Happy (belated) Halloween, Windows Devs! This past week gave 80s kids, pop culture fans and Windows Devs alike all a chance to celebrate the internet of things.

Our very own IoT master, Pete Brown, created a series on IoT, remote wiring, voice recognition and AI inspired by the Netflix hit, Stranger Things. Check it out below!

Internet of Stranger Things Part 1

TL;DR – go ahead and binge watch the series before getting started.

Internet of Stranger Things Part 2

Pete Brown builds a wall. But it’s more than that – Pete adds to the Internet of Stranger Things project by constructing a wall that integrates music and UWP MIDI capabilities. Learn how to cue up your very own haunting 80s synth soundtrack with part 2!

Internet of Stranger Things Part 3

The final installment of the series covers voice recognition and intelligence – two things most IoT devices don’t necessarily support. Low and behold, Pete Brown works his IoT magic in this post.

#XboxAppDev – Adding natural inputs

This post gets personal (with input methods). Learn how to add natural, intuitive input methods to your Xbox and UWP apps.

UWP Integrations for Kinect

Grab your demo hat and get ready for the new drivers and integrations now available for Kinect and UWP. Read more in this blog:

Hot off the press – more new UWP integrations for Kinect! https://t.co/qdJGiEEXyA

— Windows Developer (@windowsdev) November 4, 2016

Windows 10 Insider Preview Build 14959 for Mobile and PC

Last, but certainly not least, we released a new build for Windows Insiders in the Fast Ring. There are quite a few updates here, most notably the new ‘Universal Update Platform’ which helps streamline updates across your Windows 10 devices.

And that’s the week in Windows Dev! Feel free to tweet us with any questions, comments or suggestions for Pete Brown’s next example of IoT wizardry.

Download Visual Studio to get started.

The Windows team would love to hear your feedback.  Please keep the feedback coming using our Windows Developer UserVoice site. If you have a direct bug, please use the Windows Feedback tool built directly into Windows 10.

The SQL Product team has identified an issue with .Net 4.6.2 framework client driver for Always Encrypted enabled database on SQL Server 2016 and Azure SQL Database. The issue can lead to intermittent failure while trying to decrypt the records from the Always Encrypted enabled database with following error message

Decryption failed. The last 10 bytes of the encrypted column encryption key are: ‘7E-0B-E6-D3-39-CE-35-86-2F-AA’.The first 10 bytes of ciphertext are: ’01-C3-D7-39-33-2F-E6-44-C3-B1′.Specified ciphertext has an invalid authentication tag. 

The above failure to decrypt may potentially lead to incorrect query results which in turn may trigger incorrect actions, for instance, incorrect updates to the database.

The SQL Product team is aware of the issue and is actively working on the fix which may be made available soon. In the interim, we have following recommendation for the users

• Users who are on .Net framework 4.6.1 are not impacted by this issue and can ignore this. We recommend not to upgrade to .Net framework 4.6.2 if you are using Always Encrypted database feature until the fix for the issue is released.
• The users who have the latest version of .Net framework 4.6.2 installed, we recommend, if possible to rollback to previous version of .Net framework 4.6.1. Note: In general, you should not uninstall any versions of the .NET Framework that are installed on your computer without testing,  because the application dependent on that version can potentially break and may not function as desired.
• If the users are unable to uninstall .Net framework 4.6.2 due to application dependency, you can workaround the issue by turning of column key encryption (CEK) by setting the SqlConnection.ColumnEncryptionKeyCacheTtl property to 0 in the .Net framework 4.6.2 driver.

After uninstalling .Net framework 4.6.2 or turning off Column Encryption Key (CEK) caching, users can confirm that the error does not reappear during a table scan (e.g., SELECT * FROM < table with Always Encrypted>) executed from a query window in SSMS. Executing this scan will help validate the error doesn’t occur.

Customers who encounter the above error during the validation scan and unable to resolve the issue, should contact sqlalwaysencrypted@microsoft.com.  The team will be able to help access and recover all previously encrypted rows that were affected by this bug. There will be no permanent data loss caused as a result of this bug.

To determine which versions of the .NET Framework are installed on a system, see How to: Determine Which .NET Framework Versions Are Installed.

Parikshit Savjani
Senior Program Manager (@talktosavjani)

When I am building Hyper-V systems for big public demonstrations – I often build them with zero Internet connectivity.  The reason why I do this is because I never know what level of internet connection I am going to have as I travel around the world showing off cool new features.

For a while now I have struggled with the fact that when I open the VM Connect window on a virtual machine – and the host as no internet connection – it can take a really long time.  30 seconds in fact.  Well, I now know the reason for this – and I know how to work around it.

Short answer – it is all to do with certificates.

Long answer: when ever you connect to a virtual machine using the VM Connect window – we secure the connection using a certificate.  You can manually configure your own certificate (details here: https://technet.microsoft.com/en-us/library/ff935311(v=ws.10).aspx) but for most people you will use the certificate that Hyper-V auto-generates for you.  Ordinarily, when we attempt to use this certificate for the first time – we check with the Microsoft certificate authority to make sure that all the Microsoft root certificates are up to date. However, this fails if the physical computer has no Internet connection.  But we will try for 30 seconds before failing.

Now – at this point in time you might be thinking: “I use Hyper-V on my laptop without Internet connection – and I do not see a delay.  What is Ben talking about?”.  This is a problem that you will only see if your computer has *never* been connected to the Internet.  If you were connected in the past – we will have checked and stored the results in cache.

But if the Hyper-V host has never been connected to the Internet – you will see a 30 second delay each time you open VM Connect.

So what can you do about this?

Well – there are three options:

• Connect your system to the Internet momentarily and open VM Connect once
• Create your own certificate (per the article above)
• Tell Windows to not attempt to update the root certificate by running these commands in PowerShell:


New-Item -Path HKLM:\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot
New-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot -Name DisableRootAutoUpdate -PropertyType DWord -Value 1 –Force

Note – you are lowering the security of your system with the third option, so you should not do this on a production system, unless you have a method for manually updating root certificates in your environment.

Cheers,
Ben

In recent years, Visual Studio has added new features and experiences to allow developers to develop their C++ applications for non-Windows platforms such as Android, iOS and more recently Linux.  One of the challenges that Linux development brings to the table is making sure your native application works across the wide set of Linux distributions available. We have experienced this first-hand when developing the Visual Studio Code C/C++ extension where we needed to test the extension across a wide variations of Linux distributions. We typically build and test our C++ code on different versions of Ubuntu, Debian, Fedora, Arch, openSUSE and more. Furthermore, there are different versions of the standard C library and compilers which bring their own set of issues. To keep costs low for Linux development we made use of Docker containers on Azure.

This blog provides a walkthrough on how to use Azure VMs, Docker containers, and Visual Studio to author your multi-distro Linux C++ application with the help of the following sections:

• Prerequisites
• Docker Containers and Images
• Creating an Azure Docker VM
• Running a Docker container
• Setting up SSH for your container
• Developing your Linux C++ application from Visual Studio
• Using dockerfiles to automate building of images

Prerequisites

Through the course of this walkthrough you will need to setup the following, so let us just go ahead do this upfront.

• An active Azure account. If you don’t have one, you can sign up for a Free Azure Trial.
• Install Azure Command Line Interface which will provide you with a set of open source shell based commands for creating and managing resources in Azure. Use the Windows MSI installer which will setup the right paths in command shell.
• Docker ToolBox which will allow you to quickly install and setup  Docker environment for your computer.
• Visual Studio, with C++ and Linux Development extension which ships today as a separate extension on Visual Studio extension gallery.

Docker Containers and Images

A Docker Container is a “stripped-to-basics” version of your operating system. A Docker Image is a read-only snapshot of your software that can be “run” in a Docker Container. Docker containers can allow you to pack a lot more applications into a single physical server than a Virtual Machine can.

Virtual machines run a full copy of the operating system and a virtual copy of all the hardware that operating systems need to run. In contrast, containers only require a stripped to basic version of your operating system, supporting libraries and programs and system resources required to run a specific program.

Combine this with the additional benefit that Docker containers provide for creating a consistent development environment for development, testing and deployment. Docker is here to stay!

Alright with that very short overview on Docker lets go ahead and setup an Azure Docker VM now.

Step 1:Creating an Azure Docker VM

The easiest way to create an Azure VM is by using the cross-platform Azure command line tools. Once installed and connected to your Azure subscription, you can manage many Azure resources right from the command prompt.

Login into your subscription using the ‘azure login’ command. You will go through the following series of steps shown in the picture below.

Once you have logged in successfully to find a suitable image, run the azure vm image list command and provide additional details where you would like your VM to be hosted ‘location’ and the publisher for the VM images. All Ubuntu images on Azure are shipped by the ‘Canonical’ publisher.

azure vm image list
info:    Executing command vm image list
Location:  westus
Publisher:  Canonical

This will print for you a list of Ubuntu images. For this walkthrough, I will pick up the popular ‘Canonical:UbuntuServer:14.04.5-LTS:14.04.201609190’ image. Alternatively you can pick others from the 16.0 series as well.

The Docker Installation documentation provides step-by-step instructions on how to install the Docker Toolbox, which will in turn install Docker Machine, Engine, Compose, Kitematic and a shell for running the Docker CLI.  For this tutorial you will install this on your Windows box where you have setup Visual Studio.

Once Docker is installed and running we can go the next step which is to install our Azure Docker Ubuntu VM using the docker-machine Azure driver. You will need to replace the subscription-id with your subscription-id and your vm name e.g. hello-azure-docker-cpp.

docker-machine create --driver azure --azure-subscription-id b5e010e5-3207-4660-b5fa-e6d311457635 --azure-image Canonical:UbuntuServer:14.04.5-LTS:14.04.201609190 hello-azure-docker-cpp

This will run through the following series of command setting up the VM and installing the necessary Docker tools. If you get stuck, you can follow this guide here.

Next, set up your shell for the machine we created by running the following command, where machine name is the name of the machine you created.

docker-machine env

Step 2:Running a Docker container

The easiest way to get started with a Docker container is to make use of an existing container. For this purpose, we use a pre-existing Debian container by executing the following command.

docker run -p 5000:22 -t -i --restart=always debian /bin/bash

This will download the latest image for Debian from Docker and start a new container with it. You should see the following command window as you go through this step. You can replace ‘debian’ with ‘ubuntu’, ‘fedora’ or ‘opensuse’ for creating containers for other distros.

If this step was successful, you should see your Docker running when you execute the ‘docker ps’ command as shown below:

Step 3:Setting up SSH for your container

To build your C++ application on this newly created Linux container using Visual Studio, you need to enable SSH and install necessary build tools (gdb, g++ etc.). Setting up SSH  is generally not recommended for Docker containers, but it is required by the Visual Studio C++ Linux development experience today.

Attach to your running container by using the ‘docker attach ’ command and run the following commands to setup SSH.

apt-get update
apt-get install openssh-server
apt-get install  g++ gdb gdbserver
mkdir /var/run/sshd
chmod 0755 /var/run/sshd
/usr/sbin/sshd

Next, create a user account to use with the SSH connection to the Docker container we just created. We can do this by running the following commands. Replace with the username you would like.

useradd -m -d /home// -s /bin/bash -G sudo 
passwd 

All right, we are almost there. The last thing we need to do is make sure the port we are using (5000) is allowed by the inbound-security rules by our Docker resource group’s firewall. The easiest way to do this is to use Azure portal, bring up the network security firewall for the VM we created on Azure and traverse to the inbound security rule. For the VM created in this walk-through the resource is shown below:

As a part of the Inbound security rule, Add and Allow an additional custom TCP security rule with the port you chose for your SSH connection as shown in the figure below.

You should now be able to SSH into your Linux container using your favorite SSH client application. The and in the command below will need to be replaced based on your settings.

ssh -p  port-name @

Step 4: Developing your Linux C++ application from Visual Studio

To setup Visual Studio for Linux C++ development, you can read this walkthrough, which we keep current. This walkthrough covers installation, project setup and other usage tips, but to summarize, you need to do two things:

First, run the following command on your Linux containers which downloads dependencies required to build and debug.

sudo apt-get install  g++ gdb gdbserver

Second, download the Visual C++ for Linux development extension or get it from the Extension Manager in Visual Studio. Please note the Linux extension is only supported for Visual Studio 2015 and above.

Once Visual Studio is set up, go ahead and set up connection properties for all your containers in the Connection Manager. The Connection Manager can be launched from Tools->Options as shown in the figure below:

Notice how by using the Docker containers, you can now develop your application on Debian, different versions of Ubuntu, and Redhat simultaneously using one Virtual Machine from within Visual Studio. 

Alright with everything else setup, we can finally start building and debugging Linux C++ code on our containers. You can choose from any of the following simple templates from the File->New Project-> C++ -> Cross Platform -> Linux section as shown in the figure below to get started:

For this exercise, choose the simple Console Application template. If you want to start with something more rich you can use this simple  tictactoe project.

Next, pick the Linux distro, Docker container you would like to compile and debug this on. You can choose between them by selecting the one that you would like in the Remote settings section:

You can now start debugging (F5) which will copy your sources remotely, build your application and finally allow you to debug your application.

Great! you are now successfully debugging a C++ Linux application running in a container inside an Azure VM.

Step 5: Using Dockerfiles to automate building of images

So far you’ve used very basic Docker commands to create your Docker containers in the previous sections. The real power of Docker comes from not only enabling you to instantiate different versions of Linux distros on one virtual machine in a cheaper, more productive manner, but Docker also provides a way to create a consistent development environment. This is because Docker lets you use a Docker file with a series of commands to set up the environment on the virtual machine.

A Docker file is similar in concept to the recipes and manifests found in infrastructure automation (IA) tools like chef and puppet. You can bring up your favorite text editor and create a file called ‘Dockerfile’ with the following content.

FROM debian
RUN apt-get update && apt-get install -y openssh-server
RUN mkdir /var/run/sshd
RUN echo 'root:screencast' | chpasswd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config

# SSH login fix. Otherwise user is kicked off after login
RUN sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd

ENV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile

EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]

RUN apt-get install -y openssh-server g++ gdb gdbserver

You can now run the following commands to build your docker container with this docker file and get it running!

"C:\Program Files\Docker\Docker\resources\bin\docker.exe" build -t debiandockercontainer . 
"C:\Program Files\Docker\Docker\resources\bin\docker.exe" run -d -P --name debiancontainer debiandockercontainer 
"C:\Program Files\Docker\Docker\resources\bin\docker.exe" port debiancontainer

Running the ‘docker ps’ command will list your newly created container and you can start with Linux C++ development in Visual Studio.

Wrap up

As always, we welcome your feedback and we would love to learn from your experiences as you try this out. This blog is focused on Linux containers, in the future I will also talk about how you can extend your story with Docker containers for your Windows development.

If you run into any problems, following these steps you can email me your query or feedback if you choose to interact directly! Otherwise, we are happy to see your comments and interact with you here through comments. For general Visual Studio product suggestions, you can let us know through User Voice.

Point. Click. Share. More securely.

The newest version of ShareFile, the secure file sharing and storage solution used by 99% of the Fortune 500, now integrates two of top security features available in Windows 10 – Windows Hello and Windows Information Protection (WIP).  ShareFile for Windows 10 is optimized for all devices and form factors (AIOs, laptops, 2-in-1, convertibles, tablets and phones) and is available as a free download for Windows 10 customers in the Windows Store today.

With the new ShareFile Universal Windows Platform app, customers will be able to sign-in faster, easier and more securely with Windows Hello* using biometric sign-in with a smile or fingerprint or alternatively using ShareFile PIN or Passcode. You can secure your ShareFile account with Windows Hello from “Settings” ->“Passcode settings”.

Also, Windows Information Protection (WIP) has been fully integrated in the ShareFile experience, enabling ShareFile customers to prevent unauthorized access to business data using WIP’s data separation, containment, and encryption capabilities. Users can freely copy content between business apps and documents, while WIP will help prevent business data from accidentally leaking to unauthorized locations (e.g.: personal documents or the public web) and applications. IT can optionally choose to empower select employees with greater use rights that enable them to publish business data to non-business locations. In this case, users will be advised to comply with business policies and informed that their actions will be audited. This managed separation creates data protection on demand for our ShareFile customers and means ShareFile users can comfortably use a single app for all their uses cases.  ShareFile’s WIP integration works on shared devices and helps maintain protection when data is saved to removeable storage devices such as USB thumb drives.

With Windows 10 running on more than 400 million devices worldwide, we’re excited to continue to offer our customers convenient and secure solutions to transfer and share business documents and files anytime, anywhere.

OMS Security collects all events from Windows Security, App Locker, and Firewall event logs. As OMS is a big data service, it can handle a large amount of data, and customers don’t need to carefully sift through their events to decide which ones to save. But, we have heard from customers that in some cases, they would like to reduce the volume of events that are being collected.

Today, we are enabling a new capability to filter the collected events by selecting sets of events. We wanted to balance the need to reduce the volume while maintaining enough events for investigation, auditing, and threat detection. We also wanted to create a simple mechanism that would allow customers to choose the right filtering policy without maintaining endless lists of event IDs.

With this new capability, OMS Security allows the selection of four sets of events to be collected by the agent. The four sets are:

• All events– For customers who want to make sure all events are collected. This is the way OMS Security worked until now and will continue to be the default.
• Common– This is a set of events that will satisfy most customers and allow them a full audit trial.
• Minimal– A smaller set of events for customers who want to minimize the event volume.
• None– Disable security event collection from security and App Locker logs. For customers who choose this option, their security dashboards will have only Windows Firewall logs and proactive assessments like antimalware, baseline, and update.

These sets were designed to address typical scenarios. Make sure to evaluate which one fits your needs before implementing it.

To choose the set for your workspace, click the Settings button from the main security dashboard:

To determine the events that will belong to each set, we worked with several dozen customers and industry standards. We processed the statistics that they shared with us to learn about the unfiltered frequency of each event and their usage. We used the following guidelines in this process:

• Make sure that the minimal set covers only events that might indicate a successful breach and important events that have a very low volume. For example, this set contains user successful and failed login (event IDs 4624, 4625), but it doesn’t contain logout which is important for auditing but not meaningful for detection and has relatively high volume. Most of the data volume of this set is the login events and process creation event (event ID 4688).
• Provide a full user audit trail in the common set. For example, this set contains both user logins and user logoff (event ID 4634). We also included in the common set auditing actions like security group changes, key domain controller Kerberos operations, and other events that are recommended by industry organizations.
• Events that have very low volume were included in the common set as the main motivation to choose it over all the events is to reduce the volume and not to filter out specific events.

Here is a complete breakdown of the Security and App Locker event IDs for each set:

Other than offering the filtering option, we are always working to improve the parsing and indexing capabilities of the security events. For common events, we are making sure that all properties are extracted and indexed. For these events, we removed the EventData property that includes the unparsed XML to reduce their volume.

We are looking for feedback and will fine-tune the event IDs in the different sets. Send us your feedback to: omssecfeedback@microsoft.com. As much as we can, we will try to move events from the bigger sets like all events and common to the smaller sets like minimal and not vice versa.

If you are using Public Folders (legacy or Modern) and would like to migrate some of them to Office 365 Groups, we are working on a solution for that. We are starting with the migration of Calendar folders and will move on to other types as we complete work on calendars. We would like to have customers who would like to try this migration to provide feedback. Please email us with below information if interested. You can also send us your information if you would like to try migrating other types of public folders (other than Calendar) as we extend the support to those folder types.

Drop us an email at: pftogroupmigration@service.microsoft.com

• Customer name:
• Tenant domain name in Exchange Online:
• Location of public folders; on-premises or Exchange Online:
• If on-premises, Exchange version of public folder servers:
• Public folder types to migrate (Mail, Calendar, Task, Contact):
• Expected month/year of migration:

Your organization might need to join our TAP program (depending on public folder location) – and if so, we will share those details with you after reviewing the above.

Public Folder Migration team

We came across a browser modifier that sports rootkit capabilities. Not only does the threat, detected as BrowserModifier:Win32/Soctuseer, cross the line that separates legitimate software from unwanted, it also takes staying under the radar to the next level.

Rootkit capabilities, which make it difficult to detect and remove applications, are usually associated with malware. Yet Soctuseer uses rootkit capabilities to conceal its presence on a computer, ultimately making it difficult for affected users to control their device and browsing experience.

Apart from hiding its presence, Soctuseer installs itself without using your browser’s supported extensibility model for installation. And, once installed and running, it takes away the control you should have about how it operates. You can’t enable or disable it from your browser settings. The result is that you can be served webpage content that is modified without your consent.

No matter how it attempts to hide, though, most Soctuseer installations and system modifications will be uncovered and removed by the Microsoft Malicious Software Removal Tool (MSRT). We’re adding detections for BrowserModifier:Win32/Soctuseer in this month’s MSRT release, helping to lessen interference to your browsing experience.

More than a million machines infected

Just like most browser modifiers, Soctuseer is distributed by software bundlers. We have seen Soctuseer brought along by other unwanted software that we detect as SoftwareBundler:Win32/InstallMonster and SoftwareBundler:Win32/Techrelinst.

Since September 2016, we have seen over 1.2 million infected machines, 40% of which are in the US, Indonesia, and India.

Figure 1: Map showing location of observed Soctuseer infections. The United States, Indonesia and India account for 40% of infections.

Ads for discounted products tailored to your search activities

Soctuseer’s main objective is to display advertisements while you browse the internet. It pops up ads based on searches you make on specific websites. For example, if you were searching for “laptop” on your favorite online retailer, Soctuseer pops up ads for other sites offering laptops, supposedly at discounted rates. The ads have the attribute name “Social2Search”.

Figure 2: Social2Search ads for “red shoes” on Microsoft Edge

Figure 3: Social2Search ads for a “laptop” on Internet Explorer

Soctuseer uses the following methods to display ads:

• Installing a NetFilter driver
• Injecting a DLL directly to the browser’s process

Both methods meet the evaluation criteria that Microsoft Malware Protection Center (MMPC) uses for identifying unwanted software. MMPC categorizes as unwanted software any program that changes the browsing experience without using the browsers’ supported extensibility models. The Microsoft browser extension policy states: “Programs should use the supported mechanisms for extending or modifying the behavior or user experience of Microsoft Edge and Internet Explorer, or the content displayed by these browsers. These supported extension mechanisms are designed to ensure that users are able to customize and extend their browser with software of their choice, while maintaining safe and uninterrupted use of their browser and PC.”

System changes made by Soctuseer are reversed by MSRT

Folder and files

Soctuseer creates a random 32-digit hexadecimal subfolder under the Program Files folder. It then adds all its files in the subfolder. All the files follow the same 32-digit hexadecimal format.

Figure 4: Folder and files created by Soctuseer follow the same 32-digit hexadecimal format

Rootkit

Some Soctuseer versions have rootkit capabilities, which is not very common in browser modifiers. These versions install a driver that limits access to its files. Only the following processes, which are related to certain system files, web browsers, and its own uninstaller, can access its files, effectively hiding Soctuseer’s files from any other process not on this list:

Figure 5: Only the processes on this list have access to Soctuseer’s files

To demonstrate this, the following screenshot shows two command prompt windows. The window on the left is the normal cmd.exe, while the one on the right shows what happens when you rename cmd.exe to one of the process names above (for example, browser.exe):

Figure 6: Modifying the file name of a command prompt to one of the process names above allows you to access the folder and list the files inside it

Service

Soctuseer creates a service that automatically executes at system startup. The service uses a randomly generated name in 32-digit hexadecimal format, but always uses “Enhances experience when browsing the web” as the description:

Figure 7: Soctuseer’s service name also uses the 32-digit hexadecimal format

Scheduled Task

Some versions of Soctuseer also install an updater component that runs in a scheduled task. The updater is a PowerShell script that checks and downloads updates, if available. It also uses the same 32-digit hexadecimal format for the task name. The task file is located in the Windows folder (usually C:\Windows),

In this example, the scheduled task runs every 20 minutes:

Figure 8: Soctuseer also creates a Scheduled Task to download updates

Start Menu shortcuts

Soctuseer adds various shortcuts to the user’s Start Menu.

Figure 9: Example of shortcuts created by Soctuseer in Start Menu

Uninstall entry

Interestingly, Soctuseer adds an uninstall entry using the name “Social2Search”.

Figure 10: Soctuseer’s uninstall entry with the name “Search2Search”

Prevention, detection, and recovery

To help stay protected:

• Keep your Windows Operating System and antivirus up-to-date and, if you haven’t already, upgrade to Windows 10.
• Use Microsoft Edge. It can:
  • Help warn you about sites that are known to be hosting exploits
  • Help protect you from socially-engineered attacks such as phishing and malware downloads
  • Automatically detect bad changes and protects settings
• Use the Settings app to reset to Microsoft recommended defaults if your default apps were changed.
  • Launch the Settings app.
  • Navigate to the Default apps page.
    • From Home go to System > Default apps.
    • Click Reset.
• Avoid browsing web sites that are likely to host malware (such as illegal music, movies and TV, and pirated software download sites)
• Ensure your antimalware protection (such as Windows Defender and Microsoft Malicious Software Removal Tool) is up-to-date.
  • If you are using Windows Defender, you can check your exclusion settings to see whether the malware added some entries in an attempt to exclude folders from being scanned.
    • To check and remove excluded items in Windows Defender:
      1. Navigate to Settings>Update & security>Windows Defender>Add an exclusion.
      2. Go through the lists under Files and File locations, select the excluded item that you want to remove, and click Remove.
      3. Click OK to confirm.
• Use cloud protection to help guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Windows Defender for Windows 10. Go to All settings>Update & security>Windows Defender and make sure that your Cloud-based Protection settings is turned On.

Related information

See How Microsoft antimalware products identify malware: unwanted software and malicious software for the objective criteria details.

For additional information about what Browser Extensibility Models are, and why we require programs to use them, see the following pages:

• A brief discourse on Changing browsing experience
• Keeping Browsing Experience in Users’ Hands, an Update… 
• Internet Explorer Browser Extensions

James Patrick Dee

MMPC

Today’s post was written by Bill Baer, senior product manager for the SharePoint team.

When we launched SharePoint Server 2016, we shared our vision that it would be a foundational release, born in the cloud and built for continuous innovation. Today, we’re pleased to announce our next step on this journey with the availability of Feature Pack 1.

Through the November 2016 Public Update for SharePoint Server 2016, we’re delivering several new features based on customer feedback, extending support for hybrid scenarios and developer needs, including:

• Administrative actions logging for common SharePoint administrative actions.
• MinRole enhancements to support small and medium-sized farms.
• A OneDrive for Business modern experience.
• Custom tiles in the SharePoint app launcher.
• SharePoint hybrid auditing unified across site collections on-premises and in Office 365.
• Hybrid taxonomy unified across on-premises and Office 365.
• OneDrive API for SharePoint on-premises.

Administrative actions logging

SharePoint administrators spend time troubleshooting administrative changes to their on-premises environment that can result in failure conditions or other undesired effects. To aid in troubleshooting, especially in the increasingly common multiple administrator set-ups, we have added logging around key SharePoint administrative actions performed either through the SharePoint Server 2016 Central Administration website or through the SharePoint Server 2016 Management Shell.

MinRole enhancements

MinRole is the new farm topology in SharePoint Server 2016 that simplifies your deployment experience and improves performance and reliability. Based on a set of predefined server roles, MinRole takes the guesswork out of making sure that services are running on the right servers in your farm. You decide what services you want to run in your farm, and MinRole handles the details of where they should run.

We’ve enhanced MinRole with two new server roles that are optimized for small and medium-sized farms: Front-end with Distributed Cache and Application with Search. Now, you can deploy a MinRole farm with just two servers or a high availability (HA) MinRole farm with just four servers. Our farm topology guidance has been updated to cover the full range of MinRole farm sizes.

OneDrive for Business modern experience

The new look and feel is clean, intuitive and beautiful; the navigation is simple to understand and use, and you always have frequently used actions like upload, edit and share just one click or touch away. We’ve also made it easier to keep your files organized with easy selection and drag-and-drop features that work just like folders on your PC. And power users will notice that familiar keyboard commands and right-click options make working with your files even faster. The OneDrive for Business modern experience is available to Software Assurance customers.

Custom tiles

The App Launcher provides quick and easy access to all your SharePoint and Office 365 workloads. Now, you can also add your own custom tiles that point to other SharePoint sites, external sites, legacy apps and more. This makes it easy to find the relevant sites, apps and resources to do your job.

OneDrive API

Build a quick integration that allows your users easy access to OneDrive files from within your app. Now, with OneDrive for Business support, you can build a robust file management and workflow app for your line of business.

The OneDrive API provides a set of HTTP services to connect your application to files and folders in OneDrive Personal, OneDrive for Business and document libraries in SharePoint Online. OneDrive API makes it easy to connect your app to your user’s files across Office 365 and access the advanced functionality of files in OneDrive and SharePoint.

In addition to the updates above, we’re extending support for additional hybrid scenarios with SharePoint and Office. Hybrid provides a bridge between your existing on-premises SharePoint investments and Office 365. With Feature Pack 1, we’re introducing two new hybrid scenarios, auditing and taxonomy.

SharePoint hybrid auditing (preview)

Microsoft SharePoint Insights is a new hybrid feature that aims at helping administrators manage their SharePoint infrastructure by giving them access to various reports and dashboards in Office 365. The reports generated from SharePoint 2016 Preview on-premises diagnostic and usage logs.

If you opt in for this service, audit logs get collected and uploaded to Office 365 regularly. From the Office 365 dashboard, you can view auditing and activity reports that show usage and reliability patterns in your SharePoint Server farm.

Hybrid taxonomy (preview)

Taxonomy is key to promoting discoverability and access to the right information at the right time. Hybrid taxonomy in SharePoint Server 2016 allows customers to bring their taxonomy store to Office 365 enabling a single-source for creating and managing Terms, Term Sets and Groups through a single Managed Metadata Service.

Learn more about what’s in Feature Pack 1 and how to get started at go.microsoft.com. For more information, read our blog post, “Announcing Feature Pack 1 for SharePoint Server 2016—cloud-born and future-proof.”

—Bill Baer

The post Feature Pack 1 for SharePoint Server 2016 now available appeared first on Office Blogs.

Howdy folks,

As you know, we turned on the public preview of the Azure AD admin experience with the new Azure portal just a couple months ago. At the time the preview went live, I promised we’d keep making improvements to create an experience with the all the capabilities of the classic portal and some exciting new enhancements as well.

So today I’m happy to let you know that we’ve added Azure Active Directory auditing features to the preview! These new capabilities are designed to help you meet your reporting and compliance needs by providing a rich way to view, investigate, and analyze audit and sign-in data.

And having all this information in one place creates a more efficient and streamlined work process that allows you to absorb and analyze more data faster. Want to know more? Read on!

Fig 1. Azure AD in the new Azure portal

What’s new?

Single view of all audit and sign-in logs: With the transition to the new portal, we’re making all audit logs available in a single view within the Azure Active Directory. You can see those logs by clicking “Audit logs” or“Sign-ins” in the left navigation menu.

Fig 2. Activity Logs in the Left Nav menu

Contextual audit and sign-in logs: You can also see audit logs within the context of the operation you’re performing in the portal. With this pre-filtered view, you can easily find out who did what to your resources. See pre-filtered audit and sign-in data in different areas, including:

• User Management blade: see User Activities
• Single user profile page: see which activities were done by/on the user
• Enterprise Applications blade: see App Activities
• Single app profile page: see the operations have been performed by/on the app in the past 30 days
  

Rich search & filtering experience: We’ve introduced new filters for audit and sign-in logs so you can easily search and filter for specific information. In the UX, click on the “Filters” button to get a list of all the new filters, including:

• Date and time
• Actor’s UPN (e.g. danny@contso.com or you can simply type Danny)
• Activity Type (E.g. User, Group, App, Policy, Domain, etc.)
• Activity (E.g. Add User, Add Application, Add Owner to App, etc.)
  

Below is a snapshot of the new filters available today:

Figure 3: Advanced filtering for Audit logs

Reporting data insights – Overview blade

The overview blade gives you access to everything you need in your directory, and now there will also be a visualization of your usage data in the context of your location within the Portal. For example, if you are in the “Enterprise applications” overview blade, you will see the top apps in your organization.

Figure 4: Top Apps in your organization

If you’re in the “Users and groups” blade, you will see all the user sign-in trends for the past 30 days.

Fig 5. User sign-in trends over last 30 days

Reporting data insights across all resources

One of the coolest features in the preview is the ability to look at activity not just per resource but across all resources in your tenant. All activity data is categorized as audit and sign-in data. For more detailed information about how you can view, search, and filter audit and sign-in activities, check out our reporting documentation.

Audit logs across all resources (Users, Apps, and Directory)

To see audit logs across resources, click on the Audit logs item in the resource menu of the directory you’ll also find this option in the resource menu for “Enterprise applications” and on the “Users and groups” blade.

On the Audit logs page, you’ll see a list of recent audit events in your tenant. Use the search box to find the activity you’re interested in, and use the filter button to select audit events from a specific time interval.

Fig 6. Viewing changes made to apps by a specific user

Fig 7. List of all directory audit logs

Sign-ins across all resources (Users and Apps)

You can get similar insight into sign-ins by clicking Sign-ins in the resource menu of the directory, “Enterprise applications”, or “Users and groups” blade. There, you’ll see a list of recent sign-ins to applications. Like audit events, you can filter using the box right above the list or use the filter button in the command bar to scope the results to a time interval.

Click a row in the list to see details for an individual sign-in, like who signed in, when they signed in, from where, and from which device and IP address.

Fig 8. Viewing recent sign-ins to Office 365, and properties for one of those sign-ins

Fig 9. Viewing recent sign-ins for all users and search for specific information

Accessing report data programmatically

As part of the preview release, we’re providing two new APIs for accessing activity logs, which offer much richer filtering options. You will be able to access the same data you see in the portal using the APIs programmatically.

Audit API

The new Audit API provides logs for all the audit events listed here. In addition, the new Audit API features a rich set of filters you can use to filter your activity logs through the API. You can filter by Activity Date, User Principal Name (UPN), Activity Type, Target Resource Type, Activity Name, Target Name, etc. Check out the Audit API reference guide for more information.

Sign-in API

The new Sign-in API provides all the user sign-in information for your tenant. You can view detailed sign-in information like the status of sign-ins, device information, and IP address. In addition, you can use filters like Sign-in date, Sign-in status, User ID, Application ID, Application Name, and User Name. You can find more information in the Sign-in API reference guide.

Feedback

We will continue working on and releasing new features, and will let you know right here on our blog. In the meantime, we hope you love using the preview experience. Keep the feedback coming! We want to hear about anything you love or hate, and ideas for continuing to improve the user experience.

There’s a lot of new stuff in this preview, and we’d love to get as much feedback as possible as we drive toward making the new portal experience generally available. Please share your thoughts with us in the ‘Admin Portal’ section of our feedback forum. We look forward to hearing from you!

Best regards,

Alex Simons (Twitter: @Alex_A_Simons)

Director of Program Management

Microsoft Identity Division

In August 2016, we announced that Office 365 Groups would get full-powered SharePoint team sites. When you create a group, Office 365 gives the group a shared inbox, calendar, OneNote notebook, place for files, Planner for task management—and now a modern team site with pages, lists, libraries and team news, so the group can collaborate, communicate and coordinate. This is now 100 percent rolled out to all Office 365 First Release customers, as noted by the @SharePoint team.

Starting today, people will be able to create SharePoint team sites connected to Office 365 Groups from the SharePoint home in Office 365—and it’s fast. Admins control how these new capabilities appear for their users. And it is more intuitive to adjust the site as business needs require. Now, no matter where users create an Office 365 group (from Outlook, Microsoft Teams, Yammer and more), they will consistently get a full-powered, modern SharePoint Online team site.

To work together as a team, people need to be adaptable, connected and mobile. In this modern era, it is essential that productivity tools, like SharePoint Online and Office 365 Groups, adhere to these very characteristics.

Let’s dive in to the details of how we’re connecting new sites with groups and making it lightning fast to get started.

Users quickly create sites connected to Office 365 Groups from the SharePoint home page

When it comes to managing information and building business apps, people turn to SharePoint Online team sites—to create multimedia news articles, manage documents, track data in lists and more. Users can create SharePoint Online team sites connected to Office 365 Groups by clicking the Create site button on the SharePoint home page in Office 365. A two-step creation wizard will fly out from the right. Step one: Enter the title of the team site, select whether the group will be public or private, choose the site classification and then click Next. Step two: Enter the owners and members, click Finish and you’re done. A modern SharePoint Online team site is provisioned and ready for use in seconds.

The Create site wizard is connected to Office 365 Groups and creates a SharePoint Online team site in seconds.

Admin controls for how team site creation works from SharePoint home

What about managing the Create site functionality? SharePoint Online admins can control the user availability and behavior of the SharePoint home Create site button, and in cooperation, Office 365 global admins can control how site classification appears to highlight usage guidelines to their users.

The updated Site Creation settings can be found in the SharePoint Online admin center—within the settings tab. The new experience will let users create sites that include Office 365 Groups by clicking the Create site button on the SharePoint home page that starts the new Create site wizard. If you already enabled the original Start a Site for your users, we recommend that you review the new settings to ensure you selected options that meet your business needs.

Admins control how Create site works using the Site Creation settings within their SharePoint Online admin center.

Admins can manage whether Create site appears at all, and when it does, admins can adjust who sees the Create site button and what their provisioning experience should be (classic, modern or custom).

Learn more about how to manage Site Creation in SharePoint Online. Additionally, admins can control additional aspects of Office 365 Groups. Learn more about how to manage Office 365 Groups.

Adjust team sites as needs grow and change

As the entire SharePoint Online team site experience becomes more modern, users can more easily adjust commonly used settings without having to click multiple times into a classic site settings page—but rather accomplish tasks more intuitively within the context of what they are doing.

Editable home page

Create your site to meet your team’s needs. The team site home page is now editable. This means you can go into Edit mode and add, remove and reorder your site’s various web parts. Do you need to see a rollup of certain content on a particular topic? Add the Highlighted Content web part, select the filtering criteria and watch as content adjusts dynamically based on search. Want to add a group forum discussion? Throw the Yammer web part in the mix. There are a lot of web parts already available, and more are coming. Also, as you add and adjust, you can be confident the page and web parts will look great on web and mobile (within the SharePoint mobile apps).

When in Edit mode, users can use the toolbox to add new web parts to their home page.

Learn more about using web parts on pages.

Modern create panel for new libraries and lists

We’ve modernized the experience for creating new lists and document libraries, to help users add value to their team sites right from the top portion of the team site home page, instead of multiple clicks in. Click + New, choose the new component from the drop-down menu, and out pops the create wizard.

Click + New>List to bring up the inline creation pane to provide details, and then click Create.

In-place navigation editing

We’ve also brought forward in-line editing of left navigation elements, a nice feature that helps site owners encourage all members to find and make use of the site’s full capabilities.

Easily add new URL links to the left-hand navigation and adjust where and how the link shows up in the left-hand nav.

Edit site information

As needs change—for instance, a project codename getting a final public name—we’ve built in to the modern team sites experience a new way to edit site properties without leaving the home page. The editing panel is available for connected Office 365 Groups sites—accessible from the top-right gear menu. It allows owners to update the site name, description, privacy level and classification. Changes made here will also be reflected in the group. Note: we will be removing Site Settings from the gear—instead, we’ll show Site Information to make it simple to change the most common information, and from this panel, users will have a link to the full site settings page if they need more advanced configuration.

Edit site permissions

Beyond site information, site owners may want to further refine the level of access group members have when working in the team site. For this, we’re bringing a site permissions panel for connected Office 365 Groups sites—also accessible from the top-right gear menu. We think owners of public groups will particularly appreciate how easy this makes it to decide whether non-members should have full edit permissions, or whether public access should be limited to read-only viewing.

Give your classic site a modern home page

It is now possible to create a modern page in a classic team site and declare it as the new, modern home page. You simply go to the Site Pages library within Site contents. Create a new, modern page and add whatever web parts make sense for the front of the team site. Once it looks as you want it to, select the page from within the Site Page library and choose Make homepage from the command bar above. Your classic site just got a modern face lift.

Select Make homepage to declare a modern page as Home in a classic team site.

We look forward to your feedback

SharePoint Online team sites and Office 365 Groups bring integrated content collaboration to a new level. And there’s more to come, making it easier to create, use and manage content and information throughout the work cycle. We look forward to your feedback every step of the way. Please share your thoughts in the SharePoint space of the Microsoft Technical Community and submit your ideas to the SharePoint UserVoice page—and we always have an eye on tweets to @SharePoint. Let us know.

Frequently asked questions

Q. What is the rollout plan for the new Create site capabilities on SharePoint home in Office 365?

A. This week, we will first update the Start a Site settings in the SharePoint admin center for our First Release customers. The new settings will be renamed Site Creation, and admins can then decide if they want their users to get the new site creation experience. The user capability to create modern sites connected to Office 365 Groups will then be enabled the following week.

Q. What happens if my company already built a custom site collection provisioning solution?

A. If you have built a custom site collection provisioning solution, you will be able to maintain it when you select the Use this form at this URL: checkbox. We are working on updating SharePoint Patterns and Practices (PnP) guidance so you can provision a new, modern team site connected to Office 365 Groups (instead of a classic site)—you will be able to programmatically do one or the other per your requirements.

The post Create connected SharePoint Online team sites in seconds appeared first on Office Blogs.

Today we’re happy to announce our release candidate for TypeScript 2.1! If you aren’t familiar with it, TypeScript is a language that adds optional static types to JavaScript, and brings new features from ES6 and later to whatever JavaScript runtime you’re using.

As usual you can get the RC through NuGet, or just by running

npm install -g typescript@rc

You can then easily use the RC release with Visual Studio Code or our Sublime Text Plugin.

While TypeScript 2.1 has a lot of great features coming up, we’d like to highlight how much more powerful TypeScript 2.1’s inference will be, as well as how much easier it will be to write asynchronous code in all runtimes.

Smarter Inference

TypeScript 2.1 now makes it easier to model scenarios where you might incrementally initialize variables. Since a lot of code is written like this in JavaScript, this makes it even easier to migrate existing codebases to TypeScript.

To understand better, let’s start off talking about the any type.

Most of the time, if TypeScript can’t figure out the type of a variable, it will choose the any type to be as flexible as possible without troubling you. We often call this an implicitany (as opposed to an explicit one, where you would have written out the type).

let x;      // implicitly 'any'let y = []; // implicitly 'any[]'let z:any; // explicitly 'any'.

From that point on, you can do anything you want with those values. For many people, that behavior was too loose, which is why the --noImplicitAny option will warn you whenever a type couldn’t be inferred.

With TypeScript 2.0 we built out a foundation of using control flow analysis to track the flow of types throughout your program. Because that analysis examines the assignments of every variable, we’ve leveraged that same foundation in TypeScript 2.1 to more deeply examine the type of any variable that seems like it’s destined for a better type. Instead of just choosing any, TypeScript will infer types based on what you end up assigning later on.

Let’s take the following example.

let x;// We can still assign anything we want to 'x'.x= () =>42;// After that last assignment, TypeScript 2.1 knows that 'x'// has the type '() => number', so it can be called.x();// But now we'll get an error that we can't add a number to a function!console.log(x+42);//          ~~~~~~// error: Operator '+' cannot be applied to types '() => number' and 'number'.// TypeScript still allows us to assign anything we want to 'x'.x="Hello world!";// But now it also knows that now 'x' is a 'string'!x.toLowerCase();

When it comes to assignments, TypeScript will still trust you and allow you to assign anything you want to x. However, for any other uses, the type checker will know better by climbing up and looking at whatever you’ve actually done with x.

The same sort of tracking is now also done for empty arrays! This means better completions:

let puppies = [];puppies.push(newPuppy());for (let pup ofpuppies) {pup.bark();//  ^^^^ Get completion on 'bark'
}

And it also means that TypeScript can catch more obvious errors:

puppies[1] =newKitty();for (let pup ofpuppies) {pup.bark();//  ~~~~ error: 'bark' does not exist on type 'Kitty'
}

The end result of all this is that you’ll see way fewer implicit any errors in the future, and get much better tooling support.

Downlevel Async Functions

Support for down-level asynchronous functions (or async/await) is coming in 2.1, and you can use it in today’s release candidate! async/await is a new feature in ECMAScript 2017 that allows users to write code around promises without needing to use callbacks. async functions can be written in a style that looks synchronous, but acts asynchronously, using the await keyword.

This feature was supported before TypeScript 2.1, but only when targeting ES6/ES2015. TypeScript 2.1 brings the capability to ES3 and ES5 runtimes, meaning you’ll be free to take advantage of it no matter what environment you’re using.

For example, let’s take the following function named delay, which returns a promise and waits for a certain amount of time before resolving:

function delay(milliseconds:number) {returnnewPromise<void>(resolve=> {setTimeout(resolve, milliseconds);
    });
}

Let’s try to work on a simple-sounding task. We want to write a program that prints "Hello", three dots, and then "World!".

function welcome() {console.log("Hello");for (let i =0; i<3; i++) {console.log(".");
    }console.log("World!");
}

This turned out to be about as simple as it sounded.

Now let’s say we want to use our delay function to pause before each dot.

Without async/await, we’d have to write something like the following:

function dramaticWelcome() {console.log("Hello");

    (function loop(i){if (i<3) {delay(500).then(() => {console.log(".");loop(i+1);
            });
        }else {console.log("World!");
        }
    })(0);
}

This doesn’t look quite as simple any more! What about if we tried using async functions to make this code more readable?

First, we need to make sure our runtime has an ECMAScript-compliant Promise available globally. That might involve grabbing a polyfill for Promise, or relying on one that you might have in the runtime that you’re targeting. We also need to make sure that TypeScript knows Promise exists by setting our lib flag to something like "dom", "es2015" or "dom", "es2015.promise", "es5":

{"compilerOptions": {"lib": ["dom", "es2015.promise", "es5"]
    }
}

Now we can rewrite our code to use async and await:

asyncfunction dramaticWelcome() {console.log("Hello");for (let i =0; i<3; i++) {awaitdelay(500);console.log(".");
    }console.log("World!");
}

Notice how similar this is compared to our synchronous version! Despite its looks, this function is actually asynchronous, and won’t block other code from running in between each pause. In fact, the two versions of dramaticWelcome basically boil down to the same code, but with async&await, TypeScript does the heavy lifting for us.

Next Steps

TypeScript 2.1 RC has plenty of other features, and we’ll have even more coming for 2.1 proper. You can take a look at our roadmap to see what else is in store. We hope you give it a try and enjoy it!

Re-posted from the Revolutions blog.

Dealing with distributed data and having to program concurrent systems is not always the easiest of tasks, and data scientists familiar with R are unlikely to have extensive experience with such systems. In such scenarios, Spark offers a very popular, intuitive distributed data processing platform, with R and Python APIs that are more familiar to the average data scientist than scala. An intriguing set of APIs available for Spark for R users is the sparkapi package from RStudio and the associated sparklyr project, which provides a similar dplyr syntax for manipulating Spark DataFrames.

Azure HDInsight, a key component of the Cortana Intelligence Suite, is Microsoft’s Apache Hadoop distribution for the cloud. HDInsight offers easy to use Hadoop, Spark, R, HBase, and Storm cloud services. Configuring the numerous components of the Hadoop ecosystem can be a tricky job at best, so the HDInsight service was designed to give data scientists and analysts the power of scalable distributed computing in the cloud without the hassles of configuration and management.

In this post, we demonstrate how to utilize premium HDInsight Spark clusters with a complete installation of Microsoft R’s stack for doing data manipulation at scale. Read the original post here or by clicking the image below.

CIML Blog Team

To read last week’s post, see The week in .NET – .NET Foundation – Serilog – Super Dungeon Bros.

On .NET

Last week, Mei-Chin Tsai and Jan Kotas were on the show:

This week, we won’t be streaming live, but we’ll be taking advantage of the presence of many MVPs on campus for the MVP Summit to speak with as many of them as possible in the form of short 10-15 minute interviews.

Package of the week: Enums.NET

Enums.NET is a high-performance type-safe .NET enum utility library which caches enum members’ name, value, and attributes and provides many operations as C# extension methods for ease of use. It is available as a NuGet Package and is compatible with .NET Framework 2.0+ and .NET Standard 1.0+.

Game of the Week: Ylands

Ylands is a low-poly sandbox game that gives players the tools to create their own environment and scenarios. When first jumping into the world of Ylands, you pick a completely modifiable island to build and play your own adventures. Using the Scenario Editor, you are able to make anything happen – talking chests, teleportation, castles in desperate need of sieging and even large scale scenarios that you can challenge your friends with.

Ylands is being developed by Bohemia Interactive using Unity and C#. It is currently in early alpha development for Windows and has a free trial available.

App of the week: Markdown Monster

Rick Strahl doesn’t just blog a lot, he also writes some quality tools. This week, he’s introducing Markdown Monster – a new Markdown Editor by Rick Strahl. Markdown Monster is a WPF application, and I’m using it to write this post.

User group meeting of the week: Intro to HoloLens Development with Unity and UWP in Sterling, VA

Microsoft Maniacs are holding a meeting in Sterling, VA on Wednesday, November 9 about HoloLens development using Unity and UWP.

.NET

• C# NumberFormat Sections by Rick Strahl.
• The “Internet of Stranger Things” Wall, Part 1 – Introduction and Remote Wiring by Pete Brown.
• Custom Project File for Building Nuget Packages by Robb Schiefer.
• Why an HTML5-Compliant .NET is Important by Mike-EEE.
• Paket-like NuGet with MSBuild by Brice Lambson.
• .NET Standard based Windows Service support for .NET by Martin Andreas Ullrich.
• Mapping to Getter-only Properties with EF Core by Christian Nagel.
• .NET Document Databases with Marten by Jason Roberts.
• Learn .NET Core by example (or micro example) – Part II by Jon Hilton.
• High performance field clobbering and HTTP benchmark and pipelining by Ayende Rahien.
• ASP.NET Core RESTful Web API versioning made easy and The mystery of dotnet watch and ‘Microsoft.NETCore.App’, version ‘1.1.0-preview1-001100-00’ was not found by Scott Hanselman.
• Install .NET Core on Mint 18 or Elementary OS by Hrvoje Hudoletnjak.
• Lazy async initialization for expiring objects by Filip W.
• Streaming API in Seq 3.4 by Nicholas Blumhardt.
• .NET Core + RabbitMQ = RawRabbit by Piotr Gankiewicz.

ASP.NET

• Bearer Token Authentication in ASP.NET Core by Mike Rousos.
• ASP.NET Core Budgeting App Series (Part 5 FINALE) – A basic UI with React, enabling CORS, and my opinion of ASP.NET Core so far by Joe Petrakovich.
• Adding Cache-Control headers to Static Files in ASP.NET Core by Andrew Lock.
• ASP.NET Core: Using view injection by Gunnar Peipman.
• Step by step: Scale ASP.NET Core with Docker Swarm by Carlos Mendible.

F#

• Join the F# Slack Team
• LINQPad Dump for F#, by Mark Heath
• F# and .NET Core with SDK Development Group #1, presented by Enrico Sada
• Case Study: Writing Microservices with F#, by Rachel Reese
• TDD Kata in F#/C# using FsCheck, by Michał Niegrzybowski

Check out F# Weekly for more great content from the F# community.

Xamarin

• Xamarin Beta Release: Cycle 8 Service Release 1 RC Builds and Xamarin Preview: iOS Simulator (For Windows) update 6 by Adrian Murphy.
• Xamarin Developer Events in November by Jayme Singleton.
• Live Webinar | Scale Your Mobile Quality: Industry Benchmarks and Testing Best Practices by Courtney Witmer.
• Mobile Leaders Podcast | Productivity and Delight in Enterprise Apps with Josh Clark of Big Medium by Anusha Sethuraman.
• Adding the Microsoft Graph to Your Xamarin.Forms Mobile Apps by Mayur Tendulkar .
• Xamarin Podcast: What’s New in Xamarin.Forms 2.3.3 by Pierce Boggan.
• Say Hello to Siri with SiriKit by Mike James.
• The Xamarin Show: Grab a Snack Pack! by Cody Beyer.
• The Xamarin Show 8: Microsoft Graph with Simon Jäger and Cross Platform Photos with Media Plugin by James Montemagno.
• Operation Separation, Introduction to UrhoSharp in Xamarin Forms, and UrhoSharp 3D Moving Object by Adam Pedley.
• Xamarin Quick Tip – Changing the UISegmentedControl Text Color and Xamarin Quick Tip : Identifying if a device is an iPad or an iPhone using UserInterfaceIdiom by Carey Payette.
• The Golden Rules Of Bottom Navigation Design by Nick Babich.
• Be more awesome with MFractor for Xamarin Studio by Michael Ridland.
• ReactiveUI Goodies – Merge by Jan Hannemann.
• Announcing Azure Storage Client Library GA for Xamarin by Windows Azure Storage.
• Prism for Xamarin.Forms 6.3 Preview with Improved Template Pack by Brian Lagunas.
• Banish Compiler Directives From Shared Projects! by Matthew Soucoup.

Azure

• Using Azure DocumentDB and ASP.NET Core for extreme NoSQL performance by Matías Quaranta.

Games

• Unite 2016 Keynote Wrap Up: News on Graphics, Platforms, VR and More by Alice Liang.
• Unity – 2D Movement (Part 6c) – Animation : Aim (video) by Pixel Make.
• [Unity 5] Tutorial: How to make a compass in unity (video) by Gamad.
• Mono game drawing tutorial (video) by Tj Bomba.
• The challenges of porting XCOM 2 to consoles by Alan Bradley.
• 5 Most Expensive Game Localization Mistakes by Damien Yoccoz.

And this is it for this week!

Contribute to the week in .NET

As always, this weekly post couldn’t exist without community contributions, and I’d like to thank all those who sent links and tips. The F# section is provided by Phillip Carter, the gaming section by Stacey Haffner, and the Xamarin section by Dan Rigby.

You can participate too. Did you write a great blog post, or just read one? Do you want everyone to know about an amazing new contribution or a useful library? Did you make or play a great game built on .NET? We’d love to hear from you, and feature your contributions on future posts:

• Send an email to beleroy at Microsoft,
• comment on this gist
• Leave us a pointer in the comments section below.
• Send Stacey (@yecats131) tips on Twitter about .NET games.

This week’s post (and future posts) also contains news I first read on The ASP.NET Community Standup, on Weekly Xamarin, on F# weekly, and on Chris Alcock’s The Morning Brew.

There’s a Windows 10 PC built for anything you want to do, whether it’s watching a movie, working in a spreadsheet or playing your favorite games – like Lenovo’s newest gaming PC, the IdeaCentre Y710 Cube, now available at Microsoft Stores and at microsoftstore.com. These devices take advantage of great Windows 10 features, including your digital personal assistant Cortana and compatibility with Xbox Play Anywhere.

These devices are redefining the desktop category by taking the desktop from a home appliance – something you keep under your desk – to part of the home décor – something displayed in the living room or on top of the desk to show off.

Let’s take a look at some of these desktops:

1. The new Lenovo IdeaCentre Y710 Cube
2. HP Omen X Desktop
3. Dell Alienware Area-51
4. HP Elite Slice
5. Samsung ArtPC Pulse
6. Dell Inspiron Micro Desktop

Experience the best in gaming desktops

The Lenovo IdeaCentre Y710 Cube with Windows 10, now available

The new IdeaCentre Y710 Cube with Windows 10 is designed with a built-in carry handle for easy transport between gaming stations, ideal for staying competitive no matter where you play. The Cube also comes with the option of an integrated Xbox One Wireless receiver with one Xbox One controller. The receiver supports up to eight Xbox One controllers simultaneously for gaming sessions with friends.

Proving a true gaming rig doesn’t need to take up an entire room, the IdeaCentre AIO Y910 captures the power of state-of-the-art PC desktops in an all-in-one form and fits conveniently in places where a bulkier PC can’t. It cuts down on the sprawling hardware and cables that clutter traditional towers, while allowing you to handle 4K gaming, VR and high-quality streaming with massive computing capabilities in real-time. An easily detachable back panel allows for one-step access to the core components.

Other features include:

• 27-inch Quad High Definition (2560×1440) borderless display
• NVIDIA’s latest GeForce GTX 1080 graphics, up to 6th Gen Intel Core i7 processor and up to 32GB of DDR4 RAM to handle today’s most resource-intensive releases
• Twin 5W Harman Kardon stereo speakers for impeccable sound
• Killer DoubleShot Pro Wi-Fi reduces in-game lag
• Ultra-thin display features 144Hz refresh rate and 5ms response time to deliver that tactical edge when every millisecond counts

Pricing and Availability: The Lenovo IdeaCentre Y710 Cube starts at $1,299 USD.

The HP Omen X Desktop with Windows 10

The OMEN X Desktop is a fully customizable, powerful desktop featuring the best performance, thermal management and cutting-edge design. This desktop is built with a revolutionary thermal management solution, which includes a tri-chamber design with dedicated cooling for each chamber. The tool-less access to the internals, clean cable management features and a toolkit hidden in the chassis accommodates any customization you might want. You can also buy an empty OMEN X Desktop chassis as a standalone option for a do-it-yourself PC experience.

Other features include:

• Powered by Windows 10
• DirectX 12 capable for stunning gaming visuals
• The OMEN Control software provides complete design control, allowing for custom LED light modifications and brightness adjustments in real time.
• 6th generation Intel Core i5/i7 over-clockable processors and the latest graphics technology, up to dual NVIDIA GeForce GTX 1080 and up to dual AMD Radeon R9 Fury X
• NVME PCIe connected SSDs
• Includes support for up to three 120mm liquid cooling radiators with top-mounted exhaust vents and a stand that lifts the case off the ground to help pull cool air in, allowing for maximum ventilation.

Pricing and Availability:The HP Omen X Desktop starts from $589.99 USD.

The Dell Alienware Area-51 with Windows 10

With a VR-ready Alienware PC, you can be the first to experience the future of gaming. The Alienware Vive-Optimized desktops are unmatched in performance, featuring Intel processors and NVIDIA or AMD graphics options. The Area-51’s three corners are built to support five times the system’s weight, and you can pivot the system towards you and gain easy access to the rear ports when connecting or disconnecting cables. You’ll get built-in support for the Xbox controller and can even stream Xbox One games to a Windows 10 Home PC, laptop, or tablet anywhere in your home.

Other features include:

• Powered by Windows 10
• Intel Core i7 Haswell-E processors
• Factory overclocked and liquid-cooled
• Available with 6 or 8 core CPU options
• Intel’s X99 Express Chipset
• Quad Channel DDR4 2133MHz RAM
• SSD + HHD Storage Options
• Intel 802.11ac Wireless (internal)

Pricing and Availability:The Dell Alienware Area-51 starts from $1,699.99 USD.

Great PCs for productivity

The HP Elite Slice with Windows 10   

 The HP Elite Slice is the first modular commercial desktop with cable-less connectivity and enables customers to build the desktop of their choice. This desktop changes the way office space is designed to create work environments that boast productivity and collaboration with its modular design, featuring stunning curves in matte black with polished copper accents to streamline workplaces. The ultra-small, big power form factor is just 6.5” x 1.38” x 6.5” and weighs 2.31 lbs.

Other features include:

• Powered by Windows 10
• Optional touch fingerprint sensor for improved security and easy authentication.
• Up to 6th Generation Intel Core i7 35-watt processors
• Integrated wireless charging and USB Type-C
• Unique 360-degree dual fan pipe ring keeps the powerful device running cool
• Peripheral support for enhanced productivity including one Ethernet port, built-in Wi-Fi module and antennas, one HDMI and one DisplayPort to power multiple displays
• Powered from a display via only one USB 3.1 Type-C cable with a Type-C compatible display, including the optional new Quad HD HP EliteDisplay S240uj Monitor

Pricing and Availability:The HP Elite Slice starts from $699 USD.

The Samsung ArtPC Pulse with Windows 10

The Samsung ArtPC PULSE redefines the design of computers as we know it. With Windows 10, you can navigate through an engaging and intuitive tile display and create virtual desktops to save space and keep your work projects and personal apps separate. Impeccably slim and exquisitely premium, the Samsung ArtPC PULSE is built with full metal in a cylindrical form factor. Plus, an eye-catching lighting band lets you set up smart notifications or add a splash of character. This is the first computer you want to place at the center of your space.

Other features include:

• Powered by Windows 10
• Desktop-grade 6th Generation Intel Core i5 processor with Microsoft Signature Edition
• AMD RX 460 graphics card and dual 4K outputs for your movies, photos and more
• 360° omni-directional speaker unit powered by Harman Kardon

Pricing and Availability: The Samsung ArtPC Pulse starts from $1,199.99 USD.

The Dell Inspiron Micro Desktop with Windows 10       

The Inspiron Micro Desktop with Windows 10 packs a full suite of features into an ultra-compact package small enough to hold in one hand at just 5.16” x 5.16”. Families seeking a space-saving computing solution will love the micro desktop’s simple and streamlined design, engineered to blend in with other household devices without cluttering your space. You can boot up in seconds and quickly access data with a responsive, reliable solid state drive, and enjoy lightning-fast access to websites, games and apps with the latest dual-core Intel Celeron or quad-core Intel Pentium processors.

Other features include:

• Powered by Windows 10
• Four USB ports and a 3-in-1 SD card reader
• HDMI and DisplayPort for easy multi-tasking
• Gigabit LAN, integrated Bluetooth and the latest long-range 802.11a/c wireless technology

Pricing and Availability: The Dell Inspiron Micro Desktop starts from $229.99 USD.

*Cortana available in select markets.
**Windows Hello requires specialized hardware, including fingerprint reader, illuminated IR sensor or other biometric sensors and capable devices.

Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released.

More information about this month’s security updates and advisories can be found in the Security TechNet Library.

We on the Visual C++ documentation team are pleased to announce some changes to the API reference content in the following Visual C++ libraries: STL, MFC, ATL, AMP, and ConcRT.

Since the beginning of MSDN online, the Visual C++ libraries have documented each class member, free function, macro, enum, and property on a separate web page. While this model works reasonably well if you know exactly what you are looking for, it doesn’t support easy browsing or searching through multiple class members. We have heard from many developers that it is painful (sometimes literally) to click between multiple pages when exploring or searching for something at the class level.

Therefore we have re-deployed the above-mentioned reference content as follows:

   For STL:

    Each header will have a top level topic with the same overview that it currently has, with links to subtopics, which will consist of:

· one topic each for all the functions, operators, enums and typedefs in the header

· one topic for each class or struct which includes the complete content for each member.

   For MFC/ATL/AMP/ConcRT:

· one topic for each class or struct

· one topic for each category of macros and functions, according to how these are currently grouped on MSDN.

We strongly believe this change will make it much easier to read and search the documentation. You will be able to use Ctrl-F to search all instances of a term on the page, you can navigate between methods without leaving the page, and you can browse the entire class documentation just by scrolling.

Non-impacts

1. Reference pages for the CRT, and the C/C++ languages are not impacted.

2. No content is being deprecated or removed as a result of this change. We are only changing the way the content is organized.

3. None of your bookmarks will break. The top level header and class topics all retain their current URLs. Links to subtopics such as class members and free functions will automatically redirect to the correct anchor link in the new location.

4. F1 on members, for now, will be slightly less convenient. It will take you to the class page, where you will have to navigate to the member either by Ctrl-F or by clicking the link in the member table. We hope to improve F1 in the coming months to support anchor links.

Why now?

Documentation at Microsoft is changing! Over the next few months, much content that is now on MSDN will migrate to docs.microsoft.com. You can read more about docs.microsoft.com here at Jeff Sandquist’s blog. On the backend, the source content will be stored in markdown format on public GitHub repos where anyone can contribute by making pull requests. Visual C++ has not moved to the new site just yet, but we are taking the first step by converting our source files from XML to markdown. This is the logical time to make the needed changes. By consolidating content, we have the additional advantage of more manageable repo sizes (in terms of the number of individual files). More content in fewer files should make it easier for contributors to find the content they want to modify. 

So here is the scenario:

1. I have a remote Hyper-V server running Nano Server. 
2. I have PowerShell remoting setup to manage this system (details on how to do this here: https://technet.microsoft.com/en-us/windows-server-docs/get-started/manage-nano-server).
3. I then have a number of Nano Server virtual machines running on the this system.

What I want is to be able to easily access PowerShell in each of these virtual machines.  What I want to avoid is configuring each one to have PowerShell Remoting configured – and to have that port exposed on the network.  The simple solution here is to use PowerShell Direct.

What I have actually done is to create a simple little script like this:

$VM = “NS1”

$HVServer = “hyperv.test.com”

$c = get-credential

$session = New-PSSession -ComputerName $HVServer -Credential $c

invoke-command -Session $session {Enter-PSSession -VMName $using:VM -credential $using:c}

Enter-PSSession $session

Then I create a shortcut that launches:

Powershell.exe -NoExit -File C:\Users\benja\Desktop\NS1.PS1

Now when I double click on that shortcut – I get a prompt for my credentials, and I get connected directly to my virtual machine.  First a PowerShell session is created on the Hyper-V server – then a second session is created to the virtual machine.  Finally I am connected to it.

Nice and simple.

Cheers,
Ben

This coming Monday, November 14^th, PowerShell will have been shipping for 10 years, so the team is going to celebrate with a day-long event, running from 8:00 am to 4:00 pm (PST). This will be streaming live and shown world-wide on the home page for Channel9.msdn.com.  

We’ll have segments on PowerShell and SQL, PowerShell and Azure Automation, and the future directions for PowerShell, and … well you get the idea. In addition, we’re planning several presentations showing cool ways of using PowerShell, including setting up a Minecraft server, using PowerShell to control sprinklers or an IOT-based Theramin, and managing a Tesla (among other things).

There will also be opportunities to hear the team members talk about how the product has evolved, and some of the MVPs talk about community involvement and the new open source engagement. 

The events and agenda are listed on Channel9.

In addition to our presentations, we will be running a set of Code-Golf contests. If you aren’t familiar with the concept, in Code-Golf people try to reproduce what a script does, using fewer characters to do that than the original author. It’s a fun opportunity to show your PowerShell coding skills, and we will award some cute prizes to the winners.

You can join at any time, stay and participate in the coding contests, or come back later for any of the talks above. This is going out on Channel9.msdn.com, so the talks will be available later – even if they aren’t quite as much fun as hearing us live.

So join us at 8:00am (PST) for the kickoff by Jeffrey Snover and Kenneth Hansen for the PowerShell 10^th Anniversary Celebration!