undraw buy house

How 130 people decided to save the nation even before it was declared in our state

Reading Time: 4 minutes

MoreYeahs – One Medium size family with 130+ members located in Tier-II city Indore which anticipated in a very different way while others were making memes for the storm so-called Novel Corona disaster.
It started with China and then Outbreak in several countries. We in India confirmed our first case in the last week of January.

Somewhere inside we all knew that it will spread and it will come to us – we have to prepare ourselves.
The first week in March and India had 50 confirmed cases that’s where people got a little serious (yes little because other than memes some actual information started to share).
While MoreYeahs on alert and already had already stopped all unknown people to enter office premises and had all precautious items to sanitize and what to do and what not to do share with all members.

The second week of March and cases are just increasing – while our state had no cases. MoreYeahs decided to take action to safeguard its people and all families associated.


Challenges faced –
1. Not everyone had a personal laptop with good performance or not have.
We ordered top-end laptops for team members (especially developers) due to non-availability in the market we had a limitation.
So, we decided to provide laptops to those who have to travel outside of Indore and get the desktops with secured connections to those who live in Indore or near Indore.

2. Not everyone had the internet connection.
We asked people to get the internet connection before 10 days to which 90% people were able to have a connection before 20 March but for 10% we have to find an alternative as most of the areas are not supported by broadband providers in Indore such as Noorani Nagar (near Chandan Nagar). We asked them to buy best possible dongle with a network provider who could serve sufficient enough to work Microsoft Dynamics 365 environment(which required high bandwidth in our expert area).

Here is the complete story with timeline –

Before 12 March we had 2% of members working from home. With the increasing rate of cases, we thought it will hit us in Mid April but our leadership group decided not to wait till the storm hit and we can make our house strong and protect people. We conveyed to all our members to have an internet connection within two days.

line graph and bar graph of office space vs WFM
Proposed Plan

Day-1: Phase-I
Chaos Monday -16 March 2020

Morning headlines – curve took a high turn with 10 new cases a day. Early morning management meet called – we decided we are making everything work from home to balance the life of our people and client work.
We breakdown this it in 7 days plan (Monday to Monday) with three phases-
Phase -I: People who live away from home (non-residential to Indore) and using public transport daily to the office will be sent home with all resources within two days (till 16 March 2020).
Phase-II: Members who have internet connections and laptops will be given work from home with 4 days (till 20 March 2020 expected 60% of MoreYeahs).
Phase-III: Last stage where 100% WFH needs to be achieved (till 21 March 2020).

Phase-I
We made the list of people with parameters –
1. You have a laptop or desktop at home (Yes/No)
2. You have an Intern connection (Yes/No)
3. Are you residential to Indore (Yes/No)?
4. Are you using public transport to travel to the office (Yes/No)?

We have the list ready in 15 minutes and immediately marked 20 people to start work from home starting 16 March 2020. We informed everyone about the plan and initiated it.

Day-2
17 March 2020
we decided to get phase-II started earlier than expected as rates of cases are increasing and our state is still safe.

We initiated phase-II – on 16 March 2020 itself parallel to phase-I.
We ordered testing devices in one single day for our QAs to get to the home the same day. Achieved 50% force at home.

Day-3
18 March 2020, we were at 60% work from home with all new laptops configured and assigned to members. The separate team initiated to deliver configures machines to respective areas – three teams and 6 Areas to cover with more than 30 machines to deliver with tracking of machines.

Day-4
19 March 2020, we were at 75% work from home with machines ready to deliver BUT the rest 25% dint get the internet connection as the market started to pick up for service providers in our area such as Hathway, Airtel, and JioFiber.
Wheres one of them informed they have 90 requests with advance money in a single day for a single person to provide connection.
which increases our difficulty but we reach out to those providers (followed them everywhere and even team members bring them to their houses for connection)

Day-5
20 March 2020
Suddenly we have a piece of news that Madhya Pradesh has confirmed 4 cases
suddenly the fear turns into reality and we knew we have to push our efforts and on 20 March 2020 afternoon, we have the numbers to 97% with internet connections.

Representation of actual execution of the plan

The human resource department instructed people to work from home or we would be providing leaves to members. Rest 3% were networking teams who need to ensure access to a secured environment and 2 members who do not good internet connection (less than 1 Mbps) at their homes.
But we took the decision to compromise with 2 to work from home at any cost. The last step towards 100% is our hero – IT team or say networking team which has house nearest to the office will only be available for the next two days with precautions.

We (MoreYeahs) sharing the above story not brag about it but to share our experience with corporates and companies in Indore and around to take measures and actions to ensure the safety of people and society.

An isolated women working from home

Let’s stand together – Isolate ourselves and work from home to save our country’s health and economy.

DOWNLOAD SOURCE CODE FOR FREE
Data Protection and Security

Where is India on Health Care Data Protection?

Reading Time: 4 minutes

Data security is an interesting and complex topic, particularly when examining health care data. With India’s recent proposal for a data protection law that will give government authorities broad powers to access personal information (see this article in the Financial Times)

Let me share two personal stories that relate to data protection encouraged me to prepare this material:

  1. While scrolling through Facebook I noticed one person has shared one patient’s reports on his status to boost his methodology for treatment. This included both personal and health information. Below is an anonymized screenshot.
anonymized screenshot.

2. Doctor Ajay(name changed) is a specialist in respiratory and lung diseases. When we spoke on technology, he was eager to learn and implement technology that can save time and follows laws. Currently, many doctors use WhatsApp to share/receive reports but they are not sure if it is compliant. Still, it is widely used because it is easy to use and allows for the rapid sharing of information. Dr. Ajay told me they don’t prefer applications for booking because they take away patient information and use for their benefits. Lastly, he avoids handwritten prescription which is openly used in India. He wishes to have print or electronic form (protected as well). It was a healthy conversation with him.

My research is focused on discussing the following topics:

  1.  Does India have any data protection law in place?
  2. What was are the specific issues relating to the health care industry?
  3. Is GDPR applicable in health care?
  4. Where is India on Health Care Data Protection and how we are different?

This article is intended to collect research on India that can be used for comparison with other jurisdictions such as the US to compare and learn from other laws and compliances.

US has Federal Data protection law in place (for history and details refer here https://fas.org/sgp/crs/misc/R45631.pdf) under which there are major listed acts such as GLBA, HIPAA, FCRA, Communication Act, FERPA, COPPA, ECPA and CFPA. There are also different state protection laws such as CCPA along with the EU’s GDPR.

HIPAA (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information.HHS (Health and Human Services) is the Regulatory/Authority covering all areas for PHI. Under this data security law, all health care providers or related parties should protect electronic data. If there is a breach, then they have 60 days of time to notify to authority. Violations of HIPAA could lead to imprisonment.

The EU had the Data Protection Directive (DPD), also known as Directive 95/46/EC, from  1995. On April 27, 2016, GDPR replaced DPD and came into force on May 25, 2018 (Read the difference here https://www.synopsys.com/blogs/software-security/dpd-vs-gdpr-key-changes/).

GDPR, which covers both personal, sensitive and critical information of individual and entity, is being discussed and accepted around the globe when operating in the EU. It is implemented under data protection Act 2018 by which is applicable in EU region but parties from around the globe who work with or for people/parties in EU has to comply with GDPR requirements. GDPR applies even though there is separate US federal data protection policy for the EU region.DPA (Data Protection Authority) is the agency within each EU country which is the regulatory body. Article 33 defines that any breach should be reported within 72 hours to authority.

There are two levels of penalties based on the GDPR:

1. The first is up to €10 million or 2% of the company’s global annual turnover of the previous financial year, whichever is higher.

2. The second is up to €20 million or 4% of the company’s global annual turnover of the previous financial year, whichever is higher.

The potential fines are substantial and serve as a high motivation for companies to ensure compliance.

Referring to the initial points:

  1. Yes, India does have the data protection bill named as Personal Protection Bill (PDP) 2018.

a. “Privacy” as a fundamental right essential to life and liberty.

b. Bill provides the right to an individual to seek protection for personal and sensitive information. PDP divides information in two categories -i) Personal and ii) Sensitive.

c. Data protection Authority is empowered to regulate and control the implementation of the bill in the country.

d. There are grounds created to use or provide consent to use/transfer data.

e. Data also allows to transfer data outside of India but on certain conditions and approvals but do not define the regulations mentioned in GDPR (for more information see http://prsindia.org/billtrack/draft-personal-data-protection-bill-2018 )

f. There is no timeline to notify authority is specified (my research has not found any) but there is the penalty in place as 50 Million INR or 2% worldwide turnover of the fiduciary.

2.   Yes, India has recently put in place DISHA (Digital Information Security in Healthcare, act) for health care industry data protection –https://www.nhp.gov.in/NHPfiles/R_4179_1521627488625_0.pdf

a.   DISHA legislation is focused on healthcare data privacy, confidentiality, security and standardization.

b.   DISHA creates regulatory authorities, both at the central and state level, to enforce the rights and duties envisaged under the legislation.

c.    At the central level, the National Electronic Health Authority (‘NeHA’) and State Electronic Health Authority (‘SeHA’) will be responsible.

d.   Article 38 and 39 provide detailed information on the breach, notify on breach and penalty but not the specification of under which timeline or how much will be the penalty.

In conclusion, although India is behind other jurisdictions when it comes to data protection the current actions are encouraging.

DOWNLOAD SOURCE CODE FOR FREE
Microsoft CRM Reporting

How to optimize automation using Azure DevOps

Reading Time: 3 minutes

In this blog, we are discussing a feature of DevOps by which we can optimize automation. Manual testing is out fashioned yet it is still important but if we work on big projects we always feel the testing phase should be performed rapidly. Here at moreYeahs we are optimizing automation using DevOps.

We are using selenium to do automation for testing of the dynamics CRM project. Using the .net Unit test project we created test cases. Under the TestClasses, we defined TestMethod which is basically test cases. Test Classes categories type of test. For best practice, we should always have some basic test cases which need to be performed each time we create a new build to do further development.

Before doing all these we need to write test cases that contain test steps. Test Steps describe the execution steps and expected results that are documented against each one of those steps. Each step is marked pass or fail based on the comparison result between the expected and actual outcomes.

basic step test

Save test case and copy its id.

Now we need to associate this test to our unit project for it we need to place code on the repository. From the test explorer, we need to associate the test as below.

Save test case and copy its id.
From the test explorer, we need to associate the test as below.

You need to add the ID of the test case created in azure DevOps’s test case.

You need to add the ID of the test case created in azure DevOps’s test case.

You got the link of a test case in ID column which directly opens into azure DevOps.

Here we are ready enough to use one of the most useful features of DevOps which provide true automation. Azure Pipelines is a cloud service that you can use to automatically build and test your code project and make it available to other users. It works with just about any language or project type. Azure Pipelines combines continuous integration (CI) and continuous delivery (CD) to constantly and consistently test and build your code and ship it to any target. Azure Pipeline is its self topic which I will cover on the next blog. Here I would like to discuss the pipeline that will automate the test cases.

Before creating a pipeline we need to create a configuration of test plan in Azure DevOps. The configuration is a platform on which the test code will run. Like which OS to use, which browser to use, etc. All these definitions provided in the configuration.

You got the link of a test case in ID column which directly opens into azure DevOps.

We need to assign a configuration to test suits so suits will use configuration to run its test cases.

The configuration platform

Now we are good to use pipeline’s vsTest task add it into a pipeline and configure it below.

Select test plan from the dropdown, select test suits, select test configuration.

check Test mix contains UI test as it is automation we need to check this.

Save and queue the pipeline and run it

Save and queue the pipeline and run it. you can see real-time logs as tasks are running.

We can get a summary of test cases also we can get logs of fail test cases.

We can get a summary of test cases also we can get logs of fail test cases. All these features going to provide ease in the development process and help develop more effective softwares.

DOWNLOAD SOURCE CODE FOR FREE
IT sector startups boom

IT sector startups boom despite the economic slowdown

Reading Time: 3 minutes

We do come across articles on a regular basis highlighting the economic slow down in the country. A logical analysis of this scene will bring you to the conclusion that the start-up of IT companies is still coming up independent of the market scenes. Core sectors of civil and mechanical engineering have undoubtedly seen a slump in the jobs as a result of the market scenes. But here is the other side that despite the job crisis in the core sectors the IT industry is still open to recruitments. This article in no intention is putting up the points that advocate the fact that the IT industry is more lucrative than the core sectors but this blog is actually a kind of case study of the overall economic scenes of the startups.

Here are some interesting observations:

  • IT is self-dependent

Most core sectors depend on the funds of the Government or some angel investor. But in IT what you all need to start a company is just a laptop (just kidding). But that’s still the reality because core sectors involve the tedious process of approval from the government bodies but here in IT you just need some innovative and technically expert individuals who are looking forward to new opportunities to convert into business. Also, various bidding portals too have more jobs posts pertaining to IT as compared to the core sector projects which makes this market more open to the software geeks.

  • Qualitative Assessment

The yearly appraisal of the core sectors is more dependent on the number of years spent in the profession rather than the quality of the experience. Of course, this does hold true for the ones who are working and creating their models on software,……but that again brings us back to the IT. The IT industry is more focussed on the targets achieved rather than giving importance to the number of years of experience.   

IT industry
Focus on quality
  • High ROI

Let’s take an example:

You want to start a crusher plant. Just think of the investments that are needed for this.you must have come to a huge number right? In addition to this if you are looking to start a construction company that is dealing in highways than you will have to, first of all, invest the amount of your own and then after review from the NHAI and bank officials funds will be granted to disbursed to you.

And the return for this cost is also uncertain as the flow of money in these industries is also a time-dependent factor. But for the IT sector, you can use your networking skills to bring in more projects so eventually, there are no big investments required to start your fresh venture. And that does not require a huge handsome investment for a startup.

#Opinion

The above-mentioned points are not stated to compare the two industries. For the perennial development of a country, both the industries go hand in hand. But it is just a reference for someone who is looking for a startup and is falling short of funds. There are myriads of examples where the big industry tycoons from core sectors who started from scratch and now they are millionaires.

The bottom line is life is all about exploring the best of you. Once know the niche that you are expert and work with your passion then there is no one stopping you. And never forget that there are endless opportunities but “opportunities always come dressed in the clothes of work”

DOWNLOAD SOURCE CODE FOR FREE
Paper work

Worried About Sales Target

Reading Time: 2 minutes

WORRIED ABOUT SALES TARGETS?

Worried About Sales Target

Every salesperson is having concern of Targets, like How to achieve? What will help in targets? What procedure I should follow, Where I can get big projects? And a lot of thoughts coming in every Salesperson’s mind.

Do you know how much it’s easy? Here are the points I’m sharing with my personal experience.

  • Focus on the company, not the Prospect
  • Follow-up by Multiple Email
  • Relevant Content to Prospect
  • Know when it’s time to break up
  • Vary your follow-up mediums
  • Be persistent just for a while
  • Don’t follow-up too often
  • Build your Social Media Presence
  • Ask for reference
  • Not done after a Sale
Follow Up

Focus on the company, not the Prospect If you’re selling your product to small businesses, reaching out to one person could be enough. But if you’re selling to larger organizations, multiple people are involved in the buying decision and you need to build relationships with all of them.

Follow-up by Multiple Email What you have to remember is that you may not get a response from your first email as inbox clutter is too common. Get ready to send multiple emails if you plan on using this approach. Here, you must give a lot of importance to the subject line, as it acts as the underlying factor to open your email or not.

Relevant Content to Prospect If you are talking to any prospect or sending any mail that should be relevant if you want attention from the client.

Know when it’s time to break up the Best time to follow-up with any prospect is the time when he is looking for services.

Vary your follow-up mediums Follow-up medium should be different not only one.

Be persistent just for a while Don’t give up, If you haven’t got a response from your first email.

Don’t follow-up too often It’s simple. Create a follow-up schedule and stick to it.

Build your Social Media Presence Please check this blog how to make Social Media Presence  https://sproutsocial.com/insights/building-social-media-presence/

Ask for reference Nothing is better than a happy customer because happy customers spread the happy word & they will refer you further or you can ask for referrals.

Not done after a Sale Don’t treat a signed contract like a finish line. There are high chances you will get more business from the same client, so continue your follow-up.

Sales is always about Persistent. To achieved target, its very important to “you should be persistent whatever approach you are using.”

Well said by:

“Either you follow-up or you fold-up”
― Bernard Kelvin Clive

DOWNLOAD SOURCE CODE FOR FREE
Laptop

Installation and Configuration of Omnichannel – Part 2

Reading Time: 3 minutes
INSTALLATION AND CONFIGURATION OF OMNICHANNEL IN CRM D365

This is the second part of the Installation and Configuration of Omnichannel for Customer Service in CRM D365.

If you are not getting the Omnichannel for Customer Service App inside Dynamics 365 Administration Center under the Application Tab to go to Part 1.

Let’s continue with the remaining part.

PURCHASE POWER BI LICENSE

You need a Power BI license for Omnichannel. It needs to be assigned to users in order to configure Omnichannel.

If you have a Power BI license and already assigned to users, then skip this part otherwise follow the below steps to get Power BI license.

  1. Go to Microsoft 365 admin center.
  2. Go to Billing Section in the sidebar and click on Purchase services.
  3. Search for power bi. You will get multiple Power BI services. Select Power BI (free). (You can also opt other options for more features).
Microsoft 365 admin center
4. During the check-out process, you’ll be prompted for a credit card in Step 3 of the checkout process.
5. Select the option of Invoice to skip credit card details, fill details and click on Place Order button at the bottom. You will get a confirmation message.
Checkout screen
6. Now go to the Admin center and assign this license to a specific user.
Select location screen
PROVIDE DATA ACCESS CONSENT

To allow Omnichannel for Customer Service to read and write data on behalf of users, follow these below steps:

Select Accept to grant data access consent.
CONFIGURE OMNICHANNEL FOR CUSTOMER SERVICE

Step 1: Select Omnichannel for Customer Service in Dynamics 365 Administration Center under the Application Tab, and click on Manage.

Dynamics 365 Administration Center

If you have not provided the data access consent then it will ask you to do. Go to Provide Data Access Consent as mentioned in the above section. After that, you will be redirected to Dynamics 365 Administration Center to manage Omnichannel Instance.

Dynamics 365 Administration Center to manage Omnichannel Instance
Note: As an admin, you can configure Omnichannel on multiple environments (instances). You can view all organization instances where the Omnichannel app has been configured in the Manage Instances view.

 Step 3: Click on Add an org section to set up Omnichannel for the environment. Here you will be asked to select an organization. Select the organization, Check the checkbox for privacy terms and click on purple continue arrow to proceed.
select an organization

Step 4: Proceed with Setup Chat, SMS and Facebook by selecting the required options to enable it. At last, you will see this screen.

Proceed with Setup Chat, SMS and Facebook

Step 5: Now click on the check button to complete setup on the Summary page.

Now everything will be under setup and it will take time (In my case it took hours, after some time you can close it and reopen or refresh it ). Till then you can have a coffee or go for a walk or do your pending work.

When setup will be completed you can see the below screen with all enabled channels.

Now click on the check button to complete setup

In the next blog will be to carry out the Omnichannel configuration within Dynamics 365 for the different channels, which I’ll be going to cover in the next part of this blog.

I hope this will help you to set up the omnichannel inside CRM D365. Please Feel free to ask questions related to it and also post your comments and feedback.
DOWNLOAD SOURCE CODE FOR FREE
Person using laptop

Project Development + Azure DevOps = Happy Developers

Reading Time: 3 minutes

AZURE DEVOPS IN ACTION

WHAT IS AZURE DEVOPS?

Azure DevOps having a bunch of tools for developing and deploying end-to-end software. It has a very efficient capability to integrate with various leading tools used in software development. We don’t need to worry about language, a platform it supports most of it and provides you the ease of managing software development.

 

HOW AZURE DEVOPS CAN HELP?

  • Azure Boards:
    You have to accept that while working on the project your team need various tool to manage their work items. Azure Board going to provide your team bunch of tools and services that manage the work for your software projects. With integrated reporting, customizable dashboard, managing your scrums meeting.
Fabrikam Fiber Board

Azure Pipelines:
This is the most exciting feature when it is an action that gives us the power to automatically build and test your project and provide it to other users as well. It flexible for any language or project type.
Azure Pipelines combines continuous integration (CI) and continuous delivery (CD) to constantly and consistently test and build your code and ship it to any target.

CI/CD Pipline
  • Azure Repos:
    Manage your code with version control tools provides you trackability on every check-in check-out. Working as a team we always need version control for a project code. Its always good practice to implement it.Azure Repos provides two types of version control: 1)Git: distributed version control 2)Team Foundation Version Control (TFVC): centralized version control
  • Azure Artifacts:
    With Azure Artifacts you can create and share Maven, npm, and NuGet package feeds from public and private sources with teams of any size. You can add fully integrated package management to your continuous integration/continuous delivery (CI/CD) pipelines with a single click.
Azure Artifact
  • Azure Test Plans:
    Quality is a vital aspect of software systems, and manual testing and exploratory testing continue to be an important technique for maximizing this. In today’s software development processes, everybody in the team owns quality – including developers, managers, product owners, user experience advocates, and more.Azure DevOps and TFS provide rich and powerful tools everyone in the team can use to drive quality and collaboration throughout the development process. The easy-to-use, browser-based test management solution provides all the capabilities required for planned manual testing, user acceptance testing, exploratory testing, and gathering feedback from stakeholders.
Test Plan - Web Team
IN THE UPCOMING BLOG, I WILL DESCRIBE OUR USER STORY OF HOW AZURE DEVOPS HELPS US IN PROJECT DEVELOPMENT, AUTOMATING TESTING AND MANAGING WORK ITEMS. STAY TUNED AND ☮
DOWNLOAD SOURCE CODE FOR FREE
2 person working on laptop

Azure Active Directory integration with SharePoint on-premises

Reading Time: 8 minutes
IN THIS TUTORIAL, YOU LEARN HOW TO INTEGRATE SHAREPOINT ON-PREMISES WITH AZURE ACTIVE DIRECTORY (AZURE AD).

Integrating SharePoint on-premises with Azure AD provides you with the following benefits:

  • You can control in Azure AD who has access to SharePoint on-premises.
  • You can enable your users to be automatically signed-in to SharePoint on-premises (Single Sign-On) with their Azure AD accounts.
  • You can manage your accounts in one central location – the Azure portal.
PREREQUISITES

To configure Azure AD integration with SharePoint on-premises, you need the following items:

  • An Azure AD subscription. If you don’t have an Azure AD environment, you can get a free account
  • SharePoint on-premises single sign-on enabled subscription
STEPS

1. Adding SharePoint on-premises from the gallery

2. Configure Azure AD single sign-on

3. Configure SharePoint on-premises Single Sign-On

4. Enable Azure Authentication provider to Sharepoint Web application

5. Setup People picker to assign permission to the SharePoint site

6. Test the single-sign-on

let’s start with the real steps…

S-1. ADDING SHAREPOINT ON-PREMISES FROM THE GALLERY

To configure the integration of SharePoint on-premises into Azure AD, you need to add SharePoint on-premises from the gallery to your list of managed SaaS apps.

To add SharePoint on-premises from the gallery, perform the following steps:

a). In the Azure portal, on the left navigation panel, click the Azure Active Directory icon.

Azure Active Directory

b). Navigate to Enterprise Applications and then select the All Applications option.

enterprise applications

c). To add a new application, click New application button on the top of the dialog.

New applcation button

d). In the search box, type SharePoint on-premises, select SharePoint on-premises from result panel then click Add button to add the application.

search new app
Add from the gallery
S-2. CONFIGURE AZURE AD SINGLE SIGN-ON

In this section, you enable Azure AD single sign-on in the Azure portal.

To configure Azure AD single sign-on with SharePoint on-premises, perform the following steps:

  1. In the Azure portal, on the SharePoint on-premises application integration page, select Single sign-on.
Management

2. On the Select a Single sign-on method dialog, select SAML/WS-Fed mode to enable single sign-on.

Select a single sing on method

3. On the Setup Single Sign-On with SAML page, click Edit icon to open Basic SAML Configuration dialog.

Setup Single Sign-On with SAML

4. On the Basic SAML Configuration section, perform the following steps:

Basic SAML Configuration
5.  a. In the Sign-on URL text box, type a URL using the following pattern: https://sharepoint.moreyeahs.com/_trust/default.aspx b. In the Identifier box, type a URL using the following pattern: urn:sharepoint:federation c. In the Reply URL text box, type a URL using the following pattern: https://sharepoint.moreyeahs.com/_trust/default.aspx

6.  On the Set up Single Sign-On with SAML page, in the SAML Signing Certificate section, click Download to download the Certificate (Base64) from the given options as per your requirement and save it on your computer.
Set up Single Sign-On with SAML
Note Please note down the file path to which you have downloaded the certificate file, as you need to use it later in the PowerShell script for configuration.

7. On the Set up SharePoint on-premises section, copy the appropriate URL(s) as per your requirement. For Single Sign-On Service URL, use a value of the following pattern: https://login.microsoftonline.com/_my_directory_id_/wsfedmy_directory_id is the tenant id of Azure Ad subscription.

Set up SharePoint on-premises

Sharepoint On-Premises application uses SAML 1.1 token, so Azure AD expects WS Fed request from the SharePoint server and after authentication, it issues the SAML 1.1. token.

S-3. CONFIGURE SHAREPOINT ON-PREMISES SINGLE SIGN-ON
  1. In a different web browser window, sign in to your SharePoint on-premises company site as an administrator.
  2. Configure a new trusted identity provider in SharePoint Server 2016Sign into the SharePoint Server 2016 server and open the SharePoint 2016 Management Shell. Fill in the values of $realm (Identifier value from the SharePoint on-premises Domain and URLs section in the Azure portal), $wsfedurl (Single Sign-On Service URL), and $filepath (file path to which you have downloaded the certificate file) from Azure portal and run the following commands to configure a new trusted identity provider.
CONFIGURE SHAREPOINT ON-PREMISES SINGLE SIGN-ON
S-4. ENABLE AZURE AUTHENTICATION PROVIDER TO SHAREPOINT WEB APPLICATION

FOLLOW THESE STEPS TO ENABLE THE TRUSTED IDENTITY PROVIDER FOR YOUR APPLICATION:

a. In Central Administration, navigate to Manage Web Application and select the web application that you wish to secure with Azure AD.

b. In the ribbon, click Authentication Providers and choose the zone that you wish to use.

c. Select Trusted Identity provider and select the identity provider you just registered named AzureAD.

d. On the sign-in page URL setting, select Custom sign in page and provide the value “/_trust/”.

e. Click OK.

Authentication Providers
S-5. SETUP PEOPLE PICKER TO ASSIGN PERMISSION TO THE SHAREPOINT SITE

Download the People picker form this link – https://yvand.github.io/AzureCP/

  • -Download AzureCP.wsp.
  • -Install and deploy the solution:
    Open Sharepoint management shell and run below command
    Add-SPSolution -LiteralPath "F:\Data\Dev\AzureCP.wsp"Install-SPSolution -Identity “AzureCP.wsp” -GACDeployment
  • Associate AzureCP with a SPTrustedIdentityTokenIssuer:
    $trust = Get-SPTrustedIdentityTokenIssuer "AzureAD"$trust.ClaimProviderName = “AzureCP”
    $trust.Update()
  • Visit central administration > System Settings > Manage farm solutions: Wait until solution status shows “Deployed”.
  • Update assembly manually on SharePoint servers that do not run the service “Microsoft SharePoint Foundation Web Application” (see below for more details).
  • Restart IIS service and SharePoint timer service on each SharePoint server.
    5.1 ADD AN APPLICATION IN YOUR AZURE AD TENANT TO ALLOW AZURECP TO QUERY IT.

    Sign in to the Azure portal and browse to your Azure Active Directory tenant

    Go to “App Registrations” > “New registration” > Type the following information:

    Name: e.g. AzureCP
    Supported account types: “Accounts in this organizational directory only (TenantName)”

    Click on “Register”

    Note: Copy the “Application (client) ID”: it is required by AzureCP to add a tenant.

    Click on “API permissions” and remove the permission added by default.

    Click on “Add a permission” > Select “Microsoft Graph” > “Application permissions” > Directory > Directory.Read.All > click “Add permissions”

    Click on “Grant admin consent for TenantName” > Yes

    Note: “After this operation, you should have only the Microsoft Graph > Directory.Read.All permission, of type “Application”, with admin consent granted.

    Click on “Certificates & secrets” > “New client secret”: Type a description, choose a duration and validate.

    Note: Copy the client secret value: it is required by AzureCP to add a tenant.

  • Configure AzureCP for your environment.
    Go to SharePoint Central administration and select AzureCP
security

Click to Global Configuration and fill the below detail-
Azure Tenant Name – tenant.onmicrosoft.com
Application ID –  Which is copied at the time of App registration
Application Secret – Which is copied at the time of App registration

Global Configuration and fill the below detail
5.2 GRANT ACCESS TO THE AZURE ACTIVE DIRECTORY USER

The user or group must be granted access to the application in SharePoint on-premises. Use the following steps to set the permissions to access the web application.
        Note-*  For the group, we have to update the manifest file of registered SharePoint-On-premises application, In the manifest file update the below the property.
        Modify groupMembershipClaimsNULL, To groupMembershipClaimsSecurityGroup. Then, click on Save

GRANT ACCESS TO THE AZURE ACTIVE DIRECTORY USER

Now lest assign the permission- In Central Administration, click on Application Management, Manage web applications, then select the web application to activate the ribbon and click on User Policy.

Application Management, Manage web applications

Under Policy for Web Application, click on Add Users, then select the zone, click on Next. Click on the Address Book.

Under Policy for Web Application

Then, search for and add the Azure Active Directory Security Group and click on OK.

Azure Active Directory Security

See under Policy for Web Application, the Azure Active Directory Group is added. The group claim shows the Azure Active Directory Security Group Object ID for the User Name.

Azure Active Directory Group

See under Policy for Web Application, the Azure Active Directory Group is added. The group claim shows the Azure Active Directory Security Group Object ID for the User Name.

Azure Active Directory Group is added

Browse to the SharePoint site collection and add the Group or user there, as well. Click on Site Settings, then click Site permissions and Grant Permissions. Search for the Group Role claim, assign the permission level and click Share.

Site permissions
S-6. TEST THE SINGLE-SIGN-ON

Before the test, the single-sign-on, Let’s configure the seamless authentication setting so that internal users can auto-login to the SharePoint site with their windows logged-in account(Machine should be domain joined )
Here I will only show you the Group policy part, reaming AAD connector configuration you can do by following this article – https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start

GROUP POLICY” OPTION – DETAILED STEPS
  1. Open the Group Policy Management Editor tool.
  2. Edit the group policy that’s applied to some or all your users. This example uses the Default Domain Policy.
  3. Browse to User Configuration > Policy > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page. Then select Site to Zone Assignment List.
GROUP POLICY OPTION
4. Enable the policy, and then enter the following values in the dialog box:
  • Value name: The Azure AD URL where the Kerberos tickets are forwarded.
  • Value (Data): 1 indicates the Intranet zone.The result looks like this:Value name: https://autologon.microsoftazuread-sso.comValue (Data): 1
Enable the policy
5. Browse to User Configuration > Policy > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Intranet Zone. Then select Allow updates to the status bar via script.
Allow updates to the status bar via script

6. Enable the policy setting, and then select OK.

Enable the policy setting, and then select OK
TEST THE FEATURE

To test the feature for a specific user, ensure that all the following conditions are in place:

  • The user signs in on a corporate device.
  • The device is joined to your Active Directory domain. The device doesn’t need to be Azure AD Joined.
  • The device has a direct connection to your domain controller (DC), either on the corporate wired or wireless network or via a remote access connection, such as a VPN connection.
  • You have rolled out the feature to this user through Group Policy.

To test the scenario where the user enters only the username, but not the password:

  • Sign in to https://myapps.microsoft.com/ in a new private browser session.

To test the scenario where the user doesn’t have to enter the username or the password, use one of these steps:

  • Sign in to https://myapps.microsoft.com/contoso.onmicrosoft.com in a new private browser session. Replace contoso with your tenant’s name.
  • Sign in to https://myapps.microsoft.com/contoso.com in a new private browser session. Replace contoso.com with a verified domain (not a federated domain) on your tenant.

 

 

Thank You

 

Reference link – https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/sharepoint-on-premises-tutorial
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start

DOWNLOAD SOURCE CODE FOR FREE
installation process of Dynamics 365 CRM

Installation and Configuration of Omnichannel – Part 1

Reading Time: 3 minutes

I am creating a blog series of posts to help people for installation and setup Omnichannel for Customer Service in CRM D365. I hope these might serve as useful blog posts for everyone.

So, let’s begin with the Installation and Configuration of Omnichannel in CRM D365. 

THERE ARE SEVERAL PREREQUISITE ITEMS THAT ARE NECESSARY IN ORDER TO DO THIS, WITH SEVERAL STEPS.
THERE ARE TWO OPTIONS TO SIGN-UP FOR A FREE 30-DAY TRIAL OF CHANNELS:
  • Channels trial through https://trials.dynamics.com/
  • Channels trial through Microsoft 365 admin center (For more info Click Here )

I’ll configure Omnichannel using the first option. You need to install the Omnichannel Hub in order to be able to access it.

Step 1: Get a Dynamics 365 trial instance, to sign up for a trial account Click Here.

If you already have a Dynamics 365 trial instance, then go to Step 2.

Click on Sign Up Here button and then a pop up will appear to choose for partner or Microsoft employee option.

Click on Sign Up Here button

Continue with the signup option.

Continue with the signup option.

Fill all the required details to create an account.

When your setup will be completed, you have to select the required options (Also you can select “All of these” options) as you can see in the below screenshot.

Fill all the required details to create an account.

Step 2: After Completing the Setup open Dynamics 365 Administration Center. Under the Application Tab look for Omnichannel for Customer Service App.

Dynamics 365 Administration Center

Oh! Wait… What? I didn’t find that. 

You may be lucky to get the option of Omnichannel for Customer service to configure. If you find that then jump to Installation and Configuration of Omnichannel – Part 2.

Omnichannel for Customer service

Note: Many of us don’t get this option as Microsoft suggests in its documents as you can see in the above screenshot. Even though you will get Omnichannel Administration and Customer App along with Customer Service Hub in Apps as given in the below screenshot.

Omnichannel Administration and Customer App

Umm…Something is not right. Don’t worry, we can solve this issue as well. It is mandatory to follow the below steps to configure it properly.

 Step 3: So, in order to get the Omnichannel option in the Applications Tab, you need to follow below steps:

Select the ‘Customer Service’ option and fill your existing credentials.

It will redirect you to another page with confirmation that you have an existing account. Now Click on the Sign-in button to proceed.

Click on the Sign-in button to proceed.

Click on Ok, Got it button.

Click on Ok, Got it button.

You can see the screen for setting up…

Once setup has completed, Go to Application tab inside Dynamics 365 Administration Center.

Now you can see the Omnichannel for Customer service.

Now you can see the Omnichannel for Customer service.
This Blog is getting bigger, so we will continue with the configuration and remaining setup for Omnichannel in the next part of the blog series. Visit Installation and Configuration of Omnichannel – Part 2 for more details.

I hope this blog series will help you to set up the omnichannel inside CRM D365. Please Feel free to ask questions related to it and also post your comments and feedback.
DOWNLOAD SOURCE CODE FOR FREE
Graphical bar of company

VM-Automation(VMWare)

Reading Time: 4 minutes

VM AUTOMATION TOOL

OVERVIEW

VM Automation is the process of the creation and configuring of the virtual machine on VMWare vSphere center using an easy custom SharePoint portal.

It’s majorly developed to facilitate IT Admins to provide them an easy portal from where they can create & configure the VMs without going to the VCenter portal and in less time.

This is not just a VM automation tool its a complete process of (creation, configuration, IP set, domain join, apply security policies, etc).

By reading this article you will find more interesting this.. so let’s move on.

GOALS

The main goal of developing the VM Automation tool is to make life easier for the admins.
Here are the following goals:

  1. Create and configure Virtual machines with automated processes using a simple GUI portal.
  2. Server hardening to set several server policies at one click.
  3. Enhanced portal security and easy access for company users.
  4. Generate a complete report of VMs, it’s helpful to keep as documentation and future purpose.

TECHNOLOGY USED

SharePoint(In our case) – it can be any custom portal

Windows Powershell ISE

VMware Vcenter

WINRM Service

LETS START WITH THE REAL STEPS…..
STEP- 1 WRITE YOUR BACK-END CODE IN POWERSHELL

In this step, we will only show few functions which can helps you to develop the whole script.

Well explained document with 4 step
STEP-2 HOST THIS POWERSHELL SCRIPT USING WINDOWS HTTPS LISTENER SERVICE TO CALL IT FROM EXTERNALLY LIKE AN API.

Prepare the HTTPS Listener service- Buy the SSL certificate and install it at the certificate store.

To install or view certificate for the local computer:

Click on Start and then Run (or using keyboard combination press Windows-key+R)

  1. Type MMC and then press Enter.
  2. Select File from menu options and then click on Add or Remove Snap-ins
  3. Select Certificates and click Add.
  4. Go through the wizard selecting Computer account.  

Install or view the certificates under:

 Certificates (Local computer)–>  Personal–> Certificates

console1 window

Once the certificate is installed, we will configure WINRM to listen on HTTPS:

Configure WinRM for HTTPS 

Configuring for HTTPS involves following steps.

  • Check whether the WinRM service is running
    WinRM is installed by default in all supported Windows machines. Ensure that service is in running state in services.
windows remote Management

Create HTTPS listener
By default when you run winrm quickconfig command WinRM is only configured for HTTP (port 5985). You can check already registered listeners by running the following command
WinRM e
winrm/config/listenerYou will see output like below.

Administrator window

Copy the thumbprint of the imported certificate to clipboard and run the following command. This command will register the HTTPS listener in WinRM

winrm create window

winrm create winrm/config/Listener?Address=*+Transport=HTTPS ‘@{Hostname=”VMwareautomation.contoso.com”; CertificateThumbprint=”‎bb 9d a3 ee 72 96 9c 10 7b 71 fb fb 44 30 e7 18 73 3f 86 13}’Validate HTTPS listenerYou can verify listener you added by running the same command you used above – WinRM e winrm/config/listener.
This will show the new HTTP listener now along with HTTPS service.

Administrator : Windows PowerShell

Now, add below HttpListener code to your powershell back-end script.

A well explained document

Example- After adding whole script will look like this-

  • Add firewall exception – Allow port from the firewall
  • Verify you can connect to the machine via HTTPS

Step-3 Create a Custom portal- In our case we are using the SharePoint.

There are five steps(Pages) you have to develop in your portal.

1. Connect to VCenter

Connect to vcenter window

2. Build VM
Every function or field on the page connected through the individual’s APIs which get the data from the VMWare and perform the actions.

Build VM Window

3. VM Customization

This page is generally used to customize the VM after creating on the Vmware.

Customization Like – Setting up VmName/ComputerName, Set local administrator password, Setting up IP Address, Add VM to “contoso.com” domain, etc.

This whole process using the Vmware profiles which are already created with a basic setup like- domain name, run Sysprep, Use Computer name same as Vmname, Timezone, Static IP mode.

4. Server Hardening

Server hardening: The server hardening is the another most important feature implemented in this portal from where you can set the multiple security policies of a server at one place without going into the manually.

To set the policies user must have to select properties of the hardening using this page and click on the start hardening button. 

Server Hardening

5. Reports

VM information window

Thank you

DOWNLOAD SOURCE CODE FOR FREE