Search for words in your images in Office 365

image search

Tags:- , ,  

Unlock content inside of images easily with this new search capability in Office 365.

Earlier this year, we rolled out automatic detection of images that are uploaded to SharePoint and OneDrive. This intelligence identifies whether an image is a whiteboard, a receipt, outdoors, a business card, an X-ray and many other types. You can then search for ‘whiteboard’ and you’ll see all the whiteboard photos you’ve captured and uploaded.

Now, as we announced at Ignite, any printed words in an image are automatically detected, extracted and made searchable. Using computer vision technology, when you upload the image, the location data (if available) from a photograph (such as Oslo, Norway), and the identification and extraction of text will happen automatically and become searchable. You can search in SharePoint, OneDrive or to find your captures.

Use visual content intelligence to simplify your work life

Many people complete expense reports for travel. While at a restaurant, snap a photo of the receipt. You can do this directly from the OneDrive mobile app, Office Lens mobile app, or just upload a photo you’ve taken with your device. Later on, when you go to file your expenses, you don’t have to remember where you stored it, but instead can search for something that you remember about the expense, for example ‘sushi’ or a location.

We’re excited to bring you this new capability and would love to hear how you use it and what ideas you have to make the service better. Let us know in the comments, or submit new ideas to

Frequently asked questions

What kinds of images can be made searchable?

There’s a great range with 21 different file formats including common ones such as “bmp”, “png”, “jpeg”, “jpg”, “gif”, “tif”, “tiff”, “raw”, and also “arw”, “cr2”, “crw”, “erf”, “mef”, “mrw”, “nef”, “nrw”, “orf”, “pef”, “rw2”, “rw1”, “sr2”.

What languages are supported?

Text extracted from an image is in the language captured from the image and is searchable in that language.

The detection of the image type right now is only English. For example, a receipt, business card whiteboard. In the future, we’ll automatically look at the language set on the SharePoint site that the image was uploaded to and translate the type into that language. In the case of OneDrive, we’ll translate it to the language you have set in your preferences.

What other features do you have planned?

We really want to connect your captures to workflows. The goal is to look at what the object is and take action based on it, via Flow or PowerApps, so we can help you move your work forward. We also will learn from patterns you have with types of objects – personalized learning, as part of the Microsoft Graph, to suggest actions and perform them automatically for you after the pattern is established.

office setupBlogs

All workers welcome with Microsoft 365

Tags:- , ,

Today at Microsoft Ignite, we unveiled a new vision for empowering First line Workers in the digital age and introduced Microsoft 365 F1—a new offering that brings together Office 365, Windows 10, and Enterprise Mobility + Security to deliver a complete, intelligent solution to empower all workers.

The modern workplace requires companies to meet new employee expectations, connect a more distributed workforce, and provide the tools that allow all employees to create, innovate, and work together to solve customer and business problems. A truly modern workplace brings out the best in employee ingenuity, creates a culture of innovation and action, and welcomes and empowers all workers from the executive team to the Firstline Workforce.

Firstline Workers comprise the majority of our global workforce. Numbering two billion people worldwide, they are the people behind the counter, on the phone, in the clinics, on the shop floor, and in the field. They are often the first to engage customers, the first to represent a company’s brand, and the first to see products and services in action. They form the backbone of many of the world’s largest industries, and without them, the ambitions of many organizations could not be brought to life.

We see an opportunity for technology to give Firstline Workers a more intuitive, immersive, and empowering experience. Microsoft is in a unique position to help companies tap into the potential of their Firstline Workforce with our commercial product offerings, spanning Microsoft 365, Dynamics 365, Microsoft IoT, Microsoft AI, and Microsoft HoloLens and the Windows Mixed Reality ecosystem.

The introduction of Microsoft 365 F1 represents a significant next step towards our vision of involving the Firstline Workforce in digital transformation by empowering every worker with technology.

Transforming the First line Worker experience

Microsoft 365 F1 includes the capabilities and tools to enable every worker to turn their ideas into action. It fosters culture and community, with Skype Meeting Broadcast for interactive town hall meetings and Yammer to help employees find and share best practices across the company.

Microsoft 365 F1 makes it easy to train and upskill employees, with Microsoft Stream to share dynamic, role-based content and video, and SharePoint to easily distribute onboarding and training materials and manage institutional knowledge in one secure place.

It supports firstline productivity and digitizes business processes, with Microsoft StaffHub, a purpose-built app for Firstline Workers to manage their workday and Microsoft PowerApps and Flow to automate everyday activities. Today, we’re announcing new capabilities coming to StaffHub, including the ability for employees to clock in/out and track tasks. We are also making it easier for employees to stay connected in StaffHub, by integrating messaging with Microsoft Teams, the hub for teamwork, and highlighting corporate announcements made in Yammer. Finally, we’re enabling customers to connect StaffHub to workforce management systems and other tools with the availability of general APIs.

Microsoft 365 F1 streamlines IT management, minimizes cost, and extends security to all employees and endpoints. Azure Active Directory provides management of employee identity and access; Microsoft Intune helps secure devices; and new features in Windows 10 simplify the management of Firstline Workers’ experiences, supporting locked down single purpose devices with Windows Assigned Access and automated deployment with Windows AutoPilot.

Finally, we recognize the importance of providing Firstline Workers streamlined and secure devices that minimize total cost of ownership. Today, we’re announcing new commercial devices with Windows 10 S from our OEM partners HP, Lenovo, and Acer. Starting as low as $275, these devices benefit from cloud-based identity and management and are ideal for firstline environments.

Source :

Make the switch to OneDrive for improved productivity and cost savings

improved productivity

Tags:- , ,

OneDrive makes sharing and file management easier in the cloud, enabling people to securely store, access, and share their files and photos from anywhere, across their devices. Choosing to store your files in OneDrive instead of other cloud storage providers allows you to work faster and smarter with Office 365. It’s the only service that provides real-time co-authoring within Office Online and the Office 2016 apps for mobile, PC, and Mac—as well as personalized search and discovery powered by the Microsoft Graph.

Customers like AccentureDBS BankTextron, and Lowe’s have adopted OneDrive to reduce costs and improve teamwork and mobile productivity, while making it easier to protect and manage company data. Now your organization can switch to OneDrive for free—read on for all the details.

New offer to help you make the switch to OneDrive

We are making it easier for new customers to make the switch by offering free OneDrive for Business for the remaining term of their existing contract with Box, Dropbox, or Google. This offer is valid starting February 6, 2018 through June 30, 2018 for organizations that are not currently OneDrive for Business or Office 365 customers and who make a minimum 500 user commitment.

Customers participating in this offer can leverage Microsoft FastTrack—our customer success service—to make a smooth transition to OneDrive and Office 365. New and existing Office 365 customers can learn more about our on-boarding, user adoption, and migration services at

“The FastTrack team helped us with best practices, documentation, and a pre-migration checklist. Given the number of people we wanted to migrate, it made sense to collaborate with them as much as we possibly could.”
Justin Litherland, vice president, IT stores of Lowe’s Companies, Inc.

Learn more about this offer and start your transition to OneDrive.

Customers accelerating their digital transformation with OneDrive

More than 350,000 organizations now have OneDrive, and the growth has been amazing. Just in 2017, OneDrive storage and file sync usage have both tripled. This includes organizations large and small that are using OneDrive to:

  • Improve creativity and teamwork, from the corner office to the Firstline Workforce—Accenture uses OneDrive for their 400,000 employees as they travel the globe, accessing over two petabytes of files in the cloud across their devices. Lowe’s recently rolled out OneDrive to 260,000 employees—empowering them to share with colleagues and customers across their 2,200 retail stores.
  • Leverage the security, agility, and intelligence of the Microsoft Cloud—DBS Bank made the switch knowing Microsoft invests more in cloud security than a traditional bank could, and Land O’Lakes removed their need for multiple cloud storage providers by moving to OneDrive, giving them a managed solution to better protect their data.
  • Manage costs by moving to a single integrated solution with Office 365—Rackspace is saving over $411,000 a year by retiring their previous cloud storage provider in favor of OneDrive, and Textron is making the switch to OneDrive to get the improved governance they desire at a substantially lower cost.

If you want to see more reasons why customers choose OneDrive over Box, Dropbox, and Google Drive, check out our comparison chart.

Groundbreaking OneDrive product innovations

In addition to making it easier to switch, OneDrive is also leading with new innovations. At the Microsoft Ignite conference, we showcased over one hundred OneDrive features and enhancements delivered in the past year and announced new upcoming capabilities. Many of these have rolled out to customers, including:

  • Secured external file sharing without the need for a Microsoft account, giving users an easier way to share externally while providing IT departments visibility and control of what’s being shared. Learn more at the OneDrive Tech Community.
  • Support for browsing and managing all your files in OneDrive and SharePoint Online team sites without using local disk space with OneDrive Files On-Demand in Windows 10. For more details, read “OneDrive Files On-Demand for the Enterprise.”
  • Powerful multi-geo capabilities for OneDrive for Business in Office 365 to support the data residency requirements of multinational organizations.
  • Files Restore, a self-service recovery solution for OneDrive for Business files compromised due to accidental deletion, file corruption, or malware infection.
  • Making Office and OneDrive the best place to work on iOS with real-time co-authoring on Office documents, drag and drop support, and integration with the Apple Files app. Visit the OneDrive Tech Community to learn more.

Analyst recognition

As we continue to innovate the product and grow our customer base, analysts are taking note. Microsoft was recently recognized as a leader by Forrester Research in their report, The Forrester Wave™: Enterprise File Sync and Share Platforms—Cloud Solutions, Q4 2017. In addition to being positioned as a leader, Microsoft was ranked highest in current offering and tied for second in strategy. Microsoft was also recognized as a leader in The Forrester Wave™: Enterprise File Sync and Share Platforms—Hybrid Solutions, Q4 2017 report. You can read moreand get your own copy of the Forrester Research report.

Gartner also recognized Microsoft as a leader in their Magic Quadrant for Content Collaboration Platforms and the highest of all the leaders in our ability to execute. You can read more and get your own copy of the Gartner report.

As you can see from these customer stories and analyst reviews, OneDrive with Office 365 isn’t just a cloud storage solution. It’s a core ingredient of the modern workplace. I look forward to hearing more about your success as you make the switch to OneDrive and Office 365!

Source :

Microsoft 365 provides an information protection strategy to help with the GDPR


Tags:- , ,

The General Data Protection Regulation (GDPR), which began as a regulatory requirement, is increasingly seen as a long-term opportunity to establish greater trust with customers and further unlock employee collaboration and productivity in many businesses. The intelligent compliance solutions in Microsoft 365 help you assess and manage your compliance risks and leverage the cloud to identify, classify, protect, and monitor sensitive data residing in hybrid and heterogeneous environments to support GDPR compliance.

Updates in Microsoft 365—currently rolling out—help protect sensitive data and include:

  • Compliance Manager general availability for Azure, Dynamics 365, and Office 365 Business and Enterprise customers in public clouds.
  • Compliance Score availability for Office 365.
  • Azure Information Protection scanner general availability.

In addition to the updates announced today, capabilities in Microsoft 365 help to:

  • Protect sensitive data in apps and across cloud services.
  • Support data protection across platforms.
  • Provide a consistent labeling schema experience (in preview).

We’re also going to expand sensitive data types to include a GDPR template to consolidate sensitive data types into a single template.

These Microsoft 365 updates and capabilities are designed to provide you with an information protection strategy to help with GDPR compliance.

“GDPR is coming. But with Microsoft’s information protection solutions, we will have a more efficient way to handle compliance.”
Erlend Skuterud, chief information security officer for Yara

Assess and manage compliance risk with Compliance Manager

Because achieving organizational compliance can be very challenging, we suggest organizations periodically perform risk assessments to understand their compliance posture. Compliance Manager is a cross–Microsoft Cloud services solution designed to help organizations meet complex compliance obligations like the GDPR. The Compliance Manager is now generally available for Azure, Dynamics 365, and Office 365 Business and Enterprise customers in public clouds.

“Compliance Manager really adds great additional value for Microsoft Cloud services by providing insights on the relationships between regulation, processes, and technology,” stated IT manager Nick Postma from Abrona, a Dutch healthcare organization that helps clients on their journey to becoming strong and confident members of society through social partnerships.


Perform risk assessments with Compliance Score

Compliance Score—a Compliance Manager feature—enables you to perform ongoing risk assessments on Microsoft Cloud services with a risk-based score reference, giving you visibility into your compliance performance. Each control is assigned a risk weight based on the level of risk involved due to control failure, and as you implement and assess controls, you’ll see your score change. Compliance Score is currently available for Office 365 and will be rolling out to other Microsoft Cloud services soon.

Learn more about the key capabilities and updates for Compliance Manager and Compliance Score at our Tech Community blog.

Protect sensitive data on-premises

Azure Information Protection scanner addresses hybrid and on-premises scenarios by allowing you to configure policies to automatically discover, classify, label, and protect documents in your on-premises repositories such as File servers and on-premises SharePoint servers. The scanner can be configured to periodically scan on-premises repositories based on company policies. Azure Information Protection scanner is now generally available.

Read “Azure Information Protection scanner” to learn more. To deploy the scanner in your own environment, follow instructions in this technical guide.

Protect sensitive data in apps and across cloud services

Since data travels through many locations—across devices, apps, cloud services, and on-premises—it is important to build the protection into the file so this protection persistently stays with the data itself. Azure Information Protection provides persistent data protection by classifying, labeling, and protecting sensitive files and emails.


Microsoft Cloud App Security (MCAS) can read files labeled by Azure Information Protection and set policies based on the file labels. For example, a file labeled as Confidential, with an associated policy of “do not forward or copy,” cannot leave your network via file sharing apps like or Dropbox. In addition, the service scans and classifies sensitive files in cloud apps and automatically applies AIP labels for protection—including encryption. To learn more about this feature, read “Automatically apply labels to sensitive files in cloud apps” and the related technical documentation.

Support for data protection across platforms

As part of our information protection vision, our goal is to cover all major device platforms. Building on our efforts to support non-Windows platforms, we are now previewing the ability to label and protect sensitive data natively, with no plugins required, in Office applications running on Mac devices. This enables Mac users to easily classify, label, and protect Word, PowerPoint, and Excel documents in a similar manner that you are used to with the Azure Information Protection client on Windows. Considering that a significant amount of sensitive information is in PDF format, as part of our ongoing partnership, we are in the process of working with Adobe to have the same consistent labeling and protection of PDFs available in Adobe Reader.

To learn more about these new information protection capabilities, visit the Enterprise Mobility + Security blog.


Consistent labeling schema experience now in preview

We are previewing a consistent labeling schema that will be used across information protection solutions in Microsoft 365. To start, this means that the same default labels will be used across both Office 365 and Azure Information Protection—eliminating the need to create labels in two different places.


The consistent labeling model also helps ensure that sensitive labels—regardless of where they were created—are recognized and understood across Microsoft 365, including Azure Information Protection, Office 365 Advanced Data Governance, Office 365 Data Loss Prevention, and Microsoft Cloud App Security. Learn more about the preview of the consistent labeling experience.

“Microsoft’s information protection capabilities help you protect and manage your sensitive data throughout its lifecycle—inside and outside the organization,” stated an analyst from KuppingerCole, an international and independent analyst organization headquartered in Europe.

Source :

Introducing the Microsoft 365 Admin Center


Tags:- , ,

Last year, at Inspire, we unveiled Microsoft 365, bringing together Office 365, Windows 10 and Enterprise Mobility + Security, to deliver a complete, intelligent and secure solution for the modern workplace. In October Microsoft 365 Business reached general availability, representing an integrated solution designed to simplify IT for small and medium-sized businesses.


We know that our customers, from small businesses to large enterprises, rely on the admin center for a broad set of activities. From an administration perspective, our vision for Microsoft 365 is to help simplify IT by unifying management across users, devices, apps and services. Today marks an important step in that vision as we are rolling out a new admin experience for all Microsoft 365 customers. This will be a single place for admins to get started with Microsoft 365 and discover the breadth of management capabilities and experiences available to them.


Integrated into this admin center is both the new Microsoft 365 Security & Compliance Center, dedicated to providing security and compliance specialists with integrated management capabilities across Office 365, Windows, and EMS, as well as Microsoft 365 Device Management, dedicated to providing integrated device management capabilities across Intune, Office, and Windows. The Security and Compliance Center will be available shortly, with Device Management to follow afterwards. Please look forward to additional details.


M365 screen.png


Over the coming months we will continue investing in more integrated, streamlined administration experiences across Microsoft 365 to help organizations become more productive and secure while optimizing their IT resources. We will also continue to improve the admin’s user experience, so admins can complete their tasks faster and easier and get more done with their day.

Source :

[MVP Blog] Provisioning an Office 365 group with an approval flow and Azure functions-part 3


Tags:- , ,

This article describes the workflow for the group provisioning process by using the Azure function from part two in combination with PowerApps, SharePoint Online and Flow to enable a good user experience. Technically, we already have the toolset with the ProvisionGroup function. Now let’s create the rest.

Create a list for requests

The workflow described in part one shall be started by a new entry in a SharePoint list or a PowerApp. So we need a custom list to collect all requests for a new Office 365 group in our company. This enables us to have a history for group request s coming in. Pick a SPO site (here it’s “O365security”)  and create a custom list “ProvisionGroup” as here. Actually, we only need a group name, but we added another text field for the “Purpose” of the group.


Of course, in real world, the list would be extended with Approval status and Success status, but in here we keep it simple. The idea is that when a new line is added to that list, the workflow shall start. The creator of the list item shall become owner of the group (as described in part two).

Create a new Flow

So, “Create a flow” asks for the trigger. In our sample, we use “Start approval when a new item is added”. Flow and LogicApps are a very powerful tools. Although there would be a ton of things to say about these instruments, in this article we just concentrate on performing our desired workflow.




The Microsoft Flow management site opens and wants confirmation for the Flow template. The current user is already added.




“Continue” opens the template for further modifications. As you can see, the flow is already created with the trigger “When a new item is created” and an approval email. We just need to enter the user account who shall receive the email. In our sample, that’s the Admin user who works in the IT department and acts as manager.



In real world, we would add an Office 365 function lookup for the manager of the “Created by Email” user and send the request to that user.

If yes, use the Azure function

Then, a “new action” must be added in the “If yes” part. We will call our Azure function from part two where we saved the endpoint URL. We will use that to call the HTTP function with a JSON body with the parameters.

Search for “http” and select “HTTP – HTTP” from the search result.


So, we simply need to fill out the HTTP request action with our data from the Azure function. It’s an HTTP POST operation and the URI is the one we copied from our PowerShell Azure function. As Body, we use the Request body from our Test pane:


We pass the group name and the owner’s UPN to the function. We don’t use any HTTP headers in this case, just a Body.


Now we need to replace the hardcoded values by the list item values. This can be done as follows:


Ensure that the syntax stays valid and that there are no unnecessary spaces left between the quotes.

And add another notification email to the creator of the request (it’s the “Created by Email” property)t: Add another action and search for “Office 365 send” as here:


And fill out the email form similar as before.


Done. Rename and create the flow (or update it if your already saved it).

Now we have created the basic functionality of our workflow.

Try it

Let’s see if the workflow does what we defined. Return to the SharePoint list and add a new item to the “ProvisionGroup” list.


See how the flow is started. The 2nd step is waiting for an approval. This will look as here.


Let’s open the manager’s Outlook (here it’s the Admin user) and approve the request:


“Approve and Submit”:


The email content changes to “Approved”.


Voila: The group provisioning takes usually only seconds and the user who initiated the group request will receive a notification email that the group has been created.


If you want to check the flow, you can see all requests as well:



…and the details (success, data and runtime) of each step: Which way did the flow go?




Here you can see that the process of calling the Azure function until it ended was 16 seconds while sending the emails takes up to one second.

Check it out

Returning to Outlook, you should see the newly created Office 365 group “IgniteDemo”.



The important part in here is, that the creator of the group is the owner and can now start to add members and content. Mission accomplished.

Create a PowerApp

As last step we can improve the user experience by using a PowerApp for the SharePoint Online list. This is just a click away: “PowerApps” and “Create an app”


“ProvisionGroupApp” is an appropriate name for the app. When clicking “Create”, a minute later, we get a ready to use PowerApp. We can run the app out-of-the-box.


The generated app has the Create-Update-Delete (CRUD) features as any SharePoint list (featured by the SPO Connector and the OData interface with a Swagger definition). So, we can create a new entry as “ConnectDemo” and add it to the list. After the postback, the new item shows up in the list and we can check the details.


Since we added a new record to the ProvisionGroup list in the PowerApp, the trigger must fire. When checking out the flow, we see that it did.


Again, we are waiting for approval. So let’s do that as before in Outlook…

After the approval, we see the new Office 365 group.


So, we have two ways for our users to start an Office 365 group provisioning approval workflow, whether it’s accessing the SharePoint list or using a PowerApp.

Consideration and costs

We have seen that such a scenario as “Provisioning an Office 365 group with an approval workflow” can be developed with existing Microsoft services by Power Users and Developers, depending on the complexity of the solution. This workflow acts as a sample to show the possibilities of creating self-service processes in your organization. Of course, there exist many third party solutions that can deliver similar workflows combined with more management options, deployment, and more features.

Our goal was to show a solution that existing Microsoft services can be used as well.

When being asked about the costs for this solution: Well, this is all within the Office 365 licenses, just Azure function are billed extra, pls. see Azure Functions pricing. To give you a short insight here: “Azure Functions consumption plan is billed based on resource consumption and executions. Consumption plan pricing includes a monthly free grant of 1 million requests and 400,000 GB-s of resource consumption per month.”. As long we stay under one million requests (we call the Azure function 1 million times for group provisioning per month and it does not consume more than 400GB-s) the service is free (otherwise it costs $0.000016/GB-s – that’s affordable, or?). Smile

Imagine the complexity that happens behind the scenes: Various products and services can be used to create a standardized workflow with loose coupling. The workflow starts in an app, writes data to a list, what acts as trigger and an approval workflow is started. If approved, the new Office 365 group is created in AAD, a SharePoint site is triggered to been provisioned, the email address is created in Exchange Online, members and permissions are added and so forth. Not bad, or?

We hope, this article series inspires you to have a look into the Microsoft Office 365 and Azure services and for using such processes within your organization!

Source :

[MVP Blog] Provisioning an Office 365 group with an approval flow and Azure functions-part 2


Tags:- , ,

In part one, we saw how the Microsoft Graph API enables programmatic access to Office 365 groups. Now it’s time to let Azure Functions help us with the desired workflow.

For the following steps, an Azure subscription and a Global Admin in the target Office 365 tenant is required.

The plan

We want our provision group function to be able to create a new Office 365 group without any user interaction. So, we need an app with the permission to accomplish the operations in our Office 365 tenant, in the same way as did for the administrator account in part 1. The key is, to create such an application first and to use that access data in our code. The workflow will execute our function, pass the parameters, and the function will do the work. So, these are the necessary steps.

Create a new App

Open the Azure portal (in the target Office 365 tenant) with a Global Admin and click on the the “Azure Active Directory” service. Go to “App registrations”. In here, click “New application registration”.




…and fill out the new app “provisiongroupfunction” as Web app/API with a fake Sign-on URL as https://localhost:40000 (we won’t need that) as follows:


After the app was created, go to “Keys”.


Add a new key “clientSecret”, make it valid for 1 year and click “Save”. Keys can be generated for 1 year, 2 years or without any expiration date. If you chose an expiration (which is usually a good idea), you need to renew the key from time to time.


Now the key is generated. You will not get any access to that key later, so save the key value, best to your OneNote, Notepad or similar tool.


We also need the “Application ID” property: 516b…


And of course, we need to set the permissions: Go to “Required Permissions”, select the “Microsoft Graph” and select “Application Permissions” for “Read and write all groups”. “Save” the app permissions.



Select more permissions depending on the desired features of the function if needed. We’re done with the app, but…

Get the tenant ID

..we need the “Tenant ID” as well. You get that in the “Properties” of the AAD with the “Directory-ID” property as shown here.


The Directory-ID d302… needs to go to our note. Now we’re done with the AAD. So we have this data collected:

string tenantId = "d302f5cf-00b3-44af-aff1-2cf91673813d";
string clientId = "516b6d70-05e4-43a7-bab1-6fa2060b04fa";
string clientSecret = "IQBz/fSblC...";

Create the Azure function as a container

The idea is to use server-less technology to provision an Office 365 group. No worries, we won’t need Visual Studio, Visual Studio Code (which BTW are great tools and highly recommended for larger code projects…) or any similar environment. We can perform all necessary steps online directly in the Azure Portal.

So, let’s create the new Azure function and fill it out… We are working with loose coupled architecture, so we can use any Azure subscription which must not be associated with the Office 365 tenant. This approach allows to build “black boxes” and to tie them together as needed easily. In our case, we let the function run in another Azure subscription.




Of course, Azure functions are a wide topic with many details, but this article concentrates on the solution. To learn more about Azure functions, see here and the videos on channel9.

Use a programing language – PowerShell is good enough

In Azure functions, there are several programing languages supported. We could use C#, F#, Javascript or … PowerShell. So, let’s keep it simple and use PowerShell, so that IT-Admins who are familiar with PowerShell can easily follow and understand this sample. (In my GitHub repository, you find the solution in C# and in PowerShell) , So, we create a new Azure function of type “HttpTrigger – PowerShell” as here.


The function name shall be “ProvisionGroup”. Let’s create that with the default authorization level “Function” – we don’t want to use a user authorization in our scenario.


…and we get the new function with some default code from a template. When clicking “Run”, the function shows the basic concept with an HTTP POST operation, a JSON input and a text output as here:



Develop the function and configure it

The function needs to perform several operations. Keep in mind that Azure functions run in a sandbox, to be more specific, in an App service in a Virtual machine. You can use default functionality, but you need to take care if you need to integrate other libraries or modules that by default are not installed in the Windows environment. We don’t have any dependencies in our sample. Currently, PowerShell version 4.0 is available.

Ok, we also need to store the app data somewhere. Instead of having these values in the code, it’s more elegant (and safe) to save these as App Settings. In here, we need to add keys for the TenantID. the AppID and the AppSecret as here. The values must be inserted from the app we created above.




Now we’re good to code…

The PowerShell code

Get the code from my GitHub repository Officde365scripts at (directly here)  and paste it into the code window.




The functions reads two parameters from the HTTP body: groupname and upngroupname is the name of the new group and since this is also the email address of the group, this must be compliant. upn is the login name of the group owner who shall be responsible for the group.

Then, it calls the Initialize-Authorization PowerShell function to authenticate with the app values from our AppSettings. If this works, we get an AccessToken that is stored in the global variable $script:APIHeader. This is the key we need to add to each Graph API operation. It must be sent in the HTTP header with the Bearer key name. So, this header is fully generated by the Initialize-Authorization function and can be added for each call.

Now back to the literal functionality. We need to do four operations:

  1. Create the group and get back the GroupID
  2. Get the UserID of the UPN passed as parameter
  3. Add the UserID as owner of the group with the GroupID
  4. Add the UserID as member of the group with the GroupID

Each request is sent as a HTTP POST operation with the PowerShell command $result = Invoke-RestMethod -Method Post and a JSON body as described in part 1. If the HTTP result of the operation is OK or Created, we know that the operation was successful and continue. In all cases, the function itself returns HTTP OK for not stopping the Flow (which will be described in part 3).

Test it

Add the parameters in the “Test” request body textbox.


Now click “Run”.


The group will now be created and the user will become owner of the new group. Check the mailbox of the owner. The new group will show up in the groups list as here.



So, if this function works, we get the address of the function.

Get the function endpoint

As last step in this part, we need to save the function URL to use it in the workflow. You get it with the” Get function URL” link as here:




Off to the flow…

After we created and tested the Azure function, we can finish this workflow in part 3.

Source :

Manage Fraud and Breach Incidents with Audit Logs in Microsoft 365


Tags:- , ,

In terms of cybersecurity, 2017 was a tough year for financial services firms. According to PWC, financial services firms on average experienced a 130% increase in fraud incidents overall, and failures to protect company and customer data led to legislative action in more than 40 states. Many financial services firms are working as fast as they can to close the gaps, but piecing together the right security solutions to protect everything from core infrastructure to tablets in bank branches can be a difficult task. Even best-of-breed approaches can still leave gaps, often because they may not work so well together with other in-house applications, or because they don’t enable security administrators to see everything that’s happening across the environment.


This is where the integrated platform known as Microsoft 365 can make a real difference because it enables organizations to track user activity throughout their cloud services and analyze audit logs to investigate or remediate possible breaches. Microsoft 365 captures user activities such as viewing, downloading, or sharing documents; changing document or account settings; and resetting passwords. These activities are logged across Exchange Online, SharePoint Online, OneDrive for Business, Yammer, Power BI, Azure Active Directory, and more. At the most basic level, audit logs help you view trends to spot ongoing issues and determine whether there is cause for concern. For example, you can see whether a user has multiple failed login attempts and from what devices, or whether a user has downloaded files containing sensitive company information. This information can determine whether the activity is suspicious or a result of user error (e.g., lost passwords, lack of training).

Microsoft 365 can help financial services institutions manage fraud and breach incidents by enabling you to:

  • Track financial advisors on the road – where they are, what device(s) they’re using, and when they’ve logged into the system or attempted to access files on the corporate network from a remote location.
  • Monitor access for private or sensitive financial documents. Access and sharing can be set at the group or user level, which can help prevent employees from having broader access to sensitive client or institutional information. You can also see when someone attempts to access documents without the appropriate permissions.
  • Help ensure compliance. Share information with legal and compliance teams when employees attempt to delete corporate information that’s critical for regulatory or industry compliance.

To learn how audit logs are helping organizations detect, monitor, and remediate emergent threats like illicit consent grants, click here to read this official blog post from the Office 365 Security team on ‘Defending Against Illicit Consent Grants’.

Source : : Blogs