MEM – Demystifying Edge legacy and Edge Chromium profiles

MEM – Demystifying Edge legacy and Edge Chromium profiles

by | Nov 19, 2020 | Technology

This article is contributed. See the original author and article here.

 


EdgeCh-Le.gif


Hello IT Pros,


When we apply different Edge Profiles in MS Endpoint Manager, we may get a little bit of confusion on what Edge types applied to what Endpoint configuration profiles. In this article, I would like to clear the mist covered Edge and its application. Also, we will make Edge Chromium and Legacy run parallelly on the same Windows 10 systems.


I summarize the difference of Edge’s types and Edge’s usage in the following table:


























EdgeHTML is the original Edge (Edge version 45 and earlier)

Other name: Edge Legacy, Edge classic


Source code is written in C++, support web standard (HTML5, Web SQL, WebGL) and interoperability with other modern browser.


Released on 6-2015 with version 19.10149 for Windows 10 mobile and version 20.10158 for desktop.


Microsoft plans to provide security patches for legacy Microsoft Edge until March 9, 2021

Edge Chromium


(Edge version 77 and later)

Other name:


It uses the same rendering engine as Google Chrome but with enhancements developed by Microsoft.


Supported OS: Windows 7, 8.1, 10, macOS


Edge Chromium for Linux OS is in preview, starting 10-20-2020


 

To Run Edge Legacy and Edge Chromium side-by-side


 

By default Edge Legacy is hidden when you upgrade it to Edge Chromium. To make both Edges available, adding the following registry key before you do the upgrade to Edge Chromium:


Enable Side-by-side experience using Registry Editing


TanTran_1-1605843437785.png

 


HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoft


Right-click on the Microsoft folder, and create a new key with name EdgeUpdate, Create a new 32-bit DWORD with the name Allowsxs and set its value as 1


 


 


For the best experience, the Allow Microsoft Edge Side by Side browser experience should be enabled before the new version of Microsoft Edge is deployed


Microsoft Edge Legacy will need to be re-pinned to Start or the Taskbar.


Sites that were pinned to Start or the Taskbar for Microsoft Edge Legacy will be migrated to the new version of Microsoft Edge.

Managing Edge Legacy in Endpoint Manager (Intune)

Using Endpoint Manager admin centerWindowsconfiguration profiledevice restrictionMicrosoft Edge browser


TanTran_2-1605843437793.png

 

Managing Edge Chromium in Endpoint Manager


 

Using Endpoint Manager Admin CenterWindowsAdministrative template profile


TanTran_3-1605843437802.png

 


 

Examples:


Using Endpoint Manager, Configuration Profile to set different home pages, startup pages for Edge legacy and Edge Chromium to run parallelly on the same device:


Prerequisite: Make sure the registry key was set to allow running both Edge browsers at the same time as per the above section detail.



  1. Create the Endpoint ManagerDevicesWindows 10 or later platform with Administrative Template profile contained the following settings:


TanTran_4-1605843437810.png


 


TanTran_5-1605843437816.png


Setting to open multiple brower ‘s tabs


202.png



  1. Create the Endpoint ManagerDevicesDevice Restriction for Windows 10 or later platform.


         Choose Microsoft Edge Browser


 


201.png



  1. The two profiles now shown in Endpoint Manager admin center:


204.png



  1. Testing and Result:


Edge chromium result with correct home pages and multiple tab and web pages opened simultaneously at start:


 

TanTran_17-1605843834639.png


 


 


Edge legacy result with multiple opening tab and web pages according to your Endpoint Manager’s  configuration profile settings:


     


TanTran_18-1605843880730.png


 


 


I hope the information is useful.


Thanks for viewing, until next time.


Reference:



 

MEM – Demystifying Edge legacy and Edge Chromium profiles

Microsoft Endpoint Manager – Demystifying Edge legacy and Edge Chromium profiles

by | Nov 19, 2020 | Technology

This article is contributed. See the original author and article here.

 


EdgeCh-Le.gif


Hello IT Pros,


When we apply different Edge Profiles in MS Endpoint Manager, we may get a little bit of confusion on what Edge types applied to what Endpoint configuration profiles. In this article, I would like to clear the mist covered Edge and its application. Also, we will make Edge Chromium and Legacy run parallelly on the same Windows 10 systems.


I summarize the difference of Edge’s types and Edge’s usage in the following table:


























EdgeHTML is the original Edge (Edge version 45 and earlier)

Other name: Edge Legacy, Edge classic


Source code is written in C++, support web standard (HTML5, Web SQL, WebGL) and interoperability with other modern browser.


Released on 6-2015 with version 19.10149 for Windows 10 mobile and version 20.10158 for desktop.


Microsoft plans to provide security patches for legacy Microsoft Edge until March 9, 2021

Edge Chromium


(Edge version 77 and later)

Other name:


It uses the same rendering engine as Google Chrome but with enhancements developed by Microsoft.


Supported OS: Windows 7, 8.1, 10, macOS


Edge Chromium for Linux OS is in preview, starting 10-20-2020


 

To Run Edge Legacy and Edge Chromium side-by-side


 

By default Edge Legacy is hidden when you upgrade it to Edge Chromium. To make both Edges available, adding the following registry key before you do the upgrade to Edge Chromium:


Enable Side-by-side experience using Registry Editing


TanTran_1-1605843437785.png

 


HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoft


Right-click on the Microsoft folder, and create a new key with name EdgeUpdate, Create a new 32-bit DWORD with the name Allowsxs and set its value as 1


 


 


For the best experience, the Allow Microsoft Edge Side by Side browser experience should be enabled before the new version of Microsoft Edge is deployed


Microsoft Edge Legacy will need to be re-pinned to Start or the Taskbar.


Sites that were pinned to Start or the Taskbar for Microsoft Edge Legacy will be migrated to the new version of Microsoft Edge.

Managing Edge Legacy in Endpoint Manager (Intune)

Using Endpoint Manager admin centerWindowsconfiguration profiledevice restrictionMicrosoft Edge browser


TanTran_2-1605843437793.png

 

Managing Edge Chromium in Endpoint Manager


 

Using Endpoint Manager Admin CenterWindowsAdministrative template profile


TanTran_3-1605843437802.png

 


 

Examples:


Using Endpoint Manager, Configuration Profile to set different home pages, startup pages for Edge legacy and Edge Chromium to run parallelly on the same device:


Prerequisite: Make sure the registry key was set to allow running both Edge browsers at the same time as per the above section detail.



  1. Create the Endpoint ManagerDevicesWindows 10 or later platform with Administrative Template profile contained the following settings:


TanTran_4-1605843437810.png


 


TanTran_5-1605843437816.png


Setting to open multiple brower ‘s tabs


202.png



  1. Create the Endpoint ManagerDevicesDevice Restriction for Windows 10 or later platform.


         Choose Microsoft Edge Browser


 


201.png



  1. The two profiles now shown in Endpoint Manager admin center:


 

   



  1. Testing and Result:


Edge chromium result:


 

TanTran_17-1605843834639.png


 


 


Edge legacy result:


     


TanTran_18-1605843880730.png


 


 


I hope the information is useful.


Thanks for viewing, until next time.


Reference:



 

Released: General Availability of Microsoft.Data.SqlClient 2.1

by | Nov 19, 2020 | Technology

This article is contributed. See the original author and article here.

We have released for general availability Microsoft.Data.SqlClient 2.1. This .NET Data Provider for SQL Server provides general connectivity to the database and supports all the latest SQL Server features for applications targeting .NET Framework, .NET Core, and .NET Standard.

 

To try out the new package, add a NuGet reference to Microsoft.Data.SqlClient in your application.

 

If you’ve been following our preview releases, you know we’ve been busy working to add features to and improve the experience when taking a dependency on the Microsoft.Data.SqlClient library.

 

Some of the highlights of new features over the 2.0 release of Microsoft.Data.SqlClient include:

  • Support for Always Encrypted on all supported platforms for .NET Standard 2.0 [Read more]
  • Support for Always Encrypted with secure enclaves on Unix/macOS for .NET Core 2.1+ and on all supported platforms for .NET Standard 2.1+ [Read more]
  • Support for Azure Active Directory Device Code Flow authentication [Read more]
  • Support for Azure Active Directory Managed Identity authentication [Read more]
  • Numerous bug fixes and performance improvements

For the full list of added features, fixes, and changes in Microsoft.Data.SqlClient 2.1, please see the Release Notes.

 

Again, to try out the new package, add a NuGet reference to Microsoft.Data.SqlClient in your application. If you encounter any issues or have any feedback, head over to the SqlClient GitHub repository and submit an issue.

 

David Engel

 

 

Bringing personal features in Microsoft Teams to desktop and web—now available in preview

Bringing personal features in Microsoft Teams to desktop and web—now available in preview

by | Nov 19, 2020 | Uncategorized

This article is contributed. See the original author and article here.

Bringing personal features in Microsoft Teams to desktop and web—now available in preview

By Arjun Tomar, Product Marketing Manager, Microsoft 365

Since the outbreak of COVID-19, it’s become a challenge for many of us to balance the various aspects of our lives. Whether it’s our jobs, homeschooling our kids, or coordinating virtual meetups with friends, managing all of this on a daily basis can get stressful. As a result, tools that help us stay on track and free up time for recharging have become more and more critical. Ever since we expanded Microsoft Teams beyond work and school and announced the preview of personal features in the Teams mobile app, I have found it helpful to organize and plan activities in my day-to-day life. From using tasks to track my grocery shopping list to scheduling virtual birthday celebrations, Teams has become my all-in-one hub for organizing my personal life.

Today, we are excited to announce the preview of more new personal features in Teams that will make it even easier to manage and plan your days. To begin with, you can now add your personal account in the Teams desktop or web app to chat with or call friends and family. With group chat and video calling now available on both desktop and mobile, connecting and organizing with loved ones will be easier than ever before, especially with holidays around the corner. We are also adding new features in preview in the Teams mobile app, such as the ability to chat with friends or family who don’t have Teams on their phones1, location alerts that let you know when someone leaves or arrives at designated locations2, and more.

Chat and call friends and family—right from your desktop

Since most people started working from home, the time we spend on our computers has risen dramatically. If you use your computer to send work emails and your phone to chat with friends and family, it can become difficult to keep track of incoming messages across all your devices. We want to make it easier for you to stay on top of your important communications—across your work and personal life—without having to constantly switch between devices. Now, you can add your personal account in the Teams desktop or web app and sync all your chats to your computer so you can carry on conversations on whatever device you prefer. Plus, you can use the Teams desktop or web app to call friends and family, even if they don’t have Teams installed, making it easier to connect with loved ones during the holidays. Your work and personal accounts open in different windows or browser tabs on your computer, making it easy to keep them separate.

The following features are now available in preview in the Teams desktop and web apps, with more features coming soon:

  • Start a personal chat or create a group chat with up to 250 people.
  • Seamlessly sync your existing chats from your phone to your computer and carry-on conversations on the device of your choice.
  • Talk all day for free with friends and family via video or audio calls.3
  • Share video meeting invites with anyone, even if they don’t have Teams, and see up to 49 of your friends and loved ones in one frame in Gallery view or Together mode.
  • Upload and share photos and videos from your computer in any personal or group chat.

To start using personal features in Teams on your computer, follow these steps:

  • If you are new to Teams, download the Teams desktop app and sign in with a personal Microsoft account or create a new one to get started.
  • If you currently use the Teams desktop app at work, click on your profile picture on the top-right corner and select ‘Add personal account’. Upon successful login, Teams will launch a new window containing your personal chats and groups so it’s easy to switch between your work and personal accounts.
    • Note: We are slowly rolling out the option to add a personal account to existing commercial users. So, if you don’t see this option to add your personal account, you may have to wait until your app is updated or for your IT admin to enable it within your organization.
  • If you want to use the personal features in Teams in your web browser, go to this link and sign in or create a new personal Microsoft account to get started.

While you can use the Teams desktop and web apps to chat with or call friends and family, we are working on bringing all the other personal features available in the Teams mobile app to desktop and web soon.

Adding more features in preview on the Teams mobile app

We are also introducing new features in preview in the Microsoft Teams mobile app to make it easier to stay connected with loved ones.

Chat with people in Teams, even if they are not using the app

When starting a group chat with your friends or family, you shouldn’t have to worry about whether they will miss your chats if they don’t have Teams. This is why we are previewing a new feature on our Teams iOS and Android apps that allows you to chat with contacts who don’t have Teams installed on their phones. Simply type a contact’s name or phone number to add them to a group chat and, if they are not on Teams, they can receive and send replies to the group via SMS, keeping the conversation flowing1. SMS participants will also get a link to download the Teams app on their phone making it easy to get started on Teams and take full advantage of rich media messaging and chat via GIFs, images, or videos.

This feature is available in preview for users in the US and Canada. You can learn more about this feature here.

Get notified when loved ones leave or arrive at a location

As we all begin to responsibly step out of our homes, we are releasing new location features in preview that will make it easier for your loved ones to receive updates about your physical whereabouts. Starting today, you can allow your loved ones to receive automatic alerts whenever you leave or arrive at a designated location2. So, if you are stepping out of your home on a daily basis, you can choose to let your family get automatic departure or arrival alerts so that they know when you will be back home.

In addition to these, we are also introducing the following new mobile features:

  • Add group events from your chats to your device’s calendar.
  • Get task and location updates in your activity feed.
  • Add a photo to your personal Safe.

The new features have started to roll out in preview on the Teams mobile app and will be fully rolled out in the coming weeks. To get started, download the Teams mobile app from the iOS or Android app store.

We are excited about continuing to preview more features in Teams that make it easier for you to organize and manage your personal life. While today is another step in that direction, we are continuing our efforts to bring even more features to you across all devices as we work towards making these features generally available. As always, we value your inputs during this journey, and we look forward to receiving your feedback.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

Introducing New Policy Reports & more in Microsoft Endpoint Manager Reporting

Introducing New Policy Reports & more in Microsoft Endpoint Manager Reporting

by | Nov 19, 2020 | Technology

This article is contributed. See the original author and article here.

By: Laura Arrizza – Program Manager and Spencer Shumway – Program Manager | Microsoft Endpoint Manager – Intune


 


We are introducing two new reports in the policy configuration space within Microsoft Endpoint Manager to help IT admins troubleshoot where failures may occur across their device configuration profiles and compliance policies. You will be able to use the two reports to see where conflicts and errors are occurring, with the ability to narrow it down to the device and setting level to identify where the issues lie.


 


In addition, there are a few general reporting infrastructure announcements that customers should be aware of when using all new reports. We’ve called these out at the end of this blog post.


 


Contents:



 


New Policy Operational Reports


Customers can navigate to the “Monitor” section under the “Devices” node to see two new operational reports under the Configuration and Compliance headers. The “Assignment failures (preview)” report shows device configuration data, and the “Noncompliant policies (preview)” report shows compliance policy data.


 


Figure 1. Monitor | Assignments failures (preview)Figure 1. Monitor | Assignments failures (preview)


Both reports follow a similar structure where the first view of the report shows the list of policies in your environment and the count of devices in a state of failure. The “Assignment failures” report shows the aggregate number of devices in a state of error or conflict, with the ability to filter by profile type and platform. The “Noncompliant policies” report shows the aggregate number of devices in a state of noncompliant or error, with the ability to filter by platform.


 


Figure 2. Monitor | Noncompliant policies (preview)Figure 2. Monitor | Noncompliant policies (preview)


Throughout both reports, you can use the upgraded grid controls to search, sort, and filter across all the records. We have included easier page controls and faster export to a zip file containing the csv records of the report view. In addition, the records will be updated automatically to refresh the data within approximately 20 minutes.


 


Figure 3. Monitor | Assignment failures (preview) overviewFigure 3. Monitor | Assignment failures (preview) overview


From the first view of the report, you can select the policy or profile that has devices in a failure state. This will navigate to the second level of the report showing the list of device/user combinations that are in the failure state with its status. The number of records in view may be higher than the first aggregate since the records are based on a per device per user basis.


 


Admins have the same capabilities for the upgraded grid controls on this view and the ability to export the information locally. The report can also add extra columns to see extended Azure AD user information or device ID information.


 


Figure 4. Assignment failures - Android EnterpriseFigure 4. Assignment failures – Android Enterprise


After viewing the devices and users in failure, you can select the device/user record to view all the settings applied on the device from the selected policy. Here, admins can easily see which settings are in an error or conflict state which is causing failure in the first place. Selecting the setting record will open the setting details context pane which provides more insight into troubleshooting. If the setting is in a state of error, the error code can help identify what the error is. If the setting is in a state of conflict, the “source profiles” table can help identify which other profiles are causing the conflict.


 


Figure 5. Profile Setting ErrorFigure 5. Profile Setting Error


Overall, the new reports aim to help streamline the troubleshooting process for admins to identify where failures are occurring across their policies and drill down to the setting level to understand how to mitigate.


 


Known Issues in Public Preview


The new reports are available in public preview with some known issues that the team will work out before removing the preview tags. See below:



  • Administrative template profiles are not supported in the Assignment Failures report.

  • Certificate profile types will have settings may appear as “#” in the report view. Work is in progress on how to report status for certificate profiles.  

  • Specific RBAC roles have access to the reports:

    • Global administrator

    • Profile Manager (Built in Role)

    • Compliance Read-Only Admin



  • If an admin creates a new scope tag to be applied to the reports, it can take up to 24 hours for the scope tag to take effect. In that time, the policies that are affected by the scope tag may be removed from view in the interim period.

  • The setting details pane on the third level of the reports currently only show the error code information if the setting is in error. The string version for the “Error details” is not yet available.


 


Existing Policy Reports and Roadmap


These two new reports are part of the effort to improve the policy reports across the console. As these are additive reports with fresher data, the records and numbers shown across the console in existing reports may be slightly different (i.e., “Assignment Status” and “Policy Compliance” reports) We encourage you to try out the new reports and use the existing ones for additional information.


 


You will continue to see improvements to the policy reporting space over the next few months. This includes adding security baseline and endpoint security records to the new “Assignment Failures” report, replacing older reports with new organizational ones, and ensuring consistency across the console.


 


Stay tuned for more updates on the What’s New and through this TechCommunity blog!


 


Reporting Announcements for Upcoming Changes:



  • Change to the default columns in Devices Export API call

  • Localization changes for data export

  • New Azure Monitor diagnostic setting that maps the Devices list


 


Change to the default columns in Devices Export API call


NOTE: This change only affects those using our new Reporting Export Graph API without any column selections. UI export, which is the more typical way to export the All Devices list, is not affected by this upcoming change.


 


When you make a request with no select columns provided:


{“reportName: “Devices”, “filter: “”, “select: “” }


 


you will receive the default column set. This default column set for the devices report contained some columns that were either not user friendly, not useful, or confusing. We will be removing those columns from the default column list starting December 2020. The columns being removed are listed here:


 


















PhoneNumberE164Format 

_ComputedComplianceState 

_OS 

OSDescription 

 


These columns will still be available for selection if you need them, but only explicitly, and not by default. If you have built automation around the default columns of the device export when using the exportJobs API, and that automation uses any of these columns, you need to refactor your processes to explicitly select these and any other relevant columns like this:


 


{“reportName: “Devices”, “filter: “”, “select: [“PhoneNumberE164Format“, “_ComputedComplianceState“, “_OS“, “OSDescription“]} 


 


Localization changes for data export


As many customers have noticed, we provide localized and non-localized column information with almost all report exports. It looks something like this for any given column that contains localizable data:


 






























































ComplianceState 

ComplianceState_loc 

0 

Not evaluated 

0 

Not evaluated 

2 

Not compliant 

0 

Not evaluated 

2 

Not compliant 

2 

Not compliant 

0 

Not evaluated 

0 

Not evaluated 

0 

Not evaluated 

2 

Not compliant 

0 

Not evaluated 

0 

Not evaluated 

2 

Not compliant 

 


The human readable/localized values are provided in the _loc column, while the actual column contains the enum/dev string values. These enum/dev string values are used to interact with the API and are less likely to change, which make them ideal for automation.


 


In contrast to this approach, we have a few export experiences that provide only the human readable/localized string data, which looks like this:


 
















































OS 

Windows 

Windows 

Windows 

Windows 

Windows 

Android 

Android 

Android 

Android 

iOS 

iOS 

iOS 

iOS 

 


We recognize that some customers prefer this approach, especially to avoid column re-mapping when taking data to external tools/sources for reporting.


 


Currently there is no way to configure which experience you will receive in regard to localization, as each report has a built-in default behavior that remains static. In the future, we are working to add the capability to specify the localization experience you prefer. If you have strong thoughts or feelings about what the new behaviors and defaults should be, or have existing issues with localization, just respond back on this blog post or tag @IntuneSuppTeam out on Twitter!


 


New Azure Monitor diagnostic setting that maps the Devices list


We have recently enabled a new Azure Monitor Diagnostic setting called Devices for our internal testing. This testing precedes the release of a new Devices category that maps to the All Devices list in Microsoft Endpoint manager admin center. While the setting is visible and can be configured, we will not publish data to your Azure monitor subscription until we officially enable the setting early next year. We do not recommend enabling this setting until that time. As always, let us know if you have questions on this setting by replying back on this post or tagging @IntuneSuppTeam out on Twitter!


 


Total reports supported by our new infrastructure:






































































New report 

Sprint Released (YYMM) 

Non-compliant devices operational report (Devices > Monitor) 

1911 

Device Compliance organizational report (Reports > Device Compliance) 

1911 

Device compliance trends report (Reports > Device Compliance) 

1911 

Device compliance logging 

1911 

New Devices List - With upgraded controls for search, sort, filter, export and with better performance 

2003 

New Devices List in EDU console - With upgraded controls for search, sort, filter, export, and with better performance 

2005 

Antivirus agent status organizational report (Reports > Microsoft Defender Antivirus (Preview)) 

2009 

Antivirus agent status operational report (Endpoint security > Antivirus) 

2009 

Detected malware organizational report (Reports > Microsoft Defender Antivirus (Preview)) 

2009 

Detected malware operational report (Endpoint security > Antivirus) 

2009 

Group policy migration readiness organizational report (Reports > Group policy analytics (Preview)) 

2009  


 

Windows 10 feature updates organizational report (Reports > Windows updates (Preview)) 

2010 

Windows 10 feature updates operational report (Devices > Monitor) 

2010 

Noncompliant policies (Devices > Monitor) 

2011 

Assignment failures (Devices > Monitor) 

2011 

 


Let us know if you have any additional questions on this by replying back to this post or tagging @IntuneSuppTeam out on Twitter.