by Contributed | Dec 23, 2020 | Technology
This article is contributed. See the original author and article here.
When calling a REST API service with a JSON payload from Logic Apps, Logic Apps reorders JSON elements alphabetically, while some services expects the elements to be in a fixed order causing the service call to fail with an error.
This behavior happens when constructing the JSON payload inside a compose action or the HTTP action body field; after save, the elements are automatically reordered alphabetically.
The standard definition of a JSON object is:
An object is an unordered collection of zero or more name/value pairs, where a name is a string and a value is a string, number, boolean, null, object, or array.
For Example:
A service expects the following JSON object:
{
“Name”: “XXX XXXX”,
“Age”: “XX”
}
Logic Apps reorder the elements of the JSON object to become as follows:
{
“Age”: “XX”,
“Name”: “XXX XXXX”
}
To workaround this, please use the following steps:
- Use Variables – initialize variable action to initialize a string variable setting the value to the JSON object string.
- Use the initialized variable as the body for the HTTP action calling the service.
Your workflow should look as follows:
by Contributed | Dec 23, 2020 | Technology
This article is contributed. See the original author and article here.
Hello all! This is Chris Cartwright from Directory Services. I had a coworker, Eric Jansen, reach out to me from the field and ask about an incident on site he was looking into a scenario where “the PDCE (Primary Domain Controller Emulator) and DNM (Domain Naming Master) mysteriously moved…” to a DC in another site. He said what was weird was who the logs said performed it. He also said that the other site used their own procedures to build their DCs, which apparently included using Windows Servers Essentials for the base OS. Now, I have never heard of anyone doing that in an enterprise environment, but it got us curious…
Administrators are running the beautiful, pristine Contoso domain forest, (with 2 DCs of course…because two is one, and one is none!). They were built with Windows Server 2012 R2 Datacenter. They know that the FSMOs are still on the first DCs built, and can see that by running “netdom query fsmo“:
One day, Contoso-HQ has a new subsidiary, Tailspin Toys that needs Active Directory services for their store. Per Contoso’s Organizational Policy, this company will exist on the same domain, and they have authorized admins at that site to promote the new DCs for that site. In preparation for this, the Contoso admins create the site and subnets for the new company’s location.
30 days go by and the admins at Contoso notice something odd:
The problem is…nobody authorized that change. They call the admins at Tailspin Toys and asked if they knew anything about this, and they didn’t…. Not good.
So, the first thing that they did was figure out when the change occurred. To do that they used Repadmin.exe with the /ShowObjMeta switch, to see when the FSMORoleOwner attribute changed for the roles that they were interested in. The timestamp for the last modification to that attribute can be found by looking at the object metadata for that attribute at the following DN locations (for each respective role):
- RID Master – “cn=Rid Manager$,cn=system,dc=contoso,dc=com”
- Infrastructure Master – “cn=infrastructure, dc=contoso,dc=com”
- PDC Emulator – “dc=contoso,dc=com“
- Domain Naming Master – “cn=partitions,dc=configuration, dc=contoso,dc=com“
- Schema Master – “cn=schema,dc=configuration, dc=contoso,dc=com“
In this case, they were interested in the Domain Naming Master, and the PDCE Emulator role movements operations.
Once the Contoso Admins figured out when the role was moved and where the change originated from, they now know where to start their search in the event logs. With that said, the Contoso admins transfer the roles back, and then start digging through the logs.
They find these two events in the Directory Services logs on ContosoDC1:
(PDC)
(Domain Naming Master)
So, the change did come from ContosoDC3, but the admins know that they can look at the logs on DC3 to see what user account initiated this, because it’s listed with “User.”
So, they take a look at ContosoDC3…but what they see isn’t exactly what they expected:
The user is SYSTEM. Has ContosoDC3 become self-aware? Should we expect robots from the future? The administrators continue digging, now focusing on the security logs during the same timeframe. At 8:54:35 PM, the same time that they saw the roles move in the Directory Services log, they now find the following in the security logs on ContosoDC3:
Note the Login ID…
This log entry continued…
This event looks interesting. “An operation was performed on an object.” The operation in this case was a “Change PDC Operation” (https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/99dd371d-9ede-417f-beb1-a065c10ef68f)
This just goes to show how important it is to have proper auditing in place...you DO have proper auditing setup, enabled, and verified in your environment, don’t you? If not, I suggest you take a look at Michael Hildebrand’s blog that discusses this in more detail, here.
So, what happened? Well, answering that would have taken a little more logging. Procmon, for example, would have shown that the source port used above came from the silsvc.exe process on the same server.
So, what is this silsvc.exe you ask? That’s the Server Infrastructure Licensing Service, and fortunately, it has its own log:
And the final nail in the coffin is the very next event – “The Correction”
To sum everything up, do not put Windows Server Essentials into an existing large enterprise – it was never meant to co-exist, and all of the folks (at least that I talked to in both CSS and PFE) had never seen this scenario before. In the real-world scenario where this happened, those remote ‘spoke site’ DC’s were only meant to be stood up temporarily, and they were. They were stood up just long enough for the compliance threshold to be met, which moved the roles unknowingly to the ‘spoke site’, and the next day those DC’s were taken offline permanently. It just happened that those DC’s were removed on a Friday afternoon and the repercussions weren’t felt until the following week.
We tested this with Server 2012 R2 Essentials and Server 2016 Essentials while manually moving the time forward and saw the same results. Server 2019 Essentials has the same warning, however we were unable to reproduce the issue just by simply moving the time 30 days into the future:
So, it’s being tested the old-fashioned way, and we’ll update on that later in 2021!
by Contributed | Dec 23, 2020 | Technology
This article is contributed. See the original author and article here.
Why not use some of the upcoming days to learn something new? Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response. To get started and learn more about Azure Sentinel, we now have a full learning path on Microsoft Learn.
Cloud-native security operations with Azure Sentinel Learning Path on Microsoft Learn
This learning path describes basic architecture, core capabilities, and primary use cases of its products. You’ll also learn about differences and Get familiar with Azure Sentinel, a cloud-native, security information and event management (SIEM) service. This learning path includes the following modules:
If you have any questions, fee free to leave a comment! With that I want to so happy learning and a good start in the new year, Thomas.
by Contributed | Dec 22, 2020 | Technology
This article is contributed. See the original author and article here.
NOTE: ASP.NET Membership, including the ActiveDirectoryMembershipProvider, are deprecated and no longer recommended for use. For new development please using more modern authentication methods, such as ADFS, OAuth, etc.
Under-the-hood, the ASP.NET ActiveDirectoryMembershipProvider uses System.DirectoryServices (S.DS) APIs to do the legwork. A lot of the work in the S.DS namespace is done by the Win32 AD DS APIs. During the initialization phase of the provider, some APIs are called that use RPC-over-SMB when communicating with a DC. Port 445 is designated for SMB.
Note: using other classes to perform LDAP communication doesn’t require port 445, but 445 is still required when supplying an LDAP URI to the provider.
You cannot use the ActiveDirectoryMembershipProvider on the Azure App Service platform because outgoing traffic to port 445 is blocked, regardless of the destination. When attempting to use the provider on that platform, you will encounter an error that looks something like this:
Message: Access is denied.
(D:homesitewwwrootweb.config line 78)
Exception type: System.Configuration.ConfigurationErrorsException
Stack trace:
at System.Web.Security.Membership.Initialize()
at [redacted]
Message: Access is denied.
Exception type: System.UnauthorizedAccessException
Stack trace:
at System.DirectoryServices.ActiveDirectory.DirectoryContext.IsContextValid(DirectoryContext context, DirectoryContextType contextType)
at System.DirectoryServices.ActiveDirectory.DirectoryContext.isServer()
at System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext context)
at System.Web.Security.DirectoryInformation.InitializeDomainAndForestName()
at System.Web.Security.ActiveDirectoryMembershipProvider.Initialize(String name, NameValueCollection config)
at [redacted]
at System.Web.Configuration.ProvidersHelper.InstantiateProvider(ProviderSettings providerSettings, Type providerType)
Message: Access is denied.
Exception type: System.Runtime.InteropServices.COMException
Stack trace:
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.ActiveDirectory.DirectoryContext.IsContextValid(DirectoryContext context, DirectoryContextType contextType)
If you’re using this provider and there’s a firewall dropping/blocking port 445, then you’ll see something like this error:
Exception type: System.DirectoryServices.ActiveDirectory.ActiveDirectoryObjectNotFoundException
Message: The specified domain or server could not be contacted.
(this actually results in a System.Configuration.Provider.ProviderException to be thrown once the above is caught internally)
at System.Web.Security.DirectoryInformation.InitializeDomainAndForestName()
at System.Web.Security.ActiveDirectoryMembershipProvider.Initialize(String name, NameValueCollection config)
at System.Web.Security.Membership.InitializeSettings(Boolean initializeGeneralSettings, RuntimeConfig appConfig, MembershipSection settings)
at System.Web.Security.Membership.Initialize()
at System.Web.Security.Membership.get_Provider()
Both failures actually occur at the same place, but the result for the two scenarios is slightly different due to the internal exception-handling code.
If you want to work around using port 445, then I believe (not tested myself) you can point the provider to an ADAM/AD LDS instance instead. However, getting this up and running probably costs way more management overhead and time vs. using more modern auth methods in the first place.
by Contributed | Dec 22, 2020 | Technology
This article is contributed. See the original author and article here.
When did the Year of Yammer begin? When did it end? Depends on how you cut the numbers, but if 2019 was the #YearOfYammer announcements, then 2020 is absolutely the year when Yammer delivered.
The first taste (or tease) about the Year of Yammer came from Mike Holste in May 2019 causing a stir in Digital Workplace circles. Yammer at that stage was a much loved platform that Microsoft had taken under its wing, but there had been a hiatus in progress and much debate about where it fit within the Microsoft 365 toolset.
Fast forward to October 2019 and Ignite, where #YearOfYammer was officially launched and the pillars of Connection, Leadership, Inclusion, Knowledge and Community. The Future of Yammer was announced with a long list of feature releases to be expected in the coming year.
I spent some time with the Yammer team in early 2020 as they rounded out Ignite the Tour in Australia. At that time we in the community had only just started to see the big changes that had been announced the year before. Now, as 2020 reaches a close the new Yammer is generally available and has been since July.
Connection
Yammer always been about connection, but keeping that at the core is something which the Yammer team feel passionate about. When I spoke to Jason Mayans (Head of Product and Analytics for Yammer) he spoke about how giving people a way to feel more connected and have a voice at work drives what they do.
“Yammer has a really unique opportunity to make them feel better about their work, make them feel better about the organisation they are a part of, feel connected, feel that they have a voice. For me the ability to kind of impact that every day experience that I as an employee have at work is pretty powerful.”
You can make a connection with Yammer by:
- Create and nurture Yammer communities
- Host Yammer Live Events to bring your events to life
- Use @mention to let a colleague know about an interesting conversation
Resources to help make a connection:
Image: Create a new community in Yammer
Leadership
The key to Yammer, has and likely always will be, strong leadership from the top down. This can be achieved in big or small organisations.
At NEXTDC we are an SME (small to medium enterprise) size, but have strong and visible support from our CEO and CXO who are present and engaged in Yammer. This has been the case since we first began using Yammer 4 years ago. Our CEO Craig Scroggie created, and runs a community called ‘CEO – Ask Me Anything’ where anyone can ask a question that he will personally answer.
Even the big corporates can leverage the value of Yammer through leadership. Steve Nguyen, Principal Program Manager with Yammer, speaks admirably about the tremendous ANZ (Australian Bank) have achieved with Yammer.
“I think they have a great culture from a leadership perspective with respect to how they engage and how they are curious… that’s strong and it’s somewhat unique not all organisations have that level of leadership engagement.”
ANZ work hard to build community through leadership as they experience the value that allows them to connect their people and amplify company culture.
You can build leadership with Yammer by:
- Talking to your leaders about the benefits of Yammer
- Encourage them to share news and updates in All Company
Resources to help build leadership:
Image: NEXTDC’s ‘CEO – Ask Me Anything’ community in Yammer
Inclusion
Inclusion is part of Yammers DNA. It was built as a platform anyone could start and nurture, and still today anyone can have a voice on Yammer.
The team are taking that even further by introducing features that will help everyone feel like they have a home on Yammer. You asked and the product team listened, as Angus Florance, Product Marketing Manager, shared:
“At MVP summit a few years ago we got a lot of feedback that Yammer felt a bit corporate, it’s supposed to be a social network. It should be fun it should be engaging it shouldn’t feel like email.”
You can foster inclusion in Yammer by:
- Nurture communities and conversations that encourage inclusive and diverse ideas and thoughts
- Adopt features such as reactions and Gifs to bring fun to your network
- Promote new features such as dark mode and skin tone reactions
Resources to help foster inclusion:
Image: Yammer in Dark Mode at NEXTDC
Knowledge
Capturing tacit knowledge is absolutely a Yammer superpower. The focus is often on the “Knowledge Worker” but we see now many great features being introduced for “First-Line”. This comes from a recognition that we are all knowledge workers who have different needs.
Steve Nguyen challenges our mindset around the knowledge worker, “The term ‘knowledge worker’ could almost be insulting the first-line worker, insinuating that first-line workers do not have any knowledge. When in some cases they have more knowledge, very real and direct knowledge, different knowledge… Yammer lets that first line worker the ability to share that knowledge.”
You can capture knowledge in Yammer by:
- Encourage the use of the ‘question’ feature and ‘best answer’
- Set ‘question’ as the default post type in a community
- Make a poll to seek opinions on an interesting topic
Resources to help capture knowledge in Yammer:
Image: Yammer question feature with an answer marled ‘Best Answer’ at NEXTDC
Community
A simple but profound change we have seen in the Year of Yammer is that ‘groups’ are now called ‘communities’. With this product change, the purpose of Yammer becomes clear.
From Jason Mayans: “Our goal is that when and end user thinks ‘I want to build a community’ or ‘I want to find a community’ they know where to go.”
Build community in Yammer by:
- Use a branded cover photo to give your community a personality
- Pin important posts to get attention
- Feature posts to amplify the message
Resources to help build communities:
Image: A featured conversation in NEXTDC’s Yammer network
What’s next after the Year of Yammer?
I think it is safe to say that 2020 was the Year of Yammer. So what’s next?
Scanning through the public Microsoft 365 Roadmap for Yammer, it is clear that there is a lot being shipped and a lot to come. But what is the broader direction, and as the #YearOfYammer finishes… what do we call 2021 for Yammer?
Image: Tweet by @JMayans – Our 2020 slogan was the ‘#yearofyammer.’ Ideas for @Yammer for 2021?
Head of Product and Analytics for Yammer, Jason Mayans asked the question on Twitter – What should the 2021 slogan for Yammer be?
Here are my ideas.
#YammerForKnowledge
I am excited for the possibilities for Yammer as Microsoft 365 generally moves deeper into using intelligence to build business knowledge. Particularly around search.
Steve Nguyen pointed out that,
“Customers that have been using Yammer for 8-10 years now they will tell us that Yammer is the brain of their organization. And because the institutional knowledge has been stored up, I think Project Cortex is an opportunity to help extract that.”
Jason Mayans predicts,
“I think you’ll see us go a lot deeper in knowledge. So, both kind of natively in Yammer as well as integrated with a larger Project Cortex effort. There is so much knowledge there captured in Yammer through these conversations but there are so many more ways we can leverage it and make it valuable for the broader organisation”
So watch this space for Yammer and Cortex coming closer together.
#YammerForCommunity
We have seen great steps for community managers in the Year of Yammer, but what is next?
Further to what has already been delivered, Jason Mayans wants “to continue to make communities more engaging, help you find communities in easier ways, recognise people who contribute, welcome new members’ as well as helping to enable larger and larger conversations.”
More ways to grow and nurture your communities.
#YammerForAll
Improvements for everyone. Continuing to build Yammer as a tool for sharing, building culture, fostering diversity and inclusion. And, being inclusive in ways that mean people can access from anywhere in the way that they need.
As Jason Mayans put it, “we want to continue to drive all of these capabilities as capabilities of the suite available anywhere you need them and in the context that makes sense.”
Do you have any Yammer predictions or desires? Share them in the comments below.
Big thanks to Jason Mayans, Steve Nguyen and Angus Florence who took the time to let me nerd out about Yammer with them, back at the beginning of the #YearOfYammer, when travel was a thing.
I’m Rebecca Jackson, a digital and visual communicator specialising in the digital workplace. I’ve been working with intranets, online communities and the digital workplace since 2009 and am a Microsoft Office Apps and Services MVP. I first began using Yammer around 2010 and have been a member and community manager of many Yammer networks since then. I work for NEXTDC as Digital Workplace Manager where I am the product owner of multiple Microsoft 365 tools including Yammer, Teams and SharePoint (where our Intranet lives). I enjoy learning and sharing by blogging, sketching, speaking and participating in industry events. It’s an exciting opportunity to be a contributor to the Yammer blog and work collaboratively with other Yammer practitioners.
Image: Jason Mayans, Rebecca Jackson, Angus Florence and Steve Nguyen.
Recent Comments