by Contributed | Mar 24, 2021 | Dynamics 365, Microsoft 365, Technology
This article is contributed. See the original author and article here.
Join us on April 6, 2021 for the Microsoft Business Applications Launch Event, a digital event streaming live from 9:00 10:30 AM Pacific Time (UTC7). This is your opportunity to learn about new innovations coming to Microsoft Power Platform and Microsoft Dynamics 365 over the next six months. James Phillips, President, Microsoft Digital Transformation Platform, will share stories from customers about how they use Microsoft Business Applications to drive success. You’ll also hear from other executives behind the technology as they discuss the new 2021 release wave 1 features and capabilities coming to Dynamics 365 and Power Platform and how they will help you: Bring a new level of innovation and agility to your organization with modular applications that all work together. Unify relationships, processes, and data with connected, comprehensive, cloud Business Applications across your organization. Gain end-to-end visibility while enabling your teams to achieve greater outcomes faster. Thrive as your business changes by extending existing applications and building new solutions. Give your organization the tools it needs to provide a safer workplace while maintaining productivity as teams work remotely. And that’s just the start. During the event, participate in a live Q&A chat to get answers to questions and learn more. Register today to ensure you don’t miss a single update, insight, or in-depth product demonstration from the experts behind them. Come join us. And experience tomorrow’s innovations for your businesstoday. Register now. Catch up on news, demos, and learning sessions from Microsoft Ignite For a complete list of new capabilities, please review the Dynamics 365 and Power Platform 2021 release wave 1 plans, as well as overviews of updates announced at Microsoft Ignite in early March, including: Dynamics 365: The introduction of Dynamics 365 Intelligent Order Management, a new application that can help accelerate omnichannel transformation across order and fulfillment. New ways to extend collaboration across teams and departments with Dynamics 365 and Microsoft Teams. The debut of real-time customer journey orchestration to elevate personalized customer experiences. Power Platform: The ability to automate desktop tasks in Windows 10 with Microsoft Power Automate Desktop, available for all Windows 10 users at no cost. Microsoft Power Fx, a low-code, open-source programming language across the Power Platform. New and enhanced governance, security, and administration capabilities to enable IT professionals to safely manage and scale the growth of low-code solutions within the organization. Power BI Premium Per User, which will be generally available on April 2nd for $20 per user, per month, and the introduction of a new Autoscale option with pay-as-you-go, and improved utilization metrics. New AI capabilities in Power Virtual Agents enable bots to automatically learn and improve over time. You can also watch dozens of learning sessions from Ignite on-demand, a great way to learn about the very latest technology for every part of your business. Tomorrow’s innovations for your business Register today and join us for the Microsoft Business Applications Launch Event. Transform data from every source to give you holistic guidance and improve decision making
The post Explore Dynamics 365 and Power Platform updates at the Microsoft Business Applications Launch Event appeared first on Microsoft Dynamics 365 Blog.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Contributed | Mar 24, 2021 | Technology
This article is contributed. See the original author and article here.
This blog post is a follow-on to a three-part series exploring the many ways that Microsoft Power Platform empowers people with no coding experience to upskill and quickly learn how to create apps to solve business problems or local community issues. The cloud advocate featured in this post, Greg Hurlman, shows developers how using Microsoft Power Platform can empower them in new ways. He also works with nondeveloper creators who use Microsoft Power Platform to come up with inventive solutions. To hear the other cloud advocates talk about their experience with Microsoft Power Platform, tune in to this Digital Lifestyle podcast.
When Dona Sarkar, lead for the Microsoft Power Platform Advocacy team, needed a developer advocate for the team, she looked for “one of the best people in the world at what they do.” She wanted someone who could show classic software developers how to do their job more efficiently and how to write and debug less code. She found that person in Greg Hurlman, who is now in customer engagement on the Microsoft Power Apps engineering team.
As Hurlman talked to customers trying to get Power Apps started in their organizations, he heard about Sarkar’s efforts. In fact, he even helped her when she had issues with her own environment as she was doing a demo. Sarkar saw firsthand how knowledgeable and helpful Hurlman was and how friendly and informative he was when he moderated Q&As for different Microsoft Power Platform sessions. So when he asked her if there was anything else he could do to help, she told him she needed a cloud developer advocate. As Hurlman puts it, “If you’re going to volunteer to Dona that you’re going to help her do her work, she will volunteer you to do it.”
A career helping others use technology
As a support engineer and consultant, Hurlman has always helped customers solve their problems. As he puts it, “I’ve been keeping people from having to call IT for the past 20 years.” His consulting work allowed him to develop empathy for customers. Hurlman explains, “I met with a lot of end users of the folks that were going to use the applications that IT was having us build. I helped them figure out their requirements and how they were going to actually use it. I’ve done a lot of community work when I was in the SharePoint space. That gives me a more rounded outlook on how software gets built because I’ve actually talked to customers that build things.”
Reaching out to traditional developers
The message that Hurlman brings to the traditional developer community is simple—using Power Apps saves time and development effort. He points out, “At this point in my career, I’ve been coding forever but I will create an app with Power Apps first before I try to create anything with custom code—just because it’s so much faster and does so much of what you’re trying to do.”
Hurlman has a lot of tips and tricks to show traditional developers how to create apps faster using Power Apps. He observes that there are two types of traditional developers—those who like building the user interface (UI) for the web (the front end) and those who like building the middle layer APIs that talk to databases (the back end). Typically, these developers can code for both the front end and the back end, but they have a preference. He uses an example, “If you’re a developer who only wants to work on the back end but you still need to work on the UI, you can use Power Apps to create that front end for you. You create your API, and you write a connector to it. Now the data through your API can get into that app super easily. The amount of time you can spend on the front end goes from weeks and months to days and weeks.”
He tells the story of a mobile developer who was introduced to Power Apps. “In the span of an hour, he was able to build an app that was actually useful, that you could run on your phone. It made him question why he would go through the rigamarole of doing things to create mobile apps the way you do as a professional developer when you’re getting 90 percent of everything you could get either out of the box or with just a little bit of tweaking with Power Apps.”
Greg notes that Microsoft Certification can be a great career boost for developers who become Power Apps power users. To learn more about these developer certifications, check out the “Skill up with Microsoft Power Platform certification” section later in this post.
Reaching out to app creators
Then there’s Lauren Taylor, an elementary school principal in Tacoma, Washington, who uses Power Apps to help her run the school better. Her customers are her faculty. She created apps to help track student reading data, to have the teachers coordinate lesson plans, and more. Hurlman was struck by the fact that Taylor says that “she’s not an application developer—she’s an app creator.”
To acknowledge these new skills, Hurlman points out that the cloud advocates are working on a fusion developer team learning path that walks through creating Microsoft Power Platform apps using both the traditional dev sensibility and the app maker approach. Hurlman marvels at the creativity of the app makers. “They will take one thing and use it the way you planned,” he states, “and then use it 10 more ways that you didn’t plan.”
A future full of opportunity
Sometimes these app creators attend Hurlman’s talks for developers on custom connectors or the Power App platform at (pre-COVID-19) in-person events. He explains, “Every single time there would be somebody who has never written traditional code who maybe created a few Power Apps or maker apps or used Power Apps with Power Automate, and so on. These folks didn’t understand the developer content, but they would come up to me after and say that they’re interested in learning more so they can take the next step in their career journey. They just need to pick up the development 101 stuff.” They’re eager to use Power Apps to enrich or advance their careers.
Hurlman observes that there’s going to be a surge in the number of apps that need to be created in the next decade. He explains, “The amount of traditional developers we have to create those apps does not line up. We’re only going to be able to create a third of what we need. The other two-thirds are going to have to come from this maker space.” This means that there’s more than enough work for traditional developers and app makers who understand their organizations’ needs and who want to quickly create and iterate on apps.
Skill up with Microsoft Power Platform certifications
Depending on your skill set, Hurlman recommends that you check out the certifications for Microsoft Power Platform developers. A Microsoft Certification signals that you have the skills that organizations are looking for when they hire and advance employees. And it can help open career doors for you.
If you’re a maker and an app creator without a formal background in development, see whether your skills map to the requirements for passing Exam PL-100: Microsoft Power Platform App Maker for the Microsoft Power Platform App Maker Associate certification.
Those with a more traditional development background and some experience with Microsoft Power Platform should take a look at the new Microsoft Power Platform Developer Associate certification. To learn more, read our blog post, New certification: Microsoft Power Platform Developer Associate.
And if you’re a traditional developer looking to showcase your consulting and configuration skills, explore the Microsoft Power Platform Functional Consultant Associate certification.
Seasoned developers who have a lot of experience with Microsoft Power Platform should check out the Microsoft Power Platform Solution Architect Expert certification. It’s a great way to signal that you’re ready to take your career further.
Helping developers discover their career paths
Hurlman is passionate about helping a wide variety of developers. He likes to surprise the traditional developers by showing them new ways they can save time and effort by incorporating Power Apps into their traditional tool set. Certifications can help them grow their careers. Plus, the inventive app creators have a special place for him because they, too, will be important to tomorrow’s workplace. It doesn’t matter what their backgrounds are—they can come to Power Apps and quickly build tools that make a difference for themselves and their organizations. Power Apps is a confidence builder, and Hurlman wants to spread the news that there are Power Apps development career paths available for people who love to create apps.
by Contributed | Mar 24, 2021 | Technology
This article is contributed. See the original author and article here.
This blog post is part 2 of the three-part series on Microsoft Teams and on-premises Exchange mailboxes.
Microsoft Teams and on-premises mailboxes: Part 1 – How do Teams and Exchange Server interact?
Teams Backend AutoDiscover
The Teams Backend Services use AutoDiscover Version 2 to find a user’s Exchange mailbox on behalf of a Teams client. This AutoDiscover V2 call is an anonymous call for performance reasons to determine the Exchange target URL for the mailbox sought as quickly as possible. As already mentioned in the previous blog post, the Teams Backend Services query the AutoDiscover endpoint of Exchange Online first. If Exchange Online does not host the mailbox, the services receive an HTTP redirect to search for the local Exchange organization’s endpoint.
The detailed steps are:
1. The Teams Backend Services query the Exchange Online AutoDiscover endpoint for the URL for the EWS protocol using an AutoDiscover V2 JSON query
https://outlook.office365.com/autodiscover/autodiscover.json?Email=John.Doe@varunagroup.de&Protocol=EWS
2. Exchange Online verifies the recipient type for the email address contained in the JSON query and replies with one of the following options:
a. RecipientType: Mailbox
https://outlook.office365.com/EWS/Exchange.asmx
The mailbox is an Exchange Online mailbox. No further steps are necessary. The Teams Services have the information they need to access the users’ calendar.
b. RecipientType: MailUser
Exchange Online determines the AutoDiscover endpoint based on the ExternalEmailAddress attribute; in this example autodiscover.varunagroup.de
3. Exchange Online replies with an HTTP 302 redirect to autodiscover.varunagroup.de
4. The Teams Backend Services send an AutoDiscover V2 JSON query for the URL for the EWS protocol
https://autodiscover.varunagroup.de/autodiscover/autodiscover.json?Email=John.Doe@varunagroup.de&Protocol=EWS
5. On-premises Exchange Server replies with an external EWS URL of a virtual Exchange Web Services virtual directory
Example: {“Protocol”:”EWS”,”Url”:”https://mail.varunagroup.de/EWS/Exchange.asmx“}
6. The Teams Backend Services use the received URL to establish a connection to the on-premises Exchange organization
But what do the Teams Backend Services exactly, after receiving the EWS URL? The services perform the following steps:
- Open an HTTPS connection to the on-premises EWS URL and perform an OAuth authentication using the registered services principal
- Send an EWS calendar query
- Receive the Exchange Web Services response
- Send the parsed calendar data to the Teams clients’ calendar app for further use
As you can see, accessing the calendar of a user mailbox hosted in an on-premises Exchange organization is complex. This complexity can lead to errors.
How can you now perform an error analysis for the AutoDiscover process and the subsequent calendar access? Let’s start with AutoDiscover.
Troubleshooting AutoDiscover
Since Microsoft Teams Backend Services perform all AutoDiscover and other client accesses, there are no viable troubleshooting steps on the local Teams client. The client itself must have access to the internet and proper DNS name resolution working.
Because AutoDiscover V2 uses anonymous access, you can test it for any email address. This self-test helps you as an IT administrator check AutoDiscover for a users’ email address that might not work correctly. You can check the AutoDiscover response using PowerShell or with the help of a browser.
PowerShell
Run the Invoke-RestMethod cmdlet with the following Uri-Strings for EWS and REST protocol
Invoke-RestMethod -Uri ‘https://outlook.office365.com/autodiscover/autodiscover.json?Email=John.Doe@varunagroup.de&Protocol=EWS‘
Invoke-RestMethod -Uri ‘https://outlook.office365.com/autodiscover/autodiscover.json?Email=John.Doe@varunagroup.de&Protocol=REST‘
Out-of-Office information and calendar-based presence status requests use the on-premises REST-endpoint.
Ensure that there are no unsupported characters in the Uri.
Browser
You can test and query the AutoDiscover endpoint using the following URLs
https://outlook.office365.com/autodiscover/autodiscover.json?Email=john.doe@varunagroup.de&Protocol=EWS
https://outlook.office365.com/autodiscover/autodiscover.json?Email=john.doe@varunagroup.de&Protocol=REST
For an on-premises mailbox, you receive an AutoDiscover response from your on-premises Exchange Server, like the one shown in the following screenshot.
Perform a Fiddler trace for a more detailed error analysis when executing the HTTPS queries. The trace results help you to identify other possible sources of error, i.e., a failed TLS handshake.
If an error occurs while determining the AutoDiscover information, this does not automatically imply a problem. Check the following options:
- The AutoDiscover query terminates with a timeout
- Is the HTTPS access to your Exchange organization restricted to the remote IP address ranges of Microsoft 365?
- Maybe the Exchange Server systems have a performance problem and cannot respond promptly?
- You receive a “User Not Found”-response
- Is the user account excluded from the Azure AD Connect synchronization and does not exist as a “Mail User” object in Exchange Online?
- The response does not contain the expected EWS or REST URL
- The mailbox is an on-premises mailbox, but the response contains the Exchange Online endpoint
https://outlook.office365.com/EWS/Exchange.asmx
Most likely, the user has an additional mailbox in Exchange Online. Resolve the double mailbox situation.
- The response contains a URL that seems to be an internal URL, i.e.,
https://exch01.varunagroup.local/EWS/Exchange.asmx
The ExternalUrl attribute configuration is not correct for all virtual directories.
- You use bound namespaces, the user mailbox location is AD site EMEA, but the response contains an URL of a different site, i.e.,
https://mail.apac.varunagroup.de/EWS/Exchange.asmx
Expected URL: https://mail.emea.varunagroup.de/EWS/Exchange.asmx
Until March 2021, AutoDiscover V2 is not AD site-aware. The March 2021 cumulative updates for Exchange Server 2016 and 2019 fix this issue. Read more about the updates in this blog post.
- DNS Name resolution fails for the email address target domain
- There is no DNS resource record for AutoDiscover in the internet-facing DNS zone
The next steps to identify connection problems lead us to the on-premises Exchange servers. With a local network trace, you can determine whether there are TLS handshake errors. Please note that your Exchange Server systems must be configured correctly for TLS 1.2. The TLS 1.2 configuration might require manual steps if you use Exchange Server 2016 or Exchange Server 2013.
If there are no errors in the TLS handshake, you must check the Exchange server’s log files. Checking the log files on the local Exchange servers requires several steps. Depending on your local Exchange organization’s size and the number of Exchange Servers, this check can be very complicated.
The following diagram shows the participating Exchange Server components of a single Exchange Server for incoming connections from the Teams Backend Services to the Exchange Web Services endpoint.
The IIS Default website receives the incoming HTTPS connection from the Teams Services and passes it to the Frontend Proxy component, i.e., EWS or REST. You find information about those two connections in the W3SVC1 (1) and the HttpProxy logs of the targeted protocol (2). The Frontend Proxy component proxies the connection to the Exchange Backend website of the Exchange Server, where the active database copy containing the user mailbox is mounted. This is not necessarily the same Exchange Server accepting the Frontend connection. You find information about this proxied connection in the W2SVC2 IIS logs (3) and the queried Exchange service (4). Depending on the Exchange protocol you want to troubleshoot, you must check the AutoDiscover, EWS, or REST log files.
Troubleshooting Calendar App
Now that you know how to deal with the AutoDiscover process’s errors, it’s time to take a look at the Teams Calendar app.
Suppose the access to AutoDiscover works without errors. There is a high probability that the access to the Exchange Web Services will also work, and therefore the calendar app in the Teams client will show calendar information.
However, if the Teams client does not display the calendar, check the following:
- Can the EWS URL determined by AutoDiscover, is the hostname resolvable in the domain’s external DNS zone, and can it be reached from the Internet via HTTPS?
- Use a browser to connect to the EWS URL and use Fiddler to identify any connection-based issues
The EWS endpoint must reply with am HTTP 401 status code
- Use the Remote Connectivity Analyzer to perform a Teams Calendar Access Tab Test
http://bit.ly/TeamsCalTest
- Verify the OAuth Authentication configuration
In the next blog post, we will take a closer look at calendar delegate situations.
Links
Thomas Stensitzki is a leading technology consultant focusing on Microsoft messaging and collaboration technologies and the owner of Granikos GmbH & Co. KG. He is an MVP for Office Apps & Services and an MCT Regional Lead. As a user group organizer, he hosts the Microsoft Teams User Group Berlin and the Exchange User Group DACH.
Twitter: https://twitter.com/stensitzki
Blog: https://JustCantGetEnough.Granikos.eu
Teams User Group: https://TeamsUserGroup.berlin
Exchange User Group: https://exusg.de
To write your own blog on a topic of interest as a guest blogger in the Microsoft Teams Community, please submit your idea here: https://aka.ms/TeamsCommunityBlogger
by Contributed | Mar 24, 2021 | Technology
This article is contributed. See the original author and article here.
We are pleased to announce the general availability of Modern Admin Control Panel (MACP), as part of the Skype for Business Server 2019 March 2021 Cumulative Update.
This is a continuation to our earlier released versions of MACP. You can read about previous releases, Phase 2 March 2020 here and Phase 1 in July 2019 here.
We had covered ‘Home’, ‘Users’, ‘Conferencing’ and ‘Federation and External Access’ tabs in earlier releases. In this release we introduce following tabs: ‘Voice Routing’, ‘Voice Features’, ‘Response Group’ and ‘Conferencing (Dial-In-Access Number sub-tab)’
We continue to listen to our customers to prioritize and ship new features and updates. Hence based on your feedback, this release also includes the following enhancements.
- Addition of OAuth (optional) to login into MACP portal
- Support for Simple URL to access MACP portal
Please start using new Control Panel and share feedback and questions via the ‘Give Feedback’ link in the Control Panel. Read on for details.
Installation Instructions
1. Run SSUI
2. Run Bootstrapper.exe
3. Please install the Management OData if not installed using below steps:
a. Open PowerShell in Administrator mode
b. Run command: Add-WindowsFeature ManagementOData
The administrator account must have CsAdministrator role privileges and must be SIP enabled. If the OAuth is set up, administrator is not required to be SIP enabled.
Launching and Using Control Panel
Please put in https://<your pool FQDN>/macp or the configured simple URL https://admin.<your-domain>.com/macp manually in a supported browser, and the Control Panel should open. You can also click on the blue banner at the top of the old Control Panel to launch the new Panel. The login screen looks like the following:
Login screen
Once you hit the login screen, log in with your admin credentials.
Voice Routing
Please create, modify, or delete dial plans in Dial Plan sub-tab as below:
Dial Plan Home screen
Please create, modify, or delete voice policies in Voice Policy sub-tab as below:
Voice Policy Home screen
Please create, modify, delete, or change the priority order of routes in the Route sub-tab below:
Route Home screen
Please view or delete PSTN usages in PSTN Usage sub-tab below. The new PSTN usages can be created under Associated PSTN Usages table in the voice policy form.
PSTN Usage Home screen
Please create, modify, or delete trunk configurations in Trunk Configuration sub-tab below:
Trunk Configuration Home screen
Please create, modify, run, or delete test cases in Test Voice Routing sub-tab below:
Test Voice Routing Home screen
Please try the import/export functionality in Voice Routing sub-tabs. You may export your voice- routing configuration to a file. Also, you may import the voice-routing configuration from the file. This functionality is present in every sub-tab under voice routing as shown below:
Import/Export Configuration
Similarly, you can import/export voice routing test cases in Voice Routing tabs. Also, you can create test cases. This functionality is also present in all voice routing sub-tab as shown below:
Import/Export/Create Test Cases
Please try creating and running test cases with this functionality as shown below:
Create Test Cases
Voice Features
Please try out the scenarios for ‘Call Park’ and ‘Unassigned Number’. You can create various number ranges, edit them, or delete them.
Call Park home screen
Unassigned Number home screen
Response Group
Please note that to create or edit a workflow you need to access the page from inside domain network.
Workflow page in Response Group
If not accessing from inside domain network, then the page displays message as shown below:
Workflow Access from domain message
Please create, modify, or delete Response Group Queues in Queue page below:
Queue page in Response Groups
Please create, modify, or delete group agents in Group page below:
Group page in Response Groups
Conferencing
We have also provided the only remaining page from Conferencing tab – ‘Dial-In-Access Number’.
Dial-In-Access Number in Conferencing
Setup OAuth to login into MACP portal
The following is the step by step process to setup OAuth for MACP portal.
Minimum OS req and ADFS Server version:
- Windows Server 2016 onwards
Steps to be performed on ADFS Farm machine:
- Ensure that an ADFS farm exists on the topology
- Create a new app for MACP in the ADFS
a. Use the script Configure MACP application in ADFS Farm
b. We suggest you go with default options while running the above script.
Steps To be performed on FE w17 server:
Once you have setup the ADFS farm, execute the following steps.
- Install the latest SSUI in all the FE pool machines
- To enable the ADFS OAuth for MACP across all the pools or selective pools
a. Use the script Configure OAuth for MACP
b. We suggest you review default options while running the above script.
NOTE:
- You need to run the script on just one FE W17 server machine in your topology and it will automatically identify all the FEs in your topology (or the selective pools you have passed to the script).
- Use the same script to disable ADFS OAuth and fallback to web-ticket auth.
- To re-configure any ADFS related details, you must disable ADFS OAuth using Configure OAuth for MACP and then configure the ADFS again.
If OAuth is correctly configured, then you should see login screen as below:
On clicking the Sign in button, you will get a pop-up to enter your username and password.
Setup Simple URL to access the MACP portal
You can also access MACP using the simple URL https://admin.<your-domain>.com/macp
Use the following steps to configure simple URL
1. Install the latest SSUI
2. Configure Simple URL using cmdlet.
Example below shows how a new URL can be added to an existing collection of simple URLs
$urlEntry = New-CsSimpleUrlEntry -Url “https://admin.<your-domain>.com”
$simpleUrl = New-CsSimpleUrl -Component “macp” -Domain “your-domain.com” -SimpleUrlEntry $urlEntry -ActiveUrl “https://admin.<your-domain>.com”
Set-CsSimpleUrlConfiguration -Identity “Global” -SimpleUrl @{Add=$simpleUrl}
3. Run Enable-CsComputer
4. In addition, you must also do such things as
a. create Domain Name System (DNS) records for each URL
b. configure reverse proxy rules for external access
c. add the simple URLs to your Front End Server certificates; and so on.
NOTE:
- Configuring OAuth based authentication for MACP is a prerequisite to use of Simple URL.
Providing Feedback
We always welcomes any feedback and suggestions. Please share feedback and questions via the ‘Give Feedback’ link in the Control Panel. In the top right corner, you’ll see your login name. Click on the adjacent arrow, and you should see a drop-down like the below:
Hit ‘Give Feedback’, and you should see a browser window open with the relevant discussion forum. Please do check the discussions to see if your question has already been addressed. We look forward to hearing from you!
On behalf of the product team,
Ravindra Singh Bisht
Senior Program Manager, Skype for Business Server
by Scott Muniz | Mar 24, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the Mozilla security advisories for Firefox 87, Firefox ESR 78.9, and Thunderbird 78.9.
Recent Comments