Did you know Azure Active Directory can provide Single Sign-On (SSO) to G-Suite (Google Apps)? In this blog, we will explore how to set this up from both the Azure AD side and also the G-Suite side.

Once SSO is configured, consider creating policies for Conditional Access to govern how G-Suite is accessed (e.g. only from a managed device, specific network, monitor for threats of the credentials such as for sale on the dark web, etc). For more information on G-Suite and Azure AD integration for SSO, see Tutorial: Azure Active Directory integration with G Suite

Note: SSO for up to 10 apps comes with the free version of AzureAD. For additional capability, P1 or P2 may be required. See Azure Active Directory pricing for more information.

Important: Chromebooks can sign-in with Azure AD credentials, see this video! (and here for more information)

Also Important: Once SSO is enabled in G-Suite only Azure AD credentials will be authorized and all legacy credentials (i.e. G-Suite credentials) will not be authorized for sign-in. If the user is using a Windows 10 device that is AADJ, then they will not need to type in their password to access G-Suite, SSO from Win 10 will automatically be available.

Let's begin!

Add G-Suite to Azure AD and configure it:

From within the Azure portal navigate to Azure Active Directory -> Enterprise Applications -> New Application and search for G Suite then click Add:

Once added, click Single Sign-on and click SAML

Edit the Basic SAML Configuration by clicking the pencil icon:

Configure using the following parameters:

Click Save. For User Attributes & Claims click the pencil icon:

Add a new claim:

Go back to the main SAML SSO configuration page, and download the base64 certificate for SAML Signing Certificate:

Copy the following URLs to a scratch pad, we'll use these to configure G-Suite:

Setup G-Suite for SSO:

See this article for more information on configuring G-Suite for SSO. From within G-Suite navigate to Admin –> Security -> Setup SSO. Paste the URLs you copied in the last step, into the SSO configuration, upload the certificate you downloaded previously, check the box for use a domain specific issuer and then click Save:

Assign the user to G Suite

Back in the Azure portal, click Users & Groups from within the G-Suite Enterprise Application:

Add a new user to G-Suite:

Turn on Provisioning:

Click on Provisioning and go through the steps on the blade. Starting with changing Provisioning Mode to Automatic.

Then click Authorize and type in your G-Suite credentials to go through the authorization process. Grant consent:

Back in the Azure portal, click Save to save your provisioning configuration. Once saved, you can opt to enable automatic synchronization of identities from Azure AD to G-Suite by clicking On for Provisioning Status:

Side bar, I could configure self service for end-users!

Back in G-Suite, you will notice the assigned users will start to sync:

Time to test!

I'm going to navigate to http://mail.google.com/a/soseman.org:

Notice this will redirect to Azure Active Directory:

Notice it challenges me for multi-factor authentication!

And I respond to the challenge using my Apple Watch

Once authenticated, accept the terms and conditions:

Now, I'm logged in and ready to use G-Suite!

Browsing to myapps.microsoft.com – G-Suite is added to the launcher!

Conclusion:

As you can see, configuring Single Sign On for G-Suite using Azure Active Directory is a rather easy and simple process – and probably can be completed within 15 minutes or less. Once configured, don't forget using Azure AD Conditional Access to govern how G-Suite is accessed, such as requiring a managed device (mobile or PC), monitoring the credentials for being compromised (impossible travel, up for sale on dark web, coming from atypical locations,etc), requiring MFA, and more!

Does your organization use G Suite or Google Apps? Do you have these requirements?

• Audit activity occurring in G Suite (user logons/logoffs, settings changed, files modified, etc)
  
• Audit file activity? (what files are being accessed, from where, how they are being accessed, etc)
  
• Govern how G Suite is accessed? (Only from a managed device? Only from a managed network? Don't allow download from a non-managed computer?)
  
• Scan files in G Suite for sensitive data?
  
• And more!
  

In this blog we will explore how Microsoft Cloud App Security (CAS) part of Microsoft 365, can help you meet these requirements. For more information on connecting G Suite to CAS see this article. Let's get started!

Note: Microsoft nor Matt Soseman nor this blog assumes no responsibilities and offers no warranties as a result of following the instructions in this blog. This requires enabling and modifying APIs. Use at your own risk.

Configure G Suite within Microsoft Cloud App Security:

From within Cloud App Security, click Investigate then select Connected Apps:

Click the + sign and select G Suite:

Type in a name and click Connect G Suite:

We need to pull the appropriate details from G Suite. Open a new browser instance and navigate to your G Suite admin portal using your admin credentials:

Once signed in, navigate to https://cloud.google.com/console/project
and click Create Project:

Give the project a name and click Create Project

Click Google Cloud Platform then click Go To APIs Overview:

Click API Library and enable the following APIs:

Back on the APIs and Services screen, click Credentials click the OAuth Consent Screen then in Application Name type Microsoft Cloud App Security and click Save:

Back on the Credentials tab click Create Credentials and select Service Account Key:

Configure the Service Account Key and click Create. Copy the secret to a scratchpad area. Download the certificate.

Back on the Credentials screen click Manage Service Accounts

Edit the Service Account:

Check the box next to Enable G Suite Domain Wide Delegation and click Save:

In the search box at the top type Google Drive API and press Enter

Click on Drive UI Integration, and configure using the following parameters (you can get the icons from here) and click Save Changes when finished:

In the search box type G Suite Marketplace
SDK and press Enter

On the Configuration tab, copy the Project Number to a scratch pad area:

Upload the same icons you used previously, and configure the following URLs:

Configure the following URL scopes:

https://www.googleapis.com/auth/admin.reports.audit.readonly

https://www.googleapis.com/auth/admin.reports.usage.readonly

https://www.googleapis.com/auth/drive

https://www.googleapis.com/auth/drive.appdata

https://www.googleapis.com/auth/drive.apps.readonly

https://www.googleapis.com/auth/drive.file

https://www.googleapis.com/auth/drive.metadata.readonly

https://www.googleapis.com/auth/drive.readonly

https://www.googleapis.com/auth/drive.scripts

https://www.googleapis.com/auth/admin.directory.user.readonly

https://www.googleapis.com/auth/admin.directory.user.security

https://www.googleapis.com/auth/admin.directory.user.alias

https://www.googleapis.com/auth/admin.directory.orgunit

https://www.googleapis.com/auth/admin.directory.notifications

https://www.googleapis.com/auth/admin.directory.group.member

https://www.googleapis.com/auth/admin.directory.group

https://www.googleapis.com/auth/admin.directory.device.mobile.action

https://www.googleapis.com/auth/admin.directory.device.mobile

https://www.googleapis.com/auth/admin.directory.user

Under Visibility select My Domain and click Save Changes:

Browse back to admin.google.com and click on Security

Select API Reference:

Click Enable API Access and then click Save Changes

Finalize Cloud App Security Configuration:

Back on the Cloud App Security portal, fill in the fields using the information you configured from the G Suite tenant:

Once you save the settings click follow this link

On the next screen, turn on the API and click Accept:

Once connected you should see:

123

マイクロソフトでは、様々な支援ができるよう多数のセミナー（ウェビナーおよび各地でスクール形式行われるセミナー）を開催しております。

遠方で参加が難しい方や当日都合が悪くなった方には、オンラインでご参加いただける形式のセミナーも多数実施しておりますので、お気軽にご参加いただき、お役立て下さい。（参加には事前のお申込みが必要になります）

なお、過去のウェビナーは Azure サイトの歩き方ページより、
[学習する] ― [過去の Web / 動画セミナー (2018 年 1 月以降)] から参照いただけます。

※このエントリーは、期間内のイベントに限り、登録サイトが公開され次第順次アップデートされます。

セミナー

ウェビナー

Azure のイベント からもイベントの一覧をご覧いただけます。

執筆者:  ジュリア ホワイト (Julia White)
Microsoft Azure 担当 コーポレートバイスプレジデント

（当ブログは、2019 年 2 月 24 日に米国で公開されたブログの抄訳をベースにしています）

 
今夜 、MWC バルセロナのプレス向けキックオフイベントにおいて、私は CEO サティア ナデラ (Satya Nadella) とテクニカルフェローであるアレックス キップマン (Alex Kipman) と共にステージに上がり、インテリジェントクラウドやインテリジェントエッジに対するマイクロソフトの世界観について詳細をお話ししました。

本日のプレスイベントでは、皆さんを HoloLens 2 の世界にもご案内しました。
 
HoloLens 2 の発表ビデオ

 
現在、マイクロソフト、パートナー企業、お客様、コンピュータ業界、さらには世界にとって非常に面白い時期が訪れています。実質的に限界の無いクラウドの演算能力や機能と、物理的な世界のあらゆる場面に組み込まれたよりインテリジェントで知覚機能を有したエッジデバイスを組み合わせることで、数年前には想像しかできなかったような体験ができるようになっています。

 
インテリジェントクラウドとインテリジェントエッジの体験に Mixed Reality（複合現実、MR）が注ぎ込まれることで、すばらしいことを達成するための、そして、より多くの人々に力を与えるためのフレームワークが誕生します。
 
マイクロソフトにとって、今日は重要な節目となります。この瞬間、さまざまなチームの努力や情熱が報われるのです。そのチームには、Azure や HoloLens、Dynamics 365、およびマイクロソフト デバイスも含まれます。これは、部門よりも集合体としての存在が真に大きな意味をなす瞬間であるといえます。最先端のハードウェア設計から Mixed Reality を組み込んだクラウドサービスまで、本日の発表はさまざまなチームの取り組みが集約されたものなのです。もちろん、今回の発表がお客様やパートナー企業、開発者といった情熱的なコミュニティなしに実現し得なかったことは言うまでもありません。
 
チーム全員を代表して、今回、 HoloLens 2 やさまざまな発表を MWC バルセロナのキックオフにおいて紹介できることを光栄に思います。
 

HoloLens 2 の発表

 
2016 年に HoloLens がリリースされて以来、私たちは Mixed Reality が仕事のやり方を変えていくのを目の当たりにしてきました。日々仕事に精を出す何十万にも及ぶ人々のすばらしい力を引き出してきたのです。建設現場から工場のフロア、さらには手術室から学校の教室に至るまで、HoloLens は、人々が働き、学び、コミュニケーションし、物事をやり遂げる手法を変えてきたのです。
 
私たちは、新たなコンピューティングの時代を迎えようとしています。それは、デジタルな世界が 2 次元スクリーンを超え、3 次元の世界へと足を踏み入れる時代です。この新たなコラボレーティブ コンピューティング時代の到来により、人々は皆、より多くのことが達成できるようになり、境界を超えることができ、3D を用いてより簡単かつ迅速に共同作業ができるようになるのです。
 
本日、Microsoft HoloLens 2 を世界に発表できてうれしく思います。
 
お客様から HoloLens の向上について、主に 3 つの分野にフォーカスしてほしいとの意見がありました。HoloLens 2 では、より没入感を持たせ、より快適に、そして、価値を創造するまでの時間を早めてもらいたいというものです。
 
没入感については、映像ディスプレイシステムを含め、全般に渡って大幅に強化されました。これにより、ホログラムがより鮮やかでリアルになりました。HoloLens 2 では、1 度あたり 47 ピクセルという業界最先端のホログラフィック密度を維持しながら、視野角を 2 倍以上に広げました。また、HoloLens 2 には新たなディスプレイシステムが採用されており、低消費電力でパフォーマンスを大幅に向上することが可能です。
 
さらに、HoloLens 2 ではホログラムとの対話方法を刷新しました。新たな TOF デプスセンサー（time-of-flight depth sensor) を、内蔵の AI 、および意味論的理解（semantic understanding）と組み合わせて利用することにより、HoloLens 2 では、現実世界で物体を操作するのと同様に、直感的なジェスチャーでホログラムを直接操作できます。
 
ディスプレイエンジンが改善されたことやホログラムを直接操作できるようになったことに加え、HoloLens 2 にはアイ トラッキング（視線追跡）センサーが搭載され、ホログラムとの対話がより自然に行えるようになりました。エンタープライズクラスの認証方法である、Windows Hello を使った虹彩認証によるログインが可能となり、複数人数でも迅速かつ安全にデバイスを共有できます。
 
快適性の向上は、重心にバランスを持たせ、軽量のカーボン ファイバー素材を採用したことに加えて、再調整なしでデバイスを装着する新たなメカニズムを取り入れることによって実現しました。新しい蒸気密封技術（vapor chamber technology）により温度管理も改善されています。また、生理学的に大きく異なる頭の大きさや形に対応できるよう、HoloLens 2 はほぼすべての人々が快適に調節して合わせられるように設計されました。
 
新たなダイヤルイン式の装着システム（dial-in fit system）により、連続して長時間着用していても快適さが保たれます。加えて、HoloLens 2 はメガネの上を滑らかに動かして合わせられるため、メガネをつけたまま利用できます。Mixed Reality から抜け出す際には、バイザーを上げて数秒でタスクを切り替えられます。こうした機能強化により、デバイスの快適さやエルゴノミクス（人間工学性）は測定上 3 倍以上に向上しました。
 
価値創造時間は、Dynamics 365 や Remote Assist、Dynamics 365 Layout、および新しい Dynamics 365 Guides といったマイクロソフトの Mixed Reality アプリケーションによって短縮されます。機器そのものの価値はもちろん、Mixed Reality パートナーのエコシステムによって HoloLens 上で幅広い製品が構築され、さまざまな業界やユースケースに対し価値を提供します。
 
このパートナーエコシステムは、Mixed Reality 起業家（Mixed Reality entrepreneurs）の波によってさらに広がります。Mixed Reality 起業家は、HoloLens 2 のようなデバイスに加えて、Mixed Reality に必要となる空間情報、音声認識、画像認識を提供し、ストレージやセキュリティ、アプリケーションの知見に向けて、現場で実証されたクラウドサービスを実現する、Azure サービスが持つ可能性も実現しようとしています。
 
初代 HoloLens のユニークな機能をベースに構築された HoloLens 2 は、究極のインテリジェント エッジデバイスです。既存および新たな Azure サービスと組み合わせることで、HoloLens 2 はさらなる機能を発揮し、購入後すぐに利用できるようになります。
 
HoloLens 2 は、今年中に 3,500 ドルで提供される予定です。Dynamics 365 Remote Assist がバンドルされたものは、月額 125 ドルで利用できます。HoloLens 2 は、まずは米国、日本、中国、ドイツ、カナダ、イギリス、アイルランド、フランス、オーストラリア、ニュージーランドで発売される予定です。HoloLens 2 のプレオーダーは、本日より以下の Web サイト（英語のみ。日本向けサイト）にて開始しました。
https://www.microsoft.com/ja-jp/hololens/buy

HoloLens 2 の購入を希望される方は、こちらのサイトに掲載されている、マイクロソフト ストア の電話窓口（0120-03-5241 月曜～金曜 午前 9:00 ～ 午後 5:30） にお電話いただき、プレオーダーを希望される旨をお伝えください。後日改めて当社よりご連絡を差し上げます。
 
HoloLens 2 に加え、MWC バルセロナでは次の発表も行いました。
 

Azure Kinect Developer Kit (DK)

 
Azure Kinect DK は開発者向けのキットであり、業界をリードするマイクロソフトの AI センサーを 1 つのデバイスに組み込んだものです。その中核となるのは、HoloLens 2 向けに開発した TOF デプスセンサーと、高解像度 RGB カメラ、そして、 Azure を使って高度なコンピュータ ビジョンやスピーチ ソリューションを開発できる 7 マイク サーキュラーアレイ（7-microphone circular array）です。この開発者キットを利用することで、単に周辺を感知するだけでなく、人や場所、さらにはその周りのものといった世界全体を理解できるソリューションが誕生します。ヘルスケア分野におけるこうしたソリューションの良い例として、病院で患者の転倒事故を防ぐためにこの技術を利用している Ocuvera が挙げられます。毎年、米国だけでも 100 万人以上の患者が転倒事故に遭遇しており、うち 1 万 1,000 人が死亡しています。Azure Kinect を利用することで、環境面から転倒の前兆が把握でき、事前に通知することで、患者が転倒する前に看護師が駆けつけられるようになります。Azure Kinect DK は、まず米国と中国で販売され、本日より399ドルにてプレオーダーが可能です。詳細は、Azure.com/Kinect を参照ください。

Dynamics 365 Guides

 
マイクロソフトでは、Dynamics 365 Remote Assist と Dynamics 365 Layout を 2018年 10 月 1 日に発表した際、これらが マイクロソフトにとって初めての HoloLens 向け Mixed Reality アプリケーションだと説明しました。
 
本日、最新製品として Microsoft Dynamics 365 Guides を発表できることをうれしく思います。
 
Dynamics 365 Guides は、新たな Mixed Reality アプリケーションであり、従業員が仕事をしながら学べるようになるものです。Dynamics 365 Guides の段階的な指示により、従業員は必要なツールや部品が何か、それを実際の仕事環境でどのように使うのかがわかるようになり、学習能力が高まります。HoloLens で Dynamics 365 Guides を利用する体験に加え、Guides の PC アプリケーションでは、インタラクティブなコンテンツを作成したり、写真やビデオを添付したり、3D モデルをインポートしたり、トレーニングをカスタマイズして組織内の知識を反復学習ツールに変えるといったことが簡単にできるようになります。
 
このアプリケーションにより、ダウンタイムが最小限に抑えられ、ミッションクリティカルな機器やプロセスの効率化につながります。また、同アプリケーションは前世代の HoloLens 、および新たな HoloLens 2 の双方で稼働する 3 番目の Dynamics 365 アプリケーションとなります。
 
Dynamics 365 Guides は、本日よりプレビューが利用可能です。

Azure Mixed Reality Services

 
本日、マイクロソフトは Azure Mixed Reality Services として新たに 2  つのサービスを発表しました。これらのサービスは、すべての開発者や企業が、クロスプラットフォームでコンテキスト型でエンタープライズクラスの Mixed Reality アプリケーションを構築する際に役立つよう設計されています。
 
Azure Spatial Anchors は、企業や開発者が Mixed Reality アプリケーションを作成するためのものです。作成したアプリケーションは、正確な位置情報をマッピングし、指定し、呼び出すことが可能で、HoloLens はもちろん、iOS、Android デバイスを通じてアクセス可能となります。開発者が空間上で目的地まで誘導する機能を搭載することで、ユーザーはより迅速かつ簡単に作業や学習できるようになります。すでにこのサービスにより、製造、建築、医療をはじめとするさまざまな分野において、コラボレーションが促進され、体験が共有されている状況を見ることができます。
 
Azure Remote Rendering は、妥協のない 3D 体験を支援するものであり、迅速でより良い意思決定を促進します。現在、モバイルデバイスや Mixed Reality ヘッドセットを使って高品質な 3D モデルと対話する際は、目的のハードウェアで 3D モデルを稼働させるために「間引き」、つまり簡素化が必要な場合が多くあります。しかし、デザインのレビューや医療計画などの場面では、ひとつひとつの詳細情報すべてが重要であり、資産の簡素化により主要な意思決定に必要となる大切な情報が失われることにもなりかねません。Azure Remote Rendering サービスは、クラウド上の高品質な 3D コンテンツをレンダリングし、エッジデバイスにストリーミングします。ストリーミングはすべてリアルタイムで行われ、詳細情報が損なわれることはありません。

 
Azure Spatial Anchors は、本日よりパブリックプレビューを開始します。また、Azure Remote Rendering については、パブリックプレビューの前段階として、現在プライベートプレビューとして公開しています。
 

Microsoft HoloLens カスタマイズプログラム

 
HoloLens は、建築現場から手術室、国際宇宙ステーションまで、難易度の高いさまざまな環境で利用されています。HoloLens は、北米やヨーロッパにおいて使用されている複数の保護メガネ規格の基本的な衝撃試験に合格しています。そうした試験によって HoloLens  は、ANSI Z87.1、CSA Z94.3、および EN 166 の基本的な衝撃保護要件に準拠しているとされています。HoloLens 2 では、お客様やパートナー企業が環境のニーズに合わせて HoloLens 2 をカスタマイズできるよう、Microsoft HoloLens カスタマイズプログラムを提供します。
 
HoloLens カスタマイズプログラムを最初に活用したのは、長年にわたる HoloLens のパートナー企業である Trimble です。同社は昨年、Trimble Connect for HoloLens と新たな安全帽ソリューションを発表し、実用的な現場アプリケーションで Mixed Reality の有効性を高めました。本日、Trimble は新たなウェアラブル安全帽となる Trimble XR 10 with Microsoft HoloLens 2 を発表しています。これにより、安全に管理された環境で働く作業員が、現場でホログラフィック情報にアクセスできるようになります。

オープンな手法に対する指針

 
最後に、アレックス キップマンは、マイクロソフトがMixed Reality のエコシステムにおいてオープンな手法を取っている指針について語りました。マイクロソフトでは、エコシステムが真に繁栄するためには、イノベーションやお客様の選択に障壁があるべきではないと考えています。そのため、 HoloLens ではオープンなストアやオープンなブラウザ、オープンな開発プラットフォームといった指針を採用しているのだとアレックスは説明しました。この指針に対するマイクロソフトの取り組みの象徴として、Mozilla の方々が HoloLens 2 に Firefox Reality ブラウザのプロトタイプを提供してくれたことも発表しました。これは、マイクロソフトと Mozilla がオープン性と没入型 Web に真剣に取り組んでいることを示しています。また、アレックスのスピーチには、Epic Games の創業者 兼 CEO であるティム スウィーニー (Tim Sweeny) 氏も登場し、HoloLens において Unreal Engine 4 がサポートされるようになると発表しました。
 
今後数カ月で、さらなる発表や詳細をご紹介していきます。皆さんと一緒にこの旅を続けていくことを大変楽しみにしています。

ジュリア

 
＊マイクロソフトの MWC19 バルセロナでの発表資料や、発表会の映像、写真・ビデオ素材等は下記に公開しています。
https://news.microsoft.com/microsoft-at-mwc19/
 

Wow, I have a great day today and I feel so awesome to publish this post!

Welcome guys to another Interview with Wiki Ninja! 

And today's interview is with...

Sibeesh Venu

Sibeesh is a Full Stack Developer in Germany. He has awarded Microsoft MVP 3 times, C# Corner MVP 5 times, DZone MVB. We know small leaves and branches makes a big tree like wise our community is growing by the contribution of people like Sibeesh Venu.

TechNet Wiki Statistics:

Now let's start the interview !!

==========================================================================

Who are you, where are you, and what do you do? What are your specialty technologies?

I am Sibeesh Venu, an engineer by profession and writer by passion. I’m neither an expert nor a guru. I have been awarded Microsoft MVP 3 times, C# Corner MVP 5 times, DZone MVB. I always love to learn new technologies, and I strongly believe that the one who stops learning is old.  If you would like to know more about me, you can read my story here.

My hobbies are reading, blogging, listening music, watching movies especially sci-fi and racing films. I like to ride my bike a lot.

Currently, I am working as a Full Stack Developer in Germany. The world is changing, but our programming world is changing drastically, every month, something new is coming, and once you learn that, you will have to jump on to the next one. So, it is very important to keep the initiative to learn the new technologies in yourself. You should brace yourself for the changes

You can always understand me here in one page: Sibeesh Venu

What are your big projects right now?

I am waiting for Microsoft MVP Global Summit which will be held the week of March 17, 2019 hosted in Bellevue and at Microsoft headquarters in Redmond, Washington. I can't wait to see wonderful community leaders there. I always blog about the things I learn in my day to day life on my blog Sibeesh Passion.

What is TechNet Wiki for? Who is it for?

In my view, the TechNet Wiki is one of the finest platform where we can learn and share. Being a community, it has its own stand.  I personally like any communities where people can grow together. I am a member of many communities and creator/admin/moderator of a few. In our day to day life, we are learning a lot of things from articles, blogs, videos, forums, and the list go on. So isn't it important to give it back to the communities whatever you learn?

In what other sites and communities do you contribute your technical knowledge?

As I mentioned earlier, I am a member of many communities and I always love to contribute to those. Some of the communities I am part of are listed below with my profile links.

• Blog
• StackOverflow
• Medium
• C# Corner
• MSDN
• GitHub
• CodeProject
• DZone

Do you have any tips for new Wiki authors?

Writing a good article is a process, as in all the process, we have a way to do that. I still remember my first article, there were so many mistakes but I have improved myself in writing articles for the past years. . Remember one thing "Mistakes are the key to success".  I have listed some of the key points to improve your articles here. I’m neither an expert nor a guru, but still, I would like to point out some do’s and don’ts which is a drop I learned from an ocean.

Do’s

• Try to be a master in at least one technology you love. Talk, write an answer about that technology you love.
• Always get to know what is happening in the industry, try to be aware of the technologies released each month.
• Be passionate about the technologies.
• Always participate in all the local user groups (Facebook, LinkedIn, Google Plus…)
• Whenever you are given an opportunity to work or experience, never miss that chance. It can be in your office or in any crowd. Be confident and take that chance, it will do magic.
• Last but not least always love your family and take care of their needs. This will give you the strength to move on.
• Adjust your time/calendar for your career and family, work-life balance is very important. Isn’t it?

Don’ts

• Never run behind awards or title, those will automatically come to you but it may take little time. There is a quote "Never worry about the delay of your success compared to others. Because construction of a palace takes more time than an ordinary building".
• Never do anything disrespectful to others, There are three things you cannot recover in life, the moment after it’s missed, the word after it’s said and the moment after it’s wasted.
• Be you, and maintain it. Never pilfer what others have done.
• We live in a society, and each people are different, so never criticize anyone, they have their own character like you do.
• And do not show off, I am not saying showing off is a bad thing. But if you do it every time, everywhere, then there are high chances, that the people will judge your character in a wrong way. There is a saying ” The better you feel about yourself, the less you need to show off”
• Never miss the best of our life, FAMILY.

==========================================================================

Thank you, Sibeesh Venu for such a detailed resume! It's truly an honor to have you contributing content with us! Everyone, please join me in thanking Sibeesh Venu for his contributions to the community! Join the world! Join TechNet Wiki.

Thank you all.

MSDN Profile | Twitter | Blog

It’s me Anil Abraham again with a quick blog. These days my job involves walking into customers and talking about modern device management and how to shift from the traditional management methods to the new ways. Obviously, Intune plays a big part in modern device management.

More often these days, I get asked the question of how about reporting and the flexibility we had with SCCM in terms of capability that came with SSRS that let us create custom reports.

Customer Query:-

The other day one of the customers asked me a question, how to report all devices in Intune that are reported as non-compliant because they have not reported back to Intune in the last 30 days. 30 days because in Intune that is the default setting for a device to be marked non - compliant if it hasn't checked in.

Microsoft Graph is your answer. For those that are new to Microsoft Graph start @ https://developer.microsoft.com/en-us/graph/

The data that Intune exposes, be it inventory data, policy or apps, they are all exposed via Microsoft Graph.

For people familiar with Graph and Intune, the query that gives the result is

https://graph.microsoft.com/v1.0/deviceManagement/
deviceCompliancePolicySettingStateSummaries/
DefaultDeviceCompliancePolicy.RequireRemainContact/
deviceComplianceSettingStates?$filter=state eq 'nonCompliant'

For people who are new to this...

Sign into Graph Explorer (https://developer.microsoft.com/graph/graph-explorer/) using an account that has delegated permissions to read the properties and classes that you are after. More details @ https://docs.microsoft.com/en-us/graph/permissions-reference

For a quick view of the data that is held within Intune and exposed via Graph, an example of all the enrolled devices is as below.

Getting there...

I started looking at the API for Intune @ https://docs.microsoft.com/en-us/graph/api/resources/intune-graph-overview?view=graph-rest-1.0

From the request, I know, I am after a specific device compliance setting, so first step is to find all the device compliance policy settings, which I found was listed @ https://docs.microsoft.com/en-us/graph/api/intune-deviceconfig-devicecompliancepolicysettingstatesummary-get?view=graph-rest-1.0

From the above I could identify the query to be run in Graph Explorer as https://graph.microsoft.com/v1.0/deviceManagement/deviceCompliancePolicySettingStateSummaries

This gives me a list of settings that are part of compliance policies as below in the graph explorer.

Going through the list I could identify the value that I was after as below.

I hear you ask, what is so much about it as there is this list you could Export from the Intune Web console. A sample from test tenant is below. The intention of this blog is to give an overview of the Graph and access to data within.

As you can see the numbers from the graph explorer matches what you see for the "Is Active" setting. You also have the option to export the report at this level. You could drill down further in the Intune Report as below.

There is an export option here too and you could get the data into Excel but it gives you all the devices, both compliant and non-compliant and then you should filter in Excel to get the data that you are after.

Let’s look at how to do all this in Graph Explorer. From the previous exercise in Graph Explorer we know the ID of the setting that we are after is DefaultDeviceCompliancePolicy.RequireRemainContact.

Further constructing the query to report only on the above said setting and devices to show only that compliance setting value, I built the query as below

https://graph.microsoft.com/v1.0/deviceManagement/
deviceCompliancePolicySettingStateSummaries/
DefaultDeviceCompliancePolicy.RequireRemainContact/deviceComplianceSettingStates

Result is as below

The result shows all the 12 devices in my test tenant and the compliance state for each of those devices against the DefaultDeviceCompliancePolicy.RequireRemainContact setting.

Sample data for a device that is non-compliant is as below.

As you can see the value that we are after is the value of the property "state". So, with that knowledge building the query to show only the devices that are non-compliant for that setting would be

https://graph.microsoft.com/v1.0/deviceManagement/deviceCompliancePolicySettingStateSummaries/DefaultDeviceCompliancePolicy.RequireRemainContact/deviceComplianceSettingStates?$filter=state eq 'nonCompliant'

In action the result would look like below.

The result is the 9 devices that are non-compliant because they have not contacted Intune for the last 30 days.

But, I can hear you say, Anil I want to report all this programmatically and reporting through Graph Explorer is not an option in an enterprise. If there is enough interest and I can find some time I will put a Part 2 to show how we could automate all this.

Hope you find this helpful....

Today's tip...

DNS Flag Day was February 1, 2019. On this day, Domain Name System (DNS) providers stopped supporting certain workarounds that enable name resolution for domains hosted on DNS servers that don't fully conform to newer Extension mechanisms for DNS (EDNS) protocol. For more information, visit dnsflagday.net.

Microsoft is committed to DNS Flag Day compliance. At this time, the DNS server role with Microsoft’s Window Server EDNS enabled may result in "Minor problems detected" on dnsflagday.net tests results. Intermediate devices, (such as routers, switches, etc.) may also result in compliance failures.

Domains that test as "Minor problems detected" should not be affected on DNS Flag Day and should continue to work on/after February 1, 2019 without additional updates. It is important to note that deltas occurring in DNS test results may be the result of the environment and/or intermediate devices. Customers should work with their intermediate device vendors to help address those issues.

We are currently evaluating solutions to resolve these minor issues and are committed to resolving EDNS compliance issues. These fixes will be released via Windows Update after DNS Flag Day.

What to do next?

• No action is required for the DNS Server Role on DNS Flag Day. Administrators will need to install enhancements when they become available on Windows Updates.
• You can also look for EDNS compliance related updates in the Windows Update History Knowledge Base articles under “Improvements and fixes.”

References:

• Windows Server Domain Name System (DNS) Flag Day Compliance - https://support.microsoft.com/en-us/help/4489468
• DNS flag day - https://dnsflagday.net/

Welcome to the February 17 - 23, 2019 edition of the Office 365 Weekly Digest.

Another four additions to the Office 365 Roadmap last week, including updates for SharePoint pages, Admin Center, and the Microsoft 365 Mobile Admin app. There are also four cancellations, all for Service Health Dashboard enhancements.

Upcoming events continue to focus on various Teams and customer immersion experience sessions.

Highlights from last week's blogs include new and updated Teams training materials for IT Professionals, important powers of SharePoint team sites, the new Office app for Windows 10 and protection from phishing and malware in Microsoft Teams.

Wrapping up the post are noteworthy items such as the Office for Mac February 2019 release details, a compilation of resources for live events in Microsoft Stream, Teams and Yammer, along with enhancements to the registration experience for the Azure Active Directory combined Multi-Factor Authentication and Self-Service Password Reset.

OFFICE 365 ROADMAP

Below are the items added to the Office 365 Roadmap last week…

UPCOMING EVENTS

Getting Started with Microsoft Teams

When: Tuesday, February 26, 2019 at 8am PT | This 60-minute session introduces you to the key activities needed to get started with Microsoft Teams today. From setting your profile, to running a meeting, users will leave this session with the foundation needed to use Teams with confidence. Check here for sessions in different time zones and other dates. The session is also available on demand at https://aka.ms/teamsgettingstartedondemand.

Customer Immersion Experience: Visualizing, Analyzing & Sharing Your Data Without Having to be a BI Expert

When: Tuesday, February 26, 2019 at 9am PT and 12pm PT | This 2-hour hands-on experience will give you the opportunity to test drive the latest business analytics tools. A trained facilitator will guide you as you apply these tools to your own business scenarios and see how they can work throughout your organization. During this interactive session, you will explore how to: (1) Locate and organize large amounts of data from multiple sources, (2) Visualize complex data and identify trends quickly without having to be a BI expert, (3) Find and collaborate with company experts on the fly, even if they work in another part of the country, and (4) Gather colleague's opinions easily and eliminate communication and process bottlenecks. Each session is limited to 12 participants, reserve your seat now.

Upgrade 101: Managing your upgrade from Skype for Business to Microsoft Teams (Part 1)

When: Tuesday, February 26, 2019 at 1pm PT | As an existing Skype for Business customer, we understand that upgrading to a new technology can be confusing and are committed to supporting you on your journey to Microsoft Teams. Through our two upgrade classes, you will find everything you need to plan and implement your upgrade. Part 1 is focused on upgrade planning and user readiness. Targeting project stakeholders with accountability for Skype for Business to Teams upgrade success and user readiness/change managers, this session serves as the foundation for your upgrade planning, including: (1) An overview of our proven, upgrade success framework, (2) Real-world customer examples, (3) Insights into facilitating user readiness and upgrade acceptance, and (4) Orientation to key upgrade guidance resources. Check here for sessions in different time zones and other dates.

Customer Immersion Experience: Productivity Hacks to Save Time & Simplify Workflows

When: Wednesday, February 27, 2019 at 9am PT and 12pm PT | This 2-hour hands-on experience will give you the opportunity to test drive Windows 10, Office 365 and Dynamics 365. A trained facilitator will guide you as you apply these tools to your own business scenarios and see how they work for you. During this interactive session, you will: (1) Discover how you can keep your information more secure without inhibiting your workflow, (2) Learn how to visualize and analyze complex data, quickly zeroing in on the insights you need, (3) See how multiple team members can access, edit and review documents simultaneously, and (4) Gain skills that will save you time and simplify your workflow immediately. Each session is limited to 12 participants, reserve your seat now.

Upgrade 101: Managing your upgrade from Skype for Business to Microsoft Teams (Part 2)

When: Thursday, February 28, 2019 at 8am PT | As an existing Skype for Business customer, we understand that upgrading to a new technology can be confusing and are committed to supporting you on your journey to Microsoft Teams. Through our two upgrade classes, you will find everything you need to plan and implement your upgrade. Part 2 is understanding coexistence and interoperability. Designed for the IT Pro/technical experts implementing the migration from Skype for Business to Teams, this session will arm you with the information you need to know before migrating your users, including: (1) End user experiences during the upgrade, (2) Available journey options an organization can take from online or on-premises as the starting point, and (3) Routing and federation experiences. Check here for sessions in different time zones and other dates.

Make the switch from Skype for Business to Microsoft Teams: End User Guidance

When: Thursday, February 28, 2019 at 10am PT | Designed specifically for Skype for Business end users, this course offers everything you need to help make the transition to Microsoft Teams. We'll focus on the core communication capabilities you use today, chat and meetings, as well as provide an orientation to additional collaboration functionality Teams has to offer. Check here for sessions in different time zones and other dates. The session is also available on demand at https://aka.ms/fromskypetoteamsondemand.

Getting Started with Microsoft Teams

When: Thursday, February 28, 2019 at 1pm PT | This 60-minute session introduces you to the key activities needed to get started with Microsoft Teams today. From setting your profile, to running a meeting, users will leave this session with the foundation needed to use Teams with confidence. Check here for sessions in different time zones and other dates. The session is also available on demand at https://aka.ms/teamsgettingstartedondemand.

Make the switch from Skype for Business to Microsoft Teams: End User Guidance

When: Wednesday, March 6, 2019 at 10am PT | Designed specifically for Skype for Business end users, this course offers everything you need to help make the transition to Microsoft Teams. We'll focus on the core communication capabilities you use today, chat and meetings, as well as provide an orientation to additional collaboration functionality Teams has to offer. Check here for sessions in different time zones and other dates. The session is also available on demand at https://aka.ms/fromskypetoteamsondemand.

Getting Started with Microsoft Teams

When: Wednesday, March 6, 2019 at 1pm PT | This 60-minute session introduces you to the key activities needed to get started with Microsoft Teams today. From setting your profile, to running a meeting, users will leave this session with the foundation needed to use Teams with confidence. Check here for sessions in different time zones and other dates. The session is also available on demand at https://aka.ms/teamsgettingstartedondemand.

Getting Started with Microsoft Teams

When: Thursday, March 7, 2019 at 8am PT | This 60-minute session introduces you to the key activities needed to get started with Microsoft Teams today. From setting your profile, to running a meeting, users will leave this session with the foundation needed to use Teams with confidence. Check here for sessions in different time zones and other dates. The session is also available on demand at https://aka.ms/teamsgettingstartedondemand.

Customer Immersion Experience: Hands-on with security in a cloud-first, mobile-first world

When: Thursday, March 14, 2019 at 9am PT and 12pm PT | This 2-hour hands-on session will give you the opportunity to try Microsoft technology that secures your digital transformation with a comprehensive platform, unique intelligence, and partnerships. A trained facilitator will guide you as you apply these tools to your own business scenarios and see how they work for you. During this interactive session, you will: (1) Detect and protect against external threats by monitoring, reporting and analyzing activity to react promptly to provide organization security, (2) Protect your information and reduce the risk of data loss, (3) Provide peace of mind with controls and visibility for industry-verified conformity with global standards in compliance, (4) Protect your users and their accounts, and (5) Support your organization with enhanced privacy and compliance to meet the General Data Protection Regulation. Each session is limited to 12 participants, reserve your seat now.

Customer Immersion Experience: Connecting, Organizing & Collaborating with Your Team

When: Tuesday, March 19, 2019 at 9am PT and 12pm PT | During this session, you will have the opportunity to experience Windows 10, Office 365 and Microsoft's newest collaboration tool: Microsoft Teams. A trained facilitator will guide you as you apply these tools to your own business scenarios and see how they work for you. During this interactive session, you will explore how to use Microsoft Teams and Office 365 to: (1) Create a hub for team work that works together with your other Office 365 apps, (2) Build customized options for each team, (3) Keep everyone on your team engaged, (4) Coauthor and share content quickly, and (5) Gain skills that will save you time and simplify your workflow immediately. Each session is limited to 12 participants, reserve your seat now.

Customer Immersion Experience: Simplifying Your Data Privacy & Compliance Journey

When: Thursday, March 21, 2019 at 9am PT and 12pm PT | Join us for a hands-on introduction to Microsoft 365 Compliance features and an opportunity to experience powerful solutions across the data lifecycle of assess, protect and respond. During this 2-hour interactive session, you will explore how to: (1) Understand your compliance from a single pane of glass, (2) Make identity the new perimeter, (3) Discover and govern sensitive data across clouds, devices and apps, (4) Recognize attacks, detect breaches, and recover quickly using automation, and (5) Streamline your operational processes and understand your security posture. Each session is limited to 12 participants, reserve your seat now.

BLOG ROUNDUP

Microsoft Teams: Training modules for IT Pros

The Teams product group released additional readiness material for IT Pros. The training modules are built to enable skills around Microsoft Teams for IT Pros at customers and partners. Modules always consist of a video and PowerPoint deck. They are always built with the needs of an IT Pro in mind: what does an IT Pro need to know to successfully plan, configure and run Teams to provide the best possible experience to their end users? How does Teams affect the customers current environment? What are the key learnings and actions for each of the topic areas? Feel free to use these resources for your own learning or use it to deliver the content to others – maybe in a training session or technical workshop. The content will be updated, as needed, to keep up with changes in the product, so it might make sense to always check for the latest version. Links to the videos and the PowerPoint decks can be found on our Admin training for Microsoft Teams page.

Top 10 most important powers of your SharePoint team sites in Office 365

Keep team members—internal and external—connected to important people and information. How? Create a group-connected SharePoint team site in Office 365 – and use it. It's yours to squeeze as much power and value out of based on what you are trying to accomplish – which at the base level is to keep everyone informed and moving in the right direction: forward. This blog is a 'what's possible today' guide to best use and configure your SharePoint team site to collaborate on rich content, share reports with partners, have conversations with your team, keep track of events, manage tasks, and more—from virtually any device. You'll find lots of visual screenshots and links to further learn 'how to' accomplish each important power.

NEW! The Office app for Windows 10 Now Available to Everyone

Windows 10 users have a great new way to get started with Office and jump into their work quickly – a new app simply called, Office. The Office app provides users with a simple experience that helps them get to what they need quickly – whether that's an app, a document, or even a person in your organization. We released the app as a preview to Windows Insiders in December 2018 and have heard lots of great feedback from people who have found it to be a helpful way to get started with Office. We are thrilled to now make it available for free to anyone using a current version of Windows 10, whether at work, at school, or at home. You can use the Office app with almost any version of Office – even the free version of Office Online. The experience will look familiar to anyone who has used Office.com with users finding quick access to all their Office apps and documents. However, we've made the experience even better by bringing it to an app form. Now you can get to the Office desktop apps if installed on your device in addition to the web apps on Office Online, access files stored on your local device in addition to OneDrive and SharePoint, and use it while working offline. | Related: Microsoft Mechanics - Introducing Progressive Web Apps and the new Office app (PWA)

Microsoft Teams: Protect against Phishing & Malware

Pretend for a moment that I am a marketing agency you just hired, and invite me as a guest to a team in Microsoft Teams to collaborate. What happens if that guest's account gets compromised and a bad actor gains access to your team in Microsoft Teams? Your organization is having sensitive conversations there, uploading sensitive files, and if that data were to be publicly disclosed, could do damage to the organization. More importantly, a bad actor can post hyperlinks to "phishing" web sites, and upload malicious files into Microsoft Teams – from there users can open the links or run the files, posing a serious threat to your organization's security. How do we help to protect against phishing attacks and malicious files in Microsoft Teams? Office 365 Advanced Threat Protection is here to help. In fact, Office 365 ATP can also help to protect against phishing and malware in not just Microsoft Teams, but Exchange Online, SharePoint, and OneDrive!

NOTEWORTHY

New studies highlight how AI is transforming employee productivity and accelerating business results

Artificial intelligence (AI) is undeniably transforming the way we work. Gartner estimates that in 2021, AI augmentation will generate $2.9 trillion in business value and recover 6.2 billion hours of worker productivity. To take a closer look at the mission critical benefits of AI for knowledge workers and to help organizations harness the full potential of Everyday AI in Microsoft 365, Microsoft recently commissioned studies with Forbes Insights and Forrester Consulting.

Office for Mac - February 2019 Release details

On February 12, 2019, Microsoft released Office 365 for Mac Version 16.22 (Build 190211) in 27 languages. Our Office International team was responsible for translating this release. You will see the following feature when you update to it: In Excel, PowerPoint & Word you can now draw naturally with your trackpad. Note: This feature requires Office for Mac 16.22.19021100 and works in Word, PowerPoint, and Excel. It requires a trackpad to be present—either a built-in trackpad like on a MacBook or a connected trackpad like the Apple Magic Trackpad. More information and help content on this release can be found in the MAC section of the What's New in Office 365 page.

Resources for Microsoft Live Events in Stream, Teams and Yammer

There are three primary ways to engage customers in a Live Event. The first is directly through Microsoft Stream which provides a rich set of options around presentation, encoders, etc. The second method using Microsoft Teams provides the simplest and quickest path to delivering rich, multi-presenter capable, webcasts. Finally, Live Events can also be instantiated within the context of a Yammer Group for large corporate broadcasts with built in Yammer interactions. The following is a list of resources on how to deliver using each of these methods. Happy Webcasting!

Cool enhancements to the Azure AD combined MFA and password reset registration experience

We are excited to announce a set of fantastic enhancements—based on your feedback—to the public preview of our combined registration experience for Multi-Factor Authentication (MFA) and self-service password reset (SSPR). This new registration experience enables users to register for MFA and SSPR in a single, step-by-step process. When you deploy the preview experience for your organization, users can register in less time and with fewer hassles. In addition, the new My Profile experience provides users with a more streamlined and easier-to-navigate experience for reviewing and updating their profile info.

Container Registry | Virtual Network support is in preview

Firewall rules and Virtual Network support in Azure Container Registry are now available in preview. Limit registry access to resources in Azure, or specific on-premises resources, including Express Route connected devices. The preview of Virtual Network access is provided through the Azure Container Registry premium tier. General availability (GA) pricing will be announced at a later date.

For more information, visit the Azure Container Registry blog.

Stream Analytics | Azure SQL DB as reference data input

Reference data (also known as a lookup table) is a finite data set that’s static or slowly changing in nature used to augment your fast-moving data streams. Azure Stream Analytics now natively supports Azure SQL DB as a source of reference data input. Easily author a query to extract the dataset from your Azure SQL DB and configure a refresh interval for scenarios that require slow changing reference datasets. For advanced scenarios, we also support delta queries that simply pull in incremental updates, as opposed to the entire snapshot of the database .

Learn more in the blog. Check out the documentation.

Stream Analytics | Machine Learning (ML) based Anomaly Detection is in preview

By providing ready-to-use machine learning (ML) models for anomaly detection right within the SQL language, developers can easily add anomaly detection capabilities to their Stream Analytics jobs without the need to develop and train their own ML models. This reduces the cost and complexity associated with building and training ML models to a simple single function call .

Learn more in the blog. Check out the documentation.

Azure DevTest Labs | Configure resource group control for your Azure DevTest Lab

As a lab owner, you now have the option to configure all your lab virtual machines to be created in a single resource group. This capability helps you resolve the problem of reaching resource group limits on your Microsoft Azure subscription.

To learn more, read the full blog post and visit the Azure DevTest Labs documentation webpage.

Azure Policy | Change tracking in Azure Policy is now in preview

We recently announced the preview of root cause analysis and change tracking as features of Azure Policy, the service that sits at the core of Azure and allows you to codify your policies to set guardrails. With root cause analysis, you will now be able to see detailed information on why an action got denied based on one or more of your policies. With change tracking coming into play, you will also be able to see which policies have affected or made changes to your resources. These two additions make it easier for you to polish your governance strategy, and are in line with the commitment of being the best cloud for you to implement governance in a way that doesn’t slow you down.

As detailed in Tom Keane's blog, SQL Server 2016 offers a new platform for intelligent applications, benchmark leadership through efficient use of modern hardware, an unmatched security record, and unmatched value proposition.

To learn more, read the full blog post and visit the Azure Policy webpage.

Event Grid | Availability in Azure US Gov Texas, Arizona, and Virginia regions

Azure Event Grid is generally available in US Gov Texas, Arizona, and Virginia regions, and production workloads can now be put on Event Grid in those regions. Take into account that not all event sources are available yet in US Gov regions. Services are being added continually, but currently only Custom topics, Azure Resource Management, Storage, Event Hubs, Service Bus, and IoT Hub events are available. Check out the Azure Government documentation to get started.

Event Grid | Azure Maps events is in preview

Azure Maps now integrates with Azure Event Grid so that you can respond to geofence events to send event notifications to other services and trigger downstream processes. With this integration, you can react to events when an asset enters a geofence, exits a geofence, or when a geofencing query returns a result.

Learn more about Azure Maps events grid integration.

Event Grid | New features are now generally available

We are proud to announce the general availability of the following set of features, previously in preview:

• Retry policies
• Dead lettering
• Storage queues as a destination
• Hybrid connections as a destination
• Manual validation handshake

Learn more about these features on the Azure blog.

Azure Functions | Java support is now available

Java support in Azure Functions 2.0 is now generally available. Write Functions using Java 8 while taking advantage of Maven-powered developer experiences provided by Visual Studio Code, IntelliJ, Eclipse, and the cross-platform Functions Core Tools.

Learn more about Azure Functions.

Azure App Service | WildFly on Linux is in preview

WildFly, a popular, lightweight, open source, enterprise Java application server, is now available in preview on Azure App Service on Linux. This fully managed app server, powered by Azul Zulu JDK, reaffirms Microsoft's commitment to providing free LTS support and maintenance to Azure customers. WildFly on Azure is a standalone instance, but can be configured to scale and connect with other Azure services for enterprise-grade performance.

Learn more at the Java EE apps on managed WildFly in App Service on Linux blog post and the WildFly Developer Guide.

Azure Logic Apps | Integration Service Environment is now available in preview

Integration Service Environment is now available in preview and provides a fully isolated and dedicated environment to securely connect cloud and on-premises applications.

Learn more about Azure Integration Service Environment.

Azure Blockchain | Updated Hyperledger Fabric template 1.3 is now available

An updated deployment template for Hyperledger Fabric is now generally available. This new Azure Resource Manager template is available in the Azure Marketplace and allows you to configure and deploy a Hyperledger Fabric 1.3 network into your Azure subscriptions with just a few clicks. With this template, you can perform both single virtual machine (VM) (multi container) development and multi VM (scale out) models and connect multi-subscriptions via a private connection.

Connect Fabric nodes running Azure to nodes running in IBM Bluemix with this guidance. Orderers are run using full Kafka backend for production quality deployments and peer nodes can be run using either LevelDB or CouchDB for persistence and to enable analytics.

Virtual network service endpoints for Azure Database for MariaDB now generally available

Virtual network service endpoints for Azure Database for MariaDB are now accessible in all available regions. Virtual network service endpoints allow you to isolate connectivity to your logical server from only a given subnet or set of subnets within your virtual network. Traffic to Azure Database for MariaDB from the virtual network service endpoints stays within the Azure network, preferring this direct route over any specific routes that take internet traffic through virtual appliances or on-premises. Learn more about Azure's global infrastructure.

Instantly provision GraphQL on Azure with Hasura and Azure Database for PostgreSQL

Azure Database for PostgreSQL users can now take advantage of the Hasura GraphQL Engine, a lightweight, high performance, open-source product that instantly provides a real time GraphQL API on a Postgres database. With the GraphQL Engine’s admin UI, users can explore their GraphQL APIs and manage their database schemas and data. In addition, the GraphQL Engine also allows users to write custom resolvers with schema-stitching and to integrate serverless functions or microservice APIs that get triggered on database events.

Learn more about GraphQL APIs on Postgres.

Data Migration Assistant | Now in preview

Data Migration Assistant: Support for Cassandra to Azure Cosmos DB assessment is now in preview

Now in public preview, the Data Migration Assistant provides support to helpwith migrating data from Cassandra to Azure Cosmos DB. Running the Data Migration Assistant on Cassandra data detects potential compatibility and feature parity issues that could impact functionality in target Azure Cosmos DB datasets.

Learn more about the Data Migration Assistant.

Azure Database for MySQL and PostgreSQL: New compute options are now generally available

Microsoft’s open source database services, Azure Database for MySQL and Azure Database for PostgreSQL, now provide the ability to scale up compute to 64 vCores in the general purpose pricing tiers, and to 32 vCores in the memory optimized tiers. With the general availability release of this increase in compute, Azure Database for MySQL and Azure Database for PostgreSQL can now support even larger workloads, helping you to better accommodate future growth.

Azure Database for MySQL: Read replica is now generally available

Azure Database for MySQL now supports continuous asynchronous replication of data from one Azure Database for MySQL server (master) to up to five Azure Database for MySQL servers (replicas) in the same region. This allows read-heavy workloads to scale beyond the capacity constraints of one Azure Database for MySQL server and to be balanced across replica servers according to your preference. Replica servers are read-only except for writes replicated from data changes on the master. Stopping replication to a replica server causes it to become a standalone server that accepts reads and writes.

Power BI | Power BI Desktop - GA

The February update for Power BI Desktop has a preview of our new Key Influencers visual, which lets you perform key drivers analysis over your data with just a few clicks. We also have some major updates for Q&A with the addition of auto-generated questions and the ability to ask Insights related questions. Our partners and community have added a lot of new connectors and custom visuals this month as well. Lastly, to round things out, we have some formatting and visual improvements this month.

See this Power BI blog to learn more.

Power BI | Power BI service - GA

We are incredibly excited that, for the 12th year in a row, Gartner has positioned Microsoft as a leader in its 2019 Magic Quadrant for Analytics and Business Intelligence platforms report. We believe the report recognizes Microsoft’s comprehensive visionary product roadmap aimed at globalizing and democratizing Power BI for all analytics use cases, and strong uptake and global adoption of Power BI with high levels of customer satisfaction. Microsoft has purchased reprints of the report that you can share with customers.

Review and share the 2019 Magic Quadrant for Analytics and Business Intelligence platforms report with customers and partners – be sure to follow Gartner’s copyright and quote policy.

Azure Functions | Tooling improvements for TypeScript support

Improving the TypeScript developer experience in Azure Functions through different tooling improvements to make TypeScript supported out of the box. Tools including these changes are the Azure Functions Core Tools and the Azure Functions Extension for Visual Studio Code, as well as a npm package that contains the type definitions for using TypeScript with Azure Functions and some npm scripts to abstract some func commands. Learn more on the Azure blog.

Hi there! Stanislav Belov here, and you are reading the next issue of the Infrastructure + Security: Noteworthy News series!  

As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.

This is a temporary post that was not deleted. Please delete this manually. (e177e028-8dc3-46af-8bb0-b379a35d409f - 3bfe001a-32de-4114-a6b4-4005b770f6d7)

Using Microsoft Whiteboard to outline Flipped Learning Ideas

Recently, I've had a number of conversations with educators and school leaders who have expressed renewed interest in Flipped Learning. Whilst many have experimented with this in the past, for a variety of reasons they've pulled back on it from being a regular component of their teaching. Now, however, it seems more are willing to give this a go as increasing numbers of schools introduce BYOD programmes and also platforms like Microsoft Teams for creating a digital hub for learner activity.

What is Flipped Learning?

There are plenty of definitions for this and if you're interested in joining the discussion then I suggest you check out the #FlippedLearning hashtag on Twitter. New Zealand's TKI website (Government sponsored teacher resource site) has a good definition of Flipped Learning here:

In a flipped learning setting, teachers make lessons available to students to be accessed whenever and wherever it is convenient for the student, at home, in class, on the bus, or even from a hospital bed. Teachers can deliver this instruction by recording and narrating screencasts of work they do on their computers, creating videos of themselves teaching, or curating video lessons from trusted Internet sites.

If you're interested in going deeper, do check out the The Flipped Learning Model - A White Paper available as a PDF download.

Differences between a traditional and a flipped classroom model.

Why Use Microsoft Teams "Meet Now" Feature For Flipped Learning?

For schools that are using Microsoft Teams already as their digital hub or classroom for online learning, extending this for use in Flipped Learning is an obvious choice.

I've written about Meet Now previously on this blog, but essentially it's a video calling feature inside of Teams that allows you to start a call and then optionally invite attendees to it. For Flipped Learning purposes, Meet Now would not typically see you include a guest on the call (unless you wanted another teacher or expert to join and help explain concepts), but critically there are two features inside of Meet Now that you can leverage for Flipped Learning:

1. Screen Sharing Feature
2. Recording Feature

Example of a Screencast recorded in Microsoft Teams

The video above was recorded using my cellphone as an internet connection so the quality is not as high as would normally be produced on a wireless network in a school/home, but you get the idea of how I used Teams to share and record my screen. Scenarios where I would typically consider some flipped learning lessons would include:

• Relief Lessons: if I knew I was going to be away from school for a period of time (e.g. on a sports tournament or taking a camp) then recording some content for my classes is a quick and easy way to ensure they will continue to progress their learning in my absence
• Introducing Major Assessment Tasks: one of the keys to ensure students succeed in assessment is helping them understand what is required of them from the task and how they can adapt it for personalised learning (where applicable). This is often a lengthy and time consuming process and may need to be repeated for students who were absent. Recording this once in Teams is a great way to ensure a high quality explanation that all students can access at any time (and go back and re-watch if they're getting stuck).
• Scholarship Classes: This came up in a discussion with some students recently where they were discussing how they can get access to scholarship level classes when there were clashes with their timetables. I see this working in two ways:
  • The teacher leading Scholarship may in fact record a series of key ideas / learning concepts using Meet Now / Recording in Teams and start to build out a bank of "lessons" or "key concepts" that students can tap into and watch at any time. Over a number of years, this would start to create a truly valuable resource.
  • Often Scholarship Classes are run before/after the school's timetabled lessons, meaning there are clashes and students can not always be present. If the teacher recorded the lessons using Teams (and possibly a wireless mic/headset) then all content would be available for students even if they were absent.
• Extension Activities / Difficult Concepts: Teams would also be a great platform for recording more complex and difficult concepts that take time to explain clearly or in different ways. This would allow the teacher to introduce students to them in a Flipped Way, allowing for 'watch on demand' as needed.

Microsoft Teams is the perfect platform for Flipped Learning Recording because:

• If the school is already using Office365 then Students are ideally already in Teams (consider using School Data Sync to automatically populate students into classes)
• Teams has the built in Recording Features and Screensharing to enable quick and easy Screencasting on any platform (Windows 10, MacOS, iOS)
• Recordings are automatically published to Microsoft Stream for secure viewing either inside of the Team itself, or on the Stream platform inside of Office 365.
  • It's worth noting that Stream automatically transcribes your speech inside of your video, allowing everything you say to be searched. This can be especially helpful if you're a teacher that has certain key words such as "In the end of year exam....." which students could search across your videos for!

An example of me searching the automatically generated transcript inside of Stream for “flipped” in my video. You’ll note the time stamp to the left and my spoken text to the right. If any of these are clicked the video is automatically cued up a few seconds before the searched for word or phrase.

Tips For A Successful Flipped Learning Recording In Microsoft Teams:

To make the most of Microsoft Teams to record a Flipped Learning lesson I would encourage you to consider:

• Using a wireless headset or mic as your audio input, rather than the built in mic on your computer. This will make your voice clearer, as well as reducing ambient noise (and clicking from your keyboard, often positioned very near a built in mic!)
• Have a touch / digital ink enabled device like my Microsoft Surface - this really unlocks the power of a Flipped Lesson, by allowing you to ink / annotate as if you were writing on a whiteboard in your classroom.
  • Consider also applications that support inking effectively e.g. Microsoft Whiteboard, Microsoft OneNote, and don't forget inking is fully supported in Office365 Apps like Word and PowerPoint which can present great canvases for inking.

inking in Word is a powerful way to use Flipped Learning, calling out the important sections of an upcoming assessment for example. Note that you can even use “Ink Reply” so students with access to the document and see your inking replayed, step by step.

• When ready to record in Teams, follow this sequence:
  • Launch the Meet Now meeting inside of the correct Channel inside your Teams App
  • Blur your background if you want additional privacy
  • Share your screen - remember, you can share your entire desktop (recommended if you're going to be switching between multiple apps), or a single application such as a web browser, or Word, OneNote etc.
  • Start Recording when ready (if you have others on the call, do make sure you advise them the session is being recorded)
  • When you're finished, either simply hang up the call to end it, or stop the recording in the same way you started it.
• Post-Recording the Flipped Learning lesson will automatically be uploaded to Stream and embedded into the Channel inside of Teams that you recorded it in:
  • Expert Tip: Inside of Teams you can create a dedicated tab along the top just for Stream and the Videos you're recording - learn how here.

Students can comment/ask questions about the video/lesson directly inside of Teams

Final Thoughts:

I am a big believer that balance is important in the classroom. This relates to balance between the use of technology and non-technical tools when teaching concepts. Similarly, a classroom that is 100% "flipped" will start to lose effectiveness over time, simply because it is always the same. Teachers need to find the balance between recording resources that can be used to support a flipped model, with doing "live" teaching in the classroom and promoting interaction and discussion amongst the students.

There are many tools available to empower teachers to record their screens for flipped learning, even PowerPoint supports this now, however think the power available in Microsoft Teams, combined with the automatic upload into Teams with transcription and search, makes it the best possible tool for quickly creating flipped content. The audio quality recorded in Teams is excellent - in fact I use it when recording our educational podcast with my colleague based in Singapore.

I encourage you to give Flipped Learning with Teams a go and post any comments or tips from your experience in the comments section below.

Windows プラットフォーム サポートの平井です。

次の条件において、タスク スケジューラで構成されているタスクが正常に実行できません。

1. Remote Desktop Service にて UPD が構成されている
2. RD セッションホスト の タスク スケジューラー にて非対話型タスクが構成されている。（"ユーザーがログオンしているかどうかにかかわらず実行する" セキュリティ オプションが構成されたタスク)
3. タスクに、ユーザープロファイルの領域に対する操作が含まれている。
4. タスクの実行時、UPD に紐づくユーザーはログオフしている

上記の事象が発生する背景は次の通りです。

しかしながら、現行のタスク スケジューラにおける実装においては、ユーザーがログオフ中に実行される非対話型タスクの実行時は、タスク スケジューラからUPDをマウントするための Winlogon.exe との連携実装が存在しません。

このため、対象のユーザーがログオフの状態（UPD がアンマウントされている状態）では、対象のユーザープロファイル領域を利用するタスクについては正常に実行することはできません。

これは、現行の実装における制限事項です。UPDが構成された環境にてユーザープロファイル領域を利用するタスクを実行する場合は、対象のユーザーのログオン中にご実行いただくことをご検討ください。

尚、一般的な ローカル ユーザー プロファイル または、移動ユーザー プロファイル が使用されている環境の場合、非対話型タスクであっても タスク スケジューラ サービス からプロファイルのロードを行う動作があるため、非対話型ログオンであってもユーザーのプロファイル領域を使用するタスクを、正常に実行することが可能です。

Dear All,

Welcome to the TechNet Wiki Tuesday – TNWiki Article Spotlight.

There are plenty of authors publish articles in our TN Wiki but only few authors will be always shine like stars ,Those authors article will be always with good quality and explains in detail  for the readers.Today we will see one of our TN Wiki good author PriyaranjanKS .He recently publish an article SharePoint 2019: Setup Multi Server Farm in Azure with AD, Identity Services and Min Roles .Its been a while to see his article but hope he come back with full swing and we can see more and more good articles from him for the SharePoint as hes SharePoint Specialist.

The main reason why i select this article as this article deeply explains on how to  setup Multi Server SharePoint 2019 farm in Azure.This article also explains in detail about 

• SharePoint Farm Architecture
• Active Directory Domain Controller VM
• Search Min Role VM
• Farm User Accounts
• High Level Process Flow
• Virtual Network Configuration
• Create an Azure Virtual Network
• Active Directory Configuration
• Create AD VM
• Assign Static IP to the AD VM
• Provision Active Directory Domain Services
• Promote VM to Domain Controller
• Add DNS entry in Virtual Network
• Create and Configure SQL VM
• Assign static IP to SQL VM
• Move SQL VM to Domain
• Create and Configure SharePoint VM
• Configure Administrative Service Accounts
• First hand SharePoint User Experience
• Working with Identity Services
• Create and Configure Mini Role VM

If you are curious to learn more about SharePoint 2019: Setup Multi Server Farm in Azure with AD, Identity Services and Min Roles then this article guides you all in detail to getting started. Thank you PriyaranjanKSfor sharing the lovely article to our TechNet Wiki Community.

PS: Todays Banner Image from Nonki, Thank you for sharing the lovely banner for TN Wiki community.

See you all soon in another blog post.

Thank you all.

MSDN Profile | MVP Profile | Facebook | Twitter |
TechNet Wiki the community where we all join hands to share Microsoft-related information.

Applies to:
Windows Server 2019
Windows 10 1809
Windows 10 1803
Windows 10 1709

Windows Defender (WD) Exploit Guard (EG) – Network Protection (NP) extends the malware and social engineering protection offered by Windows Defender SmartScreen in Microsoft Edge and Microsoft Internet Explorer to cover network traffic and connectivity on your organization's devices.

Windows Defender Exploit Guard: Network Protection, do I need Windows Defender Antivirus (WD AV)?

The answer is yes, you need WD AV to be enabled.

[What is Windows Defender Exploit Guard – Network Protection?]

Protect your network
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard

Windows Defender Exploit Guard
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard

[So why Windows Defender Exploit Guard: Network Protection?]

Tackling phishing with signal-sharing and machine learning
https://cloudblogs.microsoft.com/microsoftsecure/2018/12/19/tackling-phishing-with-signal-sharing-and-machine-learning/

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers
https://cloudblogs.microsoft.com/microsoftsecure/2018/12/03/analysis-of-cyberattack-on-u-s-think-tanks-non-profits-public-sector-by-unidentified-attackers/

Windows Defender Exploit Guard: Reduce the attack surface against next-generation malware
https://cloudblogs.microsoft.com/microsoftsecure/2017/10/23/windows-defender-exploit-guard-reduce-the-attack-surface-against-next-generation-malware/

Building Zero Trust networks with Microsoft 365
https://cloudblogs.microsoft.com/microsoftsecure/2018/06/14/building-zero-trust-networks-with-microsoft-365/

A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017
https://cloudblogs.microsoft.com/microsoftsecure/2018/01/10/a-worthy-upgrade-next-gen-security-on-windows-10-proves-resilient-against-ransomware-outbreaks-in-2017/

Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses
https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses/

[Test / Deploy WD Exploit Guard: Network Protection]

Enable network protection
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-network-protection

Confirm pre-requisites
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-np#confirm-pre-requisites
     Note:  Make sure that you are running the latest:

1. WD AV Platform update
2. WD AV Engine update
3. WD AV definition update

Allow the following URL's through proxy or firewall:

1. ars.smartscreen.microsoft.com
2. unitedstates.smartscreen-prod.microsoft.com
3. smartscreen-sn3p.smartscreen.microsoft.com

Reference:

Windows Defender Smartscreen reporting and notifications
https://docs.microsoft.com/en-us/windows/privacy/manage-windows-1809-endpoints#windows-defender

Use audit mode to test the rule
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-np#use-audit-mode-to-test-the-rule

Testing network protection feature
https://demo.wd.microsoft.com/Page/NP

Report a false positive or false negative
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/troubleshoot-np#report-a-false-positive-or-false-negative

Thanks,

Yong

P.S.  Related blog posts:
Windows 10/Windows Server 2016/Windows Server 2019 Antivirus (AV)
https://blogs.technet.microsoft.com/yongrhee/2019/02/21/windows-10-windows-server-2016-windows-server-2019-antivirus-av/

Windows 10: Windows Defender Exploit Guard-Exploit Protection
https://blogs.technet.microsoft.com/yongrhee/2019/02/21/windows-10-windows-defender-exploit-guard-exploit-protection/

Windows 10: Windows Defender Exploit Guard-Attack Surface Reduction rules
https://blogs.technet.microsoft.com/yongrhee/2019/02/24/windows-10-windows-defender-exploit-guard-attack-surface-reduction-rules/

これは真実です。データの量と複雑さの急激な増大により、パフォーマンスとセキュリティが分析の重要な要件となっています。しかし、すべての分析サービスが同じように構築されているわけではありません。また、すべてのクラウド ストレージが分析用に構築されているわけでもありません。

日本語版のポストは、下記の URL よりご覧いただけます。

https://azure.microsoft.com/ja-jp/blog/analytics-in-azure-is-up-to-14x-faster-and-costs-94-less-than-other-cloud-providers-why-go-anywhere-else/

※このポストは、2019 年 2 月 7 日に投稿された Analytics in Azure is up to 14x faster and costs 94% less than other cloud providers. Why go anywhere else? の翻訳です。

Azure の Announcements 一覧は https://azure.microsoft.com/ja-jp/blog/topics/announcements/ よりご覧いただけます。

Azure IoT リファレンス アーキテクチャなどの多くの IoT ソリューションは、いくつかの異なるサービスを利用します。IoT メッセージは、デバイスを起点に、多数のサービスを通過してから保存または表示される場合があります。

日本語版のポストは、下記の URL よりご覧いただけます。

https://azure.microsoft.com/ja-jp/blog/preview-distributed-tracing-support-for-iot-hub/

※このポストは、2019 年 2 月 21 日に投稿された Preview: Distributed tracing support for IoT Hub の翻訳です。

Azure の Announcements 一覧は https://azure.microsoft.com/ja-jp/blog/topics/announcements/ よりご覧いただけます。

Today's tip...

DNS Flag Day was February 1, 2019. On this day, DNS providers stopped supporting certain workarounds that enable name resolution for domains hosted on DNS servers that don't fully conform to EDNS standards.

For more information, visit dnsflagday.net. You can test domains for compliance by using tools on that page.

At this time, DNS services across Microsoft are testing as "All ok" or "Minor problems detected" on dnsflagday.net. Domains that test as "Minor problems detected" will not be affected on DNS Flag Day. Azure DNS and Azure Traffic Manager fixes are currently being rolled out to resolve these minor issues. Fixes for microsoft.com, xbox.com, and other domains are in progress. Some of these fixes will not be fully deployed until after DNS Flag Day. This is not expected to cause any impact to our customers or services.

We're committed to resolving all EDNS compliance issues in the coming weeks. Our goal is to have zero impact for our customers on DNS Flag Day and to resolve all EDNS compliance issues in all our services in a timely manner.

What to do next?

• No action is required from Azure DNS and Azure Traffic Manager customers. There will be no impact on DNS Flag Day for any of our customers.
• Customers with dependencies on DNS domains hosted on any Microsoft DNS service also need to take no action. There will be no impact on DNS Flag day. Some services will not have all EDNS compliance issues fixed by February 1, but none of these issues will affect name resolution.

References:

• Azure DNS: Getting ready for DNS Flag Day - https://azure.microsoft.com/en-us/updates/azure-dns-flag-day/
• DNS flag day - https://dnsflagday.net/

By Jamie Maguire, Software Architect, Consultant, and Developer at Grey Matter

In this post, we’ll look at the features and capabilities of the Bing Visual Search API, as well as some code examples that show you how to implement the API. We’ll also see how the API can be used to surface image-related insights that can be beneficial to your software projects or business.

What is Bing Visual Search API?

The Bing Visual Search API lets you build deep and rich functionality similar to Bing.com/images. By uploading an image or providing a URL to one, this API can identify a variety of details about it, including visually similar images, shopping sources, web pages that include the image, and more. The API can also read barcodes and QR codes.

If you use the Bing Image Search API, you can use insight tokens attached to the API’s search results instead of uploading an image. In the example below, Bing Visual Search has recognised the image and context and has provided search results of visually similar products.

Features and Insights

It doesn’t end there – at the time of writing the API also lets you discover the following insights:

• Visually similar images: a list of images that are visually similar to the image provided
• Shopping sources: places where you can buy the product shown in the input image
• Annotations: tags about entities present in the image such as popular places and landmarks, celebrities, animals, flowers, and other daily objects
• Related searches: related searches made by others or that are based on the contents of the image
• Web data resource: provides web pages that include the input image
• Recipes: web pages that include recipes for making the dish shown in the input image

Tags

Visual Search returns a diverse set of terms (tags) derived from the input image. You can use tags to fetch additional images or even cluster and present images (just like Pinterest does) thereby helping you or your users to explore related images or concepts. For example, if the image you upload is of a slice of carrot cake, the assigned tags may include cakes, desserts and sweets.

Object detection

Another feature worth highlighting is object detection. For example, if you supply an image that contains several items of fashion or home furnishings, or an image that contains several celebrities, the API will include one or more bounding boxes for each item it can identify, or recognised celebrity in the image.

Consuming the Visual Search API

Now that you’ve got a good idea in terms of some of the key features of the Bing Visual Search API, let’s look at how you can consume it! Consuming the Bing Visual Search API involves this high-level process:

1. 1. Create a Cognitive Services API account (this needs an Azure subscription and you can get a free account here)
   2. Construct and send your request to the API endpoint
   3. Process the response that gets returned by the API

Like most of the other APIs within Cognitive Services, you can invoke the API using the REST endpoint, or if you prefer to write a little less code you can use the dedicated SDK.

The SDK encapsulates most of the low-level coding such as encoding your images to byte arrays, setting the http request headers and processing the raw http response to a custom set of POCOs. There are Quickstarts available for each SDK it supports: C#, Node.js and Python.

If you prefer full control of how the REST request is constructed and how the response is processed, you also have this option (I prefer this!) and it’s what we’ll look at next.

Using C# with the Bing Visual Search REST API

Prior to running this code you’ll need Visual Studio, a Cognitive Services API account and access to the Bing Search APIs. In this example, we’ll build a console application that:

• Loads a file from disk into a binary object
• Sets the image boundaries and formatting headers (these are important when uploading a local image)
• Defines the form data for the POST request that contains the image binary we’ve just loaded
• Construct a web request and sends this to the Bing Visual Search API
• Parse the response returned by the Bing Visual Search API and display key information related to the image in the console application

I won’t detail what every single line of code does in the following C# example as some of the methods are self-explanatory. You can see the bulk of the main logic below however:

Bing Image Search

One thing to highlight however is the method BingImageSearch. This method is responsible for setting up the necessary parameters and building the web request that gets sent to the Bing Visual Search API.

Before we look at the code in this method, it’s worth mentioning that as you’re dealing with images (binary data), it needs to be sent in a format that the Bing Visual Search API can understand.

One of the first things you need to do when dealing with local images is to add boundary strings, these help you format the data in a way that lets the Bing Visual Search API know where your form data (the image) begins and ends. In our example, we use a few constants to store these values:

Another important parameter to set is the Content-Disposition Header. This parameter is mandatory, and the name parameter needs to be set to type “image”. We have two variables that define these:

We then use these values to build strings that indicate the location of the image in the POST request.

You can see the code that forms the method BingImageSearch in the screenshot below. Here we’re passing in the image boundaries, the content (the actual image) and content type (image) which all get added to a POST request:

We then send this POST request to the Bing Visual Search API which will return JSON that contains rich information related to the image you’ve supplied.

Full source code can be downloaded here if you want to look at the lower level detail of each method.

Image Insights

For reference, we’re supplying an image from Wikipedia of Satya Nadella. Using this as an example with our code, we can make a call to the Bing Visual Search API and retrieve valuable insights.

Web Pages that include the Image

If we run the console application and place a breakpoint on the code, we can look at the JSON response in Visual Studio and examine the Actions node (which belongs to the Tags node). In this node we can see there is an actionType called “PagesIncluding”.

This insight contains web pages that also contain the image that we’ve just passed to the Bing Visual Search API.

If you take the URL which is highlighted above and paste it into your browser, you’ll see the following image is returned (which is hosted on www.technologyrecord.com) and is similar to our Wikipedia image!

Related Searches

Unsure how to verbalise a search term but have an image to hand? The Bing Visual Search API can return the search terms that other users have supplied to return similar images.

Take this image for example (all right, we all know what this is!):

After sending this image to the Bing Visual Search API, we can see the following search terms that result in similar images are returned:

These are just some examples of the types of insight that can be returned by the Bing Visual Search API. You can find a full list of the available insights on offer here.

Closing Thoughts

Sometimes it can be difficult to describe a query in text and having an API like Bing Visual Search gives you another channel to drive search.

It certainly has its benefits and paves the way for new innovative solutions and I see a few use cases for the API:

Recommendation Engines: Use the API to search for image sources that are like yours (places, animals, flowers, celebrities etc). Extract the returned meta data and package this into datasets which can be used by your application auto-suggest “similar products”.

Deal Scanner: Interested in building a service that finds deals online? Use the API to surface details of retailers that sell products that are in the images you supply! Take the returned metadata and run queries over key fields such as cost.

Reputation Management / Copyright Infringement: Use the API to find out which websites your images are being rendered! Index these URLs and use the information to quickly identify websites that are hosting your images without your permission!

These are just some ideas and I’m sure you have your own!

Summary

In this blog post we’ve looked at the Bing Visual Search API. We’ve explored some of the features and some of the rich insights it can infer from images you supply. We’ve also looked at a sample C# application that can identify search terms that users are supplying to find images just like yours.

The API contains many more insights, you can find out more about them here and by adding other Bing / Cognitive Services APIs into the mix, the possibilities really are endless!