TLS 1.0 and 1.1 deprecation

by Scott Muniz | Aug 31, 2020 | Uncategorized

This article is contributed. See the original author and article here.

In the dazzling array of services among the Microsoft cloud offerings, the rollout of TLS 1.0/1.1 deprecations is not being done all at once. This has lead to some confusion and questions around which endpoints are dropping the older TLS support and when.

Here I want to provide some dates and times of the endpoints, along with some .NET code guidance on how to use the newer TLS protocol (1.2), with some more information on TLS across the Microsoft Cloud.

So to begin, here are some of the endpoints that we know of. 

If you are not sure about a particular endpoint, you can use this powershell to test the endpoint to see which versions of TLS it supports-

<#
Created by: whall
Date Created: 3/25/2020

Product Area Tags: Connectivity

Technology Tags: SSL TLS

Use Case: 
Shows which version(s) of TLS is supported for a URL

Description: 
When you run this, it checks each TLS type connection to see if it is supported.


Parameters:
-url this is the URL of the site you are testing against

Keywords: sockets secure https

Code Example Disclaimer:
Sample Code is provided for the purpose of illustration only and is not intended to be used in a production environment. THIS SAMPLE CODE AND ANY RELATED INFORMATION ARE PROVIDED 'AS IS'
-This is intended as a sample of how code might be written for a similar purpose and you will need to make changes to fit to your requirements. 
-This code has not been tested.  This code is also not to be considered best practices or prescriptive guidance.  
-No debugging or error handling has been implemented.
-It is highly recommended that you FULLY understand what this code is doing  and use this code at your own risk.

#>

#TLS check
param([Parameter(Mandatory=$true)][string]$url)

function TLSAvailable([string]$url){


    Write-Host =======================
    Write-Host $url
    Write-Host =======================
    
    [System.Net.ServicePointManager]::SecurityProtocol = "Tls"

    try{
    $resp1 = Invoke-WebRequest -uri $url -Method GET -DisableKeepAlive
    if($resp1.StatusCode -eq 200){
        Write-Host "TLS/SSL 1.0 supported" -ForegroundColor green
    }
    }catch {
        Write-Host "TLS/SSL 1.0 not supported" -ForegroundColor Red
        #$_.Exception
    }

    [System.Net.ServicePointManager]::SecurityProtocol = "Tls11"
    try{
    $resp2 = Invoke-WebRequest -uri $url -Method GET -DisableKeepAlive
    if($resp2.StatusCode -eq 200){
        Write-Host "TLS/SSL 1.1 supported" -ForegroundColor green
    }
    }catch {
            Write-Host "TLS/SSL 1.1 not supported" -ForegroundColor Red
            #$_.Exception
    }

    [System.Net.ServicePointManager]::SecurityProtocol = "Tls12"

    try{
    $resp3 = Invoke-WebRequest -uri $url -Method GET -DisableKeepAlive
    if($resp3.StatusCode -eq 200){
        Write-Host "TLS/SSL 1.2 supported" -ForegroundColor green
    }
    }catch{
            Write-Host "TLS/SSL 1.2 not supported" -ForegroundColor Red
            #$_.Exception
    }
    Write-Host =======================

}

TLSAvailable -url $url

Azure Web Application Services

If you are running a .NET web application in the Azure web application services, you can set the TLS level under the application settings as below-

.NET Framework Code

If you are compiling your code for .NET framework 4.7 (4.7.1 for WCF apps) or later, it will use the default TLS version for the OS.

If you complied to a previous .NET framework version, it will use older versions of TLS unless you apply the right patch, and use one of the following methods-

1. Set a registry setting to force all .NET code to use strong cryptography
2. Set a config setting for the app context overrides to use the strong cryptography
3. Add a line of code to change the TLS version used for HTTPS calls

Method 1 (System wide registry change)-

This enables something called strong cryptography which makes .NET use the strongest cryptography available currently. This affects all .NET applications with one registry change (per CLR version).

Enable strong cryptography for .NET CLR 4 versions (64 bit)-

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkv4.0.30319]

“SchUseStrongCrypto”=dword:00000001

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft.NETFrameworkv4.0.30319]

“SchUseStrongCrypto”=dword:00000001

Enable strong cryptography for .NET CLR 2 versions (64 bit)-

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoft.NETFrameworkv2.0.50727]

“SchUseStrongCrypto”=dword:00000001

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoft.NETFrameworkv2.0.50727]

“SchUseStrongCrypto”=dword:00000001

Method 2 (Config file change)-

Add the following to your .NET config file

<runtime>

<AppContextSwitchOverrides value=”Switch.System.Net.DontEnableSchUseStrongCrypto=false” />

</runtime>

Method 3 (Hardcoded in the application)-

Use this line of C# code in your application during the initialization so that all web calls will use the newer TLS 1.2 protocol-

System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;

If you are using PowerShell you can use the same object with this-

[System.Net.ServicePointManager]::SecurityProtocol = "Tls12"

More on these here-

https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls

Browser Support (Edge/Chrome/Edge legacy/IE/Firefox/Safari)

The following clients are known to be unable to use TLS 1.2. Update these clients to ensure uninterrupted access to the service.

• Android 4.3 and earlier versions
• Firefox version 5.0 and earlier versions
• Internet Explorer 8-10 on Windows 7 and earlier versions
• Internet Explorer 10 on Windows Phone 8
• Safari 6.0.4/OS X10.8.4 and earlier versions

Edge chromium disabled 1.0 and 1.1 around July 2020 (ver 84).

For all supported versions of Internet Explorer 11 and Microsoft Edge Legacy (EdgeHTML-based), TLS 1.0 and TLS 1.1 will be disabled by default as of September 8, 2020.

TLS 1.3

The next version of TLS is already implemented in some browsers, and is just around that corner, but as of yet should not be causing issues since TLS 1.2 is just getting to the lowest mandatory version.

More information

For more information on the patches for various products and more details to some of the .NET settings related to TLS please see the following articles.

Azure

https://azure.microsoft.com/en-us/updates/azuretls12/

https://azure.microsoft.com/en-us/updates/?query=TLS

Windows/.NET/SQL/SharePoint (on-Prem)

SQL-

https://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-server

SharePoint (this covers .NET/windows/SQL/browsers as well)-

https://docs.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/enable-tls-1-1-and-tls-1-2-support-in-sharepoint-server-2019

.NET 4.5-

https://docs.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/enable-tls-1-1-and-tls-1-2-support-in-sharepoint-server-2019#34—enable-strong-cryptography-in-net-framework-45-or-higher

.NET 3.5 update for TLS 1.1/1.2 support-

https://docs.microsoft.com/en-us/sharepoint/security-for-sharepoint-server/enable-tls-1-1-and-tls-1-2-support-in-sharepoint-server-2019#35—install-net-framework-35-update-for-tls-11-and-tls-12-support

.NET programming guidance-

https://docs.microsoft.com/en-us/dotnet/framework/network-programming/tls

[Guest Blog] My Microsoft Ignite Experience as a Humans of IT Student Ambassador

by Scott Muniz | Aug 31, 2020 | Uncategorized

This article is contributed. See the original author and article here.

This article was written by Microsoft Ignite 2020 Humans of IT student advisor Kiana Alikahedemi, a Computer Science PhD candidate at the University of Florida. Kiana was previously a Humans of IT student ambassador herself at Microsoft Ignite 2019 and is returning this year as a mentor to the incoming batch of new student ambassadors from five HBCUs. Kiana shares about her experience as a student ambassador, and excitement about this year’s Microsoft Ignite Humans of IT track. This is the third article in a series featuring this year’s Humans of IT student ambassadors and advisors.

 

Although I have been living and studying in the US for many years now, my childhood was spent growing up in the Middle East where there is a dire lack of diversity in the engineering workforce. Many women in my community do not earn degrees, falling victim to the belief that they can’t. I vividly remember how from a young age, I decided not to let this be my story. I was always interested in problem-solving and science concepts in school. My passion led me to choose Computer Science as a major. During my undergrad days, I consciously looked for mentors who were similarly passionate about tech and had experience in helping others build their careers. It didn’t stop at my bachelor’s degree. Shortly after, I was admitted into graduate school, which brought me closer to my dream job in the tech industry and academia.

 

A lack of diversity continues to be a prevalent issue in most regions – I, too, experienced a lot of bias and discrimination firsthand while in graduate school. Last year, my friend heard about the Humans of IT Student Ambassador program and nominated me as she knew my passion for diversity and equity. I decided to take the challenge and join the other students to promote inclusion in tech and adopt a “human-first” approach when it comes to technology. That’s how I first got involved with the Microsoft Humans of IT Community, which turned out as a valuable experience for me to connect with diverse and wonderful people in tech from all around the world, and celebrate our common humanity.

 

This is the team that helped me to shape one of the best experience I’ve ever had in tech:

 

 

During Microsoft Ignite, I participated in insightful and amazing talks. I had the pleasure to meet truly amazing and inspiring people such as Haben Girma, a Disability Rights Lawyer, Author, and Speaker, who I’ve always praised for her courage and persistence. I even got to talk to her in person during the conference, and received a signed copy of her book. It was truly the highlight of my entire week! 

 

 

 

It was incredible to meet a diverse set of people who, like me, had experienced the similar discrimination or bias in school, at work, or within their communities and simply wanted to belong in tech. Furthermore, it was also rewarding to meet people like Microsoft’s Bryce Johnson who mindfully considers diversity, accessibility and user needs in every stage of their work (If you don’t know him, just search his name you will be amazed. Hint: one of the biggest technologies he helped developed – the Xbox adaptive controller – is in the next picture!). 

 

 

 

The Microsoft Humans of IT community has taught me to be resilient and confident. All of the conversations and encounters made me feel like I was a part of a broader community with the vision to solve diversity issues and help empower all humans out there through technology. As a community, we will pave the way for others to realize that they are incredible humans who have earned their seat at the table and have valuable skills to offer. We pledge to use our technical skills for good, and to help solve challenging world issues. 

 

I took away all the inspirations from Microsoft Ignite 2019 with me and applied in every single decision or experience I had since. Naturally, when I heard that it was time for Microsoft Ignite 2020 (coming up in just 22 days!), I immediately put my hand up to be a student ambassador again. Not only did the Humans of IT Community welcome me back as a student ambassador, I even got the chance to become a student advisor to this year’s inspiring batch of students from Historically Black Colleges and Universities (HBCUs) to help mentor the next generation of technologists!

 

Amidst a global pandemic, this is an amazing opportunity to show up, be present and demonstrate how we can better understand the importance of community. I cannot wait to share lessons, challenges, and obstacles I encountered in these hard times with my Microsoft Ignite community. Together, we will overcome challenges and become #StrongerTogether.

 

#HumansofIT

#StudentAmbassador

#MicrosoftIgnite2020

Configuring Dynamic Send Ports for Office 365 Outlook

by Scott Muniz | Aug 31, 2020 | Uncategorized

This article is contributed. See the original author and article here.

BizTalk 2020 CU1 introduced support for dynamic send ports in the Office 365 Outlook adapters. In this post, we go over this improvement into more details.

Pre-requisites

Messages sent from a dynamic send port with transport type set to one of the Office 365 Outlook adapters require the UserTokenIdentifier context property. This identifier is created when the user signs in to Office 365, which is done in the transport properties of the Office 365 Outlook adapters as documented in Office 365 Outlook adapters in BizTalk.

Once a user is signed-in, the UserTokenIdentifier is retrieved from the bindings, as shown below, in the case of an exported Mail send port (placeholder nnnnnnnn-nnnn-nnnn-nnnnnnnnnnnn):

<SendPort Name="MailSendPort2" IsStatic="true" IsTwoWay="false" BindingOption="0" AnalyticsEnabled="false">
      <Description xsi:nil="true" />
      <TransmitPipeline 
           Name="Microsoft.BizTalk.DefaultPipelines.PassThruTransmit" 
           FullyQualifiedName="Microsoft.BizTalk.DefaultPipelines.PassThruTransmit, Microsoft.BizTalk.DefaultPipelines, Version=3.0.1.0, Culture=neutral,                     
               PublicKeyToken=31bf3856ad364e35" Type="2" TrackingOption="None" Description="" />
      <PrimaryTransport>
        <Address>O365Mail://BizTalkTestAccount1@outlook.com</Address>
        <TransportType Name="Office365 Outlook Email" Capabilities="11" ConfigurationClsid="48b96e09-bd96-4f46-95ef-57accc55f23d" />
        <TransportTypeData>&lt;CustomProps&gt;&lt;DefaultCC vt="8" /&gt;&lt;UserTokenIdentifier vt="8"&gt;nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn&lt;/UserTokenIdentifier&gt;&lt;FileAttachments vt="8" /&gt;&lt;DefaultTo vt="8"&gt;BizTalkTestAccount2@outlook.com&lt;/DefaultTo&gt;&lt;EmailAddress vt="8"&gt;BizTalkTestAccount1@outlook.com&lt;/EmailAddress&gt;&lt;AttachBizTalkMessageParts vt="11"&gt;0&lt;/AttachBizTalkMessageParts&gt;&lt;DefaultSubject vt="8"&gt;Hi from BizTalkTestAccount1&lt;/DefaultSubject&gt;&lt;DefaultImportance vt="8"&gt;Normal&lt;/DefaultImportance&gt;&lt;/CustomProps&gt;</TransportTypeData>

Note that the UserTokenIdentifier is tied to a signed-in account and a transport type.  A static send port needs to be created for each Office 365 transport type in order to get an identifier for each. For a given sign-in, the value of the UserTokenIdentifier may be the same for all Office 365 transport types, but static send ports need to be created for each transport type nonetheless.

Other important points to be aware of:

• Static send ports can be deleted afterwards. They are not needed once the UserTokenIdentifiers are known.
• UserTokenIdentifiers remain valid regardless of whether a dynamic or static send port exists or not, and after port deletions.
• The same UserTokenIdentifier can be used by multiple ports.

Scenario

The demo scenario is based on a simple orchestration:

Received messages follow the schema:

<ns0:Root xmlns:ns0="http://DynamicO365SendPort.ReceiveSchema">
    <UserTokenIdentifier>nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn</UserTokenIdentifier>
    <PortType>Office365 Outlook Email</PortType>
    <PortAddress>BizTalkAccount1@outlook.com</PortAddress>
    <To>BizTalkAccount2@outlook.com</To>
    <Subject>Hello</Subject>
    <Payload><![CDATA[<?xml version="1.0" encoding="utf-8"?><EmailBody>body</EmailBody>]]></Payload>
</ns0:Root>

<ns0:Root xmlns:ns0="http://DynamicO365SendPort.ReceiveSchema">
    <UserTokenIdentifier>nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn</UserTokenIdentifier>
    <PortType>Office365 Outlook Calendar</PortType>
    <PortAddress>BizTalkAccount1@outlook.com</PortAddress>
    <To>BizTalkAccount2@outlook.com</To>
    <Subject>Hello</Subject>
    <Calendar>Calendar</Calendar>
    <Payload>
        <![CDATA[
            <ns0:Event xmlns:ns0="http://schemas.microsoft.com/BizTalk/Office365OutlookCalendar/Send">
                <subject>Let's meet</subject>
                <body><content>Info for the upcoming meeting</content></body>
                <start><dateTime>2020-06-25</dateTime><timeZone>Pacific Standard Time</timeZone></start>
                <end><dateTime>2020-06-25</dateTime><timeZone>Pacific Standard Time</timeZone></end>
                <attendees>
                    <emailAddress><address>BizTalkAccount2@outlook.com</address><name>BizTalkAccount2</name></emailAddress>
                </attendees>
           </ns0:Event>
        ]]>
    </Payload>
</ns0:Root>

<ns0:Root xmlns:ns0="http://DynamicO365SendPort.ReceiveSchema">
    <UserTokenIdentifier>nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn</UserTokenIdentifier>
    <PortType>Office365 Outlook Contact</PortType>
    <PortAddress>BizTalkAccount1@outlook.com</PortAddress>
    <To>BizTalkAccount2@outlook.com</To>
    <Subject>Hello</Subject>
    <Payload>
        <![CDATA[
            <ns0:Contact xmlns:ns0="http://schemas.microsoft.com/BizTalk/Office365OutlookContacts/Send">
                <displayName>displayName_3</displayName>
                more contact fields
           </ns0:Contact>
        ]]>
    </Payload>
</ns0:Root>

XMLMessage = new System.Xml.XmlDocument();

// Payload from the CDATA section of received messages
XMLMessage.LoadXml(ReceivedMessage.Payload);

// Token identifier (required)
XMLMessage(OfficeMail.UserTokenIdentifier) = ReceivedMessage.UserTokenIdentifier; 
XMLMessage(OfficeCalendar.UserTokenIdentifier) = ReceivedMessage.UserTokenIdentifier;
XMLMessage(OfficeContact.UserTokenIdentifier) = ReceivedMessage.UserTokenIdentifier;

// Transport type (required)
SendPort(Microsoft.XLANGs.BaseTypes.TransportType) = ReceivedMessage.PortType;

// Port address
SendPort(Microsoft.XLANGs.BaseTypes.Address) = PortAddress; // Generated in separate expression.

// Additional fields for Mail transport type
XMLMessage(OfficeMail.To) = ReceivedMessage.To;
XMLMessage(OfficeMail.Subject) = ReceivedMessage.Subject;

if (ReceivedMessage.PortType == "Office365 Outlook Email")
{
    PortAddress = "O365Mail://" + ReceivedMessage.PortAddress;
}
else if (ReceivedMessage.PortType == "Office365 Outlook Calendar")
{
    PortAddress = "O365Calendar://" + ReceivedMessage.PortAddress + "/MyCalendars/" + ReceivedMessage.Calendar;
}
else if (ReceivedMessage.PortType == "Office365 Outlook Contact")
{
    PortAddress = "O365Contact://" + ReceivedMessage.PortAddress;
}

Configuring Dynamic Send Ports for Office 365 Outlook Adapters

by Scott Muniz | Aug 31, 2020 | Uncategorized

This article is contributed. See the original author and article here.

BizTalk 2020 CU1 introduced support for dynamic send ports in the Office 365 Outlook adapters. In this post, we go over this improvement into more details.

Pre-requisites

Messages sent from a dynamic send port with transport type set to one of the Office 365 Outlook adapters require the UserTokenIdentifier context property. This identifier is created when the user signs in to Office 365, which is done in the transport properties of the Office 365 Outlook adapters as documented in Office 365 Outlook adapters in BizTalk.

Once a user is signed-in, the UserTokenIdentifier is retrieved from the bindings, as shown below, in the case of an exported Mail send port (placeholder nnnnnnnn-nnnn-nnnn-nnnnnnnnnnnn):

<SendPort Name="MailSendPort2" IsStatic="true" IsTwoWay="false" BindingOption="0" AnalyticsEnabled="false">
      <Description xsi:nil="true" />
      <TransmitPipeline 
           Name="Microsoft.BizTalk.DefaultPipelines.PassThruTransmit" 
           FullyQualifiedName="Microsoft.BizTalk.DefaultPipelines.PassThruTransmit, Microsoft.BizTalk.DefaultPipelines, Version=3.0.1.0, Culture=neutral,                     
               PublicKeyToken=31bf3856ad364e35" Type="2" TrackingOption="None" Description="" />
      <PrimaryTransport>
        <Address>O365Mail://BizTalkTestAccount1@outlook.com</Address>
        <TransportType Name="Office365 Outlook Email" Capabilities="11" ConfigurationClsid="48b96e09-bd96-4f46-95ef-57accc55f23d" />
        <TransportTypeData>&lt;CustomProps&gt;&lt;DefaultCC vt="8" /&gt;&lt;UserTokenIdentifier vt="8"&gt;nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn&lt;/UserTokenIdentifier&gt;&lt;FileAttachments vt="8" /&gt;&lt;DefaultTo vt="8"&gt;BizTalkTestAccount2@outlook.com&lt;/DefaultTo&gt;&lt;EmailAddress vt="8"&gt;BizTalkTestAccount1@outlook.com&lt;/EmailAddress&gt;&lt;AttachBizTalkMessageParts vt="11"&gt;0&lt;/AttachBizTalkMessageParts&gt;&lt;DefaultSubject vt="8"&gt;Hi from BizTalkTestAccount1&lt;/DefaultSubject&gt;&lt;DefaultImportance vt="8"&gt;Normal&lt;/DefaultImportance&gt;&lt;/CustomProps&gt;</TransportTypeData>

Note that the UserTokenIdentifier is tied to a signed-in account and a transport type.  A static send port needs to be created for each Office 365 transport type in order to get an identifier for each. For a given sign-in, the value of the UserTokenIdentifier may be the same for all Office 365 transport types, but static send ports need to be created for each transport type nonetheless.

Other important points to be aware of:

• Static send ports can be deleted afterwards. They are not needed once the UserTokenIdentifiers are known.
• UserTokenIdentifiers remain valid regardless of whether a dynamic or static send port exists or not, and after port deletions.
• The same UserTokenIdentifier can be used by multiple ports.

Scenario

The demo scenario is based on a simple orchestration:

Received messages follow the schema:

<ns0:Root xmlns:ns0="http://DynamicO365SendPort.ReceiveSchema">
    <UserTokenIdentifier>nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn</UserTokenIdentifier>
    <PortType>Office365 Outlook Email</PortType>
    <PortAddress>BizTalkAccount1@outlook.com</PortAddress>
    <To>BizTalkAccount2@outlook.com</To>
    <Subject>Hello</Subject>
    <Payload><![CDATA[<?xml version="1.0" encoding="utf-8"?><EmailBody>body</EmailBody>]]></Payload>
</ns0:Root>

<ns0:Root xmlns:ns0="http://DynamicO365SendPort.ReceiveSchema">
    <UserTokenIdentifier>nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn</UserTokenIdentifier>
    <PortType>Office365 Outlook Calendar</PortType>
    <PortAddress>BizTalkAccount1@outlook.com</PortAddress>
    <To>BizTalkAccount2@outlook.com</To>
    <Subject>Hello</Subject>
    <Calendar>Calendar</Calendar>
    <Payload>
        <![CDATA[
            <ns0:Event xmlns:ns0="http://schemas.microsoft.com/BizTalk/Office365OutlookCalendar/Send">
                <subject>Let's meet</subject>
                <body><content>Info for the upcoming meeting</content></body>
                <start><dateTime>2020-06-25</dateTime><timeZone>Pacific Standard Time</timeZone></start>
                <end><dateTime>2020-06-25</dateTime><timeZone>Pacific Standard Time</timeZone></end>
                <attendees>
                    <emailAddress><address>BizTalkAccount2@outlook.com</address><name>BizTalkAccount2</name></emailAddress>
                </attendees>
           </ns0:Event>
        ]]>
    </Payload>
</ns0:Root>

<ns0:Root xmlns:ns0="http://DynamicO365SendPort.ReceiveSchema">
    <UserTokenIdentifier>nnnnnnnn-nnnn-nnnn-nnnn-nnnnnnnnnnnn</UserTokenIdentifier>
    <PortType>Office365 Outlook Contact</PortType>
    <PortAddress>BizTalkAccount1@outlook.com</PortAddress>
    <To>BizTalkAccount2@outlook.com</To>
    <Subject>Hello</Subject>
    <Payload>
        <![CDATA[
            <ns0:Contact xmlns:ns0="http://schemas.microsoft.com/BizTalk/Office365OutlookContacts/Send">
                <displayName>displayName_3</displayName>
                more contact fields
           </ns0:Contact>
        ]]>
    </Payload>
</ns0:Root>

XMLMessage = new System.Xml.XmlDocument();

// Payload from the CDATA section of received messages
XMLMessage.LoadXml(ReceivedMessage.Payload);

// Token identifier (required)
XMLMessage(OfficeMail.UserTokenIdentifier) = ReceivedMessage.UserTokenIdentifier; 
XMLMessage(OfficeCalendar.UserTokenIdentifier) = ReceivedMessage.UserTokenIdentifier;
XMLMessage(OfficeContact.UserTokenIdentifier) = ReceivedMessage.UserTokenIdentifier;

// Transport type (required)
SendPort(Microsoft.XLANGs.BaseTypes.TransportType) = ReceivedMessage.PortType;

// Port address
SendPort(Microsoft.XLANGs.BaseTypes.Address) = PortAddress; // Generated in separate expression.

// Additional fields for Mail transport type
XMLMessage(OfficeMail.To) = ReceivedMessage.To;
XMLMessage(OfficeMail.Subject) = ReceivedMessage.Subject;

if (ReceivedMessage.PortType == "Office365 Outlook Email")
{
    PortAddress = "O365Mail://" + ReceivedMessage.PortAddress;
}
else if (ReceivedMessage.PortType == "Office365 Outlook Calendar")
{
    PortAddress = "O365Calendar://" + ReceivedMessage.PortAddress + "/MyCalendars/" + ReceivedMessage.Calendar;
}
else if (ReceivedMessage.PortType == "Office365 Outlook Contact")
{
    PortAddress = "O365Contact://" + ReceivedMessage.PortAddress;
}

August in HLS: Virtual Tours, Collaboration Security, Data Strategy, Stream, and AI in Health

by Scott Muniz | Aug 31, 2020 | Uncategorized

This article is contributed. See the original author and article here.

Can you believe that it’s already the end of August? Check out the Healthcare and Life Science blog’s monthly wrap-up below:

HLS “Show Me How” Posts:

• 360′ Virtual Tours – Michael Gannotti, Principal Microsoft Teams Technical Specialist: In today’s fast-paced and virtual working environments, employee onboarding and facility training are two areas in which many of our organizations are struggling. These videos focus on the creation of immersive tours and training using SharePoint Spaces, in particular the 360′ Tour.
  • Part 1: Find out how to set up a rich employee onboarding environment, how to enable SharePoint Spaces, and more.
  • Part 2: Learn how to create easy user access to the space using SharePoint Online Navigation and its direct integration into Microsoft Teams.
• Did You Know? Tips for Word – Michael Gannotti, Principal Microsoft Teams Technical Specialist: When you think of Microsoft word, do you think of any of the following: researcher, ink-to-shape, dictate, inspect doc, check accessibility, transform, translate, read aloud, or add-files-from? Mike highlights these cutting edge productivity capabilities and more in this video.

Upcoming Webcasts and Events:

• How To Ensure Collaboration Security in Microsoft Teams: Do you want to ensure security for your users as they collaborate in Microsoft Teams? Join us for our next CollabCast with Microsoft’s Technical Specialist Sam Brown on Wednesday, September 30th at 12 Noon EST, where we are bringing in speakers Scott Gode and Brandon Long from our trusted partner Unify Square. They will dive in beyond the basic native Teams governance with third party specialty tools. Check out the event details here.
• Free Virtual Workshop – Data Strategy for Healthcare Systems: Interesting in learning more about planning and implementing a successful data strategy using Microsoft tools? Microsoft’s Senior Technical Specialist Greg Beaumont wants you to be aware of a free virtual workshop from Tail Wind Informatics, focusing on Healthcare Data Strategy and Analytics. Click here for registration and more information.

Industry Expert Posts:

• Confessions of Health Geeks Podcasts
• Did you know Microsoft has the coolest internships?: Get a glimpse into the Healthcare and Life Sciences industry team with Param Mahajan, who spent three months of his summer as an intern on the Microsoft Team. Claire Bonaci, Microsoft’s Director of Business Development in Health and Life Sciences, interviews Param to learn more.
• Year of the Nurse and Midwife 2020: The World Health Organization designated 2020 as the Year of the Nurse and Midwife to raise awareness of nurses and midwives’ significant and varied roles in healthcare.
• AI in Health Care: Leading Through Change: Listen as Microsoft’s Chief Nursing Officer Molly McCarthy talks with Dr. Robyn Begley, the Chief Nursing Officer for the American Hospital Association and the Chief Executive Officer of the American Organization for Nursing Leadership.
• Calling all white hat hackers: Tune in to hear Microsoft’s Customer Success CSA Manager Jeff Fatic, Principal Cloud Solution Architect Jeff Luna and Chief Nursing Informatics Officer Kathleen McGrow talk through the importance of having nurses and clinicians involved in hackathons and creating innovative solutions to everyday problems. 

   

Resources:

• Microsoft Security Matters Newsletter – July 2020 – Jeremy Windmiller, Enterprise Security Architect: Jeremy has been providing a newsletter to customers that consolidates resources for Microsoft Security Products and Services. Check out the July newsletter.
• Microsoft 365 Stream Resources for Administration and Security – Michael Gannotti, Principal Microsoft Teams Technical Specialist: After a great conversation with a progressive healthcare customer, Mike put together a list of resources regarding Stream architecture, administration and security and compliance here.

August’s HLS Blog Contributors:

Claire Bonaci, Director, Business Development, Health and Life Sciences

Michael Gannotti, Principal Technical Specialist, Microsoft Teams

Jeremy Windmiller, Microsoft Senior Technical Specialist, Security and Compliance

Greg Beaumount, Senior Technical Specialist, Microsoft Teams

Thanks for reading and let us know how else our Microsoft team can help!

Sam Brown, Technical Specialist, Microsoft Teams

SharePoint Roadmap Pitstop: August 2020

by Scott Muniz | Aug 31, 2020 | Uncategorized

This article is contributed. See the original author and article here.

August welcomed some nice innovation, some to help get back to school, some to help you stay more informed, plus new ways to keep sharing and stay better connected.

This month brought: SharePoint site templates for Education, our timeline and support for the retiring of SharePoint 2010 Workflows, how to access Visio as a tab within Teams channels, sharing of moved files, and more. Details & screenshots below, including our audible companion: The Intrazone Roadmap Pitstop: August 2020 podcast episode – all to help answer, “What’s rolling out now for SharePoint and related technologies into Microsoft 365?”

In the podcast episode, I chat with Lincoln DeMaris (LinkedIn | Twitter), principal program manager at Microsoft who works on Microsoft Lists. We talked about the state of the Lists roll out, how it evolves from what we know as SharePoint lists, some of the early feedback, and tackle some of the most common frequently asked questions about Microsoft Lists.

Lincoln DeMaris, principal program manager (Microsoft Lists / Microsoft) [Intrazone guest]

All features listed below began rolling out to Targeted Release customers in Microsoft 365 as of August 2020 (possibly early September 2020).

Inform and engage with dynamic employee experiences

Build your intelligent intranet on SharePoint in Microsoft 365 and get the benefits of investing in business outcomes – reducing IT and development costs, increasing business speed and agility, and up-leveling the dynamic, personalized, and welcoming nature of your intranet.

SharePoint site templates for Education

These are for schools and universities, made available via the Microsoft Look Book. Each brings together news, events, highlighted content, quick links and more, pre-configured and designed with a specific scope and audience for a variety of Education scenarios.

SharePoint site template: “School home page” – across several screen sizes.

Here is a quick highlight of each of the four templates:  

• School home page: a central, institution-wide landing experience for students and staff to showcase the latest happenings and important resources.
• Staff home page: a dashboard for staff members with time-saving links, documents, and calls-to-action. It’s designed to be used with a Staff team or a Professional Learning Community (PLC) team in *Microsoft Teams for Education*
• Class home page: this is a dashboard for a class with resources, updates, and learning content, and designed to be used with a Class team in *Microsoft Teams for Education*
• Learn more.

Azure CDN caching for SharePoint and OneDrive video

We are pleased to introduce improved support for videos; aka, better streaming performance for videos you store in SharePoint and OneDrive. Videos that are accesses often will be streamed from the Azure CDN closest to the user to optimize the playback experience. At all times data will remain within the Microsoft 365 compliance boundary.

This is a great area for growth that also paves the way for future innovation. Stay tuned to this space.

• Roadmap ID: 66065. 
• Learn more about CDNs

Retiring SharePoint 2010 Workflows

Since the release of SharePoint workflows, Microsoft has evolved workflow orchestration to not only encompass SharePoint, but all the productivity services you use with Microsoft 365 and beyond. With the continued investment in Power Automate as the universal solution to workflow, Microsoft is retiring SharePoint 2010 workflows. We recommend customers to move to Power Automate or other supported solutions.

Timeline:

• Starting August 1st, 2020, SharePoint 2010 workflows will be turned off for any newly created tenants.
• Starting November 1st, 2020, Microsoft will remove the ability to run, or create, and or execute SharePoint 2010 workflows from existing tenants.

Planning to move from classic SharePoint Workflows to Power Automate flows.

Note: SharePoint 2013 workflows remain supported, although turned off by default for new tenants starting November 1st, 2020.

Resources:  

• Use the SharePoint Modernization Scanner tool to scan your tenants for legacy workflow usage. 
• Review the guidance for migrating from classic workflows to Power Automate flows.  
• Review the Power Automate resources as a solution to legacy workflows. 
• Support update for the retirement of SharePoint 2010 workflows in Microsoft 365.  
• Detailed support article and with additional resources.  
• Related to Microsoft 365 admin center message post #MC217999.

Download SharePoint site usage data in Excel

Site owners, from the Site usage page, will be able to export their site’s 90-day usage data in an Excel report. You can then build out a process that works for you per your preferences or governance requirements, to download the data on a recurring basis and build out the analysis you desire in Excel, or take it beyond and visualize the data in Power BI.

View information about how users interact with your site. Export the 90-days site usage data in an Excel file by going to the download button (downward facing arrow) on the upper-right corner of the Site usage page.

• Learn more.
• Roadmap ID: 66395

Abd to round out this section, two recent summary blogs for admins managing their intranet; both add a little context across several recent updates:

1. “Migrate your content into Microsoft 365” [8/24/20]: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/migrate-your-content-into-microsoft-365/ba-p/1604587
2. “Agile IT management of your SharePoint-powered intelligent intranet” [8/26/20]: https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/agile-it-management-of-your-sharepoint-powered-intelligent/ba-p/1604914

Teamwork updates across SharePoint team sites, OneDrive, and Microsoft Teams

Microsoft 365 is designed to be a universal toolkit for teamwork – to give you the right tools for the right task, along with common services to help you seamlessly work across applications. SharePoint is the intelligent content service that powers teamwork – to better collaborate on proposals, projects, and campaigns throughout your organization – with integration across Microsoft Teams, OneDrive, Yammer, Stream, Planner and much more.

Updating the list and list item sharing experience

Site owners, members and visitors will now see a Share command when they are viewing a list, even when they do not have any list item selected. Site owners will be able to grant other users access to the list and can specify whether to give View-only, Edit, or Full Control permissions to the list. Other users (e.g. site members and visitors) cannot directly grant other users access to the list, but they can use the dialog to send an approval request to site owners if the site is set up to allow access requests (enabled by default).

Sharing lists and list items, so that you can decide whether to let people edit or just view them, and whether the people you share with can share with others.

This update also brings sharing links to list items. When users select a list item and click Share, they will see the same Send Link sharing dialog that exists today with new options. Specifically, the “People in your organization with the link” and “Anyone with the link” options will be available based on the policy that your organization has configured.

All the sharing policies you have configured for files will apply to list items. For example, if you have set “People in your organization with the link” as the default link type then that will also apply to list items. Similarly, if you have disabled or restricted “Anyone links” then those will also be disabled or restricted when users are sharing list items.

• Roadmap ID: 64164.
• Learn more: Share lists and list items in SharePoint

SharePoint lists and libraries – improved image columns

It is much easier now to work with images in lists and libraries. Once an Image column is added to a list or library, users can add an image using the list or library form. They, too, can view, replace, or remove the image when viewing the item or file properties in the form. When users are browsing the list on a mobile device, they will be able to upload an image – including taking a photo with the device’s camera.

Add an image to a list items using the improved Image column capabilities.

• Learn more: List and library column types and options. 
• Roadmap ID: 64872.

Move files, and keep sharing

Collaboration requires the flow of work access to go unbroken. When you move a file to a new location in Microsoft 365, you will have the option to continue sharing the file from its new destination. A simple pop-up to confirm and keep moving forward.

When you move a file to a new location in Microsoft 365, you will have the option to continue sharing the file from its new destination.

The new link match permissions just like the source location and we send your collaborators an e-mail that notifies them that the file has been moved.

Learn more:

• Introducing new OneDrive features to share and collaborate across work and life
• Move or copy files in SharePoint
• Move and keep sharing is a new feature that allows your end users to easily re-share a file with all the direct collaborators (e.g., the users who had previously received a share for that file) should it be moved.
• Roadmap ID: 65907. 

Related technology

Yammer discovery feed

One superpower of Yammer is discovery – discovering new communities and new conversations that help broaden your perspective. This is the place for you to catch up on conversations happening in the communities you belong to.

Use the Yammer discovery feed to discover new communities and new conversations.

Note for admins: you can select specific conversations to be *Featured Conversations* for a specific date. These conversations will be highlighted at the top of the Home Feed for everyone, until they have been read by the user or the time passes, and new content gets highlighted.

• Learn more, plus new support article: feed in Yammer.
• Roadmap ID: 59319.

Access Visio directly from a tab within Teams channels

As part of our commitment to make collaborating on Visio diagrams within Teams seamless, we have added the ability to have “Visio as a tab.” This brings co-authoring on a diagram in real time.

Visio tabs in Teams allow team members to access services and content in a dedicated space within a channel or in a chat.

You can keep important processes at your fingertips – like giving your sales team a way to visualize specific steps to solve customer questions and concerns. Or simplify brainstorming on business diagrams like SWOT analysis, Venn diagrams, pyramid diagrams.

• Learn more: Visio tabs in Teams allow team members to quickly access content in a dedicated space within a channel or in a chat.
• Roadmap ID: 20886.

Microsoft 365 Network Connectivity Principles

Connectivity is one of the most critical decisions that customers should make to achieve best performance and delightful user experiences. We fine tune the Microsoft 365 for optimal features and connectivity, and there are several things you can do to optimize your network.

Microsoft has developed four *Network Connectivity* principles to help customers evaluate their existing network architectures and prepare or optimize readiness for Microsoft 365 – with security and privacy firmly intact. 

The 4 principles:

1. Optimize Microsoft 365 traffic from our endpoint and differentiate it from generic Internet traffic for more efficient routing.
2. Enable local egress | Egress Microsoft 365 data connections through the Internet as close to your users as practical with matching DNS resolution.
3. Enable direct connectivity | Avoid network hairpins and minimize network latency to Microsoft’s global network.
4. Modernize security for SaaS | Avoid intrusive network security by bypassing proxies, traffic inspection devices, and avoid duplicating security controls already available in Microsoft 365.

• Learn more + https://aka.ms/tune –> “Network planning and performance tuning for Microsoft 365”

And last, did you see OneDrive on the Surface Duo?

Panos Panay looking at photos in OneDrive: https://youtu.be/R1CNwBzYqRs?t=568 – spanning OneDrive on two screens and staying in the flow.

Scroll through your OneDrive photo library on one screen, while viewing your selected photo on the other.

September 2020 teasers

Psst, still here? Still scrolling the page looking for the rolled out goodness? If so, here is a few teasers of what’s to come to production next month…

• Teaser #1: New *Integrate* menu for Microsoft Lists [Roadmap ID: 64869] 
• Teaser #2: Manage how long guests can access SharePoint and OneDrive [Roadmap ID: 43797]

… shhh, tell everyone.

Helpful, ongoing change management resources

• “Stay on top of Office 365 changes“
• “Message center in Office 365“
• Install the Office 365 admin app; view Message Center posts and stay current with push notifications.
• Microsoft 365 public roadmap + pre-filtered URL for SharePoint, OneDrive, Yammer and Stream roadmap items.

• SharePoint Facebook | Twitter | SharePoint Community Blog | UserVoice
• OneDrive Facebook | Twitter | OneDrive Community Blog | UserVoice

• Follow me to catch news and interesting SharePoint things: @mkashman; warning, occasional bad puns may fly in a tweet or two here and there.

Thanks for tuning in and/or reading this episode/blog of the Intrazone Roadmap Pitstop – August 2020 (blog/podcast). We are open to your feedback in comments below to hear how both the Roadmap Pitstop podcast episodes and blogs can be improved over time.

Engage with us. Ask questions. Push us where you want and need to get the best information and insights. We are here to put both our and your best change management foot forward.

Stay safe out there on the road’map, and thanks for listening and reading.

Cheers and thanks,

Mark Kashman – senior product manager (SharePoint/Lists) | Microsoft)

The Intrazone Roadmap Pitstop – August 2020 graphic showing some of the highlighted release features.

ADF adds Snowflake support in Mapping Data Flow

by Scott Muniz | Aug 31, 2020 | Uncategorized

This article is contributed. See the original author and article here.

Azure Data Factory now enables Snowflake connector in Mapping Data Flow to expand Snowflake data integration support. You can read data directly from Snowflake for analysis, or write transformed data into Snowflake for seamless ETL. For other Snowflake data integration support in ADF, refer to the earlier blog.

For example, when using Snowflake as a source in data flows, you are able to pull your data from a table or via custom query, then apply data transformations or join with other data.

Additionally, when using Snowflake as a sink, you can perform inserts, updates, deletes, and upserts so as to publish the analytics result set into the warehouse.

You can point to Snowflake data using either a Snowflake dataset or an inline dataset.

Learn more about Snowflake support in Azure Data Factory from Snowflake connector documentation.