こんにちは、Office サポートの佐村です。
本記事では、Office 365 ProPlus や、MSDN で提供している C2R インストーラー形式の Office をインストールした後、
特定のレジストリの「アクセス許可」を参照すると警告が表示される現象についてご案内いたします。

現象
64 bit の OS に C2R インストーラー形式の Office をインストールした後、以下の操作を行うと警告が表示されます。
1. レジストリエディターを起動します。
2. 以下のキーまで移動します。
キー : HKEY_LOCAL_MACHINESOFTWAREWOW6432Node
3. 新しいキーを作成します。(例 : test)
4. 作成したキー上で右クリックし 「アクセス許可」 を選択します。
5. 以下の警告が表示されます。

原因
本現象は C2R インストーラー形式で採用している App-V の問題であることを確認しております。

対処方法
警告表示後、「並べ替え」ボタンをクリックしていただくことで、アクセス許可を変更することが可能です。
「キャンセル」ボタンをクリックした場合は、読み取り専用で開かれます。

この対処後はそのキーについては以後の警告が表示されませんが、新しく別のキーを作成 (例 : test2) した場合は、
別のキー (test2) のアクセス許可を参照する際に同じ警告が表示されます。

調査状況
本現象については、現在弊社にて調査中となります。

参考
タイトル : クイック実行形式 (C2R) と Windows インストーラー形式 (MSI) を見分ける方法

URL : https://blogs.technet.microsoft.com/officesupportjp/2016/09/08/howto_c2r_or_msi/

本情報の内容 (添付文書、リンク先などを含む) は、作成日時点でのものであり、予告なく変更される場合があります。

This post is a contribution from Jing Wang, an engineer with the SharePoint Developer Support team

One of our customers had a requirement to hide the App Launcher in On-premise SharePoint 2016 farm. The requirement is to make this happen on all sites in the farm, including existing sites and new sites.
This blog demonstrates how to hide the App Launcher across the farm using a Delegate Control.

Finding the control ID to hide

First, let us use IE developer tool to find the id of the html element of the App Launcher.

We can see that the id for the html button for the App Launcher is O365_MainLink_NavMenu. We can use CSS to hide this control.

Implementing the delegate control

We need to implement a custom user control and register it for the out of the box delegate control "AdditionalPageHead".

The Delegate Control “AdditionalPageHead” is used in the out of the box master pages, for example, seattle.master and oslo.master.

<asp:ContentPlaceHolder id="PlaceHolderAdditionalPageHead" runat="server" />
<SharePoint:DelegateControl runat="server" ControlId="AdditionalPageHead"
AllowMultipleControls="true" />
<asp:ContentPlaceHolder id="PlaceHolderBodyAreaClass" Visible="true" runat="server" />

Below is the detailed steps of implementation and deployment:

Step 1

• Create a new SharePoint 2016 - Empty Solution
• In solution Explorer, select the newly created project , right click on it, Add - New Item - select "User Control", name it as "UserConrol_HideApplauncher".
• There will be a folder generated under ControlTemplates, folder name took after the project name "hideApplauncher", inside there is the template file "UserConrol_HideApplauncher.ascx:
  The Default content is in the ascx file will be as below

<%@ Assembly Name="$SharePoint.Project.AssemblyFullName$" %>
<%@ Assembly Name="Microsoft.Web.CommandUI, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Register Tagprefix="SharePoint" Namespace="Microsoft.SharePoint.WebControls" Assembly="Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Register Tagprefix="Utilities" Namespace="Microsoft.SharePoint.Utilities" Assembly="Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Register Tagprefix="asp" Namespace="System.Web.UI" Assembly="System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" %>
<%@ Import Namespace="Microsoft.SharePoint" %>
<%@ Register Tagprefix="WebPartPages" Namespace="Microsoft.SharePoint.WebPartPages" Assembly="Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" %>
<%@ Control Language="C#" AutoEventWireup="true" CodeBehind="UserControl_HideAppLauncher.ascx.cs" Inherits="hideAppLauncher.ControlTemplates.hideAppLauncher.UserControl_HideAppLauncher" %>

• Add this style to end of the file and save the file.

<style>
#O365_MainLink_NavMenu{display:none;}
</style>

Step 2

• Add an Empty Element to the project and use it to register above newly created User Control for OOB Delegate Control with Id "AdditionalPageHead". Please note that it is important to add an Empty Element file instead of a Module from the new Project item dialog else you will face issues when changing the scope of the feature to Farm.
• Right click on the Project in Solution Explorer, Add New Item, choose "Empty Element", name it as "SetDelegateControl".
• The newly generated element's default Elements.xml has below content.

<?xml version="1.0" encoding="utf-8"?>
<Elements xmlns="http://schemas.microsoft.com/sharepoint/">
</Elements>

• Add this inside the Elements tag:
  

<Control Id="AdditionalPageHead" Sequence="1000" ControlSrc="~/_controltemplates/15/hideApplauncher2/UserControl_hideApplauncher.ascx" />

• The final xml should look as below
  

<?xml version="1.0" encoding="utf-8"?>
<Elements xmlns="http://schemas.microsoft.com/sharepoint/">
<Control Id="AdditionalPageHead" Sequence="1000" ControlSrc="~/_controltemplates/15/hideApplauncher/UserControl_hideApplauncher.ascx" />
</Elements>

Testing the Delegate Control
Adding an empty element will cause a new Feature to be added to the Features folder in the project automatically. This feature will include the above Element "SetDelegateControl".

Do F5 test for this solution now, make sure it does hide the App Launcher on the site where the feature is activated.

Deploying the feature as Farm scoped feature

By default the feature for the delegate control is scoped as Web. Hence the App Launcher will be hidden only on the web where the feature has been activated. To hide the App Launcher on all the sites across the SharePoint Farm we can deploy the feature as a Farm scoped feature.

Retract the deployed solution from the SharePoint Farm. 

Go to the Project, select the Feature, change the Feature Scope from default “Web” to “Farm”, and verify the manifest file on second Tab.

Build and publish the solution to hideApplauncher.wsp file.

Then add the solution package to SharePoint farm with SharePoint powershell command -
add-spsolution

Deploy the solution in Central Administration - System Settings - Manage farm solutions,
select the newly added solution and Deploy it.

You will see the Applauncher disappear right away, even for the Central Admin site

With this solution, farm administrator only needs to deploy one farm solution and manage one farm feature.
You can turn the Farm feature off to unhide the App Launcher.

Also, you can switch the Feature scope to other levels, like Site or Web Application as your business requirement needs.

Друзья, подключайтесь к онлайн-трансляции ключевого форума Microsoft в России "Платформа цифрового бизнеса"!

Смотреть!

Hello All,

Saw this and thought everybody might find this of interest.

https://azure.microsoft.com/en-us/blog/a-technical-overview-of-azure-databricks

“Enter Databricks. Founded by the team that started the Spark project in 2013, Databricks provides an end-to-end, managed Apache Spark platform optimized for the cloud. Featuring one-click deployment, autoscaling, and an optimized Databricks Runtime that can improve the performance of Spark jobs in the cloud by 10-100x, Databricks makes it simple and cost-efficient to run large-scale Spark workloads. Moreover, Databricks includes an interactive notebook environment, monitoring tools, and security controls that make it easy to leverage Spark in enterprises with thousands of users.

“Remember the jump in productivity when documents became truly multi-editable? Why can’t we have that for data engineering and data science?” 

“We are integrating Azure Databricks closely with all features of the Azure platform in order to provide the best of the platform to users.

Check out the video.

Pax

Rádi bychom Vás pozvali na novou sérii technických seminářů zaměřených na technologie Microsoft Azure.

Pro koho je akce? Vývojáři a IT spacialisté

Kde?

• Praha (11. prosince 2017) - akce v tomto městě je již plně obsazená, ale na rok 2018 pro vás plánujeme další akce podobného typu
• Bratislava (13. prosince 2017)

Program:

• 09:00 – 10:00  Obecný úvod do Microsoft Azure
• 10:00 – 10:30  Coffee break
• 10:30 – 11:30  Platformní služby
• 11:30 – 12:30  Lunch
• 12:30 – 13:30  Microservices & Containers
• 13:30 – 14:30  Datové služby a úložiště
• 14:30 – 15:00  Coffee break
• 15:30 – 16:30  AAD & Identita jako služba

Na akci je nutné se registrovat pomocí odkazů uvedených výše.

4-10 декабря 2017 года при поддержке Министерства связи и массовых коммуникаций РФ и Министерства образования и науки РФ и участии 4 ведущих российских ИТ-компаний (Microsoft, «Лаборатория Касперского», Codewards, ZeptoLab) во всех школах страны пройдет Всероссийская акция «Час кода»!

Акция «Час кода» состоится в России уже в четвертый раз. Впервые такой урок состоялся в 2014 году, и в нем приняли участие 7,1 миллионов школьников, в 2015 году количество участников, по данным Минобрнауки РФ, выросло до 8,3 миллионов, а в 2016 году уже до более 9 миллионов. Уверены, что в этот раз уже полюбившийся ребятам «Час кода» пройдет еще успешнее!

В этом году школьникам наглядно продемонстрируют, что информационные технологии – это инструмент создания будущего и незаменимый помощник людей. Особый акцент в видео-уроке, выполненном в стиле скрайбинга, сделан на искусственном интеллекте и его взаимодействии с человеком. О деталях акции вы можете узнать на сайте часкода.рф: видеоматериалы (мотивационный ролик и видеоурок) и методические указания для преподавателей уже опубликованы на сайте в разделе «Преподавателям», новый тренажер (с тремя возрастными уровнями) будет опубликован 4 декабря, непосредственно перед стартом акции.

Пожалуйста, поделитесь ссылкой на сайт со своими друзьями в социальных сетях и не забудьте поставить хэштег #ЧасКода. Пусть как можно больше людей – школьников, их родителей, друзей и родственников – узнает о «Часе кода»!

Мы искренне верим, что акция «Час кода» поможет информационным технологиям стать не просто увлекательным хобби, но и успешной карьерой для молодых ребят, что во многом определит будущее ИТ в России!

Присоединяйтесь!

こんにちは、コラボレーション担当の杉山 卓弥です。

2017 年 3 月にリリースした Microsoft Teams ですが、様々なサイトで関連情報を公開させていただいております。Microsoft Teams のご利用/ご検討にあたり、どこに情報があるかわからないというお客様のために、当ブログ記事で弊社から発信している情報をまとめましたのでご参考になれば幸いです。

今後新しく公開する情報が出てきた場合には、当ブログ記事を更新していきます。

1. 機能概要/マニュアル/トレーニング

• Microsoft Teams の概要
  Microsoft Teams の概要を紹介しています。
  https://docs.microsoft.com/ja-jp/MicrosoftTeams/teams-overview
  

• Microsoft Teams ヘルプ センター
  管理者/エンドユーザー向けの Microsoft Teams の使い方やトレーニング動画をまとめたサイトです。
  https://support.office.com/ja-jp/teams

• Microsoft Teams エンド ユーザー ガイド (Word)
  エンドユーザー向けのドキュメント ベースの Microsoft Teams ガイドです。企業内で展開していただくことが可能です。
  http://download.microsoft.com/download/B/C/9/BC9FFECA-F9E6-4E61-9F45-961B71876BE1/MicrosoftTeams_EndUser_BasicGuide.docx

2. 計画

• Microsoft Teams のシステム要件
  Microsoft Teams を利用するための Web ブラウザー/デスクトップ OS/モバイル OS の要件を記載しています。
  https://docs.microsoft.com/ja-jp/microsoftteams/get-clients#desktop-clients

• Microsoft Teams ネットワーク要件
  Microsoft Teams を利用するための帯域幅要件や考慮事項を記載しています。
  https://docs.microsoft.com/ja-jp/microsoftteams/prepare-network

• Microsoft Teams で利用される URL/IP/Port の一覧
  Microsoft Teams を利用するために接続が必要となる URL/IP/Port の一覧を記載しています。
  https://support.office.com/ja-jp/article/8548a211-3fe7-47cb-abb1-355ea5aa88a2#bkmk_teams

• Microsoft Teams のセキュリティとコンプライアンスの概要
  Microsoft Teams が準拠しているセキュリティ要件とコンプライアンス要件を記載しています。
  https://docs.microsoft.com/ja-jp/MicrosoftTeams/security-compliance-overview

3. 展開/運用/管理

• Microsoft Teams の展開シナリオ
  組織内で Microsoft Teams の展開を成功させるためのルール作りや社内ガイダンスについて参考情報を記載しています。
  https://docs.microsoft.com/ja-jp/MicrosoftTeams/change-management-strategy

• Microsoft Teams の初回の展開/運用について考える
  Microsoft Teams を展開する際の展開方法、運用プロセスについて記載しています。
  https://blogs.technet.microsoft.com/office365-tech-japan/2017/07/24/microsoft-teams-first-deployment/

• Teams PowerShell コマンド リファレンス (英語)
  Microsoft Teams の設定をコマンド ベースで一括処理する際などに参考となる PowerShell コマンドの一覧を記載しています。
  https://docs.microsoft.com/ja-jp/powershell/module/teams/?view=teams-ps

4. 機能追加ロードマップ

• Microsoft Teams Roadmap (英語)
  Microsoft Teams に関する開発中/展開中/展開済みの機能一覧を記載しています。
  https://products.office.com/en-us/business/office-365-roadmap?filters=microsoft%20teams

5. その他情報/ブログ

• Microsoft Teams サポート チーム ブログ
  プレミア サポートによくお問い合わせをいただく内容やアーキテクチャ、Tips 情報を公開しています。
  https://blogs.technet.microsoft.com/teamsjp/

• Microsoft Teams Blog (英語)
  弊社の海外のエンジニアが発信している Microsoft Teams Blog です。比較的最新の情報を公開しています。
  https://techcommunity.microsoft.com/t5/Microsoft-Teams-Blog/bg-p/MicrosoftTeamsBlog

• Microsoft Tech Community (英語)
  全世界の関係者が気軽にディスカッションできる Microsoft Teams のコミュニティ サイトです。
  https://techcommunity.microsoft.com/t5/Microsoft-Teams/ct-p/MicrosoftTeams

• Microsoft Teams の既知の問題
  現在弊社で認識している Microsoft Teams に関する問題と回避策の一覧を記載しています。
  https://docs.microsoft.com/ja-jp/MicrosoftTeams/known-issues

• よく寄せられる質問
  弊社によく寄せられるご質問と回答の一覧を記載しています。
  https://support.office.com/ja-jp/article/f4644010-d5fa-4055-b42a-6a5317316e18

• Office 365 の新しい Intelligent Communications 構想
  Microsoft Teams を中核とした弊社が目指す今後のビジョンをご紹介しています。
  https://blogs.technet.microsoft.com/microsoft_office_/2017/09/28/a-new-vision-for-intelligent-communications-in-office-365/

6. 導入事例

• チームコラボレーションの改革を推進する、 3社の Microsoft Teams 活用事例を公開
  現在公開している Microsoft Teams の活用事例になります。
  https://blogs.technet.microsoft.com/microsoft_office_/2017/06/09/promote-reform-of-team-collaboration/

7. 機能改善要望

• Microsoft Teams UserVoice
  全世界のユーザが投稿/投票できる機能改善要望をまとめたサイトです。弊社開発部門の対応状況も確認することができます。
  https://microsoftteams.uservoice.com/forums/555103-public

その他ご不明な点などがあります場合には、弊社担当またはサポート窓口までご連絡ください。

Today's tip...

Azure Managed Applications enable Managed Service Provider (MSP) and Independent Software Vendor (ISV) partners, and enterprise IT teams to deliver fully managed, turnkey cloud solutions that can be made available through the Azure Marketplace or through the enterprise service catalog of a specific end-customer. In this blog, we’re focusing on the Azure Marketplace scenario. You can find more about the  Managed Application service catalog here. Customers can quickly deploy managed applications in their own subscription and rely on the partner for maintenance operations and support across the lifecycle.

By: Cesar Hara and Caio Cesar

O intuito deste artigo é auxiliar no entendimento geral do conceito por trás dos atributos “SourceAnchor” e “ImmutableID” em contas de usuários, utilizados em ambientes sincronizados via AD Connect.

Definição

SourceAnchor: um atributo imutável durante o tempo de vida de um objeto. Este atributo identifica um objeto sendo o mesmo no Active Directory On-Premises (Source of Authority) e no Azure AD. O sourceAnchor também é conhecido como ImmutableID.

Qual a diferença dos dois atributos? Nenhuma, além da nomenclatura. Os valores são idênticos – “sourceAnchor” geralmente é relacionado quando mencionamos o atributo na base de dados do AADConnect (metaverse), quando “ImmutableID” no Azure AD.

A palavra imutável significa não alterável, sendo assim o atributo deve ser escolhido com muito critério uma vez que o mesmo não pode ser alterado quando definido no Azure AD.

Pontos importantes

1. “Sourceanchor” e “ImmutableId” se referem ao mesmo atributo;
2. Este atributo é responsável por vincular um objeto do Active Directory local com o objeto que foi sincronizado/criado na nuvem (Azure AD);
3. Uma vez definido no Azure AD, o mesmo não pode ser alterado (se torna “Read Only” em contas sincronizadas).

ObjectGUID como sourceAnchor

Por padrão, até a versão de AD Connect 1.1.486.0, o atributo ObjectGUID era escolhido como o sourceAnchor no momento da instalação.

Isto significa que o Azure ADConnect criaria o valor de sourceAnchor (e respectivamente ImmutableId) fazendo uma conversão para base64 do atributo ObjectGUID dos objetos.

O ObjectGUID também é um atributo imutável, por esse motivo foi um bom candidato por muito tempo para ser o valor de ImmutableId das contas do Azure AD.

Podemos comprovar os valores exportando os dados das contas dos objetos. Neste exemplo, iremos utilizar uma conta de testes “user01@o365identity.com”:

ObjectGUID: 771a06cd-a5dc-4d9a-a5e2-6b6c6690326b

ImmutableID: zQYad9ylmk2l4mtsZpAyaw==

Conforme informado anteriormente, o valor de Sourceanchor/ImmutableID é uma conversão do valor de ObjectGuid.

Podemos utilizar os cmdlets nativos do módulo do Active Directory para descobrir o ImmutableID que deve ser definido no Azure AD*:

$guid = (get-Aduser sAmAccountname).ObjectGuid
$immutableID = [System.Convert]::ToBase64String($guid.tobytearray())
$immutableID

Após a sincronização da conta, confirmamos o valor no Azure AD:

Como podemos observar, a conta está corretamente vinculada, ou seja, o valor de ObjectGUID do objeto local convertido para base64 é exatamente o mesmo valor do objeto da nuvem.

Impacto na escolha do sourceAnchor

Vamos supor um cenário onde o atributo “displayName” foi escolhido como sourceAnchor no setup do AD Connect. Após a sincronização inicial, o ImmutableID na nuvem ficaria com o valor “User01”**.

Após um período de tempo, há a necessidade de alterar o displayName para “User”. Se este valor for alterado, na próxima tarefa de sincronização o AD Connect tentará alterar o ImmutableID de “User01” para “User”.

A consequência será um erro de duplicidade de atributos, pelo fato de que para o AD Connect e Azure AD, agora estamos lidando com duas contas diferentes - com diferentes valores de ImmutableID (a primeira “User01” e a segunda “User”).

Ou seja, uma vez definido o ImmutableID no AAD o mesmo se torna “Read-Only” sem a possibilidade de alteração. Isto significa o valor de sourceAnchor, deve ser sempre imutável.

Conclusão

O ImmutableID é muito importante e deve ser compreendido para evitar problemas futuros.

Se não houver um bom planejamento do ambiente sincronizado, problemas complexos surgirão.

* Algumas pessoas optam pela utilização do ps1 “GUID2ImmutableID”. O resultado final é o mesmo.

** Se o sourceAnchor selecionado não for do tipo de cadeia de caracteres, o Azure AD Connect usará Base64Encode no valor do atributo para assegurar que nenhum caractere especial será exibido.If you use another federation server than ADFS, make sure your server can also Base64Encode the attribute.

Hello folks, David Steadman Here!!

We have released our latest hotfix for MIM 2016 SP1.  This is build 4.4.1749.0. 

This release includes two improvement :

• Office 365 integration for approvals
• SSPR Password Reset capabilities without domain trust

• This completes the end to end for users that were programmatic user registration for untrusted forest/domain

Important Links

• Microsoft KB Article: https://support.microsoft.com/en-us/help/4050936
• Version History : https://docs.microsoft.com/en-us/microsoft-identity-manager/reference/version-history
• Download: https://www.microsoft.com/en-us/download/details.aspx?id=55794

NOTE: You must be at 4.4.1302.0 prior to installing this fix.  If you are at 4.4.1237.0, you will need to uninstall and install 4.4.1302.0.   For more information, review: https://blogs.technet.microsoft.com/iamsupport/2016/11/08/microsoft-identity-manager-2016-service-pack-1-update-package/

Una renovación mayor de los cuarteles generales de Microsoft, junto con proyectos de modernización del espacio de trabajo alrededor del mundo, ayudará a los empleados a colaborar y crear

Por: Natalie Singer-Velush

Una plaza comunitaria donde los empleados se puedan reunir, aprender y jugar. Zonas libres de autos y un puente que atraviesa todo el campus sólo para peatones y ciclistas. Edificios inteligentes con uso optimizado de energía; espacios para despertar la creatividad con los compañeros de equipo; árboles, senderos, y circulación al alcance de la mano.

Se viene un redesarrollo importante para el cuartel general de Microsoft en Redmond, uno que impulsará aún más la visión moderna del lugar de trabajo que ya ha comenzado, en años recientes, a tomar impulso a través del campus y del mundo.

El proyecto, que tendrá diferentes fases y estará alimentado por la tecnología, impulsará la colaboración de los empleados y las conexiones con la comunidad, agregará 18 nuevos edificios, actualizará los espacios de trabajo existentes y mejorará la sustentabilidad.

“Vamos a construir el tipo de espacio que requerimos para el futuro. Es una construcción para los empleados que están aquí ahora y para los chicos de octavo grado que estarán aquí algún día”, comentó Michael Ford, Gerente General de Instalaciones y Propiedades Globales. “En el pasado, los empleados tenían que adaptarse al espacio. Ahora, el espacio se adapta al empleado”.

La plataforma de lanzamiento para la modernización, que agregará 2.5 millones de pies cuadrados de nuevos espacios de oficinas a los cuarteles generales de 500 acres de extensión, es el conjunto de edificios en el corazón del campus original de Microsoft. Icónicos a su manera, los edificios en forma de X de la década de los ochenta fueron diseñados para ofrecer a los empleados una gran cantidad de luz natural y oficinas casi idénticas. Hoy, sin embargo, los edificios de techos bajos y con una gran cantidad de pasillos, pueden sentirse como una serie de laberintos, donde es muy fácil andar en círculos.

Pero conforme se han transformado los enfoques y la cultura, también lo ha hecho el pensamiento sobre cómo queremos trabajar, crear y conectar. La concentración y la privacidad pueden ser encontradas en una cabina de teléfono a prueba de ruido o en un cuarto retapizado; la inspiración (y de acuerdo con investigaciones, la salud de los empleados) se eleva en un atrio lleno de luz, cómodos sofás brindan un espacio de bienvenida para las grandes ideas de los equipos. Conversaciones espontáneas, impulsadas por los “vecindarios” de trabajo comunal, pueden llevar a la innovación; una mejor productividad, y un desarrollo más rápido y ágil.

Estos son los tipos de espacios que definirán la modernización del cuartel general de Microsoft e infundirán otras inversiones de edificios y de campus para Irlanda, India, Israel, Silicon Valley, Brasil y en otros lugares. Los diseñadores comentan que estos son los tipos de transformación que unirán el lugar donde estamos con el lugar al que vamos.

Transformar la manera en la que trabajamos

La renovación de los cuarteles generales está planeada para comenzar a finales de 2018 y tomará de cinco a siete años para completarse. Una vez que los viejos edificios sean derribados y se agreguen los nuevos, la presencia de Microsoft en el área de Seattle irá de 125 edificios en la actualidad, a 131. El proyecto conectará de manera más fluida ambas mitades del campus, divido por la Ruta Estatal 520, a través de un puente sólo para peatones y bicicletas que unirá a Microsoft, la estación de tránsito Redmond Technology donde se espera que el tren ligero arribe en seis años, y la cercana estación de tren regional. La caminata del centro de un costado del campus al centro del otro tomará alrededor de 7 minutos después de la renovación, comparado con los 22 minutos que toma en la actualidad.

“Vamos a construir el tipo de espacio que requerimos para el futuro… para los empleados que están aquí ahora y para los chicos de octavo grado que estarán aquí algún día.”

El diseño accesible e innovador – alimentado por años de investigación, comentarios, y pruebas alrededor de las necesidades y estilos de trabajo de los empleados, así como por las profundas raíces de Microsoft dentro de la comunidad – dará forma a los espacios interiores, exteriores y subterráneos del proyecto.

“Vamos a tomar lo que ya hemos comenzado – espacios inteligentes de trabajo, sistemas sustentables – y lo vamos a mover al siguiente nivel”, comentó Ford. “Vamos a mejorar aún más la experiencia de empleado al utilizar tecnologías, impulsadas por la Nube de Microsoft, a través de todo el espacio de trabajo”.

Por ejemplo, mencionó Ford, una aplicación móvil que abarca todo el campus facilitará que los empelados agenden los suburbanos Connector o los transportes del campus, ordenar el almuerzo, o revisar su cafetería favorita para ver qué tan llena está.

Mientras que cada aspecto de la actualización del campus de Microsoft será infundido con tecnología, Bill Lee, director de Construcciones, Planeación y Desarrollo, no piensa en él como diseñar para la tecnología sino diseñar para la humanidad.

“La gente cada vez está más conectada a nivel tecnológico: si ustedes dejan su teléfono en casa, se regresan por él; si dejan su billetera, siguen su camino. La tecnología es parte de nosotros, y diseñamos para la humanidad porque la tecnología ya es parte de la humanidad”.

Al conectar a los empleados y ayudarles a colaborar, los espacios de trabajos modernizados harán más sencilla la resolución de problemas. Alguna de esta transformación ya ha comenzado con proyectos recientes en Redmond y más allá.

En el Edificio 83, recién inaugurado en los cuarteles generales de la compañía, paredes de ventanas y un elevado atrio central bañado en luz natural recibe a los empleados. Una escalera amplia y espaciosa se eleva a través de los cuatro abiertos pisos, “el punto óptimo” para la altura del edificio, mencionó Ford. El ambiente es placentero pero también lleno de propósito: investigaciones muestran que los empleados que tienen más exposición a la luz natural en el trabajo y a vistas a la naturaleza, toman menos días por enfermedad y se sienten más sanos.

Temas similares abarcan otros espacios de trabajo modernos. En la nueva oficina de Múnich, en Alemania, los diseñadores crearon cuatro zonas multiusos (Think; Share and Discuss; Converse; Accomplish) para impulsar a los empleados a trabajar donde quieran mientras mantienen una base central donde los equipos pueden encontrarse de manera sencilla. Cada zona varía desde baja tecnología a tecnologías colaborativas y mapas para cada tipo de trabajo específico, para replicar y apoyar la manera en la que los proyectos fluyen y progresan desde principio a fin.

Y dentro de los edificios en Suzhou, China, donde los empleados están enfocados en investigación y desarrollo, los diseñadores hicieron más fácil la colaboración con papel tapiz tipo pizarra blanca y espacios compartidos con paredes móviles y ayudan a los empleados a recargar energía con salas de yoga e interiores traslúcidos inspirados en la naturaleza y con mucho color.

“Tomamos lo que ya habíamos comenzado… y lo vamos a mover al siguiente nivel.”

Un campus, no un conjunto de edificios

Parte de lo que transformará el campus de Microsoft en Redmond no es lo que verán, sino lo que no verán: túneles para servicios de transporte, cocheras de estacionamiento inteligente que dirigen a los conductores hacia un espacio disponible, y áreas de entrega apartadas han sido diseñadas con los vehículos automatizados del futuro cercano en mente. El espacio en el subsuelo podrá convertirse de manera sencilla para otros usuarios, así como laboratorios para cultivo de alimentos y estantes de servidores en la nube, que podrían enviar calor de regreso hacia el programa de cultivo de alimentos, para crear economías circulares.

Las áreas de servicio, el flujo de transporte, y los senderos, fueron concebidos con un mantra clave en mente: en un espacio urbano ideal, comentó Lee, los peatones no deberían competir con los autos.

“Este va a ser un campus inteligente en extremo, no por los dispositivos, sino por la infraestructura”, mencionó Lee. “Para tener un campus que refleje innovación, priorizamos ese ambiente urbano. Facilidad para caminar, naturaleza, servicios – todo se conjunta para crear comunidad”.

Por fuera, el rediseñado campus tendrá una sensibilidad global mientras refleja su especial ambiente del Pacífico Noroeste, donde Microsoft ha plantado raíces profundas por más de 30 años. Una nueva plaza de dos acres creará espacio para que se reúnan hasta 10 mil personas para reuniones de la empresa, lanzamientos de producto, bandas locales, y mercados de agricultores locales. El equipo del proyecto estudió algunas de las plazas públicas más queridas en el mundo, entre las que se encuentran la Plaza de San Marcos en Venecia y el Red Square de la Universidad de Washington en Seattle, para ayudar a dar forma al diseño de la plaza, que estará rodeada por flora endémica, así como ofertas de comida y servicios para los empleados.

Un campo de cricket se unirá a otros nuevos campos para deportes. Y Microsoft continuará con la creación de espacios exteriores conectados de reunión para que los empleados se puedan beneficiar de los impactos positivos que la naturaleza ofrece en cuestiones de productividad y felicidad.

“Cada vez que creamos nuevos espacios, estos crean increíbles experiencias para los empleados”, comentó Rob Towne, director de inmuebles para Puget Sound. "Esto va a ser una renovación realmente a gran escala".

I recently published a blog about planning a migration from an Avaya PBX to Microsoft Skype for Business on-premises and/or in Office 365. In that blog, I referenced several newly certified and very feature rich migration tools now available to streamline migrations from a variety of legacy IP-PBX environments to Microsoft Skype for Business. One of these two tools is Univonix Migrate that I am highlighting in this blog because it is now such a great option to consider when planning and implementing your migration to Skype for Business.

Additional links in this blog series include:

• Part 1: Avaya PBX to Microsoft Skype for Business
• Part 2: Multi-Legacy IP-PBX Migration to Skype for Business with Univonix Migrate (this blog)
• Part 3: Multi-Legacy IP-PBX Migration to Skype for Business with MigrationPro by Unimax

Univonix Migrate is certified under a new classification of Microsoft IT Pro Tools for migrations. This tool was announced at Microsoft Ignite 2017 as part of this presentation. The application enables companies who specialize in telecom migrations (system integrators) to perform a detailed discovery of an IP-PBX environment, provide verbose reporting, identify feature gaps, schedule the migrations, and then implement all the necessary changes on all source IP-PBXs and the target Skype for Business Server, Hybrid or Online environment. Migration tools such as this enable system integrators to answer most migration questions, more accurately scope engagements, increase the speed of migrations, reduce the complexity, reduce resources, and ultimately save costs. When working with customers to plan PBX migrations, system integrators often need to include project resources who are experts on the legacy IP-PBX systems (Avaya, Cisco, Nortel, etc.) and the target system (Skype for Business Server, Hybrid, and Online). Integrators also need to ask a lot of questions to the customer about configurations of a legacy IP-PBX system, to which the customer typically has had installed for years and often does not have a dedicated telecom resource. A migration tool such as this minimizes the need for expertise in the legacy IP-PBX system and provides a deep configuration analysis.

Univonix Migrate is classified as Software as a Service (SaaS) running on Microsoft Azure, offering enterprise grade security and compliance. In other words, this is a cloud based solution that minimizes on-premises server infrastructure needed to support it. Univonix enables a migration to Microsoft Skype for Business on-premises, hybrid, and in the Office 365 cloud. The legacy IP-PBX systems it supports includes Cisco and Avaya, with Mitel, Siemens/Unify, Nortel, Alcatel-Lucent, NEC, ShoreTel, and others planned in the near future. Univonix Migrate supports migrations to Skype for Business and is planning to support migrations to Microsoft Teams in the future. For a list of the latest IP-PBX systems supported by Univonix Migrate, please review their product site here.

A project using Univonix Migrate follows the prescribed methodology listed below:

1. Extraction - In this first step, the Univonix Migrate will provide tools to export all of the legacy IP-PBX users and system level configuration. Additionally, Univonix Migrate will export Microsoft Skype for Business users and Active Directory information.
2. Discover - The system will automatically map the legacy IP-PBX users, devices and system level features being used to Skype for Business. It will also automatically match the users in the legacy system to Active Directory users. The discovery phase includes information gathering of names and numbers, call forwarding, multi-lines, shared lines, boss/admin, speed dials, hunt groups, pickup groups, call parks and more.

1. Enrich - Although the automated feature and user mapping capabilities will match a majority of the data from the source and target migration environments, there will always be some data that cannot be matched. It is during this step that an organization will need to assist in the data mapping process. Before beginning any migration, it is a best practice to have a clean dataset to start from. Univonix Migrate's online portal includes an intuitive UI to resolve conflicts, check dependencies, normalize numbers to E.164, bulk assignment of policies and more.
2. Verify - After all data matching is completed (both automatic and manual matching), the information is presented to the customer for approval. It is also during this phase that users are placed into groups for phased migrations. Users are typically grouped by teams, site, floor, etc. to minimize the potential for disruptions.
3. Finalize - During this phase the migration from the legacy IP-PBX(s) is implemented. Univonix Migrate loads thousands of users, with all of their telephony settings, configures voicemail settings, resource groups, call orbits to Skype for Business – in a matter of hours. In addition, Univonix Migrate will configure the legacy IP-PBX to route the calls for all migrated users to Skype for Business, and email the user of the change using a customizable template. The migration groups can be scheduled to ease the administration of the migration tasks. Because the actions involved with a migration are implemented by Univonix Migrate there is often no need to send technical people onsite that saves time, travel costs, coordination of the site, etc.

Reporting is a key element of any migration project - large or small - PBX or something else. The migration team must understand everything about the current environment, the capabilities of a new environment, have a gap analysis, and be able to produce an executive report as well as detailed reports. Univonix Migrate will provide detailed reporting of the existing environment as part of its Extraction process. This is extremely useful because in many migrations, the organization does not have a dedicated telecom administrator with in-depth knowledge of the legacy IP-PBX configuration. The data displayed in this report will prompt many questions about why certain settings have been defined. Univonix Migrate will also provide a detailed gap analysis report during its discovery phase. This enables the migration team to identify any loss in functionality or potential misconfigurations. I use the term "loss in functionality" loosely because it may not be a feature that is missing, but rather the terminology of features may have changed from a 15-year-old legacy IP-PBX attempting to be mapped to a Skype for Business environment. Either way, this gap analysis will identify and allow the migration team to make the proper adjustments during their planning. Other important reports generated by Univonix Migrate are executive summaries and migration status reports. Automated status reports are a dream for any project manager to have automatically generated daily for delivery.

In addition to providing the migration capabilities, Univonix Migrate offers a Return on Investment (ROI) calculator at www.univonix.com/ROI. By answering a few key questions about your current PBX environment, how many sites, etc. a cost savings analysis and reduction in deployment time is provided. A ROI calculation breakdown is also provided.

Below are several example screen captures to highlight some of the migration capabilities of Univonix Migrate:

1. Below is an example of the executive summary report provided by the migration software. The report continues with a detailed feature parity analysis, to enable stake holders who are not telephony experts to understand the implications to the organization.

    

2. Below is an example of the migration dashboard showing overall status that can be used each day for project reporting.
3. When deploying features and settings to thousands of users, the ability is needed to define and implement policies to large groups. Below is an example of how this is done.
4. Below is an example of an E.164 Normalization Rule being defined in preparation for migration.
5. This is an example of IP PBX Hunt Group being mapped to a Skype for Business Resource Group.

By highlighting a few of the features available in this product, my hope is that you will consider using one of these new migration tools in your project planning.

Univonix Migrate is only available through their partners and system integrators; not directly to customers. The software and the migration journey from one (or more) PBX environments to Skype for Business can be complex. For a communications system vital to the success of most organizations, unless you have internal talent very familiar with both environments you will want an experienced partner to work with to ensure a smooth migration. Univonix can be contacted on their website or email at sales@univonix.com for more information and a demonstration of the software.

For Microsoft Partners who would like more information about this product, please contact Unimax and/or contact the new One Commercial Partner organization in Microsoft.

I recently published a blog about planning a migration from an Avaya PBX to Microsoft Skype for Business on-premises and/or in Office 365. In that blog, I referenced several newly certified and very feature rich migration tools now available to streamline migrations from a variety of legacy TDM and IP-PBX environments to Microsoft Skype for Business. One of these two tools is MigrationPro by Unimax that I am highlighting in this blog because it is now such a great option to consider when planning and implementing your migration to Microsoft Skype for Business.

Additional links in this blog series include:

• Part 1: Avaya PBX to Microsoft Skype for Business
  
• Part 2: Multi-Legacy IP-PBX Migration to Skype for Business with Univonix Migrate
  
• Part 3: Multi-Legacy IP-PBX Migration to Skype for Business with MigrationPro by Unimax (this blog)
  

MigrationPro by Unimax has completed rigorous certification testing to become a Microsoft IT Pro Tool for migrations. This tool was announced at Microsoft Ignite 2017 as part of this presentation. The tool provides analysis and detailed information gathered from existing legacy PBX and voicemail systems along with implementation best practices. It has the capability to research, report on, plan, and implement migrations to Skype for Business Server from Avaya, Cisco, and Nortel with many more being planned. The application is based on the Skype Operations Framework (recently renamed to MyAdvisor with the Fast Track Center) that provides a prescribed and methodical approach to a successful implementation.

MigrationPro is one of many applications offered by Unimax as part of its UC Management Product Suite. Below is a brief description of additional tools and their purpose:

• MigrationPro - The application that helps to automate the planning and delivery of a migration from legacy IP-PBX systems to Skype for Business
• HelpOne - This product provides a web interface designed for help desk agents to perform a variety of customized actions. These actions can range from simple voicemail password resets to actual phone deployment - depending on the permissions an organization defines.
• LineOne - This product enables users to perform many self-service options, reducing the need for help desk tickets for telecom related requests.
• NumberPro - This product provides a web interface to inventory all numbers used (DIDs, extensions, and more), no matter what system they reside on, and provides available numbers in client specific ranges such as region or building. Additionally, the product can transform numbers to present them in the form which should be used in your environment (DID to e.164, etc.)..
• Spotlight - This product provides detailed reporting capabilities for all PBX systems included in the migration project. For any large migration project, the ability to track migration overall status, problem areas, etc. are essential.
• 2nd Nature Client – This client allows an organization to provision and manage their various PBX, voice mail, and directory systems from a single user interface rather than using the system's native administration portal. It is included with all of the products above to monitor and facilitate changes, but a 2nd Nature client user can also perform complex migration and management tasks with it.

These applications are installed within an on-premises infrastructure that requires minimal server resources. A single or multiple Windows Server(s) may be used to host the web services, the 2nd Nature Server application, and the database server. The database can be hosted on SQL Express or SQL server. Virtualization is also supported. Detailed information on system requirements (memory, CPU, disk, etc.) are located within the installation guide. A systems integrator will assist customers with the proper resource planning.

When designing the installation of the Unimax UC Management Suite, consider it a type of hub and spoke system. The spokes are the different applications in the Unimax suite as well as the legacy and target PBX systems. The hub is the 2nd Nature Web Services Foundation, database, and communication server. The 2nd Nature Client and applications initiate requests to view and change data through the 2nd Nature Web Services Foundation to the database. The communication server acts on those requests by opening a line of communication with all the PBX and telecom devices defined. As part of its discovery of an Avaya system, for example, it will discover everything there is about defined telephone numbers such as boss/admin relationships, call forwarding, voicemail settings, the specific server a number is hosted on, speed dial settings, group memberships, etc. This information is ingested from the source environments and then matched using unique attributes with accounts in the target Skype for Business environment. For accounts that cannot be automatically matched the system will flag them for additional evaluation and mitigation. The information can be gathered from a single legacy PBX system or gathered from multiple disparate PBX systems. Imagine the legwork and analysis this software can save an organization who has been through acquisition after acquisition and now is left with PBX systems from multiple manufacturers where no one who understands the configuration details. With this tool, not only is the data gathered, ingested, and analyzed, but it can then be used to implement migrations as well.

Below is a diagram from Unimax that depicts the various applications within the product suite and how they work together in the hub and spoke relationship. Each application on the top portion of the diagram is an optional component of your environment, depending upon your needs. MigrationPro provides migration paths from Avaya, Cisco, and Nortel, with many more being planned. Be sure to contact Unimax for a list of the latest IP-PBX systems they support.

After proper installation of the selected components, testing and piloting can begin. One of the most difficult parts of defining migration groups is understanding the complex interdependencies of the massive amount of data. If a boss/admin relationship is found but the admin is also part of a hunt or call pickup group, then the other members will need to be grouped together when migrating the boss and admin. This complex problem is exponentially difficult because of all of the various data interdependencies. MigrationPro's unique algorithms search the data and create clean migration groups that do not break these important relationships in a migration. MigrationPro enables you to define migrations for small and large groups of users/numbers and then schedule/automate them. Persona templates can defined and used to quickly define and schedule automated migration tasks.

While this blog is not meant to go into technical and detailed migration and configuration information, I have provided several screen captures below of the application for readers (you!) to further understand the capabilities.

1. Below is a screen capture of the boss/admin functionality discovered in an Avaya configuration and the configuration to be replicated to Skype for Business. In the screen capture below, Catherine Ellsworth at extension 59000 is the administrative assistant to the manager, Douglas Snyder at extension 59001. The Group Ties column on the right summarizes the discovered relationship.
   1. Below is a screen capture of an Avaya Station (59000). Notice the details captured about the station on the right.

   2. The screen capture below shows an example of the Avaya Station (59001) being related to Active Directory, Skype for Business, and the user's new Unified Messaging Mailbox record. This correlation is done as part of the discovery process across all environments included in the migration. Notice how the Delegates area is highlighted on the lower left and in the delegates details, Catherine Ellsworth (from our example above) is listed as the delegate. This automated relationship mapping is a large help when planning a migration.
2. Below is the extension for Douglas Snyder (ext 59001) being normalized automatically in MigrationPro in preparation for migration.

1. Below is a screen capture of call configuration for Douglas Snyder while pre-staging the migration tasks. This is just one of many configurable items that can be pre-staged and then executed.

1. Switching gears from the migration configuration screens above, below is an example of the HelpOne interface that may be customized to preference. If your organization will allow its help desk to only perform password resets, the top screen capture shows just these options. For a help desk with more advanced functionality to assist with migrations, the lower picture represents more functionality.

Unimax recently released support for Polycom VVX and Trio Skype for Business enabled desk phones. With this release, administrators can extract configuration and status information held in configuration files, log files, and the networked phone itself (speed dials, etc.). The Polycom phone is then paired to the Skype for Business and Active Directory user to give the administrator a complete inventory view of both their legacy PBX phones and their Skype for Business phones from any of the Unimax applications. Including phone configurations as part of the migration is not a requirement, but only an option to highlight that the capability is now available.

For a demonstration of MigrationPro and the other available products, please reach out to Unimax here. MigrationPro is only available for sale to Microsoft Partners and Systems Integrators. Keep in mind that planning a migration of an organization's PBX systems is no small task and a project that should involve a team of experienced personnel. Your internal telecom team may be flush with talented Avaya engineers, but consider their knowledge and experience level with PBX migrations from one environment to another. Do they know Active Directory and Skype for Business well enough to plan, implement, migrate, operate, and troubleshoot a new PBX environment? Even with the widespread use of instant messaging and other intelligent communication systems today, the stability of an organization's telecom system remains a critical component of success. With this in mind, I recommend that customers contact the Unimax Services team or a Microsoft Partner for assistance in planning and execution.

For Microsoft Partners who would like more information about this product, please contact Unimax and/or contact the new One Commercial Partner organization in Microsoft.

The Windows Insiders program is well known as an early-access scheme for Windows, with millions of users trialling out new versions regularly and getting new functionality ahead of general release. A new “fast ring” version of Windows 10 came out just the other day, in fact.

Did you know that Office has a similar programme? Office Insiders is geared towards Office 365 subscribers who want to opt-in to early releases.

Regardless if you are or are not in the Insiders group, you can see what’s new in the latest version of Office you’re running (assuming you’re on Office 2016 and subscribing to Office 365).

Try looking under File | (Office) Account menu, and check under the Office Updates section to make sure you’ve got the latest versions available to you.

Click on What’s New and you’ll see a pop-up of the latest features, with a “Learn More” link to find more. To see the latest for Office Insiders, check here.

One new feature that’s previewing for Insiders but available to anyone on the web is the new Office Training Center, which offers help in a number of features, templates and the like. There are short videos showing tips on how to use Office apps in conjunction with Office365 – check out some of the “try new things” category to see if they really are new to you.

This CONTENT can’t be reached

Tip o’ the week’s author could not be found.

• Did you mean http://www.typoweek.com/?
• Search bing for tipoweek

ERR_NAME_NOT_RESOLVED

Applies to:

Microsoft Edge for iOS

Microsoft Edge for Android

Get that seamless Microsoft Edge browser experience from your Windows 10 device when on your mobile device.

The RTM of Microsoft Edge browser for iOS and Android is documented here:

Microsoft Edge now available for iOS and Android
https://blogs.windows.com/windowsexperience/2017/11/30/microsoft-edge-now-available-for-ios-and-android/#l8IFJp5UgRvXPb6F.97

Yong

keywords:  Internet Explorer for iOS, Internet Explorer for Android, Internet Explorer 11 for iOS, Internet Explorer 11 for Android, IE for iOS, IE for Android, IE11 for iOS, IE11 for Android.

By now you know that you can use Azure Security Center dashboard to visualize Security Alerts, and you can also use Log Analytics to query Security Alerts. Recently we also added the capability to visualize Security Alerts originated by Security Center from Azure Activity Log. For the example below I'm going to search for security alerts that have the keyword "Brute Force":

First part of the Activity Log query has a pretty generic selection:

The second part of the Activity Log query, has the keyword that I want to use for this search:

After filling the necessary fields, click Apply and you will get a list of entries that represents potential alerts. Notice that these alerts will not appear in a nice diagram like it shows in Security Center, and it will look more like an informational alert, rather than a high priority alert:

Click on it to see more details, and in the Summary tab you have the same explanation as you have in the Alert Description in Security Center. The only different is that in Security Center dashboard you will see more details, including remediation steps:

If you click in JSON tab, you will see something similar to this:

Well, now you know one more way to visualize Security Alerts. For more information about Security Alerts read:

• Manage Security Alerts
• Types of Security Alerts

Hello all! My name is Mike and I am currently a Platforms PFE at Microsoft and have been for the past two years. I’ve been working with Microsoft Server technologies for the past 17 or so years, starting with Windows NT and working on every version of server operating system since then. I’ve dabbled in other Microsoft technologies such as System Center Configuration Manager, but the server platform, Active Directory, and Group Policy is where I’ve spent most of my time. This is the first installment of a series of posts on how I’ve deployed Server 2016 in a customer’s environment. I’ve mimicked most of the details but have hidden names to protect the innocent.

For my installation, we want to get the most out of the new features of Server 2016 but for various reasons can’t implement everything all at once, so we have a rough plan for introducing Server 2016. In short, we’re going to start with virtual machines with a GUI, and work towards Server Core deployments and potentially some Nano servers. Upgrading the domain controllers will be a separate project and won’t be covered now.

The current environment is a VMWare shop, and has a mixture of Server 2008 R2 and Server 2012 R2. Most of the environment is virtualized, with only select physical servers which have their images managed by MDT.

We’ll be breaking the larger project out into four stages:

Stage 1:

• Develop base VM GUI image – Lab
• Develop Group Policies – Lab
• Test Group Policies and GUI image – Lab
• Deploy policies and image to lower environments

Stage 2:

• Develop base VM Core image – Lab
• Develop base Physical GUI image – Lab
• Upgrade MDT – Lab
• Deploy base VM GUI image – Production
• Test VM Core image – Lab
• Test Physical GUI image - Lab
• Deploy group policies – Production
• Deploy images to lower environments

Stage 3:

• Develop Hyper-V Physical GUI image – Lab
• Develop Hyper-V Physical Core image – Lab
• Deploy SCVMM to manage Hyper-V environment – Lab
• S2D – multiple physical machines – Lab
• Upgrade MDT - Production
• Deploy base VM Core image – Production
• Deploy base Physical GUI – Production
• Deploy Hyper-V images to lower environments
• Deploy SCVMM to lower environments
• Deploy S2D to lower environments

Stage 4:

• Deploy Hyper-V images – Production
• Deploy SCVMM – Production
• Deploy S2D – Production

We’re starting out with our test lab, which is where one should always start. Always remember, don’t test new changes in production! Our first job is to ensure that any new Server 2016 machines on the network will have appropriate Group Policies applied to them when they first join the domain. We have created an OU structure that will mimic the production environment and will allow us to apply the polices as needed. Any new 2016 servers must be added to one of the four appropriate OUs: Build Staging, DEV, PROD, or QA.

Our Group Policies are applied at the Server 2016 OU and they filter down to the other four OUs. We have developed two specific Server 2016 policies: Server 2016 Security Policy which is full of security settings and features all the auditing, firewall, local account, and other service lockdown settings and Server 2016 Standard Policy, which contains all the other general server configuration settings. We created these two policies by backing up the existing Server 2012 policies and restoring them into newly created blank policies. This sped up our ability to deploy the policies with the same settings we already knew we needed and wanted, and then we added in new settings which were unique to Server 2016. We also took this time to remove some of the settings which were deprecated or otherwise no longer applied to the environment.

Following is a sample of the settings in the Server 2016 Security Policy:

A sample of the settings in the Server 2016 Standard Policy:

Our goal here is to ensure we have a solid base image which will pass the security screens before we move on and start installing all the necessary agents and standard software. Once our base image passes the security test, we will set it as a template for other lower environments and begin the installation of all the agents and standard software.

As of this writing, we are in the process of tweaking the Group Policies to ensure they are updated from the previous 2012 policies and will be submitting them to the security team for testing. Stay tuned for the results and next steps!

Generate new revenue streams by understanding the monetization, technical requirements and steps required to publish and monetize your application on Microsoft Marketplaces. During this personalized one-to-one consultation, a Microsoft expert will provide you with an overview of marketplaces and make custom recommendations. You will receive architecture guidance for successfully publishing your application on the marketplace as well as best practices to avoid common pitfalls as you scale your customer base.

Act fast! This consultation is available at NO cost to all MPN partners through December 31, 2017.

Request a Microsoft Marketplaces Consultation today by visiting https://aka.ms/MarketplacesConsult

Marketplaces in-scope:

• Azure Marketplace
• App Source
• Office Store
• Visual Studio Marketplace
• Power BI Content Packs
• Windows Store

Monetization scenarios:

• Marketplace customers and audience
• Monetization opportunities
• Enhancing your profile
• Marketing best practices

Technical scenarios:

• Marketplaces technical requirements
• Azure Active Directory Guidance
• Adopting SaaS Model
• Architecting for scalability and reliability

In addition to this consultation, there’s a full suite full suite of technical training webcasts, one-on-one consultations and chat options available as part of the Application Innovation technical journey. Through December 31, 2017 the technical trainings are complimentary to all app developers and the consultations are available to all MPN partners at no cost. Explore the full suite of app developer services at aka.ms/AzureAppInnovation.