demystify the concept for application packagers and IT Pros in the Application Virtualization space. There are tools and concepts that can help these professionals to further arm their skills and enhance their arsenals and toolboxes.  Many reverse engineering tools such as ProcMon can only go so far.

    2. To aid software vendors in how to debug applications running under App-V and how their applications may be affected.

    1. To aid customers in how to gather and collect the appropriate debugging information to help Microsoft and other software vendors diagnose issues, isolate root cause, and resolve problems and bugs quicker.

    Next Up Part 2: Types, Modes, and Situations


    0 0

    Old Project realized

    A month ago I reinstalled one of my PC's and thought of a project I started but never finished many years ago. It was when I found out about autorunsc.exe , one of the many awesome tools from the Sysinternals suite and the creator Mark Russinovich, when I thought of an idea to keep track of all additions to my Windows installation. Any additions to it that had any effect on my boot process or that started any processes at startup. With this information I would be able to determine when I had additions I didn’t approved nor expected.  Then I could simple remove these binaries or uninstall the guilty application.

    Now, I have a slightly different approach. Besides catching all additions to the auto-runs in my Windows installation I also would like to know what executables are signed or not and if these could be a threat to me. I'm thinking of malware and vicious code. I think autorunsc.exe can do a fantastic job here with all its features, especially with some of the new features and the combination with another awesome tool, also from Sysinternals, Sigcheck.

    Some  of the  things Autorunsc do:

    • List all drivers, processes, scheduled tasks, boot drivers , logon startups and auto-runs.

    • Check if the image of the executable is signed or not.

    • Check the hash of the image.

    Link to Autoruns :https://technet.microsoft.com/en-us/sysinternals/bb963902

    Some  of the  things SigCheck do:

    • Verify signatures.

    • Check the image against Virus Total, a free online virus, malware and URL Scanner.

    Link to SigCheck:https://technet.microsoft.com/en-us/sysinternals/bb897441

    With a combination of both:

    Scan my entire system auto-runs against Virus Total, i.e. the things Autorunsc.exe collects:

    • Boot execute.

    • Codecs.

    • Appinit DLLs.

    • Explorer addons.

    • Sidebar gadgets (Vista and higher)

    • Image hijacks.

    • Internet Explorer addons.

    • Known DLLs.

    • Logon startups (this is the default).

    • WMI entries.

    • Winsock protocol and network providers.

    • Office addins.

    • Printer monitor DLLs.

    • LSA security providers.

    • Autostart services and non-disabled drivers.

    • Scheduled tasks.

    • Winlogon entries. 

    Powershell - There's nothing PowerShell can't do!

    Powershell comes to help once again. By using PowerShell I built a wrapper around these two Sysinternals tools (Autrunsc.exe and SigCheck.exe) plus some GUI to provide you with notifications when you got new binaries on your system.

     The processs:

    • Use Scheduled Tasks to run the script at:
      • Boot(Analyze autoruns) .
      • User Logon (Notifications).
    • One Powershell script that does all the job.

    • The script scan the machine with Autorunsc.exe.

    • Generates CSV output.

    • Compares CSV inbetween boots.

    • The script finds any differences.

    • The script sends the user notifications when:

      • New Unsigned Non-Microsoft Binaries added.

      • New Unsigned Microsoft Binaries added.

      • Files with New Hash and  Unsigned Binaries added.

      • New Non-Microsoft Binaries added.

      • New Microsoft Binaries added.

    • Provide a UI to see the added files and a summary.

    • With the list of additions you can run a check against Virus Total. 

    The value this script provides

    • Scan the entire system auto-runs with Virus Total.

    • Creates an offline file for scanning entire system auto-runs with Virus Total, when no internet is available.

    • Notifications when additions to the system are added.

    • A Summary of additions over every boot.

    • Summary of current additions with information about what kind of modifications done. 

    Requirements

    These are the requirements.

    • PowerShell

    • Sysinternals Autorunsc v13.51 (or newer) - Autostart program viewer.

    • Sysinternals Sigcheck v2.50  (or newer) - File version and signature viewer.

    • Internet connection if you will run a check against Virus Total.

    • Important! Once run Sigcheck -v <any file> and accept the agreement with Virus Total, if you do agree of cause :). 

    • Important!Agree to Autorunsc.exe EULA.

    • Important! Agree to SigCheck.exe EULA.

    Run the PowerShell script once and it will prompt you with the option to agree to the EULA and to use Virus Total.

    Tip! :  I would recommend the nice script Update-sysinternals.ps1 to keep your Sysinternals tools updated.

    Modify the following command in the script to something like this.

    Update-Sysinternalshttp -ToolsLocalDir "c:\Sysinternals"

    https://gallery.technet.microsoft.com/scriptcenter/Another-Sysinternals-Tools-aa288439 

    Config

    To run this you have to put these two files, Autorunsc.exe and SigCheck.exe,  in a folder on your drive,  the expected path is C:\Sysinternals but it's configurable.

     1.      First run must include the "-Analyze" switch . This is needed after each boot since it will collect all auto-runs.

    Verify-Autoruns.ps1 -Analyze

    Or

    Verify-Autoruns.ps1 -Analyze -Dir <folder path to Autorunsc.exe and SigCheck.exe>

     2.      Once we have collected data we can run the script without scanning if we just want to get notifications and summary 

    Verify-Autoruns.ps1 

    Or if we want notifications even if nothing has happend: 

    Verify-Autoruns.ps1 -Icon 

    I also suggest you put the script in the same directory, but it is not a requirement ,though it must be configured in the scheduled task. 

    You can schedule a task in that runs at every boot.

    This is the action for the task:

    Program: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

    Arguments: -ExecutionPolicy Unrestricted -File "C:\Sysinternals\Verify-Autoruns.ps1" "-Analyze"

    If you want you can just import the exported Scheduled Task provided : Verify Autoruns - Analyze Boot.xml included in the attached file VerifyAutoruns_ScheduledTaskExports.zip 

    You can also schedule a task in that runs at every logon to provide the user that logons with notifications.

    Program: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

    Arguments: -Nologo -WindowStyle Hidden -ExecutionPolicy Unrestricted -File "C:\Sysinternals\Verify-Autoruns.ps1" "-Icon"

    If you want you can just import the exported Scheduled Task provided : Verify Autoruns - Verify.xml  included in the attached file VerifyAutoruns_ScheduledTaskExports.zip 

    Output from Verify-Autoruns

    What will this powershell script generate:

    • A CSV file with all the autoruns on the system in a folder called C:\AutorunsLogs (Can be customized). Example: AutorunsC_20160210-0925.csv

    Verify-Autoruns.ps1  -LogDir <folder path to all logs>

    • A CSV file with any new files added . This will require that you have at least two boot scans created, there's only going to be one file for each boot. Example file: AutorunsC_New_20160210-0950.csv
    • A CSV file with the collected summary of all added files, i.e. the contents of all AutorunsC_New.. files.

    • SigCheck input CSV file for offline systems that can not access to internet. This file can be moved and run on internet connected systems for checking with Virus Total.

    • Notifications Icon.

    • Ballon Notifications.

    • Report Window.

    • Summary Window. 

    Notifications Icon

    This Shield icon in the task bar let you access three things:

    • The Report Window.

    • The Summary of the last run.

    • Windows Reliability Monitor (This tool can provide you with events on your system that might have caused one of the additions to the auto-runs)

      

    Balloon Notifications

    The following notifications are fired at detection. This will require that you have at least two boot scans created, there's only going to be one file for each boot.

    • New Non-Microsoft Files that are not signed

    • Files with new Hash that are not signed

    • New Microsoft files that are not signed

    • New Non-Microsoft files added

    • New Microsoft files added

      

    Report Window

    Here can you view the files added to autoruns. You can also:

    • View a summary of the last boot.

    • View the logfile.

    • Check the new files against Virus Total. Requires Internet. (Requires SigCheck.exe ver 2.50 in the same  folder as Autorunsc.exe).

    • Check all current autoruns against Virus Total .Requires Internet. (This might take a while).

       

    Summary Window

    This list shows the results from the latest analysis.

    Virus Total Check Window

    This is a table with the results from Virus Total. The column VT Detection will let you know the detection ratio. How many indications of the binary to be "unsecure" in ratio with the number of sources of information.

    This picture shows the Virus Total outcome of the new addtions to Windows from the latest boot.

    Scan the entire systems auto-runs against Virus Total

    If you like to scan all binaries that the system runs at boot and startup you can do it from the Report Window, just click "Check All System Autoruns with Virus Total", or you can do it directly from the Powerhshell command line.

    Command:

    PS C:\Sysinternals> .\Verify-Autoruns.ps1 -SystemCheck 

    This action might take a while since there are many files to be checked over internet. 

    Or if no internet connection is possible:

     PS C:\Sysinternals> .\Verify-Autoruns.ps1 -SystemCheck -Offline

    The output from this command can be used with SigChekc on a internet connected system like this:

    SigCheck.exe -o -v VTInput.csv > VTResult.csv

    This output will file contain the VT Detection ratio for each file. It's a CSV file that's best suitable for opening in Excel or similar.

    Summary

    With this script running on my PC's I can easily determine all the auto-runs added, even over time. But the coolest feature according to me is that you can scan the entire systems auto-runs against Virus Total online or offline.

    This script does of course not replace any antivirus or malware software. I use it on all my PC's as an additional control and nice to have.

    The script is available at TechNet Script Center here.


    0 0

    Not that I'm counting but I just realized one of my blog posts actually is closing in on 100k views. For over four years its been averaging up to 100 views on weekdays. Along with all the positive feedback I receive in comments, and when I meet you somewhere in the world, when I see my posts refered to in official support answers, education tutorials, cited by Mary Jo Foley - those are the things that makes an old blog enthusiast happy.

    You might want to check out some of the other popular blog posts. Not all of them are recent, mind you (can be close to five years old, things change). But some of them have updated 'cousins' - eg "Office 365 - comparing P, M and E plans" has a newer cousin "Compare the features in Office 365 across services"

    How to map an Office 365 Document Library in Windows Explorer

     Oct 6, 2011

    96710

    New Feature - Public Folders in Office 365 Preview

     Jul 18, 2012

    78614

    How to create auto signatures centrally in Office 365 Exchange Online

     Nov 23, 2011

    74793

    Office 365 - comparing P, M and E plans

     Mar 30, 2013

    73696

    How to back-up a Office 365 SharePoint Online site and data

     Oct 10, 2011

    46313

    Understanding Shared Mailboxes in Office 365 (updated)

     Nov 4, 2011

    42589

    Office 2003 - unsupported with Office 365. But will it work?

     Dec 12, 2011

    39113

    How to prevent internal users from autoforwaring mails to external recipients

     Apr 10, 2012

    35884

    Understanding Dynamics CRM Licensing 2015

     Feb 12, 2015

    33482

    New Feature - Site Mailboxes in SharePoint Online

     Aug 18, 2012

    29785

    Office 365 - comparing P and E plans

     Sep 23, 2011

    26976

    CRM 2013: Understanding Processes

     Sep 26, 2013

    26790

    Prepare for your CRM 2013 certifications - New MOC material

     Nov 17, 2013

    26777

    CRM 2013: Understanding Portable Business Logic

     Oct 13, 2013

    26636

    CRM 2013: Understanding Multi-Entity Search

     Oct 7, 2013

    26545

    Issues solved in Update Rollup 1 for Microsoft Dynamics CRM 2015

     Mar 23, 2015

    26411

    The long awaited standalone SkyDrive Pro sync client has just been released

     May 21, 2013

    26223

    Userfriendly Shared Mailboxes in Office 365

     Mar 24, 2012

    25824

    Digital Asset Management in Dynamics Marketing

     Jun 27, 2014

    24725

    Understanding External Users in SharePoint Online

     Apr 14, 2013

    21973

    Understanding E4 in Office 365 - subscribing to Enterprise Voice

     Mar 8, 2012

    21805

    Understanding Delegated Administration ("On Behalf Of") in Office 365

     Dec 5, 2011

    20921

    Understanding Storage Allocations in SharePoint Online

     Jan 20, 2012

    20846

    Sharing a SharePoint Online site with external users is easy

     May 25, 2012

    20794

    Workflows in SharePoint Online

     Jun 16, 2012

    20198

    Chosing between CRM Online Multiple Instances and Multiple Tenants

     Jun 19, 2013

    19500

    Putting Lead Scoring Models and Landing Pages to work in Dynamics Marketing

     Jun 23, 2014

    19079

    Put managed metadata to work in SharePoint Online

     Jun 4, 2012

    18931

    Comparison of the new CRM Online 2013 subscriptions

     Jul 12, 2013

    18819

    Quick Tip: How to list all user profiles in SharePoint Online

     Jun 19, 2012

    18450

    Business Contact Manager in SharePoint Online

     Sep 11, 2012

    18190

    Outlook Web App in SharePoint Online

     May 29, 2012

    18148

    How to Enable Recording in Lync Online

     Apr 18, 2012

    17922

    A couple of tips for setting up Shared Mailboxes (updated)

     Feb 15, 2012

    17653

    Connecting Dynamics Marketing to Dynamics CRM - Let the Sync Begin

     Jul 2, 2014

    17403

    Password expiration notice in Outlook

     May 7, 2012

    17022

    Automatically Assign Licenses to your Office 365 Users

     Jun 12, 2013

    16864

    Comparing features in SharePoint Online across Office 365 Service Plans

     May 10, 2012

    16246

    SharePoint Online Extra Storage price drop

     Mar 30, 2012

    16212

    Train and certify for CRM 2013 MOC

     Feb 27, 2014

    16207

    How to add extra storage to SharePoint Online

     Jul 11, 2012

    15105

    Synchronizing SharePoint Online document libraries with Windows Explorer

     Apr 17, 2013

    15030


    0 0

    One frequent reality in many intrusions is that attackers don’t target the data they are interested in directly; they target the security controls designed to protect them.  That is, the very solution InfoSec professionals craft to protect assets from risks become the means by which the attackers are able to access them.  They steal legitimate credentials of elevated accounts. They target the account management system.  They use security data such as access control lists and security group memberships to target users for compromise. How did the InfoSec solution become the InfoSec problem?

    The Key Aspects that Undermine Security Controls

    The protection of information in a network has been long studied by information security professionals. There are lengthy standards, numerous certification regimes, and a bevy of security control solutions for risk management problems.  It is the application of these InfoSec methods without due consideration of the following aspects that leads to networks where the choices in individual risk management decisions fail to create a defensible system:

    1. Lack of recursive threat modeling

    2. Security controls with dependencies that resemble a complex IT org chart

    3. The difficulty in visualizing the security dependency graph, especially as it changes

    This doomed security control system then becomes the interim target of intrusions because of its power over the assets the attackers ultimately seek.

    Lack of Recursive Threat Modeling

    Part of an information security program is defining critical assets and threat modeling risks.  These risks are then minimized by the application of one or more security controls—authentication, access control, vulnerability scanning, and so forth. A critical aspect, however, is that these controls have their own risks. Security controls are not a magical, impenetrable substance.  The controls to protect information and systems are themselves information and systems. 

    For example, to protect a sensitive document repository, one might employ access controls and authentication (the access control list, account database, and secrets are information), deploy encryption technology (the keys, their storage, and escrowed instances are information), install a data loss prevention system (an appliance with its own operating system and information), and check for weaknesses with a vulnerability scanner (another system with its own information). 

    The selection of controls must be recursively and holistically threat modeled for completeness.  This difficulty in doing this can be exacerbated if the subject matter expertise to do the threat modeling is different at every layer. For example, an InfoSec practitioner using a Data Loss Prevention solution to mitigate sensitive data leaving the network may be an expert on SOX, PCI, and categories of customer PII, but they may not be an expert on the security implementation requirements of a Linux based appliance they procured.  Controls come with risks and must be treated accordingly. 

    The Org Chart of IT Creates a Graph of Security Dependencies

    Once networks get to a certain size, IT organizations specialize. Endpoint management is handled by one team, whereas the data center is handled by another.  Vulnerability scanning is handled by a dedicated team and identity management by another.  These teams tend to have their own support infrastructure.    InfoSec controls are not separable from IT.  This matrix that exists at an organization level expresses itself as a graph of security dependencies at the information level.  For example, the vulnerability scanning systems may use a “god account” that has admin rights on every host in the network to scan for weaknesses.  The vulnerability scanners may be patched or backed up by a different IT team with admin rights to them.  The vulnerability scanner servers are accessed with admin rights from a set of endpoints that are managed by yet another IT team who has control over those endpoints.  The matrix of IT services arising from domain specialization creates a lattice of critical dependencies, each of which can present opportunities for lateral movement.  If the dependencies of the security controls resemble the complexity of the org chart, it’s time to simplify.

    The Difficulty of Visualizing Security Dependencies

    Security dependencies are often difficult to see.  Identifying the security dependencies of a host involves significant subject matter expertise to inventory the critical settings: the file servers hosting scripts run on every user logon, the background service that pulls down executables from upstream servers to update themselves, the network printers used by the host that cause it to download and install device drivers, and so on.  Networks are very dynamic.  The provisioning or decommissioning of systems affects the graph.  User login behavior and where credentials are used can vary.  Changes in network connectivity or domain trusts can affect it.  There are hidden edges in the graph—an unpatched server or appliance effectively creates new edges in the dependency graph.  The reuse of a password across different trust domains creates a hidden link.  If you can’t manage what you don’t measure, you can’t prune a graph you’re not visualizing.

    This is exacerbated in many environments because the fulfillment of compliance requirements does not leave InfoSec professionals enough time to do the analysis necessary to protect a living network. Management support affects this greatly. If achievement of conformance with various InfoSec standards is all that management supports, then the talent, time, and analysis to ensure the details are right won’t be there.  Analysis of this kind requires whitespace from other compulsory activities.

    How do Successful Defenders Cope?

    Despite these obstacles, I find defenders at many organizations able to cope with these challenges.  Here are the practices I see in them:

    1. They manage from the terrain, not the map.  They seek to know what’s truly running in their network, not just the services that IT officially manages.

    2. They better manage isolation and compartmentalization leading to fewer spaghetti dependencies to manage.  They reduce the number of ingress and egress paths to remove duplication.

    3. They have a bench of subject matter experts to do the required threat modeling.  They know they can’t secure things they don’t understand. Any technology indistinguishable from magic has no place on their network.

    4. They have a keen appreciation of the difference between the risks of Murphy and Satan.  “Murphy risks” cause problems but ones that are not intentional in nature—for example an outage or commodity malware landing opportunistically on a host in the network.  “Satan risks” are risks with intent. There is an active adversary.  InfoSec security control selection does well against Murphy, but requires different thinking for Satan.

    5. They have a heavy emphasis on detective controls that look for abuse of legitimate access. They “Assume Breach” and work from the assumption that their controls will be compromised and are prepared to work the kill chain starting at the end first.

    6. They have management support for the whitespace required to analyze and defend a complex system. Compliance requirements, while mandatory, are seen as necessary but not sufficient.

    7. They embrace the matrix and coordinate well across their peer IT teams and users of the network.

    8. They employ penetration testing but instead of treating it as a report card, an output, they treat it as an input. They use pentesting in a diagnostic way informing a comprehensive security program.

    9. They do attack research.  They know that knowledge on how to find vulnerabilities and assess their exploitability is just as valuable for defenders as it is for attackers.  Their blue teams bleed red and their red teams bleed blue.

    10. They actively manage their graph. They reduce the number of standing administrators.  They consider the attack surface of their defense. 

    Until InfoSec teams are better able to handle the aspects of recursive threat modeling, deal with the matrix effects of IT, visualize their security dependencies better, and find the whitespace to do it all, security controls will continue to be a primary attack surface targeted by attackers in intrusions.  InfoSec regimes also need to do a better job at documenting successful methods and practices for doing this kind of analysis.  It’s critical to get right, because that’s the Defender’s Mindset.


    -----

    This blog expands on a topic from this tweet: https://twitter.com/JohnLaTwC/status/699304590500634625

    Thanks to Tal Be'ery (@TalBeerySec) from the Microsoft ATA team, Adam Shostack (@adamshostack), and Erica E for reviewing a draft of this post.


    0 0

    Is it possible to use the Configuration Manager migration feature to migrate objects from a Configuration Manager 2012 site to a Configuration Manager Current Branch site? 

    In the past, the migration feature of CM has required that (unless you were migrating from CM 2007) that the source and target be the same version of CM 2012.  Reference here https://technet.microsoft.com/en-us/library/gg682006.aspx  "Beginning with System Center 2012 Configuration Manager SP1.....migrate from System Center 2012 Configuration Manager infrastructure to another deployment of Configuration Manager that runs the same version."

    Suppose you are currently running CM 2012 and want to build a new parallel hierarchy to run CM CB and then migrate objects over.  This may be a common scenario due to OS requirements for CM CB (Server 2012 or later) and SQL 2012 (or later).  Now, CB 1602 will allow you to perform an inplace OS upgrade (say from Server 2008 to Server 2012) but most customer aren't comfortable with upgrading a server OS, they would rather start with a fresh install.  So, if the prior migration guidance still applies, you would have to either:

    • upgrade source CM 2012 to CM CB, install target CM CB site, then migrate
    • keep source site at CM 2012, install CM 2012 on target site, migrate and then upgrade target site to CB.

    Those aren't bad solutions, just has some extra steps that would be nice to avoid.  Luckily, CM CB supports migration from a CM 2012 source site. Reference https://technet.microsoft.com/en-us/library/mt593351.aspx#BKMK_SupportedMigrationVersions&nbsp 

    "You can migrate data from a source hierarchy that runs any of the following versions of Configuration Manager:

    • Configuration Manager 2007 SP2
    • System Center 2012 Configuration Manager SP2 or System Center 2012 R2 Configuration Manager SP1
    • A System Center Configuration Manager hierarchy of the same or lesser version of System Center Configuration Manager"


    That's great news.  I've tested this in my lab and seems to work on CB 1511 when I migrated from a CM 2012 R2 SP1 site.  Monitor the migmctrl.log and you will see lots of Query against Legacy Site messages.  I hope you find this helpful


    0 0

    Olá comunidade Wiki Ninja Brasil.



    Sejam muito bem-vindos a mais um Sábado com os Top Contribuintes da Semana.

    Em vermelho os contribuintes do Brasil que mais destacaram na colaboração geral.

    As contribuições da semana é como segue:







    ESTATÍSTICAS WIKI

    378 usuários contribuíram com 2.632 páginas, 12.867 revisões e 7.778 comentários.


     

    Ninja Award Prêmio Maiores Revisores 
    Quem fez mais revisões individuais

     

    #1 Lucas Samrsla com 16 revisões.

      

    #2 Felipe Augusto L O com 8 revisões.

      

    #3 Rafael Bandeira de Oliveira com 6 revisões.

      

     

    Ninja Award Prêmio Artigos mais atualizados  
    Quem atualizou mais artigos

     

    #1 Lucas Samrsla com 5 artigos.

      

    #2 Rafael Bandeira de Oliveira com 2 artigos.

      

    #3 Peter Geelen - MSFT com 1 artigos.

      

     

    Ninja Award Prêmio Maioria dos artigos atualizados 
    A maior quantidade de conteúdo atualizado em um único artigo

     

    O artigo a ter a maioria das mudanças esta semana foi Guia de sobrevivência da certificação MCSA/MCSE Windows Server 2012 R2, escrito por Salomão Ribeiro

    O revisor desta semana foi Ed Price - MSFT,

     

    O artigo a ter a maioria das mudanças esta semana foi Diferença de Software e Aplicativo, escrito por Mauricio Junior - MCP, MCAD, MVP Microsoft

    O revisor desta semana foi Ed Price - MSFT,

     

    O artigo a ter a maioria das mudanças esta semana foi Não é possível se conectar ao servidor via RDP, escrito por Rafael Bandeira de Oliveira

    O revisor desta semana foi Ed Price - MSFT,

     

     

    Ninja Award Prêmio Artigo com mais longa atualização 
    O artigo mais atualizado desta semana

     

    O artigo que obteve maior atenção esta semana foi Guia de sobrevivência da certificação MCSA/MCSE Windows Server 2012 R2, escrito por Salomão Ribeiro

    O revisor desta semana foi Ed Price - MSFT,

     

    O artigo que obteve maior atenção esta semana foi Diferença de Software e Aplicativo, escrito por Mauricio Junior - MCP, MCAD, MVP Microsoft

    O revisor desta semana foi Ed Price - MSFT,

     

    O artigo que obteve maior atenção esta semana foi Não é possível se conectar ao servidor via RDP, escrito por Rafael Bandeira de Oliveira

    O revisor desta semana foi Ed Price - MSFT,

     

     

    Ninja Award Prêmio Maioria dos artigos revisados 
    Artigo com mais revisões em uma semana

     

    Esta semana, a maioria que brincava com artigo é Instalação, escrito por Jorge Barata [JB]. Ele foi revisto 8 vezes na semana passada.

    Os revisores desta semana foram Peter Geelen - MSFT& Lucas Samrsla

     

    Esta semana, a maioria que brincava com artigo é F# - Conhecendo o mecanismo de Type Inference e a organização de arquivos, escrito por Felipe Augusto L O. Ele foi revisto 7 vezes na semana passada.

    O revisor desta semana foi Felipe Augusto L O,

     

    Esta semana, a maioria que brincava com artigo é Windows Server 2012 R2 – Windows cannot install required files. Error code: 0x80070570, escrito por Rafael Bandeira de Oliveira. Ele foi revisto 3 vezes na semana passada.

    O revisor desta semana foi Rafael Bandeira de Oliveira,

     

    Esta semana, a maioria que brincava com artigo é Como Manter Seu Computador Atualizado e Seguro, escrito por Luciano Lima [MVP] Brazil. Ele foi revisto 3 vezes na semana passada.

    Os revisores desta semana foram Antero Marques& Ana Gauna

     

    Esta semana, a maioria que brincava com artigo é Plataformas, escrito por Jorge Barata [JB]. Ele foi revisto 3 vezes na semana passada.

    O revisor desta semana foi Lucas Samrsla,

     

    Esta semana, a maioria que brincava com artigo é Como descobrir se um arquivo está corrompido, escrito por Rafael Bandeira de Oliveira. Ele foi revisto 1 vez na semana passada.

    O revisor desta semana foi Rafael Bandeira de Oliveira,

     

    Esta semana, a maioria que brincava com artigo é Desenvolvedor, não se Prenda a Tecnologias, escrito por Thiago A. C. Vidal. Ele foi revisto 1 vez na semana passada.

    O revisor desta semana foi Thiago A. C. Vidal,

     

    Esta semana, a maioria que brincava com artigo é Agenda de Publicações no Blog Wiki Ninjas Brasil, escrito por Fernando Lugão Veltem. Ele foi revisto 1 vez na semana passada.

    O revisor desta semana foi Renato Groffe,

     

    Esta semana, a maioria que brincava com artigo é Segurança, escrito por Luciano Lima [MVP] Brazil. Ele foi revisto 1 vez na semana passada.

    O revisor desta semana foi Lucas Samrsla,

     

    Esta semana, a maioria que brincava com artigo é Windows 10 - Como desativar a reprodução automática de mídias, escrito por Marcelo Strippoli. Ele foi revisto 1 vez na semana passada.

    O revisor desta semana foi Ed Price - MSFT,

     

     

    Ninja Award Prêmio do Artigo mais popular 
    Colaboração é o nome do jogo!

     

    O artigo a ser atualizado pela maioria das pessoas desta semana é Desenvolvedor, não se Prenda a Tecnologias, escrito por Thiago A. C. Vidal

    O revisor desta semana foi Thiago A. C. Vidal,

     

    O artigo a ser atualizado pela maioria das pessoas desta semana é Como descobrir se um arquivo está corrompido, escrito por Rafael Bandeira de Oliveira

    O revisor desta semana foi Rafael Bandeira de Oliveira,

     

    O artigo a ser atualizado pela maioria das pessoas desta semana é Windows Server 2012 R2 – Windows cannot install required files. Error code: 0x80070570, escrito por Rafael Bandeira de Oliveira

    O revisor desta semana foi Rafael Bandeira de Oliveira,

     



    Agradecemos bastante a todos os nossos contribuintes por mais uma excelente semana de colaboração.

    Estamos felizes por esse grupo se dedicar a comunidade do Brasil e o colocar em destaque.

    Na semana que vem nós voltaremos com mais destaques.

    Obrigado.



    Wiki Ninja Hezequias Vasconcelos @++




    0 0

    Welcome back for another analysis of contributions to TechNet Wiki over the last week.

    First up, the weekly leader board snapshot...

     

    As always, here are the results of another weekly crawl over the updated articles feed.

     

    Ninja Award Most Revisions Award  
    Who has made the most individual revisions
     

     

    #1 Steef-Jan Wiggers with 111 revisions.

      

    #2 Ed Price - MSFT with 73 revisions.

      

    #3 Ken Cenerelli with 40 revisions.

      

    Just behind the winners but also worth a mention are:

     

    #4 Peter Geelen - MSFT with 30 revisions.

      

    #5 Ripon Kundu with 23 revisions.

      

    #6 .paul. _ with 19 revisions.

      

    #7 Erdem Avni SELÇUK with 16 revisions.

      

    #8 Lucas Samrsla with 16 revisions.

      

    #9 Eldert Grootenboer with 15 revisions.

      

    #10 Jeff Ingalls with 10 revisions.

      

     

    Ninja Award Most Articles Updated Award  
    Who has updated the most articles
     

     

    #1 Steef-Jan Wiggers with 59 articles.

      

    #2 Ed Price - MSFT with 37 articles.

      

    #3 Ken Cenerelli with 31 articles.

      

    Just behind the winners but also worth a mention are:

     

    #4 Erdem Avni SELÇUK with 16 articles.

      

    #5 Peter Geelen - MSFT with 11 articles.

      

    #6 Ripon Kundu with 6 articles.

      

    #7 Eldert Grootenboer with 5 articles.

      

    #8 Lucas Samrsla with 5 articles.

      

    #9 Recep YUKSEL with 4 articles.

      

    #10 Richard Mueller with 3 articles.

      

     

    Ninja Award Most Updated Article Award  
    Largest amount of updated content in a single article
     

     

    The article to have the most change this week was Microsoft Azure Tool Inceleme (2 tool) (tr-TR), by Hasan DANIS - Cloud Computing

    This week's revisers were Recep YUKSEL& Hasan DANIS - Cloud Computing

    Hot off the press is this publication from Hasan. With a little input from TNWiki legend Recep, the TR community goes from strength to strength!

     

    Ninja Award Longest Article Award  
    Biggest article updated this week
     

     

    This week's largest document to get some attention is ASP.NET MVC User Role Base Menu Management Using WEB API And AngularJS, by SYEDSHANU

    This week's revisers were SYEDSHANU, Steef-Jan Wiggers& Ken Cenerelli

    An awesomely useful article here from Syed. A really good piece, with input from the best of the rest.

     

    Ninja Award Most Revised Article Award  
    Article with the most revisions in a week
     

     

    This week's most fiddled with article is VB.Net: OOP Calculator - calc2, by .paul. _. It was revised 16 times last week.

    This week's revisers were .paul. _& Peter Geelen - MSFT

    Some sensational VB.Net here from Paul, thanks for all your hard work!

     

    Ninja Award Most Popular Article Award  
    Collaboration is the name of the game!
     

     

    The article to be updated by the most people this week is TechNet Guru Contributions - February 2016, by XAML guy

    Wow and wow again! Some great content coming in from some great authors! Pop over to the page and have a read through this month's contributions!

    This week's revisers were lanax, Gaurav Kumar Arora, Eldert Grootenboer, Steef-Jan Wiggers, Ed Price - MSFT, Emiliano Musso, Brian Seekford, Pierre-Alexandre Braeken MCSE, Shreeharsh Ambli, Rakhi Jain& .paul. _

     

    As Guru often wins, the article to be updated by the SECOND most people this week is System Center Configuration Manager (current branch): List of Public Microsoft Support Knowledge Base Articles, by RSC_phat

    This was a good choice from the 3 edited articles. A great resource, worth bookmarking! Thanks RSC_phat!

    This week's revisers were RSC_phat, Ken Cenerelli& Peter Geelen - MSFT

     

    Ninja Award Ninja Edit Award  
    A ninja needs lightning fast reactions!
     

     

    Below is a list of this week's fastest ninja edits. That's an edit to an article after another person

     

    Ninja Award Winner Summary  
    Let's celebrate our winners!
     

     

    Below are a few statistics on this week's award winners.

    Most Revisions Award Winner
    The reviser is the winner of this category.

    Steef-Jan Wiggers

    Steef-Jan Wiggers has been interviewed on TechNet Wiki!

    Steef-Jan Wiggers has featured articles on TechNet Wiki!

    Steef-Jan Wiggers has won 22 previous Top Contributor Awards. Most recent five shown below:

    Steef-Jan Wiggers has TechNet Guru medals, for the following articles:

    Steef-Jan Wiggers's profile page



    Most Articles Award Winner
    The reviser is the winner of this category.

    Steef-Jan Wiggers

    Steef-Jan Wiggers is mentioned above.



    Most Updated Article Award Winner
    The author is the winner, as it is their article that has had the changes.

    Hasan DANIS - Cloud Computing

    This is the first Top Contributors award for Hasan DANIS - Cloud Computing on TechNet Wiki! Congratulations Hasan DANIS - Cloud Computing!

    Hasan DANIS - Cloud Computing has not yet had any interviews, featured articles or TechNet Guru medals (see below)

    Hasan DANIS - Cloud Computing's profile page



    Longest Article Award Winner
    The author is the winner, as it is their article that is so long!

    SYEDSHANU

    SYEDSHANU has been interviewed on TechNet Wiki!

    SYEDSHANU has won 4 previous Top Contributor Awards:

    SYEDSHANU has TechNet Guru medals, for the following articles:

    SYEDSHANU has not yet had any featured articles (see below)

    SYEDSHANU's profile page



    Most Revised Article Winner
    The author is the winner, as it is their article that has ben changed the most

    .paul. _

    .paul. _ has been interviewed on TechNet Wiki!

    .paul. _ has featured articles on TechNet Wiki!

    .paul. _ has won 7 previous Top Contributor Awards. Most recent five shown below:

    .paul. _ has TechNet Guru medals, for the following articles:

    .paul. _'s profile page



    Most Popular Article Winner
    The author is the winner, as it is their article that has had the most attention.

    XAML guy

    XAML guy has been interviewed on TechNet Wiki!

    XAML guy has featured articles on TechNet Wiki!

    XAML guy has won 101 previous Top Contributor Awards. Most recent five shown below:

    XAML guy has TechNet Guru medals, for the following articles:

    XAML guy's profile page

    RSC_phat

    This is the first Top Contributors award for RSC_phat on TechNet Wiki! Congratulations RSC_phat!

    RSC_phat has not yet had any interviews, featured articles or TechNet Guru medals (see below)

    RSC_phat's profile page



    Ninja Edit Award Winner
    The author is the reviser, for it is their hand that is quickest!

    Jeff Ingalls

    Jeff Ingalls has won 2 previous Top Contributor Awards:

    Jeff Ingalls has not yet had any interviews, featured articles or TechNet Guru medals (see below)

    Jeff Ingalls's profile page



    Things seem to be picking up round here!

    Some really amazing content coming in lately!

    Looks like we need to start hiring some of these folks!

    Thank you one and all contributors. Your efforts are not going unnoticed... ;)

     

    Best regards,
    Pete Laker (XAML guy)

     


    0 0

    Period of time Microsoft release Update rollups for SCOM system.

    [Kevin Holman write post "step by step update" - http://blogs.technet.com/b/kevinholman/archive/2016/01/12/ur8-for-scom-2012-r2-step-by-step.aspx ]

    After you finish to running the updates for all server roles, all agents that installed remotely or configure 'remotely managed = true' in DB' are enter to Pending management and waiting that you push the Update Rollup to agents remotely.

    Agents that installed locally because you cannot open the entire desired ports, you must to transfer the update msp file, and running it locally on agents.

    In this post you learn how to push this update automatically [without distribution software like SCCM] by using SCOM rule and file share that all servers have access to it.

    1. Extract the msp file from Agent Update Rollup folder to folder in file share.

    2. Create new rule that "execute a script": Config schedule and write VB script:


    Uncheck 'Rule is enabled'

    Configure your schedule

    Write this script, in <> insert the path of the 'file share' that all servers can access it.

    And select Create.

     3. Create dynamic group for Override the filter is: select Agent class and add condition "Path List – Does not match - *UR<Number of this update rollup>*"

    Select Agent class, and 'Add', the condition is "Where Patch List Does not match wildcard *UR<X>*"

    This group include only the agents the Last update rollup does not installed.

    Patch List property - under Operations Manager folder in Agent by Version view

    4. Find the rule that you create in section 2 and override on this group.

    5. Because the agent's service run on Local system and LS don't have permissions to running installation from share, you need to create run as profile with account that have permissions, and configure this rule to running with this profile.

    Now in the next interval the script run locally on every agent that does not update and after the update installed, agent out automatically from group and the script don't running on it again.


    0 0

    Today's post and the next in this series continues on the Windows Server Datacenter focus, but this time round the emphasis is on the reasons why you may have deployed it traditionally, versus tomorrow's requirements. I will address the current on-premises Microsoft technologies you may have been using, as well as moving through the various stages of using different Microsoft cloud technologies alongside your existing infrastructure.

    Starting with the tradtional uses of Microsoft products in virtualised environments we usually see workloads such as Remote Desktop Services, Line Of Business Applications that might have a SQL Server requreent, Exchange Server and Domain Controllers split out into seperate virtual machines where possible, and for many organisations these are elements that still make sense. For customers with a requirement for a high speed local file server and Active Directory providing services such as Group Policy to domain joined machines, these aren't necessarily things that your internet connection can provide, unless you happen to be blessed with bandwidth outside of the scope of most Australian SMB customers.

    There are some workloads, however, where the impact of removing them from the on-premises insfrastructure, and taking advantange of cloud scale and accessibility make sense for many, such as migrating email capabilities to Exchange Online in Office 365. Then you can also start leveraging the other capabilites in Office 365 that may have been out of reach of the budget of the typical SMB customer, such as SharePoint and Skype For Business, just to name two additional components of Office 365.At this stage your virtualisation requirements may start changing, especially when you start looking at leveraging additional capabilities Microsoft provides in their range of online services.

    If we go back to when Small Business Server was available in the marketplace, there were alsways interesting additional products that could be added to the network, but sometimes getting an official response about supportabilityu in an SBS environment were hard to find. Something may have been happy to run alongside SBS, but the support story would change if you asked about installing this on the SBS hardware or virtual machineitself, as opposied to running the new service on dedicated hardware or its own virtual machine. Some of these questions even started being raised around whether or not the Microsoft software for synchronising from on-premises Active Directory to Azure Active Directory (upon which Office 365 relies upon) could run alongside the other services that Small Business Server ran.

    Why the confusion? First of all, it was never explicitly stated whether or not SBS was a supported platform, instead it refered to various versions of Windows Server. Those who played it safe would read that as saying SBS definitely was not supported, while those looking to minimise costs would look at from the point of view that SBS was not called out by name as not being supported. In cases like this, you need to generally need to focus on what is being explicitly listed as supported, which SBS was not. Where this was made more confusing for some was that changes were made to allow the directory synchronisation software run on a domain controller, which of course grabbed the attention of those running SBS, as it was a definitely a domain controller.

    However, SBS was much more than a domain controler. Ignoring everything else that SBS did, even if we just focus on the other major piece of software that was running, Exchange Server, it was never mentioned or suggested anywhere in system requirements that directory synchronisation would run alongisde Exchange Server. In a production environmnt this isn't the type of risk most would be willing to make, and would understand that isolating workloads defintely had a role to play.. We even run into a similar situation with the Windows Server Essentials role and product, which I'll explain next.

    With SBS having reached end of sale a while back, and now having the Essentials role being available to Windows Server 2012 R2 and available as a seperate product, there may be times when you need to run the latest version of the Azure AD/Office 365 synchronisation tool, Azure Active Directory Connect, we find the following information on its requirements page - "Azure AD Connect cannot be installed on Small Business Server or Windows Server Essentials. The server must be using Windows Server standard or better." This makes it clear that even at this point we still need to thinkg about workload isolation, and that's what we get with the virtualisation rights of Windows Server Datacenter.

    In the next post I'll focus on the adoption of new cloud workloads, and how integrating them with on premises technologies can affect your virtualisation requirements.


older | 1 | .... | 840 | 841 | (Page 842) | 843 | 844 | .... | 889 | newer