07/04/2016 - Tech Tudo

A Build 14316 chegou ao Windows 10 com diversas novidades do Anniversary Update. Disponível apenas para usuários do programa Windows Insider, a versão prévia do sistema tem funções como o Bash nativo vindo do Ubuntu, novas extensões para o Microsoft Edge, emojis redesenhados, Cortanacom integração no Android, tema escuro, melhorias na central de ações e na interface em geral. A expectativa é que a versão final chegue entre julho e agosto. Como fazer um programa antigo funcionar no Windows 10 Nova Interface de instalação.

A primeira alteração notável da Build 14316 está em sua instalação. No lugar da antiga tela preta com o progresso no formato circular, o sistema da Microsoft usará a interface convencional do Windows Update. Ou seja, com fundo colorido e instalações divididas em passos. O update parecerá menos com uma formatação, mas ainda será necessário aguardar a configuração inicial após o primeiro login. Windows 10 tem nova tela de instalação que simula update comum do sistema (Foto: Divulgação/Microsoft) Cortana integrada ao Windows 10 Mobile e Android.

A assistente virtual Cortana tornará smartphones com Windows 10 Mobile e Android mais integrados ao seu computador. Para obter as novidades, é preciso ter um um Lumia com suporte às builds mais recentes do Windows Insider. Já em aparelhos com o sistema do Google, é necessário baixar o app da assistente fora da Play Store, já que essa não está disponível no Brasil. Confira as funçõesNotificação de bateria fraca: A assistente virtual da Microsoft pode informar no computador quando o telefone do usuário estiver precisando de uma recarga. Pode ser muito útil para evitar surpresas desagradáveis ao passar muito tempo sem usar o telefone. Cortana se tornou capaz de avisar sobre bateria de Android e Windows 10 Mobile (Foto: Reprodução/Elson de Souza)Encontrar telefone: Usuários também poderão usar a Cortana para localizar os seus telefones perdidos. Basta abrir a assistente virtual e pedir "Encontre meu telefone". Quando localizar, uma notificação com mapa será exibida. Ao clicar, será possível ver o local e solicitar que o telefone vibre. Ainda indisponível em Português.Compartilhar navegação GPS: Se o usuário pedir para a Cortana exibir as direções para um determinado endereço no PC, uma notificação vai aparecer no telefone para que a navegação seja iniciada por lá. Ainda não disponível em Português.Qual é o melhor Windows de todos os tempos? Comente no Fórum do TechTudo.Cortana mais fácil de configurarEm países que a Cortana estiver disponível, como o Brasil, o usuário poderá acessar os ajustes da assistente para ativá-la e baixar o pacote de idiomas automaticamente. Isso facilita bastante a instalação, já que anteriormente era necessário entrar nas configurações do sistema para fazer cada etapa separadamente.Cortana tem novo botão de configurações no Windows 10 e baixa idiomas automaticamente (Foto: Reprodução/Elson de Souza) Novas Extensões para o Microsoft EdgeFãs do Pinterest já podem comemorar: o novo navegador da Microsoft ganhou uma extensão para a rede social. Trata-se da Pin It Button, que permitirá fixar conteúdo da aba ativa na rede social em poucos passos. Além disso, a Microsoft lançou o OneNote Clipper, que oferece maior integração com o aplicativo de anotações da empresa.Se você já utilizava uma das extensões anteriores, será necessário baixá-las novamente. Segundo a Microsoft, a Translator, Reddit Enhancement Suite (RES) e Mouse Gestures instaladas deixarão de funcionar após a atualização.Microsoft Edge ganhou novas extensões para Pinterest e OneNote no Windows 10 (Foto: Reprodução/Elson de Souza) Melhorias na Central de NotificaçõesA Microsoft deixou a central de ações do Windows mais flexível. Na nova versão, os usuários poderão configurar prioridades para as notificações de cada aplicativo em três níveis: normal, alta e prioridade. Isso minimizará as chances do usuário perder algo importante no PC.O Windows 10 dá a possibilidade de limitar o número máximo de notificações agrupadas por cada app para evitar poluição. Por padrão, o valor será de até três alertas.Central de notificações terá prioridades de apps e também limite de mensagens (Foto: Reprodução/Elson de Souza) Novos emojis.

A Microsoft modificou completamente os emojis do teclado virtual do Windows 10. Segundo a empresa, os novos rostinhos foram desenhados para serem mais detalhados e divertidos. Além disso, foram adicionados a possibilidade de escolher tonalidade de pele, algo já presente no iOS e WhatsApp. Essa é a primeira grande reformulação dos emoticons desde o Windows 8.Windows 10 ganhou novo pacote de emojis na Build 14316 (Foto: Reprodução/Elson de Souza) Mais personalização: tema preto e coresA Microsoft liberou o tema preto para o Windows 10, seguindo os moldes do Windows Phone. Ao selecionar a opção no menu de cores, o sistema exibirá apps nativos como calculadora, loja Windows Store, configurações, entre outros. Apps de terceiro continuarão tendo personalização à parte.Na atualização de novembro, a Microsoft incluiu cores às barras de título de programas e aplicativos, mas era preciso usar o mesmo esquema de tons nos menus e outras áreas do sistema.

Agora, o Windows 10 poderá apenas colorir a barra de título, liberando o Iniciar e demais barras para uso em outras tonalidades.Windows 10 tem tema preto nas configurações, calculadora e outros apps (Foto: Reprodução/Elson de Souza) Projeção de tela de outros PCs e smartphones com ContinuumO aplicativo "Connect" servirá para integrar o Windows 10 a aparelhos. Donos de smartphones Lumias com Continuum, que ainda não estão disponíveis no Brasil, poderão projetar a tela do aparelho no computador utilizando cabo USB. O mesmo ocorre com PCs com conexão miracast, que poderão projetar sua tela em outro computador sem o uso de cabos.Download grátis do app do TechTudo: receba dicas e notícias de tecnologia no Android ou iPhoneMelhorias nos desktops virtuaisUsuários poderão fazer com que um aplicativo e suas janelas fiquem visíveis em todas as áreas de trabalho virtuais do Windows. A novidade promete ser bastante útil para quem precisa checar seu email independentemente do ambiente em que está trabalhando ou quer reproduzir músicas sem ter que ficar alternando entre desktops.Windows 10 tem novas opções para áreas de trabalho vituais (Foto: Reprodução/Elson de Souza) Melhorias no gerenciamento de bateriaA Microsoft reuniu todas as opções de energia sob o menu Bateria nas configurações do Windows 10. Além disso, a empresa alterou a sessão que indica o consumo de cada aplicativo, dando a opção do usuário deixar o sistema manusear a atividade de programas em segundo plano, desativando-os quando a economia de energia estiver ativa ou quando estes não forem usado durante muito tempo.Windows 10 agora é capaz de gerenciar apps para desativá-los para poupar energia (Foto: Reprodução/Elson de Souza) Windows Update: sem atrapalhar no seu trabalhoUma constante reclamação de usuários são atualizações do Windows inesperadas no meio do expediente de trabalho ou estudos. Agora, será possível informar ao computador as horas que você permanece mais ativo no uso da máquina, fazendo com que evite instalar updates neste horário.Windows Update agora promete ser menos intrusivo e respeitar horários do usuário (Foto: Reprodução/Elson de Souza) Aplicativo universal do SkypeA Microsoft está preparando uma nova versão universal do Skype para Windows, ou seja, que rode tanto em celulares como em computadores. Usuários Insiders poderão testar a ferramenta na nova build para PC e dar feedback, enquanto a versão mobile deverá chegar em breve.

Skype agora tem novo app universal no Windows 10 em computadores (Foto: Reprodução/Elson de Souza)Bash do Ububtu no Windows 10Voltada mais especificamente para criadores de apps, a integração do Bash também já está disponível na nova versão do Windows 10. Para ativá-la, é necessário acessar as opções de desenvolvedores dentro do menu de atualizações do sistema e ativar a função "Subsistemas Linux para Windows" dentro do menu de recursos da plataforma. saiba maisMudanças pequenas e correçõesA Microsoft adicionou ao Feedback Hub a possibilidade de fazer comentários nas postagens dos engenheiros da empresa e de outros usuários. Fora isso, a empresa corrigiu pequenas falhas de interface e problemas de desempenho em computadores e com processadores ou chips específicos. Assim como outras builds, a 14316 apresenta problemas, como no download de aplicativos grandes com o Microsoft Edge. É possível conferir a lista completa de erros e melhorias no blog do Windows.O que ficou de fora da Build 14316?Duas ausências importantes foram observadas na nova build do Windows 10. A primeira é a falta da integração com envio de mensagens entre computadores e celulares Android e Windows 10 Mobile com Cortana instalada. A Microsoft prometeu que isso chegará nas próximas semanas.Windows Store também foi modificada na Build 14316 com tema preto (Foto: Reprodução/Elson de Souza)Já o Windows Ink, que teve bastante destaque na conferência Build, ainda não tem previsão. Com o recurso, é possível usar ferramentas para fazer anotações e escritas na tela com canetas, bem como achar aplicativos com suporte ao recurso. 

Original: http://www.techtudo.com.br/noticias/noticia/2016/04/windows-10-ganha-build-14316-com-novidades-do-anniversary-update.html

Windows 10 ganha Build 14316 com novidades do Anniversary Update

Por Office 365 Team

Em conformidade com o nosso compromisso de oferecer aos clientes o máximo de transparência, lançamos uma visão geral detalhada de como o Office 365 controla o mapa para a segurança, privacidade, conformidade e controles de gerenciamento de risco definido na aliança com  Cloud Security Alliance Cloud Control Matrix (CSA CCM).

A Cloud Security Alliance  (CSA) é uma organização sem fins lucrativos liderada por uma ampla coligação de profissionais do sector, associações, governos e empresas e membros individuais que são dedicados para a definição e a sensibilização das melhores práticas que ajudam a garantir um ambiente de computação em nuvem segura. O CSA CCM Security, Trust & Assurance Registry (STAR) é considerado o padrão ouro durante a realização de avaliação de risco e a devida diligência contra prestadores de serviço em nuvem. Como parte de nossos esforços para fornecer aos clientes, uma profunda  percepção em nossa segurança, conformidade e controles de privacidade, que publicará regularmente auto-avaliações da Microsoft Azure, Microsoft Dynamics CRM Online e Office 365.

O CCM detalha dos conceitos operacionais e princípios relativos à segurança e privacidade que abrangem 16 domínios operacionais (mostrado abaixo). O documento de mapeamento demonstra claramente como o Office 365 controla o endereço CSA sobre conceitos operacionais e recomendações conforme observado abaixo. Esperamos que isso ajude você na eficiência do seu Office  365 dando a devida diligência ao avaliar Office 365, onboarding Office 365 ou na renovação de sua assinatura.

O CCM padroniza a segurança e os controles de gerenciamento de risco operacional e procedimentos e busca para normalizar as expectativas de segurança em nuvem,  taxonomias e terminologias, bem como melhorar de forma geral as medidas de segurança aplicadas na nuvem. As respostas do  CCM  incluídoas no documento também se alinha com a nossa ISO 27001, 27018 e SOC atestados e são planejados para os  seguintes serviços Office 365 que estão hospedados em data centers da Microsoft:

• Exchange Online

• Proteção do Exchange Online

• O SharePoint Online incluindo OneDrive para Negócios

• Skype para Negócios

• Office Online

• Infraestrutura de serviços de escritório

• xperiência do Suite User

• Segurança Ambiente de Carga

Você pode fazer o download do documento em Office 365 Mapping of Cloud Security Alliance Cloud Control Matrix. Se você estiver interessado em obter mais em profundidade na segurança, a conformidade e a privacidade de informações relacionadas sobre os serviços de nuvem da Microsoft (Office 365, Microsoft Azure e o Microsoft Dynamics CRM Online), entrar no Service Trust Portal-onboarding  e as instruções para a manutenção da Portal de Confiança estão em O365 Service Trust.

Sinta-se à vontade para enviar comentários e observações sobre o Office 365 Mapeamento de CSA CCM para cxprad@microsoft.com.

-Office 365 CXP e equipe de Confiança 

Original: https://blogs.office.com/2016/02/03/how-to-assess-security-compliance-and-privacy-capabilities-in-office-365 /  

Windows 10 Enterprise Data Protection (EDP), currently in testing with enterprise customers and available soon, provides separation between both corporate and personal data and prevents corporate data from being copied out of corporate files to non-corporate files and locations, such as public website or social channels.

Our testing and evaluation documentation has just been posted to TechNet.

It covers the following:

• Create and deploy EDP policies with Intune or SCCM

• Understand the implications on app and cases where apps need updating

• Execute a series of testing scenarios to help them understand the scope of EDP
  
  

You may have heard that IoT stands for Internet of Threats, however this doesn't mean that you can't have a secure foundation to adopt IoT (which is really Internet of Things). Security for IoT is not one single button that you will press and say: now we are secure. There are many variables to consider and due the vast amount of elements involved in IoT, you must think broadly while architecting your solution. This week we released three new articles that will provide guidelines on how enhance your security for IoT adoption.

In this page you will see a new Security option that has links for these three new articles:

The new articles are:

• Internet of Things (IoT) security architecture
• Securing your Internet of Things from the ground up
• Internet of Things (IoT) security best practices

Stay safe!

It has come to my attention after dealing with multiple cases on the issue that tracking down Public Folder messages can be a pain. To help remove that pain, I am writing this in the hopes that it will be of some use to some of you in your daily Exchange-related activities!

To begin to understand hierarchy, we should firstly pay close attention to the Application Event log on the sending and receiving server. There are two events we want to pay close attention to on the sending server: 3017 and 3018. In a healthy scenario, we should be seeing plenty of both types of these events logged. However, there can be occasions where only 3017 events are being logged, with minimal or no 3018s present. Explanation of events below:

3017 - This is the outbound replication message (status). This event is logged on the computer that sends the status replication message.

3018 - This is the outbound replication message (hierarchy). This event is logged on the computer where the hierarchy change was made. This computer then sends the hierarchy change message to all the other public folder server computers that are in the same top level hierarchy (TLH).

So, if we are seeing multiple instances of 3017 being logged, but no 3018s present whatsoever, it indicates that status change messages are being exchange between the two (or more) Public Folder servers, but no hierarchy is being replicated. It means that the sending server isn't even attempting to send replication messages out, which would surely explain why we don't see any changes if, for example, we create a Public Folder on that server.

The usual culprit for the above mentioned issue lies within rules created by users within the Public Folders themselves. Sometimes these can become corrupt. If so, you're likely to see an event message logged on the server similar to the below:

*******************************************************************************
Log Name:      Application
Source:        MSExchangeIS Mailbox Store
Date:          2016-02-24 14:15:00
Event ID:      8533
Task Category: Move Mailbox
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      dns.computer.name
Description:
A problem occurred while getting the properties for the automatic reply message from <NULL>.
Error code: -2147221233.
Try to clear the rules or run ISINTEG to check for any problem in the database "PFDBNAME".
************************************************************************************

This almost certainly points to corrupted rules being the culprit. Unfortunately, with the troubleshooting tools provided by Microsoft, there is no easy way for us to determine what the name of the Public Folder with the corrupt rules actually is. So we can address this one of two ways:

1. Start removing rules from Public Folders one at a time. We can do this either with MFCMAPI or with an Outlook profile pointed towards the problematic Public Folder store. Eventually, you're going to remove the corrupted rule and things will be good. To narrow this down even further, the chances are Outlook will not be able to open the corrupt rules to view them in the first place. So if you get any Outlook generated messages when you attempt to view them in the first place, these are likely the ones you want to remove with MFCMAPI.
2. Contact Microsoft Support. We'll be able to collect an ExTRA trace for you, and tell you precisely the name of the affected Public Folder.
   

This is the first part in a 3-part series I'm writing dealing with Public Folder replication, and naturally only covers one of the potential issues you may encounter. I will be expanding on this, and more, in my next article, so stay tuned!

こんにちは。日本マイクロソフト Outlook サポート チームです。

今回は Outlook で会議出席依頼を [上司に転送] 時に、送信イベント内で関連する予定アイテムを取得すると例外が発生する事象についてご紹介します。

本事象は、アドインなどのプログラムを使用されない場合は影響はありません。

現象

以下のようなプログラムで、[上司に転送] で会議出席依頼を転送時に送信イベント内で関連する予定アイテムを取得する際、例外が発生します。

Private Sub Application_ItemSend(ByVal Item As Object, Cancel As Boolean)

    Dim mtgItem As Outlook.meetingItem

    Dim schItem As Outlook.AppointmentItem

    Set mtgItem = Item

    Set schItem = mtgItem.GetAssociatedAppointment(False)

End Sub

再現手順

1. Outlook で、受信した会議出席依頼を選択し、クイック操作の [上司に転送] をクリックします。

    ※ 事前に [上司に転送] で転送先を指定してください。

2. [送信] ボタンをクリックします。

結果

送信イベント内で、会議アイテムに関連する予定アイテムを取得する際、以下の例外が発生します。

「メンバーが見つかりません。（HRESULTからの例外：0x8002003(DISP_E_MEMBERNOTFOUND)) 」

対処方法
 
a. [上司に転送] を使用せず、[転送] を使用する

b. [上司に転送] する際は、一旦下書きフォルダに保存して、開きなおしてから送信する

本情報の内容（添付文書、リンク先などを含む）は、作成日時点でのものであり、予告なく変更される場合があります。

Hi Everyone,

At the beginning of this year I had a simple ask from a customer, how do we deploy a virtual machine from a custom image using ARM Templates? This is easily done if the custom image already resides in the same storage account where your virtual machines based on that will be deployed, but what happens if you don’t have it before the deployment time? Then I decided to share this with as many customers as possible, so created this Azure Resource Manager (ARM) template and had it published on GitHub Azure Quick Start Templates repositorythat helps customers deploy a new virtual machine from a custom image with a new storage account at the same time.

The challenge here is that for many Dev/Test environments we use ARM Templates to deploy environments really quick to perform testing, destroy it, go back to fix bugs, deploy it again and so on.

That environment will always have a new storage account and to be able to deploy (at the moment that this blog and template was posted) that custom image must reside in the same storage account where your virtual machines will be deployed. So the question is, how do I do that if I don’t have the storage account beforehand?

The solution to that is this template that uses what we call a transfer virtual machine that basically contains a script that will copy the source custom image virtual hard disk (VHD) to the newly deployed storage account, then the template starts deploying the virtual machines that uses this VHD as its image (instead of an image from Azure Marketplace).

The GitHub template main page shows you how to perform the deployment, basically it is done from Powershell, can be done from Cross Platform Command Line Interface too but I didn’t add the steps for that there (I may update this post with this option later).

You can access this template from this links

Create VM from a custom image in new storage account (if you click Learn more on GitHub you get directed to the GitHub page of the template where has more information on how to deploy it)

Direct link: https://github.com/Azure/azure-quickstart-templates/tree/master/201-vm-custom-image-new-storage-account

That’s it for this post, hope that this helps as a stating point for great environments deployed using Azure ARM Templates.

Interesting one this...

A customer had some information they needed to obtain from the description property on an object. The information was 'multi-valued' and saved as a Unicode string. What am I talking about?

Here's the string in the attribute editor of Active Directory Users and Computers (note the ';' delimiter):

Here it is in the Multi-valued String Editor:

Here's what happens when the object is retrieved with PowerShell:

What happened to those other values?!

Take a look at the description of the object in the GUI:

What happened to those other values?!

The customer wanted to search the 'multi-valued' description for a particular string. Obviously, the bit they wanted to check wasn't in the description returned by Get-ADObject! What to do?

[adsisearhcer] Saves the Day!

$Search='sweetdreams*'

$Objects=Get-ADObject-SearchBase"CN=Policies,CN=System,DC=halo,DC=net"-SearchScopeOneLevel-Filter {Description-like"*"}

foreach ($Objectin$Objects) {

$MultiDescription= ([adsisearcher]"(distinguishedname=$($Object.DistinguishedName))").FindOne().properties.description

if ($MultiDescription-like$Search) {

$Found=$MultiDescription-split" "|Select-String$Search

Write-Output$Found

}

}

The interesting bits:

• Get-ADObject returns any objects from the Policies container that have a populated description
• These are saved to an array and then checked individually
• [adsisearcher] is used to connect to the individual object and pull back the 'multi-valued' description property - $MultiDescription
• This is then split by value and checked for a particular string
• If matched the value will be returned as the contents of $Found

Fun in the [adsisearcher] type accelerator sun!

こんにちは。日本マイクロソフト Outlook サポート チームです。

今回は Outlook でリッチテキスト形式 (RTF) の会議出席依頼の本文に画像とファイルを挿入すると順番が入れ替わる現象についてお伝えいたします。

発生条件

本事象は、以下のすべての条件に合致した環境で発生します。

・ Outlook をキャッシュモード オフ (オンラインモード)で使用している

・ Outlook 2016 で、リッチテキスト形式で会議出席依頼を送信する (既定は HTML 形式です)

・ Outlook 2013/2010で会議出席依頼を送信する (リッチ テキスト形式のみで他の形式は選択できません)

・ Exchange Server 2013 または Exchange Online へ接続している

現象

会議出席依頼に埋め込み画像とファイルを挿入すると、受信者側で画像とファイルの順番が入れ替わってしまう。

<送信者>

会議開催者が、以下のような画像とファイル付きの会議出席依頼を送信します。

<受信者>

会議出席依頼を受信すると、画像と添付ファイルの場所が入れ替わります。

原因

この問題については、現在調査中のステータスとなります。

新しい情報が分かり次第、本ブログでも情報をアップデートします。

対処方法

この現象は、以下のいずれかの対処方法でを回避することができます。

1) 画像を添付ファイルとして添付する (Outlook 2010/2013/2016)

埋め込み画像の挿入ではなく、画像ファイルとして添付することで回避できます。

[挿入] タブ-[ファイルの添付] か、添付したい画像をドラッグ ＆ ドロップすると、ファイルとして添付されます。

2) 「リッチテキスト形式」 以外を利用する (Outlook 2016)

Outlook 2016 の場合は、「リッチテキスト形式」 以外を利用することで、回避可能です。

会議出席依頼作成画面で、[書式設定] タブ-[形式] より変更可能です。

(既定では 「HTLM 形式」 となっています。)

「HTML形式」であれば、[挿入] タブ-[画像] から挿入しても、本現象は発生しません。

3) Outlook をキャッシュ モードで利用する

会議出席依頼を送信側が、キャッシュモード オフ (オンラインモード)の時に発生します。

会議出席依頼の受信側が、キャッシュモード オフ (オンラインモード)であっても、送付者がキャッシュ モードの場合は発生しません。

本情報の内容（添付文書、リンク先などを含む）は、作成日時点でのものであり、予告なく変更される場合があります。

Buenas,

En este post queríamos haceros llegar la información que se acaba de publicar en el blog de Project (por Brian Smith, como podíais esperar) donde se nos indica que a partir de esta semana (la primera de Abril de 2016) todas las instancias PWA (Project Web Access) tendrán habilitados por defecto la característica de “Compromisos de Recursos” (Resource Engagements).

El post original se puede encontrar aquí:

https://blogs.technet.microsoft.com/projectsupport/2016/04/04/project-online-all-new-pwa-instances-will-have-resource-engagements/

En su día ya le dedicamos otro post en este blog a la nueva característica:

http://blogs.technet.com/b/elfarodeprojectserver/archive/2015/09/08/project-2016-compromiso-de-recursos.aspx

Y básicamente los detalles que queríamos hacer llegar son:

“A partir de esta semana nos daremos cuenta que para tenants nuevos, o simplemente nuevas instancias PWA en Project Online, tendremos la característica de Compromiso de Recursos habilitada por defecto. Esto implica la desaparición poder usar la capacidad del plan de recursos en estos tenants nuevos. La información pertinente se nos lleva mostrando en nuestro centro de mensajes desde hace meses, así que entendemos no debiera causarnos sorpresa. Independientemente, para todo aquel que sea nuevo en Project Online, o que quizás pueda venir del mundo de Project Server 2013, esto es posiblemente nuevo.

Posibles sugerencias para ir familiarizándonos con esta característica implican la lectura de los siguientes artículos:

https://blogs.office.com/2015/06/19/resource-engagements-coming-soon-to-project-2016

http://www.mpug.com/articles/understanding-resource-engagements-in-microsoft-project-2016 (Podemos ignorar la introducción donde comenta la necesidad de habilitar esto, ya que no será necesaria a partir de ahora).

El enlace para localizar las “preguntas más frecuentes” sobre Compromisos de Recursos es el siguiente:

https://support.office.com/es-es/article/Preguntas-m%c3%a1s-frecuentes-La-participaci%c3%b3n-de-recursos-va-a-reemplazar-a-los-antiguos-planes-de-recursos-5ddd3242-4858-4e57-a8c1-2b20c06d959a?ui=es-ES&rs=es-ES&ad=ES

Desde el punto de vista de soporte, para temas de Compromisos de Recursos y cálculos de capacidad, querríamos añadir lo siguiente, ya que no ha sido demasiado intuitivo para determinados usuarios: al usar Compromisos de Recursos y pretender calcular la utilización de los recursos basándonos en los Compromisos de Recursos para ese proyecto, la opción de configuración está en el cuadro de diálogo para el plan de proyecto dentro de Project PRO 2016 (o en Project PRO para Office 365). Si estábamos acostumbrados a la antigua opción, esto se encontraba en la página web. Las mismas opciones están disponibles, de tal manera que podemos realizar el cálculo desde el plan de proyecto hasta cierta fecha, o desde los Compromisos de Recursos.

Esperamos os resulte de interés, un saludo.

Jorge Puig

As we discussed in the Windows 10 servicing guidance published on TechNet, each new Windows 10 feature update is initially considered a Current Branch (CB) release, to be used by organizations for initial pilot deployments. The feature update will later be declared as Current Branch for Business (CBB), once we have received feedback and confirmation from organizations, OEMs, and partners, confirming that the feature update is ready for broad deployment.

Today, we are happy to announce that the Windows 10 version 1511 feature update (build 10586), released in November 2015, has been officially declared as Current Branch for Business (CBB), ready for organizations to begin deploying broadly. For most organizations, no specific action is needed as a result of this declaration – you just need to understand the impact of this declaration:

• We will be publishing updated media for Windows 10 1511 in the coming weeks, through various channels including Windows Update, Windows Update for Business, and Windows Server Update Services, as well as on the Volume Licensing Service Center and MSDN.
  
  
  • The only difference between this updated media and the original Windows 10 1511 release is the addition of the March cumulative update (KB3140768), which has been injected into the installation image.
  • If you don’t want to wait for updated media, you can manually inject that same update, or a later one, into an existing Windows 10 1511 installation image.

• For devices already running Windows 10 version 1511, deployed before the CBB declaration, no action is required other than standard monthly servicing. With the installation of the March cumulative update (KB3140768) or any later cumulative update, the device is already running the equivalent of what was declared as CBB.
  
  
• If you have devices running Windows 10 1507, you need to understand the impact of the CBB declaration:
  
  
  • For devices being serviced using Windows Update for Business and configured to “Defer upgrades,” Windows 10 1511 will begin to deploy as soon as the updated media has been published. (Note that the deferral policies that specify an additional number of months to defer the feature update are not supported for devices running Windows 10 1507.)
  • For devices being serviced using Windows Server Updates Services, the updates to the existing Windows 10 1511 feature updates will need to be re-approved once the new updated media is received (unless you have an automatic update rule configured for the “Upgrades” category).
  • For those using the System Center Configuration Manager Windows 10 servicing plans to keep Windows 10 devices up to date, the updated media will be detected as “business ready,” causing servicing plans based on that “business ready” designation to begin to be evaluated.
  • For devices that will be upgraded using System Center Configuration Manager or Microsoft Deployment Toolkit task sequences, you may want to switch to the latest media (downloaded from the Volume Licensing Service Center) instead of the current Windows 10 1511 media. Alternatively, you can inject the March cumulative update (KB3140768) into your existing media.

We have also updated the Release Information page available at http://aka.ms/win10releaseinfo to reflect the updated status of Windows 10 1511.

If you aren’t yet running Windows 10 1511, this would also be a great time to try it out. See https://www.microsoft.com/en-us/WindowsForBusiness/try for more information. And enroll in the Insider Preview program to try out new features that will be coming out this summer in the next Windows 10 Current Branch release.

Por el  Equipo de Office 365, 3 de febrero de 2016

De acuerdo con nuestro compromiso de ofrecer a los clientes la máxima transparencia, hemos publicado una descripción detallada de cómo los controles de Office 365 se correlacionan con los controles de seguridad, privacidad, cumplimiento y gestión de riesgos definidos en la Matriz de Controles en la Nube de la Alianza para la Seguridad en la Nube (CSA CCM, por sus siglas en inglés).

La Alianza para la Seguridad en la Nube (CSA) es una organización sin fines de lucro dirigida por una amplia coalición de profesionales de la industria, asociaciones, gobiernos y miembros de empresas y particulares, que se dedica a definir y dar a conocer las mejores prácticas que ayudan a garantizar un entorno de computación seguro en la nube. El Registro de Seguridad, Confianza y Aseguramiento (STAR) de la CSA CCM se considera el estándar de oro al realizar evaluaciones de riesgo y debida diligencia frente a los proveedores de servicios en la nube. Como parte de nuestros esfuerzos para ofrecer a los clientes un conocimiento profundo sobre nuestros controles de seguridad, cumplimiento y privacidad, publicamos periódicamente auto-evaluaciones de Microsoft Azure, Microsoft Dynamics CRM Online y Office 365.

La CCM detalla los conceptos y principios operativos relacionados con la seguridad y la privacidad que abarcan 16 dominios operacionales de TI (que se muestran a continuación). El documento de mapeo demuestra claramente cómo los controles de Office 365 abordan los conceptos operativos y recomendaciones de la CSA como se indica a continuación. Esperamos que esto le ayude a realizar eficientemente la debida diligencia de su Office 365 al evaluar Office 365, al incorporar Office 365 o al renovar sus suscripciones.

La CCM estandariza los controles y procedimientos de seguridad y gestión de riesgos operativos y pretende normalizar las expectativas de seguridad, las taxonomías y las terminologías en la nube, así como en general, mejorar las medidas de seguridad implementadas en la nube. Las respuestas de la CCM incluidas en el documento también se alinean con nuestra certificación ISO 27001, 27018 y certificaciones SOC, y están en el ámbito de los siguientes servicios de Office 365 que están alojados en los centros de datos de Microsoft:

• Exchange Online
• Exchange Online Protection
• SharePoint Online, incluyendo OneDrive para Empresas
• Skype para Empresas
• Office Online
• Infraestructura de Office Services
• Suite de Experiencia de Usuario
• Servicio de Nombres de Dominio
• Entorno de Carga de Trabajo de Seguridad

Puede descargar el documento en Office 365 Mapping of Cloud Security Alliance Cloud Control Matrix (Office 365 Mapeo de la Matriz de Controles en la nube de la Alianza para la Seguridad en la nube). Si está interesado en información relacionada con una mayor seguridad, cumplimiento y privacidad acerca de los Servicios en la Nube de Microsoft (Office 365, Microsoft Azure y Microsoft Dynamics CRM Online), regístrese en el Service Trust Portal (Portal de Servicio de Confianza)—las instrucciones para ingresar al Portal de Servicio de Confianza se encuentran en O365 Service Trust.

No dude en enviar sus opiniones y comentarios acerca de Office 365 Mapeo de CSA CCM a cxprad@microsoft.com.

—Office 365 CXP y el equipo de Confianza

Original: https://blogs.office.com/2016/02/03/how-to-assess-security-compliance-and-privacy-capabilities-in-office-365/ 

Ran into an interesting puzzle the last couple of weeks on SharePoint where a signed InfoPath form was displaying as having an invalid signature in the browser but the InfoPath client said the signature was fine.

If you are looking at an InfoPath form and that form has a digital signature, the validity of the signature is an important to know the form hasn't changed and that you can verify who has signed the form. My current customer uses this functionality a lot, and recently reported that users were getting a warning message when opening forms in the browser: "Invalid signature - The form changed after it was signed". Opening the form also gave the message"One or more digital signatures in this form could not be verified. To modify parts of the form that have been digitally signed, remove the associated signatures. Click on signatures to view its details." If you opened the form in the InfoPath client, the signature showed as valid, and in the signature details I could see the form had not changed.

I did a lot of head scratching and had to escalate this to a Microsoft colleague to help the customer figure out what was going on. We eventually figured it out and traced it to a .Net Framework patch: https://technet.microsoft.com/library/security/ms16-035. and the associated note which instructs you to add a registry key to avoid the issue with signatures erroneously showing as invalid:  https://support.microsoft.com/en-us/kb/3148821, specifically the XmlDSigXsltTransform reg key.

Update (April 8^th) - the SQL team has recently released a community technical preview, where the fix for this issue is included. Have a look at this blog post (download link there): https://blogs.msdn.microsoft.com/sqlreleaseservices/system-center-management-pack-for-sql-product-family-community-technology-preview-ctp1/

Hi all,

We're seeing more and more reported issues of the monitoringhost process taking up to 100% of the CPU (or a really high usage on machines with more than 4 cores) on servers running Windows 2008 SP2 or Windows 2008 R2 SP1, after importing SQL MP 6.6.4.0 or 6.6.2.0.

After collecting and analyzing several memory dumps of the process while the issue was occurring, we pinpointed the issue on two of the scripts from the SQL Management Pack (CPUUsagePercentDataSource.ps1 and DBDiskLatencyDataSource.ps1) that are causing the bellow .NET issue, due to a recent change on those same scripts:

High CPU in .NET app using a static Generic.Dictionary | If broken it is, fix it you should - https://blogs.msdn.microsoft.com/tess/2009/12/21/high-cpu-in-net-app-using-a-static-generic-dictionary/

To mitigate the issue, disable the following rules and monitors on the SQL 2008 MP, if that server is running SQL 2008:
Rules:
Microsoft.SQLServer.2008.DBEngine.CPUUsagePercent.Collection - MSSQL 2008: Collect DB Engine CPU Utilization (%)
Microsoft.SQLServer.2008.DBEngine.ThreadCount.Collection - MSSQL 2008: Collect DB Engine Thread Count
Microsoft.SQLServer.2008.Database.DiskReadLatency.Collection - MSSQL 2008: Collect DB Disk Read Latency (ms)
Microsoft.SQLServer.2008.Database.DiskWriteLatency.Collection - MSSQL 2008: Collect DB Disk Write Latency (ms)

Monitors:
Microsoft.SQLServer.2008.DBEngine.CPUUsagePercentMonitor: CPU Utilization (%)
Microsoft.SQLServer.2008.DBEngine.ThreadCountMonitor: Thread Count
Microsoft.SQLServer.2008.Database.DiskReadLatencyMonitor: Disk Read Latency
Microsoft.SQLServer.2008.Database.DiskWriteLatencyMonitor: Disk Write Latency

If the server is running SQL 2012, please disable the following rules and monitors:
Rules:
Microsoft.SQLServer.2012.Database.DiskReadLatency.Collection - MSSQL 2012: Collect DB Disk Read Latency (ms)
Microsoft.SQLServer.2012.Database.DiskWriteLatency.Collection - MSSQL 2012: Collect DB Disk Write Latency (ms)
Microsoft.SQLServer.2012.DBEngine.CPUUsagePercent.Collection - MSSQL 2012: Collect DB Engine CPU Utilization (%)
Microsoft.SQLServer.2012.DBEngine.ThreadCount.Collection - MSSQL 2012: Collect DB Engine Thread Count

Monitors:
Microsoft.SQLServer.2012.Database.DiskReadLatencyMonitor - Disk Read Latency
Microsoft.SQLServer.2012.Database.DiskWriteLatencyMonitor - Disk Write Latency
Microsoft.SQLServer.2012.DBEngine.ThreadCountMonitor - Thread Count
Microsoft.SQLServer.2012.DBEngine.CPUUsagePercentMonitor - CPU Utilization (%) 

In the meantime and since the issue is related with PowerShell, I’ve recommended some of my customers to upgrade it to the latest version (4.0) and since then, they didn’t report the issue back (even after enabling the rules and monitors again):
Download Windows Management Framework 4.0 from Official Microsoft Download Center - https://www.microsoft.com/en-gb/download/details.aspx?id=40855

The SQL Management Pack engineering team already made a fix for this, which is to force these scripts to run in PowerShell 2.0 context: the fix will be included in the next public release of the SQL MP.

Hope this helps!

Best regards,

Recently submitting this as an article and wanted to share it on my blog in case it might help anyone.

Back in November of 2014 Microsoft announced the availability of Network Security Groups. In my day job I still find many people not knowing about Network Security Groups or not using them. Prior to network security groups all Access Control Rules (ACLs) were defined on the virtual machine itself. Network Security Groups came in providing a way to segment within a Virtual Network and control traffic that comes in and out of Virtual Machines but also subnets. This is critical when talking about multi-tiered applications. You can see the general idea in Figure 1. In this example the end user has access through the internet to the DMZ Subnet. This subnet would contain your front end web applications that the end users connect to. Data into this subnet would be filtered within an NSG, most likely you would allow http, and https traffic into this subnet, but not allow other ports that would not be necessary. From there the systems in the DMZ subnet can talk to the application subnet systems, these are your application servers that host your business processes and logic and the applications that talk directly to the database. Finally, the systems in the Application Subnet can talk to the systems in the data subnet, this would be port 1433 for example to talk to a SQL backend. In this diagram we show that there is blocked traffic between the DMZ subnet and the data subnet, this keeps the different components of the application separated. This also ensures that end users can not directly talk to the systems in the data subnet.

Figure 1 NSG Example

The rules defined on an NSG are comprised of multiple components:

Source IP– This is a single IP or a range subnet of IPs in CIDR notation that the traffic will be allowed or denied from.

Source Port– A single port or multiple ports from the source that will be allowed or denied

Destination IP - This is a single IP or a range subnet of IPs in CIDR notation that the traffic will be allowed or denied to.

Destination Port– A single port or multiple ports to the destination that will be allowed or denied

Protocol – The protocol to be allowed or denied (i.e TCP or UDP)

Priority– This is the order in which the rule will be applied, similar to Group Policy Objects if you are familiar with those.

These components along with traffic direction and access will be defined on all of the rules configured within a Network Security Group.

One thing to note with NSG’s is that are tied to a region so if you have resources in multiple regions you must create multiple NSGs.

Ok so now that you know a little bit about Network Security Groups, let’s create one!

First thing we must do is make sure we have the latest Azure PowerShell cmdlets which can be downloaded from here. https://azure.microsoft.com/en-us/downloads/. At the time of writing this article the version should be 1.0.4.

Another item to keep in mind while following these instructions is I have opted to leverage Azure Resource Manager or ARM to deploy my resources, this is the new format that will be used and is taking the place of the older Service Management cmdlets. These cmdlets are denoted with “RM” in the cmdlet. (i.e Add-AzureRMAccount)

Once the module has been downloaded it is time to start making some magic. Run the following PowerShell commands in a script or PowerShell ISE. You will replace the Subscription name with your own subscription name. This PowerShell code will launch a login screen and allow you to login. One thing to keep in mind this is specific for Public Azure, if you are using Azure for Government you will have to add the Environment yourself (not covered in this article).

# Imports Azure Module

Import-Module Azure -Force

# Gets the environment for Public Azure

$env = Get-AzureRMEnvironment -Name AzureCloud

# Prompts for credentials based on that environment

Add-AzureRMAccount -Environment $env

# Selects the subscription to use.

Select-AzureRMSubscription -SubscriptionName "<Your Subscription Name Here>"

Now that you are in PowerShell and logged into your subscription we can continue, first thing we should do is create a Resource Group. Give the resource group a name and choose a location, this location as mentioned prior is important as the NSG we create will need to live in the same region.

# Creates a Resource Group to put our NSG in.

New-AzureRmResourceGroup -Name "ExampleVNETRG" -Location "East US"

Now we will create the Virtual Network, to keep your Azure environment clean we will create a new Virtual Network in our new resource group so it can be easily removed once you are done. Define your subnets, in this case my Virtual Network only has two subnets. The second command this piece of code does it create the virtual network with the subnets defined in the Subnet configs.

# Creates config for sample Subnet

$subnet1 = New-AzureRmVirtualNetworkSubnetConfig -Name "Subnet1" `

-AddressPrefix "192.168.1.0/25" `

$subnet2 = New-AzureRmVirtualNetworkSubnetConfig -Name "Subnet2" `

-AddressPrefix "192.168.1.128/25" `

# Creates Virtual Network in Resource Group with subnet defined prior

New-AzureRmVirtualNetwork -Name ExampleVnet `

-ResourceGroupName ExampleVNETRG `

-Location "East US" `

-AddressPrefix "192.168.1.0/24" `

-Subnet $subnet1,$subnet2

Now we have our Virtual Network defined with two different subnets we can start to work on our Network Security Group rules. We will create 2 rules one for http traffic and one for https traffic, rules work for individual ports or port ranges, hence the reason for the two rules.

#First rule for http traffic

$httprule = New-AzureRmNetworkSecurityRuleConfig `

-Name "FrontEnd_HTTP" `

-Description "HTTP Exception for Web frontends" `

-Protocol Tcp `

-SourcePortRange "80" `

-DestinationPortRange "80" `

-SourceAddressPrefix "*" `

-DestinationAddressPrefix "192.168.1.0/25" `

-Access Allow `

-Direction Inbound `

-Priority 200

# Second rule for https traffic

$httpsrule = New-AzureRmNetworkSecurityRuleConfig `

-Name "FrontEnd_HTTPS" `

-Description "HTTPS Exception for Web frontends" `

-Protocol Tcp `

-SourcePortRange "443" `

-DestinationPortRange "443" `

-SourceAddressPrefix "*" `

-DestinationAddressPrefix "192.168.1.0/25" `

-Access Allow `

-Direction Inbound `

-Priority 201

Now that we have the configs created for the 2 rules we can create the NSG with the two security rules defined prior with the code below.

# Creates a NSG based on the rules defined prior

$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName ExampleVNETRG -Location "East US" -Name "NSG-Example" `

-SecurityRules $httprule,$httpsrule

Creating the NSG is just one step we also have to apply the NSG to a subnet. The below code grabs the Virtual Network we created earlier and applies the NSG to the Virtual network, specifically Subnet1.

# Gets the Virtual network and applies the rules to the subnet created earlier.

$vnet = Get-AzureRmVirtualNetwork -ResourceGroupName ExampleVNETRG -Name ExampleVnet

Set-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name "Subnet1" `

-AddressPrefix 192.168.1.0/24 -NetworkSecurityGroup $nsg

The changes to the virtual network we created in the previous step just made the changes offline, we not have to update the virtual network with the following command

# Updates the Virtual Network in Azure

Set-AzureRmVirtualNetwork -VirtualNetwork $vnet

And that’s it, now any virtual machine that you put in Subnet1 will get the rules we defined above, you could add more rules and apply them later. Keep in mind if you define endpoints on your virtual machine NSG rules will override them, so for instance if you open up port 80 on an endpoint in a virtual machine, and have an NSG applied to the VM or the Subnet the VM is in and there is no allow rule for 80 traffic will not make it to the virtual machine.

Now that we have created the resources, let’s take a quick look at our Resource Group in the new Azure Portal. Here you can see the Resource Group with the NSG.

And next if we look into our NSG and look at the inbound rules and can see the rules we created.

Once you are done you can easily remove everything we created by running the following command. This is one of the best parts of deploying resources with Resource Manager, is the ease of removing and adding resources.

Remove-AzureRmResourceGroup -Name ExampleVNETRG -Force

ISSUE:

When syncing with Next Generation Sync Client, users receive the message:

"There was a problem connecting to OneDrive.  Check your Internet connection, and then try again".

Or

"There was a problem signing you in.  There's a problem with your account.  To learn how to fix this problem, go to OneDrive.com and sign in.  After you fix the problem, try again".

CAUSE:

Olá Comunidade TechNet Wiki!

Meu nome é Alan Carlos e trago a vocês as notícias do TechNet Wiki!

No dia 11 de Junho de 2016, acontece um dos maiores encontros sobre desenvolvimento de software do país. O Visual Studio Summit 2016, que acontece no Quartel General da Microsoft em São Paulo!

São mais de 20 palestras com os maiores profissionais do mercado, inclusive integrantes do time do TechNet Wiki, abordando diversos temas técnicas, boas práticas, novidades técnicas do mercado e tendências.

Não fique de fora desse incrível encontro que proporcionará a você conhecimento, networking profissional, networking social com os Wiki Ninjas, MVPs, PFE Microsoft e Consultores especializados.

Participe!!!!!

Acesse o link e faça sua inscrição: http://www.visualstudiosummit.com.br/

Aproveite e capacite-se acessando o Portal do TechNet Wiki e lendo os artigos relacionados à Visual Studio, ALM, DevOps, e mais!

Alan Carlos
TechNet Wiki Ninja

Twitter | Blog | Facebook | Perfil