Guide to Uploading Files to Azure Blob Storage with PowerShell

Azure Blob storage is Microsoft’s object storage solution for the cloud. Blob storage is optimized for storing massive amounts of unstructured data.

Use the Azure PowerShell module to create and manage Azure resources. You can create or manage Azure resources from the PowerShell command line or in scripts. This guide will help you to upload files/folders to the blob storage via script/PowerShell command.

  1. Install the latest version of Azure PowerShell for all users on the system in a PowerShell session opened with administrator rights using the following command:

    Install-Module -Name Az -AllowClobber -Scope AllUsers
     
  2. Use the following command and sign in to your Azure subscription when prompted:

    Connect-AzAccount
  3. Get the storage account context to be used for the data transfer using the following commands:

$uploadstorage=Get-AzStorageAccount -ResourceGroupName <resource group name> -Name <storage account name>

Update the place holders <resource group name> and <storage account name> with values specific to your environment.

  1. Run the following command to upload a file from your local directory to a container in Azure storage:

    Set-AzStorageBlobContent -Container “<storage container name>” -File “<Location of file in local disk>” -Context $storcontext

    Replace the placeholders <storage container name> and <Location of file in local disk> with values specific to your environment

    Once the file is uploaded successfully, you will get a message similar to what you can see in the screenshot below:

    Graphical user interface, text, application

Description automatically generated


  2. To upload all files in the current folder, run the following command

    Get-ChildItem -File -Recurse | Set-AzStorageBlobContent -Container “<storage container name>” -Context $storcontext

  3. If you browse to the Azure storage container, you will see all the files uploaded.

    Graphical user interface, application

Description automatically generated

Here is the script code

<!-- wp:paragraph -->
<p>$uploadstorage=Get-AzStorageAccount -ResourceGroupName Storage-Group -Name <strong>StorageName</strong></p>
<!-- /wp:paragraph -->

<!-- wp:paragraph -->
<p>$storcontext=$uploadstorage.Context</p>
<!-- /wp:paragraph -->

<!-- wp:paragraph -->
<p>Set-AzStorageBlobContent -Container "<strong>Name of Container</strong>" -File " <strong>Location of file in local disk</strong> " -Context $storcontext</p>
<!-- /wp:paragraph -->

<!-- wp:paragraph -->
<p>Copy and past in notepad save as script.ps1</p>
<!-- /wp:paragraph -->

fortianalyzer

FortiAnalyzer: Generate Audit Report

This blog is regarding generating an audit report of the day-to-day bandwidth and other applications usage from FortiAnalyzer generated from FortiGate firewall.

What is FortiAnalyzer?

FortiAnalyzer is a powerful log management, analytics, and reporting platform that provides organizations with a single console to manage, automate, orchestrate and respond, enabling simplified security operations, proactive identification and remediation of risks, and complete visibility of the entire attack landscape.

For generating report from Analyzer, we need to perform the below steps.

  • First, login to Analyzer.
  • After logging in, you will see a dashboard which includes the below options.
FortiAnalyzer
  • Once you can see the dashboard, just click on the Report.
FortiAnalyzer
  • After clicking on the reports, you will see Reports bars/options below.
FortiAnalyzer

Here, for now, I am only showing you how to generate the bandwidth and application Report.

Note: By default, this Template is available in Analyzer, you can create your own custom template as per the requirement.

  • Click on the bandwidth and application report > Report > Edit. As shown below.
FortiAnalyzer
FortiAnalyzer
  • After clicking on the edit, you will see generated reports, settings and editor.
  • Generated reports: you will see the reports which is generated already.
  • Editor: you can edit the layout of your reports as per the customers’ requirements.
  • Settings: under settings, you can see the below options.
                   

Name – you can give custom names to the reports.

Time period – you can select the time range, here I am generating for the previous 30 days.

  • Device:  we have two options here.

1. All devices– this will generate a report for all firewall/devices which is connected to this Forti Analyzer or in your network.

    2. Specify- from here we can select the individual devices as I have selected below.

  • Subnets:  
  1. All subnets- you can run reports for all subnets which is currently implemented in your FortiGate.
  2. Specify– for particular subnets (not for all the subnets).
  • Type:
  1. Single report- for each device it will generate a single report.
  2. Multiple reports- for each device It will generate a separate report

Now you have three options here,

  1. Enable Schedule: from here you can schedule your report like when it needs to be generated automatically.
  2. Enable Notification: Select this to enable report notification when generated.
  3. Enable Auto-cache: When enabled, this process uses system resources and is recommended only for reports that require days to assemble datasets. Disable this option for unused reports and for reports that require little time to assemble datasets.

You can also apply filters and go to advanced settings to customize fonts, language layout headers and other features.

FortiAnalyzer

Once all this is done, click on apply and return to the Reports section.

  • Under the report section, select your template and click on run report.
FortiAnalyzer
  • After clicking on the Run report, you will be able to see your generated report in the Generated Report section below.

Here, you will see the report is generated, and you can download this in HTML, PDF, XML, or CSV format.

FortiAnalyzer

Upcoming

We upload blogs on our website on a weekly basis. Keep an eye out for it. If you want to go through all the other blogs that we’ve uploaded, you can visit our blog section.

volsnap error event 36

How to fix Volsnap Error 36

A volsnap error shows up when you are dealing with low disk space in any drive (C, D, E or F Drive or any external Disk Drive). When this error appears, you would not be able to take a backup.

If you are using a hard disk which you are trying to backup, you may see a message such as “Failed to Backup”.

The Volsnap source errors are events that are listed in the Windows System event log. Such events usually contain relevant troubleshooting information as to why the shadow copy got dismounted and as a result, causes the backups to fail.

The shadow copies of volume D: were aborted because the shadow copy storage could not grow due to a user-imposed limit.

Description

What is a Shadow Copy?

Shadow Copies are nothing but Snapshots. A feature available in Windows file which creates these snapshots of a disk volume. You can create or store these snapshots or shadow copies on a local disk, an external hard drive, or even a network drive.

It is a type of technology which enables backup of files and creates snapshots of files and drives based on a schedule.

You have probably more shadow copies than you may know. Every time a system restore point is created, you will have a shadow copy.

Every time a system restore point is created, you will have a valid shadow copy. 

Shadow copy is what you use to recover deleted files.

Procedure to fix Volsnap Error

Firstly, identify the volume ID in Event Viewer.

Then go to the Shadow copy configuration window by right-clicking on any storage drive > click on Configure Shadow Copies option

Now, check how much free disk space is available on the system volume in Windows Explorer.

Open Control Panel > System > Advanced System Settings.

On shadow copies configuration window select the volume id same as shown in the event.

Click on Setting > Under Maximum Size : Select Use limit > Set it on 320 MB > Click on OK

Then again go to Settings for the same storage id > Under Maximum Limit option Use Limit as “10% of total storage of that drive” > Click on OK

For example: If your drive’s total size is 100 GB then the shadow storage should be 10 GB.

Once you do this, the error should not appear again.

Some of these blogs may be of interest to you: 

How to fix Microsoft Error Code 80090016 

IT Outsourcing from India: 6 reasons why you should 

How to get the right clients for your MSP Business 

Fix Clock Drift Monitoring Error on N-able N-central 

ConnectWise Automate: Show devices that are more than X years old 

Take Control RDP Connections not working in N-Central 

Power Menu Hibernate Windows 10

How to enable Hibernate (Power Menu) via Intune

One of our MSP Partners wanted us to enable the “Hibernate” option (one of the options in the Power Menu) on all the devices in their customer’s IT network. If you want to enable the option in your IT network, continue reading this blog to know-how.

What is the “Hibernate” in Power Menu?

When you press the Start Menu or the Windows Button, or Ctrl+Alt+Delete, you get to view different options. Among those are the Power Menu options Shut down, Restart, Sleep, Lock, and Hibernate.

If you don’t see hibernate and you want to enable or disable this option across all the Windows devices in your IT Network then this is how you can push it across multiple devices using Intune.

Why enable the Hibernate option?

Hibernate uses less power than sleep and when you start up the PC again, you’re back to where you left off (though not as fast as sleep).

Use hibernation when you know that you won’t use your laptop or tablet for an extended period and won’t have an opportunity to charge the battery during that time.

Step 1. Open portal.azure.com Admin portal with global admin credential.

Step 2. Open Intune & Go to Devices and select “Configuration Profile” & Create Profile.

Step 3. Provide the Name of your Configuration Profile.

Step 4. In the Configuration settings search for “hibernate” and select the “show hibernate in the power options menu”.

Enable “Hibernate in the power menu”

Step 5. After Configuration, go to the “Assignments” option. In this tab, select the device groups to which you want to deploy this profile or power settings.

We recommend you test this on a few pilot devices and then deploy it to every device.

If you want to add tags, add them in the next “Scope Tags” section. To review the changes you have made or the options you have selected, go to the next step which is “Review + Create.

Step 6. Shown below is the final report.

As shown below, you can see that a new option “Hibernate” has been added to the list.

power menu windows 10 intune

What is the difference between Hibernate and Sleep?

According to Microsoft, Hibernate uses less power than Sleep. Your battery will still get drained when your PC is in Sleep Mode. But if it is in the Hibernate Mode, the battery won’t drain that fast. Use this option when you know you won’t be able to charge your device for long and you need to save battery.

Sleep Mode: The reason why sleep mode uses more battery is that when you pause an operation and put the laptop on Sleep, the open files and documents get saved in memory (RAM) and are on standby. So when you open the laptop and resume your work, you can resume within seconds. Continuity is faster as it is in memory.

Hibernate Mode: Why the hibernate mode uses less battery is because the open files and documents get saved in the hard drive. It doesn’t take up much space in Memory. The computer shuts down completely but you can also resume work from where you left off, it would just take more time to load. Go for this option if you are not going to use your laptop for a long time but you still don’t want to close your documents.

Other Intune Blogs that you might like:

Install Line of Business (LOB) Apps via Intune

Install virtual android applications via Intune

nutanix vm

How to increase Disk Space in Nutanix VM

We recently got a request from one of our MSP Clients where he asked us to increase the Disk size for the C Drive on Nutanix. Their disk space got full and we could not reduce it any more than we had.

The challenge was to increase the disk space irrespective of all of that.

What is Nutanix?

Nutanix helps accelerate business across public and private clouds. It helps simplify the complexity present in the cloud with its software-defined multi-cloud platform. Along with cloud management, it also offers database services and desktop services.

The thing we check first is Disk Management to check there any unallocated space is there or not.

Unfortunately, there was no unallocated space was there, so we need to increase it from the host.

Login to the Nutanix VM host:-

After login Screen

Then Select VM from the top-left drop-down.

Then select the VM. I would prefer to search it from the search box.

Then you will have the option to Update the VM as shown in the below image

Scroll down and you will have the Disk option.

You can confirm the Disk group from the disk management which needs to be updated.

In our case, we needed to update the Disk scsi.0 where my system Drive C is located.

Update the required size here. We wanted to increase it to 200 GB

After that go to the Disk Management you will see the added space to the unallocated space.

Right-click on the Drive C > Extend Volume > add the size

Upcoming

Keep an eye out on our blog section as we upload new blogs every week. We demonstrate solutions to technical problems that you as an MSP must be facing.

MDM Authority

How to Enable MDM Authority instead of Microsoft 365 Authority

Being an IT Admin, you must set MDM Authority prior to enrolling any devices for management. But if you are a tenant using the 1911 service release and later, the MDM authority is automatically set to Microsoft Intune. But what if you are unable to push apps via Intune? You need to enable MDM Authority for that. Here’s how you can do it. Here’s a real scenario of how we resolved it for one of our end customers.

I have recently started working with one of the Azure test environments and have been trying to push some applications like the ones below, to manage devices via Intune.

  • Google Chrome
  • Nitro PDF
  • Office 365 Deployment

When I download the above applications and try to push it via Intune to the managed device it’s not recognized and shows the application is still in process when I check Manage App on the device.

So how to solve this and recognize why is it not pushing the application to manage the device?

Here is how you can change the settings to easily push and manage apps via Intune.

Step 1

First, you need to login into the Azure Intune Admin console.

Step 2

Once you have logged in, select the Apps option from the left panel in the Intune Admin Portal.

Step 3

Once you click on the App option, MDM Authority is shows Microsoft 365 Authority instead of Microsoft Intune.

Microsoft 365 Authority under MDM Authority

If it shows Microsoft 365 Authority instead of Microsoft Intune, its means it offers fewer management features than Intune.

Microsoft Intune under MDM Authority

It can add Intune, a cloud-only, fully-featured MDM service, to your Office 365 MDM Authority.

Step 4

If you want to change MDM Authority from Microsoft 365 to Microsoft Intune, you need to open this link and check the Intune MDM Authority option.

Step 5

After opening the above link, you may see the below screen where it gives the option to select Intune MDM Authority. Select the option and click on add.

Step 6

Once Intune MDM Authority gets added, you can see the below screen.

Instead of Microsoft 365 Authority, now it has changed to Microsoft Intune.

Once you get this done, you’ll see that all your Intune App Policy will work fine.

Pushing applications to your managed devices will now be possible.

Frequently Asked Questions

What is MDM in O365?

MDM stands for Mobile Device Management and as the name suggests, it helps an organization manage the devices enrolled within their network. It is in-built within the Office 365 platform

What is MDM enrollment?

Enrolling devices in MDM Intune helps the organization manage the devices that are in their premise.

Can MDM track browsing history?

No. MDM cannot track browsing history but it surely can restrict certain apps and browsers.

What can Intune MDM see?

When your organization enrolls a company device under Intune MDM, they cannot see your personal information or your emails, texts, pictures, files, search history, passwords etc.
However, what they can see is your device number, the model, device IMEI, App inventory, App names etc.

Is Intune free with Office 365?

Intune is a paid subscription. It is not included in the Office 365 subscriptions and M365 Basic and Standard Subscriptions but it is available in M365 Business Premium and its Enterprise, Education and EMS range of licenses.

Upcoming

If you want to know how you can install Line of Business Apps using Intune, then make sure you read this blog right here, where we show you a step-by-step procedure of how you can do the same.

Apart from that, we keep uploading technology-related blogs every week, keep an eye out on our blog section.

Power BI

Microsoft Power BI: Read this simple explanation

Basic information of Microsoft Power BI

Power BI is like that classmate of yours, who easily understands complex concepts which no one can understand but can teach it to you in layman’s terms. 

Power BI is an interactive, data visualization platform from Microsoft. If you have worked with platforms like Tableau, you’d know what to expect and how it works. 

In Tableau, you can import large data and present it in a way that is not only visually appealing but is easy for the audience to understand. 

Similarly, Power BI does the same with the usage of AI (Artificial Intelligence).

If you are not familiar with any data visualization platform, this is how they work. Any Data visualization tool or Power BI for that matter, lets you import data, analyze, gain insights, generate reports and share it seamlessly among people within the organization. It is built on the foundation of Microsoft Excel. The tool is highly useful and handy for businesses of all sizes, whether it be a small business or a medium or large-sized business. Business analysts of the organization can use the tool to create data models and generate reports. 

You can even embed Power BI reports on your website or apps. 

Power BI can be used on the cloud and you can also download a desktop and mobile application version of it. 

Tableau is comparatively harder to learn and grasp when compared to Power BI.

Power BI has a free service, and also paid subscription services. You can create customizable dashboards so that you see an overview of insights on things that you want to be displayed. You can create reports and include graphs and charts in a way that depicts a story or helps you in the process of storytelling. You can import files and databases from multiple sources to Power BI. Files or data can be imported from – Excel, XML, PDF etc. and from databases like SQL Server databases 

Power BI comes up with monthly updates and adds something new almost every week.

Components of Power BI 

Within the platform or tool of Power BI are included multiple apps: 

Power Map: This Lets you view data in a geographical, 3-dimensional way. View your data on a globe or map. The feature is also available in Excel. 

Power Query: It helps transform data and prepares it for further use. Power Query is also a very profound tool within Excel that allows a user to import data to excel from various sources. Post which, the data can be cleaned and set for further requirements. 

Power Q&A: When you click on the “Ask your questions here” bar in the Power BI dashboard, it’ll show you pre-determined options which you can choose and generate charts. You can even pin the generated reports on the dashboard of your choice. Not only that, you can ask questions in your language. Let’s suppose you have the state-wise sale and distribution data of Unilever products. If you type in the question bar, “The top 5 products sold in Texas”, or the “least sold product in Minnesota” it will show you the answer. In simpler terms, you don’t have to go through the data and filter it and find the answers. You can also use Cortana to ask questions and gain access to charts and graphs. 

Power Pivot: Again, an excel add-in is also a part of Power BI. It is a tabular data modelling tool 

Power View: Create and view your visually beautified data  

Why you should use Power BI? 

Minimal Training Required: With minimal training and an easy learning curve, Power BI can be learnt and used by any. 

Ability to handle large data: Power BI has the power to take large numbers of data and present it in easy to understand, visually appealing charts or graphs. 

Create once, updates automatically: Create a report using the data only once and then every time you add something to the datasheet or edit something, it automatically reflects in the Power BI Report. The dashboards also get updated in real-time. Hence, you can view past data, present data and also lets you predict future patterns. 

Cortana and Power BI: You can also use Cortana to ask questions and gain access to charts and graphs. 

Easy Integration: Not only can you use Power BI with Microsoft Native products like M365 and Dynamics 365, but it also integrates well with Google Analytics, Salesforce, SAP, Mailchimp etc. 

Different Versions of Power BI 

Power BI Desktop – the free version. Could work when it comes to a small organization. You can embed and publish reports to the web, connect to more than 70 data sources and export your report to PowerPoint and Excel as well. But it doesn’t allow peer-to-peer sharing, you cannot analyze the data, you cannot embed APIs and Controls. 

Power BI Mobile – An app to be used on Mobile devices like Mobile or tablets. 

Power BI Service – This entire service is hosted on Azure. 

Power BI Pro – You get access to advanced features but it is a pay-per-user license. You can share reports and data with your peers given that they too have a Power BI License. 

Power BI Premium – Here you can get licenses as per the scale. Typically useful for larger organizations. You pay the amount for a certain amount of storage and processing capacity and then as many users can be added and they can utilize the features. This is useful for those that use the platform extensively. 

Power BI Report Server – For those that want to keep their data on-premises, instead of putting it on the cloud. 

Power BI Embedded – This gives the ability to users to embed data and reports into their own app. No need to build something of your own. 

Frequently Asked Questions

How to share Power BI report?

In Power BI, on the top bar you’ll find a Share Option. When you click on it, you’ll be prompted to enter the name of the person you want to share it with, and you can send it.

How to create a Power BI dashboard?

The visuals and charts or graphs you see on the Power BI Dashboard are known as Tiles. The dashboard is supposed to give you an overview of the most crucial details you want to see at the front. How do these tiles show up on your dashboard? You generate reports from the datasets. You’ll find a Pin shaped u0022Pin the visualu0022 symbol besides a graph or chart. When you click on it, a pop-up will open up which asks you if you want to pin it to the existing dashboard or the new dashboard. That is it. Once you click on u0022Pinu0022, it’ll be pinned to the dashboard of your choice.

How to update Power BI Desktop?

First, you need to get notified everytime there’s an Update, for that, open Power BI, go to Fileu003eOptions and Settingsu003eOptionsu003eUpdatesu003eTick the check boxu003eOk.u003cbru003eSecond Step, if there are any pending updates, when you open the app, you’ll find an option in the bottom right.

How to use Power Query in Excel?

Power Query helps simplify the process of importing data from multiple sources and helps sort them in Excel to be used in the most convenient and usable format. To use it, open Excel, go to Datau003eQueries u0026amp; Connections u003e Queries. You’ll get a list of queries, select the query.

What is Power Pivot?

Another Business Intelligence tool within Excel which lets you to import data from multiple sources and in millions, to an Excel Workbook. You can create relationships between heterogeneous data, build PivotTables and PivotCharts, and analyze the data for you to make timely business decisions without requiring any IT assistance.

Some other helpful resources:

Did you know that Microsoft Teams has come up with some really cool new features for the Teams Meetings? You can read this blog to know more about it. Apart from that, we upload blogs on our website every week. Keep an eye out for our blog section.

what is microsoft Azure

What is Microsoft Azure? A Mini-Guide to clear the clutter

What is Microsoft Azure?

You’ve surely heard about Microsoft Azure a lot. It has been the talk of the town. It would be a rare occurrence that you considered switching to the cloud and haven’t heard about Azure yet.  

Microsoft Azure is the second largest but the fastest-growing public, cloud-computing platform. Azure has more than 200 products and cloud services under its umbrella. Any cloud-computing product that could be useful to a business, can be found on the platform. It helps you digitally transform the way your business functions and operates.

Azure provides IaaS, PaaS and SaaS products. It acts as a  development, service management and hosting environment and provides data storage for hosting, managing and scaling web-apps along with computing services.

Simply put, it is an online platform that gives you ready-access to data and helps manage them on cloud.

 

Starting from the basics themselves. What is Cloud Computing? 

Using the internet to store and access your files, software and other services. It also gives you the flexibility to have extra storage space. It is easier for you to save and recover files when they are on the internet.  

So, where are the files stored when you start accessing your files and software via the cloud?

On the Datacenters which has massive remote servers – (that belong to the vendor), located around the world. In 2018, Microsoft said that Azure was available in 54 regions and that 12 new regions were being developed.

 

Where can you see the usage of Cloud Computing?

It is because of cloud computing that:

  • You are able to stream your favourite web series and videos on the internet
  • Gives you access to Machine Learning and Data Analysis
  • Create and post blogs
  • Data Storage and Backup
  • and a lot more

 

What can you do with Microsoft Azure? 

  • Build Virtual Machines 
  • Build Databases 
  • You get access to 3rd party software that is tied up with Azure 
  • Migrate and host your Apps, Servers, Databases and virtual desktops
  • Store massive amounts of data on the cloud

 

Reasons why you should migrate to Microsoft Azure Cloud- 

  • Backup & Disaster Recovery 
  • Cutting-edge technology 
  • Enhanced safety and security 
  • Scalability 
  • Cost efficiency (Pay-as-you-go Model) 

 

The benefits of switching to cloud are

  • Improving on application performance 
  • Flexibility on the working landscape 
  • Increasing cost savings 
  • High efficiency 
  • No need to buy and maintain hardware/ physical infrastructure 

 

Disadvantages of Microsoft Azure:

  • Massive Learning Curve – requires expertise
  • Management can be hectic and time-consuming

 

How to start using Azure? 

By signing up to Azure’s pay-as-you-go service available in the portal. But if you want to test waters, you can do that by signing up with a free account and you’ll receive a $200 credit to be used up to a period of 30 days. 

What can you do with the $ 200 credit?

You can use your credit to try services that aren’t there on the free list.

 

Azure Services

Azure Services are bifurcated into 21 categories, which have 600 services

AI Machine Learning Management & Governance
Analytics Media
Compute Migration
Containers Mixed Reality
Databases Mobile
Developer Tools Networking
DevOps Security
Hybrid+ Multicloud Storage
Identity Web
Integration Windows Virtual Desktop
Internet of Things

 

What is Azure Migrate?

Azure’s own Migration tool that centralizes large-scale migration for servers, databases, applications, and even virtual desktops. It streamlines discovery, assessment and migration for these workloads and extensibility to ISV partner tools that give you choice throughout your migration journey. Finally, you can also track migration progress end-to-end with Azure Migrate.

 

Azure Certifications

Here’s a generic overview of the major Azure Certifications

Fundamentals AZ – 900 Azure Fundamentals
AI – 900 Azure AI Fundamentals
Associate AZ – 104 – Azure Administrators
AZ  – 204 – Developing Solutions for Azure
AZ – 500 – Microsoft Azure Security Technologies
Expert (Solutions Architect Expert) AZ – 303 Microsoft Azure Architect Technologies
AZ – 304 Microsoft Azure Architect Design
Expert (DevOps Engineer Expert) AZ – 400 Designing and Implementing Microsoft DevOps Solutions
Specialty AZ – 120 Planning and Administering Microsoft Azure for SAP Workloads
AZ – 140 Configuring and Operating Microsoft Azure Virtual Desktop
AZ – 220  Microsoft Azure IoT Developer

If you’d like to know more about these certifications, you can visit this page from Microsoft which gives you extensive information.

 

Frequently Asked Questions

Does Azure need you to learn to code?

You don’t need any programming skills for Azure. But you’ll need to know the fundamentals and you can learn more about it on the Microsoft Website or through online resources. But if you are looking forward to going into Developer roles, you would need to learn to code.

How long does it take to learn Azure?

How quickly you’ll be able to learn or grasp depends on your level of expertise and interest in cloud platforms and the basics of Networking. If your grasping power is good and it is your area of interest, you can finish the fundamentals course within a few days too.

Which is the best – AWS or Azure?

Although there can never be a clear cut comparison as the need of every organization is different. Azure may meet all the required needs and at the price for Company A but it might not be the same for Company B. Azure has better hybrid support when compared to AWS, but AWS has better documentation than Azure.

How do you choose between AWS and Azure? How to know which platform is right for you?

You can compare both the platforms on the features and services and their pricing models. Factors like storage, scalability, learning curve, future growth of the platform, support services, pricing, documentation etc. You’ll have to analyse based on these factors and you’ll soon reach an answer.

 

Should I certify myself in AWS or Azure?

AWS being the first entrant into the market leader amongst all other cloud platforms has more market share and popularity. Azure was launched 4 years after AWS and it is the second-largest cloud platform but also the fastest growing one. According to a research done by Indeed.com, the period between Oct 2015 and Oct 2019, shows that there was a steady increase in Job Seekers for the 3 biggest cloud platforms. But a recent report told a different story where web searches for AWS dropped by 5.5% while job seeker interest for Azure rose by 15.39%.” So the demand is slowly inclining towards Azure.

 

What can an Azure Solutions Architect do for you?

An Azure Solutions Architect from Infrassist will provide advice and guidance during the design of customer cloud solutions. The architect will help you choose the cloud service of your choice along with other service suggestions. You can expect pre-sales assistance and a strategically planned road map to execute and implement the project. They will be responsible for helping you map out a cloud computing strategy, create policies and it does the decision making for you.

What can an Azure Administrator do for you?

Once the Azure Solutions Architect helps you land on Azure Cloud, the Azure administrator would help you manage Cloud Services that range from Computing, Networking, Storage, Security and many such cloud functionalities within your Microsoft Azure Portal. The admin can help you set up Azure Virtual Machines, Virtual Desktops, Load Balancers, Application Gateways, Azure AD DS, Site Recovery & migration, Backup, a hybrid Azure AD Infrastructure and a lot more. 

How can we help you? 

The Professional Services Team at Infrassist works on cloud services and does various projects surrounding Intune MDM/MAM, SharePoint, OneDrive, Autopilot, Power BI, Power Automate and a lot more. We also help set up DLP, enable Tenant Level Features, Identity and Access Management services. We also provide Azure Solutions Architect and an Azure Administrator to help you land on the Azure Cloud Platform and help you explore expansion opportunities.

 

Upcoming

We keep uploading new blogs quite frequently on our website- keep an eye out for those.

Lastly, if you need help with more such IT Solutions, feel free to reach out to us. We’ll be happy to resolve your queries. 

 

 

What is Windows Autopilot

What is Windows Autopilot and the purpose it solves

Windows Autopilot is the most helpful in the scenario that we all have been in the last 2 years i.e. Work-from-home. After the initial few months, companies started recruiting again but what remained constant was working from home. Devices were handed over to the new employees in business-ready state, with all the apps and tools that the organization uses. Or if an employee leaves the organization and a transfer-of-ownership of the system has to take place. How does it all work? How is the device given to the employee in a business-ready state? What is the tool which enables that? 

Windows Autopilot is the answer. 

 

What is Windows Autopilot? 

A Zero-Touch experience for the deployment of new devices. The go-to service or method powered by M365, used to deploy new upgrades and keep the device in business-ready state. It simplifies the way devices are deployed. It helps reset and format an existing device and keep it ready for the next user that will be working on the same. 

The entire procedure of custom image files is cut short. There is no need for setting up the device from scratch; everything is automated via the cloud. Autopilot helps reduce time spent on repetitive tasks and you can see an increase in productivity. The onboarding procedure and device management would also be seamless for the organization as well as the employee.

 

What purpose does it solve? 

Configuring the latest Windows OS on new devices is a tedious process. Windows Autopilot was built to help ease the procedure for an IT Admin and buy them more time. OS Deployment used to happen earlier with SCCM, which got rebranded to Microsoft Intune. Ideally, an OS Deployment takes place by reloading OS with Custom Images for which the organization needs to maintain a large infrastructure to save WIM files of each device. 

But with Windows Autopilot, the complexity gets reduced. It automatically joins devices with Azure AD and enrols devices in Intune. 

 

How to get started? 

The IT admin of the organization or the hardware vendor has to register the Autopilot devices they acquire into Azure AD Tenant. The IT just needs to customize the setup and deployment configurations and experience for the end-user by creating an Autopilot profile. 

Post registering and configuring the Autopilot profiles, the global administrator then restricts or provides access.

Once that’s done you ship the device to the employee.

As soon as the employee receives the device, they need to turn on the device and connect to the Internet. After which they need to input the organizational credentials. The device will be recognized by the cloud, it’ll join Azure AD, enrol with the MDM Service and pushes configurations accordingly to get the device back in a fully business-ready state. It would have all the apps the organization uses and the ones that the user may need to be productive. 

 

Windows Autopilot: User-driven and Self-Deploy 

These are the 2 modes under Windows Autopilot: 

In User-driven mode, the user can configure the device provided to him/her and they can convert it into a ready-to-use state. Nowhere is there an involvement of an IT Admin, it is near to Zero Touch Provisioning procedure. The user just has to open/turn on the device, connect it to the Internet and enter. This mode is for an independent/dedicated user. 

Self-Deploy is designed to deploy Windows 10 as a Kiosk on the laptop. This mode is for shared device users. In this mode too, the user has to join Azure AD and enrol the device with an MDM and ensure every policy, certificate or app is deployed and provisioned. A TPM hardware is needed to authenticate a device into an organizations’ Azure AD. 

Reset- Bring/Reset the device back to its default settings. The OS wouldn’t get erased but everything else would. 

Format- Erasing everything on the drive, including the OS. 

Even if a device or system has started malfunctioning, at that time too, a format or reset would be necessary and all of that can be performed with the help of Intune and Autopilot. 

Microsoft Intune helps in building and pushing policies and helps deploy and manage devices and apps. Whereas what Windows Autopilot does is help to provision the device in a ready-for-business state. 

 

Conclusion: 

Windows Autopilot is another one of Microsoft’s tools to make life easier for businesses and IT Personnels’. It is certainly a tool that has the ability to cut short the time it takes to provision a device and eliminate the custom image file fuss. Provides a smooth transition if you want to make the move from the traditional legacy systems to the newer methods. As your business hires more staff in-house and remote, adapting to methods like these will be highly beneficial in the long run.

 

Upcoming:

We keep uploading new blogs every week on our website- keep an eye out for those.

Lastly, if you need help with more such IT Solutions, feel free to reach out to us. We’ll be happy to resolve your queries. 

 

dlp prevent external sharing of Teams Recording

Data Loss Prevention (DLP): Block External Sharing of Teams Recordings

Surely people are gradually getting back to their offices and meetings have started to take place in person. Just imagine, during the lockdown period, you must have conducted a bunch of meetings that had confidential things being discussed. What if the data ever gets leaked and falls into the wrong hands? What if falls in the hands of your competitors and sensitive information gets leaked and they make the move ahead of you?

You need to have a policy set in place which blocks external sharing of data and prevents data leaks. This is where something like DLP comes into play.

 

Earlier:

Microsoft Stream, launched in 2017, was the source where all Teams recordings used to get stored as soon as the meeting ended. At Ignite 2020, Microsoft had made an announcement wherein they said that now tenants can opt to use OneDrive to store the latest recordings. Then 3 months later, it was announced that all recordings will be now stored in OneDrive unless the organization chooses to continue using Stream. But in August 2021, all tenants were switched and the latest Teams meeting recordings will now be stored in OneDrive even if the organization has set to Stream.

All recordings will now be explicitly stored in OneDrive for Business and SharePoint Online. As for the Microsoft Stream links, the links will be completely redirected to OneDrive and SharePoint Online.

 

Why did Microsoft move from Stream to OneDrive?

The whole idea behind Microsoft is to make everyday work seamless. Although Stream was created with the purpose of users being able to create, upload, view, store, and manage video files. The issue with Microsoft Stream was that it does not integrate well with the other M365 apps and used to get stored separately.

 

Now, what can you do to ensure that the Teams Recording stays within the organization and isn’t shared externally?

This is where Data Loss Prevention (DLP) comes into play.

 

What is DLP and how exactly does it work?

DLP detects sensitive information through deep content analysis. Even while the analysis is going on, it won’t affect the work of the people who are currently working on the content. In short, it protects confidential, sensitive data to reduce inadvertent risks and prevents users from sharing data and files with people who shouldn’t be having it. DLP Policies are stored and synced to OneDrive for Business, Exchange Online, SharePoint Online Sites etc. Once synchronized, it can block sharing of data and Teams recordings (in this scenario) with people outside the organization.

When creating policies, choose the locations to apply and then create rules where the condition is defined in the form of sensitive info types and then you can choose to encrypt the file, remove it etc.

 

How to build a DLP Policy to prevent sharing of Microsoft Teams Recordings

The rule looks for any file with the property value ProgId:Media.Meeting that is shared with someone outside the organization. The rule action blocks sharing the data or file with people external to the organization. In the below-attached image it shows what the rule conditions look like. Optionally, the rule can allow users to override the block by justifying explaining why they need to share a recording with an external person.

# Connect to Teams and update the meeting policy

Connect-MicrosoftTeams -Credential $O365Cred

# Update the Teams meeting policy for US employees so that their meeting recordings are stored in OneDrive

Set-CsTeamsMeetingPolicy -Identity “U.S. Region Workers” -RecordingStorageMode OneDriveForBusiness

 

 

A step-by-step walkthrough

  • Navigate to https://compliance.microsoft.com/homepagedlp m365 compliance centre
  • Go to Data loss Prevention on the left-hand side
  • Then Data Loss Preventiondlp create policy
  • Using a custom policy here, but one can also use templates.create custom policy
  • Add a name and descriptiondlp name your dlp policy
  • Specify the location which we want to control in this case we need to select the SharePoint site and OneDrive account and the location of the particular path.dlp choose location to apply policy
  • Define the Policy settingsdlp define policy settings
  • Create rules
  • If the user ignores the warning and goes ahead to try and share the recording anyway, they won’t be able to do this because OneDrive for Business blocks the attempt to create and send a sharing link

 

Once you’ve created the DLP Policy, it’ll take up to an hour for it to come into effect. Also keep in mind that once a meeting has ended and a recording is created, it’ll take a few minutes for the new file to get encrypted. So if somebody shares a file before the encryption is in place and shares it with any external party, it is possible for them to view it but as soon as the block is in place, the link shared previously will get nullified.

 

Pros and cons

Pros

  • Provides more visibility and greater control into Data Exchanges
  • Enforce authorization procedures before accessing sensitive data
  • You can’t copy/download and send

Cons

  • Deploying a DLP policy takes a lot of time and effort
  • You need to keep an inventory of all data
  • Require precise data flow policies
  • You need to audit the access levels of each user within your organization

 

 

Upcoming

We keep uploading new blogs every week on our website- keep an eye out for those.

Lastly, if you need help with more such IT Solutions, feel free to reach out to us. We’ll be happy to resolve your queries.