Dear All,

Glad to see PowerBI Integration available in OMS Preview features. go enable and configure :)

ntegration with PowerBI allows you to query and refresh data via OMS searches within PowerBI Connector

Enjoy ...

こんにちは。日本マイクロソフト System Center Support Team の黒田です。
今回は、System Center Operations Manager 2012 R2（SCOM 2012 R2）のメール配信時に表示されるアラートの解決状態の表記について紹介いたします。


SCOM 2012 R2 ではメールにてアラートを通知するため、通知チャネルの設定を実施する必要があります。
その際、変数として $Data/Context/DataItem/ResolutionStateName$ を利用しアラートの解決状態をメールに記載することが可能です。

アラートの解決状態とはアラートのステータスを示しており、SCOM管理コンソールでは以下のように日本語として表示されています。

>>  既定で設定されている [アラートの解決状態]
・新規
・終了
・証拠の待機中
・エンジニアリングに割り当て済み
・確認済み
・スケジュール済み
・解決済み

SCOM管理コンソール上では日本語として表示されていますが変数 $Data/Context/DataItem/ResolutionStateName$ を使用した場合、メールには [新規] や [解決済み] ではなく [New] や [Resolved] というように英語で表示されます。

これらの解決状態はデータベース[OperationsManager] の テーブル[ResolutionStateView] で、現在設定されている内容を確認することも可能です。

<<既定のアラートの解決状態：新規&解決済み>>

なお、[アラートの解決状態] に対して新たに日本語で解決状態を定義した場合、変数 $Data/Context/DataItem/ResolutionStateName$ の値はメールで見ると日本語で表示されます。
これらの動作は SCOM 2012 R2 では想定された動作ですので、アラートの解決状態を日本語での表示をご検討される場合は新たに日本語での解決状態を定義してください。

※ データベースを直接更新する場合、意図せぬ変更によって SCOM 自体が起動しなくなる場合などもあります。事前にデータベースのバックアップを取得し、意図しないテーブル情報の更新などがないよう、ご注意ください。

<<追加したアラートの解決状態：サンプル>>

Beschreibung
Dieser Premier Webcast richtet sich an Exchange Online Administratoren, die lernen möchten wie man Azure Active Directory Rights Management für Exchange Online vollständig implementieren und konfigurieren kann.
Dies beinhaltet auch, die Vorteile zu kennen und wie eine Organisation diese für ihre Business-Kapazität gewinnbringend einsetzen kann.

Agenda und technische Highlights
• Verständnis der Funktionen von Azure Active Directory Rights Management Services und für deren Nutzung
• Gewinnen von Kenntnissen die Konfiguration von Azure Active Directory Rights Management Services betreffend
• Aktivieren und Verwalten von Rechten in Windows Azure Active Directory
• Die Demonstration zeigt die Implementierung von Anfang bis Ende, sowie Client-Testmethoden und wichtige Funktionen

Wir bieten Ihnen diesen Webcast als Online-Meeting über Microsoft Skype for Business an. Der Referent erläutert das Thema anhand von Microsoft PowerPoint Slides. Live Demos innerhalb 90 Minuten. Am Ende des Webcasts steht den Teilnehmern 30 Minuten für Fragen zur Verfügung.

Zielgruppe
Dieser Webcast richtet sich an Exchange Online-Administratoren, die lernen möchten wie Microsoft Azure Active Directory Righs Management für Exchange Online vollständig implementiert werden kann.

Level 200
(Level Skala: 100= Strategisch/ 200= technischer Überblick/ 300=tiefe Fachkenntnisse/ 400= technisches Expertenwissen)

Sprache
Dieser Webcast wird in deutscher Sprache gehalten.

Anmeldung
Zur Anmeldung wenden Sie sich bitte direkt an Ihren Microsoft Technical Account Manager oder senden Sie eine Mail an peger@microsoft.com. Besuchen Sie uns auf Microsoft Premier Education. Dort finden Sie eine Gesamtübersicht aller verfügbaren Webcasts, Workshops und Events.

With the release of Configuration Manager this month - ConfigMgr 1602, was the introduction of some new features within the console in regards to how an administrator can interact with a client.  This blog will look to explain these new features, how they work and where they’ve been developed from. 

Firstly, some background.  Way back when, ConfigMgr 2012 SP1 introduced a feature called "Client Notification".  This added an option on the right click context menu for a client or a collection that granted the administrator the ability to trigger a machine or user policy retrieval and evaluation cycle.  Admins may be forgiven for thinking that this is a “push” action to the client, as it’s actually a client initiated “pull” after the admin triggers it.  This is ConfigMgr after all – the client requests everything.  Quite simply, the client is notified to start an action normally controlled by a schedule.

This feature was designed in order for vital deployments to be sent to clients a lot quicker and to save them waiting for their computer policy retrieval cycle, set to every 60 minutes by default.  Scenarios this would help with would be a zero-day patch, an urgent anti-malware definition or some other kind of scripted fix that needed to go out to all clients very quickly.

I won’t go into details about the ins and outs of Client Notification, although you can read the Product Group’s original blog about the feature release here.  In a nutshell, clients communicate over TCP or HTTP every 15 minutes to confirm they’re still online.  Once an action is triggered using Client Notification, only clients that have reported back as “online” will be notified to begin an action.  This means that your infrastructure won’t be wasting resources trying to open up individual WMI connections to clients in order to trigger these actions.  Other tools that seem to perform these actions can be quite costly in terms of wasted resources, especially when targeting a large collection.    That’s why we would suggest using the out of the box tools whenever possible.

“But Ricky, sometimes I need to do more than just a policy retrieval on a group of computers and using other tools to perform this seems like the only way!” 

That’s a very good point, and the very reason that the list of actions that can be performed in the Client Notification has now been extended in the 1602 release.  Check it out…

You can see along with computer and user policy retrieval; we now have the ability to collect discovery data, start a hardware or software inventory cycle, evaluate any deployed applications, or start a software update deployment evaluation too.  As stated above, triggering any of these actions will see that only clients that have reported back in the last 15 minutes will be given the notification to begin the chosen action. 

One more feature that was introduced that takes advantage of the “keep-alive” message sent by clients every 15 minutes is being able to see if a client is online or not when viewing it in a collection.  Have a look…

The grey icon represents that the client is offline, and the green icon shows that the client’s keep-alive message has been received in the last 15 minutes.

I hope this helps explain this small feature introduction, which seems to have slipped under most admins’ radars.  Remember, if you have any suggestions about ConfigMgr, please log them at the UserVoice site and get those votes assigned to any other features you like the look of. 

As always, please leave any comments or questions below.

Ricky

Den andre onsdagen i hver måned fra kl 09:00 – 10:00 arrangerer vi Skypemøtene Microsoft Partner Brief.

Vi tar opp aktuelle temaer for våre norske partnere, både når det gjelder produkter, løsninger, kampanjer og medlemskapet i Microsoft Partner Network.
Det vil naturligvis også være anledning til å stille spørsmål.

Neste Microsoft Partner brief er 13. april kl. 09.00-09.45.

Agenda

- Lisenser til internbruk: Silver og Gold partnere får tilgang til lisenser til internbruk og i april kommer det nye muligheter for bruk av disse som vi går igjennom i denne sesjonen.

- Partner arrangement: Få innblikk i hva som skjer de neste månedene og meld deg på de arrangementene som er aktuelle for deg.

- Hold deg oppdatert: Det er mye informasjon å forholde seg til som Microsoft partnere. Derfor har vi i Microsoft Norge laget noen tips og triks på hvordan å holde seg oppdatert.

Velkommen!

Her finner du kalenderinvitasjon

Following my post last week, it’s Awards season, and we’re continuing to get closer and closer to the nomination deadlines, for both the Worldwide Partner of the Year Awards and the Canadian IMPACT Awards.

1. The Partner of the Year Awards tool is open until April 7th at 11.59 PM PST. Visit the awards and nomination portal to learn more. Be sure that you’re submitting nominations for both the Competency workloads, but also the Country Partner of the Year!

2. The 2016 IMPACT Awardsnomination tool closes on April 12th at 11:59 PM PST. We recommend that you review the complete award guidelines and have your entry 100% ready to go before you begin the upload process. 

As I shared last week, what I enjoy so much about this time of the year, is hearing the stories, that you, our partners tell, of your journey and experiences, your businesses and the impact that you are having in the markets you serve, and to Canada!

Following the open Q&A with Eric Sugar at ProServeIT on their winning the Canada Partner of the Year last year, this week I’m thrilled to sit and talk shop with ITNorth, one of our IMPACT Award winners from 2015.

I hope their story provides some inspiration, and encouragement to get your submissions in for this year’s awards!

Jay

Channel Chief @ Microsoft Canada

@jbrommet

-----

Founded in 2003 and based in Fort St. John, BC, ITnorth has grown quickly from a one man show to one of the largest and most successful IT companies in northern BC. Along the way, the firm has earned numerous regional, national and international awards, including multiple Microsoft IMPACT Awards. In 2015 alone, ITnorth was awarded IMPACT Awards for Infrastructure Innovation and the Fastest Growing SMB Cloud Provider in Western Canada. All of this success has translated into growth; ITnorth now has 43 staff members working from offices in Edmonton, Calgary, Victoria and its headquarters in Fort St. John.

We recently had a chance to catch up with co-founder and co-general manager Akos Zsufa in his Victoria office and took the opportunity to ask him about his company’s journey to the cloud and to share some of the secrets of his success.

We tend to be so big-city-centric in Canada; how is it that one of the country’s hottest IT firms is headquartered in Fort St. John?

After studying IT in the late 90’s, I moved up north to Fort St. John to work for Westcoast Energy, the gas company. I was doing local system administration work and met the ITnorth co-founded Gert-Jan Voormeulen, or just GJ for short. We had like minds and started out doing turnkey, small box SharePoint 2003 set-ups for our clients. That work gave us enough momentum to grow our business out of our Fort St. John office.

And that location explains the name, ITnorth?

Yes, partly. Actually ITnorth has a whole bunch of meanings for us. One of them is our northern location and the clients we serve up here. Another is the sense of optimism and the promise of growth that modern technology brings. We like say that the cloud is north of us.

So the cloud was always central to your vision?

No! We kind of got dragged into the cloud kicking and screaming. [Laughs] At first, we saw the transformation of our industry by the cloud as a threat, even a potential end to us as a company. It took us a while for us to embrace the fact that the new industry is going to need trailblazers — people in the forefront of the technology and the ideas inspiring it.

What was the turning point?

The launch of BPOS [Business Productivity Online Suite, Microsoft’s precursor to Office 365]. We could see that this new way of delivering services was going to disrupt the traditional approach and that it gave us an opportunity to go from being a cog in the wheel to having a strategic role in our clients’ business. We could add more value and empower our clients to only pay for the services and technology they consume, which is a model that has clearly won the day. 

And how did your transition to Office 365 go?

We had to invest time and energy to make the idea a reality for our clients. We started by migrating to Windows Small Business Server and by overcoming some authentication challenges. We leveraged Microsoft’s Cloud Platform System program to deploy Office 365 wrapped with our own intellectual property plus managed services attached. That work put us in a place to deliver a complete solution to our clients based on one, all-inclusive charge that allows them to avoid capex and hiring staff in favour of lower, more predictable operating costs.

How do you make consumption-based IT profitable?

Training. If we can only charge clients for what they consume, then it’s essential that we help our clients learn how to get the most value out of their technology. That’s why we’ve made education a silo of our business, for us and our clients. We include training as part of every ITnorth proposal and partner with TechSource to deliver training courses and materials. We have found that something as simple as an hour of in-person, group training on Outlook makes a dramatic impact to our clients’ productivity. And they almost always ask us for more.

Speaking of impact, has winning IMPACT awards helped your business?

Absolutely. Ever since we won our first IMPACT Award for Small Business Specialist of the Year in 2008, we’ve experienced big benefits. It’s great to be a Gold Certified Partner, but winning these awards gives us added push, instant credibility and the means to differentiate ourselves in the marketplace. That’s why we always mention our certifications and our awards in marketing and our proposals—it shows that we’ve earned the respect of our peers in the industry.

So what’s next for ITnorth?

We’re going to continue doing what we’re doing: investing in building our competencies, developing innovative intellectual proprietary and offering a non-traditional set of services, including web and marketing solutions, training and app development. The idea is to make the cloud and modern technology work for our clients, not the other way around.

ITnorth’s website: http://itnorth.ca/

前言　

　　多數的企業為了集中化管理，而導入了企業身份識別系統 Active Directory，使內部的使用者可以透過集中式的帳號密碼認證機制，達成單一簽入的目標，大大的提升了便利性，但集中管理與分散管理，一直以來，都是管理者們在衡量便利與安全之間最大的難題。早在 NT 4.0 時，推出了網域服務，這個服務即開始深植入企業資訊管理者的心裡，讓每一個人都能擁有自已的識別帳號 ( Identification ) ，輸入自已的帳號密碼送交驗證 ( Authentication ) ，系統認證通過後，依照每一個使用者的帳號資訊給予正確存取的授權 ( Authorization ) ，最後即可於系統或服務上查詢到該使用者的存取稽核資訊 ( Accountability ) ，這是一個資訊安全系統上必要的存取控制措施，自有安全需求的系統起，無論帳號密碼稽核條件如何演變，不管需要多複雜、多長的密碼組合，每一個關卡都可以簡單抑或複雜。

　　而故事則是由這裡開始的，當我們將帳號密碼透過具有 3A 架構的系統存取控制機制來集中管理時，一來可以透過管理原則將帳號、密碼有效的提升其強度，二來可以提供一個通用的帳戶來存取各種不同的資源。但便利與安全永遠是置放於天枰的兩端，當開始追求安全時，便利性則會比起原本的機制來得麻煩，為了某人要開放更便利的使用系統時，則具備機密及敏感等級的使用者，就有可能變得不安全。

　　因此，無論在 AD 或是其它的驗證基礎、協定上，均提出了各種不同即可便利，又可安全的存取控制，而自 Domain Service 問世以來，提供了一個結合方便及安全的系統存取控制的架構，其中 Pass the Hash 及 Pass the Ticket 攻擊，則是依附著驗證系統化繁為簡而生，在電腦的驗證系統中，不外乎是輸入帳號密碼，輸完帳號密碼後，給予一個安全且簡單的再次確認機制，在古代就有所謂的漢符、令牌、通關卡…等等的代表該人已被驗證過的證據，讓這些已驗證者可以快速的通過查核。

本文大綱如下：

• 問題說明
• 工具說明
• 延伸閱讀

問題說明

       而在電腦世界中，這一類的驗證系統，當然也有著各自的快速驗證機制，各位試著思考一下，我們要如何騙過以人為基礎的驗證系統？古代舉試如何查驗雙胞胎當槍手?如何確認漢符、令牌發放之後沒有被盜用?近日有一則新聞，有一位乘客在機場跑錯航空公司櫃台，而該櫃台人員亦只查核英文姓氏，連性別都沒有查驗就讓一位女性頂替一位未到場的男性辦理了登記作業，而通關過程亦無人查覺有異，一直到了飛抵目的，確認通關時才被航空公司查覺到，該名未到場的男性要求重新劃位，那麼在飛機上的那個人是誰，才讓該航空間司未仔細驗證的事情曝了光。

　　該航空公司未查證該女並非公司客戶，而直接發放了登機票證，如同 Kerberos 驗證機制中的 Pass the Ticket Attack ，錯的人拿著已驗證完成的票證向主機要求存取服務。

　　難道系統存取控制機制沒有再次確認的機制嗎?怎麼會讓人偽冒身份來存取服務呢?因此針對 NTLM Hash 驗證機制而生的 Pass the Hash attack 、針對 Kerberos ticket 驗證機制而生的 Pass the Ticket attack ，就此成為企業內部最大的問題，從一開始 SMB 協定在網路上以明文方式傳送 Token ，而後來因為這個驗證是明文傳送，過於危險，則出現了 LAN Manager Challenge  /  Response 驗證機制，又因為過於簡單，僅僅是為了讓用戶端 向伺服器證明自已的身份，而用戶端與伺服器又共享有一個 Secret ，透過這個Secret來證明自已的身份，所以發起者是用戶端只要發起驗證，伺服器即丟遞一個隨機值 ( Challenge ) ，用戶端則用這個 Challenge 作為金鑰加密的 Secret ，而伺服器再將 Challenge 解開得到 Secret ，即可驗證該用戶端是否合法。問題就出在必須確保 Challenge 夠隨機，不以被猜測到，因此若從發起者用戶端身上去偷得 Secret ，也取得伺服器上的 Challenge ，那麼這個機制即可被偽冒。

　　由於上面單純一次 Challenge / Response 太過於薄弱，那麼透過這個為基礎發展出 Ansi Passwordf(LM_Hash, Challenge)，Unicode Password f(NT_Hash, challenge) 含有 SMB NTLMv1 Challenge / Response 驗證協定，產生的是 1 對 1 的關聯，大幅度的提升了難度，因為其中包含了網域名稱、伺服器、帳號、兩組密碼。但相對的，只要這些資訊完整的被擷取下來，還是會順利的解開其內容，成為被利用的認證架構

　　為了讓 Challenge/Response 驗證協定可以更安全，因而 NTLMv2 則加上了時間戳記，讓 SMB_Session_Setup_ANDX_Reuest 階段加上時戳，並增加 8byte的Server Challenge/nonce 及 Client Challenge ，讓伺服器檢驗 LMv2 及/或 NTv2 的結果是否正確，進而決定要同意或拒絕存取。

工具說明

Mimikatz 來自於法國知名駭客 Benjamin Delpy 之手它可以達成的內部身份竊取攻擊包含有：

• • 由 LSASS ( Local Security Authority Subsystem Service ) 傾印認證資訊

( Windows Local Security Account database )  [ sekurlsa 模組 ]

            MSV1.0: hashes & keys (dpapi)

            Kerberos password, ekeys, tickets, & PIN

            TsPkg ( 密碼 )

            WDigest ( 密碼明文 )

            LiveSSP ( 密碼明文 )

            SSP ( 密碼明文 )

• • 產生 Kerberos Golden Tickets ( Kerberos TGT logon token ticket attack )
  • 產生 Kerberos Silver Tickets ( Kerberos TGS service ticket attack )
  • 匯出憑證及金鑰 ( 即時那些不是正常的匯出點 ).
  • 傾印快取憑證
  • 停用事件監視
  • 略過 Microsoft AppLocker / 軟體限制條件
  • 修補終端伺服器
  • 略過基礎 GPO

在 POC 的過程中，我們可以模擬出的情境包含下列常見的狀況：

• • 網域內使用者是本機主機的 Administrators 成員
  • UAC ( User access controls 使用者存取控制 ) 是被關閉的
  • 所有的驗證機制僅仰賴著帳號及密碼

執行 mimikatz必須以管理者身份執行，執行完成必須再透過權限提升指令 Privilege::dbug

　　　若出現下列訊息，則代表正常啟動

　　　若出現下列訊息，則該帳號權限或身份不足

　　　當使用者曾經在該機器上登入過，即可以透過 sekurlsa::logonpasswords 列出機器上所有使用者的 Hash 值

　　接下來透過 sekurlsa::pth /user:Jason /domain:blackjason /ntlm:7ecffff0c3548187607a14bad0f88bb1 /run:SMB 為基礎的指令，即可偽冒該使用者來存取其使用者權限所及的資訊或服務。

然而在目前 PtH 的威脅下，只能停用 NTLM 嗎？ 會不會過得了這關，就依據 Microsoft TechCenter  的建議做法告訴我們：

1. 限制及保護高權限的網域帳號

• • 將管理者使用的帳戶分隔出管理及個人使用者的帳號：多數的管理者會習慣的將自已的帳號加入網域管理員中，但即使只有在個人電腦中操作 word，也是以管理者的權限在執行，應當落實管理者也是員工，應該也有屬於資訊管理部門的使用者帳戶，當需要執行管理工作時，再切換至管理帳號。
  • 為管理員配置專用的工作站主機：由於管理事務需要特別的權限運作，但當主機混用時，易造成較高管理權限的使用者帳戶因為登入到未知主機上，造成被該主機擷取到管理者帳號的相關機密資料。
  • 限制伺服器及工作站的登入存取：限制管理者帳戶不可登入本機，例如 Domain admins, Enterprise Admins。
  • 禁止特權帳號的權限委派

      2. 限制及保護高權限的網域帳號

• • 增強本地帳號於遠端存取的限制
  • 拒絕來自於網路登入到所有的本地帳號
  • 建立為特權帳號建立唯一的密碼

       3. 以 GPO 設定 windows 防火牆限制輸入流量

　　當然要更安全的作法就必須導入第二種驗證方式，例如加上 One time pasword 、生物認證，由於較舊的版本 ( windows 7 以前 ) 在驗證模式中，即是使用 NTLMv1 ，但由於新版本作業系統上雖然可以強制指定 NTLMv2 ，但一旦有作業系統上的版本落差，則會出現 NTLMv1 及 NTLMv2 不相容的問題產生，即使你的密碼正確，因 NTLMv2 有加上時戳，因此根本無法與 NTLMv1 配對，當然即無法正常運作通過驗證。

有更多的資訊你可以參考下面的延伸閱讀。

延伸閱讀：

l   Wiki Pass the Hash: https://en.wikipedia.org/wiki/Pass_the_hash

l   Security TechCenter Pass-the-Hash: https://technet.microsoft.com/en-us/security/dn785092

l   Understanding the Windows SMB NTLM authentication weak nonce Vulnerability:  http://www.ampliasecurity.com/research/NTLMWeakNonce-bh2010-usa-ampliasecurity.pdf

Today’s Tip…

Microsoft Mechanics, the show that brought you the latest in Office from the engineers behind the tech has now expanded to cover the breadth of Microsoft technologies. Microsoft Mechanics, is our official new show and video platform for tech enthusiasts and IT professionals. We’ll cover the latest tech from Azure, Office, Windows, and Surface teams in a demo-packed 10-minute format from the engineers and experts. Further, for faster overviews, we also just launched 2-3 minute "Demo Bench", capability reviews. So keep informed, join us each Wednesday or as news breaks.

Here is a short list of some of the videos from this series...

Server Playlist

• Exploring Nano Server for Windows Server 2016 with Jeffrey Snover
• Early look at containers in Windows Server, Hyper-V and Azure – with Mark Russinovich
• First look at SharePoint Server 2016 IT Preview
• Exchange Server 2016 - Performance, architecture and compliance updates
• Exchange Server 2016 & Outlook on the go - Mobile, browser and productivity updates
• Exchange Server 2016 Smarter Inbox - Search and customization updates
• Exchange Server 2016 demo - Collaboration updates
• First look at Exchange Server 2016 and what's new for admins

Azure Playlist

• Real examples of hacking and malware attacks then what Microsoft did to stop them
• An early look at Azure Stack and what it means for IT, with Jeffrey Snover
• Building custom Office 365 apps to manage Lotus F1 Team race crew logistics
• Hybrid Infrastructure Automation with Azure Resource Manager Templates
• Azure AD B2C: How to enable consumer logins and access management for your B2C apps
• How to simplify external resource sharing with Azure AD B2B collaboration
• Beyond MDM—How to protect your data with BYOD and SaaS implemented
• Early look at Power BI updates and new customization options

www.microsoft.com/mechanics

Beschreibung

Das Enhanced Mitigation Experience Toolkit (EMET) setzt neue Maßstäbe für Sicherheitstechnologien und effektive Schadensbegrenzung.  Es wurde von verschiedenen IT-Sicherheitsrahmen und Organen zunehmend empfohlen. EMET beugt präventiv Speicherbeschädigung für häufig verwendete Anwendungen wie Zero-Day-Schwachstellen vor.

Der Webcast bietet Ihnen einen Überblick über EMET, seine Fähigkeiten und Sicherheitsvorteile. Erfahren Sie von unserem EMET Spezialisten, wie Sie Ihr Konfigurationsmanagement mit Hilfe von EMET ergänzend oder exklusiv optimieren können.

Agenda

• EMET im Rahmen einer Organisationssicherheitslage
• Fähigkeiten von EMET
• Identifizieren Bereitstellung und Konfiguration Methoden
• Q&A

Wir bieten Ihnen diesen Webcast als Online-Meeting über Microsoft Skype for Business an. Der Referent erläutert das Thema anhand von Microsoft PowerPoint Slides. Live Demos innerhalb 90 Minuten. Am Ende des Webcasts steht den Teilnehmern 30 Minuten für Fragen zur Verfügung.

Zielgruppe
Dieser Webcast richtet sich in erster Linie an Platform Engineers und Support Mitarbeiter.

Level 200
(Level Skala: 100= Strategisch/ 200= technischer Überblick/ 300=tiefe Fachkenntnisse/ 400= technisches Expertenwissen)

Sprache
Dieser Webcast wird in deutscher Sprache gehalten.

Anmeldung
Zur Anmeldung wenden Sie sich bitte direkt an Ihren Microsoft Technical Account Manager oder senden Sie eine Mail an peger@microsoft.com. Besuchen Sie uns auf Microsoft Premier Education. Dort finden Sie eine Gesamtübersicht aller verfügbaren Webcasts, Workshops und Events.

We caught up with a first time attendee at WPC last year, Chris Clark to share his thoughts on his experience.

In 2015, despite being an organisation of 25 staff we ‘went for it’, I as CEO and founder of Prosperity 24.7, proposed, authorised and paid for five of us to attend WPC. When you consider we are based in Jersey in the Channel Islands, this was a significant investment for a business that required multiple flights, stop overs, a week out of our growing business for the top five performers but it was worth it...

Why did we go en masse?

I am personally very closely aligned to Microsoft in the UK, the Executive team and the wider partner network. I also recognise the very real business opportunity through adopting a Cloud first strategy, both regarding how it accelerates the way we can transform our client’s businesses as well as how it can provide significant cost and security benefits to everyone. Although I knew my colleagues were aware of the ‘art of the possible’, I really wanted them to drink it all in and have a fully immersive experience - living, breathing, eating and sleeping everything that Microsoft has to offer, aligned to the vision of the modern way of working, led by Satya Nadella.

Although we are a relatively young organisation, we believe we have to have strategic alignment across a business of any scale to transform it, or to pivot it if required. WPC enabled my colleagues to derive so much passion about the future possibilities and most importantly, to work it out for themselves rather than to be told ‘this is what I want you to do’. Over the course of the event I saw more and more ‘light bulb’ moments illuminate across the faces of my colleagues which culminated in a fantastic evening on the Wednesday, where everyone was positively gushing about the various avenues, possibilities and opportunities that we could explore and deliver to make our clients’ and our industry in general, function far more securely, seamlessly and elegantly.

This was just one of the benefits ‘team alignment’ and I think it was after reflecting upon this that I posted this tweet the following day:

Whilst my colleagues immersed themselves in the ‘Microsoft experience’, I had many, many meetings, spanning US Public Sector contacts discussing what we have achieved and are looking to achieve with our CityNext partnership through to catching up with Dutch friends running successful CRM practices. Our ability to discuss our successes led to Prosperity 24.7 being selected as a CityNext showcase which was phenomenal both for our client as well as our business - video showcase here. This has had a directly positive impact upon our business, as you can well imagine.

I managed to meet almost all of the UK Executive team either in a social context or through structured meetings at the UK lounge which in turn resulted in Microsoft placing us on a Dynamics CRM partner accelerator programme to develop ‘micro-vertical’ solutions in CRM online.

What value have we derived subsequent to WPC15?

The support and encouragement we received following our Executive meetings at WPC resulted in Prosperity 24.7’s first CRM product for Financial Services – Self Certify 24/7 - which we developed and delivered in partnership with Microsoft UK.

As if this was not enough ‘value derived’ from our investment in WPC, for the first time ever, we have appeared on the UK leader board for CRM partners.

All of this can be directly attributed to our investment in WPC and the following activity where we have worked in partnership with the UK Dynamics and Partner teams.

Above I am only scratching the surface of the benefits we derived from attending WPC 2015, we had our best year by a mile, whilst really helping our wider community both with charity endeavours and successful delivery of projects. 2016 has continued in an incredible way, our team alone has already grown by another 20% in the last three months with diversification into IoT and Azure Machine Learning coming to fruition already – all insights gleaned from WPC15.

The true financial value to our business is yet to be realised, but one of the greatest benefits is that I feel that Microsoft Executives know me, they know my business, they know our aspirations and our success stories – this is essential for us all to thrive and prosper in the Microsoft Partner Network– I look forward to meeting you in Toronto. Register for your all access pass today.

Chris Clark, CEO, Prosperity 24.7

If you’re an Exchange Online or Exchange Online Protection (EOP) subscriber and you have configured connectors, this post contains important information that might impact your organization. To make sure that your mail flow isn’t interrupted, we strongly recommend that you read this post and take any necessary action at your earliest convenience.

The change will impact you if one of the following scenarios apply to your organization:

• Your organization needs to send NDR (non-delivery report) messages to a recipient on the Internet and needs to relay them through Office 365.
• Your organization needs to send messages from your own email server (on-premises environment) from domains that your organization has not entered in Office 365 (see Add Domains in Office 365). For example, your organization Contoso needs to send email as the domain fabrikam.com, which doesn’t belong to your organization.
• There is a forwarding rule configured on your on-premises server, and messages need to relay through Office 365. For example, contoso.com is your organization’s domain, a user in your organization’s on-premises server, kate@contoso.com, has enabled forwarding. All her messages go to kate@tailspintoys.com. If john@fabrikam.com sends a message to kate@contoso.com, the message gets automatically forwarded to kate@tailspintoys.com. From Office 365’s point of view, the message is sent from john@fabrikam.com to kate@tailspintoys.com. Because Kate’s mail is being forwarded, neither the sender domain nor the recipient domain belongs to your organization.

Beginning February 1, 2017, Office 365 will no longer by default support relaying messages for the scenarios described above. If your organization needs those scenarios to continue to work, you need to make sure that the following are all true:

• You have created a connector in Office 365 that instructs the service to use certificate to authenticate emails coming from your organization’s own email server (on-premises environment).
• Your own email server (on-premises environment) is configured to use the certificate to send email to Office 365.
• This certificate is CA signed and its certificate name (CN) or subject alternative name (SAN) contains a domain that you have entered in Office 365.

To do so, use the following instructions.

Create or Edit a certificate-based connector in Office 365

For Office 365 to relay messages to internet that match with the scenarios listed above, you need to follow the below steps.

1. Sign in to Office 365 admin center, and go to Admin> Exchange.

2. Go to mail flow> connectors, and do one of the following:

If there are no connectors, choose ’+’ (Add) to create a connector.

If a connector already exists, select the connector, and choose Edit to modify it.

3. On the Select your mail flow scenario page, choose From: Your organization’s email server and To: Office 365. This creates a connector that indicates that your on-premises server is the sending source for your messages.

4. Enter connector name and other information, and then choose Next.

5. On the New connector or Edit connector page, choose the first option to use a TLS certificate to identify the sender source of your organization’s messages. The domain name in the option should match with the CN name or SAN in the certificate that you’re using. The domain you use needs to be a domain that belongs to your organization and you need to have added the domain to Office 365. For example, contoso.com belongs to your organization, and it’s part of CN name or SAN name in the certificate that your organization uses to communicate with Office 365.

Configure your on-premises environment

Use the following steps to prepare your on-premises servers to relay messages through Office 365:

1. If your organization uses Exchange server for its on-premises server, you need to configure your server to send messages over TLS. To do this, follow Set up your email server to relay mail to the Internet via Office 365, which is part 2.2 of “Set up connectors to route mail between Office 365 and your own email servers.” If you have already used Hybrid Configuration Wizard, then continue to use it, but ensure to use a certificate that matches the criteria outlined in step 5 of the previous section.
2. Install a certificate in your on-premises environment. For details, follow “Step 6: Configure an SSL certificate” of Configure mail flow and client access.

For more details about how to relay messages through Office 365, see the Setting up mail flow where some mailboxes are in Office 365 and some mailboxes are on your organization’s mail servers section of Mail flow best practices for Exchange Online and Office 365.

Carolyn Liu

All – last week Microsoft made great announcements and I have highlighted three below but please take a look at all last week’s news.

Highlights:

• Alex Kipman Ted talk on Hololens
• Gartner names Microsoft Azure a leader in aPaaS
• Office 365 Connectors

WEBINARS & EVENTS

Turbocharge your productivity with Windows 10 and Office 2016 | March 30^th and April 6^th at 10 am and 12 pm PST
Check out how you can help your business cross the finish line with time to spare using Windows 10 and Office 2016.

Windows 10 for device management webcast | March 31^st at 11:00 am PST
In this webinar, we will introduce the tools that eliminate stress. We will show you how Windows 10 out-of-the-box Active Directory and Azure Active Directory help you control access, manage identities, and configure policies.

Skype Show | April 4^th at 12:00 pm PST
Microsoft's own Jamie Stark and Skype for Business MVP Thomas Poett will join the live Skype Show.
Agenda:

• Session 1: The Future of UC
• Session 2: Geographically Dispersed Edges and CCE
• Session 3: Skype for Business new features
• Session 4: Q&A

MOMENTUM’16 Conference | April 5-7 in San Francisco
Microsoft will have a significant presence and a chance to showcase Office 365 at DocuSign’s upcoming MOMENTUM’16 conference in San Francisco. From April 5–7, the sharpest minds in technology will come together to brainstorm, attend breakout sessions and discover the possibilities that adopting a digital workflow can bring their business.

Are my robots going to attack me? Tips for a secure IoT strategy. | April 12^th at 10:00 am PST
During this webinar and live Q&A, our IoT and cloud security experts will walk you through best practices for making sure you’re as safe as you can—and should—be with IoT. Register to learn:

• Tips for a more secure IoT strategy
• How to recognize weak links in your IoT operations
• Why Microsoft’s comprehensive security solutions and investments make Azure a trusted cloud for IoT

Machine Learning: How technology advances human intelligence | April 12th at 8:00 am PST
Join us as we explore cognitive technology, and learn what advances in artificial intelligence will impact analytics and demand for human interaction on the next episode of Modern Workplace.

Office 365 Connectors YamJam! | Thursday, April 14, 2016 at 9:00 am PST
Join us for a Connectors YamJam! As we announced last week, Office 365 Connectors are currently available for First Release customers and in the process of being rolled out for generally availability shortly.

YamJam will be hosted in the Office 365 Groups group

Azure Active Directory Premium Customer Training Webinars | April dates
Join us and learn how to get up and running on Azure AD Premium quickly and easily!

• Secure Your Identities with Azure AD Multi-Factor Authentication (MFA)
• Accessing Your Organization's Internal Application via Azure AD App Proxy
• Getting Ready for Azure AD
• Manage Your Enterprise Applications with Azure AD
• Manage Partner and Vendor Access Using Azure B2B Collaboration
• Streamlining Password Management Using Azure AD

//Build 2016 | March 30 through April 1st
REMINDER | Save The Dates - Make sure you don't miss your view into the future of Developer Tools.
//Build2016 will be Streaming Live at http://spr.ly/6184B5xAA

Tackle the top five data challenges with SQL Server | March 31^st at 10:00 am PST
REMINDER | Learn how to address the top data management challenges with a unified approach that improves security, reduces complexity, and lowers the costs normally associated with data platforms.

Drive Business Results with Intelligent Tools Series | March 31^st at 10:00 am PST
REMINDER | Reinventing Customer Experience: Field Service and the Modern Dispatch Technician

SME roundtable on mobility at Microsoft Webinar | March 31^st at 10:00 am PST

REMINDER | IT subject matter experts (SMEs) from our Mobility at Microsoft IT Showcase course will answer your questions about how Microsoft IT designs, develops, deploys, and supports mobility at Microsoft. Get candid answers from our experts as they share their insights and best practices.

Global Azure Bootcamp 2016 | April 16^th, 2016
REMINDER | This year we are again doing a one-day deep dive class to help thousands of people get up to speed on developing Cloud Computing Applications for Azure. In addition to this great learning opportunity we will have another set of hands on labs. Check the different locations worldwide!

Office 365 – FastTrack webinars | April dates are now available
REMINDER | Learn how to do more, together. Ask questions, learn shortcuts and find out how Office 365 can make you and your team more productive. Select one of the webinars available, register, and attend a live presentation with demos and Q&A. Webinar selection range from using Office 365 to working like a network.

OFFICE 365

What’s new—Office 365 Video
As you may have seen on the Office 365 Roadmap, we’ve been working hard to bring you numerous features and capabilities ranging from improving the upload experience, enhancing accessibility with closed-caption support, delivering analytics per video to provide aggregate trending patterns and more.

6 tasks ideal for the cloud—cloud storage and beyond
This post covers six ‘other’ ways the cloud can be used by any businesses.

New to Office 365 in March—move from Evernote to OneNote, PowerPoint Designer updates and more
This month, our updates include a tool for migrating Evernote notes to OneNote, enhancements to PowerPoint Designer and new languages supported in Office for Mac and Skype Translator. We also have updates for our commercial customers using Skype for Business, Project Online and Office 365 video. Read on for more.

Introducing Office 365 Connectors
Office 365 Connectors surfaces all the information you care about in the Office 365 Groups shared inbox, so you can easily collaborate with others and interact with the updates as they happen. In addition to the current Groups inbox integration, we plan to bring Office 365 Connectors to the Outlook inbox for individual users to leverage and over time to other experiences across Office 365.

Skype for Business for iOS productivity guide
Skype for Business for iOS is a productivity app that brings Skype Meetings, presence, instant messaging (IM), voice, and video capabilities to your iOS mobile device.

Skype for Business for Android Productivity Guide
Skype for Business for Android is a productivity app that brings Skype Meetings, instant messaging, voice, and video capabilities to your Android mobile device. It has a new look and feel, at-a-glance view of your upcoming meetings and conversation history, simplified call controls, and many other improvements.

AZURE

Microservices: An application revolution powered by the cloud
Mark Russinovich talks about how and why a microservices architecture can help with application development and lifecycle tasks, and describe the capabilities that platforms can provide to support those architectures. Then he lists some of the platforms commonly used by developers as the foundation for their microservice based applications that Azure supports, and finally, he briefly describes our microservice application platform, called Service Fabric, that provides comprehensive support for microservices lifecycle management out of the box. | Channel 9 conversation with Mark Russinovich on Microservices

Full text search of audio and video files
Watch how to perform full text search over the spoken words within your audio and video files. Read on to learn more.

A sample application for pulling data from SQL into an Azure Event Hub
A recent article and code sample I produced with Dinar Gainitdinov shows how to build a simple application to run some complex joins and queries then push the updated records to an Azure Event Hub.

Application Packages and Task Dependencies now available on Azure Batch
As promised, we’ve been hard at work porting preview features to the generally available, production-ready Batch service. We’re excited to announce two of the most popular features, Application Packages and Task Dependencies are now available.

Developer's introduction to Azure IoT
This post is for the cast and crew of developers that make any IoT solution work for its intended audience. It's a guide not just to the “Things,” but to their secure connection to the “Internet” that powers every IoT solution.

Announcing Azure Storage Python Client Library 0.30 preview
We are pleased to announce the 0.30 preview release of the Azure Storage Python Client Library.

Azure Compliance: DocumentDB certified for ISO 27001, HIPAA, and the EU Model Clauses
The Azure DocumentDB team is excited to announce DocumentDB is ISO 27001, HIPAA, and EU Model Clauses compliant.

Brand new Docker Machine for Azure
We are very excited to announce a brand new Azure driver for Docker Machine using the new Azure Resource Manager APIs.

Gartner names Microsoft Azure a leader in aPaaS
We’re excited that Gartner recognized Microsoft Azure as a leader in their Magic Quadrant for Enterprise Application Platform as a Service for the third year in a row based on completeness of our vision and ability to execute.

MISCELLANEOUS

A futuristic vision of the age of holograms
Wearing the HoloLens headset, Alex Kipman demos his vision for bringing 3D holograms into the real world, enhancing our perceptions so that we can touch and feel digital content.

Time is running out: Upgrade SQL Server 2005 now
Less than one month remains before support ends for SQL Server 2005 on April 12, 2016. If you’re still using this version or other legacy versions of SQL Server, there’s never been a better time to upgrade to SQL Server 2014 and Microsoft Azure SQL Database to safeguard your business and reap all the benefits of a modern data platform.

Web.Dev 2: Getting Started with Angular 2.0
Angular 2.0 is pretty great. It's the latest iteration of the very popular Angular.js client-side web framework. It's different from Angular 1.x. Actually, it's very different!

Getting started with app design
This blog is the first in a multi-part series on app design for developers. We’ll introduce you to the tricks of the design trade so you can create more attractive and more successful UWP apps.

Squash: A Whole New Way to Merge Pull Requests
A squash merge is a merge option in Git that will produce a merge commit with only one parent. The files are merged exactly as they would be in a normal merge, but the commit metadata is changed to show only one of the parent commits. The result is a single commit on the target branch with all of the changes from a normal merge.

Accessing the Red Hat Customer Portal from Azure
Did you know you can access premium Red Hat content by using a Red Hat Enterprise Linux VM image in the Azure Marketplace? Check the post for details.

72% of businesses worry about mobile security
Being mobile is one thing. Being mobile productive is another. Discover how you can combine the freedom of mobility for employees with added productivity for your business.

TWC9: SQL on Linux, Microsoft Joins Eclipse Foundation, UWP Porting Guides for Android/iOS, Dogs and Cats living together and more...
Last week on Channel 9.

Regards,
Bea

Hi –

I wanted to let you all know that the Office 365 team is looking for feedback. If you are interested in sharing your input, please fill out the survey below! The feedback you give will have direct impact on Office 365.

Survey link: https://www.surveymonkey.com/r/CXRVRVY

Thanks,
Bea

IT pros -

If you are looking into Yammer Enterprise for your company, I highly recommend you attend the below FREE Microsoft Office 365 webinar (multiple dates available). The webinar will help you to discover how to bring your team together through launching a successful Yammer network within your organization.  A live presenter will encourage questions and discussion of scenarios specific to you.

Registration landing page: http://aka.ms/O365worknetwork!  

Available dates:

• Bring Your Team Together with Yammer - 4/5/2016 1:30 PM - 2:30 PM
• Bring Your Team Together with Yammer - 4/12/2016 1:30 PM - 2:30 PM
• Bring Your Team Together with Yammer - 4/19/2016 1:30 PM - 2:30 PM
• Bring Your Team Together with Yammer - 4/26/2016 1:30 PM - 2:30 PM

Find other webinars like this one here: http://fasttrack.microsoft.com/office/webinar/live

Regards,
Bea

The Skype for Business Voice Solutions Poster has been released.  Use this poster to choose the right Voice solution for your organization: an all-in-the cloud solution delivered by Office 365 or a hybrid solution that combines on-premises software and Office O365 services. Decide how to best provide Private Branch Exchange (PBX) functionality along with access to the Public Switched Telephone Network (PSTN) for all users in your organization by answering some questions and following the flowchart.

The Skype for Business Voice Solutions Poster is available on the Technical Diagrams for Skype for Business Server TechNet page here.  Additionally you can download the pdf here or the Visio here.

Stay up to date with the latest news and blogs for Skype for Business and all Microsoft server technologies with the PFE Direct UWP Windows 10 app here!

The Capacity Planning for Skype for Business Server 2015 TechNet documentation has been released as well as the Skype for Business Server 2015 Capacity Calculator.  Review the Capacity Planning TechNet documentation here and download the Capacity Calculator here.

The Skype for Business Server 2015 Capacity Calculator is designed to assist you in determining server requirements based on numbers of users and communication modalities that are enabled at your organization. You enter your organization’s profile, and the calculator provides recommendations that help you plan your topology. You can benefit most from the calculator if you have accurate, detailed information about your specific user profile. For example, the percentage of voice-enabled users, average calls per user per hour, call duration, and the percentage of concurrent users in conferences can make a huge difference in server requirements. The accuracy of the recommendations created by the calculator depends on the accuracy of the information that you provide.

Note – the corresponding Word document with instructions on how to use the tool is currently not available.  In the meantime the corresponding Word document for the Lync Server 2013 Capacity Calculator can be used if you are unfamiliar with how to populate the spreadsheet, available here.  Once the Word document is released I will update this post accordingly.

Stay up to date with the latest news and blogs for Skype for Business and all Microsoft server technologies with the PFE Direct UWP Windows 10 app here!