For cybercriminals, speed is the name of the game. It takes newly released malware an average of just four hours to achieve its goal—steal financial information, extort money, or cause widespread damage. In a recent report, the Federal Trade Commission (FTC) said that cybercriminals will use hacked or stolen information within nine minutes of posting in underground forums. Stopping new malware in real-time is more critical than ever.

Approximately 96% of all malware files detected and blocked by Windows Defender Antivirus (Windows Defender AV) are observed only once on a single computer, demonstrating the polymorphic and targeted nature of modern attacks, and the fragmented state of the threat landscape. Hence, blocking malware at first sight is a critical protection capability.

To fight the speed, scale, and complexity of threats, we work to continually enhance Windows Defender AV and other security features built into Windows 10. In our white paper "The evolution of malware prevention" we discussed our advanced, predictive approach to protecting customers from threats that they face today, as well as those that will emerge in the future.

This blog continues that discussion and provides the first detailed account of one way we improve our capability to stop never-before-seen malware with new enhancements to the Windows Defender Antivirus cloud protection service.

In Windows 10 Creators Update, the Windows Defender AV client uploads suspicious files to the cloud protection service for rapid analysis. Our ability to make a swift assessment of new and unknown files allows us to protect customers from malware the first time we see it.

We have built these enhancements on the next-gen security technologies enabling Windows Defender AV to automatically block most new, never-before-seen threats at first sight using the following methods:

• Lightweight client-based machine learning models, blocking new and unknown malware
• Local behavioral analysis, stopping file-based and file-less attacks
• High-precision antivirus, detecting common malware through generic and heuristic techniques

In relatively rare cases, when Windows Defender AV needs additional intelligence to verify the intent of a suspicious file, it sends metadata to the cloud protection service, which can determine whether the file is safe or malicious within milliseconds using the following techniques:

• Precise cloud-based machine learning models that can make an accurate assessment based on signals from the client
• Microsoft Intelligent Security Graph that monitors threat data from a vast network of sensors

In rarer cases still, when Windows Defender AV cloud protection service is unable to reach a conclusive verdict based on metadata, it can request the potential malware sample for further inspection.

In Windows 10 Creators Update, the Windows Defender AV client uploads suspicious files to the cloud protection service for rapid analysis. While waiting for a verdict, the Windows Defender AV client maintains a lock on the dubious files, preventing possible malicious behavior. The Windows Defender AV client then takes action based on the verdict. For example, if the cloud protection service determines the file as malicious, it blocks the file from running, providing instant protection.

Instant protection at work: A few seconds can make a lot of difference in protection

In a recent real-life example, a Windows 10 Home customer was tricked into downloading a new variant of the Ransom:Win32/Spora family of ransomware.

The malware was disguised as a font file with the name "Chrome font.exe". It was hosted on an online learning website that had been compromised by an attacker, who attempted to trick people into downloading the malware using a social engineering tactic described by Proofpoint in this blog. In this scheme targeting Chrome users, legitimate websites were compromised to open a pop-up window indicating "The ‘HoeflerText’ font wasn’t found", requiring a supposed update to fix. The customer clicked the "Update" button in the pop-up window, which downloaded the Spora ransomware variant.

The customer’s Windows Defender AV client routinely scanned the file using on-box rules and definitions. Since it had not encountered the file before, Windows Defender AV did not detect it as malicious; however, it recognized the file’s suspicious characteristics, so it temporarily prevented the file from running. The client sent a query to the Windows Defender AV cloud protection service, which used machine-learning-powered cloud rules to confirm that the file was likely malware needing further investigation.

Within 312 milliseconds, the cloud protection service returned an initial assessment. It then instructed the client to send a sample and to continue locking the file until a more definite verdict was given.

In about two seconds, the client finished uploading the sample. By default, it’s set to wait for up to 10 seconds to hear back from the cloud protection service before letting such suspicious files run.

As soon as the sample was uploaded, a backend file-processing system analyzed the sample. A multi-class machine learning classifier determined there was more than a 95% chance that the file was malicious. The cloud protection service created a signature, which it sent back to client. All of this happened in just five seconds.

One second later, the Windows Defender AV client applied the cloud signature and quarantined the malware. It reported the results back to the cloud service; from that point on, this file was automatically blocked, protecting all Windows PC customers.

From the time Windows Defender AV uploaded the sample, the cloud protection service returned the malware signature in just five seconds, as shown by these actual timestamps:

2017-04-20 03:53:21 – Cloud protection service received query from Windows Defender AV client

2017-04-20 03:53:21 – Cloud protection service assessed it hadn’t seen the file and that is was suspicious, so it requested a sample and to keep locking the file

2017-04-20 03:53:23 – Sample finished uploading

2017-04-20 03:53:28 – Cloud protection service determined file as malware, generated signature, and sent that back to client

2017-04-20 03:53:29 – Windows Defender AV client notified that it successfully detected and removed the malware

Stay protected with Windows 10 Creators Update

Our many years of in-depth research into malware, cyberattacks, and cybercriminal operations give us insight into how threats continue to evolve and attempt to slip past security solutions. Guided by expert threat researchers, we use data science, machine learning, automation, and behavioral analysis to improve our detection solutions continuously.

In Windows 10 Creators Update, we rolled out important updates to Windows Defender Antivirus, which uses cloud protection service that delivers real-time protection against threats. With these enhancements, we show our commitment to providing unparalleled real-time defense against modern attacks.

Our ability to make a swift assessment of new and unknown files allows us to protect even would-be patient zero against attacks. More importantly, we use this intelligence to protect the rest of our customers, who may encounter these malware in subsequent attacks or similar threats in other cybercriminal campaigns.

Cloud-based protection is enabled in Windows Defender AV by default. To check that it’s running, launch the Windows Defender Security Center. Go to Settings > Virus & threat protection settings, and make sure that Cloud-based protection and Automatic sample submission are both turned On.

In enterprise environments, cloud protection service can be managed using Group Policy or via the Windows Defender Security Center app.

When enabled, Windows Defender AV locks a suspicious file for 10 seconds by default, while it queries the Windows Defender AV cloud protection service. Administrators can configure Windows Defender AV to extend the timeout period up to one minute to give the cloud service time to perform even more analysis and apply additional techniques to detect new malware.

As the threat landscape continues to move towards more sophisticated attacks and malware campaigns that can achieve their goals in hours instead of days, it is critical to be able to respond to new attacks in real-time. With Windows 10 Creators Update and the investments we’ve made in cloud protection service, we’re able to detect brand new threat families within seconds, protect “patient zero”, and disrupt new malware campaigns before they start.

Randy Treit

Senior Program Manager, Windows Defender Engineering

Problem:

Cause:

Resolution

Here I’m typing in “Karl” and it’s not showing any results in the browser, yet the server response I see in Fiddler shows that Karls data was definitely returned to the People Picker control:

In this case, I can see that the response to the POST to /_vti_bin/client.svc/ProcessQuery calling the “ClientPeoplePickerSearchUser” method looks like this:

[
{
"SchemaVersion":"15.0.0.0","LibraryVersion":"15.0.4763.1000","ErrorInfo":null,"TraceCorrelationId":"8ddaf39d-f82e-0012-242f-1494d462c8c6"
},0,"[{"Key" : "i:0#.w|joroar\\karl", "Description" : "JOROAR\\karl", "DisplayText" : "Karl", "EntityType" : "User", "ProviderDisplayName" : "Active Directory", "ProviderName" : "AD", "IsResolved" : true, "EntityData" : {"Title" : "Software devt", "Email" : "", "MobilePhone" : "", "PrincipalType" : "User", "SIPAddress" : "", "Department" : ""}, "MultipleMatches" : []}]"
]

Notice the t at the end of the users title.  That is the encoded Tab character.

You can also run the Debugger in the IE Developer Tools (F12).  When you repro, it should break on an “Invalid Character” error at JSON.parse (var g=JSON.parse(h.m_value)) within clientpeoplepicker.js.  You can inspect the value passed to the method to find the offending character.

Here's how you would reproduce this problem if you wanted to:

$user = get-aduser -Identity "karl"
set-aduser $user -Title "Software Dev   "

• The Active Directory UI will trim any trailing tabs when you save the user objects.  To get this to repro with a trailing tab, you must update the user with PowerShell.
• However, it doesn’t have to be a trailing tab.  If a tab character is anywhere within the attribute value, you will have this problem.

The island of Bora Bora. The finish line at a marathon. A software defined datacenter. What do they have in common? Being there is easy — getting there is the hard part. However in the latter case, at least, you can let someone else do the hard part for you.

There’s so much efficiency, simplicity, and cost-savings to be gained by moving to a software-defined infrastructure, but many IT organizations lack the resources to design and implement it themselves. If that sounds like your organization, check out the solutions provided by the partners in our Windows Server Software-Defined (WSSD) program, including DataON, Fujitsu, HPE, Lenovo, QCT, and Supermicro. This growing lineup of partners offers an array of validated WSSD solutions that work with Windows Server 2016 to deliver the benefits of software-defined infrastructure.

With WSSD validated solutions, you can tap into similar technologies used to run hyper-scale datacenters such as Microsoft Azure. Azure runs on Windows Server, and the Datacenter edition of Windows Server 2016 includes many of the same technologies that Microsoft uses to support Azure. These new capabilities are built into the OS, so you won’t need to buy any additional software. In addition, you’ll realize significant price/performance results by taking advantage of cutting-edge devices such as NVMe drives, RDMA NIC’s, and NVDIMM’s – at price points that are much better than traditional external storage devices.

To earn certification by the Windows Server Software-Defined program, partners must meet Microsoft standards for quality, accelerated time to value, out-of-the-box optimization, and expedited problem resolution. Our validation and certification is one of the most rigorous in the industry. Each component is certified and the end-to-end solution is validated using Microsoft’s test harness. Deployments use prescriptive, automated tooling that cuts deployment time from days or weeks to mere hours. You’ll be up and running by the time the WSSD partner leaves your site, with a single point of contact for support.

Partners offer three kinds of WSSD solutions:

• Hyper-Converged Infrastructure (HCI) Standard: Highly virtualized compute and storage are combined in the same server-node cluster, making them easier to deploy, manage, and scale.
• Hyper-Converged Infrastructure (HCI) Premium: Comprehensive “software-defined datacenter in a box” adds software-defined networking and Security Assurance features to HCI Standard. This makes it easy to scale compute, storage, and networking up and down to meet demand — just like public cloud services.
• Software-Defined Storage (SDS): Built on server-node clusters, this enterprise-grade, shared-storage solution replaces traditional external storage device at a much lower cost while support for all-flash NVMe drives delivers unrivaled performance. You can quickly add storage capacity as your needs grow over time.

Take the next step… find your WSSD partner today.

And a few words from our partners…

“DataON is very proud to be a Microsoft partner, exclusively focused on Microsoft server-based storage solutions”, said Howard Lo, Vice President, Sales & Marketing, DataON. “We combine our hyper-converged platform and exclusive MUST visibility and management tool for Windows Server SDS to deliver a WSSD-validated solution to give our customers the greatest confidence in their choice to deploy a Windows Server software-defined infrastructure.”

"We are excited to share QCT’s Windows Server 2016 certified servers and our QxStack Microsoft Cloud Ready Solutions, with the world’s leading businesses and institutions so they can enhance their software-defined compute, storage, networking, virtualization, flexibility, and infrastructure scalability,” said Mike Yang, President of QCT. “The complementing solutions allow us to fulfill the continuing needs of our mutual customers by delivering faster-time-to-value, flexible and innovative cloud-ready solutions, and to do so in a low-risk and cost effective manner.”

“Supermicro has partnered with Microsoft to bring to market a Hyper-Converged Infrastructure (HCI) premium solution based on our industry leading NVMe systems,” said Henry Kung, VP of server integration, Supermicro. “We worked closely with the Windows Server team to certify Windows Server Storage Spaces Direct using our highest performing 1U all-NVMe platform. This HCI premium solution is a cost-effective software defined data center (SDDC) in a 4-node solution with all the benefits of Microsoft software-defined storage and networking. This HCI premium solution is certified and ready to be deployed in large volume in enterprise and cloud-scale datacenters.”

By Vuzion, Microsoft Inspire 2017 Headline Sponsor 

• Microsoft 365 is the new complete, intelligent, secure solution created to further empower employees. Unveiled by Microsoft CEO, Satya Nadella, at the Vision Keynote Monday 10 July, Microsoft 365 brings together Office 365, Windows 10 and EM+S (Enterprise Mobility + Security), with Microsoft 365 Enterprise (E3 and E5) available from 1 August 2017, and Microsoft 365 Business from autumn 2017 (preview from 2 August).
• The Partner Center is going to be the single "pane of glass", with the Managed Partner List, Microsoft Partner Network, Microsoft PinPoint and Partner Incentive Portal all moving the Partner center.
• Bringing together disparate internal teams into one, holistic organisation and built on three pillars - Build-with, Go-to-Market, and Sell-with - Microsoft's new sales organisation One Commercial Partner (OCP) "harnesses our partner expertise and knowledge - technical, marketing, business development, and programs," Ron Huddleston, CVP One Commercial Partner.
• The requirements for GDPR (General Data Protection Regulation) compliancy (25 May 2018) represent a $3.5 billion opportunity for partners.

	Education		Financial Services		Government
	Health		Manufacturing		Retail

and that Microsoft's focus for FY18 is on these key solution areas:

• Modern Workplace
• Business Apps
• Apps and Infrastructure
• Data and AI.

Craig Gordon, adds, "A key phrase we'll take away, is from the Office 365 CSP Pre-Day, 9 July and Simon Sinek's quote that people don't buy what you do, they buy why you do it - that Microsoft is encouraging us to focus on the value proposition and fixing business problems - not selling products."
At Vuzion we'll be looking at all the announcements and topics in more detail in the coming weeks and at our post-Inspire event, Inspired, in London Thursday 10 August 2017, where Vuzion will be joined by Microsoft experts to discuss in depth these key learnings and takeaways.

Today's tip...

QUESTION

Does anyone know whether the DNS ZoneScopes used by DNS Policy can be signed and DNSSEC enabled? Looking at the DNSSEC related DnsServer PowerShell cmdlets it appears that they do not support the -ZoneScope parameter. As this is the only way to manipulate ZoneScope settings it seems to indicate that signing scopes is not possible...?

ANSWER

You cannot individually sign zone scopes, however, once you sign a default zone the scopes are also signed. Signed scopes allow you to leverage DNS policies as you would normally.

[This article was first published on stephanefrechette.com, and kindly contributed to CanSQL]

I was recently asked to provide a simple demo/proof-of-concept on how to quickly create a real-time streaming dashboard with Power BI. Did you know that you can stream data and update dashboards in real-time? Any visual or dashboard that can be created in Power BI can also be created to display and update real-time data and visuals. The devices and sources of streaming data can be factory sensors, social media sources, service usage metrics, and anything else from which time-sensitive data can be collected or transmitted.
 
 

There are three types of real-time datasets which are designed for displaying visuals on real-time dashboards:

• Push dataset
• Streaming dataset
• PubNub streaming dataset

This post is about the PubNub streaming dataset, With a PubNub streaming dataset, the Power BI web client uses the PubNub SDK to read an existing PubNub data stream, and no data is stored by the Power BI service. For more more information on the other types and their capabilities read the following documentation -> Real-time streaming in Power BI

So what is PubNub? PubNub is a global Data Stream Network and realtime infrastructure-as-a-service company. PubNub's Data Stream Network is a high-speed publish/subscribe messaging layer, it's deployed globally, and makes it easy to connect and scale realtime apps without managing a dedicated infrastructure for your realtime applications.

PubNub provides live syndicated data streams that you can use in your project. We are going to use the following stream Sensor Network (simulated), which mimics data from a network of outdoor field sensors. Will need the following Streaming Details:

Now let's build a real-time dashboard...

Hopefully you already have a Power BI Pro account, if not you can sign-up here and get started now with a free 60-day trial of Power BI Pro.

1. We will first create a dataset. Once signed-in, go to your My Workspace, select Datasets, then + Create and select Streaming dataset

2. Select PubNub and click the Next button

3. Give your dataset a name, I chose "Sensor Network Stream" and provide the Subscription key and Channel name (copy & paste)

Subscription key: sub-c-5f1b7c8e-fbee-11e3-aa40-02ee2ddab7fe
Channel name: pubnub-sensor-network

4. You will be presented with the 'schema' and values for this dataset, select the Create button to save the dataset

5. Next we go to Dashboards, select + Create and select Dashboard

6. We want to add tile(s), in the Real-Time Data section, select Custom Streaming Data, and select the Next button

7. Under Your Datasets, you should see the streaming dataset you created earlier, select it and select the Next button

8. For your Tile select Line chart from the Visualization Type, timestamp for the Axis, and ambient_temperature for Values, then select Apply

9. You can provide further Tile details, like Tile, Subtitle and link functionality...

10. You can add more tiles with different visualization types to your dashboard like Cards, Clustered bar charts, Clustered column charts and Gauges. I added four Cards to display the current value of each measure provided by the dataset... My final live streaming dashboard looks like this

That's a pretty simple way to demonstrate how to quickly build a Real-time streaming dashboard with Power BI

Enjoy!

If you haven't seen how a PtH attack works first hand, I highly recommend this lab. It walks through using mimikatz to use an NTLM hash to authenticate to a domain controller, then uses the PtH mitigations in Server 2016 like credential guard to defend.

Credential Guard lab companion

I am going to link back to a series of five upcoming blog posts from Microsoft Education that are aimed at helping school ICT administrators manage and secure their environments more effectively. The five blog topics are as follows:

• How to protect school data and uphold access policies
• School devices in a multi-platform, access-from-anywhere world
• Setup and deployment within a teaching and learning environment
• Collaboration and communication technologies for the classroom
• Adoption and change management for education technology

Using the cloud is a great way to protect school data

The first blog post has a number of great links within it, including information about cyber security risks faced in schools:

• Cybersecurity in K-12 education: schools face increased risks of cyber attacks
• Safeguarding your technology – practical guidelines for electronic education information security

As each of the posts are published I will update the links at the top of this post to provide a central point to access them.

Olá PessoALL

O System Center Configuration Manager Current Branch, tem a nova role Service Connection Point, esta role tem dois modos para ser utilizada, sendo online e offline.

No modo online o mesmo checa a cada 24 horas novas atualizações para serem baixadas, em algumas ocasiões temos problemas de firewall na infraestrutura bloqueando esses downloads, existem algumas URL’s que precisam ser liberadas para que possamos realizar download de atualizações para o SCCM CB.

Requisitos para Acesso a Internet

Para habilitar a comunicação, o Site que tiver a role Service Connection Point e qualquer firewalls entre o Site e a Internet deve passar comunicações através da porta TCP 443 para os seguintes locais de Internet abaixo. O Service Connection Point também suporta a utilização de um proxy para acesso a web (com ou sem autenticação).

Updates and Servicing

• *.akamaiedge.net
• *.manage.microsoft.com
• go.microsoft.com
• blob.core.windows.net
• download.microsoft.com
• sccmconnected-a01.cloudapp.net

Microsoft Intune

• *manage.microsoft.com
• https://bspmts.mp.microsoft.com/V
• https://login.microsoftonline.com/{TenantID}

Windows 10 Servicing +

• download.microsoft.com
• https://go.microsoft.com/fwlink/?LinkID=619849

Fonte: https://docs.microsoft.com/en-us/sccm/core/servers/deploy/configure/about-the-service-connection-point

Att

Valdemar Carvalho Junior
Premier Field Engineer

Neste post temos um exemplo de script PowerShell para auxiliar a criação de multiplas Collections para administração Configuration Manager 2012 e/ou posterior. Vamos utilizar um arquivo .CSV auxiliar para a nomenclatura das collections e queries utilizadas.

IMPORTANTE: Faça a execução sempre em um ambiente de testes, homologação e após sua total validação programe sua execução.

Copie o código abaixo e salve o mesmo como exemplo MSFT-Collections.ps1

##########################################################################

# SAMPLE POWERSHELL SCRIPT #

##########################################################################

# Removes all text from the current display

Clear-Host

# Type the path from CSV file

$SourcePath = Read-Host -Prompt "Type the path from CSV file"
$SourceFile = Read-Host -Prompt "Type the filename using CSV extension"

# Import the Configuration Manager PS Module (You must have the Admin Console installed for this to work)

Import-module ($Env:SMS_ADMIN_UI_PATH.Substring(0,$Env:SMS_ADMIN_UI_PATH.Length-5) + 'ConfigurationManager.psd1') -force

# Get ConfigMgr Provider

$PSD = Get-PSDrive -PSProvider CMSite

# Open ConfigMgr Site

CD "$($PSD.Name):"

# Get current date and time

$Date = Get-Date -Format g

# Set Update Schedule for Collections

$Schedule = New-CMSchedule -Start $Date -RecurInterval Days -RecurCount 1

# Create Default limiting collections

$LimitingCollection = "All Systems"

# Create Defaut Folder

$DefaultFolderName = "MSFT"

if (!(Test-Path "$($PSD.Name):DeviceCollection$DefaultFolderName")){

New-Item -Name $DefaultFolderName -Path "$($PSD.Name):DeviceCollection"

}

# Import Collections from CSV List

Import-Csv -Path $SourcePath$SourceFile | ForEach-Object {

# Create device collections

$getCollection = Get-CMDeviceCollection -Name $_.CollectionName

# Check if collection exists

if ($getCollection -eq $null){
New-CMDeviceCollection -Name $_.CollectionName -LimitingCollectionName $LimitingCollection -RefreshSchedule $Schedule -RefreshType Periodic

# Create device collections

Add-CMDeviceCollectionQueryMembershipRule -CollectionName $_.CollectionName -QueryExpression $_.Query -RuleName $_.CollectionName

# Move the collection to the right folder

$FolderPath = "$($PSD.Name):DeviceCollection$($DefaultFolderName)"

Move-CMObject -FolderPath $FolderPath -InputObject (Get-CMDeviceCollection -Name $_.CollectionName)

$cont = $cont+1

$cont

}
}

##########################################################################

##########################################################################

Aqui parte do texto do arquivo auxiliar para a criação das collections e suas queries. No exemplo temos os campos CollectionName, Query separados por vírgula. Aqui apenas uma linha, para o exemplo completo faça o download do arquivo mais abaixo.

CollectionName,Query

All Clients Not-Approved,"select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_CM_RES_COLL_SMS00001 on SMS_CM_RES_COLL_SMS00001.ResourceId = SMS_R_System.ResourceId where SMS_CM_RES_COLL_SMS00001.IsApproved <> 1"

Siga os passos abaixo:

Passo 1: Criar uma pasta na unidade exemplo "C:MSFT" e copie os 2 arquivos para dentro desta pasta

Passo 2: Executar o arquivo "MSFT-Collections.ps1" com o PowerShell para iniciar a criação das Collections

Você poderá receber uma mensagem semelhante a tela abaixo, digite Y para continuar

Passo 3: Digite o caminho e o nome do arquivo CSV, em nosso exemplo para pasta "C:MSFT". Ao digitar o nome “MSFT-CollectionsList.csv” do arquivo não esqueça de colocar a extensão.

Se o script PowerShell iniciar com sucesso, teremos uma tela semelhante ao print abaixo

Passo 4: Como resultado devemos ter uma pasta chamada "MSFT" e no painel da direita a estrutura de Collections

Para o download do exemplo utilizado neste post, clique aqui.

Abs!

Last week Microsoft Inspire was held in Washington D.C., and in this series of posts I'll be highlighting some of the session recordings of interest to OEM reseller and system builder partners interested in what lies ahead on the Microsoft roadmap. I'll start with Windows 10 focused sessions, before moving on to other topics over the next week.

ODR07p-R Reduce customer TCO and stay profitable with Windows

With pressure to reduce costs, customers are increasingly looking to optimize and reduce spend in hardware and line items around deployment, management, and support. Join us to hear how Windows 10 enables customers to cut costs without putting your profitability at risk.

Watch Video

ODR04p-R How to accelerate your device sales with intelligent investments

Come hear partner success stories for maximizing investments, and learn how to utilize key levers to help grow your business, such as the new ProWins incentives, Device Deployment, Device Days, benefits of shifting to Electronic Software Distribution (ESD), digital marketing resources, and more!

Watch Video

WIND03 Building better business opportunities with Microsoft Devices Partner Programs

In working with partners to land the premium position and value of Microsoft devices, we have captured the key learnings that are working in market to build into new and existing devices partner programs and resources to enable partners to capitalize on customer opportunities in the year ahead.

Watch Video

WIN04p Windows 10 S for commercial customers: Start focused and expand in the future

We just announced Windows 10 S and even though its initial focus is for the education sector there are scenarios in commercial customers where it provides great value, and these scenarios will only increase in the future.

Watch Video

WIN08 Detect and respond to advanced and targeted attacks with Windows Defender ATP

Windows Defender Advanced Threat Protection (WD ATP) enables enterprises to detect, investigate and respond to attacks on their networks. Organizations can address post-breach situations to determine the scope of breach and bring the organization back to a pre-breach state using threat intelligence.

Watch Video

WIN09 Windows in CSP: What’s new, what’s coming, and why you should include Windows in your managed service offerings

An overview of the current and upcoming Windows in CSP offerings plus best practices for delivering Windows as a partner managed service.

Watch Video

WIN11p Selling the value of Windows Enterprise 10 to commercial customers

Windows 10 Enterprise will continue to be an important part of how we go to market with Secure Productive Enterprise. There are several new and updated tools available to partners to support the sales of Windows 10 and Secure Productive Enterprise. These are presented during the session.

Watch Video

WIN13 Accelerate Windows Pro devices sales

In this session, hear the latest program information, along with changes to the ProWins Program starting in FY18.

Watch Video

WIN14p What's new in Windows 10 security: Raising the bar of security once again with the Creators Update

Disrupting the current generation of cyber-threats requires a platform with revolutionary security capabilities and the Windows 10 Creators Update rises to the occasion. We also cover how Windows 10 security capabilities join those in Office 365, our Server & Tools products, and Microsoft Azure.

Watch Video

WIN08 Detect and respond to advanced and targeted attacks with Windows Defender ATP

Windows Defender Advanced Threat Protection (WD ATP) enables enterprises to detect, investigate and respond to attacks on their networks. Organizations can address post-breach situations to determine the scope of breach and bring the organization back to a pre-breach state using threat intelligence.

Watch Video

WIN09 Windows in CSP: What’s new, what’s coming, and why you should include Windows in your managed service offerings

An overview of the current and upcoming Windows in CSP offerings plus best practices for delivering Windows as a partner managed service.

Watch Video

WIN15 Reinventing services around the modern desktop with Windows Analytics

GSI and partners are looking for potential opportunities to collaborate with Microsoft and Windows 10 as part of the big deployment process happening worldwide. Learn about the AppCompat readiness process to create transformational consulting services and business applications for Windows 10.

Watch video

Following up from the last post on Inspire's Windows 10 session recordings, this post includes the links to the recorded sessions for Enterprise Mobility + Security as well as some of the standalone components.  I had a chance to see a couple of these in person, including the sessions by @vladpetrosyan and @markmorow and had a chance to catch up with some of the other presenters in the expo hall between sessions.

CE400 How to take your security practice to the next level: Partner programs and resources

Join our Mobility + Security team to hear best practices adopted for using the Microsoft Secure message to get buy-in from senior decision makers, options for landing the value propositions for EMS, accelerate security sales and generating revenue during each stage of this process.

Watch Video

CE411p Identity-driven security through conditional access

Conditional access provides the control and protection needed to keep corporate data secure, while giving teams an experience that allows them to do their best work from any device. Allow or block access or challenge users with multi-factor authentication, device enrollment, or password change.

Watch Video

CE412p Secure your complete data lifecycle using Azure Information Protection

Data is traveling to more locations than ever. It’s hard to identify sensitive data and protect it against accidental or malicious breaches. Learn how classifying, labeling and protecting data using Azure Information Protection can help you secure data throughout its complete lifecycle.

Watch Video

CE413p Protect your network from malicious attacks with Microsoft Advanced Threat Analytics

Inside-out security is necessary with our current mobile and connected workforce, and having eyes and ears on your network will help your customers be prepared. Microsoft Advanced Threat Analytics uses behavioural analytics, machine learning, and deterministic detections to detect advanced threats.

Watch Video

CE414 Identity-driven security

As organizations adopt cloud and mobile technology, identity is more critical to cybersecurity than ever before. In this session, we look at how Microsoft identity-based security solutions work together for a holistic approach to protection.

Watch Video

CE415 Managed mobile productivity

Protecting corporate data is one of IT’s biggest challenges. Enterprise Mobility + Security (EMS) helps to overcome your data protection challenge, access resources on any device, anywhere and simplify management of your enterprise mobility management needs.

Watch Video

マイクロソフト本社のエグゼクティブが執筆したブログの日本語版をご紹介している「マイクロソフト公式ブログ」。

最新情報をぜひチェックしてみてください！

≪7月の更新情報≫

• AI、人々、そして、社会の交差点におけるマイクロソフトの役割：2017年7月14日更新

• AI for Earth の発表: 地球の未来のために AI を活用するマイクロソフトの新プログラム：2017年7月14日更新

• マイクロソフト、パートナー企業を 4.5 兆ドルの変革機会の中心に：2017年7月12日更新

≪6月の更新情報≫

• 解説アニメ：「4 分でわかる IoT」を公開：2017年6月16日更新

• Microsoft Pix で iPhone の写真をスタイリッシュに：2017年6月16日更新

Hello there, this is Benjamin Morgan, and I'm a Premier Field Engineer covering Active Directory and Platforms related topics.  This is my first blog post I hope you are all as excited about this as I am! Today I wanted to talk with you about a couple of quick ways for querying system memory (and provide some background as to *why* I was doing this).  Well without further ado let's get started...

Pre-Amble

Recently I was working with a customer and they had an interesting problem. They were having an issue retrieving specific user attributes from Active Directory using PowerShell. While building the command in a lab the original syntax that I was given was: Get-ADUser -filter * -properties *

Well, as we all know, friends don't let friends use " -filter * -properties *" because it will return everything about everything, or in this case everything about all AD users, whereas best practice is to fine tune your scripts so you're not wasting resources on information that is not needed and will never be used. Needless to say, the script would run for a little bit then bomb out.

My first step was to obviously change the "-filter *" to "-filter 'name -like "*"' but leave the "-properties *" so we could identify the exact attributes that were needed. After this change the script ran a little longer but continuously bombed out. After running the script several times and it continuously failed at the same point, after retrieving user X, my first instinct was that maybe the user right after user X had a corrupted property so I needed to determine what user was next and then see what was going on with their account. I knew that I could do a "for-each" loop, but I didn't want to take the time to do this since the customer was on a time crunch. I modified the "-properties" statement to only return the attributes that were needed and hoped for the best knowing that if all else failed I would do a "for-each" statement and get the information that way. I then changed the PowerShell command to 'Get-ADUser -filter 'name -like "*"' -properties PasswordNotRequired' and that command worked. After looking at the user accounts full properties that were directly after the user that it failed on, and everything returned correctly I knew that there was something else going on, but they had the information they needed so all was good. So, the real question was what was going on and why was it happening.

Before we go on, its important to be aware that the recommendation for domain controllers is to have enough memory to store the dit file in memory, the OS requirements, and enough for any third party applications installed on the DC; in other words, the file size for the dit, plus ~15-20% for the OS (you can read more on this here: https://social.technet.microsoft.com/wiki/contents/articles/14355.capacity-planning-for-active-directory-domain-services.aspx). In this situation, these best practices weren't followed, so the added burden of parsing all of their users caused the DC to essentially hang and did not allow PowerShell to return all the requested information when using wildcards.

Problem/Solution

I knew that since the AD user attributes were good, it had to be something simple, right? Next, I started looking at the domain controller performance. All I had was PowerShell access with no actual rights to do anything except what was given to me by the PowerShell credentials of the person logged into the computer. (This was a server Admin, not a Domain Admin account…) I decided that since they were a fairly large environment, I might want to check the resources on the domain controller I was connected to. This account had rights to log into the DC! That's a security topic that is discussed in the PAW solution https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/privileged-access-workstations. I figured that the first resource to look at was RAM. A domain controller should have more memory instead of less, and I knew that PowerShell could pull everything but I wasn't sure how to get everything that I needed. So off to Bing I went… After some research the best way to get the information was to leverage WMI. The issue I encountered was that WMI returns the results in bytes, which is useless to me. Luckily, PowerShell can do just about anything! It can natively convert bytes to GB, KB, MB, or anything else you may want. I am still trying to figure out how to have it make me coffee in the morning though.

I used the Get-WMIObject cmdlet because the customer was still using Windows 7 with PowerShell 2.0. If you are using PowerShell 3.0 or above then you can use Get-CimInstance which is the more modern way of retrieving this information. The Scripting Guy has a good blog comparing and contrasting Get-WMIObject and Get-CimInstance, https://blogs.technet.microsoft.com/heyscriptingguy/2016/02/08/should-i-use-cim-or-wmi-with-windows-powershell/. The scripts were also ran locally for the purpose of putting together this blog but the commands can be ran via the PowerShell remoting ability of your choice. The following link explains the different PowerShell remoting options, https://technet.microsoft.com/en-us/library/gg981683.aspx.

The first command is Get-WMIObject win32_ComputerSystem which returns an output like the following

Or you can use Get-CimInstance win32_ComputerSystem | format-list which returns an output like the following

So TotalPhysicalMemory doesn't do a lot of good unless you want to do the conversion to GB yourself but as I said PowerShell is smart enough to be able to do that for me.

According to https://technet.microsoft.com/en-us/library/ee692684.aspx to do the conversion the command is followed by "/ 1GB" so the command would be Get-WMIObject win32_ComputerSystem | foreach {$_.TotalPhysicalMemory /1GB}, but while this command will return the amount of memory in GB it will be in decimal notation and will look like

Get-CimInstance win32_ComputerSystem | foreach {$_.TotalPhysicalMemory /1GB}

To truncate the decimal places and only show whole numbers you have to call the .NET framework's System.Math class ([math]). That command would be,

Get-WMIObject win32_ComputerSystem | foreach {[math]::truncate($_.TotalPhysicalMemory /1GB)}

Get-CimInstance win32_ComputerSystem | foreach {[math]::truncate($_.TotalPhysicalMemory /1GB)}

While this command returns showing my system only has 3GB, in reality it has 4GB, this is due to truncating the amount of memory that is shown to remove all decimal points and only show whole numbers.

In order to see the exact amount of memory you want to round the TotalPhysicalMemory to the nearest whole number. The command to do this is,

Get-WMIObject win32_ComputerSystem | foreach {[math]::round($_.TotalPhysicalMemory /1GB)}

Get-CimInstance win32_ComputerSystem | foreach {[math]::round($_.TotalPhysicalMemory /1GB)}

Hopefully this helps you hunt down some of those pesky memory issues, and thanks for reading!

概要：學習如何跟著步驟設定警示來偵測可疑的可執行文件。

可疑的可執行文件警示

Security Event 8002 在處理執行時就會回報。此事件回報了許多有用的資訊像是 path、process name、file hash、甚至是 FQBN。

Note: FQBN 是 Fully Qualified Binary Name 的縮寫，它是一個字串包含了：publisherproductfile nameversion。

一個簡單回報 Security Event 8002 的搜尋指令如下：

Type=SecurityEvent EventID=8002

接著要加入FQBN。OMS 記錄搜尋對指令是很敏感的，因此在輸入指令時有兩點需要注意。首先，必須輸入正確的大小寫： Fqbn，若輸成 FQBN 將會跳出錯誤，如下圖：

再者，* 這個符號被視為是文字字符，而非通用的字符，因此若執行下圖的輸入，雖然不會造成錯誤產生，但也無法成功搜尋到資料：

正確的指令應為：

Type=SecurityEvent EventID=8002 Fqbn = *MICROSOFT*

Note: MICROSOFT 也是一個敏感的字，若輸入 *Microsoft* 將不會回傳任何資料。

執行結果在左側詳細資料中並不會顯示 Fqbn。要顯示出 Fqbn，需先點擊左下角的 [+新增]，接著在列表中找到 Fqbn 並勾選：

完成後按下右上角的 x 即可在左方看到配對 *MICROSOFT* 的 Fqbn 總覽。如下圖：

Measure count

現在要利用 Measure 指令來計算 ExecutionCountHash 並藉由執行文件的 file hashes 來組織，同時您也會得到各個的計數。指令和結果如下：

Type=SecurityEvent EventID=8002 Fqbn = *MICROSOFT* | Measure count() as ExecutionCountHash by FileHash

最後要做的一件事就是在指令中利用 Where 來過濾。以下指令過濾出  ExecutionCountHash 發生至少或超過 5 的情況：

Type=SecurityEvent EventID=8002 Fqbn = *MICROSOFT* | Measure count() as ExecutionCountHash by FileHash | Where ExecutionCountHash <= 5

將指令轉為警示

我對於 Fqbn 為 MICROSOFT 的指令並不感興趣，現在我將其換成 Fqbn 等於 "-"，指令如下：

Type=SecurityEvent EventID=8002 Fqbn:”-” | Measure count() as ExecutionCountHash by FileHash | Where ExecutionCountHash <= 5

現在我有了我要的搜尋指令，便可以開始設定警示：

• 名稱：SuspiciousExecutableAlert
• 嚴重性：嚴重
• 搜尋指令：Type=SecurityEvent EventID=8002 Fqbn:”-” | Measure count() as ExecutionCountHash by FileHash | Where ExecutionCountHash <= 5
• 時間間隔：15分鐘
• 警示頻率：15分鐘
• 結果數目：大於 0
• 隱藏警示：20分鐘
• 主旨：Suspicious Executable detected

• Creating portable Command & Control Centres that fit in a back-pack
• Interacting with a full-sized Event Dashboard - freeing them from screen-size restrictions
• Synchronising multiple HoloLens devices whilst authenticating, and displaying data relevant to, each user's clearance level
• Creating a 3D Mesh that records a crime scene and combines it with tuServ data for a fully immersive, interactive environment
• Excluding objects from the mesh that obscure an officer's ability to establish weapon trajectory or the movement of victims and suspects.

Hola, buenas,

Ya podemos descargarnos la Actualización Pública para Project 2016 y Project Server 2016, correspondiente al mes de julio de 2017.

Recordemos, por favor, el siguiente criterio de liberación de actualizaciones: las relacionadas con productos de la familia Office que no sean consideradas de seguridad serán liberadas el primer martes de mes; mientras que las de seguridad de productos de la familia Office serán liberados el segundo martes de cada mes:

Paquetes de SharePoint Server 2016 (hay que instalar ambos, Project Server 2016 está incluído en SharePoint Server 2016): 

https://support.microsoft.com/en-us/help/3213544/descriptionofthesecurityupdateforsharepointserver2016july11,2017

https://support.microsoft.com/en-us/help/3213543/july-11-2017-update-for-sharepoint-server-2016-kb3213543

Paquete cliente Project 2016:

https://support.microsoft.com/en-us/help/3203476/july-5-2017-update-for-project-2016-kb3203476

La versión del cliente pasa a ser 16.0.4561.1000.

La versión de la base de datos (sí tenemos modificación en el esquema en esta versión) pasa a ser 16.0.4561.1000.

Hemos consultado los siguientes posts y artículo antes de escribir éste:

https://blogs.technet.microsoft.com/projectsupport/2017/07/12/project-and-project-server-july-2017-updates-released/

https://blogs.technet.microsoft.com/stefan_gossner/2017/07/12/july-2017-cu-for-sharepoint-server-2016-is-available-for-download/

https://blogs.technet.microsoft.com/office_sustained_engineering/2017/07/05/july-2017-non-security-office-update-release/

https://blogs.technet.microsoft.com/office_sustained_engineering/2017/07/11/july-2017-office-update-release/

https://support.microsoft.com/en-us/help/4033107/july-11-2017-update-for-microsoft-office

Por favor, probadlo en un entorno de pruebas antes de hacerlo en el de Producción.

Esperamos os resulte de interés, un saludo.

Jorge Puig

Bonjour,

Vous êtes nombreux à avoir rencontré ce problème lors de l'ouverture de projets à partir du Centre de Projet sous Internet Explorer 11 sous Windows 7.

Alors que vous sélectionnez une série de projets dans le Centre de Projets et que vous demandez à les ouvrir des Project professional, une erreur apparaît vous demandant d'installer Project Professional sur votre machine:

"Project Professionnel doit être installé pour ouvrir le projet. Installez Project et essayez à nouveau"

"Project Professional needs to be installed to open the project ... "

Quand vous sélectionnez un ou plusieurs projets, Project Server va créer une chaine de texte qui va permettre à Project Professional d'ouvrir tous le ou les projets sélectionnés, à partir de l'URL du site PWA, soit en lecture/écriture, soit en lecture seule selon le choix que vous avez fait.

Cette chaine est fabriqué de la manière suivante : "ms-project:osp|u|" +  pwaSitePath + fslash + "|g|" + siteID + "|p|" + projNames + "|r|";

Ce qui donne un résultat tel que :  "ms-project:osp|u|  http://monserveur/pwa/ |g|  01ab-c2345-def678 |p|  Project01; Project02; Project03; |r|";

Cette chaine de caractère est alors envoyée au gestionnaire de protocol d'Office qui a pour charge:

1. d'identifier quelle application Office doit être appelée (ici c'est ms-project)
2. de passer les paramètres nécessaires à l'application (ici c'est l'URL du site PWA, le Site ID, la liste des projets à ouvrir, le paramètre de lecture et ou écriture)

Ce processus est limité dans le temps à une dizaine de secondes. Si l'application n'a pas été exécutée durant ce lapse de temps, Project Server considère que l'application Project n'est pas installée sur la machine.

Or, une erreur peut se produire lorsque IE11 tente de passer cette information au gestionnaire de protocol car IE11 pour Windows 7 limite la chaine de caractère à 512 caractères.

Si la sélection de projets que vous avez effectuée génère une chaine de paramètre ayant une taille supérieure à 512 caractères, une erreur JavaScript SCRIPT122 va intervenir.

Cette erreur va bloquer le processus d'ouverture de Project professional et les 10 secondes vont expirées. De ce fait, le message indiquant que Project Professional doit être installé va s'afficher :

Pour éviter ce problème, vous avez plusieurs possibilités :

1. Utiliser un autre navigateur tel que Chrome
2. Installer le Cumulative Update de juin 2017 de Project Server qui permet de mieux gérer la chaine de paramètre
3. Utiliser Internet Explorer sous Windows 8.x ou Windows 10

Il existe d'autres causes possibles à l'apparition du message demandant l'installation de Project Professional:

1. Une latence qui empêche l'ouverture des projets sélectionnés dans les 10 secondes
2. Une erreur lors de la fabrication de la chaine de paramètre (erreur sur le SiteID, caractères incompris dans le nom des projets etc...)
3. Une erreur dans les informations de base de registre qui empêche le gestionnaire de protocol de retrouver les informations nécessaires à l'exécution de l'application

Dans tous les cas, je vous recommande d'utiliser le mode Debugger d'Internet Explorer (F12) ou de Chrome afin de détecter toute erreur d'exécution.

Bonne journée.

Marc Biarnès

(この記事は 2017 年 7 月 10 日に Office Blogs に投稿された記事 New business apps in Office 365 Business Premium help you run and grow your small business の翻訳です。最新情報については、翻訳元の記事をご参照ください。)

中小企業の皆様に Office 365 の価値をさらに高めていただけるように、Office 365 Business Premium に 3 つのアプリケーションが新たに追加されます。

• Microsoft Connections: 簡単に使用できるメール マーケティング サービス。
• Microsoft Listings: 主要なサイトにビジネス情報を簡単に公開できるアプリ。
• Microsoft Invoicing: 見栄えの良い請求書を作成し、迅速に支払いを回収するためのアプリ。

また、Office 365 Business center も導入されます。Office 365 Business center では、これらのビジネス アプリを一元管理し、ビジネスの状況をエンドツーエンドで確認することができます。さらに、走行距離追跡アプリの MileIQ も Office 365 Business Premium サブスクリプションの特典に追加されます。今回の新サービスや、最近追加された Microsoft Bookings、Outlook Customer Manager を利用することで、顧客獲得やビジネスの管理に役立てることができます。

今後数週間にわたり、Connections、Listings、Invoicing、Business center のプレビューが米国、英国、カナダの Office 365 Business Premium のお客様を対象にロールアウトされ、先行リリース プログラムに参加されているお客様から優先的にご利用いただけるようになります。MileIQ Premium は、本日から米国、英国、カナダのすべての Business Premium のお客様にご利用いただけます。

では、各製品について詳しくご紹介します。

Microsoft Connections: シンプルなメール マーケティング ツールで売り上げを伸ばす

メール マーケティングは売り上げを増加させる効果的な手法ですが、実際に開始するまではなかなかたいへんです。Microsoft Connections を使用すると、ニュースレター、通知、顧客紹介などの用途別に、事前にデザインされたテンプレートを使用して、見栄えの良いメール マーケティング キャンペーンを簡単に作成できます。また、自社のメーリング リストにユーザーが簡単に登録したり、購読解除したりすることもできます。

メーリング リストの規模が大きくなった場合は、セグメントを作成して特定の顧客グループにターゲットを絞ることで、購読者を効率的に管理できます。パフォーマンス チャートや購読者のアクティビティの最新情報では、各メール キャンペーンの開封率、クリック数、新規登録者数、新規顧客数、キャンペーンの集客数、購読解除者数を追跡して、キャンペーンの効果を確認できます。

Microsoft Connections は Web や iOS および Android 用モバイル アプリで利用できます。

Microsoft Listings: 新規顧客獲得に向けて自社のビジネスをオンラインで公開

自社のビジネスをオンラインに公開すると、見込み顧客の目に留まる可能性が大きく広がります。しかし、オンライン プレゼンスを確立するまでには時間がかかるうえ、各サイトで営業時間などの情報を常に最新の状態に維持し、パフォーマンスを監視する作業にも手間がかかります。Microsoft Listings を使用すると、Facebook、Google、Bing、Yelp へのビジネス情報の公開や管理が容易になります。

Microsoft Listings の Web ダッシュボードでは、評価やレビューを簡単に監視できます。

Microsoft Listings でビジネス プロファイルを更新すると、その変更は Facebook、Google、Bing に自動的に反映されます。さらに、各サイトにおける掲載内容のオンライン閲覧数やレビュー件数を 1 つのダッシュボードでまとめて監視できます。これにより、顧客からのフィードバックを簡単に把握し、オンラインでの評価を高めることができます。

Microsoft Invoicing: 請求書の作成やオンラインの支払いを簡素化して支払いを迅速に回収

ビジネスをスムーズに運営するうえでは、見積書や請求書を予定どおりに発送し、未払いを追跡して、支払いを迅速に処理することが非常に重要です。しかし、複数の記録システムや書類上の情報を追跡する作業は煩雑で手間がかかります。Microsoft Invoicing を使用すると、見栄えの良い見積書や請求書を迅速に作成し、支払いを迅速に回収することができます。

Microsoft Invoicing は Web や iOS および Android 用モバイル アプリで利用できます。

Microsoft Invoicing は PayPal と連携しているため、クレジット カードやデビット カードを使用したオンラインの支払いに対応できます。また、QuickBooks へのコネクタにより、顧客データやカタログ データを同期し、経理担当者に請求情報を転送することができます。

新しい Office 365 Business center で一元管理

Office 365 Business center では、Bookings、Connections、Listings、Invoicing を一元管理し、ビジネス アプリやデータに容易にアクセスできます。Office 365 Business center の統合ダッシュボードでは、未払い請求の合計金額、今後の予定の件数、Facebook、Google、Bing、Yelp の各インプレッション数、新規購読者数、キャンペーン送信者数など、すべてのビジネス アプリの主要メトリックを表示できます。

Office 365 Business center には Web からアクセスできます。

Business center にはアクティビティ フィードが含まれており、容易に顧客との新規の予定を確認し、自社の従業員が作成または更新した請求書や支払いを把握するなど、各アプリにおける最新情報を詳細に確認することができます。アクティビティ フィードには、支払い期限を過ぎているため請求書を再送信する必要があるといった警告など、その時点で推奨される対応も表示されます。

新しいビジネス アプリは相互に連携するように設計されているため、コネクタのセットアップや手動によるデータ転送などに貴重な時間を取られることもありません。あるビジネス アプリに登録された連絡先は他のアプリでも自動的に認識されるため、同じデータを繰り返し入力する手間が省けます。また、ビジネス オーナーの権限を持っている場合は、チーム内のメンバーごとにアクセスできるビジネス アプリや関連情報を完全に制御できます。

MileIQ: スマートな走行距離追跡アプリを Office 365 Business Premium に追加

客先への営業、パートナーとの会議、展示会といった業務目的に自家用車を使用する場合、税額控除や経費精算のために走行距離を追跡して報告する作業は面倒です。そこで、iOS および Android 用の走行距離追跡アプリである MileIQ (英語) が Office 365 Business Premium サブスクリプションの特典として追加されました。

MileIQ を使用すると、運転の自動検出や走行距離を記録したり、スワイプ 1 回で社用と私用に分類したり、包括的なレポートを作成したりする機能により、スマートかつ簡単に走行距離を追跡できます。MileIQ のユーザー数は既に 400 万人を超えており、お客様は平均して年間 6,900 ドルのコストを税額控除や経費精算によって削減し、走行距離の記録に要する時間を週に 2 時間短縮しています。Office 365 Business Premium で利用可能な MileIQ Premium サブスクリプションでは、毎月記録できる走行距離に制限がありません。MileIQ は現在、米国、英国、カナダのお客様にご利用いただけます。

新しいサービスをお試しになりご意見をお寄せください

今回 Office 365 Business Premium サブスクリプションに追加された新しいサービスについて、皆様からのフィードバックをお待ちしています。使用を開始する手順は以下のとおりです。

• Connections、Listings、Invoicing、Business center: 今後数週間にわたり、米国、英国、カナダの Office 365 Business Premium のお客様を対象としてプレビューがロールアウトされます。お客様のアカウントでサービスが有効化されると、サインインした後、ようこそ画面に Business center のアイコンが表示されます。このアイコンをクリックするとサービスの使用を開始できます。早期アクセスをご希望のお客様は、サポート ページで Office 365 先行リリース プログラムに参加する方法をご確認ください。アプリをご利用になったご感想は、フィードバック フォーラム (英語) までお寄せください。

Office 365 にサインインすると、新しいビジネス アプリのアイコンが表示されます。

• MileIQ: 米国、英国、カナダの Office 365 Business Premium サブスクリプションで MileIQ の特典を有効化する場合は、mileiq.com/office365 (英語) にアクセスします。ぜひ MileIQ に関するフィードバックやご提案を feedback@mileiq.com までお寄せください。

よく寄せられる質問

Q. Connections、Listings、Invoicing、Business center の一般提供開始はいつになりますか。

A. 年内には一般提供が開始される予定です。

Q. Business Premium サブスクリプションを所有しているすべての社内ユーザーが既定で Connections、Listings、Invoicing を使用できるようになりますか。

A. これらのアプリにアクセスできるユーザーは、Office 365 グローバル管理者ロールで制御できます。Standard ユーザーは、既定では Connections、Listings、Invoicing にアクセスできません。この場合、Business center でアクセス許可を申請することができます。グローバル管理者が申請を承認または却下するには、[Admin center]、[Settings]、[Services & add-ins]、[Business apps] の順に選択します。

Q. Connections、Listings、Invoicing の詳細はどこで確認できますか。

A. 各アプリの詳細については、以下のページをご確認ください。

• Microsoft Connections (英語)
• Microsoft Listings (英語)
• Microsoft Invoicing (英語)

Q. MileIQ の詳細はどこで確認できますか。

A. 製品情報やよく寄せられる質問については、www.mileiq.com/office365 (英語) をご確認ください。

Q. Office 365 サブスクリプションで MileIQ の特典を有効化する方法を教えてください。

A. まず、www.mileiq.com/office365 (英語) にアクセスし、MileIQ の新規アカウントを作成するか、既存のアカウントを使用してサインインします。次に、Office 365 の資格情報を入力すると、利用資格の確認後にサブスクリプション特典が有効化されます。注: MileIQ アカウントの作成時には任意のメール アドレスを使用できますが、「Check Eligibility (利用資格の確認)」の手順では必ず Office 365 の資格情報をご使用ください。

Q. 既に MileIQ の有料サブスクリプションを所有している場合はどうなりますか。

A. 現時点で MileIQ の有料サブスクリプションと Office 365 Business Premium をご利用の場合は、既存のアカウントを変更いたしますので support@mileiq.com までご連絡ください。担当者から折り返しご案内差し上げます。

*QuickBooks と QB は Intuit Inc. の登録商標およびサービス マークであり、ライセンスに基づいて表示されます。

※ 本情報の内容 (添付文書、リンク先などを含む) は、作成日時点でのものであり、予告なく変更される場合があります