Category: Technology

Did you know … Excel can convert between units of measure?

Spend enough time reading temperature probe data, and you get to where you just know 23 is room temperature, and 82 is going to cook the CPU. And sure you can type “23 C in F” into Google and get the Fahrenheit equivalent, but that’s hardly efficient with a long list of values. You could look up the formula and have Excel perform the computation, too. But did you know Excel can convert between many units of measure without you finding the conversion formula?

Excel’s CONVERT() function allows you to display values in whatever unit is most familiar to you. Usage is convert(CellToConvert,OriginalUnits,DesiredUnits)

Voila – the values in your chosen unit.

If you use the units of measure in column headers, you can use the header cells as the current and desired unit of measure values — remember to use the $ anchors, otherwise copying your formula will not yield the right answer!

Did you know … Connectors can be used to display external information in Microsoft Teams Channels?

Microsoft Teams is a single workspace that provides access to a vast array of resources. You’ve got links to important web sites, posts from other Team members, discussion surrounding shared documents … but did you know posts can automatically be created from external systems?

Why? Well … doing so allows Teams to simplify finding and distributing information. Instead of having ten people subscribed to a vendor newsletter or five people trying to remember to check a web site for information, the information comes to every Team member directly in their Teams application.

You can turn vendor-provided patch and outage notifications via RSS or Twitter into Teams posts. Google Analytics data for your site can appear in Teams posts. Jenkins has an Office365 connector that reports pipeline information in Teams posts. Browse the available connectors to see what is useful in your group.

“Best practice” recommendation: some of these connectors rely solely on Microsoft’s Internet connection to an Internet-accessible resource – as in the example I present below. These connectors are essentially self-documenting because you can view the Connector configuration to determine the URL with which the connector communicates. Many connectors, however, use web hooks registered within your application or user credentials to access the remote system. In the “Files” or “Wiki” section of the channel in which the Connector is used, create a document detailing any configuration that was done – instructions for creating a web hook in your system, which account was used to access the remote system (don’t write the password in the document!).

For connectors that require user credentials, do not use a personal account. Create a new account for your Teams feed. Twitter, for example, requires a user account to follow other accounts or hashtags. Were I to use my Twitter account in the configuration … if I transfer ownership of the Team space to someone else, they’re inheriting a configuration with my account; but I’m not going just hand my password over to them. Even if ownership of the Team space never changes, we could cease seeing updates next time I change my Twitter password. Or decide to close my account. Or … point being, if you have a non-user account, the Team owners can maintain control of the account and any changes to it.

Using Connectors: Decide where you want the data posted – this can be a dedicated channel created just for this connector or it can be an existing one. Click the hamburger menu next to the channel into which you want messages posted. Select “Connectors”.

Browse through the list. Or type in the “Search” box to locate a specific connector. Click “Add” next to the connector you want to use.

Setup will vary depending on the connector selected – the Jenkins connector provides a URL to paste into your server config, Twitter asks for credentials and individuals or hashtags you want to follow in the channel. In this example, I am adding an RSS data feed.

Type ‘rss’ in the search dialog. If this is the first time you’ve used the connector within this Team space, click “Add”.

In this case, there’s not much on the next screen – read the privacy and terms of use statements.  Assuming the connector permits your intended use and you agree to all of their terms, click “Install”.

Enter a name for the connector, paste in the RSS feed URL, and select how often you want Teams to check for new data in the feed. Click “Save”

A post will be created in your channel with data from the RSS feed. Some feeds will provide information, some just provide a link. And when new data is posted to the RSS feed, a new post will be created in your Teams space.

If you need to make a change to an existing connector, click the hamburger menu next to the channel on which the connector is configured. Select “Connectors”.

In the left-hand column, select “Configured”

The “Configure” button will set up another connector on the channel. Instead, click the “# Configured” link below the “Configure” button. Then click “Manage” for the connector you want to manage.

Make whatever changes you need to make and click save. Or click “Remove” to remove the connector from the channel.

Did you know … you can automatically dismiss past Outlook calendar reminders?

Sometimes opening Outlook and getting reminders for, say, the meetings you missed when you were out sick yesterday is quite helpful. But frequently, reminders for old events are just an annoyance. Like when you create past-dated meetings to remind yourself of what you were doing and forgot to select ‘None’ as the reminder time. That’s not just me, right? Did you know you can automatically dismiss reminders for past calendar events? From your Outlook client, click the file tab of the Outlook ribbon bar

Select “Options”

On the new window that appear, select “Advanced”

In the “Reminders” section, you’ll see a check-box to “Automatically dismiss reminders for past calendar events” – by default, this is unchecked. If you would like to avoid reminders for old meetings, click to check it then click OK.

 

Did you know … you can set image transparency in Word, PowerPoint, Excel, and Outlook?

When you wanted to use an image as the background for a document, you often needed an image editor to lighten the picture – the image was too dark for dark text to be legible but too light for white text. Or you’d compose your PowerPoint slide with the image in one frame and the text in another.

Did you know, in the latest Office 365 Update, Microsoft added a feature that allows you to create faded background images within Word, PowerPoint, Excel, and Outlook? Within one of these programs, insert a picture into your work. Select the image. From the Picture Tools Format ribbon, click on Transparency

You can select one of the pre-set transparency levels or click on “Picture Transparency Options …” for finer control of the transparency level.

Move the slider (or type a number) to adjust the transparency level – 100% is invisible, 0% is the original image.

Voila – you’ve got a background image and legible text.

There are a lot of other image effects available – the vignette is the “soft edge oval” from the “Picture Styles” section of the ribbon bar. Many of the effects I’ve traditionally used Photoshop or Gimp to apply are also available in the “Adjust” section, so click around and check it out!

Did you know … you can draw attention to Teams posts?

Before I tell you how – don’t be the person who flags every single message as urgent. Not because it’s annoying (although it is), but because it’s hard to single something out for attention if YOU ALREADY MARK EVERYTHING URGENT AND USE HUGE, BOLD, RED LETTERS AND END WITH !!!!!!!!!! If everything is urgent, you don’t have a classification for super urgent things.

OK, now that I’ve done my quasi-civic duty and at least tried to avoid having big red icons next to 97% of the messages I see …

You can use @ mentions to draw individuals’ or groups’ attention to a specific post. In the message, type @ and then begin typing either an individual’s name or the Team’s name. The @ mention can be included anywhere in the message – it doesn’t have to come first.

Team members using the desktop or mobile client will get a banner message alerting them that they have been mentioned in a post.

All clients will have a little logo along the right-hand side of the message indicating either a group

Or individual mention.

If you want to draw attention to an item without banner messages, you can also mark a post as important. When you are typing your message, click on the “Format” button when typing the message.

Then click the exclamation point. (For anyone who prefers keyboard shortcuts – use ctrl-shift-i)

And you’ll see both the red bar along the left and the IMPORTANT! designation atop the message.

Team members will see an exclamation point marking channels with important messages too.

If you accidently mark a message as important (keyboard users who type ctrl-i for italics can get both ctrl and shift occasionally), click the hamburger menu next to your post and select Edit.

Click the exclamation point again to remove the important designation.

Voila, the message no longer has an over-inflated sense of self-worth. Or my typo.

Cloudy ROI

I often have trouble seeing the value behind cloud offerings — but most cloud migrations I’ve seen have done 1:1 replacement of locally hosted servers with cloud hosted servers. The first two years, the cloud hosted servers are cheaper (although that’s some dodgy accounting as we’re assuming no workforce changes as a result of outsourcing servers and depreciation of the owned asset is not considered). The third year, though, is a break-even point. General Depreciation System considers computers a five-year property, but there are accounting practices to handle fully depreciated assets. It remains on the balance sheet as a cost, it’s accumulated depreciation is listed as a accumulated depreciation contra asset item. When you *do* stop using the asset, the accumulated depreciation account is debited for the full depreciated amount, the fixed asset account is credited with its full cost. Point being I can continue using a computer asset after five years. Cloud hosted servers make financial sense for a company that tends towards “bleeding edge” implementations (buying the new whatever next year), but for a company that buys a server or application and then uses it for a decade … you’re simply turning capital expense into a greater ongoing operating expense. Which … good this year, but bad in the long term.

Now for a smaller company that doesn’t have a dedicated IT department, and that doesn’t actually need the capacity provided by a single modern server … externally hosting resources is financially beneficial. A web site, e-mail, chat-based customer service? All make sense to host externally. You don’t have to own half a dozen servers, make sure they’re backed up, etc. But I don’t see the cost benefit at enterprise levels unless (1) you want to build data centers close to customers without the expense of actually building a data center. For instance, opening your services to customers in the EU … getting a data center set up in, say, Germany isn’t a quick proposition. As your business grows, it may become “worth it” to invest money into a European data center. But cloud-hosted computers from some major provider who already has a presence there provides quick time-to-market and minimizes up-front cost. Some countries may have a laborious process for prospective businesses too — a process the cloud hosting provider has already navigated. Or you (2) plan a substantial workforce reduction. If someone else is backing up, patching, and monitoring systems … you don’t need people performing those duties. Since a cloud-hosting provider is able to leverage those employees across far more servers than you’d need — there’s a place where scale produces a cost benefit. But, strangely, I don’t see companies reducing IT operations staff after moving to the cloud. This may be a long-term goal to ensure the enthusiasm of staff for the move — it’s not particularly enticing to put six months of work into a project that ensures my job goes away. Or this may just be a thing — move to the cloud and still have twenty ops employees.

Did you know … Microsoft Teams provides both public and semi-private Team spaces?

You’ve used Microsoft Teams to collaborate with individuals assigned to a project, and even created Team spaces for ad hoc groups to work on a problem. But what if you want to discuss the office’s community outreach program or plan the next employee engagement activity? Microsoft Teams is a perfect place to host that collaboration too.

You can create a public Team space – a public Team allows anyone to join without requiring approval. This is great if you do not need to verify qualifications before allowing someone to join a Team. From the “Teams” tile, click on “Join or create a team” at the bottom of your Team list.

Click “Create team”

Provide a team name and description so potential members know it’s something that interests them. Now under “Privacy”, click the down arrow and select “Public – Anyone in your organization can join”.

Click Next. You can start your team by adding some members, or you can click “Skip” and let members add themselves. Voila, you’ve got a public team. (Well, give it a few minutes … there’s some background magic that needs to complete). When people click “Join or create a team”, your team will show up in the Team gallery (they may need to search for it – and as of 25 October 2018 it’s a “begins with” search … so Slobbovia will not find my team, but “Lower” or “Lower Slobbovia” will). As soon as they click “Join team”, they will be added as a member of your team.

 

What if you don’t want your team to be that public? Say we only want people who actually work in East Slobbovia to join up. Then leave the Privacy setting at “Private – Only team owners can add members”. This means your new Team won’t appear on the “Create or join a team” Team list …

From the hamburger menu next to the team name, select “Get link to team”

The URL will be displayed in a new pane – click “Copy” and you’ll have the URL in your clipboard.

Publicize your URL — you could post it to Stream, have the link included in a local newsletter message, e-mail it to potential Team members … however you let people know about the URL. When someone follows the URL, a membership request will appear on the Team. From the hamburger menu next to the team name, select “Manage team”

Click on the “Pending Requests” tab

You’ll see, well, the pending requests. Click accept to add the person to your team, or click deny if you prefer.

Changing the settings – If you change your mind, that’s OK too. In your Teams list, click on the Team itself (not the hamburger menu next to it, and not one of the channels under it. Then click on the hamburger menu next to the team name in the right-hand pane. Select “Edit team”.

You can change the privacy settings and click “Done”

Bonus option … for those of you who have stuck with me this far! You can create a code for your team that allows invited individuals to join the team without waiting for your approval. Click the hamburger menu next to the team name and select “Manage Team”. On the “Settings” tab, expand the “Team code” section. Click “Generate”

Now there’s a code associated with your team.

Individuals who have the code can go to the Teams gallery and enter the code in the tile that says “Join a team with a code”

Open Password Filter (OPF) Detailed Overview

When we began allowing users to initiate password changes in Active Directory and feed those passwords into the identity management system (IDM), it was imperative that the passwords set in AD comply with the IDM password policy. Otherwise passwords were set in AD that were not set in the IDM system or other downstream managed directories. Microsoft does not have a password policy that allows the same level of control as the Oracle IDM (OIDM) policy, however password changes can be passed to DLL programs for farther evaluation (or, as in the case of the hook that forwards passwords to OIDM – the DLL can just return TRUE to accept the password but do something completely different with the password like send it along to an external system). Search for secmgmt “password filters” (https://msdn.microsoft.com/en-us/library/windows/desktop/ms721882(v=vs.85).aspx) for details from Microsoft.

LSA makes three different API calls to all of the DLLs listed in the NotificationPackages registry hive. First, InitializeChangeNotify(void) is called when LSA loads. The only reasonable answer to this call is “true” as it advises LSA that your filter is online and functional.

When a user attempts to change their password, LSA calls PasswordFilter(PUNICODE_STRING AccountName, PUNICODE_STRING FullName, PUNICODE_STRING Password, BOOLEAN SetOperation) — this is the mechanism we use to enforce a custom password policy. The response to a PasswordFilter call determines if the password is deemed acceptable.

Finally, when a password change is committed to the directory, LSA calls PasswordChangeNotify(PUNICODE_STRING UserName, ULONG RelativeId, PUNICODE_STRING NewPassword) — this is the call that should be used to synchronize passwords into remote systems (as an example, the Oracle DLL that is used to send AD-initiated password changes into OIDM). In our password filter, the function just returns ‘0’ because we don’t need to do anything with the password once it has been committed.

Our password filter is based on the Open Password Filter project at (https://github.com/jephthai/OpenPasswordFilter). The communication between the DLL and the service is changed to use localhost (127.0.0.1). The DLL accepts the password on failure (this is a point of discussion for each implementation to ensure you get the behaviour you want). In the event of a service failure, non-compliant passwords are accepted by Active Directory. It is thus possible for workstation-initiated password changes to get rejected by the IDM system. The user would then have one password in Active Directory and their old password will remain in all of the other connected systems (additionally, their IDM password expiry date would not advance, so they’d continue to receive notification of their pending password expiry).

While the DLL has access to the user ID and password, only the password is passed to the service. This means a potential compromise of the service (obtaining a memory dump, for example) will yield only passwords. If the password change occurred at an off time and there’s only one password changed in that timeframe, it may be possible to correlate the password to a user ID (although if someone is able to stack trace or grab memory dumps from our domain controller … we’ve got bigger problems!

The service which performs the filtering has been modified to search the proposed password for any word contained in a text file as a substring. If the case insensitive banned string appears anywhere within the proposed password, the password is rejected and the user gets an error indicating that the password does not meet the password complexity requirements.

Other password requirements (character length, character composition, cannot contain UID, cannot contain given name or surname) are implemented through the normal Microsoft password complexity requirements. This service is purely analyzing the proposed password for case insensitive matches of any string within the dictionary file.

Did you know … you can send e-mail to a Microsoft Teams channel?

Why would you send an e-mail to a Microsoft Teams channel? That’s a good question! At first, e-mailing a Team channel sounds like a solution in search of a problem. I think of it as moving an e-mail discussion into Teams. And there are a lot of times when an e-mail thread can be more efficiently handled in Teams.

Attachments that are being updated and resent – you know, the documents where there are five different working copies with various people’s changes and now someone must condense those changes into a single document. Including the document in the Team space allows team members to collaboratively edit it online. One copy! Having the discussion history available in Teams avoids switching between e-mail and Teams as the document is developed.

“I forwarded this to five people, and here’s what they think” – When a message gets forwarded and you’ve got three different sets of recipients discussing the same issue – or if someone keeps going back to an older message and dropping a few recipients who were added late in the discussion – moving the discussion into Teams ensures all of the people who should be involved in the discussion are included and working together – not a person from one of the threads trying to update everyone on a separate thread.

“Hey, Sean, can you forward me that hour-by-hour for this weekend?” – Ever have to ask a coworker to forward some message that you’ve misplaced (probably deleted, but cannot seem to find there either). The Teams threads are persistent (I cannot accidentally delete your message) and searchable.

The new guy – an involved discussion may take months. When a new person joins your group, someone has to remember to include them on the next reply-all (even adding an existing employee to a thread, they get lost when someone else replies to an older message). By moving involved discussions into Teams, you can quickly add a new person to the discussion.

There are also cases where Teams could replace a shared group mailbox – you cannot receive messages from outside of the company, but if your group mailbox only gets messages from other Windstream mailboxes … Teams may be a good replacement for that group mailbox. Team members can post into the thread taking ownership of the request – everyone will see who claimed the request, and if someone is unexpectedly out of office, you can see the issues on which they were working.

Ok, ok … you convinced me! Sending an e-mail into a Teams channel isn’t a completely pointless feature. So how do I do it?

First, you need to know the e-mail address associated with the channel. Click on the hamburger menu next to the channel name and select “Get email address”

There you have it – you can click “Copy” and all of that text will be in your clipboard.

Paste the address into the “to” field of an e-mail message, then send the message.

Wait for it … this may take a minute … and the message will appear as a thread in the channel.

If the message includes an attachment, that attachment will be displayed in the thread. You can even edit the document online – in Teams or in Word Online.

The default setting for Channels is to accept e-mail messages from the windstream.com domain – this may be exactly what you want. You can send the address to individuals outside of your team and allow them to create threads without having to grant them access to your Team space. But you may not want that – go back to that pane where you got the channel e-mail address. Click to “See advanced settings for more options” – you can set the channel to accept messages only from Team members:

Think it’s kind of crazy that every Team member can adjust these settings? Vote for my idea on the Teams UserVoice site 🙂

Did you know … you can quickly start a web meeting from within a Microsoft Teams channel discussion?

Sometimes text conversations become cumbersome – a topic really takes off, and there’s a lot of typing. A LOT of typing! Sometimes it’s easier to just take a few minutes and talk about the subject instead of typing back and forth. In Microsoft Teams, just click the “Meet now” icon at the bottom of the channel.

This will bring up a page that lets you start an unscheduled meeting (or schedule a meeting, if people aren’t available right now to discuss the subject). You can add a subject so attendees know which thread you want to discuss. Click “Meet now” and …

Voila – you’ve started a meeting with audio (and video, if participants choose).