Since some time we have the ability to see the health of the Azure Active Directory Connect in the new portal (https://portal.azure.com) and since a few days I saw that the sync errors are now displayed in this blade as well. This is a great addition, because it will give a better overview of the synchronization errors than the email you get every 30 minutes. I also have noticed that there are rules created to move this email to another map when it arrives because it gives a lot of clutter in the mailbox.

This week a non technical post, besides focusing on keeping my technical skills on a high level and sharing all kinds of information via this blog I have a goal to get on stage more often. To get better at speaking I followed a seminar about public speaking from one of the best in the field Andy Harrington. The seminar I went to was a preview seminar what he does and what courses he has. With this preview he lifted the curtain what you will learn in his public speaking course.

A week ago Microsoft released the public preview of the Azure B2B invitation API. I have seen this at Ignite in September that they were working on that. The announcement can be found here https://blogs.technet.microsoft.com/enterprisemobility/2016/10/31/azuread-b2b-invitation-api-is-now-in-public-preview/

With this announcement I went looking into this what other options there already are for inviting a partner into your AD. The options at this moment are:

• Upload CSV file thru https://manage.windowsazure.com
• Add a user in the new portal https://portal.azure.com
• Invitation API in the Microsoft Graph

With these three options you have a way for every kind of administrator. The csv function is a simple way to invite a larger group of users, but not the easiest one to work with. The UI in the new portal is a lot easier and integrates with adding a normal user to your AD. When the input recognizes a username with a domain not known to the Azure AD it will ask to add a personal invite message and will send an invite to that user.

This week I was trying to find a good way to disable the creating of Office 365 Groups from creating. I love the functionality of Office 365 Groups but it is still missing some key elements from using in a large corporation. The main thing missing is the ability to have naming convention, now you say but they released that. Well that is partly true. The naming convention is only applied when you create an Office 365 Group in Exchange, Outlook or the Groups app. When you create a group from Planner or any other application using groups the naming convention is not applied. This is because the naming convention that you can set is done within Exchange. This naming convention is initially meant for distribution groups but also applies for Office 365 Groups when created from the Exchange endpoint. This also applies to the creation of Office 365 Groups. You can disable this, but that only applies to the same 3 applications as the naming convention

A few weeks ago we got a few users telling us that they were not able to sign in to Office 365 with an error message “AADSTS50107: Requested federation realm object does not exist”. After searching the internet I only found errors with a whole domain not able to sign in because it was a subdomain and that was not recognized by Office 365. The affected users where able to sign in to other applications on ADFS and other users where able to sign in to Office 365 with that same domain name. This was a strange issue because the error would suggest that everybody should have an issue and not a few users on the domain.

Last weekend I visited SharePoint Saturday in Brussel Belgium. This was my fourth time here in Belgium and again a great one. The day was setup up 6 sessions of 50 minutes and a lunch break of 1.5 hours with a 30 minute.

We started at 9 with a welcome from the BIWUG team and the first session started short after that. I started with some developer sessions.

Get Typing with TypeScript

I started the day with a session from David Opdendries (@sharepointdavid)

Last week I had the privilege to attent Microsoft Ignite in Atlanta. This week was full of news, sessions and a lot of walking. Besides the sessions, this year the expo hall was large, I have spend a lot of time at the expo talking to venders, partners and Microsoft.

I have created a PDF from all my notes. On a few notes I have references to slides, the slides should be come available on https://myignite.microsoft.com/videos. On this site are also all the videos.

This week I will attend Microsoft Ignites 2016 conference in Atlanta. To make it easier for everyone to follow me I have created a OneNote that I will use to share my notes.

You can find that OneNote here: https://arjansp.nl/Ignite2016Notes

A few weeks ago it was the time of the year that the signing certificate of ADFS was expiring. Last year it took us by surprise because the ADFS team did not notify us and we did not put it in our agenda’s that the certificate would expire. So last year we had a lot of people complaining that SharePoint 2013 was not available anymore.

This year we had it in our agenda’s that the certificate would roll over, so we were prepared for a roll over and had contact with the ADFS team and made an arrangement to roll over the certificate. I also found a nice script that can be ran to prepare for the roll over. This script will download the new certificate and when the secondary certificate becomes the primary the script will update SharePoint.

Last week I got an email from a coworker that Microsoft has created a score website (https://securescore.office.com/) for Office 365 tenants. This website measures the security of your Office 365 tenant. By default the score of your Office 365 tenant is very low, I got on my personal tenant a score of 29 out of 243 and on one of my customers also got 29 out of 243.