Hello everyone! My name is Paul Fitzgerald and I'm a Platforms PFE. I love learning new things and sharing what I have learned with others. My role as a PFE allows me the opportunity to do just that, and I'll now have the pleasure of sharing with you all as well!

I've been working a lot with my customers lately on Windows 10 adoption. One thing that has helped tremendously in providing valuable insight into their environments is Windows Analytics Upgrade Readiness. So today, I thought we'd take a look at deploying Upgrade Readiness to help you migrate from legacy Windows operating systems to Windows 10 and to help you stay current with Windows 10 feature updates.

Many customers use System Center Configuration Manager to deploy Upgrade Readiness to their environment. But what if you don't have SCCM? That's what we'll focus on today – deploying Upgrade Readiness without SCCM. More specifically, we're going to go over an approach that utilizes Group Policy Preferences and Scheduled Tasks to perform the initial configuration and periodic script execution. Let's get started, shall we?

Let's review Upgrade Readiness

Upgrade Readiness is a free solution built on Azure Operations Management Suite (OMS). It provides great insight into your client environment to help you plan and manage your Windows 10 upgrade process. It not only helps you move from Windows 7 and Windows 8.1 to Windows 10, but also helps you align with the Windows as a Service model and keep current with Windows 10 features updates.

Upgrade Readiness accomplishes this by analyzing your organization's telemetry data and providing you with a workflow that guides you through the entire process, a detailed computer and application inventory, incredible insights into application and driver compatibility, and more. You can read more about Upgrade Readiness here.

What if you don't have Azure? No worries, it's simple to setup and everything we're talking about today is free! When configured correctly, all data associated with the Upgrade Readiness solution is exempt from billing in both OMS and Azure. Upgrade Readiness data does not count toward OMS daily upload limits. Have a look at the Getting Started with Upgrade Readiness article for more details.

Getting started is easy

We recommend you start with a small pilot to ensure everything is in working order and you've met all the prerequisites. Sometimes it takes a bit of time to get approval to enable telemetry and to get firewalls and/or proxy servers configured, so be sure to read through the information on telemetry and connectivity. Once you've successfully completed your pilot, you're ready to deploy at scale. There are essentially three options for to accomplish that goal:

1. Configure settings via Group Policy (Active Directory)
2. Configure settings via Mobile Device Management (Intune)
3. Deploy the Upgrade Readiness deployment script

With the first two options, you may have to wait a long time (possibly weeks) before you see data about your devices.

We recommend using the deployment script and further recommend scheduling it to run monthly. Doing so ensures a full inventory is sent monthly and includes various tests to help alert you, through the Upgrade Readiness solution, to potential issues. This is frequently accomplished by creating a package in SCCM and deploying that package to your collection(s).

What you can do if you don't have SCCM

Not every customer has SCCM or a similar client management solution. And few are content waiting for results after configuring settings via Group Policy or MDM. To avoid having your client administrators walk from PC to PC to manually run the deployment script, you might consider configuring Group Policy Preferences to create a couple Scheduled Tasks that will automate the initial configuration of Upgrade Readiness and schedule the deployment script to run monthly as recommended.

Let's review how to set this up step by step!

Step 1: Prepare an Upgrade Readiness folder on a network share

We'll store the Upgrade Readiness script on a network share that's available to clients. This will give us a central location to manage settings and makes it simple to upgrade the script when a new version is released.

First extract the Upgrade Readiness deployment script, then place the contents of the Deployment folder on your file server. In my case, I placed it in a subdirectory of an existing share. Since the script will be run as the Local System account, you'll need to next ensure all your computer accounts have read access to this folder on this share. I usually do this by granting the Everyone group Change and Read permission on the share and limiting NTFS permissions on the folder in question as shown below. Finally, don't forget to ensure your RunConfig.bat is configured properly

Step 2: Prepare the Group Policy Object

We're going to use Group Policy Preferences to create two Scheduled Tasks. The first will be an Immediate Task and will be responsible for running the Upgrade Readiness deployment script the first time the Group Policy is applied. The second Scheduled Task will be configured to run the Upgrade Readiness deployment script once per month.

To get started, open the Group Policy Management mmc, browse to and select Group Policy Objects in the tree view, and finally select New from the Action menu. Next, provide a name for the GPO and click OK. I chose to call mine Upgrade Readiness.

Before we edit the GPO, there's one more thing I like to take care of. Since we'll only be working with Computer settings, select the new Upgrade Readiness GPO in the tree view and move to the Details tab. Click the drop-down next to GPO Status and choose User configuration settings disabled.

Now right-click the new Upgrade Readiness GPO in the tree view and choose Edit… to open the Group Policy Management Editor. Browse to Computer Configuration > Preferences > Control Panel Settings > Scheduled Tasks. Here's where we'll create the two new Scheduled Tasks.

Step 3: Create the initial Scheduled Task

Let's start by creating the Immediate Task. Right-click on Scheduled Tasks in the tree view, then click New > Immediate Task (At least Windows 7). Then configure it as described below.

General Tab

• Name: Upgrade Readiness (Initial)
• Description: This Scheduled Task executes the Upgrade Readiness deployment script once upon initial application.
• User: NT AUTHORITYSystem
• Run whether user is logged on or not
• Run with highest privileges
• Configure for: Windows 7, Windows Server 2008 R2

Actions Tab

• Action: Start a program
• Program/script: <Path to RunConfig.bat>

Conditions Tab

• Start only if the following network connection is available: Any connection

Settings Tab

• No changes required

Common Tab

• Apply once and do not reapply

Step 4: Create the recurring Scheduled Task

Now let's create the Scheduled Task. Right-click on Scheduled Tasks in the tree view, then click New > Scheduled Task. Then configure it as described below. I've chosen to run the deployment script on the first Monday of each month. You can choose whatever schedule best meets your needs.

General Tab

• Name: Upgrade Readiness (Recurring)
• Description: This Scheduled Task executes the Upgrade Readiness deployment script once a month.
• User: NT AUTHORITYSystem
• Run whether user is logged on or not
• Run with highest privileges
• Configure for: Windows 7, Windows Server 2008 R2

Triggers Tab

• Begin the task: On a schedule
• Settings: Monthly
• Months: <Select all months>
• On: First Monday (Or most appropriate options for your organization)

Actions Tab

• Action: Start a program
• Program/script: <Path to RunConfig.bat>

Conditions Tab

• Start only if the following network connection is available: Any connection

Settings Tab

• Allow task to be run on demand
• Run task as soon as possible after a scheduled start is missed

Common Tab

• No changes required

We're done with the Group Policy Management Editor, so you can go ahead and close it and move on to the next section.

Step 5: Link the Group Policy Object to your Organization Units

Now that the GPO has been created and configured, you'll need to link it to the Organization Unit(s) that contain(s) your Windows 7, Windows 8.1, and Windows 10 PCs. NOTE: Do not link this GPO to OUs that contain systems running Windows Server.

Browse to and select an applicable Organization Unit, then select Link an Existing GPO… from the Action menu. Locate and select the new Upgrade Readiness GPO and click OK. Repeat for each OU that contains your PCs as described above.

What to do now that you've deployed your new GPO

Once your PCs receive the new GPO, the "immediate" Scheduled Task will be executed, and their first full scan will be sent to Microsoft's telemetry endpoints tagged with your Commercial ID. You should immediately begin to see some details listed under Script Insights within the Upgrade Readiness solution Settings as depicted in the following screenshot.

After that, you can expect to see processed data show up in the Upgrade Readiness solution within the next 48-72 hours as seen in the next screenshot.

Wrapping up

There you have it! Upgrade Readiness is a great tool to help you more quickly and easily upgrade to Windows 10. And as you can see, following the recommended deployment practices doesn't require a full management platform such as System Center Configuration Manager.

Until next time!

-- Paul Fitzgerald, Platforms PFE

Find resources that help you build and sustain a profitable cloud business, connect with customers and prospects, and differentiate your business. Read previous issues of the newsletter and get real-time updates about partner-related news and information on our US Partner Community Twitter channel.

Subscribe to receive posts from this blog in your email inbox or as an RSS feed.

Looking for partner training courses, community calls, and information about technical certifications? Refer to the Hot Sheet training schedule for a six-week outlook that’s updated regularly as we learn about new offerings. To stay in touch with us and connect with other partners and Microsoft sales, marketing, and product experts, join our US Partner Community on Yammer.

Microsoft Inspire 2018

• Congratulations to the 2018 MSUS Partner Award Winners
• Updates and announcements from Microsoft Inspire 2018
• Microsoft Inspire session recommendations for Dynamics Partners
• Introducing the Microsoft Inspire Corenote speakers
• 5 reasons to attend Microsoft Inspire
• Microsoft Inspire 2018: Azure Government sessions
• Microsoft Inspire session recommendations for Applications and Infrastructure partners
• Resources to help you prepare for Microsoft Inspire
• Exclusive Preview: Microsoft Inspire experiences for U.S. partners
• In case you missed it: Key announcements – Partner awards, Microsoft Inspire price extension, and US Area Celebration
• Microsoft 2018 Partner of the Year Awards
• 4 tips for first time attendees at Microsoft Inspire

New posts on the US Partner Community blog

• Congratulations to the 2018 MSUS Partner Award Winners
• Updates and announcements from Microsoft Inspire 2018
• July 2018 Hot Sheet partner training schedule
• Microsoft Inspire session recommendations for Dynamics Partners
• Partner Solution Brief: Taking advantage of Azure
• 5 reasons to attend Microsoft Inspire
• Microsoft Inspire 2018: Azure Government sessions
• Microsoft Inspire session recommendations for Applications and Infrastructure partners
• Partner Solution Brief: Office 365 security in the public sector
• Exclusive Preview: Microsoft Inspire experiences for U.S. partners
• In case you missed it: Key announcements – Partner awards, Microsoft Inspire price extension, and US Area Celebration
• How to recommend the best practice on Microsoft Azure
• Dynamics 365 Connected Field Service

New videos on the US Partner YouTube channel

• MPN 101: Cloud Solution Provider Program
• Five reasons to attend Microsoft Inspire 2018
• June 2018 Business Applications Community call: Connected Field Service
• Why One Commercial Partner executives can’t wait for Microsoft Inspire
• MPN 101: Customer Acquisition Marketing Tactics
• June 2018 Modern Workplace Community call: Quarterly Update
• May 2018 Modern Workplace Windows and Devices Community call - Windows 10 IoT
• MPN 101: The value of attaining a competency
• May 2018 Open Source Solutions Partner Community call: Microsoft Azure Sphere
• Virtual Microsoft OCP Partner Briefing sizzle video
• May 2018 Modern Workplace Productivity Community call: Attack Simulator and GDPR Dashboard
• May 2018 Modern Workplace Security Partner Community call: Windows Defender ATP

MPN news

• Stand out by disrupting the customer engagement model
• Upcoming improvements to membership and referrals
• How can dark marketing impact your business?
• Visual3D Case Study
• Elevate your networking: Tips for the perfect elevator pitch
• Introducing the Microsoft Inspire Corenote speakers
• Grow your business with licensing renewals
• Resources to help you prepare for Microsoft Inspire
• Why One Commercial Partner Executives can't wait for Microsoft Inspire
• Top 10 tips for finding the best investment for your company
• Microsoft 2018 Partner of the Year Awards

Upcoming events

• Microsoft Inspire July 15-19 in Las Vegas, Nevada
• Microsoft Business Applications Summit July 22–24 in Seattle, WA
• Microsoft Ignite September 24-28 in Orlando, FL
• Microsoft Envision September 24-26 in Orlando, FL

US Partner Community call schedule

Community calls and a regularly updated, comprehensive schedule of partner training courses are listed on the Hot Sheet

• Wednesday, July 11 at 9:30 am Pacific Time, MPN 101 Community call: Know before you go

Few days ago, I was working with one of my customer. I advised him to host his O365 scripts in Azure instead using a local server. In this post, I would like to share why I recommended this to my customer and what solutions we've identified for hosting PowerShell script in Azure.

Why in my opinion, Azure is the best companion for executing O365 PowerShell scripts (or code)?

First, Azure services SLAs guarantee that your script will run 99.9xxx% of times. Usually, it's hard to provide such level of services on a local server. It may require a big investment for few scripts execution time mostly without any SLA and without service guarantee. You may also need,  to open some ports, to configure a proxy, to harden your server security, to configure some antivirus, and to maintain your local server. In Azure, most services allow you to only focus on your PowerShell script because all the infrastructure, the SLAs and security is taken care by Microsoft. You only pay for what you consume in Azure. Some services presented below might be less expensive than running a local server which is consuming power supply all day long. To finish, when hosting your scripts in Azure may rely on all other Azure services (SQL, Big Data, Data Factory etc) and get some flexibility for any scripts improvements or complexity.

Services in Azure for hosting and executing PowerShell

• Via a Azure VM :
  • Overview: https://azure.microsoft.com/en-us/services/virtual-machines/
  • Pricing: https://azure.microsoft.com/en-us/pricing/details/virtual-machines/windows/
  • Usage : I recommend to only use this solution for migration project or script development.

• Via Azure Function App :
  • Overview: https://azure.microsoft.com/en-us/services/functions/
  • Pricing: https://azure.microsoft.com/en-us/pricing/details/functions/
  • You may rely on the below procedure to create une Azure Function running PowerShell :
    • https://docs.microsoft.com/en-us/sharepoint/dev/declarative-customization/site-design-pnp-provisioning#create-the-azure-function
  • Note: PowerShell language is experimental in Azure Function. That's why I do not recommend this services for production use yet.

• Via Azure Automation account (recommended solution):
  • Overview: https://docs.microsoft.com/en-us/azure/automation/automation-intro
  • Tarification : https://azure.microsoft.com/en-us/pricing/details/automation/
  • Blog : https://blogs.technet.microsoft.com/dominiquevives/2018/05/11/azure-automation-for-spo-tasks/
  • Note: This so

• Via Azure Web Jobs (in Azure App Services) :
  • Overview: https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
  • Pricing: https://azure.microsoft.com/en-us/pricing/details/app-service/windows/
  • Procedure : Exécuter des tâches en arrière-plan avec WebJobs dans Azure App Service - en-ushttps://docs.microsoft.com/fr-fr/azure/app-service/web-sites-create-web-jobs

Dear All,

Welcome to the TechNet Wiki Tuesday – TNWiki Article Spotlight.

This week all our TechNet Wiki MVP's, including me will be as little tensed and expecting the magical good news or a sad news. But whatever it might be, all our TechNet Wiki Ninjas are always Ninjas, and all of us here are very happy to share what we know to others.

In today's blog post we are going to talk about the article Entity Framework and ASP.NET MVC 5: Building Web Application (Part 1)  by Vincent Maverick Durano

Before we start about the article discussion ,I would like to share few words about the article author  Vincent Maverick Durano .Vincent  is 9 time Microsoft MVP and his contributions will always be great as he will write articles in details with real world examples in very simple way, Which makes even the beginners to understand it very deeply and clearly. I like Vincent  way of presenting article and thanks for his hard works and love on community to give such a quality of articles. Today in this blog post I have choose one of Vincent   recent article  Entity Framework and ASP.NET MVC 5: Building Web Application (Part 1)    which seems to be as a series of articles .If you are a ASP.NET Lover then don't miss to read this article and also all his upcoming series as he will be explaining all his parts with real world examples.

This article discusses in detail about Entity Framework  and ASP.NET 5,If you ask me there are several articles which explains about Entity Framework and ASP.NET 5 then I choose this article ,answer to this question will be very simple as this articles explains in very details and easy to understand with real world examples even a beginner can easily understand very clearly on working with Entity Framework and ASP.Net 5 . Vincent  starting his article with the introduction part and explained about

• Introduction
• Background
• What You Will Learn
• Prerequisites
• Environment and Development Tools
• Let's Get Started!
• What is ASP.NET MVC?
• What is a Model?
• What is a Controller?
• What is a View?
• Creating a Database
• Creating Database Tables
• Adding a New ASP.NET MVC 5 Project
• Setting Up the Data Access
• Creating the Entity Models
• Creating a Signup Page
• Adding ViewModels
• Adding the UserManager Class
• Adding the Controllers
• Adding the Views
• Web.Config
• Running the Application

 I hope you all enjoy reading this  article Entity Framework and ASP.NET MVC 5: Building Web Application (Part 1)  by Vincent Maverick Durano.

Today's banner image from Me

See you all soon in another blog post.

Thank you all.

Yours,
Syed Shanu
MSDN Profile | MVP Profile | Facebook | Twitter |
TechNet Wiki the community where we all join hands to share Microsoft-related information.

執筆者: Sachin Goyal (Senior Program Manager, Windows Servicing & Delivery Team)

このポストは、2018 年 6 月 12 日に投稿された Windows Server 2008 SP2 servicing changes の翻訳です。

Windows Server 2008 SP2 が、ロールアップ モデルに移行することになりました。月例品質ロールアップのプレビューの初回リリースは、2018 年 8 月 21 日 (火) に予定されています。

これにより、Windows Server 2008 SP2 もその後にリリースされた Windows バージョンと同じサービス モデルになり、サービス エクスペリエンスの一貫性が増すと同時にシンプルになります。Windows の更新を管理されている方は、どのような選択肢があるかよく確認されるようにしてください。

8 月に月例品質ロールアップの最初のプレビューがリリースされた後、毎月のリリースは以下のようになる予定です。

セキュリティのみの品質更新プログラム: 2018 年 9 月以降、マイクロソフトの月例更新日として知られる第 2 火曜日に、セキュリティのみの品質更新プログラムがリリースされます。

セキュリティ月例品質ロールアップ: 2018 年 9 月以降、マイクロソフトの月例更新日として知られる第 2 火曜日に、セキュリティ月例品質ロールアップがリリースされます。

月例品質ロールアップ プレビュー: 2018 年 8 月以降、第 3 火曜日に月例品質ロールアップのプレビューがリリースされます。

詳細については、こちらの IT プロフェッショナル向けの Windows ブログをご覧ください。

Internet Explorer の更新

• 月例ロールアップには、Windows Server 2008 SP2 用 Internet Explorer 9 の修正プログラムも含まれます。既に新しいバージョンがインストールされている場合を除いて、セキュリティのみの品質更新プログラム、セキュリティ月例品質ロールアップ、月例品質ロールアップ プレビューによって新しいバージョンの Internet Explorer がインストール/アップグレードされることはありません。

.NET Framework の月例ロールアップ

• .NET Framework の更新の変更については、ブログ記事「.NET Framework 用の月例のロールアップの詳細」を参照してください。

今回の変更により、Windows Server 2008 SP2 搭載コンピューターの更新が簡素化され、スキャンやインストールの所要時間が短縮されます。また、普段の Windows の更新管理がさらに柔軟になります。

(この記事は2018年4月23日にMicrosoft Partner Network blog に掲載された記事 Smart marketing made simple. And free.  の翻訳です。最新情報についてはリンク元のページをご参照ください。)

効果の高いマーケティング ツールやマーケティング戦略は、常に一定というわけではありません。だからこそ、マイクロソフトはパートナー様向けのトレーニング資料を常に刷新し続けており、パートナーの皆様には、最新のリソースを無料で最大限にご活用いただきたいと考えています。

マイクロソフトの新しいトレーニング ビデオでは、優れた実績を挙げているパートナー様からのアドバイスをご紹介しており、価値提案の策定から優れたカスタマー エクスペリエンスの実現まで、効果的なマーケティング手法について知ることができます。たとえば、顧客育成型マーケティングを活用した場合、価格を 33% 引き下げても、売上が 50% 伸びるというデータがあります。顧客育成型マーケティングの具体的な実践方法や、リードを顧客に転換する方法などのポイントについては、こちらのビデオ (英語) をご覧ください。その他のコンテンツでは、競合分析や競合他社との差別化などに関するアドバイスも提供しています。

パートナー ネットワークのリソース

パートナー様を対象に、新しい Azure コンテンツを提供しています。こちらのリソース コレクション (英語) では、カスタマイズ可能なソーシャル バナー、電子メール テンプレート、プレゼンテーション資料、販売ガイド、インフォグラフィックスなど、市場投入ツールの一覧をご覧いただけます。いずれのリソースもガイダンス付きです。

また、マイクロソフトのカスタマイズ可能なマーケティング キャンペーン資料を、個々のビジネス ニーズに合わせてカスタマイズしてご活用ください。ブログ、スターター ガイド、最新の MPN の更新情報の概要など、すべてのコンテンツが見つけやすく、簡単にダウンロードできるようになりました。

ソリューション分野別のキャンペーン資料は、すべてこちらからご覧いただけます。

https://partner.microsoft.com/ja-JP/asset#/?type=marketing-campaigns&area=mrkt

マイクロソフトが管理するサービス

パートナー様向けのリソースの中でも特に重要なのは、市場投入サービスです。チーム向けの営業資料の作成方法、デジタル マーケティング戦略の最適化の方法など、専門性が高く実用的な有料サービスをパートナー様向けに幅広くご用意しています。

マイクロソフトのビジネスはパートナー様主導です。スマートでアクセスしやすいコンテンツにより、パートナー様を強力にサポートします。パートナー様の 75% 以上が、マイクロソフトのリソースを活用し、市場投入時間を短縮しています。また、68% が今年中にマイクロソフトのトレーニングを利用することを検討中です。変化の激しい市場でビジネスの成長を実現できるよう、ぜひマイクロソフトの最新のトレーニングとビデオをご活用ください。

その他のマーケティング コンテンツについては、こちらのマイクロソフト パートナー コミュニティ (英語) でご確認ください。

AD community -

Please find this month’s webinars below. This month, it’s smaller due to many conferences and vacations.

Reminder:

• These webinars are FREE of cost.
• These webinars are currently held monthly with new sessions being added.
• Each session is1 hour, it includes an anonymous Q&A session with Microsoft AAD Engineering Team.
• Each session is recorded, please register for the recording link.

July webinar schedule:

Cheers,
Bea

こんにちは。Windows サポート チームの矢澤です。
Windows 10 RS4 (1803) における移動ユーザー プロファイルとフォルダー リダイレクトの問題が報告されておりますので、本 blog にてご案内いたします。

1. 移動ユーザー プロファイルにてログオン・ログオフ遅延が発生する
1-1. 事象
RS4 の端末において、移動ユーザー プロファイルを構成するとログオン・ログオフが遅延します。
ログオフ時の画面に「移動ユーザー プロファイルが完全に同期されていません。イベント ログで詳細を確認するか、管理者に問い合わせてください。」が出力されます。
また、Application イベントログにイベント ID:1504 および 1509 が記録され、移動ユーザー プロファイルが同期できないエラー、警告が出力されます。

1-2. 原因
移動ユーザー プロファイルに含めないフォルダーを指定する以下のレジストリが RS4 では既定の状態で存在しません。

     HKCUSoftwareMicrosoftWindows NTCurrentVersionWinlogonExcludeProfileDirs

RS3 (1709) までは本レジストリに既定で以下の値が設定されており、移動ユーザー プロファイルの対象から除外されるフォルダーを既定で指定されておりましたが、RS4 では本レジストリが存在しないことで、AppDataLocal などファイルサイズが大きいフォルダーも移動ユーザー プロファイルの対象としてログオフ時にファイルサーバーにアップロードされ、ログオン時にファイルサーバーからダウンロードされるため、ログオン・ログオフ遅延が発生します。

     AppDataLocal;AppDataLocalLow;$Recycle.Bin;OneDrive;Work Folders

1-3. 回避策
既にファイルサーバーのプロファイル フォルダー配下に、AppDataLocal や AppDataLocalLow フォルダーが存在している場合には事前に削除し、以下の手順にて ExcludeProfileDirs キーをグループ ポリシーにて配布します。

1. ドメイン コントローラーに管理者としてログオンします。

2. [グループ ポリシーの管理] を開き、RS4 の移動プロファイル対象ユーザーに適用される GPO を [編集] します。

3. 以下のパスに移動します。

     [ユーザーの構成] - [基本設定] - [Windows の設定] - [レジストリ]

4. [新規作成] - [レジストリ項目] を選択し以下の設定をします。
※[キーのパス] の [...] をクリックし以下のパスをクリックしても設定が可能です。

     アクション: 更新
     ハイブ: HKEY_CURRENT_USER
     キーのパス: SOFTWAREMicrosoftWindows NTCurrentVersionWinlogon
     値の名前: ExcludeProfileDirs
     値の種類: REG_SZ
     値のデータ: AppDataLocal;AppDataLocalLow;$Recycle.Bin;OneDrive;Work Folders
          ※値のデータはお客様の指定があれば追加ください

5. [OK] をクリックし、エディターを閉じます。

6. 対象ユーザーにてログオン・ログオフし、事象が改善されるかをご確認ください。

1-4. 対処策
2018 年 7 月 25 日にリリースされる累積更新プログラムに本問題の対策が含まれる予定です。

2. フォルダー リダイレクトにて AppDataRoaming がリダイレクトされない
2-1. 事象
RS4 の端末において、フォルダー リダイレクトが有効なユーザーがログオンすると AppDataRoaming フォルダーのリダイレクトに失敗します。

2-2. 原因
AppDataRoaming がリダイレクト可能なフォルダーとして認識されない不具合が内在しています。

2-3. 回避策
回避策はありません。

2-4. 対処策
2018 年 6 月 27 日にリリースされた累積更新プログラム KB4284848 を適用ください。
適用後に再起動し、ログオンすることで AppDataRoaming がリダイレクトされます。

Introduction

In recent months, Microsoft has changed the distribution method for the MSOnline PowerShell Modules from the use of the .msi self-contained download to exclusively having it installed from the Online Gallery via the Install-Module cmdlets. Unfortunately, not every Windows-based operating system that you might be working from has the latest and greatest version of PowerShell, let alone an even fairly up-to-date version and you may find yourself in a situation where you cannot run Install-Module. The purpose of this article is to help you get going quickly using PowerShellGet/Install-Module Cmdlets on operating system that does not already have it available.

Pre-requisites

In order to install any module though the user of the Install-Module cmdlet you must be running an Operating System that supports PowerShell Version 3.0 or Greater (Windows 7, Windows Server 2008 R2 and later releases of Windows and Windows Server). Depending on the age of your Operating System build, even if it does lie within those parameters, it may not currently have PowerShell Version 3.0+ installed. To check which version of PowerShell you are currently running, open PowerShell and run:

$PSVersionTable.PSVersion
Major  Minor  Build  Revision
-----  -----  -----  --------
5      1      17134  137

The 'Major' is really the primary focus, if it does not say "3" or greater, the Install-Module cmdlets are not available but they can be 'downloaded' or 'installed' through the Windows Management Framework package(s):

Windows Management Framework 3.0
Windows Management Framework 4.0
Windows Management Framework 5.1

Setup

Once with Windows Management Framework has been installed, all you simply need to do is open a new PowerShell window and execute Install-Module MSOnline, Install-Module AzureAD or any other module that is available through the PowerShell Gallery and you'll be on your way.

こんにちは！Azure Identity サポートの谷です。

Azure AD Connect サーバーを新規構築に構築する場合や既存環境のセキュリティ面での見直しなどの背景により、
サードパーティ製のウィルス対策ソフトやファイアウォールでの通信制限についてのお問い合わせを多くいただいています。
公開情報等の情報を踏まえ、これらの情報を一目できるようにお纏めしましたので、下記に纏めさせていただきました。
構築時や運用時の参考にしていただければ幸いです。

========================================
ウィルス対策ソフトでのスキャン除外項目
========================================
基本的には SQL Server 2012 Express LocalDB としての除外をご考慮いただければと存じますので、以下の技術情報をまずは参考としてご参照いただければと存じます。

Title: SQL Server を実行しているコンピューター上で実行するウイルス対策ソフトウェアを選択する方法
URL:https://support.microsoft.com/ja-jp/help/309422/how-to-choose-antivirus-software-to-run-on-computers-that-are-running

上記技術情報を踏まえ、AADC 製品を添付の SQL Server 2012 Express LocalDB をご利用いただいた状態で、既定でセットアップされた際の除外対象は以下となります。

・SQL Server データ ファイル格納先
C:Program FilesMicrosoft Azure AD SyncData
※ 一時的に利用される場合があるため、[C:Program FilesMicrosoft Azure AD SyncMaData] も併せて除外していただければと存じます。

・ウイルス スキャンから除外するプロセス
C:Program FilesMicrosoft SQL Server110LocalDBBinnsqlservr.exe
上記に加え、SQL Server 観点として技術情報にございます [.bak / .trn / .trc / .sql] の拡張子を持つファイルの除外も念のためご検討ください。

========================================
通信ポート要件
========================================
Azure AD Connect サーバーの通信要件は下記弊社サイトにてまとめさせていただいております。

Title : ハイブリッド ID で必要なポートとプロトコル
URL:https://docs.microsoft.com/ja-jp/azure/active-directory/connect/active-directory-aadconnect-ports

上記サイト内で Azure AD Connect の要件として必要な表は下記となります。
-------------------------
表 1 - Azure AD Connect とオンプレミスの AD
表 2 - Azure AD Connect と Azure AD
表 6a - SSO でのパススルー認証のトラブルシューティング
表 6b - SSO でのパスワード ハッシュ同期
表 7a - Azure AD Connect Health エージェント (AD FS/Sync) と Azure AD 用のポートとプロトコル
表 7b - Azure AD Connect Health エージェント (AD FS/Sync) と Azure AD 用のエンドポイント
-------------------------

上述のサイト内にもリンクがありますが、Azure AD Connect の接続先である Azure サービス (AAD など) の接続先 IP アドレスは下記となります。
Title: Office 365 URL および IP アドレス範囲
URL:https://support.office.com/ja-jp/article/office-365-url-%E3%81%8A%E3%82%88%E3%81%B3-ip-%E3%82%A2%E3%83%89%E3%83%AC%E3%82%B9%E7%AF%84%E5%9B%B2-8548a211-3fe7-47cb-abb1-355ea5aa88a2?ui=ja-JP&rs=ja-JP&ad=JP
# この情報は将来的に変更が行われる可能性があります。

上記の内容を下記表にて纏めさせていただきました。

*1 : ポート番号 : 49152 ～ 65535
*2 : Azure AD Connect Health Agent を使用する場合のみです。
Azure AD Connect Healt Agent の通信ポート以外の要件についてはこちらをご参照ください。

その他ご利用のサービスなどで使用するポートや懸念事項がございましたら、お気軽に弊社テクニカル サポートまでご連絡いただければ幸いです。

As I mentioned in the Current Cumulative Updates for Office - Q3 2012 post, each quarter I will post information on the latest updates for the Office for Windows and Office for Macintosh products.

The information below is being provided regarding the most currently available updates available for the supported Windows and Macintosh versions of Office as of July 2, 2018.

Release Schedule for Non-Security Updates

• For the MSI version of Office, non-security updates are released in Microsoft Update and the Windows Server Update Service (WSUS) on the first Tuesday of the month.  This will include all updates that have the Critical or Definition classification.  Updates with the Security classification will continue to release on the second Tuesday as usual.
• For the Click-To-Run (C2R) version of Office, all updates will release on the second Tuesday of the month.

As a reminder on why I'm providing this information and how it should be used, please see my Keeping Up with Office Updates post which discusses the cumulative updates for Office (and Outlook in particular) that companies need to be aware of and push out to their users.

Office for Windows

Office 2016

• Current Service Pack level: Office 2016 (RTM released September 22, 2015)
• Latest cumulative: June 2018 (http://support.microsoft.com/kb/4299875) 
• Outlook specific: June 12, 2018 (http://support.microsoft.com/kb/4022160) 

Office 2013

• Current Service Pack level: Office 2013 SP1
  • All versions of Office 2013 EXCEPT the VLSC edition, are no longer supported with Office 365 as of February 28, 2017
  • Starting with the April 2015 update releases, all Office 2013 updates require Office 2013 SP1 to be installed.
  • Office 2013 RTM (SP0) support ended April 14, 2015
• Latest cumulative: June 2018 (http://support.microsoft.com/kb/4299875)
• Outlook specific: June 12, 2018 (http://support.microsoft.com/kb/4022169)

Office 2010

• Current Service Pack level: Office 2010 SP2
  • Office 2010 SP1 support ended on October 14, 2014
  • Note: Office 2010 RTM (SP0) support ended July 10, 2012
• Latest cumulative: June 2018 (http://support.microsoft.com/kb/4299875)
• Outlook specific: June 12, 2018 (http://support.microsoft.com/kb/4022205)

Office 2007

• Current Service Pack level: Office 2007 SP3 (released October 2011)
  • Note: Office 2007 reached end-of-life support on October 10, 2017.
• Last cumulative Update: March 2018 (http://support.microsoft.com/kb/4090988)
• Outlook specific: February 13, 2018 (http://support.microsoft.com/kb/4011200)

Office 2003

• Office 2003 reached End-of-Life Support on April 8, 2014

Office for Windows 2016 (C2R)

• Monthly Channel: Version 1806 (Build 10228.20080)
• Semi-Annual Channel (Targeted): Version 1803 (Build 9126.2227)
• Semi-Annual Channel: Version 1780 (Build 8431.2270)

Note: Each of the KB articles includes the list/links for all the Office products (Word, Excel, Outlook, etc).  Most of you focus on Outlook and that's the only ones required and is also provided separately but I wanted to provide the larger "Office" list in case you want it.

As a reminder, Microsoft Update does *NOT* make the cumulative updates available to users (unlike the Public Updates) for products prior to Office 2013.  These have to be downloaded and either installed independently or deployed using tools such as WSUS, SCCM, etc.

Note: As of January 1, 2015 the Office product group has made a decision to no longer have both what were known as "Public Updates" (those that you could get through Microsoft Update) and "Cumulative Updates" (separate downloads) for the Office 2013 products, which has always been very confusing (and part of why I started posting this information).  Going forward, all updates will be part of the Public Update releases.  However, I will continue to post this bulletin quarterly so that you have this information to properly manage updates for desktops, etc.

Office for Macintosh

Office 2016

• Current Service Pack Level: Office 2016 for Mac RTM
• Latest cumulative Update: June 13, 2018 - 16.14.1 (Release Notes for Office 2016 for Mac)

Office 2011

• Current Service Pack Level: Microsoft Office for Mac 2011 SP7 (released Nov 15, 2016)
  • Office for Mac 2011 mainstream support ended on October 10, 2017
• Latest cumulative Update: September 12, 2017 - 14.7.7 (http://support.microsoft.com/kb/3212225)

Note: Each of the KB articles includes the link for downloading the package which updates ALL Office Products...there are not separate updates for each of the various components of Office as there is with the Windows releases.

Today's tip...

I thought this would be great opportunity to demonstrate how customers can leverage multiple Azure services to benefit and secure their existing Azure infrastructure.

As announced in First look at updates coming to Remote Desktop Services the Remote Desktop Services modern infrastructure (RDmi) enables a multi-tenant infrastructure to be deployed as Azure App Services which manage connections from RD clients to multiple isolated RD tenant environments

Azure  App Services  enables customers to build and host web applications in the programming language of their choice without managing infrastructure. Azure App Service offers auto-scaling, high availability, and supports both Windows and Linux.

Per Azure Security Center can identify attacks targeting Azure App Service applications customers can leverage the visibility that Azure has as cloud provider, Security Center analyzes App Service internal logs to identify attack methodology on multiple targets.

In this example customers can utilize Azure Security Center threat detection to monitor, identify and prevent attacks against RDmi infrastructure.

References:

• Azure Security Center can identify attacks targeting Azure App Service applications - https://azure.microsoft.com/en-us/blog/azure-security-center-can-identify-attacks-targeting-azure-app-service-applications/
• First look at updates coming to Remote Desktop Services - https://cloudblogs.microsoft.com/enterprisemobility/2017/09/20/first-look-at-updates-coming-to-remote-desktop-services/
• Everything you need to know about recent updates to Remote Desktop Services - https://www.youtube.com/watch?v=UuTC5yqXMDc&t=493s
• RDmi Planning Poster - https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/rds-poster

Listed below are the non-security updates we released on the Download Center and Microsoft Update. See the linked KB articles for more information.

Office 2010

Update for Microsoft PowerPoint 2010 (KB4022136)

Office 2013

Update for Microsoft Excel 2013 (KB4022244)

Update for Microsoft Office 2013 (KB4018378)

Update for Microsoft Office 2013 (KB4022166)

Update for Microsoft Outlook 2013 (KB4022242)

Office 2016

Update for Microsoft Excel 2016 (KB4022229)

Update for Microsoft Office 2016 (KB3191864)

Update for Microsoft Office 2016 (KB4011035)

Update for Microsoft Office 2016 (KB4018324)

Update for Microsoft Office 2016 (KB4018385)

Update for Microsoft Office 2016 (KB4022214)

Update for Microsoft Office 2016 (KB4022223)

Update for Microsoft Office 2016 Language Interface Pack (KB4022220)

Update for Microsoft Outlook 2016 (KB4022230)

Update for Microsoft Project 2016 (KB4022217)

Update for Microsoft Visio 2016 (KB4018325)

Por: Jacqueline Beauchere, jefa de seguridad en línea en Microsoft.

Hace unos días, organicé un taller sobre civilidad digital en la conferencia anual de la Fundación Marie Collins, “From Discovery to Recovery – Online Sexual Abuse of Children”. Microsoft es un patrocinador de la fundación, una organización benéfica ubicada en Reino Unido que apoya de manera directa a niños que han sufrido de abuso sexual en línea, así como también brinda apoyo a sus familias.

Nuestra sesión incluyó a representantes de UNICEF, el Premio Diana (que también representa a NoBully.org), y el sector académico, junto on Microsoft. La sesión interactiva examinó las definiciones y nomenclatura que rodea a la civilidad digital, así como ejemplos de consejos y guía por parte de miembros de la audiencia que han brindado a sus propios niños y estudiantes sobre ejercer el decoro y relacionarse en línea de manera constructiva.

Durante el taller, hicimos algunas preguntas a los participantes sobre el nivel de seguridad y respeto en internet; los riesgos en línea más comunes y serios; las principales diferencias entre riesgo y daño; y como practicantes globales e inhibidores de daños en línea hacia los niños (e incluso hacia todos los individuos), dónde deberíamos poner nuestros esfuerzos colectivos. Las respuestas fueron muy amplias. Para algunos, la civilidad digital se trata de cortesía, respeto e inteligencia digital; compasión y empatía; y estar conscientes y atentos de los sentimientos, puntos de vista y marcos de referencia de las demás personas. Otros ven una necesidad de interactuar con un grado de cortesía e inculcar una cultura de “por favor y gracias” en el mundo digital. Otros ven la civilidad como algo derivado de valores humanos y moralidad con un profundo arraigo y enfatizaron que enseñar a los niños valores profundos en el mundo real les ayudará a llevarlos a los espacios en línea.

Mientras tanto, los participantes apuntaron a redefinir lo que significa tener y ser un “amigo” como un subproducto que no es bienvenido de la vida en línea. “La adicción a internet”, un deterioro de las habilidades de comunicación, y la ausencia de responsabilidad por parte de los padres para enseñar a los jóvenes buenos hábitos y prácticas digitales fueron otras preocupaciones.

Un defensor líder de seguridad en línea comentó que la civilidad digital implicaba una “barra un tanto baja” para las interacciones digitales positivas. Después de señalar a la intervención muy familiar por parte de los padres de dirigirse a los hermanos que pelean en el asiento trasero de un automóvil, comentó que la amonestación de decirles "al menos respétense" era de manera clara un obstáculo bajo.

Los esfuerzos de Microsoft para fomentar la civilidad digital

En Microsoft, vemos la civilidad digital como liderar con empatía, inclusión y amabilidad en todas las interacciones en línea, y buscamos fomentar un comportamiento en línea más seguro y saludable a través de nuestro Digital Civility Challenge como un punto de arranque. en nuestro punto de vista, la civilidad digital no se trata de limitar o sofocar la discusión y el debate en línea. En lugar de eso, se trata de reasegurar que los intercambios y desacuerdos robustos tomen lugar sin insultos, acoso o abuso.

Mantenemos el apoyo a la civilidad digital y estamos en proceso de presentar otra ronda de investigación, en esta ocasión en 22 países. Hemos realizado estudios similares lanzados a principios de 2017 y 2018, ambos en conjunto con el Día Internacional del Internet Seguro en febrero. Nuestros estudios encuestan a adolescentes y adultos en diferentes geografías y les preguntamos acerca de su exposición a 20 riesgos en línea.

En los últimos dos años, también calculamos nuestro Índice de Civilidad Digital, una medición del nivel de civilidad percibido en cada país, que está basado en actitudes y percepciones de los encuestados de esos países. El Índice de Civilidad Digital actual se encuentra en 65 por ciento, igual al del año 1, a pesar de la adición de nueve países y tres riesgos al reporte del segundo año. Para seguir con esta línea, para el año 3, nuestra investigación ahondará en los riesgos y preocupaciones más comunes para los encuestados, a saber, contacto no deseado (que de manera abrumadora es el riesgo más común en los primeros dos estudios), engaños, fraudes y estafas, que ha sido el segundo riesgo más común en el segundo año, que fue el primero en el que fue incluido.

Comenzaremos a lanzar los resultados del año 3 a finales de 2018 y para el Día Internacional del Internet Seguro en febrero de 2019, pondremos disponibles todos los datos de la encuesta.

Trabajar en conjunto para crear una cultura de civilidad digital

Desde su concepción en 2016, hemos considerado nuestro enfoque en civilidad digital como una plataforma y concepto amplios para que los demás la enseñen y adopten. De hecho, hemos invitado a socios y colaboradores entre organizaciones civiles, académicos, otras personas en la industria, y gobiernos a que adopten esta noción y desarrollen sus propias iniciativas, proyectos y programas relacionados. En su corta existencia, ya hemos visto proyectos de investigación salidos de este enfoque para otros grupos de edades y demografías, la creación de índices relacionados y otros esfuerzos.

Nuestro desarrollo más significativo a la fecha ha sido la formación y crecimiento de nuestro Council for Digital Good (Consejo para el Bien Digital) inaugural, un grupo de 15 adolescentes de diferentes lugares de Estados Unidos, reunidos para apoyar la civilidad digital y las interacciones en línea más seguras y saludables.

Durante el último año, estos adolescentes han aprendido acerca de problemas de seguridad en línea, han compartido su visión y perspectiva con Microsoft y nuestros socios, y han servido como jóvenes embajadores ansiosos por generar un mundo en línea más seguro y respetuoso. Dondequiera que vaya, incluida esta conferencia de hace unos días, destaco los informados puntos de vista, perspectivas únicas y profundas reflexiones que estos adolescentes imparten de manera continua. En los próximos días, realizaremos un evento público en Washington, D.C., que incluirá a miembros del consejo y un poco del trabajo que han realizado en los últimos meses. Los sumarios del trabajo más reciente del consejo pueden ser encontrados aquí y aquí.

La conferencia de la semana pasada también contó con oficiales de gobierno, personal del orden público, educadores y otros miembros de la sociedad civil, cuyos esfuerzos en trabajar para prevenir la explotación sexual y abuso infantil en línea, y su compromiso con la protección en línea de los niños en general, fueron destacados.

Para más información acerca de la Fundación Marie Collins, visiten el sitio web de la organización. Para conocer acerca de seguridad en línea y civilidad digital, visiten nuestro sitio web y página de recursos, así como nuestras páginas dedicadas a la civilidad digital. Para más información y noticias, conecten con nosotros en Facebook y Twitter. Y consideren tomar nuestro Digital Civility Challenge y comenten en redes sociales que lo han tomado, con los hashtags #Challenge4Civility y #Im4Civility.

In Office 365 migration batches are the preferred method of establishing mailbox migrations to Office 365.  When a migration batch is established the users included in the batch are represented as migration users within the service. 

Within the context of each migration user is where we track the migration process.  One of the data points contained within the migration process is the DATA MIGRATED tab.  When enumerating the users within a migration batch, and selecting a migration user, this information is visible within the portal.

USER@domain.com

Status: Synced

USER@domain.com Skipped item details

Data migrated: 1.4 GB ‎(1,503,707,494 bytes)‎
Migration rate: 0 B ‎(0 bytes)‎
Error:
Report: USER@domain.com Download the report for this user

Last successful sync date: 7/2/2018 6:12:47 PM

Status:

Queued duration: 00:00:09.5015268
In-progress duration: 6.04:36:17.0329441
Synced duration: 36.10:02:28.6166962
Stalled duration: 02:12:43.4040899

One of the common questions and comments that I receive is that the DATA MIGRATED field may often reflect sizes that are slightly more to drastically more than the mailbox being migrated.  This on occasion leads to confusion about the migration process and the data that was migrated.  Here’s an example.

I recently migrated a mailbox from an on premises Exchange 2010 installation.  With Exchange 2010 being the source we can already expect that the data migrated to the service to be more than the reported mailbox size due to the inconsistencies in the methods Exchange 2010 reports mailbox sizes.  At the time that the mailbox migration completed the following was reported within the migration portal.

user@domain.com

Status: Completed

user@domain.com Skipped item details

Data migrated: 2.485 GB ‎(2,668,722,884 bytes)‎
Migration rate: 0 B ‎(0 bytes)‎
Error:
Report: user@domain.com Download the report for this user

Last successful sync date: 7/3/2018 3:14:56 PM

Status:

Queued duration: 00:00:08.5213717
In-progress duration: 01:01:30.1987283
Synced duration: 00:00:00
Stalled duration: 01:21:09.3851867

In this example the data migrated field shows 2.485 GB migrated.  If we review the migration statistics associated with the mailbox we can get an idea of the reported mailbox size to be migrated. 

PS C:> Get-MigrationUserStatistics user@domain.com -IncludeReport | Export-Clixml -Path c:tempmigration.xml

PS C:> $stats=Import-Clixml -Path C:tempmigration.xml

PS C:> $stats.EstimatedTotalTransferSize

1.501 GB (1,612,092,317 bytes)

In this particular instance the estimated mailbox transfer size was 1.5 GB.  If we look at the data migrated verses the estimated data transfer size the difference is almost 1 GB difference.  Even accounting for reporting inconsistencies from Exchange 2010 mailbox size estimates 1 GB is a significant difference.  Why has this happened?

The data migrated field is a summary counter of all data transmissions between Office 365 and the on premises Exchange environment.  It is NOT a reflection of the data migrated verses the estimated mailbox size.  In this particular instance the mailbox move process was interrupted several times.  The interruptions may be the result of throttling, connection problems, or other migration interruptions. 

7/3/2018 2:22:35 PM [CO2PR07MB2711] The job has been paused temporarily due to unfavorable server health, with request throttling state: 'StalledDueToTarget_DiskLatency'. It will automatically resume after '7/3/2018 2:23:35 PM'.
7/3/2018 2:28:38 PM [CO2PR07MB2711] The Microsoft Exchange Mailbox Replication service 'CO2PR07MB2711.namprd07.prod.outlook.com' (15.20.930.16 ServerCaps:FFFFFF, ProxyCaps:0FFFC7FD6DFDBF5FFFFFCB07FFFF, MailboxCaps:, legacyCaps:FFFFFF) is examining the request.
7/3/2018 2:28:38 PM [CO2PR07MB2711] Content from the Shard mailbox (Mailbox Guid: 6021ac05-d3f5-4bf4-ad03-f749aa02a1e4, Database: 545e461d-55da-4037-9c3e-d57a539e5e43) will be merged into the target mailbox.
7/3/2018 2:28:38 PM [CO2PR07MB2711] Connected to target mailbox 'live.domain.comf28fad8a-546d-4965-8bcd-94806d53967d (Primary)', database 'NAMPR07DG170-db053', Mailbox server 'CO2PR07MB2711.namprd07.prod.outlook.com' Version 15.20 (Build 930.0).
7/3/2018 2:28:45 PM [CO2PR07MB2711] Connected to source mailbox 'live.domain.comf28fad8a-546d-4965-8bcd-94806d53967d (Primary)', database 'DAG-Administration', Mailbox server 'MICHAEL.domain.com' Version 14.3 (Build 382.0), proxy server 'PROXY.domain.com' 15.1.1531.3 ServerCaps:, ProxyCaps:, MailboxCaps:, legacyCaps:0FFD6FFFBF5FFFFFCB07FFFF.

7/3/2018 2:28:47 PM [CO2PR07MB2711] Request processing continued, stage LoadingMessages.
7/3/2018 2:28:47 PM [CO2PR07MB2711] Stage: LoadingMessages. Percent complete: 20.
7/3/2018 2:41:04 PM [CO2PR07MB2711] Stage: CopyingMessages. Percent complete: 85.
7/3/2018 2:41:04 PM [CO2PR07MB2711] Copy progress: 17097/21426 messages, 1.299 GB (1,394,743,256 bytes)/1.501 GB (1,611,958,891 bytes), 30/67 folders completed.

7/3/2018 2:41:04 PM [CO2PR07MB2711] The job has been paused temporarily due to unfavorable server health, with request throttling state: 'StalledDueToTarget_DiskLatency'. It will automatically resume after '7/3/2018 2:42:04 PM'.
7/3/2018 2:49:49 PM [CO2PR07MB2711] The Microsoft Exchange Mailbox Replication service 'CO2PR07MB2711.namprd07.prod.outlook.com' (15.20.930.16 ServerCaps:FFFFFF, ProxyCaps:0FFFC7FD6DFDBF5FFFFFCB07FFFF, MailboxCaps:, legacyCaps:FFFFFF) is examining the request.
7/3/2018 2:49:55 PM [CO2PR07MB2711] Content from the Shard mailbox (Mailbox Guid: 6021ac05-d3f5-4bf4-ad03-f749aa02a1e4, Database: 545e461d-55da-4037-9c3e-d57a539e5e43) will be merged into the target mailbox.
7/3/2018 2:49:55 PM [CO2PR07MB2711] Connected to target mailbox 'live.domain.comf28fad8a-546d-4965-8bcd-94806d53967d (Primary)', database 'NAMPR07DG170-db053', Mailbox server 'CO2PR07MB2711.namprd07.prod.outlook.com' Version 15.20 (Build 930.0).
7/3/2018 2:50:02 PM [CO2PR07MB2711] Connected to source mailbox 'live.domain.comf28fad8a-546d-4965-8bcd-94806d53967d (Primary)', database 'DAG-Administration', Mailbox server 'MICHAEL.domain.com' Version 14.3 (Build 382.0), proxy server 'PROXY.domain.com' 15.1.1531.3 ServerCaps:, ProxyCaps:, MailboxCaps:, legacyCaps:0FFD6FFFBF5FFFFFCB07FFFF.

7/3/2018 2:50:04 PM [CO2PR07MB2711] Request processing continued, stage LoadingMessages.
7/3/2018 2:50:04 PM [CO2PR07MB2711] Stage: LoadingMessages. Percent complete: 20.
7/3/2018 3:00:05 PM [CO2PR07MB2711] Stage: CopyingMessages. Percent complete: 89.

In this example the move request was stalled several times.  Each time after the stall the migration request is picked back up – and message loading occurs.  This would be an example of additional data added to the transfer set that was not mailbox level items that would have been accounted for in the mailbox size. 

If I was curious about the status of the migration and understanding the full migration status – how can I ensure the data was moved.  When a move enters the finalization phase the source mailbox and target mailbox are locked.  We have a mailbox folder verification process that is executed.  The mailbox folder verification process iterates through each folder in the source mailbox and compares it to the target mailbox.  Item counts and sizes are compared in real time.  If there are any discrepancies identified the move will be placed into a failed state.  The mailbox verification is logged into the migration log file and can be viewed by the administrator.

PS C:> Get-MigrationUserStatistics user@domain.com -IncludeReport | Export-Clixml -Path c:tempmigration.xml

PS C:> $stats=Import-Clixml -Path C:tempmigration.xml

PS C:> $stats.Report.MailboxVerification

Source                                         : 10188 [1.152 GB (1,237,342,091 bytes)]
SourceFAI                                      : 27 [1.203 MB (1,261,537 bytes)]
Target                                         : 10188 [1.464 GB (1,571,440,111 bytes)]
TargetFAI                                      : 27 [1.227 MB (1,286,579 bytes)]
Corrupt                                        : 0 [0 B (0 bytes)]
Large                                          : 0 [0 B (0 bytes)]
Skipped                                        : 0 [0 B (0 bytes)]
FolderSourcePath                               : /Top of Information Store/Inbox
FolderTargetPath                               : /Top of Information Store/Inbox
FolderSourceID                                 : {0, 0, 0, 0...}
FolderTargetID                                 : {0, 0, 0, 0...}
ParentSourceID                                 : {0, 0, 0, 0...}
ParentTargetID                                 : {0, 0, 0, 0...}
WKFType                                        : Inbox
WKFTypeInt                                     : 10
FolderIsMissing                                : False
FolderIsMisplaced                              : False
MismatchedFlagsCount                           : 0
MissingItemsInTargetBucket                     : 0 [0 B (0 bytes)]
MismatchedFlagsSample                          : {}
DuplicatedItemsInTargetBucket                  : 0 [0 B (0 bytes)]
MissingInSourceExtraItemsInTargetBucket        : 0 [0 B (0 bytes)]
MismatchedSyncFolderIdExtraItemsInTargetBucket : 0 [0 B (0 bytes)]
NonMRSSyncedExtraItemsInTargetBucket           : 0 [0 B (0 bytes)]
FolderExclusionExtraItemsInTargetBucket        : 0 [0 B (0 bytes)]
MailboxGuid                                    : f28fad8a-546d-4965-8bcd-94806d53967d
UnknownElements                                :
UnknownAttributes                              :
XmlSchemaType                                  :

Source                                         : 5129 [247.9 MB (259,986,587 bytes)]
SourceFAI                                      : 3 [5.91 KB (6,052 bytes)]
Target                                         : 5129 [500 MB (524,288,275 bytes)]
TargetFAI                                      : 3 [8.085 KB (8,279 bytes)]
Corrupt                                        : 0 [0 B (0 bytes)]
Large                                          : 0 [0 B (0 bytes)]
Skipped                                        : 0 [0 B (0 bytes)]
FolderSourcePath                               : /Top of Information Store/Deleted Items
FolderTargetPath                               : /Top of Information Store/Deleted Items
FolderSourceID                                 : {0, 0, 0, 0...}
FolderTargetID                                 : {0, 0, 0, 0...}
ParentSourceID                                 : {0, 0, 0, 0...}
ParentTargetID                                 : {0, 0, 0, 0...}
WKFType                                        : DeletedItems
WKFTypeInt                                     : 14
FolderIsMissing                                : False
FolderIsMisplaced                              : False
MismatchedFlagsCount                           : 0
MissingItemsInTargetBucket                     : 0 [0 B (0 bytes)]
MismatchedFlagsSample                          : {}
DuplicatedItemsInTargetBucket                  : 0 [0 B (0 bytes)]
MissingInSourceExtraItemsInTargetBucket        : 0 [0 B (0 bytes)]
MismatchedSyncFolderIdExtraItemsInTargetBucket : 0 [0 B (0 bytes)]
NonMRSSyncedExtraItemsInTargetBucket           : 0 [0 B (0 bytes)]
FolderExclusionExtraItemsInTargetBucket        : 0 [0 B (0 bytes)]
MailboxGuid                                    : f28fad8a-546d-4965-8bcd-94806d53967d
UnknownElements                                :
UnknownAttributes                              :
XmlSchemaType                                  :

In summary – the DATA MIGRATED field cannot be used as a measure of migration success or failure.  Only in cases where the move is started and almost immediately finalized with no errors, stalls, or interruptions will the value be near or close to the mailbox size being migrated.

Over the last few years, we have been investing in services that help developers access information in Office 365 in a simple and intuitive way, specifically through Microsoft Graph.  Microsoft Graph and the use of OAuth 2.0 provide increased security and seamless integration with other Microsoft cloud services and is rapidly expanding developer access to the rich data sets behind Microsoft applications.  

As we make progress on this journey, we have continued to evaluate the role of Exchange Web Services (EWS). Today we are sharing our plans to move away from Basic Authentication access for EWS over the next two years, with support ending Oct. 13, 2020.   

These plans apply only to the cloud-based Office 365/Exchange Online products; there are no changes to EWS capabilities of on-premises Exchange products. 

Exchange Web Services will not receive feature updates 

Starting today, Exchange Web Services (EWS) will no longer receive feature updates. While the service will continue to receive security updates and certain non-security updates, product design and features will remain unchanged. This change also applies to the EWS SDKs for Java and .NET as well. 

While we are no longer actively investing in it, EWS will still be available and supported for use in production environments.  However, we strongly suggest migrating to Microsoft Graph to access Exchange Online data and gain access to the latest features and functionality. For more information and details on how to make the transition, please refer to the following articles: 

• Overview of Microsoft Graph 
• Overview of Outlook mail API on Microsoft Graph 

While EWS and Graph have mostly overlapping functionality, there are some differences. If you rely on an EWS API that does not have a Graph counterpart, please let us know via UserVoice of features needed for your app scenarios.   

Basic Authentication for EWS will be decommissioned 

Exchange Web Services (EWS) was launched with support for Basic Authentication. Over time, we've introduced OAuth 2.0 for authentication and authorization, which is a more secure and reliable way than Basic Authentication to access data. Please refer to the following article for more information: 

Getting started with OAuth2 for Microsoft Graph 

Today, we are announcing that on October 13th, 2020 we will stop supporting and fully decommission the Basic Authentication for EWS to access Exchange Online. This means that new or existing apps will not be able to use Basic Authentication when connecting to Exchange using EWS.  

Next Steps 

The deprecation of these APIs follows our service deprecation policies. We understand changes like this may cause some inconvenience, but we are confident it will ensure more secure, reliable, and performant experiences for our customers. 

We're here to help if you need it. If you have questions, please let us know in Stack Overflow with the [MicrosoftGraph] tag. 

Thank you in advance for updating and opening your apps to a wider range of useful and intelligent features on Microsoft Graph. We are extremely excited about the growing opportunities that Microsoft Graph offers to our customers, and we remain fully committed to continue our journey to empower developers to access Office 365 data with the most modern features and tools. 

Frequently Asked Questions  

Q: Will my application stop working when you make this change? 

A: It might, yes, it depends on the app itself and how it was coded. If it’s using EWS, and if it’s using Basic authentication then yes, on October 13th 2020 it will fail to connect. However, if the app is using Modern Auth/OAuth, then no, it will keep working as it did before.  

Q: Why October 13th 2020? Why that date? 

A: Starting October 13, 2020, Office 365 ProPlus or Office perpetual in mainstream support will be required to connect to Office 365 services. This announcement is posted here Office 365 ProPlus Updates.  

This change requires that Office 2013/Office 2016 are also required to use Modern Auth. Please see this.

Q: Our in-house team created an app for meeting room scheduling, how do we go about changing that over to Graph and OAuth2.0?  

A: Don’t forget you can keep using EWS if you want to, so then really, it’s just the question of authentication. To get a better understanding of how to use OAuth 2.0 take a look here.

Q: How does this impact my On-Premises Exchange deployment? 

A: It does not. This change only affects Exchange Online.  

Q: We require Modern Authentication + Multi Factor Auth for all our Outlook users connecting to O365, how do apps work when I have that set as a requirement? 

A: Applications can be written so they are treated as ‘trusted applications’. That way they can bypass the MFA requirement, more details are here.

Q: How do I know which of my apps use Basic authentication to EWS? 

A: If you only Outlook to connect to Exchange Online then you don’t need to worry, as long as you are using Office 2019 or Office 2019 Pro Plus you’ll be fine come October 2020. However, if you also have integrated apps into your Office 365 tenant you’ll need to check with the application developers to verify how it authenticates to Exchange Online if you aren’t’ sure. We are investigating how we can share this information with tenant admins, but have nothing available at the time of writing this blog.  

Q: What features does EWS have that Graph can’t provide? 

A: Graph is constantly evolving and adding features and functionality to provide the richest set of experiences we can. To see the latest features we’ve added to Graph, go here Overview of Outlook mail API on Microsoft Graph 

Q: Will this affect my Exchange Hybrid configuration? Exchange On-Premises calls into Exchange Online using EWS doesn’t it? 

A: Yes, it does. But it doesn’t use Basic Authentication, it uses token-based authentication, and it’s described in this blog post. How Hybrid Authentication Really Works.  

The Exchange Team

Microsoft Inspire is the most important event for our partners to be aware of. It is entirely focused on how you, our partners, and Microsoft will work together to tackle the upcoming fiscal year (FY19), which begins this month.

For our partners attending Inspire who are interested in building their Open Source practice, make sure to check out the recommended sessions below.

Sunday

AP132t – Accelerate your business with the Linux opportunity on Azure

Monday

AP149 – Leveraging the End of Support of SQL Server and Windows Server 2008 and 2008 R2 to drive migrations to Cloud

AP144 – Driving digital transformation through open source on Azure

AP138 – SAP HANA on Azure: Riding the hyper-growth opportunity

DA118t – Accelerate your business with the integration of open source data solutions and Azure

DA108 – Take new share with SQL Server on Linux

Tuesday

AP139 – Winning new Azure customers with Azure Security

AP137 – SAP HANA on Azure: Accelerate Azure consumption in your accounts

AP133t – Fuel innovation and drive more business by modernizing customers’ applications through containers in Azure

AP117p – Bringing open source to life in enterprise DevOps practices

DA111 – Complying with General Data Protection Regulation (GDPR) on Microsoft SQL-based technologies

Wednesday

AP142 – Grow customer trust and services revenue with Microsoft Azure security and management

AP136p – SAP HANA on Azure: Learning from customers

AP130t – Grow your cloud business with SUSE

AP116 – DevOps on Azure: Loved by developers, trusted by the enterprise

DA138t – Modern platform for machine learning and advanced analytics on Azure

It’s not too late to register for Microsoft Inspire if you haven’t already! Come meet the OSS team at AP133, as well as at The Intelligent Cloud OSS Roundtable. Keep an eye out for the final confirmation of location and time, and we’ll see you there!

Join the OSS Technical Community

Connect to the community through the monthly calls, blog series, and Yammer group. Your feedback is important to us, and we look forward to collaborating with you on the direction of the community.

• Blog series – OSS trends and solutions on the Microsoft platform
• Monthly community calls – Partner opportunities, resources, and technical overviews
• Yammer group – News and information hub where you can interact with the Microsoft team

Resources for your Open Source practice

• Get to know the Azure platform by taking advantage of training and certification offers
• Understand our Open Source Technical Enablement approach with free, on-demand Linux Foundation training
• Get to know Microsoft’s App Modernization go-to-market and technical enablement strategy
• Engage the Microsoft One Commercial Partner (OCP) team to train your team on Open Source Hackfests

Visit the Microsoft + Open Source partner page to learn more about the Microsoft partner opportunities within the open source ecosystem. Follow the Microsoft + Open Source team @OpenAtMicrosoft and sign up for the Microsoft + Open Source blog RSS to stay current on open source news across the company.

Windows Analytics Upgrade Readiness customers, including Configuration Manager users, may have noticed data from some devices not being updated. The Upgrade Readiness team have now re-enabled a limited subset of the diagnostic data for Windows 7 devices, enough to use Upgrade Readiness.  You will find more information including instructions for how to resume diagnostic data collection here:

https://blogs.technet.microsoft.com/upgradeanalytics/2018/07/02/upgrade-readiness-re-enabled/

今年も日本マイクロソフト最大規模のパートナー イベント Microsoft Japan Partner Conference 2018が8月31日、東京で開催されます。

本イベントは、マイクロソフトのビジョン、戦略、パートナー様との連携強化の取り組みについてご紹介すると同時に、パートナー様同士のネットワーキングの機会をご提供することを目的としております。

今年は、「Shared Vision, Shared Success, Shared Future」 をテーマに掲げ、多様なセッションをご用意しております。
Keynoteでは、「デジタルトランスフォーメーションはもう生活、ビジネスの一部」というサブジェクトで最新の製品情報や2020年に向けてのビジョンを代表取締役 社長の平野や、執行役員 常務 パートナー事業本部長の高橋よりご共有致します。
さらにデジタルトランスフォーメーションを実際に推進されているパートナー様とそのお客様にご登壇頂いて、数々の成功事例をご紹介します。

Japan Partner Conference 2018 はマイクロソフト パートナー ネットワークに登録済みのパートナーに加え、新しくマイクロソフトのパートナーになることをご検討いただいている企業の皆様を広く対象にしております。

最先端テクノロジを取り巻く最新情報を得て、マイクロソフトと、そしてパートナー様と関係を深めることで、新しい価値を生むビジネスアイデアを見つけ出すきっかけとなることを期待しております。

<開催概要>

日時: 2018 年 8 月 31 日 (金)
会場 : ザ・プリンス パークタワー東京
参加費 : 無料 (事前登録制)
公式サイト：https://aka.ms/jpc2018

▼ 参加登録はこちらから

執筆者: Sujay Talasila (Senior Program Manager, Cloud + Enterprise)

このポストは、2018 年 6 月 20 日に投稿された Disaster Recovery solution for Azure IaaS applications の翻訳です。

2018 年 6 月 4 日、Corey Sanders はブログ記事「現在と将来のインフラストラクチャのニーズを満たすうえで Azure が最適な理由」の中で、Azure Site Recovery (ASR) を使用した Azure Virtual Machines (VM) 向け災害復旧 (DR) 機能の一般提供について発表しました。これにより Azure は、IaaS で実行されているアプリケーション向けのネイティブな災害復旧ソリューションを提供する最初のパブリック クラウドとなりました。このサービスにより VM が他のリージョンに複製されるため、リージョン全体でサービスが停止した場合でも問題なくアプリケーションの運用を継続できます。また、Azure Site Recovery を可用性セットや可用性ゾーンと併用すれば、Azure Virtual Machines 上のアプリケーションの回復性の機能が補完されます。

主なメリット

●    インフラストラクチャが不要: この機能を利用するために、Azure サブスクリプションにソフトウェア インフラストラクチャ (VM やアプライアンス) を追加する必要はありません。DR インフラストラクチャのデプロイ、監視、パッチの適用、メンテナンスといった手間やコストも気にする必要はありません。

「マイクロソフトの中核的なコマース ストアやコマース システムの開発と運用を担当する Universal Store チームは、『Azure から Azure への DR』を使用することで、オンプレミス上で実績のある従来のプラットフォームと同等の DR プラットフォームを Azure で運用できるようになりました。ASR のおかげで、従来型プラットフォームの新規インスタンスを大量に DR サイトにデプロイする必要がなくなり、DR の検証時間も抑えられるようになりました」

- Kingston Hui、プリンシパル サービス エンジニアリング マネージャー、Microsoft Universal Store チーム

●     ユーザーが柔軟に DR リージョンを選択可能: Azure で実行されている IaaS ベースのアプリケーションを任意の Azure リージョンの地理クラスターに複製し、保護することができます。

●     クラス最高レベルの RPO と RTO: Azure Site Recovery では 99.9% の可用性を保証する SLA (英語) が適用され、24 時間 365 日体制のサポートが提供されるため、常にスムーズに運用できます。クラス最高レベルの回復ポイントの目標 (RPO) と回復時刻の目標 (RTO) であり、Azure アプリケーションの可用性とコンプライアンスが確実に維持されます。

「Finastra では自社の対策状況を改善するために、Azure リージョン間でのレプリケーションを直観的に構成できる ASR を活用しました。ASR は現在、当社の災害復旧の標準プラットフォームとなっており、数千のシステムを運用する中でも規模の問題が発生することはなく、当社の厳格な RPO/RTO 要件も遵守されています」

- Bryan Heymann 氏、システム & アーキテクチャ担当ディレクター、D+H

●     シンプルなエクスペリエンスで DR リソースを自動作成: 保護する VM と複製先の Azure リージョンを選択し、レプリケーション設定を確認するだけで、異なるリージョン間での DR を簡単に構成できます。仮想ネットワークやストレージなど複製先で必要となるリソースは、ASR が自動作成します。

●     サービスを中断せずに DR テストを実行可能: ASR のテスト フェールオーバー機能では、プライマリの運用アプリケーションや実行中のレプリケーションに影響を与えることなくいつでも DR テストを実施可能で、必要なときに DR ソリューションが動作することを確認できます。

「Azure Site Recovery を使用すると、グローバルな Azure インフラストラクチャに効率的に DR 機能を実装できます。『Azure から Azure への DR』のおかげで、重要なアプリケーションやデータの移動に関する要件に各アプリケーション環境で個別に対応できるようになりました。ASR では、複雑な問題を確実に解決するアプローチが提供されます。当社のハイブリッド ネットワーク モデルとの相性もよく、シンプルな手順で DR テストを実施できます」

- Roberto Corradini 氏、グローバル CTO、Luxottica

●     統制が取れたアプリケーション復旧: ASR の強力な復旧計画を使用すると、アプリケーション全体の復旧を統制し、ビジネス ニーズに応じた復旧時間に関する厳格な要件に対応することができます。

●     包括的な監視とトラブルシューティング: コンテナー ダッシュボードやメール通知などの ASR の高度な監視機能を使用すると、DR の正常性やフェールオーバー対応状況を容易に監視することが可能で、トラブルシューティングも迅速に行えます。

●     広範な OS に対応: ASR は Windows と Linux の両方をサポートしています。また、更新版が毎月リリースされ、最新バージョンの Linux OS もサポートされます。

●      組み込みの圧縮機能でネットワーク通信量を削減: ASR は、複製元リージョンから複製先リージョンに常にデータを複製します。この際、組み込みの圧縮テクノロジを使用してネットワークのデータ通信量を 40 ～ 80% 削減しています。

●      最新の Azure 機能をサポート: ASR は完全に Azure に統合されているため、Azure の最新機能がリリースされるのと同時に更新されます。ASR では、クラシック モデルと Resource Manager モデルの両方の VM、Managed Disks、Unmanaged Disks、大容量ディスクなど、Azure のすべての機能をサポートしています。

●      自動更新: Azure Site Recovery は更新版が毎月リリースされ、機能強化や新機能の追加、既知の問題の修正が行われます。自動更新を構成すると、常に最新版を使用できるほか、パッチのデプロイを管理する手間を省くことができます。

Azure リージョン間での災害復旧は、ASR が提供されているすべての Azure リージョンで使用できます。ぜひ今すぐ Azure Site Recovery をお試しください。

関連資料

• Azure VM の災害復旧の構成の詳細については、こちらで確認できます。
• Azure VM の複製をサポートしている構成は、こちらで確認できます。
• ご不明な点がありましたら、Azure Site Recovery フォーラム (英語) をご利用ください。
• Azure Site Recovery についてのご要望やアイデアは、フィードバック フォーラム (英語) まで投稿してください。