by Contributed | Jun 18, 2021 | Technology
This article is contributed. See the original author and article here.
Microsoft 365 Extensibility look book
Want to understand what types of apps you can build on Microsoft 365? Want to get inspired by the scenarios you could implement? Curious about the different extensibility points available for developers?
Check out the new Microsoft 365 Extensibility look book: an interactive gallery that helps you understand how you can extend Microsoft 365 with custom apps. The look book has been announced at Ignite ‘21 and is publicly available at https://aka.ms/m365/extensibility.
Microsoft 365 Extensibility look book explains the Microsoft 365 extensibility opportunity using three pivots: products, type of apps and scenarios. Using these pivots, you can learn what’s possible in a way that’s intuitive for your role.
Microsoft 365 developers, familiar with Microsoft’s technology, can jump to the specific Microsoft product and learn how to extend it. New developers can explore the opportunities by looking at the different types of apps. Business decision makers can look at the scenarios to start conversations in their organization and drive demand for building custom apps on Microsoft 365.
Each page in the look book contains links to existing resources on Microsoft Docs, Learn, YouTube and GitHub to help you learn how to get started building these apps.
We’re excited to share the Microsoft 365 Extensibility look book with you and hope you’ll find it helpful in your conversations with your colleagues and customers. And please, don’t hesitate to let us know if you have suggestions how we could improve it.
by Scott Muniz | Jun 18, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Google has released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities—CVE-2021-30554—has been detected in exploits in the wild.
CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates.
by Contributed | Jun 18, 2021 | Technology
This article is contributed. See the original author and article here.
Looks like engineering at Microsoft has been busy with the announcements of updates for both Azure Monitor Agent and Azure IoT Central. Not to mention the announcement of new cloud regions in Arizona, 20 amazing IT Admin updates for those who support educators and the cost-effective Microsoft Learn module of the week.
Azure Monitor Agent and Data Collection Rules now generally available
Azure Monitor Agent (AMA) along with the Data Collection Rules (DCR) improve on key areas of data collection including granular and flexible configuration (e.g. collect from a subset of VMs for a single workspace), collect once and send to both Log Analytics (multi-homing) and Azure Monitor Metrics, data filtration at source, improved extension management, and better performance overall.
DCRs allow the ability to define rules surrounding what data to collect and where it should be sent to. It’s agnostic of the data source or destination and thus flexible enough to configure granular and targeted data collection.
Here’s what’s now generally available:
- All existing features, capabilities and support that were available in preview except for below:
- Using Azure Monitor Metrics as destination is not GA (preview).
- Metrics data can still be collected and sent to Log Analytics workspaces.
- New features:
- Production quality, security and compliance as expected of generally available features of Azure Monitor.
- Availability in all public regions where Azure Monitor is supported.
- Performance and scale improvements to support higher EPS (events per second) uploads.
- Coming next:
- Support for direct proxy and private link networking support
Learn more:
General availability: Azure IoT Central new and updated features—May 2021
Built-in JSON editor for device modeling
Modify the device model’s DTDL from within your app using the new JSON editor. From the device template experience, select Edit DTDL. The code editor lets you see in-line JSON syntax errors and review your edits with highlighted changes.
Command request and response on Raw Data view
The Raw Data view now includes command request and response data exchanged with your devices including the the last 7 days of payloads exchanged.
External content dashboard tile
Use the External Content tile to add external content to dashboards. The tile uses an HTML iframe to load content from a source outside of IoT Central.
Analytics query persistence
Your app now remembers analytics query definitions across sessions so you don’t need to rebuild your queries if you navigate away from the page.
CDE – Data source parity with CDE v1
You can now configure your data export to send device lifecycle events only for provisioned devices, or only for enabled devices. You can now add enrichments containing the device’s provisioned and enabled states. Use these new filters to further narrow down your exported data.
IoT Central Documentation
The device template versioning guidance has been updated, and we’ve added more samples to the samples browser.
Device development best practices and failover testing
Best practices for device development describes how to take advantage of built-in disaster recovery and automatic scaling, including testing with the az iot central device manual-failover and az iot central device manual-failback CLI commands. Failover capabilities are included automatically in applications created since April 2021 and will be added to pre-existing applications.
Microsoft Azure available from new cloud regions in Arizona
Microsoft’s newest sustainable datacenter region in Arizona, West US 3, includes Azure Availability Zones, offering additional resiliency for apps by designing the region with unique physical datacenter locations with independent power, network, and cooling for additional tolerance to datacenter failures. Azure offers region portability for multiple resources with Azure Resource Mover if you are looking to leverage the new region and Availability Zones.
Learn more
20 Amazing Education Focused IT Admin Updates
Education IT admins have begun thier planning for the next calendar school year. A great amount of learning by IT based on this past year’s experiance has influenced the creation of new updates in both Microsoft 365 and School Data Sync (SDS).
- School Data Sync (SDS)
- SDS is releasing 11 amazing updates for the upcoming BTS season, including a new enhanced v2.1 CSV data schema for Education Insights Premium, group provisioning support in v2.1 sync profiles, and a several updates to MS Graph APIs for SDS remote management and partner integration scenarios.
- M365 Admin Center and School Level IT Administration
- A new a single and centralized place for delegated School level IT admins to perform and manage the most common administrative tasks across M365 workloads like Azure AD, Teams, Exchange, and SharePoint. This will help central IT teams and Global Administrators focus on higher privileged tasks within M365 while delegating the operational tasks down to others within the organization as appropriate. Using Administrative Unit (AU) scoping and RBAC role assignments, delegates will be empowered to manage the subset of users, groups, teams, and group connected sites associated with their specific school, college, or subset of the broader tenant and directory.
Further details surrounding said updates can be found here: Learn more
Community Events
MS Learn Module of the Week
Understand Windows Server IaaS Virtual Machine cost management
You’ll be able to use the Pricing calculator to assess likely costs, use Azure Advisor to monitor actual costs for Azure resources, implement Spot VMs and Azure Reservations, and describe benefits of Azure Hybrid licensing.
This module details how to:
- Use the Azure pricing calculator to estimate VM costs.
- Monitor and limit Azure resource costs.
- Implement Spot VMs and Azure Reservations.
- Describe the Azure Hybrid Benefit licensing offer.
Learn more here: Understand Windows Server IaaS Virtual Machine cost management
Let us know in the comments below if there are any news items you would like to see covered in the next show. Be sure to catch the next AzUpdate episode and join us in the live chat.
by Contributed | Jun 18, 2021 | Technology
This article is contributed. See the original author and article here.
SharePoint Framework Special Interest Group (SIG) bi-weekly community call recording from June 17th is now available from the Microsoft 365 Community YouTube channel at http://aka.ms/m365pnp-videos. You can use SharePoint Framework for building solutions for Microsoft Teams and for SharePoint Online.
Call summary:
Summer break and community call schedule updates reviewed. Register now for June trainings on Sharing-is-caring. You are invited to join the Viva Connections private preview! Update on SharePoint Framework v1.13.0 features – extensibility options with Viva Connections, Teams improvements, tooling updates, Store modernization and more. Released PnPjs for Client-side Libraries v2.6.0, CLI for Microsoft 365 v3.11.0 Beta, and PnP Modern Search v4.2.3 & v3.20.0. Microsoft Teams Toolkit for Visual Studio & Visual Studio Code now available for preview.
There were four PnP SPFx samples (2 extensions and 2 web parts) delivered in last 2 weeks. Great work!
Latest project updates include: (Bold indicates update from previous report 2 weeks ago)
PnP Project |
Current version |
Release/Status |
SharePoint Framework (SPFx) |
v1.12.1 |
v1.13.0 Preview in summer |
PnPjs Client-Side Libraries |
v2.6.0 |
v3.0.0 developments underway |
CLI for Microsoft 365 |
v3.11.0 Beta |
v3.10.0 preview released |
Reusable SPFx React Controls |
v2.7.0 (SPFx v1.11), v3.1.0 (SPFx v1.12.1) |
|
Reusable SPFx React Property Controls |
v2.6.0 (SPFx v1.11), v3.1.0 (SPFx v1.12.1) |
|
PnP SPFx Generator |
v1.16.0 |
Angular 11 support |
PnP Modern Search |
v4.2.3 & v3.20.0 |
|
The host of this call is Vesa Juvonen (Microsoft) @vesajuvonen. Q&A takes place in chat throughout the call.
The waving wall! Impressive. Great to see you. Truly looking forward to seeing you in Las Vegas, Düsseldorf or another conference venue in the future!
Actions:
Demos:
- spfx-fast-serve: faster SharePoint Framework development – a spfx command line utility, that accelerates SPFx development by modifying your SPFx project to run a serve command immediately upon Save. Reduces SPFx build pipeline rebuild/reload time from >7 to <1 second by applying updates only changes rather than rebuilding entire project. Install CLI, spfx-fast-serve then apply fast-serve to your SPFx project. Presenter shows/explains project file modifications. Recently added hot model replacement (HMR) feature.
Building team time zone assistant Teams solution with SPFx v1.13, including Viva Connections Card – a Team Time Clock app shown as Teams app, Personal app and Viva Dashboard Card (SPFx web part + Adaptive Card extension). On Card, see high level information (people and time) and deep link into Teams to schedule meeting experience. Based on when people prefer to meet (green times), select time by aligning green fields in time slot. Full code walkthrough, many features.
Topic:
Microsoft Teams Toolkit for Visual Studio & Visual Studio Code now available for preview.
Did you know a feature in this latest version of the Teams Toolkit is the SPFx dev experience is truly integrated into this Toolkit? Of course, the build decision is largely a UX hosting decision. TypeScript devs, will prefer SPFx/M365 hosting while ISVs will gravitate to Azure for external hosting Please share feedback on your SPFx development experience in Teams Toolkit v2.0.
SPFx web part samples: (https://aka.ms/spfx-webparts)
Thank you for your great work. Samples are often showcased in Demos.
Agenda items:
Demos:
- Demo: spfx-fast-serve: faster SharePoint Framework development – Sergei Sergeev (Mastaq) | @sergeev_srg – 17:42
- Demo: Building team time zone assistant Teams solution with SPFx v1.13, including Viva Connections Card – Julie Turner (Sympraxis Consulting) | @jfj1997 & Derek Cash-Peterson | @spdcp – 31:22
Resources:
Additional resources around the covered topics and links from the slides.
General Resources:
Other mentioned topics:
Upcoming calls | Recurrent invites:
PnP SharePoint Framework Special Interest Group bi-weekly calls are targeted at anyone who is interested in the JavaScript-based development towards Microsoft Teams, SharePoint Online, and also on-premises. SIG calls are used for the following objectives.
- SharePoint Framework engineering update from Microsoft
- Talk about PnP JavaScript Core libraries
- Office 365 CLI Updates
- SPFx reusable controls
- PnP SPFx Yeoman generator
- Share code samples and best practices
- Possible engineering asks for the field – input, feedback, and suggestions
- Cover any open questions on the client-side development
- Demonstrate SharePoint Framework in practice in Microsoft Teams or SharePoint context
- You can download a recurrent invite from https://aka.ms/spdev-spfx-call. Welcome and join the discussion!
“Sharing is caring”
Microsoft 365 PnP team, Microsoft – 18th of June 2021
by Contributed | Jun 18, 2021 | Technology
This article is contributed. See the original author and article here.
Azure Policy can give us the ability to audit settings inside a virtual machine using Guest Configuration. However, at this time we can’t remediate those machines because the feature is not yet available. This means that although we can see that a virtual machine is non-compliant there is little you can do about fixing it from the policy blade itself.
One of the built-in Guest Configuration policies can audit whether specific software is installed in a Windows machine, this could be a full software program or a specific agent. But then how do install the software based on the non-compliant policy result?
Thanks to Azure Policy state change events we can now detect when a resource changes it’s compliance settings and we can subscribe to these events using an Event Grid Subscription. I’ve used Event Grid in a previous post, but this time I’m going to use an Azure Automation runbook and some PowerShell to install the missing software package (PowerShell 7).
Pre-Requisite Deployment
I’m going to need several different resources to make this all work – so I’ve scripted everything up as Bicep templates and PowerShell scripts to run the deployment. All the files are in the GitHub repository, you can download them, and the only modification will be the names of the resources in deploy.ps1.
After updating those fields, you can run the script, it will complete the following steps.
- Deploy a new storage account.
- Deploy a container into the storage account called software where the MSI file is placed.
- Deploy a new automation account which is assigned a managed identity. This feature is currently in preview and simplifies the previous approach to giving permissions to an automation service principal.
- Deploy a couple of variables into the automation account which are used by the runbook.
- Assign Contributor permission to the automation account managed identity.
- Install all the Az modules required by the runbook (this does take a bit of time to complete).
- Assign the policy below to the resource group. This will install the Guest Configuration agent which is a pre-requisite for the software installation policy.
- Create a system topic to listen to the policy state changes.
It takes a while to deploy the initial template – but be patient. There is some output logging so you can see what the rest of the script does.
- Download the PowerShell 7 MSI and upload it to the storage account.
- Publish the runbook to the automation account
- Create a webhook for the runbook
- Deploy and Event Grid Subscription and the software installation policy.
The policies will be deployed to the resource group…
The software installation file is ready in the storage account…
And the Event Grid subscription is listening for policy events…
I’ve adjusted the filters for the events which I’m interested in – it should only fire the webhook when the software installation policy returns a non-compliant result.
Testing the Process
And now for some testing. I’ll create a standard Windows Server in the resource group by just going through the wizard – when complete my machine will not have PowerShell 7 installed (simply because it isn’t there out of the box).
Checking the Apps and Features on the server…
Things are going to start moving in this virtual machine, but at some point, that software installation policy is going to return a non-compliant result. This can happen either before or after the Guest Configuration agents are installed, now it doesn’t really matter. The Guest Configuration extension will eventually install and check for the installed application. It generally takes around 30 minutes for policy evaluation to complete – you can trigger an evaluation using PowerShell at any time by running.
Start-AzPolicyComplianceScan -ResourceGroupName SoftwareInstallation
It is called out in the documentation that state change events are only fired after the evaluation is complete. From my testing this took around 10 or so minutes so you have to patient.
While you wait, I’ll explain the runbook that is going to be run. The steps involved in this one are…
- Strip down the subject from the Event Grid event – the schema can be found here.
- Create a script object using a here-string and write that out to a script file in the runbook worker.
- Call the Invoke-AzVMRunCommand cmdlet on the virtual machine and run the script that is now in the runbook worker.
When it is eventually called – the extension runs the script which downloads and installs PowerShell from the storage account.
Back to the process and my software installation policy has returned a non-compliant result for my virtual machine. As I said before you need to wait until the evaluation cycle is complete before an event will be fired.
I’ve captured the policy event that was generated by the Azure platform and it is below – note how the fields correspond to our filters and the subject contains the affected resource id.
Now when I check the automation account I can see the job has been run and there are no errors in the runbook output which is a good sign…
Finally, when I log on to the server, I can see the application has installed…
The Guest Configuration service runs on its own timer, in turn it sends reports back to a guest assignment object. Azure Policy then performs its evaluation based on these objects so there is an inherent delay in a resource becoming compliant. However now that the extensions and software is installed eventually this resource will report back as compliant to the guest configuration object and finally the policy.
Well, there it is, a way to use Azure Policy and state change events to trigger automation and remediate guest configuration policies. You could use this to install multiple agents on your virtual machines without affecting existing DSC configurations or custom script extensions. As always some caveats with the testing: –
- My testing cases are small and in no way should reflect your own testing.
- This is hosted on GitHub – if there are issues or you make changes, please submit a PR for review.
Recent Comments